From 173bb8a29f7dd3b3e9abfc97f7fd50c282009aa4 Mon Sep 17 00:00:00 2001 From: Sebastian Czech Date: Wed, 7 Feb 2024 13:12:14 +0100 Subject: [PATCH] feat(panos/network): Advanced routing engine (#539) * Start work on Logical Router * Add interfaces and admin distances for logical router * Add static routes for VRF * Add BFD profile * Fix BFD profile * Assign BFD profile to static route * Update commits * Static IPv6 route * BGP auth and timer profiles * BGP address family - IPv4 unicast * BGP address family - finish IPv4 unicast * BGP address family - IPv4 multicast and IPv6 unicast * BGP dampening profile * BGP redistribution profile * BGP filtering (without filter lists and maps) * OSPF timers and auth * Fix pytest issues * New class for OSPF redistribution profile * Extend class for OSPF redistribution profile * Finish OSPF redistribution profile * OSPFv3 authentication profile * OSPFv3 timer profiles * OSPFv3 redistribution profile * Filter Access List - IPv4 * Filter Access List - IPv6 * Filter Prefix List * Filter AS-Path Access List * Filter Community List * Filter BGP Route-Maps * Filter BGP Route-Maps Redistribution (without from-protocol , to-protocol) * BGP settings, BGP peer and peer group * OSPF (without area) * OSPF area * Add RIB filters for logical router * Add ECMP for logical router * Add extended ECMP configuration * Add OSPF area range * Add OSPF area interface * Add OSPF area virtual link * Configure OPSFv3 on logical router * Add OSPFv3 with virutal link, range, interface for area * Format code * Add class for AdvancedRoutingEngine * Fix ValueError: not enough values to unpack (expected 2, got 1) * Simple test for logical router with VRF * Add template of logical route and test for BGP peer group * Test BGP auth profile * Add test for advanced routing engine * Test VRF static routes and BGP peer * Tests for routing profiles for BGP * Test for ARE OSPF * Extend logical router skeleton used in tests * Tests for routing profiles for OSPF * Add tests for other routing profiles * Fix format issues * Update TODO with details what to implement * Format code * Format code with poetry and Python 3.8 --- panos/device.py | 34 + panos/firewall.py | 3 + panos/network.py | 3621 +++++++++++++++++++++++++++++++++++- panos/panorama.py | 4 + tests/live/test_network.py | 893 ++++++++- tests/live/testlib.py | 7 +- 6 files changed, 4558 insertions(+), 4 deletions(-) diff --git a/panos/device.py b/panos/device.py index e92c5c66..704c9aa6 100644 --- a/panos/device.py +++ b/panos/device.py @@ -148,6 +148,8 @@ class Vsys(VersionedPanObject): "network.VlanInterface", "network.Vlan", "network.VirtualRouter", + "network.LogicalRouter", + "network.Vrf", "network.VirtualWire", "network.Layer2Subinterface", "network.Layer3Subinterface", @@ -397,6 +399,38 @@ def _setup(self): self._params = tuple(params) +class AdvancedRoutingEngine(VersionedPanObject): + """ + Note: This is valid for PANS-OS 10.2+. + + Args: + enable (bool): Enable advanced routing engine + + """ + + NAME = None + ROOT = Root.DEVICE + CHILDTYPES = () + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/deviceconfig/setting") + + # params + params = [] + + params.append( + VersionedParamPath( + "enable", + default=False, + vartype="yesno", + path="advance-routing", + ) + ) + + self._params = tuple(params) + + class LogSettingsSystem(VersionedPanObject): """Firewall or Panorama device log settings system diff --git a/panos/firewall.py b/panos/firewall.py index 49c8ae3a..cd5b9e1e 100644 --- a/panos/firewall.py +++ b/panos/firewall.py @@ -62,6 +62,7 @@ class Firewall(PanDevice): "device.Vsys", "device.VsysResources", "device.SystemSettings", + "device.AdvancedRoutingEngine", "device.LogSettingsSystem", "device.LogSettingsConfig", "device.PasswordProfile", @@ -104,6 +105,8 @@ class Firewall(PanDevice): "network.Layer3Subinterface", "network.Vlan", "network.VirtualRouter", + "network.LogicalRouter", + "network.Vrf", "network.ManagementProfile", "network.VirtualWire", "network.IkeGateway", diff --git a/panos/network.py b/panos/network.py index 3e6ae25a..1a9e1ad3 100644 --- a/panos/network.py +++ b/panos/network.py @@ -1184,8 +1184,8 @@ def _setup(self): params.append( VersionedParamPath( "ipv6_enabled", - path="{mode}/ipv6/enabled", vartype="yesno", + path="{mode}/ipv6/enabled", condition={"mode": "layer3"}, ) ) @@ -5523,3 +5523,3622 @@ def _setup(self): ) self._params = tuple(params) + + +class LogicalRouter(VsysOperations): + """Logical router + + Args: + name (str): Name of logical router + vrf (str): Name of VRF + """ + + SUFFIX = ENTRY + CHILDTYPES = ("network.Vrf",) + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/network/logical-router") + self._xpaths.add_profile( + value="{0}/network/logical-router".format(self._TEMPLATE_DEVICE_XPATH), + parents=("Template", "TemplateStack"), + ) + + # xpath imports + self._xpath_imports.add_profile(value="/network/logical-router") + + # params + params = [] + + params.append(VersionedParamPath("vrf", path="vrf", vartype="entry")) + + self._params = tuple(params) + + +class Vrf(VsysOperations): + """VRF + + Args: + name (str): Name of VRF + interface (list): List of interface names + ad_static (int): Administrative distance for this protocol + ad_static_ipv6 (int): Administrative distance for this protocol + ad_ospf_inter (int): Administrative distance for this protocol + ad_ospf_intra (int): Administrative distance for this protocol + ad_ospf_ext (int): Administrative distance for this protocol + ad_ospfv3_inter (int): Administrative distance for this protocol + ad_ospfv3_intra (int): Administrative distance for this protocol + ad_ospfv3_ext (int): Administrative distance for this protocol + ad_bgp_internal (int): Administrative distance for this protocol + ad_bgp_external (int): Administrative distance for this protocol + ad_bgp_local (int): Administrative distance for this protocol + ad_rip (int): Administrative distance for this protocol + bgp_enable (bool): Enable BGP + bgp_router_id (str): Router id of this BGP instance + bgp_local_as (str): Local AS number + bgp_install_route (bool): Populate BGP learned route to global route table + bgp_enforce_first_as (bool): Enforce First AS + bgp_fast_external_failover (bool): Immediately reset session if a link to a directly connected external peer goes down + bgp_ecmp_multi_as (bool): Support multiple AS in ECMP + bgp_default_local_preference (int): Global Default Local Preference + bgp_graceful_shutdown (bool): Gracefully Shutdown BGP following RFC-8326 + bgp_always_advertise_network_route (bool): Always advertise network routes even if not present in RIB + bgp_med_always_compare_med (bool): Always compare MEDs + bgp_med_deterministic_med_comparison (bool): Deterministic MEDs comparison + bgp_graceful_restart_enable (bool): Graceful-restart options enabled + bgp_graceful_restart_stale_route_time (int): Time to remove stale routes after peer restart + bgp_graceful_max_peer_restart_time (int): Maximum of peer restart time accepted + bgp_graceful_local_restart_time (int): Local restart time to advertise to peer + bgp_global_bfd (str): BGP Global BFD Profile + bgp_redistribution_profile_ipv4_unicast (str): IPv4 Redistribution Profile + bgp_redistribution_profile_ipv6_unicast (str): IPv6 Redistribution Profile + ospf_enable (bool): Enable OSPF (Default: True) + ospf_router_id (str): Router ID in IP format (eg. 1.1.1.1) + ospf_global_bfd (str): OSPF Global BFD Profile + ospf_spf_timer (str): SPF timer setting + ospf_global_if_timer (str): Global protocol timer setting + ospf_redistribution_profile (str): Redistribution profile setting + ospf_rfc1583 (bool): RFC 1583 compatibility + ospf_graceful_restart_enable (bool): Enable OSPF graceful restart + ospf_graceful_restart_grace_period (int): Graceful restart period + ospf_graceful_restart_helper_enable (bool): Graceful restart helper enable + ospf_graceful_restart_strict_lsa_checking (bool): Graceful restart strict lsa checking + ospf_graceful_restart_max_neighbor_restart_time (int): Graceful restart neighbor restart time + ospfv3_enable (bool): Enable OSPFv3 (Default: True) + ospfv3_router_id (str): Router ID in IP format (eg. 1.1.1.1) + ospfv3_global_bfd (str): OSPFv3 Global BFD Profile + ospfv3_spf_timer (str): SPF timer setting + ospfv3_global_if_timer (str): Global protocol timer setting + ospfv3_redistribution_profile (str): Redistribution profile setting + ospfv3_disable_transit_traffic (bool): Disable R-Bit and v6-Bit + ospfv3_graceful_restart_enable (bool): Enable OSPFv3 graceful restart + ospfv3_graceful_restart_grace_period (int): Graceful restart period + ospfv3_graceful_restart_helper_enable (bool): Graceful restart helper enable + ospfv3_graceful_restart_strict_lsa_checking (bool): Graceful restart strict lsa checking + ospfv3_graceful_restart_max_neighbor_restart_time (int): Graceful restart neighbor restart time + rib_filter_ipv4_static (str): IPv4 static route map + rib_filter_ipv4_bgp (str): IPv4 BGP route map + rib_filter_ipv4_ospf (str): IPv4 OSPF route map + rib_filter_ipv6_static (str): IPv6 static route map + rib_filter_ipv6_bgp (str): IPv6 BGP route map + rib_filter_ipv6_ospfv3 (str): IPv6 OSPFv3 route map + ecmp_enable (bool): Enable Equal Cost Multipath + ecmp_symmetric_return (bool): Allows return packets to egress out of the ingress interface of the flow + ecmp_strict_source_path (bool): Force VPN traffic to exit interface that the source-ip belongs to + ecmp_max_path (int): Maxmum number of ECMP paths supported, change this configuration will result in a virtual router restart + ecmp_algorithm (str): Load balancing algorithm + ecmp_algorithm_src_only (bool): Only use source address for hash + ecmp_algorithm_use_port (bool): Use source/destination port for hash + ecmp_algorithm_hash_seed (int): User-specified hash seed + """ + + SUFFIX = ENTRY + CHILDTYPES = ( + "network.VrfStaticRoute", + "network.VrfStaticRouteV6", + "network.VrfBgpPeerGroup", + "network.VrfOspfArea", + "network.VrfOspfv3Area", + "network.VrfEcmpInterfaceWeight", + "network.RoutingProfileBfd", + "network.RoutingProfileBgpAuth", + "network.RoutingProfileBgpTimer", + "network.RoutingProfileBgpAddressFamily", + "network.RoutingProfileBgpDampening", + "network.RoutingProfileBgpRedistribution", + "network.RoutingProfileBgpFiltering", + "network.RoutingProfileOspfAuth", + "network.RoutingProfileOspfIfTimer", + "network.RoutingProfileOspfSpfTimer", + "network.RoutingProfileOspfRedistribution", + "network.RoutingProfileOspfv3Auth", + "network.RoutingProfileOspfv3IfTimer", + "network.RoutingProfileOspfv3SpfTimer", + "network.RoutingProfileOspfv3Redistribution", + "network.RoutingProfileFilterAccessList", + "network.RoutingProfileFilterPrefixList", + "network.RoutingProfileFilterAsPathAccessList", + "network.RoutingProfileFilterCommunityList", + "network.RoutingProfileFilterRouteMaps", + "network.RoutingProfileFilterRouteMapsRedistribution", + ) + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/vrf") + + # params + params = [] + + params.append( + VersionedParamPath("interface", path="interface", vartype="member") + ) + + admin_dists = ( + ("ad_static", "static"), + ("ad_static_ipv6", "static-ipv6"), + ("ad_ospf_inter", "ospf-inter"), + ("ad_ospf_intra", "ospf-intra"), + ("ad_ospf_ext", "ospf-ext"), + ("ad_ospfv3_inter", "ospfv3-inter"), + ("ad_ospfv3_intra", "ospfv3-intra"), + ("ad_ospfv3_ext", "ospfv3-ext"), + ("ad_bgp_internal", "bgp-internal"), + ("ad_bgp_external", "bgp-external"), + ("ad_bgp_local", "bgp-local"), + ("ad_rip", "rip"), + ) + + for var_name, path in admin_dists: + params.append( + VersionedParamPath(var_name, vartype="int", path="admin-dists/" + path) + ) + + params.append( + VersionedParamPath( + "bgp_enable", path="bgp/enable", default=False, vartype="yesno" + ) + ) + params.append(VersionedParamPath("bgp_router_id", path="bgp/router-id")) + params.append(VersionedParamPath("bgp_local_as", path="bgp/local-as")) + params.append( + VersionedParamPath( + "bgp_install_route", + path="bgp/install-route", + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "bgp_enforce_first_as", + path="bgp/enforce-first-as", + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "bgp_fast_external_failover", + path="bgp/fast-external-failover", + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "bgp_ecmp_multi_as", + path="bgp/ecmp-multi-as", + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "bgp_default_local_preference", + path="bgp/default-local-preference", + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "bgp_graceful_shutdown", + path="bgp/graceful-shutdown", + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "bgp_always_advertise_network_route", + path="bgp/always-advertise-network-route", + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "bgp_med_always_compare_med", + path="bgp/med/always-compare-med", + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "bgp_med_deterministic_med_comparison", + path="bgp/med/deterministic-med-comparison", + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "bgp_graceful_restart_enable", + path="bgp/graceful-restart/enable", + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "bgp_graceful_restart_stale_route_time", + path="bgp/graceful-restart/stale-route-time", + default=120, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "bgp_graceful_max_peer_restart_time", + path="bgp/graceful-restart/max-peer-restart-time", + default=120, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "bgp_graceful_local_restart_time", + path="bgp/graceful-restart/local-restart-time", + default=120, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "bgp_global_bfd", path="bgp/global-bfd/profile", default="None" + ) + ) + params.append( + VersionedParamPath( + "bgp_redistribution_profile_ipv4_unicast", + path="bgp/redistribution-profile/ipv4/unicast", + ) + ) + params.append( + VersionedParamPath( + "bgp_redistribution_profile_ipv6_unicast", + path="bgp/redistribution-profile/ipv6/unicast", + ) + ) + + params.append( + VersionedParamPath( + "ospf_enable", default=False, path="ospf/enable", vartype="yesno" + ) + ) + params.append( + VersionedParamPath("ospf_router_id", path="ospf/router-id", default=None) + ) + params.append( + VersionedParamPath("ospf_global_bfd", path="ospf/global-bfd/profile") + ) + params.append(VersionedParamPath("ospf_spf_timer", path="ospf/spf-timer")) + params.append( + VersionedParamPath("ospf_global_if_timer", path="ospf/global-if-timer") + ) + params.append( + VersionedParamPath( + "ospf_redistribution_profile", path="ospf/redistribution-profile" + ) + ) + params.append( + VersionedParamPath( + "ospf_rfc1583", + path="ospf/rfc1583", + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ospf_graceful_restart_enable", + path="ospf/graceful-restart/enable", + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ospf_graceful_restart_grace_period", + path="ospf/graceful-restart/grace-period", + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "ospf_graceful_restart_helper_enable", + path="ospf/graceful-restart/helper-enable", + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ospf_graceful_restart_strict_lsa_checking", + path="ospf/graceful-restart/strict-LSA-checking", + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ospf_graceful_restart_max_neighbor_restart_time", + path="ospf/graceful-restart/max-neighbor-restart-time", + vartype="int", + ) + ) + + params.append( + VersionedParamPath( + "ospfv3_enable", default=False, path="ospfv3/enable", vartype="yesno" + ) + ) + params.append( + VersionedParamPath( + "ospfv3_router_id", path="ospfv3/router-id", default=None + ) + ) + params.append( + VersionedParamPath("ospfv3_global_bfd", path="ospfv3/global-bfd/profile") + ) + params.append(VersionedParamPath("ospfv3_spf_timer", path="ospfv3/spf-timer")) + params.append( + VersionedParamPath("ospfv3_global_if_timer", path="ospfv3/global-if-timer") + ) + params.append( + VersionedParamPath( + "ospfv3_redistribution_profile", + path="ospfv3/redistribution-profile", + ) + ) + params.append( + VersionedParamPath( + "ospfv3_disable_transit_traffic", + path="ospfv3/disable-transit-traffic", + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ospfv3_graceful_restart_enable", + path="ospfv3/graceful-restart/enable", + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ospfv3_graceful_restart_grace_period", + path="ospfv3/graceful-restart/grace-period", + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "ospfv3_graceful_restart_helper_enable", + path="ospfv3/graceful-restart/helper-enable", + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ospfv3_graceful_restart_strict_lsa_checking", + path="ospfv3/graceful-restart/strict-LSA-checking", + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ospfv3_graceful_restart_max_neighbor_restart_time", + path="ospfv3/graceful-restart/max-neighbor-restart-time", + vartype="int", + ) + ) + + params.append( + VersionedParamPath( + "rib_filter_ipv4_static", + path="rib-filter/ipv4/static", + ) + ) + params.append( + VersionedParamPath( + "rib_filter_ipv4_bgp", + path="rib-filter/ipv4/bgp", + ) + ) + params.append( + VersionedParamPath( + "rib_filter_ipv4_ospf", + path="rib-filter/ipv4/ospf", + ) + ) + params.append( + VersionedParamPath( + "rib_filter_ipv6_static", + path="rib-filter/ipv6/static", + ) + ) + params.append( + VersionedParamPath( + "rib_filter_ipv6_bgp", + path="rib-filter/ipv6/bgp", + ) + ) + params.append( + VersionedParamPath( + "rib_filter_ipv6_ospfv3", + path="rib-filter/ipv6/ospfv3", + ) + ) + + params.append( + VersionedParamPath( + "ecmp_enable", + default=False, + path="ecmp/enable", + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ecmp_symmetric_return", + default=False, + path="ecmp/symmetric-return", + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ecmp_strict_source_path", + default=False, + path="ecmp/strict-source-path", + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ecmp_max_path", path="ecmp/max-path", default=2, vartype="int" + ) + ) + params.append( + VersionedParamPath( + "ecmp_algorithm", + values=[ + "ip-modulo", + "ip-hash", + "weighted-round-robin", + "balanced-round-robin", + ], + path="ecmp/algorithm/{ecmp_algorithm}", + ) + ) + params.append( + VersionedParamPath( + "ecmp_algorithm_src_only", + default=False, + path="ecmp/algorithm/{ecmp_algorithm}/src-only", + vartype="yesno", + condition={"ecmp_algorithm": "ip-hash"}, + ) + ) + params.append( + VersionedParamPath( + "ecmp_algorithm_use_port", + default=False, + path="ecmp/algorithm/{ecmp_algorithm}/use-port", + vartype="yesno", + condition={"ecmp_algorithm": "ip-hash"}, + ) + ) + params.append( + VersionedParamPath( + "ecmp_algorithm_hash_seed", + path="ecmp/algorithm/{ecmp_algorithm}/hash-seed", + default=0, + vartype="int", + condition={"ecmp_algorithm": "ip-hash"}, + ) + ) + + self._params = tuple(params) + + +class RoutingProfileBfd(VersionedPanObject): + """BFD profile + + Args: + name (str): The name + mode (str): BFD operation mode + min_tx_interval (int): Desired Minimum Tx Interval (ms) + min_rx_interval (int): Required Minimum Rx Interval (ms) + detection_multiplier (int): Detection Time Multiplier + hold_time (int) Hold Time (ms) + min_received_ttl (int): Minimum accepted TTL on received BFD packet + """ + + SUFFIX = ENTRY + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/network/routing-profile/bfd") + + # params + params = [] + + params.append( + VersionedParamPath( + "mode", + default="active", + values=["active", "passive"], + path="mode", + ) + ) + params.append( + VersionedParamPath( + "min_tx_interval", default=1000, vartype="int", path="min-tx-interval" + ) + ) + params.append( + VersionedParamPath( + "min_rx_interval", default=1000, vartype="int", path="min-rx-interval" + ) + ) + params.append( + VersionedParamPath( + "detection_multiplier", + default=3, + vartype="int", + path="detection-multiplier", + ) + ) + params.append( + VersionedParamPath("hold_time", default=0, vartype="int", path="hold-time") + ) + params.append( + VersionedParamPath( + "min_received_ttl", vartype="int", path="multihop/min-received-ttl" + ) + ) + + self._params = tuple(params) + + +class VrfStaticRoute(VersionedPanObject): + """VRF Static Route + + Add to a :class:`panos.network.Vrf` instance. + + Args: + name (str): The name + destination (str): Destination network + nexthop_type (str): ip-address, discard, or next-vr + nexthop (str): Next hop IP address or Next VR Name + interface (str): Next hop interface + admin_dist (str): Administrative distance + metric (int): Metric (Default: 10) + enable_path_monitor (bool): Enable Path Monitor + failure_condition (str): Path Monitor failure condition set 'any' or 'all' + preemptive_hold_time (int): Path Monitor Preemptive Hold Time in minutes + bfd_profile (str): Name of the BRF profile + """ + + SUFFIX = ENTRY + CHILDTYPES = ("network.PathMonitorDestination",) + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/routing-table/ip/static-route") + + # params + params = [] + + params.append(VersionedParamPath("destination", path="destination")) + params.append( + VersionedParamPath( + "nexthop_type", + default="ip-address", + values=["discard", "ip-address", "next-lr", "fqdn"], + path="nexthop/{nexthop_type}", + ) + ) + params.append(VersionedParamPath("nexthop", path="nexthop/{nexthop_type}")) + params.append(VersionedParamPath("interface", path="interface")) + params.append( + VersionedParamPath("admin_dist", vartype="int", path="admin-dist") + ) + params.append( + VersionedParamPath("metric", default=10, vartype="int", path="metric") + ) + params.append( + VersionedParamPath( + "enable_path_monitor", path="path-monitor/enable", vartype="yesno" + ) + ) + params.append( + VersionedParamPath( + "failure_condition", + values=("all", "any"), + path="path-monitor/failure-condition", + ) + ) + params.append( + VersionedParamPath( + "preemptive_hold_time", vartype="int", path="path-monitor/hold-time" + ) + ) + params.append(VersionedParamPath("bfd_profile", path="bfd/profile")) + + self._params = tuple(params) + + +class VrfStaticRouteV6(VersionedPanObject): + """VRF Static Route IPv6 + + Add to a :class:`panos.network.Vrf` instance. + + Args: + name (str): The name + destination (str): Destination network + nexthop_type (str): ip-address, discard, or next-vr + nexthop (str): Next hop IP address or Next VR Name + interface (str): Next hop interface + admin_dist (str): Administrative distance + metric (int): Metric (Default: 10) + enable_path_monitor (bool): Enable Path Monitor + failure_condition (str): Path Monitor failure condition set 'any' or 'all' + preemptive_hold_time (int): Path Monitor Preemptive Hold Time in minutes + bfd_profile (str): Name of the BRF profile + """ + + SUFFIX = ENTRY + CHILDTYPES = ("network.PathMonitorDestination",) + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/routing-table/ipv6/static-route") + + # params + params = [] + + params.append(VersionedParamPath("destination", path="destination")) + params.append( + VersionedParamPath( + "nexthop_type", + default="ip-address", + values=["discard", "ipv6-address", "next-lr", "fqdn"], + path="nexthop/{nexthop_type}", + ) + ) + params.append(VersionedParamPath("nexthop", path="nexthop/{nexthop_type}")) + params.append(VersionedParamPath("interface", path="interface")) + params.append( + VersionedParamPath("admin_dist", vartype="int", path="admin-dist") + ) + params.append( + VersionedParamPath("metric", default=10, vartype="int", path="metric") + ) + params.append( + VersionedParamPath( + "enable_path_monitor", path="path-monitor/enable", vartype="yesno" + ) + ) + params.append( + VersionedParamPath( + "failure_condition", + values=("all", "any"), + path="path-monitor/failure-condition", + ) + ) + params.append( + VersionedParamPath( + "preemptive_hold_time", vartype="int", path="path-monitor/hold-time" + ) + ) + params.append(VersionedParamPath("bfd_profile", path="bfd/profile")) + + self._params = tuple(params) + + +class VrfEcmpInterfaceWeight(VersionedPanObject): + """VRF ECMP interface and weight + + Args: + name (str): Interface name + weight (int): Interface ECMP weight + """ + + SUFFIX = ENTRY + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/ecmp/algorithm/weighted-round-robin/interface") + + # params + params = [] + + params.append( + VersionedParamPath("weight", default=100, vartype="int", path="weight") + ) + + self._params = tuple(params) + + +class VrfOspfArea(VersionedPanObject): + """VRF OSPF area + + Args: + name (str): The name + authentication (str): Authentication profile name + type (str): Area type + import_list (str): Import list + export_list (str): Export list + inbound_filter_list (str): Inbound filter list + outbound_filter_list (str): Outbound filter list + no_summary (bool): No summary + metric (int): Metric value + metric_type (str): Metric type + """ + + SUFFIX = ENTRY + CHILDTYPES = ( + "network.VrfOspfAreaRange", + "network.VrfOspfAreaInterface", + "network.VrfOspfAreaVirtualLink", + ) + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/ospf/area") + + # params + params = [] + + params.append(VersionedParamPath("authentication", path="authentication")) + params.append( + VersionedParamPath( + "type", + path="type/{type}", + values=["normal", "stub", "nssa"], + default="normal", + ) + ) + params.append( + VersionedParamPath( + "import_list", + path="type/{type}/abr/import-list", + condition={"type": ["normal", "stub", "nssa"]}, + ) + ) + params.append( + VersionedParamPath( + "export_list", + path="type/{type}/abr/export-list", + condition={"type": ["normal", "stub", "nssa"]}, + ) + ) + params.append( + VersionedParamPath( + "inbound_filter_list", + path="type/{type}/abr/inbound-filter-list", + condition={"type": ["normal", "stub", "nssa"]}, + ) + ) + params.append( + VersionedParamPath( + "outbound_filter_list", + path="type/{type}/abr/outbound-filter-list", + condition={"type": ["normal", "stub", "nssa"]}, + ) + ) + params.append( + VersionedParamPath( + "no_summary", + path="type/{type}/no-summary", + condition={"type": ["stub", "nssa"]}, + vartype="yesno", + default=False, + ) + ) + params.append( + VersionedParamPath( + "metric", + path="type/{type}/default-information-originate/metric", + condition={"type": "nssa"}, + ) + ) + params.append( + VersionedParamPath( + "metric_type", + path="type/{type}/default-information-originate/metric-type", + values=["type-1", "type-2"], + condition={"type": "nssa"}, + ) + ) + + self._params = tuple(params) + + +class VrfOspfAreaRange(VersionedPanObject): + """VRF OSPF area range + + Args: + name (str): IP Address/Netmask + substitute (str): Substitute network/prefix + advertise (bool): Do summarization and advertise + """ + + SUFFIX = ENTRY + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/range") + + # params + params = [] + + params.append( + VersionedParamPath("substitute", path="substitute", vartype="attrib") + ) + params.append( + VersionedParamPath( + "advertise", + path="advertise", + vartype="yesno", + default=True, + ) + ) + + self._params = tuple(params) + + +class VrfOspfAreaInterface(VersionedPanObject): + """VRF OSPF area interface + + Args: + name (str): Interface name + enable (bool): Enable OSPF on this interface + mtu_ignore (bool): Ignore mtu when try to establish adjacency + passive (bool): "Suppress the sending of hello packets in this interface + priority (int): Priority for OSPF designated router selection + link_type (str): Link Type + metric (int): Cost of OSPF interface + authentication (str): Authentication options + bfd_profile (str): BFD profile + timing (str): Protocol timer setting + """ + + SUFFIX = ENTRY + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/interface") + + # params + params = [] + + params.append( + VersionedParamPath("enable", path="enable", vartype="yesno", default=True) + ) + params.append( + VersionedParamPath( + "mtu_ignore", + path="mtu-ignore", + vartype="yesno", + default=False, + ) + ) + params.append( + VersionedParamPath( + "passive", + path="passive", + vartype="yesno", + default=False, + ) + ) + params.append( + VersionedParamPath("priority", path="priority", vartype="int", default=1) + ) + params.append( + VersionedParamPath( + "link_type", + path="link-type/{link_type}", + values=["broadcast", "p2p", "p2mp"], + default="broadcast", + ) + ) + params.append( + VersionedParamPath("metric", path="metric", vartype="int", default=10) + ) + params.append(VersionedParamPath("authentication", path="authentication")) + params.append(VersionedParamPath("bfd_profile", path="bfd/profile")) + params.append(VersionedParamPath("timing", path="timing")) + + ### TODO: implement neighbor for link type p2mp: ospf -> area -> interface -> link-type -> p2mp + + self._params = tuple(params) + + +class VrfOspfAreaVirtualLink(VersionedPanObject): + """VRF OSPF area virtual link + + Args: + name (str): Virtual link name + enable (bool): Enable this virtual link + neighbor_id (str): Neighbor router id for virtual link + transit_area_id (str): ID of transit area, cannot be backbone, stub or NSSA + timing (str): Timer profile + authentication (str): Authentication options + """ + + SUFFIX = ENTRY + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/virtual-link") + + # params + params = [] + + params.append( + VersionedParamPath("enable", path="enable", vartype="yesno", default=True) + ) + params.append(VersionedParamPath("neighbor_id", path="neighbor-id")) + params.append(VersionedParamPath("transit_area_id", path="transit-area-id")) + params.append(VersionedParamPath("timing", path="timing")) + params.append(VersionedParamPath("authentication", path="authentication")) + + self._params = tuple(params) + + +class VrfOspfv3Area(VersionedPanObject): + """VRF OSPFv3 area + + Args: + name (str): The name + authentication (str): Authentication profile name + type (str): Area type + import_list (str): Import list + export_list (str): Export list + inbound_filter_list (str): Inbound filter list + outbound_filter_list (str): Outbound filter list + no_summary (bool): No summary + metric (int): Metric value + metric_type (str): Metric type + """ + + SUFFIX = ENTRY + CHILDTYPES = ( + "network.VrfOspfv3AreaRange", + "network.VrfOspfv3AreaInterface", + "network.VrfOspfv3AreaVirtualLink", + ) + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/ospfv3/area") + + # params + params = [] + + params.append(VersionedParamPath("authentication", path="authentication")) + params.append( + VersionedParamPath( + "type", + path="type/{type}", + values=["normal", "stub", "nssa"], + default="normal", + ) + ) + params.append( + VersionedParamPath( + "import_list", + path="type/{type}/abr/import-list", + condition={"type": ["normal", "stub", "nssa"]}, + ) + ) + params.append( + VersionedParamPath( + "export_list", + path="type/{type}/abr/export-list", + condition={"type": ["normal", "stub", "nssa"]}, + ) + ) + params.append( + VersionedParamPath( + "inbound_filter_list", + path="type/{type}/abr/inbound-filter-list", + condition={"type": ["normal", "stub", "nssa"]}, + ) + ) + params.append( + VersionedParamPath( + "outbound_filter_list", + path="type/{type}/abr/outbound-filter-list", + condition={"type": ["normal", "stub", "nssa"]}, + ) + ) + params.append( + VersionedParamPath( + "no_summary", + path="type/{type}/no-summary", + condition={"type": ["stub", "nssa"]}, + vartype="yesno", + default=False, + ) + ) + params.append( + VersionedParamPath( + "metric", + path="type/{type}/default-information-originate/metric", + condition={"type": "nssa"}, + ) + ) + params.append( + VersionedParamPath( + "metric_type", + path="type/{type}/default-information-originate/metric-type", + values=["type-1", "type-2"], + condition={"type": "nssa"}, + ) + ) + + self._params = tuple(params) + + +class VrfOspfv3AreaRange(VersionedPanObject): + """VRF OSPFv3 area range + + Args: + name (str): IP Address/Netmask + substitute (str): Substitute network/prefix + advertise (bool): Do summarization and advertise + """ + + SUFFIX = ENTRY + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/range") + + # params + params = [] + + params.append( + VersionedParamPath("substitute", path="substitute", vartype="attrib") + ) + params.append( + VersionedParamPath( + "advertise", + path="advertise", + vartype="yesno", + default=True, + ) + ) + + self._params = tuple(params) + + +class VrfOspfv3AreaInterface(VersionedPanObject): + """VRF OSPF area interface + + Args: + name (str): Interface name + enable (bool): Enable OSPF on this interface + mtu_ignore (bool): Ignore mtu when try to establish adjacency + passive (bool): "Suppress the sending of hello packets in this interface + priority (int): Priority for OSPF designated router selection + link_type (str): Link Type + metric (int): Cost of OSPF interface + instance_id (str): OSPFv3 instance ID + authentication (str): Authentication options + bfd_profile (str): BFD profile + timing (str): Protocol timer setting + """ + + SUFFIX = ENTRY + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/interface") + + # params + params = [] + + params.append( + VersionedParamPath("enable", path="enable", vartype="yesno", default=True) + ) + params.append( + VersionedParamPath( + "mtu_ignore", + path="mtu-ignore", + vartype="yesno", + default=False, + ) + ) + params.append( + VersionedParamPath( + "passive", + path="passive", + vartype="yesno", + default=False, + ) + ) + params.append( + VersionedParamPath("priority", path="priority", vartype="int", default=1) + ) + params.append( + VersionedParamPath( + "link_type", + path="link-type/{link_type}", + values=["broadcast", "p2p", "p2mp"], + default="broadcast", + ) + ) + params.append( + VersionedParamPath("metric", path="metric", vartype="int", default=10) + ) + params.append(VersionedParamPath("instance_id", path="instance-id")) + params.append(VersionedParamPath("authentication", path="authentication")) + params.append(VersionedParamPath("bfd_profile", path="bfd/profile")) + params.append(VersionedParamPath("timing", path="timing")) + + ### TODO: implement neighbor for link type p2mp: ospfv3 -> area -> interface -> link-type -> p2mp + + self._params = tuple(params) + + +class VrfOspfv3AreaVirtualLink(VersionedPanObject): + """VRF OSPF area virtual link + + Args: + name (str): Virtual link name + enable (bool): Enable this virtual link + neighbor_id (str): Neighbor router id for virtual link + transit_area_id (str): ID of transit area, cannot be backbone, stub or NSSA + timing (str): Timer profile + authentication (str): Authentication options + """ + + SUFFIX = ENTRY + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/virtual-link") + + # params + params = [] + + params.append( + VersionedParamPath("enable", path="enable", vartype="yesno", default=True) + ) + params.append(VersionedParamPath("neighbor_id", path="neighbor-id")) + params.append(VersionedParamPath("transit_area_id", path="transit-area-id")) + params.append(VersionedParamPath("timing", path="timing")) + params.append(VersionedParamPath("authentication", path="authentication")) + + self._params = tuple(params) + + +class VrfBgpPeerGroup(VersionedPanObject): + """VRF BGP peer group + + Args: + name (str): Name of the BGP peer group + enable (bool): Enabled BGP peer group + type (str): Type of BGP peer group + address_family_ipv4 (str): IPv4 Address Family + address_family_ipv6 (str): IPv6 Address Family + filtering_profile_ipv4 (str): IPv4 Filtering Profile + filtering_profile_ipv6 (str): IPv6 Filtering Profile + connection_options_timers (str): Timer Profile Name + connection_options_multihop (int): Multi-hop value + connection_options_authentication (str): Authentication Profile Name + connection_options_dampening (str): Dampening Profile Name + """ + + SUFFIX = ENTRY + CHILDTYPES = ("network.VrfBgpPeer",) + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/bgp/peer-group") + + # params + params = [] + + params.append( + VersionedParamPath("enable", path="enable", default=True, vartype="yesno") + ) + params.append( + VersionedParamPath( + "type", + path="type/{type}", + values=["ebgp", "ibgp"], + default="ebgp", + ) + ) + params.append( + VersionedParamPath("address_family_ipv4", path="address-family/ipv4") + ) + params.append( + VersionedParamPath("address_family_ipv6", path="address-family/ipv6") + ) + params.append( + VersionedParamPath("filtering_profile_ipv4", path="filtering-profile/ipv4") + ) + params.append( + VersionedParamPath("filtering_profile_ipv6", path="filtering-profile/ipv6") + ) + + params.append( + VersionedParamPath( + "connection_options_timers", + path="connection-options/timers/", + ) + ) + params.append( + VersionedParamPath( + "connection_options_multihop", + path="connection-options/multihop", + default=0, + ) + ) + params.append( + VersionedParamPath( + "connection_options_authentication", + path="connection-options/authentication", + ) + ) + params.append( + VersionedParamPath( + "connection_options_dampening", + path="connection-options/dampening", + ) + ) + + self._params = tuple(params) + + +class VrfBgpPeer(VersionedPanObject): + """VRF BGP peer + + Args: + name (str): Name of the BGP peer + enable (bool): Enable BGP peer + passive (bool): If enabled, open messages are not sent to this peer + peer_as (int): Peer AS number + enable_sender_side_loop_detection (bool): Enable Sender Side Loop Detection + local_address_interface (str): Interface to accept BGP session + local_address_ip (str): Specify exact IP address if interface has multiple addresses + peer_address_type (str): Peer address configuration + peer_address_value (str): IP or FQDN + bfd_profile (str): BFD profile + """ + + SUFFIX = ENTRY + + def _setup(self): + # xpaths + self._xpaths.add_profile(value="/peer") + + # params + params = [] + + params.append( + VersionedParamPath("enable", path="enable", default=True, vartype="yesno") + ) + params.append( + VersionedParamPath( + "passive", + path="passive", + default=False, + vartype="yesno", + ) + ) + params.append(VersionedParamPath("peer_as", path="peer-as", vartype="int")) + params.append( + VersionedParamPath( + "enable_sender_side_loop_detection", + path="enable-sender-side-loop-detection", + default=True, + vartype="yesno", + ) + ) + + ### TODO: implement BGP peer group -> peer -> inherit + + params.append( + VersionedParamPath( + "local_address_interface", path="local-address/interface" + ) + ) + params.append(VersionedParamPath("local_address_ip", path="local-address/ip")) + params.append( + VersionedParamPath( + "peer_address_type", + path="peer-address/{peer_address_type}", + values=["ip", "fqdn"], + ) + ) + params.append( + VersionedParamPath( + "peer_address_value", + path="peer-address/{peer_address_type}/", + ) + ) + + ### TODO: implement BGP peer group -> peer -> connection-options + + params.append( + VersionedParamPath( + "bfd_profile", + path="bfd/profile", + default="Inherit-lr-global-setting", + ) + ) + + self._params = tuple(params) + + +### TODO: implement VRF -> BGP -> aggregate-routes + + +### TODO: implement VRF -> BGP -> advertise-network + + +class RoutingProfileBgpAuth(VersionedPanObject): + """BGP authentication profile + + Args: + name (str): The name of the profile + secret (str): Shared secret for the TCP MD5 authentication + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/network/routing-profile/bgp/auth-profile") + + params = [] + + params.append(VersionedParamPath("secret", vartype="encrypted")) + + self._params = tuple(params) + + +class RoutingProfileBgpTimer(VersionedPanObject): + """BGP timer profile + + Args: + name (str): The name of the profile + keep_alive_interval (int): Keep-alive interval + hold_time (int): Hold time + reconnect_retry_interval (int): Wait in the connect state before retrying connection to the peer + open_delay_time (int): Delay time after peer TCP connection up and sending 1st BGP Open Message + min_route_adv_interval (int): Minimum Route Advertisement Interval + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/network/routing-profile/bgp/timer-profile") + + params = [] + + params.append( + VersionedParamPath( + "keep_alive_interval", + path="keep-alive-interval", + vartype="int", + default=30, + ) + ) + params.append( + VersionedParamPath( + "hold_time", + path="hold-time", + vartype="int", + default=90, + ) + ) + params.append( + VersionedParamPath( + "reconnect_retry_interval", + path="reconnect-retry-interval", + vartype="int", + default=15, + ) + ) + params.append( + VersionedParamPath( + "open_delay_time", + path="open-delay-time", + vartype="int", + default=0, + ) + ) + params.append( + VersionedParamPath( + "min_route_adv_interval", + path="min-route-adv-interval", + vartype="int", + default=30, + ) + ) + + self._params = tuple(params) + + +class RoutingProfileBgpAddressFamily(VersionedPanObject): + """BGP address family profile + + Args: + name (str): The name of the profile + afi (str): Address Family Identifier + unicast_enable (bool): Enable IPv4/IPv6 Unicast Profile + unicast_soft_reconfig_with_stored_info (bool): Soft reconfiguration of peer with stored routes + unicast_add_path_tx_all_paths (bool): Advertise all paths to peer + unicast_add_path_tx_bestpath_per_as (bool): Advertise the bestpath per each neighboring AS + unicast_as_override (bool): Override ASNs in outbound updates if AS-Path equals Remote-A + unicast_default_originate (bool): Originate Default Route + unicast_route_reflector_client (bool): Route Reflector Client + unicast_allowas_in (str): Accept my AS in AS_PATH if route originated in my AS + unicast_allowas_in_occurrence (int): Number of occurrences of AS number + unicast_maximum_prefix_num_prefixes (int): Max allowed prefixes from this peer + unicast_maximum_prefix_threshold (int): Threshold value (%) at which to generate a warning msg + unicast_maximum_prefix_action (str): Action if max-prefixes reached + unicast_maximum_prefix_action_restart_interval (int): Restart connection when limit exceeded + unicast_next_hop (str): Disable next-hop calculation + unicast_remove_private_as (str): Remove private ASNs in outbound updates + unicast_send_community (str): Send community attributes + unicast_orf (str): Advertise ORF (Outbound Route Filtering) Capability + unicast_default_originate_map (str): Default Originate Route-Map + multicast_enable (bool): Enable IPv4 Multicast Profile + multicast_soft_reconfig_with_stored_info (bool): Soft reconfiguration of peer with stored routes + multicast_add_path_tx_all_paths (bool): Advertise all paths to peer + multicast_add_path_tx_bestpath_per_as (bool): Advertise the bestpath per each neighboring AS + multicast_as_override (bool): Override ASNs in outbound updates if AS-Path equals Remote-A + multicast_default_originate (bool): Originate Default Route + multicast_route_reflector_client (bool): Route Reflector Client + multicast_allowas_in (str): Accept my AS in AS_PATH if route originated in my AS + multicast_allowas_in_occurrence (int): Number of occurrences of AS number + multicast_maximum_prefix_num_prefixes (int): Max allowed prefixes from this peer + multicast_maximum_prefix_threshold (int): Threshold value (%) at which to generate a warning msg + multicast_maximum_prefix_action (str): Action if max-prefixes reached + multicast_maximum_prefix_action_restart_interval (int): Restart connection when limit exceeded + multicast_next_hop (str): Disable next-hop calculation + multicast_remove_private_as (str): Remove private ASNs in outbound updates + multicast_send_community (str): Send community attributes + multicast_orf (str): Advertise ORF (Outbound Route Filtering) Capability + multicast_default_originate_map (str): Default Originate Route-Map + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile( + value="/network/routing-profile/bgp/address-family-profile" + ) + + params = [] + + params.append(VersionedParamPath("afi", path="{afi}", default="ipv4")) + + # IPv4/IPv6 unicast + params.append( + VersionedParamPath( + "unicast_enable", + path="{afi}/unicast/enable", + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "unicast_soft_reconfig_with_stored_info", + path="{afi}/unicast/soft-reconfig-with-stored-info", + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "unicast_add_path_tx_all_paths", + path="{afi}/unicast/add-path/tx-all-paths", + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "unicast_add_path_tx_bestpath_per_as", + path="{afi}/unicast/add-path/tx-bestpath-per-AS", + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "unicast_as_override", + path="{afi}/unicast/as-override", + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "unicast_default_originate", + path="{afi}/unicast/default-originate", + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "unicast_route_reflector_client", + path="{afi}/unicast/route-reflector-client", + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "unicast_allowas_in", + path="{afi}/unicast/allowas-in/{unicast_allowas_in}", + values=["origin", "occurrence", "none"], + ) + ) + params.append( + VersionedParamPath( + "unicast_allowas_in_occurrence", + condition={"unicast_allowas_in": "occurrence"}, + path="{afi}/unicast/allowas-in/occurrence", + default=1, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "unicast_maximum_prefix_num_prefixes", + path="{afi}/unicast/maximum-prefix/num_prefixes", + default=1000, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "unicast_maximum_prefix_threshold", + path="{afi}/unicast/maximum-prefix/threshold", + default=100, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "unicast_maximum_prefix_action", + path="{afi}/unicast/maximum-prefix/action/{unicast_maximum_prefix_action}", + default="warning-only", + values=[ + "restart", + "warning-only", + ], + ) + ) + params.append( + VersionedParamPath( + "unicast_maximum_prefix_action_restart_interval", + path="{afi}/unicast/maximum-prefix/action/restart/interval", + condition={"unicast_maximum_prefix_action": "restart"}, + default=1, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "unicast_next_hop", + path="{afi}/unicast/next-hop/{unicast_next_hop}", + values=["self", "self-force"], + ) + ) + params.append( + VersionedParamPath( + "unicast_remove_private_as", + path="{afi}/unicast/remove-private-AS/{unicast_remove_private_as}", + values=["all", "replace-AS"], + ) + ) + params.append( + VersionedParamPath( + "unicast_send_community", + path="{afi}/unicast/send-community/{unicast_send_community}", + values=["all", "both", "extended", "large", "standard"], + ) + ) + params.append( + VersionedParamPath( + "unicast_orf", + path="{afi}/unicast/orf/orf-prefix-list", + values=["none", "both", "receive", "send"], + ) + ) + params.append( + VersionedParamPath( + "unicast_default_originate_map", + path="{afi}/unicast/default-originate-map", + ) + ) + + # IPv4 multicast + params.append( + VersionedParamPath( + "multicast_enable", + path="{afi}/multicast/enable", + condition={"afi": "ipv4"}, + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "multicast_soft_reconfig_with_stored_info", + path="{afi}/multicast/soft-reconfig-with-stored-info", + condition={"afi": "ipv4"}, + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "multicast_add_path_tx_all_paths", + path="{afi}/multicast/add-path/tx-all-paths", + condition={"afi": "ipv4"}, + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "multicast_add_path_tx_bestpath_per_as", + path="{afi}/multicast/add-path/tx-bestpath-per-AS", + condition={"afi": "ipv4"}, + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "multicast_as_override", + path="{afi}/multicast/as-override", + condition={"afi": "ipv4"}, + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "multicast_default_originate", + path="{afi}/multicast/default-originate", + condition={"afi": "ipv4"}, + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "multicast_route_reflector_client", + path="{afi}/multicast/route-reflector-client", + condition={"afi": "ipv4"}, + default=False, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "multicast_allowas_in", + path="{afi}/multicast/allowas-in/{multicast_allowas_in}", + condition={"afi": "ipv4"}, + values=["origin", "occurrence", "none"], + ) + ) + params.append( + VersionedParamPath( + "multicast_allowas_in_occurrence", + path="{afi}/multicast/allowas-in/occurrence", + condition={"afi": "ipv4", "multicast_allowas_in": "occurrence"}, + default=1, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "multicast_maximum_prefix_num_prefixes", + path="{afi}/multicast/maximum-prefix/num_prefixes", + condition={"afi": "ipv4"}, + default=1000, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "multicast_maximum_prefix_threshold", + path="{afi}/multicast/maximum-prefix/threshold", + condition={"afi": "ipv4"}, + default=100, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "multicast_maximum_prefix_action", + path="{afi}/multicast/maximum-prefix/action/{multicast_maximum_prefix_action}", + condition={"afi": "ipv4"}, + default="warning-only", + values=[ + "restart", + "warning-only", + ], + ) + ) + params.append( + VersionedParamPath( + "multicast_maximum_prefix_action_restart_interval", + path="{afi}/multicast/maximum-prefix/action/restart/interval", + condition={"afi": "ipv4", "multicast_maximum_prefix_action": "restart"}, + default=1, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "multicast_next_hop", + path="{afi}/multicast/next-hop/{multicast_next_hop}", + condition={"afi": "ipv4"}, + values=["self", "self-force"], + ) + ) + params.append( + VersionedParamPath( + "multicast_remove_private_as", + path="{afi}/multicast/remove-private-AS/{multicast_remove_private_as}", + condition={"afi": "ipv4"}, + values=["all", "replace-AS"], + ) + ) + params.append( + VersionedParamPath( + "multicast_send_community", + path="{afi}/multicast/send-community/{multicast_send_community}", + condition={"afi": "ipv4"}, + values=["all", "both", "extended", "large", "standard"], + ) + ) + params.append( + VersionedParamPath( + "multicast_orf", + path="{afi}/multicast/orf/orf-prefix-list", + condition={"afi": "ipv4"}, + values=["none", "both", "receive", "send"], + ) + ) + params.append( + VersionedParamPath( + "multicast_default_originate_map", + path="{afi}/multicast/default-originate-map", + condition={"afi": "ipv4"}, + ) + ) + + self._params = tuple(params) + + +class RoutingProfileBgpDampening(VersionedPanObject): + """BGP dampening profile + + Args: + name (str): The name of the profile + description (str): Description of the BGP Dampening Profile + half_life (int): Half-life for the penalty + reuse_limit (int): Value to start reusing a route + suppress_limit (int): Value to start supressing the route + max_suppress_limit (int): Maximum duration (in minutes) a route can be suppressed + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/network/routing-profile/bgp/dampening-profile") + + params = [] + + params.append(VersionedParamPath("description", path="description")) + params.append( + VersionedParamPath( + "half_life", + path="half-life", + default=15, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "reuse_limit", + path="reuse-limit", + default=750, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "suppress_limit", + path="suppress-limit", + default=2000, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "max_suppress_limit", + path="max-suppress-limit", + default=60, + vartype="int", + ) + ) + + self._params = tuple(params) + + +class RoutingProfileBgpRedistribution(VersionedPanObject): + """BGP redistribution profile + + Args: + name (str): The name of the profile + afi (str): Address Family Identifier + static_enable (bool): Enable Static Routes + static_metric (int): Static Metric (Field ignored if route-map configured) + connected_enable (bool): Enable Connected Routes + connected_metric (int): Connected Metric (Field ignored if route-map configured) + ospf_enable (bool): Enable OSPF Routes (only for IPv4) + ospf_metric (int): OSPF Metric (Field ignored if route-map configured) + ospfv3_enable (bool): Enable OSPFv3 Routes (only for IPv6) + ospfv3_metric (int): OSPFv3 Metric (Field ignored if route-map configured) + rip_enable (bool): Enable RIP Routes + rip_metric (int): RIP Metric (Field ignored if route-map configured) + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile( + value="/network/routing-profile/bgp/redistribution-profile" + ) + + params = [] + + params.append(VersionedParamPath("afi", path="{afi}", default="ipv4")) + params.append( + VersionedParamPath( + "static_enable", + path="{afi}/unicast/static/enable", + condition={"afi": ["ipv4", "ipv6"]}, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "static_metric", + path="{afi}/unicast/static/metric", + condition={"afi": ["ipv4", "ipv6"]}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "connected_enable", + path="{afi}/unicast/connected/enable", + condition={"afi": ["ipv4", "ipv6"]}, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "connected_metric", + path="{afi}/unicast/connected/metric", + condition={"afi": ["ipv4", "ipv6"]}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "ospf_enable", + path="{afi}/unicast/ospf/enable", + condition={"afi": "ipv4"}, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ospf_metric", + path="{afi}/unicast/ospf/metric", + condition={"afi": "ipv4"}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "ospfv3_enable", + path="{afi}/unicast/ospfv3/enable", + condition={"afi": "ipv6"}, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "ospfv3_metric", + path="{afi}/unicast/ospfv3/metric", + condition={"afi": "ipv6"}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "rip_enable", + path="{afi}/unicast/rip/enable", + condition={"afi": "ipv4"}, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "rip_metric", + path="{afi}/unicast/rip/metric", + condition={"afi": "ipv4"}, + vartype="int", + ) + ) + + self._params = tuple(params) + + +class RoutingProfileBgpFiltering(VersionedPanObject): + """BGP filtering profile + + Args: + name (str): The name of the profile + description (str): Description of the profile + afi (str): Address Family Identifier + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/network/routing-profile/bgp/filtering-profile") + + params = [] + + params.append(VersionedParamPath("description", path="description")) + params.append(VersionedParamPath("afi", path="{afi}", default="ipv4")) + + self._params = tuple(params) + + +class RoutingProfileOspfAuth(VersionedPanObject): + """OSPF authentication profile + + Args: + name (str): The name of the profile + password (str): Simple password authentication + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/network/routing-profile/ospf/auth-profile") + + params = [] + + params.append(VersionedParamPath("password", vartype="encrypted")) + + self._params = tuple(params) + + +class RoutingProfileOspfIfTimer(VersionedPanObject): + """OSPF interface timer profile + + Args: + name (str): The name of the profile + hello_interval (int): Interval (in seconds) to send Hello packets + dead_counts (int): Number of lost hello packets to declare router down + retransmit_interval (int): Interval (in seconds) to retransmit LSAs + transit_delay (int): Estimated delay (in seconds) to transmit LSAs + gr_delay (int): Period (in seconds) used to send grace LSAs before first hello is sent when graceful restart starts + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/network/routing-profile/ospf/if-timer-profile") + + params = [] + + params.append( + VersionedParamPath( + "hello_interval", + path="hello-interval", + vartype="int", + default=10, + ) + ) + params.append( + VersionedParamPath( + "dead_counts", + path="dead-counts", + vartype="int", + default=4, + ) + ) + params.append( + VersionedParamPath( + "retransmit_interval", + path="retransmit-interval", + vartype="int", + default=5, + ) + ) + params.append( + VersionedParamPath( + "transit_delay", + path="transit-delay", + vartype="int", + default=1, + ) + ) + params.append( + VersionedParamPath( + "gr_delay", + path="gr-delay", + vartype="int", + default=10, + ) + ) + + self._params = tuple(params) + + +class RoutingProfileOspfSpfTimer(VersionedPanObject): + """OSPF global timer profile + + Args: + name (str): The name of the profile + lsa_interval (int): The minimum time in seconds between distinct originations of any particular LSA + spf_calculation_delay (int): Delay in seconds before running the SPF algorithm + initial_hold_time (int): Initial hold time (second) between consecutive SPF calculations + max_hold_time (int): Maximum hold time (second) + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile( + value="/network/routing-profile/ospf/spf-timer-profile" + ) + + params = [] + + params.append( + VersionedParamPath( + "lsa_interval", + path="lsa-interval", + vartype="int", + default=5, + ) + ) + params.append( + VersionedParamPath( + "spf_calculation_delay", + path="spf-calculation-delay", + vartype="int", + default=5, + ) + ) + params.append( + VersionedParamPath( + "initial_hold_time", + path="initial-hold-time", + vartype="int", + default=5, + ) + ) + params.append( + VersionedParamPath( + "max_hold_time", + path="max-hold-time", + vartype="int", + default=5, + ) + ) + + self._params = tuple(params) + + +class RoutingProfileOspfRedistribution(VersionedPanObject): + """OSPF redistribution profile + + Args: + name (str): The name of the profile + static (str): IPv4 static section + static_enable (bool): IPv4 static enabled + static_metric (int): IPv4 static metric value (1-65535) + static_metric_type (str): IPv4 static metric type (type-1, type-2) + connected (str): Connected section + connected_enable (bool): Connected enabled + connected_metric (int): Connected metric value (1-65535) + connected_metric_type (str): Connected metric type (type-1, type-2) + rip (str): RIPv2 section + rip_enable (bool): RIPv2 enabled + rip_metric (int): RIPv2 metric value (1-65535) + rip_metric_type (str): RIPv2 metric type (type-1, type-2) + bgp (str): BGP AFI IPv4 section + bgp_enable (bool): BGP AFI IPv4 enabled + bgp_metric (int): BGP AFI IPv4 metric value (1-65535) + bgp_metric_type (str): BGP AFI IPv4 metric type (type-1, type-2) + default_route (str): IPv4 Default Route section + default_route_always (bool): IPv4 Default Route always + default_route_enable (bool): IPv4 Default Route enabled + default_route_metric (int): IPv4 Default Route metric value (1-65535) + default_route_metric_type (str): IPv4 Default Route metric type (type-1, type-2) + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile( + value="/network/routing-profile/ospf/redistribution-profile" + ) + + params = [] + + params.append( + VersionedParamPath( + "static", + path="{static}", + values=("static"), + default=None, + ) + ) + params.append( + VersionedParamPath( + "static_enable", + path="{static}/enable", + condition={"static": "static"}, + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "static_metric", + path="{static}/metric", + condition={"static": "static"}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "static_metric_type", + path="{static}/metric-type", + condition={"static": "static"}, + default="type-2", + values=("type-1", "type-2"), + ) + ) + params.append( + VersionedParamPath( + "connected", + path="{connected}", + values=("connected"), + default=None, + ) + ) + params.append( + VersionedParamPath( + "connected_enable", + path="connected/enable", + condition={"connected": "connected"}, + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "connected_metric", + path="connected/metric", + condition={"connected": "connected"}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "connected_metric_type", + path="connected/metric-type", + condition={"connected": "connected"}, + default="type-2", + values=("type-1", "type-2"), + ) + ) + params.append( + VersionedParamPath( + "rip", + path="{rip}", + values=("rip"), + default=None, + ) + ) + params.append( + VersionedParamPath( + "rip_enable", + path="rip/enable", + condition={"rip": "rip"}, + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "rip_metric", + path="rip/metric", + condition={"rip": "rip"}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "rip_metric_type", + path="rip/metric-type", + condition={"rip": "rip"}, + default="type-2", + values=("type-1", "type-2"), + ) + ) + params.append( + VersionedParamPath( + "bgp", + path="{bgp}", + values=("bgp"), + default=None, + ) + ) + params.append( + VersionedParamPath( + "bgp_enable", + path="bgp/enable", + condition={"bgp": "bgp"}, + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "bgp_metric", + path="bgp/metric", + condition={"bgp": "bgp"}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "bgp_metric_type", + path="bgp/metric-type", + condition={"bgp": "bgp"}, + default="type-2", + values=("type-1", "type-2"), + ) + ) + params.append( + VersionedParamPath( + "default_route", + path="{default_route}", + values=("default-route"), + default=None, + ) + ) + params.append( + VersionedParamPath( + "default_route_always", + path="default-route/always", + condition={"default_route": "default-route"}, + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "default_route_enable", + path="default-route/enable", + condition={"default_route": "default-route"}, + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "default_route_metric", + path="default-route/metric", + condition={"default_route": "default-route"}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "default_route_metric_type", + path="default-route/metric-type", + condition={"default_route": "default-route"}, + default="type-2", + values=("type-1", "type-2"), + ) + ) + + self._params = tuple(params) + + +class RoutingProfileOspfv3Auth(VersionedPanObject): + """OSPFv3 authentication profile + + Args: + name (str): The name of the profile + spi (str): SPI for both inbound and outbound SA, hex format xxxxxxxx. + protocol (str): Protocol ESP or AH + esp_auth_type (str): ESP options - Authentication type + esp_auth_key (str): ESP options - Authentication key + esp_encrypt_algorithm (str): ESP options - Encryption algorithm + esp_encrypt_key (str): ESP options - Encryption key + ah_type (str): AH options - type + ah_key (str): AH options - key + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/network/routing-profile/ospfv3/auth-profile") + + params = [] + + params.append(VersionedParamPath("spi", path="spi")) + params.append( + VersionedParamPath( + "protocol", + path="{protocol}", + values=("esp", "ah"), + default="esp", + ) + ) + params.append( + VersionedParamPath( + "esp_auth_type", + path="{protocol}/authentication/{esp_auth_type}", + values=["md5", "sha1", "sha256", "sha384", "sha512"], + condition={"protocol": "esp"}, + ) + ) + params.append( + VersionedParamPath( + "esp_auth_key", + path="{protocol}/authentication/{esp_auth_type}/key", + condition={ + "protocol": "esp", + "esp_auth_type": ["md5", "sha1", "sha256", "sha384", "sha512"], + }, + ) + ) + params.append( + VersionedParamPath( + "esp_encrypt_algorithm", + path="{protocol}/encryption/algorithm", + values=["3des", "aes-128-cbc", "aes-192-cbc", "aes-256-cbc", "null"], + condition={"protocol": "esp"}, + ) + ) + params.append( + VersionedParamPath( + "esp_encrypt_key", + path="{protocol}/encryption/key", + condition={ + "protocol": "esp", + "esp_encrypt_algorithm": [ + "3des", + "aes-128-cbc", + "aes-192-cbc", + "aes-256-cbc", + "null", + ], + }, + ) + ) + params.append( + VersionedParamPath( + "ah_type", + path="{protocol}/{ah_type}", + values=["md5", "sha1", "sha256", "sha384", "sha512"], + condition={"protocol": "ah"}, + ) + ) + params.append( + VersionedParamPath( + "ah_key", + path="{protocol}/{ah_type}/key", + condition={ + "protocol": "ah", + "ah_type": ["md5", "sha1", "sha256", "sha384", "sha512"], + }, + ) + ) + + self._params = tuple(params) + + +class RoutingProfileOspfv3IfTimer(VersionedPanObject): + """OSPFv3 interface timer profile + + Args: + name (str): The name of the profile + hello_interval (int): Interval (in seconds) to send Hello packets + dead_counts (int): Number of lost hello packets to declare router down + retransmit_interval (int): Interval (in seconds) to retransmit LSAs + transit_delay (int): Estimated delay (in seconds) to transmit LSAs + gr_delay (int): Period (in seconds) used to send grace LSAs before first hello is sent when graceful restart starts + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile( + value="/network/routing-profile/ospfv3/if-timer-profile" + ) + + params = [] + + params.append( + VersionedParamPath( + "hello_interval", + path="hello-interval", + vartype="int", + default=10, + ) + ) + params.append( + VersionedParamPath( + "dead_counts", + path="dead-counts", + vartype="int", + default=4, + ) + ) + params.append( + VersionedParamPath( + "retransmit_interval", + path="retransmit-interval", + vartype="int", + default=5, + ) + ) + params.append( + VersionedParamPath( + "transit_delay", + path="transit-delay", + vartype="int", + default=1, + ) + ) + params.append( + VersionedParamPath( + "gr_delay", + path="gr-delay", + vartype="int", + default=10, + ) + ) + + self._params = tuple(params) + + +class RoutingProfileOspfv3SpfTimer(VersionedPanObject): + """OSPFv3 global timer profile + + Args: + name (str): The name of the profile + lsa_interval (int): The minimum time in seconds between distinct originations of any particular LSA + spf_calculation_delay (int): Delay in seconds before running the SPF algorithm + initial_hold_time (int): Initial hold time (second) between consecutive SPF calculations + max_hold_time (int): Maximum hold time (second) + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile( + value="/network/routing-profile/ospfv3/spf-timer-profile" + ) + + params = [] + + params.append( + VersionedParamPath( + "lsa_interval", + path="lsa-interval", + vartype="int", + default=5, + ) + ) + params.append( + VersionedParamPath( + "spf_calculation_delay", + path="spf-calculation-delay", + vartype="int", + default=5, + ) + ) + params.append( + VersionedParamPath( + "initial_hold_time", + path="initial-hold-time", + vartype="int", + default=5, + ) + ) + params.append( + VersionedParamPath( + "max_hold_time", + path="max-hold-time", + vartype="int", + default=5, + ) + ) + + self._params = tuple(params) + + +class RoutingProfileOspfv3Redistribution(VersionedPanObject): + """OSPFv3 redistribution profile + + Args: + name (str): The name of the profile + static (str): IPv4 static section + static_enable (bool): IPv4 static enabled + static_metric (int): IPv4 static metric value (1-65535) + static_metric_type (str): IPv4 static metric type (type-1, type-2) + connected (str): Connected section + connected_enable (bool): Connected enabled + connected_metric (int): Connected metric value (1-65535) + connected_metric_type (str): Connected metric type (type-1, type-2) + bgp (str): BGP AFI IPv4 section + bgp_enable (bool): BGP AFI IPv4 enabled + bgp_metric (int): BGP AFI IPv4 metric value (1-4294967295) + bgp_metric_type (str): BGP AFI IPv4 metric type (type-1, type-2) + default_route (str): IPv6 Default Route section + default_route_always (bool): IPv6 Default Route always + default_route_enable (bool): IPv6 Default Route enabled + default_route_metric (int): IPv6 Default Route metric value (1-4294967295) + default_route_metric_type (str): IPv6 Default Route metric type (type-1, type-2) + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile( + value="/network/routing-profile/ospfv3/redistribution-profile" + ) + + params = [] + + params.append( + VersionedParamPath( + "static", + path="{static}", + values=("static"), + default=None, + ) + ) + params.append( + VersionedParamPath( + "static_enable", + path="{static}/enable", + condition={"static": "static"}, + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "static_metric", + path="{static}/metric", + condition={"static": "static"}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "static_metric_type", + path="{static}/metric-type", + condition={"static": "static"}, + default="type-2", + values=("type-1", "type-2"), + ) + ) + params.append( + VersionedParamPath( + "connected", + path="{connected}", + values=("connected"), + default=None, + ) + ) + params.append( + VersionedParamPath( + "connected_enable", + path="connected/enable", + condition={"connected": "connected"}, + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "connected_metric", + path="connected/metric", + condition={"connected": "connected"}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "connected_metric_type", + path="connected/metric-type", + condition={"connected": "connected"}, + default="type-2", + values=("type-1", "type-2"), + ) + ) + params.append( + VersionedParamPath( + "bgp", + path="{bgp}", + values=("bgp"), + default=None, + ) + ) + params.append( + VersionedParamPath( + "bgp_enable", + path="bgp/enable", + condition={"bgp": "bgp"}, + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "bgp_metric", + path="bgp/metric", + condition={"bgp": "bgp"}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "bgp_metric_type", + path="bgp/metric-type", + condition={"bgp": "bgp"}, + default="type-2", + values=("type-1", "type-2"), + ) + ) + params.append( + VersionedParamPath( + "default_route", + path="{default_route}", + values=("default-route"), + default=None, + ) + ) + params.append( + VersionedParamPath( + "default_route_always", + path="default-route/always", + condition={"default_route": "default-route"}, + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "default_route_enable", + path="default-route/enable", + condition={"default_route": "default-route"}, + default=True, + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "default_route_metric", + path="default-route/metric", + condition={"default_route": "default-route"}, + vartype="int", + ) + ) + params.append( + VersionedParamPath( + "default_route_metric_type", + path="default-route/metric-type", + condition={"default_route": "default-route"}, + default="type-2", + values=("type-1", "type-2"), + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterAccessList(VersionedPanObject): + """Filter Access List + + Args: + name (str): The name of the access list + description (str): Description of the access list + type (str): IPv4 or IPv6 + """ + + SUFFIX = ENTRY + + CHILDTYPES = ( + "network.RoutingProfileFilterAccessListEntryIpv4", + "network.RoutingProfileFilterAccessListEntryIpv6", + ) + + def _setup(self): + self._xpaths.add_profile(value="/network/routing-profile/filters/access-list") + + params = [] + + params.append(VersionedParamPath("description", path="description")) + params.append( + VersionedParamPath( + "type", + path="type/{type}", + default="ipv4", + values=("ipv4", "ipv6"), + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterAccessListEntryIpv4(VersionedPanObject): + """Filter Access List - IPv4 entry + + Args: + name (str): The name of the entry + action (str): Deny or permit action + source_address_type (str): IPv4 Access-List Source Address (none, any, address) + source_address (str): IPv4 Source Address + source_wildcard (str): IPv4 Source Wildcard + destination_address_type (str): IPv4 Access-List Destination Address (none, any, address) + destination_address (str): IPv4 Destination Address + destination_wildcard (str): IPv4 Destination Wildcard + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/type/ipv4/ipv4-entry") + + params = [] + + params.append( + VersionedParamPath( + "action", + path="action", + default="deny", + values=("deny", "permit"), + ) + ) + params.append( + VersionedParamPath( + "source_address_type", + path="source-address/address", + condition={"source_address_type": "any"}, + ) + ) + params.append( + VersionedParamPath( + "source_address", + path="source-address/entry/address", + condition={"source_address_type": "address"}, + ) + ) + params.append( + VersionedParamPath( + "source_wildcard", + path="source-address/entry/wildcard", + condition={"source_address_type": "address"}, + ) + ) + params.append( + VersionedParamPath( + "destination_address_type", + path="destination-address/address", + condition={"destination_address_type": "any"}, + ) + ) + params.append( + VersionedParamPath( + "destination_address", + path="destination-address/entry/address", + condition={"destination_address_type": "address"}, + ) + ) + params.append( + VersionedParamPath( + "destination_wildcard", + path="destination-address/entry/wildcard", + condition={"destination_address_type": "address"}, + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterAccessListEntryIpv6(VersionedPanObject): + """Filter Access List - IPv6 entry + + Args: + name (str): The name of the entry + action (str): Deny or permit action + source_address_type (str): IPv6 Access-List Source Address (none, any, address) + source_address (str): IPv6 Source Address + source_exact_match (bool): Exact Match of this address + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/type/ipv6/ipv6-entry") + + params = [] + + params.append( + VersionedParamPath( + "action", + path="action", + default="deny", + values=("deny", "permit"), + ) + ) + params.append( + VersionedParamPath( + "source_address_type", + path="source-address/address", + condition={"source_address_type": "any"}, + ) + ) + params.append( + VersionedParamPath( + "source_address", + path="source-address/entry/address", + condition={"source_address_type": "address"}, + ) + ) + params.append( + VersionedParamPath( + "source_exact_match", + path="source-address/entry/exact-match", + condition={"source_address_type": "address"}, + default=False, + vartype="yesno", + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterPrefixList(VersionedPanObject): + """Filter Prefix List + + Args: + name (str): The name of the prefix list + description (str): Description of the prefix list + type (str): IPv4 or IPv6 + """ + + SUFFIX = ENTRY + + CHILDTYPES = ( + "network.RoutingProfileFilterPrefixListEntryIpv4", + "network.RoutingProfileFilterPrefixListEntryIpv6", + ) + + def _setup(self): + self._xpaths.add_profile(value="/network/routing-profile/filters/prefix-list") + + params = [] + + params.append(VersionedParamPath("description", path="description")) + params.append( + VersionedParamPath( + "type", + path="type/{type}", + default="ipv4", + values=("ipv4", "ipv6"), + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterPrefixListEntryIpv4(VersionedPanObject): + """Filter Prefix List - IPv4 entry + + Args: + name (str): The name of the entry + action (str): Deny or permit action + prefix (str): IPv4 prefix list network (none, any, network) + network (str): IPv4 prefix + greater_than_or_equal (int): Maximum Prefix length to be matched + less_than_or_equal (int): Minimum Prefix length to be matched + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/type/ipv4/ipv4-entry") + + params = [] + + params.append( + VersionedParamPath( + "action", + path="action", + default="deny", + values=("deny", "permit"), + ) + ) + params.append( + VersionedParamPath( + "prefix", + path="prefix/network", + condition={"prefix": "any"}, + ) + ) + params.append( + VersionedParamPath( + "network", + path="prefix/entry/network", + condition={"prefix": "network"}, + ) + ) + params.append( + VersionedParamPath( + "greater_than_or_equal", + path="prefix/entry/greater-than-or-equal", + condition={"prefix": "network"}, + ) + ) + params.append( + VersionedParamPath( + "less_than_or_equal", + path="prefix/entry/less-than-or-equal", + condition={"prefix": "network"}, + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterPrefixListEntryIpv6(VersionedPanObject): + """Filter Prefix List - IPv6 entry + + Args: + name (str): The name of the entry + action (str): Deny or permit action + prefix (str): IPv4 prefix list network (none, any, network) + network (str): IPv4 prefix + greater_than_or_equal (int): Maximum Prefix length to be matched + less_than_or_equal (int): Minimum Prefix length to be matched + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/type/ipv6/ipv6-entry") + + params = [] + + params.append( + VersionedParamPath( + "action", + path="action", + default="deny", + values=("deny", "permit"), + ) + ) + params.append( + VersionedParamPath( + "prefix", + path="prefix/network", + condition={"prefix": "any"}, + ) + ) + params.append( + VersionedParamPath( + "network", + path="prefix/entry/network", + condition={"prefix": "network"}, + ) + ) + params.append( + VersionedParamPath( + "greater_than_or_equal", + path="prefix/entry/greater-than-or-equal", + condition={"prefix": "network"}, + ) + ) + params.append( + VersionedParamPath( + "less_than_or_equal", + path="prefix/entry/less-than-or-equal", + condition={"prefix": "network"}, + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterAsPathAccessList(VersionedPanObject): + """Filter AS-Path Access List + + Args: + name (str): The name of the profile + description (str): Description of the AS path access list + """ + + SUFFIX = ENTRY + + CHILDTYPES = ("network.RoutingProfileFilterAsPathAccessListEntry",) + + def _setup(self): + self._xpaths.add_profile( + value="/network/routing-profile/filters/as-path-access-list" + ) + + params = [] + + params.append(VersionedParamPath("description", path="description")) + + self._params = tuple(params) + + +class RoutingProfileFilterAsPathAccessListEntry(VersionedPanObject): + """Filter AS-Path Access List - entry + + Args: + name (str): The name of the AS-Path access list + action (str): Deny or permit action + aspath_regex (str): Regular-expression (1234567890_^|[,{}()]$*+.?-\) to match the BGP AS path + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/aspath-entry") + + params = [] + + params.append( + VersionedParamPath( + "action", + path="action", + default="deny", + values=("deny", "permit"), + ) + ) + params.append( + VersionedParamPath( + "aspath_regex", + path="aspath-regex", + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterCommunityList(VersionedPanObject): + """Filter Community List + + Args: + name (str): The name of the community list + description (str): Description of the community list + type (str): Community list entries type + """ + + SUFFIX = ENTRY + + CHILDTYPES = ( + "network.RoutingProfileFilterCommunityListEntryRegular", + "network.RoutingProfileFilterCommunityListEntryLarge", + "network.RoutingProfileFilterCommunityListEntryExtended", + ) + + def _setup(self): + self._xpaths.add_profile( + value="/network/routing-profile/filters/community-list" + ) + + params = [] + + params.append(VersionedParamPath("description", path="description")) + params.append( + VersionedParamPath( + "type", + path="type/{type}", + default="regular", + values=("regular", "large", "extended"), + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterCommunityListEntryRegular(VersionedPanObject): + """Filter Community List - regular entry + + Args: + name (str): The name of the entry + action (str): Permit or Deny (default) this Regular Community-List Entry + community(list): Specify Community either using number in AA:NN format (where AA and NN are between (0-65535)) or pre-defined value + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/type/regular/regular-entry") + + params = [] + + params.append( + VersionedParamPath( + "action", + path="action", + default="deny", + values=("deny", "permit"), + ) + ) + params.append( + VersionedParamPath( + "community", + path="community", + vartype="member", + values=( + "blackhole", + "no-peer", + "graceful-shutdown", + "accept-own", + "local-as", + "route-filter-v4", + "route-filter-v6", + "no-advertise", + "no-export", + "internet", + ), + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterCommunityListEntryLarge(VersionedPanObject): + """Filter Community List - large entry + + Args: + name (str): The name of the entry + action (str): Permit or Deny (default) this Large Community-List Entry + lc_regex(list): Specify Large Community regular expression format {regex1:regex2:regex3} + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/type/large/large-entry") + + params = [] + + params.append( + VersionedParamPath( + "action", + path="action", + default="deny", + values=("deny", "permit"), + ) + ) + params.append( + VersionedParamPath( + "lc_regex", + path="lc-regex", + vartype="member", + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterCommunityListEntryExtended(VersionedPanObject): + """Filter Community List - extended entry + + Args: + name (str): The name of the entry + action (str): Permit or Deny (default) this Extended Community-List Entry + ec_regex(list): Specify Extended Community regular expression format {regex1:regex2} + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/type/extended/extended-entry") + + params = [] + + params.append( + VersionedParamPath( + "action", + path="action", + default="deny", + values=("deny", "permit"), + ) + ) + params.append( + VersionedParamPath( + "ec_regex", + path="ec-regex", + vartype="member", + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterRouteMaps(VersionedPanObject): + """Filter BGP Route-Maps + + Args: + name (str): The name of BGP route map + description (str): BGP route map description + """ + + SUFFIX = ENTRY + + CHILDTYPES = ("network.RoutingProfileFilterRouteMapsEntry",) + + def _setup(self): + self._xpaths.add_profile( + value="/network/routing-profile/filters/route-maps/bgp/bgp-entry" + ) + + params = [] + + params.append(VersionedParamPath("description", path="description")) + + self._params = tuple(params) + + +class RoutingProfileFilterRouteMapsEntry(VersionedPanObject): + """Filter BGP Route-Maps - entry + + Args: + name (str): The name of the entry + action (str): Permit or Deny (default) route map + description (str): Description of route map + match_as_path_access_list (str): AS Path Access List Name + match_regular_community (str): Regular Community Name + match_large_community (str): Large Community Name + match_extended_community (str): Extended Community Name + match_interface (str): Match Interface of the route + match_origin (str): Match origin + match_metric (str): Match Metric (BGP MED) of route + match_tag (str): Match Tag of route + match_local_preference (str): "Match Local Preference of route + match_peer (str): Match Peer Address + match_ipv4_address_access_list (str): Match IPv4 Route - Route Access-List + match_ipv4_address_prefix_list (str): Match IPv4 Route - Route Prefix-List + match_ipv4_next_hop_access_list (str): Match IPv4 Next-Hop of Route - Access-List + match_ipv4_next_hop_prefix_list (str): Match IPv4 Next-Hop of Route - Prefix-List + match_ipv4_route_source_access_list (str): Match IPv4 Advertising Source Address of route - Access-List + match_ipv4_route_source_prefix_list (str): Match IPv4 Advertising Source Address of route - Prefix-List + match_ipv6_address_access_list (str): Match IPv6 Route - Route Access-List + match_ipv6_address_prefix_list (str): Match IPv6 Route - Route Prefix-List + match_ipv6_next_hop_access_list (str): Match IPv6 Next-Hop of Route - Access-List + match_ipv6_next_hop_prefix_list (str): Match IPv6 Next-Hop of Route - Prefix-List + set_aggregator_as (str): Set Aggregator AS Number + set_aggregator_router_id (str): Set Aggregator Router ID + set_tag (str): Set Tag of route + set_local_preference (str): Set Local Preference of route + set_weight (str): Set BGP weight of the route + set_origin (str): Set BGP origin + set_atomic_aggregate (bool): Enable BGP atomic aggregate + set_metric_action (str): Set Metric action + set_metric_value (str): Set Metric value (BGP MED) of route + set_originator_id (str): Set BGP Originator Id + set_ipv4_source_address (str): Source IPv4 Address + set_ipv4_next_hop (str): IPv4 Next-Hop Address + set_ipv6_source_address (str): Source IPv6 Address + set_ipv6_next_hop (str): IPv6 Next-Hop Address + set_ipv6_next_hop_prefer_global (bool): IPv6 Nexthop Prefer Global Address + set_overwrite_regular_community (bool): If enabled, set community will overwite existing communities, instead of appending + set_overwrite_large_community (bool): If enabled, set community will overwite existing large communities, instead of appending + set_remove_regular_community (str): Remove Regular Community Name + set_remove_large_community (str): Remove Large Community Name + set_aspath_exclude (list): Remove BGP AS-Path Attribute + set_aspath_prepend (list): Prepend BGP AS-Path Attribute + set_regular_community (list): Regular Community either using number in AA:NN format (where AA and NN are between (0-65535)) or pre-defined value + set_large_community (list): Large Community in AA:BB:CC format (where AA, BB and CC are between (0-4294967295)) + """ + + SUFFIX = ENTRY + + def _setup(self): + self._xpaths.add_profile(value="/route-map") + + params = [] + + params.append( + VersionedParamPath( + "action", + path="action", + default="deny", + values=("deny", "permit"), + ) + ) + params.append(VersionedParamPath("description", path="description")) + params.append( + VersionedParamPath( + "match_as_path_access_list", path="match/as-path-access-list" + ) + ) + params.append( + VersionedParamPath( + "match_regular_community", path="match/regular-community" + ) + ) + params.append( + VersionedParamPath("match_large_community", path="match/large-community") + ) + params.append( + VersionedParamPath( + "match_extended_community", path="match/extended-community" + ) + ) + params.append(VersionedParamPath("match_interface", path="match/interface")) + params.append(VersionedParamPath("match_origin", path="match/origin")) + params.append(VersionedParamPath("match_metric", path="match/metric")) + params.append(VersionedParamPath("match_tag", path="match/tag")) + params.append( + VersionedParamPath("match_local_preference", path="match/local-preference") + ) + params.append(VersionedParamPath("match_peer", path="match/peer")) + params.append( + VersionedParamPath( + "match_ipv4_address_access_list", + path="match/ipv4/address/access-list", + ) + ) + params.append( + VersionedParamPath( + "match_ipv4_address_prefix_list", + path="match/ipv4/address/prefix-list", + ) + ) + params.append( + VersionedParamPath( + "match_ipv4_next_hop_access_list", + path="match/ipv4/next-hop/access-list", + ) + ) + params.append( + VersionedParamPath( + "match_ipv4_next_hop_prefix_list", + path="match/ipv4/next-hop/prefix-list", + ) + ) + params.append( + VersionedParamPath( + "match_ipv4_route_source_access_list", + path="match/ipv4/route-source/access-list", + ) + ) + params.append( + VersionedParamPath( + "match_ipv4_route_source_prefix_list", + path="match/ipv4/route-source/prefix-list", + ) + ) + params.append( + VersionedParamPath( + "match_ipv6_address_access_list", + path="match/ipv6/address/access-list", + ) + ) + params.append( + VersionedParamPath( + "match_ipv6_address_prefix_list", + path="match/ipv6/address/prefix-list", + ) + ) + params.append( + VersionedParamPath( + "match_ipv6_next_hop_access_list", + path="match/ipv6/next-hop/access-list", + ) + ) + params.append( + VersionedParamPath( + "match_ipv6_next_hop_prefix_list", + path="match/ipv6/next-hop/prefix-list", + ) + ) + params.append(VersionedParamPath("set_aggregator_as", path="set/aggregator/as")) + params.append( + VersionedParamPath( + "set_aggregator_router_id", path="set/aggregator/router-id" + ) + ) + params.append(VersionedParamPath("set_tag", path="set/tag")) + params.append( + VersionedParamPath("set_local_preference", path="set/local-preference") + ) + params.append(VersionedParamPath("set_weight", path="set/weight")) + params.append(VersionedParamPath("set_origin", path="set/origin")) + params.append( + VersionedParamPath( + "set_atomic_aggregate", + path="set/atomic-aggregate", + vartype="yesno", + ) + ) + params.append(VersionedParamPath("set_metric_action", path="set/metric/action")) + params.append(VersionedParamPath("set_metric_value", path="set/metric/value")) + params.append(VersionedParamPath("set_originator_id", path="set/originator-id")) + params.append( + VersionedParamPath( + "set_ipv4_source_address", path="set/ipv4/source-address" + ) + ) + params.append(VersionedParamPath("set_ipv4_next_hop", path="set/ipv4/next-hop")) + params.append( + VersionedParamPath( + "set_ipv6_source_address", path="set/ipv6/source-address" + ) + ) + params.append(VersionedParamPath("set_ipv6_next_hop", path="set/ipv6/next-hop")) + params.append( + VersionedParamPath( + "set_ipv6_next_hop_prefer_global", + path="set/ipv6-nexthop-prefer-global", + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "set_overwrite_regular_community", + path="set/overwrite-regular-community", + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "set_overwrite_large_community", + path="set/overwrite-large-community", + vartype="yesno", + ) + ) + params.append( + VersionedParamPath( + "set_remove_regular_community", path="set/remove-regular-community" + ) + ) + params.append( + VersionedParamPath( + "set_remove_large_community", path="set/remove-large-community" + ) + ) + params.append( + VersionedParamPath( + "set_aspath_exclude", path="set/aspath-exclude", vartype="member" + ) + ) + params.append( + VersionedParamPath( + "set_aspath_prepend", path="set/aspath-prepend", vartype="member" + ) + ) + params.append( + VersionedParamPath( + "set_regular_community", + path="set/regular-community", + vartype="member", + values=( + "blackhole", + "no-peer", + "graceful-shutdown", + "accept-own", + "local-as", + "route-filter-v4", + "route-filter-v6", + "no-advertise", + "no-export", + "internet", + ), + ) + ) + params.append( + VersionedParamPath( + "set_large_community", path="set/large-community", vartype="member" + ) + ) + + self._params = tuple(params) + + +class RoutingProfileFilterRouteMapsRedistribution(VersionedPanObject): + """Filter BGP Route-Maps Redistribution + + Args: + name (str): The name of BGP route map redistribution + description (str): BGP route map description redistribution + """ + + SUFFIX = ENTRY + + CHILDTYPES = ("network.RoutingProfileFilterRouteMapsEntry",) + + def _setup(self): + self._xpaths.add_profile( + value="/network/routing-profile/filters/route-maps/redistribution/redist-entry" + ) + + params = [] + + params.append(VersionedParamPath("description", path="description")) + + ### TODO: implement routing-profile -> filters -> route-maps -> redistribution -> redist -> from-protocol, to-protocol e.g. + # + # + # + # + # + # + # type-2 + # + # deny + # + # + # + # + # + + self._params = tuple(params) diff --git a/panos/panorama.py b/panos/panorama.py index 1a876a5e..64600ecf 100644 --- a/panos/panorama.py +++ b/panos/panorama.py @@ -183,6 +183,8 @@ class Template(VersionedPanObject): "network.VlanInterface", "network.Vlan", "network.VirtualRouter", + "network.LogicalRouter", + "network.Vrf", "network.ManagementProfile", "network.VirtualWire", "network.IkeGateway", @@ -271,6 +273,8 @@ class TemplateStack(VersionedPanObject): "network.VlanInterface", "network.Vlan", "network.VirtualRouter", + "network.LogicalRouter", + "network.Vrf", "network.ManagementProfile", "network.VirtualWire", "network.IkeGateway", diff --git a/tests/live/test_network.py b/tests/live/test_network.py index f3f3ba69..52bab2a1 100644 --- a/tests/live/test_network.py +++ b/tests/live/test_network.py @@ -1,6 +1,6 @@ import random -from panos import network +from panos import device, network from tests.live import testlib @@ -1645,6 +1645,897 @@ def update_state_obj(self, fw, state): state.obj.enable = False +class TestAreEnableAdvancedRoutingEngine(testlib.FwFlow): + def setup_state_obj(self, fw, state): + advanced_routing_engine = device.AdvancedRoutingEngine(enable=True) + state.obj = advanced_routing_engine + fw.add(state.obj) + + +class TestAreLogicalRouter(testlib.FwFlow): + def create_dependencies(self, fw, state): + state.advanced_routing_engine_obj = device.AdvancedRoutingEngine(enable=True) + fw.add(state.advanced_routing_engine_obj) + state.advanced_routing_engine_obj.create() + + state.eth_obj = None + state.eth = testlib.get_available_interfaces(fw)[0] + + state.eth_obj = network.EthernetInterface( + state.eth, "layer3", testlib.random_ip("/24") + ) + fw.add(state.eth_obj) + state.eth_obj.create() + + def setup_state_obj(self, fw, state): + vrf = network.Vrf( + "default", + interface=state.eth, + ad_static=random.randint(10, 240), + ad_static_ipv6=random.randint(10, 240), + ad_ospf_inter=random.randint(10, 240), + ad_ospf_intra=random.randint(10, 240), + ad_ospf_ext=random.randint(10, 240), + ad_ospfv3_inter=random.randint(10, 240), + ad_ospfv3_intra=random.randint(10, 240), + ad_ospfv3_ext=random.randint(10, 240), + ad_bgp_internal=random.randint(10, 240), + ad_bgp_external=random.randint(10, 240), + ad_bgp_local=random.randint(10, 240), + ad_rip=random.randint(10, 240), + bgp_enable=True, + bgp_router_id="11.22.33.44", + bgp_local_as=64512, + bgp_install_route=True, + ) + lr = network.LogicalRouter(testlib.random_name()) + lr.add(vrf) + state.obj = lr + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.ad_static = random.randint(10, 240) + state.obj.ad_rip = random.randint(10, 240) + + def cleanup_dependencies(self, fw, state): + try: + state.eth_obj.delete() + state.advanced_routing_engine_obj.delete() + except Exception: + pass + + +class MakeLogicalRouter(testlib.FwFlow): + WITH_OSPF = False + WITH_BGP = False + + def create_dependencies(self, fw, state): + state.advanced_routing_engine_obj = device.AdvancedRoutingEngine(enable=True) + fw.add(state.advanced_routing_engine_obj) + state.advanced_routing_engine_obj.create() + + state.eths = testlib.get_available_interfaces(fw, 2) + + state.eth_obj_v4 = network.EthernetInterface( + state.eths[0], "layer3", testlib.random_ip("/24") + ) + fw.add(state.eth_obj_v4) + + state.eth_obj_v6 = network.EthernetInterface( + state.eths[1], "layer3", ipv6_enabled=True + ) + fw.add(state.eth_obj_v6) + + state.eth_obj_v4.create_similar() + + if self.WITH_BGP: + state.bgp_local_as = random.randint(64500, 64550) + state.vrf = network.Vrf( + "default", + interface=[state.eth_obj_v4, state.eth_obj_v6], + ad_static=random.randint(10, 240), + ad_static_ipv6=random.randint(10, 240), + ad_ospf_inter=random.randint(10, 240), + ad_ospf_intra=random.randint(10, 240), + ad_ospf_ext=random.randint(10, 240), + ad_ospfv3_inter=random.randint(10, 240), + ad_ospfv3_intra=random.randint(10, 240), + ad_ospfv3_ext=random.randint(10, 240), + ad_bgp_internal=random.randint(10, 240), + ad_bgp_external=random.randint(10, 240), + ad_bgp_local=random.randint(10, 240), + ad_rip=random.randint(10, 240), + bgp_enable=True, + bgp_router_id=testlib.random_ip(), + bgp_local_as=state.bgp_local_as, + bgp_install_route=True, + ) + elif self.WITH_OSPF: + state.vrf = network.Vrf( + "default", + interface=[state.eth_obj_v4, state.eth_obj_v6], + ad_static=random.randint(10, 240), + ad_static_ipv6=random.randint(10, 240), + ad_ospf_inter=random.randint(10, 240), + ad_ospf_intra=random.randint(10, 240), + ad_ospf_ext=random.randint(10, 240), + ad_ospfv3_inter=random.randint(10, 240), + ad_ospfv3_intra=random.randint(10, 240), + ad_ospfv3_ext=random.randint(10, 240), + ad_bgp_internal=random.randint(10, 240), + ad_bgp_external=random.randint(10, 240), + ad_bgp_local=random.randint(10, 240), + ad_rip=random.randint(10, 240), + ospf_enable=True, + ospf_router_id=testlib.random_ip(), + ospfv3_enable=True, + ospfv3_router_id=testlib.random_ip(), + ) + else: + state.vrf = network.Vrf( + "default", + interface=[state.eth_obj_v4, state.eth_obj_v6], + ad_static=random.randint(10, 240), + ad_static_ipv6=random.randint(10, 240), + ad_ospf_inter=random.randint(10, 240), + ad_ospf_intra=random.randint(10, 240), + ad_ospf_ext=random.randint(10, 240), + ad_ospfv3_inter=random.randint(10, 240), + ad_ospfv3_intra=random.randint(10, 240), + ad_ospfv3_ext=random.randint(10, 240), + ad_bgp_internal=random.randint(10, 240), + ad_bgp_external=random.randint(10, 240), + ad_bgp_local=random.randint(10, 240), + ad_rip=random.randint(10, 240), + ) + state.lr = network.LogicalRouter(testlib.random_name()) + state.lr.add(state.vrf) + fw.add(state.lr) + state.lr.create() + + if self.WITH_BGP: + state.bgp_address_family_ipv4_name = testlib.random_name() + state.bgp_address_family_ipv4 = network.RoutingProfileBgpAddressFamily( + state.bgp_address_family_ipv4_name, + afi="ipv4", + unicast_enable=True, + unicast_soft_reconfig_with_stored_info=True, + unicast_add_path_tx_all_paths=True, + unicast_add_path_tx_bestpath_per_as=True, + unicast_as_override=True, + unicast_route_reflector_client=True, + unicast_default_originate=True, + unicast_allowas_in="occurrence", + unicast_allowas_in_occurrence=10, + unicast_maximum_prefix_num_prefixes=900, + unicast_maximum_prefix_threshold=60, + unicast_maximum_prefix_action="restart", + unicast_maximum_prefix_action_restart_interval=15, + unicast_next_hop="self", + unicast_remove_private_as="all", + unicast_send_community="both", + unicast_orf="none", + multicast_enable=False, + multicast_soft_reconfig_with_stored_info=False, + multicast_add_path_tx_all_paths=False, + multicast_add_path_tx_bestpath_per_as=False, + multicast_as_override=False, + multicast_route_reflector_client=False, + multicast_default_originate=False, + multicast_allowas_in="origin", + multicast_maximum_prefix_num_prefixes=800, + multicast_maximum_prefix_threshold=50, + multicast_maximum_prefix_action="warning-only", + multicast_next_hop="self-force", + multicast_remove_private_as="replace-AS", + multicast_send_community="extended", + multicast_orf="receive", + ) + fw.add(state.bgp_address_family_ipv4) + state.bgp_address_family_ipv4.create() + + def cleanup_dependencies(self, fw, state): + try: + state.lr.delete() + state.bgp_address_family_ipv4.delete() + except Exception: + pass + + try: + state.eth_obj_v4.delete_similar() + state.eth_obj_v6.delete_similar() + state.advanced_routing_engine_obj.delete() + except Exception: + pass + + +class TestAreVrfStaticRoute(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.VrfStaticRoute( + name=testlib.random_name(), + destination=testlib.random_netmask(), + nexthop_type="ip-address", + nexthop=testlib.random_ip(), + interface=state.eths[0], + admin_dist="10", + metric="1", + ) + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.destination = testlib.random_netmask() + + +class TestAreVrfStaticRouteV6(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.VrfStaticRouteV6( + name=testlib.random_name(), + destination="2001:db9:abcd:0012::0/64", + nexthop_type="ipv6-address", + nexthop=testlib.random_ipv6(), + interface=state.eths[1], + admin_dist="10", + metric="1", + ) + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.nexthop = testlib.random_ipv6() + + +class TestAreVrfBgpPeerGroup(MakeLogicalRouter): + WITH_BGP = True + + def setup_state_obj(self, fw, state): + state.obj = network.VrfBgpPeerGroup( + name=testlib.random_name(), + enable=True, + address_family_ipv4=state.bgp_address_family_ipv4_name, + ) + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.enable = False + + +class TestAreVrfBgpPeer(MakeLogicalRouter): + WITH_BGP = True + + def setup_state_obj(self, fw, state): + state.obj = network.VrfBgpPeerGroup( + name=testlib.random_name(), + enable=True, + type="ibgp", + address_family_ipv4=state.bgp_address_family_ipv4_name, + ) + state.bgp_peer = network.VrfBgpPeer( + name=testlib.random_name(), + peer_as=state.bgp_local_as, + local_address_interface=state.eths[0], + peer_address_type="fqdn", + peer_address_value="peer-test.example.com", + ) + state.obj.add(state.bgp_peer) + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.bgp_peer.peer_address_value = "changed-peer-test.example.com" + + +class TestAreVrfEcmpInterfaceWeight(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.VrfEcmpInterfaceWeight( + state.eths[0], weight=random.randint(100, 200) + ) + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.weight = random.randint(100, 200) + + +class TestAreRoutingProfileBfd(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileBfd( + name=testlib.random_name(), + mode="passive", + min_tx_interval=random.randint(300, 400), + min_received_ttl=random.randint(100, 200), + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.min_tx_interval = random.randint(300, 400) + + +class TestAreRoutingProfileBgpAuth(MakeLogicalRouter): + WITH_BGP = True + + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileBgpAuth( + name=testlib.random_name(), + secret=testlib.random_name(), + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.secret = testlib.random_name() + + +class TestAreRoutingProfileBgpTimer(MakeLogicalRouter): + WITH_BGP = True + + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileBgpTimer( + testlib.random_name(), + keep_alive_interval=random.randint(1, 60), + hold_time=random.randint(100, 150), + reconnect_retry_interval=random.randint(10, 60), + open_delay_time=random.randint(10, 60), + min_route_adv_interval=random.randint(10, 60), + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.hold_time = random.randint(100, 150) + + +class TestAreRoutingProfileBgpAddressFamily(MakeLogicalRouter): + WITH_BGP = True + + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileBgpAddressFamily( + testlib.random_name(), + afi="ipv4", + unicast_enable=True, + unicast_soft_reconfig_with_stored_info=True, + unicast_add_path_tx_all_paths=True, + unicast_add_path_tx_bestpath_per_as=True, + unicast_as_override=True, + unicast_route_reflector_client=True, + unicast_default_originate=True, + unicast_allowas_in="occurrence", + unicast_allowas_in_occurrence=random.randint(1, 10), + unicast_maximum_prefix_num_prefixes=random.randint(700, 900), + unicast_maximum_prefix_threshold=random.randint(10, 60), + unicast_maximum_prefix_action="restart", + unicast_maximum_prefix_action_restart_interval=random.randint(10, 60), + unicast_next_hop="self", + unicast_remove_private_as="all", + unicast_send_community="both", + unicast_orf="none", + multicast_enable=False, + multicast_soft_reconfig_with_stored_info=False, + multicast_add_path_tx_all_paths=False, + multicast_add_path_tx_bestpath_per_as=False, + multicast_as_override=False, + multicast_route_reflector_client=False, + multicast_default_originate=False, + multicast_allowas_in="origin", + multicast_maximum_prefix_num_prefixes=random.randint(700, 900), + multicast_maximum_prefix_threshold=random.randint(10, 60), + multicast_maximum_prefix_action="warning-only", + multicast_next_hop="self-force", + multicast_remove_private_as="replace-AS", + multicast_send_community="extended", + multicast_orf="receive", + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.unicast_allowas_in_occurrence = random.randint(1, 10) + + +class TestAreRoutingProfileBgpDampening(MakeLogicalRouter): + WITH_BGP = True + + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileBgpDampening( + testlib.random_name(), + half_life=random.randint(10, 45), + reuse_limit=random.randint(700, 900), + suppress_limit=random.randint(1000, 2000), + max_suppress_limit=random.randint(10, 60), + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.reuse_limit = random.randint(700, 900) + + +class TestAreRoutingProfileBgpRedistribution(MakeLogicalRouter): + WITH_BGP = True + + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileBgpRedistribution( + testlib.random_name(), + static_enable=True, + static_metric=random.randint(65300, 65500), + connected_enable=True, + connected_metric=random.randint(100, 120), + ospf_enable=True, + ospf_metric=random.randint(47000, 50000), + rip_enable=True, + rip_metric=random.randint(12000, 15000), + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.static_metric = random.randint(65300, 65500) + + +class TestAreRoutingProfileBgpFiltering(MakeLogicalRouter): + WITH_BGP = True + + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileBgpFiltering( + testlib.random_name(), description="IPv4 profile" + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.description = "Updated IPv4 profile" + + +class TestAreVrfOspfArea(MakeLogicalRouter): + WITH_OSPF = True + + def setup_state_obj(self, fw, state): + state.obj = network.VrfOspfArea(testlib.random_ip(), type="normal") + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.type = "stub" + + +class TestAreVrfOspfAreaRange(MakeLogicalRouter): + WITH_OSPF = True + + def setup_state_obj(self, fw, state): + state.ospf_area_range = network.VrfOspfAreaRange( + testlib.random_netmask(), + substitute=testlib.random_netmask(), + advertise="false", + ) + state.obj = network.VrfOspfArea(testlib.random_ip(), type="normal") + state.obj.add(state.ospf_area_range) + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.ospf_area_range.substitute = testlib.random_netmask() + + +class TestAreVrfOspfAreaInterface(MakeLogicalRouter): + WITH_OSPF = True + + def setup_state_obj(self, fw, state): + state.ospf_area_interface = network.VrfOspfAreaInterface( + state.eths[0], + metric=random.randint(10, 50), + mtu_ignore=True, + passive=True, + priority=2, + ) + state.obj = network.VrfOspfArea(testlib.random_ip(), type="normal") + state.obj.add(state.ospf_area_interface) + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.ospf_area_interface.metric = random.randint(10, 50) + + +class TestAreVrfOspfAreaVirtualLink(MakeLogicalRouter): + WITH_OSPF = True + + def setup_state_obj(self, fw, state): + state.ospf_area_id = testlib.random_ip() + state.ospf_are_virtual_link = network.VrfOspfAreaVirtualLink( + testlib.random_name(), + enable=True, + neighbor_id=testlib.random_ip(), + transit_area_id=state.ospf_area_id, + ) + state.obj = network.VrfOspfArea(state.ospf_area_id, type="normal") + state.obj.add(state.ospf_are_virtual_link) + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.ospf_are_virtual_link.neighbor_id = testlib.random_ip() + + +class TestAreVrfOspfv3Area(MakeLogicalRouter): + WITH_OSPF = True + + def setup_state_obj(self, fw, state): + state.obj = network.VrfOspfv3Area(testlib.random_ip(), type="normal") + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.type = "stub" + + +class TestAreVrfOspfv3AreaRange(MakeLogicalRouter): + WITH_OSPF = True + + def setup_state_obj(self, fw, state): + state.ospf_area_range = network.VrfOspfv3AreaRange( + testlib.random_ipv6(ending="/64"), + substitute=testlib.random_ipv6(ending="/64"), + advertise="false", + ) + state.obj = network.VrfOspfv3Area(testlib.random_ip(), type="normal") + state.obj.add(state.ospf_area_range) + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.ospf_area_range.substitute = testlib.random_netmask() + + +class TestAreVrfOspfv3AreaInterface(MakeLogicalRouter): + WITH_OSPF = True + + def setup_state_obj(self, fw, state): + state.ospf_area_interface = network.VrfOspfv3AreaInterface( + state.eths[1], + metric=random.randint(10, 50), + mtu_ignore=True, + passive=True, + priority=2, + ) + state.obj = network.VrfOspfv3Area(testlib.random_ip(), type="normal") + state.obj.add(state.ospf_area_interface) + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.ospf_area_interface.metric = random.randint(10, 50) + + +class TestAreVrfOspfv3AreaVirtualLink(MakeLogicalRouter): + WITH_OSPF = True + + def setup_state_obj(self, fw, state): + state.ospf_area_id = testlib.random_ip() + state.ospf_are_virtual_link = network.VrfOspfv3AreaVirtualLink( + testlib.random_name(), + enable=True, + neighbor_id=testlib.random_ip(), + transit_area_id=state.ospf_area_id, + ) + state.obj = network.VrfOspfv3Area(state.ospf_area_id, type="normal") + state.obj.add(state.ospf_are_virtual_link) + state.vrf.add(state.obj) + + def update_state_obj(self, fw, state): + state.ospf_are_virtual_link.neighbor_id = testlib.random_ip() + + +class TestAreRoutingProfileOspfAuth(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileOspfAuth( + testlib.random_name(), password=testlib.random_name(8) + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.password = testlib.random_name(8) + + +class TestAreRoutingProfileOspfIfTimer(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileOspfIfTimer( + testlib.random_name(), + hello_interval=random.randint(1, 50), + dead_counts=random.randint(3, 20), + retransmit_interval=random.randint(1, 50), + transit_delay=random.randint(1, 50), + gr_delay=random.randint(1, 10), + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.hello_interval = random.randint(1, 50) + + +class TestAreRoutingProfileOspfSpfTimer(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileOspfSpfTimer( + testlib.random_name(), + lsa_interval=random.randint(1, 10), + spf_calculation_delay=random.randint(1, 50), + initial_hold_time=random.randint(1, 50), + max_hold_time=random.randint(1, 50), + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.lsa_interval = random.randint(1, 10) + + +class TestAreRoutingProfileOspfRedistribution(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileOspfRedistribution( + testlib.random_name(), + static="static", + static_enable=True, + static_metric=random.randint(1, 50), + static_metric_type="type-2", + connected="connected", + connected_enable=True, + connected_metric=2, + rip="rip", + rip_enable=True, + rip_metric=random.randint(100, 200), + rip_metric_type="type-2", + bgp="bgp", + bgp_enable=True, + bgp_metric=random.randint(300, 500), + bgp_metric_type="type-1", + default_route="default-route", + default_route_always=False, + default_route_enable=True, + default_route_metric=77, + default_route_metric_type="type-2", + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.static_metric = random.randint(1, 50) + + +class TestAreRoutingProfileOspfv3Auth(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileOspfv3Auth( + testlib.random_name(), + spi="01234568", + protocol="ah", + ah_type="sha384", + ah_key="123", + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.ah_key = "456" + + +class TestAreRoutingProfileOspfv3IfTimer(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileOspfv3IfTimer( + testlib.random_name(), + hello_interval=random.randint(1, 50), + dead_counts=random.randint(3, 20), + retransmit_interval=random.randint(1, 50), + transit_delay=random.randint(1, 50), + gr_delay=random.randint(1, 10), + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.hello_interval = random.randint(1, 50) + + +class TestAreRoutingProfileOspfv3SpfTimer(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileOspfv3SpfTimer( + testlib.random_name(), + lsa_interval=random.randint(1, 10), + spf_calculation_delay=random.randint(1, 50), + initial_hold_time=random.randint(1, 50), + max_hold_time=random.randint(1, 10), + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.lsa_interval = random.randint(1, 10) + + +class TestAreRoutingProfileOspfv3Redistribution(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileOspfv3Redistribution( + testlib.random_name(), + static="static", + static_enable=True, + static_metric=random.randint(1, 50), + static_metric_type="type-2", + connected="connected", + connected_enable=True, + connected_metric=2, + bgp="bgp", + bgp_enable=True, + bgp_metric=random.randint(100, 500), + bgp_metric_type="type-1", + default_route="default-route", + default_route_always=False, + default_route_enable=True, + default_route_metric=random.randint(60, 90), + default_route_metric_type="type-2", + ) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.obj.static_metric = random.randint(1, 50) + + +class TestAreRoutingProfileFilterAccessListIpv4(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.filter_access_list_entry_ipv4 = ( + network.RoutingProfileFilterAccessListEntryIpv4( + 1, + action="permit", + source_address_type="any", + destination_address_type="any", + ) + ) + state.obj = network.RoutingProfileFilterAccessList( + testlib.random_name(), + description="access list IPv4", + type="ipv4", + ) + state.obj.add(state.filter_access_list_entry_ipv4) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.filter_access_list_entry_ipv4.action = "deny" + + +class TestAreRoutingProfileFilterAccessListIpv6(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.filter_access_list_entry_ipv6 = ( + network.RoutingProfileFilterAccessListEntryIpv6( + 1, + action="permit", + source_address_type="any", + ) + ) + state.obj = network.RoutingProfileFilterAccessList( + testlib.random_name(), + description="access list IPv6", + type="ipv6", + ) + state.obj.add(state.filter_access_list_entry_ipv6) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.filter_access_list_entry_ipv6.action = "deny" + + +class TestAreRoutingProfileFilterPrefixListIpv4(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.prefix_list_entry_ipv4 = network.RoutingProfileFilterPrefixListEntryIpv4( + 1, action="deny", prefix="any" + ) + state.obj = network.RoutingProfileFilterPrefixList( + testlib.random_name(), description="prefix list IPv4", type="ipv4" + ) + state.obj.add(state.prefix_list_entry_ipv4) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.prefix_list_entry_ipv4.action = "permit" + + +class TestAreRoutingProfileFilterPrefixListIpv6(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.prefix_list_entry_ipv6 = network.RoutingProfileFilterPrefixListEntryIpv6( + 1, action="deny", prefix="any" + ) + state.obj = network.RoutingProfileFilterPrefixList( + testlib.random_name(), + description="prefix list IPv6", + type="ipv6", + ) + state.obj.add(state.prefix_list_entry_ipv6) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.prefix_list_entry_ipv6.action = "permit" + + +class TestAreRoutingProfileFilterAsPathAccessList(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.as_path_prefix_entry = network.RoutingProfileFilterAsPathAccessListEntry( + 1, action="permit", aspath_regex="123.*" + ) + state.obj = network.RoutingProfileFilterAsPathAccessList(testlib.random_name()) + state.obj.add(state.as_path_prefix_entry) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.as_path_prefix_entry.action = "deny" + + +class TestAreRoutingProfileFilterCommunityListEntryRegular(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.filter_community_regular = ( + network.RoutingProfileFilterCommunityListEntryRegular( + 1, action="permit", community=["accept-own", "no-peer"] + ) + ) + state.obj = network.RoutingProfileFilterCommunityList(testlib.random_name()) + state.obj.add(state.filter_community_regular) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.filter_community_regular.action = "deny" + + +class TestAreRoutingProfileFilterCommunityListEntryLarge(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.filter_community_large = ( + network.RoutingProfileFilterCommunityListEntryLarge( + 1, action="permit", lc_regex=["123.*:456.*:987.*", "1.*:2.*:3.*"] + ) + ) + state.obj = network.RoutingProfileFilterCommunityList( + testlib.random_name(), type="large" + ) + state.obj.add(state.filter_community_large) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.filter_community_large.action = "deny" + + +class TestAreRoutingProfileFilterCommunityListEntryExtended(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.filter_community_extended = ( + network.RoutingProfileFilterCommunityListEntryExtended( + 1, action="permit", ec_regex=["123.*:456.*", "1.*:2.*"] + ) + ) + state.obj = network.RoutingProfileFilterCommunityList( + testlib.random_name(), type="extended" + ) + state.obj.add(state.filter_community_extended) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.filter_community_extended.action = "deny" + + +class TestAreRoutingProfileFilterRouteMaps(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.filter_route_map_entry = network.RoutingProfileFilterRouteMapsEntry( + 1, + action="permit", + description="Test BGP route", + match_interface="ethernet1/1", + match_origin="egp", + match_metric="200", + match_tag="12", + match_local_preference="20", + match_peer="local", + set_aggregator_as="1200", + set_aggregator_router_id="12.12.12.12", + set_tag="21", + set_local_preference="31", + set_weight="11", + set_origin="egp", + set_atomic_aggregate=True, + set_metric_action="set", + set_metric_value="12", + set_originator_id="21.21.21.21", + set_overwrite_regular_community=True, + set_overwrite_large_community=True, + set_aspath_exclude=["1", "2"], + set_aspath_prepend=["21", "22"], + set_regular_community=["internet"], + set_large_community=["123:456:789"], + ) + state.obj = network.RoutingProfileFilterRouteMaps(testlib.random_name()) + state.obj.add(state.filter_route_map_entry) + fw.add(state.obj) + + def update_state_obj(self, fw, state): + state.filter_route_map_entry.action = "deny" + + +class TestAreRoutingProfileFilterRouteMapsRedistribution(MakeLogicalRouter): + def setup_state_obj(self, fw, state): + state.obj = network.RoutingProfileFilterRouteMapsRedistribution( + testlib.random_name() + ) + fw.add(state.obj) + + class TestManagementProfile(testlib.FwFlow): def setup_state_obj(self, fw, state): state.obj = network.ManagementProfile( diff --git a/tests/live/testlib.py b/tests/live/testlib.py index 9138ea33..959f3781 100644 --- a/tests/live/testlib.py +++ b/tests/live/testlib.py @@ -5,8 +5,11 @@ from panos import network -def random_name(): - return "".join(random.choice("abcdefghijklmnopqrstuvwxyz") for x in range(10)) +def random_name(max=None): + return "".join( + random.choice("abcdefghijklmnopqrstuvwxyz") + for x in range(10 if max is None else max) + ) def random_ip(netmask=None):