cisco_node_utils 1.1.0 → 1.2.0

data/tests/test_ace.rb

@@ -0,0 +1,160 @@
+# Copyright (c) 2015-2016 Cisco and/or its affiliates.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require_relative 'ciscotest'
+require_relative '../lib/cisco_node_utils/acl'
+require_relative '../lib/cisco_node_utils/ace'
+
+# TestAce - Minitest for Ace node utility class
+class TestAce < CiscoTestCase
+  def setup
+    # setup runs at the beginning of each test
+    super
+    @acl_name_v4 = 'test-foo-v4-1'
+    @acl_name_v6 = 'test-foo-v6-1'
+    @seqno = 10
+    no_access_list_foo
+  end
+
+  def teardown
+    # teardown runs at the end of each test
+    no_access_list_foo
+    super
+  end
+
+  def no_access_list_foo
+    # Remove the test ACLs
+    %w(ipv4 ipv6).each do |afi|
+      acl_name = afi[/ipv6/] ? @acl_name_v6 : @acl_name_v4
+      config('no ' + Acl.afi_cli(afi) + ' access-list ' + acl_name)
+    end
+  end
+
+  # TESTS
+  def test_create_destroy_ace_one
+    attr_v4_1 = {
+      action:   'permit',
+      proto:    'tcp',
+      src_addr: '7.8.9.6 2.3.4.5',
+      src_port: 'eq 40',
+      dst_addr: '1.2.3.4/32',
+      dst_port: 'neq 20',
+    }
+
+    attr_v4_2 = {
+      action:   'deny',
+      proto:    'udp',
+      src_addr: '7.8.9.6/32',
+      src_port: 'eq 41',
+      dst_addr: 'host 1.2.3.4',
+      dst_port: 'neq 20',
+    }
+
+    attr_v4_3 = {
+      remark: 'ipv4 remark'
+    }
+
+    attr_v6_1 = {
+      action:   'permit',
+      proto:    '6',
+      src_addr: 'addrgroup fi',
+      src_port: '',
+      dst_addr: '1::7/32',
+      dst_port: '',
+    }
+
+    attr_v6_2 = {
+      action:   'permit',
+      proto:    'udp',
+      src_addr: '1::8/56',
+      src_port: 'eq 41',
+      dst_addr: 'any',
+      dst_port: '',
+    }
+
+    attr_v6_3 = {
+      remark: 'ipv6 remark'
+    }
+
+    props = {
+      'ipv4' => [attr_v4_1, attr_v4_2, attr_v4_3],
+      'ipv6' => [attr_v6_1, attr_v6_2, attr_v6_3],
+    }
+
+    %w(ipv4 ipv6).each do |afi|
+      @seqno = 0
+      props[afi].each do |item|
+        create_destroy_ace(afi, item)
+      end
+    end
+  end
+
+  def create_destroy_ace(afi, entry)
+    acl_name = @acl_name_v4 if afi[/(ip|ipv4)$/]
+    acl_name = @acl_name_v6 if afi[/ipv6/]
+    @seqno += 10
+
+    Acl.new(afi, acl_name)
+    ace = Ace.new(afi, acl_name, @seqno)
+    ace.ace_set(entry)
+
+    afi_cli = Acl.afi_cli(afi)
+    all_aces = Ace.aces
+    found = false
+    all_aces[afi][acl_name].each do |seqno, _inst|
+      next unless seqno.to_i == @seqno.to_i
+      found = true
+    end
+
+    @default_show_command =
+      "show runn aclmgr | sec '#{afi_cli} access-list #{acl_name}'"
+    assert(found,
+           "#{afi_cli} acl #{acl_name} seqno #{@seqno} is not configured")
+
+    if entry.include?(:action)
+      action = "#{entry[:action]} .*"
+    else
+      action = "remark #{entry[:remark]}"
+    end
+    assert_show_match(pattern: /\s+#{@seqno} #{action}$/,
+                      msg:     "failed to create ace seqno #{@seqno}")
+    ace.destroy
+    refute_show_match(pattern: /\s+#{@seqno} #{entry[:action]} .*$/,
+                      msg:     "failed to remove ace seqno #{@seqno}")
+  end
+
+  def test_ace_update
+    action = 'permit'
+    proto = 'tcp'
+    src = '1.0.0.0/8'
+    dst = '3.0.0.0 0.0.0.8'
+    entry = { action: action, proto: proto, src_addr: src, dst_addr: dst }
+
+    a = Ace.new('ipv4', 'ace_update', 10)
+    a.ace_set(entry)
+
+    assert_equal(src, a.src_addr)
+    assert_equal(dst, a.dst_addr)
+
+    src = '2.0.0.0/16'
+    entry = { action: action, proto: proto, src_addr: src, dst_addr: dst }
+    a.ace_set(entry)
+    assert_equal(src, a.src_addr)
+
+    dst = '3.0.0.0 0.0.0.4'
+    entry = { action: action, proto: proto, src_addr: src, dst_addr: dst }
+    a.ace_set(entry)
+    assert_equal(dst, a.dst_addr)
+  end
+end

data/tests/test_acl.rb

@@ -0,0 +1,176 @@
+# Copyright (c) 2014-2016 Cisco and/or its affiliates.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require_relative 'ciscotest'
+require_relative '../lib/cisco_node_utils/acl'
+
+# test client for acl creation and deletion
+class TestAcl < CiscoTestCase
+  def setup
+    # setup runs at the beginning of each test
+    super
+    @acl_name_v4 = 'test-foo-v4-1'
+    @acl_name_v6 = 'test-foo-v6-1'
+    @permit = 'permit-all'
+    @deny = 'deny-all'
+    no_access_list_foo
+  end
+
+  def teardown
+    # teardown runs at the end of each test
+    no_access_list_foo
+    super
+  end
+
+  def no_access_list_foo
+    # Remove the test ACLs
+    %w(ipv4 ipv6).each do |afi|
+      acl_name = afi[/ipv6/] ? @acl_name_v6 : @acl_name_v4
+      config('no ' + Acl.afi_cli(afi) + ' access-list ' + acl_name)
+    end
+  end
+
+  # TESTS
+  def create_acl(afi, acl_name)
+    rtr = Acl.new(afi, acl_name)
+    afi_cli = Acl.afi_cli(afi)
+
+    assert(Acl.acls[afi].key?(acl_name),
+           "ACL #{afi_cli} #{acl_name} is not configured")
+
+    @default_show_command =
+      "show runn aclmgr | i '#{afi_cli} access-list #{acl_name}'"
+    assert_show_match(pattern: /^#{afi_cli} access-list #{acl_name}$/,
+                      msg:     "failed to create acl '#{afi_cli} #{acl_name}'")
+    rtr.destroy
+    refute_show_match(pattern: /^#{afi} access-list #{acl_name}$/,
+                      msg:     "failed to destroy acl '#{afi_cli} #{acl_name}")
+  end
+
+  def test_create_acl
+    %w(ipv4 ipv6).each do |afi|
+      acl_name = afi[/ipv6/] ? @acl_name_v6 : @acl_name_v4
+      create_acl(afi, acl_name)
+    end
+  end
+
+  def stats_enable(afi, acl_name)
+    rtr = Acl.new(afi, acl_name)
+    afi_cli = Acl.afi_cli(afi)
+
+    @default_show_command =
+      "show runn aclmgr | sec '#{afi_cli} access-list #{acl_name}'"
+    assert_show_match(pattern: /^#{afi_cli} access-list #{acl_name}$/,
+                      msg:     "failed to create acl #{acl_name}")
+
+    # set to true
+    rtr.stats_per_entry = true
+    assert_show_match(pattern: /statistics per-entry/,
+                      msg:     'failed to enable stats')
+
+    assert(rtr.stats_per_entry)
+
+    # set to false
+    rtr.stats_per_entry = false
+    refute_show_match(pattern: /statistics per-entry/,
+                      msg:     'failed to disnable stats')
+    refute(rtr.stats_per_entry)
+
+    # default getter function
+    refute(rtr.default_stats_per_entry)
+
+    rtr.destroy
+    refute_show_match(pattern: /^#{afi_cli} access-list #{acl_name}$/,
+                      msg:     "failed to destroy acl #{acl_name}")
+  end
+
+  def test_stats_enable
+    %w(ipv4 ipv6).each do |afi|
+      acl_name = afi[/ipv6/] ? @acl_name_v6 : @acl_name_v4
+      stats_enable(afi, acl_name)
+    end
+  end
+
+  def set_fragments(rtr, afi, acl_name, option)
+    afi_cli = Acl.afi_cli(afi)
+    @default_show_command =
+      "show runn aclmgr | sec '#{afi_cli} access-list #{acl_name}'"
+
+    # setter function
+    rtr.fragments = option
+    assert_show_match(pattern: /fragments #{option}/,
+                      msg:     'failed to set fragments #{option} ' + option)
+
+    # getter function
+    assert_equal(option, rtr.fragments)
+  end
+
+  def unset_fragments(rtr, afi, acl_name)
+    afi_cli = Acl.afi_cli(afi)
+    @default_show_command =
+      "show runn aclmgr | sec '#{afi_cli} access-list #{acl_name}'"
+
+    # setter function
+    rtr.fragments = nil
+    refute_show_match(pattern: /fragments #{@permit}|fragments #{@deny}/,
+                      msg:     'failed to unset set fragments')
+
+    # getter function
+    val = rtr.fragments
+    assert_nil(val)
+  end
+
+  def fragments(afi, acl_name)
+    rtr = Acl.new(afi, acl_name)
+    afi_cli = Acl.afi_cli(afi)
+
+    @default_show_command =
+      "show runn aclmgr | sec '#{afi_cli} access-list #{acl_name}'"
+    assert_show_match(pattern: /^#{afi_cli} access-list #{acl_name}$/,
+                      msg:     "failed to create acl #{acl_name}")
+
+    # set 'no fragments ...'
+    unset_fragments(rtr, afi, acl_name)
+
+    # set 'fragments permit-all' from nothing set
+    set_fragments(rtr, afi, acl_name, @permit)
+
+    # set 'no fragments ...'
+    unset_fragments(rtr, afi, acl_name)
+
+    # set 'fragments deny-all' from nothing set
+    set_fragments(rtr, afi, acl_name, @deny)
+
+    # set 'fragments permit-all' from 'fragments deny-all'
+    set_fragments(rtr, afi, acl_name, @permit)
+
+    # set 'fragments deny-all' from 'fragments permit-all'
+    set_fragments(rtr, afi, acl_name, @deny)
+
+    # default getter function
+    val = rtr.default_stats_per_entry
+    refute_equal(val, nil, 'value is not nil')
+
+    rtr.destroy
+    refute_show_match(pattern: /^#{afi_cli} access-list #{acl_name}$/,
+                      msg:     "failed to destroy acl #{acl_name}")
+  end
+
+  def test_fragments
+    %w(ipv4 ipv6).each do |afi|
+      acl_name = afi[/ipv6/] ? @acl_name_v6 : @acl_name_v4
+      fragments(afi, acl_name)
+    end
+  end
+end

data/tests/test_bgp_af.rb

@@ -4,7 +4,7 @@
 #
 # Richard Wellum, August, 2015
 #
-# Copyright (c) 2015 Cisco and/or its affiliates.
+# Copyright (c) 2015-2016 Cisco and/or its affiliates.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -21,14 +21,21 @@
 require_relative 'ciscotest'
 require_relative '../lib/cisco_node_utils/bgp'
 require_relative '../lib/cisco_node_utils/bgp_af'
+require_relative '../lib/cisco_node_utils/feature'
+
+# TestBgpAF - Minitest for RouterBgpAF class
+class TestBgpAF < CiscoTestCase
+  @@pre_clean_needed = true # rubocop:disable Style/ClassVars
 
-# TestRouterBgpAF - Minitest for RouterBgpAF class
-class TestRouterBgpAF < CiscoTestCase
   def setup
     super
-    # Disable and enable feature bgp before each test to ensure we
-    # are starting with a clean slate for each test.
-    config('no feature bgp', 'feature bgp')
+    remove_all_bgps if @@pre_clean_needed
+    @@pre_clean_needed = false # rubocop:disable Style/ClassVars
+  end
+
+  def teardown
+    super
+    remove_all_bgps
   end
 
   def get_bgp_af_cfg(asn, vrf, af)
@@ -67,6 +74,7 @@ class TestRouterBgpAF < CiscoTestCase
   ## BGP Address Family
   ## Configure router bgp, some VRF's and address-family statements
   ## - verify that the final instance objects are correctly populated
+  ## Enable VXLAN and the EVPN
   ##
   def test_collection_not_empty
     config('feature bgp',
@@ -156,16 +164,9 @@ class TestRouterBgpAF < CiscoTestCase
     af = %w(ipv4 unicast)
 
     bgp_af = RouterBgpAF.new(asn, vrf, af)
-    pattern = /^ *client-to-client reflection$/
     #
     # Default is 'client-to-client' is configured
     #
-    af_string = get_bgp_af_cfg(asn, vrf, af)
-
-    assert_match(pattern, af_string,
-                 "Error: 'client-to-client reflection' is not configured " \
-                   'and should be')
-
     assert(bgp_af.client_to_client,
            "Error: 'client-to-client is not configured but should be")
     #
@@ -348,6 +349,39 @@ class TestRouterBgpAF < CiscoTestCase
                    'configured and should not be')
   end
 
+  ##
+  ## advertise_l2vpn_evpn
+  ##
+  def advertise_l2vpn_evpn(asn, vrf, af)
+    bgp_af = RouterBgpAF.new(asn, vrf, af)
+
+    #
+    # Set and verify
+    #
+    val = false
+    bgp_af.advertise_l2vpn_evpn = val
+    assert_equal(val, bgp_af.advertise_l2vpn_evpn,
+                 'Error: advertise l2vpn evpn value does not match set value')
+
+    val = true
+    bgp_af.advertise_l2vpn_evpn = val
+    assert_equal(val, bgp_af.advertise_l2vpn_evpn,
+                 'Error: advertise l2vpn evpn value does not match set value')
+
+    val = bgp_af.default_advertise_l2vpn_evpn
+    bgp_af.advertise_l2vpn_evpn = val
+    assert_equal(val, bgp_af.advertise_l2vpn_evpn,
+                 'Error: advertise l2vpn evpn value does not match default' \
+                 'value')
+  end
+
+  def test_advertise_l2vpn_evpn
+    afs = [%w(ipv4 unicast), %w(ipv6 unicast)]
+    afs.each do |af|
+      advertise_l2vpn_evpn(55, 'red', af)
+    end
+  end
+
   ##
   ## get_dampen_igp_metric
   ##
@@ -639,6 +673,112 @@ class TestRouterBgpAF < CiscoTestCase
   end
   # rubocop:enable Metrics/AbcSize,Metrics/MethodLength
 
+  ##
+  ## distance
+  ##
+  def test_distance
+    asn = '55'
+    vrf = 'red'
+    af = %w(ipv4 unicast)
+
+    bgp_af = RouterBgpAF.new(asn, vrf, af)
+    distance = [{ ebgp: 20, ibgp: 40, local: 60 },
+                { ebgp:  bgp_af.default_distance_ebgp,
+                  ibgp:  bgp_af.default_distance_ibgp,
+                  local: bgp_af.default_distance_local },
+                { ebgp:  bgp_af.default_distance_ebgp,
+                  ibgp:  40,
+                  local: 60 },
+                { ebgp:  20,
+                  ibgp:  bgp_af.default_distance_ibgp,
+                  local: bgp_af.default_distance_local },
+                { ebgp:  bgp_af.default_distance_ebgp,
+                  ibgp:  bgp_af.default_distance_ibgp,
+                  local: 60 },
+               ]
+    distance.each do |distancer|
+      bgp_af.distance_set(distancer[:ebgp], distancer[:ibgp], distancer[:local])
+      assert_equal(distancer[:ebgp], bgp_af.distance_ebgp)
+      assert_equal(distancer[:ibgp], bgp_af.distance_ibgp)
+      assert_equal(distancer[:local], bgp_af.distance_local)
+    end
+    bgp_af.destroy
+  end
+
+  ##
+  ## default_metric
+  ##
+  def default_metric(asn, vrf, af)
+    bgp_af = RouterBgpAF.new(asn, vrf, af)
+
+    refute(bgp_af.default_default_metric,
+           'default value for default default metric should be false')
+    #
+    # Set and verify
+    #
+    val = 50
+    bgp_af.default_metric = val
+    assert_equal(val, bgp_af.default_metric,
+                 'Error: default metric value does not match set value')
+
+    val = bgp_af.default_default_metric
+    bgp_af.default_metric = val
+    assert_equal(val, bgp_af.default_metric,
+                 'Error: default metric value does not match default' \
+                 'value')
+  end
+
+  def test_default_metric
+    afs = [%w(ipv4 unicast), %w(ipv6 unicast)]
+    afs.each do |af|
+      default_metric(55, 'red', af)
+    end
+  end
+
+  ##
+  ## inject_map
+  ##
+  def inject_map(asn, vrf, af)
+    # rubocop:disable Style/WordArray
+    master = [['lax', 'sfo'],
+              ['lax', 'sjc'],
+              ['nyc', 'sfo', 'copy-attributes'],
+              ['sjc', 'nyc', 'copy-attributes']]
+    bgp_af = RouterBgpAF.new(asn, vrf, af)
+
+    # Test1: both/import/export when no commands are present. Each target
+    # option will be tested with and without evpn (6 separate types)
+    should = master.clone
+    inject_map_tester(bgp_af, should, 'Test 1')
+
+    # Test 2: remove half of the entries
+    should = [['lax', 'sfo'], ['nyc', 'sfo', 'copy-attributes']]
+    # rubocop:enable Style/WordArray
+    inject_map_tester(bgp_af, should, 'Test 2')
+
+    # Test 3: restore the removed entries
+    should = master.clone
+    inject_map_tester(bgp_af, should, 'Test 3')
+
+    # Test 4: 'default'
+    should = bgp_af.default_inject_map
+    inject_map_tester(bgp_af, should, 'Test 4')
+  end
+
+  def inject_map_tester(bgp_af, should, test_id)
+    bgp_af.send('inject_map=', should)
+    result = bgp_af.send('inject_map')
+    assert_equal(should, result,
+                 "#{test_id} : inject_map")
+  end
+
+  def test_inject_map
+    afs = [%w(ipv4 unicast), %w(ipv6 unicast)]
+    afs.each do |af|
+      inject_map(55, 'red', af)
+    end
+  end
+
   ##
   ## maximum_paths
   ##
@@ -868,6 +1008,47 @@ class TestRouterBgpAF < CiscoTestCase
   ##
   ## common utilities
   ##
+  def test_utils_delta_add_remove_depth_1
+    # Note: AF context is not needed. This test is only validating the
+    # delta_add_remove class method and does not test directly on the device.
+
+    # Initial 'should' state
+    should = ['1:1', '2:2', '3:3', '4:4', '5:5', '6:6']
+    # rubocop:enable Style/WordArray
+
+    # Test: Check delta when every protocol is specified and has a route-map.
+    current = []
+    expected = { add: should, remove: [] }
+    result = Utils.delta_add_remove(should, current)
+    assert_equal(expected, result, 'Test 1. delta mismatch')
+
+    # Test: Check delta when should is the same as current.
+    current = should.clone
+    expected = { add: [], remove: [] }
+    result = Utils.delta_add_remove(should, current)
+    assert_equal(expected, result, 'Test 2. delta mismatch')
+
+    # Test: Move half the 'current' entries to 'should'. Check delta.
+    should = current.shift(4)
+    expected = { add: should, remove: current }
+    result = Utils.delta_add_remove(should, current)
+    assert_equal(expected, result, 'Test 3. delta mismatch')
+
+    # Test: Remove the route-maps from the current list. Check delta.
+    #       Note: The :remove list should be empty since this is just
+    #       an update of the route-map.
+    should = current.map { |prot_only, _route_map| [prot_only] }
+    expected = { add: should, remove: [] }
+    result = Utils.delta_add_remove(should, current)
+    assert_equal(expected, result, 'Test 4. delta mismatch')
+
+    # Test: Check empty inputs
+    should = []
+    current = []
+    expected = { add: [], remove: [] }
+    result = Utils.delta_add_remove(should, current)
+    assert_equal(expected, result, 'Test 5. delta mismatch')
+  end
 
   def test_utils_delta_add_remove
     # Note: AF context is not needed. This test is only validating the
@@ -917,4 +1098,79 @@ class TestRouterBgpAF < CiscoTestCase
     result = Utils.delta_add_remove(should, current)
     assert_equal(expected, result, 'Test 5. delta mismatch')
   end
+
+  ##
+  ## suppress_inactive
+  ##
+  def suppress_inactive(asn, vrf, af)
+    bgp_af = RouterBgpAF.new(asn, vrf, af)
+
+    #
+    # Set and verify
+    #
+    val = false
+    bgp_af.suppress_inactive = val
+    refute(bgp_af.suppress_inactive,
+           'Error: suppress inactive value does not match set value')
+
+    val = true
+    bgp_af.suppress_inactive = val
+    assert(bgp_af.suppress_inactive,
+           'Error: suppress inactive value does not match set value')
+
+    val = bgp_af.default_suppress_inactive
+    bgp_af.suppress_inactive = val
+    refute(bgp_af.suppress_inactive,
+           'Error: suppress inactive value does not match default value')
+  end
+
+  def test_suppress_inactive
+    afs = [%w(ipv4 unicast), %w(ipv6 unicast)]
+    afs.each do |af|
+      suppress_inactive(55, 'red', af)
+    end
+  end
+
+  ##
+  ## table_map
+  ##
+  def table_map(asn, vrf, af)
+    bgp_af = RouterBgpAF.new(asn, vrf, af)
+
+    #
+    # Set and verify
+    #
+    val = 'sjc'
+    bgp_af.table_map_set(val)
+    assert_equal(val, bgp_af.table_map,
+                 'Error: default metric value does not match set value')
+
+    val = bgp_af.default_table_map
+    bgp_af.table_map_set(val)
+    assert_equal(val, bgp_af.table_map,
+                 'Error: default metric value does not match default' \
+                 'value')
+
+    val = false
+    bgp_af.table_map_set('sjc', val)
+    refute(bgp_af.table_map_filter,
+           'Error: suppress inactive value does not match set value')
+
+    val = true
+    bgp_af.table_map_set('sjc', val)
+    assert(bgp_af.table_map_filter,
+           'Error: suppress inactive value does not match set value')
+
+    val = bgp_af.default_table_map_filter
+    bgp_af.table_map_set('sjc', val)
+    refute(bgp_af.table_map_filter,
+           'Error: suppress inactive value does not match default value')
+  end
+
+  def test_table_map
+    afs = [%w(ipv4 unicast), %w(ipv6 unicast)]
+    afs.each do |af|
+      table_map(55, 'red', af)
+    end
+  end
 end