Skip to content

enhancement(flow)/Add Support for Additional flow Configuration in Terraform Provider #338

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

enhancement(flow)/Add Support for Additional flow Configuration in Terraform Provider #338

wants to merge 1 commit into from

Conversation

@tech-of-all-trades
Copy link
Contributor

@tech-of-all-trades tech-of-all-trades commented Nov 3, 2025
edited
Loading

This PR adds support for additional flow configuration in the terraform-provider-iosxe.

These improvements enhance the iosxe_flow_record and iosxe_flow_exporter resources with comprehensive flow configuration capabilities including enhanced datalink layer matching, IPv4 TTL-based flow tracking, and flexible source interface selection for flow exporters.

CLI Commands Supported

flow record Support

flow record <name>
  match datalink mac source address input
  match datalink mac destination address input
  match datalink vlan input  # Available on Switch platforms (C9K)
  match datalink source-vlan-id  # Available on Router platforms (C8K, CSR1K)
  match datalink destination-vlan-id  # Available on Router platforms (C8K, CSR1K)
  match ipv4 ttl

flow exporter Support

flow exporter <name>
  source <interface>

Supported source interface types include: GigabitEthernet, TwoGigabitEthernet, FiveGigabitEthernet, TenGigabitEthernet, TwentyFiveGigE, FortyGigabitEthernet, HundredGigE, Vlan, Port-channel, and Loopback interfaces.

Benefits:

  • Enables comprehensive Layer 2 flow visibility for operational traffic analysis and security monitoring through MAC address and VLAN tracking
  • Supports TTL-based flow classification to enhance network troubleshooting and identify routing anomalies
  • Provides flexible flow exporter source interface configuration across diverse network topologies and hardware platforms
  • Enhances cross-platform compatibility with intelligent handling of platform-specific syntax differences between Catalyst switch and router platforms

Platform Compatibility:
This PR includes platform-aware attribute handling, ensuring seamless operation across both Catalyst 9000 series switches and Catalyst 8000/CSR1000v router platforms. The provider automatically uses the appropriate YANG paths for each platform type.

@tech-of-all-trades
feat: Add additional flow record and flow exporter configuration supp…
164edeb 
…ort to flow resource

Enhanced the iosxe_flow resource with 6 `flow record` and 9 `flow exporter` attributes
to support 9 "flow" cli configuration capabilities.

Note, support for 2 additional `flow record` cli configurations that were not originally
requested have been added and are now supported. This decision was a result of cli
command acceptance that varies based on platform. The solution implemented leverages
"test_tags" to accurately test provider code.

New Attributes (15 total):
- flow_record:
  - match/datalink/mac/source/address/input
  - match/datalink/mac/destination/address/input
  - match/datalink/vlan  <-- Note: Available on switch platforms (C9K) using 'test_tags': [C9000V]
  - match/datalink/source-vlan-id  <-- Note: Available on router platforms (C8K, CSR1K) using 'test_tags': [C8000V]
  - match/datalink/destination-vlan-id  <-- Note: Available on router platforms (C8K, CSR1K) using 'test_tags': [C8000V]
  - match/ipv4/ttl
- flow exporter <name>:
  - source/interface-choice/GigabitEthernet/GigabitEthernet
  - source/interface-choice/TwoGigabitEthernet/TwoGigabitEthernet
  - source/interface-choice/FiveGigabitEthernet/FiveGigabitEthernet
  - source/interface-choice/TenGigabitEthernet/TenGigabitEthernet
  - source/interface-choice/TwentyFiveGigE/TwentyFiveGigE
  - source/interface-choice/FortyGigabitEthernet/FortyGigabitEthernet
  - source/interface-choice/HundredGigE/HundredGigE
  - source/interface-choice/Vlan/Vlan
  - source/interface-choice/Port-channel/Port-channel

CLI Commands Supported (9 total):
- flow record <name>:
  - match datalink mac source address input
  - match datalink mac source address input
  - match datalink vlan input
  - match datalink source-vlan-id
  - match datalink destination-vlan-id
  - match ipv4 ttl
- flow exporter <name>:
  - source <interface>

Files Modified:
- gen/definitions/flow_record.yaml
- gen/definitions/flow_exporter.yaml
- docs/data-sources/flow_exporter.md
- docs/data-sources/flow_record.md
- docs/resources/flow_exporter.md
- docs/resources/flow_record.md
- examples/resources/iosxe_flow_record/resource.tf
- internal/provider/data_source_iosxe_flow_exporter.go
- internal/provider/data_source_iosxe_flow_record.go
- internal/provider/data_source_iosxe_flow_record_test.go
- internal/provider/model_iosxe_flow_exporter.go
- internal/provider/model_iosxe_flow_record.go
- internal/provider/resource_iosxe_flow_exporter.go
- internal/provider/resource_iosxe_flow_record.go
- internal/provider/resource_iosxe_flow_record_test.go
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tech-of-all-trades