[rancid] Re: Out of band access to devices?

Ed Ravin eravin at panix.com
Sat May 13 02:47:49 UTC 2006 

On Tue, Aug 16, 2005 at 03:56:04PM +1000, Andrew Pollock wrote:
...
> So the only way of managing the devices is via SSHing to the Cyclades and
> getting on the console port. We can SSH directly to a specific port of the
> Cyclades, and after authenticating, get on the console attached to that
> port, and disconnect by way of the standard SSH disconnect break sequence
> when we're done.
> 
> I'm wondering if RANCID has evolved over the last nearly 2 years to include
> such out of band access to devices, or if it's much of a muchness still?

It hasn't, but I finally decided I needed the feature and wrote it up.
In my case, I had to ssh to a server and run the "cu" command to get to
the serial console, so I set up a generic extension of the ssh method to
allow arbitrary arguments on the ssh command line.  It looks like this
in .cloginrc:

   add method testrouter {ssh}
   add sshargs testrouter {-t} {termserver} {cu -l /dev/tty01 -s 9600}

I also had to add a match for "Connected" in the login dialog, which
"cu" prints when it's ready for you to send data, so clogin would send
an empty return to wake up the router's serial port.

This isn't sufficiently generic for my taste - I'd prefer something
where you can specify the path to the front end program to run
(it could be conserver, for example), and I'd want the match and
response for "Connected" to also be configurable in .cloginrc.
I propose something like this:

   add spawn_command myrouter /usr/local/bin/conserver
   add spawn_command_args myrouter {--this} {--that} {termserver01}
   add spawn_greeting myrouter {termserver01 ready} {connected to myrouter}
   add spawn_greeting_response myrouter {connect myrouter} {\r\r}

So you could have multiple expect/send responses to the front end device
before you get the router prompt and do the usual login dialogue (i.e.
the above example would listen for "termserver01 ready", then send
"connect myrouter\r", then listen for "connected to myrouter", then
send "\r\r" to wake up the router and hopefully produce a router login
prompt so the rest of clogin could proceed).

The current patch for just adding an "sshargs" variable to clogin
is a mere 30 lines - if anyone wants it, let me know.  If there's
any consensus on the "right" way to do this, I'll be happy to code
it up for inclusion in a future version of RANCID.

Sample invocation:

    $ ./clogin -t 5 -c 'show ver' testrouter
    testrouter
    spawn ssh -t termserver01 cu -l /dev/tty01 -s 9600
    Connected.
    
    Username: testme
    Password:
    Router#
    Router#term length 0
    Router#show ver
    Cisco IOS Software, C1700 Software (C1700-ADVSECURITYK9-M), Version 12.4(5a), RELEASE SOFTWARE (fc3)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2006 by Cisco Systems, Inc.
    [...]

More information about the Rancid-discuss mailing list