The second type of policy configuration is the association or disassociation (add-device or remove-device) of a policy object to a device or list of devices.
Add device operation is similar to the policy incremental updates. Ensure that the addition of the policy is successful on all specified devcice or not installed on any devices. The transaction status is reported identically as described in the Policy Incremental Updates. The following output shows that the addition of .162 would have been “successful” but was rolled back due to the failure of .161.
Route Map details +---------------+---------+--------+-----------------+ | IP Address | Result | Reason | Rollback reason | +---------------+---------+--------+-----------------+ | 10.139.44.161 | Fail |Some Err| | +---------------+---------+--------+-----------------+ | 10.139.44.162 | Rollback| | | +---------------+---------+--------+-----------------+ Device Results
Remove device is considered “best effort”. If any one of the specified devices “fails” the transaction there is no action taken and the configuration is still removed from all other devices whether successful or not. Unlike increment rule deletes there is no pre-validation or restriction with respect to devices that contain OOB create rules. If a device contains OOB entries they are ignored by EFA and no attempt to delete the configuration form the device will be made. For device remove EFA only removes configuration from the device and it‘s internal DB for objects that EFA created.
The output of device addition and removal is identical to the output described in the Policy Incremental Updates. The following table depectis that the command was run for two devices to be removed. The device .161 failed for “Some Err”, the device may or may not still contain the configuration. However, the DB will still contain a mapping between the failed device and the specified policy object. Device .162 was successfully removed and the DB and Device no longer contains the original configuration.
Route Map details +---------------+---------+--------+-----------------+ | IP Address | Result | Reason | Rollback reason | +---------------+---------+--------+-----------------+ | 10.139.44.161 | Fail |Some Err| | +---------------+---------+--------+-----------------+ | 10.139.44.162 | Success | | | +---------------+---------+--------+-----------------+ Device Results