Available questions

Once you have the Batfish service running, you can use the questions below to analyze your snapshots.

Notes on types

1. Parameter types such as nodeSpec and ipSpec below are strings in Python but have rich grammars (specified here) that enable flexible expression of sets of nodes, interfaces etc. The grammars generally accept the simplest form of each type, such as node name as nodeSpec and IP addresses or prefixes as ipSpec. You can use the resolver questions to see the resolved values for a specifier expression.

2. headerConstraint is a special type that allows you to place constraints on IPv4 packet header for questions such as traceroute. The HeaderConstraints class helps create such constraints.

3. pathConstraint is a special type that allows you to place constraints on paths for questions such as reachability. The PathConstraints class helps create such constraints.

Question categories

Batfish questions fall into the following categories.

• Configuration data questions
• Configuration hygiene questions
• Configuration compatibility questions
• Network adjacency questions
• Flow path questions
• Flow search questions
• ACL and firewall analysis questions
• Routing analysis questions
• Specifier resolvers
• Initialization information questions
• Other questions

Configuration data questions

Questions that return the contents of configuration in a structured format.

class pybatfish.question.bfq.bgpPeerConfiguration(*, nodes, properties, question_name)

Returns configuration settings for BGP peerings.

Reports configuration settings for each configured BGP peering on each node in the network. This question reports peer-specific settings. Settings that are process-wide are reported by the bgpProcessConfiguration question.

Parameters:

• nodes (nodeSpec) – Include nodes matching this name or regex.
• properties (bgpPeerPropertySpec) – Include properties matching this regex.

Return table columns:

1. Node
2. VRF
3. Local_AS
4. Local_IP
5. Local_Interface
6. Remote_AS
7. Remote_IP
8. Route_Reflector_Client
9. Cluster_ID
10. Peer_Group
11. Import_Policy
12. Export_Policy
13. Send_Community
14. Is_Passive

class pybatfish.question.bfq.bgpProcessConfiguration(*, nodes, properties, question_name)

Returns configuration settings of BGP processes.

Reports configuration settings for each BGP process on each node and VRF in the network. This question reports only process-wide settings. Peer-specific settings are reported by the bgpPeerConfiguration question.

Parameters:

• nodes (nodeSpec) – Include nodes matching this name or regex.
• properties (bgpProcessPropertySpec) – Include properties matching this regex.

Return table columns:

1. Node
2. VRF
3. Router_ID
4. Route_Reflector
5. Multipath_Match_Mode
6. Multipath_EBGP
7. Multipath_IBGP
8. Neighbors
9. Tie_Breaker

class pybatfish.question.bfq.definedStructures(*, names, nodes, types, question_name)

Lists the structures defined in the network.

Lists the structures defined in the network, along with the files and line numbers in which they are defined.

Parameters:

• names (structureName) –

  Include structures whose name matches this string or regex.

  Default value: .*

• nodes (nodeSpec) –

  Include files used to generate nodes whose name matches this specifier.

  Default value: .*

• types (namedStructureSpec) –

  Include structures whose vendor-specific type matches this specifier.

  Default value: .*

Return table columns:

1. Structure_Type – Vendor-specific type of the structure.
2. Structure_Name – Name of the structure.
3. Source_Lines – File and line numbers where the structure is defined.

class pybatfish.question.bfq.f5BigipVipConfiguration(*, nodes, question_name)

Returns VIP configuration of F5 BIG-IP devices.

Lists all the VIP to server IP mappings contained in F5 BIP-IP configurations.

Parameters:nodes (nodeSpec) – Include nodes matching this name or regex.

Return table columns:

1. Node
2. VIP_Name – Virtual Service Name.
3. VIP_Endpoint – Virtual Service Endpoint.
4. Servers
5. Description

class pybatfish.question.bfq.interfaceProperties(*, excludeShutInterfaces, interfaces, nodes, properties, question_name)

Returns configuration settings of interfaces.

Lists interface-level settings of interfaces. Settings for routing protocols, VRFs, and zones etc. that are attached to interfaces are available via other questions.

Parameters:

• excludeShutInterfaces (boolean) – Exclude interfaces that are shutdown.
• interfaces (interfacesSpec) – Include interfaces matching this specifier.
• nodes (nodeSpec) – Include nodes matching this specifier.
• properties (interfacePropertySpec) – Include properties matching this specifier.

Return table columns:

1. Interface
2. Access_VLAN
3. Active
4. Allowed_VLANs
5. All_Prefixes
6. Auto_State_VLAN
7. Bandwidth
8. Blacklisted
9. Channel_Group
10. Channel_Group_Members
11. Declared_Names
12. Description
13. DHCP_Relay_Addresses
14. Encapsulation_VLAN
15. HSRP_Groups
16. HSRP_Version
17. Incoming_Filter_Name
18. Interface_Type
19. MLAG_ID
20. MTU
21. Native_VLAN
22. OSPF_Area_Name
23. OSPF_Cost
24. OSPF_Enabled
25. OSPF_Hello_Multiplier
26. OSPF_Passive
27. OSPF_Point_To_Point
28. Outgoing_Filter_Name
29. Primary_Address
30. Primary_Network
31. Proxy_ARP
32. Rip_Enabled
33. Rip_Passive
34. Routing_Policy_Name
35. Spanning_Tree_Portfast
36. Speed
37. Switchport
38. Switchport_Mode
39. Switchport_Trunk_Encapsulation
40. VRF
41. VRRP_Groups
42. Zone_Name

class pybatfish.question.bfq.ipOwners(*, duplicatesOnly, question_name)

Returns where IP addresses are attached in the network.

For each device, lists the mapping from IPs to corresponding interface(s) and VRF(s).

Parameters:duplicatesOnly (boolean) – Required. Restrict output to only IP addresses that are duplicated (configured on a different node or VRF) in the snapshot.

Return table columns:

1. Node – Node hostname.
2. VRF – VRF name.
3. Interface – Interface name.
4. IP – IP address.
5. Mask – Network mask length.
6. Active – Whether the interface is active.

class pybatfish.question.bfq.mlagProperties(*, idRegex, nodes, question_name)

Returns MLAG configuration.

Lists the configuration settings for each MLAG domain in the network.

Parameters:

• idRegex (javaRegex) – Include MLAG IDs matching this java Regex.
• nodes (nodeSpec) – Include nodes matching this specifier.

Return table columns:

1. Node – Node name.
2. MLAG_ID – MLAG domain ID.
3. Peer_Address – Peer’s IP address.
4. Local_Interface – Local interface used for MLAG peering.
5. Source_Interface – Local interface used as source-interface for MLAG peering.

class pybatfish.question.bfq.namedStructures(*, ignoreGenerated, indicatePresence, nodes, structureNames, structureTypes, question_name)

Returns named structure definitions.

Return structures defined in the configurations, represented in a vendor-independent JSON format.

Parameters:

• ignoreGenerated (boolean) –

  Whether to ignore auto-generated structures.

  Default value: True

• indicatePresence (boolean) – Output if the structure is present or absent.
• nodes (nodeSpec) – Include nodes matching this specifier.
• structureNames (structureName) – Include structures matching this name or regex.
• structureTypes (namedStructureSpec) – Include structures of this type.

Return table columns:

1. Node
2. Structure_Type – Structure type.
3. Structure_Name – Structure name.
4. Structure_Definition – Structure definition.

class pybatfish.question.bfq.nodeProperties(*, nodes, properties, question_name)

Returns configuration settings of nodes.

Lists global settings of devices in the network. Settings that are specific to interfaces, routing protocols, etc. are available via other questions.

Parameters:

• nodes (nodeSpec) – Include nodes matching this name or regex.
• properties (nodePropertySpec) – Include properties matching this regex.

Return table columns:

1. Node
2. AS_Path_Access_Lists
3. Authentication_Key_Chains
4. Canonical_IP
5. Community_Lists
6. Configuration_Format
7. Default_Cross_Zone_Action
8. Default_Inbound_Action
9. Device_Type
10. DNS_Servers
11. DNS_Source_Interface
12. Domain_Name
13. Hostname
14. IKE_Phase1_Keys
15. IKE_Phase1_Policies
16. IKE_Phase1_Proposals
17. Interfaces
18. IP_Access_Lists
19. IP_Spaces
20. IP6_Access_Lists
21. IPsec_Peer_Configs
22. IPsec_Phase2_Policies
23. IPsec_Phase2_Proposals
24. Logging_Servers
25. Logging_Source_Interface
26. NTP_Servers
27. NTP_Source_Interface
28. Route_Filter_Lists
29. Route6_Filter_Lists
30. Routing_Policies
31. SNMP_Source_Interface
32. SNMP_Trap_Servers
33. TACACS_Servers
34. TACACS_Source_Interface
35. Vendor_Family
36. VRFs
37. Zones

class pybatfish.question.bfq.ospfAreaConfiguration(*, nodes, question_name)

Returns configuration parameters of OSPF areas.

Returns information about all OSPF areas defined across the network.

Parameters:nodes (nodeSpec) – Include nodes matching this name or regex.

Return table columns:

1. Node
2. VRF
3. Process_ID
4. Area – Area Number.
5. Area_Type
6. Active_Interfaces
7. Passive_Interfaces

class pybatfish.question.bfq.ospfInterfaceConfiguration(*, nodes, properties, question_name)

Returns OSPF configuration of interfaces.

Returns the interface level OSPF configuration details for the interfaces in the network which run OSPF.

Parameters:

• nodes (nodeSpec) – Include nodes matching this name or regex.
• properties (ospfPropertySpec) – Include properties matching this regex.

Return table columns:

1. Interface
2. VRF
3. Process_ID
4. OSPF_Area_Name
5. OSPF_Passive
6. OSPF_Cost
7. OSPF_Point_To_Point
8. OSPF_Hello_Multiplier

class pybatfish.question.bfq.ospfProcessConfiguration(*, nodes, properties, question_name)

Returns configuration parameters for OSPF routing processes.

Returns the values of important properties for all OSPF processes running across the network.

Parameters:

• nodes (nodeSpec) – Include nodes matching this name or regex.
• properties (ospfPropertySpec) – Include properties matching this regex.

Return table columns:

1. Node
2. VRF
3. Process_ID
4. Areas
5. Reference_Bandwidth
6. Router_ID
7. Export_Policy_Sources
8. Area_Border_Router

class pybatfish.question.bfq.ospfProperties(*, nodes, properties, question_name)

Returns configuration parameters for OSPF routing processes.

Returns all properties of all OSPF processes present in the network. ospfProcessConfiguration question should be used instead as this question is deprecated and will be removed in the future.

Parameters:

• nodes (nodeSpec) – Include nodes matching this name or regex.
• properties (ospfPropertySpec) – Include properties matching this regex.

Return table columns:

1. Node
2. VRF
3. Process_ID
4. Area_Border_Router
5. Areas
6. Export_Policy
7. Export_Policy_Sources
8. Generated_Routes
9. Max_Metric_External_Networks
10. Max_Metric_Stub_Networks
11. Max_Metric_Summary_Networks
12. Max_Metric_Transit_Links
13. Reference_Bandwidth
14. RFC1583_Compatible
15. Router_ID

class pybatfish.question.bfq.referencedStructures(*, names, nodes, types, question_name)

Lists the references in configuration files to vendor-specific structures.

Lists the references in configuration files to vendor-specific structures, along with the line number, the name and the type of the structure referenced, and configuration context in which each reference occurs.

Parameters:

• names (structureName) –

  Include structures whose name matches this string or regex.

  Default value: .*

• nodes (nodeSpec) –

  Include files used to generate nodes whose name matches this specifier.

  Default value: .*

• types (namedStructureSpec) –

  Include structures whose vendor-specific type matches this specifier.

  Default value: .*

Return table columns:

1. Structure_Type – Type of structure referenced.
2. Structure_Name – The referenced structure.
3. Context – Configuration context in which the reference appears.
4. Source_Lines – Lines where reference appears.

class pybatfish.question.bfq.switchedVlanProperties(*, excludeShutInterfaces, interfaces, nodes, vlans, question_name)

Returns configuration settings of switched VLANs.

Lists information about implicitly and explicitly configured switched VLANs.

Parameters:

• excludeShutInterfaces (boolean) – Exclude interfaces that are shutdown.
• interfaces (interfacesSpec) – Include interfaces matching this specifier.
• nodes (nodeSpec) – Include nodes matching this specifier.
• vlans (integerSpace) – Include VLANs in this space.

Return table columns:

1. Node – VLAN_ID.
2. VLAN_ID
3. Interfaces – Switched interfaces carrying traffic for this VLAN.
4. VXLAN_VNI – VXLAN VNI with which this VLAN is associated.

class pybatfish.question.bfq.viModel(*, question_name)

Lists configuration attributes of nodes and edges in the network.

Returns a JSON dictionary with all of the configuration parameters and neighbor relations stored in the vendor independent data-model.

class pybatfish.question.bfq.vxlanVniProperties(*, nodes, properties, question_name)

Returns configuration settings of VXLANs.

Lists VNI-level network segment settings configured for VXLANs.

Parameters:

• nodes (nodeSpec) – Include nodes matching this specifier.
• properties (vxlanVniPropertySpec) – Include properties matching this specifier.

Return table columns:

1. Node
2. VNI – VXLAN Segment ID.
3. Local_VTEP_IP
4. Multicast_Group
5. VLAN
6. VTEP_Flood_List
7. VXLAN_Port

Configuration hygiene questions

Questions that flag unused and undefined structures in configurations.

class pybatfish.question.bfq.aaaAuthenticationLogin(*, nodes, question_name)

Returns nodes that do not require authentication on all virtual terminal lines.

Lists all nodes in the network for which there is a virtual terminal line that does not require authentication.

Parameters:nodes (nodeSpec) –

Required. Examine AAA Authentication on nodes matching this name or regex.

Default value: .*

Return table columns:

1. Node
2. Line_Names – Names of virtual terminal lines.

class pybatfish.question.bfq.interfaceMtu(*, interfaces, mtuBytes, nodes, comparator, question_name)

Finds interfaces where the configured MTU matches the specified comparator and mtuBytes.

For example, if comparator is ‘<’ and mtuBytes is 1500, then only interfaces where the configured MTU is less than 1500 bytes will be returned.

Parameters:

• interfaces (interfacesSpec) –

  Required. Evaluate interfaces matching this specifier.

  Default value: .*

• mtuBytes (integer) –

  Required. The reference MTU in bytes against which to check the configured MTU.

  Default value: 1500

• nodes (nodeSpec) –

  Required. Include nodes matching this specifier.

  Default value: .*

• comparator (comparator) –

  Returned devices will satisfy <comparator> <mtuBytes>. Use ‘<’ to find devices that do not have MTU smaller than the specified <mtuBytes> MTU.

  Default value: <

Return table columns:

1. Interface
2. MTU

class pybatfish.question.bfq.undefinedReferences(*, nodes, question_name)

Identifies undefined references in configuration.

Finds configurations that have references to named structures (e.g., ACLs) that are not defined. Such occurrences indicate errors and can have serious consequences in some cases.

Parameters:nodes (nodeSpec) –

Required. Look for undefined references on nodes matching this name or regex.

Default value: .*

Return table columns:

1. File_Name – File containing reference.
2. Struct_Type – Type of struct reference is supposed to be.
3. Ref_Name – The undefined reference.
4. Context – Context of undefined reference.
5. Lines – Lines where reference appears.

class pybatfish.question.bfq.unusedStructures(*, nodes, question_name)

Returns nodes with structures such as ACLs, routemaps, etc. that are defined but not used.

Return nodes with structures such as ACLs, routes, etc. that are defined but not used. This may represent a bug in the configuration, which may have occurred because a final step in a template or MOP was not completed. Or it could be harmless extra configuration generated from a master template that is not meant to be used on those nodes.

Parameters:nodes (nodeSpec) –

Required. Look for unused structures on nodes matching this name or regex.

Default value: .*

Return table columns:

1. Structure_Type – Vendor-specific type of the structure.
2. Structure_Name – Name of the structure.
3. Source_Lines – File and line numbers where the structure is defined.

Configuration compatibility questions

Questions that show if configuration settings are compatible across devices.

class pybatfish.question.bfq.bgpSessionCompatibility(*, nodes, remoteNodes, status, type, question_name)

Returns the compatibility of configured BGP sessions.

Checks the settings of each configured BGP peering and reports any issue with those settings locally or incompatiblity with its remote counterparts. Each row represents one configured BGP peering on a node and contains information about the session it is meant to establish. For dynamic peers, there is one row per compatible remote peer. Statuses that indicate an independently misconfigured peerings include NO_LOCAL_AS, NO_REMOTE_AS, NO_LOCAL_IP (for eBGP single-hop peerings), LOCAL_IP_UNKNOWN_STATICALLY (for iBGP or eBGP multi-hop peerings), NO_REMOTE_IP (for point-to-point peerings), and NO_REMOTE_PREFIX (for dynamic peerings). INVALID_LOCAL_IP indicates that the peering’s configured local IP does not belong to any active interface on the node; UNKNOWN_REMOTE indicates that the configured remote IP is not present in the network. A locally valid point-to-point peering is deemed HALF_OPEN if it has no compatible remote peers, UNIQUE_MATCH if it has exactly one compatible remote peer, or MULTIPLE_REMOTES if it has multiple compatible remote peers. A locally valid dynamic peering is deemed NO_MATCH_FOUND if it has no compatible remote peers, or DYNAMIC_MATCH if it has at least one compatible remote peer.

Parameters:

• nodes (nodeSpec) – Include sessions whose first node matches this specifier.
• remoteNodes (nodeSpec) – Include sessions whose second node matches this specifier.
• status (bgpSessionStatus) – Only include sessions for which status matches this regex.
• type (bgpSessionType) – Only include sessions for which type (ibgp, ebgp_singlehop, ebgp_multihop) matches this regex.

Return table columns:

1. Node – The node where this session is configured.
2. VRF – The VRF in which this session is configured.
3. Local_AS – The local AS of the session.
4. Local_Interface – Local interface of the session.
5. Local_IP – The local IP of the session.
6. Remote_AS – The remote AS or list of ASes of the session.
7. Remote_Node – Remote node for this session.
8. Remote_Interface – Remote interface for this session.
9. Remote_IP – Remote IP or prefix for this session.
10. Session_Type – The type of this session.
11. Configured_Status – Configured status.

class pybatfish.question.bfq.bgpSessionStatus(*, nodes, remoteNodes, status, type, question_name)

Returns the dynamic status of configured BGP sessions.

Checks whether configured BGP peerings can be established. Each row represents one configured BGP peering and contains information about the session it is configured to establish. For dynamic peerings, one row is shown per compatible remote peer. Possible statuses for each session are NOT_COMPATIBLE, ESTABLISHED, and NOT_ESTABLISHED. NOT_COMPATIBLE sessions are those where one or both peers are misconfigured; the BgpSessionCompatibility question provides further insight into the nature of the configuration error. NOT_ESTABLISHED sessions are those that are configured compatibly but will not come up because peers cannot reach each other (e.g., due to being blocked by an ACL). ESTABLISHED sessions are those that are compatible and are expected to come up.

Parameters:

• nodes (nodeSpec) – Include sessions whose first node matches this specifier.
• remoteNodes (nodeSpec) – Include sessions whose second node matches this specifier.
• status (bgpSessionStatus) – Only include sessions for which status matches this regex.
• type (bgpSessionType) – Only include sessions for which type (ibgp, ebgp_singlehop, ebgp_multihop) matches this regex.

Return table columns:

1. Node – The node where this session is configured.
2. VRF – The VRF in which this session is configured.
3. Local_AS – The local AS of the session.
4. Local_Interface – Local interface of the session.
5. Local_IP – The local IP of the session.
6. Remote_AS – The remote AS or list of ASes of the session.
7. Remote_Node – Remote node for this session.
8. Remote_Interface – Remote interface for this session.
9. Remote_IP – Remote IP or prefix for this session.
10. Session_Type – The type of this session.
11. Established_Status – Established status.

class pybatfish.question.bfq.ipsecSessionStatus(*, nodes, remoteNodes, status, question_name)

Returns the status of configured IPSec sessions.

Shows configuration settings and status for each configured IPSec tunnel in the network. The status is IPSEC_SESSION_ESTABLISHED for tunnels that are expected to be established; it is IKE_PHASE1_FAILED if IKE parameters negotiation failed; it is IKE_PHASE1_KEY_MISMATCH if IKE negotiation was successful but IKE keys do not match; it is IPSEC_PHASE2_FAILED if negotiation of IPsec parameters failed; and it is MISSING_END_POINT if the remote endpoint for a configured IPsec tunnel could not be found in the network.

Parameters:

• nodes (nodeSpec) – Include sessions whose first node matches this specifier.
• remoteNodes (nodeSpec) – Include sessions whose second node matches this specifier.
• status (ipsecSessionStatus) – Only include IPSec sessions for which status matches this regex.

Return table columns:

1. Node – IPSec initiator.
2. Node_Interface – Initiator Interface.
3. Node_IP – Initiator IP.
4. Remote_Node – IPSec responder.
5. Remote_Node_Interface – Responder Interface.
6. Remote_Node_IP – Responder IP.
7. Tunnel_Interfaces – Tunnel interfaces pair used in peering session.
8. Status – IPSec session status.

class pybatfish.question.bfq.ospfSessionCompatibility(*, nodes, remoteNodes, question_name)

Returns compatible OSPF sessions.

Returns compatible OSPF sessions in the network. A session is compatible if the interfaces involved are not shutdown and do run OSPF, are not OSPF passive and are associated with the same OSPF area.

Parameters:

• nodes (nodeSpec) – Include nodes matching this name or regex.
• remoteNodes (nodeSpec) – Include remote nodes matching this name or regex.

Return table columns:

1. Interface
2. VRF
3. IP – Ip.
4. Area
5. Remote_Interface
6. Remote_VRF
7. Remote_IP
8. Remote_Area

Network adjacency questions

Questions that show different types of network adjacencies.

class pybatfish.question.bfq.bgpEdges(*, nodes, remoteNodes, question_name)

Returns BGP adjacencies.

Lists all BGP adjacencies in the network.

Parameters:

• nodes (nodeSpec) –

  Required. Include adjacencies whose first node matches this name or regex.

  Default value: .*

• remoteNodes (nodeSpec) –

  Required. Include adjacencies whose second node matches this name or regex.

  Default value: .*

Return table columns:

1. Node – Node from which the edge originates.
2. IP – IP at the side of originator.
3. Interface – Interface at which the edge originates.
4. AS_Number – AS Number at the side of originator.
5. Remote_Node – Node at which the edge terminates.
6. Remote_IP – IP at the side of the responder.
7. Remote_Interface – Interface at which the edge terminates.
8. Remote_AS_Number – AS Number at the side of responder.

class pybatfish.question.bfq.edges(*, edgeType, nodes, remoteNodes, question_name)

Returns different types of network adjacencies in a snapshot.

Lists network adjacencies of different types (e.g., Layer 3, BGP, OSPF) in the form of edges. This question is deprecated in favor of specific edges question such as bgpEdges and layer3Edges.

Parameters:

• edgeType (string) –

  Required. Types of edges to include. Default is layer3. Allowed values:

  • bgp
  • eigrp
  • ipsec
  • isis
  • layer1
  • layer3
  • ospf
  • vxlan

  Default value: layer3

• nodes (nodeSpec) –

  Required. Include edges whose first node matches this name or regex.

  Default value: .*

• remoteNodes (nodeSpec) –

  Required. Include edges whose second node matches this name or regex.

  Default value: .*

Return table columns:

1. Interface – Interface from which the edge originates.
2. IPs
3. Remote_Interface – Interface at which the edge terminates.
4. Remote_IPs

class pybatfish.question.bfq.eigrpEdges(*, nodes, remoteNodes, question_name)

Returns EIGRP adjacencies.

Lists all EIGRP adjacencies in the network.

Parameters:

• nodes (nodeSpec) –

  Required. Include adjacencies whose first node matches this name or regex.

  Default value: .*

• remoteNodes (nodeSpec) –

  Required. Include adjacencies whose second node matches this name or regex.

  Default value: .*

Return table columns:

1. Interface – Interface from which the edge originates.
2. Remote_Interface – Interface at which the edge terminates.

class pybatfish.question.bfq.ipsecEdges(*, nodes, remoteNodes, question_name)

Returns IPSec tunnels.

Lists all IPSec tunnels in the network.

Parameters:

• nodes (nodeSpec) –

  Required. Include tunnels whose first node matches this name or regex.

  Default value: .*

• remoteNodes (nodeSpec) –

  Required. Include tunnels whose second node matches this name or regex.

  Default value: .*

Return table columns:

1. Source_Interface – Source interface used in the IPsec session.
2. Tunnel_Interface – Tunnel interface (if any) used in the IPsec session.
3. Remote_Source_Interface – Remote source interface used in the IPsec session.
4. Remote_Tunnel_Interface – Remote tunnel interface (if any) used in the IPsec session.

class pybatfish.question.bfq.isisEdges(*, nodes, remoteNodes, question_name)

Returns ISIS adjacencies.

Lists all ISIS adjacencies in the network.

Parameters:

• nodes (nodeSpec) –

  Required. Include adjacencies whose first node matches this name or regex.

  Default value: .*

• remoteNodes (nodeSpec) –

  Required. Include adjacencies whose second node matches this name or regex.

  Default value: .*

Return table columns:

1. Interface – Interface from which the edge originates.
2. Remote_Interface – Interface at which the edge terminates.

class pybatfish.question.bfq.layer1Edges(*, nodes, remoteNodes, question_name)

Returns Layer 1 links.

Lists all Layer 1 links in the network.

Parameters:

• nodes (nodeSpec) –

  Required. Include links whose first node matches this name or regex.

  Default value: .*

• remoteNodes (nodeSpec) –

  Required. Include links whose second node matches this name or regex.

  Default value: .*

Return table columns:

1. Interface – Interface from which the edge originates.
2. Remote_Interface – Interface at which the edge terminates.

class pybatfish.question.bfq.layer3Edges(*, nodes, remoteNodes, question_name)

Returns Layer 3 links.

Lists all Layer 3 edges in the network.

Parameters:

• nodes (nodeSpec) –

  Required. Include edges whose first node matches this name or regex.

  Default value: .*

• remoteNodes (nodeSpec) –

  Required. Include edges whose second node matches this name or regex.

  Default value: .*

Return table columns:

1. Interface – Interface from which the edge originates.
2. IPs
3. Remote_Interface – Interface at which the edge terminates.
4. Remote_IPs

class pybatfish.question.bfq.ospfEdges(*, nodes, remoteNodes, question_name)

Returns OSPF adjacencies.

Lists all OSPF adjacencies in the network.

Parameters:

• nodes (nodeSpec) –

  Required. Include adjacencies whose first node matches this name or regex.

  Default value: .*

• remoteNodes (nodeSpec) –

  Required. Include edges whose second node matches this name or regex.

  Default value: .*

Return table columns:

1. Interface – Interface from which the edge originates.
2. Remote_Interface – Interface at which the edge terminates.

class pybatfish.question.bfq.vxlanEdges(*, nodes, remoteNodes, question_name)

Returns VXLAN edges.

Lists all VXLAN edges in the network.

Parameters:

• nodes (nodeSpec) –

  Required. Include edges whose first node matches this name or regex.

  Default value: .*

• remoteNodes (nodeSpec) –

  Required. Include edges whose second node matches this name or regex.

  Default value: .*

Return table columns:

1. VNI – VNI of the VXLAN tunnel edge.
2. Node – Node from which the edge originates.
3. Remote_Node – Node at which the edge terminates.
4. VTEP_Address – VTEP IP of node from which the edge originates.
5. Remote_VTEP_Address – VTEP IP of node at which the edge terminates.
6. VLAN – VLAN associated with VNI on node from which the edge originates.
7. Remote_VLAN – VLAN associated with VNI on node at which the edge terminates.
8. UDP_Port – UDP port of the VXLAN tunnel transport.
9. Multicast_Group – Multicast group of the VXLAN tunnel transport.

Flow path questions

Questions that show paths of specified flows in the network.

class pybatfish.question.bfq.bidirectionalTraceroute(*, startLocation, headers, maxTraces, ignoreFilters, question_name)

Traces the path(s) for the specified flow, along with path(s) for reverse flows.

This question performs a virtual traceroute in the network from a starting node. A destination IP and ingress (source) node must be specified. Other IP headers are given default values if unspecified. If the trace succeeds, a traceroute is performed in the reverse direction.

Parameters:

• startLocation (locationSpec) – Required. Location (node and interface combination) to start tracing from.
• headers (headerConstraint) – Required. Packet header constraints.
• maxTraces (integer) – Limit the number of traces returned.
• ignoreFilters (boolean) – If set, filters/ACLs encountered along the path are ignored.

Return table columns:

1. Forward_Flow – The forward flow.
2. Forward_Traces – The forward traces.
3. New_Sessions – Sessions initialized by the forward trace.
4. Reverse_Flow – The reverse flow.
5. Reverse_Traces – The reverse traces.

class pybatfish.question.bfq.traceroute(*, startLocation, headers, maxTraces, ignoreFilters, question_name)

Traces the path(s) for the specified flow.

Performs a virtual traceroute in the network from a starting node. A destination IP and ingress (source) node must be specified. Other IP headers are given default values if unspecified. Unlike a real traceroute, this traceroute is directional. That is, for it to succeed, the reverse connectivity is not needed. This feature can help debug connectivity issues by decoupling the two directions.

Parameters:

• startLocation (locationSpec) – Required. Location (node and interface combination) to start tracing from.
• headers (headerConstraint) – Required. Packet header constraints.
• maxTraces (integer) – Limit the number of traces returned.
• ignoreFilters (boolean) – If set, filters/ACLs encountered along the path are ignored.

Return table columns:

1. Flow – The flow.
2. Traces – The traces for this flow.
3. TraceCount – The total number traces for this flow.

Flow search questions

Questions that exhaustively search for flows that meet specified constraints.

class pybatfish.question.bfq.bidirectionalReachability(*, headers, pathConstraints, returnFlowType, question_name)

Searches for successfully delivered flows that can successfully receive a response.

Performs two reachability analyses, first originating from specified sources, then returning back to those sources. After the first (forward) pass, sets up sessions in the network and creates returning flows for each successfully delivered forward flow. The second pass searches for return flows that can be successfully delivered in the presence of the setup sessions.

Parameters:

• headers (headerConstraint) – Required. Packet header constraints.
• pathConstraints (pathConstraint) – Constraint the path a flow can take (start/end/transit locations).
• returnFlowType (string) – Specifies whether to search for return flows that are successful (SUCCESS), that fail (FAILURE), or that can either succeed or fail depending on the path taken (MULTIPATH_INCONSISTENT). The default is SUCCESS.

Return table columns:

1. Forward_Flow – The forward flow.
2. Forward_Traces – The forward traces.
3. New_Sessions – Sessions initialized by the forward trace.
4. Reverse_Flow – The reverse flow.
5. Reverse_Traces – The reverse traces.

class pybatfish.question.bfq.detectLoops(*, maxTraces, question_name)

Detects forwarding loops.

Searches across all possible flows in the network and returns example flows that will experience forwarding loops.

Parameters:maxTraces (integer) – Limit the number of traces returned.

Return table columns:

1. Flow – The flow.
2. Traces – The traces for this flow.
3. TraceCount – The total number traces for this flow.

class pybatfish.question.bfq.differentialReachability(*, actions, headers, ignoreFilters, invertSearch, maxTraces, pathConstraints, question_name)

Returns flows that are successful in one snapshot but not in another.

Searches across all possible flows in the network, with the specified header and path constraints, and returns example flows that are successful in one snapshot and not the other. This is a differential question and the reference snapshot to compare against must be provided in the call to answer().

Parameters:

• actions (dispositionSpec) –

  Only return flows for which the disposition is from this set.

  Default value: success

• headers (headerConstraint) – Packet header constraints.
• ignoreFilters (boolean) – Do not apply filters/ACLs during analysis.
• invertSearch (boolean) – Search for packet headers outside the specified headerspace, rather than inside the space.
• maxTraces (integer) – Limit the number of traces returned.
• pathConstraints (pathConstraint) – Constraint the path a flow can take (start/end/transit locations).

Return table columns:

1. Flow – The flow.
2. Snapshot_Traces – The traces in the BASE snapshot.
3. Snapshot_TraceCount – The total number traces in the BASE snapshot.
4. Reference_Traces – The traces in the DELTA snapshot.
5. Reference_TraceCount – The total number traces in the DELTA snapshot.

class pybatfish.question.bfq.loopbackMultipathConsistency(*, maxTraces, question_name)

Validates multipath consistency between all pairs of loopbacks.

Finds flows between loopbacks that are treated differently (i.e., dropped versus forwarded) by different paths in the presence of multipath routing.

Parameters:maxTraces (integer) – Limit the number of traces returned.

Return table columns:

1. Flow – The flow.
2. Traces – The traces for this flow.
3. TraceCount – The total number traces for this flow.

class pybatfish.question.bfq.multipathConsistency(*, headers, maxTraces, pathConstraints, question_name)

Validates multipath consistency.

Searches across all flows in the network and returns example flows that are treated differently (i.e., dropped versus forwarded) by different paths in the presence of multipath routing.

Parameters:

• headers (headerConstraint) – Packet header constraints.
• maxTraces (integer) – Limit the number of traces returned.
• pathConstraints (pathConstraint) – Constraint the path a flow can take (start/end/transit locations).

Return table columns:

1. Flow – The flow.
2. Traces – The traces for this flow.
3. TraceCount – The total number traces for this flow.

class pybatfish.question.bfq.reachability(*, pathConstraints, headers, actions, maxTraces, invertSearch, ignoreFilters, question_name)

Finds flows that match the specified path and header space conditions.

Searches across all flows that match the specified conditions and returns examples of such flows. This question can be used to ensure that certain services are globally accessible and parts of the network are perfectly isolated from each other.

Parameters:

• pathConstraints (pathConstraint) – Constraint the path a flow can take (start/end/transit locations).
• headers (headerConstraint) – Packet header constraints.
• actions (dispositionSpec) –

  Only return flows for which the disposition is from this set.

  Default value: success

• maxTraces (integer) – Limit the number of traces returned.
• invertSearch (boolean) – Search for packet headers outside the specified headerspace, rather than inside the space.
• ignoreFilters (boolean) – Do not apply filters/ACLs during analysis.

Return table columns:

1. Flow – The flow.
2. Traces – The traces for this flow.
3. TraceCount – The total number traces for this flow.

class pybatfish.question.bfq.subnetMultipathConsistency(*, maxTraces, question_name)

Validates multipath consistency between all pairs of subnets.

Searches across all flows between subnets that are treated differently (i.e., dropped versus forwarded) by different paths in the network and returns example flows.

Parameters:maxTraces (integer) – Limit the number of traces returned.

Return table columns:

1. Flow – The flow.
2. Traces – The traces for this flow.
3. TraceCount – The total number traces for this flow.

ACL and firewall analysis questions

Questions that analyze ACLs and firewall rules.

class pybatfish.question.bfq.compareFilters(*, nodes, filters, ignoreComposites, question_name)

Compares filters with the same name in the current and reference snapshots. Returns pairs of lines, one from each filter, that match the same flow(s) but treat them differently (i.e. one permits and the other denies the flow).

This question can be used to summarize how a filter has changed over time. In particular, it highlights differences that cause flows to be denied when they used to be permitted, or vice versa. The output is a table that includes pairs of lines, one from each version of the filter, that both match at least one common flow, and have different action (permit or deny). This is a differential question and the reference snapshot to compare against must be provided in the call to answer().

Parameters:

• nodes (nodeSpec) – Only evaluate filters present on nodes matching this specifier.
• filters (filter) – Only evaluate filters that match this regex.
• ignoreComposites (boolean) – Whether to ignore filters that are composed of multiple filters defined in the configs.

Return table columns:

1. Node – Hostname.
2. Filter_Name – The filter name.
3. Line_Index – The index of the line in the current filter.
4. Line_Content – The current filter line content.
5. Line_Action – The current filter line action.
6. Reference_Line_Index – The index of the line in the reference filter.
7. Reference_Line_Content – The reference filter line content.

class pybatfish.question.bfq.filterLineReachability(*, filters, ignoreComposites, nodes, question_name)

Returns unreachable lines in filters (ACLs and firewall rules).

Finds all lines in the specified filters that will not match any packet, either because of being shadowed by prior lines or because of its match condition being empty.

Parameters:

• filters (filterSpec) – Specifier for filters to test.
• ignoreComposites (boolean) – Whether to ignore filters that are composed of multiple filters defined in the configs.
• nodes (nodeSpec) – Examine filters on nodes matching this specifier.

Return table columns:

1. Sources – Filter sources.
2. Unreachable_Line – Filter line that cannot be matched (i.e., unreachable).
3. Unreachable_Line_Action – Action performed by the unreachable line (e.g., PERMIT or DENY).
4. Blocking_Lines – Lines that, when combined, cover the unreachable line.
5. Different_Action – Whether unreachable line has an action different from the blocking line(s).
6. Reason – The reason a line is unreachable.
7. Additional_Info – Additional information.

class pybatfish.question.bfq.searchFilters(*, action, explain, filters, headers, invertSearch, nodes, startLocation, question_name)

Finds flows for which a filter takes a particular behavior.

This question searches for flows for which a filter (access control list) has a particular behavior. The behaviors can be: that the filter permits the flow (permit), that it denies the flow (deny), or that the flow is matched by a particular line (matchLine <lineNumber>). Filters are selected using node and filter specifiers, which might match multiple filters. In this case, a (possibly different) flow will be found for each filter.

Parameters:

• action (string) – The behavior that you want evaluated. Options are: permit|deny|matchLine <line number>. Only one option should be selected.
• explain (boolean) – Include a description of the flow space matching the query.
• filters (filterSpec) – Only evaluate filters that match this specifier.
• headers (headerConstraint) – Packet header constraints on the flows being searched.
• invertSearch (boolean) – Search for packet headers outside the specified headerspace, rather than inside the space.
• nodes (nodeSpec) – Only evaluate filters present on nodes matching this specifier.
• startLocation (locationSpec) – Only consider specified locations as possible sources.

Return table columns:

1. Node
2. Filter_Name – Filter name.
3. Flow – Evaluated flow.
4. Action – Outcome.
5. Line_Content – Line content.
6. Trace – ACL trace.

class pybatfish.question.bfq.testFilters(*, filters, headers, nodes, startLocation, question_name)

Returns how a flow is processed by a filter (ACLs, firewall rules).

Shows how the specified flow is processed through the specified filters, returning its permit/deny status as well as the line(s) it matched.

Parameters:

• filters (filterSpec) –

  Required. Only consider filters that match this specifier.

  Default value: .*

• headers (headerConstraint) – Required. Packet header constraints.
• nodes (nodeSpec) –

  Required. Only examine filters on nodes matching this specifier.

  Default value: .*

• startLocation (string) – Location to start tracing from.

Return table columns:

1. Node
2. Filter_Name – Filter name.
3. Flow – Evaluated flow.
4. Action – Outcome.
5. Line_Content – Line content.
6. Trace – ACL trace.

Routing analysis questions

Questions that analyze routing

class pybatfish.question.bfq.lpmRoutes(*, ip, nodes, vrfs, question_name)

Returns routes that are longest prefix match for a given IP address.

Return longest prefix match routes for a given IP in the RIBs of specified nodes and VRFs.

Parameters:

• ip (ip) – Required. IP address to run LPM on.
• nodes (nodeSpec) –

  Required. Examine routes on nodes matching this specifier.

  Default value: .*

• vrfs (vrf) –

  Required. Examine routes on VRFs matching this name or regex.

  Default value: .*

Return table columns:

1. Node – Node where the route is present.
2. VRF – VRF where the route is present.
3. Ip – IP that was being matched on.
4. Network – The longest-prefix network that matched.
5. Num_Routes – Number of routes that matched (in case of ECMP).

class pybatfish.question.bfq.prefixTracer(*, nodes, prefix, question_name)

Traces prefix propagation through the network.

Shows how prefixes are treated by devices in the network during routing.

Parameters:

• nodes (nodeSpec) – Include prefix tracing information for nodes matching this name or regex.
• prefix (prefix) – The prefix to trace. Expected format is A.B.C.D/Y.

Return table columns:

1. Node – The node where action takes place.
2. VRF – The VRF where action takes place.
3. Peer – The node’s neighbor to which the action applies.
4. Action – The action that takes place.
5. Prefix – The prefix in question.

class pybatfish.question.bfq.routes(*, nodes, vrfs, network, protocols, rib, question_name)

Returns routing tables.

Shows routes for specified RIB, VRF, and node(s).

Parameters:

• nodes (nodeSpec) –

  Required. Examine routes on nodes matching this specifier.

  Default value: .*

• vrfs (vrf) –

  Required. Examine routes on VRFs matching this name or regex.

  Default value: .*

• network (prefix) – Examine routes for networks matching this prefix.
• protocols (routingProtocolSpec) – Examine routes for protocols matching this specifier.
• rib (string) –

  Only return routes from a given protocol RIB. Allowed values:

  • main
  • bgp

Return table columns:

1. Node
2. VRF – VRF name.
3. Network – Network for this route.
4. Next_Hop – Inferred hostname of the next hop.
5. Next_Hop_IP – Route’s Next Hop IP.
6. Next_Hop_Interface – Route’s Next Hop Interface.
7. Protocol – Route’s Protocol.
8. Metric – Route’s Metric.
9. Admin_Distance – Route’s Admin distance.
10. Tag – Tag for this route.

class pybatfish.question.bfq.testRoutePolicies(*, nodes, policies, inputRoutes, direction, question_name)

Evaluates the processing of a route by a given policy.

Find how the specified route is processed through the specified routing policies.

Parameters:

• nodes (nodeSpec) –

  Required. Only examine filters on nodes matching this specifier.

  Default value: .*

• policies (string) –

  Required. Only consider policies that match this specifier.

  Default value: .*

• inputRoutes (bgpRoutes) – Required. The BGP route announcements to test the policy on.
• direction (string) –

  Required. The direction of the route, with respect to the device (IN/OUT). Allowed values:

  • in: The route is inbound to the device
  • out: The route is outbound from the device

Specifier resolvers

Questions that resolve specifier expressions.

class pybatfish.question.bfq.resolveFilterSpecifier(*, filters, grammarVersion, nodes, question_name)

Returns the set of filters corresponding to a filterSpec value.

Helper question that shows how specified filterSpec values resolve to the filters in the network.

Parameters:

• filters (filterSpec) – Input to the FilterSpecifier.
• grammarVersion (string) – Version of grammar to use for resolution.
• nodes (nodeSpec) – Input to the NodeSpecifier.

Return table columns:

1. Node
2. Filter_Name – Filter name.

class pybatfish.question.bfq.resolveInterfaceSpecifier(*, grammarVersion, interfaces, nodes, question_name)

Returns the set of interfaces corresponding to an interfaceSpec value.

Helper question that shows how specified interfaceSpec values resolve to the interfaces in the network.

Parameters:

• grammarVersion (string) – Version of grammar to use for resolution.
• interfaces (interfacesSpec) – Input to the interfaceSpecifier.
• nodes (nodeSpec) – Input to the NodeSpecifier.

Return table columns:

1. Interface

class pybatfish.question.bfq.resolveIpSpecifier(*, grammarVersion, ips, question_name)

Returns the IP address space corresponding to an ipSpec value.

Helper question that shows how specified ipSpec values resolve to IPs.

Parameters:

• grammarVersion (string) – Version of grammar to use for resolution.
• ips (ipSpaceSpec) – Input to the IP space specifier.

Return table columns:

1. IP_Space – IP space.

class pybatfish.question.bfq.resolveIpsOfLocationSpecifier(*, grammarVersion, locations, question_name)

Returns IPs that are auto-assigned to locations.

Helper question that shows IPs that will be assigned to specified locationSpec values by questions are automatically pick IPs based on locations.

Parameters:

• grammarVersion (string) – Version of grammar to use for resolution.
• locations (locationSpec) – Input to the LocationSpecifier.

Return table columns:

1. Locations – Resolution.
2. IP_Space – IP space.

class pybatfish.question.bfq.resolveLocationSpecifier(*, grammarVersion, locations, question_name)

Returns the set of locations corresponding to a locationSpec value.

Helper question that shows how specified locationSpec values resolve to the locations in the network.

Parameters:

• grammarVersion (string) – Version of grammar to use for resolution.
• locations (locationSpec) – Input to the LocationSpecifier.

Return table columns:

1. Location

class pybatfish.question.bfq.resolveNodeSpecifier(*, grammarVersion, nodes, question_name)

Returns the set of nodes corresponding to a nodeSpec value.

Helper question that shows how specified nodeSpec values resolve to the nodes in the network.

Parameters:

• grammarVersion (string) – Version of grammar to use for resolution.
• nodes (nodeSpec) – Input to the NodeSpecifier.

Return table columns:

1. Node

Initialization information questions

Question that reveal how well Batfish understood input data.

class pybatfish.question.bfq.fileParseStatus(*, question_name)

Displays file parse status.

For each file in a snapshot, returns the host(s) that were produced by the file and the parse status: pass, fail, partially parsed.

Return table columns:

1. File_Name – The file that was parsed.
2. Status – The status of the parsing operation.
3. Nodes – Names of nodes produced from this file.

class pybatfish.question.bfq.initIssues(*, question_name)

Returns issues encountered when processing the snapshot.

Reports issues encountered by Batfish, including failure to recognize certain lines in the configuration, lack of support for certain features, and errors when converting to vendor-independent models.

Return table columns:

1. Nodes – The nodes that were converted (if applicable).
2. Source_Lines – The files and lines that caused the issues (if applicable).
3. Type – The type of issues identified.
4. Details – Details about the issues identified.
5. Line_Text – The text of the input files that caused the issues (if applicable).
6. Parser_Context – Batfish parser state when issues were encountered (if applicable).

class pybatfish.question.bfq.parseWarning(*, aggregateDuplicates, question_name)

Returns warnings that occurred when parsing the snapshot.

Return warnings such as failure to recognize certain lines and lack of support for certain features.

Parameters:aggregateDuplicates (boolean) – Whether to aggregate duplicate results.

Return table columns:

1. Filename – The file that was parsed.
2. Text – The text of the input that caused the warning.
3. Line – The line number in the input file that caused the warning.
4. Parser_Context – The context of the Batfish parser when the warning occurred.
5. Comment – An optional comment explaining more information about the warning.

class pybatfish.question.bfq.viConversionStatus(*, question_name)

Displays vendor independent conversion status.

For each node in a snapshot, returns the vendor independent conversion status: pass, fail, converted with warnings.

Return table columns:

1. Node – The node that was converted.
2. Status – The status of the conversion operation.

class pybatfish.question.bfq.viConversionWarning(*, question_name)

Returns Batfish warnings that occurred when converting to vendor independent model.

When converting configurations to a vendor independent model Batfish may generate warnings for unsupported features and for unexpected configurations (e.g., missing definitions). This question lists those warnings.

Return table columns:

1. Node – The node that caused the warning.
2. Type – The type of the warning.
3. Comment – The description of the warning.

Other questions

Questions that do not belong to any other category

class pybatfish.question.bfq.filterTable(*, innerQuestion, columns, filter, question_name)

Returns subset of answer for a question.

Return a subset of the answer generated by the inner question. The results are trimmed first by row and then by column. Rows where any value matches the filter are returned. The columns returned for each row is restricted by the column specifier.

Parameters:

• innerQuestion (question) – Required. The inner question whose answer should be filtered.
• columns (string) – The set of columns to fetch.
• filter (string) – The filter to use.