Example: Control LDP Configuration
This commit script example generates a warning on LDP-enabled
devices for any interfaces that are configured at either the [edit protocols ospf] or [edit protocols isis] hierarchy
level but are not configured at the [edit protocols ldp] hierarchy level. A second test ensures that all LDP-enabled interfaces
are configured for an interior gateway protocol (IGP). The example
also provides instructions for excluding a particular interface from
the commit script LDP test.
Requirements
This example uses a router running Junos OS.
Overview and Commit Script
If you want to enable LDP on an interface, you must configure
the interface at both the [edit protocols routing-protocol-name] and [edit protocols ldp] hierarchy levels. This
example shows how to use commit scripts to ensure that the interface
is configured at both levels.
This example tests for interfaces that are configured at either
the [edit protocols ospf] or [edit protocols isis] hierarchy level but not at the [edit protocols ldp] hierarchy level. If LDP is not enabled on the device, there is no
problem. Otherwise, a warning is generated with the message that the
interface does not have LDP enabled.
In case you want some interfaces to be exempt from the LDP test,
this script allows you to tag those interfaces as not requiring LDP
by including the apply-macro no-ldp statement at the [edit protocols isis interface interface-name] or [edit protocols ospf area area-id interface interface-name] hierarchy level.
For example:
[edit]
protocols {
isis {
interface so-0/1/2.0 {
apply-macro no-ldp;
}
}
}
If the apply-macro no-ldp statement is included,
the warning is not generated.
A second test ensures that all LDP-enabled interfaces are configured
for an interior gateway protocol (IGP). As for LDP, you can exempt
some interfaces from the test by including the apply-macro no-igp statement at the [edit protocols ldp interface interface-name] hierarchy level. If that statement is not included and no
IGP is configured, a warning is generated.
The example script is shown in both XSLT and SLAX syntax:
XSLT Syntax
<?xml version="1.0" standalone="yes"?> <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:junos="http://xml.juniper.net/junos/*/junos" xmlns:xnm="http://xml.juniper.net/xnm/1.1/xnm" xmlns:jcs="http://xml.juniper.net/junos/commit-scripts/1.0"> <xsl:import href="../import/junos.xsl"/> <xsl:template match="configuration"> <xsl:variable name="ldp" select="protocols/ldp"/> <xsl:variable name="isis" select="protocols/isis"/> <xsl:variable name="ospf" select="protocols/ospf"/> <xsl:if test="$ldp"> <xsl:for-each select="$isis/interface/name | $ospf/area/interface/name"> <xsl:variable name="ifname" select="."/> <xsl:if test="not(../apply-macro[name = 'no-ldp']) and not($ldp/interface[name = $ifname])"> <xnm:warning> <xsl:call-template name="jcs:edit-path"/> <xsl:call-template name="jcs:statement"/> <message>ldp not enabled for this interface</message> </xnm:warning> </xsl:if> </xsl:for-each> <xsl:for-each select="protocols/ldp/interface/name"> <xsl:variable name="ifname" select="."/> <xsl:if test="not(apply-macro[name = 'no-igp']) and not($isis/interface[name = $ifname]) and not($ospf/area/interface[name = $ifname])"> <xnm:warning> <xsl:call-template name="jcs:edit-path"/> <xsl:call-template name="jcs:statement"/> <message> <xsl:text>ldp-enabled interface does not have </xsl:text> <xsl:text>an IGP configured</xsl:text> </message> </xnm:warning> </xsl:if> </xsl:for-each> </xsl:if> </xsl:template> </xsl:stylesheet>
SLAX Syntax
version 1.0;
ns junos = "http://xml.juniper.net/junos/*/junos";
ns xnm = "http://xml.juniper.net/xnm/1.1/xnm";
ns jcs = "http://xml.juniper.net/junos/commit-scripts/1.0";
import "../import/junos.xsl";
apply-macro no-ldp;
match configuration {
var $ldp = protocols/ldp;
var $isis = protocols/isis;
var $ospf = protocols/ospf;
if ($ldp) {
for-each ($isis/interface/name | $ospf/area/interface/name) {
var $ifname = .;
if (not(../apply-macro[name = 'no-ldp']) and not($ldp/interface[name =
$ifname])) {
<xnm:warning> {
call jcs:edit-path();
call jcs:statement();
<message> "ldp not enabled for this interface";
}
}
}
for-each (protocols/ldp/interface/name) {
var $ifname = .;
if (not(apply-macro[name = 'no-igp']) and not($isis/interface[name =
$ifname]) and not($ospf/area/interface[name = $ifname])) {
<xnm:warning> {
call jcs:edit-path();
call jcs:statement();
<message> {
expr "ldp-enabled interface does not have ";
expr "an IGP configured";
}
}
}
}
}
}Configuration
Procedure
Step-by-Step Procedure
To download, enable, and test the script:
Copy the script into a text file, name the file ldp.xsl or ldp.slax as appropriate, and copy it to the /var/db/scripts/commit/ directory on the device.
Select the following test configuration stanzas, and press Ctrl+c to copy them to the clipboard.
If you are using the SLAX version of the script, change the filename at the
[edit system scripts commit file]hierarchy level to ldp.slax.system { scripts { commit { file ldp.xsl; } } } protocols { isis { interface so-1/2/2.0 { apply-macro no-ldp; } interface so-1/2/3.0; } ospf { area 10.4.0.0 { interface ge-3/2/1.0; interface ge-2/2/1.0; } } ldp { interface ge-1/2/1.0; interface ge-2/2/1.0; } }In configuration mode, issue the
load merge terminalcommand to merge the stanzas into your device configuration.[edit] user@host# load merge terminal [Type ^D at a new line to end input] ... Paste the contents of the clipboard here ...
At the prompt, paste the contents of the clipboard by using the mouse and the paste icon.
Press Enter.
Press Ctrl+d.
Commit the configuration.
user@host# commit
Verification
Verifying the Script Execution
Purpose
Verify that the script behaves as expected.
Action
Review the output of the commit command. The
sample configuration stanzas enable LDP on the device and configure
the so-1/2/2 and so-1/2/3 interfaces at the [edit protocols isis] hierarchy level and the ge-3/2/1 and ge-2/2/1 interfaces at the [edit protocols ospf] hierarchy level.
Because ge-2/2/1 is also configured at the [edit protocols
ldp] hierarchy level, the script does not issue a warning message
for this interface during the commit operation. The configuration
includes the apply-macro no-ldp statement under the so-1/2/2
interface, so the script does not test this interface or issue a warning
message for it, even though it is not configured at the [edit
protocols ldp] hierarchy.
Neither so-1/2/3 nor ge-3/2/1 is configured at the [edit
protocols ldp] hierarchy level as required by the commit script,
so a warning is issued for both interfaces. The ge-1/2/1 interface
is configured at the [edit protocols ldp] hierarchy. However,
it is not configured for an IGP, so the commit script also issues
a warning for the ge-1/2/1 interface.
[edit] user@host# commit
[edit protocols ospf area 10.4.0.0 interface so-1/2/3.0] 'interface so-1/2/3.0;' warning: LDP not enabled for this interface [edit protocols ospf area 10.4.0.0 interface ge-3/2/1.0] 'interface ge-3/2/1.0;' warning: LDP not enabled for this interface [edit protocols ldp interface ge-1/2/1.0] 'interface ge-1/2/1.0;' warning: LDP-enabled interface does not have an IGP configured commit complete