Would like to create routing policy that will route all IP phone traffic to one specific router. Every try in which called to use categories or path Preference results with error code "BadRequest" .
-is there any API documentation other than API Reference Guide in which all of the parameters are explained.
-can I use only category voice-and-video as filter for traffic.
Here is the python code that won't work:
from apicem_config import * # APIC-EM IP is assigned in apicem_config.py
# Get ticket - function is in apicem_config.py
ticket = get_X_auth_token()
headers = {"content-type" : "application/json","X-Auth-Token": ticket}
########## Creating policy #############
### JSON object for POST /policy
policy_json = [{
"policyName": "routing_ip_tel",
"policyOwner": "admin",
"policyPriority": 4095,
"resource": {
"categories": [
{
"id": "cb85d59b-673d-480b-918f-3dad8a0d658f",
"name": "voice-and-video"
}
]
},
"actions": [
"SET_PROPERTY"
],
"policyScope": "exit_routers", # I made this tag and associatied devices
"actionProperty": {
"relevanceLevel": "Business-Relevant",
"pathPreference": "10.145.220.210" # Should this even be IP adress?
}
}]
# POST policy url
post_url = "https://"+apicem_ip+"/api/"+version+"/policy" # API base url
resp = requests.post(post_url, json.dumps(policy_json), headers=headers,verify=False)
status = resp.status_code
print("status: ",status)
print("Response:",json.dumps(resp.json(),indent=4))
Response:
{
"response": {
"progress": "Policy Creation Failed",
"startTime": 1462271384535,
"endTime": 1462271384545,
"version": 1462271384535,
"errorCode": "BadRequest",
"failureReason": "Invalid Policy",
"serviceType": "Policy Service",
"isError": true,
"operationIdList": [
"97a2a02d-e2e0-4746-87ac-618811163d05"
],
"rootId": "db920e43-cae9-4d9d-8119-9122b573b65e",
"id": "db920e43-cae9-4d9d-8119-9122b573b65e"
},
"version": "1.0"
}
Even if the pathPreference parameter is removed, filtering with category won't work (same code with applications instead of categories works). Despite that fact maybe using pathPreference on the wrong way (as there are also primary, secondary and tertiary path preferences in definition).
Version of APIC-EM is 1.1.2.15.
Having problems with API parameters "categories" and "pathPreference" in REST query.
This one POST /policy query works:
[{
"policyName": "routing_ip_tel",
"policyOwner": "admin",
"resource": {
"applications": [
{
"id": "cbea9ea2-91b5-41ac-9ade-adcab6cd72c1",
"name": "skype"
}
]
},
"actions": [
"SET_PROPERTY"
],
"policyScope": "exit_routers",
"actionProperty": {
"relevanceLevel": "Business-Relevant"
}
}]
This one doesn't because of pathPreference parameter
[{
"policyName": "routing_ip_tel",
"policyOwner": "admin",
"resource": {
"applications": [
{
"id": "cbea9ea2-91b5-41ac-9ade-adcab6cd72c1",
"name": "skype"
}
]
},
"actions": [
"SET_PROPERTY"
],
"policyScope": "exit_routers",
"actionProperty": {
"relevanceLevel": "Business-Relevant",
"pathPreference": "10.145.220.210."
}
and this one doesn't either because of categories parameters
[{
"policyName": "routing_ip_tel",
"policyOwner": "admin",
"resource": {
"categories": [
{
"id": "cb85d59b-673d-480b-918f-3dad8a0d658f",
"name": "voice-and-video"
}
]
},
"actions": [
"SET_PROPERTY"
],
"policyScope": "exit_routers",
"actionProperty": {
"relevanceLevel": "Business-Relevant"
}
}]
}]
would like to route all IP phone traffic to one border router and skype traffic to another, but something is wrong with the use of "categories" and "pathPreference" parameters.
you are combining two aspects of the policy API here. Today, policy can be used in two ways:
1) Easy QoS application
2) IWAN app.
The IWAN App supports pathPreference, but you need to have done an IWAN deployment in order to do this. There is a blog post that talks about how this can be done Digitizing Retail with Cisco DevNet. Refer the video that walks through changing the application category relevance IWAN TOD policy - YouTube. For example: if you do a PUT of /api/v1/policy with the following payload, you can see how to set the primary and secondary path. NOTE: This is only for wan traffic.
[{
"instanceUuid": "9080bc13-6ca8-46ba-a1bb-debbd296d15f",
"policyName": "email",
"state": "Active",
"taskId": "2b8ee36d-40cb-4565-9fb8-f95496fa854c",
"id": "9080bc13-6ca8-46ba-a1bb-debbd296d15f",
"resource": {
"categories": [
{
"id": "d0ddd0e0-3268-4a94-99d1-3d0509deccf0",
"name": "email"
}
]
},
"actions": [ "SET_PROPERTY" ],
"policyScope": "IWAN",
"actionProperty": {
"relevanceLevel": "Default",
"pathControlFlag": true,
"pathPreferenceFlag": true,
"PrimaryPathPref": ["interne"],
"SecondaryPathPref": [ "mpls"]
}
}]
4331, 4431 are supported with IWAN app. IWAN is a deployment model for a WAN. It is Cisco's SD-WAN solution.
You need to have one or more links to the remote locations. If you have more than one WAN service, then you can use policy to specify which apps will prefer which path. The solution is intelligent in that the routers are always monitoring the performance of the WAN links and will automatically re-route applications (based on performance) if required.
Normally you would have at least three routers. 1 for each WAN services (total of 2 minimum) and a router at the remote site that connects to the two WAN services.
- Is it possible to create routing policies in network that has only 4431/4331 routers and 2960-x switches controlled by APIC-EM controller, or something else is needed (like Cisco ASR 1000 that is needed for IWAN app) to create routing policies.
For a test network you could use CSR + ISR 4k. Switches are not supported as part of IWAN as it is a WAN routing solution, no a campus/switching solution. Take a look at the IWAN deployment guide for all the details. Software Configuration Guide for Cisco IWAN on APIC-EM - Cisco
Comments
0 comments
Please sign in to leave a comment.