Re: DNA API: Extract Trunk Interface VLANs

mlumc4 · ‎09-28-2022

Hi,

I am making a call in Python to extract interface information (on a 9500 switch attached to DNAC) via this API endpoint:

"/dna/intent/api/v1/interface/network-device/{device_iuuid}/interface-name?name={int_name}"

And I see various bits of information in the JSON that returns. I see that the interface is either in access or trunk mode:

"portMode" : "trunk"

I see the native vlan listed:

"vlanId" : "1"

But I would like to all see the other VLANs that are configured on that interface. I'm looking at the documentation on DNAC and online and am not finding anything so far.

Anyone have any idea how I can get a list of the other VLANs on the trunk port via the API?

Thanks

Mark

Andrea Testino · ‎09-28-2022

Mark,

You can use the device-enrichment-details API to see what VLANs are allowed on a trunk port. It's not the most elegant, but it gets the job done. My sample request is below:

curl -k --location --request GET 'https://10.100.14.133/dna/intent/api/v1/device-enrichment-details' \
--header 'x-auth-token: redacted' \
--header 'entity_type: device_id' \
--header 'entity_value: d593df57-7c78-4ea3-8424-f4c2a8684ea6' \

One caveat, if the trunk port is wide open (i.e. no VLANs were pruned or specified) then the JSON body will look as follows (notice sourcePortVLANInfo field):

                    "links": [
                        {
                            "source": "d593df57-7c78-4ea3-8424-f4c2a8684ea6",
                            "linkStatus": null,
                            "sourceLinkStatus": "UP",
                            "targetLinkStatus": "UP",
                            "target": "5a61c67f-1554-4640-bed6-ea32a5446f44",
                            "id": "5a61c67f-1554-4640-bed6-ea32a5446f44-GigabitEthernet1/0/12",
                            "portUtilization": null,
                            "sourceInterfaceName": "GigabitEthernet1/0/12",
                            "targetInterfaceName": "GigabitEthernet3/0/12",
                            "sourceDuplexInfo": "FullDuplex",
                            "targetDuplexInfo": "FullDuplex",
                            "sourcePortMode": "trunk",
                            "targetPortMode": "routed",
                            "sourceAdminStatus": "UP",
                            "targetAdminStatus": "UP",
                            "apRadioAdminStatus": null,
                            "apRadioOperStatus": null,
                            "sourcePortVLANInfo": "ALL", <<<<<
                            "targetPortVLANInfo": ""
                        },

Output is snipped for brevity.

If you do have VLANs specified in the configuration like so:

LON-C9K-2# show run int g1/0/12
Building configuration...

Current configuration : 148 bytes
!
interface GigabitEthernet1/0/12
 description UPLINK INTERFACE TEST-C3850-3
 switchport trunk allowed vlan 10-12,98,99
 switchport mode trunk
end

Then the JSON body will return these under the "links" section as shown below:

                    "links": [
                        {
                            "source": "d593df57-7c78-4ea3-8424-f4c2a8684ea6",
                            "linkStatus": null,
                            "sourceLinkStatus": "UP",
                            "targetLinkStatus": "UP",
                            "target": "5a61c67f-1554-4640-bed6-ea32a5446f44",
                            "id": "5a61c67f-1554-4640-bed6-ea32a5446f44-GigabitEthernet1/0/12",
                            "portUtilization": null,
                            "sourceInterfaceName": "GigabitEthernet1/0/12",
                            "targetInterfaceName": "GigabitEthernet3/0/12",
                            "sourceDuplexInfo": "FullDuplex",
                            "targetDuplexInfo": "FullDuplex",
                            "sourcePortMode": "trunk",
                            "targetPortMode": "routed",
                            "sourceAdminStatus": "UP",
                            "targetAdminStatus": "UP",
                            "apRadioAdminStatus": null,
                            "apRadioOperStatus": null,
                            "sourcePortVLANInfo": "10-12,98,99", <<<<<<
                            "targetPortVLANInfo": ""
                        },
<snip>

Hope that helps!

- Andrea, CCIE #56739 R&S

mlumc4 · ‎09-29-2022

Thanks for your feedback Andrea!

This is the header I use in Python:

header = {

'content-type': 'application/json',

'x-auth-token': tok,

'entity_value': iuuid,

'entity_type': 'xx:xx:xx:xx:xx:xx'

}

However I received this error:

[{'message': 'Invalid Entity type', 'reason': 'Entity type must either be mac_address/device_id/ip_address'}]

From the documentation for 'entity_type',:

"Device enrichment details can be fetched based on either Device ID or Device MAC address or Device IP Address. This parameter value must either be device_id/mac_address/ip_address"

I have tested with the IP address of the switch and the switch name as the 'entity_type', but all throw the same error. Do you have any idea what I am doing wrong?

I am using DNAC Version 2.3.3.4-72142.

Regards

Mark

Andrea Testino · ‎09-29-2022

Mark,

Anytime -- Here's an example using Python's requests library and sticking to the device_id entity_type as in my previous example:

import requests
from requests.auth import HTTPBasicAuth
import time
import urllib3
urllib3.disable_warnings()
from pprint import pprint

BASE_URL = 'https://10.100.14.133'
AUTH_URL = '/dna/system/api/v1/auth/token'
USERNAME = 'admin'
PASSWORD = 'redacted'

response = requests.post(BASE_URL + AUTH_URL, auth=HTTPBasicAuth(USERNAME, PASSWORD), verify=False)
token = response.json()['Token']
headers = {'X-Auth-Token': token, 'Content-Type': 'application/json'}

ENRICH_DETAILS = '/dna/intent/api/v1/device-enrichment-details'
headers = {
  'entity_type': 'device_id',
  'entity_value': 'd593df57-7c78-4ea3-8424-f4c2a8684ea6',
  'X-Auth-Token': token
}
try:
    response = requests.get(BASE_URL + ENRICH_DETAILS,
                            headers=headers, verify=False)
    print(response.status_code)
except Exception as e:
    print("Server returned non-200 OK response -- API Response Code is -->  {}".format(response) + "\n\n\n")

pprint(response.json())

P.S: Obviously you want to dynamically pull the device UUID (entity_value) prior -- Just static here for ease

The above will return the full JSON body of course. In your case, parse through 'links' to pull interface name, VLANs allowed, etc.

Hope that helps!

- Andrea, CCIE #56739 R&S

mlumc4 · ‎09-29-2022

Ah I was being dumb - I thought 'device_id' was some kind of variable, but its not, it is literally 'device_id'

So now I am getting data from device-enrichment-details endpoint, thanks!

However, I only get 2 items in the 'links' list. As in details of 2 interfaces are brought back, where as there are 52 in the stack I am connecting to. Any idea why that is?

Coincidentally, the 2 interfaces are the only two that has Cisco kit on the other end of the cable! Not sure if that is having an effect...

Regards

Mark

Andrea Testino · ‎09-29-2022

Mark,

No worries, and you are most welcome!

I did go back to my DNAC and my test C9K I was using for this and noticed what you are pointing out: I have 10 interfaces UP/UP, but my API JSON response only contains 5 links.

I realize DNAC is responding with only what Assurance sees, which in my case, are the 5 other devices managed by DNAC as well; the other 5 devices not showing up are phones/NXOS/XR devices connected to the C9K but are not managed by DNAC and thus not reported within Assurance.

I'll do some digging and see if there's a way to have Assurance report on everything connected to the device, as opposed to only DNAC-managed devices, such that this API Endpoint can cover your use case and let you know here if I find something.

A good temporary workaround for your scenario may be to use the Command Runner API and run show commands that look at the interfaces and extract the VLANs allowed in trunk ports.

- Andrea, CCIE #56739 R&S