Policy Incremental Updates

The first type of configuration change is incremental updates to already provisioned objects, such as adding or removing rules or augmenting the contents within the rule (adding matches or sets). Ensure that the incremental update configuration is successful on all associated devices or not installed at all (rollback). In this scenario, following are the configuration output:

efa policy route-map-set create --name foo --rule seq[10],action[permit] --set-community 6550:125,internet,local-as 

+----------------+---------+--------+ 
| Route Map Name | Seq num | Action | 
+----------------+---------+--------+ 
| foo            | 10      | permit | 
+----------------+---------+--------+ 
Route Map details 
+---------------+---------+--------+-----------------+ 
|  IP Address   | Result  | Reason | Rollback reason | 
+---------------+---------+--------+-----------------+ 
| 10.139.44.161 | Failed  |Some Err|                 | 
+---------------+---------+--------+-----------------+ 
| 10.139.44.162 | Rollback|        |                 | 
+---------------+---------+--------+-----------------+ 
Device Results 
--- Time Elapsed: 10.33886575s ---

In the above output, the configuration failed on .161 but was successful on .162. However, since the policy change was unsuccessful on .161 the configuration is rolled back on .162. The Result of “rollback” indicates that the configuration was or is compatible with the configured device. It is possible that during the “Rollback” operation the configuration or Unprovisioning action fails. In this scenario the Result will also be designated as “fail” but the cause of the failure, ie err message, will be contained ikn the “Rollback reason column”.

When performing “remove updates” on content within a policy the command is pre-validated to ensure none of the specified rules are not managed by EFA (EFA will not delete any policy information created Out of Band by the users). In this scenario, the CLI is errored out without proceeding to remove configiguration from device or EFA DB. When the error is encountered, the user can either: