Parse BGP policy from a file.
Example Policies:
(asn = 1) egress-> (node = a.b): (if Origin(asn=2) then addTag a100)
(asn = 1) egress-> (asn = 2): (if tags contain abc then setMED 200)
(asn = 1) egress-> (asn = 2): (if tag = cde then addTag a300) else (if tag = def then setMED 200)
(asn = 1) egress-> (asn = 2): (if tag = ghi then addTag a300)
(asn = 2) ->ingress (asn = 1): (if tag = xyz then setLP 100)
(asn = 2) ->ingress (asn = 1): (if tag = zzz then setLP 150 & reject route)
importLibrary library.txt
includePolicy somefile.txt
(asn =1 ) ->ingress (asn=2): (setLP 200)
(asn = 1) egress-> (asn = 3): (if Transit(asn = 2) then addTag t_test)
(asn = 1) egress-> (asn = 3): (if Origin(asn = 2) then addTag o_test)
(asn = 1) egress-> (asn = 2): (if tag = abc then reject route)
Warning
Work in progress.
Parser class
Allocates community values to tags
Applies policy to network
>>> inet = ank.internet.Internet("2routers")
>>> inet.compile()
>>> node_a = inet.network.find("a.AS1")
>>> node_b = inet.network.find("b.AS2")
>>> pol_parser = ank.BgpPolicyParser(inet.network)
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (setLP 200)")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [] then [setLP 200] reject: False]]
>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (setMED 200)")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [] then [setMED 200] reject: False]]
>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (*): (setMED 200)")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [] then [setMED 200] reject: False]]
>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (if tag = test then setLP 100)")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [tag = test] then [setLP 100] reject: False]]
>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (if tags contain test then setLP 100)")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [tag = test] then [setLP 100] reject: False]]
>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (if prefix_list = pl_asn_eq_2 then addTag cl_asn_eq_2))")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [prefix_list = pl_asn_eq_2] then [addTag cl_asn_eq_2] reject: False]]
>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (addTag ABC & setLP 90))")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [] then [addTag ABC, setLP 90] reject: False]]
>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (if Origin(asn=2) then addTag a100 ))")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [tag = origin_cl_asn_eq_2] then [addTag a100] reject: False]]
>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (if Transit(asn=2) then addTag a100 ))")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [tag = transit_cl_asn_eq_2] then [addTag a100] reject: False]]
>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (if Transit(asn=2) then addTag a100 ))")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [tag = transit_cl_asn_eq_2] then [addTag a100] reject: False]]
>>> pol_parser = ank.BgpPolicyParser(ank.network.Network(ank.load_example("multias")))
#TODO: move these tests out
Testing internals:
>>> attributestring = "2a.as1" >>> result = pol_parser.attribute.parseString(attributestring)Node and edge queries:
>>> nodestring = "node = '2ab.ab'" >>> result = pol_parser.nodeQuery.parseString(nodestring) >>> result = pol_parser.edgeQuery.parseString("(" + nodestring + ") egress-> (node = b)") >>> result = pol_parser.edgeQuery.parseString("(node = a.b) egress-> (node = b)")Full policy queries:
>>> pol_parser.apply_bgp_policy("(node = '2a.AS2') egress-> (*): (if prefix_list = pl_asn_eq_2 then addTag cl_asn_eq_2)") >>> pol_parser.apply_bgp_policy("(Network = AS1 ) ->ingress (Network = AS2): (if tag = deprefme then setLP 90) ") >>> pol_parser.apply_bgp_policy("(Network = AS1 ) ->ingress (Network = AS2): (addTag ABC & setLP 90) ") >>> pol_parser.apply_bgp_policy("(asn = 1) egress-> (asn = 1): (if Origin(asn=2) then addTag a100 )") >>> pol_parser.apply_bgp_policy("(asn = 1) egress-> (asn = 1): (if Transit(asn=2) then addTag a100 )") >>> pol_parser.apply_bgp_policy("(node = a_b ) ->ingress (Network = AS2): (addTag ABC & setLP 90) ") >>> pol_parser.apply_bgp_policy("(node = a_b ) ->ingress (Network = AS2): (if Transit(asn=2) then addTag a100 ) ")
extract tags and prefixes used from sessions Also applies sequence numbers to match clauses
>>> pol_parser = ank.BgpPolicyParser(ank.network.Network(ank.load_example("multias")))
>>> pol_parser.node_select_query("asn = 1")
set(['n0', 'n1', 'n3'])
>>> pol_parser.node_select_query("name = a.b")
set([])
>>> pol_parser.node_select_query("name = a_b")
set([])
Note you need a blank newline after a function definition
Stores the list of tags/community value mappings in the router in session graph