[j-nsp] sample junoscript code to retrieve BGP AS paths
Peter Mills
peter.a.mills at ntlworld.com
Thu Sep 14 12:09:17 EDT 2006
I have used XPath to parse the returned XML tree and pick out the values I
was interested in. XPath is a very powerful analysis tool for XML data. The
example below refers to finding the BGP neighbour peer address and name of
all external BGP sessions running on a particular router. Since XPath
doesn't run on the router, presumably due to CPU limitations, I have to
process the XML output offline.
XLST Style sheets which reformat XML data also refer to XPath syntax.
#
use XML::XPath;
#
### Path excludes all reference IBGP sessions
#
my $path = q(//bgp-group[type!='Internal']/peer-address |
//bgp-group[type!='Internal']/name);
#
foreach my $node ( $xp->find($path)->get_nodelist ) {
#
# print XML::XPath::XMLParser::as_string( $node ) . "\n";
#
if ($node->getName() eq 'name') {
$bgp_group = $node->string_value
}
if ($node->getName() eq 'peer-address') {
$peer_address = $node->string_value;
$peer_address =~ s/\+\d*$//g;
$router =~ s/\.xml//g;
if ( $group_data {$router}{$peer_address} )
{ print $TEE "Peer address $peer_address on router $router in
more than one group\n"}
else { $group_data {$router}{$peer_address} = $bgp_group }
} # End peer address match
} # End of nodeset loop
} # End of router loop
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-
> bounces at puck.nether.net] On Behalf Of John Kristoff
> Sent: 13 September 2006 22:44
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] sample junoscript code to retrieve BGP AS paths
>
> Below is a link to some sample code, that is really just an initial
> crack at interrogating a Juniper router in order to output the set of
> active BGP AS paths for one or more addresses/netblocks. I've barely
> tested this. It seems to work for a few common cases, but your mileage
> may vary. This is being provided to the community in the hopes that
> someone may find it useful to build better junoscript-based tools and
> make them available so that I may in turn borrow back from them. The
> thing I had trouble finding much guidance on was accessing the XML::DOM
> object directly. I'm still a little confused by it, but I seemed to
> have brute forced my way to a solution.
>
> Be sure to read through the comments in the code if you try to use this.
> For example, you'll see that I ended up modifying junoscript's Device.pm
> in order to handle authentication failures myself, which you may want to
> do as well. In addition, enabling taint requires working around or
> fixing junoscript's Access.pm, which Juniper will hopefully do soon.
> Standard disclaimer applies, I don't know Perl, I know Combat Perl.
>
> A sample run looks like this:
>
> $ echo 192.0.2.1 | ./getaspath -rroutername.example.net 2> /dev/null
> login: user
> password:
> 192.0.2.1|65535 65534 65532 I
>
> Note, I pipe stderr to null, because of all the warnings junoscript
> generates (hopefully those will be fixed by Juniper soon too). If
> you're ok with hard coding some auth credentials you can obviously use
> this in an automated fashion, perhaps as part of some AS path-based
> reporting.
>
> <http://layer9.com/~jtk/software/getaspath>
>
> John
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list