v2.0.23 (17.04.2025)

Improvements

events

• all logs use UTC0 timezone

client.py

• add_watcher Enable XDP N option bug fix
• add_watcher Enable Topolograph option is added to set Topolograph's IP address in .env and check if Topolograph is available

Add Topolograph host? [Y/n]
TOPOLOGRAPH_HOST set to 192.168.1.33 in .env

DEBUG:urllib3.connectionpool:Starting new HTTP connection (1): 192.168.1.33:8080
DEBUG:urllib3.connectionpool:http://192.168.1.33:8080 "GET /api/graph/ HTTP/1.1" 401 201
Access to 192.168.1.33:8080 is bad
DEBUG:charset_normalizer:Encoding detection: ascii is most likely the one.
Access to 192.168.1.33:8080 is 401 error, details: {
  "detail": "User's IP address is not in the authorized network range. Please add your IP/network in authorized network scope.",
  "status": 401,
  "title": "Unauthorized",
  "type": "about:blank"
}

AS number, where OSPF is configured: [0]

v2.0.21 (25.03.2025)

Log rotation is added

New container is added with mounted watcher log file and defined cron schedule

    logrotation:
      kind: linux
      # https://github.com/Vadims06/docker-logrotate
      image: vadims06/docker-logrotate:v1.0.0
      env:
        LOGROTATE_FILE_PATTERN: "*.log"
        # don't rotate at all but truncate log, because only single log file is bind to this container
        LOGROTATE_ROTATE: "0"
        LOGROTATE_SIZE: "500M"
        # once a day
        LOGROTATE_CRON: "0 0 * * *"

Improvements

• Containerlab is updated

v2.0.20 (03.03.2025)

Improvements

Stub filtering in L2

L2 stub network filter is added for non-local subnets

The problem is that if every single router in the network is both L1/L2 – and therefore every L1 router has learned every prefix in the network via Level 1 – it means that every single router is going to redistribute every single one of those prefixes into Level 2, claiming that it is a source to get to that prefix. And the bigger your network is, the bigger, this list of redistributed prefixes gets. The Level 2 database gets exponentially bigger – and it’s even bigger still if it’s advertising them once again as wide metrics!
link to the article

Example, IS-IS LSDB

0100.0000.0001.00-00      567   0x00000049  0x99fb     895    0/0/0
  Protocols Supported: IPv4, IPv6
  Area Address: 49.0001
  Hostname: R-1
  TE Router ID: 10.0.0.1
  IPv4 Interface Address: 10.0.0.1
  Extended IP Reachability: 10.0.0.1/32 (Metric: 0)
  
0100.0000.0002.00-00      490   0x0000002c  0x5625     634    0/0/0
  Protocols Supported: IPv4, IPv6
  Area Address: 49.0001
  Hostname: R-2
  TE Router ID: 10.0.0.2
  Extended IP Reachability: 10.0.0.1/32 (Metric: 126) <- R1's subnet re-advertised from R2
 
0100.0000.0254.00-00      297   0x00000026  0xf88c     632    0/0/0
  Protocols Supported: IPv4, IPv6
  Area Address: 49.0001
  Hostname: RR-1
  TE Router ID: 10.0.0.254
  Extended IP Reachability: 10.0.0.1/32 (Metric: 189)  <- R1's subnet re-advertised from RR-1

v2.0.18 (17.02.2025)

Fix

• Vadims06/ospfwatcher#18
  In case of issues with a connection to Topolograph - reasons are printed into log

Request failed 401 error, details: {
  "detail": "Provided authorization is not valid",
  "status": 401,
  "title": "Unauthorized",
  "type": "about:blank"
}

API subnet is not added

Request failed 401 error, details: {
  "detail": "No IP address was added, so nothing to check with. For using API is needed to add your network in the Authorised network range",
  "status": 401,
  "title": "Unauthorized",
  "type": "about:blank"
}

v2.0.17 (12.01.2025) MPLS TE Link attributes

MPLS TE Link attributes are added for monitoring:

1. Administrative Group (color, resource class)
2. Maximum Link Bandwidth
3. Maximum Reservable Link Bandwidth
4. Unreserved Bandwidth
5. Traffic Engineering Default Metric

Logs sample 3. TE

2024-12-29T13:20:50.398Z,
isis-watcher,1,temetric,0200.1001.0002,changed,0_17_19_20_21_22_26_29_30,1000000000,1000000000,1000000008_1000000016_1000000024_1000000032_1000000040_1000000048_1000000056,11223344,0200.1001.0003,2024-07-28T18:03:05Z,49.0001,01Jan2023_00h00m00s_7_hosts,10.1.23.3,10.1.23.2

* `2023-01-01T00:00:00Z` - event timestamp
* `demo-watcher` - name of watcher
* `1` - IS-IS level
* `temetric` - event name: `host`, `network`, `metric`, `temetric`
* `0200.1001.0002` - event object. Watcher detected an event related to `0200.1001.0002` host
* `changed` - event status: `down`, `up`, `changed`
* `0_17_19_20_21_22_26_29_30` - 0, 17, 19, 20, 21, 22, 26, 29, 30 admin groups
* `1000000000` - Maximum Link Bandwidth (Sub-TLV 9) bits per sec
* `1000000000` - Maximum Reservable Link Bandwidth (Sub-TLV 10) bits per sec
* `1000000008_1000000016_1000000024_1000000032_1000000040_1000000048_1000000056` - Unreserved Bandwidth (Sub-TLV 11) for priority 0,..7 bits per sec
* `11223344` - Traffic Engineering Default Metric (Sub-TLV 18)
* `0200.1001.0003` - event detected by this node.
* `01Jan2023_00h00m00s_7_hosts` - name of graph in Topolograph dashboard
* `49.0002` - area number
* `12345` - AS number
* `10.1.23.3` - Local IP address of detected node `0200.1001.0003` (available in 2.0.15)
* `10.1.23.2` - Remote IP address relative to the detected node `0200.1001.0003` (available in 2.0.16)

FRR configuration

interface eth1
 ip address 20.168.23.1/24
 ip router isis lab
 ipv6 address 4ffe::192:168:23:2/127
 ipv6 router isis lab
 isis network point-to-point
 link-params
  admin-grp 0x647a0001
  enable
  metric 11223344
  max-bw 1e+08
  unrsv-bw 0 1.23e+06
  unrsv-bw 5 1.23e+06
!
router isis lab
 net 49.0002.0200.1001.0002.00
 mpls-te on
 mpls-te router-address 10.10.10.2
exit

IS-IS TE metric

Latest events about links with admin group 17 with unreserved bandwidth for priority of 0 less than 100Mbits

Full IS-IS TE log

v2.0.16 (27.12.2024)

v2.0.16

• remote_ip_address is added into log for all host events

v2.0.15 (27.12.2024)

v2.0.14

• Algorithm improvements in selection of edges: Narrow < Extended. L1 < L2

v2.0.15

• local_ip_address is added into log for all host events

v2.0.12 (17.11.2024)

Improvements

• BugFix. tracking OSPF/IS-IS protocols simultaneously. Issue Vadims06/ospfwatcher#14
  

v2.0.10 (30.10.2024)

Improvements

1. Stability and accuracy of network change detection
2. Logstash pipeline changed accordingly to new watcher output
3. Documentation
4. Tools (client.py)
5. IS-IS logs includes device's hostname

v1.1

Multiple Watchers on a single host
Number of watchers is equal to the number of IS-IS areas and each Watcher is placed in individual network namespace. IS-IS LSDB sits in watcher's namespace and doesn't interact with other Watchers keeping it isolated.

v1.1 Includes a client for generating configurations for each Watcher for each IS-IS area. To generate individual settings - run the client with --action add_watcher

sudo docker run -it --rm --user $UID -v ./:/home/watcher/watcher/ -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro vadims06/isis-watcher:v1.1 python3 ./client.py --action add_watcher

The script will create:

1. a folder under watcher folder with FRR configuration under router folder
2. a containerlab configuration file with network settings
3. an individual watcher log file in watcher folder.