Blog Viewer

Scripting How-To: Use the check-ldp script to enforce LDP - IGP consistency

By Erdem posted 08-11-2015 21:36

  

Use the check-ldp Script to Enforce LDP-IGP Consistency

 

 

For SLAX version 1.0 and higher, you can use the check-ldp script to enforce enforce LDP - IGP consistency.

 

The following example tests for interfaces that are listed under either the [protocols ospf] or [protocols isis] hierarchy which are not configured under the [protocols ldp] hierarcy.

 

If no configuration exists for ldp, there is no problem; otherwise, a warning is emitted alerting you that the interface does not have ldp enabled. You can avoid the warning by configuring the 'no-ldp' apply-macro wherever you reference the interface.
 
Then, a second test, comprised of all ldp-enabled interfaces, is conducted to ensure that they are configured for an IGP. If no IGP is found and you have not configured the 'no-igp' apply-macro, a warning is emitted.
 

Source Code and GitHub Links

 

The source code below is also available from the following GitHub locations:

 

Example Configuration

 

01	system {
02	    scripts {
03	    commit {
04	        file check-ldp.xsl;
05	    }
06	    }
07	}
08	protocols {
09	    isis {
10	        interface so-1/2/2.0 {
11	            apply-macro no-ldp;
12	        }
13	        interface so-1/2/3.0;
14	    }
15	    ospf {
16	        area 10.4.0.0 {
17	            interface ge-3/2/1.0;
18	            interface ge-2/2/1.0;
19	        }
20	    }
21	    ldp {
22	        interface ge-1/2/1.0;
23	        interface ge-2/2/1.0;
24	    }
25	}

 

Example Output

 

01	[edit protocols isis interface so-1/2/3.0]
02	  'interface so-1/2/3.0;'
03	    warning: ldp not enabled for this interface
04	[edit protocols ospf area 10.4.0.0 interface ge-3/2/1.0]
05	  'interface ge-3/2/1.0;'
06	    warning: ldp not enabled for this interface
07	[edit protocols ldp interface ge-1/2/1.0]
08	  'interface ge-1/2/1.0;'
09	    warning: ldp-enabled interface does not have an IGP configured
10	[edit]
11	  'system'
12	    Missing mandatory statement: 'root-authentication'
13	error: configuration check-out failed: (missing statements)

 

SLAX Script Contents

 

01	/* Machine Crafted with Care (tm) by slaxWriter */
02	version 1.0;
03	 
04	 
05	/*
06	- $Id: check-ldp.slax,v 1.1 2007/10/17 18:37:04 phil Exp $
07	-
08	- Copyright (c) 2004-2005, Juniper Networks, Inc.
09	- All rights reserved.
10	-
11	 */
12	ns junos = "http://xml.juniper.net/junos/*/junos";
13	ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
14	ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";
15	 
16	import "../import/junos.xsl";
17	 
18	/*
19	- This example tests for interfaces that are listed under
20	- either [protocols ospf] or [protocols isis] which are
21	- not configured under [protocols ldp].  If there is no
22	- configuration for ldp, there is no problem, but otherwise
23	- a warning is emitted telling the user that the interface
24	- does not have ldp enabled.  The warning can be avoided
25	- by configuring the 'no-ldp' apply-macro wherever the
26	- interface is referenced.
27	- A second test is then made of all ldp-enabled interfaces
28	- to ensure that they are configured for an IGP.  If no
29	- IGP is found and the 'no-igp' apply-macro has not been
30	- configured, a warning is emitted.
31	 */
32	match configuration {
33	    var $ldp = protocols/ldp;
34	    var $isis = protocols/isis;
35	    var $ospf = protocols/ospf;
36	     
37	    if ($ldp) {
38	         
39	        for-each ($isis/interface/name | $ospf/area/interface/name) {
40	            var $ifname = .;
41	             
42	            if (not(../apply-macro[name == "no-ldp"]) && not($ldp/interface[name == $ifname])) {
43	                <xnm:warning> {
44	                    call jcs:edit-path();
45	                    call jcs:statement();
46	                    <message> "ldp not enabled for this interface";
47	                }
48	            }
49	        }
50	         
51	        for-each (protocols/ldp/interface/name) {
52	            var $ifname = .;
53	             
54	            if (not(apply-macro[name == "no-igp"]) && not($isis/interface[name == $ifname]) && not($ospf/area/interface[name == $ifname])) {
55	                <xnm:warning> {
56	                    call jcs:edit-path();
57	                    call jcs:statement();
58	                    <message> {
59	                        expr "ldp-enabled interface does not have ";
60	                        expr "an IGP configured";
61	                    }
62	                }
63	            }
64	        }
65	    }
66	}

 

XML Script Contents

 

01	<?xml version="1.0"?>
02	<script version="0.1">
03	  <title>check-ldp.slax</title>
04	  <author>phil</author>
05	  <synopsis>Enforce LDP - IGP cosistency</synopsis>
06	  <keyword>ospf</keyword>
07	  <keyword>isis</keyword>
08	  <description>
09	    This example tests for interfaces that are listed under
10	    either [protocols ospf] or [protocols isis] which are
11	    not configured under [protocols ldp]. 
12	  </description>
13	  <implementation>
14	    If there is no configuration for ldp, there is no problem, but
15	    otherwise a warning is emitted telling the user that the interface
16	    does not have ldp enabled.  The warning can be avoided by configuring
17	    the 'no-ldp' apply-macro wherever the interface is referenced.  A
18	    second test is then made of all ldp-enabled interfaces to ensure that
19	    they are configured for an IGP.  If no IGP is found and the 'no-igp'
20	    apply-macro has not been configured, a warning is emitted.
21	  </implementation>
22	  <alternate>check-ldp.xsl</alternate>
23	  <example>
24	    <config>check-ldp.conf</config>
25	    <title>A simple configuration</title>
26	    <errors>check-ldp.output</errors>
27	  </example>
28	  <xhtml:script xmlns:xhtml="http://www.w3.org/1999/xhtml"
29	                src="../../../../../web/leaf.js" type="text/javascript"/>
30	</script>

#commitscript
#Slax
#ospf
#How-To
#ScriptingHow-To
#IGP

Permalink