diff --git a/.gitignore b/.gitignore
index bef7852d858a451aab9bb7c93279901c761db7bf..e8bf92ead3e777406d4d7eeb484af7b7bfb557ad 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,4 +12,3 @@ dist
venv
.vscode
docs/build
-
diff --git a/inventory_provider/__init__.py b/inventory_provider/__init__.py
index 73970ad2da56426c1820c43a4a87c8d620bf6471..7adb3e53f0fcd61c4ad780df3f927271a3f5f6ec 100644
--- a/inventory_provider/__init__.py
+++ b/inventory_provider/__init__.py
@@ -9,13 +9,15 @@ from flask_cors import CORS
from inventory_provider import environment
-def create_app():
+def create_app(setup_logging=True):
"""
overrides default settings with those found
in the file read from env var SETTINGS_FILENAME
:return: a new flask app instance
"""
+ if setup_logging:
+ environment.setup_logging()
required_env_vars = [
'FLASK_SETTINGS_FILENAME', 'INVENTORY_PROVIDER_CONFIG_FILENAME']
@@ -87,6 +89,4 @@ def create_app():
logging.info('Inventory Provider Flask app initialized')
- environment.setup_logging()
-
return app
diff --git a/inventory_provider/app.py b/inventory_provider/app.py
index afb7ee739917f31ddae54a16281cd4be989f06c1..c26d2a0a07b5d2b484b0101d82c3ac3dddc2ebd2 100644
--- a/inventory_provider/app.py
+++ b/inventory_provider/app.py
@@ -7,7 +7,6 @@ import sentry_sdk
from sentry_sdk.integrations.flask import FlaskIntegration
import inventory_provider
-from inventory_provider import environment
sentry_dsn = os.getenv('SENTRY_DSN')
if sentry_dsn:
@@ -16,8 +15,6 @@ if sentry_dsn:
integrations=[FlaskIntegration()],
release=pkg_resources.get_distribution('inventory-provider').version)
-environment.setup_logging()
-
app = inventory_provider.create_app()
if __name__ == "__main__":
diff --git a/inventory_provider/config.py b/inventory_provider/config.py
index 1a753c7ae03c14d857ad7e91e9e6177b3c1b2afb..8e11f6e5efd37e533e78f7da7b47878731da171f 100644
--- a/inventory_provider/config.py
+++ b/inventory_provider/config.py
@@ -31,12 +31,23 @@ CONFIG_SCHEMA = {
'required': ['private-key', 'known-hosts'],
'additionalProperties': False
},
+ 'nokia-ssh-credentials': {
+ 'type': 'object',
+ 'properties': {
+ 'username': {'type': 'string'},
+ 'private-key': {'type': 'string'},
+ 'known-hosts': {'type': 'string'},
+ 'password': {'type': 'string'}
+ },
+ 'additionalProperties': False
+ },
'ims': {
'type': 'object',
'properties': {
'api': {'type': 'string'},
'username': {'type': 'string'},
- 'password': {'type': 'string'}
+ 'password': {'type': 'string'},
+ 'verify-ssl': {'type': 'boolean'},
},
'required': ['api', 'username', 'password'],
'additionalProperties': False
@@ -203,6 +214,7 @@ CONFIG_SCHEMA = {
'properties': {
'ops-db': {'$ref': '#/definitions/database-credentials'},
'ssh': {'$ref': '#/definitions/ssh-credentials'},
+ 'nokia-ssh': {'$ref': '#/definitions/nokia-ssh-credentials'},
'redis': {'$ref': '#/definitions/redis-credentials'},
'sentinel': {'$ref': '#/definitions/redis-sentinel-config'},
'ims': {'$ref': '#/definitions/ims'},
@@ -229,6 +241,7 @@ CONFIG_SCHEMA = {
{
'required': [
'ssh',
+ 'nokia-ssh',
'redis',
'redis-databases',
'ims',
@@ -239,6 +252,7 @@ CONFIG_SCHEMA = {
{
'required': [
'ssh',
+ 'nokia-ssh',
'sentinel',
'redis-databases',
'ims',
diff --git a/inventory_provider/db/ims.py b/inventory_provider/db/ims.py
index 07aa68c7f759e735fbbb7bdb78716e90421613c0..6932166bd840a79ce1f41d0a4a4125f3a1c3f3ac 100644
--- a/inventory_provider/db/ims.py
+++ b/inventory_provider/db/ims.py
@@ -61,6 +61,7 @@ CUSTOMER_RELATED_CONTACT_PROPERTIES = {
}
# http://149.210.162.190:81/ImsVersions/4.19.9/html/a8dc6266-d934-8162-4a55-9e1648187f2c.htm # noqa
EQUIP_DEF_PROPERTIES = {
+ 'Vendor': 8,
'Nodes': 4096
}
# http://149.210.162.190:81/ImsVersions/20.1/html/6fd3a968-26e2-e40f-e3cd-c99afa34c3e6.htm
@@ -199,14 +200,16 @@ class IMS(object):
bearer_token_init_time = 0
reconnect_attempts = 0
- def __init__(self, base_url, username, password, bearer_token=None):
+ def __init__(self, base_url, username, password, bearer_token=None,
+ verify_ssl=False):
IMS.base_url = base_url
self.username = username
self.password = password
+ self.verify_ssl = verify_ssl
IMS.bearer_token = bearer_token
@classmethod
- def _init_bearer_token(cls, username, password):
+ def _init_bearer_token(cls, username, password, verify_ssl=False):
re_init_time = time.time()
if not cls.bearer_token or \
re_init_time - cls.bearer_token_init_time \
@@ -221,21 +224,24 @@ class IMS(object):
f' - URL: {cls.base_url + cls.LOGIN_PATH}')
response = requests.post(
cls.base_url + cls.LOGIN_PATH,
- auth=(username, password))
+ auth=(username, password), verify=verify_ssl)
response.raise_for_status()
cls.bearer_token_init_time = re_init_time
cls.bearer_token = response.text
def clear_dynamic_context_cache(self):
if not IMS.bearer_token:
- IMS._init_bearer_token(self.username, self.password)
+ IMS._init_bearer_token(
+ self.username, self.password, self.verify_ssl)
while True:
logger.info('Clearing Dynamic Context Cache')
response = requests.put(
f'{self.base_url + IMS.IMS_PATH}/ClearDynamicContextCache',
- headers={'Authorization': f'Bearer {self.bearer_token}'})
+ headers={'Authorization': f'Bearer {self.bearer_token}'},
+ verify=self.verify_ssl)
if response.status_code == 401:
- IMS._init_bearer_token(self.username, self.password)
+ IMS._init_bearer_token(
+ self.username, self.password, self.verify_ssl)
continue
response.raise_for_status()
break
@@ -264,7 +270,8 @@ class IMS(object):
return entity
if not IMS.bearer_token:
- IMS._init_bearer_token(self.username, self.password)
+ IMS._init_bearer_token(
+ self.username, self.password, self.verify_ssl)
def _is_invalid_login_state(response_):
if response_.status_code == requests.codes.unauthorized:
@@ -310,9 +317,10 @@ class IMS(object):
response = requests.get(
url,
headers={'Authorization': f'Bearer {self.bearer_token}'},
- params=params)
+ params=params, verify=self.verify_ssl)
if _is_invalid_login_state(response):
- IMS._init_bearer_token(self.username, self.password)
+ IMS._init_bearer_token(
+ self.username, self.password, self.verify_ssl)
else:
response.raise_for_status()
orig = response.json()
diff --git a/inventory_provider/db/ims_data.py b/inventory_provider/db/ims_data.py
index 9763f70e19bb99eca1a52480f929a4d2a1995cda..43f65cc3199bad1ee24b24feec911fb165afd766 100644
--- a/inventory_provider/db/ims_data.py
+++ b/inventory_provider/db/ims_data.py
@@ -633,3 +633,17 @@ def lookup_geant_nodes(ds: IMS):
'Node',
'customer.Name == "GEANT"',
ims.EQUIP_DEF_PROPERTIES['Nodes']))
+
+
+@log_entry_and_exit
+def get_router_vendors(ds: IMS):
+ ed_nav_properties = [
+ ims.EQUIP_DEF_PROPERTIES['Nodes'],
+ ims.EQUIP_DEF_PROPERTIES['Vendor']
+ ]
+ for ed in ds.get_filtered_entities(
+ 'equipmentdefinition',
+ 'equipmentkind == ROUTER',
+ ed_nav_properties):
+ for r in ed.get('nodes', []):
+ yield r['name'], ed.get('vendor', {}).get('name', None)
diff --git a/inventory_provider/nokia.py b/inventory_provider/nokia.py
new file mode 100644
index 0000000000000000000000000000000000000000..a19a47c79a9384faf7b8deb78e6095c9fb5c45d0
--- /dev/null
+++ b/inventory_provider/nokia.py
@@ -0,0 +1,145 @@
+import logging
+import re
+
+from ncclient import manager
+
+
+logger = logging.getLogger(__name__)
+
+
+ROOT_NS = 'urn:ietf:params:xml:ns:netconf:base:1.0'
+NOKIA_NS = 'urn:nokia.com:sros:ns:yang:sr:conf'
+NS = {
+ 'r': ROOT_NS,
+ 'n': NOKIA_NS,
+}
+
+BREAKOUT_PATTERN = re.compile(
+ r'c(?P<count>\d+)-(?P<speed>\d+)(?P<unit>[a-zA-Z]+)'
+)
+'''
+For translating the breakout string to a speed
+example:
+ c1-400g - This has a single 400G port, groups would be as follows:
+ 1 or 'count' - 1
+ 2 or 'speed' - 400
+ 3 or 'unit' - g
+ c4-100g - This has four 100G ports, not all of them may be used
+ groups would be as follows:
+ 1 or 'count' - 4
+ 2 or 'speed' - 100
+ 3 or 'unit' - g
+'''
+SPEED_UNITS = {
+ 'g': 'Gbps',
+ 'G': 'Gbps',
+}
+
+
+def load_config(hostname, ssh_params, hostkey_verify=False):
+ logger.info(f'capturing netconf data for "{hostname}"')
+ with manager.connect(
+ host=hostname,
+ hostkey_verify=hostkey_verify,
+ **ssh_params
+ ) as m:
+ return m.get_config(source='running').data
+
+
+def get_ports(netconf_config):
+ def _port_info(e):
+ pi = {
+ 'port-id': e.find('n:port-id', namespaces=NS).text,
+ 'admin-state': e.find('n:admin-state', namespaces=NS).text,
+ }
+ description = e.find('n:description', namespaces=NS)
+
+ pi['description'] = description.text if description is not None else ''
+ breakout = e.find('./n:connector/n:breakout', namespaces=NS)
+ if breakout is not None:
+ breakout = breakout.text
+ breakout_match = BREAKOUT_PATTERN.match(breakout)
+ pi['breakout'] = breakout
+ pi['speed'] = int(breakout_match.group('speed'))
+ pi['speed-unit'] = SPEED_UNITS.get(
+ breakout_match.group('unit'), 'Unknown')
+ return pi
+
+ # making the assumption that the breakout ports are listed directly before their
+ # child ports
+ ports = netconf_config.findall('./n:configure/n:port', namespaces=NS)
+ current_parent_port = None
+ for port in ports:
+ port_info = _port_info(port)
+ if 'breakout' in port_info:
+ current_parent_port = port_info
+ elif current_parent_port is not None and port_info['port-id'].startswith(
+ current_parent_port['port-id']):
+ port_info['speed'] = current_parent_port['speed']
+ port_info['speed-unit'] = current_parent_port['speed-unit']
+
+ yield port_info
+
+
+def get_lags(netconf_config):
+ def _lag_info(e):
+ _name = e.find('./n:lag-name', namespaces=NS).text
+
+ def get_port(p):
+ return p.find('./n:port-id', namespaces=NS).text
+
+ port_elements = e.findall('./n:port', namespaces=NS)
+ ports = [get_port(p) for p in port_elements]
+ admin_state = e.find('./n:admin-state', namespaces=NS).text
+ description_e = e.find('n:description', namespaces=NS)
+ ifc = {
+ 'name': _name,
+ 'description': (
+ description_e.text if description_e is not None else ''
+ ),
+ 'admin-status': admin_state,
+ 'ports': ports,
+ }
+ return ifc
+
+ lags = netconf_config.findall('./n:configure/n:lag', namespaces=NS)
+ for lag in lags:
+ yield _lag_info(lag)
+
+
+def interface_info(netconf_config):
+
+ def _get_ip_address(e):
+ for details_parent in e:
+ # example element
+ # <primary> # details_parent - not always primary
+ # <address>62.40.119.9</address>
+ # <prefix-length>32</prefix-length>
+ # </primary>
+ address = details_parent[0].text
+ prefix_length = details_parent[1].text
+ ip_string = f'{address}/{prefix_length}'
+ yield ip_string
+
+ interfaces = netconf_config.findall(
+ 'n:configure/n:router/n:interface', namespaces=NS)
+ for interface in interfaces:
+ details = {
+ "interface-name": interface.find('n:interface-name', namespaces=NS).text,
+ "ipv4": [],
+ "ipv6": [],
+ }
+ description = interface.find('n:description', namespaces=NS)
+ details["description"] = description.text if description is not None else ""
+
+ admin_state = interface.find('n:admin-state', namespaces=NS)
+ if admin_state is not None:
+ details["admin-state"] = admin_state.text
+
+ for element in interface.xpath('n:ipv4', namespaces=NS):
+ details["ipv4"].extend(_get_ip_address(element))
+
+ for element in interface.xpath('n:ipv6', namespaces=NS):
+ details["ipv6"].extend(_get_ip_address(element))
+
+ yield details
diff --git a/inventory_provider/routes/classifier.py b/inventory_provider/routes/classifier.py
index 2a40e95c3b5da8c8953c0d21d6ba00c862a8db04..bb051c5f51351547bb6dbd0f8fdecf36fe8f8653 100644
--- a/inventory_provider/routes/classifier.py
+++ b/inventory_provider/routes/classifier.py
@@ -136,12 +136,18 @@ def get_ims_equipment_name(equipment_name: str, r: Redis = None) -> str:
if not r:
r = common.get_current_redis()
ims_equipment_name = equipment_name.upper()
- most_likely = ims_equipment_name.split('.GEANT.')[0]
+ candidates = [
+ ims_equipment_name.split('.GEANT.')[0],
+ ims_equipment_name,
+ ims_equipment_name.split('.OFFICE.')[0]
+ ]
+ return_value = candidates[0]
loc_key = 'ims:location:{}'
- if r.exists(loc_key.format(most_likely)) \
- or not r.exists(loc_key.format(ims_equipment_name)):
- ims_equipment_name = most_likely
- return ims_equipment_name
+ for c in candidates:
+ if r.exists(loc_key.format(c)):
+ return_value = c
+ break
+ return return_value
def get_ims_interface(interface: str) -> str:
@@ -249,6 +255,10 @@ def _link_interface_info(r, hostname, interface):
return ifc_info
+@routes.route("/link-info/<source_equipment>/<path:interface>",
+ methods=['GET'])
+@routes.route("/nokia-link-info/<source_equipment>/<path:interface>",
+ methods=['GET'])
@routes.route("/juniper-link-info/<source_equipment>/<path:interface>",
methods=['GET'])
@common.require_accepts_json
@@ -273,7 +283,7 @@ def get_juniper_link_info(source_equipment: str, interface: str) -> Response:
ims_interface = get_ims_interface(interface)
cache_key = \
- f'classifier-cache:juniper:{ims_source_equipment}:{ims_interface}'
+ f'classifier-cache:link:{ims_source_equipment}:{ims_interface}'
result = _ignore_cache_or_retrieve(request, cache_key, r)
diff --git a/inventory_provider/routes/jobs.py b/inventory_provider/routes/jobs.py
index 019c1f88090a343f9e28ce6db6a2c4aed64d65ac..58cc45f6d5e2444ccaf9d9b2e290c409174a3156 100644
--- a/inventory_provider/routes/jobs.py
+++ b/inventory_provider/routes/jobs.py
@@ -124,9 +124,17 @@ def update():
@routes.route("reload-router-config/<equipment_name>", methods=['GET'])
+@routes.route("reload-router-config-juniper/<equipment_name>", methods=['GET'])
@common.require_accepts_json
def reload_router_config(equipment_name):
- result = worker.reload_router_config_chorded.delay(equipment_name)
+ result = worker.reload_router_config_juniper.delay(equipment_name)
+ return jsonify({'task id': result.id})
+
+
+@routes.route("reload-router-config-nokia/<equipment_name>", methods=['GET'])
+@common.require_accepts_json
+def reload_router_config_nokia(equipment_name):
+ result = worker.reload_router_config_nokia.delay(equipment_name)
return jsonify({'task id': result.id})
diff --git a/inventory_provider/routes/mic.py b/inventory_provider/routes/mic.py
index 8ee62dee97b60e66d9870dd2efe15b30921255db..99a24aeca68643c3a7faa943de871ac243d86777 100644
--- a/inventory_provider/routes/mic.py
+++ b/inventory_provider/routes/mic.py
@@ -23,7 +23,6 @@ from inventory_provider.routes.common import _ignore_cache_or_retrieve
logger = logging.getLogger(__name__)
routes = Blueprint('mic-support-routes', __name__)
-
ALL_DATA_SCHEMA = {
"schema": "http://json-schema.org/draft-07/schema#",
"type": "object",
@@ -52,7 +51,7 @@ ALL_DATA_SCHEMA = {
"type": "array",
"items": {"type": "string"}
},
- "third_party_id": {"type": "string"}
+ "third_party_id": {"type": "string"}
},
"required": ["id", "sid", "status", "name",
"service_type", "contacts",
@@ -68,6 +67,79 @@ ALL_DATA_SCHEMA = {
"additionalProperties": False
}
+THIRD_PARTY_RESPONSE_SCHEMA = {
+ "schema": "http://json-schema.org/draft-07/schema#",
+ "type": "object",
+ "properties": {
+ "circuit_hierarchy": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "properties": {
+ "id": {"type": "integer"},
+ "status": {"type": "string"},
+ "name": {"type": "string"},
+ "service_type": {"type": "string"},
+ "contacts": {
+ "type": "array",
+ "items": {"type": "string"}
+ },
+ "planned_work_contacts": {
+ "type": "array",
+ "items": {"type": "string"}
+ },
+ "third_party_id": {"type": "string"}
+ },
+ "required": ["id", "status", "name", "service_type", "contacts", "planned_work_contacts",
+ "third_party_id"],
+ "additionalProperties": False
+ }
+ },
+ "interface_services": {
+ "type": "object",
+ "patternProperties": {
+ "^.*$": {
+ "type": "object",
+ "patternProperties": {
+ "^.*$": {
+ "type": "object",
+ "patternProperties": {
+ "^.*$": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "properties": {
+ "id": {"type": "integer"},
+ "sid": {"type": "string"},
+ "status": {"type": "string"},
+ "name": {"type": "string"},
+ "service_type": {"type": "string"},
+ "contacts": {
+ "type": "array",
+ "items": {"type": "string"}
+ },
+ "planned_work_contacts": {
+ "type": "array",
+ "items": {"type": "string"}
+ },
+ "third_party_id": {"type": "string"}
+ },
+ "required": ["id", "sid", "status", "name", "service_type", "contacts",
+ "planned_work_contacts", "third_party_id"],
+ "additionalProperties": False
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ },
+ "required": ["circuit_hierarchy", "interface_services"],
+ "additionalProperties": False
+}
+
@routes.route("/all-data")
def get_everything():
@@ -81,3 +153,17 @@ def get_everything():
status=404,
mimetype="text/html")
return Response(result, mimetype='application/json')
+
+
+@routes.route("/third-party-data")
+def get_third_party_data():
+ cache_key = "mic:impact:third-party-data"
+ logger.debug(cache_key)
+ r = common.get_current_redis()
+ result = _ignore_cache_or_retrieve(request, cache_key, r)
+ if not result:
+ return Response(
+ response='no data found',
+ status=404,
+ mimetype="text/html")
+ return Response(result, mimetype='application/json')
diff --git a/inventory_provider/routes/poller.py b/inventory_provider/routes/poller.py
index 5a4c4ae12c503b2f6b7d8248faeef2511b3c2d60..34d3a81e26332f08561a42a9b37f4e2836bc9365 100644
--- a/inventory_provider/routes/poller.py
+++ b/inventory_provider/routes/poller.py
@@ -118,6 +118,7 @@ class BRIAN_DASHBOARDS(Enum):
GWS_UPSTREAMS = auto()
LHCONE = auto()
CAE1 = auto()
+ IC1 = auto()
COPERNICUS = auto()
# NREN customer
@@ -480,6 +481,9 @@ def _get_dashboards(interface):
if router == 'mx1.lon.uk.geant.net' \
and re.match(r'^ae12(\.\d+|$)$', ifc_name):
yield BRIAN_DASHBOARDS.CAE1
+ if router == 'rt1.mar.fr.geant.net' \
+ and re.match(r'^ae12(\.\d+|$)$', ifc_name):
+ yield BRIAN_DASHBOARDS.IC1
if re.match(r'PHY UPSTREAM\s', description):
yield BRIAN_DASHBOARDS.GWS_PHY_UPSTREAM
regex = r'(PHY|LAG|(SRV_(GLOBAL|LHCONE|MDVPN|IAS|CLS|L3VPN))) CUSTOMER\s'
@@ -666,6 +670,23 @@ def _load_netconf_docs(
}
+def _load_netconf_parsed_cache(config, cache_name, hostname=None, is_lab=False, use_next_redis=False):
+ hostname_suffix = hostname if hostname else ''
+ lab_prefix = 'lab:' if is_lab else ''
+ filter_pattern = f'{lab_prefix}{cache_name}:{hostname_suffix}*'
+ for doc in common.load_json_docs(
+ config_params=config,
+ key_pattern=filter_pattern,
+ num_threads=20,
+ use_next_redis=use_next_redis):
+ m = re.match(fr'(lab:)?{cache_name}:(.+:.+)', doc['key'])
+ if m:
+ # preparse the key as interfaces can include : in the name
+ key_parts = m.group(2).split(':')
+ key = f'{key_parts[0]}-----{":".join(key_parts[1:])}'
+ yield key, doc['value']
+
+
def _load_interfaces(
config, hostname=None, no_lab=False, use_next_redis=False):
"""
@@ -677,28 +698,32 @@ def _load_interfaces(
:return:
"""
- def _load_docs(key_pattern):
+ def _load_netconf_caches(is_lab=False):
- for doc in _load_netconf_docs(config, key_pattern, use_next_redis):
+ interfaces = dict(_load_netconf_parsed_cache(config, 'netconf-interfaces',
+ hostname, is_lab, use_next_redis))
+ interface_bundles = dict(_load_netconf_parsed_cache(config, 'netconf-interface-bundles',
+ hostname, is_lab, use_next_redis))
- for ifc in juniper.list_interfaces(doc['netconf']):
- if not ifc['description']:
- continue
+ for key, ifc in interfaces.items():
+ if not ifc['description']:
+ continue
+ router, interface_name = key.split('-----')
+ bundle = interface_bundles.get(key, [])
- yield {
- 'router': doc['router'],
- 'name': ifc['name'],
- 'bundle': ifc['bundle'],
- 'bundle-parents': [],
- 'description': ifc['description'],
- 'circuits': []
- }
+ yield {
+ 'router': router,
+ 'name': interface_name,
+ 'bundle': bundle,
+ 'bundle-parents': [],
+ 'description': ifc['description'],
+ 'circuits': []
+ }
- base_key_pattern = f'netconf:{hostname}*' if hostname else 'netconf:*'
- yield from _load_docs(base_key_pattern)
+ yield from _load_netconf_caches()
if not no_lab:
logger.debug('lab')
- yield from _load_docs(f'lab:{base_key_pattern}')
+ yield from _load_netconf_caches(is_lab=True)
def _add_speeds(interfaces):
@@ -725,6 +750,7 @@ def _add_bundle_parents(interfaces, hostname=None):
:param hostname: hostname or None for all
:return: generator with bundle-parents populated in each element
"""
+
def _get_base_name(name):
return name.split('.')[0]
diff --git a/inventory_provider/tasks/monitor.py b/inventory_provider/tasks/monitor.py
index 258c751197ccc4ad584a31aab6e4973e97c71c28..7fabb166a3f8e35ce311c7e139bce0dc1978485b 100644
--- a/inventory_provider/tasks/monitor.py
+++ b/inventory_provider/tasks/monitor.py
@@ -61,11 +61,12 @@ def _save_proc(db_queue, params, dbid):
# TODO: do something to terminate the process ...?
-def run():
+def run(setup_logging=True):
"""
save 'task-*' events to redis (all databases), never returns
"""
- environment.setup_logging()
+ if setup_logging:
+ environment.setup_logging()
with open(os.environ['INVENTORY_PROVIDER_CONFIG_FILENAME']) as f:
logging.info(
diff --git a/inventory_provider/tasks/worker.py b/inventory_provider/tasks/worker.py
index a16c3ba69adacf9115143ba63295c57a51cc4fc7..1cf0145609645d0dd2a6e4b06e6938c4d23db109 100644
--- a/inventory_provider/tasks/worker.py
+++ b/inventory_provider/tasks/worker.py
@@ -1,5 +1,7 @@
import concurrent.futures
import functools
+import ipaddress
+import itertools
import json
import logging
import os
@@ -9,11 +11,13 @@ from typing import List
import ncclient.transport.errors
from celery import Task, states, chord
from celery.result import AsyncResult
+from celery import signals
from collections import defaultdict
from kombu.exceptions import KombuError
from lxml import etree
+from ncclient.transport import TransportError
from inventory_provider.db import ims_data
from inventory_provider.db.ims import IMS
@@ -24,7 +28,7 @@ from inventory_provider.tasks.common \
latch_db, get_latch, set_latch, update_latch_status, \
ims_sorted_service_type_key, set_single_latch
from inventory_provider.tasks import monitor
-from inventory_provider import config
+from inventory_provider import config, nokia
from inventory_provider import environment
from inventory_provider import snmp
from inventory_provider import juniper
@@ -35,12 +39,16 @@ FINALIZER_TIMEOUT_S = 300
# TODO: error callback (cf. http://docs.celeryproject.org/en/latest/userguide/calling.html#linking-callbacks-errbacks) # noqa: E501
-environment.setup_logging()
logger = logging.getLogger(__name__)
log_task_entry_and_exit = functools.partial(
environment.log_entry_and_exit, logger=logger)
+@signals.after_setup_logger.connect
+def setup_logging(conf=None, **kwargs):
+ environment.setup_logging()
+
+
class InventoryTaskError(Exception):
pass
@@ -133,8 +141,7 @@ def refresh_juniper_interface_list(hostname, netconf, interface_info, lab=False)
# scan with bigger batches, to mitigate network latency effects
for k in r.scan_iter(f'{interfaces_keybase}:*', count=1000):
rp.delete(k)
- for k in r.scan_iter(
- f'{bundles_keybase}:*', count=1000):
+ for k in r.scan_iter(f'{bundles_keybase}:*', count=1000):
rp.delete(k)
rp.execute()
@@ -433,6 +440,13 @@ def check_task_status(task_id, parent=None, forget=False):
yield result
+def get_router_vendors():
+ c = InventoryTask.config["ims"]
+ ds = \
+ IMS(c['api'], c['username'], c['password'], c.get('verify-ssl', False))
+ return {r.lower(): v.lower() for r, v in ims_data.get_router_vendors(ds)}
+
+
@app.task(base=InventoryTask, bind=True, name='update_entry_point')
@log_task_entry_and_exit
def update_entry_point(self):
@@ -448,17 +462,52 @@ def update_entry_point(self):
)
lab_routers = InventoryTask.config.get('lab-routers', [])
+ ims_rv = get_router_vendors()
+
+ def _get_router_vendor(router):
+ return ims_rv.get(router.lower().split('.geant.')[0], 'unknown')
+
+ def _get_lab_router_vendor(router):
+ _rv = ims_rv.get(router.lower().split('.geant.')[0])
+ if not _rv:
+ _rv = ims_rv.get(router.lower().split('.office.')[0],
+ 'unknown')
+ return _rv
+
+ rv = {r: _get_router_vendor(r) for r in routers}
+ lab_rv = {r: _get_lab_router_vendor(r) for r in lab_routers}
chord(
(
ims_task.s().on_error(task_error_handler.s()),
chord(
- (reload_router_config_chorded.s(r) for r in routers),
- empty_task.si('router tasks complete')
+ (reload_router_config_juniper.s(r) for r, v in rv.items()
+ if v == 'juniper'),
+ empty_task.si('juniper router tasks complete')
+ ),
+ chord(
+ (reload_lab_router_config_juniper.s(r)
+ for r, v in lab_rv.items() if v == 'juniper'),
+ empty_task.si('juniper lab router tasks complete')
),
chord(
- (reload_lab_router_config_chorded.s(r)
- for r in lab_routers),
- empty_task.si('lab router tasks complete')
+ (reload_router_config_nokia.s(r) for r, v in rv.items()
+ if v == 'nokia'),
+ empty_task.si('nokia router tasks complete')
+ ),
+ chord(
+ (reload_router_config_nokia.s(r, True)
+ for r, v in lab_rv.items() if v == 'nokia'),
+ empty_task.si('nokia lab router tasks complete')
+ ),
+ chord(
+ (reload_router_config_try_all.s(r) for r, v in rv.items()
+ if v == 'unknown'),
+ empty_task.si('unknown router tasks complete')
+ ),
+ chord(
+ (reload_router_config_try_all.s(r, True)
+ for r, v in lab_rv.items() if v == 'unknown'),
+ empty_task.si('unknown lab router tasks complete')
)
),
final_task.si().on_error(task_error_handler.s())
@@ -521,85 +570,238 @@ def retrieve_and_persist_neteng_managed_device_list(
return netdash_equipment
-@app.task(base=InventoryTask, bind=True, name='reload_lab_router_config')
+@app.task(base=InventoryTask, bind=True, name='reload_router_config_try_all')
@log_task_entry_and_exit
-def reload_lab_router_config_chorded(self, hostname):
+def reload_router_config_try_all(self, hostname, lab=False):
try:
- self.log_info(f'loading netconf data for lab {hostname}')
-
- # load new netconf data, in this thread
- netconf_str = retrieve_and_persist_netconf_config(
- hostname, lab=True, update_callback=self.log_warning)
- netconf_doc = etree.fromstring(netconf_str)
- interface_info_str = retrieve_and_persist_interface_info(
- hostname, update_callback=self.log_warning)
- if interface_info_str:
- interface_info = etree.fromstring(interface_info_str)
- else:
- interface_info = None
+ _reload_router_config_nokia(
+ hostname, lab, self.log_info, self.log_warning)
+ except Exception as e1:
+ self.log_warning(
+ f'error loading {hostname} info: {e1} - trying juniper')
+ try:
+ if lab:
+ _reload_lab_router_config_juniper(
+ hostname, self.log_info, self.log_warning)
+ else:
+ _reload_router_config_juniper(
+ hostname, self.log_info, self.log_warning)
+ except Exception as e2:
+ errmsg = f'unhandled exception loading {hostname} info: {e2}'
+ logger.exception(errmsg)
+ update_latch_status(
+ InventoryTask.config, pending=True, failure=True)
+ self.log_error(errmsg)
+
+
+@app.task(base=InventoryTask, bind=True, name='reload_router_config_nokia')
+@log_task_entry_and_exit
+def reload_router_config_nokia(self, hostname, lab=False):
+ try:
+ _reload_router_config_nokia(
+ hostname, lab, self.log_info, self.log_warning)
+ except Exception as e:
+ errmsg = f'unhandled exception loading {hostname} info: {e}'
+ logger.exception(errmsg)
+ update_latch_status(InventoryTask.config, pending=True, failure=True)
+ self.log_error(errmsg)
+ # TODO: re-raise and handle in some common way for all tasks
+
+
+@log_task_entry_and_exit
+def _reload_router_config_nokia(
+ hostname, lab=False,
+ info_callback=lambda s: None,
+ warning_callback=lambda s: None):
+ info_callback(
+ f'loading netconf data for {"lab " if lab else ""} {hostname}')
+ netconf_doc = retrieve_and_persist_netconf_config_nokia(
+ hostname, lab, warning_callback)
+ r = get_next_redis(InventoryTask.config)
+ refresh_nokia_interface_list(hostname, netconf_doc, r, lab)
+
+
+def retrieve_and_persist_netconf_config_nokia(
+ hostname, lab=False, update_callback=lambda s: None):
+ redis_key = f'netconf-nokia:{hostname}'
+ if lab:
+ redis_key = f'lab:{redis_key}'
- refresh_juniper_interface_list(hostname, netconf_doc, interface_info, lab=True)
+ try:
+ netconf_config = nokia.load_config(
+ hostname, InventoryTask.config["nokia-ssh"])
+ netconf_str = etree.tostring(netconf_config)
+ except (ConnectionError, TransportError) as e:
+ msg = f'error loading netconf data from {hostname}'
+ logger.exception(e)
+ logger.exception(msg)
+ update_callback(msg)
+ r = get_current_redis(InventoryTask.config)
- # load snmp indexes
- community = juniper.snmp_community_string(netconf_doc)
- if not community:
+ netconf_str = r.get(redis_key)
+ if not netconf_str:
+ update_callback(f'no cached netconf for {redis_key}')
raise InventoryTaskError(
- f'error extracting community string for {hostname}')
+ f'netconf error with {hostname}'
+ f' and no cached netconf data found')
+ netconf_config = etree.fromstring(netconf_str)
+ update_callback(f'Returning cached netconf data for {hostname}')
+
+ r = get_next_redis(InventoryTask.config)
+ r.set(redis_key, netconf_str)
+ logger.info(f'netconf info loaded from {hostname}')
+ return netconf_config
+
+
+def refresh_nokia_interface_list(hostname, netconf_config, redis, lab=False):
+
+ bundles_keybase = f'netconf-interface-bundles:{hostname}'
+ interfaces_all_key = f'netconf-interfaces-hosts:{hostname}'
+ interfaces_key_base = f'netconf-interfaces:{hostname}'
+ if lab:
+ bundles_keybase = f'lab:{bundles_keybase}'
+ interfaces_all_key = f'lab:{interfaces_all_key}'
+ interfaces_key_base = f'lab:{interfaces_key_base}'
+
+ logger.debug(f'removing cached netconf-interfaces for {hostname}')
+ rp = redis.pipeline()
+ rp.delete(interfaces_all_key)
+ for k in redis.scan_iter(f'{bundles_keybase}:*', count=1000):
+ rp.delete(k)
+ for k in redis.scan_iter(f'{interfaces_key_base}:*', count=1000):
+ rp.delete(k)
+ rp.execute()
+
+ ports_by_port_id = {p['port-id']: p for p in nokia.get_ports(netconf_config)}
+ lags_by_name = {lag['name']: lag for lag in nokia.get_lags(netconf_config)}
+ interfaces_by_name = \
+ {ifc['interface-name']: ifc for ifc in nokia.interface_info(netconf_config)}
+
+ def _save_interfaces_details(_details, _rp):
+ _rp.set(
+ f'{interfaces_key_base}:{_details["name"]}',
+ json.dumps(_details))
+
+ rp = redis.pipeline()
+ for port in ports_by_port_id.values():
+ details = {
+ 'name': port['port-id'],
+ 'description': port['description'],
+ 'bundle': [],
+ 'ipv4': [],
+ 'ipv6': [],
+ }
+ if 'speed' in port and 'speed-unit' in port:
+ details['speed'] = f'{port["speed"]}{port["speed-unit"]}'
else:
- self.log_info(f'refreshing snmp interface indexes for {hostname}')
- logical_systems = juniper.logical_systems(netconf_doc)
+ details['speed'] = ''
+ _save_interfaces_details(details, rp)
+
+ for interface in interfaces_by_name.values():
+ details = {
+ 'name': interface['interface-name'],
+ 'description': interface['description'],
+ 'bundle':
+ lags_by_name.get(interface['interface-name'], {}).get('ports', []),
+ 'speed': '',
+ 'ipv4': interface['ipv4'],
+ 'ipv6': interface['ipv6'],
+ }
+ _save_interfaces_details(details, rp)
+
+ def _get_lag_speed(_lag):
+ _ports = [ports_by_port_id[p] for p in _lag['ports'] if p in ports_by_port_id]
+ assert len({p['speed-unit'] for p in _ports}) == 1
+ return f'{sum(p["speed"] for p in _ports)}{_ports[0]["speed-unit"]}'
+
+ for lag in lags_by_name.values():
+ details = {
+ 'name': lag['name'],
+ 'description': lag['description'],
+ 'bundle': lag['ports'],
+ 'speed': _get_lag_speed(lag),
+ 'ipv4': [],
+ 'ipv6': [],
+ }
+ _save_interfaces_details(details, rp)
+
+ for lag in lags_by_name.values():
+ rp.set(
+ f'{bundles_keybase}:{lag["name"]}',
+ json.dumps(lag['ports']))
+
+ interfaces = []
+ for interface in interfaces_by_name.values():
+ for addr in itertools.chain(interface['ipv4'], interface['ipv6']):
+ interfaces.append({
+ 'name': ipaddress.ip_interface(addr).ip.exploded,
+ 'interface address': addr,
+ 'interface name': interface['interface-name'],
+ })
+ rp.set(
+ interfaces_all_key,
+ json.dumps(interfaces))
+ rp.execute()
- # load snmp data, in this thread
- snmp_refresh_interfaces_chorded(
- hostname, community, logical_systems, self.log_info)
- self.log_info(f'updated configuration for lab {hostname}')
+@app.task(base=InventoryTask, bind=True, name='reload_lab_router_juniper')
+@log_task_entry_and_exit
+def reload_lab_router_config_juniper(self, hostname):
+ try:
+ _reload_lab_router_config_juniper(
+ hostname, self.log_info, self.log_warning)
except Exception as e:
errmsg = f'unhandled exception loading {hostname} info: {e}'
logger.exception(errmsg)
update_latch_status(InventoryTask.config, pending=True, failure=True)
self.log_error(errmsg)
# TODO: re-raise and handle in some common way for all tasks
- # raise
-@app.task(base=InventoryTask, bind=True, name='reload_router_config')
@log_task_entry_and_exit
-def reload_router_config_chorded(self, hostname):
- try:
- self.log_info(f'loading netconf data for {hostname}')
- netconf_str = retrieve_and_persist_netconf_config(
- hostname, update_callback=self.log_warning)
+def _reload_lab_router_config_juniper(
+ hostname,
+ info_callback=lambda s: None,
+ warning_callback=lambda s: None
+):
+ info_callback(f'loading netconf data for lab {hostname}')
+
+ # load new netconf data, in this thread
+ netconf_str = retrieve_and_persist_netconf_config_juniper(
+ hostname, lab=True, update_callback=warning_callback)
+ netconf_doc = etree.fromstring(netconf_str)
+ interface_info_str = retrieve_and_persist_interface_info_juniper(
+ hostname, update_callback=warning_callback)
+ if interface_info_str:
+ interface_info = etree.fromstring(interface_info_str)
+ else:
+ interface_info = None
- netconf_doc = etree.fromstring(netconf_str)
- interface_info_str = retrieve_and_persist_interface_info(
- hostname, update_callback=self.log_warning)
- if interface_info_str:
- interface_info = etree.fromstring(interface_info_str)
- else:
- interface_info = None
+ refresh_juniper_interface_list(
+ hostname, netconf_doc, interface_info, lab=True)
- # clear cached classifier responses for this router, and
- # refresh peering data
- logger.info(f'refreshing peers & clearing cache for {hostname}')
- refresh_juniper_bgp_peers(hostname, netconf_doc)
- refresh_juniper_interface_list(hostname, netconf_doc, interface_info)
+ # load snmp indexes
+ community = juniper.snmp_community_string(netconf_doc)
+ if not community:
+ raise InventoryTaskError(
+ f'error extracting community string for {hostname}')
+ else:
+ info_callback(f'refreshing snmp interface indexes for {hostname}')
+ logical_systems = juniper.logical_systems(netconf_doc)
- # load snmp indexes
- community = juniper.snmp_community_string(netconf_doc)
- if not community:
- raise InventoryTaskError(
- f'error extracting community string for {hostname}')
- else:
- self.log_info(f'refreshing snmp interface indexes for {hostname}')
- logical_systems = juniper.logical_systems(netconf_doc)
+ # load snmp data, in this thread
+ snmp_refresh_interfaces_juniper(
+ hostname, community, logical_systems, info_callback)
- # load snmp data, in this thread
- snmp_refresh_interfaces_chorded(
- hostname, community, logical_systems, self.log_info)
- snmp_refresh_peerings_chorded(hostname, community, logical_systems)
+ info_callback(f'updated configuration for lab {hostname}')
- logger.info(f'updated configuration for {hostname}')
+
+@app.task(base=InventoryTask, bind=True, name='reload_router_config_juniper')
+@log_task_entry_and_exit
+def reload_router_config_juniper(self, hostname):
+ try:
+ _reload_router_config_juniper(
+ hostname, self.log_info, self.log_warning)
except Exception as e:
errmsg = f'unhandled exception loading {hostname} info: {e}'
logger.exception(errmsg)
@@ -609,7 +811,48 @@ def reload_router_config_chorded(self, hostname):
# raise
-def retrieve_and_persist_netconf_config(
+@log_task_entry_and_exit
+def _reload_router_config_juniper(
+ hostname,
+ info_callback=lambda s: None,
+ warning_callback=lambda s: None
+):
+ info_callback(f'loading netconf data for {hostname}')
+ netconf_str = retrieve_and_persist_netconf_config_juniper(
+ hostname, update_callback=warning_callback)
+
+ netconf_doc = etree.fromstring(netconf_str)
+ interface_info_str = retrieve_and_persist_interface_info_juniper(
+ hostname, update_callback=warning_callback)
+ if interface_info_str:
+ interface_info = etree.fromstring(interface_info_str)
+ else:
+ interface_info = None
+
+ # clear cached classifier responses for this router, and
+ # refresh peering data
+ logger.info(f'refreshing peers & clearing cache for {hostname}')
+ refresh_juniper_bgp_peers(hostname, netconf_doc)
+ refresh_juniper_interface_list(hostname, netconf_doc, interface_info)
+
+ # load snmp indexes
+ community = juniper.snmp_community_string(netconf_doc)
+ if not community:
+ raise InventoryTaskError(
+ f'error extracting community string for {hostname}')
+ else:
+ info_callback(f'refreshing snmp interface indexes for {hostname}')
+ logical_systems = juniper.logical_systems(netconf_doc)
+
+ # load snmp data, in this thread
+ snmp_refresh_interfaces_juniper(
+ hostname, community, logical_systems, info_callback)
+ snmp_refresh_peerings_juniper(hostname, community, logical_systems)
+
+ logger.info(f'updated configuration for {hostname}')
+
+
+def retrieve_and_persist_netconf_config_juniper(
hostname, lab=False, update_callback=lambda s: None):
redis_key = f'netconf:{hostname}'
if lab:
@@ -619,8 +862,10 @@ def retrieve_and_persist_netconf_config(
netconf_doc = juniper.load_config(
hostname, InventoryTask.config["ssh"])
netconf_str = etree.tostring(netconf_doc, encoding='unicode')
- except (ConnectionError, juniper.NetconfHandlingError, InventoryTaskError):
+ except (ConnectionError, juniper.NetconfHandlingError,
+ InventoryTaskError) as e:
msg = f'error loading netconf data from {hostname}'
+ logger.exception(e)
logger.exception(msg)
update_callback(msg)
r = get_current_redis(InventoryTask.config)
@@ -640,7 +885,7 @@ def retrieve_and_persist_netconf_config(
return netconf_str
-def retrieve_and_persist_interface_info(
+def retrieve_and_persist_interface_info_juniper(
hostname, lab=False, update_callback=lambda s: None):
redis_key = f'intinfo:{hostname}'
if lab:
@@ -671,7 +916,7 @@ def retrieve_and_persist_interface_info(
@log_task_entry_and_exit
-def snmp_refresh_interfaces_chorded(
+def snmp_refresh_interfaces_juniper(
hostname, community, logical_systems, update_callback=lambda s: None):
try:
interfaces = list(
@@ -709,7 +954,7 @@ def snmp_refresh_interfaces_chorded(
@log_task_entry_and_exit
-def snmp_refresh_peerings_chorded(
+def snmp_refresh_peerings_juniper(
hostname, community, logical_systems, update_callback=lambda S: None):
try:
peerings = list(
@@ -763,10 +1008,12 @@ def extract_ims_data():
return _extract_ims_data(
ims_api_url=c['api'],
ims_username=c['username'],
- ims_password=c['password'])
+ ims_password=c['password'],
+ verify_ssl=c.get('verify-ssl', False)
+ )
-def _extract_ims_data(ims_api_url, ims_username, ims_password):
+def _extract_ims_data(ims_api_url, ims_username, ims_password, verify_ssl):
"""
convenient entry point for testing ...
@@ -777,7 +1024,7 @@ def _extract_ims_data(ims_api_url, ims_username, ims_password):
"""
def _ds() -> IMS:
- return IMS(ims_api_url, ims_username, ims_password)
+ return IMS(ims_api_url, ims_username, ims_password, verify_ssl)
_ds().clear_dynamic_context_cache()
@@ -979,6 +1226,9 @@ def transform_ims_data(data):
d['contacts'] = sorted(list(c))
d['planned_work_contacts'] = sorted(list(ttc))
+ if d['id'] in circuit_ids_and_third_party_ids:
+ d['third_party_id'] = circuit_ids_and_third_party_ids[d['id']]
+
# add flexils data to port_id_details and port_id_services
all_ils_details = flexils_data.get(d['id'])
if all_ils_details:
@@ -1074,9 +1324,6 @@ def transform_ims_data(data):
if c['id'] in circuit_ids_and_sids:
rs[c['id']]['sid'] = circuit_ids_and_sids[c['id']]
- if c['id'] in circuit_ids_and_third_party_ids:
- rs[c['id']]['third_party_id'] = circuit_ids_and_third_party_ids[c['id']]
-
if c['sub-circuits']:
for sub in c['sub-circuits']:
temp_parents = \
@@ -1331,6 +1578,7 @@ def persist_ims_data(data, use_current=False):
populate_poller_cache(interface_services, r)
populate_mic_cache(interface_services, r)
+ populate_mic_with_third_party_data(interface_services, hierarchy, r)
for service_type, services in services_by_type.items():
for v in services.values():
@@ -1365,6 +1613,91 @@ def persist_ims_data(data, use_current=False):
rp.execute()
+def populate_mic_with_third_party_data(interface_services, hierarchy, r):
+ cache_key = "mic:impact:third-party-data"
+ third_party_data = defaultdict(lambda: defaultdict(dict))
+ third_party_interface_data = defaultdict(lambda: defaultdict(dict))
+
+ def _get_formatted_third_party_data(_circuit_data):
+ if _circuit_data['status'] == 'operational' and _circuit_data.get('third_party_id'):
+ return {
+ 'id': _circuit_data['id'],
+ 'status': _circuit_data['status'],
+ 'name': _circuit_data['name'],
+ 'service_type': 'circuit_hierarchy',
+ 'contacts': _circuit_data['contacts'],
+ 'planned_work_contacts': _circuit_data['planned_work_contacts'],
+ 'third_party_id': _circuit_data['third_party_id'],
+ }
+
+ def _get_formatted_related_service(_d):
+ for rs in _d['related-services']:
+ if rs['status'] == 'operational' and rs.get('third_party_id'):
+ yield {
+ 'id': rs['id'],
+ 'sid': rs.get('sid', ''),
+ 'status': rs['status'],
+ 'name': rs['name'],
+ 'service_type': rs['service_type'],
+ 'contacts': rs['contacts'],
+ 'planned_work_contacts': rs['planned_work_contacts'],
+ 'third_party_id': rs.get('third_party_id', '')
+ }
+
+ def _get_formatted_interface_service(_is):
+ if _is['status'] == 'operational' and _is.get('third_party_id'):
+ return {
+ 'id': _is['id'],
+ 'sid': _is.get('sid', ''),
+ 'status': _is['status'],
+ 'name': _is['name'],
+ 'service_type': 'circuit_type',
+ 'contacts': _is['contacts'],
+ 'planned_work_contacts': _is['planned_work_contacts'],
+ 'third_party_id': _is.get('third_party_id', '')
+ }
+
+ # get circuit hierarchy items that have third party id
+ third_party_circuit = {
+ k: v for k, v in hierarchy.items() if 'third_party_id' in v
+ }
+
+ # iterate over each third_party_circuit items to format and add operational once only
+ third_party_circuit_data = [_get_formatted_third_party_data(v)
+ for k, v in third_party_circuit.items()
+ if v and _get_formatted_third_party_data(v)]
+
+ # add third_party_circuit_data to the third_party_data map and add the map to cache
+ third_party_data['circuit_hierarchy'] = third_party_circuit_data
+
+ for services in interface_services.values():
+ if services:
+ current_interface_services = []
+ seen_ids = set()
+ for d in services:
+ if d.get('related-services'):
+ for rs in _get_formatted_related_service(d):
+ if rs['id'] not in seen_ids:
+ current_interface_services.append(rs)
+ seen_ids.add(rs['id'])
+ if (str(d.get('id')) + 'circuit') not in seen_ids:
+ _is = _get_formatted_interface_service(d)
+ if _is:
+ current_interface_services.append(_is)
+ seen_ids.add(str(d.get('id')) + 'circuit')
+
+ if current_interface_services:
+ site = f'{services[0]["pop_name"]} ' \
+ f'({services[0]["pop_abbreviation"]})'
+ eq_name = services[0]['equipment']
+ if_name = services[0]['port']
+ third_party_interface_data[site][eq_name][if_name] = current_interface_services
+ third_party_data['interface_services'] = third_party_interface_data
+
+ result = json.dumps(third_party_data)
+ r.set(cache_key, result.encode('utf-8'))
+
+
def populate_mic_cache(interface_services, r):
cache_key = "mic:impact:all-data"
all_data = defaultdict(lambda: defaultdict(dict))
diff --git a/setup.py b/setup.py
index ad9276d5d3ea2e61f6893734791241a2e272eb23..794247c85987689e19cd7ccfe2cd9abb68e5616e 100644
--- a/setup.py
+++ b/setup.py
@@ -2,7 +2,7 @@ from setuptools import setup, find_packages
setup(
name='inventory-provider',
- version="0.113",
+ version="0.114",
author='GEANT',
author_email='swd@geant.org',
description='Dashboard inventory provider',
diff --git a/test/conftest.py b/test/conftest.py
index 1721bed6508d9c4dc0c5bae84a604a5f0b0df53a..245f1f3b97d78dba94b814833eed2a6fc13c4b6d 100644
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -1,11 +1,13 @@
import ast
import contextlib
+import copy
+from functools import lru_cache
import json
import netifaces
import os
+import pathlib
import re
import tempfile
-import threading
from lxml import etree
import pytest
@@ -14,11 +16,32 @@ import inventory_provider
from inventory_provider.tasks import worker
from inventory_provider import config
-TEST_DATA_DIRNAME = os.path.join(
- os.path.dirname(__file__),
- "data")
-_bootstrap_semaphore = threading.Semaphore()
+TEST_DATA_DIR = pathlib.Path(__file__).parent / "data"
+
+
+@lru_cache()
+def read_json_test_data(filename: str):
+ return json.loads(TEST_DATA_DIR.joinpath(filename).read_text())
+
+
+def without_cache(data: dict):
+ data = copy.copy(data)
+
+ def _is_cache(s):
+ if s.startswith('classifier-cache'):
+ return True
+ if s.startswith('joblog'):
+ return True
+ return False
+ keys_to_delete = filter(_is_cache, data.keys())
+ for k in list(keys_to_delete):
+ del data[k]
+ return data
+
+
+DB_DATA = read_json_test_data("router-info.json")
+DB_DATA_NOCACHE = without_cache(DB_DATA)
@pytest.fixture
@@ -31,6 +54,11 @@ def data_config_filename():
"private-key": "private-key-filename",
"known-hosts": "known-hosts=filename"
},
+ "nokia-ssh": {
+ "username": "uSeR-NaMe",
+ "password": "dummy-password",
+ "known-hosts": "known-hosts=filename"
+ },
"redis": {
"hostname": "xxxxxx",
"port": 6379,
@@ -78,8 +106,7 @@ def data_config_filename():
]
}
- with open(os.path.join(TEST_DATA_DIRNAME, 'gws-direct.json')) as gws:
- config['gws-direct'] = json.loads(gws.read())
+ config['gws-direct'] = read_json_test_data('gws-direct.json')
f.write(json.dumps(config).encode('utf-8'))
f.flush()
@@ -92,27 +119,69 @@ def data_config(data_config_filename):
return config.load(f)
-class MockedRedis(object):
+class DictOverlay:
+ """Since we're dealing with a very large dictionary from 'router-info.json' we only
+ want to read that dictionary once and prevent mutating it during tests. We instead
+ use this class to capture all mutations in additional layer that is reset every test
- db = None
+ Not thread safe
+ """
+ TOMBSTONE = object() # record deletions
- def __init__(self, *args, **kwargs):
- _bootstrap_semaphore.acquire()
+ def __init__(self, base_dict: dict) -> None:
+ self.dict = base_dict
+ self.overlay = {}
+
+ def __getitem__(self, key):
+ if key not in self.overlay:
+ return self.dict[key]
+ value = self.overlay[key]
+ if value is self.TOMBSTONE:
+ raise KeyError(key)
+ return value
+
+ def __setitem__(self, key, value):
+ self.overlay[key] = value
+
+ def __delitem__(self, key):
+ self.overlay[key] = self.TOMBSTONE
+
+ def __contains__(self, key):
+ if key in self.overlay:
+ return self.overlay[key] is not self.TOMBSTONE
+ return key in self.dict
+
+ def get(self, key, default=None):
try:
- if MockedRedis.db is None:
- MockedRedis.prep()
- finally:
- _bootstrap_semaphore.release()
-
- # allows us to create other mocks using a different data source file
- @staticmethod
- def prep(data_source_file="router-info.json"):
- test_data_filename = os.path.join(
- TEST_DATA_DIRNAME,
- data_source_file)
- with open(test_data_filename) as f:
- MockedRedis.db = json.loads(f.read())
- MockedRedis.db['db:latch'] = json.dumps({
+ return self[key]
+ except KeyError:
+ return default
+
+ def keys(self):
+ deleted_keys = {k for k, v in self.overlay.items() if v is self.TOMBSTONE}
+ return (self.dict.keys() | self.overlay.keys()) - deleted_keys
+
+ def items(self):
+ return ((key, self[key]) for key in self.keys())
+
+ _missing = object
+
+ def pop(self, key, default=_missing):
+ try:
+ value = self[key]
+ except KeyError:
+ if default is self._missing:
+ raise
+ return default
+
+ self.overlay[key] = self.TOMBSTONE
+ return value
+
+
+class MockedRedis:
+ def __init__(self, *args, **kwargs):
+ self.db = DictOverlay(DB_DATA_NOCACHE)
+ self.db['db:latch'] = json.dumps({
'current': 0,
'next': 0,
'this': 0,
@@ -120,44 +189,33 @@ class MockedRedis(object):
'failure': False
})
- # remove any cached data from the captured snapshot
- def _is_cache(s):
- if s.startswith('classifier-cache'):
- return True
- if s.startswith('joblog'):
- return True
- return False
- keys_to_delete = filter(_is_cache, MockedRedis.db.keys())
- for k in list(keys_to_delete):
- del MockedRedis.db[k]
-
def set(self, name, value):
- MockedRedis.db[name] = value
+ self.db[name] = value
def get(self, name):
- value = MockedRedis.db.get(name, None)
+ value = self.db.get(name, None)
if value is None:
return None
return value.encode('utf-8')
def exists(self, name):
- return name in MockedRedis.db
+ return name in self.db
def delete(self, key):
if isinstance(key, bytes):
key = key.decode('utf-8')
- # redis ignores delete for keys that don't exist
- # ... but in our test environment we don't expect this
- del MockedRedis.db[key]
+
+ if key in self.db:
+ del self.db[key]
def scan_iter(self, glob=None, count='unused'):
if not glob:
- for k in list(MockedRedis.db.keys()):
+ for k in list(self.db.keys()):
yield k.encode('utf-8')
m = re.match(r'^([^*]+)\*$', glob)
assert m # all expected globs are like this
- for k in list(MockedRedis.db.keys()):
+ for k in list(self.db.keys()):
if k.startswith(m.group(1)):
yield k.encode('utf-8')
@@ -175,16 +233,13 @@ class MockedRedis(object):
return self
-@pytest.fixture
+@pytest.fixture(scope="session")
def cached_test_data():
- filename = os.path.join(TEST_DATA_DIRNAME, "router-info.json")
- with open(filename) as f:
- return json.loads(f.read())
+ return DB_DATA
@pytest.fixture
def flask_config_filename():
-
with tempfile.NamedTemporaryFile() as f:
f.write('ENABLE_TESTING_ROUTES = True\n'.encode('utf-8'))
f.flush()
@@ -193,17 +248,17 @@ def flask_config_filename():
@pytest.fixture
def mocked_redis(mocker):
- MockedRedis.db = None # force data to be reloaded
+ instance = MockedRedis()
mocker.patch(
'inventory_provider.tasks.common.redis.StrictRedis',
- MockedRedis)
+ return_value=instance)
@pytest.fixture
def client(flask_config_filename, data_config_filename, mocked_redis):
os.environ['FLASK_SETTINGS_FILENAME'] = flask_config_filename
os.environ['INVENTORY_PROVIDER_CONFIG_FILENAME'] = data_config_filename
- with inventory_provider.create_app().test_client() as c:
+ with inventory_provider.create_app(setup_logging=False).test_client() as c:
yield c
diff --git a/test/data/rt0.lon.uk.lab.office.geant.net-netconf-nokia.xml b/test/data/rt0.lon.uk.lab.office.geant.net-netconf-nokia.xml
new file mode 100644
index 0000000000000000000000000000000000000000..607135b0d8d2c0bedcb057f191fbedac7c570dd4
--- /dev/null
+++ b/test/data/rt0.lon.uk.lab.office.geant.net-netconf-nokia.xml
@@ -0,0 +1,5097 @@
+<?xml version="1.0" encoding="UTF-8"?><data xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">
+ <configure xmlns="urn:nokia.com:sros:ns:yang:sr:conf" xmlns:nokia-attr="urn:nokia.com:sros:ns:yang:sr:attributes">
+ <card>
+ <slot-number>1</slot-number>
+ <card-type>xcm2-7s</card-type>
+ <mda>
+ <mda-slot>1</mda-slot>
+ <admin-state>enable</admin-state>
+ <mda-type>x2-s36-800g-qsfpdd-12.0t</mda-type>
+ <level>cr9600g</level>
+ </mda>
+ </card>
+ <card>
+ <slot-number>2</slot-number>
+ <card-type>xcm2-7s</card-type>
+ <mda>
+ <mda-slot>1</mda-slot>
+ <admin-state>enable</admin-state>
+ <mda-type>x2-s36-800g-qsfpdd-12.0t</mda-type>
+ <level>cr9600g</level>
+ </mda>
+ </card>
+ <chassis>
+ <chassis-class>router</chassis-class>
+ <chassis-number>1</chassis-number>
+ <power-shelf>
+ <power-shelf-id>1</power-shelf-id>
+ <power-shelf-type>ps-b10-shelf-ac/hv</power-shelf-type>
+ <power-module>
+ <power-module-id>8</power-module-id>
+ <power-module-type>ps-b-ac/hv-6000</power-module-type>
+ </power-module>
+ <power-module>
+ <power-module-id>9</power-module-id>
+ <power-module-type>ps-b-ac/hv-6000</power-module-type>
+ </power-module>
+ <power-module>
+ <power-module-id>10</power-module-id>
+ <power-module-type>ps-b-ac/hv-6000</power-module-type>
+ </power-module>
+ </power-shelf>
+ </chassis>
+ <filter>
+ <match-list>
+ <ip-prefix-list>
+ <prefix-list-name>BGP_PEERS_BASE</prefix-list-name>
+ <apply-path>
+ <bgp-peers>
+ <criterion-index>1</criterion-index>
+ <group>.*</group>
+ <neighbor>.*</neighbor>
+ <router-instance>Base</router-instance>
+ </bgp-peers>
+ </apply-path>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>COMMUNITY_NTP</prefix-list-name>
+ <prefix>
+ <ip-prefix>192.53.103.108/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>192.87.106.2/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>193.62.22.66/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>193.204.114.233/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>195.113.144.201/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANTNCC_ADDRESS_SPACE</prefix-list-name>
+ <prefix>
+ <ip-prefix>62.40.108.192/27</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.125.250/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_ADDRESS_SPACE</prefix-list-name>
+ <prefix>
+ <ip-prefix>62.40.96.0/19</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_DASHBOARD</prefix-list-name>
+ <prefix>
+ <ip-prefix>62.40.104.48/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.104.152/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.114.0/28</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.114.16/28</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.152/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.153/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.204/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.239/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.244/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.248/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.52/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.97/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.98/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_DC</prefix-list-name>
+ <prefix>
+ <ip-prefix>62.40.120.134/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.120.136/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.121.121/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.15/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.116/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.129/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.130/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>195.169.24.66/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_DNS</prefix-list-name>
+ <prefix>
+ <ip-prefix>62.40.104.250/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.106.9/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.113.29/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.116.114/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.116.122/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.122.146/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.200/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_DNS_EXT</prefix-list-name>
+ <prefix>
+ <ip-prefix>62.40.104.250/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.116.114/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.116.122/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.200/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_GAP</prefix-list-name>
+ <prefix>
+ <ip-prefix>83.97.95.177/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_IMS</prefix-list-name>
+ <prefix>
+ <ip-prefix>83.97.94.123/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.124/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.125/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.95.109/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_JUMP_SERVERS</prefix-list-name>
+ <prefix>
+ <ip-prefix>83.97.94.114/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_LIBRENMS</prefix-list-name>
+ <prefix>
+ <ip-prefix>83.97.95.37/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_LOOKING_GLASS</prefix-list-name>
+ <prefix>
+ <ip-prefix>83.97.92.82/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.141/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.39/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.62/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.63/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.134/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.135/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.136/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.137/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.138/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.139/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_NEMO_SERVERS</prefix-list-name>
+ <prefix>
+ <ip-prefix>83.97.93.45/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.46/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_NE_SERVERS</prefix-list-name>
+ <prefix>
+ <ip-prefix>62.40.106.202/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.111.115/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.111.253/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.111.254/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.0/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.182/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.95.37/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.95.177/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_NTP</prefix-list-name>
+ <prefix>
+ <ip-prefix>62.40.97.11/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.97.12/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.97.14/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.123.21/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.123.23/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.123.103/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_OC_SERVERS</prefix-list-name>
+ <prefix>
+ <ip-prefix>83.97.92.61/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.87/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.92/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.99/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.23/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.37/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_OFFICE_NETWORKS</prefix-list-name>
+ <prefix>
+ <ip-prefix>62.40.96.0/24</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.98.0/23</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.99.0/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.100.0/24</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.102.0/24</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.104.40/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.104.120/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.106.202/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.109.16/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.111.27/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.114.0/23</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.116.0/23</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.118.0/24</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>64.40.109.16/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>64.40.112.0/22</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>64.40.116.0/23</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_RANCID</prefix-list-name>
+ <prefix>
+ <ip-prefix>83.97.92.216/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.217/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.220/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_ROUTERS</prefix-list-name>
+ <prefix>
+ <ip-prefix>62.40.96.0/23</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.119.0/27</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_SNMP</prefix-list-name>
+ <prefix>
+ <ip-prefix>62.40.99.32/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.99.40/30</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.99.44/31</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.99.51/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.99.52/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.99.53/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.100.166/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.100.190/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.100.194/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.100.198/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.100.202/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.106.106/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.106.182/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.106.200/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.111.47/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.111.254/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.113.88/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.114.0/28</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.114.3/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.114.16/28</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.114.18/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.114.19/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.114.114/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.118.50/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.118.224/28</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.120.18/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.120.90/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.122.138/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.122.226/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.123.162/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.91.0/24</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.0/24</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.61/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.79/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.94/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.114/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.159/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.183/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.219/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.92.228/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.22/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.23/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.37/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.39/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.45/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.52/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.53/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.59/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.84/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.122/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.137/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.151/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.152/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.153/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.154/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.155/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.195/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.196/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.204/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.238/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.239/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.244/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.248/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.249/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.93.251/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.1/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.2/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.9/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.12/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.13/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.14/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.15/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.51/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.52/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.97/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.98/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.151/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.160/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.180/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.185/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.188/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.245/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.94.246/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.95.9/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.95.10/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.95.11/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.95.12/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.95.37/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.95.84/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.95.193/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.95.194/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>83.97.95.195/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>128.86.32.16/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>130.59.11.41/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>130.59.138.43/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>146.97.48.0/24</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>193.62.22.48/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>193.136.2.230/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>193.136.7.64/26</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>193.137.4.32/28</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>193.177.128.0/22</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>193.219.48.249/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>193.219.48.250/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>194.81.18.224/27</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>212.51.192.2/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>212.51.192.18/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>212.51.192.185/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_SUPERPOP</prefix-list-name>
+ <prefix>
+ <ip-prefix>83.97.92.0/22</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_VPN_NETWORKS</prefix-list-name>
+ <prefix>
+ <ip-prefix>62.40.99.129/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.99.148/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.99.160/27</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.99.194/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.99.201/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.101.0/24</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.111.0/24</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.112.0/24</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.122.248/29</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>195.169.24.0/24</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>GEANT_VULN_SCANNER</prefix-list-name>
+ <prefix>
+ <ip-prefix>83.97.93.49/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>NCC_OOB_ADDRESS_SPACE</prefix-list-name>
+ <prefix>
+ <ip-prefix>172.16.5.252/30</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>172.16.14.0/24</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>NOMIOS_SUPPORT</prefix-list-name>
+ <prefix>
+ <ip-prefix>83.97.93.238/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>PUBLIC_NTP</prefix-list-name>
+ <prefix>
+ <ip-prefix>216.239.35.0/32</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>216.239.35.4/32</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ip-prefix-list>
+ <prefix-list-name>TWAMP_CLIENTS</prefix-list-name>
+ <description>TWAMP Clients</description>
+ <prefix>
+ <ip-prefix>62.40.98.0/24</ip-prefix>
+ </prefix>
+ </ip-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>BGP_PEERS_BASE</prefix-list-name>
+ <apply-path>
+ <bgp-peers>
+ <criterion-index>1</criterion-index>
+ <group>.*</group>
+ <neighbor>.*</neighbor>
+ <router-instance>Base</router-instance>
+ </bgp-peers>
+ </apply-path>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_ADDRESS_SPACE</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798::/32</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_DASHBOARD</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:3::18e/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::18f/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::1d6/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::209/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::234/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::236/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::237/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::23f/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::245/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:f99c:18::/64</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:f99c:22::/64</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_DNS</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:2:284d::30/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::1ba/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:bb:4d::2/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:ee:f::2/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:ee:10::2/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_DNS_EXT</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:bb:4d::2/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:ee:f::2/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:ee:10::2/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_GAP</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:3::318/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_IMS</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:3::251/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::252/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::253/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_JUMP_SERVERS</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:3::246/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_LIBRENMS</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:3::317/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_LOOKING_GLASS</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:3::25c/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::25d/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::25e/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::25f/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::260/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::261/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_NEMO_SERVERS</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:3::195/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::196/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_NE_SERVERS</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:3::288/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::317/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::318/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:799:cb2:111::254/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_OC_SERVERS</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:3::55/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::6f/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::7b/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::83/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::12b/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::139/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_RANCID</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:3::117/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::118/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:3::128/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_ROUTERS</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:aa:1::/64</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_SNMP</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:620:0:a::50/128</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:620:0:1b:5054:ff:fef1:21ba/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_SUPERPOP</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:3::/64</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_VPN_NETWORKS</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:610:9d8::/62</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:610:9d8:4::/62</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:610:9d8:14::/64</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:798:4::/48</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:799:cb2::/56</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:799:cb2:100::/64</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:799:cb2:101::/64</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:799:cb2:102::/64</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:799:cb2:103::/64</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:799:cb2:104::/64</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:799:cb2:108::/64</ipv6-prefix>
+ </prefix>
+ <prefix>
+ <ipv6-prefix>2001:799:cb2:110::/64</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ <ipv6-prefix-list>
+ <prefix-list-name>GEANT_VULN_SCANNER</prefix-list-name>
+ <prefix>
+ <ipv6-prefix>2001:798:3::145/128</ipv6-prefix>
+ </prefix>
+ </ipv6-prefix-list>
+ </match-list>
+ </filter>
+ <lag>
+ <lag-name>lag-1</lag-name>
+ <admin-state>enable</admin-state>
+ <mode>network</mode>
+ <lacp>
+ <mode>active</mode>
+ <administrative-key>1</administrative-key>
+ </lacp>
+ <adaptive-load-balancing>
+ </adaptive-load-balancing>
+ <bfd-liveness>
+ <soft-reset-extension>true</soft-reset-extension>
+ <ipv4>
+ <admin-state>enable</admin-state>
+ <max-setup-time>30000</max-setup-time>
+ <multiplier>3</multiplier>
+ <receive-interval>500</receive-interval>
+ <transmit-interval>500</transmit-interval>
+ <local-ip-address>62.40.119.9</local-ip-address>
+ <remote-ip-address>62.40.119.2</remote-ip-address>
+ </ipv4>
+ </bfd-liveness>
+ <port>
+ <port-id>1/1/c8/1</port-id>
+ </port>
+ <port>
+ <port-id>1/1/c9/1</port-id>
+ </port>
+ </lag>
+ <lag>
+ <lag-name>lag-2</lag-name>
+ <admin-state>enable</admin-state>
+ <mode>network</mode>
+ <lacp>
+ <mode>active</mode>
+ <administrative-key>2</administrative-key>
+ </lacp>
+ <adaptive-load-balancing>
+ </adaptive-load-balancing>
+ <port>
+ <port-id>2/1/c8/1</port-id>
+ </port>
+ </lag>
+ <lag>
+ <lag-name>lag-3</lag-name>
+ <admin-state>enable</admin-state>
+ <encap-type>dot1q</encap-type>
+ <mode>hybrid</mode>
+ <lacp>
+ <mode>active</mode>
+ <administrative-key>3</administrative-key>
+ </lacp>
+ <adaptive-load-balancing>
+ </adaptive-load-balancing>
+ <port>
+ <port-id>1/1/c2/2</port-id>
+ </port>
+ </lag>
+ <lag>
+ <lag-name>lag-31</lag-name>
+ <admin-state>enable</admin-state>
+ <description>TEST-VC4-IMS-L2-circuit</description>
+ <encap-type>dot1q</encap-type>
+ <mode>access</mode>
+ <lacp>
+ <mode>active</mode>
+ <administrative-key>31</administrative-key>
+ </lacp>
+ <port>
+ <port-id>1/1/c2/1</port-id>
+ </port>
+ </lag>
+ <log>
+ <filter>
+ <filter-name>1</filter-name>
+ <description>SYSLOG_SERVER_83.97.94.11</description>
+ <named-entry>
+ <entry-name>user</entry-name>
+ <action>forward</action>
+ <match>
+ <application>
+ <eq>user</eq>
+ </application>
+ </match>
+ </named-entry>
+ <named-entry>
+ <entry-name>switch_fabric</entry-name>
+ <action>forward</action>
+ <match>
+ <message>
+ <eq>switch fabric</eq>
+ </message>
+ </match>
+ </named-entry>
+ <named-entry>
+ <entry-name>MINOR</entry-name>
+ <action>forward</action>
+ <match>
+ <message>
+ <eq>MINOR</eq>
+ </message>
+ </match>
+ </named-entry>
+ <named-entry>
+ <entry-name>MAJOR</entry-name>
+ <action>forward</action>
+ <match>
+ <message>
+ <eq>MAJOR</eq>
+ </message>
+ </match>
+ </named-entry>
+ <named-entry>
+ <entry-name>DHCP</entry-name>
+ <action>drop</action>
+ <match>
+ <message>
+ <eq>DHCPS</eq>
+ </message>
+ </match>
+ </named-entry>
+ </filter>
+ <filter>
+ <filter-name>61</filter-name>
+ <description>FORWARD_CHASSIS_PORT_LAG_ISIS_BGP</description>
+ <named-entry>
+ <entry-name>chassis</entry-name>
+ <action>forward</action>
+ <match>
+ <application>
+ <eq>chassis</eq>
+ </application>
+ </match>
+ </named-entry>
+ <named-entry>
+ <entry-name>port</entry-name>
+ <action>forward</action>
+ <match>
+ <application>
+ <eq>port</eq>
+ </application>
+ </match>
+ </named-entry>
+ <named-entry>
+ <entry-name>lag</entry-name>
+ <action>forward</action>
+ <match>
+ <application>
+ <eq>lag</eq>
+ </application>
+ </match>
+ </named-entry>
+ <named-entry>
+ <entry-name>isis</entry-name>
+ <action>forward</action>
+ <match>
+ <application>
+ <eq>isis</eq>
+ </application>
+ </match>
+ </named-entry>
+ <named-entry>
+ <entry-name>bgp</entry-name>
+ <action>forward</action>
+ <match>
+ <application>
+ <eq>bgp</eq>
+ </application>
+ </match>
+ </named-entry>
+ </filter>
+ <filter>
+ <filter-name>1001</filter-name>
+ <named-entry>
+ <entry-name>10</entry-name>
+ <description>Collect only events of major severity or higher</description>
+ <action>forward</action>
+ <match>
+ <severity>
+ <gte>major</gte>
+ </severity>
+ </match>
+ </named-entry>
+ </filter>
+ <log-id>
+ <name>1</name>
+ <admin-state>enable</admin-state>
+ <description>splunk-par-forwarder.geant.net</description>
+ <source>
+ <main>true</main>
+ <security>true</security>
+ <change>true</change>
+ <debug>true</debug>
+ </source>
+ <destination>
+ <syslog>1</syslog>
+ </destination>
+ </log-id>
+ <log-id>
+ <name>61</name>
+ <admin-state>enable</admin-state>
+ <description>FORWARD_CHASSIS_PORT_LAG_ISIS_BGP_TO_SNMP</description>
+ <filter>61</filter>
+ <source>
+ <main>true</main>
+ </source>
+ <destination>
+ <snmp>
+ </snmp>
+ </destination>
+ </log-id>
+ <log-id>
+ <name>99</name>
+ <description>Default System Log</description>
+ <source>
+ <main>true</main>
+ </source>
+ <destination>
+ <memory>
+ <max-entries>500</max-entries>
+ </memory>
+ </destination>
+ </log-id>
+ <log-id>
+ <name>100</name>
+ <description>Default Serious Errors Log</description>
+ <filter>1001</filter>
+ <source>
+ <main>true</main>
+ </source>
+ <destination>
+ <memory>
+ <max-entries>500</max-entries>
+ </memory>
+ </destination>
+ </log-id>
+ <snmp-trap-group>
+ <log-name>61</log-name>
+ <trap-target>
+ <name>83.97.92.228</name>
+ <address>83.97.92.228</address>
+ <version>snmpv2c</version>
+ <notify-community>nocalarm_test</notify-community>
+ </trap-target>
+ <trap-target>
+ <name>83.97.93.53</name>
+ <address>83.97.93.53</address>
+ <version>snmpv2c</version>
+ <notify-community>nocalarm_test</notify-community>
+ </trap-target>
+ <trap-target>
+ <name>83.97.94.185</name>
+ <address>83.97.94.185</address>
+ <version>snmpv2c</version>
+ <notify-community>nocalarm_test</notify-community>
+ </trap-target>
+ </snmp-trap-group>
+ <syslog>
+ <syslog-name>1</syslog-name>
+ <description>SYSLOG_SERVER_83.97.94.11</description>
+ <address>83.97.94.11</address>
+ <facility>local7</facility>
+ <severity>debug</severity>
+ <log-prefix>lo0.rt0.lon.uk.lab</log-prefix>
+ <port>13514</port>
+ </syslog>
+ </log>
+ <port>
+ <port-id>1/1/c2</port-id>
+ <admin-state>enable</admin-state>
+ <connector>
+ <breakout>c4-10g</breakout>
+ </connector>
+ </port>
+ <port>
+ <port-id>1/1/c2/1</port-id>
+ <admin-state>enable</admin-state>
+ <description>rt1.lon 4/0/4</description>
+ <ethernet>
+ <mode>access</mode>
+ <encap-type>dot1q</encap-type>
+ <mtu>9018</mtu>
+ <lldp>
+ <dest-mac>
+ <mac-type>nearest-bridge</mac-type>
+ <notification>true</notification>
+ <port-id-subtype>tx-if-name</port-id-subtype>
+ <receive>true</receive>
+ <transmit>true</transmit>
+ <tx-tlvs>
+ <port-desc>true</port-desc>
+ <sys-name>true</sys-name>
+ <sys-desc>true</sys-desc>
+ <sys-cap>true</sys-cap>
+ </tx-tlvs>
+ <tx-mgmt-address>
+ <mgmt-address-system-type>system</mgmt-address-system-type>
+ <admin-state>enable</admin-state>
+ </tx-mgmt-address>
+ </dest-mac>
+ </lldp>
+ </ethernet>
+ </port>
+ <port>
+ <port-id>1/1/c2/2</port-id>
+ <admin-state>enable</admin-state>
+ <description>qfx1.lab xe-0/0/14</description>
+ <ethernet>
+ <mode>hybrid</mode>
+ <encap-type>dot1q</encap-type>
+ <mtu>9018</mtu>
+ <lldp>
+ <dest-mac>
+ <mac-type>nearest-bridge</mac-type>
+ <notification>true</notification>
+ <port-id-subtype>tx-if-name</port-id-subtype>
+ <receive>true</receive>
+ <transmit>true</transmit>
+ <tx-tlvs>
+ <port-desc>true</port-desc>
+ <sys-name>true</sys-name>
+ <sys-desc>true</sys-desc>
+ <sys-cap>true</sys-cap>
+ </tx-tlvs>
+ <tx-mgmt-address>
+ <mgmt-address-system-type>system</mgmt-address-system-type>
+ <admin-state>enable</admin-state>
+ </tx-mgmt-address>
+ </dest-mac>
+ </lldp>
+ </ethernet>
+ </port>
+ <port>
+ <port-id>1/1/c2/3</port-id>
+ <admin-state>enable</admin-state>
+ <ethernet>
+ <lldp>
+ <dest-mac>
+ <mac-type>nearest-bridge</mac-type>
+ <notification>true</notification>
+ <receive>true</receive>
+ <transmit>true</transmit>
+ <tx-tlvs>
+ <port-desc>true</port-desc>
+ <sys-name>true</sys-name>
+ <sys-desc>true</sys-desc>
+ <sys-cap>true</sys-cap>
+ </tx-tlvs>
+ <tx-mgmt-address>
+ <mgmt-address-system-type>system</mgmt-address-system-type>
+ <admin-state>enable</admin-state>
+ </tx-mgmt-address>
+ </dest-mac>
+ </lldp>
+ </ethernet>
+ </port>
+ <port>
+ <port-id>1/1/c7</port-id>
+ <admin-state>enable</admin-state>
+ <transceiver>
+ <digital-coherent-optics>true</digital-coherent-optics>
+ </transceiver>
+ <connector>
+ <breakout>c1-400g</breakout>
+ </connector>
+ <dwdm>
+ <frequency>191550000</frequency>
+ <coherent>
+ <target-power>0.0</target-power>
+ </coherent>
+ </dwdm>
+ </port>
+ <port>
+ <port-id>1/1/c7/1</port-id>
+ <admin-state>enable</admin-state>
+ <ethernet>
+ <mode>hybrid</mode>
+ <encap-type>dot1q</encap-type>
+ <mtu>9192</mtu>
+ <lldp>
+ <dest-mac>
+ <mac-type>nearest-bridge</mac-type>
+ <notification>true</notification>
+ <port-id-subtype>tx-if-name</port-id-subtype>
+ <receive>true</receive>
+ <transmit>true</transmit>
+ <tx-tlvs>
+ <port-desc>true</port-desc>
+ <sys-name>true</sys-name>
+ </tx-tlvs>
+ </dest-mac>
+ </lldp>
+ </ethernet>
+ </port>
+ <port>
+ <port-id>1/1/c8</port-id>
+ <admin-state>enable</admin-state>
+ <description>BACKBONE LON-AMS-1</description>
+ <connector>
+ <breakout>c1-100g</breakout>
+ </connector>
+ </port>
+ <port>
+ <port-id>1/1/c8/1</port-id>
+ <admin-state>enable</admin-state>
+ <ethernet>
+ <mtu>9192</mtu>
+ <lldp>
+ <dest-mac>
+ <mac-type>nearest-bridge</mac-type>
+ <notification>true</notification>
+ <port-id-subtype>tx-if-name</port-id-subtype>
+ <receive>true</receive>
+ <transmit>true</transmit>
+ <tx-tlvs>
+ <port-desc>true</port-desc>
+ <sys-name>true</sys-name>
+ <sys-desc>true</sys-desc>
+ <sys-cap>true</sys-cap>
+ </tx-tlvs>
+ <tx-mgmt-address>
+ <mgmt-address-system-type>system</mgmt-address-system-type>
+ <admin-state>enable</admin-state>
+ </tx-mgmt-address>
+ </dest-mac>
+ </lldp>
+ <network>
+ <egress>
+ <queue-policy>GEANT-BASIC</queue-policy>
+ </egress>
+ </network>
+ </ethernet>
+ </port>
+ <port>
+ <port-id>1/1/c9</port-id>
+ <admin-state>enable</admin-state>
+ <description>BACKBONE LON-AMS-2</description>
+ <connector>
+ <breakout>c1-100g</breakout>
+ </connector>
+ </port>
+ <port>
+ <port-id>1/1/c9/1</port-id>
+ <admin-state>enable</admin-state>
+ <ethernet>
+ <mtu>9192</mtu>
+ <lldp>
+ <dest-mac>
+ <mac-type>nearest-bridge</mac-type>
+ <notification>true</notification>
+ <port-id-subtype>tx-if-name</port-id-subtype>
+ <receive>true</receive>
+ <transmit>true</transmit>
+ <tx-tlvs>
+ <port-desc>true</port-desc>
+ <sys-name>true</sys-name>
+ <sys-desc>true</sys-desc>
+ <sys-cap>true</sys-cap>
+ </tx-tlvs>
+ <tx-mgmt-address>
+ <mgmt-address-system-type>system</mgmt-address-system-type>
+ <admin-state>enable</admin-state>
+ </tx-mgmt-address>
+ </dest-mac>
+ </lldp>
+ <network>
+ <egress>
+ <queue-policy>GEANT-BASIC</queue-policy>
+ </egress>
+ </network>
+ </ethernet>
+ </port>
+ <port>
+ <port-id>1/1/c13</port-id>
+ <admin-state>enable</admin-state>
+ <transceiver>
+ <digital-coherent-optics>true</digital-coherent-optics>
+ </transceiver>
+ <connector>
+ <breakout>c1-400g</breakout>
+ </connector>
+ <dwdm>
+ <frequency>191550000</frequency>
+ <coherent>
+ <target-power>0.0</target-power>
+ </coherent>
+ </dwdm>
+ </port>
+ <port>
+ <port-id>1/1/c13/1</port-id>
+ <admin-state>enable</admin-state>
+ <ethernet>
+ <mode>hybrid</mode>
+ <encap-type>dot1q</encap-type>
+ <mtu>9192</mtu>
+ <lldp>
+ <dest-mac>
+ <mac-type>nearest-bridge</mac-type>
+ <notification>true</notification>
+ <port-id-subtype>tx-if-name</port-id-subtype>
+ <receive>true</receive>
+ <transmit>true</transmit>
+ <tx-tlvs>
+ <port-desc>true</port-desc>
+ <sys-name>true</sys-name>
+ </tx-tlvs>
+ </dest-mac>
+ </lldp>
+ </ethernet>
+ </port>
+ <port>
+ <port-id>2/1/c7</port-id>
+ <admin-state>enable</admin-state>
+ <transceiver>
+ <digital-coherent-optics>true</digital-coherent-optics>
+ </transceiver>
+ <connector>
+ <breakout>c1-400g</breakout>
+ </connector>
+ <dwdm>
+ <frequency>191550000</frequency>
+ <coherent>
+ <target-power>0.0</target-power>
+ </coherent>
+ </dwdm>
+ </port>
+ <port>
+ <port-id>2/1/c7/1</port-id>
+ <admin-state>enable</admin-state>
+ <ethernet>
+ <mode>hybrid</mode>
+ <encap-type>dot1q</encap-type>
+ <mtu>9192</mtu>
+ <lldp>
+ <dest-mac>
+ <mac-type>nearest-bridge</mac-type>
+ <notification>true</notification>
+ <port-id-subtype>tx-if-name</port-id-subtype>
+ <receive>true</receive>
+ <transmit>true</transmit>
+ <tx-tlvs>
+ <port-desc>true</port-desc>
+ <sys-name>true</sys-name>
+ </tx-tlvs>
+ </dest-mac>
+ </lldp>
+ </ethernet>
+ </port>
+ <port>
+ <port-id>2/1/c8</port-id>
+ <admin-state>enable</admin-state>
+ <connector>
+ <breakout>c1-100g</breakout>
+ </connector>
+ </port>
+ <port>
+ <port-id>2/1/c8/1</port-id>
+ <admin-state>enable</admin-state>
+ <ethernet>
+ <mtu>9192</mtu>
+ <lldp>
+ <dest-mac>
+ <mac-type>nearest-bridge</mac-type>
+ <notification>true</notification>
+ <port-id-subtype>tx-if-name</port-id-subtype>
+ <receive>true</receive>
+ <transmit>true</transmit>
+ <tx-tlvs>
+ <port-desc>true</port-desc>
+ <sys-name>true</sys-name>
+ <sys-desc>true</sys-desc>
+ <sys-cap>true</sys-cap>
+ </tx-tlvs>
+ <tx-mgmt-address>
+ <mgmt-address-system-type>system</mgmt-address-system-type>
+ <admin-state>enable</admin-state>
+ </tx-mgmt-address>
+ </dest-mac>
+ </lldp>
+ <network>
+ <egress>
+ <queue-policy>GEANT-BASIC</queue-policy>
+ </egress>
+ </network>
+ </ethernet>
+ </port>
+ <port>
+ <port-id>2/1/c13</port-id>
+ <admin-state>enable</admin-state>
+ <transceiver>
+ <digital-coherent-optics>true</digital-coherent-optics>
+ </transceiver>
+ <connector>
+ <breakout>c1-400g</breakout>
+ </connector>
+ <dwdm>
+ <frequency>191550000</frequency>
+ <coherent>
+ <target-power>0.0</target-power>
+ </coherent>
+ </dwdm>
+ </port>
+ <port>
+ <port-id>2/1/c13/1</port-id>
+ <admin-state>enable</admin-state>
+ <ethernet>
+ <mode>hybrid</mode>
+ <encap-type>dot1q</encap-type>
+ <mtu>9192</mtu>
+ <lldp>
+ <dest-mac>
+ <mac-type>nearest-bridge</mac-type>
+ <notification>true</notification>
+ <port-id-subtype>tx-if-name</port-id-subtype>
+ <receive>true</receive>
+ <transmit>true</transmit>
+ <tx-tlvs>
+ <port-desc>true</port-desc>
+ <sys-name>true</sys-name>
+ </tx-tlvs>
+ </dest-mac>
+ </lldp>
+ </ethernet>
+ </port>
+ <qos>
+ <network-queue>
+ <network-queue-policy>GEANT-BASIC</network-queue-policy>
+ <description>GEANT_BASIC_NETWORK_QUEUE</description>
+ <fc>
+ <fc-name>be</fc-name>
+ <queue>1</queue>
+ <multicast-queue>9</multicast-queue>
+ </fc>
+ <fc>
+ <fc-name>h2</fc-name>
+ <queue>5</queue>
+ <multicast-queue>13</multicast-queue>
+ </fc>
+ <fc>
+ <fc-name>ef</fc-name>
+ <queue>6</queue>
+ <multicast-queue>14</multicast-queue>
+ </fc>
+ <fc>
+ <fc-name>nc</fc-name>
+ <queue>8</queue>
+ <multicast-queue>16</multicast-queue>
+ </fc>
+ <queue>
+ <queue-id>1</queue-id>
+ <cbs>1.0</cbs>
+ <mbs>50.0</mbs>
+ <rate>
+ <pir>100</pir>
+ <cir>2</cir>
+ </rate>
+ <drop-tail>
+ <low>
+ <percent-reduction-from-mbs>0</percent-reduction-from-mbs>
+ </low>
+ </drop-tail>
+ </queue>
+ <queue>
+ <queue-id>5</queue-id>
+ <cbs>10.0</cbs>
+ <mbs>50.0</mbs>
+ <rate>
+ <pir>100</pir>
+ <cir>100</cir>
+ </rate>
+ <drop-tail>
+ <low>
+ <percent-reduction-from-mbs>10</percent-reduction-from-mbs>
+ </low>
+ </drop-tail>
+ </queue>
+ <queue>
+ <queue-id>6</queue-id>
+ <cbs>3.0</cbs>
+ <mbs>25.0</mbs>
+ <rate>
+ <pir>100</pir>
+ <cir>15</cir>
+ </rate>
+ <drop-tail>
+ <low>
+ <percent-reduction-from-mbs>10</percent-reduction-from-mbs>
+ </low>
+ </drop-tail>
+ </queue>
+ <queue>
+ <queue-id>8</queue-id>
+ <cbs>3.0</cbs>
+ <mbs>25.0</mbs>
+ <rate>
+ <pir>100</pir>
+ <cir>5</cir>
+ </rate>
+ <drop-tail>
+ <low>
+ <percent-reduction-from-mbs>10</percent-reduction-from-mbs>
+ </low>
+ </drop-tail>
+ </queue>
+ <queue>
+ <queue-id>9</queue-id>
+ <multipoint>true</multipoint>
+ <cbs>1.0</cbs>
+ <mbs>50.0</mbs>
+ <rate>
+ <pir>100</pir>
+ <cir>2</cir>
+ </rate>
+ <drop-tail>
+ <low>
+ <percent-reduction-from-mbs>0</percent-reduction-from-mbs>
+ </low>
+ </drop-tail>
+ </queue>
+ <queue>
+ <queue-id>13</queue-id>
+ <multipoint>true</multipoint>
+ <cbs>10.0</cbs>
+ <mbs>50.0</mbs>
+ <rate>
+ <pir>100</pir>
+ <cir>100</cir>
+ </rate>
+ <drop-tail>
+ <low>
+ <percent-reduction-from-mbs>10</percent-reduction-from-mbs>
+ </low>
+ </drop-tail>
+ </queue>
+ <queue>
+ <queue-id>14</queue-id>
+ <multipoint>true</multipoint>
+ <cbs>3.0</cbs>
+ <mbs>25.0</mbs>
+ <rate>
+ <pir>100</pir>
+ <cir>15</cir>
+ </rate>
+ <drop-tail>
+ <low>
+ <percent-reduction-from-mbs>10</percent-reduction-from-mbs>
+ </low>
+ </drop-tail>
+ </queue>
+ <queue>
+ <queue-id>16</queue-id>
+ <multipoint>true</multipoint>
+ <cbs>3.0</cbs>
+ <mbs>25.0</mbs>
+ <rate>
+ <pir>100</pir>
+ <cir>5</cir>
+ </rate>
+ <drop-tail>
+ <low>
+ <percent-reduction-from-mbs>10</percent-reduction-from-mbs>
+ </low>
+ </drop-tail>
+ </queue>
+ </network-queue>
+ <network>
+ <network-policy-name>GEANT-BASIC</network-policy-name>
+ <description>GEANT-BASIC</description>
+ <policy-id>100</policy-id>
+ <ingress>
+ <default-action>
+ <fc>be</fc>
+ <profile>in</profile>
+ </default-action>
+ <dscp>
+ <dscp-name>ef</dscp-name>
+ <fc>ef</fc>
+ <profile>in</profile>
+ </dscp>
+ <dscp>
+ <dscp-name>nc1</dscp-name>
+ <fc>nc</fc>
+ <profile>in</profile>
+ </dscp>
+ <dscp>
+ <dscp-name>nc2</dscp-name>
+ <fc>nc</fc>
+ <profile>in</profile>
+ </dscp>
+ <lsp-exp>
+ <lsp-exp-value>0</lsp-exp-value>
+ <fc>be</fc>
+ <profile>out</profile>
+ </lsp-exp>
+ <lsp-exp>
+ <lsp-exp-value>1</lsp-exp-value>
+ <fc>be</fc>
+ <profile>in</profile>
+ </lsp-exp>
+ <lsp-exp>
+ <lsp-exp-value>2</lsp-exp-value>
+ <fc>ef</fc>
+ <profile>in</profile>
+ </lsp-exp>
+ <lsp-exp>
+ <lsp-exp-value>3</lsp-exp-value>
+ <fc>h2</fc>
+ <profile>in</profile>
+ </lsp-exp>
+ <lsp-exp>
+ <lsp-exp-value>4</lsp-exp-value>
+ <fc>be</fc>
+ <profile>out</profile>
+ </lsp-exp>
+ <lsp-exp>
+ <lsp-exp-value>5</lsp-exp-value>
+ <fc>be</fc>
+ <profile>out</profile>
+ </lsp-exp>
+ <lsp-exp>
+ <lsp-exp-value>6</lsp-exp-value>
+ <fc>nc</fc>
+ <profile>in</profile>
+ </lsp-exp>
+ <lsp-exp>
+ <lsp-exp-value>7</lsp-exp-value>
+ <fc>nc</fc>
+ <profile>out</profile>
+ </lsp-exp>
+ </ingress>
+ <egress>
+ <fc>
+ <fc-name>be</fc-name>
+ <dscp-in-profile>be</dscp-in-profile>
+ <dscp-out-profile>be</dscp-out-profile>
+ <lsp-exp-in-profile>1</lsp-exp-in-profile>
+ <lsp-exp-out-profile>0</lsp-exp-out-profile>
+ </fc>
+ <fc>
+ <fc-name>h2</fc-name>
+ <dscp-in-profile>af21</dscp-in-profile>
+ <dscp-out-profile>af22</dscp-out-profile>
+ <lsp-exp-in-profile>3</lsp-exp-in-profile>
+ <lsp-exp-out-profile>3</lsp-exp-out-profile>
+ </fc>
+ <fc>
+ <fc-name>ef</fc-name>
+ <dscp-in-profile>ef</dscp-in-profile>
+ <dscp-out-profile>ef</dscp-out-profile>
+ <lsp-exp-in-profile>2</lsp-exp-in-profile>
+ <lsp-exp-out-profile>2</lsp-exp-out-profile>
+ </fc>
+ <fc>
+ <fc-name>nc</fc-name>
+ <dscp-in-profile>nc1</dscp-in-profile>
+ <dscp-out-profile>nc1</dscp-out-profile>
+ <lsp-exp-in-profile>6</lsp-exp-in-profile>
+ <lsp-exp-out-profile>7</lsp-exp-out-profile>
+ </fc>
+ </egress>
+ </network>
+ </qos>
+ <router>
+ <router-name>Base</router-name>
+ <autonomous-system>20965</autonomous-system>
+ <router-id>62.40.119.9</router-id>
+ <interface>
+ <interface-name>lag-1.0</interface-name>
+ <admin-state>enable</admin-state>
+ <description>SRV_GLOBAL INFRASTRUCTURE BACKBONE #AMS-LON-IPTRUNK $LGS-00012 | LON-AMS</description>
+ <ip-mtu>9000</ip-mtu>
+ <port>lag-1</port>
+ <ipv4>
+ <primary>
+ <address>62.40.119.85</address>
+ <prefix-length>31</prefix-length>
+ </primary>
+ </ipv4>
+ <ipv6>
+ <address>
+ <ipv6-address>2001:799:1ab:2::2a</ipv6-address>
+ <prefix-length>126</prefix-length>
+ </address>
+ </ipv6>
+ <qos>
+ <network-policy>GEANT-BASIC</network-policy>
+ </qos>
+ </interface>
+ <interface>
+ <interface-name>lag-2.0</interface-name>
+ <admin-state>enable</admin-state>
+ <description>SRV_GLOBAL INFRASTRUCTURE BACKBONE #LON-LON-IPTRUNK $LGS-00013| LON-LON</description>
+ <ip-mtu>9000</ip-mtu>
+ <port>lag-2</port>
+ <ipv4>
+ <primary>
+ <address>62.40.119.87</address>
+ <prefix-length>31</prefix-length>
+ </primary>
+ </ipv4>
+ <ipv6>
+ <address>
+ <ipv6-address>2001:798:cc::66</ipv6-address>
+ <prefix-length>126</prefix-length>
+ </address>
+ <address>
+ <ipv6-address>2001:799:1ab:2::2e</ipv6-address>
+ <prefix-length>126</prefix-length>
+ </address>
+ </ipv6>
+ <qos>
+ <network-policy>GEANT-BASIC</network-policy>
+ </qos>
+ </interface>
+ <interface>
+ <interface-name>system</interface-name>
+ <admin-state>enable</admin-state>
+ <ipv4>
+ <primary>
+ <address>62.40.119.9</address>
+ <prefix-length>32</prefix-length>
+ </primary>
+ </ipv4>
+ <ipv6>
+ <address>
+ <ipv6-address>2001:799:1ab::9</ipv6-address>
+ <prefix-length>128</prefix-length>
+ </address>
+ </ipv6>
+ </interface>
+ <interface>
+ <interface-name>to_rt0_ams_ZR-INFINERA</interface-name>
+ <ip-mtu>1500</ip-mtu>
+ <port>1/1/c7/1:0</port>
+ <ipv4>
+ <primary>
+ <address>10.211.102.1</address>
+ <prefix-length>24</prefix-length>
+ </primary>
+ </ipv4>
+ </interface>
+ <interface>
+ <interface-name>to_rt0_ams_ZR-NOKIA</interface-name>
+ <ip-mtu>1500</ip-mtu>
+ <port>1/1/c13/1:0</port>
+ <ipv4>
+ <primary>
+ <address>10.211.103.1</address>
+ <prefix-length>24</prefix-length>
+ </primary>
+ </ipv4>
+ </interface>
+ <mpls-labels>
+ <static-label-range>9968</static-label-range>
+ <sr-labels>
+ <start>10000</start>
+ <end>19999</end>
+ </sr-labels>
+ </mpls-labels>
+ <bgp>
+ <error-handling>
+ <update-fault-tolerance>true</update-fault-tolerance>
+ </error-handling>
+ <group>
+ <group-name>iGEANT-P-ONLY</group-name>
+ <admin-state>enable</admin-state>
+ <authentication-key>aX1kndQNDTAHyJttsnoyKVBRm1bxaCpuK+c= hash2</authentication-key>
+ <next-hop-self>true</next-hop-self>
+ <type>internal</type>
+ <peer-as>20965</peer-as>
+ <capability-negotiation>true</capability-negotiation>
+ <local-address>62.40.119.9</local-address>
+ <family>
+ <mcast-ipv4>true</mcast-ipv4>
+ </family>
+ </group>
+ <group>
+ <group-name>iGEANT6-P-ONLY</group-name>
+ <admin-state>enable</admin-state>
+ <authentication-key>aX1kndQNDTAHyJttsnoyKQiLcy8euS8do68= hash2</authentication-key>
+ <next-hop-self>true</next-hop-self>
+ <type>internal</type>
+ <peer-as>20965</peer-as>
+ <capability-negotiation>true</capability-negotiation>
+ <local-address>2001:799:1ab::9</local-address>
+ <family>
+ <mcast-ipv6>true</mcast-ipv6>
+ </family>
+ </group>
+ <neighbor>
+ <ip-address>62.40.119.1</ip-address>
+ <description>rt1.ath.gr.office.geant.net-</description>
+ <group>iGEANT-P-ONLY</group>
+ </neighbor>
+ <neighbor>
+ <ip-address>62.40.119.2</ip-address>
+ <description>rt1.ams.nl.office.geant.net</description>
+ <group>iGEANT-P-ONLY</group>
+ </neighbor>
+ <neighbor>
+ <ip-address>62.40.119.3</ip-address>
+ <description>rt1.bil.es.office.geant.net</description>
+ <group>iGEANT-P-ONLY</group>
+ </neighbor>
+ <neighbor>
+ <ip-address>62.40.119.4</ip-address>
+ <description>rt1.bil.es.office.geant.net</description>
+ <group>iGEANT-P-ONLY</group>
+ </neighbor>
+ <neighbor>
+ <ip-address>62.40.119.5</ip-address>
+ <description>rt1.lon.uk.office.geant.net</description>
+ <group>iGEANT-P-ONLY</group>
+ </neighbor>
+ <neighbor>
+ <ip-address>2001:799:1ab::1</ip-address>
+ <description>rt1.ath.gr.office.geant.net</description>
+ <group>iGEANT6-P-ONLY</group>
+ </neighbor>
+ <neighbor>
+ <ip-address>2001:799:1ab::2</ip-address>
+ <description>rt1.ams.nl.office.geant.net</description>
+ <group>iGEANT6-P-ONLY</group>
+ </neighbor>
+ <neighbor>
+ <ip-address>2001:799:1ab::3</ip-address>
+ <description>rt1.bil.es.office.geant.net</description>
+ <group>iGEANT6-P-ONLY</group>
+ </neighbor>
+ <neighbor>
+ <ip-address>2001:799:1ab::4</ip-address>
+ <description>rt1.dub.ie.office.geant.net</description>
+ <group>iGEANT6-P-ONLY</group>
+ </neighbor>
+ <neighbor>
+ <ip-address>2001:799:1ab::5</ip-address>
+ <description>rt1.lon.uk.office.geant.net</description>
+ <group>iGEANT6-P-ONLY</group>
+ </neighbor>
+ </bgp>
+ <isis>
+ <isis-instance>0</isis-instance>
+ <admin-state>enable</admin-state>
+ <advertise-router-capability>as</advertise-router-capability>
+ <ldp-sync>false</ldp-sync>
+ <ipv6-routing>native</ipv6-routing>
+ <level-capability>2</level-capability>
+ <system-id>0620.4011.9009</system-id>
+ <traffic-engineering>true</traffic-engineering>
+ <area-address>49.51e5.0001</area-address>
+ <multicast-import>
+ <ipv4>true</ipv4>
+ <ipv6>true</ipv6>
+ </multicast-import>
+ <overload-on-boot>
+ <timeout>300</timeout>
+ </overload-on-boot>
+ <loopfree-alternate>
+ <ti-lfa>
+ <node-protect>
+ </node-protect>
+ </ti-lfa>
+ </loopfree-alternate>
+ <segment-routing>
+ <admin-state>enable</admin-state>
+ <tunnel-table-pref>8</tunnel-table-pref>
+ <prefix-sid-range>
+ <global/>
+ </prefix-sid-range>
+ </segment-routing>
+ <interface>
+ <interface-name>lag-1.0</interface-name>
+ <interface-type>point-to-point</interface-type>
+ <level-capability>2</level-capability>
+ <level>
+ <level-number>2</level-number>
+ <metric>200</metric>
+ </level>
+ </interface>
+ <interface>
+ <interface-name>lag-2.0</interface-name>
+ <interface-type>point-to-point</interface-type>
+ <level-capability>2</level-capability>
+ <level>
+ <level-number>2</level-number>
+ <metric>5</metric>
+ </level>
+ </interface>
+ <interface>
+ <interface-name>system</interface-name>
+ <passive>true</passive>
+ <ipv4-node-sid>
+ <index>4009</index>
+ </ipv4-node-sid>
+ <ipv6-node-sid>
+ <index>6009</index>
+ </ipv6-node-sid>
+ </interface>
+ <level>
+ <level-number>2</level-number>
+ <wide-metrics-only>true</wide-metrics-only>
+ </level>
+ </isis>
+ <ldp>
+ <admin-state>enable</admin-state>
+ <graceful-restart>
+ <helper-mode>true</helper-mode>
+ </graceful-restart>
+ <targeted-session>
+ <sdp-auto-targeted-session>true</sdp-auto-targeted-session>
+ <ipv4>
+ <hello-reduction>
+ <admin-state>enable</admin-state>
+ </hello-reduction>
+ </ipv4>
+ <peer>
+ <ip-address>62.40.119.3</ip-address>
+ </peer>
+ </targeted-session>
+ </ldp>
+ <mpls>
+ <admin-state>enable</admin-state>
+ <interface>
+ <interface-name>lag-1.0</interface-name>
+ </interface>
+ <interface>
+ <interface-name>lag-2.0</interface-name>
+ </interface>
+ <interface>
+ <interface-name>system</interface-name>
+ </interface>
+ </mpls>
+ <pim>
+ <ipv4>
+ <admin-state>enable</admin-state>
+ <rpf-table>rtable-m</rpf-table>
+ </ipv4>
+ <ipv6>
+ <admin-state>enable</admin-state>
+ <rpf-table>rtable-m</rpf-table>
+ </ipv6>
+ <interface>
+ <interface-name>lag-1.0</interface-name>
+ </interface>
+ <interface>
+ <interface-name>lag-2.0</interface-name>
+ </interface>
+ <rp>
+ <ipv4>
+ <bsr-candidate>
+ <admin-state>disable</admin-state>
+ </bsr-candidate>
+ <rp-candidate>
+ <admin-state>disable</admin-state>
+ </rp-candidate>
+ </ipv4>
+ <ipv6>
+ <bsr-candidate>
+ <admin-state>disable</admin-state>
+ </bsr-candidate>
+ <embedded-rp>
+ <admin-state>enable</admin-state>
+ <group-range>
+ <ipv6-prefix>ff7e::/16</ipv6-prefix>
+ </group-range>
+ </embedded-rp>
+ <rp-candidate>
+ <admin-state>disable</admin-state>
+ </rp-candidate>
+ </ipv6>
+ </rp>
+ </pim>
+ <rsvp>
+ <admin-state>enable</admin-state>
+ <interface>
+ <interface-name>lag-1.0</interface-name>
+ <refresh-reduction>
+ <reliable-delivery>true</reliable-delivery>
+ </refresh-reduction>
+ </interface>
+ <interface>
+ <interface-name>lag-2.0</interface-name>
+ <refresh-reduction>
+ <reliable-delivery>true</reliable-delivery>
+ </refresh-reduction>
+ </interface>
+ <interface>
+ <interface-name>system</interface-name>
+ </interface>
+ </rsvp>
+ <static-routes>
+ <route>
+ <ip-prefix>0.0.0.0/0</ip-prefix>
+ <route-type>unicast</route-type>
+ <indirect>
+ <ip-address>62.40.119.2</ip-address>
+ <admin-state>enable</admin-state>
+ <description>TEMP_DF_MIGRATION_1</description>
+ </indirect>
+ <indirect>
+ <ip-address>62.40.119.5</ip-address>
+ <admin-state>enable</admin-state>
+ <description>TEMP_DF_MIGRATION_2</description>
+ <preference>25</preference>
+ </indirect>
+ </route>
+ <route>
+ <ip-prefix>::/0</ip-prefix>
+ <route-type>unicast</route-type>
+ <indirect>
+ <ip-address>2001:799:1ab::2</ip-address>
+ <admin-state>enable</admin-state>
+ <description>TEMP_V6_DF_MIGRATION_1</description>
+ </indirect>
+ <indirect>
+ <ip-address>2001:799:1ab::5</ip-address>
+ <admin-state>enable</admin-state>
+ <description>TEMP_V6_DF_MIGRATION_2</description>
+ <preference>25</preference>
+ </indirect>
+ </route>
+ </static-routes>
+ </router>
+ <routing-options>
+ <ip-fast-reroute>true</ip-fast-reroute>
+ </routing-options>
+ <service>
+ <customer>
+ <customer-name>1</customer-name>
+ <customer-id>1</customer-id>
+ </customer>
+ <customer>
+ <customer-name>2</customer-name>
+ <customer-id>2</customer-id>
+ </customer>
+ <customer>
+ <customer-name>IMS667</customer-name>
+ <customer-id>667</customer-id>
+ </customer>
+ <epipe>
+ <service-name>IMS-VC4-TEST</service-name>
+ <admin-state>enable</admin-state>
+ <service-id>667</service-id>
+ <customer>IMS667</customer>
+ <vpn-id>667</vpn-id>
+ <service-mtu>9014</service-mtu>
+ <spoke-sdp>
+ <sdp-bind-id>31:667</sdp-bind-id>
+ <admin-state>enable</admin-state>
+ <control-word>true</control-word>
+ <pw-status>
+ <signaling>true</signaling>
+ </pw-status>
+ </spoke-sdp>
+ <sap>
+ <sap-id>lag-31:667</sap-id>
+ <admin-state>enable</admin-state>
+ </sap>
+ </epipe>
+ <sdp>
+ <sdp-id>31</sdp-id>
+ <admin-state>enable</admin-state>
+ <description>TEST-VC4-IMS-TEMP</description>
+ <delivery-type>mpls</delivery-type>
+ <path-mtu>9100</path-mtu>
+ <sr-isis>true</sr-isis>
+ <far-end>
+ <ip-address>62.40.119.3</ip-address>
+ </far-end>
+ </sdp>
+ <vprn>
+ <service-name>ZR-MGMT</service-name>
+ <admin-state>enable</admin-state>
+ <service-id>5</service-id>
+ <customer>1</customer>
+ <interface>
+ <interface-name>dhcpIf</interface-name>
+ <admin-state>enable</admin-state>
+ <loopback>true</loopback>
+ <ipv4>
+ <local-dhcp-server>dhcp4</local-dhcp-server>
+ <primary>
+ <address>10.2.2.2</address>
+ <prefix-length>32</prefix-length>
+ </primary>
+ </ipv4>
+ </interface>
+ <interface>
+ <interface-name>toIPM</interface-name>
+ <admin-state>enable</admin-state>
+ <ipv4>
+ <primary>
+ <address>10.50.50.1</address>
+ <prefix-length>24</prefix-length>
+ </primary>
+ </ipv4>
+ <sap>
+ <sap-id>lag-3:2005</sap-id>
+ <admin-state>enable</admin-state>
+ </sap>
+ </interface>
+ <interface>
+ <interface-name>toModule</interface-name>
+ <admin-state>enable</admin-state>
+ <ipv4>
+ <local-dhcp-server>dhcp4</local-dhcp-server>
+ <primary>
+ <address>10.100.75.1</address>
+ <prefix-length>24</prefix-length>
+ </primary>
+ <dhcp>
+ <admin-state>enable</admin-state>
+ <server>10.2.2.2</server>
+ <trusted>true</trusted>
+ </dhcp>
+ </ipv4>
+ <sap>
+ <sap-id>1/1/c7/1:4090</sap-id>
+ </sap>
+ <ipv6>
+ <address>
+ <ipv6-address>2003:1a3b:fff9:8::2</ipv6-address>
+ <prefix-length>64</prefix-length>
+ </address>
+ </ipv6>
+ </interface>
+ <management>
+ <allow-ssh>true</allow-ssh>
+ </management>
+ <dhcp-server>
+ <dhcpv4>
+ <name>dhcp4</name>
+ <admin-state>enable</admin-state>
+ <pool-selection>
+ <use-gi-address>
+ <scope>pool</scope>
+ </use-gi-address>
+ </pool-selection>
+ <pool>
+ <pool-name>ZRMGMT</pool-name>
+ <max-lease-time>1200</max-lease-time>
+ <subnet>
+ <ipv4-prefix>10.100.75.0/24</ipv4-prefix>
+ <options>
+ <option>
+ <number>3</number>
+ <ipv4-address>10.100.75.1</ipv4-address>
+ </option>
+ <option>
+ <number>42</number>
+ <ipv4-address>10.50.50.10</ipv4-address>
+ </option>
+ </options>
+ <address-range>
+ <start>10.100.75.20</start>
+ <end>10.100.75.30</end>
+ </address-range>
+ </subnet>
+ </pool>
+ </dhcpv4>
+ </dhcp-server>
+ </vprn>
+ <vprn>
+ <service-name>ZR-REMOTE</service-name>
+ <admin-state>enable</admin-state>
+ <service-id>6</service-id>
+ <customer>2</customer>
+ <interface>
+ <interface-name>rt0_ams_infinera</interface-name>
+ <ip-mtu>1500</ip-mtu>
+ <ipv4>
+ <primary>
+ <address>10.211.102.2</address>
+ <prefix-length>24</prefix-length>
+ </primary>
+ </ipv4>
+ <sap>
+ <sap-id>2/1/c7/1:0</sap-id>
+ </sap>
+ </interface>
+ <interface>
+ <interface-name>rt0_ams_nokia</interface-name>
+ <ip-mtu>1500</ip-mtu>
+ <ipv4>
+ <primary>
+ <address>10.211.103.2</address>
+ <prefix-length>24</prefix-length>
+ </primary>
+ </ipv4>
+ <sap>
+ <sap-id>2/1/c13/1:0</sap-id>
+ </sap>
+ </interface>
+ </vprn>
+ </service>
+ <sfm>
+ <sfm-slot>1</sfm-slot>
+ <admin-state>enable</admin-state>
+ <sfm-type>sfm2-s</sfm-type>
+ </sfm>
+ <sfm>
+ <sfm-slot>2</sfm-slot>
+ <admin-state>enable</admin-state>
+ <sfm-type>sfm2-s</sfm-type>
+ </sfm>
+ <sfm>
+ <sfm-slot>3</sfm-slot>
+ <sfm-type>sfm2-s</sfm-type>
+ </sfm>
+ <sfm>
+ <sfm-slot>4</sfm-slot>
+ <sfm-type>sfm2-s</sfm-type>
+ </sfm>
+ <system>
+ <contact>GEANT OC, support@oc.geant.net, +44 (0) 1223 733033</contact>
+ <name>rt0.lon.uk</name>
+ <location>London,England,[51.49821912962843,-0.015228819041376851]</location>
+ <load-balancing>
+ <l4-load-balancing>true</l4-load-balancing>
+ <lsr-load-balancing>lbl-ip-l4-teid</lsr-load-balancing>
+ <system-ip-load-balancing>true</system-ip-load-balancing>
+ </load-balancing>
+ <grpc>
+ <gnmi>
+ <auto-config-save>false</auto-config-save>
+ </gnmi>
+ </grpc>
+ <management-interface>
+ <configuration-mode>model-driven</configuration-mode>
+ <cli>
+ <md-cli>
+ <auto-config-save>true</auto-config-save>
+ <environment>
+ <more>true</more>
+ <console>
+ <width>140</width>
+ </console>
+ </environment>
+ </md-cli>
+ </cli>
+ <configuration-save>
+ <configuration-backups>5</configuration-backups>
+ <incremental-saves>false</incremental-saves>
+ </configuration-save>
+ <netconf>
+ <admin-state>enable</admin-state>
+ <auto-config-save>true</auto-config-save>
+ </netconf>
+ <yang-modules>
+ <nokia-submodules>true</nokia-submodules>
+ <nokia-combined-modules>false</nokia-combined-modules>
+ </yang-modules>
+ </management-interface>
+ <power-management>
+ <power-zone>1</power-zone>
+ <mode>none</mode>
+ <power-safety-level>67</power-safety-level>
+ </power-management>
+ <bluetooth>
+ <advertising-timeout>30</advertising-timeout>
+ </bluetooth>
+ <login-control>
+ <idle-timeout>60</idle-timeout>
+ <pre-login-message>
+ <message>**************************************************************\r\n\r\n Warning: Unauthorized access to this equipment is strictly forbidden and will lead to prosecution.\r\n\r\n**************************************************************\r\n</message>
+ <name>true</name>
+ </pre-login-message>
+ </login-control>
+ <security>
+ <dist-cpu-protection>
+ <policy>
+ <policy-name>_default-network-policy</policy-name>
+ <protocol>
+ <protocol-name>icmp</protocol-name>
+ <enforcement>
+ <static>
+ <policer-name>ICMP_LIMIT</policer-name>
+ </static>
+ </enforcement>
+ </protocol>
+ <static-policer>
+ <policer-name>ICMP_LIMIT</policer-name>
+ <exceed-action>
+ <action>discard</action>
+ </exceed-action>
+ <rate>
+ <kbps>
+ <limit>10000</limit>
+ <mbs>100</mbs>
+ </kbps>
+ </rate>
+ </static-policer>
+ </policy>
+ </dist-cpu-protection>
+ <source-address>
+ <ipv4>
+ <application>radius</application>
+ <interface-name>system</interface-name>
+ </ipv4>
+ <ipv4>
+ <application>snmptrap</application>
+ <interface-name>system</interface-name>
+ </ipv4>
+ <ipv4>
+ <application>syslog</application>
+ <interface-name>system</interface-name>
+ </ipv4>
+ <ipv4>
+ <application>dns</application>
+ <interface-name>system</interface-name>
+ </ipv4>
+ <ipv4>
+ <application>ntp</application>
+ <interface-name>system</interface-name>
+ </ipv4>
+ </source-address>
+ <tech-support>
+ <ts-location>cf3:\tech_support</ts-location>
+ </tech-support>
+ <aaa>
+ <health-check>none</health-check>
+ <remote-servers>
+ <radius>
+ <authorization>true</authorization>
+ <server>
+ <index>1</index>
+ <address>83.97.94.129</address>
+ <secret>oYneem3baL16yGOeqRnqCy4vY31EW5azKXZ2s/tL6ywyw9GU hash2</secret>
+ </server>
+ <server>
+ <index>2</index>
+ <address>83.97.94.130</address>
+ <secret>oYneem3baL16yGOeqRnqC7OH+f/iW/z+dGseiBhyD7zynDWM hash2</secret>
+ </server>
+ </radius>
+ </remote-servers>
+ <local-profiles>
+ <profile>
+ <user-profile-name>GOC</user-profile-name>
+ <default-action>permit-all</default-action>
+ </profile>
+ <profile>
+ <user-profile-name>NOC-Class</user-profile-name>
+ <default-action>permit-all</default-action>
+ </profile>
+ <profile>
+ <user-profile-name>administrative</user-profile-name>
+ <default-action>permit-all</default-action>
+ <entry>
+ <entry-id>10</entry-id>
+ <match>configure system security</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>20</entry-id>
+ <match>show system security</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>30</entry-id>
+ <match>tools perform security</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>40</entry-id>
+ <match>tools dump security</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>42</entry-id>
+ <match>tools dump system security</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>50</entry-id>
+ <match>admin system security</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>100</entry-id>
+ <match>configure li</match>
+ <action>deny</action>
+ </entry>
+ <entry>
+ <entry-id>110</entry-id>
+ <match>show li</match>
+ <action>deny</action>
+ </entry>
+ <entry>
+ <entry-id>111</entry-id>
+ <match>clear li</match>
+ <action>deny</action>
+ </entry>
+ <entry>
+ <entry-id>112</entry-id>
+ <match>tools dump li</match>
+ <action>deny</action>
+ </entry>
+ <netconf>
+ <base-op-authorization>
+ <action>true</action>
+ <cancel-commit>true</cancel-commit>
+ <close-session>true</close-session>
+ <commit>true</commit>
+ <copy-config>true</copy-config>
+ <create-subscription>true</create-subscription>
+ <delete-config>true</delete-config>
+ <discard-changes>true</discard-changes>
+ <edit-config>true</edit-config>
+ <get>true</get>
+ <get-config>true</get-config>
+ <get-data>true</get-data>
+ <get-schema>true</get-schema>
+ <kill-session>true</kill-session>
+ <lock>true</lock>
+ <validate>true</validate>
+ </base-op-authorization>
+ </netconf>
+ </profile>
+ <profile>
+ <user-profile-name>config_backup</user-profile-name>
+ <default-action>deny-all</default-action>
+ <entry>
+ <entry-id>100</entry-id>
+ <match>logout</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>150</entry-id>
+ <match>show system information</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>160</entry-id>
+ <match>show log</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>170</entry-id>
+ <match>show card state</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>180</entry-id>
+ <match>show chassis</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>190</entry-id>
+ <match>file show</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>200</entry-id>
+ <match>admin show configuration bof</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>210</entry-id>
+ <match>admin show configuration configure</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>220</entry-id>
+ <match>admin show configuration debug</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>230</entry-id>
+ <match>environment more</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>240</entry-id>
+ <match>show mda detail</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>250</entry-id>
+ <match>show card detail</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>260</entry-id>
+ <match>show port detail</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>270</entry-id>
+ <match>show system management-interface commit-history</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>280</entry-id>
+ <match>show redundancy synchronization</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>290</entry-id>
+ <match>show version</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>999</entry-id>
+ <match>admin show configuration</match>
+ <action>permit</action>
+ </entry>
+ </profile>
+ <profile>
+ <user-profile-name>default</user-profile-name>
+ <entry>
+ <entry-id>10</entry-id>
+ <match>exec</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>20</entry-id>
+ <match>exit</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>30</entry-id>
+ <match>help</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>40</entry-id>
+ <match>logout</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>50</entry-id>
+ <match>password</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>60</entry-id>
+ <match>show config</match>
+ <action>deny</action>
+ </entry>
+ <entry>
+ <entry-id>65</entry-id>
+ <match>show li</match>
+ <action>deny</action>
+ </entry>
+ <entry>
+ <entry-id>66</entry-id>
+ <match>clear li</match>
+ <action>deny</action>
+ </entry>
+ <entry>
+ <entry-id>67</entry-id>
+ <match>tools dump li</match>
+ <action>deny</action>
+ </entry>
+ <entry>
+ <entry-id>68</entry-id>
+ <match>state li</match>
+ <action>deny</action>
+ </entry>
+ <entry>
+ <entry-id>70</entry-id>
+ <match>show</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>75</entry-id>
+ <match>state</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>80</entry-id>
+ <match>enable-admin</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>90</entry-id>
+ <match>enable</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>100</entry-id>
+ <match>configure li</match>
+ <action>deny</action>
+ </entry>
+ <netconf>
+ <base-op-authorization>
+ <action>true</action>
+ <cancel-commit>true</cancel-commit>
+ <close-session>true</close-session>
+ <commit>true</commit>
+ <copy-config>true</copy-config>
+ <create-subscription>true</create-subscription>
+ <delete-config>true</delete-config>
+ <discard-changes>true</discard-changes>
+ <edit-config>true</edit-config>
+ <get>true</get>
+ <get-config>true</get-config>
+ <get-data>true</get-data>
+ <get-schema>true</get-schema>
+ <validate>true</validate>
+ </base-op-authorization>
+ </netconf>
+ </profile>
+ <profile>
+ <user-profile-name>geantnms</user-profile-name>
+ <default-action>permit-all</default-action>
+ <entry>
+ <entry-id>900</entry-id>
+ <match>show router</match>
+ <action>deny</action>
+ </entry>
+ </profile>
+ <profile>
+ <user-profile-name>level1</user-profile-name>
+ <default-action>deny-all</default-action>
+ <entry>
+ <entry-id>100</entry-id>
+ <match>logout</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>110</entry-id>
+ <match>show users</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>120</entry-id>
+ <match>show port</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>121</entry-id>
+ <match>show lag</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>122</entry-id>
+ <match>monitor port</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>123</entry-id>
+ <match>monitor lag</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>130</entry-id>
+ <match>show router interface</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>140</entry-id>
+ <match>ping</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>141</entry-id>
+ <match>ssh</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>142</entry-id>
+ <match>telnet</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>143</entry-id>
+ <match>traceroute</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>150</entry-id>
+ <match>show router</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>160</entry-id>
+ <match>show snmp</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>170</entry-id>
+ <match>show system</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>180</entry-id>
+ <match>show log</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>999</entry-id>
+ <match>admin show configuration</match>
+ <action>permit</action>
+ </entry>
+ </profile>
+ <profile>
+ <user-profile-name>nessus</user-profile-name>
+ <default-action>deny-all</default-action>
+ <entry>
+ <entry-id>100</entry-id>
+ <match>logout</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>110</entry-id>
+ <match>show users</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>120</entry-id>
+ <match>show port</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>121</entry-id>
+ <match>show lag</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>122</entry-id>
+ <match>monitor port</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>123</entry-id>
+ <match>monitor lag</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>130</entry-id>
+ <match>show router interface</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>150</entry-id>
+ <match>show router</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>160</entry-id>
+ <match>show snmp</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>170</entry-id>
+ <match>show system</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>180</entry-id>
+ <match>show log</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>900</entry-id>
+ <match>show</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>999</entry-id>
+ <match>admin show configuration</match>
+ <action>permit</action>
+ </entry>
+ </profile>
+ <profile>
+ <user-profile-name>nomios</user-profile-name>
+ <default-action>deny-all</default-action>
+ <entry>
+ <entry-id>100</entry-id>
+ <match>logout</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>140</entry-id>
+ <match>ping</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>143</entry-id>
+ <match>traceroute</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>150</entry-id>
+ <match>show router</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>170</entry-id>
+ <match>show system</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>800</entry-id>
+ <match>show</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>820</entry-id>
+ <match>monitor</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>830</entry-id>
+ <match>file</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>999</entry-id>
+ <match>admin show configuration</match>
+ <action>permit</action>
+ </entry>
+ </profile>
+ <profile>
+ <user-profile-name>nren</user-profile-name>
+ <default-action>deny-all</default-action>
+ <entry>
+ <entry-id>100</entry-id>
+ <match>logout</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>120</entry-id>
+ <match>show port</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>121</entry-id>
+ <match>show lag</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>122</entry-id>
+ <match>monitor port</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>123</entry-id>
+ <match>monitor lag</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>130</entry-id>
+ <match>show router interface</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>140</entry-id>
+ <match>ping</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>143</entry-id>
+ <match>traceroute</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>150</entry-id>
+ <match>show router</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>160</entry-id>
+ <match>show snmp</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>170</entry-id>
+ <match>show system</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>180</entry-id>
+ <match>show log</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>900</entry-id>
+ <match>show</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>999</entry-id>
+ <match>admin show configuration</match>
+ <action>permit</action>
+ </entry>
+ </profile>
+ <profile>
+ <user-profile-name>nrn</user-profile-name>
+ <default-action>deny-all</default-action>
+ <entry>
+ <entry-id>100</entry-id>
+ <match>logout</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>120</entry-id>
+ <match>show port</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>121</entry-id>
+ <match>show lag</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>122</entry-id>
+ <match>monitor port</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>123</entry-id>
+ <match>monitor lag</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>130</entry-id>
+ <match>show router interface</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>140</entry-id>
+ <match>ping</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>143</entry-id>
+ <match>traceroute</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>150</entry-id>
+ <match>show router</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>160</entry-id>
+ <match>show snmp</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>170</entry-id>
+ <match>show system</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>180</entry-id>
+ <match>show log</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>999</entry-id>
+ <match>admin show configuration</match>
+ <action>permit</action>
+ </entry>
+ </profile>
+ <profile>
+ <user-profile-name>openssa</user-profile-name>
+ <default-action>deny-all</default-action>
+ <entry>
+ <entry-id>100</entry-id>
+ <match>logout</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>140</entry-id>
+ <match>ping</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>143</entry-id>
+ <match>traceroute</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>800</entry-id>
+ <match>show</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>810</entry-id>
+ <match>configure</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>820</entry-id>
+ <match>monitor</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>830</entry-id>
+ <match>file</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>999</entry-id>
+ <match>admin show configuration</match>
+ <action>permit</action>
+ </entry>
+ </profile>
+ <profile>
+ <user-profile-name>readonly-permissions</user-profile-name>
+ <default-action>deny-all</default-action>
+ <entry>
+ <entry-id>100</entry-id>
+ <match>logout</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>150</entry-id>
+ <match>show router</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>170</entry-id>
+ <match>show system</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>999</entry-id>
+ <match>admin show configuration</match>
+ <action>permit</action>
+ </entry>
+ </profile>
+ <profile>
+ <user-profile-name>restricted-mon</user-profile-name>
+ <default-action>deny-all</default-action>
+ <entry>
+ <entry-id>100</entry-id>
+ <match>logout</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>110</entry-id>
+ <match>show users</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>120</entry-id>
+ <match>show port</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>121</entry-id>
+ <match>show lag</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>122</entry-id>
+ <match>monitor port</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>123</entry-id>
+ <match>monitor lag</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>130</entry-id>
+ <match>show router interface</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>140</entry-id>
+ <match>ping</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>150</entry-id>
+ <match>show router</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>160</entry-id>
+ <match>show snmp</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>170</entry-id>
+ <match>show system</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>200</entry-id>
+ <match>show chassis</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>210</entry-id>
+ <match>show card</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>220</entry-id>
+ <match>show mda</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>230</entry-id>
+ <match>show sfm</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>240</entry-id>
+ <match>show service</match>
+ <action>permit</action>
+ </entry>
+ <entry>
+ <entry-id>999</entry-id>
+ <match>admin show configuration</match>
+ <action>permit</action>
+ </entry>
+ <netconf>
+ <base-op-authorization>
+ <action>true</action>
+ <close-session>true</close-session>
+ <copy-config>true</copy-config>
+ <get>true</get>
+ <get-config>true</get-config>
+ <get-data>true</get-data>
+ <get-schema>true</get-schema>
+ </base-op-authorization>
+ </netconf>
+ </profile>
+ </local-profiles>
+ </aaa>
+ <cpm-filter>
+ <default-action>drop</default-action>
+ <ip-filter>
+ <admin-state>disable</admin-state>
+ <entry>
+ <entry-id>110</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_OFFICE_NETWORKS</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>111</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANTNCC_ADDRESS_SPACE</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>112</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_VPN_NETWORKS</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>115</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>NCC_OOB_ADDRESS_SPACE</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>117</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_NE_SERVERS</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>118</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_VULN_SCANNER</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>120</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_LOOKING_GLASS</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>121</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_DASHBOARD</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>123</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_RANCID</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>124</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_IMS</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>127</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_LIBRENMS</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>128</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_GAP</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>130</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_OC_SERVERS</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>131</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_JUMP_SERVERS</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>132</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>NOMIOS_SUPPORT</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>133</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_NEMO_SERVERS</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>22</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>140</entry-id>
+ <description>BGP_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>BGP_PEERS_BASE</ip-prefix-list>
+ </src-ip>
+ <port>
+ <eq>179</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>150</entry-id>
+ <description>MICRO_BFD_accept</description>
+ <match>
+ <protocol>udp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_ROUTERS</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>6784</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>180</entry-id>
+ <description>RADIUS_accept</description>
+ <match>
+ <protocol>udp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_DC</ip-prefix-list>
+ </src-ip>
+ <port>
+ <range>
+ <start>1812</start>
+ <end>1813</end>
+ </range>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>190</entry-id>
+ <description>NTP_accept</description>
+ <match>
+ <protocol>udp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_NTP</ip-prefix-list>
+ </src-ip>
+ <port>
+ <eq>123</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>191</entry-id>
+ <description>NTP_accept</description>
+ <match>
+ <protocol>udp</protocol>
+ <src-ip>
+ <ip-prefix-list>COMMUNITY_NTP</ip-prefix-list>
+ </src-ip>
+ <port>
+ <eq>123</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>192</entry-id>
+ <description>NTP_accept</description>
+ <match>
+ <protocol>udp</protocol>
+ <src-ip>
+ <ip-prefix-list>PUBLIC_NTP</ip-prefix-list>
+ </src-ip>
+ <port>
+ <eq>123</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>193</entry-id>
+ <description>NTP_accept</description>
+ <match>
+ <protocol>udp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_ROUTERS</ip-prefix-list>
+ </src-ip>
+ <port>
+ <eq>123</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>200</entry-id>
+ <description>NETCONF_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_SUPERPOP</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>830</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>201</entry-id>
+ <description>NETCONF_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_VPN_NETWORKS</ip-prefix-list>
+ </src-ip>
+ <port>
+ <eq>830</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>202</entry-id>
+ <description>NETCONF_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_ADDRESS_SPACE</ip-prefix-list>
+ </src-ip>
+ <port>
+ <eq>830</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>203</entry-id>
+ <description>NETCONF_accept</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_GAP</ip-prefix-list>
+ </src-ip>
+ <port>
+ <eq>830</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>210</entry-id>
+ <description>SNMP_accept</description>
+ <match>
+ <protocol>udp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_SNMP</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>161</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>220</entry-id>
+ <description>DNS_accept</description>
+ <match>
+ <protocol>udp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_DNS</ip-prefix-list>
+ </src-ip>
+ <port>
+ <eq>53</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>221</entry-id>
+ <description>DNS_accept</description>
+ <match>
+ <protocol>udp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_DNS_EXT</ip-prefix-list>
+ </src-ip>
+ <port>
+ <eq>53</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>230</entry-id>
+ <description>T-LDP_accept</description>
+ <match>
+ <protocol>tcp-udp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_ROUTERS</ip-prefix-list>
+ </src-ip>
+ <port>
+ <eq>646</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>250</entry-id>
+ <description>RSVP_accept</description>
+ <match>
+ <protocol>rsvp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_ADDRESS_SPACE</ip-prefix-list>
+ </src-ip>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>260</entry-id>
+ <description>PIM_accept</description>
+ <match>
+ <protocol>pim</protocol>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>310</entry-id>
+ <description>TRACEROUTE_accept</description>
+ <match>
+ <protocol>udp</protocol>
+ <src-ip>
+ <ip-prefix-list>GEANT_ADDRESS_SPACE</ip-prefix-list>
+ </src-ip>
+ <dst-port>
+ <range>
+ <start>33434</start>
+ <end>33534</end>
+ </range>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>320</entry-id>
+ <description>ICMP_accept</description>
+ <match>
+ <protocol>icmp</protocol>
+ <icmp>
+ <type>8</type>
+ </icmp>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>321</entry-id>
+ <description>ICMP_accept</description>
+ <match>
+ <protocol>icmp</protocol>
+ <icmp>
+ <type>0</type>
+ </icmp>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>322</entry-id>
+ <description>ICMP_accept</description>
+ <match>
+ <protocol>icmp</protocol>
+ <icmp>
+ <type>3</type>
+ </icmp>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>323</entry-id>
+ <description>ICMP_accept</description>
+ <match>
+ <protocol>icmp</protocol>
+ <icmp>
+ <type>11</type>
+ </icmp>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>324</entry-id>
+ <description>ICMP_accept</description>
+ <match>
+ <protocol>icmp</protocol>
+ <icmp>
+ <type>13</type>
+ </icmp>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>325</entry-id>
+ <description>ICMP_accept</description>
+ <match>
+ <protocol>icmp</protocol>
+ <icmp>
+ <type>14</type>
+ </icmp>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>340</entry-id>
+ <description>TWAMP_accept</description>
+ <match>
+ <protocol>tcp-udp</protocol>
+ <src-ip>
+ <ip-prefix-list>TWAMP_CLIENTS</ip-prefix-list>
+ </src-ip>
+ <port>
+ <eq>862</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>341</entry-id>
+ <description>TWAMP_accept</description>
+ <match>
+ <protocol>tcp-udp</protocol>
+ <src-ip>
+ <ip-prefix-list>TWAMP_CLIENTS</ip-prefix-list>
+ </src-ip>
+ <port>
+ <range>
+ <start>10000</start>
+ <end>65535</end>
+ </range>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>342</entry-id>
+ <description>ZR+ DHCP</description>
+ <match>
+ <protocol>udp</protocol>
+ <src-ip>
+ <address>0.0.0.0</address>
+ <mask>255.255.255.255</mask>
+ </src-ip>
+ <dst-ip>
+ <address>255.255.255.255</address>
+ <mask>255.255.255.255</mask>
+ </dst-ip>
+ <src-port>
+ <eq>68</eq>
+ </src-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>343</entry-id>
+ <description>ZR+ DHCP SRV</description>
+ <match>
+ <protocol>udp</protocol>
+ <src-port>
+ <range>
+ <start>67</start>
+ <end>68</end>
+ </range>
+ </src-port>
+ <dst-port>
+ <range>
+ <start>67</start>
+ <end>68</end>
+ </range>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>344</entry-id>
+ <description>RICH HATES EVERYTHING</description>
+ <match>
+ <protocol>tcp</protocol>
+ <src-ip>
+ <address>10.100.75.0</address>
+ <mask>255.255.255.0</mask>
+ </src-ip>
+ <src-port>
+ <eq>22</eq>
+ </src-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ </ip-filter>
+ <ipv6-filter>
+ <admin-state>enable</admin-state>
+ <entry>
+ <entry-id>110</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_DASHBOARD</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>22</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>112</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_VPN_NETWORKS</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>22</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>113</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_GAP</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>22</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>114</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_NE_SERVERS</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>22</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>115</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_OC_SERVERS</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>22</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>116</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_JUMP_SERVERS</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>22</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>117</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_VULN_SCANNER</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>22</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>118</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_LOOKING_GLASS</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>22</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>119</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_RANCID</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>22</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>120</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_IMS</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>22</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>121</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_LIBRENMS</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>22</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>122</entry-id>
+ <description>SSH_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_NEMO_SERVERS</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>22</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>130</entry-id>
+ <description>Netconf_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_SUPERPOP</ipv6-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>830</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>131</entry-id>
+ <description>Netconf_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_VPN_NETWORKS</ipv6-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>830</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>132</entry-id>
+ <description>Netconf_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_ADDRESS_SPACE</ipv6-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>830</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>133</entry-id>
+ <description>Netconf_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_GAP</ipv6-prefix-list>
+ </src-ip>
+ <dst-port>
+ <eq>830</eq>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>140</entry-id>
+ <description>BGP_accept</description>
+ <match>
+ <next-header>tcp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>BGP_PEERS_BASE</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>179</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>170</entry-id>
+ <description>TRACEROUTE</description>
+ <match>
+ <next-header>udp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_ADDRESS_SPACE</ipv6-prefix-list>
+ </src-ip>
+ <dst-port>
+ <range>
+ <start>33434</start>
+ <end>33466</end>
+ </range>
+ </dst-port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>180</entry-id>
+ <description>PIM_accept</description>
+ <match>
+ <next-header>pim</next-header>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>190</entry-id>
+ <description>IPV6_ND_LOCAL</description>
+ <match>
+ <next-header>ipv6-icmp</next-header>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>200</entry-id>
+ <description>IPV6_ND</description>
+ <match>
+ <dst-ip>
+ <address>fe80::/10</address>
+ </dst-ip>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>201</entry-id>
+ <description>IPV6_ND</description>
+ <match>
+ <dst-ip>
+ <address>ff02::/123</address>
+ </dst-ip>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>202</entry-id>
+ <description>IPV6_ND</description>
+ <match>
+ <dst-ip>
+ <address>ff02::1:ff00:0/104</address>
+ </dst-ip>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>210</entry-id>
+ <description>ICMP</description>
+ <match>
+ <next-header>ipv6-icmp</next-header>
+ <icmp>
+ <type>129</type>
+ </icmp>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>211</entry-id>
+ <description>ICMP</description>
+ <match>
+ <next-header>ipv6-icmp</next-header>
+ <icmp>
+ <type>128</type>
+ </icmp>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>212</entry-id>
+ <description>ICMP</description>
+ <match>
+ <next-header>ipv6-icmp</next-header>
+ <icmp>
+ <type>1</type>
+ </icmp>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>213</entry-id>
+ <description>ICMP</description>
+ <match>
+ <next-header>ipv6-icmp</next-header>
+ <icmp>
+ <type>3</type>
+ </icmp>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>214</entry-id>
+ <description>ICMP</description>
+ <match>
+ <next-header>ipv6-icmp</next-header>
+ <icmp>
+ <type>2</type>
+ </icmp>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>215</entry-id>
+ <description>ICMP</description>
+ <match>
+ <next-header>ipv6-icmp</next-header>
+ <icmp>
+ <type>4</type>
+ </icmp>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>220</entry-id>
+ <description>DNS_accept</description>
+ <match>
+ <next-header>udp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_DNS</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>53</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>221</entry-id>
+ <description>DNS_accept</description>
+ <match>
+ <next-header>udp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_DNS_EXT</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>53</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>230</entry-id>
+ <description>T-LDP_accept</description>
+ <match>
+ <next-header>tcp-udp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_ROUTERS</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>646</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ <entry>
+ <entry-id>240</entry-id>
+ <description>SNMP_accept</description>
+ <match>
+ <next-header>udp</next-header>
+ <src-ip>
+ <ipv6-prefix-list>GEANT_SNMP</ipv6-prefix-list>
+ </src-ip>
+ <port>
+ <eq>161</eq>
+ </port>
+ </match>
+ <action>
+ <accept/>
+ </action>
+ </entry>
+ </ipv6-filter>
+ </cpm-filter>
+ <snmp>
+ <access>
+ <group>TEST02_ALL</group>
+ <context/>
+ <security-model>snmpv2c</security-model>
+ <security-level>no-auth-no-privacy</security-level>
+ <read>TEST02_ALL</read>
+ </access>
+ <access>
+ <group>TEST_VIEW</group>
+ <context/>
+ <security-model>snmpv2c</security-model>
+ <security-level>no-auth-no-privacy</security-level>
+ <read>TEST_VIEW</read>
+ </access>
+ <access>
+ <group>TIMEMAP_VIEW</group>
+ <context/>
+ <security-model>snmpv2c</security-model>
+ <security-level>no-auth-no-privacy</security-level>
+ <read>TIMEMAP_VIEW</read>
+ </access>
+ <community>
+ <community-string>fKmeUgu3e3Y3V86ojMHvRSC2juAhqvQ= hash2</community-string>
+ <access-permissions>r</access-permissions>
+ <version>v2c</version>
+ </community>
+ <community>
+ <community-string>b7aBW8s016owF7TrREXkWpF6DuJeFLCo hash2</community-string>
+ <access-permissions>r</access-permissions>
+ <version>v2c</version>
+ </community>
+ <community>
+ <community-string>oxFVrBd8a5H95Vm0EDDzJuKSuTJj3N7jgPY= hash2</community-string>
+ <access-permissions>r</access-permissions>
+ <version>v2c</version>
+ </community>
+ <community>
+ <community-string>T/HncCuiCjJnanm/+H+wGKMUjL4lKD5aTw== hash2</community-string>
+ <access-permissions>r</access-permissions>
+ <version>v2c</version>
+ </community>
+ <community>
+ <community-string>16uA7u9cqfT9iyJjFIU1ASGnwI6JEf25P7FCPUKbKQ== hash2</community-string>
+ <access-permissions>r</access-permissions>
+ <version>v2c</version>
+ </community>
+ <community>
+ <community-string>lO4FkzXlh+UBzEv5BhPggdXcfzE= hash2</community-string>
+ <access-permissions>r</access-permissions>
+ <version>v2c</version>
+ </community>
+ <community>
+ <community-string>il8dDgmQIsrKNwA+8vExpx2FTNMoekyd hash2</community-string>
+ <access-permissions>r</access-permissions>
+ <version>v2c</version>
+ </community>
+ <community>
+ <community-string>v0HSWZzcNw2KPHnJKglurKjGFS923QwOMdg2 hash2</community-string>
+ <access-permissions>r</access-permissions>
+ <version>v2c</version>
+ </community>
+ <community>
+ <community-string>Qr2f8qbBy/hUXEsGDHcEHHG1f4cd7/v3iiTs8Vvt1UWmZQ== hash2</community-string>
+ <access-permissions>r</access-permissions>
+ <version>v2c</version>
+ </community>
+ <community>
+ <community-string>eP+2YXdjau3fZln3V8OhmDHNPy3/HKGrXdkvQpI= hash2</community-string>
+ <access-permissions>r</access-permissions>
+ <version>v2c</version>
+ </community>
+ <community>
+ <community-string>zO4TNsK3Tow7RKWHoepZnX4pN2keYQGiPNU= hash2</community-string>
+ <access-permissions>r</access-permissions>
+ <version>v2c</version>
+ </community>
+ <usm-community>
+ <community-string>SrVB4RtXTrvi8HXjFOlK/V0VPBm9L6Jy hash2</community-string>
+ <group>TIMEMAP_VIEW</group>
+ <source-access-list>snmp_3VfrNKak</source-access-list>
+ </usm-community>
+ <usm-community>
+ <community-string>k36NX7tIvUlJU2zWW401xPURCUy8zKBN hash2</community-string>
+ <group>TEST_VIEW</group>
+ </usm-community>
+ <usm-community>
+ <community-string>8SAN4EbsP7Og0Hhe40PyiXsCVaDd0PZXaf8= hash2</community-string>
+ <group>TEST02_ALL</group>
+ </usm-community>
+ <source-access-list>
+ <list-name>snmp_3VfrNKak</list-name>
+ <source-host>
+ <host-name>3VfrNKak_LIBRE-TEST</host-name>
+ <address>62.40.111.47</address>
+ </source-host>
+ <source-host>
+ <host-name>3VfrNKak_TIMEMAP-01</host-name>
+ <address>193.219.48.249</address>
+ </source-host>
+ <source-host>
+ <host-name>3VfrNKak_TIMEMAP-02</host-name>
+ <address>193.219.48.250</address>
+ </source-host>
+ <source-host>
+ <host-name>3VfrNKak_TIMEMAP-03</host-name>
+ <address>83.97.94.180</address>
+ </source-host>
+ <source-host>
+ <host-name>3VfrNKak_TIMEMAP-04</host-name>
+ <address>83.97.95.193</address>
+ </source-host>
+ <source-host>
+ <host-name>3VfrNKak_TIMEMAP-05</host-name>
+ <address>83.97.95.194</address>
+ </source-host>
+ <source-host>
+ <host-name>3VfrNKak_TIMEMAP-06</host-name>
+ <address>83.97.95.195</address>
+ </source-host>
+ </source-access-list>
+ <view>
+ <view-name>TEST02_ALL</view-name>
+ <subtree>1</subtree>
+ <mask>ff</mask>
+ </view>
+ <view>
+ <view-name>TEST_VIEW</view-name>
+ <subtree>1.3.6.1.2.1.2.2.1.4</subtree>
+ <type>included</type>
+ </view>
+ <view>
+ <view-name>TEST_VIEW</view-name>
+ <subtree>1.3.6.1.2.1.2.2.1.8</subtree>
+ <type>included</type>
+ </view>
+ <view>
+ <view-name>TEST_VIEW</view-name>
+ <subtree>1.3.6.1.2.1.31.1.1.1.1</subtree>
+ <type>included</type>
+ </view>
+ <view>
+ <view-name>TEST_VIEW</view-name>
+ <subtree>1.3.6.1.2.1.31.1.1.1.15</subtree>
+ <type>included</type>
+ </view>
+ <view>
+ <view-name>TEST_VIEW</view-name>
+ <subtree>1.3.6.1.2.1.31.1.1.1.18</subtree>
+ <type>included</type>
+ </view>
+ <view>
+ <view-name>TIMEMAP_VIEW</view-name>
+ <subtree>.1.3.6.1.4.1.6527.3.1.2.92</subtree>
+ <type>included</type>
+ </view>
+ </snmp>
+ <ssh>
+ <preserve-key>true</preserve-key>
+ <server-cipher-list-v2>
+ <cipher>
+ <index>190</index>
+ <name>aes256-ctr</name>
+ </cipher>
+ <cipher>
+ <index>192</index>
+ <name>aes192-ctr</name>
+ </cipher>
+ <cipher>
+ <index>194</index>
+ <name>aes128-ctr</name>
+ </cipher>
+ <cipher>
+ <index>200</index>
+ <name>aes128-cbc</name>
+ </cipher>
+ <cipher>
+ <index>205</index>
+ <name>3des-cbc</name>
+ </cipher>
+ <cipher>
+ <index>225</index>
+ <name>aes192-cbc</name>
+ </cipher>
+ <cipher>
+ <index>230</index>
+ <name>aes256-cbc</name>
+ </cipher>
+ </server-cipher-list-v2>
+ <client-cipher-list-v2>
+ <cipher>
+ <index>190</index>
+ <name>aes256-ctr</name>
+ </cipher>
+ <cipher>
+ <index>192</index>
+ <name>aes192-ctr</name>
+ </cipher>
+ <cipher>
+ <index>194</index>
+ <name>aes128-ctr</name>
+ </cipher>
+ <cipher>
+ <index>200</index>
+ <name>aes128-cbc</name>
+ </cipher>
+ <cipher>
+ <index>205</index>
+ <name>3des-cbc</name>
+ </cipher>
+ <cipher>
+ <index>225</index>
+ <name>aes192-cbc</name>
+ </cipher>
+ <cipher>
+ <index>230</index>
+ <name>aes256-cbc</name>
+ </cipher>
+ </client-cipher-list-v2>
+ <server-mac-list-v2>
+ <mac>
+ <index>200</index>
+ <name>hmac-sha2-512</name>
+ </mac>
+ <mac>
+ <index>210</index>
+ <name>hmac-sha2-256</name>
+ </mac>
+ <mac>
+ <index>215</index>
+ <name>hmac-sha1</name>
+ </mac>
+ <mac>
+ <index>220</index>
+ <name>hmac-sha1-96</name>
+ </mac>
+ <mac>
+ <index>225</index>
+ <name>hmac-md5</name>
+ </mac>
+ <mac>
+ <index>240</index>
+ <name>hmac-md5-96</name>
+ </mac>
+ </server-mac-list-v2>
+ <client-mac-list-v2>
+ <mac>
+ <index>200</index>
+ <name>hmac-sha2-512</name>
+ </mac>
+ <mac>
+ <index>210</index>
+ <name>hmac-sha2-256</name>
+ </mac>
+ <mac>
+ <index>215</index>
+ <name>hmac-sha1</name>
+ </mac>
+ <mac>
+ <index>220</index>
+ <name>hmac-sha1-96</name>
+ </mac>
+ <mac>
+ <index>225</index>
+ <name>hmac-md5</name>
+ </mac>
+ <mac>
+ <index>240</index>
+ <name>hmac-md5-96</name>
+ </mac>
+ </client-mac-list-v2>
+ </ssh>
+ <user-params>
+ <authentication-order>
+ <order>radius</order>
+ <order>local</order>
+ </authentication-order>
+ <local-user>
+ <user>
+ <user-name>R4nC1dN0k</user-name>
+ <password>$2y$10$SKQqRBwvLOhdc6dJJ6FeI.1Yv4fztCf1xmoUTMCPRKIu6wDEAsR4G</password>
+ <access>
+ <console>true</console>
+ </access>
+ <console>
+ <member>config_backup</member>
+ </console>
+ <public-keys>
+ <ecdsa>
+ <ecdsa-key>
+ <ecdsa-public-key-id>1</ecdsa-public-key-id>
+ <key-value>AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH8Qe7NoQCFnKnXRl2sPB1yUXf4hokYsN3HUbj6fKkeDCLDL9MWxXRh2Pbns/q1Y79Ab6GkjcnhxFIMT6Wj1i5E=</key-value>
+ </ecdsa-key>
+ </ecdsa>
+ </public-keys>
+ </user>
+ <user>
+ <user-name>admin</user-name>
+ <password>$2y$10$k2TmajZKvyznJSnXDNCVs.UW7z1s5of1Vy/ZRtsMzKMuTKxUKzUAm</password>
+ <access>
+ <console>true</console>
+ </access>
+ <console>
+ <member>administrative</member>
+ </console>
+ </user>
+ <user>
+ <user-name>inprov</user-name>
+ <password>$2y$10$KdVzmdaM917QiD2CeK1hI.EAFgTMfjHsLOESCejQytl4bbUNu1EfW</password>
+ <access>
+ <console>true</console>
+ <netconf>true</netconf>
+ </access>
+ <console>
+ <member>administrative</member>
+ </console>
+ <public-keys>
+ <rsa>
+ <rsa-key>
+ <rsa-public-key-id>1</rsa-public-key-id>
+ <key-value>AAAAB3NzaC1yc2EAAAADAQABAAACAQC8MAtn/FRKr7NzeRZo+AURHNYbBVEp9Xy67Fa4eetETCV5IJZ7VZKuGJC/IUD8OLEAKCfpgHoQ+QeJCp5M4llKqbB9EsKHbq9SWcN0oB39jYHsYQO9/CwG3TaQPbwWDCmJowKOkfDVdNjhmD9E5hvsoazIBny29RfXCnYFcogITQ9z49npQdtF8IF+3qNYxGTJUUEt1EFymYpl9c77LFnZuppDQlTdpa8A33klcrhUKTXxn2AZcFdg5ZGBbajTBvFqG/1U/RgCdHpeLxS1UW29FTu7SFllSG/XvEL9Ai91MPMpr07vQVc8DqZFQ5o7AhHkm3fXpvIgnff2YroXZhjF1sIRS7F5WY48o/sCBN36wGmQgfvuxGeQ1B2LDMhdtX0oN0KiMZ2HFuhGJIpmUhB7iMv9aZxJV+/RCjdJIzq6S/ilPZzwOjFy8H2zDy9YPGNQgAI5JJtRcEbCgnqYWfCkY7sr9vK3wwCGDfqhRyUaTj1teVDrCEWdEPSjsTDc9D1JNr/4vnYW3OJH7Cvu+ELXMwfpkad9A0jfdAtDuUoC63sG4Z6ybRdJ80ozlbwSmXc4vLJKm9chPSu9lBsC9/1Vyvn3PeZ6c3NV0ZTwtfTWRSb5S2Go9uYWHR/wppDvhX0LWbWTXG0OJUIu3ik9/asmSF+kCuQ3+XtYSFiMm4Fz0w==</key-value>
+ </rsa-key>
+ </rsa>
+ </public-keys>
+ </user>
+ <user>
+ <user-name>lab_nomios_support</user-name>
+ <password>$2y$10$ZTzhOaVRQ16MzJ6WtkivM.W7CWx5oFOhkTdrroYx.3S0FuHZLeNdS</password>
+ <access>
+ <console>true</console>
+ </access>
+ <console>
+ <member>restricted-mon</member>
+ </console>
+ </user>
+ <user>
+ <user-name>oxidized</user-name>
+ <password>$2y$10$TQrZlpBDra86.qoexZUzQeBXDY1FcdDhGWdD9lLxMuFyPVSm0OGy6</password>
+ <access>
+ <console>true</console>
+ </access>
+ <console>
+ <member>config_backup</member>
+ </console>
+ <public-keys>
+ <rsa>
+ <rsa-key>
+ <rsa-public-key-id>1</rsa-public-key-id>
+ <key-value>AAAAB3NzaC1yc2EAAAADAQABAAABAQCsK6oYb/QBeJpHYMGtH5wgnhg6urVDCsbKYVh+0tqMMqXchpjVFts6ulBtRUumHKbeUki6W+bP9GK5UQ/aYoNnBopNZSPAQdMFo/d5wg6aUyZYXp5g6LmTQX+seVilSa11CpMmOYRykU/pMaHev/s0RBMgpskhKJxRp+ws0mTX8jaNsgs8DV7cZ9q2LNPZ6Hb01bmTQjwUDXbuZcmbgbvdSca64+X+4rQT5M0uGt6j9U9xncXtn5kdoUkYcFwYQ+n1patGssM8wU6KTxk2jha+S5bN+aK1ZtPkcRhFZjulXJjM0R1GLJuo6OvGsrfTs6yVaiXi7i3Hlv2wlcXXZ6Gb</key-value>
+ </rsa-key>
+ </rsa>
+ </public-keys>
+ </user>
+ <user>
+ <user-name>python</user-name>
+ <password>$2y$10$XGlShsd8pSkgNdDXusJVo.fnwZJgC.XZznTG1hB9mg3wzYSb7hGLe</password>
+ <access>
+ <console>true</console>
+ </access>
+ <console>
+ <member>administrative</member>
+ </console>
+ <public-keys>
+ <rsa>
+ <rsa-key>
+ <rsa-public-key-id>1</rsa-public-key-id>
+ <key-value>AAAAB3NzaC1yc2EAAAADAQABAAABAQDbIxpccubnBvn918JoKpWkzxsX3aCS7H2BUpb7r6tEboOwwpTAnQtiVjMYUsUCL7I7FdujmYK8bwC6YKYFI8fUEdDpthTbLSIfyhapo6eigz30E1RInBaLDrTKD736EMCVkwZPCLilwYuL/IbuZETbd5xXLiW8By2691OC28bKl2AXiW/6MvQ2Pu3vIN1Y3YEYkSCV8vh/rQUQmwJi6CWw+f5R4KWHyyc9t4kSfZPOTyEkaYp67ipeRtQJU2VxlG35mGdHCPHJo6icVmXcMNQRLwX71MTz1jJCtNv8xIkpZQ0u7U2qYLHTvh/HmwNc8riLFLmm24ZaiKdoCpmfnLBX</key-value>
+ </rsa-key>
+ </rsa>
+ </public-keys>
+ </user>
+ <user>
+ <user-name>ronald.vanos</user-name>
+ <password>$2y$10$CSna2OU95mup7naLQ0486.mWU02W2Bq3jz9RkeyPuvGeSxjtOmixu</password>
+ <access>
+ <console>true</console>
+ </access>
+ <console>
+ <member>administrative</member>
+ </console>
+ <public-keys>
+ <rsa>
+ <rsa-key>
+ <rsa-public-key-id>1</rsa-public-key-id>
+ <key-value>AAAAB3NzaC1yc2EAAAADAQABAAABAQC8KZQbwczDck01O8CSixnHc4w1Nz2I/WlY8jSjX0uOm3KKiZ9NnvdCMy3SzG5qNZ7fXFo07Jcav84EGJdNOErZhSEW1C/P629+Ki3sxwyXK/0Je0pNlURe2kUwdgdppRiNuM2EUSBERPMiPmvzkcVQsh/Pqlx/1bd5aYv0Q623uGfOW91z86gZfNCLl40FfcGLmrYHToHrgx8P9GxgwG1HnXC1Ng7N41wz3S6xJXpBMnhJf1selGDvZhEI9jHVYr/KPta3hPea6sP5zn6BAuI2oXOKVV6vUTPzhWmMk3rqb8Kl6g9ae2aO2owyiWlUqvq4DDVkLN8Bwlq177FSyepT</key-value>
+ </rsa-key>
+ </rsa>
+ </public-keys>
+ </user>
+ <user>
+ <user-name>ronald_admin</user-name>
+ <password>$2y$10$O3E8ayVveKPctz2s/OT/U.C9Dy8IIz5jgb0zmKj7FU1E4NitWcyK6</password>
+ <access>
+ <console>true</console>
+ </access>
+ <console>
+ <member>administrative</member>
+ </console>
+ </user>
+ <user>
+ <user-name>srv_ims_SROS</user-name>
+ <password>$2y$10$Wib89Y3VCmjysYTB/pAmA.IyL7P04aHDMOqLJjD0ZI4ETgM/rLBHq</password>
+ <access>
+ <console>true</console>
+ </access>
+ <console>
+ <member>restricted-mon</member>
+ </console>
+ </user>
+ <user>
+ <user-name>srv_ne_scripts</user-name>
+ <password>$2y$10$XGlShsd8pSkgNdDXusJVo.fnwZJgC.XZznTG1hB9mg3wzYSb7hGLe</password>
+ <access>
+ <console>true</console>
+ <netconf>true</netconf>
+ </access>
+ <console>
+ <member>administrative</member>
+ </console>
+ <public-keys>
+ <rsa>
+ <rsa-key>
+ <rsa-public-key-id>1</rsa-public-key-id>
+ <key-value>AAAAB3NzaC1yc2EAAAADAQABAAABAQDbIxpccubnBvn918JoKpWkzxsX3aCS7H2BUpb7r6tEboOwwpTAnQtiVjMYUsUCL7I7FdujmYK8bwC6YKYFI8fUEdDpthTbLSIfyhapo6eigz30E1RInBaLDrTKD736EMCVkwZPCLilwYuL/IbuZETbd5xXLiW8By2691OC28bKl2AXiW/6MvQ2Pu3vIN1Y3YEYkSCV8vh/rQUQmwJi6CWw+f5R4KWHyyc9t4kSfZPOTyEkaYp67ipeRtQJU2VxlG35mGdHCPHJo6icVmXcMNQRLwX71MTz1jJCtNv8xIkpZQ0u7U2qYLHTvh/HmwNc8riLFLmm24ZaiKdoCpmfnLBX</key-value>
+ </rsa-key>
+ </rsa>
+ </public-keys>
+ <ssh-authentication-method>
+ <server>
+ <public-key-only>true</public-key-only>
+ </server>
+ </ssh-authentication-method>
+ </user>
+ </local-user>
+ </user-params>
+ </security>
+ <time>
+ <zone>
+ <standard>
+ <name>utc</name>
+ </standard>
+ </zone>
+ <ntp>
+ <admin-state>enable</admin-state>
+ <server>
+ <ip-address>62.40.123.21</ip-address>
+ <router-instance>Base</router-instance>
+ <key-id>10</key-id>
+ </server>
+ <server>
+ <ip-address>62.40.123.23</ip-address>
+ <router-instance>Base</router-instance>
+ <key-id>10</key-id>
+ </server>
+ <server>
+ <ip-address>62.40.123.103</ip-address>
+ <router-instance>Base</router-instance>
+ <key-id>10</key-id>
+ </server>
+ <authentication-key>
+ <key-id>10</key-id>
+ <key>HqPnbTyN1I9H2OI6TlxzuBx8h7+GMgR3 hash2</key>
+ <type>message-digest</type>
+ </authentication-key>
+ </ntp>
+ </time>
+ </system>
+ <test-oam>
+ <twamp>
+ <server>
+ <admin-state>enable</admin-state>
+ <prefix>
+ <ip-prefix>62.40.98.36/31</ip-prefix>
+ </prefix>
+ <prefix>
+ <ip-prefix>62.40.98.52/31</ip-prefix>
+ </prefix>
+ </server>
+ </twamp>
+ </test-oam>
+ </configure>
+ </data>
+
diff --git a/test/per_router/conftest.py b/test/per_router/conftest.py
index bb581421d103815471fa6229ac4ab6073a382d83..7f4842c96ded38787ceaa90956424f0d17d57289 100644
--- a/test/per_router/conftest.py
+++ b/test/per_router/conftest.py
@@ -1,6 +1,5 @@
-import glob
import json
-import os
+import pathlib
import re
from unittest.mock import patch
@@ -10,41 +9,31 @@ from ncclient.manager import make_device_handler, Manager
from ncclient.transport import SSHSession
from ncclient.xml_ import NCElement
-import inventory_provider
from inventory_provider import juniper
-TEST_DATA_DIRNAME = os.path.realpath(os.path.join(
- inventory_provider.__path__[0],
- "..",
- "test",
- "data"))
+
+TEST_DATA_DIR = pathlib.Path(__file__).parent / "../data"
@pytest.fixture
def classifier_cache_test_entries():
- filename = os.path.join(
- TEST_DATA_DIRNAME, 'classifier-cache-entries.json')
- with open(filename) as f:
- return json.loads(f.read())
-
+ file = TEST_DATA_DIR.joinpath('classifier-cache-entries.json')
+ return json.loads(file.read_text())
-def pytest_generate_tests(metafunc):
- # TODO: can we really not get netconf data for all routers?
- def _available_netconf_hosts():
- for fn in glob.glob(os.path.join(TEST_DATA_DIRNAME, '*-netconf.xml')):
- m = re.match('(.*)-netconf.xml', os.path.basename(fn))
- assert m # sanity
- yield m.group(1)
- routers = list(_available_netconf_hosts())
- metafunc.parametrize("router", routers)
+@pytest.fixture(params=list(TEST_DATA_DIR.glob('*-netconf.xml')))
+def router(request):
+ file: pathlib.Path = request.param
+ m = re.match('(.*)-netconf.xml', file.name)
+ assert m # sanity
+ return m.group(1)
class MockedJunosRpc(object):
def __init__(self, hostname):
- filename = os.path.join(TEST_DATA_DIRNAME, "%s-netconf.xml" % hostname)
- self.config = etree.parse(filename)
+ file = TEST_DATA_DIR.joinpath(f'{hostname}-netconf.xml')
+ self.config = etree.parse(file)
def get_config(self):
return self.config
@@ -74,11 +63,10 @@ def netconf_doc(mocker, router, data_config):
@pytest.fixture
def interface_info_response(router):
- filename = os.path.join(TEST_DATA_DIRNAME, 'interface_info', f'{router}.xml')
+ file = TEST_DATA_DIR / f"interface_info/{router}.xml"
+
try:
- with open(filename, 'r') as file:
- data = file.read()
- return data
+ return file.read_text()
except FileNotFoundError:
pytest.skip(f'no corresponding interface_info doc for {router}, skipping')
diff --git a/test/per_router/test_celery_worker.py b/test/per_router/test_celery_worker.py
index 7002491eb012e120cdde7abd49c8514f7438718f..50734ddbdd510944660600851e1a0ee4b6b05eb5 100644
--- a/test/per_router/test_celery_worker.py
+++ b/test/per_router/test_celery_worker.py
@@ -4,6 +4,7 @@ and some data ends up in the right place ... otherwise not very detailed
"""
import re
+import ncclient.transport.errors
import pytest
from inventory_provider.tasks import worker
@@ -20,12 +21,20 @@ def backend_db():
}).db
-def test_netconf_refresh_config(mocked_worker_module, router):
+@pytest.fixture
+def mocked_juniper(mocker):
+ return mocker.patch(
+ "inventory_provider.juniper.get_interface_info_for_router",
+ side_effect=ncclient.transport.errors.SSHError
+ )
+
+
+def test_netconf_refresh_config(mocked_worker_module, router, mocked_juniper):
if router in ['qfx.par.fr.geant.net', 'qfx.fra.de.geant.net']:
# expected to fail
pytest.skip(f'test data has no community string for {router}')
del backend_db()['netconf:' + router]
- worker.reload_router_config_chorded(router)
+ worker.reload_router_config_juniper(router)
assert backend_db()['netconf:' + router]
@@ -41,7 +50,7 @@ def test_snmp_refresh_interfaces(mocked_worker_module, router):
for k in list(_ifc_keys()):
del backend_db()[k]
- worker.snmp_refresh_interfaces_chorded(router, 'fake-community', [])
+ worker.snmp_refresh_interfaces_juniper(router, 'fake-community', [])
assert backend_db()['snmp-interfaces:' + router]
assert list(_ifc_keys())
@@ -57,7 +66,7 @@ def test_snmp_refresh_peerings(mocked_worker_module, router):
for k in list(_ifc_keys()):
del backend_db()[k]
- worker.snmp_refresh_peerings_chorded(router, 'fake-community', [])
+ worker.snmp_refresh_peerings_juniper(router, 'fake-community', [])
assert list(_ifc_keys())
@@ -88,7 +97,8 @@ def test_reload_router_config(mocked_worker_module, router, mocker):
backend_db()[key] = saved_data[key]
return saved_data[key]
mocker.patch(
- 'inventory_provider.tasks.worker.retrieve_and_persist_netconf_config',
+ 'inventory_provider.tasks.worker.'
+ 'retrieve_and_persist_netconf_config_juniper',
_mocked_retrieve_and_persist_netconf_config)
def _mocked_retrieve_and_persist_interface_info(*args, **kwargs):
@@ -96,7 +106,8 @@ def test_reload_router_config(mocked_worker_module, router, mocker):
backend_db()[key] = saved_data[key]
return saved_data[key]
mocker.patch(
- 'inventory_provider.tasks.worker.retrieve_and_persist_interface_info',
+ 'inventory_provider.tasks.worker.'
+ 'retrieve_and_persist_interface_info_juniper',
_mocked_retrieve_and_persist_interface_info)
def _mocked_snmp_refresh_interfaces_chorded(*args, **kwargs):
@@ -105,14 +116,14 @@ def test_reload_router_config(mocked_worker_module, router, mocker):
backend_db()[key] = saved_data[key]
mocker.patch(
- 'inventory_provider.tasks.worker.snmp_refresh_interfaces_chorded',
+ 'inventory_provider.tasks.worker.snmp_refresh_interfaces_juniper',
_mocked_snmp_refresh_interfaces_chorded)
def _mocked_snmp_refresh_peerings_chorded(*args, **kwargs):
assert len(args) == 3
backend_db().update(saved_peerings)
mocker.patch(
- 'inventory_provider.tasks.worker.snmp_refresh_peerings_chorded',
+ 'inventory_provider.tasks.worker.snmp_refresh_peerings_juniper',
_mocked_snmp_refresh_peerings_chorded)
def _mocked_update_status(self, **kwargs):
@@ -121,7 +132,7 @@ def test_reload_router_config(mocked_worker_module, router, mocker):
'inventory_provider.tasks.worker.InventoryTask.update_state',
_mocked_update_status)
- worker.reload_router_config_chorded(router)
+ worker.reload_router_config_juniper(router)
assert 'netconf:' + router in backend_db()
assert 'intinfo:' + router in backend_db()
assert 'snmp-interfaces:' + router in backend_db()
diff --git a/test/test_flask_config.py b/test/test_flask_config.py
index 54d0e1de8ac447ef504643e546e3fabcfacc3fda..e3e010f8d0a1b1ad56539069adc7f3c827e2be41 100644
--- a/test/test_flask_config.py
+++ b/test/test_flask_config.py
@@ -17,6 +17,11 @@ def config():
'private-key': 'private_key_content',
'known-hosts': 'known_hosts_content'
},
+ "nokia-ssh": {
+ "username": "uSeR-NaMe",
+ "password": "dummy-password",
+ "known-hosts": "known-hosts=filename"
+ },
'redis-databases': [0, 1, 2],
'ims': {
'api': 'ims_api',
diff --git a/test/test_general_poller_routes.py b/test/test_general_poller_routes.py
index 03366d6b4f0154d1e591e790560fe98e9ced67c7..a42700acd659488fea874a41680058e951f13d69 100644
--- a/test/test_general_poller_routes.py
+++ b/test/test_general_poller_routes.py
@@ -315,8 +315,27 @@ def test_interface_dashboard_mapping(description, expected_dashboards):
'description': description
}
dashboards = poller._get_dashboards(interface)
- dashboards = [d.name for d in dashboards]
- assert set(list(dashboards)) == set(expected_dashboards)
+ assert set(d.name for d in dashboards) == set(expected_dashboards)
+
+
+def test__CAE_1_dashboards():
+ interface = {
+ 'router': 'mx1.lon.uk.geant.net',
+ 'name': 'ae12.123',
+ 'description': ''
+ }
+ dashboards = poller._get_dashboards(interface)
+ assert set(d.name for d in dashboards) == {"CAE1"}
+
+
+def test_POL1_703_IC1_dashboards():
+ interface = {
+ 'router': 'rt1.mar.fr.geant.net',
+ 'name': 'ae12.123',
+ 'description': ''
+ }
+ dashboards = poller._get_dashboards(interface)
+ assert set(d.name for d in dashboards) == {"IC1"}
@pytest.mark.parametrize('interface,customers,dashboard_info', [
diff --git a/test/test_ims.py b/test/test_ims.py
index fc8c1c219d755659fe09fbd23a06659d5fa027d6..62898b4a69d83567930cd2a6607f0a29f4b1d52f 100644
--- a/test/test_ims.py
+++ b/test/test_ims.py
@@ -27,11 +27,12 @@ def test_ims_class_login(mocker):
'dummy_base', 'dummy_username', 'dummy_password')
ds.get_entity_by_id('Node', 1234)
mock_post.assert_called_once_with(
- 'dummy_base/login', auth=('dummy_username', 'dummy_password'))
+ 'dummy_base/login',
+ auth=('dummy_username', 'dummy_password'), verify=False)
mock_get.assert_called_once_with(
'dummy_base/ims/Node/1234',
headers={'Authorization': 'Bearer my_bearer_token'},
- params=None)
+ params=None, verify=False)
def test_ims_failed_response(mocker):
@@ -60,7 +61,7 @@ def test_ims_class_entity_by_id(mocker):
mock_get.assert_called_once_with(
'dummy_base/ims/Node/1234',
headers={'Authorization': 'Bearer dummy_bt'},
- params=None)
+ params=None, verify=False)
def test_ims_class_entity_by_name(mocker):
@@ -72,7 +73,7 @@ def test_ims_class_entity_by_name(mocker):
mock_get.assert_called_once_with(
'dummy_base/ims/Node/byname/"dummy_name"',
headers={'Authorization': 'Bearer dummy_bt'},
- params=None)
+ params=None, verify=False)
def test_ims_class_filtered_entities(mocker):
@@ -88,7 +89,7 @@ def test_ims_class_filtered_entities(mocker):
params={
'paginatorStartElement': 0,
'paginatorNumberOfElements': 50
- })
+ }, verify=False)
def side_effect(*args, **kargs):
if kargs['params']['paginatorStartElement'] == 0:
@@ -106,14 +107,14 @@ def test_ims_class_filtered_entities(mocker):
params={
'paginatorStartElement': 0,
'paginatorNumberOfElements': 2
- })
+ }, verify=False)
mock_multi_get.assert_any_call(
'dummy_base/ims/Node/filtered/dummy_param=dummy value',
headers={'Authorization': 'Bearer dummy_bt'},
params={
'paginatorStartElement': 2,
'paginatorNumberOfElements': 2
- })
+ }, verify=False)
assert mock_multi_get.call_count == 2
assert res == [1, 2, 3]
@@ -144,7 +145,7 @@ def test_ims_class_get_all_entities(mocker):
params={
'paginatorStartElement': 0,
'paginatorNumberOfElements': 10
- })
+ }, verify=False)
def test_ims_class_navigation_properties(mocker):
@@ -156,7 +157,7 @@ def test_ims_class_navigation_properties(mocker):
mock_get.assert_called_with(
'dummy_base/ims/Node/1234',
headers={'Authorization': 'Bearer dummy_bt'},
- params={'navigationproperty': 6})
+ params={'navigationproperty': 6}, verify=False)
def test_ims_class_cache(mocker):
diff --git a/test/test_job_routes.py b/test/test_job_routes.py
index c7c86e20b091a4f976a2518a240723c0ebc01177..de622e76daea94c14eb621fc644b031539e87cf4 100644
--- a/test/test_job_routes.py
+++ b/test/test_job_routes.py
@@ -104,7 +104,7 @@ class MockedAsyncResult(object):
def test_reload_router_config(client, mocker):
delay_result = mocker.patch(
- 'inventory_provider.tasks.worker.reload_router_config_chorded.delay')
+ 'inventory_provider.tasks.worker.reload_router_config_juniper.delay')
delay_result.return_value = MockedAsyncResult('bogus task id')
rv = client.get(
diff --git a/test/test_monitoring.py b/test/test_monitoring.py
index 66fa82851b4a4ccbeba942185f20a9567699e0e8..9365a3a869d600e1978aa143d2fb5bbaa9d80619 100644
--- a/test/test_monitoring.py
+++ b/test/test_monitoring.py
@@ -64,7 +64,7 @@ def backend_db():
def test_latchdb(data_config_filename, mocked_redis):
os.environ['INVENTORY_PROVIDER_CONFIG_FILENAME'] = data_config_filename
- monitor.run()
+ monitor.run(setup_logging=False)
db = backend_db()
diff --git a/test/test_nokia.py b/test/test_nokia.py
new file mode 100644
index 0000000000000000000000000000000000000000..2c4eb0a14a60fd3b0cf577990534ed58f82f64ea
--- /dev/null
+++ b/test/test_nokia.py
@@ -0,0 +1,37 @@
+import pathlib
+
+from lxml import etree
+
+from inventory_provider.nokia import get_lags, interface_info, get_ports
+
+netconf_doc = etree.parse(pathlib.Path(__file__).parent.joinpath(
+ 'data/rt0.lon.uk.lab.office.geant.net-netconf-nokia.xml'))
+
+
+def test_get_lags():
+ lags = list(get_lags(netconf_doc))
+ assert len(lags) == 4
+ found_names = {lag['name'] for lag in lags}
+ expected_names = {'lag-1', 'lag-2', 'lag-3', 'lag-31'}
+ assert found_names == expected_names
+
+
+def test_interface_info():
+ if_addresses = list(interface_info(netconf_doc))
+ assert len(if_addresses) == 5
+ found_names = {_interface['interface-name'] for _interface in if_addresses}
+ expected_names = {'lag-1.0', 'lag-2.0', 'system', 'to_rt0_ams_ZR-INFINERA',
+ 'to_rt0_ams_ZR-NOKIA'}
+ assert found_names == expected_names
+
+
+def test_get_ports():
+ ports = list(get_ports(netconf_doc))
+ assert len(ports) == 18
+ found_port_ids = {port['port-id'] for port in ports}
+ expected_ports = {
+ '1/1/c2', '1/1/c2/1', '1/1/c2/2', '1/1/c2/3', '1/1/c7', '1/1/c7/1',
+ '1/1/c8', '1/1/c8/1', '1/1/c9', '1/1/c9/1', '1/1/c13', '1/1/c13/1',
+ '2/1/c7', '2/1/c7/1', '2/1/c8', '2/1/c8/1', '2/1/c13', '2/1/c13/1',
+ }
+ assert found_port_ids == expected_ports
diff --git a/test/test_worker.py b/test/test_worker.py
index 83f9aca8a2a3a3784b0464f52ed1662eac8dac6c..0120d47f9de55b0806afac65d659290ea909538d 100644
--- a/test/test_worker.py
+++ b/test/test_worker.py
@@ -1,10 +1,14 @@
import json
+import pathlib
+
+import jsonschema
+from lxml import etree
from inventory_provider.tasks import common
from inventory_provider.tasks.worker import transform_ims_data, \
extract_ims_data, persist_ims_data, \
retrieve_and_persist_neteng_managed_device_list, \
- populate_poller_interfaces_cache
+ populate_poller_interfaces_cache, refresh_nokia_interface_list
def test_extract_ims_data(mocker):
@@ -597,26 +601,26 @@ def test_persist_ims_data(mocker, data_config, mocked_redis):
r.delete(k)
persist_ims_data(data)
- assert [k.decode("utf-8") for k in r.keys("ims:pop_nodes:*")] == \
- ["ims:pop_nodes:LOC A", "ims:pop_nodes:LOC B"]
+ assert {k.decode("utf-8") for k in r.keys("ims:pop_nodes:*")} == \
+ {"ims:pop_nodes:LOC A", "ims:pop_nodes:LOC B"}
- assert [k.decode("utf-8") for k in r.keys("ims:location:*")] == \
- ["ims:location:eq_a", "ims:location:eq_b"]
+ assert {k.decode("utf-8") for k in r.keys("ims:location:*")} == \
+ {"ims:location:eq_a", "ims:location:eq_b"}
- assert [k.decode("utf-8") for k in r.keys("ims:lg:*")] == \
- ["ims:lg:lg_eq1", "ims:lg:lg_eq2"]
+ assert {k.decode("utf-8") for k in r.keys("ims:lg:*")} == \
+ {"ims:lg:lg_eq1", "ims:lg:lg_eq2"}
- assert [k.decode("utf-8") for k in r.keys("ims:circuit_hierarchy:*")] == \
- ["ims:circuit_hierarchy:123", "ims:circuit_hierarchy:456"]
+ assert {k.decode("utf-8") for k in r.keys("ims:circuit_hierarchy:*")} == \
+ {"ims:circuit_hierarchy:123", "ims:circuit_hierarchy:456"}
- assert [k.decode("utf-8") for k in r.keys("ims:interface_services:*")] == \
- ["ims:interface_services:if1", "ims:interface_services:if2"]
+ assert {k.decode("utf-8") for k in r.keys("ims:interface_services:*")} == \
+ {"ims:interface_services:if1", "ims:interface_services:if2"}
- assert [k.decode("utf-8") for k in r.keys("ims:node_pair_services:*")] == \
- ["ims:node_pair_services:np1", "ims:node_pair_services:np2"]
+ assert {k.decode("utf-8") for k in r.keys("ims:node_pair_services:*")} == \
+ {"ims:node_pair_services:np1", "ims:node_pair_services:np2"}
- assert [k.decode("utf-8") for k in r.keys("poller_cache:*")] == \
- ["poller_cache:eq1", "poller_cache:eq2"]
+ assert {k.decode("utf-8") for k in r.keys("poller_cache:*")} == \
+ {"poller_cache:eq1", "poller_cache:eq2"}
assert json.loads(r.get("ims:sid_services").decode("utf-8")) == \
data["sid_services"]
@@ -834,3 +838,106 @@ def test_populate_poller_interfaces_cache(
assert json.loads(no_lab) == no_lab_res
all_res = no_lab_res + lab_res
assert json.loads(all) == all_res
+
+
+def test_refresh_nokia_interface_list(mocked_redis, data_config):
+ netconf_config = etree.parse(pathlib.Path(__file__).parent.joinpath(
+ 'data/rt0.lon.uk.lab.office.geant.net-netconf-nokia.xml'))
+ r = common._get_redis(data_config)
+ refresh_nokia_interface_list('rt0.lon.uk.lab.office.geant.net', netconf_config, r, True)
+ keybase = 'lab:netconf-interface-bundles:rt0.lon.uk.lab.office.geant.net:'
+ keys = r.keys(f'{keybase}*')
+ bundles = {}
+ for k in keys:
+ k = k.decode('utf-8')
+ bundles[k] = json.loads(r.get(k).decode('utf-8'))
+
+ expected_bundles = {
+ f'{keybase}lag-1': ['1/1/c8/1', '1/1/c9/1'],
+ f'{keybase}lag-2': ['2/1/c8/1'],
+ f'{keybase}lag-3': ['1/1/c2/2'],
+ f'{keybase}lag-31': ['1/1/c2/1'],
+ }
+ assert bundles == expected_bundles
+
+ interface_hosts = json.loads(r.get(
+ 'lab:netconf-interfaces-hosts:rt0.lon.uk.lab.office.geant.net'
+ ).decode('utf-8'))
+ assert len(interface_hosts) == 9
+
+ interface_hosts_schema = {
+ '$schema': 'http://json-schema.org/draft-07/schema#',
+ 'type': 'array',
+ 'items': {
+ 'type': 'object',
+ 'properties': {
+ 'name': {
+ 'type': 'string'
+ },
+ 'interface address': {
+ 'type': 'string'
+ },
+ 'interface name': {
+ 'type': 'string'
+ }
+ },
+ 'required': ['name', 'interface address', 'interface name'],
+ 'additionalProperties': False
+ }
+ }
+ jsonschema.validate(interface_hosts, interface_hosts_schema)
+
+ interfaces_schema = {
+ '$schema': 'http://json-schema.org/draft-07/schema#',
+ 'type': 'object',
+ 'properties': {
+ 'name': {
+ 'type': 'string'
+ },
+ 'description': {
+ 'type': 'string'
+ },
+ 'bundle': {
+ 'type': 'array',
+ 'items': {
+ 'type': 'string'
+ }
+ },
+ 'speed': {
+ 'anyOf': [
+ {
+ 'type': 'string',
+ 'pattern': r'^\d+\wbps$'
+ },
+ {
+ 'type': 'string',
+ 'enum': ['']
+ }
+ ]
+ },
+ 'ipv4': {
+ 'type': 'array',
+ 'items': {
+ 'type': 'string',
+ 'format': 'ipv6'
+ }
+ },
+ 'ipv6': {
+ 'type': 'array',
+ 'items': {
+ 'type': 'string',
+ 'format': 'ipv6'
+ }
+ }
+ },
+ 'required': ['name', 'description', 'bundle', 'speed', 'ipv4', 'ipv6']
+ }
+
+ keybase = 'lab:netconf-interfaces:rt0.lon.uk.lab.office.geant.net:*'
+ keys = r.keys(keybase)
+ interfaces = {}
+ for k in keys:
+ k = k.decode('utf-8')
+ interface = json.loads(r.get(k).decode('utf-8'))
+ interfaces[k] = interface
+ jsonschema.validate(interface, interfaces_schema)
diff --git a/tox.ini b/tox.ini
index e7ea727d3587874f802cde54e8060af65c24a470..d4bafe85e6fe4bdb9511bd50afa148b45fea0dc9 100644
--- a/tox.ini
+++ b/tox.ini
@@ -2,7 +2,6 @@
envlist = py311
[flake8]
-exclude = venv,.tox,build
max-line-length = 120
[coverage:run]
@@ -20,6 +19,6 @@ deps =
commands =
coverage erase
pytest -n auto --cov inventory_provider --cov-fail-under=80 --cov-report html --cov-report xml --cov-report term -p no:checkdocs
- flake8
+ flake8 inventory_provider test circuit_tree.py
sphinx-build -M html docs/source docs/build