cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3314
Views
2
Helpful
10
Replies

NSO service deep-check-sync

jma1
Level 1
Level 1

I want to use services deep-check-sync to verify if all service involved devices still have expected configuration. Here is my test scenario:

1. deploy a l3vpn service instance

2. issue service check-sync, return in-sync true

3. issue device check-sync to all involved devices, all in sync

4. issue service deep-check-sync, return in-sync false

5. check details:

admin@ncs(config)# services l3vpn testvpn1001 deep-check-sync outformat cli
cli {
    local-node {
        data  devices {
                   device R203 {
                       config {
                           cisco-ios-xr:route-policy testvpn1001 {
              -                value "  pass\r
              ";
              +                value pass;
                           }
                       }
                   }
                   device R205 {
                       config {
                           cisco-ios-xr:route-policy testvpn1001 {
              -                value "  pass\r
              ";
              +                value pass;
                           }
                       }
                   }
               }

    }
}

The NSO and NED info are

build-info package name cisco-iosxr

build-info package version 6.2.1

build-info package ref 6.2.1

build-info package sha1 0fd63fb

build-info ncs version 4.4.2

It seems there are some discrepancy between real router configure and service expected configuration.  These route-policy configure is pushed to router by NSO service commit. So what NSO sent to router and saved expected service configuration in CDB are different.

Could any one shed some light on this? any work around?

Jamie

10 Replies 10

alam.bilal
Cisco Employee
Cisco Employee

It could be the way the node "route-policy" is modelled in the XR NED. At the moment, the entire policy (even when with multiple lines) is stored just a flat string with

Raise a ticket on the XR NED. When the route-policy configs are read from the physical device as part of deep-check-sync, perhaps we need the same transformation that were done while saving it off in CDB (i.e. consistent handling of the carriage returns)

Thanks Bilal, I submitted a ticket with TAC for your described enhancement.

Jamie,

 

Some guidance regarding route-policy received from NED developer:

IOSXR route-policy contents need to be converted to single string, with each new line replaced by "\r\n

Enter the policy on the device, show running-config, and reformat with replacement above.

2910 route-policy METRO-EDGE-ROUTES

2911   if destination in VIDEO-PRIVATE-V4 then

2912     set community VIDEO-PRIVATE-V4

2913   endif

2914   if destination in MGMT-PRIVATE-V4 then

2915     set community MGMT-PRIVATE-V4

2916   endif

2917   if destination in VIDEO-STB-V4 then

2918     set community VIDEO-STB-V4

2919   endif

2920   if destination in VIDEO-PUBLIC-V4 then

2921     set community VIDEO-PUBLIC-V4

2922   endif

2923 end-policy


route-policy METRO-EDGE-ROUTES

"  if destination in VIDEO-PRIVATE-V4 then\r\n    set community VIDEO-PRIVATE-V4\r\n  endif\r\n  if destination in MGMT-PRIVATE-V4 then\r\n    set community MGMT-PRIVATE-V4\r\n  endif\r\n  if destination in VIDEO-STB-V4 then\r\n    set community VIDEO-STB-V4\r\n  endif"

end-policy


NOTE: Do not be tempted to reformat and change a single whitespace, you will be out of sync because the device modifies whitespace itself to look just like the above

During the l3vpn service implementation, I offer the service template in XML format. The service commit dry run can be displayed in two formats as listed below.

XML format

                    <route-policy xmlns="http://tail-f.com/ned/cisco-ios-xr">

                      <name>testvpn1001</name>

                      <value>pass</value>

                    </route-policy>

CLI format

                          cisco-ios-xr:route-policy testvpn1001 {

                              value pass;

                          }

It is not user who generates the configuration strings and sends them to NED. It is not the user who stores the service implementation into CDB. Currently the problem is whatever is stored in the CDB is different than what is NED sends to device.

My guess is that the NSO code module that renders user service template have to do something to make sure whatever stores in the CDB matches with whatever NED sends to device.

gschudel
Cisco Employee
Cisco Employee

Hi Jaime

What _Larry_ was trying to convey is - it appears that your XML template is incorrectly formatted.

Because of how "route-policy" structures are formatted (currently) by the NED, as one "long string"

this string MUST be correctly constructed... In fact there is a long explanation of this in the README file for this NED...

(Please REVIEW the README file included in the cisco-ios-xr NED, "item #11" is all about route-policy)

To help you understand what's going on -- i duplicated your test case (I guess that's what it was)

I noted that you provided this XML stub...

XML format

                    <route-policy xmlns="http://tail-f.com/ned/cisco-ios-xr">

                      <name>testvpn1001</name>

                      <value>pass</value>

                    </route-policy>

NOTE that you have no "embedded spaces or \r\n" in your XML!!!

you have <value>pass</value" -- this is incorrect...

the correct entry is:   <value>  pass&#13;</value>

you will note that that is TWO SPACES... followed by pass and then &#13

every bit of this MUST be this way...

as a test, i added a route-policy on a REAL device, and then "sync-from" -- and then display what CDB has...

my route-policy is called TESTONE

REAL DEVICE

==================

RP/0/RSP0/CPU0:lisp9-a9k-1#configure

RP/0/RSP0/CPU0:lisp9-a9k-1(config)#route-policy TESTONE

RP/0/RSP0/CPU0:lisp9-a9k-1(config-rpl)#pass

RP/0/RSP0/CPU0:lisp9-a9k-1(config-rpl)#exit

RP/0/RSP0/CPU0:lisp9-a9k-1(config)#exit

Uncommitted changes found, commit them before exiting(yes/no/cancel)? [cancel]:yes

RP/0/RSP0/CPU0:lisp9-a9k-1#show running-config

Building configuration...

!! IOS XR Configuration 5.3.3.22I

!! Last configuration change at Tue Jan  9 07:19:34 2018 by lab

!

hostname lisp9-a9k-1

clock timezone PST -8

clock summer-time PDT recurring

service timestamps log datetime msec

(skip....)

!

interface GigabitEthernet0/0/0/3

shutdown

!

route-policy TESTONE

  pass

end-policy

!

!

(ect.)

NSO SYNC-FROM and DISPLAY

==========================

admin@ncs% request devices device lab9k2 sync-from

result true

[ok][2018-01-09 11:13:34]


[edit]

admin@ncs%


admin@ncs% show devices device lab9k2 config cisco-ios-xr:route-policy TESTONE

value "  pass\r\n";

[ok][2018-01-09 11:14:25]


[edit]

admin@ncs% show devices device lab9k2 config cisco-ios-xr:route-policy TESTONE | display xml

<config xmlns="http://tail-f.com/ns/config/1.0">

  <devices xmlns="http://tail-f.com/ns/ncs">

  <device>

    <name>lab9k2</name>

      <config>

      <route-policy xmlns="http://tail-f.com/ned/cisco-ios-xr">

        <name>TESTONE</name>

       <value>  pass&#13;</value>

     </route-policy>

      </config>

  </device>

  </devices>

</config>

[ok][2018-01-09 11:14:31]


[edit]

admin@ncs%

admin@ncs% show devices device lab9k2 config cisco-ios-xr:route-policy TESTONE | display set

set devices device lab9k2 config cisco-ios-xr:route-policy TESTONE value "  pass\r\n"

[ok][2018-01-09 11:15:05]


[edit]

admin@ncs%

My second tests was to create an XML template to "load/merge" -- to show this (i'll add teh template here for you to review) -- this one is called TESTTWO

first, show it does not exist, then load it, then show it...



admin@ncs% show devices device lab9k2 config cisco-ios-xr:route-policy TESTTWO

-----------------------------------------------------------------------^

syntax error: element does not exist

[error][2018-01-09 11:17:37]


[edit]

admin@ncs%

admin@ncs% load merge ./scripts/TestTwo.xml

[ok][2018-01-09 11:17:58]


[edit]

admin@ncs% commit dry-run

cli {

    local-node {

        data  devices {

                  device lab9k2 {

                      config {

             +            cisco-ios-xr:route-policy TESTTWO {

             +                value "  pass\r";

             +            }

                      }

                  }

              }

    }

}

[ok][2018-01-09 11:18:00]


[edit]

admin@ncs% commit

Commit complete.

[ok][2018-01-09 11:18:14]


[edit]

admin@ncs% show devices device lab9k2 config cisco-ios-xr:route-policy TESTTWO

value "  pass\r";

[ok][2018-01-09 11:18:19]


[edit]

admin@ncs%

There you go! works perfectly!

<?xml version="1.0"?>

<config xmlns="http://tail-f.com/ns/config/1.0">

    <devices xmlns="http://tail-f.com/ns/ncs">

        <device>

            <name>lab9k2</name>

            <config>

                <route-policy xmlns="http://tail-f.com/ned/cisco-ios-xr">

                    <name>TESTTWO</name>

                    <value>  pass&#13;</value>

                </route-policy>

            </config>

        </device>

    </devices>

</config>





Please go look at your service/template and add SPACES and \r (&#13;) and you should find success!



Best reagrds

gregg

Changing my route policy xml template pass value line solved the problem. Thanks for everyone helping troubleshoot and finding the solutions.

Change from

          <value>pass</value>

to

           <value>  pass&#xD;&#xA;</value>

The value is two spaces, followed by pass, and followed by \r\n

Thanks,

Jamie

gschudel
Cisco Employee
Cisco Employee

gschudel
Cisco Employee
Cisco Employee

cool!

you likely want to use exactly what CDB tells you for XML CR

&#13;

https://stackoverflow.com/questions/2265966/xml-carriage-return-encoding

cheers

gregg

Does the same formatting apply if my route-policy rule spans several lines like 

route-policy blocking
  if destination in blocklist then
  set extcommunity rt blocked-rt
  endif

should it be:

<config>
      <route-policy xmlns="http://tail-f.com/ned/cisco-ios-xr">
        <name>blocking</name>
        <value>  "if destination in blocklist then&#13; set extcommunity rt blocked-rt&#13;  endif&#13;"</value>
      </route-policy>
    </config>

I've tried several variations on the the above including splitting it over several lines but always get the same error:

"The string ".....code from above" is incorrectly quoted.

thanks

R