aristanetworks · ClausHolbechArista · May 29, 2024 · Feb 20, 2024 · Feb 20, 2024 · Feb 21, 2024
@@ -0,0 +1,104 @@
+# monitor-telemetry-postcard-policy
+
+## Table of Contents
+
+- [Management](#management)
+  - [Management Interfaces](#management-interfaces)
+- [Monitoring](#monitoring)
+  - [Monitor Telemetry Postcard Policy](#monitor-telemetry-postcard-policy-1)
+
+## Management
+
+### Management Interfaces
+
+#### Management Interfaces Summary
+
+##### IPv4
+
+| Management Interface | Description | Type | VRF | IP Address | Gateway |
+| -------------------- | ----------- | ---- | --- | ---------- | ------- |
+| Management1 | oob_management | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 |
+
+##### IPv6
+
+| Management Interface | Description | Type | VRF | IPv6 Address | IPv6 Gateway |
+| -------------------- | ----------- | ---- | --- | ------------ | ------------ |
+| Management1 | oob_management | oob | MGMT | - | - |
+
+#### Management Interfaces Device Configuration
+
+```eos
+!
+interface Management1
+   description oob_management
+   vrf MGMT
+   ip address 10.73.255.122/24
+```
+
+## Monitoring
+
+### Monitor Telemetry Postcard Policy
+
+#### Sample Policy Summary
+
+##### samplepo1
+
+###### Match rules
+
+| Rule Name | Rule Type | Source Prefix | Destination Prefix | Protocol | Source Ports | Destination Ports |
+| --------- | --------- | ------------- | ------------------ | -------- | ------------ | ----------------- |
+| rule1 | ipv4 | 3.4.5.0/24 | 10.3.3.0/24 | tcp<br>udp | -<br>98 | 77, 78-80, 82<br>99 |
+| rule2 | ipv6 | 5::0/128 | 4::0/128 | udp | - | 747, 748-800 |
+| rule3 | ipv4 | - | - | - | - | - |
+
+##### samplepo2
+
+###### Match rules
+
+| Rule Name | Rule Type | Source Prefix | Destination Prefix | Protocol | Source Ports | Destination Ports |
+| --------- | --------- | ------------- | ------------------ | -------- | ------------ | ----------------- |
+| rule1 | ipv4 | 3.4.5.0/24 | 10.3.3.0/24 | udp | bgp | https |
+
+#### Telemetry Postcard Policy Profiles
+
+| Profile Name | Ingress Sample Policy |
+| ------------ | --------------------- |
+| profile1 | samplepo1 |
+| profile2 | samplepo2 |
+
+#### Monitor Telemetry Postcard Policy Configuration
+
+```eos
+!
+monitor telemetry postcard policy
+   no disabled
+   ingress sample rate 16384
+   marker vxlan header word 0 bit 30
+   ingress collection gre source 10.3.3.3 destination 10.3.3.4 version 2
+   !
+   sample policy samplepo1
+      match rule1 ipv4
+         source prefix 3.4.5.0/24
+         destination prefix 10.3.3.0/24
+         protocol tcp destination port 77, 78-80, 82
+         protocol udp source port 98 destination port 99
+      !
+      match rule2 ipv6
+         source prefix 5::0/128
+         destination prefix 4::0/128
+         protocol udp destination port 747, 748-800
+      !
+      match rule3 ipv4
+   !
+   sample policy samplepo2
+      match rule1 ipv4
+         source prefix 3.4.5.0/24
+         destination prefix 10.3.3.0/24
+         protocol udp source port bgp destination port https
+   !
+   profile profile1
+      ingress sample policy samplepo1
+   !
+   profile profile2
+      ingress sample policy samplepo2
+```
@@ -0,0 +1,47 @@
+!RANCID-CONTENT-TYPE: arista
+!
+transceiver qsfp default-mode 4x10G
+!
+hostname monitor-telemetry-postcard-policy
+!
+no enable password
+no aaa root
+!
+interface Management1
+   description oob_management
+   vrf MGMT
+   ip address 10.73.255.122/24
+!
+monitor telemetry postcard policy
+   no disabled
+   ingress sample rate 16384
+   marker vxlan header word 0 bit 30
+   ingress collection gre source 10.3.3.3 destination 10.3.3.4 version 2
+   !
+   sample policy samplepo1
+      match rule1 ipv4
+         source prefix 3.4.5.0/24
+         destination prefix 10.3.3.0/24
+         protocol tcp destination port 77, 78-80, 82
+         protocol udp source port 98 destination port 99
+      !
+      match rule2 ipv6
+         source prefix 5::0/128
+         destination prefix 4::0/128
+         protocol udp destination port 747, 748-800
+      !
+      match rule3 ipv4
+   !
+   sample policy samplepo2
+      match rule1 ipv4
+         source prefix 3.4.5.0/24
+         destination prefix 10.3.3.0/24
+         protocol udp source port bgp destination port https
+   !
+   profile profile1
+      ingress sample policy samplepo1
+   !
+   profile profile2
+      ingress sample policy samplepo2
+!
+end
@@ -0,0 +1,61 @@
+monitor_telemetry_postcard_policy:
+  disabled: false
+  ingress:
+    collection:
+      source: 10.3.3.3
+      destination: 10.3.3.4
+      version: 2
+    sample:
+      rate: 16384
+      tcp_udp_checksum:
+        value: 65000
+        mask: "0xffff"
+  marker_vxlan:
+    enabled: true
+    header_word_zero_bit: 30
+  profiles:
+    - name: profile1
+      ingress_sample_policy: samplepo1
+    - name: profile2
+      ingress_sample_policy: samplepo2
+  sample_policies:
+    - name: samplepo1
+      match_rules:
+        - name: rule1
+          type: ipv4
+          destination_prefix: 10.3.3.0/24
+          source_prefix: 3.4.5.0/24
+          protocols:
+            - protocol: tcp
+              destination_ports:
+                - '77'
+                - 78-80
+                - 82
+            - protocol: udp
+              destination_ports:
+                - "99"
+              source_ports:
+                - "98"
+        - name: rule2
+          type: ipv6
+          destination_prefix: 4::0/128
+          source_prefix: 5::0/128
+          protocols:
+            - protocol: udp
+              destination_ports:
+                - '747'
+                - 748-800
+        - name: rule3
+          type: ipv4
+    - name: samplepo2
+      match_rules:
+        - name: rule1
+          type: ipv4
+          destination_prefix: 10.3.3.0/24
+          source_prefix: 3.4.5.0/24
+          protocols:
+            - protocol: udp
+              source_ports:
+                - bgp
+              destination_ports:
+                - https
@@ -94,6 +94,7 @@ monitor-layer1
 monitor-connectivity
 monitor-sessions
 monitor-telemetry-influx
+monitor-telemetry-postcard-policy
 mpls
 none_configuration
 ntp

@@ -0,0 +1,120 @@
+<!--
+  ~ Copyright (c) 2024 Arista Networks, Inc.
+  ~ Use of this source code is governed by the Apache License 2.0
+  ~ that can be found in the LICENSE file.
+  -->
+=== "Table"
+
+    | Variable | Type | Required | Default | Value Restrictions | Description |
+    | -------- | ---- | -------- | ------- | ------------------ | ----------- |
+    | [<samp>monitor_telemetry_postcard_policy</samp>](## "monitor_telemetry_postcard_policy") | Dictionary |  |  |  |  |
+    | [<samp>&nbsp;&nbsp;disabled</samp>](## "monitor_telemetry_postcard_policy.disabled") | Boolean |  | `True` |  | Enable or disable the postcard telemetry feature. |
+    | [<samp>&nbsp;&nbsp;ingress</samp>](## "monitor_telemetry_postcard_policy.ingress") | Dictionary |  |  |  |  |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;collection</samp>](## "monitor_telemetry_postcard_policy.ingress.collection") | Dictionary |  |  |  | Collector configuration. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;source</samp>](## "monitor_telemetry_postcard_policy.ingress.collection.source") | String |  |  |  | Source IP address of GRE tunnel. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;destination</samp>](## "monitor_telemetry_postcard_policy.ingress.collection.destination") | String |  |  |  | Destination IP address of GRE tunnel. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;version</samp>](## "monitor_telemetry_postcard_policy.ingress.collection.version") | Integer |  |  | Valid Values:<br>- <code>1</code><br>- <code>2</code> | Postcard version. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;sample</samp>](## "monitor_telemetry_postcard_policy.ingress.sample") | Dictionary |  |  |  | Sampling parameters. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;rate</samp>](## "monitor_telemetry_postcard_policy.ingress.sample.rate") | Integer |  |  | Valid Values:<br>- <code>16384</code><br>- <code>32768</code><br>- <code>65536</code> | Sampling rate. `rate` is preferred when both `rate` and `tcp_udp_checksum` are defined. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;tcp_udp_checksum</samp>](## "monitor_telemetry_postcard_policy.ingress.sample.tcp_udp_checksum") | Dictionary |  |  |  | TCP/UDP parameters. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;value</samp>](## "monitor_telemetry_postcard_policy.ingress.sample.tcp_udp_checksum.value") | Integer |  |  | Min: 0<br>Max: 65535 | TCP/UDP checksum or IP ID value. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mask</samp>](## "monitor_telemetry_postcard_policy.ingress.sample.tcp_udp_checksum.mask") | String |  |  |  | 16 bit hexadecimal mask for TCP/UDP or IP ID with atmost 2 unset bits. |
+    | [<samp>&nbsp;&nbsp;marker_vxlan</samp>](## "monitor_telemetry_postcard_policy.marker_vxlan") | Dictionary |  |  |  |  |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;enabled</samp>](## "monitor_telemetry_postcard_policy.marker_vxlan.enabled") | Boolean |  |  |  | Enable vxlan marking using default bit 0. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;header_word_zero_bit</samp>](## "monitor_telemetry_postcard_policy.marker_vxlan.header_word_zero_bit") | Integer |  |  | Min: 1<br>Max: 31 |  |
+    | [<samp>&nbsp;&nbsp;profiles</samp>](## "monitor_telemetry_postcard_policy.profiles") | List, items: Dictionary |  |  |  | Postcard telemetry profiles. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;name</samp>](## "monitor_telemetry_postcard_policy.profiles.[].name") | String | Required, Unique |  |  | Profile name. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ingress_sample_policy</samp>](## "monitor_telemetry_postcard_policy.profiles.[].ingress_sample_policy") | String |  |  |  |  |
+    | [<samp>&nbsp;&nbsp;sample_policies</samp>](## "monitor_telemetry_postcard_policy.sample_policies") | List, items: Dictionary |  |  |  |  |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;name</samp>](## "monitor_telemetry_postcard_policy.sample_policies.[].name") | String | Required, Unique |  |  |  |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;match_rules</samp>](## "monitor_telemetry_postcard_policy.sample_policies.[].match_rules") | List, items: Dictionary |  |  |  |  |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;name</samp>](## "monitor_telemetry_postcard_policy.sample_policies.[].match_rules.[].name") | String | Required, Unique |  |  |  |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;type</samp>](## "monitor_telemetry_postcard_policy.sample_policies.[].match_rules.[].type") | String | Required |  | Valid Values:<br>- <code>ipv4</code><br>- <code>ipv6</code> | IP address version. |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;destination_prefix</samp>](## "monitor_telemetry_postcard_policy.sample_policies.[].match_rules.[].destination_prefix") | String |  |  |  | IPv4 Network/Mask or IPv6 Network/Mask. Host part of prefix must be zero.<br>eg. 10.3.3.0/24 |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;source_prefix</samp>](## "monitor_telemetry_postcard_policy.sample_policies.[].match_rules.[].source_prefix") | String |  |  |  | IPv4 Network/Mask or IPv6 Network/Mask. Host part of prefix must be zero.<br>eg. 10.3.3.0/24 |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;protocols</samp>](## "monitor_telemetry_postcard_policy.sample_policies.[].match_rules.[].protocols") | List, items: Dictionary |  |  |  |  |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;protocol</samp>](## "monitor_telemetry_postcard_policy.sample_policies.[].match_rules.[].protocols.[].protocol") | String | Required, Unique |  | Valid Values:<br>- <code>tcp</code><br>- <code>udp</code> |  |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;source_ports</samp>](## "monitor_telemetry_postcard_policy.sample_policies.[].match_rules.[].protocols.[].source_ports") | List, items: String |  |  |  | A list of port numbers or port range or port name. Combination of port numbers or range and port name is not supported on EOS. The port numbers should be in range of 0-65535.<br>e.g.<br>  [ "12", "14-20" ]<br>  [ "www" ] |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;&lt;str&gt;</samp>](## "monitor_telemetry_postcard_policy.sample_policies.[].match_rules.[].protocols.[].source_ports.[]") | String |  |  |  |  |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;destination_ports</samp>](## "monitor_telemetry_postcard_policy.sample_policies.[].match_rules.[].protocols.[].destination_ports") | List, items: String |  |  |  | A list of port numbers or port range or port name. Combination of port numbers or range and port name is not supported on EOS. The port numbers should be in range of 0-65535.<br>e.g.<br>  [ "12", "14-20", "80" ]<br>  [ "https" ] |
+    | [<samp>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;&lt;str&gt;</samp>](## "monitor_telemetry_postcard_policy.sample_policies.[].match_rules.[].protocols.[].destination_ports.[]") | String |  |  |  |  |
+
+=== "YAML"
+
+    ```yaml
+    monitor_telemetry_postcard_policy:
+
+      # Enable or disable the postcard telemetry feature.
+      disabled: <bool; default=True>
+      ingress:
+
+        # Collector configuration.
+        collection:
+
+          # Source IP address of GRE tunnel.
+          source: <str>
+
+          # Destination IP address of GRE tunnel.
+          destination: <str>
+
+          # Postcard version.
+          version: <int; 1 | 2>
+
+        # Sampling parameters.
+        sample:
+
+          # Sampling rate. `rate` is preferred when both `rate` and `tcp_udp_checksum` are defined.
+          rate: <int; 16384 | 32768 | 65536>
+
+          # TCP/UDP parameters.
+          tcp_udp_checksum:
+
+            # TCP/UDP checksum or IP ID value.
+            value: <int; 0-65535>
+
+            # 16 bit hexadecimal mask for TCP/UDP or IP ID with atmost 2 unset bits.
+            mask: <str>
+      marker_vxlan:
+
+        # Enable vxlan marking using default bit 0.
+        enabled: <bool>
+        header_word_zero_bit: <int; 1-31>
+
+      # Postcard telemetry profiles.
+      profiles:
+
+          # Profile name.
+        - name: <str; required; unique>
+          ingress_sample_policy: <str>
+      sample_policies:
+        - name: <str; required; unique>
+          match_rules:
+            - name: <str; required; unique>
+
+              # IP address version.
+              type: <str; "ipv4" | "ipv6"; required>
+
+              # IPv4 Network/Mask or IPv6 Network/Mask. Host part of prefix must be zero.
+              # eg. 10.3.3.0/24
+              destination_prefix: <str>
+
+              # IPv4 Network/Mask or IPv6 Network/Mask. Host part of prefix must be zero.
+              # eg. 10.3.3.0/24
+              source_prefix: <str>
+              protocols:
+                - protocol: <str; "tcp" | "udp"; required; unique>
+
+                  # A list of port numbers or port range or port name. Combination of port numbers or range and port name is not supported on EOS. The port numbers should be in range of 0-65535.
+                  # e.g.
+                  #   [ "12", "14-20" ]
+                  #   [ "www" ]
+                  source_ports:
+                    - <str>
+
+                  # A list of port numbers or port range or port name. Combination of port numbers or range and port name is not supported on EOS. The port numbers should be in range of 0-65535.
+                  # e.g.
+                  #   [ "12", "14-20", "80" ]
+                  #   [ "https" ]
+                  destination_ports:
+                    - <str>
+    ```