Full IOS-XR Diff() support

[naveci]

Dear Mike,

Thanks for building this awesome tool. I've been using it for some time now and it has helped tremendously with my projects. I've previously opened a bug report on the previous version of ciscoconfparse relating to route-policies in IOS-XR and the fact that regex wasn't properly escaped. However, now I'd like to open a feature request, because I'm noticing other issues with IOS-XR as well.

In short, I would like better support for XR specific syntax in this tool. There are several components that do not behave the same way as IOS-XE or the other components in XR. These components are:

• route-policy
• community-set
• prefix-set
  potentially more..

Below are some config examples and I'm sure you will immediately recognise why I have some problems, especially with the diffs.

route-policy:

route-policy RP-PASS
  pass
end-policy
!
route-policy RP-MOD($COMM1, $COMM2)
  if community matches-any $COMM1 then
    drop
  elseif community matches-any $COMM2 then
    pass
  endif
end-policy

community-set

community-set SHUTDOWN-COMM
  65535:0
end-set

prefix-set:

prefix-set ALL
  0.0.0.0/0 eq 32
end-set
!
prefix-set PEERINGS
  1.1.1.1/32,
  2.2.2.2/32,
  10.0.1.0/24,
  172.16.0.0/12,
  192.168.3.0/26
end-set

Problems that currently occur:

• end-set or end-policy are not a child of the preceeding config. In the diff, this does not show up because the diff doesn't handle it properly. If I want to add more configuration to another set (or extract), then I need to "hack" those statements in there as it won't be part of any object that ciscoconfparse finds.
• For example in the prefix-set, if i do a diff to get the commands to change something, and two prefixes have a different order, then I will see the following for example:

prefix-set PEERINGS
  172.16.0.0/12,
  10.0.1.0/24,

There are three problems with that:

1. It'll overwrite the existing prefix-set
2. shows a comma, but the last entry will never have one
3. it's missing the end-set statement

There are likely more issues, but these are the ones i'm currently running into.

I wouldn't mind helping out, but I would first have to get comfortable with the codebase here. Also, the question is if IOS-XR would require it's own code, be a derivative of XE or only modify the default IOS codeset to support both.

Kr.

[mpenning]

The diffs are managed by hier_config and that line in hier_config/options.py handles various syntax options. I'm not sure whether hier_config.Host(..., os='iosxr') makes a difference for your case. I will push a new version and let you know when it's ready.

[mpenning]

Please test my changes in version 0.7.49 and advise whether this helps with your IOS XR diff rendering problem...

Contents of before.txt...

prefix-set ALL
  0.0.0.0/0 eq 32
end-set
!
prefix-set PEERINGS
  1.1.1.1/32,
  2.2.2.2/32,
  10.0.1.0/24,
  172.16.0.0/12,
  192.168.3.0/26
end-set

Contents of after.txt...

prefix-set ALL
  0.0.0.0/0 eq 32
end-set
!
prefix-set PEERINGS
  1.1.1.1/32,
  172.16.0.0/12,
  192.168.3.0/26
end-set

The diff end-set is indented when it shouldn't be, but I think that will be cosmetic... sadly I don't have an IOS XR system to test against... however, I filed it as netdevops/hier_config#130

(py311_test) mpenning@mudslide:~/$ python
Python 3.11.2 (main, Mar 13 2023, 12:18:29) [GCC 12.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from ciscoconfparse2 import Diff
>>> diff = Diff('before.txt', 'after.txt', syntax='iosxr')
>>> diff.get_diff()
['prefix-set PEERINGS', '  1.1.1.1/32,', '  172.16.0.0/12,', '  192.168.3.0/26', '  end-set']
>>>

[naveci]

I will have to test this a bit further, which might not happen until next week. I saw a big list of changes between running the diff with version 0.7.33 (and syntax=ios) versus in the newer version 0.7.49 (and syntax=iosxr). There is indeed this cosmetic bug, but that won't be a problem. I did just notice something else though. When I ran the diff function for a known config with a small change for a new peering, two things immediately stood out to me.

example:

router bgp 100
 neighbor 10.10.10.2
  remote-as 65002
  description R2
  route-policy IPv4-IN-RPL(AS65002-PXS) in
    end-policy
  route-policy IPv4-OUT-RPL(AS65002-PXS) out
    end-policy

That end-policy is not supposed to be there. end-policy is only applicable to a policy definition, which is when a route-policy has no parent/indentation in the config.

Also with the prefix-set it seems to show up twice:

prefix-set AS65002-PXS
  end-set
10.10.10.2/32 eq 32
  end-set

The order of the results was also not okay and some items were ommitted, but I need to check if that's coming from my own script or ciscoconfparse2. To be continued...

Re testing devices, this is a bit hard of course. The best solution i could think of is the always-on sandbox in cisco Devnet or alternatively spinning up a control plane IOSXR container. I'm not sure about the licensing on that second option though.

[mpenning]

Regarding your newest findings in version 0.7.49... let's see if that gets fixed with netdevops/hier_config#130

Regarding other points...

The best solution i could think of is the always-on sandbox in cisco Devnet

Except I don't think you can configure anything in the always-on sandbox

spinning up a control plane IOSXR container. I'm not sure about the licensing on that second option though.

Sadly licensing is a problem for me