def vr_demo_12():
f = "cfg4.yml"
d = {}
if (load_dict_from_file(f, d) is False):
print("Config file '%s' read error: " % f)
exit()
try:
ctrlIpAddr = d['ctrlIpAddr']
ctrlPortNum = d['ctrlPortNum']
ctrlUname = d['ctrlUname']
ctrlPswd = d['ctrlPswd']
nodeName = d['nodeName']
nodeIpAddr = d['nodeIpAddr']
nodePortNum = d['nodePortNum']
nodeUname = d['nodeUname']
nodePswd = d['nodePswd']
rundelay = d['rundelay']
except:
print("Failed to get Controller device attributes")
exit(0)
print("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print("<<< Demo Start")
print("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
ctrl = Controller(ctrlIpAddr, ctrlPortNum, ctrlUname, ctrlPswd)
vrouter = VRouter5600(ctrl, nodeName, nodeIpAddr, nodePortNum, nodeUname,
nodePswd)
print("<<< 'Controller': %s, '%s': %s" %
(ctrlIpAddr, nodeName, nodeIpAddr))
print("\n")
time.sleep(rundelay)
node_configured = False
result = ctrl.check_node_config_status(nodeName)
status = result.get_status()
if (status.eq(STATUS.NODE_CONFIGURED)):
node_configured = True
print("<<< '%s' is configured on the Controller" % nodeName)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
node_configured = False
else:
print("\n")
print "Failed to get configuration status for the '%s'" % nodeName
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
if node_configured is False:
result = ctrl.add_netconf_node(vrouter)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("<<< '%s' added to the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
print("\n")
time.sleep(rundelay)
result = ctrl.check_node_conn_status(nodeName)
status = result.get_status()
if (status.eq(STATUS.NODE_CONNECTED)):
print("<<< '%s' is connected to the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print("<<< Show VPN configuration on the '%s'" % nodeName)
result = vrouter.get_vpn_cfg()
time.sleep(rundelay)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' VPN configuration:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print("No VPN configuration found")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print(">>> Create new VPN configuration on the '%s'" % (nodeName))
ca_cert_file = '/config/auth/ca.crt'
srv_cert_file = '/config/auth/r1.crt'
srv_key_file = '/config/auth/r1.key'
crl_file = '/config/auth/r1.crl'
print(
" NOTE: For this demo to succeed the following files "
"must exist on the '%s'\n"
" (empty files can be created for the sake of the demo):\n"
" %s\n"
" %s\n"
" %s\n"
" %s" %
(nodeName, ca_cert_file, srv_cert_file, crl_file, srv_key_file))
time.sleep(rundelay)
# -------------------------------------------------------------------------
# Encode VPN configuration options by using 'Vpn' object
# -------------------------------------------------------------------------
vpn = Vpn()
# -------------------------------------------------------------------------
# Create and configure Internet Key Exchange (IKE) group
# -------------------------------------------------------------------------
ike_grp_name = "IKE-1W"
proposal_num = 1
# Set the encryption cipher for proposal 1
# (enumeration: 'aes128', 'aes256', '3des')
encryption_cipher = 'aes256'
vpn.set_ipsec_ike_group_proposal_encryption(ike_grp_name, proposal_num,
encryption_cipher)
# Set the hash algorithm for proposal 1
# (enumeration: 'md5', 'sha1')
hash_algorithm = 'sha1'
vpn.set_ipsec_ike_group_proposal_hash(ike_grp_name, proposal_num,
hash_algorithm)
# Set the encryption cipher for proposal 2
# (enumeration: 'aes128', 'aes256', '3des')
proposal_num = 2
encryption_cipher = 'aes128'
vpn.set_ipsec_ike_group_proposal_encryption(ike_grp_name, proposal_num,
encryption_cipher)
# Set the hash algorithm for proposal 2
# (enumeration: 'md5', 'sha1')
hash_algorithm = 'sha1'
vpn.set_ipsec_ike_group_proposal_hash(ike_grp_name, proposal_num,
hash_algorithm)
# Set the lifetime for the whole IKE group
lifetime = 3600
vpn.set_ipsec_ike_group_lifetime(ike_grp_name, lifetime)
# -------------------------------------------------------------------------
# Create and configure Encapsulating Security Payload (ESP) group
# -------------------------------------------------------------------------
esp_grp_name = "ESP-1W"
# Set the encryption cipher for proposal 1
# (enumeration: 'aes128', 'aes256', '3des')
proposal_num = 1
encryption_cipher = 'aes256'
vpn.set_ipsec_esp_group_proposal_encryption(esp_grp_name, proposal_num,
encryption_cipher)
# Set the hash algorithm for proposal 1
# (enumeration: 'md5', 'sha1')
hash_algorithm = 'sha1'
vpn.set_ipsec_esp_group_proposal_hash(esp_grp_name, proposal_num,
hash_algorithm)
# Set the encryption cipher for proposal 2
# (enumeration: 'aes128', 'aes256', '3des')
proposal_num = 2
encryption_cipher = '3des'
vpn.set_ipsec_esp_group_proposal_encryption(esp_grp_name, proposal_num,
encryption_cipher)
# Set the hash algorithm for proposal 2
# (enumeration: 'md5', 'sha1')
hash_algorithm = 'md5'
vpn.set_ipsec_esp_group_proposal_hash(esp_grp_name, proposal_num,
hash_algorithm)
# Set the lifetime for the whole ESP group
lifetime = 1800
vpn.set_ipsec_esp_group_lifetime(esp_grp_name, lifetime)
# -------------------------------------------------------------------------
# Configure connection to a remote peer
# -------------------------------------------------------------------------
peer_node = "192.0.2.33"
description = ("Site-to-Site VPN Configuration Example - "
"X.509 Certificate Authentication")
vpn.set_ipsec_site_to_site_peer_description(peer_node, description)
# Set authentication mode to 'x509'
auth_mode = 'x509'
vpn.set_ipsec_site_to_site_peer_auth_mode(peer_node, auth_mode)
# Specify the 'distinguished name' of the certificate for the peer
remote_id = "C=US, ST=CA, O=ABC Company, CN=east, [email protected]"
vpn.set_ipsec_site_to_site_peer_auth_remote_id(peer_node, remote_id)
# Specify the location of the CA certificate on the vRouter
vpn.set_ipsec_site_to_site_peer_auth_ca_cert_file(peer_node, ca_cert_file)
# Specify the location of the server certificate on the vRouter
vpn.set_ipsec_site_to_site_peer_auth_srv_cert_file(peer_node,
srv_cert_file)
# Specify the location of the server key file on the vRouter
vpn.set_ipsec_site_to_site_peer_auth_srv_key_file(peer_node, srv_key_file)
# Specify the password for the server key file
srv_key_pswd = 'testpassword'
vpn.set_ipsec_site_to_site_peer_auth_srv_key_pswd(peer_node, srv_key_pswd)
# Specify the default ESP group for all tunnels
esp_group_name = 'ESP-1W'
vpn.set_ipsec_site_to_site_peer_default_esp_group(peer_node,
esp_group_name)
# Specify the IKE group
ike_group_name = 'IKE-1W'
vpn.set_ipsec_site_to_site_peer_ike_group(peer_node, ike_group_name)
# Identify the IP address on the vRouter to be used for this connection
local_address = '192.0.2.1'
vpn.set_ipsec_site_to_site_peer_local_address(peer_node, local_address)
# Create a tunnel configuration and provide local and remote subnets
# for this tunnel
tunnel = 1
local_prefix = '192.168.40.0/24'
remote_prefix = '192.168.60.0/24'
vpn.set_ipsec_site_to_site_peer_tunnel_local_prefix(
peer_node, tunnel, local_prefix)
vpn.set_ipsec_site_to_site_peer_tunnel_remote_prefix(
peer_node, tunnel, remote_prefix)
print "\n"
print(">>> VPN configuration to be applied to the '%s'" % (nodeName))
print vpn.get_payload()
time.sleep(rundelay)
result = vrouter.set_vpn_cfg(vpn)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("<<< VPN configuration was successfully created")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Show VPN configuration on the '%s'" % (nodeName))
time.sleep(rundelay)
result = vrouter.get_vpn_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' VPN configuration:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
print("<<< VPN configuration was successfully read")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
time.sleep(rundelay)
print "\n"
print("<<< Delete VPN configuration on the '%s'" % (nodeName))
time.sleep(rundelay)
result = vrouter.delete_vpn_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("VPN configuration successfully removed from '%s'" % (nodeName))
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Show VPN configuration on the '%s'" % (nodeName))
time.sleep(rundelay)
result = vrouter.get_vpn_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' VPN configuration:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print("No VPN configuration found")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print(">>> Remove '%s' NETCONF node from the Controller" % nodeName)
time.sleep(rundelay)
result = ctrl.delete_netconf_node(vrouter)
status = result.get_status()
if (status.eq(STATUS.OK)):
print(
"'%s' NETCONF node was successfully removed "
"from the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief())
exit(0)
print("\n")
print(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
print(">>> Demo End")
print(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
def vr_demo_2():
f = "cfg4.yml"
d = {}
if(load_dict_from_file(f, d) is False):
print("Config file '%s' read error: " % f)
exit()
try:
ctrlIpAddr = d['ctrlIpAddr']
ctrlPortNum = d['ctrlPortNum']
ctrlUname = d['ctrlUname']
ctrlPswd = d['ctrlPswd']
nodeName = d['nodeName']
nodeIpAddr = d['nodeIpAddr']
nodePortNum = d['nodePortNum']
nodeUname = d['nodeUname']
nodePswd = d['nodePswd']
rundelay = d['rundelay']
except:
print ("Failed to get Controller device attributes")
exit(0)
print ("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print ("<<< Demo Start")
print ("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print ("\n")
ctrl = Controller(ctrlIpAddr, ctrlPortNum, ctrlUname, ctrlPswd)
vrouter = VRouter5600(ctrl, nodeName, nodeIpAddr, nodePortNum,
nodeUname, nodePswd)
print ("<<< 'Controller': %s, '%s': %s"
% (ctrlIpAddr, nodeName, nodeIpAddr))
print ("\n")
time.sleep(rundelay)
node_configured = False
result = ctrl.check_node_config_status(nodeName)
status = result.get_status()
if(status.eq(STATUS.NODE_CONFIGURED)):
node_configured = True
print ("<<< '%s' is configured on the Controller" % nodeName)
elif(status.eq(STATUS.DATA_NOT_FOUND)):
node_configured = False
else:
print ("\n")
print "Failed to get configuration status for the '%s'" % nodeName
print ("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
if node_configured is False:
result = ctrl.add_netconf_node(vrouter)
status = result.get_status()
if(status.eq(STATUS.OK)):
print ("<<< '%s' added to the Controller" % nodeName)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
print ("\n")
time.sleep(rundelay)
result = ctrl.check_node_conn_status(nodeName)
status = result.get_status()
if(status.eq(STATUS.NODE_CONNECTED)):
print ("<<< '%s' is connected to the Controller" % nodeName)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print "\n"
yangModelName = "vyatta-security-firewall"
yangModelVerson = "2014-11-07"
print ("<<< Retrieve '%s' YANG model definition from the '%s'"
% (yangModelName, nodeName))
time.sleep(rundelay)
result = vrouter.get_schema(yangModelName, yangModelVerson)
status = result.get_status()
if(status.eq(STATUS.OK)):
print "YANG model definition:"
schema = result.get_data()
print schema
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print "\n"
print (">>> Remove '%s' NETCONF node from the Controller" % nodeName)
time.sleep(rundelay)
result = ctrl.delete_netconf_node(vrouter)
status = result.get_status()
if(status.eq(STATUS.OK)):
print ("'%s' NETCONF node was successfully removed "
"from the Controller" % nodeName)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief())
exit(0)
print "\n"
print (">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
print (">>> Demo End")
print (">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
def vr_demo_13():
f = "cfg4.yml"
d = {}
if (load_dict_from_file(f, d) is False):
print("Config file '%s' read error: " % f)
exit()
try:
ctrlIpAddr = d['ctrlIpAddr']
ctrlPortNum = d['ctrlPortNum']
ctrlUname = d['ctrlUname']
ctrlPswd = d['ctrlPswd']
nodeName = d['nodeName']
nodeIpAddr = d['nodeIpAddr']
nodePortNum = d['nodePortNum']
nodeUname = d['nodeUname']
nodePswd = d['nodePswd']
rundelay = d['rundelay']
except:
print("Failed to get Controller device attributes")
exit(0)
print("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print("<<< Demo Start")
print("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print("\n")
print(
"<<< OpenVPN configuration example: "
"Site-to-Site Mode with Preshared Secret")
print("\n")
ctrl = Controller(ctrlIpAddr, ctrlPortNum, ctrlUname, ctrlPswd)
vrouter = VRouter5600(ctrl, nodeName, nodeIpAddr, nodePortNum, nodeUname,
nodePswd)
print("<<< 'Controller': %s, '%s': %s" %
(ctrlIpAddr, nodeName, nodeIpAddr))
print("\n")
time.sleep(rundelay)
node_configured = False
result = ctrl.check_node_config_status(nodeName)
status = result.get_status()
if (status.eq(STATUS.NODE_CONFIGURED)):
node_configured = True
print("<<< '%s' is configured on the Controller" % nodeName)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
node_configured = False
else:
print("\n")
print "Failed to get configuration status for the '%s'" % nodeName
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
if node_configured is False:
result = ctrl.add_netconf_node(vrouter)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("<<< '%s' added to the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
print("\n")
time.sleep(rundelay)
result = ctrl.check_node_conn_status(nodeName)
status = result.get_status()
if (status.eq(STATUS.NODE_CONNECTED)):
print("<<< '%s' is connected to the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print("<<< Show OpenVPN interfaces configuration on the '%s'" % nodeName)
result = vrouter.get_openvpn_interfaces_cfg()
time.sleep(rundelay)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' OpenVPN interfaces configuration:" % nodeName)
iflist = result.get_data()
assert (isinstance(iflist, list))
for item in iflist:
print json.dumps(item, indent=4, sort_keys=True)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print("No OpenVPN interfaces configuration found")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
ifname = 'vtun0'
print(">>> Configure new '%s' OpenVPN tunnel interface on the '%s'" %
(ifname, nodeName))
time.sleep(rundelay)
# Create OpenVPN interface
vpnif = OpenVpnInterface(ifname)
# Set the OpenVPN mode to 'site-to-site'
mode = 'site-to-site'
vpnif.set_mode(mode)
# Specify the location of the file containing the preshared secret
secret_file = '/config/auth/secret'
vpnif.set_shared_secret_key_file(secret_file)
# Set the tunnel IP address for the local endpoint
local_address = '192.168.200.1'
vpnif.set_local_address(local_address)
# Set the tunnel IP address of the remote endpoint
remote_address = '192.168.200.2'
vpnif.set_remote_address(remote_address)
# Specify the physical IP address of the remote host
remote_host = '87.65.43.21'
vpnif.set_remote_host(remote_host)
result = vrouter.set_openvpn_interface_cfg(vpnif)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("<<< '%s' interface configuration was successfully created" %
ifname)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Show '%s' interface configuration on the '%s'" %
(ifname, nodeName))
time.sleep(rundelay)
result = vrouter.get_openvpn_interface_cfg(ifname)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' interface configuration:" % ifname)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
print("<<< '%s' interface configuration was successfully read" %
ifname)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
ip_prefix = '192.168.101.0/24'
print(
"<<< Create static route to access the remote subnet '%s' "
"through the '%s' interface " % (ip_prefix, ifname))
time.sleep(rundelay)
static_route = StaticRoute()
static_route.set_interface_route(ip_prefix)
static_route.set_interface_route_next_hop_interface(ip_prefix, ifname)
result = vrouter.set_protocols_static_route_cfg(static_route)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("<<< Static route was successfully created")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Show subnet '%s' static route configuration on the '%s'" %
(ip_prefix, nodeName))
time.sleep(rundelay)
result = vrouter.get_protocols_static_interface_route_cfg(ip_prefix)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("Static route configuration:")
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
print("<<< Static route configuration was successfully read")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Delete '%s' interface configuration from the '%s'" %
(ifname, nodeName))
time.sleep(rundelay)
result = vrouter.delete_openvpn_interface_cfg(ifname)
status = result.get_status()
if (status.eq(STATUS.OK)):
print(
"<<< '%s' interface configuration successfully "
"removed from the '%s'" % (ifname, nodeName))
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Show '%s' interface configuration on the '%s'" %
(ifname, nodeName))
time.sleep(rundelay)
result = vrouter.get_openvpn_interface_cfg(ifname)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("\n")
print("!!!Demo terminated, reason: %s" %
"Interface configuration still exists")
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print("No '%s' interface configuration found" % (ifname))
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Delete '%s' subnet static route configuration from the '%s'" %
(ip_prefix, nodeName))
time.sleep(rundelay)
result = vrouter.delete_protocols_static_interface_route_cfg(ip_prefix)
status = result.get_status()
if (status.eq(STATUS.OK)):
print(
"<<< Static route configuration successfully removed "
"from the '%s'" % (nodeName))
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Show '%s' subnet static route configuration on the '%s'" %
(ip_prefix, nodeName))
time.sleep(rundelay)
result = vrouter.get_protocols_static_interface_route_cfg(ip_prefix)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("\n")
print("!!!Demo terminated, reason: %s" %
"Static route configuration still found")
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print("No static route configuration found")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print(">>> Remove '%s' NETCONF node from the Controller" % nodeName)
time.sleep(rundelay)
result = ctrl.delete_netconf_node(vrouter)
status = result.get_status()
if (status.eq(STATUS.OK)):
print(
"'%s' NETCONF node was successfully removed "
"from the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief())
exit(0)
print("\n")
print(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
print(">>> Demo End")
print(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
ctrlIpAddr = d['ctrlIpAddr']
ctrlPortNum = d['ctrlPortNum']
ctrlUname = d['ctrlUname']
ctrlPswd = d['ctrlPswd']
nodeName = d['nodeName']
nodeIpAddr = d['nodeIpAddr']
nodePortNum = d['nodePortNum']
nodeUname = d['nodeUname']
nodePswd = d['nodePswd']
except:
print("Failed to get Controller device attributes")
exit(0)
ctrl = Controller(ctrlIpAddr, ctrlPortNum, ctrlUname, ctrlPswd)
vrouter = VRouter5600(ctrl, nodeName, nodeIpAddr, nodePortNum, nodeUname,
nodePswd)
print("<<< 'Controller': %s, '%s': %s" %
(ctrlIpAddr, nodeName, nodeIpAddr))
result = vrouter.get_dataplane_interfaces_list()
status = result.get_status()
if (status.eq(STATUS.OK)):
print "Dataplane interfaces:"
dpIfList = result.get_data()
print json.dumps(dpIfList, indent=4)
else:
print("\n")
print("!!!Failed, reason: %s" % status.brief().lower())
print("%s" % status.detailed())
exit(0)
def vr_demo_7():
f = "cfg4.yml"
d = {}
if (load_dict_from_file(f, d) is False):
print("Config file '%s' read error: " % f)
exit()
try:
ctrlIpAddr = d['ctrlIpAddr']
ctrlPortNum = d['ctrlPortNum']
ctrlUname = d['ctrlUname']
ctrlPswd = d['ctrlPswd']
nodeName = d['nodeName']
nodeIpAddr = d['nodeIpAddr']
nodePortNum = d['nodePortNum']
nodeUname = d['nodeUname']
nodePswd = d['nodePswd']
ifName = d['interfaceName']
rundelay = d['rundelay']
except:
print("Failed to get Controller device attributes")
exit(0)
print("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print("<<< Demo Start")
print("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print("\n")
ctrl = Controller(ctrlIpAddr, ctrlPortNum, ctrlUname, ctrlPswd)
vrouter = VRouter5600(ctrl, nodeName, nodeIpAddr, nodePortNum, nodeUname,
nodePswd)
print("<<< 'Controller': %s, '%s': %s" %
(ctrlIpAddr, nodeName, nodeIpAddr))
print("\n")
time.sleep(rundelay)
node_configured = False
result = ctrl.check_node_config_status(nodeName)
status = result.get_status()
if (status.eq(STATUS.NODE_CONFIGURED)):
node_configured = True
print("<<< '%s' is configured on the Controller" % nodeName)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
node_configured = False
else:
print("\n")
print "Failed to get configuration status for the '%s'" % nodeName
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
if node_configured is False:
result = ctrl.add_netconf_node(vrouter)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("<<< '%s' added to the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
print("\n")
time.sleep(rundelay)
result = ctrl.check_node_conn_status(nodeName)
status = result.get_status()
if (status.eq(STATUS.NODE_CONNECTED)):
print("<<< '%s' is connected to the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print("<<< Show firewalls configuration on the '%s'" % nodeName)
time.sleep(rundelay)
result = vrouter.get_firewalls_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' firewalls config:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print("No firewalls configuration found")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
fwName1 = "ACCEPT-SRC-IPADDR"
print(">>> Create new firewall instance '%s' on '%s'" %
(fwName1, nodeName))
firewall1 = Firewall(fwName1)
# Add a rule to the firewall instance
rulenum = 30
rule = Rule(rulenum)
rule.add_action("accept")
rule.add_source_address("172.22.17.108")
firewall1.add_rule(rule)
print firewall1.get_payload()
time.sleep(rundelay)
result = vrouter.add_modify_firewall_instance(firewall1)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("Firewall instance '%s' was successfully created" % fwName1)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
print "\n"
fwName2 = "DROP-ICMP"
print(">>> Create new firewall instance '%s' on '%s'" %
(fwName2, nodeName))
firewall2 = Firewall(fwName2)
# Add a rule to the firewall instance
rulenum = 40
rule = Rule(rulenum)
rule.add_action("drop")
rule.add_icmp_typename("ping")
firewall2.add_rule(rule)
print firewall2.get_payload()
time.sleep(rundelay)
result = vrouter.add_modify_firewall_instance(firewall2)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("Firewall instance '%s' was successfully created" % fwName2)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
exit(0)
print("\n")
print("<<< Show firewalls configuration on the '%s'" % nodeName)
time.sleep(rundelay)
result = vrouter.get_firewalls_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' firewalls config:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print(
"<<< Apply firewall '%s' to inbound traffic "
"and '%s' to outbound traffic on the '%s' "
"dataplane interface" % (fwName1, fwName2, ifName))
time.sleep(rundelay)
result = vrouter.set_dataplane_interface_firewall(ifName, fwName1, fwName2)
status = result.get_status()
if (status.eq(STATUS.OK)):
print(
"Firewall instances were successfully applied "
"to the '%s' dataplane interface" % (ifName))
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print("<<< Show '%s' dataplane interface configuration on the '%s'" %
(ifName, nodeName))
time.sleep(rundelay)
result = vrouter.get_dataplane_interface_cfg(ifName)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("Interfaces '%s' config:" % ifName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print("<<< Remove firewall settings from the '%s' dataplane interface" %
(ifName))
time.sleep(rundelay)
result = vrouter.delete_dataplane_interface_firewall(ifName)
status = result.get_status()
if (status.eq(STATUS.OK)):
print(
"Firewall settings successfully removed "
"from '%s' dataplane interface" % ifName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print("<<< Show '%s' dataplane interface configuration on the '%s'" %
(ifName, nodeName))
time.sleep(rundelay)
result = vrouter.get_dataplane_interface_cfg(ifName)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("Interfaces '%s' config:" % ifName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print "\n"
print(">>> Remove firewall instance '%s' from '%s'" % (fwName1, nodeName))
time.sleep(rundelay)
result = vrouter.delete_firewall_instance(firewall1)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("Firewall instance '%s' was successfully deleted" % fwName1)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print "\n"
print(">>> Remove firewall instance '%s' from '%s'" % (fwName2, nodeName))
time.sleep(rundelay)
result = vrouter.delete_firewall_instance(firewall2)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("Firewall instance '%s' was successfully deleted" % fwName2)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print("<<< Show firewalls configuration on the '%s'" % nodeName)
time.sleep(rundelay)
result = vrouter.get_firewalls_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' firewalls config:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print "\n"
print(">>> Remove '%s' NETCONF node from the Controller" % nodeName)
time.sleep(rundelay)
result = ctrl.delete_netconf_node(vrouter)
status = result.get_status()
if (status.eq(STATUS.OK)):
print(
"'%s' NETCONF node was successfully removed "
"from the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief())
exit(0)
print("\n")
print(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
print(">>> Demo End")
print(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
def vr_demo_8():
f = "cfg4.yml"
d = {}
if (load_dict_from_file(f, d) is False):
print("Config file '%s' read error: " % f)
exit()
try:
ctrlIpAddr = d['ctrlIpAddr']
ctrlPortNum = d['ctrlPortNum']
ctrlUname = d['ctrlUname']
ctrlPswd = d['ctrlPswd']
nodeName = d['nodeName']
nodeIpAddr = d['nodeIpAddr']
nodePortNum = d['nodePortNum']
nodeUname = d['nodeUname']
nodePswd = d['nodePswd']
rundelay = d['rundelay']
except:
print("Failed to get Controller device attributes")
exit(0)
print("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print("<<< Demo Start")
print("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
ctrl = Controller(ctrlIpAddr, ctrlPortNum, ctrlUname, ctrlPswd)
vrouter = VRouter5600(ctrl, nodeName, nodeIpAddr, nodePortNum, nodeUname,
nodePswd)
print("<<< 'Controller': %s, '%s': %s" %
(ctrlIpAddr, nodeName, nodeIpAddr))
print("\n")
time.sleep(rundelay)
node_configured = False
result = ctrl.check_node_config_status(nodeName)
status = result.get_status()
if (status.eq(STATUS.NODE_CONFIGURED)):
node_configured = True
print("<<< '%s' is configured on the Controller" % nodeName)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
node_configured = False
else:
print("\n")
print "Failed to get configuration status for the '%s'" % nodeName
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
if node_configured is False:
result = ctrl.add_netconf_node(vrouter)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("<<< '%s' added to the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
print("\n")
time.sleep(rundelay)
result = ctrl.check_node_conn_status(nodeName)
status = result.get_status()
if (status.eq(STATUS.NODE_CONNECTED)):
print("<<< '%s' is connected to the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print("<<< Show VPN configuration on the '%s'" % nodeName)
result = vrouter.get_vpn_cfg()
time.sleep(rundelay)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' VPN configuration:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print("No VPN configuration found")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print(">>> Create new VPN configuration on the '%s'" % (nodeName))
description = ("Remote Access VPN Configuration Example - "
"L2TP/IPsec with Pre-Shared Key")
external_ipaddr = "12.34.56.78"
nexthop_ipaddr = "12.34.56.254"
nat_traversal = True
nat_allow_network = "192.168.100.0/24"
client_ip_pool_start = "192.168.100.11"
client_ip_pool_end = "192.168.100.210"
ipsec_auth_mode = "pre-shared-secret"
ipsec_auth_secret = "!secrettext!"
l2tp_auth_mode = "local"
uname1 = "user1"
upswd1 = "user1_password"
uname2 = "user2"
upswd2 = "user2_password"
uname3 = "user3"
upswd3 = "user3_password"
dns_srv1 = "192.168.100.1"
dns_srv2 = "192.168.100.2"
wins_srv1 = "192.168.100.3"
wins_srv2 = "192.168.100.4"
mtu = "16384"
print(
" VPN options to be set:\n"
" - Configuration description : '%s'\n"
" - Server external address : '%s'\n"
" - Next hop router address : '%s'\n"
" - NAT_traversal : '%s'\n"
" - NAT allowed networks : '%s'\n"
" - Client addresses pool (start/end) : '%s'/'%s'\n"
" - IPsec authentication (mode/secret) : '%s'/'%s'\n"
" - L2TP authentication mode : '%s'\n"
" - Allowed users (name/password) : '%s'/'%s'\n"
" '%s'/'%s'\n"
" '%s'/'%s'\n"
" - DNS servers (primary/secondary) : '%s'/'%s'\n"
" - WINS servers (primary/secondary) : '%s'/'%s'\n"
" - Maximum Transmission Unit : '%s'\n" %
(description, external_ipaddr, nexthop_ipaddr,
"enabled" if nat_traversal else "disabled", nat_allow_network,
client_ip_pool_start, client_ip_pool_end, ipsec_auth_mode,
ipsec_auth_secret, l2tp_auth_mode, uname1, upswd1, uname2, upswd2,
uname3, upswd3, dns_srv1, dns_srv2, wins_srv1, wins_srv2, mtu))
time.sleep(rundelay)
# -------------------------------------------------------------------------
# Encode VPN configuration options by using 'Vpn' object
# -------------------------------------------------------------------------
vpn = Vpn()
# This VPN configuration description
vpn.set_l2tp_remote_access_description(description)
# Enable NAT traversal
vpn.set_nat_traversal(nat_traversal)
# Set the allowed subnets
vpn.set_nat_allow_network(nat_allow_network)
# Bind the L2TP server to the external IP address
vpn.set_l2tp_remote_access_outside_address(external_ipaddr)
# Set the next hop IP address for reaching the VPN clients
vpn.set_l2tp_remote_access_outside_nexthop(nexthop_ipaddr)
# Set up the pool of IP addresses that remote VPN connections will assume.
# In this example we make 100 addresses available (from .11 to .210) on
# subnet 192.168.100.0/24
vpn.set_l2tp_remote_access_client_ip_pool(start=client_ip_pool_start,
end=client_ip_pool_end)
# Set the IPsec authentication mode to 'pre-shared-secret'
vpn.set_l2tp_remote_access_ipsec_auth_mode(mode=ipsec_auth_mode)
# Set the 'pre-shared-secret' value
func = vpn.set_l2tp_remote_access_ipsec_auth_pre_shared_secret
func(secret=ipsec_auth_secret)
# Set the L2TP remote access user authentication mode to 'local'
vpn.set_l2tp_remote_access_user_auth_mode(l2tp_auth_mode)
# Set the L2TP remote access user credentials ('username'/'password')
vpn.set_l2tp_remote_access_user(name=uname1, pswd=upswd1)
vpn.set_l2tp_remote_access_user(name=uname2, pswd=upswd2)
vpn.set_l2tp_remote_access_user(name=uname3, pswd=upswd3)
# Set 'primary' and 'secondary' DNS servers
vpn.set_l2tp_remote_access_primary_dns_server(dns_srv1)
vpn.set_l2tp_remote_access_secondary_dns_server(dns_srv2)
# Set 'primary' and 'secondary' WINS servers
vpn.set_l2tp_remote_access_primary_wins_server(wins_srv1)
vpn.set_l2tp_remote_access_secondary_wins_server(wins_srv2)
# Set Maximum Transmission Unit (MTU <128..16384>)
vpn.set_l2tp_remote_access_mtu(mtu)
print "\n"
print(">>> VPN configuration to be applied to the '%s'" % (nodeName))
print vpn.get_payload()
time.sleep(rundelay)
result = vrouter.set_vpn_cfg(vpn)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("<<< VPN configuration was successfully created")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Show VPN configuration on the '%s'" % (nodeName))
time.sleep(rundelay)
result = vrouter.get_vpn_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' VPN configuration:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
print("<<< VPN configuration was successfully read")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Delete VPN configuration from the '%s'" % (nodeName))
time.sleep(rundelay)
result = vrouter.delete_vpn_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("VPN configuration successfully removed from '%s'" % (nodeName))
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Show VPN configuration on the '%s'" % (nodeName))
time.sleep(rundelay)
result = vrouter.get_vpn_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' VPN configuration:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print("No VPN configuration found")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print(">>> Remove '%s' NETCONF node from the Controller" % nodeName)
time.sleep(rundelay)
result = ctrl.delete_netconf_node(vrouter)
status = result.get_status()
if (status.eq(STATUS.OK)):
print(
"'%s' NETCONF node was successfully removed "
"from the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief())
exit(0)
print("\n")
print(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
print(">>> Demo End")
def vr_demo_11():
f = "cfg4.yml"
d = {}
if (load_dict_from_file(f, d) is False):
print("Config file '%s' read error: " % f)
exit()
try:
ctrlIpAddr = d['ctrlIpAddr']
ctrlPortNum = d['ctrlPortNum']
ctrlUname = d['ctrlUname']
ctrlPswd = d['ctrlPswd']
nodeName = d['nodeName']
nodeIpAddr = d['nodeIpAddr']
nodePortNum = d['nodePortNum']
nodeUname = d['nodeUname']
nodePswd = d['nodePswd']
rundelay = d['rundelay']
except:
print("Failed to get Controller device attributes")
exit(0)
print("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print("<<< Demo Start")
print("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
ctrl = Controller(ctrlIpAddr, ctrlPortNum, ctrlUname, ctrlPswd)
vrouter = VRouter5600(ctrl, nodeName, nodeIpAddr, nodePortNum, nodeUname,
nodePswd)
print("<<< 'Controller': %s, '%s': %s" %
(ctrlIpAddr, nodeName, nodeIpAddr))
print("\n")
time.sleep(rundelay)
node_configured = False
result = ctrl.check_node_config_status(nodeName)
status = result.get_status()
if (status.eq(STATUS.NODE_CONFIGURED)):
node_configured = True
print("<<< '%s' is configured on the Controller" % nodeName)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
node_configured = False
else:
print("\n")
print "Failed to get configuration status for the '%s'" % nodeName
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
if node_configured is False:
result = ctrl.add_netconf_node(vrouter)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("<<< '%s' added to the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
print("\n")
time.sleep(rundelay)
result = ctrl.check_node_conn_status(nodeName)
status = result.get_status()
if (status.eq(STATUS.NODE_CONNECTED)):
print("<<< '%s' is connected to the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print("<<< Show VPN configuration on the '%s'" % nodeName)
result = vrouter.get_vpn_cfg()
time.sleep(rundelay)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' VPN configuration:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print("No VPN configuration found")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print(">>> Create new VPN configuration on the '%s'" % (nodeName))
print(
" NOTE: For this demo to succeed the local RSA key "
"must exist on the '%s'\n"
" (use the 'generate vpn rsa-key' command to create it)" %
nodeName)
time.sleep(rundelay)
# -------------------------------------------------------------------------
# Encode VPN configuration options by using 'Vpn' object
# -------------------------------------------------------------------------
vpn = Vpn()
# -------------------------------------------------------------------------
# Create and configure Internet Key Exchange (IKE) group
# -------------------------------------------------------------------------
ike_grp_name = "IKE-1W"
proposal_num = 1
# Set the encryption cipher for proposal 1
# (enumeration: 'aes128', 'aes256', '3des')
encryption_cipher = 'aes256'
vpn.set_ipsec_ike_group_proposal_encryption(ike_grp_name, proposal_num,
encryption_cipher)
# Set the hash algorithm for proposal 1
# (enumeration: 'md5', 'sha1')
hash_algorithm = 'sha1'
vpn.set_ipsec_ike_group_proposal_hash(ike_grp_name, proposal_num,
hash_algorithm)
# Set the encryption cipher for proposal 2
# (enumeration: 'aes128', 'aes256', '3des')
proposal_num = 2
encryption_cipher = 'aes128'
vpn.set_ipsec_ike_group_proposal_encryption(ike_grp_name, proposal_num,
encryption_cipher)
# Set the hash algorithm for proposal 2
# (enumeration: 'md5', 'sha1')
hash_algorithm = 'sha1'
vpn.set_ipsec_ike_group_proposal_hash(ike_grp_name, proposal_num,
hash_algorithm)
# Set the lifetime for the whole IKE group
lifetime = 3600
vpn.set_ipsec_ike_group_lifetime(ike_grp_name, lifetime)
# -------------------------------------------------------------------------
# Create and configure Encapsulating Security Payload (ESP) group
# -------------------------------------------------------------------------
esp_grp_name = "ESP-1W"
# Set the encryption cipher for proposal 1
# (enumeration: 'aes128', 'aes256', '3des')
proposal_num = 1
encryption_cipher = 'aes256'
vpn.set_ipsec_esp_group_proposal_encryption(esp_grp_name, proposal_num,
encryption_cipher)
# Set the hash algorithm for proposal 1
# (enumeration: 'md5', 'sha1')
hash_algorithm = 'sha1'
vpn.set_ipsec_esp_group_proposal_hash(esp_grp_name, proposal_num,
hash_algorithm)
# Set the encryption cipher for proposal 2
# (enumeration: 'aes128', 'aes256', '3des')
proposal_num = 2
encryption_cipher = '3des'
vpn.set_ipsec_esp_group_proposal_encryption(esp_grp_name, proposal_num,
encryption_cipher)
# Set the hash algorithm for proposal 2
# (enumeration: 'md5', 'sha1')
hash_algorithm = 'md5'
vpn.set_ipsec_esp_group_proposal_hash(esp_grp_name, proposal_num,
hash_algorithm)
# Set the lifetime for the whole ESP group
lifetime = 1800
vpn.set_ipsec_esp_group_lifetime(esp_grp_name, lifetime)
# -------------------------------------------------------------------------
# Configure connection to a remote peer
# -------------------------------------------------------------------------
peer_node = "192.0.2.33"
description = ("Site-to-Site VPN Configuration Example - "
"RSA Digital Signature Authentication")
vpn.set_ipsec_site_to_site_peer_description(peer_node, description)
# Set authentication mode to 'rsa'
auth_mode = 'rsa'
vpn.set_ipsec_site_to_site_peer_auth_mode(peer_node, auth_mode)
# Set the peer's RSA public key and specify that this key should be used
# as the identifier for the peer's digital signature
rsa_key_name = "EAST-PEER-key"
rsa_key_value = "0sAQOVBIJL+rIkpTuwh8FPeceAF0bhgLr++" + \
"W51bOAIjFbRDbR8gX3Vlz6wiUbMgGwQxWlY" + \
"QiqsCeacicsfZx/amlEn9PkSE4e7tqK/JQo" + \
"40L5C7gcNM24mup1d+0WmN3zLb9Qhmq5q3p" + \
"NJxEwnVbPPQeIdZMJxnb1+lA8DPC3SIxJM/" + \
"3at1/KrwqCAhX3QNFY/zNmOtFogELCeyl4+" + \
"d54wQljA+3dwFAQ4bboJ7YIDs+rqORxWd3l" + \
"3I7IajT/pLrwr5eZ8OA9NtAedbMiCwxyuyU" + \
"bznxXZ8Z/MAi3xjL1pjYyWjNNiOij82QJfM" + \
"OrjoXVCfcPn96ZN+Jqk+KknoVeNDwzpoahF" + \
"OseJREeXzkw3/lkMN9N1"
vpn.set_rsa_key(rsa_key_name, rsa_key_value)
vpn.set_ipsec_site_to_site_peer_auth_rsa_key_name(peer_node, rsa_key_name)
# Specify the default ESP group for all tunnels
esp_group_name = 'ESP-1W'
vpn.set_ipsec_site_to_site_peer_default_esp_group(peer_node,
esp_group_name)
# Specify the IKE group
ike_group_name = 'IKE-1W'
vpn.set_ipsec_site_to_site_peer_ike_group(peer_node, ike_group_name)
# Identify the IP address on the vRouter to be used for this connection
local_address = '192.0.2.1'
vpn.set_ipsec_site_to_site_peer_local_address(peer_node, local_address)
# Create a tunnel configuration and provide local and remote subnets
# for this tunnel
tunnel = 1
local_prefix = '192.168.40.0/24'
remote_prefix = '192.168.60.0/24'
vpn.set_ipsec_site_to_site_peer_tunnel_local_prefix(
peer_node, tunnel, local_prefix)
vpn.set_ipsec_site_to_site_peer_tunnel_remote_prefix(
peer_node, tunnel, remote_prefix)
print "\n"
print(">>> VPN configuration to be applied to the '%s'" % (nodeName))
print vpn.get_payload()
time.sleep(rundelay)
result = vrouter.set_vpn_cfg(vpn)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("<<< VPN configuration was successfully created")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Show VPN configuration on the '%s'" % (nodeName))
time.sleep(rundelay)
result = vrouter.get_vpn_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' VPN configuration:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
print("<<< VPN configuration was successfully read")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
time.sleep(rundelay)
print "\n"
print("<<< Delete VPN configuration on the '%s'" % (nodeName))
time.sleep(rundelay)
result = vrouter.delete_vpn_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("VPN configuration successfully removed from '%s'" % (nodeName))
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print("<<< Show VPN configuration on the '%s'" % (nodeName))
time.sleep(rundelay)
result = vrouter.get_vpn_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' VPN configuration:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print("No VPN configuration found")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print(">>> Remove '%s' NETCONF node from the Controller" % nodeName)
time.sleep(rundelay)
result = ctrl.delete_netconf_node(vrouter)
status = result.get_status()
if (status.eq(STATUS.OK)):
print(
"'%s' NETCONF node was successfully removed from the Controller" %
nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief())
exit(0)
print("\n")
print(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
print(">>> Demo End")
print(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
def vr_demo_9():
f = "cfg4.yml"
d = {}
if(load_dict_from_file(f, d) is False):
print("Config file '%s' read error: " % f)
exit()
try:
ctrlIpAddr = d['ctrlIpAddr']
ctrlPortNum = d['ctrlPortNum']
ctrlUname = d['ctrlUname']
ctrlPswd = d['ctrlPswd']
nodeName = d['nodeName']
nodeIpAddr = d['nodeIpAddr']
nodePortNum = d['nodePortNum']
nodeUname = d['nodeUname']
nodePswd = d['nodePswd']
rundelay = d['rundelay']
except:
print ("Failed to get Controller device attributes")
exit(0)
print ("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print ("<<< Demo Start")
print ("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
ctrl = Controller(ctrlIpAddr, ctrlPortNum, ctrlUname, ctrlPswd)
vrouter = VRouter5600(ctrl, nodeName, nodeIpAddr, nodePortNum,
nodeUname, nodePswd)
print ("<<< 'Controller': %s, '%s': %s"
% (ctrlIpAddr, nodeName, nodeIpAddr))
print ("\n")
time.sleep(rundelay)
node_configured = False
result = ctrl.check_node_config_status(nodeName)
status = result.get_status()
if(status.eq(STATUS.NODE_CONFIGURED)):
node_configured = True
print ("<<< '%s' is configured on the Controller" % nodeName)
elif(status.eq(STATUS.DATA_NOT_FOUND)):
node_configured = False
else:
print ("\n")
print "Failed to get configuration status for the '%s'" % nodeName
print ("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
if node_configured is False:
result = ctrl.add_netconf_node(vrouter)
status = result.get_status()
if(status.eq(STATUS.OK)):
print ("<<< '%s' added to the Controller" % nodeName)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
print ("\n")
time.sleep(rundelay)
result = ctrl.check_node_conn_status(nodeName)
status = result.get_status()
if(status.eq(STATUS.NODE_CONNECTED)):
print ("<<< '%s' is connected to the Controller" % nodeName)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print ("<<< Show VPN configuration on the '%s'" % nodeName)
result = vrouter.get_vpn_cfg()
time.sleep(rundelay)
status = result.get_status()
if (status.eq(STATUS.OK)):
print ("'%s' VPN configuration:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print ("No VPN configuration found")
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print (">>> Create new VPN configuration on the '%s'" % (nodeName))
description = ("Remote Access VPN Configuration Example - "
"L2TP/IPsec with X.509 Certificates")
external_ipaddr = "12.34.56.78"
nexthop_ipaddr = "12.34.56.254"
nat_traversal = True
nat_allow_network = "192.168.100.0/24"
client_ip_pool_start = "192.168.100.11"
client_ip_pool_end = "192.168.100.210"
ipsec_auth_mode = "x509"
ca_cert_file = '/config/auth/ca.crt'
srv_crt_file = '/config/auth/r1.crt'
crl_file = '/config/auth/r1.crl'
srv_key_file = '/config/auth/r1.key'
srv_key_pswd = "testpassword"
l2tp_auth_mode = "local"
uname1 = "user1"
upswd1 = "user1_password"
uname2 = "user2"
upswd2 = "user2_password"
uname3 = "user3"
upswd3 = "user3_password"
print (" VPN options to be set:\n"
" - Configuration description : '%s'\n"
" - Server external address : '%s'\n"
" - Next hop router address : '%s'\n"
" - NAT_traversal : '%s'\n"
" - NAT allowed networks : '%s'\n"
" - Client addresses pool (start/end) : '%s'/'%s'\n"
" - IPsec authentication mode : '%s'\n"
" - CA Certificate location : '%s'\n"
" - Server Certificate location : '%s'\n"
" - Certificate Revocation List location : '%s'\n"
" - Server Key file location : '%s'\n"
" - Server Key file password : '******'\n"
" - L2TP authentication mode : '%s'\n"
" - Allowed users (name/password) : '%s'/'%s'\n"
" '%s'/'%s'\n"
" '%s'/'%s'"
% (description, external_ipaddr, nexthop_ipaddr,
"enabled" if nat_traversal else "disabled",
nat_allow_network,
client_ip_pool_start, client_ip_pool_end,
ipsec_auth_mode,
ca_cert_file,
srv_crt_file,
crl_file,
srv_key_file,
srv_key_pswd,
l2tp_auth_mode,
uname1, upswd1,
uname2, upswd2,
uname3, upswd3
)
)
print (" NOTE: For this demo to succeed the following files "
"must exist on the '%s'\n"
" (empty files can be created for the sake of the demo):\n"
" %s\n"
" %s\n"
" %s\n"
" %s"
% (nodeName, ca_cert_file, srv_crt_file, crl_file, srv_key_file))
time.sleep(rundelay)
# -------------------------------------------------------------------------
# Encode VPN configuration options by using 'Vpn' object
# -------------------------------------------------------------------------
vpn = Vpn()
# This VPN configuration description
vpn.set_l2tp_remote_access_description(description)
# Enable NAT traversal (this is mandatory)
vpn.set_nat_traversal(nat_traversal)
# Set the allowed subnets
vpn.set_nat_allow_network(nat_allow_network)
# Bind the L2TP server to the external IP address
vpn.set_l2tp_remote_access_outside_address(external_ipaddr)
# Set the next hop IP address for reaching the VPN clients
vpn.set_l2tp_remote_access_outside_nexthop(nexthop_ipaddr)
# Set up the pool of IP addresses that remote VPN connections will assume.
# In this example we make 100 addresses available (from .11 to .210) on
# subnet 192.168.100.0/24
vpn.set_l2tp_remote_access_client_ip_pool(start=client_ip_pool_start,
end=client_ip_pool_end)
# Set the IPsec authentication mode to 'x509'
vpn.set_l2tp_remote_access_ipsec_auth_mode(mode=ipsec_auth_mode)
# Specify the location of the CA certificate
vpn.set_l2tp_remote_access_ipsec_auth_ca_cert_file(ca_cert_file)
# Specify the location of the server certificate
vpn.set_l2tp_remote_access_ipsec_auth_srv_cert_file(srv_crt_file)
# Specify the location of the certificate revocation list (CRL) file
vpn.set_l2tp_remote_access_ipsec_auth_crl_file(path=crl_file)
# Specify the location of the server key file
vpn.set_l2tp_remote_access_ipsec_auth_srv_key_file(srv_key_file)
# Specify the password for the server key file
vpn.set_l2tp_remote_access_ipsec_auth_srv_key_pswd(srv_key_pswd)
# Set the L2TP remote access user authentication mode to 'local'
vpn.set_l2tp_remote_access_user_auth_mode(l2tp_auth_mode)
# Set the L2TP remote access user credentials ('username'/'password')
vpn.set_l2tp_remote_access_user(name=uname1, pswd=upswd1)
vpn.set_l2tp_remote_access_user(name=uname2, pswd=upswd2)
vpn.set_l2tp_remote_access_user(name=uname3, pswd=upswd3)
print "\n"
print (">>> VPN configuration to be applied to the '%s'" % (nodeName))
print vpn.get_payload()
time.sleep(rundelay)
result = vrouter.set_vpn_cfg(vpn)
status = result.get_status()
if(status.eq(STATUS.OK)):
print ("<<< VPN configuration was successfully created")
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print ("<<< Show VPN configuration on the '%s'" % (nodeName))
time.sleep(rundelay)
result = vrouter.get_vpn_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print ("'%s' VPN configuration:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
print ("<<< VPN configuration was successfully read")
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print ("<<< Delete VPN configuration on the '%s'" % (nodeName))
time.sleep(rundelay)
result = vrouter.delete_vpn_cfg()
status = result.get_status()
if(status.eq(STATUS.OK)):
print ("VPN configuration successfully removed from '%s'" % (nodeName))
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief().lower())
print status.detailed()
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print ("<<< Show VPN configuration on the '%s'" % (nodeName))
time.sleep(rundelay)
result = vrouter.get_vpn_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print ("'%s' VPN configuration:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4, sort_keys=True)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print ("No VPN configuration found")
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.detailed())
ctrl.delete_netconf_node(vrouter)
exit(0)
print "\n"
print (">>> Remove '%s' NETCONF node from the Controller" % nodeName)
time.sleep(rundelay)
result = ctrl.delete_netconf_node(vrouter)
status = result.get_status()
if(status.eq(STATUS.OK)):
print ("'%s' NETCONF node was successfully removed "
"from the Controller" % nodeName)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief())
exit(0)
print ("\n")
print (">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
print (">>> Demo End")
def vr_demo_1():
f = "cfg4.yml"
d = {}
if(load_dict_from_file(f, d) is False):
print("Config file '%s' read error: " % f)
exit()
try:
ctrlIpAddr = d['ctrlIpAddr']
ctrlPortNum = d['ctrlPortNum']
ctrlUname = d['ctrlUname']
ctrlPswd = d['ctrlPswd']
nodeName = d['nodeName']
nodeIpAddr = d['nodeIpAddr']
nodePortNum = d['nodePortNum']
nodeUname = d['nodeUname']
nodePswd = d['nodePswd']
rundelay = d['rundelay']
except:
print ("Failed to get Controller device attributes")
exit(0)
print ("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print ("<<< Demo Start")
print ("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print ("\n")
ctrl = Controller(ctrlIpAddr, ctrlPortNum, ctrlUname, ctrlPswd)
vrouter = VRouter5600(ctrl, nodeName, nodeIpAddr,
nodePortNum, nodeUname, nodePswd)
print ("<<< 'Controller': %s, '%s': %s"
% (ctrlIpAddr, nodeName, nodeIpAddr))
print ("\n")
time.sleep(rundelay)
node_configured = False
result = ctrl.check_node_config_status(nodeName)
status = result.get_status()
if(status.eq(STATUS.NODE_CONFIGURED)):
node_configured = True
print ("<<< '%s' is configured on the Controller" % nodeName)
elif(status.eq(STATUS.DATA_NOT_FOUND)):
node_configured = False
else:
print ("\n")
print "Failed to get configuration status for the '%s'" % nodeName
print ("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
if node_configured is False:
result = ctrl.add_netconf_node(vrouter)
status = result.get_status()
if(status.eq(STATUS.OK)):
print ("<<< '%s' added to the Controller" % nodeName)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
print ("\n")
time.sleep(rundelay)
result = ctrl.check_node_conn_status(nodeName)
status = result.get_status()
if(status.eq(STATUS.NODE_CONNECTED)):
print ("<<< '%s' is connected to the Controller" % nodeName)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print ("\n")
print ("<<< Get list of all YANG models supported by the '%s'" % nodeName)
time.sleep(rundelay)
result = vrouter.get_schemas()
status = result.get_status()
if(status.eq(STATUS.OK)):
print "YANG models list:"
slist = result.get_data()
print json.dumps(slist, default=lambda o: o.__dict__,
sort_keys=True, indent=4)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print "\n"
print (">>> Remove '%s' NETCONF node from the Controller" % nodeName)
time.sleep(rundelay)
result = ctrl.delete_netconf_node(vrouter)
status = result.get_status()
if(status.eq(STATUS.OK)):
print ("'%s' NETCONF node was successfully removed "
"from the Controller" % nodeName)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief())
exit(0)
print "\n"
print (">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
print (">>> Demo End")
print (">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
def vr_demo_4():
f = "cfg4.yml"
d = {}
if (load_dict_from_file(f, d) is False):
print("Config file '%s' read error: " % f)
exit()
try:
ctrlIpAddr = d['ctrlIpAddr']
ctrlPortNum = d['ctrlPortNum']
ctrlUname = d['ctrlUname']
ctrlPswd = d['ctrlPswd']
nodeName = d['nodeName']
nodeIpAddr = d['nodeIpAddr']
nodePortNum = d['nodePortNum']
nodeUname = d['nodeUname']
nodePswd = d['nodePswd']
rundelay = d['rundelay']
except:
print("Failed to get Controller device attributes")
exit(0)
print("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print("<<< Demo Start")
print("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print("\n")
ctrl = Controller(ctrlIpAddr, ctrlPortNum, ctrlUname, ctrlPswd)
vrouter = VRouter5600(ctrl, nodeName, nodeIpAddr, nodePortNum, nodeUname,
nodePswd)
print("<<< 'Controller': %s, '%s': %s" %
(ctrlIpAddr, nodeName, nodeIpAddr))
print("\n")
time.sleep(rundelay)
node_configured = False
result = ctrl.check_node_config_status(nodeName)
status = result.get_status()
if (status.eq(STATUS.NODE_CONFIGURED)):
node_configured = True
print("<<< '%s' is configured on the Controller" % nodeName)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
node_configured = False
else:
print("\n")
print "Failed to get configuration status for the '%s'" % nodeName
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
if node_configured is False:
result = ctrl.add_netconf_node(vrouter)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("<<< '%s' added to the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
print("\n")
time.sleep(rundelay)
result = ctrl.check_node_conn_status(nodeName)
status = result.get_status()
if (status.eq(STATUS.NODE_CONNECTED)):
print("<<< '%s' is connected to the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print("<<< Show firewalls configuration of the '%s'" % nodeName)
time.sleep(rundelay)
result = vrouter.get_firewalls_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' firewall config:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4)
elif (status.eq(STATUS.DATA_NOT_FOUND)):
print("No firewalls configuration found")
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print "\n"
fw_name = "FW-ACCEPT-SRC-172_22_17_108"
firewall = Firewall(fw_name)
# add a rule to the firewall instance
rulenum = 33
rule = Rule(rulenum)
rule.add_action("accept")
rule.add_source_address("172.22.17.108")
firewall.add_rule(rule)
print("<<< Create new firewall instance '%s' on '%s'" %
(fw_name, nodeName))
print firewall.get_payload()
time.sleep(rundelay)
result = vrouter.add_modify_firewall_instance(firewall)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("Firewall instance '%s' was successfully created" % fw_name)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
print("\n")
print("<<< Show content of the firewall instance '%s' on '%s'" %
(fw_name, nodeName))
time.sleep(rundelay)
result = vrouter.get_firewall_instance_cfg(fw_name)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("Firewall instance '%s': " % fw_name)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print("<<< Show firewalls configuration on the '%s'" % nodeName)
time.sleep(rundelay)
result = vrouter.get_firewalls_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' firewalls config:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print "\n"
print("<<< Remove firewall instance '%s' from '%s'" % (fw_name, nodeName))
time.sleep(rundelay)
result = vrouter.delete_firewall_instance(firewall)
status = result.get_status()
if (status.eq(STATUS.OK)):
print("Firewall instance '%s' was successfully deleted" % fw_name)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print("<<< Show firewalls configuration on the '%s'" % nodeName)
time.sleep(rundelay)
result = vrouter.get_firewalls_cfg()
status = result.get_status()
if (status.eq(STATUS.OK)):
print("'%s' firewalls config:" % nodeName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print "\n"
print(">>> Remove '%s' NETCONF node from the Controller" % nodeName)
time.sleep(rundelay)
result = ctrl.delete_netconf_node(vrouter)
status = result.get_status()
if (status.eq(STATUS.OK)):
print(
"'%s' NETCONF node was successfully removed "
"from the Controller" % nodeName)
else:
print("\n")
print("!!!Demo terminated, reason: %s" % status.brief())
exit(0)
print("\n")
print(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
print(">>> Demo End")
print(">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
def vr_demo_5():
f = "cfg4.yml"
d = {}
if(load_dict_from_file(f, d) is False):
print("Config file '%s' read error: " % f)
exit()
try:
ctrlIpAddr = d['ctrlIpAddr']
ctrlPortNum = d['ctrlPortNum']
ctrlUname = d['ctrlUname']
ctrlPswd = d['ctrlPswd']
nodeName = d['nodeName']
nodeIpAddr = d['nodeIpAddr']
nodePortNum = d['nodePortNum']
nodeUname = d['nodeUname']
nodePswd = d['nodePswd']
rundelay = d['rundelay']
except:
print ("Failed to get Controller device attributes")
exit(0)
print ("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print ("<<< Demo Start")
print ("<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<")
print ("\n")
ctrl = Controller(ctrlIpAddr, ctrlPortNum, ctrlUname, ctrlPswd)
vrouter = VRouter5600(ctrl, nodeName, nodeIpAddr, nodePortNum,
nodeUname, nodePswd)
print ("<<< 'Controller': %s, '%s': %s"
% (ctrlIpAddr, nodeName, nodeIpAddr))
print ("\n")
time.sleep(rundelay)
node_configured = False
result = ctrl.check_node_config_status(nodeName)
status = result.get_status()
if(status.eq(STATUS.NODE_CONFIGURED)):
node_configured = True
print ("<<< '%s' is configured on the Controller" % nodeName)
elif(status.eq(STATUS.DATA_NOT_FOUND)):
node_configured = False
else:
print ("\n")
print "Failed to get configuration status for the '%s'" % nodeName
print ("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
if node_configured is False:
result = ctrl.add_netconf_node(vrouter)
status = result.get_status()
if(status.eq(STATUS.OK)):
print ("<<< '%s' added to the Controller" % nodeName)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.detailed())
exit(0)
print ("\n")
time.sleep(rundelay)
result = ctrl.check_node_conn_status(nodeName)
status = result.get_status()
if(status.eq(STATUS.NODE_CONNECTED)):
print ("<<< '%s' is connected to the Controller" % nodeName)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print ("<<< Show list of dataplane interfaces on the '%s'" % nodeName)
time.sleep(rundelay)
dpIfList = None
result = vrouter.get_dataplane_interfaces_list()
status = result.get_status()
if(status.eq(STATUS.OK)):
print "Dataplane interfaces:"
dpIfList = result.get_data()
print json.dumps(dpIfList, indent=4)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
if (dpIfList is not None):
ifName = dpIfList[0]
print("\n")
print ("<<< Show '%s' dataplane interface configuration on the '%s'"
% (ifName, nodeName))
time.sleep(rundelay)
result = vrouter.get_dataplane_interface_cfg(ifName)
status = result.get_status()
if(status.eq(STATUS.OK)):
print ("Dataplane interface '%s' config:" % ifName)
cfg = result.get_data()
data = json.loads(cfg)
print json.dumps(data, indent=4)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print("\n")
print ("<<< Show configuration of dataplane interfaces on the '%s'"
% nodeName)
time.sleep(rundelay)
result = vrouter.get_dataplane_interfaces_cfg()
status = result.get_status()
if(status.eq(STATUS.OK)):
print "Dataplane interfaces config:"
dpIfCfg = result.get_data()
print json.dumps(dpIfCfg, indent=4)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief().lower())
exit(0)
print "\n"
print (">>> Remove '%s' NETCONF node from the Controller" % nodeName)
time.sleep(rundelay)
result = ctrl.delete_netconf_node(vrouter)
status = result.get_status()
if(status.eq(STATUS.OK)):
print ("'%s' NETCONF node was successfully removed "
"from the Controller" % nodeName)
else:
print ("\n")
print ("!!!Demo terminated, reason: %s" % status.brief())
exit(0)
print ("\n")
print (">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")
print (">>> Demo End")
print (">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>")