Packet Forwarding
This category of questions allows you to query how different types of traffic is forwarded by the network and if endpoints are able to communicate. You can analyze these aspects in a few different ways.
Traceroute
Traces the path(s) for the specified flow.
Performs a virtual traceroute in the network from a starting node. A destination IP and ingress (source) node must be specified. Other IP headers are given default values if unspecified. Unlike a real traceroute, this traceroute is directional. That is, for it to succeed, the reverse connectivity is not needed. This feature can help debug connectivity issues by decoupling the two directions.
Inputs
Name |
Description |
Type |
Optional |
Default Value |
---|---|---|---|---|
startLocation |
Location (node and interface combination) to start tracing from. |
False |
||
headers |
Packet header constraints. |
False |
||
maxTraces |
Limit the number of traces returned. |
int |
True |
|
ignoreFilters |
If set, filters/ACLs encountered along the path are ignored. |
bool |
True |
Invocation
[5]:
result = bf.q.traceroute(startLocation='@enter(as2border1[GigabitEthernet2/0])', headers=HeaderConstraints(dstIps='2.34.201.10', srcIps='8.8.8.8')).answer().frame()
Return Value
Name |
Description |
Type |
---|---|---|
Flow |
The flow |
|
Traces |
The traces for this flow |
Set of Trace |
TraceCount |
The total number traces for this flow |
int |
Retrieving the flow definition
[6]:
result.Flow
[6]:
0 start=as2border1 interface=GigabitEthernet2/0 [8.8.8.8:49152->2.34.201.10:33434 UDP]
Name: Flow, dtype: object
Retrieving the detailed Trace information
[7]:
len(result.Traces)
[7]:
1
[8]:
result.Traces[0]
[8]:
1. node: as2border1
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.11.2, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet1/0 ip 2.12.11.2)])
TRANSMITTED(GigabitEthernet1/0)
2. node: as2core1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet3/0 with resolved next-hop IP: 2.23.12.3, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet3/0 ip 2.23.12.3)])
TRANSMITTED(GigabitEthernet3/0)
3. node: as2dist2
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
DELIVERED_TO_SUBNET(Output Interface: GigabitEthernet2/0, Resolved Next Hop IP: 2.34.201.10)
DELIVERED_TO_SUBNET
1. node: as2border1
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.12.12.2, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet2/0 ip 2.12.12.2)])
TRANSMITTED(GigabitEthernet2/0)
2. node: as2core2
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.23.22.3, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet2/0 ip 2.23.22.3)])
TRANSMITTED(GigabitEthernet2/0)
3. node: as2dist2
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
DELIVERED_TO_SUBNET(Output Interface: GigabitEthernet2/0, Resolved Next Hop IP: 2.34.201.10)
Evaluating the first Trace
[9]:
result.Traces[0][0]
[9]:
1. node: as2border1
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.11.2, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet1/0 ip 2.12.11.2)])
TRANSMITTED(GigabitEthernet1/0)
2. node: as2core1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet3/0 with resolved next-hop IP: 2.23.12.3, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet3/0 ip 2.23.12.3)])
TRANSMITTED(GigabitEthernet3/0)
3. node: as2dist2
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
DELIVERED_TO_SUBNET(Output Interface: GigabitEthernet2/0, Resolved Next Hop IP: 2.34.201.10)
Retrieving the disposition of the first Trace
[10]:
result.Traces[0][0].disposition
[10]:
'DELIVERED_TO_SUBNET'
Retrieving the first hop of the first Trace
[11]:
result.Traces[0][0][0]
[11]:
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.11.2, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet1/0 ip 2.12.11.2)])
TRANSMITTED(GigabitEthernet1/0)
Retrieving the last hop of the first Trace
[12]:
result.Traces[0][0][-1]
[12]:
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
DELIVERED_TO_SUBNET(Output Interface: GigabitEthernet2/0, Resolved Next Hop IP: 2.34.201.10)
Bi-directional Traceroute
Traces the path(s) for the specified flow, along with path(s) for reverse flows.
This question performs a virtual traceroute in the network from a starting node. A destination IP and ingress (source) node must be specified. Other IP headers are given default values if unspecified. If the trace succeeds, a traceroute is performed in the reverse direction.
Inputs
Name |
Description |
Type |
Optional |
Default Value |
---|---|---|---|---|
startLocation |
Location (node and interface combination) to start tracing from. |
False |
||
headers |
Packet header constraints. |
False |
||
maxTraces |
Limit the number of traces returned. |
int |
True |
|
ignoreFilters |
If set, filters/ACLs encountered along the path are ignored. |
bool |
True |
Invocation
[15]:
result = bf.q.bidirectionalTraceroute(startLocation='@enter(as2border1[GigabitEthernet2/0])', headers=HeaderConstraints(dstIps='2.34.201.10', srcIps='8.8.8.8')).answer().frame()
Return Value
Name |
Description |
Type |
---|---|---|
Forward_Flow |
The forward flow. |
|
Forward_Traces |
The forward traces. |
List of Trace |
New_Sessions |
Sessions initialized by the forward trace. |
List of str |
Reverse_Flow |
The reverse flow. |
|
Reverse_Traces |
The reverse traces. |
List of Trace |
Retrieving the Forward flow definition
[16]:
result.Forward_Flow
[16]:
0 start=as2border1 interface=GigabitEthernet2/0 [8.8.8.8:49152->2.34.201.10:33434 UDP]
Name: Forward_Flow, dtype: object
Retrieving the detailed Forward Trace information
[17]:
len(result.Forward_Traces)
[17]:
1
[18]:
result.Forward_Traces[0]
[18]:
1. node: as2border1
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.11.2, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet1/0 ip 2.12.11.2)])
TRANSMITTED(GigabitEthernet1/0)
2. node: as2core1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet3/0 with resolved next-hop IP: 2.23.12.3, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet3/0 ip 2.23.12.3)])
TRANSMITTED(GigabitEthernet3/0)
3. node: as2dist2
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
DELIVERED_TO_SUBNET(Output Interface: GigabitEthernet2/0, Resolved Next Hop IP: 2.34.201.10)
DELIVERED_TO_SUBNET
1. node: as2border1
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.12.12.2, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet2/0 ip 2.12.12.2)])
TRANSMITTED(GigabitEthernet2/0)
2. node: as2core2
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.23.22.3, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet2/0 ip 2.23.22.3)])
TRANSMITTED(GigabitEthernet2/0)
3. node: as2dist2
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
DELIVERED_TO_SUBNET(Output Interface: GigabitEthernet2/0, Resolved Next Hop IP: 2.34.201.10)
Evaluating the first Forward Trace
[19]:
result.Forward_Traces[0][0]
[19]:
1. node: as2border1
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.11.2, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet1/0 ip 2.12.11.2)])
TRANSMITTED(GigabitEthernet1/0)
2. node: as2core1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet3/0 with resolved next-hop IP: 2.23.12.3, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet3/0 ip 2.23.12.3)])
TRANSMITTED(GigabitEthernet3/0)
3. node: as2dist2
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
DELIVERED_TO_SUBNET(Output Interface: GigabitEthernet2/0, Resolved Next Hop IP: 2.34.201.10)
Retrieving the disposition of the first Forward Trace
[20]:
result.Forward_Traces[0][0].disposition
[20]:
'DELIVERED_TO_SUBNET'
Retrieving the first hop of the first Forward Trace
[21]:
result.Forward_Traces[0][0][0]
[21]:
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.11.2, Routes: [ospfE2 (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet1/0 ip 2.12.11.2)])
TRANSMITTED(GigabitEthernet1/0)
Retrieving the last hop of the first Forward Trace
[22]:
result.Forward_Traces[0][0][-1]
[22]:
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.34.201.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
DELIVERED_TO_SUBNET(Output Interface: GigabitEthernet2/0, Resolved Next Hop IP: 2.34.201.10)
Retrieving the Return flow definition
[23]:
result.Reverse_Flow
[23]:
0 start=as2dist2 interface=GigabitEthernet2/0 [2.34.201.10:33434->8.8.8.8:49152 UDP]
Name: Reverse_Flow, dtype: object
Retrieving the detailed Return Trace information
[24]:
len(result.Reverse_Traces)
[24]:
1
[25]:
result.Reverse_Traces[0]
[25]:
1. node: as2dist2
RECEIVED(GigabitEthernet2/0)
NO_ROUTE(Discarded)
Evaluating the first Reverse Trace
[26]:
result.Reverse_Traces[0][0]
[26]:
1. node: as2dist2
RECEIVED(GigabitEthernet2/0)
NO_ROUTE(Discarded)
Retrieving the disposition of the first Reverse Trace
[27]:
result.Reverse_Traces[0][0].disposition
[27]:
'NO_ROUTE'
Retrieving the first hop of the first Reverse Trace
[28]:
result.Reverse_Traces[0][0][0]
[28]:
RECEIVED(GigabitEthernet2/0)
NO_ROUTE(Discarded)
Retrieving the last hop of the first Reverse Trace
[29]:
result.Reverse_Traces[0][0][-1]
[29]:
RECEIVED(GigabitEthernet2/0)
NO_ROUTE(Discarded)
Reachability
Finds flows that match the specified path and header space conditions.
Searches across all flows that match the specified conditions and returns examples of such flows. This question can be used to ensure that certain services are globally accessible and parts of the network are perfectly isolated from each other.
Inputs
Name |
Description |
Type |
Optional |
Default Value |
---|---|---|---|---|
pathConstraints |
Constraint the path a flow can take (start/end/transit locations). |
True |
||
headers |
Packet header constraints. |
True |
||
actions |
Only return flows for which the disposition is from this set. |
True |
success |
|
maxTraces |
Limit the number of traces returned. |
int |
True |
|
invertSearch |
Search for packet headers outside the specified headerspace, rather than inside the space. |
bool |
True |
|
ignoreFilters |
Do not apply filters/ACLs during analysis. |
bool |
True |
Invocation
[32]:
result = bf.q.reachability(pathConstraints=PathConstraints(startLocation = '/as2/'), headers=HeaderConstraints(dstIps='host1', srcIps='0.0.0.0/0', applications='DNS'), actions='SUCCESS').answer().frame()
Return Value
Name |
Description |
Type |
---|---|---|
Flow |
The flow |
|
Traces |
The traces for this flow |
Set of Trace |
TraceCount |
The total number traces for this flow |
int |
Retrieving the flow definition
[33]:
result.Flow
[33]:
0 start=as2border1 [10.0.0.0:49152->2.128.0.101:53 UDP]
1 start=as2border2 [10.0.0.0:49152->2.128.0.101:53 UDP]
2 start=as2core1 [10.0.0.0:49152->2.128.0.101:53 UDP]
3 start=as2core2 [10.0.0.0:49152->2.128.0.101:53 UDP]
4 start=as2dept1 [10.0.0.0:49152->2.128.0.101:53 UDP]
5 start=as2dist1 [10.0.0.0:49152->2.128.0.101:53 UDP]
6 start=as2dist2 [10.0.0.0:49152->2.128.0.101:53 UDP]
Name: Flow, dtype: object
Retrieving the detailed Trace information
[34]:
len(result.Traces)
[34]:
7
[35]:
result.Traces[0]
[35]:
1. node: as2border1
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.11.2, Routes: [ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4),ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.201.4)])
TRANSMITTED(GigabitEthernet1/0)
2. node: as2core1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.23.11.3, Routes: [ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4)])
TRANSMITTED(GigabitEthernet2/0)
3. node: as2dist1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.34.101.4, Routes: [bgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4)])
TRANSMITTED(GigabitEthernet2/0)
4. node: as2dept1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.128.0.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
5. node: host1
RECEIVED(eth0)
PERMITTED(filter::INPUT (INGRESS_FILTER))
ACCEPTED(eth0)
ACCEPTED
1. node: as2border1
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.11.2, Routes: [ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4),ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.201.4)])
TRANSMITTED(GigabitEthernet1/0)
2. node: as2core1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet3/0 with resolved next-hop IP: 2.23.12.3, Routes: [ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.201.4)])
TRANSMITTED(GigabitEthernet3/0)
3. node: as2dist2
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.34.201.4, Routes: [bgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.201.4)])
TRANSMITTED(GigabitEthernet2/0)
4. node: as2dept1
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.128.0.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
5. node: host1
RECEIVED(eth0)
PERMITTED(filter::INPUT (INGRESS_FILTER))
ACCEPTED(eth0)
ACCEPTED
1. node: as2border1
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.12.12.2, Routes: [ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4),ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.201.4)])
TRANSMITTED(GigabitEthernet2/0)
2. node: as2core2
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.23.22.3, Routes: [ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.201.4)])
TRANSMITTED(GigabitEthernet2/0)
3. node: as2dist2
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.34.201.4, Routes: [bgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.201.4)])
TRANSMITTED(GigabitEthernet2/0)
4. node: as2dept1
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.128.0.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
5. node: host1
RECEIVED(eth0)
PERMITTED(filter::INPUT (INGRESS_FILTER))
ACCEPTED(eth0)
ACCEPTED
1. node: as2border1
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.12.12.2, Routes: [ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4),ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.201.4)])
TRANSMITTED(GigabitEthernet2/0)
2. node: as2core2
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet3/0 with resolved next-hop IP: 2.23.21.3, Routes: [ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4)])
TRANSMITTED(GigabitEthernet3/0)
3. node: as2dist1
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.34.101.4, Routes: [bgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4)])
TRANSMITTED(GigabitEthernet2/0)
4. node: as2dept1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.128.0.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
5. node: host1
RECEIVED(eth0)
PERMITTED(filter::INPUT (INGRESS_FILTER))
ACCEPTED(eth0)
Evaluating the first Trace
[36]:
result.Traces[0][0]
[36]:
1. node: as2border1
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.11.2, Routes: [ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4),ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.201.4)])
TRANSMITTED(GigabitEthernet1/0)
2. node: as2core1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.23.11.3, Routes: [ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4)])
TRANSMITTED(GigabitEthernet2/0)
3. node: as2dist1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.34.101.4, Routes: [bgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4)])
TRANSMITTED(GigabitEthernet2/0)
4. node: as2dept1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.128.0.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
5. node: host1
RECEIVED(eth0)
PERMITTED(filter::INPUT (INGRESS_FILTER))
ACCEPTED(eth0)
Retrieving the disposition of the first Trace
[37]:
result.Traces[0][0].disposition
[37]:
'ACCEPTED'
Retrieving the first hop of the first Trace
[38]:
result.Traces[0][0][0]
[38]:
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.11.2, Routes: [ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4),ibgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.201.4)])
TRANSMITTED(GigabitEthernet1/0)
Retrieving the last hop of the first Trace
[39]:
result.Traces[0][0][-1]
[39]:
RECEIVED(eth0)
PERMITTED(filter::INPUT (INGRESS_FILTER))
ACCEPTED(eth0)
Bi-directional Reachability
Searches for successfully delivered flows that can successfully receive a response.
Performs two reachability analyses, first originating from specified sources, then returning back to those sources. After the first (forward) pass, sets up sessions in the network and creates returning flows for each successfully delivered forward flow. The second pass searches for return flows that can be successfully delivered in the presence of the setup sessions.
Inputs
Name |
Description |
Type |
Optional |
Default Value |
---|---|---|---|---|
pathConstraints |
Constraint the path a flow can take (start/end/transit locations). |
True |
||
headers |
Packet header constraints. |
False |
||
returnFlowType |
Specifies the type of return flows to search. |
str |
True |
SUCCESS |
Invocation
[42]:
result = bf.q.bidirectionalReachability(pathConstraints=PathConstraints(startLocation = '/as2dist1/'), headers=HeaderConstraints(dstIps='host1', srcIps='0.0.0.0/0', applications='DNS'), returnFlowType='SUCCESS').answer().frame()
Return Value
Name |
Description |
Type |
---|---|---|
Forward_Flow |
The forward flow. |
|
Forward_Traces |
The forward traces. |
List of Trace |
New_Sessions |
Sessions initialized by the forward trace. |
List of str |
Reverse_Flow |
The reverse flow. |
|
Reverse_Traces |
The reverse traces. |
List of Trace |
Retrieving the Forward flow definition
[43]:
result.Forward_Flow
[43]:
0 start=as2dist1 [2.34.101.3:49152->2.128.0.101:53 UDP]
Name: Forward_Flow, dtype: object
Retrieving the detailed Forward Trace information
[44]:
len(result.Forward_Traces)
[44]:
1
[45]:
result.Forward_Traces[0]
[45]:
1. node: as2dist1
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.34.101.4, Routes: [bgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4)])
TRANSMITTED(GigabitEthernet2/0)
2. node: as2dept1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.128.0.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
3. node: host1
RECEIVED(eth0)
PERMITTED(filter::INPUT (INGRESS_FILTER))
ACCEPTED(eth0)
Evaluating the first Forward Trace
[46]:
result.Forward_Traces[0][0]
[46]:
1. node: as2dist1
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.34.101.4, Routes: [bgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4)])
TRANSMITTED(GigabitEthernet2/0)
2. node: as2dept1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0, Routes: [connected (Network: 2.128.0.0/24, Next Hop: interface GigabitEthernet2/0)])
TRANSMITTED(GigabitEthernet2/0)
3. node: host1
RECEIVED(eth0)
PERMITTED(filter::INPUT (INGRESS_FILTER))
ACCEPTED(eth0)
Retrieving the disposition of the first Forward Trace
[47]:
result.Forward_Traces[0][0].disposition
[47]:
'ACCEPTED'
Retrieving the first hop of the first Forward Trace
[48]:
result.Forward_Traces[0][0][0]
[48]:
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.34.101.4, Routes: [bgp (Network: 2.128.0.0/24, Next Hop: ip 2.34.101.4)])
TRANSMITTED(GigabitEthernet2/0)
Retrieving the last hop of the first Forward Trace
[49]:
result.Forward_Traces[0][0][-1]
[49]:
RECEIVED(eth0)
PERMITTED(filter::INPUT (INGRESS_FILTER))
ACCEPTED(eth0)
Retrieving the Return flow definition
[50]:
result.Reverse_Flow
[50]:
0 start=host1 [2.128.0.101:53->2.34.101.3:49152 UDP]
Name: Reverse_Flow, dtype: object
Retrieving the detailed Return Trace information
[51]:
len(result.Reverse_Traces)
[51]:
1
[52]:
result.Reverse_Traces[0]
[52]:
1. node: host1
ORIGINATED(default)
FORWARDED(Forwarded out interface: eth0 with resolved next-hop IP: 2.128.0.1, Routes: [static (Network: 0.0.0.0/0, Next Hop: interface eth0 ip 2.128.0.1)])
PERMITTED(filter::OUTPUT (EGRESS_FILTER))
TRANSMITTED(eth0)
2. node: as2dept1
RECEIVED(GigabitEthernet2/0)
PERMITTED(RESTRICT_HOST_TRAFFIC_IN (INGRESS_FILTER))
FORWARDED(Forwarded out interface: GigabitEthernet0/0, Routes: [connected (Network: 2.34.101.0/24, Next Hop: interface GigabitEthernet0/0)])
TRANSMITTED(GigabitEthernet0/0)
3. node: as2dist1
RECEIVED(GigabitEthernet2/0)
ACCEPTED(GigabitEthernet2/0)
Evaluating the first Reverse Trace
[53]:
result.Reverse_Traces[0][0]
[53]:
1. node: host1
ORIGINATED(default)
FORWARDED(Forwarded out interface: eth0 with resolved next-hop IP: 2.128.0.1, Routes: [static (Network: 0.0.0.0/0, Next Hop: interface eth0 ip 2.128.0.1)])
PERMITTED(filter::OUTPUT (EGRESS_FILTER))
TRANSMITTED(eth0)
2. node: as2dept1
RECEIVED(GigabitEthernet2/0)
PERMITTED(RESTRICT_HOST_TRAFFIC_IN (INGRESS_FILTER))
FORWARDED(Forwarded out interface: GigabitEthernet0/0, Routes: [connected (Network: 2.34.101.0/24, Next Hop: interface GigabitEthernet0/0)])
TRANSMITTED(GigabitEthernet0/0)
3. node: as2dist1
RECEIVED(GigabitEthernet2/0)
ACCEPTED(GigabitEthernet2/0)
Retrieving the disposition of the first Reverse Trace
[54]:
result.Reverse_Traces[0][0].disposition
[54]:
'ACCEPTED'
Retrieving the first hop of the first Reverse Trace
[55]:
result.Reverse_Traces[0][0][0]
[55]:
ORIGINATED(default)
FORWARDED(Forwarded out interface: eth0 with resolved next-hop IP: 2.128.0.1, Routes: [static (Network: 0.0.0.0/0, Next Hop: interface eth0 ip 2.128.0.1)])
PERMITTED(filter::OUTPUT (EGRESS_FILTER))
TRANSMITTED(eth0)
Retrieving the last hop of the first Reverse Trace
[56]:
result.Reverse_Traces[0][0][-1]
[56]:
RECEIVED(GigabitEthernet2/0)
ACCEPTED(GigabitEthernet2/0)
Loop detection
Detects forwarding loops.
Searches across all possible flows in the network and returns example flows that will experience forwarding loops.
Inputs
Name |
Description |
Type |
Optional |
Default Value |
---|---|---|---|---|
maxTraces |
Limit the number of traces returned. |
int |
True |
Invocation
[59]:
result = bf.q.detectLoops().answer().frame()
Return Value
Name |
Description |
Type |
---|---|---|
Flow |
The flow |
|
Traces |
The traces for this flow |
Set of Trace |
TraceCount |
The total number traces for this flow |
int |
Print the first 5 rows of the returned Dataframe
[60]:
result.head(5)
[60]:
Flow | Traces | TraceCount |
---|
Multipath Consistency for host-subnets
Validates multipath consistency between all pairs of subnets.
Searches across all flows between subnets that are treated differently (i.e., dropped versus forwarded) by different paths in the network and returns example flows.
Inputs
Name |
Description |
Type |
Optional |
Default Value |
---|---|---|---|---|
maxTraces |
Limit the number of traces returned. |
int |
True |
Invocation
[63]:
result = bf.q.subnetMultipathConsistency().answer().frame()
Return Value
Name |
Description |
Type |
---|---|---|
Flow |
The flow |
|
Traces |
The traces for this flow |
Set of Trace |
TraceCount |
The total number traces for this flow |
int |
Retrieving the flow definition
[64]:
result.Flow
[64]:
0 start=as2dept1 interface=GigabitEthernet0/0 [2.34.101.1:49152->1.0.1.3:23 TCP (SYN)]
1 start=as2dept1 interface=GigabitEthernet1/0 [2.34.201.1:49152->1.0.1.3:23 TCP (SYN)]
2 start=as2dept1 interface=GigabitEthernet2/0 [2.128.0.2:49152->1.0.1.3:23 TCP (SYN)]
3 start=as2dept1 interface=GigabitEthernet3/0 [2.128.1.2:49152->1.0.1.3:23 TCP (SYN)]
4 start=as2dist1 interface=GigabitEthernet0/0 [2.23.11.1:49152->1.0.1.3:23 TCP (SYN)]
5 start=as2dist1 interface=GigabitEthernet1/0 [2.23.21.1:49152->1.0.1.3:23 TCP (SYN)]
6 start=as2dist1 interface=GigabitEthernet2/0 [2.34.101.1:49152->1.0.1.3:23 TCP (SYN)]
7 start=as2dist2 interface=GigabitEthernet0/0 [2.23.22.1:49152->1.0.1.3:23 TCP (SYN)]
8 start=as2dist2 interface=GigabitEthernet1/0 [2.23.12.1:49152->1.0.1.3:23 TCP (SYN)]
9 start=as2dist2 interface=GigabitEthernet2/0 [2.34.201.1:49152->1.0.1.3:23 TCP (SYN)]
Name: Flow, dtype: object
Retrieving the detailed Trace information
[65]:
len(result.Traces)
[65]:
10
[66]:
result.Traces[0]
[66]:
1. node: as2dept1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 2.34.101.3, Routes: [bgp (Network: 1.0.1.0/24, Next Hop: ip 2.34.101.3)])
TRANSMITTED(GigabitEthernet0/0)
2. node: as2dist1
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 2.23.11.2, Routes: [ibgp (Network: 1.0.1.0/24, Next Hop: ip 10.12.11.1)])
TRANSMITTED(GigabitEthernet0/0)
3. node: as2core1
RECEIVED(GigabitEthernet2/0)
DENIED(blocktelnet (INGRESS_FILTER))
DELIVERED_TO_SUBNET
1. node: as2dept1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 2.34.101.3, Routes: [bgp (Network: 1.0.1.0/24, Next Hop: ip 2.34.101.3)])
TRANSMITTED(GigabitEthernet0/0)
2. node: as2dist1
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.23.21.2, Routes: [ibgp (Network: 1.0.1.0/24, Next Hop: ip 10.12.11.1)])
TRANSMITTED(GigabitEthernet1/0)
3. node: as2core2
RECEIVED(GigabitEthernet3/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.12.1, Routes: [ibgp (Network: 1.0.1.0/24, Next Hop: ip 10.12.11.1)])
TRANSMITTED(GigabitEthernet1/0)
4. node: as2border1
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 10.12.11.1, Routes: [bgp (Network: 1.0.1.0/24, Next Hop: ip 10.12.11.1)])
PERMITTED(INSIDE_TO_AS1 (EGRESS_FILTER))
TRANSMITTED(GigabitEthernet0/0)
5. node: as1border1
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet0/0, Routes: [connected (Network: 1.0.1.0/24, Next Hop: interface GigabitEthernet0/0)])
TRANSMITTED(GigabitEthernet0/0)
DELIVERED_TO_SUBNET(Output Interface: GigabitEthernet0/0, Resolved Next Hop IP: 1.0.1.3)
DELIVERED_TO_SUBNET
1. node: as2dept1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.34.201.3, Routes: [bgp (Network: 1.0.1.0/24, Next Hop: ip 2.34.201.3)])
TRANSMITTED(GigabitEthernet1/0)
2. node: as2dist2
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 2.23.22.2, Routes: [ibgp (Network: 1.0.1.0/24, Next Hop: ip 10.12.11.1)])
TRANSMITTED(GigabitEthernet0/0)
3. node: as2core2
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.12.1, Routes: [ibgp (Network: 1.0.1.0/24, Next Hop: ip 10.12.11.1)])
TRANSMITTED(GigabitEthernet1/0)
4. node: as2border1
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 10.12.11.1, Routes: [bgp (Network: 1.0.1.0/24, Next Hop: ip 10.12.11.1)])
PERMITTED(INSIDE_TO_AS1 (EGRESS_FILTER))
TRANSMITTED(GigabitEthernet0/0)
5. node: as1border1
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet0/0, Routes: [connected (Network: 1.0.1.0/24, Next Hop: interface GigabitEthernet0/0)])
TRANSMITTED(GigabitEthernet0/0)
DELIVERED_TO_SUBNET(Output Interface: GigabitEthernet0/0, Resolved Next Hop IP: 1.0.1.3)
DENIED_IN
1. node: as2dept1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.34.201.3, Routes: [bgp (Network: 1.0.1.0/24, Next Hop: ip 2.34.201.3)])
TRANSMITTED(GigabitEthernet1/0)
2. node: as2dist2
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.23.12.2, Routes: [ibgp (Network: 1.0.1.0/24, Next Hop: ip 10.12.11.1)])
TRANSMITTED(GigabitEthernet1/0)
3. node: as2core1
RECEIVED(GigabitEthernet3/0)
DENIED(blocktelnet (INGRESS_FILTER))
Evaluating the first Trace
[67]:
result.Traces[0][0]
[67]:
1. node: as2dept1
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 2.34.101.3, Routes: [bgp (Network: 1.0.1.0/24, Next Hop: ip 2.34.101.3)])
TRANSMITTED(GigabitEthernet0/0)
2. node: as2dist1
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 2.23.11.2, Routes: [ibgp (Network: 1.0.1.0/24, Next Hop: ip 10.12.11.1)])
TRANSMITTED(GigabitEthernet0/0)
3. node: as2core1
RECEIVED(GigabitEthernet2/0)
DENIED(blocktelnet (INGRESS_FILTER))
Retrieving the disposition of the first Trace
[68]:
result.Traces[0][0].disposition
[68]:
'DENIED_IN'
Retrieving the first hop of the first Trace
[69]:
result.Traces[0][0][0]
[69]:
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 2.34.101.3, Routes: [bgp (Network: 1.0.1.0/24, Next Hop: ip 2.34.101.3)])
TRANSMITTED(GigabitEthernet0/0)
Retrieving the last hop of the first Trace
[70]:
result.Traces[0][0][-1]
[70]:
RECEIVED(GigabitEthernet2/0)
DENIED(blocktelnet (INGRESS_FILTER))
Multipath Consistency for router loopbacks
Validates multipath consistency between all pairs of loopbacks.
Finds flows between loopbacks that are treated differently (i.e., dropped versus forwarded) by different paths in the presence of multipath routing.
Inputs
Name |
Description |
Type |
Optional |
Default Value |
---|---|---|---|---|
maxTraces |
Limit the number of traces returned. |
int |
True |
Invocation
[73]:
result = bf.q.loopbackMultipathConsistency().answer().frame()
Return Value
Name |
Description |
Type |
---|---|---|
Flow |
The flow |
|
Traces |
The traces for this flow |
Set of Trace |
TraceCount |
The total number traces for this flow |
int |
Retrieving the flow definition
[74]:
result.Flow
[74]:
0 start=as2core2 [2.1.2.2:49152->2.1.2.1:23 TCP (SYN)]
1 start=as2dist1 [2.1.3.1:49152->2.1.1.1:23 TCP (SYN)]
2 start=as2dist2 [2.1.3.2:49152->2.1.1.1:23 TCP (SYN)]
Name: Flow, dtype: object
Retrieving the detailed Trace information
[75]:
len(result.Traces)
[75]:
3
[76]:
result.Traces[0]
[76]:
1. node: as2core2
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 2.12.22.1, Routes: [ospf (Network: 2.1.2.1/32, Next Hop: interface GigabitEthernet0/0 ip 2.12.22.1)])
TRANSMITTED(GigabitEthernet0/0)
2. node: as2border2
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.12.21.2, Routes: [ospf (Network: 2.1.2.1/32, Next Hop: interface GigabitEthernet2/0 ip 2.12.21.2)])
TRANSMITTED(GigabitEthernet2/0)
3. node: as2core1
RECEIVED(GigabitEthernet1/0)
ACCEPTED(Loopback0)
ACCEPTED
1. node: as2core2
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.12.1, Routes: [ospf (Network: 2.1.2.1/32, Next Hop: interface GigabitEthernet1/0 ip 2.12.12.1)])
TRANSMITTED(GigabitEthernet1/0)
2. node: as2border1
RECEIVED(GigabitEthernet2/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.12.11.2, Routes: [ospf (Network: 2.1.2.1/32, Next Hop: interface GigabitEthernet1/0 ip 2.12.11.2)])
TRANSMITTED(GigabitEthernet1/0)
3. node: as2core1
RECEIVED(GigabitEthernet0/0)
ACCEPTED(Loopback0)
DENIED_IN
1. node: as2core2
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.23.22.3, Routes: [ospf (Network: 2.1.2.1/32, Next Hop: interface GigabitEthernet2/0 ip 2.23.22.3)])
TRANSMITTED(GigabitEthernet2/0)
2. node: as2dist2
RECEIVED(GigabitEthernet0/0)
FORWARDED(Forwarded out interface: GigabitEthernet1/0 with resolved next-hop IP: 2.23.12.2, Routes: [ospf (Network: 2.1.2.1/32, Next Hop: interface GigabitEthernet1/0 ip 2.23.12.2)])
TRANSMITTED(GigabitEthernet1/0)
3. node: as2core1
RECEIVED(GigabitEthernet3/0)
DENIED(blocktelnet (INGRESS_FILTER))
DENIED_IN
1. node: as2core2
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet3/0 with resolved next-hop IP: 2.23.21.3, Routes: [ospf (Network: 2.1.2.1/32, Next Hop: interface GigabitEthernet3/0 ip 2.23.21.3)])
TRANSMITTED(GigabitEthernet3/0)
2. node: as2dist1
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 2.23.11.2, Routes: [ospf (Network: 2.1.2.1/32, Next Hop: interface GigabitEthernet0/0 ip 2.23.11.2)])
TRANSMITTED(GigabitEthernet0/0)
3. node: as2core1
RECEIVED(GigabitEthernet2/0)
DENIED(blocktelnet (INGRESS_FILTER))
Evaluating the first Trace
[77]:
result.Traces[0][0]
[77]:
1. node: as2core2
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 2.12.22.1, Routes: [ospf (Network: 2.1.2.1/32, Next Hop: interface GigabitEthernet0/0 ip 2.12.22.1)])
TRANSMITTED(GigabitEthernet0/0)
2. node: as2border2
RECEIVED(GigabitEthernet1/0)
FORWARDED(Forwarded out interface: GigabitEthernet2/0 with resolved next-hop IP: 2.12.21.2, Routes: [ospf (Network: 2.1.2.1/32, Next Hop: interface GigabitEthernet2/0 ip 2.12.21.2)])
TRANSMITTED(GigabitEthernet2/0)
3. node: as2core1
RECEIVED(GigabitEthernet1/0)
ACCEPTED(Loopback0)
Retrieving the disposition of the first Trace
[78]:
result.Traces[0][0].disposition
[78]:
'ACCEPTED'
Retrieving the first hop of the first Trace
[79]:
result.Traces[0][0][0]
[79]:
ORIGINATED(default)
FORWARDED(Forwarded out interface: GigabitEthernet0/0 with resolved next-hop IP: 2.12.22.1, Routes: [ospf (Network: 2.1.2.1/32, Next Hop: interface GigabitEthernet0/0 ip 2.12.22.1)])
TRANSMITTED(GigabitEthernet0/0)
Retrieving the last hop of the first Trace
[80]:
result.Traces[0][0][-1]
[80]:
RECEIVED(GigabitEthernet1/0)
ACCEPTED(Loopback0)