packages/SdnDiagnostics.4.2509.15.1832/modules/Test-SdnExpressBgp.psm1
|
# -------------------------------------------------------------- # Copyright © Microsoft Corporation. All Rights Reserved. # Microsoft Corporation (or based on where you live, one of its affiliates) licenses this sample code for your internal testing purposes only. # Microsoft provides the following sample code AS IS without warranty of any kind. The sample code arenot supported under any Microsoft standard support program or services. # Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. # The entire risk arising out of the use or performance of the sample code remains with you. # In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the code be liable for any damages whatsoever # (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) # arising out of the use of or inability to use the sample code, even if Microsoft has been advised of the possibility of such damages. # --------------------------------------------------------------- # BGP-4 implementation # RFCs: # RFC 4271 BGP-4 # RFC 3392 Capabilities Advertisement with BGP-4 # RFC 2918 Route Refresh for BGP-4 # Slightly implemented (extra data shouldn't break): # RFC 4760 Multiprotocol Extensions for BGP-4 # TODO: # Detect RAS BGP, temporarily disable with -force. # Usage Examples: # # computer already has NIC: # Test-SdnExpressBGP -RouterIPAddress 10.10.182.3 -LocalIPAddress 10.10.182.7 -LocalASN 64628 -verbose -ComputerName sa18n22mux02 # computer does not have NIC: # $h = New-SdnExpressBGPHost -computername sa18n22-2 -localipaddress "10.10.182.20" -prefixlength 26 -vlanid 11 # $h | Test-SdnExpressBGP -RouterIPAddress "10.10.182.3" -LocalASN 64628 # $h | Remove-SdnExpressBGPHost function GetBGPPathAttributeType { param( [int] $code ) if ($code -lt $BGP_PATH_ATTRIBUTE_TYPES.count) { return $BGP_PATH_ATTRIBUTE_TYPES[$code] } else { return "$code" } } function CapabilityCodeLookup { param( [int] $code ) switch ($code) { 0 { return "Reserved" } 1 { return "Multiprotocol Extensions for BGP-4" } 2 { return "Route Refresh Capability for BGP-4" } 3 { return "Outbound Route Filtering Capability" } 4 { return "Multiple routes to a destination capability (deprecated)" } 5 { return "Extended Next Hop Encoding" } 6 { return "BGP Extended Message" } 7 { return "BGPsec Capability" } 8 { return "Multiple Labels Capability" } 9 { return "BGP Role (TEMPORARY)" } { $_ -in 10..63 } { return "Unassigned" } 64 { return "Graceful Restart Capability" } 65 { return "Support for 4-octet AS number capability" } 66 { return "Deprecated" } 67 { return "Support for Dynamic Capability (capability specific)" } 68 { return "Multisession BGP Capability" } 69 { return "ADD-PATH Capability" } 70 { return "Enhanced Route Refresh Capability" } 71 { return "Long-Lived Graceful Restart (LLGR) Capability" } 72 { return "Routing Policy Distribution" } 73 { return "FQDN Capability" } { $_ -in 74..127 } { return "Unassigned" } 128 { return "Prestandard Route Refresh (deprecated)" } 129 { return "Prestandard Outbound Route Filtering (deprecated)" } 130 { return "Prestandard Outbound Route Filtering (deprecated)" } 131 { return "Prestandard Multisession (deprecated)" } { $_ -in 132..183 } { return "Unassigned" } 184 { return "Prestandard FQDN (deprecated)" } 185 { return "Prestandard OPERATIONAL message (deprecated)" } { $_ -in 186..238 } { return "Unassigned" } { $_ -in 239..254 } { return "Reserved for Experimental Use" } 255 { return "Reserved" } } } function GetBytes { param( [byte[]] $bytes, [int] $offset, [int] $count ) return $bytes[$offset..($offset + $count - 1)] } function GetInt32 { param( [byte[]] $bytes, [int] $offset ) return [System.Int64]($bytes[$offset] * [Math]::pow(2, 24)) + ($bytes[$offset + 1] * [Math]::pow(2, 16)) + ($bytes[$offset + 2] * [Math]::pow(2, 8)) + $bytes[$offset + 3] } function GetInt16 { param( [byte[]] $bytes, [int] $offset ) return [Int]($bytes[$offset] * 256) + $bytes[$offset + 1] } function GetInt8 { param( [byte[]] $bytes, [int] $offset ) return [Int]$bytes[$offset] } function SetInt8 { param( [byte[]] $bytes, [int] $offset, [int] $value ) $bytes[$offset] = $value return $bytes } function SetInt16 { param( [byte[]] $bytes, [int] $offset, [int] $value ) $bytes[$offset] = [byte](($value -shr 8) -band [Byte] 0xFF) $bytes[$offset + 1] = [byte]( $value -band [Byte] 0xFF) return $bytes } function SetInt32 { param( [byte[]] $bytes, [int] $offset, [int] $value ) $bytes[$offset] = $value -band 0xFF $bytes[$offset + 1] = ($value -shr 8) -band 0xFF $bytes[$offset + 2] = ($value -shr 16) -band 0xFF $bytes[$offset + 3] = ($value -shr 24) -band 0xFF return $bytes } function AddInt8 { param( [byte[]] $bytes, [int] $value ) $bytes += [byte] $value return $bytes } function AddInt16 { param( [byte[]] $bytes, [int] $value ) $bytes += [byte] (($value -shr 8) -band [byte] 0xFF) $bytes += [byte] ($value -band [byte] 0xFF) return $bytes } function AddInt32 { param( [byte[]] $bytes, [System.Int64] $value ) $bytes += [byte]($value -band [byte]0xFF) $bytes += [byte](($value -shr 8) -band [byte]0xFF) $bytes += [byte](($value -shr 16) -band [byte]0xFF) $bytes += [byte](($value -shr 24) -band [byte]0xFF) return $bytes } function Get-BGPHeader { param( [byte[]] $bytes ) $header = @{} $header.Marker = GetBytes $bytes $BGP_HEADER_MARKER_OFFSET 16 $header.Length = GetInt16 $bytes $BGP_HEADER_LENGTH_OFFSET $header.Type = $BGP_TYPES[(GetInt8 $bytes $BGP_HEADER_TYPE_OFFSET)] return $header } function New-BGPOpen { [byte[]] $bytes = @() for ($i = 0; $i -lt 16; $i++) { $bytes += [byte] 0xFF } $bytes = AddInt16 $bytes 0 $bytes = AddInt8 $bytes 1 #OPEN $bytes = AddInt8 $bytes 4 $bytes = AddInt16 $bytes $LocalASN #64628 $bytes = AddInt16 $bytes 180 $bytes = AddInt32 $bytes (([IPAddress] $localIPAddress).Address) #Uncomment if no optional params: #$bytes = AddInt8 $bytes 0 #opt parms - hardcoded for now to include: $bytes = AddInt8 $bytes 12 #opt params len $bytes = AddInt8 $bytes 2 #type: capability code $bytes = AddInt8 $bytes 10 #len # 1 - Multiprotocol extensions for BGP-4: 0101 $bytes = AddInt8 $bytes 1 #capability code $bytes = AddInt8 $bytes 4 #len $bytes = AddInt8 $bytes 0 $bytes = AddInt8 $bytes 1 $bytes = AddInt8 $bytes 0 $bytes = AddInt8 $bytes 1 # 2 - Route Refresh Capability for BGP-4 $bytes = AddInt8 $bytes 2 #capability code $bytes = AddInt8 $bytes 0 #len # 128 - Prestandard Route Refresh (deprecated) $bytes = AddInt8 $bytes 128 #capability code $bytes = AddInt8 $bytes 0 #len $bytes = SetInt16 $bytes $BGP_HEADER_LENGTH_OFFSET (29 + (GetInt8 $bytes $BGP_OPEN_OPTPARMLEN_OFFSET)) return $bytes } function New-BGPKeepalive { [byte[]] $bytes = @() for ($i = 0; $i -lt 16; $i++) { $bytes += [byte] 0xFF } $bytes = AddInt16 $bytes 19 $bytes = AddInt8 $bytes 4 #KEEPALIVE return $bytes } function Get-BGPUpdate { param( [byte[]] $bytes ) $update = @{} $TotalLen = GetInt16 $bytes $BGP_HEADER_LENGTH_OFFSET $WithdrawnRoutesLen = GetInt16 $bytes $BGP_UPDATE_WITHDRAWN_OFFSET $PathAttributesLen = GetInt16 $bytes ($BGP_UPDATE_WITHDRAWN_OFFSET + $withdrawnRoutesLen + 2) $NetworkLayerLen = $TotalLen - 23 - $PathAttributesLen - $WithdrawnRoutesLen $WithdrawnRoutesStart = $BGP_UPDATE_WITHDRAWN_OFFSET $PathAttributesStart = $WithdrawnRoutesStart + 2 + $WithdrawnRoutesLen $NetworkLayerStart = $PathAttributesStart + 2 + $PathAttributesLen Write-Verbose "Total length: $TotalLen" Write-Verbose "Withdrawn routes start: $WithdrawnRoutesStart" Write-Verbose "Withdrawn routes len: $WithdrawnRoutesLen" Write-Verbose "Path Attributes start: $PathAttributesStart" Write-Verbose "Path Attributes len: $PathAttributesLen" Write-Verbose "Network Layer start: $NetworkLayerStart" Write-Verbose "Network Layer len: $NetworkLayerLen" Write-Verbose "Parsing Withdrawn Routes" $update.WithdrawnRoutes = @() $index = $WithdrawnRoutesStart + 2 while ($index -lt $PathAttributesStart) { $PrefixBits = GetInt8 $bytes $index $PrefixBytes = [math]::ceiling($PrefixBits / 8) if ($PrefixBytes -gt 0) { $subnetBytes = GetBytes $bytes ($index + 1) $PrefixBytes for ($i = $PrefixBytes; $i -lt 4; $i++) { $subnetBytes += 0 } $subnet = ([ipaddress] [byte[]]$subnetBytes).ipaddresstostring $update.WithdrawnRoutes += "$subnet/$prefixBits" } else { $update.WithdrawnRoutes += "0.0.0.0/0" } $index += $PrefixBytes + 1 } Write-Verbose "Parsing Path Attributes" $update.PathAttributes = @() $index = $PathAttributesStart + 2 while ($index -lt $NetworkLayerStart) { $PA = @{} $AttrFlags = GetInt8 $bytes ($index) $PA.Optional = [bool]($AttrFlags -band 128) $PA.Transitive = [bool]($AttrFlags -band 64) $PA.Partial = [bool]($AttrFlags -band 32) $PA.ExtendedLength = [bool]($AttrFlags -band 16) $PA.AttrType = GetBGPPathAttributeType(GetInt8 $bytes ($index + 1)) if ($PA.ExtendedLength) { $AttrLen = GetInt16 $bytes ($index + 2) $AttrLenLen = 2 } else { $AttrLen = GetInt8 $bytes ($index + 2) $AttrLenLen = 1 } switch ($PA.AttrType) { "ORIGIN" { $PA.Value = $BGP_PATH_ATTRIBUTE_ORIGIN_VALUE[(GetInt8 $bytes ($index + 2 + $AttrLenLen))] } "AS_PATH" { $PA.ASPath = @() $pathindex = 0 while ($pathindex -lt $AttrLen) { $AttrValue = @{} $AttrValue.PathSegmentType = $BGP_PATH_ATTRIBUTE_AS_PATH_SEGMENT_TYPE[(GetInt8 $bytes ($index + $pathindex + 2 + $AttrLenLen))] $ASPaths = GetInt8 $bytes ($index + $pathindex + 4) $ASIndex = 0 $AttrValue.ASes = @() while ($ASIndex -lt $ASPaths) { $AttrValue.ASes += GetInt16 $bytes ($index + $pathindex + 4 + $AttrLenLen + $ASIndex * 2) $ASIndex += 1 } $PA.ASPath += $AttrValue $PathIndex += 2 + $ASPaths * 2 } #<path segment type (1oct), path segment length (1oct), path segment value> #types: 1 AS_SET, 2 AS_SEQUENCE #value: set of ASes (Int16 ea) } "NEXT_HOP" { $PA.NextHop = ([ipaddress] (GetInt32 $bytes ($index + 2 + $AttrLenLen))).ipaddresstostring } { $_ -in "MULTI_EXIT_DISC", "LOCAL_PREF" } { $PA.Value = (GetInt32 $bytes ($index + 2 + $AttrLenLen)) } "ATOMIC_AGGREGATE" { #Intentionally blank, no Attr Value } "AGGREGATOR" { $PA.AS = (GetInt16 $bytes ($index + 2 + $AttrLenLen)) $PA.IPAddress = ([ipaddress] (GetInt32 $bytes ($index + 4 + $AttrLenLen))).ipaddresstostring } default { $PA.AttrValue = GetBytes $Bytes ($index + 2 + $AttrLenLen) $AttrLen } } $update.PathAttributes += $PA $index += $AttrLen + 2 + $AttrLenLen } Write-Verbose "Parsing Network Layer Reachability" $update.Prefixes = @() $index = $NetworkLayerStart while ($index -lt $TotalLen) { $PrefixBits = GetInt8 $bytes $index $PrefixBytes = [math]::ceiling($PrefixBits / 8) if ($PrefixBytes -gt 0) { $subnetBytes = GetBytes $bytes ($index + 1) $PrefixBytes for ($i = $PrefixBytes; $i -lt 4; $i++) { $subnetBytes += 0 } $subnet = ([ipaddress] [byte[]]$subnetBytes).ipaddresstostring $update.Prefixes += "$subnet/$prefixBits" } else { $update.Prefixes += "0.0.0.0/0" } $Index += $PrefixBytes + 1 } return $update } function Get-BGPOpen { param( [byte[]] $bytes ) $open = @{} $open.Version = GetInt8 $bytes $BGP_OPEN_VERSION_OFFSET $open.AS = GetInt16 $bytes $BGP_OPEN_AS_OFFSET $open.HoldTime = GetInt16 $bytes $BGP_OPEN_HOLDTIME_OFFSET $open.BGPID = ([ipaddress] (GetInt32 $bytes $BGP_OPEN_BGPID_OFFSET)).ipaddresstostring $OptParmLen = GetInt8 $bytes $BGP_OPEN_OPTPARMLEN_OFFSET if ($optParmLen -gt 0) { $OptParms = GetBytes $bytes $BGP_OPEN_OPTPARM_OFFSET $OptParmLen $open.OptParams = @() $index = 0 while ($index -lt $OptParmLen) { $newparam = @{} $newparamType = GetInt8 $OptParms ($index) $newparam.Type = $BGP_OPEN_OPTPARAM_TYPES[$newparamType] $newparamLength = GetInt8 $OptParms ($index + 1) $ParmValue = GetBytes $OptParms ($index + 2) ($newparamLength) $newparam.values = @() if ($newparamType -eq 2) { $capindex = 0 while ($capindex -lt $newparamlength) { $newcap = @{} $newcap.Code = CapabilityCodeLookup (GetInt8 $ParmValue ($capindex)) $newcapLength = GetInt8 $ParmValue ($capindex + 1) if ($newcaplength -gt 0) { $newcap.value = GetBytes $ParmValue ($capindex + 2) ($newcaplength) } $newparam.values += $newcap $capindex += $newcapLength + 2 } } $open.OptParams += $newparam $index += $newparamLength + 2 } } return $open } function Get-BGPNotification { param( [byte[]] $bytes ) $notification = @{} $notification.ErrorCode = $BGP_ERROR_CODES[(GetInt8 $bytes $BGP_NOTIFICATION_CODE_OFFSET)] if ((GetInt8 $bytes $BGP_NOTIFICATION_CODE_OFFSET) -eq 1) { #Message $notification.ErrorSubcode = $BGP_ERROR_SUBCODE_MESSAGE[(GetInt8 $bytes $BGP_NOTIFICATION_SUBCODE_OFFSET)] } elseif ((GetInt8 $bytes $BGP_NOTIFICATION_CODE_OFFSET) -eq 2) { #OPEN $notification.ErrorSubcode = $BGP_ERROR_SUBCODE_OPEN[(GetInt8 $bytes $BGP_NOTIFICATION_SUBCODE_OFFSET)] } elseif ((GetInt8 $bytes $BGP_NOTIFICATION_CODE_OFFSET) -eq 6) { #CEASE $notification.ErrorSubcode = $BGP_ERROR_SUBCODE_CEASE[(GetInt8 $bytes $BGP_NOTIFICATION_SUBCODE_OFFSET)] } else { $notification.ErrorSubcode = GetInt8 $bytes $BGP_NOTIFICATION_SUBCODE_OFFSET } $notification.Data = GetInt16 $bytes $BGP_NOTIFICATION_DATA_OFFSET ((GetInt16 $bytes $BGP_HEADER_LENGTH_OFFSET) - 21) return $notification } function Set-BGPState { param( [BGPState] $State ) Write-Verbose "BGP state change from $($Script:BGPState) to $State" $Script:bgpState = $State } function Get-BGPState { return $Script:bgpState } enum BGPOptParamType { Authentication Capabilities } enum BGPState { Idle Connect Active OpenSent OpenConfirm Established Custom } enum BGPOrigin { EGP IGP Incomplete } class BGPCapability { [String] $Code [byte[]] $Value [string]ToString() { return ($this.code) } } class BGPOptParam { [BGPOptParamType] $Type [BGPCapability[]] $Capabilities [string]ToString() { return ($this.type) } } class BGPPath { [string] $prefix [string] $NextHop [Int32[]] $Path [String] $LocPrf [Int32] $Metric [BGPOrigin] $Origin [string]ToString() { return ($this.prefix) } } class BGPPeer { [string] $LocalIPAddress [int32] $LocalAS [string] $RouterIPAddress [int32] $RouterAS [int16] $HoldTime [int16] $Version [string] $BGPID [BGPState] $State [BGPOptParam[]] $OptParams [BGPPath[]] $Routes } class BGPHost { [string] $ComputerName [string] $LocalIPAddress } function New-SdnExpressBGPHost { [CmdletBinding()] param( [String] $ComputerName = "localhost", [string] $SwitchName = "", [String] $LocalIPAddress, [Int32] $PrefixLength, [Int32] $VLANID = 0 ) #TODO: remember gateway parameter and during test add /32 route only if needed #TODO: test for hyper-v and Hyper-v powershell PS if ([String]::IsNullorEmpty($ComputerName) ) { Write-Verbose "Running locally." $Session = @{} } else { Write-Verbose "Running on $ComputerName." $Session = @{ session = new-pssession -computername $ComputerName } } Invoke-Command @session -ArgumentList $SwitchName, $LocalIPAddress, $PrefixLength, $VLANID { param( [string] $SwitchName, [String] $LocalIPAddress, [Int32] $PrefixLength, [Int32] $VLANID ) if ([string]::IsNullOrEmpty($SwitchName)) { $vmswitch = Get-vmswitch if ($null -ieq $vmswitch) { throw "No virtual switch found." } if ($vmswitch.count -gt 1) { throw "Hyper-V host contains more than one virtual switch. Use SwitchName parameter to select a virtual switch." } $SwitchName = $vmswitch.name } Get-vmnetworkadapter -managementos -Name BGP -erroraction silentlycontinue | remove-vmnetworkadapter Add-vmnetworkadapter -ManagementOS -SwitchName $SwitchName -Name "BGP" | out-null Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdaptername "BGP" -VlanId $VLANID -Access | out-null Set-NetIPInterface -InterfaceAlias "vEthernet (BGP)" -Dhcp Disabled | out-null Set-dnsclient -InterfaceAlias "vEthernet (BGP)" -RegisterThisConnectionsAddress $False | out-null new-NetIPAddress -IPAddress $LocalIPAddress -InterfaceAlias "vEthernet (BGP)" -PrefixLength $PrefixLength | out-null } $BGPHost = [BGPHost]::New() $BGPhost.Computername = $ComputerName $BGPhost.LocalIPAddress = $LocalIPAddress return $BGPHost } function Remove-SdnExpressBGPHost { [CmdletBinding()] param( [string] $ComputerName = $null, [Parameter(Mandatory = $false, ValueFromPipeline = $true)] [BGPHost] $BGPHost = $null ) if ($BGPHost) { $computername = $BGPHost.ComputerName } if ([String]::IsNullorEmpty($Computername) ) { Write-Verbose "Running locally." $Session = @{} } else { Write-Verbose "Running on $ComputerName." $Session = @{ session = new-pssession -computername $ComputerName } } Invoke-Command @session { Get-vmnetworkadapter -managementos -Name BGP -erroraction silentlycontinue | remove-vmnetworkadapter } } function Test-SdnExpressBGP { [CmdletBinding()] param( [String] $RouterIPAddress, [String] $LocalIPAddress, [String] $LocalASN, [int32] $Wait = 3, [String] $ComputerName = "localhost", [Switch] $force, [Parameter(Mandatory = $false, ValueFromPipeline = $true)] [BGPHost] $BGPHost = $null ) if ($BGPHost) { $ComputerName = $BGPHost.ComputerName $LocalIPAddress = $BGPHost.LocalIPAddress } if ([String]::IsNullorEmpty($Computername) ) { Write-Verbose "Running locally." $Session = @{} } else { Write-Verbose "Running on $ComputerName." $Session = @{ session = new-pssession -computername $ComputerName } } $BGP_HEADER_LEN = 19 $BGP_HEADER_MARKER_OFFSET = 0 $BGP_HEADER_LENGTH_OFFSET = 16 $BGP_HEADER_TYPE_OFFSET = 18 $BGP_TYPES = @("", "OPEN", "UPDATE", "NOTIFICATION", "KEEPALIVE", "ROUTEREFRESH") $BGP_OPEN_VERSION_OFFSET = $BGP_HEADER_LEN + 0 $BGP_OPEN_AS_OFFSET = $BGP_HEADER_LEN + 1 $BGP_OPEN_HOLDTIME_OFFSET = $BGP_HEADER_LEN + 3 $BGP_OPEN_BGPID_OFFSET = $BGP_HEADER_LEN + 5 $BGP_OPEN_OPTPARMLEN_OFFSET = $BGP_HEADER_LEN + 9 $BGP_OPEN_OPTPARM_OFFSET = $BGP_HEADER_LEN + 10 $BGP_OPEN_OPTPARAM_TYPES = @("", "Authentication (deprecated)", "Capabilities") $BGP_ERROR_CODES = @("", "Message Header Error", "OPEN Message Error", "UPDATE Message Error", "Hold Timer Expired", "Finite State Machine Error", "Cease") $BGP_ERROR_SUBCODE_MESSAGE = @("", "Connection Not Synchronized.", "Bad Message Length.", "Bad Message Type.") $BGP_ERROR_SUBCODE_OPEN = @("", "Unsupported Version Number.", "Bad Peer AS.", "Bad BGP Identifier.", "Unsupported Optional Parameter.", "5 [Deprecated]", "Unacceptable Hold Time.") $BGP_ERROR_SUBCODE_CEASE = @("", "Maximum Number of Prefixes Reached.", "Administrative Shutdown.", "Peer De-configured.", "Administrative Reset.", "Connection Rejected.", "Other Configuration Change.", "Connection Collision Resolution.", "Out of Resources.") $BGP_NOTIFICATION_CODE_OFFSET = $BGP_HEADER_LEN + 0 $BGP_NOTIFICATION_SUBCODE_OFFSET = $BGP_HEADER_LEN + 1 $BGP_NOTIFICATION_DATA_OFFSET = $BGP_HEADER_LEN + 2 $BGP_UPDATE_WITHDRAWN_OFFSET = $BGP_HEADER_LEN $BGP_PATH_ATTRIBUTE_TYPES = @("", "ORIGIN", "AS_PATH", "NEXT_HOP", "MULTI_EXIT_DISC", "LOCAL_PREF", "ATOMIC_AGGREGATE", "AGGREGATOR") $BGP_PATH_ATTRIBUTE_ORIGIN_VALUE = @("IGP", "EGP", "INCOMPLETE") $BGP_PATH_ATTRIBUTE_AS_PATH_SEGMENT_TYPE = @("", "AS_SET", "AS_SEQUENCE") [BGPState] $Script:bgpState = [BGPState]::Idle Set-BGPState Idle $Results = [BGPPeer]::new() $results.LocalIPAddress = $LocalIPAddress $results.LocalAS = $LocalASN $results.RouterIPAddress = $RouterIPAddress try { Write-Verbose "Attempting BGP connection from $localIPAddress to $RouterIPAddress" Invoke-Command @Session -argumentlist $LocalIPAddress,$RouterIPAddress,$wait,$force { param( $LocalIPAddress, $RouterIPAddress, $wait, $force ) $port = "179" $RestoreMuxState = $false $mux = Get-Service -Name 'SlbMux' -ErrorAction SilentlyContinue if ($mux) { $muxstartup = $mux.starttype $muxstatus = $mux.status if (($muxstatus -ne "Stopped") -or ($Muxstartup -ne "Disabled")) { if ($force) { $RestoreMuxState = $true Set-Service -Name 'SlbMux' -StartupType Disabled Stop-Service -Name 'SlbMux' } else { throw "SLB Mux service is active. Use -force to temporarily disable it during test." } } } else { $muxStatus = $null } $IPEndpoint = New-object System.Net.IPEndPoint([IPAddress]$LocalIPAddress, 0) try { $tcp = New-Object System.Net.Sockets.TcpClient($IPEndpoint) } catch { throw "Local IP address $LocalIPAddress not found on computer $(hostname)." } try { $tcp.Connect($routerIPAddress, $Port) } catch { throw "BGP Listener not found at RouterIPAddress $RouterIPAddress." } $tcpstream = $tcp.GetStream() $reader = New-Object System.IO.BinaryReader($tcpStream) $writer = New-Object System.IO.BinaryWriter($tcpStream) $reader.BaseStream.ReadTimeout = $Wait * 1000 } Set-BGPState -State Connect $IsConnected = Invoke-Command @Session { $tcp.connected } if ($IsConnected) { Write-Verbose "BGP Connection Initiated." #Send OPEN $chars = new-BGPOpen Write-Verbose "Sending BGP OPEN" Write-Verbose "Write bytes[$($chars.count)] $chars" Invoke-Command @Session -argumentlist (, $chars) { param( [byte[]] $chars ) $writer.Write([byte[]]$chars) $writer.Flush() } Write-Verbose "Write complete." Set-BGPState OpenSent Write-Verbose "Entering read loop." do { try { $chars = Invoke-Command @Session { try { $chars = @() $chars = @($reader.Readbyte()) while (($reader.PeekChar() -ne -1) -or ($tcp.Available)) { $chars += $reader.Readbyte() } return $chars } catch { #return @() if ($_.Exception.InnerException.InnerException.NativeErrorCode -eq 10060) { #timedout throw "Timeout" } else { throw $_ } } } } catch { Write-Verbose "Caught. $($_)" if ($_.exception.Message -eq "Timeout") { #timedout NativeErrorCode 10060 if (!$bytesRemain) { Write-Verbose "Timeout, no updates recieved within $Wait seconds. Exiting." break } } else { $err = "Connection closed. BGP active at routerIPAddress, but session rejected by remote based on localIPAddress." Write-Verbose $err Set-BGPState Idle throw $err } } $bytesRemain = $chars.count while ($bytesremain -gt 0) { Write-Verbose "Received data, parsing header. Buffer contains $bytesRemain bytes." Write-Verbose "Buffer bytes[$($chars.count)] $chars" $header = Get-BGPHeader $chars Write-Verbose ($header | ConvertTo-Json -Depth 10) $bytesRemain -= $header.Length Write-Verbose "$bytesRemain bytes remain to parse." switch ($header.Type) { "OPEN" { Write-Verbose "Parsing OPEN message." $open = Get-BGPOpen $chars Write-Verbose ($open | ConvertTo-Json -Depth 10) $Results.RouterAS = $open.AS $Results.HoldTime = $open.HoldTime $Results.Version = $open.Version $Results.BGPID = $open.BGPID foreach ($optparam in $open.optparams) { $op = [BGPOptParam]::New() $op.Type = $optparam.type foreach ($cap in $optparam.values) { $c = [BGPCapability]::new() $c.Code = $cap.Code $c.Value = $cap.value $op.Capabilities += $c } $results.OptParams += $op } Set-BGPState OpenConfirm } "KEEPALIVE" { if ((Get-BGPState) -in [BGPState]::OpenConfirm, [BGPState]::Established) { $chars = New-BGPKeepalive Write-Verbose "Sending BGP Keepalive" Write-Verbose "Write bytes[$($chars.count)] $chars" Invoke-Command @Session -argumentlist (, $chars) { param( $chars ) $writer.Write([byte[]]$chars) $writer.Flush() } Set-BGPState -State Established Write-Verbose "Success, BGP session established!" } else { Write-Verbose "Out of order Keepalive received in state $(Get-BGPState)." } } "NOTIFICATION" { Write-Verbose "Parsing NOTIFICATION message." $open = Get-BGPNotification $chars Write-Verbose ($open | ConvertTo-Json -Depth 10) Write-Verbose "BGP peer found, but connection refused." Set-BGPState -State Idle throw "BGP peer found, but connection refused. ErrorCode: $($open.Errorcode), ErrorSubcode: $($open.ErrorSubcode)" } "UPDATE" { Write-Verbose "Parsing UPDATE message." $update = Get-bgpupdate $chars Write-Verbose ($update | ConvertTo-Json -Depth 10) $NextHop = ($Update.PathAttributes | where-object { $_.AttrType -eq "NEXT_HOP" }).NextHop $ASPath = ($Update.PathAttributes | where-object { $_.AttrType -eq "AS_PATH" }).ASPath.ASes $Origin = ($Update.PathAttributes | where-object { $_.AttrType -eq "ORIGIN" }).Value $LocPrf = ($Update.PathAttributes | where-object { $_.AttrType -eq "LOCAL_PREF" }).Value $Metric = ($Update.PathAttributes | where-object { $_.AttrType -eq "MULTI_EXIT_DISC" }).Value foreach ($prefix in $Update.Prefixes) { $BGPRoute = [BGPPath]::New() $BGPRoute.Prefix = $Prefix $BGPRoute.NextHop = $NextHop $BGPRoute.Path = $ASPath $BGPRoute.LocPrf = $LocPrf $BGPRoute.Metric = $Metric $BGPRoute.Origin = $Origin $Results.Routes += $BGPRoute } } "ROUTEREFRESH" { Write-Verbose "Parsing ROUTEREFRESH message." Set-BGPState Custom } } $chars = getBytes $chars ($header.length) $bytesremain Write-Verbose "BGP State: $(Get-BGPState)" Write-Verbose "Returning to read loop, waiting up to $wait seconds for more data." } } until ((Get-BGPState) -in [BGPState]::Custom, [BGPState]::Idle) } else { Write-Verbose "Not connected." throw "Listener found at BGP port 179 of $RouterIPAddress, but it closed the connection from $LocalIPAddress." } } finally { Invoke-Command @Session { if ($null -ne $reader) { $reader.Close() } if ($null -ne $writer) { $writer.Close() } if ($null -ne $tcp) { $tcp.Close() } if ($RestoreMuxState) { Set-Service -Name SlbMux -StartupType $MuxStartup if ($MuxStatus -eq "Running") { Start-Service -Name SlbMux } } } if (![String]::IsNullorEmpty($Computername) ) { remove-pssession $session.session } } $results.State = (Get-BGPState) $results } Export-ModuleMember -Function Test-SdnExpressBGP Export-ModuleMember -Function New-SdnExpressBGPHost Export-ModuleMember -Function Remove-SdnExpressBGPHost # SIG # Begin signature block # MIIoVQYJKoZIhvcNAQcCoIIoRjCCKEICAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCAFy7uG6K5iDN3Q # PqVLwNywqitiiRQscR3bfpBmoaAjZKCCDYUwggYDMIID66ADAgECAhMzAAAEhJji # EuB4ozFdAAAAAASEMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjUwNjE5MTgyMTM1WhcNMjYwNjE3MTgyMTM1WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDtekqMKDnzfsyc1T1QpHfFtr+rkir8ldzLPKmMXbRDouVXAsvBfd6E82tPj4Yz # aSluGDQoX3NpMKooKeVFjjNRq37yyT/h1QTLMB8dpmsZ/70UM+U/sYxvt1PWWxLj # MNIXqzB8PjG6i7H2YFgk4YOhfGSekvnzW13dLAtfjD0wiwREPvCNlilRz7XoFde5 # KO01eFiWeteh48qUOqUaAkIznC4XB3sFd1LWUmupXHK05QfJSmnei9qZJBYTt8Zh # ArGDh7nQn+Y1jOA3oBiCUJ4n1CMaWdDhrgdMuu026oWAbfC3prqkUn8LWp28H+2S # LetNG5KQZZwvy3Zcn7+PQGl5AgMBAAGjggGCMIIBfjAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUBN/0b6Fh6nMdE4FAxYG9kWCpbYUw # VAYDVR0RBE0wS6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJh # dGlvbnMgTGltaXRlZDEWMBQGA1UEBRMNMjMwMDEyKzUwNTM2MjAfBgNVHSMEGDAW # gBRIbmTlUAXTgqoXNzcitW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIw # MTEtMDctMDguY3JsMGEGCCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDEx # XzIwMTEtMDctMDguY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIB # AGLQps1XU4RTcoDIDLP6QG3NnRE3p/WSMp61Cs8Z+JUv3xJWGtBzYmCINmHVFv6i # 8pYF/e79FNK6P1oKjduxqHSicBdg8Mj0k8kDFA/0eU26bPBRQUIaiWrhsDOrXWdL # m7Zmu516oQoUWcINs4jBfjDEVV4bmgQYfe+4/MUJwQJ9h6mfE+kcCP4HlP4ChIQB # UHoSymakcTBvZw+Qst7sbdt5KnQKkSEN01CzPG1awClCI6zLKf/vKIwnqHw/+Wvc # Ar7gwKlWNmLwTNi807r9rWsXQep1Q8YMkIuGmZ0a1qCd3GuOkSRznz2/0ojeZVYh # ZyohCQi1Bs+xfRkv/fy0HfV3mNyO22dFUvHzBZgqE5FbGjmUnrSr1x8lCrK+s4A+ # bOGp2IejOphWoZEPGOco/HEznZ5Lk6w6W+E2Jy3PHoFE0Y8TtkSE4/80Y2lBJhLj # 27d8ueJ8IdQhSpL/WzTjjnuYH7Dx5o9pWdIGSaFNYuSqOYxrVW7N4AEQVRDZeqDc # fqPG3O6r5SNsxXbd71DCIQURtUKss53ON+vrlV0rjiKBIdwvMNLQ9zK0jy77owDy # XXoYkQxakN2uFIBO1UNAvCYXjs4rw3SRmBX9qiZ5ENxcn/pLMkiyb68QdwHUXz+1 # fI6ea3/jjpNPz6Dlc/RMcXIWeMMkhup/XEbwu73U+uz/MIIHejCCBWKgAwIBAgIK # YQ6Q0gAAAAAAAzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlm # aWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEw # OTA5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYD # VQQDEx9NaWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG # 9w0BAQEFAAOCAg8AMIICCgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+la # UKq4BjgaBEm6f8MMHt03a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc # 6Whe0t+bU7IKLMOv2akrrnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4D # dato88tt8zpcoRb0RrrgOGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+ # lD3v++MrWhAfTVYoonpy4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nk # kDstrjNYxbc+/jLTswM9sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6 # A4aN91/w0FK/jJSHvMAhdCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmd # X4jiJV3TIUs+UsS1Vz8kA/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL # 5zmhD+kjSbwYuER8ReTBw3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zd # sGbiwZeBe+3W7UvnSSmnEyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3 # T8HhhUSJxAlMxdSlQy90lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS # 4NaIjAsCAwEAAaOCAe0wggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRI # bmTlUAXTgqoXNzcitW2oynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAL # BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBD # uRQFTuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jv # c29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3J0MIGfBgNVHSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEF # BQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1h # cnljcHMuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkA # YwB5AF8AcwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn # 8oalmOBUeRou09h0ZyKbC5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7 # v0epo/Np22O/IjWll11lhJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0b # pdS1HXeUOeLpZMlEPXh6I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/ # KmtYSWMfCWluWpiW5IP0wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvy # CInWH8MyGOLwxS3OW560STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBp # mLJZiWhub6e3dMNABQamASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJi # hsMdYzaXht/a8/jyFqGaJ+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYb # BL7fQccOKO7eZS/sl/ahXJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbS # oqKfenoi+kiVH6v7RyOA9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sL # gOppO6/8MO0ETI7f33VtY5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtX # cVZOSEXAQsmbdlsKgEhr/Xmfwb1tbWrJUnMTDXpQzTGCGiYwghoiAgEBMIGVMH4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01p # Y3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTECEzMAAASEmOIS4HijMV0AAAAA # BIQwDQYJYIZIAWUDBAIBBQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQw # HAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEILUq # 68kew0+s1IjXVzWON64VtMRnJxXU46h9L1RhLiJ0MEIGCisGAQQBgjcCAQwxNDAy # oBSAEgBNAGkAYwByAG8AcwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20wDQYJKoZIhvcNAQEBBQAEggEA1+4y/hLrqfnuGmSupntrmwdwNzFNNl1xXU4E # 8Ur0bnsXYOBzb2LEjCpW6+8wqPgOeqmsaPZEUh3PMS/QB4Rx0L5JwzcCo5T+CpxG # E1UBSVZELr4tgcrGz1hSN+cYmCryh0aKz/ireq5+onVEZpyjpAZy9MQ7KcN2/oVd # 1wUfl5UT3t/KBTh5G2Jckx6gwiLQKkj45mU70kex/vlwqyQm+vj13FE5Q4IoPvYm # AJk0MIOIatq9y3gEpUJCPjpF5OeF68dKq+SzUiRFc9BvUpT4DlONP9gU6uu9MYhi # qMMbPIibT8rd8adwwBq0bgzXdJkNVfcN4Dbo1/Oue2aBe2Cu2qGCF7AwghesBgor # BgEEAYI3AwMBMYIXnDCCF5gGCSqGSIb3DQEHAqCCF4kwgheFAgEDMQ8wDQYJYIZI # AWUDBAIBBQAwggFaBgsqhkiG9w0BCRABBKCCAUkEggFFMIIBQQIBAQYKKwYBBAGE # WQoDATAxMA0GCWCGSAFlAwQCAQUABCDSM7MqmhnSKo0WVK62US+W/zdNuIdzi6ZA # i5VPFUnBhgIGaZiKJAnkGBMyMDI2MDIyNDE4NDcxMS41NTNaMASAAgH0oIHZpIHW # MIHTMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQL # EyRNaWNyb3NvZnQgSXJlbGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJzAlBgNVBAsT # Hm5TaGllbGQgVFNTIEVTTjoyQTFBLTA1RTAtRDk0NzElMCMGA1UEAxMcTWljcm9z # b2Z0IFRpbWUtU3RhbXAgU2VydmljZaCCEf4wggcoMIIFEKADAgECAhMzAAACEKvN # 5BYY7zmwAAEAAAIQMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1w # IFBDQSAyMDEwMB4XDTI1MDgxNDE4NDgxMloXDTI2MTExMzE4NDgxMlowgdMxCzAJ # BgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25k # MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1pY3Jv # c29mdCBJcmVsYW5kIE9wZXJhdGlvbnMgTGltaXRlZDEnMCUGA1UECxMeblNoaWVs # ZCBUU1MgRVNOOjJBMUEtMDVFMC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGlt # ZS1TdGFtcCBTZXJ2aWNlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA # jcc4q057ZwIgpKu4pTXWLejvYEduRf+1mIpbiJEMFWWmU2xpip+zK7xFxKGB1Ccl # UXBU0/ZQZ6LG8H0gI7yvosrsPEI1DPB/XccGCvswKbAKckngOuGTEPGk7K/vEZa9 # h0Xt02b7m2n9MdIjkLrFl0pDriKyz0QHGpdh93X6+NApfE1TL24Vo0xkeoFGpL3r # X9gXhIOF59EMnTd2o45FW/oxMgY9q0y0jGO0HrCLTCZr50e7TZRSNYAy2lyKbvKI # 2MKlN1wLzJvZbbc//L3s1q3J6KhS0KC2VNEImYdFgVkJej4zZqHfScTbx9hjFgFp # VkJl4xH5VJ8tyJdXE9+vU0k9AaT2QP1Zm3WQmXedSoLjjI7LWznuHwnoGIXLiJMQ # zPqKqRIFL3wzcrDrZeWgtAdBPbipglZ5CQns6Baj5Mb6a/EZC9G3faJYK5QVHeE6 # eLoSEwp1dz5WurLXNPsp0VWplpl/FJb8jrRT/jOoHu85qRcdYpgByU9W7IWPdrth # myfqeAw0omVWN5JxcogYbLo2pANJHlsMdWnxIpN5YwHbGEPCuosBHPk2Xd9+E/pZ # PQUR6v+D85eEN5A/ZM/xiPpxa8dJZ87BpTvui7/2uflUMJf2Yc9ZLPgEdhQQo0Lw # MDSTDT48y3sV7Pdo+g5q+MqnJztN/6qt1cgUTe9u+ykCAwEAAaOCAUkwggFFMB0G # A1UdDgQWBBSe42+FrpdF2avbUhlk86BLSH5kejAfBgNVHSMEGDAWgBSfpxVdAF5i # XYP05dJlpxtTNRnpcjBfBgNVHR8EWDBWMFSgUqBQhk5odHRwOi8vd3d3Lm1pY3Jv # c29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENB # JTIwMjAxMCgxKS5jcmwwbAYIKwYBBQUHAQEEYDBeMFwGCCsGAQUFBzAChlBodHRw # Oi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRp # bWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNydDAMBgNVHRMBAf8EAjAAMBYGA1Ud # JQEB/wQMMAoGCCsGAQUFBwMIMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsF # AAOCAgEAvs4rO3oo8czOrxPqnnSEkUVq718QzlrIiy7/EW7JmQXsJoFxHWUF0Ux0 # PDyKFDRXPJVv29F7kpJkBJJmcQg5HQV7blUXIMWQ1qX0KdtFQXI/MRL77Z+pK5x1 # jX+tbRkA7a5Ft7vWuRoAEi02HpFH5m/Akh/dfsbx8wOpecJbYvuHuy4aG0/tGzOW # FCxMMNhGAIJ4qdV87JnY/uMBmiodlm+Gz357XWW5tg3HrtNZXuQ0tWUv26ud4nGK # Jo/oLZHP75p4Rpt7dMdYKUF9AuVFBwxYZYpvgk12tfK+/yOwq84/fjXVCdM83Qna # wtbenbk/lnbc9KsZom+GnvA4itAMUpSXFWrcRkqdUQLN+JrG6fPBoV8+D8U2Q2F4 # XkiCR6EU9JzYKwTuvL6t3nFuxnkLdNjbTg2/yv2j3WaDuCK5lSPgsndIiH6Bku2U # i3A0aUo6D9z9v+XEuBs9ioVJaOjf/z+Urqg7ESnxG0/T1dKci7vLQ2XNgWFYO+/O # lDjtGoma1ijX4m14N9qgrXTuWEGwgC7hhBgp3id/LAOf9BSTWA5lBrilsEoexXBr # On/1wM3rjG0hIsxvF5/YOK78mVRGY6Y7zYJ+uXt4OTOFBwadPv8MklreQZLPnQPt # iwop4rlLUYaPCiD4YUqRNbLp8Sgyo9g0iAcZYznTuc+8Q8ZIrgwwggdxMIIFWaAD # AgECAhMzAAAAFcXna54Cm0mZAAAAAAAVMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYD # VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe # MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3Nv # ZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0yMTA5MzAxODIy # MjVaFw0zMDA5MzAxODMyMjVaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo # aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y # cG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEw # MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5OGmTOe0ciELeaLL1yR5 # vQ7VgtP97pwHB9KpbE51yMo1V/YBf2xK4OK9uT4XYDP/XE/HZveVU3Fa4n5KWv64 # NmeFRiMMtY0Tz3cywBAY6GB9alKDRLemjkZrBxTzxXb1hlDcwUTIcVxRMTegCjhu # je3XD9gmU3w5YQJ6xKr9cmmvHaus9ja+NSZk2pg7uhp7M62AW36MEBydUv626GIl # 3GoPz130/o5Tz9bshVZN7928jaTjkY+yOSxRnOlwaQ3KNi1wjjHINSi947SHJMPg # yY9+tVSP3PoFVZhtaDuaRr3tpK56KTesy+uDRedGbsoy1cCGMFxPLOJiss254o2I # 5JasAUq7vnGpF1tnYN74kpEeHT39IM9zfUGaRnXNxF803RKJ1v2lIH1+/NmeRd+2 # ci/bfV+AutuqfjbsNkz2K26oElHovwUDo9Fzpk03dJQcNIIP8BDyt0cY7afomXw/ # TNuvXsLz1dhzPUNOwTM5TI4CvEJoLhDqhFFG4tG9ahhaYQFzymeiXtcodgLiMxhy # 16cg8ML6EgrXY28MyTZki1ugpoMhXV8wdJGUlNi5UPkLiWHzNgY1GIRH29wb0f2y # 1BzFa/ZcUlFdEtsluq9QBXpsxREdcu+N+VLEhReTwDwV2xo3xwgVGD94q0W29R6H # XtqPnhZyacaue7e3PmriLq0CAwEAAaOCAd0wggHZMBIGCSsGAQQBgjcVAQQFAgMB # AAEwIwYJKwYBBAGCNxUCBBYEFCqnUv5kxJq+gpE8RjUpzxD/LwTuMB0GA1UdDgQW # BBSfpxVdAF5iXYP05dJlpxtTNRnpcjBcBgNVHSAEVTBTMFEGDCsGAQQBgjdMg30B # ATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3Bz # L0RvY3MvUmVwb3NpdG9yeS5odG0wEwYDVR0lBAwwCgYIKwYBBQUHAwgwGQYJKwYB # BAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMB # Af8wHwYDVR0jBBgwFoAU1fZWy4/oolxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBL # oEmgR4ZFaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMv # TWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggr # BgEFBQcwAoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNS # b29DZXJBdXRfMjAxMC0wNi0yMy5jcnQwDQYJKoZIhvcNAQELBQADggIBAJ1Vffwq # reEsH2cBMSRb4Z5yS/ypb+pcFLY+TkdkeLEGk5c9MTO1OdfCcTY/2mRsfNB1OW27 # DzHkwo/7bNGhlBgi7ulmZzpTTd2YurYeeNg2LpypglYAA7AFvonoaeC6Ce5732pv # vinLbtg/SHUB2RjebYIM9W0jVOR4U3UkV7ndn/OOPcbzaN9l9qRWqveVtihVJ9Ak # vUCgvxm2EhIRXT0n4ECWOKz3+SmJw7wXsFSFQrP8DJ6LGYnn8AtqgcKBGUIZUnWK # NsIdw2FzLixre24/LAl4FOmRsqlb30mjdAy87JGA0j3mSj5mO0+7hvoyGtmW9I/2 # kQH2zsZ0/fZMcm8Qq3UwxTSwethQ/gpY3UA8x1RtnWN0SCyxTkctwRQEcb9k+SS+ # c23Kjgm9swFXSVRk2XPXfx5bRAGOWhmRaw2fpCjcZxkoJLo4S5pu+yFUa2pFEUep # 8beuyOiJXk+d0tBMdrVXVAmxaQFEfnyhYWxz/gq77EFmPWn9y8FBSX5+k77L+Dvk # txW/tM4+pTFRhLy/AsGConsXHRWJjXD+57XQKBqJC4822rpM+Zv/Cuk0+CQ1Zyvg # DbjmjJnW4SLq8CdCPSWU5nR0W2rRnj7tfqAxM328y+l7vzhwRNGQ8cirOoo6CGJ/ # 2XBjU02N7oJtpQUQwXEGahC0HVUzWLOhcGbyoYIDWTCCAkECAQEwggEBoYHZpIHW # MIHTMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQL # EyRNaWNyb3NvZnQgSXJlbGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJzAlBgNVBAsT # Hm5TaGllbGQgVFNTIEVTTjoyQTFBLTA1RTAtRDk0NzElMCMGA1UEAxMcTWljcm9z # b2Z0IFRpbWUtU3RhbXAgU2VydmljZaIjCgEBMAcGBSsOAwIaAxUAOsyf2b6riPKn # nXlIgIL2f53PUsKggYMwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2Fz # aGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENv # cnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAx # MDANBgkqhkiG9w0BAQsFAAIFAO1ITnAwIhgPMjAyNjAyMjQxNjIxMDRaGA8yMDI2 # MDIyNTE2MjEwNFowdzA9BgorBgEEAYRZCgQBMS8wLTAKAgUA7UhOcAIBADAKAgEA # AgIwGQIB/zAHAgEAAgITCTAKAgUA7Umf8AIBADA2BgorBgEEAYRZCgQCMSgwJjAM # BgorBgEEAYRZCgMCoAowCAIBAAIDB6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEB # CwUAA4IBAQCKj9jHrvqj65g96a1lu8kMlRvAY8IzHow3ds5qD3loJh6pNCyL6iAp # +rSpXvSFFdV9vhP3gnVcxThvFp1flrTEkW2aK7muNQ+mRO0s77NUlUDtymh1hGS/ # rwAm151rtyb4yqwT+cMJEA7YWbxSY3OqZ/FhVMiJ1QVg+7OLRhzT7k5QBhexMgv3 # Xcdkz8o/RJIIove9aJW1AWBDD1JobPP02rdx+kAYm9iZJgO4cqPJvG3wo5aVUZfg # RLiih/4i09TvvtoYtLww0+4W0pee5u8YfblrF9lbDNvfHG7q508+y7BXoXBPNMeL # sdYqWIzSltfwAMl2ai2/kWbWpvHKCVDMMYIEDTCCBAkCAQEwgZMwfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0 # IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAIQq83kFhjvObAAAQAAAhAwDQYJYIZI # AWUDBAIBBQCgggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG # 9w0BCQQxIgQgNo8UF0GLS0GIUQ/cKrITcSEhkhMkWGyGpVLvV6DcTRUwgfoGCyqG # SIb3DQEJEAIvMYHqMIHnMIHkMIG9BCDD1SHufsjzY59S1iHUQY9hnsKSrJPg5a9M # c4YnGmPHxjCBmDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n # dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y # YXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMz # AAACEKvN5BYY7zmwAAEAAAIQMCIEIMbyw56i1o3SZtBJosiIRTVc9mMH53KScXUW # IyPdvs0gMA0GCSqGSIb3DQEBCwUABIICAAjjQnJheB1Chpwji2ulxl+kVJuvz4Zn # F63wvreJ7RUriJSZj8sZEjsewknw2kAq96yT/ihIbcxyw1DPTmBv3BbPBI46uqaI # KMEj4j52W/vLT77PivrULUIkfh0Wv6C2xOuhADwEc5ylQjV40+FkbcthInntCAGI # Qrh3vM12lmkQfygf2QHOgFZ4Qtqbf1oAfacNbMeBXxfLj1lLJml9vu3VcruH8Nl2 # IcHCTv0aff4SGBMQ3vSd6IN9vYZdboOMuvPg5IJzft8M8y8dmL9WCclmOU52m7Z4 # XKuCtokQs4pxtKWDiNZNI0lOX+t8ESA8dEgy1WYW8ByfheI7jSi5NpNuRSe74S9v # iZuCEEeurJaIX/KFQ6xGXjqMX5L3/C5sFuTSvHNY4GvulqQY8xS/+1c3kzkUvDVc # p9LHEaTVQS3RS+6K6Ebj4r0CN0ilrbFs/ti/afH0Xb0n7E4dbRl0jOnPjPUuX7Wj # lpDJSOOYWzu6+oCcV+Rhj4/1Rgx9Bl5vPnplsU2bYlS/TUjj39Knwrc9el14JliF # bIDB6Ypy7DxJeAZ1kGq1SBGPC0GS2nevwbaiomotj42Cr5A5SQVpqoEhk4Vjwz6P # rWBk2gAypXuj9THo83n8ttAI9+SgJz+VUcbjo2U0fcg1Bs1YGBgXyihHDyYMTKPG # s+fiM9CIkqu6 # SIG # End signature block |