This Guest Shell script uses Microsoft O365 Webservice to get routing information of Office365 cloud. It can be used to automatically create static routes for a dedicated Internet link. So Office365 traffic will use the link and all the remaining traffic will be routed using a default route via a different link. It can be used as an alternative to ExpressRoute. The generated static routes can be also used to bypass a firewall or proxy for Office365 traffic.
IOS configuration see https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/1611/b_1611_programmability_cg/guest_shell.html https://community.cisco.com/t5/developer-general-blogs/introducing-python-and-guest-shell-on-ios-xe-16-5/ba-p/3661394
iox
!
interface VirtualPortGroup0
ip address 192.168.250.1 255.255.255.0
!
app-hosting appid guestshell
app-vnic gateway0 virtualportgroup 0 guest-interface 0
guest-ipaddress 192.168.250.2 netmask 255.255.255.0
app-default-gateway 192.168.250.1 guest-interface 0
name-server0 192.168.21.50
start
VirtualPortGroup0 can have ip nat inside with proper additional configuration to provide NAT/PAT for the Guest Shell container.
- start guest shell
guestshell run bash - install git
sudo yum install git - install Python virtualenv
sudo yum install python-virtualenv - install script
git clone https://github.com/JardaMartan/o365-route.git cd o365-route- create Python virtual environment
virtualenv venv --system-site-packages - switch to Python virtual environment
source venv/bin/activate - install required packages
pip install -r requirements.txt - edit the config.py file, set at least next_hops to match your next hop IPs. These next hops will be used in static routes generated by the script.
- run script in interactive mode
python o365_manage_route.py -i46
usage: o365_manage_route.py [-h] [-i] [-4] [-6] [-v VRF]
optional arguments:
-h, --help show this help message and exit
-i, --interactive Run in interactive mode
-4, --ipv4 Check IPv4 routing information (default yes)
-6, --ipv6 Check IPv6 routing information (default no)
-v VRF, --vrf VRF VRF name
EEM configuration to run every minute
event manager applet o365route
event timer cron cron-entry "* * * * *"
action 0.1 cli command "enable"
action 1.0 syslog msg "O365 manage route script start"
action 2.0 cli command "guestshell run ./o365-route/venv/bin/python ./o365-route/o365_manage_route.py -46"
action 3.0 syslog msg "O365 manage route script end"
- run script in interactive mode
python -i o365_manage_route.py -i - run test procedure
o365_networks, test_nets, cfg_nets = test_parsing() - remove IPv4 and IPv6 routes
remove_routes(o365_networks["ipv4"], 4),remove_routes(o365_networks["ipv6"], 6) - do not forget to save configuration
for VRF-based configuration (VRF "vp" in this case) do:
python -i o365_manage_route.py -i -v vpo365_networks, test_nets, cfg_nets = test_parsing(vrf="vp")remove_routes(o365_networks["ipv4"], 4, vrf="vp")remove_routes(o365_networks["ipv6"], 6, vrf="vp")