-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
arista_eos_automation_with_ncclient: Added examples: ACL|INTF_L3|INTF…
…_L2|STATIC_ROUTING|MLAG|ROUTING_POLICY
- Loading branch information
1 parent
614eaf9
commit 1821431
Showing
26 changed files
with
2,138 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,62 @@ | ||
| from ncclient import manager | ||
| import xml.dom.minidom | ||
| eos=manager.connect(host="10.81.108.236", port="22", timeout=30, username="cvpadmin", password="arista", hostkey_verify=False) | ||
|
|
||
| ################################################################################### | ||
| # # | ||
| # This example will assign and ingress and egress ACL to an L3 interface # | ||
| # # | ||
| # interface Ethernet2/1 # | ||
| # no switchport # | ||
| # ip access-group IPv4_ACL_NETCONF_INGRESS in # | ||
| # ip access-group IPv4_ACL_NETCONF_EGRESS out # # | ||
| # # | ||
| # # | ||
| ################################################################################### | ||
|
|
||
| conf = ''' | ||
| <config> | ||
| <acl xmlns="http://arista.com/yang/openconfig/acl"> | ||
| <interfaces> | ||
| <interface> | ||
| <id>Ethernet2/1</id> | ||
| <config> | ||
| <id>Ethernet2/1</id> | ||
| </config> | ||
| <interface-ref> | ||
| <config> | ||
| <interface>Ethernet2/1</interface> | ||
| <subinterface>0</subinterface> | ||
| </config> | ||
| </interface-ref> | ||
| <egress-acl-sets> | ||
| <egress-acl-set> | ||
| <set-name>IPv4_ACL_NETCONF_EGRESS</set-name> | ||
| <type>ACL_IPV4</type> | ||
| <config> | ||
| <set-name>IPv4_ACL_NETCONF_EGRESS</set-name> | ||
| <type>ACL_IPV4</type> | ||
| </config> | ||
| </egress-acl-set> | ||
| </egress-acl-sets> | ||
| <ingress-acl-sets> | ||
| <ingress-acl-set> | ||
| <set-name>IPv4_ACL_NETCONF_INGRESS</set-name> | ||
| <type>ACL_IPV4</type> | ||
| <config> | ||
| <set-name>IPv4_ACL_NETCONF_INGRESS</set-name> | ||
| <type>ACL_IPV4</type> | ||
| </config> | ||
| </ingress-acl-set> | ||
| </ingress-acl-sets> | ||
| </interface> | ||
| </interfaces> | ||
| </acl> | ||
| </config> | ||
| ''' | ||
|
|
||
| configuration = eos.edit_config(target = "running", config = conf, default_operation="merge") | ||
|
|
||
| print(configuration) | ||
|
|
||
| eos.close_session() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| from ncclient import manager | ||
| import xml.dom.minidom | ||
| eos=manager.connect(host="10.85.128.125", port="22", timeout=30, username="cvpadmin", password="arista", hostkey_verify=False) | ||
|
|
||
| ################################################################################### | ||
| # # | ||
| # This example will assign and ingress ipv6 ACL to an L3 interface # | ||
| # # | ||
| ################################################################################### | ||
|
|
||
| conf = ''' | ||
| <config> | ||
| <acl xmlns="http://arista.com/yang/openconfig/acl"> | ||
| <interfaces> | ||
| <interface> | ||
| <id>Ethernet2/1</id> | ||
| <config> | ||
| <id>Ethernet2/1</id> | ||
| </config> | ||
| <interface-ref> | ||
| <config> | ||
| <interface>Ethernet2/1</interface> | ||
| <subinterface>0</subinterface> | ||
| </config> | ||
| </interface-ref> | ||
| <egress-acl-sets/> | ||
| <ingress-acl-sets> | ||
| <ingress-acl-set> | ||
| <set-name>IPv6_ACL_NETCONF</set-name> | ||
| <type>ACL_IPV6</type> | ||
| <config> | ||
| <set-name>IPv6_ACL_NETCONF</set-name> | ||
| <type>ACL_IPV6</type> | ||
| </config> | ||
| </ingress-acl-set> | ||
| </ingress-acl-sets> | ||
| </interface> | ||
| </interfaces> | ||
| </acl> | ||
| </config> | ||
| ''' | ||
|
|
||
| configuration = eos.edit_config(target = "running", config = conf, default_operation="merge") | ||
|
|
||
| print(configuration) | ||
|
|
||
| eos.close_session() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| from ncclient import manager | ||
| eos=manager.connect(host="10.81.117.80", port="22", timeout=30, username="cvpadmin", password="arista", hostkey_verify=False) | ||
|
|
||
| ################################################################################### | ||
| # # | ||
| # This example will create an IPv4 access-list similar to following on EOS # | ||
| # # | ||
| # ip access-list IPv4_ACL_NETCONF # | ||
| # 10 permit icmp host 10.10.10.2 any ttl eq 5 # | ||
| # # | ||
| ################################################################################### | ||
|
|
||
| conf = ''' | ||
| <config> | ||
| <acl xmlns="http://arista.com/yang/openconfig/acl"> | ||
| <acl-sets> | ||
| <acl-set> | ||
| <name>IPv4_ACL_NETCONF</name> | ||
| <type>ACL_IPV4</type> | ||
| <acl-entries> | ||
| <acl-entry> | ||
| <sequence-id>10</sequence-id> | ||
| <actions> | ||
| <config> | ||
| <forwarding-action>ACCEPT</forwarding-action> | ||
| <log-action>LOG_NONE</log-action> | ||
| </config> | ||
| </actions> | ||
| <config> | ||
| <sequence-id>10</sequence-id> | ||
| </config> | ||
| <ipv4> | ||
| <config> | ||
| <destination-address>0.0.0.0/0</destination-address> | ||
| <protocol>1</protocol> | ||
| <source-address>10.10.10.2/32</source-address> | ||
| <hop-limit>5</hop-limit> | ||
| </config> | ||
| </ipv4> | ||
| </acl-entry> | ||
| </acl-entries> | ||
| <config> | ||
| <name>IPv4_ACL_NETCONF</name> | ||
| <type>ACL_IPV4</type> | ||
| </config> | ||
| </acl-set> | ||
| </acl-sets> | ||
| </acl> | ||
| </config> | ||
| ''' | ||
|
|
||
| configuration = eos.edit_config(target = "running", config = conf, default_operation="merge") | ||
| print(configuration) | ||
|
|
||
| eos.close_session() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,73 @@ | ||
| from ncclient import manager | ||
| eos=manager.connect(host="10.85.128.125", port="22", timeout=30, username="cvpadmin", password="arista", hostkey_verify=False) | ||
|
|
||
| ################################################################################### | ||
| # # | ||
| # This example will create an IPv6 access-list similar to following on EOS # | ||
| # # | ||
| # ipv6 access-list IPv6_ACL_NETCONF # | ||
| # 10 permit icmpv6 any any log # | ||
| # 20 deny ipv6 any 2001:a18::/29 # | ||
| # # | ||
| ################################################################################### | ||
|
|
||
| conf = ''' | ||
| <config> | ||
| <acl xmlns="http://arista.com/yang/openconfig/acl"> | ||
| <acl-sets> | ||
| <acl-set> | ||
| <name>IPv6_ACL_NETCONF</name> | ||
| <type>ACL_IPV6</type> | ||
| <acl-entries> | ||
| <acl-entry> | ||
| <sequence-id>10</sequence-id> | ||
| <actions> | ||
| <config> | ||
| <forwarding-action>ACCEPT</forwarding-action> | ||
| <log-action>LOG_SYSLOG</log-action> | ||
| </config> | ||
| </actions> | ||
| <config> | ||
| <sequence-id>10</sequence-id> | ||
| </config> | ||
| <ipv6> | ||
| <config> | ||
| <destination-address>::/0</destination-address> | ||
| <protocol>58</protocol> | ||
| <source-address>::/0</source-address> | ||
| </config> | ||
| </ipv6> | ||
| </acl-entry> | ||
| <acl-entry> | ||
| <sequence-id>20</sequence-id> | ||
| <actions> | ||
| <config> | ||
| <forwarding-action>DROP</forwarding-action> | ||
| <log-action>LOG_NONE</log-action> | ||
| </config> | ||
| </actions> | ||
| <config> | ||
| <sequence-id>20</sequence-id> | ||
| </config> | ||
| <ipv6> | ||
| <config> | ||
| <destination-address>2001:a18::/29</destination-address> | ||
| <source-address>::/0</source-address> | ||
| </config> | ||
| </ipv6> | ||
| </acl-entry> | ||
| </acl-entries> | ||
| <config> | ||
| <name>IPv6_ACL_NETCONF</name> | ||
| <type>ACL_IPV6</type> | ||
| </config> | ||
| </acl-set> | ||
| </acl-sets> | ||
| </acl> | ||
| </config> | ||
| ''' | ||
|
|
||
| configuration = eos.edit_config(target = "running", config = conf, default_operation="merge") | ||
| print(configuration) | ||
|
|
||
| eos.close_session() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| from ncclient import manager | ||
| import xml.dom.minidom | ||
| eos=manager.connect(host="10.81.108.236", port="22", timeout=30, username="cvpadmin", password="arista", hostkey_verify=False) | ||
|
|
||
| ##################################################################################################### | ||
| # # | ||
| # This example will create a MAC access-list similar to following on EOS # | ||
| # # | ||
| # mac access-list MAC_ACL_NETCONF # | ||
| # 10 permit 00:1c:73:7a:40:d2 00:00:00:00:00:00 00:1c:73:7a:40:91 00:00:00:00:00:00 arp log # # # | ||
| # # | ||
| # # | ||
| ##################################################################################################### | ||
|
|
||
| conf = ''' | ||
| <config> | ||
| <acl xmlns="http://arista.com/yang/openconfig/acl"> | ||
| <acl-sets> | ||
| <acl-set> | ||
| <name>MAC_ACL_NETCONF</name> | ||
| <type>ACL_L2</type> | ||
| <acl-entries> | ||
| <acl-entry> | ||
| <sequence-id>10</sequence-id> | ||
| <actions> | ||
| <config> | ||
| <forwarding-action>ACCEPT</forwarding-action> | ||
| <log-action>LOG_SYSLOG</log-action> | ||
| </config> | ||
| </actions> | ||
| <config> | ||
| <sequence-id>10</sequence-id> | ||
| </config> | ||
| <l2> | ||
| <config> | ||
| <destination-mac>00:1c:73:7a:40:91</destination-mac> | ||
| <destination-mac-mask>ff:ff:ff:ff:ff:ff</destination-mac-mask> | ||
| <ethertype>2054</ethertype> | ||
| <source-mac>00:1c:73:7a:40:d2</source-mac> | ||
| <source-mac-mask>ff:ff:ff:ff:ff:ff</source-mac-mask> | ||
| </config> | ||
| </l2> | ||
| </acl-entry> | ||
| </acl-entries> | ||
| <config> | ||
| <name>MAC_ACL_NETCONF</name> | ||
| <type>ACL_L2</type> | ||
| </config> | ||
| </acl-set> | ||
| </acl-sets> | ||
| </acl> | ||
| </config> | ||
| ''' | ||
|
|
||
| configuration = eos.edit_config(target = "running", config = conf, default_operation="merge") | ||
|
|
||
| print(configuration) | ||
|
|
||
| eos.close_session() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| from ncclient import manager | ||
| import xml.dom.minidom | ||
| eos=manager.connect(host="10.81.108.236", port="22", timeout=30, username="cvpadmin", password="arista", hostkey_verify=False) | ||
|
|
||
| ################################################################################### | ||
| # # | ||
| # This example will assign an ingress MAC ACL to an L2 interface # | ||
| # # | ||
| # interface Ethernet1/1 # | ||
| # mac access-group MAC_ACL_NETCONF in # # | ||
| # # | ||
| # # | ||
| ################################################################################### | ||
|
|
||
| conf = ''' | ||
| <config> | ||
| <acl xmlns="http://arista.com/yang/openconfig/acl"> | ||
| <interfaces> | ||
| <interface> | ||
| <id>Ethernet1/1</id> | ||
| <config> | ||
| <id>Ethernet1/1</id> | ||
| </config> | ||
| <interface-ref> | ||
| <config> | ||
| <interface>Ethernet1/1</interface> | ||
| <subinterface>0</subinterface> | ||
| </config> | ||
| </interface-ref> | ||
| <ingress-acl-sets> | ||
| <ingress-acl-set> | ||
| <set-name>MAC_ACL_NETCONF</set-name> | ||
| <type>ACL_L2</type> | ||
| <config> | ||
| <set-name>MAC_ACL_NETCONF</set-name> | ||
| <type>ACL_L2</type> | ||
| </config> | ||
| </ingress-acl-set> | ||
| </ingress-acl-sets> | ||
| </interface> | ||
| </interfaces> | ||
| </acl> | ||
| </config> | ||
| ''' | ||
|
|
||
| configuration = eos.edit_config(target = "running", config = conf, default_operation="merge") | ||
|
|
||
| print(configuration) | ||
|
|
||
| eos.close_session() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| from ncclient import manager | ||
| eos=manager.connect(host="10.81.108.236", port="22", timeout=30, username="cvpadmin", password="arista", hostkey_verify=False) | ||
|
|
||
| ############################################################################################ | ||
| # # | ||
| # This example will delete the specificed IPv4 Access list configured on the switch # | ||
| # # | ||
| ############################################################################################ | ||
|
|
||
| conf = ''' | ||
| <config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0"> | ||
| <acl xmlns="http://arista.com/yang/openconfig/acl"> | ||
| <acl-sets> | ||
| <acl-set xc:operation="delete"> | ||
| <name>IPv4_ACL_NETCONF</name> | ||
| <type>ACL_IPV4</type> | ||
| </acl-set> | ||
| </acl-sets> | ||
| </acl> | ||
| </config> | ||
| ''' | ||
|
|
||
| configuration = eos.edit_config(target = "running", config = conf, default_operation="merge") | ||
| print(configuration) | ||
|
|
||
| eos.close_session() |
Oops, something went wrong.