Junos Automation (Scripting)
Highlighted
Junos Automation (Scripting)

Trouble automating some configuration with space.

‎06-08-2018 02:45 PM

When the network was designed each branch had a set number of vlans. Each branch also had unique vlan id's that corresponded to an ae0.xxxx unit number. The problem with this is each branch has unique unit numbers making it impossible to use space to send some coammnds to all my branches.

 

For instace I made a zone for each of these interfaces and pushed that out through space. Now I need to be able to assign the ae0.xxxx to those zones. Since they are unique at each site id have to do this manually...

 

Im new to juniper and I'm trying to find away around this. I am thinking configlets is the key? I am not actually sure although.

 

Every interface has a "somwhat" static description which I assume I can use to grab at least the vlan ID. Since the vlan id number is right under description in the configuration. Since the vlan number and unit number are the same I can make it a variable I assume.

 

For instance: <description>"xxxx Security systems" /description>

 

xxxx is a phython variable I use to create the branch configuration and is unique. "Security systems" is static at every branch.

 

Is this the right path to achieve my goals? If so does somone have better documentation then juniper I could use to figure this out?

6 REPLIES 6
Highlighted
Junos Automation (Scripting)

Re: Trouble automating some configuration with space.

‎06-09-2018 04:04 AM

Another alternative to consider is that VLAN id is only locally signficant.  So assuming you have layer 3 connections between branches and your DC or central site, there is nothing wrong with using the same set of VLAN id for the subnets you need at the remote site.

 

You will frequently see this type of setup for scale out retail or branch office setups.  While the ip addresses are shared across the network and need to be unique, the vlans are all local so it makes no differece that the same set is deployed everywhere.

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Highlighted
Junos Automation (Scripting)

Re: Trouble automating some configuration with space.

‎06-11-2018 08:59 AM

I agree, although the desgin was out of my hands and eveything is already configured. So I need some way to automate interface unit configuration. 

Highlighted
Junos Automation (Scripting)

Re: Trouble automating some configuration with space.

‎06-11-2018 10:18 AM

I'm having a little difficulty understanding exactly what you're doing.  But if you just need to create a VLAN ID that matches a given unit ID on a router's ae0 interface, then you can use "Configured Value Xpath" to map the UNIT for a selected ae0.xxx interface into a variable (call it $VLAN_ID) and then use that in whatever configuration you're applying.


Is that what you want to do?   If so, then there's no need to go extracting text from interface descriptions.

 

/doug

--
"There he goes. One of God's own prototypes. A high-powered mutant of some kind never even considered for mass production. Too weird to live, and too rare to die." --HST
Highlighted
Junos Automation (Scripting)

Re: Trouble automating some configuration with space.

[ Edited ]
‎06-11-2018 12:24 PM

Here is one example of the problem.

Site A

ae0.3000

ae0.3002

ae0.3003

ae0.3003

ae0.3005

ae0.3006

ae0.3007

ae0.3008

 

Site B

ae0.3009

ae0.3010

ae0.3011

ae0.3012

ae0.3013

ae0.3014

ae0.3015

ae0.3016

 

Site C

ae0.3017

ect.

ect.

 

So each site has different ae0 unit numbers. The installer made the unit numbers and vlan numbers different for each branch.

 

Now I want to use space to assign all the interface ae0.xxxx to the zones

Server

Printer

Management

genericdmz

cashadvancedmz

ect...

 

Since each site has a different ae0.xxxx I cannot easily assign interfaces to zones.

 

set security zones security-zone facility interfaces ae0.xxxx

 

Each site does have a somewhat static description for each interface. So I was hoping I could grab the description to then grab the vlanid or unit number. With that number make a variable so I can globally push putting each intergface into their proper zone.

 

unit 3240 {
description "XXXX Local server infrastructure";
vlan-id 3240;
family inet {
address myip/24;

 

Highlighted
Junos Automation (Scripting)

Re: Trouble automating some configuration with space.

[ Edited ]
‎06-11-2018 04:00 PM

First: does this Use Case sound OK?

1. User select device from managed devices screen ("Devices->Device Management")

2. User selects "Actions" then chooses "Device Inventory->View Logical Interfaces"

3. User selects appropriate ae0.xxx interface

4, User R-clicks and selects "Apply CLI configlet".

 

If so, then it's a pretty trivial matter to write the CLI configlet that picks up the ae0 $UNIT from your selected interface,  Then you can populate your zone updates, substituting that value for your VLAN ID.

 

Once you have that working, you could alternaltely create a CLI configlet so that it creates a select list of all the ae0 interfaces on the selected router.  That way you could invoke the configlet at the /device level and let the it dig out and display the ae0 interfaces for you. (Save a you some clicking around.)


I have to do some other stuff right now. Will check back in later tomorrow.

/doug

--
"There he goes. One of God's own prototypes. A high-powered mutant of some kind never even considered for mass production. Too weird to live, and too rare to die." --HST
Highlighted
Junos Automation (Scripting)

Re: Trouble automating some configuration with space.

‎06-18-2018 11:48 AM
Thanks everyone for responding. I think what I need to do is rename all interfaces. Since the unit number doesn't have to be the same as the vlan id. This will give me what I want. I am disappointed in the fact I cannot use interface alias' I must say. Then Id use that method instead. When I try to use it to assign and alias interface to a security zone I get. error: 'AliasName' is not a valid interface-range or alias name bullspit (=