R12.1 Project Publication-2025Dec23

ACL Consistency Check by Using Hub Macro Variable on Spoke

Many network scenarios require checking consistency between specific pairs of devices, such as matching ACL IDs or QoS class names. In these cases, you may want to pass the hub macro variable to the spoke macro variable.

Example: Define an NIT to check ACL consistency between neighbor devices. To verify ACL consistency between the hub and spoke devices sharing the same ACL, issue the command show access-list $ACL_ID on the hub device to retrieve the ACL configuration. On the spoke device, use the macro variable $ACL_ID obtained from the hub device R1.

A screenshot of a computer Description automatically generated

  1. Define a seed intent on a map, which contains the device US-BOS-R1 and its neighbor US-BOS-R2.

    1. Run the command show access-list 195 on both devices to retrieve their ACL configurations.

    2. Define a diagnosis on US-BOS-R2 to verify ACL consistency between the two devices by checking the status codes after intent execution.

      Information Note: When executing an intent to check the match between a device and its neighbor devices, you can define a diagnosis message that specifies the mismatched neighbor device. Use the variable $this_device.Hostname for other device and $this_device for the host device in the diagnosis message. This ensures that device names are accurately reflected in the messages during intent execution.

  2. Enable and define the neighbor pair replication.
    1. Assign roles for the seed devices. Device US-BOS-R1 as the hub device and US-BOS-R2 as the spoke device of US-BOS-R1.
    2. Define the neighbor variable logic for the hub device. In this case, use the Neighbor_Device column from the table to identify neighbors and Device column is set as the hub device key column.

    3. Define the macro variable for the spoke device by assigning values directly from the ACL_ID column in the ADT.
    4. After assigning values to the hub macro variable, use the hub macro variable ACL_ID as the lookup source of the spoke device. This allows the values of the hub macro variable to be passed to the corresponding spoke macro variable.

  3. Run this seed intent to view the result.

Interface MTU Mismatch Check – Check Specific Interfaces Advanced Settings