Junos Day One: Translating Configurations The Geeky Way

Abner (@abnerg) Germanov surprised us all at the end of Juniper’s presentation at Networking Tech Field Day when he announced Junosphere access for all the delegates – after a year of nagging, I would finally be able to touch Junos. However, instead of taking it easy and studying the excellent Junos Day One books (which I also did – if you’re new to Junos you should definitely start there; they are well worth reading), I decided to take a more geeky approach.

Obviously it would be easier and faster for me to buy an SRX or two on the eBay to get exposure to Junos, but I wanted to test a few somewhat larger scenarios with recent Junos releases and the second-hand equipment rarely comes with brand new software (don’t even mention that you can get Junos in the wild and run it on Olive).

If you’ve watched the video of the Junos Automation presentation Dan Backman did during the Networking Tech Field Day, you might have noticed how excited I was about the fact that Junos uses XML internally – I developed several XML-based web sites and know all about the flexibility (and a lot about the pain) of using XML and XSLT behind the scenes.

As Cisco IOS supposedly also supports XML output, I had this very simple idea: generate XML from Cisco IOS, use an XSLT transformation to copy relevant parameters into XML-formatted Junos configuration, and another XSLT transformation to change it into set commands or curly-braces syntax.

I know Juniper offers an IOS-to-Junos configuration translation tool ... but using it wouldn't be nearly as much fun (not to mention the educational value) as this project was.

Step#1 – get sample Junos configurations in XML format. A few twitter friends replied to my plea for help (I wanted to get ready before getting Junosphere access) and sent me scrubbed configs in XML and test format. Thank you, you’ve been a great help!

Step#2 – generate text configuration from XML. Ouch. As every other large system, Junos seems to have evolved “organically” and there’s no simple way of transforming XML configuration into a format that’s identical to a text configuration a Junos router generates; there are just too many exceptions (more about that some other time).

Anyhow, I got 95% there after extensive tweaking and it turns out Junos doesn’t care too much about the exact syntax – as long as the object structure is correct, it usually parses and accepts the configuration.

If you’re interested in this project, download the XSLT and play with it. To use it, you need a XSLT 2.0 processor; I highly recommend Saxon (home edition).

Step#3 – generate XML configs from Cisco IOS. Fail. Cisco IOS does not use XML internally; its configurations are generated in text format (don’t blame anyone – the development of Cisco IOS had started long before someone even dreamed about XML).

However, in theory you should be able to get an IOS configuration in XML format with the show configuration | format command. Unfortunately, that command has to rely on a technique somewhat similar to screen scraping – it re-parses the configuration generated by Cisco IOS and tries to munge it into XML format.

The process worked reasonably well when I first tried it years ago; this time I got parsing errors and totally unusable XML. Time for Plan B.


Yeah, this looks about right

A geek makes the wrong choice

At this point, I had a few options:

  • Generate Junos configuration by hand. This would be the easiest and least painful one; after all, I wanted to get basic configuration, IP addressing and IGP routing from my existing IOS configurations.
  • Write a Perl script that would use regular expressions to collect those parameters from IOS configurations and output them in curly-braces format.
  • Develop a generic solution.

By now, you probably know what option a stupid geek with a strong affinity for getting-it-right solutions would choose ... because a bunch of regular expressions in a Perl script just isn’t good enough when all you need is interface IP/IPv6 addressing and OSPF/IS-IS routing.

Two days later, I had a set of Perl scripts that:

  • Parse a simple language that you can use to specify which Cisco IOS configuration parameters you want to match and how they translate into XML nodes in Junos configuration (yeah, I revisited the wonderland of LR-parsers and rediscovered Parse::RecDescent).
  • Interpret that language to collect Cisco IOS configuration information and create XML DOM tree (fortunately, the XML::LibXML Perl module supports XPath syntax);
  • Output the generated XML document or push it through the XSLT processor to generate the Junos configuration.

At the moment, all those scripts can do is to copy the IP/IPv6 interface addresses and very basic IS-IS routing configuration from Cisco IOS format to Junos format ... but the solution is clearly extensible ;) and it actually generates working Junos configurations that I was able to use in Junosphere.

To be continued ...

Disclosure: Juniper indirectly covered some of my travel expenses during the Networking Tech Field Day by participating in the event, but nobody has ever asked me to write about their products or solutions. Read the full disclosure (or more precise ones by Tony Bourke or Matt Simmons).

7 comments:

  1. Brian Christopher Raaen08 November, 2011 15:52

    This post reminds me of the time I was converting a customer from a Redback to a Cisco who had extensive vpi/pvc settings with statics. I spent about two days working up the scripts, but felt pretty satisfied with my work after I was done. Great write-up Ivan, do you mind sharing the scripts?

    ReplyDelete
  2. Just click on the link ;) OK, here it is: https://github.com/ioshints/Ios2Junos

    ReplyDelete
  3. Brian Christopher Raaen08 November, 2011 16:16

    Thanks, just added it to my github follow list

    ReplyDelete
  4. that was great thanks Ivan.

    ReplyDelete
  5. Is that a man dresses as a smurf on the left?

    BE.

    ReplyDelete
  6. I guess you've discovered the VRF Smurf 8-)

    ReplyDelete
  7. Oh, how cool would it be to have "debug cli force xml" command, wouldn't it? ;)

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.