Meraki

eroche

Hi All

Attached is my code for a function to update port settings on a switch (dashboard.switch.updateDeviceSwitchPort). When I do a trunk port it keeps telling me it can't update the access policy of the port which I know that and I am not updating. The code is a little long sorry about that but if you can take a look and see if something stands out it would be much appreciated

# Update settings   
        def update_values():

            print (Fore.YELLOW,Style.BRIGHT +'\n' + 'Please enter the updated values, which are Case-Sensitive:  ' + '\n')
    
            v_allowed = ""
            mac_allowed = ""
            sticky_mac_allowed = ""
            mac_allowed_limit = ""
            v_vlan = ""
            sticky_allowed_limit = ""
            rstp_enabled = "True"
            stp_guard = "bpdu guard"
            native_vlan = ""
            d_vlan = ""
            access_policy = ""

            port_name = input ('\n' + 'Port Name:  ')
            enable = input ('Enable Port [True or False]:  ')
            port_type = input ('Port Type [trunk or access] required:  ')
            
            if port_type == ('access'):
                d_vlan = input ('Data VLAN:  ')
                v_vlan = input ('Voice VLAN:  ')
                access_policy = input ('Access Policy [(O)pen, (S)ticky MAC ] required:  ')

                if access_policy == ('S'):
                    access_policy = 'Sticky MAC allow list'
                    mac_allowed_limit = input ('How many MAC Address Allowed: ')
                if access_policy == ('O'):
                    access_policy = "Open"
                    
                            
            if port_type == ('trunk'):
                native_vlan = input ('Native VLAN: ')
                v_allowed = input ('Allowed VLANs [1,3 or 1-3 or All]: ')
            
            
            poe_enabled = input ('PoE Enabled [True or False]:  ')


            response_update = {}
    
            if port_type == "access":
                if port_name: 
                    response_update["name"] = port_name
                if enable:
                    response_update["enabled"] = enable
                if port_type:
                    response_update["type"] = port_type
                if d_vlan:
                    response_update["vlan"] = d_vlan
                if v_vlan:
                    response_update["voiceVlan"] = v_vlan
                if rstp_enabled:
                    response_update["rstpEnabled"] = rstp_enabled
                if stp_guard:
                    response_update["stpGuard"] = stp_guard
                if access_policy:
                    #response_update["accessPolicyType"] = access_policy
                if sticky_mac_allowed:
                    response_update["stickyMacAllowList"] = sticky_mac_allowed
                if mac_allowed_limit:
                    response_update["stickyMacAllowListLimit"] = mac_allowed_limit
                if poe_enabled:
                    response_update["poeEnabled"] = poe_enabled
            
            if port_type == "trunk":
                if port_name: 
                    response_update["name"] = port_name
                if enable:
                    response_update["enabled"] = enable
                if port_type:
                    response_update["type"] = port_type
                if native_vlan:
                    response_update["vlan"] = native_vlan
                if v_allowed:
                    response_update["allowedVlans"] = v_allowed
                if rstp_enabled:
                   response_update["rstpEnabled"] = "True"
                if stp_guard:
                   response_update["stpGuard"] = "disabled"


            fields = response_update
            clearconsole()
            print (Fore.BLUE,Style.BRIGHT + '\n' + 'Here are the values you entered')
            print ('\n')
            for field in fields:
            
                print (Fore.YELLOW + f"{field}: " + Fore.WHITE + f"{response_update[field]}")
    
   
            validate = input ('\n' + 'Are all values correct [Y or N]:  ')
 

            if validate in {'Y', 'y'}:
                clearconsole()
                response = dashboard.switch.updateDeviceSwitchPort(serial, port_id,**response_update,)

                response = dashboard.switch.getDeviceSwitchPort(serial, port_id)

                fields = response_update

                print (Fore.GREEN,Style.BRIGHT + '\n' + 'Here are the New Settings: ' + '\n')

                for field in fields:
                    print (f"{field}: {response_update[field]}")

                input  ('\n' + 'Press Enter to return to Main Menu: ')

                main_menu()

            elif validate in {'N', 'n'}:
                clearconsole()
                input (Fore.MAGENTA + Style.BRIGHT + '\n' + 'Darn, Ok lets try this again, press Enter: ')
                #clearconsole()
                print (Fore.YELLOW,Style.BRIGHT +'\n' + 'Current Values:' + '\n')
            
                response = dashboard.switch.getDeviceSwitchPort(serial, port_id)
    
                fields = ['portId', 'name', 'enabled', 'poeEnabled', 'type', 'vlan', 'voiceVlan', 'allowedVlans', 'isolationEnabled', 'rstpEnabled', 'stpGuard', 'linkNegotiation']
    
                for field in fields:
                    print (f"{field}: {response[field]}")
                
                update_values()
            
            else:
                print ('You need to select Y or N!')
                restart = input ('Hit Enter!')
                if restart == "":
                    update_values()
            
            
        update_values()

.

sungod

General comment: it's called 'update', but the logic looks like...

prompt human for values - what if the human lies about the current port type?

call the update endpoint

Whereas, IMO more logical would be...

call get endpoint to get current elements and values

prompt human with current elements/values and option to change value

call update endpoint

eroche

So, you think showing each value individually and giving opportunity to update then sending the update right away will work? I am currently showing all the current values for the endpoint, going through each setting to have option to update, then adding to the dictionary, and finally updating the values on the device.

alemabrahao

In your update_values() function, you have this block.

if access_policy:
#response_update["accessPolicyType"] = access_policy

Even though it's commented out, if you uncomment it or if access_policy is set , it might still be included in the payload when updating a trunk port, which does not support access policies.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

eroche

thanks for reply

I just tried starting out with the port as a trunk then I was able to update the setting just fine. I guess if it is an access port it has the access_policy value. Weird.

eroche

it looks like as long as the access_policy is se to Open its fine so maybe I can hardcode the Open value

eroche

Hardcoding under the Trunk section worked. Like you said since it already had Sticky set it was passing that value

alemabrahao

I believe this is because when a port is set to access mode, the Meraki API expects an accessPolicyType field to be present. If this field is missing or mismatched, it can cause update errors. On the other hand, when the port is in trunk mode, the API rejects any access policy fields as they are not applicable.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Meraki

Community

Updating Trunk port settings and getting error

Updating Trunk port settings and getting error