R12.1-JA-2025June05

ACL Consistency Check by Using Hub Macro Variable on Spoke

There are a lot of network cases of checking the consistency on certain pairs of devices, such as the same ACL ID, and the same QOS class name. In these cases, you may want to pass the hub macro variable to the spoke macro variable.

Example: Define an NIT to check for ACL consistency between neighbors.

To check the ACL consistency between the hub and spoke devices sharing the same ACL, from the hub device, issue the command show access-list $ACL_ID to get the ACL configuration. On the spoke device, use the macro variable "$ACL_ID" from the hub "R1".

A screenshot of a computer Description automatically generated

  1. Define a seed intent on a map, which contains the device US-BOS-R1 and its neighbor US-BOS-R2.
    1. Run the same command show access-list 195 on the two devices to get the ACL configuration.

    2. Define a diagnosis on US-BOS-R2. So you can check whether the ACL is consistent between the two devices from status codes after the intent execution.

      Information Note:  When executing an intent to check the match between a device and its neighbor devices, you can define a diagnosis message that specifies the mismatched neighbor device. Use the variable $this_device.Hostname for other device and $this_device for the host device in the diagnosis message. This ensures that device names are accurately reflected in the messages upon intent execution.
  2. Enable and define the neighbor pair replication.

    1. Assign roles for the seed devices. Device US-BOS-R1 is the hub device and US-BOS-R2 is spoke device of US-BOS-R1.
    2. Define the neighbor variable logic for the hub device. In this case, the neighbor is Neighbor_Device column of an ADT, and the Device column from the same ADT is set as the hub device key column.

    3. Define the macro variable for the hub device. In this case, use the ACL_ID column in the predefined ADT to assign values for the hub macro variable.
    4. After assigning values for the hub macro variable, use the hub macro variable ACL_ID as the lookup data of the spoke device so that the values of the hub macro variable can be passed to the spoke macro variable.

  3. Run this seed intent to view the result.



Interface MTU Mismatch Check – Check Specific Interfaces Neighbor Replication Logic Details