128technology · Chr1st0ph3rTurn3r · Apr 17, 2026 · Apr 17, 2026 · Apr 21, 2026
@@ -0,0 +1,24 @@
+<!--- Deployment Guide - Network Design Reference Table --->
+
+The following IP addressing and naming scheme is used consistently throughout this guide. Substitute your own values when configuring your network.
+
+| Parameter | Example Value | Description |
+|-----------|--------------|-------------|
+| Authority Name | `AcmeCorp` | Organizational authority name |
+| Conductor Router Name | `conductor1` | Conductor system name |
+| Conductor Node Name | `node1` | Conductor node name |
+| Conductor IP Address | `192.168.100.10` | Static management IP on the conductor |
+| Conductor Subnet Mask | `/24` | Management network prefix |
+| Conductor Gateway | `192.168.100.1` | Management network gateway |
+| Conductor PCI (MGMT port) | `0000:03:00.0` | SSR1200 MGMT port PCI address |
+| Router Name | `branch1` | Branch router system name |
+| Router Node Name | `node1` | Router node name |
+| Router WAN Interface | `wan1` (`ge-0-0`) | WAN port — uses DHCP |
+| Router WAN PCI Address | `0000:04:00.3` | SSR130 Port 0 PCI address |
+| Router LAN Interface | `lan1` (`ge-0-3`) | LAN port |
+| Router LAN PCI Address | `0000:04:00.0` | SSR130 Port 3 PCI address |
+| Router LAN IP Address | `192.168.1.1/24` | LAN gateway address |
+| Tenant Name | `corp` | LAN-side user tenant |
+| Service Name | `internet` | Internet breakout service |
+| Service Address | `0.0.0.0/0` | All internet-bound traffic |
+| Neighborhood | `internet` | SVR neighborhood name |
@@ -0,0 +1,20 @@
+<!--- SSR1200 Port Mapping Info (for Conductor deployments) --->
+
+![SSR1200 Front Panel](/img/hdwr_ssr1200_faceplate.png)
+
+### Port Mapping
+
+| Name | Port | Description | PCI Address | Speed | Type |
+| --- | --- | --- | --- | --- | --- |
+| mgmt-0-0 | MGMT | Management interface | 0000:03:00.0 | 1000 | MGMT |
+| ge-0-0 | Port 0/0 | WAN 1 network interface | 0000:03:00.1 | 1000 | WAN |
+| ge-0-1 | Port 0/1 | WAN 2 network interface | 0000:03:00.2 | 1000 | WAN |
+| ge-0-2 | Port 0/2 | WAN 3 network interface | 0000:03:00.3 | 1000 | WAN |
+| ge-0-3 | Port 0/3 | LAN 1 network interface | 0000:01:00.0 | 1000 | LAN |
+| ge-0-4 | Port 0/4 | LAN 2 network interface | 0000:01:00.1 | 1000 | LAN |
+| ge-0-5 | Port 0/5 | HA Fabric network interface | 0000:01:00.2 | 1000 | HA Fabric |
+| ge-0-6 | Port 0/6 | HA Sync network interface | 0000:01:00.3 | 1000 | HASync |
+| xe-1-0 | Port 1/0 | LAN 3 network interface | 0000:07:00.3 | 10000 | LAN |
+| xe-1-1 | Port 1/1 | LAN 4 network interface | 0000:07:00.2 | 10000 | LAN |
+| xe-1-2 | Port 1/2 | LAN 5 network interface | 0000:07:00.1 | 10000 | LAN |
+| xe-1-3 | Port 1/3 | LAN 6 network interface | 0000:07:00.0 | 10000 | LAN |
@@ -0,0 +1,18 @@
+<!--- SSR130 Port Mapping Info (for Conductor deployments) --->
+
+The following image of the SSR130 includes Cellular and TAA subvariants.
+
+![SSR130 Front Panel](/img/hdwr_ssr130_faceplate.png)
+
+### Port Mapping
+
+| Name | Port | Description | PCI Address | Speed | Type |
+| --- | --- | --- | --- | --- | --- |
+| ge-0-0 | Port 0 | WAN 1 network interface | 0000:04:00.3 | 1000 | WAN |
+| ge-0-1 | Port 1 | WAN 2 network interface | 0000:04:00.2 | 1000 | WAN |
+| ge-0-2 | Port 2 | WAN 3 network interface | 0000:04:00.1 | 1000 | WAN |
+| ge-0-3 | Port 3 | LAN 1 network interface | 0000:04:00.0 | 1000 | LAN |
+| ge-0-4 | Port 4 | LAN 2 network interface | 0000:03:00.1 | 1000 | LAN |
+| ge-0-5 | Port 5 | LAN 3 network interface | 0000:03:00.0 | 1000 | LAN |
+| ge-0-6 | Port 6 | HA Fabric network interface | 0000:02:00.1 | 1000 | HA Fabric |
+| ge-0-7 | Port 7 | HA Sync network interface | 0000:02:00.0 | 1000 | HASync |
@@ -0,0 +1,171 @@
+---
+title: "Appendix A - Conductor Configuration"
+sidebar_label: "Conductor Configuration"
+---
+import NetworkDesign from '../_deploy_network_design.md';
+
+This appendix contains the complete conductor configuration in SSR PCLI format for the `conductor1` system described in this guide. This configuration reflects the state after completing [Step 2 — Configure the Conductor](deploy_conductor_config.mdx) and [Step 3 — Configure the Router on the Conductor](deploy_router_config.mdx).
+
+## Network Design Reference
+
+<NetworkDesign/>
+
+## Applying This Configuration
+
+This configuration can be applied to a fresh conductor using the **import** function:
+
+1. Save the configuration below to a file, for example `acmecorp-conductor.cfg`.
+2. Copy the file to the conductor at `/etc/128technology/config-exports/`.
+3. From the conductor PCLI, run:
+
+    ```bash
+    import config acmecorp-conductor.cfg
+    ```
+
+4. Review any validation warnings, then commit:
+
+    ```bash
+    commit
+    ```
+
+Alternatively, copy and paste each configuration block into the PCLI in configuration mode (`configure` → `edit`).
+
+## Complete Conductor Configuration
+
+```
+config
+    authority
+        name              AcmeCorp
+
+        conductor-address  192.168.100.10
+
+        tenant  corp
+            name  corp
+        exit
+
+        service  internet
+            name             internet
+            scope            public
+            security         internal
+
+            access-policy
+                source  corp
+            exit
+
+            address  0.0.0.0/0
+        exit
+
+        router  conductor1
+            name                 conductor1
+            inter-node-security  internal
+
+            node  node1
+                name  node1
+                role  conductor
+
+                device-interface  mgmt-dev
+                    name        mgmt-dev
+                    type        ethernet
+                    pci-address  0000:03:00.0
+
+                    network-interface  mgmt-intf
+                        name  mgmt-intf
+                        type  management
+
+                        address  192.168.100.10
+                            ip-address     192.168.100.10
+                            prefix-length  24
+                            gateway        192.168.100.1
+                        exit
+                    exit
+                exit
+            exit
+        exit
+
+        router  branch1
+            name                 branch1
+            inter-node-security  internal
+
+            dns-config  automatic
+                mode  automatic
+            exit
+
+            node  node1
+                name      node1
+                role      combo
+                asset-id  SSR130-ABC1234567
+
+                device-interface  wan-dev
+                    name        wan-dev
+                    type        ethernet
+                    pci-address  0000:04:00.3
+                    forwarding   true
+
+                    network-interface  wan1
+                        name           wan1
+                        type           external
+                        conductor      true
+                        default-route  true
+                        source-nat     true
+                        management     true
+                        dhcp           v4
+
+                        management-vector  mgmt-vec-wan
+                            name      mgmt-vec-wan
+                            priority  10
+                        exit
+
+                        neighborhood  internet
+                            name      internet
+                            topology  spoke
+                        exit
+                    exit
+                exit
+
+                device-interface  lan-dev
+                    name        lan-dev
+                    type        ethernet
+                    pci-address  0000:04:00.0
+                    forwarding   true
+
+                    network-interface  lan1
+                        name    lan1
+                        type    external
+                        tenant  corp
+
+                        address  192.168.1.1
+                            ip-address     192.168.1.1
+                            prefix-length  24
+                        exit
+                    exit
+                exit
+            exit
+
+            service-route  internet-route
+                name          internet-route
+                service-name  internet
+                type          service-agent
+
+                next-hop  node1 wan1
+                    node-name  node1
+                    interface  wan1
+                exit
+            exit
+        exit
+    exit
+exit
+```
+
+## Configuration Notes
+
+| Item | Note |
+|------|------|
+| `asset-id` | Replace `SSR130-ABC1234567` with the actual serial number from the SSR130 device label |
+| `conductor-address` | Replace `192.168.100.10` with the actual static IP assigned to the conductor's MGMT port |
+| `gateway` | Replace `192.168.100.1` with your management network gateway |
+| LAN address | Replace `192.168.1.1/24` with the LAN subnet for each branch site |
+| Coordinates | The `location` field is not shown here; add ISO 6709 coordinates for your conductor and each branch site |
+
+## Adding Additional Routers
+
+To add a second SSR130 router (`branch2`), copy the `router  branch1` block, change the router name to `branch2`, update the `asset-id` to the second device's serial number, and change the LAN IP to a different subnet (for example, `192.168.2.1/24`). All other authority-level objects (`tenant`, `service`) are shared.
@@ -0,0 +1,142 @@
+---
+title: "Appendix B - Router Configuration"
+sidebar_label: "Router Configuration"
+---
+import NetworkDesign from '../_deploy_network_design.md';
+
+This appendix contains the SSR130 branch router configuration in SSR PCLI format. This is the router-scoped portion of the configuration staged on the conductor for `branch1`. It reflects the final state after completing [Step 3 — Configure the Router on the Conductor](deploy_router_config.mdx) and [Step 5 — Upgrade Routers to 7.1.4](deploy_router_upgrade.mdx).
+
+The complete authority-level configuration (including the service and tenant objects that the router depends on) is in [Appendix A — Conductor Configuration](deploy_appendix_conductor.mdx).
+
+## Network Design Reference
+
+<NetworkDesign/>
+
+## Router Configuration
+
+The following block shows the `branch1` router section in isolation, as it would appear within the authority configuration.
+
+```
+config
+    authority
+
+        router  branch1
+            name                 branch1
+            inter-node-security  internal
+
+            dns-config  automatic
+                mode  automatic
+            exit
+
+            node  node1
+                name      node1
+                role      combo
+                asset-id  SSR130-ABC1234567
+
+                device-interface  wan-dev
+                    name        wan-dev
+                    type        ethernet
+                    pci-address  0000:04:00.3
+                    forwarding   true
+
+                    network-interface  wan1
+                        name           wan1
+                        type           external
+                        conductor      true
+                        default-route  true
+                        source-nat     true
+                        management     true
+                        dhcp           v4
+
+                        management-vector  mgmt-vec-wan
+                            name      mgmt-vec-wan
+                            priority  10
+                        exit
+
+                        neighborhood  internet
+                            name      internet
+                            topology  spoke
+                        exit
+                    exit
+                exit
+
+                device-interface  lan-dev
+                    name        lan-dev
+                    type        ethernet
+                    pci-address  0000:04:00.0
+                    forwarding   true
+
+                    network-interface  lan1
+                        name    lan1
+                        type    external
+                        tenant  corp
+
+                        address  192.168.1.1
+                            ip-address     192.168.1.1
+                            prefix-length  24
+                        exit
+                    exit
+                exit
+            exit
+
+            service-route  internet-route
+                name          internet-route
+                service-name  internet
+                type          service-agent
+
+                next-hop  node1 wan1
+                    node-name  node1
+                    interface  wan1
+                exit
+            exit
+        exit
+
+    exit
+exit
+```
+
+## Interface Summary
+
+| Interface | Device | PCI Address | Type | Configuration |
+|-----------|--------|-------------|------|--------------|
+| `wan1` | `wan-dev` (`ge-0-0`, Port 0) | `0000:04:00.3` | External | DHCP; conductor=true; management over forwarding; neighborhood `internet` |
+| `lan1` | `lan-dev` (`ge-0-3`, Port 3) | `0000:04:00.0` | External | Static `192.168.1.1/24`; tenant `corp` |
+
+## Service Forwarding Summary
+
+| Service | Route | Type | Egress Interface |
+|---------|-------|------|-----------------|
+| `internet` (0.0.0.0/0) | `internet-route` | `service-agent` | `wan1` (direct breakout) |
+
+## Configuration Notes
+
+| Item | Note |
+|------|------|
+| `asset-id` | Replace `SSR130-ABC1234567` with the device serial number |
+| LAN address | Replace `192.168.1.1/24` with the actual LAN subnet for this branch |
+| `source-nat` | Must be `true` on the management interface; management traffic originates from `169.254.x.x` |
+| `default-route` | Must be `true`; causes Linux to forward all OS-originated traffic through the SSR engine |
+| `conductor` | Must be `true` on the WAN interface for the router to reach the conductor over the forwarding plane |
+| Neighborhood | The `internet` neighborhood on the WAN interface allows this router to peer with hub routers via SVR if added later |
+
+## Verifying the Running Configuration
+
+To view the running configuration for this router from the conductor PCLI:
+
+```bash
+show config running authority router branch1
+```
+
+To compare the running configuration against the candidate (uncommitted changes):
+
+```bash
+show config candidate authority router branch1
+```
+
+To export the entire authority configuration to a file:
+
+```bash
+export config running filename acmecorp-export.cfg
+```
+
+The exported file is saved to `/etc/128technology/config-exports/` on the conductor.