NB: This is the gRPC client "grpc_cfg.py" I am using based off of the public Cisco example: https://gist.github.com/jwbensley/cd2f5bfacee321328ca638b5b5523bd9
NB: This is using the IOS-XRv 6.2.1 stable vagrant image from https://devhub.cisco.com/artifactory/appdevci-release/XRv64/6.2.1/ dated 17th Oct 2016
Various OpenConfig types are note supported in the IOS-XRv 6.2.1 stable VM...
From openconfig-bgp-types.yang:
typedef peer-type {
type enumeration {
enum INTERNAL {
description "internal (iBGP) peer";
}
enum EXTERNAL {
description "external (eBGP) peer";
}
}
description
"labels a peer or peer group as explicitly internal or
external";
}
identity REMOVE_PRIVATE_AS_OPTION {
description
"Base identity for options for removing private autonomous
system numbers from the AS_PATH attribute";
}
identity PRIVATE_AS_REMOVE_ALL {
base REMOVE_PRIVATE_AS_OPTION;
description
"Strip all private autonmous system numbers from the AS_PATH.
This action is performed regardless of the other content of the
AS_PATH attribute, and for all instances of private AS numbers
within that attribute.";
}
identity PRIVATE_AS_REPLACE_ALL {
base REMOVE_PRIVATE_AS_OPTION;
description
"Replace all instances of private autonomous system numbers in
the AS_PATH with the local BGP speaker's autonomous system
number. This action is performed regardless of the other
content of the AS_PATH attribute, and for all instances of
private AS number within that attribute.";
}
typedef remove-private-as-option {
type identityref {
base REMOVE_PRIVATE_AS_OPTION;
}
description
"set of options for configuring how private AS path numbers
are removed from advertisements";
}
I am using the code (generated with PyandBind v0.5.8):
from openconfig_bgp import openconfig_bgp
...
oc_bgp = openconfig_bgp()
oc_bgp.bgp.neighbors.neighbor[network["ipaddr4"]].config.enabled = "true"
oc_bgp.bgp.neighbors.neighbor[network["ipaddr4"]].config.remove_private_as = "PRIVATE_AS_REMOVE_ALL"
oc_bgp.bgp.neighbors.neighbor[network["ipaddr4"]].config.peer_type = "EXTERNAL"
From the below config none the following are supported:
"enabled": true,
"remove-private-as": "PRIVATE_AS_REMOVE_ALL",
"peer-type": "EXTERNAL"
Example config that works once these three above options are removed:
bensley@ubuntu-laptop:~/Python/pyb_oc/ios-xr-grpc-python-master/examples$ cat snips/broken_private_as.json
{
"openconfig-bgp:bgp": {
"neighbors": {
"neighbor": [
{
"neighbor-address": "193.37.144.1",
"config": {
"neighbor-address": "193.37.144.1",
"description": "i3b gmbh",
"peer-as": 39912,
"enabled": true,
"peer-group": "public_v4_peers",
"remove-private-as": "PRIVATE_AS_REMOVE_ALL",
"peer-type": "EXTERNAL"
},
"afi-safis": {
"afi-safi": [
{
"afi-safi-name": "openconfig-bgp-types:ipv4-unicast",
"config": {
"enabled": true,
"afi-safi-name": "openconfig-bgp-types:ipv4-unicast"
},
"ipv4-unicast": {
"prefix-limit": {
"config": {
"shutdown-threshold-pct": 90,
"restart-timer": 1,
"max-prefixes": 200
}
}
}
}
]
}
}
]
}
}
}
That config returns the error:
{u'cisco-grpc:errors': {u'error': {u'error-type': u'protocol', u'error-severity': u'error', u'error-tag': u'unknown-element', u'error-message': u'Unknown element is specified.', u'error-info': {u'bad-element': u'enabled'}}}}
After removing "enabled": true
I get:
{u'cisco-grpc:errors': {u'error': {u'error-type': u'protocol', u'error-severity': u'error', u'error-tag': u'unknown-element', u'error-message': u'Unknown element is specified.', u'error-info': {u'bad-element': u'peer-type'}}}}
After then removing "peer-type": "EXTERNAL"
something really strange happens, with the only unsupported option left being the "remove-private-as": "PRIVATE_AS_REMOVE_ALL"
option, for some reason the config is accepted however the remove-private-as option isn't configured and instead very strangely all of the possible BGP AFI/SAFIs are configured towards this neighbour?!?
You can also see here that all those additional address families have been enabled globally to support this new neighbor which could have a very bad effect in a live production environment:
bensley@ubuntu-laptop:~/Python/pyb_oc/ios-xr-grpc-python-master/examples$ cat snips/broken_private_as.json
{
"openconfig-bgp:bgp": {
"neighbors": {
"neighbor": [
{
"neighbor-address": "193.37.144.1",
"config": {
"neighbor-address": "193.37.144.1",
"description": "i3b gmbh",
"peer-as": 39912,
"peer-group": "public_v4_peers",
"remove-private-as": "PRIVATE_AS_REMOVE_ALL"
},
"afi-safis": {
"afi-safi": [
{
"afi-safi-name": "openconfig-bgp-types:ipv4-unicast",
"config": {
"enabled": true,
"afi-safi-name": "openconfig-bgp-types:ipv4-unicast"
},
"ipv4-unicast": {
"prefix-limit": {
"config": {
"shutdown-threshold-pct": 90,
"restart-timer": 1,
"max-prefixes": 200
}
}
}
}
]
}
}
]
}
}
}
bensley@ubuntu-laptop:~/Python/pyb_oc/ios-xr-grpc-python-master/examples$ python grpc_cfg.py
Config before merge:
{
"Cisco-IOS-XR-ipv4-bgp-cfg:bgp": {
"instance": [
{
"instance-as": [
{
"four-byte-as": [
{
"as": 65001,
"bgp-running": [
null
],
"default-vrf": {
"global": {
"global-afs": {
"global-af": [
{
"af-name": "ipv4-unicast",
"enable": [
null
]
},
{
"af-name": "ipv6-unicast",
"enable": [
null
]
}
]
},
"router-id": "1.1.0.10"
},
"bgp-entity": {
"neighbor-groups": {
"neighbor-group": [
{
"neighbor-group-afs": {
"neighbor-group-af": [
{
"af-name": "ipv4-unicast",
"activate": [
null
],
"route-policy-in": "public_v4_peering_ingress",
"route-policy-out": "public_v4_peering_egress"
}
]
},
"create": [
null
],
"neighbor-group-name": "public_v4_peers"
},
{
"neighbor-group-afs": {
"neighbor-group-af": [
{
"af-name": "ipv6-unicast",
"activate": [
null
],
"route-policy-in": "public_v6_peering_ingress",
"route-policy-out": "public_v6_peering_egress"
}
]
},
"create": [
null
],
"neighbor-group-name": "public_v6_peers"
}
]
}
}
}
}
],
"as": 0
}
],
"instance-name": "default"
}
]
}
}
Config after merge:
{
"Cisco-IOS-XR-ipv4-bgp-cfg:bgp": {
"instance": [
{
"instance-as": [
{
"four-byte-as": [
{
"as": 65001,
"bgp-running": [
null
],
"default-vrf": {
"global": {
"global-afs": {
"global-af": [
{
"af-name": "ipv4-unicast",
"enable": [
null
]
},
{
"af-name": "ipv4-multicast",
"enable": [
null
]
},
{
"af-name": "vp-nv4-unicast",
"enable": [
null
]
},
{
"af-name": "ipv6-unicast",
"enable": [
null
]
},
{
"af-name": "vp-nv6-unicast",
"enable": [
null
]
},
{
"af-name": "l2vpnvpls",
"enable": [
null
]
},
{
"af-name": "l2vpnevpn",
"enable": [
null
]
},
{
"af-name": "vp-nv4-multicast",
"enable": [
null
]
},
{
"af-name": "vp-nv6-multicast",
"enable": [
null
]
}
]
},
"router-id": "1.1.0.10"
},
"bgp-entity": {
"neighbor-groups": {
"neighbor-group": [
{
"neighbor-group-afs": {
"neighbor-group-af": [
{
"af-name": "ipv4-unicast",
"activate": [
null
],
"route-policy-in": "public_v4_peering_ingress",
"route-policy-out": "public_v4_peering_egress"
}
]
},
"create": [
null
],
"neighbor-group-name": "public_v4_peers"
},
{
"neighbor-group-afs": {
"neighbor-group-af": [
{
"af-name": "ipv6-unicast",
"activate": [
null
],
"route-policy-in": "public_v6_peering_ingress",
"route-policy-out": "public_v6_peering_egress"
}
]
},
"create": [
null
],
"neighbor-group-name": "public_v6_peers"
}
]
},
"neighbors": {
"neighbor": [
{
"neighbor-address": "193.37.144.1",
"remote-as": {
"as-xx": 0,
"as-yy": 39912
},
"neighbor-group-add-member": "public_v4_peers",
"description": "i3b gmbh",
"neighbor-afs": {
"neighbor-af": [
{
"af-name": "ipv4-unicast",
"activate": [
null
],
"maximum-prefixes": {
"discard-extra-paths": false,
"warning-percentage": 90,
"warning-only": false,
"prefix-limit": 200,
"restart-time": 1
}
},
{
"af-name": "ipv4-multicast",
"activate": [
null
]
},
{
"af-name": "vp-nv4-unicast",
"activate": [
null
]
},
{
"af-name": "ipv6-unicast",
"activate": [
null
]
},
{
"af-name": "vp-nv6-unicast",
"activate": [
null
]
},
{
"af-name": "l2vpnvpls",
"activate": [
null
]
},
{
"af-name": "l2vpnevpn",
"activate": [
null
]
},
{
"af-name": "vp-nv4-multicast",
"activate": [
null
]
},
{
"af-name": "vp-nv6-multicast",
"activate": [
null
]
}
]
}
}
]
}
}
}
}
],
"as": 0
}
],
"instance-name": "default"
}
]
}
}
Renaming that option to be called "remove-private-as-option" as per this OpenConfig typdef:
typedef remove-private-as-option {
type identityref {
base REMOVE_PRIVATE_AS_OPTION;
}
description
"set of options for configuring how private AS path numbers
are removed from advertisements";
}
just returns the error:
{u'cisco-grpc:errors': {u'error': {u'error-type': u'protocol', u'error-severity': u'error', u'error-tag': u'unknown-element', u'error-message': u'Unknown element is specified.', u'error-info': {u'bad-element': u'remove-private-as-option'}}}}