L2VPN EVPN-VPWS over an Explicit SR Policy

This example demonstrates NB API steps to create a point-to-point EVPN-VPWS (L2VPN) service with a preferred MPLS SR-TE policy, automating service creation to meet SLA requirements.

This example uses the following API references:

• L2VPN Provisioning API: This API creates and manages L2VPN services.

• SR-TE Policy Provisioning API: This API creates and manages SR-TE Policy services.

Prerequisites

Before running the examples, ensure:

1. Apply Day-0 configurations to all devices in the topology.
2. Set up the CNC cluster properly, onboard the devices and network topology, and verify them.
3. The input data matches the actual topology; if your topology differs, adjust the example input payloads accordingly. Refer to the CNC installation guide and administration guide for details on configuring day-0 devices and topology.

Create an L2VPN Service with Explicit SR Policy

Run the create-l2vpn-with-explicit-sr-policy.sh script from the example directory to create the L2VPN service, along with its associated SR policies and SID lists.

cd ~/cnc-api-examples/l2vpn-with-explicit-sr-policy;./create-l2vpn-with-explicit-sr-policy.sh

The script execution outputs the API execution and results to standard output and store the results in multiple files in output folder.

Input

The script requires the following input files from the input directory: ~/cnc-api-examples/l2vpn-with-explicit-sr-policy/input

• SID List
  • sid-list-pe-a.json
  • sid-list-pe-b.json
• SR Policies
  • explicit-sr-policy-pe-a.json
  • explicit-sr-policy-pe-a.json
• L2VPN Service
  • l2vpn-with-explicit-sr-policy.json

Output

The script generates the following output files in the output directory during and after execution: ~/cnc-api-examples/l2vpn-with-explicit-sr-policy/output

• SID List
  • sid-list-pe-a-create-ouput.json
  • sid-list-pe-b-create-ouput.json
• SR Policies
  • explicit-sr-policy-pe-a-create-ouput.json
  • explicit-sr-policy-pe-b-create-ouput.json
• L2VPN Service
  • l2vpn-with-explicit-sr-policy-create-ouput.json

Script Details: create-l2vpn-with-explicit-sr-policy.sh

#!/bin/bash
#
# Usecase:
# This exapmle scenario demonstrates step by step NB API invocation with the required input 
# to create a point-to-point EVPN-VPWS service (L2VPN) and associate a preferred path (explicit) 
# MPLS SR-TE policy on both endpoints for service instantiation.

export PRJ=$(cd `dirname $0`; pwd)
. $PRJ/../common-scripts/env
. $PRJ/../common-scripts/cnc-api-common.sh 

# Creates a L2VPN service along with its associated sr policies and sid lists
create-l2vpn-with-explicit-sr-policy() {
    # STEP 1   :  Create SR-policy service with SID list on PE devices PE-A and PE-C
    # STEP 1.1 :  Create a SID list "sid-list-pe-a" 
    # STEP 1.2 :  Create SR-policy service "explicit-sr-policy-pe-a" with association to "sid-list-pe-a" 
    # STEP 1.3 :  Create a SID list "sid-list-pe-c" 
    # STEP 1.4 :  Ceate SR-policy service "explicit-sr-policy-pe-c" with association to "sid-list-pe-c" 
    # STEP 2   :  Create L2VPN service "l2vpn-with-explicit-sr-policy" that use the explicit sr policy services as underlay transport
  
    # STEP 1.1:  create sid list "sid-list-pe-a" 
    CNC_API_URL=$CNC_NSO_RESTCONF_CTX/data/cisco-sr-te-cfp:sr-te/cisco-sr-te-cfp-sr-policies:policies
    CNC_API_INPUT="$PRJ/input/sid-list-pe-a.json"
    CNC_API_OUTPUT="$PRJ/output/sid-list-pe-a-create-output.json"
    http_post $CNC_API_URL $CNC_API_INPUT $CNC_API_OUTPUT

    # STEP 1.2:  create sr-policy service "explicit-sr-policy-pe-a" with association to "sid-list-pe-a" 
    CNC_API_URL=$CNC_NSO_RESTCONF_CTX/data/cisco-sr-te-cfp:sr-te/cisco-sr-te-cfp-sr-policies:policies
    CNC_API_INPUT="$PRJ/input/explicit-sr-policy-pe-a.json"
    CNC_API_OUTPUT="$PRJ/output/explicit-sr-policy-pe-a-create-output.json"
    http_post $CNC_API_URL $CNC_API_INPUT $CNC_API_OUTPUT

    # STEP 1.3:   create a sid list "sid-list-pe-c" 
    CNC_API_URL=$CNC_NSO_RESTCONF_CTX/data/cisco-sr-te-cfp:sr-te/cisco-sr-te-cfp-sr-policies:policies
    CNC_API_INPUT="$PRJ/input/sid-list-pe-c.json"
    CNC_API_OUTPUT="$PRJ/output/sid-list-pe-c-create-output.json"
    http_post $CNC_API_URL $CNC_API_INPUT $CNC_API_OUTPUT

    # STEP 1.4:   create sr-policy service "explicit-sr-policy-pe-c" with association to "sid-list-pe-c" 
    CNC_API_URL=$CNC_NSO_RESTCONF_CTX/data/cisco-sr-te-cfp:sr-te/cisco-sr-te-cfp-sr-policies:policies
    CNC_API_INPUT="$PRJ/input/explicit-sr-policy-pe-c.json"
    CNC_API_OUTPUT="$PRJ/output/explicit-sr-policy-pe-c-create-output.json"
    http_post $CNC_API_URL $CNC_API_INPUT $CNC_API_OUTPUT

    # STEP 2: create l2vpn service "l2vpn-with-explicit-sr-policy" that use the explicit sr policy services as underlay transport
    CNC_API_URL=$CNC_NSO_RESTCONF_CTX/data/ietf-l2vpn-ntw:l2vpn-ntw/vpn-services
    CNC_API_INPUT="$PRJ/input/l2vpn-with-explicit-sr-policy.json"
    CNC_API_OUTPUT="$PRJ/output/l2vpn-with-explicit-sr-policy-create-output.json"
    http_post $CNC_API_URL $CNC_API_INPUT $CNC_API_OUTPUT

}

main() {
    # assume cnc jwt is obtained prior to invoking this method by executing get-cnc-jwt.sh script
    # read from jwt file and export it as AUTH_TOKEN_HDR
    export_jwt
 
    # create l2vpn along with its associated sr policies and sid lists
    create-l2vpn-with-explicit-sr-policy

}

main

Remove L2VPN with Explicit SR Policy

To remove the L2VPN service and the associated SR-policies and SID lists, run the script

cd ~/cnc-api-examples/l2vpn-with-explicit-sr-policy;./teardown-l2vpn-with-explicit-sr-policy.sh

The script execution outputs the API execution and results to standard output and store the results in multiple files in output folder.

Output

The script creates the following output files in the output directory during and after execution: ~/cnc-api-examples/l2vpn-with-explicit-sr-policy/output

• SID List
  • sid-list-pe-a-delete-ouput.json
  • sid-list-pe-b-delete-ouput.json
• SR Policies
  • explicit-sr-policy-pe-a-delete-ouput.json
  • explicit-sr-policy-pe-b-delete-ouput.json
• L2VPN Service
  • l2vpn-with-explicit-sr-policy-delete-ouput.json

Script Details: teardown-l2vpn-with-explicit-sr-policy.sh

#!/bin/bash
#
# remove services and assoicated resources created for the usecase described in create-l2vpn-with-explicit-sr-policy.sh

export PRJ=$(cd `dirname $0`; pwd)
. $PRJ/../common-scripts/env
. $PRJ/../common-scripts/cnc-api-common.sh

# deletes l2vpn service and its associated sr policies and the sid list resources
teardown-l2vpn-with-explicit-sr-policy() {
    # Use delete http method on a service and resource instances created when l2vpn is provisioned in that order.
    # STEP 1: delete l2vpn service
    # STEP 2: delete sr policies and the sid-list resources

    # SETP 1:  delete l2vpn service  
    CNC_API_URL=$CNC_NSO_RESTCONF_CTX/data/ietf-l2vpn-ntw:l2vpn-ntw/vpn-services/vpn-service=l2vpn-with-explicit-sr-policy
    CNC_API_OUTPUT="$PRJ/output/l2vpn-with-explicit-sr-policy-delete-output.json"
    http_delete $CNC_API_URL $CNC_API_OUTPUT

    # SETP 2.1:  delete sr-policy "explicit-sr-policy-pe-c" with expilcit sid list "sid-list-pe-c" 
    CNC_API_URL=$CNC_NSO_RESTCONF_CTX/data/cisco-sr-te-cfp:sr-te/cisco-sr-te-cfp-sr-policies:policies/policy=explicit-sr-policy-pe-c
    CNC_API_OUTPUT="$PRJ/output/explicit-sr-policy-pe-c-delete-output.json"
    http_delete $CNC_API_URL $CNC_API_OUTPUT

    # SETP 2.2.: delete sid list "sid-list-pe-c" 
    CNC_API_URL=$CNC_NSO_RESTCONF_CTX/data/cisco-sr-te-cfp:sr-te/cisco-sr-te-cfp-sr-policies:policies/sid-list=sid-list-pe-c
    CNC_API_OUTPUT="$PRJ/output/sid-list-pe-c-delete-output.json"
    http_delete $CNC_API_URL $CNC_API_OUTPUT

    # SETP 2.3:  delete sr-policy "explicit-sr-policy-pe-a" with expilcit sid list "sid-list-pe-a" 
    CNC_API_URL=$CNC_NSO_RESTCONF_CTX/data/cisco-sr-te-cfp:sr-te/cisco-sr-te-cfp-sr-policies:policies/policy=explicit-sr-policy-pe-a
    CNC_API_OUTPUT="$PRJ/output/explicit-sr-policy-pe-a-delete-output.json"
    http_delete $CNC_API_URL $CNC_API_OUTPUT

    # SETP 2.4:  delete sid list "sid-list-pe-a" 
    CNC_API_URL=$CNC_NSO_RESTCONF_CTX/data/cisco-sr-te-cfp:sr-te/cisco-sr-te-cfp-sr-policies:policies/sid-list=sid-list-pe-a
    CNC_API_OUTPUT="$PRJ/output/sid-list-pe-a-delete-output.json"
    http_delete $CNC_API_URL $CNC_API_OUTPUT

}

main() {
    # assume cnc jwt is obtained prior to invoking this method by executing get-cnc-jwt.sh script
    # read from jwt file and export it as AUTH_TOKEN_HDR
    export_jwt
    # delete l2vpn and associated sr policies and sid list resources
    teardown-l2vpn-with-explicit-sr-policy

}

main