Scribd
Upload
36 views22 pages

BGP Eveng Python Automation

Uploaded by

ashif.patel001
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
36 views22 pages

BGP Eveng Python Automation

Uploaded by

ashif.patel001
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 22

1

Created by Sherif ([email protected])


BGP route reflector with OSPF LAB
Topology diagram

Pre-requisites
• EVE-NG Community Edition installed with NAT network configuration.
• Required device images:

1. c3725-adventerprisek9-mz.124-15.T14.image (Router) — stored in


/opt/unetlab/addons/dynamips/
2. L2-ADVENTERPRISE-M-15.1-20140814.bin (Layer 2 Switch) — stored in
/opt/unetlab/addons/iol/bin/
3. VPC (available by default)
4. Cloud connection using vmnet0 for device management access (default available).

Lab Goals
1. Build the network topology as shown in the diagram.
2. Connect all routers and servers to the cloud (vmnet0) for remote access.
3. Configure management IP addresses on all devices, using the EVE-NG gateway as the default
gateway.
4. Configure the following on each device connected to the cloud:
o Hostname
o Domain name
o SSH v2
5. Test SSH access from Windows Command Prompt or PowerShell.
o Store keys and algorithms in .ssh/config for simplified login.

2
Created by Sherif ([email protected])
6. Device configuration setup:
o R1 and R2 → Route Reflectors in AS 100
o R3 and R4 → Route Reflector Clients in AS 100
o R5 → Non-Route Reflector in AS 100
o R6 → Router in AS 200 with eBGP peering to R5
o R7 → Router in AS 200 connected to LAN (PC), acting as a DHCP relay agent
o R8 → Router in AS 200 connected to the DHCP Server (provides IP addresses)

Automation Tasks
7. Open Python interactive mode (python command in CMD).
o Use Netmiko to configure R1 with the credentials:
▪ Username: admin
▪ Password: password
o Once tested successfully, implement the same configuration using a Python script.
8. Automate configuration of all devices with a single Python script:
o Save each device’s configuration in a separate file (e.g., r2_config.txt, r3_config.txt).
o Create a device-to-IP mapping file (device_mapping.json):
o {
o "r5_config.txt": "192.168.127.14",
o "r6_config.txt": "192.168.127.15"
o }
o Script logic:
1. Prompt user for username and password (use getpass for password security).
2. Connect to each device one by one using Netmiko.
3. Convert configuration from string to list format and push commands sequentially.
4. Continue until all devices are configured.

DHCP Configuration
9. Configure a DHCP server on the Cisco C3725 router using the DHCP server commands.
10. On the PC, run the ip dhcp command to obtain an IP address dynamically from the DHCP server.

Troubleshooting
11. Use Wireshark packet captures on different nodes to verify connectivity and troubleshoot issues.

3
Created by Sherif ([email protected])
Topology diagram (eve-ng)

Configuration
*****R1*****
enable
configure terminal
hostname R1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface f0/0
ip address 10.0.12.1 255.255.255.252
no shutdown
!
interface f0/1
ip address 10.0.13.1 255.255.255.252
no shutdown
!
interface f1/0
ip address 10.0.15.1 255.255.255.252
no shutdown
!
router ospf 1
network 10.0.12.0 0.0.0.3 area 0
network 10.0.13.0 0.0.0.3 area 0
network 10.0.15.0 0.0.0.3 area 0
network 1.1.1.1 0.0.0.0 area 0

4
Created by Sherif ([email protected])
!
router bgp 100
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 route-reflector-client
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 route-reflector-client
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source Loopback0
network 1.1.1.1 mask 255.255.255.255
!
end
write memory

*****R2*****
enable
configure terminal
hostname R2
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface f0/0
ip address 10.0.12.2 255.255.255.252
no shutdown
!
interface f0/1
ip address 10.0.24.1 255.255.255.252
no shutdown
!
interface f1/0
ip address 10.0.25.1 255.255.255.252
no shutdown
!
router ospf 1
network 10.0.12.0 0.0.0.3 area 0
network 10.0.24.0 0.0.0.3 area 0
network 10.0.25.0 0.0.0.3 area 0
network 2.2.2.2 0.0.0.0 area 0
!
router bgp 100
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0

5
Created by Sherif ([email protected])
neighbor 3.3.3.3 route-reflector-client
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 route-reflector-client
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source Loopback0
network 2.2.2.2 mask 255.255.255.255
!
end
write memory

*****R3*****
enable
configure terminal
hostname R3
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface f0/0
ip address 10.0.13.2 255.255.255.252
no shutdown
!
interface f0/1
ip address 10.0.34.1 255.255.255.252
no shutdown
!
router ospf 1
network 10.0.13.0 0.0.0.3 area 0
network 10.0.34.0 0.0.0.3 area 0
network 3.3.3.3 0.0.0.0 area 0
!
router bgp 100
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
network 3.3.3.3 mask 255.255.255.255
!
end
write memory

*****R4*****
enable
configure terminal
hostname R4
!

6
Created by Sherif ([email protected])
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface f0/0
ip address 10.0.24.2 255.255.255.252
no shutdown
!
interface f0/1
ip address 10.0.34.2 255.255.255.252
no shutdown
!
router ospf 1
network 10.0.24.0 0.0.0.3 area 0
network 10.0.34.0 0.0.0.3 area 0
network 4.4.4.4 0.0.0.0 area 0
!
router bgp 100
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
network 4.4.4.4 mask 255.255.255.255
!
end
write memory

*****R5*****
enable
configure terminal
hostname R5
!
interface Loopback0
ip address 5.5.5.5 255.255.255.255
!
interface f0/0
ip address 10.0.15.2 255.255.255.252
no shutdown
!
interface f0/1
ip address 10.0.25.2 255.255.255.252
no shutdown
!
interface f1/0
ip address 192.168.56.1 255.255.255.252
no shutdown
!
router ospf 1
network 10.0.15.0 0.0.0.3 area 0
network 10.0.25.0 0.0.0.3 area 0
network 5.5.5.5 0.0.0.0 area 0
!

7
Created by Sherif ([email protected])
router bgp 100
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
neighbor 1.1.1.1 next-hop-self
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 next-hop-self
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
neighbor 3.3.3.3 next-hop-self
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
neighbor 4.4.4.4 next-hop-self
neighbor 192.168.56.2 remote-as 200
network 5.5.5.5 mask 255.255.255.255
!
end
write memory

*****R6*****
enable
configure terminal
hostname R6
!
interface Loopback0
ip address 6.6.6.6 255.255.255.255
!
interface f0/0
ip address 192.168.56.2 255.255.255.252
no shutdown
!
interface f1/0
ip address 10.0.67.1 255.255.255.252
no shutdown
!
router ospf 1
network 10.0.67.0 0.0.0.3 area 0
network 6.6.6.6 0.0.0.0 area 0
!
router bgp 200
bgp log-neighbor-changes
neighbor 192.168.56.1 remote-as 100
neighbor 7.7.7.7 remote-as 200
neighbor 7.7.7.7 update-source Loopback0
neighbor 7.7.7.7 next-hop-self
neighbor 8.8.8.8 remote-as 200
neighbor 8.8.8.8 update-source Loopback0
neighbor 8.8.8.8 next-hop-self
network 6.6.6.6 mask 255.255.255.255
!
end

8
Created by Sherif ([email protected])
write memory

*****R7*****
enable
configure terminal
hostname R7
!
interface Loopback0
ip address 7.7.7.7 255.255.255.255
!
interface ft0/0
ip address 10.0.67.2 255.255.255.252
no shutdown
!
interface f0/1
ip address 10.0.78.1 255.255.255.252
no shutdown
!
interface f1/0
ip address 192.168.1.1 255.255.255.0
ip helper-address 192.168.2.100
no shutdown
!
router ospf 1
network 10.0.67.0 0.0.0.3 area 0
network 10.0.78.0 0.0.0.3 area 0
network 192.168.1.0 0.0.0.255 area 0
network 7.7.7.7 0.0.0.0 area 0
!
router bgp 200
bgp log-neighbor-changes
neighbor 6.6.6.6 remote-as 200
neighbor 6.6.6.6 update-source Loopback0
neighbor 8.8.8.8 remote-as 200
neighbor 8.8.8.8 update-source Loopback0
network 7.7.7.7 mask 255.255.255.255
network 192.168.1.0 mask 255.255.255.0
!
end
write memory

*****R8*****
enable
configure terminal
hostname R8
!
interface Loopback0
ip address 8.8.8.8 255.255.255.255
!
interface f0/0

9
Created by Sherif ([email protected])
ip address 10.0.78.2 255.255.255.252
no shutdown
!
interface f0/1
ip address 192.168.2.1 255.255.255.0
no shutdown
!
router ospf 1
network 10.0.78.0 0.0.0.3 area 0
network 192.168.2.0 0.0.0.255 area 0
network 8.8.8.8 0.0.0.0 area 0
!
router bgp 200
bgp log-neighbor-changes
neighbor 6.6.6.6 remote-as 200
neighbor 6.6.6.6 update-source Loopback0
neighbor 7.7.7.7 remote-as 200
neighbor 7.7.7.7 update-source Loopback0
network 8.8.8.8 mask 255.255.255.255
network 192.168.2.0 mask 255.255.255.0
!
end
write memory

*****VPC*****
ip dhcp # Requests DHCP IP from the server via R7 relay (should get
~192.168.1.100-200, gateway 192.168.1.1)
save

*****DHCP-Server*****
enable
configure terminal
hostname DHCP-Sever
!
interface f0/0
ip address 192.168.2.100 255.255.255.0
no shutdown
!
ip route 0.0.0.0 0.0.0.0 192.168.2.1
! Define the DHCP pool
ip dhcp pool LAN_POOL
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8
lease 7
! Exclude IPs if needed
ip dhcp excluded-address 192.168.1.1 192.168.1.10

10
Created by Sherif ([email protected])
Configuration Steps
1. Configure Management Access

Example for R1:

conf t
interface FastEthernet2/0
ip address 192.168.127.10 255.255.255.0
no shutdown
exit
ip default-gateway 192.168.127.2
hostname R1
ip domain-name lab.local
crypto key generate rsa
1024
line vty 0 4
transport input ssh
login local
exit
username admin privilege 15 password password
ip ssh version 2

11
Created by Sherif ([email protected])
Device Name Management IP
R1 192.168.127.10
R2 192.168.127.12
R3 192.168.127.11
R4 192.168.127.13
R5 192.168.127.14
R6 192.168.127.15
R7 192.168.127.17
R8 192.168.127.16
DHCP-Server 192.168.127.18

2. Configure SSH Client on Windows

• When you first try SSH login, you may encounter a key mismatch error.
• To resolve this, add the following configuration in your Windows user’s SSH config file
($HOME\.ssh\config).

Example:

PS C:\Users\user> cat .ssh/config


Host r1
HostName 192.168.127.10
User admin
KexAlgorithms +diffie-hellman-group1-sha1
HostKeyAlgorithms +ssh-rsa
Ciphers +aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
MACs +hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96

Host 192.168.127.10
User admin
KexAlgorithms +diffie-hellman-group1-sha1
HostKeyAlgorithms +ssh-rsa
Ciphers +aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
MACs +hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96

Now you can connect via both hostname (r1) and IP address (192.168.127.10).

3. Repeat Management Configuration

12
Created by Sherif ([email protected])
• Apply the same configuration steps for all eight devices (routers and DHCP server).
• Adjust IP addresses and hostnames accordingly.

4. Install Required Python Modules

Run the following in CMD/PowerShell:

pip install netmiko getpass

If already installed, it will indicate so.

5. Project Setup

1. Create a new project directory.


2. Enter Python interactive mode:
3. python
4. Import required modules and test connectivity to R1.

6. Test R1 Automation (Interactive Mode)

• Use Netmiko to log in to R1 with credentials (admin/password).


• Send configuration commands (interface, hostname, OSPF, BGP).
• Validate that commands are accepted without error.

13
Created by Sherif ([email protected])
14
Created by Sherif ([email protected])
15
Created by Sherif ([email protected])
7. Automate Full Configuration

• Once R1 works, automate all devices using Python scripts.


• Store device-specific configurations in text files (r2_config.txt, r3_config.txt, etc.).
• Example device mapping file:

{
"r2_config.txt": "192.168.127.12",
"r3_config.txt": "192.168.127.11",
"r4_config.txt":"192.168.127.13",
"r5_config.txt":"192.168.127.14",
"r6_config.txt":"192.168.127.15",
"r7_config.txt":"192.168.127.17",
"r8_config.txt":"192.168.127.16",
"server_config.txt":"192.168.127.18"
}

• Below is the sample : r2_config.txt ( I have removed already configured commands and added exit to
come out from interfaces specific modes.

16
Created by Sherif ([email protected])
8. Run the Script

• Script will:
1. Ask for username/password (password hidden with getpass) – here directly given
2. Read config files, convert commands to list format.
3. Log into devices one by one using Netmiko.
4. Execute configuration and save.

PS C:\Users\user\bgp-automation> cat .\bgp_config.py


import json
from netmiko import ConnectHandler

def configure_device(config_file, ip):


"""
Connects to the device, applies configuration from the given file,
and prints output.
"""
# Read configuration commands from file
with open(config_file, 'r') as f:
config_commands = [line.rstrip('\n') for line in f]

# Device connection details


device = {
'device_type': 'cisco_ios',
'host': ip,
'username': 'admin',

17
Created by Sherif ([email protected])
'password': 'password',
'port': 22, # Default SSH port
}

try:
print(f"Logging in to {ip} with {config_file}...")
net_connect = ConnectHandler(**device)
output = net_connect.send_config_set(config_commands)
print(output)
net_connect.disconnect()
print(f"✅ Finished configuring {ip}.\n")
except Exception as e:
print(f"⌠Error configuring {ip}: {e}")

def main():
# Load device mapping from JSON file
with open('device_mapping.json', 'r') as f:
device_mapping = json.load(f)

total_devices = len(device_mapping)
for idx, (config_file, ip) in enumerate(device_mapping.items(), start=1):
print(f"=== Device {idx} of {total_devices} ===")
configure_device(config_file, ip)
if idx < total_devices:
print(f"âž¡ Done with device {idx}, moving to device {idx +
1}...\n")

if __name__ == "__main__":
main()

• Example script output:

=== Device 1 of 6 ===


Logging in to 192.168.127.13 with r4_config.txt...
configure terminal
R4(config)#interface Loopback0
R4(config-if)#ip address 4.4.4.4 255.255.255.255
...
[OK]
Finished configuring 192.168.127.13.

➡ Done with device 1, moving to device 2...

9. Configure DHCP

• Configure DHCP service on Cisco C3725 router (R8 connected to DHCP server).
• On VPC, run:

ip dhcp

to request an IP address.

18
Created by Sherif ([email protected])
10. Validate OSPF and BGP

• Log in to R1 and verify using show commands:

show ip ospf neighbor


show ip bgp summary

• Verify routing table updates and peer adjacencies.

11. Verify with Automation Script

• Use your verification script to collect outputs from all devices.


• Example device mapping:

PS C:\Users\user\bgp-automation> cat device_ip.json


{
"R1" : "192.168.127.10",
"R2" : "192.168.127.12",
"R3" : "192.168.127.11",
"R4" : "192.168.127.13",
"R5" : "192.168.127.14",
"R6" : "192.168.127.15",
"R7" : "192.168.127.17",
"R8" : "192.168.127.16"
}

• Commands file:

PS C:\Users\user\bgp-automation> cat commands.txt


sh run | sec ospf
sh run | sec bgp
sh ip ospf neighbor
sh ip bgp summary
sh ip bgp

• Below is the show command script:

19
Created by Sherif ([email protected])
PS C:\Users\user\bgp-automation> cat show_commands.py
import json
from netmiko import ConnectHandler
from getpass import getpass

def run_commands_on_device(device_name, device_ip, username, password,


commands):
"""Login to a Cisco router and run commands."""
try:
connection = ConnectHandler(
device_type="cisco_ios",
host=device_ip,
username=username,
password=password
)

output = f"\n===== {device_name} ======\n"


for cmd in commands:
cmd_output = connection.send_command(cmd)
output += f"\n{cmd}\n{cmd_output}\n"

connection.disconnect()
return output

except Exception as e:
return f"\n===== {device_name} ======\nError connecting: {e}\n"

def main():
# Load devices
with open("device_ip.json") as f:
devices = json.load(f)

# Load commands
with open("commands.txt") as f:
commands = [line.strip() for line in f if line.strip()]

# Get credentials
username = input("Enter username: ")
password = getpass("Enter password: ")

# Run commands on all devices


for name, ip in devices.items():
result = run_commands_on_device(name, ip, username, password,
commands)
print(result)

if __name__ == "__main__":
main()

• Below is the script output:

20
Created by Sherif ([email protected])
• Below are the files available in my project directoy:

Directory: C:\Users\user\bgp-automation

Mode LastWriteTime Length Name


---- ------------- ------ ----
-a---- 16-08-2025 19:00 1468 bgp_config.py
-a---- 16-08-2025 19:50 88 commands.txt
-a---- 16-08-2025 19:38 211 device_ip.json
-a---- 16-08-2025 19:38 231 device_mapping.json
-a---- 16-08-2025 18:53 943 r2_config.txt
-a---- 16-08-2025 18:55 600 r3_config.txt
-a---- 16-08-2025 19:09 600 r4_config.txt
-a---- 16-08-2025 19:11 994 r5_config.txt
-a---- 16-08-2025 19:14 670 r6_config.txt
-a---- 16-08-2025 19:18 786 r7_config.txt
-a---- 16-08-2025 19:15 647 r8_config.txt
-a---- 16-08-2025 19:23 355 server_config.txt
-a---- 16-08-2025 19:49 1336 show_commands.py
-a---- 16-08-2025 19:51 23977 show_command_out.txt

21
Created by Sherif ([email protected])
12. Testing

• Perform ping and traceroute between different devices (e.g., R1 → R8, R8 → R3).
• Verify DHCP address assignment to PC.
• Use Wireshark captures if needed for troubleshooting.

By the end, all routers should have OSPF + BGP configured, DHCP working, and full end-to-end
reachability validated.

22
Created by Sherif ([email protected])

You might also like