BGP Policy

Parse BGP policy from a file.

Example Policies:

(asn = 1) egress-> (node = a.b): (if Origin(asn=2) then addTag a100)
(asn = 1) egress-> (asn = 2): (if tags contain abc then setMED 200)
(asn = 1) egress-> (asn = 2): (if tag = cde then addTag a300) else (if tag = def then setMED 200) 
(asn = 1) egress-> (asn = 2): (if tag = ghi then addTag a300)           
(asn = 2) ->ingress (asn = 1): (if tag = xyz then setLP 100)          
(asn = 2) ->ingress (asn = 1): (if tag = zzz then setLP 150 & reject route)    

importLibrary library.txt

includePolicy somefile.txt 

(asn =1 ) ->ingress (asn=2): (setLP 200)         
(asn = 1) egress-> (asn = 3): (if Transit(asn = 2) then addTag t_test)
(asn = 1) egress-> (asn = 3): (if Origin(asn = 2) then addTag o_test)             
(asn = 1) egress-> (asn = 2): (if tag = abc then reject route)       

Warning

Work in progress.

class AutoNetkit.algorithms.bgp_policy.BgpPolicyParser(network)

Parser class

allocate_tags()

Allocates community values to tags

apply_bgp_policy(qstring)

Applies policy to network

>>> inet = ank.internet.Internet("2routers") 
>>> inet.compile()
>>> node_a = inet.network.find("a.AS1")
>>> node_b = inet.network.find("b.AS2")
>>> pol_parser = ank.BgpPolicyParser(inet.network)

>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (setLP 200)")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [] then [setLP 200] reject: False]]

>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (setMED 200)")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [] then [setMED 200] reject: False]]

>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (*): (setMED 200)")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [] then [setMED 200] reject: False]]

>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (if tag = test then setLP 100)")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [tag = test] then [setLP 100] reject: False]]

>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (if tags contain test then setLP 100)")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [tag = test] then [setLP 100] reject: False]]

>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (if prefix_list = pl_asn_eq_2 then addTag cl_asn_eq_2))")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [prefix_list = pl_asn_eq_2] then [addTag cl_asn_eq_2] reject: False]]

>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (addTag ABC & setLP 90))")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [] then [addTag ABC, setLP 90] reject: False]]

>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (if Origin(asn=2) then addTag a100 ))")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [tag = origin_cl_asn_eq_2] then [addTag a100] reject: False]]

>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (if Transit(asn=2) then addTag a100 ))")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [tag = transit_cl_asn_eq_2] then [addTag a100] reject: False]]

>>> pol_parser.clear_policies()
>>> pol_parser.apply_bgp_policy("(asn=1) ->ingress (asn=2): (if Transit(asn=2) then addTag a100 ))")
>>> inet.network.g_session[node_a][node_b]['ingress']
[[if [tag = transit_cl_asn_eq_2] then [addTag a100] reject: False]]

>>> pol_parser = ank.BgpPolicyParser(ank.network.Network(ank.load_example("multias")))

#TODO: move these tests out

Testing internals:

>>> attributestring = "2a.as1"
>>> result = pol_parser.attribute.parseString(attributestring)

Node and edge queries:

>>> nodestring = "node = '2ab.ab'"
>>> result = pol_parser.nodeQuery.parseString(nodestring)
>>> result = pol_parser.edgeQuery.parseString("(" + nodestring + ") egress-> (node = b)")
>>> result = pol_parser.edgeQuery.parseString("(node = a.b) egress-> (node = b)")

Full policy queries:

>>> pol_parser.apply_bgp_policy("(node = '2a.AS2') egress-> (*): (if prefix_list = pl_asn_eq_2 then addTag cl_asn_eq_2)")
>>> pol_parser.apply_bgp_policy("(Network = AS1 ) ->ingress (Network = AS2): (if tag = deprefme then setLP 90) ")
>>> pol_parser.apply_bgp_policy("(Network = AS1 ) ->ingress (Network = AS2): (addTag ABC & setLP 90) ")
>>> pol_parser.apply_bgp_policy("(asn = 1) egress-> (asn = 1): (if Origin(asn=2) then addTag a100 )")
>>> pol_parser.apply_bgp_policy("(asn = 1) egress-> (asn = 1): (if Transit(asn=2) then addTag a100 )")
>>> pol_parser.apply_bgp_policy("(node = a_b ) ->ingress (Network = AS2): (addTag ABC & setLP 90) ")
>>> pol_parser.apply_bgp_policy("(node = a_b ) ->ingress (Network = AS2): (if Transit(asn=2) then addTag a100 ) ")

apply_policy_file(policy_in_file)

Applies a BGP policy file to the network

cl_and_pl_per_node()

extract tags and prefixes used from sessions Also applies sequence numbers to match clauses

evaluate_node_stack(stack)

Evaluates a stack of nodes with join queries

get_prefixes(nodes)

Return prefixes for given node set

node_select_query(qstring)

>>> pol_parser = ank.BgpPolicyParser(ank.network.Network(ank.load_example("multias")))
>>> pol_parser.node_select_query("asn = 1")
set(['n0', 'n1', 'n3'])
>>> pol_parser.node_select_query("name = a.b")
set([])
>>> pol_parser.node_select_query("name = a_b")
set([])

parse_user_def_functions(library_file)

Note you need a blank newline after a function definition

proc_ot_match(match_type, match_query)

Processes origin or transit match query

process_if_then_else(parsed_query)

Processes if-then-else query

query_to_tag(query)

flattens a node select query into a tag

store_tags_per_router()

Stores the list of tags/community value mappings in the router in session graph

AutoNetkit.algorithms.bgp_policy.tag_to_cl(tag)

Adds community list prefix to tag

>>> tag_to_cl("network_eq_as1")
'cl_network_eq_as1'

AutoNetkit.algorithms.bgp_policy.tag_to_pl(tag)

Adds prefix list prefix to tag

>>> tag_to_pl("network_eq_as1")
'pl_network_eq_as1'