Basic Apply ANC Endpoint Policy Notification Example¶
This sample registers and outputs messages received for Cisco Adaptive
Network Control (ANC) apply endpoint policy
notifications via DXL and Cisco
pxGrid.
Prerequisites¶
The samples configuration step has been completed (see Samples Configuration).
The DXL fabric to which the client will connect has been bridged to Cisco pxGrid.
The Python client has been authorized to receive
DXL Cisco pxGrid Notifications
(see Authorize Client to Use Cisco pxGrid via DXL).ANC
Apply Endpoint Policy
notifications from pxGrid have been enabled (see Enable Cisco pxGrid Notifications for DXL).An ANC policy named
quarantine_policy
has been configured. The policy could be created by logging into the Cisco Identity Services Engine (ISE) web interface and performing the following steps:- Navigate to Operations → Adaptive Network Control → Policy List.
- On the List screen, click on the Add button.
- On the List → New screen, enter
quarantine_policy
in the name field, selectQUARANTINE
in the Action field, and press the Submit button.
Running¶
To run this sample execute the
sample/basic/basic_anc_apply_endpoint_policy_notification_example.py
script
as follows:
python sample/basic/basic_anc_apply_endpoint_policy_notification_example.py
After the example starts up, the initial output should appear similar to the following:
Waiting for apply policy events...
To generate an apply endpoint policy by IP address
notification, run
through the steps in the Basic Apply ANC Endpoint Policy by IP Address Example in a
separate terminal command window. Assuming that the policy is successfully
applied, the following message should appear in the output of the notification
example:
{ "ipAddress": "192.168.1.1", "policyName": "quarantine_policy" }
To generate an apply endpoint policy by MAC address
notification, run
through the steps in the Basic Apply ANC Endpoint Policy by MAC Address Example in a
separate terminal command window. Assuming that the policy is successfully applied, the
following message should appear in the output of the notification example:
{ "macAddress": "00:11:22:33:44:55", "policyName": "quarantine_policy" }
Note that if the apply endpoint policy
calls encounter any errors -- for
example, due to the policy not existing or the policy already having been
applied -- no corresponding event notification will be generated.
Details¶
The majority of the sample code is shown below:
# Create the client with DxlClient(config) as dxl_client: # Connect to the fabric dxl_client.connect() logger.info("Connected to DXL fabric.") # Create client wrapper client = CiscoPxGridClient(dxl_client) class MyAncApplyEndpointPolicyCallback(AncApplyEndpointPolicyCallback): def on_apply_endpoint_policy(self, apply_dict): print("on_apply_endpoint_policy\n" + MessageUtils.dict_to_json(apply_dict, pretty_print=True)) # Attach callback for 'apply policy' events client.anc.add_apply_endpoint_policy_callback( MyAncApplyEndpointPolicyCallback()) # Wait forever print("Waiting for apply policy events...") while True: time.sleep(60)
Once a connection is established to the DXL fabric, a
dxlciscopxgridclient.client.CiscoPxGridClient
instance is created which
will be used to communicate with Cisco pxGrid.
Next, the dxlciscopxgridclient.client.AncClientCategory.add_apply_endpoint_policy_callback()
method is invoked to register a callback for apply policy event notifications.
When an apply endpoint policy
event occurs, the on_apply_endpoint_policy
method in the MyAncApplyEndpointPolicyCallback
class is invoked. The
apply_dict
parameter passed into the callback, a dictionary (dict
)
which contains the content of the event notification, is displayed.