==== How to configure VTN Renderer The section demonstrates allow or block packets of the traffic within a VTN Renderer, according to the specified flow conditions. The table below lists the actions to be applied when a packet matches the condition: [options="header",cols="20%,80%"] |=== | Action | Function |Allow | Permits the packet to be forwarded normally. |Block | Discards the packet preventing it from being forwarded. |=== ===== Requirement * Before execute the follow steps, please, use default requirements. See section <<_default_requirements,Default Requirements>>. ===== Configuration Please execute the following curl commands to test network intent using mininet: ====== Create Intent To provision the network for the two hosts(h1 and h2) and demonstrates the action allow. ---- curl -v --user "admin":"admin" -H "Accept: application/json" -H "Content-type: application/json" -X PUT http://localhost:8181/restconf/config/intent:intents/intent/b9a13232-525e-4d8c-be21-cd65e3436034 -d '{ "intent:intent" : { "intent:id": "b9a13232-525e-4d8c-be21-cd65e3436034", "intent:actions" : [ { "order" : 2, "allow" : {} } ], "intent:subjects" : [ { "order":1 , "end-point-group" : {"name":"10.0.0.1"} }, { "order":2 , "end-point-group" : {"name":"10.0.0.2"}} ] } }' ---- To provision the network for the two hosts(h2 and h3) and demonstrates the action allow. ---- curl -v --user "admin":"admin" -H "Accept: application/json" -H "Content-type: application/json" -X PUT http://localhost:8181/restconf/config/intent:intents/intent/b9a13232-525e-4d8c-be21-cd65e3436035 -d '{ "intent:intent" : { "intent:id": "b9a13232-525e-4d8c-be21-cd65e3436035", "intent:actions" : [ { "order" : 2, "allow" : {} } ], "intent:subjects" : [ { "order":1 , "end-point-group" : {"name":"10.0.0.2"} }, { "order":2 , "end-point-group" : {"name":"10.0.0.3"}} ] } }' ---- ====== Verification As we have applied action type allow now ping should happen between hosts (h1 and h2) and (h2 and h3). ---- mininet> pingall Ping: testing ping reachability h1 -> h2 X X h2 -> h1 h3 X h3 -> X h2 X h4 -> X X X ---- ====== Update the intent To provision block action that indicates traffic is not allowed between h1 and h2. ---- curl -v --user "admin":"admin" -H "Accept: application/json" -H "Content-type: application/json" -X PUT http://localhost:8181/restconf/config/intent:intents/intent/b9a13232-525e-4d8c-be21-cd65e3436034 -d '{ "intent:intent" : { "intent:id": "b9a13232-525e-4d8c-be21-cd65e3436034", "intent:actions" : [ { "order" : 2, "block" : {} } ], "intent:subjects" : [ { "order":1 , "end-point-group" : {"name":"10.0.0.1"} }, { "order":2 , "end-point-group" : {"name":"10.0.0.2"}} ] } }' ---- ====== Verification As we have applied action type block now ping should not happen between hosts (h1 and h2). ---- mininet> pingall Ping: testing ping reachability h1 -> X X X h2 -> X h3 X h3 -> X h2 X h4 -> X X X ---- NOTE: Old actions and hosts are replaced by the new action and hosts. ====== Delete the intent Respective intent and the traffics will be deleted. ---- curl -v --user "admin":"admin" -H "Accept: application/json" -H "Content-type: application/json" -X DELETE http://localhost:8181/restconf/config/intent:intents/intent/b9a13232-525e-4d8c-be21-cd65e3436035 ---- ====== Verification Deletion of intent and flow. ---- mininet> pingall Ping: testing ping reachability h1 -> X X X h2 -> X X X h3 -> X X X h4 -> X X X ---- NOTE: Ping between two hosts can also be done using MAC Address To provision the network for the two hosts(h1 MAC address and h2 MAC address). ---- curl -v --user "admin":"admin" -H "Accept: application/json" -H "Content-type: application/json" -X PUT http://localhost:8181/restconf/config/intent:intents/intent/b9a13232-525e-4d8c-be21-cd65e3436035 -d '{ "intent:intent" : { "intent:id": "b9a13232-525e-4d8c-be21-cd65e3436035", "intent:actions" : [ { "order" : 2, "allow" : {} } ], "intent:subjects" : [ { "order":1 , "end-point-group" : {"name":"6e:4f:f7:27:15:c9"} }, { "order":2 , "end-point-group" : {"name":"aa:7d:1f:4a:70:81"}} ] } }' ----