Introduce 3 new fields in Capirca Arista TP generator to enable traffic policing actions:

- police_kbps generates `police rate <kbps> kbps` action
- police_burst generates `police rate <kbps> kbps burst-size <bytes>` option, which specifies burst size in bytes. Not supported without police_kbps.
- police_pps generates `police rate <pps> pps` action.

PiperOrigin-RevId: 740067310

Author: Capirca Team

capirca/lib/arista_tp.py

@@ -372,13 +372,16 @@ def __str__(self):
     current_action = self._ACTIONS.get(self.term.action[0])
     # non-permit/drop actions should be added here
     has_extra_actions = (
-        self.term.logging or
-        self.term.counter or
-        self.term.dscp_set or
-        self.term.traffic_class or
-        self.term.next_hop_group or
-        self.term.next_interface
-        )
+        self.term.logging
+        or self.term.counter
+        or self.term.dscp_set
+        or self.term.traffic_class
+        or self.term.police_kbps
+        or self.term.police_burst
+        or self.term.police_pps
+        or self.term.next_hop_group
+        or self.term.next_interface
+    )
 
     # if !accept - generate an action statement
     # if accept and there are extra actions generate an actions statement
@@ -417,6 +420,46 @@ def __str__(self):
             f"set traffic class {self.term.traffic_class}",
             False,
         ])
+      if self.term.police_kbps and self.term.police_pps:
+        logging.warning(
+            "WARNING: term %s uses police_pps and police_kbps."
+            "Only one of these options can be used.",
+            self.term.name,
+        )
+      elif self.term.police_burst and self.term.police_pps:
+        logging.warning(
+            "WARNING: term %s uses police_burst, "
+            "which is not supported with police_pps.",
+            self.term.name,
+        )
+      elif self.term.police_burst and not self.term.police_kbps:
+        logging.warning(
+            "WARNING: term %s uses police_burst option but not police_kbps. "
+            "police_burst will not be added.",
+            self.term.name,
+        )
+      elif self.term.police_kbps and self.term.police_burst:
+        term_block.append([
+            ACTION_INDENT,
+            (
+                f"police rate {self.term.police_kbps} kbps burst-size"
+                f" {self.term.police_burst}"
+            ),
+            False,
+        ])
+      elif self.term.police_kbps:
+        term_block.append([
+            ACTION_INDENT,
+            f"police rate {self.term.police_kbps} kbps",
+            False,
+        ])
+      elif self.term.police_pps:
+        term_block.append([
+            ACTION_INDENT,
+            f"police rate {self.term.police_pps} pps",
+            False,
+        ])
+
 
       if self.term.next_hop_group:
         term_block.append([
@@ -718,13 +761,41 @@ def _BuildTokens(self):
     supported_tokens, supported_sub_tokens = super()._BuildTokens()
 
     supported_tokens |= {
-        "action", "comment", "counter", "destination_address",
-        "destination_address_exclude", "destination_port", "destination_prefix",
-        "dscp_set", "expiration", "fragment_offset", "hop_limit", "icmp_code",
-        "icmp_type", "logging", "name", "option", "owner", "packet_length",
-        "platform", "platform_exclude", "port", "protocol", "protocol_except",
-        "source_address", "source_address_exclude", "source_port", "source_prefix",
-        "traffic_class", "ttl", "verbatim", "next_hop_group", "next_interface"
+        "action",
+        "comment",
+        "counter",
+        "destination_address",
+        "destination_address_exclude",
+        "destination_port",
+        "destination_prefix",
+        "dscp_set",
+        "expiration",
+        "fragment_offset",
+        "hop_limit",
+        "icmp_code",
+        "icmp_type",
+        "logging",
+        "name",
+        "option",
+        "owner",
+        "packet_length",
+        "platform",
+        "platform_exclude",
+        "port",
+        "protocol",
+        "protocol_except",
+        "police_burst",
+        "police_kbps",
+        "police_pps",
+        "source_address",
+        "source_address_exclude",
+        "source_port",
+        "source_prefix",
+        "traffic_class",
+        "ttl",
+        "verbatim",
+        "next_hop_group",
+        "next_interface"
     }
     supported_sub_tokens.update({
         "option": {

capirca/lib/policy.py

@@ -366,6 +366,9 @@ class Term:
     pan-application: VarType.PAN_APPLICATION
     policer: VarType.POLICER
     priority: VarType.PRIORITY
+    police_kbps: VarType.POLICE_KBPS
+    police_burst: VarType.POLICE_BURST
+    police_pps: VarType.POLICE_PPS
     destination-zone: VarType.DZONE
     source-service-accounts: VarType.SOURCE_SERVICE_ACCOUNTS
     target-service-accounts: VarType.TARGET_SERVICE_ACCOUNTS
@@ -466,6 +469,9 @@ def __init__(self, obj):
     self.owner = None
     self.policer = None
     self.port = []
+    self.police_kbps = None
+    self.police_burst = None
+    self.police_pps = None
     self.precedence = []
     self.protocol = []
     self.protocol_except = []
@@ -870,6 +876,12 @@ def __str__(self):
       ret_str.append('  log_name: %s' % self.log_name)
     if self.priority:
       ret_str.append('  priority: %s' % self.priority)
+    if self.police_kbps:
+      ret_str.append('  police_kbps: %s' % self.police_kbps)
+    if self.police_burst:
+      ret_str.append('  police_burst: %s' % self.police_burst)
+    if self.police_pps:
+      ret_str.append('  police_pps: %s' % self.police_pps)
     if self.counter:
       ret_str.append('  counter: %s' % self.counter)
     if self.traffic_class_count:
@@ -978,6 +990,18 @@ def __eq__(self, other):
     if self.policer != other.policer:
       return False
 
+    # police_kbps
+    if self.police_kbps != other.police_kbps:
+      return False
+
+    # police_burst
+    if self.police_burst != other.police_burst:
+      return False
+
+    # police_pps
+    if self.police_pps != other.police_pps:
+      return False
+
     # interface
     if self.source_interface != other.source_interface:
       return False
@@ -1372,6 +1396,12 @@ def AddObject(self, obj):
       # police man, tryin'a take you jail
       elif obj.var_type is VarType.POLICER:
         self.policer = obj.value
+      elif obj.var_type is VarType.POLICE_KBPS:
+        self.police_kbps = int(obj.value)
+      elif obj.var_type is VarType.POLICE_BURST:
+        self.police_burst = int(obj.value)
+      elif obj.var_type is VarType.POLICE_PPS:
+        self.police_pps = int(obj.value)
       elif obj.var_type is VarType.PRIORITY:
         self.priority = obj.value
       # qos?
@@ -1771,6 +1801,9 @@ class VarType:
   TRAFFIC_CLASS = 70
   NEXT_HOP_GROUP = 71
   NEXT_INTERFACE = 72
+  POLICE_KBPS = 73
+  POLICE_BURST = 74
+  POLICE_PPS = 75
 
   def __init__(self, var_type, value):
     self.var_type = var_type
@@ -1980,6 +2013,9 @@ def __ne__(self, other):
     'PLATFORM',
     'PLATFORMEXCLUDE',
     'POLICER',
+    'POLICE_KBPS',
+    'POLICE_BURST',
+    'POLICE_PPS',
     'PORT',
     'PORT_MIRROR',
     'PRECEDENCE',
@@ -2069,6 +2105,9 @@ def __ne__(self, other):
     'platform': 'PLATFORM',
     'platform-exclude': 'PLATFORMEXCLUDE',
     'policer': 'POLICER',
+    'police-kbps': 'POLICE_KBPS',
+    'police-burst': 'POLICE_BURST',
+    'police-pps': 'POLICE_PPS',
     'port': 'PORT',
     'port-mirror': 'PORT_MIRROR',
     'precedence': 'PRECEDENCE',
@@ -2264,6 +2303,9 @@ def p_term_spec(p):
   | term_spec platform_spec
   | term_spec policer_spec
   | term_spec port_spec
+  | term_spec police_kbps_spec
+  | term_spec police_burst_spec
+  | term_spec police_pps_spec
   | term_spec port_mirror_spec
   | term_spec precedence_spec
   | term_spec priority_spec
@@ -2620,6 +2662,21 @@ def p_policer_spec(p):
   p[0] = VarType(VarType.POLICER, p[4])
 
 
+def p_police_kbps_spec(p):
+  """police_kbps_spec : POLICE_KBPS ':' ':' INTEGER"""
+  p[0] = VarType(VarType.POLICE_KBPS, p[4])
+
+
+def p_police_burst_spec(p):
+  """police_burst_spec : POLICE_BURST ':' ':' INTEGER"""
+  p[0] = VarType(VarType.POLICE_BURST, p[4])
+
+
+def p_police_pps_spec(p):
+  """police_pps_spec : POLICE_PPS ':' ':' INTEGER"""
+  p[0] = VarType(VarType.POLICE_PPS, p[4])
+
+
 def p_logging_spec(p):
   """logging_spec : LOGGING ':' ':' STRING"""
   p[0] = VarType(VarType.LOGGING, p[4])

capirca/lib/policy_simple.py

@@ -256,6 +256,18 @@ class Policer(Field):
   """A rate-limit-icmp field."""
 
 
+class PoliceKbps(Field):
+  """A police-kbps field."""
+
+
+class PoliceBurst(Field):
+  """A police-burst field."""
+
+
+class PolicePps(Field):
+  """A police-pps field."""
+
+
 class PortMirror(Field):
   """A port-mirror field."""
 
@@ -376,6 +388,9 @@ class Vpn(Field):
     'platform': Platform,
     'platform-exclude': PlatformExclude,
     'policer': Policer,
+    'police-kbps': PoliceKbps,
+    'police-burst': PoliceBurst,
+    'police-pps': PolicePps,
     'port': Port,
     'port-mirror': PortMirror,
     'precedence': Precedence,