aristanetworks · gmuloc · Dec 14, 2023 · Nov 15, 2023 · Nov 14, 2023 · Nov 15, 2023
@@ -0,0 +1,176 @@
+# application-traffic-recognition
+
+## Table of Contents
+
+- [Management](#management)
+  - [Management Interfaces](#management-interfaces)
+- [Application Traffic Recognition](#application-traffic-recognition)
+  - [Applications](#applications)
+  - [Application Profiles](#application-profiles)
+  - [Categories](#categories)
+  - [Field Sets](#field-sets)
+  - [Router Application-Traffic-Recognition Device Configuration](#router-application-traffic-recognition-device-configuration)
+
+## Management
+
+### Management Interfaces
+
+#### Management Interfaces Summary
+
+##### IPv4
+
+| Management Interface | description | Type | VRF | IP Address | Gateway |
+| -------------------- | ----------- | ---- | --- | ---------- | ------- |
+| Management1 | oob_management | oob | MGMT | 10.73.255.122/24 | 10.73.255.2 |
+
+##### IPv6
+
+| Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway |
+| -------------------- | ----------- | ---- | --- | ------------ | ------------ |
+| Management1 | oob_management | oob | MGMT | - | - |
+
+#### Management Interfaces Device Configuration
+
+```eos
+!
+interface Management1
+   description oob_management
+   vrf MGMT
+   ip address 10.73.255.122/24
+```
+
+## Application Traffic Recognition
+
+### Applications
+
+#### IPv4 Applications
+
+| Name | Source Prefix | Destination Prefix | Protocols | Protocol Ranges | TCP Source Port Set | TCP Destination Port Set | UDP Source Port Set | UDP Destination Port Set |
+| ---- | ------------- | ------------------ | --------- | --------------- | ------------------- | ------------------------ | ------------------- | ------------------------ |
+| user_defined_app1 | src_prefix_set1 | dest_prefix_set1 | udp, tcp | 25 | src_port_set1 | dest_port_set1 | src_port_set2 | dest_port_set2 |
+| user_defined_app2 | src_prefix_set2 | dest_prefix_set2 | pim, icmp, tcp | 21, 7-11 | - | - | - | - |
+
+### Application Profiles
+
+#### Application Profile Name app_profile_1
+
+| Type | Name | Service |
+| ---- | ---- | ------- |
+| application | aim | audio-video |
+| application | aim | chat |
+| application | user_defined_app1 | - |
+| category | best-effort | - |
+| category | category1 | audio-video |
+| transport | http | - |
+| transport | udp | - |
+
+#### Application Profile Name app_profile_2
+
+| Type | Name | Service |
+| ---- | ---- | ------- |
+| application | aim | audio-video |
+| application | user_defined_app2 | - |
+| category | category1 | chat |
+| transport | https | - |
+| transport | quic | - |
+
+### Categories
+
+| Category | Application(Service) |
+| -------- | -------------------- |
+| best-effort | aimini(peer-to-peer)<br>apple_update(software-update) |
+| category1 | aim(audio-video)<br>aim(chat)<br>anydesk |
+| empty |  |
+
+### Field Sets
+
+#### L4 Port Sets
+
+| Name | Ports |
+| ---- | ----- |
+| dest_port_set1 | 2300-2350 |
+| dest_port_set2 | 3300-3350 |
+| src_port_set1 | 2400-2500, 2900-3000 |
+| src_port_set2 | 5700-5800, 6500-6600 |
+
+#### IPv4 Prefix Sets
+
+| Name | Prefixes |
+| ---- | -------- |
+| dest_prefix_set1 | 2.3.4.0/24 |
+| dest_prefix_set2 | 4.4.4.0/24 |
+| src_prefix_set1 | 1.2.3.0/24<br>1.2.5.0/24 |
+| src_prefix_set2 | 2.2.2.0/24<br>3.3.3.0/24 |
+
+### Router Application-Traffic-Recognition Device Configuration
+
+```eos
+!
+application traffic recognition
+   !
+   application ipv4 user_defined_app1
+      source prefix field-set src_prefix_set1
+      destination prefix field-set dest_prefix_set1
+      protocol tcp source port field-set src_port_set1 destination port field-set dest_port_set1
+      protocol udp source port field-set src_port_set2 destination port field-set dest_port_set2
+      protocol 25
+   !
+   application ipv4 user_defined_app2
+      source prefix field-set src_prefix_set2
+      destination prefix field-set dest_prefix_set2
+      protocol icmp
+      protocol pim
+      protocol tcp
+      protocol 7-11, 21
+   !
+   category best-effort
+      application aimini service peer-to-peer
+      application apple_update service software-update
+   !
+   category category1
+      application aim service audio-video
+      application aim service chat
+      application anydesk
+   !
+   category empty
+   !
+   application-profile app_profile_1
+      application aim service audio-video
+      application aim service chat
+      application user_defined_app1
+      application http transport
+      application udp transport
+      category best-effort
+      category category1 service audio-video
+   !
+   application-profile app_profile_2
+      application aim service audio-video
+      application user_defined_app2
+      application https transport
+      application quic transport
+      category category1 service chat
+   !
+   field-set ipv4 prefix dest_prefix_set1
+      2.3.4.0/24
+   !
+   field-set ipv4 prefix dest_prefix_set2
+      4.4.4.0/24
+   !
+   field-set ipv4 prefix src_prefix_set1
+      1.2.3.0/24 1.2.5.0/24
+   !
+   field-set ipv4 prefix src_prefix_set2
+      2.2.2.0/24 3.3.3.0/24
+   !
+   field-set l4-port dest_port_set1
+      2300-2350
+   !
+   field-set l4-port dest_port_set2
+      3300-3350
+   !
+   field-set l4-port src_port_set1
+      2400-2500, 2900-3000
+   !
+   field-set l4-port src_port_set2
+      5700-5800, 6500-6600
+```
@@ -0,0 +1,83 @@
+!RANCID-CONTENT-TYPE: arista
+!
+transceiver qsfp default-mode 4x10G
+!
+hostname application-traffic-recognition
+!
+no enable password
+no aaa root
+!
+interface Management1
+   description oob_management
+   vrf MGMT
+   ip address 10.73.255.122/24
+!
+application traffic recognition
+   !
+   application ipv4 user_defined_app1
+      source prefix field-set src_prefix_set1
+      destination prefix field-set dest_prefix_set1
+      protocol tcp source port field-set src_port_set1 destination port field-set dest_port_set1
+      protocol udp source port field-set src_port_set2 destination port field-set dest_port_set2
+      protocol 25
+   !
+   application ipv4 user_defined_app2
+      source prefix field-set src_prefix_set2
+      destination prefix field-set dest_prefix_set2
+      protocol icmp
+      protocol pim
+      protocol tcp
+      protocol 7-11, 21
+   !
+   category best-effort
+      application aimini service peer-to-peer
+      application apple_update service software-update
+   !
+   category category1
+      application aim service audio-video
+      application aim service chat
+      application anydesk
+   !
+   category empty
+   !
+   application-profile app_profile_1
+      application aim service audio-video
+      application aim service chat
+      application user_defined_app1
+      application http transport
+      application udp transport
+      category best-effort
+      category category1 service audio-video
+   !
+   application-profile app_profile_2
+      application aim service audio-video
+      application user_defined_app2
+      application https transport
+      application quic transport
+      category category1 service chat
+   !
+   field-set ipv4 prefix dest_prefix_set1
+      2.3.4.0/24
+   !
+   field-set ipv4 prefix dest_prefix_set2
+      4.4.4.0/24
+   !
+   field-set ipv4 prefix src_prefix_set1
+      1.2.3.0/24 1.2.5.0/24
+   !
+   field-set ipv4 prefix src_prefix_set2
+      2.2.2.0/24 3.3.3.0/24
+   !
+   field-set l4-port dest_port_set1
+      2300-2350
+   !
+   field-set l4-port dest_port_set2
+      3300-3350
+   !
+   field-set l4-port src_port_set1
+      2400-2500, 2900-3000
+   !
+   field-set l4-port src_port_set2
+      5700-5800, 6500-6600
+!
+end
@@ -0,0 +1,101 @@
+### router_path_selection ###
+# NOTE that this leverage all possible knobs and this config is **NOT** valid on
+# an actual device
+
+application_traffic_recognition:
+  categories:
+    - name: category1
+      applications:
+        - name: aim
+          service: chat
+        - name: aim
+          service: audio-video
+        - name: anydesk
+    - name: best-effort
+      applications:
+        - name: aimini
+          service: peer-to-peer
+        - name: apple_update
+          service: software-update
+    - name: empty
+  field_sets:
+    l4_ports:
+      - name: src_port_set1
+        port_values:
+          - 2400-2500
+          - 2900-3000
+      - name: dest_port_set1
+        port_values:
+          - 2300-2350
+      - name: src_port_set2
+        port_values:
+          - 6500-6600
+          - 5700-5800
+      - name: dest_port_set2
+        port_values:
+          - 3300-3350
+    ipv4_prefixes:
+      - name: src_prefix_set1
+        prefix_values:
+          - 1.2.3.0/24
+          - 1.2.5.0/24
+      - name: dest_prefix_set1
+        prefix_values:
+          - 2.3.4.0/24
+      - name: src_prefix_set2
+        prefix_values:
+          - 3.3.3.0/24
+          - 2.2.2.0/24
+      - name: dest_prefix_set2
+        prefix_values:
+          - 4.4.4.0/24
+  applications:
+    ipv4_applications:
+      - name: user_defined_app2
+        protocols:
+          - pim
+          - icmp
+          - tcp
+        protocol_ranges:
+          - "21"
+          - "7-11"
+        src_prefix_set_name: src_prefix_set2
+        dest_prefix_set_name: dest_prefix_set2
+      - name: user_defined_app1
+        protocols:
+          - udp
+          - tcp
+        protocol_ranges:
+          - "25"
+        udp_src_port_set_name: src_port_set2
+        udp_dest_port_set_name: dest_port_set2
+        src_prefix_set_name: src_prefix_set1
+        dest_prefix_set_name: dest_prefix_set1
+        tcp_src_port_set_name: src_port_set1
+        tcp_dest_port_set_name: dest_port_set1
+  application_profiles:
+    - name: app_profile_2
+      applications:
+        - name: user_defined_app2
+        - name: aim
+          service: audio-video
+      categories:
+        - name: category1
+          service: chat
+      application_transports:
+        - https
+        - quic
+    - name: app_profile_1
+      applications:
+        - name: user_defined_app1
+        - name: aim
+          service: chat
+        - name: aim
+          service: audio-video
+      application_transports:
+        - udp
+        - http
+      categories:
+        - name: best-effort
+        - name: category1
+          service: audio-video
@@ -6,6 +6,7 @@ acl
 address-locking
 aliases
 agents
+application-traffic-recognition
 arp
 as-path
 base