10-15-2021 08:05 AM
Hello,
i'm facing an issue with NSO version 5.5.
While i'm trying to playing with policies i found i cannot configure any error message for expression that matches True/False values.
For example, if i create an error for any attempt to enable ip source-route on the device:
i'm executing these policies on netsim devices just for study purposes.
admin@ncs(config)#
admin@ncs(config)# policy rule no-source-route foreach /devices/device[starts-with(name,'ios')] expr config/ios:ip/source-route[true] error-message "Ip source route is a denied policy!"
admin@ncs(config-rule-no-source-route)#
admin@ncs(config-rule-no-source-route)# commit
Aborted: Ip source route is a denied policy!
admin@ncs(config-rule-no-source-route)# end
Uncommitted changes found, commit them? [yes/no/CANCEL]
Aborted: by user
admin@ncs(config-rule-no-source-route)# end
Uncommitted changes found, commit them? [yes/no/CANCEL]
Aborted: by user
admin@ncs(config-rule-no-source-route)# commit
Aborted: Ip source route is a denied policy!
admin@ncs(config-rule-no-source-route)# end
Uncommitted changes found, commit them? [yes/no/CANCEL] y
Aborted: Ip source route is a denied policy!
admin@ncs(config)# end
Uncommitted changes found, commit them? [yes/no/CANCEL] no
I receive an abort action when i commit, there's something wrong here. It shouldn't do that.
There's no way to commit this error check.
So i was wondering that xpath was wrong and when i did check xpath i then tried to change the expression without any result.
admin@ncs# config
Entering configuration mode terminal
admin@ncs(config)# policy rule no-source-route foreach /devices/device[starts-with(name,'ios')] expr config/ios:ip/source-route true error-message "Ip source route is a denied policy!"
--------------------------------------------------------------------------------------------------------------------------------^
syntax error: element does not exist
admin@ncs(config)#
admin@ncs(config)# end
admin@ncs# show running-config devices device ios0 config ip source-route | display xpath
/devices/device[name='ios0']/config/ios:ip/source-route false
it gives me a syntax error for space between source-route true.
But anyway beyond that even with parenthesis it doesn't work. What's missing here?
I noticed that even with other paths, like for example ip http server, it doesn't work anyway.
Thanks for any help.
P.
11-02-2021 07:58 AM
Hello @pigallo,
I wasn't able to find any Bugs similar to this on the Cisco Bug Search Tool , although I would check for myself if I was you, before ruling that out.
I would also take a look at Cisco DevNet's NSO Guide - 5.5
Hope this helps!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide