L2VPN/VPWS: derive route distinguisher and route target

Author: unfokus

cosmo.example.yml

@@ -1,5 +1,5 @@
 fqdnSuffix: infra.example.com
-
+asn: 65542
 devices:
   router:
     - "router1"

cosmo/__main__.py

@@ -49,6 +49,10 @@ def main() -> int:
     with open(args.config, 'r') as cfg_file:
         cosmo_configuration = yaml.safe_load(cfg_file)
 
+    if not 'asn' in cosmo_configuration:
+        error(f"Field 'asn' not defined in configuration file", None)
+        return 1
+
     info(f"Fetching information from Netbox, make sure VPN is enabled on your system.")
 
     netbox_url = os.environ.get("NETBOX_URL")
@@ -83,7 +87,7 @@ def noop(*args, **kwargs):
         content = None
         try:
             if device['name'] in cosmo_configuration['devices']['router']:
-                router_serializer = RouterSerializer(device, cosmo_data['l2vpn_list'], cosmo_data["loopbacks"])
+                router_serializer = RouterSerializer(device, cosmo_data['l2vpn_list'], cosmo_data["loopbacks"], cosmo_configuration["asn"])
                 content = router_serializer.serialize()
             elif device['name'] in cosmo_configuration['devices']['switch']:
                 switch_serializer = SwitchSerializer(device)

cosmo/l2vpnhelpertypes.py

@@ -75,6 +75,8 @@ def __init__(self, *args, associated_l2vpn: L2VPNType, loopbacks_by_device: dict
         self.associated_l2vpn = associated_l2vpn
         self.loopbacks_by_device = loopbacks_by_device
         self.asn = asn
+        # when using 32 bit ASN we have to append L to the route target prefix
+        self.rt = str(asn) if asn <= 2**16 else f"{asn}L"
 
     def __repr__(self):
         return f"{self.__class__.__name__}({self.associated_l2vpn})"
@@ -318,14 +320,15 @@ def processInterfaceTypeTermination(self, o: InterfaceType) -> dict | None:
             lambda i: i != local,
             parent_l2vpn.getTerminations()
         ))
+        router_id = o.getParent(DeviceType).getRouterID()
         return {
             self._vrf_key: {
                 parent_l2vpn.getName().replace("WAN: ", ""): {
                     "interfaces": [o.getName()],
                     "description": f"VPWS: {parent_l2vpn.getName().replace('WAN: VS_', '')}",
                     "instance_type": "evpn-vpws",
-                    "route_distinguisher": f"{self.asn}:{str(parent_l2vpn.getIdentifier())}",
-                    "vrf_target": f"target:1:{str(parent_l2vpn.getIdentifier())}",
+                    "route_distinguisher": f"{router_id}:{str(parent_l2vpn.getIdentifier())}",
+                    "vrf_target": f"target:{self.rt}:{str(parent_l2vpn.getIdentifier())}",
                     "protocols": {
                         "evpn": {
                             "interfaces": {

cosmo/netbox_types.py

@@ -7,7 +7,7 @@
 from abc import abstractmethod
 from ipaddress import IPv4Interface, IPv6Interface
 
-from .common import without_keys, JsonOutputType
+from .common import without_keys, JsonOutputType, DeviceSerializationError
 from typing import Self, Iterator, TypeVar, NoReturn
 
 
@@ -221,6 +221,33 @@ def getInterfaces(self) -> list["InterfaceType"]:
     def getSerial(self) -> str:
         return self.get("serial", "")
 
+    def getRouterID(self) -> str:
+        # Deriving the router ID is a bit tricky, there is no 'correct' way.
+        # For us it's the primary loopback IPv4 address
+
+        # get first loopback interface in default vrf
+        loopback = next(filter(
+            lambda x: (x.isLoopbackChild() and x.getVRF() == None),
+            self.getInterfaces()
+        ), None)
+
+        if loopback == None:
+            raise DeviceSerializationError("Can't derive Router ID, no suitable loopback interface found.")
+            return ""
+
+        # get first IPv4 of that interface
+        address = next(filter(
+            lambda i: type(i) is IPv4Interface,
+            map(lambda i: i.getIPInterfaceObject(), loopback.getIPAddresses())
+        ), None)
+
+        if address == None:
+            raise DeviceSerializationError("Can't derive Router ID, no suitable loopback IP address found.")
+            return ""
+
+        # return that IP without subnet mask and hope for the best
+        return str(address.ip)
+
 
 class DeviceTypeType(AbstractNetboxType):
     def getBasePath(self):
@@ -351,7 +378,9 @@ def getSubInterfaceParentInterfaceName(self) -> str|None:
         return ret
 
     def getVRF(self) -> VRFType|None:
-        return self.get("vrf")
+        if self["vrf"]:
+            return VRFType(self["vrf"])
+        return None
 
     def spitInterfacePathWith(self, d: dict) -> dict:
         """
@@ -435,6 +464,9 @@ def getIPAddresses(self) -> list[IPAddressType]:
     def hasParentInterface(self) -> bool:
         return bool(self.get("parent"))
 
+    def isLoopbackChild(self):
+        return '.' in self.getName() and self.getName().startswith("lo")
+
     def getConnectedEndpoints(self) -> list[DeviceType]:
         return self.get("connected_endpoints", [])
 
@@ -475,7 +507,10 @@ def getBasePath(self):
         return "/vpn/l2vpns/"
 
     def getIdentifier(self) -> int|None:
-        return self["identifier"]
+        if self["identifier"]:
+            return self["identifier"]
+        else:
+            return self["id"]
 
     def getType(self) -> str:
         return self["type"]

cosmo/routerl2vpnvisitor.py

@@ -32,10 +32,6 @@ def isCompliantWANL2VPN(self, o: L2VPNType):
         terminations = o.getTerminations()
         identifier = o.getIdentifier()
         l2vpn_type = self.getL2VpnTypeTerminationObjectFrom(o)
-        if l2vpn_type.needsL2VPNIdentifierAsMandatory() and identifier is None:
-            raise L2VPNSerializationError(
-                f"for {o.getName()}: L2VPN identifier is mandatory."
-            )
         if not l2vpn_type.isValidNumberOfTerminations(len(terminations)):
             raise L2VPNSerializationError(
                 f"for {o.getName()}: "

cosmo/routervisitor.py

@@ -260,15 +260,12 @@ def _(self, o: InterfaceType):
             }
         }
 
-    def getRouterId(self, o: DeviceType) -> str:
-        return str(ipaddress.ip_interface(str(self.loopbacks_by_device[o.getName()].getIpv4())).ip)
-
     @accept.register
     def _(self, o: VRFType):
         parent_interface = o.getParent(InterfaceType)
         if not parent_interface.isSubInterface():
             return # guard: do not process root interface
-        router_id = self.getRouterId(o.getParent(DeviceType))
+        router_id = o.getParent(DeviceType).getRouterID()
         if o.getRouteDistinguisher():
             rd = router_id + ":" + o.getRouteDistinguisher()
         elif len(o.getExportTargets()):

cosmo/serializer.py

@@ -9,7 +9,7 @@
 
 
 class RouterSerializer:
-    def __init__(self, device, l2vpn_list, loopbacks):
+    def __init__(self, device, l2vpn_list, loopbacks, asn):
         try:
             match device["platform"]["manufacturer"]["slug"]:
                 case 'juniper':
@@ -29,6 +29,7 @@ def __init__(self, device, l2vpn_list, loopbacks):
         self.device = device
         self.l2vpn_list = l2vpn_list
         self.loopbacks = loopbacks
+        self.asn = asn
 
         self.l2vpns = {}
         self.l3vpns = {}
@@ -51,7 +52,7 @@ def serialize(self):
         # breakpoint()
         visitor = RouterDeviceExporterVisitor(
             loopbacks_by_device={k: CosmoLoopbackType(v) for k, v in self.loopbacks.items()},
-            asn=9136,
+            asn=self.asn,
         )
         for value in iter(DeviceType(self.device)):
             try:

cosmo/tests/cosmo.devgen_ansible.yml

@@ -1,5 +1,5 @@
 output_format: "ansible"
-
+asn: 65542
 devices:
   router:
     - "TEST0001"

cosmo/tests/cosmo.devgen_nix.yml

@@ -1,5 +1,5 @@
 output_format: "nix"
-
+asn: 65542
 devices:
   router:
     - "TEST0001"

cosmo/tests/test_case_bgpcpe.yml

@@ -120,11 +120,11 @@ device_list:
       __typename: VRFType
       description: ''
       export_targets:
-      - name: target:9136:407
+      - name: target:65542:407
         __typename: RouteTargetType
       id: '407'
       import_targets:
-      - name: target:9136:407
+      - name: target:65542:407
         __typename: RouteTargetType
       name: L3VPN
       rd: null
@@ -165,11 +165,11 @@ device_list:
       __typename: VRFType
       description: ''
       export_targets:
-      - name: target:9136:407
+      - name: target:65542:407
         __typename: RouteTargetType
       id: '407'
       import_targets:
-      - name: target:9136:407
+      - name: target:65542:407
         __typename: RouteTargetType
       name: L3VPN
       rd: null