Example 16 with Interface
use of org.batfish.datamodel.Interface in project batfish by batfish.
the class Region method toConfigurationNodes.
public void toConfigurationNodes(AwsConfiguration awsConfiguration, Map<String, Configuration> configurationNodes) {
// updates the Ips which have been allocated already in subnets of all interfaces
updateAllocatedIps();
for (Vpc vpc : getVpcs().values()) {
Warnings warnings = Batfish.buildWarnings(awsConfiguration.getSettings());
Configuration cfgNode = vpc.toConfigurationNode(awsConfiguration, this, warnings);
configurationNodes.put(cfgNode.getName(), cfgNode);
awsConfiguration.getWarningsByHost().put(cfgNode.getName(), warnings);
}
for (ElasticsearchDomain elasticsearchDomain : getElasticSearchDomains().values()) {
Warnings warnings = Batfish.buildWarnings(awsConfiguration.getSettings());
Configuration cfgNode = elasticsearchDomain.toConfigurationNode(awsConfiguration, this, warnings);
cfgNode.setDeviceType(DeviceType.HOST);
configurationNodes.put(cfgNode.getName(), cfgNode);
awsConfiguration.getWarningsByHost().put(cfgNode.getName(), warnings);
}
for (InternetGateway igw : getInternetGateways().values()) {
Warnings warnings = Batfish.buildWarnings(awsConfiguration.getSettings());
Configuration cfgNode = igw.toConfigurationNode(awsConfiguration, this, warnings);
configurationNodes.put(cfgNode.getName(), cfgNode);
awsConfiguration.getWarningsByHost().put(cfgNode.getName(), warnings);
}
for (NatGateway ngw : getNatGateways().values()) {
Warnings warnings = Batfish.buildWarnings(awsConfiguration.getSettings());
warnings.redFlag("NAT functionality not yet implemented for " + ngw.getId());
Configuration cfgNode = ngw.toConfigurationNode(awsConfiguration, this, warnings);
configurationNodes.put(cfgNode.getName(), cfgNode);
awsConfiguration.getWarningsByHost().put(cfgNode.getName(), warnings);
}
for (VpnGateway vgw : getVpnGateways().values()) {
Warnings warnings = Batfish.buildWarnings(awsConfiguration.getSettings());
Configuration cfgNode = vgw.toConfigurationNode(awsConfiguration, this, warnings);
configurationNodes.put(cfgNode.getName(), cfgNode);
awsConfiguration.getWarningsByHost().put(cfgNode.getName(), warnings);
}
for (Instance instance : getInstances().values()) {
Warnings warnings = Batfish.buildWarnings(awsConfiguration.getSettings());
Configuration cfgNode = instance.toConfigurationNode(awsConfiguration, this, warnings);
cfgNode.setDeviceType(DeviceType.HOST);
configurationNodes.put(cfgNode.getName(), cfgNode);
awsConfiguration.getWarningsByHost().put(cfgNode.getName(), warnings);
}
for (RdsInstance rdsInstance : getRdsInstances().values()) {
Warnings warnings = Batfish.buildWarnings(awsConfiguration.getSettings());
Configuration cfgNode = rdsInstance.toConfigurationNode(awsConfiguration, this, warnings);
cfgNode.setDeviceType(DeviceType.HOST);
configurationNodes.put(cfgNode.getName(), cfgNode);
awsConfiguration.getWarningsByHost().put(cfgNode.getName(), warnings);
}
for (Subnet subnet : getSubnets().values()) {
Warnings warnings = Batfish.buildWarnings(awsConfiguration.getSettings());
Configuration cfgNode = subnet.toConfigurationNode(awsConfiguration, this, warnings);
configurationNodes.put(cfgNode.getName(), cfgNode);
awsConfiguration.getWarningsByHost().put(cfgNode.getName(), warnings);
}
for (VpnConnection vpnConnection : getVpnConnections().values()) {
Warnings warnings = Batfish.buildWarnings(awsConfiguration.getSettings());
vpnConnection.applyToVpnGateway(awsConfiguration, this, warnings);
awsConfiguration.getWarningsByHost().put(vpnConnection.getId(), warnings);
}
applySecurityGroupsAcls(configurationNodes);
// TODO: for now, set all interfaces to have the same bandwidth
for (Configuration cfgNode : configurationNodes.values()) {
for (Vrf vrf : cfgNode.getVrfs().values()) {
for (Interface iface : vrf.getInterfaces().values()) {
iface.setBandwidth(1E12d);
}
}
}
}
Also used :
Configuration(org.batfish.datamodel.Configuration)
Vrf(org.batfish.datamodel.Vrf)
Warnings(org.batfish.common.Warnings)
Interface(org.batfish.datamodel.Interface)
Example 17 with Interface
use of org.batfish.datamodel.Interface in project batfish by batfish.
the class Route method toStaticRoute.
@Nullable
public StaticRoute toStaticRoute(AwsConfiguration awsConfiguration, Region region, Ip vpcAddress, @Nullable Ip igwAddress, @Nullable Ip vgwAddress, Subnet subnet, Configuration subnetCfgNode, Warnings warnings) {
// setting the common properties
StaticRoute.Builder srBuilder = StaticRoute.builder().setNetwork(_destinationCidrBlock).setAdministrativeCost(DEFAULT_STATIC_ROUTE_ADMIN).setMetric(DEFAULT_STATIC_ROUTE_COST);
if (_state == State.BLACKHOLE) {
srBuilder.setNextHopInterface(Interface.NULL_INTERFACE_NAME);
} else {
switch(_targetType) {
case Gateway:
if (_target.equals("local")) {
// send to the vpc router
srBuilder.setNextHopIp(vpcAddress);
} else {
// exception
if (_target.equals(subnet.getInternetGatewayId())) {
srBuilder.setNextHopIp(igwAddress);
} else if (_target.equals(subnet.getVpnGatewayId())) {
srBuilder.setNextHopIp(vgwAddress);
} else {
throw new BatfishException("Internet gateway \"" + _target + "\" specified in this route not accessible from this subnet");
}
}
break;
case NatGateway:
// TODO: it is NOT clear that this is the right thing to do
// for NATs with multiple interfaces, we should probably match on private IPs?
srBuilder.setNextHopIp(region.getNatGateways().get(_target).getNatGatewayAddresses().get(0)._privateIp);
break;
case NetworkInterface:
NetworkInterface networkInterface = region.getNetworkInterfaces().get(_target);
String networkInterfaceSubnetId = networkInterface.getSubnetId();
if (networkInterfaceSubnetId.equals(subnet.getId())) {
Set<Ip> networkInterfaceIps = new TreeSet<>();
networkInterfaceIps.addAll(networkInterface.getIpAddressAssociations().keySet());
Ip lowestIp = networkInterfaceIps.toArray(new Ip[] {})[0];
if (!subnet.getCidrBlock().containsIp(lowestIp)) {
throw new BatfishException("Ip of network interface specified in static route not in containing subnet");
}
srBuilder.setNextHopIp(lowestIp);
} else {
String networkInterfaceVpcId = region.getSubnets().get(networkInterfaceSubnetId).getVpcId();
String vpcId = subnet.getVpcId();
if (!vpcId.equals(networkInterfaceVpcId)) {
throw new BatfishException("Cannot peer with interface on different VPC");
}
// need to create a link between subnet on which route is created
// and instance containing network interface
String subnetIfaceName = _target;
Pair<InterfaceAddress, InterfaceAddress> instanceLink = awsConfiguration.getNextGeneratedLinkSubnet();
InterfaceAddress subnetIfaceAddress = instanceLink.getFirst();
Utils.newInterface(subnetIfaceName, subnetCfgNode, subnetIfaceAddress);
// set up instance interface
String instanceId = networkInterface.getAttachmentInstanceId();
String instanceIfaceName = subnet.getId();
Configuration instanceCfgNode = awsConfiguration.getConfigurationNodes().get(instanceId);
InterfaceAddress instanceIfaceAddress = instanceLink.getSecond();
Interface instanceIface = Utils.newInterface(instanceIfaceName, instanceCfgNode, instanceIfaceAddress);
instanceIface.setIncomingFilter(instanceCfgNode.getIpAccessLists().getOrDefault(Region.SG_INGRESS_ACL_NAME, new IpAccessList(Region.SG_INGRESS_ACL_NAME, new LinkedList<>())));
instanceIface.setOutgoingFilter(instanceCfgNode.getIpAccessLists().getOrDefault(Region.SG_EGRESS_ACL_NAME, new IpAccessList(Region.SG_EGRESS_ACL_NAME, new LinkedList<>())));
Ip nextHopIp = instanceIfaceAddress.getIp();
srBuilder.setNextHopIp(nextHopIp);
}
break;
case VpcPeeringConnection:
// create route for vpc peering connection
String vpcPeeringConnectionid = _target;
VpcPeeringConnection vpcPeeringConnection = region.getVpcPeeringConnections().get(vpcPeeringConnectionid);
String localVpcId = subnet.getVpcId();
String accepterVpcId = vpcPeeringConnection.getAccepterVpcId();
String requesterVpcId = vpcPeeringConnection.getRequesterVpcId();
String remoteVpcId = localVpcId.equals(accepterVpcId) ? requesterVpcId : accepterVpcId;
Configuration remoteVpcCfgNode = awsConfiguration.getConfigurationNodes().get(remoteVpcId);
if (remoteVpcCfgNode == null) {
warnings.redFlag("VPC \"" + localVpcId + "\" cannot peer with non-existent VPC: \"" + remoteVpcId + "\"");
return null;
}
// set up subnet interface if necessary
String subnetIfaceName = remoteVpcId;
String remoteVpcIfaceName = subnet.getId();
Ip remoteVpcIfaceIp;
if (!subnetCfgNode.getDefaultVrf().getInterfaces().containsKey(subnetIfaceName)) {
// create prefix on which subnet and remote vpc router will
// connect
Pair<InterfaceAddress, InterfaceAddress> peeringLink = awsConfiguration.getNextGeneratedLinkSubnet();
InterfaceAddress subnetIfaceAddress = peeringLink.getFirst();
Utils.newInterface(subnetIfaceName, subnetCfgNode, subnetIfaceAddress);
// set up remote vpc router interface
InterfaceAddress remoteVpcIfaceAddress = peeringLink.getSecond();
Interface remoteVpcIface = new Interface(remoteVpcIfaceName, remoteVpcCfgNode);
remoteVpcCfgNode.getInterfaces().put(remoteVpcIfaceName, remoteVpcIface);
remoteVpcCfgNode.getDefaultVrf().getInterfaces().put(remoteVpcIfaceName, remoteVpcIface);
remoteVpcIface.setAddress(remoteVpcIfaceAddress);
remoteVpcIface.getAllAddresses().add(remoteVpcIfaceAddress);
}
// interface pair exists now, so just retrieve existing information
remoteVpcIfaceIp = remoteVpcCfgNode.getDefaultVrf().getInterfaces().get(remoteVpcIfaceName).getAddress().getIp();
// initialize static route on new link
srBuilder.setNextHopIp(remoteVpcIfaceIp);
break;
case Instance:
// TODO: create route for instance
warnings.redFlag("Skipping creating route to " + _destinationCidrBlock + " for instance: \"" + _target + "\"");
return null;
default:
throw new BatfishException("Unsupported target type: " + _targetType);
}
}
return srBuilder.build();
}
Also used :
BatfishException(org.batfish.common.BatfishException)
StaticRoute(org.batfish.datamodel.StaticRoute)
Configuration(org.batfish.datamodel.Configuration)
InterfaceAddress(org.batfish.datamodel.InterfaceAddress)
Ip(org.batfish.datamodel.Ip)
TreeSet(java.util.TreeSet)
IpAccessList(org.batfish.datamodel.IpAccessList)
Interface(org.batfish.datamodel.Interface)
Nullable(javax.annotation.Nullable)
Example 18 with Interface
use of org.batfish.datamodel.Interface in project batfish by batfish.
the class HostConfiguration method toVendorIndependentConfiguration.
@Override
public Configuration toVendorIndependentConfiguration() throws VendorConversionException {
if (_underlayConfiguration != null) {
_hostInterfaces.forEach((name, iface) -> iface.setCanonicalName(_underlayConfiguration.canonicalizeInterfaceName(name)));
} else {
_hostInterfaces.forEach((name, iface) -> iface.setCanonicalName(name));
}
String hostname = getHostname();
_c = new Configuration(hostname, ConfigurationFormat.HOST);
_c.setDefaultCrossZoneAction(LineAction.ACCEPT);
_c.setDefaultInboundAction(LineAction.ACCEPT);
_c.setRoles(_roles);
_c.getVrfs().put(Configuration.DEFAULT_VRF_NAME, new Vrf(Configuration.DEFAULT_VRF_NAME));
// add interfaces
_hostInterfaces.values().forEach(hostInterface -> {
String canonicalName = hostInterface.getCanonicalName();
Interface newIface = hostInterface.toInterface(_c, _w);
_c.getInterfaces().put(canonicalName, newIface);
_c.getDefaultVrf().getInterfaces().put(canonicalName, newIface);
});
// add iptables
if (_iptablesVendorConfig != null) {
_iptablesVendorConfig.addAsIpAccessLists(_c, this, _w);
}
// apply acls to interfaces
if (simple()) {
for (Interface iface : _c.getDefaultVrf().getInterfaces().values()) {
iface.setIncomingFilter(_c.getIpAccessLists().get(FILTER_INPUT));
iface.setOutgoingFilter(_c.getIpAccessLists().get(FILTER_OUTPUT));
}
} else {
_w.unimplemented("Do not support complicated iptables rules yet");
}
_c.getDefaultVrf().getStaticRoutes().addAll(_staticRoutes.stream().map(hsr -> hsr.toStaticRoute()).collect(Collectors.toSet()));
Set<StaticRoute> staticRoutes = _c.getDefaultVrf().getStaticRoutes();
for (HostInterface iface : _hostInterfaces.values()) {
Ip gateway = iface.getGateway();
if (gateway != null) {
staticRoutes.add(StaticRoute.builder().setNetwork(Prefix.ZERO).setNextHopIp(gateway).setNextHopInterface(iface.getName()).setAdministrativeCost(HostStaticRoute.DEFAULT_ADMINISTRATIVE_COST).setTag(AbstractRoute.NO_TAG).build());
break;
}
}
if (_staticRoutes.isEmpty() && staticRoutes.isEmpty() && !_c.getInterfaces().isEmpty()) {
String ifaceName = _c.getInterfaces().values().iterator().next().getName();
_c.getDefaultVrf().getStaticRoutes().add(StaticRoute.builder().setNetwork(Prefix.ZERO).setNextHopInterface(ifaceName).setAdministrativeCost(HostStaticRoute.DEFAULT_ADMINISTRATIVE_COST).setTag(AbstractRoute.NO_TAG).build());
}
return _c;
}
Also used :
StaticRoute(org.batfish.datamodel.StaticRoute)
Configuration(org.batfish.datamodel.Configuration)
IptablesVendorConfiguration(org.batfish.representation.iptables.IptablesVendorConfiguration)
VendorConfiguration(org.batfish.vendor.VendorConfiguration)
Ip(org.batfish.datamodel.Ip)
Vrf(org.batfish.datamodel.Vrf)
Interface(org.batfish.datamodel.Interface)
Example 19 with Interface
use of org.batfish.datamodel.Interface in project batfish by batfish.
the class Graph method createIbgpInterface.
/*
* Create a new "fake" interface to correspond to an abstract
* iBGP control plane edge in the network.
*/
private Interface createIbgpInterface(BgpNeighbor n, String peer) {
Interface iface = new Interface("iBGP-" + peer);
iface.setActive(true);
// TODO is this valid.
Prefix p = n.getPrefix();
assert p.getPrefixLength() == Prefix.MAX_PREFIX_LENGTH;
iface.setAddress(new InterfaceAddress(n.getPrefix().getStartIp(), Prefix.MAX_PREFIX_LENGTH));
iface.setBandwidth(0.);
return iface;
}
Also used :
InterfaceAddress(org.batfish.datamodel.InterfaceAddress)
Prefix(org.batfish.datamodel.Prefix)
Interface(org.batfish.datamodel.Interface)
Example 20 with Interface
use of org.batfish.datamodel.Interface in project batfish by batfish.
the class Graph method getOriginatedNetworks.
/*
* Collects and returns all originated prefixes for the given
* router as well as the protocol. Static routes and connected
* routes are treated as originating the prefix.
*/
public static Set<Prefix> getOriginatedNetworks(Configuration conf, Protocol proto) {
Set<Prefix> acc = new HashSet<>();
if (proto.isOspf()) {
OspfProcess ospf = conf.getDefaultVrf().getOspfProcess();
for (OspfArea area : ospf.getAreas().values()) {
for (String ifaceName : area.getInterfaces()) {
Interface iface = conf.getInterfaces().get(ifaceName);
if (iface.getActive() && iface.getOspfEnabled()) {
acc.add(iface.getAddress().getPrefix());
}
}
}
return acc;
}
if (proto.isBgp()) {
RoutingPolicy defaultPol = findCommonRoutingPolicy(conf, Protocol.BGP);
if (defaultPol != null) {
AstVisitor v = new AstVisitor();
v.visit(conf, defaultPol.getStatements(), stmt -> {
}, expr -> {
if (expr instanceof Conjunction) {
Conjunction c = (Conjunction) expr;
if (c.getConjuncts().size() >= 2) {
BooleanExpr be1 = c.getConjuncts().get(0);
BooleanExpr be2 = c.getConjuncts().get(1);
if (be1 instanceof MatchPrefixSet && be2 instanceof Not) {
MatchPrefixSet mps = (MatchPrefixSet) be1;
Not n = (Not) be2;
if (n.getExpr() instanceof MatchProtocol) {
MatchProtocol mp = (MatchProtocol) n.getExpr();
if (mp.getProtocol() == RoutingProtocol.BGP) {
PrefixSetExpr e = mps.getPrefixSet();
if (e instanceof ExplicitPrefixSet) {
ExplicitPrefixSet eps = (ExplicitPrefixSet) e;
Set<PrefixRange> ranges = eps.getPrefixSpace().getPrefixRanges();
for (PrefixRange r : ranges) {
acc.add(r.getPrefix());
}
}
}
}
}
}
}
});
}
return acc;
}
if (proto.isConnected()) {
for (Interface iface : conf.getInterfaces().values()) {
InterfaceAddress address = iface.getAddress();
if (address != null) {
acc.add(address.getPrefix());
}
}
return acc;
}
if (proto.isStatic()) {
for (StaticRoute sr : conf.getDefaultVrf().getStaticRoutes()) {
if (sr.getNetwork() != null) {
acc.add(sr.getNetwork());
}
}
return acc;
}
throw new BatfishException("ERROR: getOriginatedNetworks: " + proto.name());
}
Also used :
BatfishException(org.batfish.common.BatfishException)
PrefixRange(org.batfish.datamodel.PrefixRange)
StaticRoute(org.batfish.datamodel.StaticRoute)
OspfArea(org.batfish.datamodel.OspfArea)
InterfaceAddress(org.batfish.datamodel.InterfaceAddress)
MatchPrefixSet(org.batfish.datamodel.routing_policy.expr.MatchPrefixSet)
PrefixSetExpr(org.batfish.datamodel.routing_policy.expr.PrefixSetExpr)
OspfProcess(org.batfish.datamodel.OspfProcess)
RoutingPolicy(org.batfish.datamodel.routing_policy.RoutingPolicy)
Prefix(org.batfish.datamodel.Prefix)
MatchProtocol(org.batfish.datamodel.routing_policy.expr.MatchProtocol)
Not(org.batfish.datamodel.routing_policy.expr.Not)
ExplicitPrefixSet(org.batfish.datamodel.routing_policy.expr.ExplicitPrefixSet)
Conjunction(org.batfish.datamodel.routing_policy.expr.Conjunction)
Interface(org.batfish.datamodel.Interface)
BooleanExpr(org.batfish.datamodel.routing_policy.expr.BooleanExpr)
HashSet(java.util.HashSet)
Aggregations
Interface (org.batfish.datamodel.Interface)68
Configuration (org.batfish.datamodel.Configuration)42
Ip (org.batfish.datamodel.Ip)26
Edge (org.batfish.datamodel.Edge)21
Prefix (org.batfish.datamodel.Prefix)20
Test (org.junit.Test)19
InterfaceAddress (org.batfish.datamodel.InterfaceAddress)18
Vrf (org.batfish.datamodel.Vrf)18
HashMap (java.util.HashMap)17
IpAccessList (org.batfish.datamodel.IpAccessList)16
Topology (org.batfish.datamodel.Topology)14
ArrayList (java.util.ArrayList)13
List (java.util.List)13
StaticRoute (org.batfish.datamodel.StaticRoute)13
HashSet (java.util.HashSet)12
Set (java.util.Set)12
BatfishException (org.batfish.common.BatfishException)12
Map (java.util.Map)11
TreeSet (java.util.TreeSet)10
SortedSet (java.util.SortedSet)9
