Cisco Pre-checks and Post-checks

6 Cisco Pre-checks and Post-checks

This chapter describes the pre-checks and post-checks that can be run and explains how to install, enable, and disable them. It also describes the behavior of the individual pre-checks and post-checks for the Cisco IOS cartridge.

About Pre-checks and Post-Checks

Pre-checks look for existing configuration on a device when you commit a configuration. This prevents disruption of existing services.

Pre-checks also determine if the Oracle Communications IP Service Activator configuration will create conflicts with an existing configuration, during creation of a new service instance by IP Service Activator. In case a conflict is detected, the operation is aborted and an error message generated.

The post-checks look for the configuration after it has been applied on a device. Post-checks determine if an IP Service Activator configuration is really configured on the device or silently rejected by that device, after an IP Service Activator creates a new service instance. An error message is generated if the device silently rejects the configuration, and the applied configuration is rolled back.

Post-checks can validate successful application of a configuration beyond the simple validation offered by the device response during command issue.

Installing Pre-checks and Post-checks

The standard pre-checks and post-checks are installed when IP Service Activator is installed. For more information, see IP Service Activator Installation Guide.

Enabling/disabling Pre-checks and Post-checks

Pre-checks and post-checks can be enabled and disabled using the standard.properties file. The file is located in the following directory:

Config/networkProcessor/com/metasolv/serviceactivator/cartridges/cisco/pre_check/standard.properties.txt

To disable a particular pre-check or post-check, change its value to false, as shown in the example below. The value true indicates an enabled pre-check or post-check.

<checkProperties xmlns="http://www.metasolv.com/ serviceactivator/checkproperties" >    
    <preCheckRouteMap>true</preCheckRouteMap>				
    <preCheckClassMap>true</preCheckClassMap>				
    <preCheckPolicyMap>true</preCheckPolicyMap>				
    <preCheckNamedAcl>true</preCheckNamedAcl>				
    <preCheckVrf>true</preCheckVrf>			        		
    <preCheckCryptoMap>true</preCheckCryptoMap>				
    <preCheckConfigVersion>false</preCheckConfigVersion>	
    <preCheckRouterIOSUpgrade>false</preCheckRouterIOSUpgrade>	
    <preCheckPolicer>true</preCheckPolicer> 				
</checkProperties>

Individual Pre-checks and Post-checks

Table 6-1 and Table 6-2 outline the behavior of the individual pre-checks and post-checks for the Cisco IOS cartridge.

Table 6-1 Pre-checks

Name	Behavior	Default
preCheckRouteMap	Raises a fault when a route map with the specified name exists. It is a VPN service precheck.	On
preCheckClassMap	Raises a fault when a class map with the specified name exists. It is a QOS service precheck.	On
preCheckPolicyMap	Raises a fault when a policy map with the specified name exists. It is a QOS service precheck.	On
preCheckCryptoMap	Raises a fault when a crypto map with the specified name and sequence exists. It is an IPsec service precheck.	On
preCheckNamedAcl	Raises a fault when an ACL with the specified name exists. It is a QoS service precheck.	On
preCheckVrf	Raises a fault when a VRF with the specified name exists. It is a VPN service precheck.	On
preCheckRouterIOSUpgrade	Raises a fault when router IOS version does not match the version from the last device discovery.	Off
preCheckConfigVersion	Raises a fault when the IP Service Activator and the router configuration versions do not match.	Off
preCheckPolicer	Raises a fault when an aggregate policer with the specified name exists. It is a Layer 2 QOS service precheck.	On
preCheckMlsQos	Raises a fault when MLS QoS is disabled. It is a Layer 2 QoS service precheck.	Off
preCheckVlanVtpModeServer	Raises a fault when the user tries to add a VLAN with value greater than 1005 while router runs in VTP Server mode. It is a VLAN service precheck.	On
preCheckVlanVtpModeClient	Raises a fault when the user tries to add or modify a VLAN while router runs in VTP Client mode. This pre-check, looks for any VLAN operations involving adding new VLAN, and modifying or deleting any existing VLAN. If enabled, it takes over pre-checking transactions of the preCheckVlanVtpModeServer pre-check, for the extended VLAN range with IDs above 1005. It is a VLAN service pre-check.	Off
preCheckInterfaceMediaType	Raises faults in the following scenarios: Interface media type is RJ45 and speed is being set to default or nonegotiate value. Interface media type is not RJ45 and speed is not being set to default or nonegotiate value. Note: This pre-check is only invoked when a user tries to set GigabitEthernet interface Speed value through ciscoEthernePortCharacteristics configuration policy.	On
preCheckVlanIdSync	Raises a fault when VLAN IDs on trunk interface is not the subset of VLAN IDs being configured through IP Service Activator. It is a vlanInterface configuration policy specific pre-check.	On
preCheckOspfProcessId	Raises a fault when Ospf process-id being configured through IP Service Activator already exists on the device. It is an Ospf routing protocol specific pre-check.	On
preCheckInterfaceOspfMessageDigestKeyId	Raises a fault when Ospf md5 authentication key-id already exists on the interface or sub-interface on which ospf routing protocol with md5 authentication is being configured. It is an ospf routing protocol specific pre-check.	On
preCheckMsdpConnectSourceOriginatorIdInterface	Raises a fault when msdp originator-id interface or msdp connect-source interface being configured through IP Service Activator does not exist on the device. It is Multicast Source Discovery Protocol specific pre-check.	On
preCheckMulticastRegisterSo urceInterface	Raises a fault when the interface configured for pim register-source in Multicast Device configuration policy does not exist on the device.	Off

Table 6-2 Post-checks

Name	Behavior	Default
postChecksEnabled	It is a global flag that enables or disables post-checks.	Off
postCheckIntfServicePolicyInput	Raises a fault when interface Service policy in input direction is silently rejected by a device. Note: For QoS policies containing the bandwidth, priority, random-detect, queue-limit, and shaping some IOS of 3500 switches silently reject configuration if it is applied in input direction.	Off

Name

Behavior

Default

postChecksEnabled

It is a global flag that enables or disables post-checks.

Off

postCheckIntfServicePolicyInput

Raises a fault when interface Service policy in input direction is silently rejected by a device.

Note: For QoS policies containing the bandwidth, priority, random-detect, queue-limit, and shaping some IOS of 3500 switches silently reject configuration if it is applied in input direction.

Off