Last active
December 5, 2018 23:36
-
-
Save akira6592/84975fa32e6ef066db893d44e9cb335b to your computer and use it in GitHub Desktop.
[Batfish] 重複したインターフェースのIPアドレスを検出する(IOS/Junos混在編)。ブログ貼り付け用
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"cells": [ | |
{ | |
"cell_type": "markdown", | |
"metadata": {}, | |
"source": [ | |
"# ライブラリのインポート、スナップショットの取得など\n", | |
"はじめに、pybatfish の各種 import とスナップショットの取得を行います。\n", | |
"`SNAPSHOT_PATH` で指定したパスの配下の `configs` ディレクトリには、Cisco IOS のコンフィグ(rt1_ios.cfg)と Juniper Junos のコンフィグ(fw1_junos.cfg)が2つ入っている状態です(中身は後述)。" | |
] | |
}, | |
{ | |
"cell_type": "code", | |
"execution_count": 4, | |
"metadata": {}, | |
"outputs": [ | |
{ | |
"data": { | |
"text/plain": [ | |
"'test_snapshot'" | |
] | |
}, | |
"execution_count": 4, | |
"metadata": {}, | |
"output_type": "execute_result" | |
} | |
], | |
"source": [ | |
"%run startup.py\n", | |
"NETWORK_NAME = \"test_network\"\n", | |
"SNAPSHOT_NAME = \"test_snapshot\"\n", | |
"\n", | |
"SNAPSHOT_PATH = \"networks/test_dupip_ios_junos\"\n", | |
"\n", | |
"bf_set_network(NETWORK_NAME)\n", | |
"bf_init_snapshot(SNAPSHOT_PATH, name=SNAPSHOT_NAME, overwrite=True)" | |
] | |
}, | |
{ | |
"cell_type": "markdown", | |
"metadata": {}, | |
"source": [ | |
"# コンフィグが正常にパースされたかチェック" | |
] | |
}, | |
{ | |
"cell_type": "code", | |
"execution_count": 5, | |
"metadata": {}, | |
"outputs": [ | |
{ | |
"data": { | |
"text/html": [ | |
"<div>\n", | |
"<style scoped>\n", | |
" .dataframe tbody tr th:only-of-type {\n", | |
" vertical-align: middle;\n", | |
" }\n", | |
"\n", | |
" .dataframe tbody tr th {\n", | |
" vertical-align: top;\n", | |
" }\n", | |
"\n", | |
" .dataframe thead th {\n", | |
" text-align: right;\n", | |
" }\n", | |
"</style>\n", | |
"<table border=\"1\" class=\"dataframe\">\n", | |
" <thead>\n", | |
" <tr style=\"text-align: right;\">\n", | |
" <th></th>\n", | |
" <th>File_Name</th>\n", | |
" <th>Status</th>\n", | |
" <th>Nodes</th>\n", | |
" </tr>\n", | |
" </thead>\n", | |
" <tbody>\n", | |
" <tr>\n", | |
" <th>0</th>\n", | |
" <td>configs/fw1_junos.cfg</td>\n", | |
" <td>PASSED</td>\n", | |
" <td>['fw1_junos']</td>\n", | |
" </tr>\n", | |
" <tr>\n", | |
" <th>1</th>\n", | |
" <td>configs/rt1.ios.cfg</td>\n", | |
" <td>PASSED</td>\n", | |
" <td>['rt1_ios']</td>\n", | |
" </tr>\n", | |
" </tbody>\n", | |
"</table>\n", | |
"</div>" | |
], | |
"text/plain": [ | |
" File_Name Status Nodes\n", | |
"0 configs/fw1_junos.cfg PASSED ['fw1_junos']\n", | |
"1 configs/rt1.ios.cfg PASSED ['rt1_ios'] " | |
] | |
}, | |
"execution_count": 5, | |
"metadata": {}, | |
"output_type": "execute_result" | |
} | |
], | |
"source": [ | |
"bfq.fileParseStatus().answer().frame()" | |
] | |
}, | |
{ | |
"cell_type": "markdown", | |
"metadata": {}, | |
"source": [ | |
"Status が `PASSED` なので正常にパースされたことが分かります。" | |
] | |
}, | |
{ | |
"cell_type": "markdown", | |
"metadata": {}, | |
"source": [ | |
"# 対象のコンフィグ" | |
] | |
}, | |
{ | |
"cell_type": "markdown", | |
"metadata": {}, | |
"source": [ | |
"今回、検証するコンフィグは以下の2台(iosとjunos)です。(抜粋)\n", | |
"\n", | |
"- rt1_ios.cfg\n", | |
"```\n", | |
"interface Loopback0\n", | |
" ip address 10.1.1.1 255.255.255.255\n", | |
"!\n", | |
"interface GigabitEthernet0/0\n", | |
" ip address 10.0.1.254 255.255.255.0\n", | |
" media-type gbic\n", | |
" speed 1000\n", | |
" duplex full\n", | |
" negotiation auto\n", | |
"!\n", | |
"interface GigabitEthernet1/0\n", | |
" ip address 172.16.0.1 255.255.255.0\n", | |
" negotiation auto\n", | |
"```\n", | |
"\n", | |
"- fw1_junos.cfg\n", | |
"```\n", | |
"interfaces {\n", | |
" ge-0/0/0 {\n", | |
" unit 0 {\n", | |
" family inet {\n", | |
" dhcp;\n", | |
" }\n", | |
" }\n", | |
" }\n", | |
" ge-0/0/1 {\n", | |
" unit 0 {\n", | |
" family inet {\n", | |
" address 172.16.2.1/24;\n", | |
" }\n", | |
" }\n", | |
" }\n", | |
" ge-0/0/2 {\n", | |
" unit 0 {\n", | |
" family inet {\n", | |
" address 10.0.12.1/24;\n", | |
" }\n", | |
" }\n", | |
" }\n", | |
" lo0 {\n", | |
" unit 0 {\n", | |
" family inet {\n", | |
" address 10.1.1.1/32;\n", | |
" }\n", | |
" }\n", | |
" }\n", | |
"```\n", | |
"\n", | |
"あってはなりませんが、わざと Loopback0 (lo0) の IP アドレスが2台間で重複(10.1.1.1)するようにしてあります。" | |
] | |
}, | |
{ | |
"cell_type": "markdown", | |
"metadata": {}, | |
"source": [ | |
"# 重複IPアドレレスのチェック\n", | |
"それでは、[ipOwners()](https://pybatfish.readthedocs.io/en/latest/questions.html?highlight=filterLineReachability#pybatfish.question.bfq.ipOwners) に、パラメータ `duplicatesOnly=True` を渡して重複したIPアドレスをチェックします。" | |
] | |
}, | |
{ | |
"cell_type": "code", | |
"execution_count": 6, | |
"metadata": {}, | |
"outputs": [ | |
{ | |
"data": { | |
"text/html": [ | |
"<div>\n", | |
"<style scoped>\n", | |
" .dataframe tbody tr th:only-of-type {\n", | |
" vertical-align: middle;\n", | |
" }\n", | |
"\n", | |
" .dataframe tbody tr th {\n", | |
" vertical-align: top;\n", | |
" }\n", | |
"\n", | |
" .dataframe thead th {\n", | |
" text-align: right;\n", | |
" }\n", | |
"</style>\n", | |
"<table border=\"1\" class=\"dataframe\">\n", | |
" <thead>\n", | |
" <tr style=\"text-align: right;\">\n", | |
" <th></th>\n", | |
" <th>Node</th>\n", | |
" <th>VRF</th>\n", | |
" <th>Interface</th>\n", | |
" <th>IP</th>\n", | |
" <th>Mask</th>\n", | |
" <th>Active</th>\n", | |
" </tr>\n", | |
" </thead>\n", | |
" <tbody>\n", | |
" <tr>\n", | |
" <th>0</th>\n", | |
" <td>rt1_ios</td>\n", | |
" <td>default</td>\n", | |
" <td>Loopback0</td>\n", | |
" <td>10.1.1.1</td>\n", | |
" <td>32</td>\n", | |
" <td>True</td>\n", | |
" </tr>\n", | |
" <tr>\n", | |
" <th>1</th>\n", | |
" <td>fw1_junos</td>\n", | |
" <td>default</td>\n", | |
" <td>lo0.0</td>\n", | |
" <td>10.1.1.1</td>\n", | |
" <td>32</td>\n", | |
" <td>True</td>\n", | |
" </tr>\n", | |
" </tbody>\n", | |
"</table>\n", | |
"</div>" | |
], | |
"text/plain": [ | |
" Node VRF Interface IP Mask Active\n", | |
"0 rt1_ios default Loopback0 10.1.1.1 32 True \n", | |
"1 fw1_junos default lo0.0 10.1.1.1 32 True " | |
] | |
}, | |
"execution_count": 6, | |
"metadata": {}, | |
"output_type": "execute_result" | |
} | |
], | |
"source": [ | |
"bfq.ipOwners(duplicatesOnly=True).answer().frame()" | |
] | |
}, | |
{ | |
"cell_type": "markdown", | |
"metadata": {}, | |
"source": [ | |
"無事に(無事ではないですが)、IOS と Junos の混在環境でも重複IPアドレスを検出できました。" | |
] | |
} | |
], | |
"metadata": { | |
"hide_input": false, | |
"kernelspec": { | |
"display_name": "Python 3", | |
"language": "python", | |
"name": "python3" | |
}, | |
"language_info": { | |
"codemirror_mode": { | |
"name": "ipython", | |
"version": 3 | |
}, | |
"file_extension": ".py", | |
"mimetype": "text/x-python", | |
"name": "python", | |
"nbconvert_exporter": "python", | |
"pygments_lexer": "ipython3", | |
"version": "3.5.2" | |
} | |
}, | |
"nbformat": 4, | |
"nbformat_minor": 2 | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment