From gmourani at gmail.com Thu May 1 17:21:42 2014 From: gmourani at gmail.com (Gerhard Mourani) Date: Thu, 1 May 2014 13:21:42 -0400 Subject: [rancid] (no subject) Message-ID: Hello, I'm using Rancid 3.0 to check FortiGate configuration changes and it is working except that I receive every time when the script is running, the following diff. - set password ENC ttKtc1dKyMz19Q6J7FQ6TLuM4ijBajn0gOgs8OvSaaExqFScZf1ngJTXpyHOrg8gdkcZLYKnTAWNGooEasQAYgnzwTq1siZvMrE37H1tQaBhDvenHB94CP7W+Esp/82LBKVA57xuaAVpehH0WCeFLIjdogE+N8yBfcmObOqBYewbTt9xRL/MG+XwQqtjHeyGC5tsrw== + set password ENC Ig68IRG3Y25jMaueDr6VTnROaGLp2DbwMKjK7AzIkDserF+TDqcdSOKof+vGSfBL52TPZGNN/JXsC6SRIZcBrPm2yE3ciRgkX9FxoNmN2WieUBr8GEaEdwD4HpHFe31D13Sc+k9tHLczdXOCYnGVFXMZNH2zaa6ZIzSIQuYPPaWBltJolkCcdEHQoUjQ4tB8imTGmw== Thanks, -------------- next part -------------- An HTML attachment was scrubbed... URL: From gmourani at gmail.com Thu May 1 17:23:52 2014 From: gmourani at gmail.com (Gerhard Mourani) Date: Thu, 1 May 2014 13:23:52 -0400 Subject: [rancid] System Up Time & Dell Message-ID: Hello, I'm using Rancid 3.0 to backup Dell switches using the 'smc' type and it work. But every time the script run, I receive the following diff. - ! System Up Time (days,hour:min:sec): 02,11:30:13 + ! System Up Time (days,hour:min:sec): 02,23:31:44 Thanks, -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu May 1 20:14:33 2014 From: heas at shrubbery.net (heasley) Date: Thu, 1 May 2014 20:14:33 +0000 Subject: [rancid] System Up Time & Dell In-Reply-To: <20140501201248.6D30A5ED3@guelah.shrubbery.net> Message-ID: <20140501201433.GE9015@shrubbery.net> Thu, May 01, 2014 at 01:23:52PM -0400, Gerhard Mourani: > I'm using Rancid 3.0 to backup Dell switches using the 'smc' type and it > work. But every time the script run, I receive the following diff. > > - ! System Up Time (days,hour:min:sec): 02,11:30:13 > + ! System Up Time (days,hour:min:sec): 02,23:31:44 this should do it. Index: bin/srancid.in =================================================================== --- bin/srancid.in (revision 2828) +++ bin/srancid.in (working copy) @@ -215,7 +215,7 @@ s/[\b]+\s*[\b]*//g; # Remove Uptime - / Up time/ && next; + / up time/i && next; # filter temperature sensor info for Dell 6428 stacks /Temperature Sensors:/ && next; @@ -251,7 +251,7 @@ s/[\b]+\s*[\b]*//g; # Remove Uptime - / Up time/ && next; + / up time/i && next; ProcessHistory("COMMENTS","keysort","D1","! $_"); } return(0); From rancid at ale.cx Thu May 1 20:21:49 2014 From: rancid at ale.cx (Alex DEKKER) Date: Thu, 01 May 2014 21:21:49 +0100 Subject: [rancid] (no subject) and Re: System Up Time & Dell In-Reply-To: References: Message-ID: <5362ACDD.2070705@ale.cx> I wonder, given the sheer number of threads discussing the topic of cycling/incrementing output in RANCID emails, might some mechanism for either a) automatically detecting cycling/incrementing output or b) making it easier to get RANCID to ignore it be a worthy target for development? alexd From heas at shrubbery.net Thu May 1 20:56:45 2014 From: heas at shrubbery.net (heasley) Date: Thu, 1 May 2014 20:56:45 +0000 Subject: [rancid] Cisco ACS 5.5 In-Reply-To: <20140501205337.C72B55066@guelah.shrubbery.net> Message-ID: <20140501205645.GF9015@shrubbery.net> Wed, Apr 30, 2014 at 09:13:28AM +0200, Pawe?? Rzepa: > Hi, > No, it doesn't hang. When I login into the device interactively it > works. When I run a command it produces unpredictable results, imho > depending on the chunks of output retrieved from the device. > > This is the excerpt from clogin -d -c 'write term' output which I > suppose is relevant to the issue: > > expect: does "ip domain-name my.company.com\r\n! \r\nno ipv6 > enable\r\n! \r\ninterface GigabitEthernet 0\r\n ip address > 10.10.10.10 255.255.255.0\r\n ipv6 address autoconfig\r\n no ipv6 > enable\r\n! \r\ninterface GigabitEthernet 1\r\n shutdown\r\n > ipv6 address autoconfig\r\n no ipv6 enable\r\n! \r\nip > name-server 10.10.10.10 10.10.10.10 \r\n! \r\nip > default-gateway 10.10.10.10\r\n! \r\nclock timezone > Europe/Warsaw\r\n! \r\nntp server > 10.10.10.10\r\n!\u0008\nusername root password hash > $1$p4MxVbAdp$asdfasdfasdfasd role admin \r\n!\u0008\nno > max-ssh-sessions\r\n!\u0008\n" (spawn_id exp6) match regular > expression "\u0008+"? yes > expect: set expect_out(0,string) "\u0008" > expect: set expect_out(spawn_id) "exp6" > expect: set expect_out(buffer) "ip domain-name my.company.com\r\n! > \r\nno ipv6 enable\r\n! \r\ninterface GigabitEthernet 0\r\n > ip address 10.10.10.10 255.255.255.0\r\n ipv6 address autoconfig\r\n > no ipv6 enable\r\n! \r\ninterface GigabitEthernet 1\r\n > shutdown\r\n ipv6 address autoconfig\r\n no ipv6 enable\r\n! > \r\nip name-server 10.10.10.10 10.10.10.10 \r\n! \r\nip > default-gateway 10.10.10.10\r\n! \r\nclock timezone > Europe/Warsaw\r\n! \r\nntp server 10.10.10.10\r\n!\u0008" > expect: continuing expect hrm, that does not work as intended. this match has been there unchanged since 2001. would you try this patch with your asa? Index: bin/clogin.in =================================================================== --- bin/clogin.in (revision 2828) +++ bin/clogin.in (working copy) @@ -656,7 +656,7 @@ for {set i 0} {$i < $num_commands} { incr i} { send -- "[subst -nocommands [lindex $commands $i]]\r" expect { - -re "\b+" { exp_continue } + -re "^\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprompt." { send_user -- "$expect_out(buffer)" From rancid at ale.cx Thu May 1 21:23:48 2014 From: rancid at ale.cx (Alex DEKKER) Date: Thu, 01 May 2014 22:23:48 +0100 Subject: [rancid] System Up Time & Dell In-Reply-To: References: Message-ID: <5362BB64.70304@ale.cx> On 01/05/14 18:23, Gerhard Mourani wrote: > > I'm using Rancid 3.0 to backup Dell switches using the 'smc' type and > it work. But every time the script run, I receive the following diff. > > - ! System Up Time (days,hour:min:sec): 02,11:30:13 > + ! System Up Time (days,hour:min:sec): 02,23:31:44 > That's very similar to the output you get from running against Cisco Small Business 500-series switches [the switches certainly share some ancestors, the firmwares may even share a codebase]. alexd From howie at thingy.com Fri May 2 08:10:28 2014 From: howie at thingy.com (Howard Jones) Date: Fri, 02 May 2014 09:10:28 +0100 Subject: [rancid] (no subject) and Re: System Up Time & Dell In-Reply-To: <5362ACDD.2070705@ale.cx> References: <5362ACDD.2070705@ale.cx> Message-ID: <536352F4.2030804@thingy.com> On 01/05/2014 21:21, Alex DEKKER wrote: > I wonder, given the sheer number of threads discussing the topic of > cycling/incrementing output in RANCID emails, might some mechanism for > either a) automatically detecting cycling/incrementing output or b) > making it easier to get RANCID to ignore it be a worthy target for > development? With RANCID 3, adding an additional config type (e.g. 'ignore') to rancid.types.conf to implement (b) should make the effort a bit more central for the vendor types that use that file (anything with more than a 'script' line, as far as I can see). Even a document describing the data and control flow through the various components of RANCID would make it easier for someone to help themselves though. For example, it wasn't clear to me for a while that actually, the *rancid script doesn't really interact with the device at all - just squirts a canned list of commands, and then tries to make sense of all the output afterwards. Howie From howie at thingy.com Fri May 2 08:18:41 2014 From: howie at thingy.com (Howard Jones) Date: Fri, 02 May 2014 09:18:41 +0100 Subject: [rancid] Rancid 3 documentation tweak Message-ID: <536354E1.80706@thingy.com> The README for RANCID 3.0 says that perl5 or greater is required to run RANCID. In fact, it's perl 5.10 or greater, which is significant for some. For example, current CentOS 6 (and I guess RHEL and Scientific Linux too) come with perl 5.8.8, so it requires a separate perl install just for RANCID. (installing it over the system perl leads to fighting between CPAN and yum) Related: a configure option to specify the location of the perl interpreter would be handy! Cheers, Howie From me at ale.cx Thu May 1 20:23:59 2014 From: me at ale.cx (Alex DEKKER) Date: Thu, 01 May 2014 21:23:59 +0100 Subject: [rancid] System Up Time & Dell In-Reply-To: References: Message-ID: <5362AD5F.6030609@ale.cx> On 01/05/14 18:23, Gerhard Mourani wrote: > > I'm using Rancid 3.0 to backup Dell switches using the 'smc' type and > it work. But every time the script run, I receive the following diff. > > - ! System Up Time (days,hour:min:sec): 02,11:30:13 > + ! System Up Time (days,hour:min:sec): 02,23:31:44 > That's very similar to the output you get from running against Cisco Small Business 500-series switches [the switches certainly share some ancestors, the firmwares may even share a codebase]. alexd From heas at shrubbery.net Fri May 2 15:05:12 2014 From: heas at shrubbery.net (heasley) Date: Fri, 2 May 2014 15:05:12 +0000 Subject: [rancid] Rancid 3 documentation tweak In-Reply-To: <536354E1.80706@thingy.com> References: <536354E1.80706@thingy.com> Message-ID: <20140502150512.GB47672@shrubbery.net> Fri, May 02, 2014 at 09:18:41AM +0100, Howard Jones: > The README for RANCID 3.0 says that perl5 or greater is required to run > RANCID. In fact, it's perl 5.10 or greater, which is significant for > some. For example, current CentOS 6 (and I guess RHEL and Scientific > Linux too) come with perl 5.8.8, so it requires a separate perl install > just for RANCID. (installing it over the system perl leads to fighting > between CPAN and yum) thanks; i'd missed that. Any clue why, from my pov, they're so far behind? 5.8 seems ancient. > Related: a configure option to specify the location of the perl > interpreter would be handy! put it on the todo list; until then you can PERLV_PATH in your environment, make distclean, and reconfigure. in general, this should work for most configure variables for any package's autoconf scripts. sometimes you must get kinkier and set the variable that autoconf uses, eg: ac_cv_path_PERLV_PATH From howie at thingy.com Fri May 2 15:17:39 2014 From: howie at thingy.com (Howard Jones) Date: Fri, 02 May 2014 16:17:39 +0100 Subject: [rancid] Rancid 3 documentation tweak In-Reply-To: <20140502150512.GB47672@shrubbery.net> References: <536354E1.80706@thingy.com> <20140502150512.GB47672@shrubbery.net> Message-ID: <5363B713.10908@thingy.com> On 02/05/2014 16:05, heasley wrote: > thanks; i'd missed that. Any clue why, from my pov, they're so far behind? > 5.8 seems ancient. Part of the "enterprisey" nature of RHEL is that they promise no breaking changes within a major version. They backport security fixes, and leave out language feature changes. RHEL 7 is just about out (and the others typically lag behind it by 3-6 months on a major release), so we're right at the end of a release cycle. CentOS 5 had similar problems with a really old PHP 5.1 and Python 2.4 Howie From heas at shrubbery.net Fri May 2 16:21:58 2014 From: heas at shrubbery.net (heasley) Date: Fri, 2 May 2014 16:21:58 +0000 Subject: [rancid] Rancid 3 documentation tweak In-Reply-To: <5363B713.10908@thingy.com> References: <536354E1.80706@thingy.com> <20140502150512.GB47672@shrubbery.net> <5363B713.10908@thingy.com> Message-ID: <20140502162158.GK47672@shrubbery.net> Fri, May 02, 2014 at 04:17:39PM +0100, Howard Jones: > On 02/05/2014 16:05, heasley wrote: > > thanks; i'd missed that. Any clue why, from my pov, they're so far > behind? > > 5.8 seems ancient. > Part of the "enterprisey" nature of RHEL is that they promise no > breaking changes within a major version. They backport security fixes, > and leave out language feature changes. RHEL 7 is just about out (and > the others typically lag behind it by 3-6 months on a major release), so > we're right at the end of a release cycle. CentOS 5 had similar problems > with a really old PHP 5.1 and Python 2.4 even 5.10 seems ancient. stability through antiquity. i may have a way around the requirement for 5.10. ISTR 5.14 taking issue with some syntax deprecated in 5.12. i'll try it, but make no guarantee. From heas at shrubbery.net Fri May 2 18:03:12 2014 From: heas at shrubbery.net (heasley) Date: Fri, 2 May 2014 18:03:12 +0000 Subject: [rancid] (no subject) and Re: System Up Time & Dell In-Reply-To: <536352F4.2030804@thingy.com> References: <5362ACDD.2070705@ale.cx> <536352F4.2030804@thingy.com> Message-ID: <20140502180312.GY47672@shrubbery.net> Fri, May 02, 2014 at 09:10:28AM +0100, Howard Jones: > > On 01/05/2014 21:21, Alex DEKKER wrote: > > I wonder, given the sheer number of threads discussing the topic of > > cycling/incrementing output in RANCID emails, might some mechanism for > > either a) automatically detecting cycling/incrementing output or b) > > making it easier to get RANCID to ignore it be a worthy target for > > development? > With RANCID 3, adding an additional config type (e.g. 'ignore') to > rancid.types.conf to implement (b) should make the effort a bit more > central for the vendor types that use that file (anything with more than > a 'script' line, as far as I can see). can you provide an outline of what you mean? > Even a document describing the data and control flow through the various > components of RANCID would make it easier for someone to help themselves > though. For example, it wasn't clear to me for a while that actually, > the *rancid script doesn't really interact with the device at all - just > squirts a canned list of commands, and then tries to make sense of all > the output afterwards. ack. From heas at shrubbery.net Fri May 2 19:09:30 2014 From: heas at shrubbery.net (heasley) Date: Fri, 2 May 2014 19:09:30 +0000 Subject: [rancid] Erro with Rancid on solaris 10. In-Reply-To: <1397142742.33153.YahooMailNeo@web121905.mail.ne1.yahoo.com> References: <1397142742.33153.YahooMailNeo@web121905.mail.ne1.yahoo.com> Message-ID: <20140502190930.GE47672@shrubbery.net> Thu, Apr 10, 2014 at 08:12:22AM -0700, Fabio Santos: > Hi all, > > I'm trying to compile rancid 3.0 on solaris 10, the ./configure command works fine. but when i try make i received the erro above, > > Making all in bin > gmake[1]: Entering directory `/tmp/rancid-3.0/bin' > gcc -DHAVE_CONFIG_H -I. -I../include ? ? -g -O0 -MT hpuifilter.o -MD -MP -MF .deps/hpuifilter.Tpo -c -o hpuifilter.o hpuifilter.c > mv -f .deps/hpuifilter.Tpo .deps/hpuifilter.Po > gcc ?-g -O0 ? -o hpuifilter hpuifilter.o > gcc -DHAVE_CONFIG_H -I. -I../include ? ? -g -O0 -MT par.o -MD -MP -MF .deps/par.Tpo -c -o par.o par.c > mv -f .deps/par.Tpo .deps/par.Po > gcc ?-g -O0 ? -o par par.o > Undefined ? ? ? ? ? ? ? ? ? ? ? first referenced > ?symbol ? ? ? ? ? ? ? ? ? ? ? ? ? ? in file > asprintf ? ? ? ? ? ? ? ? ? ? ? ? ? ?par.o > ld: fatal: Symbol referencing errors. No output written to par > gmake[1]: *** [par] Error 1 > gmake[1]: Leaving directory `/tmp/rancid-3.0/bin' > make: *** [all-recursive] Error 1 > bash-3.00# > > Someone know how can i fix this problem? would you add -D__EXTENSIONS__ to the CFLAGS line in bin/Makefile and tell me if that fixes this problem with gcc on solaris? From mvoity at uvm.edu Fri May 2 19:11:12 2014 From: mvoity at uvm.edu (Michael T. Voity) Date: Fri, 02 May 2014 15:11:12 -0400 Subject: [rancid] Setup issue Message-ID: <5363EDD0.6000404@uvm.edu> Hello, I'm new to the RANCID realm. Before posting to this list I have done my research and cannot quite seem to get the right answer to my issue. I'm trying to get RANCID to work with my Cisco ASR9001 which has ios-xr - In the log file i get these messages - Trying to get all of the configs. swick-uvm-gw2: missed cmd(s): dir /all disk1a:,admin show diag,dir /all slavedisk2:,dir /all sec-slot2:,dir /all disk1:,dir /all sec-nvram:,dir /all disk2:,dir /all sec-bootflash:,dir /all slaveslot2:,dir /all disk0:,dir /all compactflasha:,dir /all slaveslot0:,dir /all sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all sec-disk2:,dir /all sec-disk0:,dir /all harddiskb:,dir /all slavedisk1:,show controllers,show rpl maximum,dir /all slavedisk0:,show debug,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,dir /all disk0a:,dir /all slot2:,dir /all compactflash:,dir /all harddisk:,dir /all slot0:,admin show running,show vlan,dir /all slavebootflash:,dir /all slaveslot1:,dir /all nvram:,admin show inventory raw,show running-config,dir /all slot1: swick-uvm-gw2: End of run not found ! watt-uvm-gw3: missed cmd(s): dir /all disk1a:,admin show diag,dir /all slavedisk2:,dir /all sec-slot2:,dir /all disk1:,dir /all sec-nvram:,dir /all disk2:,dir /all sec-bootflash:,dir /all slaveslot2:,dir /all disk0:,dir /all compactflasha:,dir /all slaveslot0:,dir /all sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all sec-disk2:,dir /all sec-disk0:,dir /all harddiskb:,dir /all slavedisk1:,show controllers,show rpl maximum,dir /all slavedisk0:,show debug,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,dir /all disk0a:,dir /all slot2:,dir /all compactflash:,dir /all harddisk:,dir /all slot0:,admin show running,show vlan,dir /all slavebootflash:,dir /all slaveslot1:,dir /all nvram:,admin show inventory raw,show running-config,dir /all slot1: watt-uvm-gw3: End of run not found ! When i switch it from ios-xr to ios in the router.db file, it works, but every time I run the rancid-run it gives me a huge diff of the ios-xr routers. I have also un-commented NOPIPE=YES; export NOPIPE I have setup my ios-xr routers in a separate group. Still no dice. I have a separate group for my ios devices that is working fine. ideas? -Mike -- Michael T. Voity Network Engineer University of Vermont From alan.mckinnon at gmail.com Sat May 3 06:43:47 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sat, 03 May 2014 08:43:47 +0200 Subject: [rancid] Setup issue In-Reply-To: <5363EDD0.6000404@uvm.edu> References: <5363EDD0.6000404@uvm.edu> Message-ID: <53649023.4040101@gmail.com> That's the standard log message you posted; for debugging purposes it's not especially useful. It's telling you that stuff didn't work and then lists all the stuff that didn't work. It doesn't indicate why. Run the parser script directly in debug mode to find out what's really going on. xrrancid -d This might not give you the real failure yet, but it will narrow it down to which area the problem happens in. On 02/05/2014 21:11, Michael T. Voity wrote: > Hello, > > I'm new to the RANCID realm. Before posting to this list I have done > my research and cannot quite seem to get the right answer to my issue. > > I'm trying to get RANCID to work with my Cisco ASR9001 which has ios-xr - > > In the log file i get these messages - > > Trying to get all of the configs. > swick-uvm-gw2: missed cmd(s): dir /all disk1a:,admin show diag,dir /all > slavedisk2:,dir /all sec-slot2:,dir /all disk1:,dir /all sec-nvram:,dir > /all disk2:,dir /all sec-bootflash:,dir /all slaveslot2:,dir /all > disk0:,dir /all compactflasha:,dir /all slaveslot0:,dir /all > sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all > sec-disk2:,dir /all sec-disk0:,dir /all harddiskb:,dir /all > slavedisk1:,show controllers,show rpl maximum,dir /all slavedisk0:,show > debug,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,dir > /all disk0a:,dir /all slot2:,dir /all compactflash:,dir /all > harddisk:,dir /all slot0:,admin show running,show vlan,dir /all > slavebootflash:,dir /all slaveslot1:,dir /all nvram:,admin show > inventory raw,show running-config,dir /all slot1: > swick-uvm-gw2: End of run not found > ! > watt-uvm-gw3: missed cmd(s): dir /all disk1a:,admin show diag,dir /all > slavedisk2:,dir /all sec-slot2:,dir /all disk1:,dir /all sec-nvram:,dir > /all disk2:,dir /all sec-bootflash:,dir /all slaveslot2:,dir /all > disk0:,dir /all compactflasha:,dir /all slaveslot0:,dir /all > sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all > sec-disk2:,dir /all sec-disk0:,dir /all harddiskb:,dir /all > slavedisk1:,show controllers,show rpl maximum,dir /all slavedisk0:,show > debug,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,dir > /all disk0a:,dir /all slot2:,dir /all compactflash:,dir /all > harddisk:,dir /all slot0:,admin show running,show vlan,dir /all > slavebootflash:,dir /all slaveslot1:,dir /all nvram:,admin show > inventory raw,show running-config,dir /all slot1: > watt-uvm-gw3: End of run not found > ! > > > When i switch it from ios-xr to ios in the router.db file, it works, but > every time I run the rancid-run it gives me a huge diff of the ios-xr > routers. > > I have also un-commented NOPIPE=YES; export NOPIPE > > I have setup my ios-xr routers in a separate group. > > Still no dice. > > I have a separate group for my ios devices that is working fine. > > ideas? > > -Mike > -- Alan McKinnon alan.mckinnon at gmail.com From alan.mckinnon at gmail.com Sat May 3 06:48:52 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sat, 03 May 2014 08:48:52 +0200 Subject: [rancid] (no subject) and Re: System Up Time & Dell In-Reply-To: <20140502180312.GY47672@shrubbery.net> References: <5362ACDD.2070705@ale.cx> <536352F4.2030804@thingy.com> <20140502180312.GY47672@shrubbery.net> Message-ID: <53649154.9070706@gmail.com> On 02/05/2014 20:03, heasley wrote: > Fri, May 02, 2014 at 09:10:28AM +0100, Howard Jones: >> >> Even a document describing the data and control flow through the various >> components of RANCID would make it easier for someone to help themselves >> though. For example, it wasn't clear to me for a while that actually, >> the *rancid script doesn't really interact with the device at all - just >> squirts a canned list of commands, and then tries to make sense of all >> the output afterwards. > > ack. I have a reasonable skeleton "How Rancid works: A doc for sysadmins" article hanging around. Maybe I should grab it from my wiki and post it here for review. -- Alan McKinnon alan.mckinnon at gmail.com From mvoity at uvm.edu Sat May 3 11:45:40 2014 From: mvoity at uvm.edu (Michael T. Voity) Date: Sat, 03 May 2014 07:45:40 -0400 Subject: [rancid] Setup issue In-Reply-To: <53649023.4040101@gmail.com> References: <5363EDD0.6000404@uvm.edu> <53649023.4040101@gmail.com> Message-ID: <5364D6E4.6030708@uvm.edu> Alan, I ran the xrancid and was given this - [rancid at netwatch bin]$ ./xrancid -d watt-uvm-gw3-200.3.uvm.edu executing clogin -t 90 -c "show version;show memory;show diag;show switch;show slot;show configuration detail;show configuration" watt-uvm-gw3-200.3.uvm.edu sh: clogin: command not found watt-uvm-gw3-200.3.uvm.edu: missed cmd(s): all commands watt-uvm-gw3-200.3.uvm.edu: End of run not found watt-uvm-gw3-200.3.uvm.edu: End of run not found Then I ran just - ./clogin -t 90 -c "show version;show memory;show diag;show switch;show slot;show configuration detail;show configuration" watt-uvm-gw3-200.3.uvm.edu And determined that- show switch;show slot;show configuration detail;show configuration did not run. Ideas? -Mike Michael T. Voity Network Engineer University of Vermont On 5/3/14, 2:43 AM, Alan McKinnon wrote: > That's the standard log message you posted; for debugging purposes it's > not especially useful. It's telling you that stuff didn't work and then > lists all the stuff that didn't work. It doesn't indicate why. > > Run the parser script directly in debug mode to find out what's really > going on. > > xrrancid -d > > > This might not give you the real failure yet, but it will narrow it down > to which area the problem happens in. > > > On 02/05/2014 21:11, Michael T. Voity wrote: >> Hello, >> >> I'm new to the RANCID realm. Before posting to this list I have done >> my research and cannot quite seem to get the right answer to my issue. >> >> I'm trying to get RANCID to work with my Cisco ASR9001 which has ios-xr - >> >> In the log file i get these messages - >> >> Trying to get all of the configs. >> swick-uvm-gw2: missed cmd(s): dir /all disk1a:,admin show diag,dir /all >> slavedisk2:,dir /all sec-slot2:,dir /all disk1:,dir /all sec-nvram:,dir >> /all disk2:,dir /all sec-bootflash:,dir /all slaveslot2:,dir /all >> disk0:,dir /all compactflasha:,dir /all slaveslot0:,dir /all >> sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all >> sec-disk2:,dir /all sec-disk0:,dir /all harddiskb:,dir /all >> slavedisk1:,show controllers,show rpl maximum,dir /all slavedisk0:,show >> debug,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,dir >> /all disk0a:,dir /all slot2:,dir /all compactflash:,dir /all >> harddisk:,dir /all slot0:,admin show running,show vlan,dir /all >> slavebootflash:,dir /all slaveslot1:,dir /all nvram:,admin show >> inventory raw,show running-config,dir /all slot1: >> swick-uvm-gw2: End of run not found >> ! >> watt-uvm-gw3: missed cmd(s): dir /all disk1a:,admin show diag,dir /all >> slavedisk2:,dir /all sec-slot2:,dir /all disk1:,dir /all sec-nvram:,dir >> /all disk2:,dir /all sec-bootflash:,dir /all slaveslot2:,dir /all >> disk0:,dir /all compactflasha:,dir /all slaveslot0:,dir /all >> sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all >> sec-disk2:,dir /all sec-disk0:,dir /all harddiskb:,dir /all >> slavedisk1:,show controllers,show rpl maximum,dir /all slavedisk0:,show >> debug,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,dir >> /all disk0a:,dir /all slot2:,dir /all compactflash:,dir /all >> harddisk:,dir /all slot0:,admin show running,show vlan,dir /all >> slavebootflash:,dir /all slaveslot1:,dir /all nvram:,admin show >> inventory raw,show running-config,dir /all slot1: >> watt-uvm-gw3: End of run not found >> ! >> >> >> When i switch it from ios-xr to ios in the router.db file, it works, but >> every time I run the rancid-run it gives me a huge diff of the ios-xr >> routers. >> >> I have also un-commented NOPIPE=YES; export NOPIPE >> >> I have setup my ios-xr routers in a separate group. >> >> Still no dice. >> >> I have a separate group for my ios devices that is working fine. >> >> ideas? >> >> -Mike >> > From heas at shrubbery.net Sat May 3 14:44:03 2014 From: heas at shrubbery.net (heasley) Date: Sat, 3 May 2014 14:44:03 +0000 Subject: [rancid] Setup issue In-Reply-To: <5364D6E4.6030708@uvm.edu> References: <5363EDD0.6000404@uvm.edu> <53649023.4040101@gmail.com> <5364D6E4.6030708@uvm.edu> Message-ID: <20140503144403.GA80011@shrubbery.net> Sat, May 03, 2014 at 07:45:40AM -0400, Michael T. Voity: > Alan, > > I ran the xrancid and was given this - sorry, i didnt notice this detail in Alan's mail; xrrancid does not exist enymore in 3.0. run rancid -t cisco-xr -d watt-uvm-gw3-200.3.uvm.edu clogin -c "`rancid -C -t cisco-xr`" watt-uvm-gw3-200.3.uvm.edu > [rancid at netwatch bin]$ ./xrancid -d watt-uvm-gw3-200.3.uvm.edu > executing clogin -t 90 -c "show version;show memory;show diag;show > switch;show slot;show configuration detail;show configuration" > watt-uvm-gw3-200.3.uvm.edu > sh: clogin: command not found > watt-uvm-gw3-200.3.uvm.edu: missed cmd(s): all commands > watt-uvm-gw3-200.3.uvm.edu: End of run not found > watt-uvm-gw3-200.3.uvm.edu: End of run not found > > Then I ran just - > > ./clogin -t 90 -c "show version;show memory;show diag;show switch;show > slot;show configuration detail;show configuration" > watt-uvm-gw3-200.3.uvm.edu > > And determined that- show switch;show slot;show configuration > detail;show configuration did not run. > > > Ideas? > > -Mike > > > Michael T. Voity > Network Engineer > University of Vermont > > On 5/3/14, 2:43 AM, Alan McKinnon wrote: > > That's the standard log message you posted; for debugging purposes it's > > not especially useful. It's telling you that stuff didn't work and then > > lists all the stuff that didn't work. It doesn't indicate why. > > > > Run the parser script directly in debug mode to find out what's really > > going on. > > > > xrrancid -d > > > > > > This might not give you the real failure yet, but it will narrow it down > > to which area the problem happens in. > > > > > > On 02/05/2014 21:11, Michael T. Voity wrote: > >> Hello, > >> > >> I'm new to the RANCID realm. Before posting to this list I have done > >> my research and cannot quite seem to get the right answer to my issue. > >> > >> I'm trying to get RANCID to work with my Cisco ASR9001 which has ios-xr - > >> > >> In the log file i get these messages - > >> > >> Trying to get all of the configs. > >> swick-uvm-gw2: missed cmd(s): dir /all disk1a:,admin show diag,dir /all > >> slavedisk2:,dir /all sec-slot2:,dir /all disk1:,dir /all sec-nvram:,dir > >> /all disk2:,dir /all sec-bootflash:,dir /all slaveslot2:,dir /all > >> disk0:,dir /all compactflasha:,dir /all slaveslot0:,dir /all > >> sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all > >> sec-disk2:,dir /all sec-disk0:,dir /all harddiskb:,dir /all > >> slavedisk1:,show controllers,show rpl maximum,dir /all slavedisk0:,show > >> debug,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,dir > >> /all disk0a:,dir /all slot2:,dir /all compactflash:,dir /all > >> harddisk:,dir /all slot0:,admin show running,show vlan,dir /all > >> slavebootflash:,dir /all slaveslot1:,dir /all nvram:,admin show > >> inventory raw,show running-config,dir /all slot1: > >> swick-uvm-gw2: End of run not found > >> ! > >> watt-uvm-gw3: missed cmd(s): dir /all disk1a:,admin show diag,dir /all > >> slavedisk2:,dir /all sec-slot2:,dir /all disk1:,dir /all sec-nvram:,dir > >> /all disk2:,dir /all sec-bootflash:,dir /all slaveslot2:,dir /all > >> disk0:,dir /all compactflasha:,dir /all slaveslot0:,dir /all > >> sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all > >> sec-disk2:,dir /all sec-disk0:,dir /all harddiskb:,dir /all > >> slavedisk1:,show controllers,show rpl maximum,dir /all slavedisk0:,show > >> debug,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,dir > >> /all disk0a:,dir /all slot2:,dir /all compactflash:,dir /all > >> harddisk:,dir /all slot0:,admin show running,show vlan,dir /all > >> slavebootflash:,dir /all slaveslot1:,dir /all nvram:,admin show > >> inventory raw,show running-config,dir /all slot1: > >> watt-uvm-gw3: End of run not found > >> ! > >> > >> > >> When i switch it from ios-xr to ios in the router.db file, it works, but > >> every time I run the rancid-run it gives me a huge diff of the ios-xr > >> routers. > >> > >> I have also un-commented NOPIPE=YES; export NOPIPE > >> > >> I have setup my ios-xr routers in a separate group. > >> > >> Still no dice. > >> > >> I have a separate group for my ios devices that is working fine. > >> > >> ideas? > >> > >> -Mike > >> > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From mvoity at uvm.edu Sat May 3 15:50:08 2014 From: mvoity at uvm.edu (Michael T. Voity) Date: Sat, 03 May 2014 11:50:08 -0400 Subject: [rancid] Setup issue In-Reply-To: <20140503144403.GA80011@shrubbery.net> References: <5363EDD0.6000404@uvm.edu> <53649023.4040101@gmail.com> <5364D6E4.6030708@uvm.edu> <20140503144403.GA80011@shrubbery.net> Message-ID: <53651030.1000306@uvm.edu> Looks like rancid can't find clogin when in cisco-xr mode - Which file(s) do i need to mod to make it work? [rancid at netwatch bin]$ ./rancid -t cisco-xr -d watt-uvm-gw3-200.3.uvm.edu loadtype: device type cisco-xr loadtype: found device type cisco-xr in /usr/local/rancid/etc/rancid.types.base executing clogin -t 90 -c"terminal no-timestamp;terminal exec prompt no-timestamp;admin show version;admin show install summary;admin show license;admin show variables boot;show redundancy secondary;show install active;admin show env all;dir /all nvram:;dir /all bootflash:;dir /all compactflash:;dir /all compactflasha:;dir /all slot0:;dir /all disk0:;dir /all disk0a:;dir /all slot1:;dir /all disk1:;dir /all disk1a:;dir /all slot2:;dir /all disk2:;dir /all harddisk:;dir /all harddiska:;dir /all harddiskb:;dir /all slavenvram:;dir /all slavebootflash:;dir /all slaveslot0:;dir /all slavedisk0:;dir /all slaveslot1:;dir /all slavedisk1:;dir /all slaveslot2:;dir /all slavedisk2:;dir /all sec-nvram:;dir /all sec-bootflash:;dir /all sec-slot0:;dir /all sec-disk0:;dir /all sec-slot1:;dir /all sec-disk1:;dir /all sec-slot2:;dir /all sec-disk2:;show controllers;admin show diag;admin show inventory raw;show vlan;show debug;show rpl maximum;admin show running;show running-config" watt-uvm-gw3-200.3.uvm.edu sh: clogin: command not found watt-uvm-gw3-200.3.uvm.edu: missed cmd(s): all commands watt-uvm-gw3-200.3.uvm.edu: End of run not found watt-uvm-gw3-200.3.uvm.edu: End of run not found Michael T. Voity Network Engineer University of Vermont On 5/3/14, 10:44 AM, heasley wrote: > clogin -c "`rancid -C -t cisco-xr`" watt-uvm-gw3-200.3.uvm.edu From heas at shrubbery.net Sat May 3 16:16:11 2014 From: heas at shrubbery.net (heasley) Date: Sat, 3 May 2014 16:16:11 +0000 Subject: [rancid] Setup issue In-Reply-To: <53651030.1000306@uvm.edu> References: <5363EDD0.6000404@uvm.edu> <53649023.4040101@gmail.com> <5364D6E4.6030708@uvm.edu> <20140503144403.GA80011@shrubbery.net> <53651030.1000306@uvm.edu> Message-ID: <20140503161611.GD80011@shrubbery.net> Sat, May 03, 2014 at 11:50:08AM -0400, Michael T. Voity: > Looks like rancid can't find clogin when in cisco-xr mode - > > Which file(s) do i need to mod to make it work? PATH is set in rancid.conf, so it will find it when run from cron. add the dir to your path or ". rancid.conf" From alan.mckinnon at gmail.com Sun May 4 20:12:59 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sun, 04 May 2014 22:12:59 +0200 Subject: [rancid] Setup issue In-Reply-To: <5364D6E4.6030708@uvm.edu> References: <5363EDD0.6000404@uvm.edu> <53649023.4040101@gmail.com> <5364D6E4.6030708@uvm.edu> Message-ID: <53669F4B.9010505@gmail.com> Hi Michael, By themselves those errors are not harmful (rancid can deal with them). To show why, I need to backtrack a bit and explain how the code is organised. This applies to 2.3.x I haven't read 3.0 enough to comment much. A text dump of a login session running commands show the structure: a text prompt, followed by the prompt character (> or #) then the command run, a newline, followed by the command output. Repeat for all commands. Finally, and exit, quit or similar command and the end of the text. The rancid script starts by skipping over everything from the beginning till it finds the defined prompt character. It records that text as the separator between the end of one command and the start of the next. The command run is immediately after on the same line which it looks up in @command and the value of that key is the sub to pass the text to. The script passes all text it finds to the sub until it hits the next prompt; and the cycle repeats. Two things can go wrong here: - A peculiar prompt that confuses the script[1] - the sub is in a while or other loop when that command output ends, without this the code that detects the prompt does not run when it must. The rule is that the command subs must be running their top-level code when the command exits. My first guess is that the command before those that didn't run is not exiting cleanly. Run this: clogin -t 90 -c "show version;show memory;show diag" and look for oddities in the output. Ordinarily a failed command is not a problem. The script looks for error messages and if it finds say "command not authorized" it simply skips over it and continues with the next one. [1]As an example I had a weird bug once with Cisco that didn;t run classic IOS. A command "show admin "something-or-other" didn't have a trailing newline in the output; all other commands were correct. My solution is to comment that command out - for me the output isn't especially useful in any way. On 03/05/2014 13:45, Michael T. Voity wrote: > Alan, > > I ran the xrancid and was given this - > > [rancid at netwatch bin]$ ./xrancid -d watt-uvm-gw3-200.3.uvm.edu > executing clogin -t 90 -c "show version;show memory;show diag;show > switch;show slot;show configuration detail;show configuration" > watt-uvm-gw3-200.3.uvm.edu > sh: clogin: command not found > watt-uvm-gw3-200.3.uvm.edu: missed cmd(s): all commands > watt-uvm-gw3-200.3.uvm.edu: End of run not found > watt-uvm-gw3-200.3.uvm.edu: End of run not found > > Then I ran just - > > ./clogin -t 90 -c "show version;show memory;show diag;show switch;show > slot;show configuration detail;show configuration" > watt-uvm-gw3-200.3.uvm.edu > > And determined that- show switch;show slot;show configuration > detail;show configuration did not run. > > > Ideas? > > -Mike > > > Michael T. Voity > Network Engineer > University of Vermont > > On 5/3/14, 2:43 AM, Alan McKinnon wrote: >> That's the standard log message you posted; for debugging purposes it's >> not especially useful. It's telling you that stuff didn't work and then >> lists all the stuff that didn't work. It doesn't indicate why. >> >> Run the parser script directly in debug mode to find out what's really >> going on. >> >> xrrancid -d >> >> >> This might not give you the real failure yet, but it will narrow it down >> to which area the problem happens in. >> >> >> On 02/05/2014 21:11, Michael T. Voity wrote: >>> Hello, >>> >>> I'm new to the RANCID realm. Before posting to this list I have done >>> my research and cannot quite seem to get the right answer to my issue. >>> >>> I'm trying to get RANCID to work with my Cisco ASR9001 which has >>> ios-xr - >>> >>> In the log file i get these messages - >>> >>> Trying to get all of the configs. >>> swick-uvm-gw2: missed cmd(s): dir /all disk1a:,admin show diag,dir /all >>> slavedisk2:,dir /all sec-slot2:,dir /all disk1:,dir /all sec-nvram:,dir >>> /all disk2:,dir /all sec-bootflash:,dir /all slaveslot2:,dir /all >>> disk0:,dir /all compactflasha:,dir /all slaveslot0:,dir /all >>> sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all >>> sec-disk2:,dir /all sec-disk0:,dir /all harddiskb:,dir /all >>> slavedisk1:,show controllers,show rpl maximum,dir /all slavedisk0:,show >>> debug,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,dir >>> /all disk0a:,dir /all slot2:,dir /all compactflash:,dir /all >>> harddisk:,dir /all slot0:,admin show running,show vlan,dir /all >>> slavebootflash:,dir /all slaveslot1:,dir /all nvram:,admin show >>> inventory raw,show running-config,dir /all slot1: >>> swick-uvm-gw2: End of run not found >>> ! >>> watt-uvm-gw3: missed cmd(s): dir /all disk1a:,admin show diag,dir /all >>> slavedisk2:,dir /all sec-slot2:,dir /all disk1:,dir /all sec-nvram:,dir >>> /all disk2:,dir /all sec-bootflash:,dir /all slaveslot2:,dir /all >>> disk0:,dir /all compactflasha:,dir /all slaveslot0:,dir /all >>> sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all >>> sec-disk2:,dir /all sec-disk0:,dir /all harddiskb:,dir /all >>> slavedisk1:,show controllers,show rpl maximum,dir /all slavedisk0:,show >>> debug,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,dir >>> /all disk0a:,dir /all slot2:,dir /all compactflash:,dir /all >>> harddisk:,dir /all slot0:,admin show running,show vlan,dir /all >>> slavebootflash:,dir /all slaveslot1:,dir /all nvram:,admin show >>> inventory raw,show running-config,dir /all slot1: >>> watt-uvm-gw3: End of run not found >>> ! >>> >>> >>> When i switch it from ios-xr to ios in the router.db file, it works, but >>> every time I run the rancid-run it gives me a huge diff of the ios-xr >>> routers. >>> >>> I have also un-commented NOPIPE=YES; export NOPIPE >>> >>> I have setup my ios-xr routers in a separate group. >>> >>> Still no dice. >>> >>> I have a separate group for my ios devices that is working fine. >>> >>> ideas? >>> >>> -Mike >>> >> > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -- Alan McKinnon alan.mckinnon at gmail.com From peo at chalmers.se Mon May 5 05:40:06 2014 From: peo at chalmers.se (Per-Olof Olsson) Date: Mon, 5 May 2014 07:40:06 +0200 Subject: [rancid] clogin can't login to more then one router. Message-ID: <53672436.7020605@chalmers.se> clogin only work if one router is listed at command line. (rancid 2.3.8 and 3.0 tested) clogin -c "show term" router1 router2 output for second router: -------------------------- can't read "autoenable": no such variable while executing "if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } { send_user -- "\nError: no enable password for $router in $password_file...." ("foreach" body line 28) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/local/rancid/bin/clogin" line 759) ---------------------------- Possible more settings need to be reset before login to each router. Got it to work for my settings, by moving "set enable 0" inside foreach loop. 3.0 clogin diff. *** 752,757 **** --- 752,758 ---- set prompt_match "" set enable 0 foreach router [lrange $argv $i end] { + set enable 0 set router [string tolower $router] # attempt at platform switching. set platform "" /Peo ---------------------------------------------------------- Per-Olof Olsson Email: peo at chalmers.se Chalmers tekniska h?gskola IT-service Arvid Hedvalls backe 6 412 96 G?teborg Tel: 031/772 6738 Fax: 031/772 8660 Mob: 0707 88 3708 ---------------------------------------------------------- From GMourani at prival.ca Mon May 5 12:33:41 2014 From: GMourani at prival.ca (Gerhard Mourani) Date: Mon, 5 May 2014 12:33:41 +0000 Subject: [rancid] System Up Time & Dell In-Reply-To: <20140501201433.GE9015@shrubbery.net> References: <20140501201433.GE9015@shrubbery.net> Message-ID: <2F83D591-049B-4F6B-9977-153F3DAAF719@prival.ca> Heasley, Just to let you know that your patch fixed the problem, thanks. On May 1, 2014, at 4:14 PM, heasley wrote: > Thu, May 01, 2014 at 01:23:52PM -0400, Gerhard Mourani: >> I'm using Rancid 3.0 to backup Dell switches using the 'smc' type and it >> work. But every time the script run, I receive the following diff. >> >> - ! System Up Time (days,hour:min:sec): 02,11:30:13 >> + ! System Up Time (days,hour:min:sec): 02,23:31:44 > > this should do it. > > Index: bin/srancid.in > =================================================================== > --- bin/srancid.in (revision 2828) > +++ bin/srancid.in (working copy) > @@ -215,7 +215,7 @@ > s/[\b]+\s*[\b]*//g; > > # Remove Uptime > - / Up time/ && next; > + / up time/i && next; > > # filter temperature sensor info for Dell 6428 stacks > /Temperature Sensors:/ && next; > @@ -251,7 +251,7 @@ > s/[\b]+\s*[\b]*//g; > > # Remove Uptime > - / Up time/ && next; > + / up time/i && next; > ProcessHistory("COMMENTS","keysort","D1","! $_"); > } > return(0); > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Mon May 5 14:17:44 2014 From: heas at shrubbery.net (heasley) Date: Mon, 5 May 2014 14:17:44 +0000 Subject: [rancid] (no subject) In-Reply-To: <20140505141703.614C9557F@guelah.shrubbery.net> Message-ID: <20140505141744.GE33336@shrubbery.net> Thu, May 01, 2014 at 01:21:42PM -0400, Gerhard Mourani: > Hello, > > I'm using Rancid 3.0 to check FortiGate configuration changes and it is > working except that I receive every time when the script is running, the > following diff. > > - set password ENC > ttKtc1dKyMz19Q6J7FQ6TLuM4ijBajn0gOgs8OvSaaExqFScZf1ngJTXpyHOrg8gdkcZLYKnTAWNGooEasQAYgnzwTq1siZvMrE37H1tQaBhDvenHB94CP7W+Esp/82LBKVA57xuaAVpehH0WCeFLIjdogE+N8yBfcmObOqBYewbTt9xRL/MG+XwQqtjHeyGC5tsrw== > + set password ENC > Ig68IRG3Y25jMaueDr6VTnROaGLp2DbwMKjK7AzIkDserF+TDqcdSOKof+vGSfBL52TPZGNN/JXsC6SRIZcBrPm2yE3ciRgkX9FxoNmN2WieUBr8GEaEdwD4HpHFe31D13Sc+k9tHLczdXOCYnGVFXMZNH2zaa6ZIzSIQuYPPaWBltJolkCcdEHQoUjQ4tB8imTGmw== this should fix that. Index: bin/fnrancid.in =================================================================== --- bin/fnrancid.in (revision 2837) +++ bin/fnrancid.in (working copy) @@ -225,7 +225,7 @@ } } # filter cycling password encryption - if (/^\s*(set [^\s]*)\s(Enc\s[^\s]+)(.*)/i && $filter_pwds > 0 ) { + if (/^\s*(set [^\s]*)\s(enc\s[^\s]+)(.*)/i && $filter_pwds > 0 ) { ProcessHistory("ENC","","","#$1 ENC $3\n"); next; } From mvoity at uvm.edu Mon May 5 17:47:53 2014 From: mvoity at uvm.edu (Michael T. Voity) Date: Mon, 05 May 2014 13:47:53 -0400 Subject: [rancid] Setup issue In-Reply-To: <53669F4B.9010505@gmail.com> References: <5363EDD0.6000404@uvm.edu> <53649023.4040101@gmail.com> <5364D6E4.6030708@uvm.edu> <53669F4B.9010505@gmail.com> Message-ID: <5367CEC9.2090506@uvm.edu> Alan, I got things working for my cisco-xr devices with RANCID. I did a bunch of debugging and tweaking to get it all dialed in. OS level I did this globally - export NOPIPE=YES export PATH $PATH:/usr/local/rancid/bin I determined that things were timing out when it would run the command 'admin show env all' and then fail the rest of the command. I then commented out 'cisco-xr;command;iosxr::ShowEnv;admin show env all' in '/usr/local/rancid/etc/rancid.types.base' Once this was commented out, all is well and it works perfect! Thank you to Alan and Heasley for all your guidance in getting this fixed! -Mike Michael T. Voity Network Engineer University of Vermont On 5/4/14, 4:12 PM, Alan McKinnon wrote: > Hi Michael, > > By themselves those errors are not harmful (rancid can deal with them). > To show why, I need to backtrack a bit and explain how the code is > organised. This applies to 2.3.x I haven't read 3.0 enough to comment much. > > A text dump of a login session running commands show the structure: > a text prompt, followed by the prompt character (> or #) then the > command run, a newline, followed by the command output. Repeat for all > commands. Finally, and exit, quit or similar command and the end of the > text. > > The rancid script starts by skipping over everything from the beginning > till it finds the defined prompt character. It records that text as the > separator between the end of one command and the start of the next. The > command run is immediately after on the same line which it looks up in > @command and the value of that key is the sub to pass the text to. The > script passes all text it finds to the sub until it hits the next > prompt; and the cycle repeats. > > Two things can go wrong here: > - A peculiar prompt that confuses the script[1] > - the sub is in a while or other loop when that command output ends, > without this the code that detects the prompt does not run when it must. > The rule is that the command subs must be running their top-level code > when the command exits. > > My first guess is that the command before those that didn't run is not > exiting cleanly. Run this: > > clogin -t 90 -c "show version;show memory;show diag" > > and look for oddities in the output. > > Ordinarily a failed command is not a problem. The script looks for error > messages and if it finds say "command not authorized" it simply skips > over it and continues with the next one. > > > > [1]As an example I had a weird bug once with Cisco that didn;t run > classic IOS. A command "show admin "something-or-other" didn't have a > trailing newline in the output; all other commands were correct. My > solution is to comment that command out - for me the output isn't > especially useful in any way. > > > > On 03/05/2014 13:45, Michael T. Voity wrote: >> Alan, >> >> I ran the xrancid and was given this - >> >> [rancid at netwatch bin]$ ./xrancid -d watt-uvm-gw3-200.3.uvm.edu >> executing clogin -t 90 -c "show version;show memory;show diag;show >> switch;show slot;show configuration detail;show configuration" >> watt-uvm-gw3-200.3.uvm.edu >> sh: clogin: command not found >> watt-uvm-gw3-200.3.uvm.edu: missed cmd(s): all commands >> watt-uvm-gw3-200.3.uvm.edu: End of run not found >> watt-uvm-gw3-200.3.uvm.edu: End of run not found >> >> Then I ran just - >> >> ./clogin -t 90 -c "show version;show memory;show diag;show switch;show >> slot;show configuration detail;show configuration" >> watt-uvm-gw3-200.3.uvm.edu >> >> And determined that- show switch;show slot;show configuration >> detail;show configuration did not run. >> >> >> Ideas? >> >> -Mike >> >> >> Michael T. Voity >> Network Engineer >> University of Vermont >> >> On 5/3/14, 2:43 AM, Alan McKinnon wrote: >>> That's the standard log message you posted; for debugging purposes it's >>> not especially useful. It's telling you that stuff didn't work and then >>> lists all the stuff that didn't work. It doesn't indicate why. >>> >>> Run the parser script directly in debug mode to find out what's really >>> going on. >>> >>> xrrancid -d >>> >>> >>> This might not give you the real failure yet, but it will narrow it down >>> to which area the problem happens in. >>> >>> >>> On 02/05/2014 21:11, Michael T. Voity wrote: >>>> Hello, >>>> >>>> I'm new to the RANCID realm. Before posting to this list I have done >>>> my research and cannot quite seem to get the right answer to my issue. >>>> >>>> I'm trying to get RANCID to work with my Cisco ASR9001 which has >>>> ios-xr - >>>> >>>> In the log file i get these messages - >>>> >>>> Trying to get all of the configs. >>>> swick-uvm-gw2: missed cmd(s): dir /all disk1a:,admin show diag,dir /all >>>> slavedisk2:,dir /all sec-slot2:,dir /all disk1:,dir /all sec-nvram:,dir >>>> /all disk2:,dir /all sec-bootflash:,dir /all slaveslot2:,dir /all >>>> disk0:,dir /all compactflasha:,dir /all slaveslot0:,dir /all >>>> sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all >>>> sec-disk2:,dir /all sec-disk0:,dir /all harddiskb:,dir /all >>>> slavedisk1:,show controllers,show rpl maximum,dir /all slavedisk0:,show >>>> debug,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,dir >>>> /all disk0a:,dir /all slot2:,dir /all compactflash:,dir /all >>>> harddisk:,dir /all slot0:,admin show running,show vlan,dir /all >>>> slavebootflash:,dir /all slaveslot1:,dir /all nvram:,admin show >>>> inventory raw,show running-config,dir /all slot1: >>>> swick-uvm-gw2: End of run not found >>>> ! >>>> watt-uvm-gw3: missed cmd(s): dir /all disk1a:,admin show diag,dir /all >>>> slavedisk2:,dir /all sec-slot2:,dir /all disk1:,dir /all sec-nvram:,dir >>>> /all disk2:,dir /all sec-bootflash:,dir /all slaveslot2:,dir /all >>>> disk0:,dir /all compactflasha:,dir /all slaveslot0:,dir /all >>>> sec-slot1:,dir /all harddiska:,dir /all slavenvram:,dir /all >>>> sec-disk2:,dir /all sec-disk0:,dir /all harddiskb:,dir /all >>>> slavedisk1:,show controllers,show rpl maximum,dir /all slavedisk0:,show >>>> debug,dir /all bootflash:,dir /all sec-slot0:,dir /all sec-disk1:,dir >>>> /all disk0a:,dir /all slot2:,dir /all compactflash:,dir /all >>>> harddisk:,dir /all slot0:,admin show running,show vlan,dir /all >>>> slavebootflash:,dir /all slaveslot1:,dir /all nvram:,admin show >>>> inventory raw,show running-config,dir /all slot1: >>>> watt-uvm-gw3: End of run not found >>>> ! >>>> >>>> >>>> When i switch it from ios-xr to ios in the router.db file, it works, but >>>> every time I run the rancid-run it gives me a huge diff of the ios-xr >>>> routers. >>>> >>>> I have also un-commented NOPIPE=YES; export NOPIPE >>>> >>>> I have setup my ios-xr routers in a separate group. >>>> >>>> Still no dice. >>>> >>>> I have a separate group for my ios devices that is working fine. >>>> >>>> ideas? >>>> >>>> -Mike >>>> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> > From heas at shrubbery.net Mon May 5 23:06:13 2014 From: heas at shrubbery.net (heasley) Date: Mon, 5 May 2014 23:06:13 +0000 Subject: [rancid] clogin can't login to more then one router. In-Reply-To: <20140505230418.2F5D340236@sea.shrubbery.net> <53672436.7020605@chalmers.se> Message-ID: <20140505230613.GK47109@shrubbery.net> Mon, May 05, 2014 at 07:40:06AM +0200, Per-Olof Olsson: > > clogin only work if one router is listed at command line. > (rancid 2.3.8 and 3.0 tested) > > clogin -c "show term" router1 router2 > > output for second router: > -------------------------- > can't read "autoenable": no such variable > while executing > "if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } { > send_user -- "\nError: no enable password for $router in $password_file...." > ("foreach" body line 28) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > # attempt at platform switching. > set platform "" > send_user ..." > (file "/usr/local/rancid/bin/clogin" line 759) > ---------------------------- > > Possible more settings need to be reset before login to each router. > Got it to work for my settings, by moving "set enable 0" inside foreach loop. > I think you misread the error msg. this seems like a better fix, and yet still somewhat lacking, in the sense that autoenable should just go away, eventually. look good? Index: bin/clogin.in =================================================================== --- bin/clogin.in (revision 2838) +++ bin/clogin.in (working copy) @@ -750,7 +750,6 @@ set in_proc 0 set exitval 0 set prompt_match "" -set enable 0 foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. @@ -769,9 +768,23 @@ set prompt "(>|#| \\(enable\\))" } - # look for noenable option in .cloginrc - if { [find noenable $router] == "1" } { + # look for autoenable option in .cloginrc & cmd-line + set ae [find autoenable $router] + if { "$ae" == "1" || $avautoenable } { + set autoenable 1 + } else { + set autoenable 0 + } + # look for enable options in .cloginrc & cmd-line + if { $avenable == 0 } { set enable 0 + } else { + set ne [find noenable $router] + if { "$ne" == "1" || "$autoenable" == "1" } { + set enable 0 + } else { + set enable 1 + } } # Figure out passwords @@ -882,18 +895,6 @@ # Figure out the prompt. if { [regexp -- "(#| \\(enable\\))" $prompt_match junk] == 1 } { set enable 0 - } else { - if { $avenable == 0 } { - set enable 0 - } else { - set ne [find noenable $router] - set ae [find autoenable $router] - if { "$ne" == "1" || "$ae" == "1" || $avautoenable } { - set enable 0 - } else { - set enable 1 - } - } } if { $enable } { if {[do_enable $enauser $enapasswd]} { From heas at shrubbery.net Mon May 5 23:11:52 2014 From: heas at shrubbery.net (heasley) Date: Mon, 5 May 2014 23:11:52 +0000 Subject: [rancid] (no subject) and Re: System Up Time & Dell In-Reply-To: <5362ACDD.2070705@ale.cx> References: <5362ACDD.2070705@ale.cx> Message-ID: <20140505231151.GM47109@shrubbery.net> Thu, May 01, 2014 at 09:21:49PM +0100, Alex DEKKER: > I wonder, given the sheer number of threads discussing the topic of > cycling/incrementing output in RANCID emails, might some mechanism for > either a) automatically detecting cycling/incrementing output or b) > making it easier to get RANCID to ignore it be a worthy target for > development? suggestions how to do that? it can't be too greedy; its possible for things to cycle due to a bug, h/w failure, or intrusion, which should not be ignored. From gavinj84 at gmail.com Tue May 6 08:35:02 2014 From: gavinj84 at gmail.com (Gavin Jones) Date: Tue, 6 May 2014 18:35:02 +1000 Subject: [rancid] Cisco WLC: Rancid 3.0 add other vendor devices??? Message-ID: Hi all, New user to RANCID 3.0 here, I can login to a Cisco WLC no issues with: bin/clogin wlchostname bin/wlogin wlchostname I also have custom WLC scripts, that login to the WLC and backup the config and work fine, which I obtained from here: http://www.shrubbery.net/pipermail/rancid-discuss/2010-February/004652.html Which I have placed in: /usr/local/rancid/bin and saved as ciscowlc5 /usr/local/rancid/bi*n/*ciscowlc5 wlchostname : logs in and saves the config no problems. Now everywhere I read, to add a custom script / vendor device you need to add the new details in rancid-fe. /usr/local/rancid/bin/rancid-fe now looks for Vendors in one of these files /usr/local/rancid/etc/rancid.types.base /usr/local/rancid/etc/rancid.types.conf vim /usr/local/rancid/etc/rancid.types.base ciscowlc;script;ciscowlc5 I now update my router.db vim /usr/local/rancid/etc/router.db wlchost:ciscowlc:up I tail the logs and get these errors: Unknown option: t ciscowlc wlogin error: Error: Unknown host ciscowlc ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands ciscowlc: End of run not found ! Unknown option: t ciscowlc wlogin error: Error: Unknown host ciscowlc ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands ciscowlc: End of run not found can someone please show me the light? why does not use the working, /usr/local/rancid/bin/ciscowlc script? Thanks for your time I seem confused can someone please check my steps for adding this script into rancid 3.0 to get it to backup the WLC also if I need to add other vendors in the future how to add them into RANCID 3.0? Thanks for your time. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Tue May 6 14:49:40 2014 From: heas at shrubbery.net (heasley) Date: Tue, 6 May 2014 14:49:40 +0000 Subject: [rancid] Cisco WLC: Rancid 3.0 add other vendor devices??? In-Reply-To: References: Message-ID: <20140506144940.GB75483@shrubbery.net> Tue, May 06, 2014 at 06:35:02PM +1000, Gavin Jones: > Hi all, > New user to RANCID 3.0 here, I can login to a Cisco WLC no > issues with: > > bin/clogin wlchostname > bin/wlogin wlchostname > > I also have custom WLC scripts, that login to the WLC and backup the config > and work fine, > which I obtained from here: > http://www.shrubbery.net/pipermail/rancid-discuss/2010-February/004652.html > > > Which I have placed in: /usr/local/rancid/bin and saved as ciscowlc5 > > /usr/local/rancid/bi*n/*ciscowlc5 wlchostname : logs in and saves the > config no problems. > > Now everywhere I read, to add a custom script / vendor device you need to > add the new details in rancid-fe. > > /usr/local/rancid/bin/rancid-fe now looks for Vendors in one of these files > > /usr/local/rancid/etc/rancid.types.base > /usr/local/rancid/etc/rancid.types.conf > > > vim /usr/local/rancid/etc/rancid.types.base you should put this in rancid.types.conf - YOUR localized config file. rancid.types.base will be overwritten by installation of new versions of rancid, as indicated at the top of rancid.types.base. > ciscowlc;script;ciscowlc5 > > I now update my router.db > > vim /usr/local/rancid/etc/router.db > > wlchost:ciscowlc:up ;'s, not :'s, are the field separator beginning with rancid 3.0. > I tail the logs and get these errors: > > > Unknown option: t > ciscowlc wlogin error: Error: Unknown host ciscowlc > ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands > ciscowlc: End of run not found > ! > Unknown option: t > ciscowlc wlogin error: Error: Unknown host ciscowlc > ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands > ciscowlc: End of run not found > > can someone please show me the light? > > why does not use the working, /usr/local/rancid/bin/ciscowlc script? > > > > Thanks for your time I seem confused can someone please check my steps for > adding this script into rancid 3.0 to get it to backup the WLC also if I > need to add other vendors in the future how to add them into RANCID 3.0? > > Thanks for your time. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From gavinj84 at gmail.com Mon May 5 06:22:53 2014 From: gavinj84 at gmail.com (Gavin Jones) Date: Mon, 5 May 2014 06:22:53 +0000 (UTC) Subject: [rancid] rancid -t cisco host works but rancid host does not. References: Message-ID: Andrei Sabau gmail.com> writes: > > > > > > > > Hello. I've recently installed Rancid on a Centos 6. I have worked with it before a bit but never encountered this issue. > I have hosts assigned in the hosts file. I have the host added in /router.db > The clogin command works. The clogin -c command works. > The log from run-rancid shows almost empty. I tried running the comands separately but 'rancid host' gives me a:loadtype(): device_type is empty > > Couldn't load device type spec for > but 'rancid -t cisco host' works. I'm thinking this has to do with rancid and the group's router.db. > my group is in rancid.conf (LIST_OF_GROUPS="networking") but is the networking/router.db even read? > Any ideas are helpful, thanks. > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss I too am having this exact problem, surely there is a fix?? Thanks From alan.mckinnon at gmail.com Tue May 6 23:37:58 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 07 May 2014 01:37:58 +0200 Subject: [rancid] rancid -t cisco host works but rancid host does not. In-Reply-To: References: Message-ID: <53697256.7070301@gmail.com> On 05/05/2014 08:22, Gavin Jones wrote: > Andrei Sabau gmail.com> writes: > >> >> >> >> >> >> >> >> Hello. I've recently installed Rancid on a Centos 6. I have worked with it > before a bit but never encountered this issue. >> I have hosts assigned in the hosts file. I have the host added in > /router.db >> The clogin command works. The clogin -c command works. >> The log from run-rancid shows almost empty. I tried running the comands > separately but 'rancid host' gives me a:loadtype(): device_type is empty >> >> Couldn't load device type spec for >> but 'rancid -t cisco host' works. I'm thinking this has to do with rancid > and the group's router.db. >> my group is in rancid.conf (LIST_OF_GROUPS="networking") but is the > networking/router.db even read? >> Any ideas are helpful, thanks. >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > I too am having this exact problem, surely there is a fix?? > > Thanks Two things stand out to be checked in router.db: 1. If you are using rancid 2.x the device type is "cisco" and the field separator is a colon ":" 2. If you are using rancid 3.x the device type is "cisco" and the field separator is a semi-colon ";" -- Alan McKinnon alan.mckinnon at gmail.com From gavinj84 at gmail.com Wed May 7 02:46:57 2014 From: gavinj84 at gmail.com (Gavin Jones) Date: Wed, 7 May 2014 12:46:57 +1000 Subject: [rancid] Cisco WLC: Rancid 3.0 add other vendor devices??? In-Reply-To: <20140506144940.GB75483@shrubbery.net> References: <20140506144940.GB75483@shrubbery.net> Message-ID: Hi heasley, thanks for you reply I made the changes by using the semi-colons in the the router.db and used /usr/local/rancid/etc/rancid.types.conf, however I still have no success. Here are my exact steps: /usr/local/rancid/bin/ciscowlc5 wlchostname : logs in and saves the config fine. Removed the entry ciscowlc;script;ciscowlc5 from /usr/local/rancid/etc/rancid.types.base Added it in: /usr/local/rancid/etc/rancid.types.conf ciscowlc;script;ciscowlc5 Changed to semi-colons: vim /usr/local/rancid/var/networking/router.db wlchost;ciscowlc;up rancid-run tail -f var/logs/networking.20140507.10330 Trying to get all of the configs. Unknown option: t ciscowlc wlogin error: Error: Unknown host ciscowlc ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands ciscowlc: End of run not found Thanks for your time and patience. On Wed, May 7, 2014 at 12:49 AM, heasley wrote: > Tue, May 06, 2014 at 06:35:02PM +1000, Gavin Jones: > > Hi all, > > New user to RANCID 3.0 here, I can login to a Cisco WLC no > > issues with: > > > > bin/clogin wlchostname > > bin/wlogin wlchostname > > > > I also have custom WLC scripts, that login to the WLC and backup the > config > > and work fine, > > which I obtained from here: > > > http://www.shrubbery.net/pipermail/rancid-discuss/2010-February/004652.html > > > > > > Which I have placed in: /usr/local/rancid/bin and saved as ciscowlc5 > > > > /usr/local/rancid/bi*n/*ciscowlc5 wlchostname : logs in and saves the > > config no problems. > > > > Now everywhere I read, to add a custom script / vendor device you need to > > add the new details in rancid-fe. > > > > /usr/local/rancid/bin/rancid-fe now looks for Vendors in one of these > files > > > > /usr/local/rancid/etc/rancid.types.base > > /usr/local/rancid/etc/rancid.types.conf > > > > > > vim /usr/local/rancid/etc/rancid.types.base > > you should put this in rancid.types.conf - YOUR localized config file. > rancid.types.base will be overwritten by installation of new versions of > rancid, as indicated at the top of rancid.types.base. > > > ciscowlc;script;ciscowlc5 > > > > I now update my router.db > > > > vim /usr/local/rancid/etc/router.db > > > > wlchost:ciscowlc:up > > ;'s, not :'s, are the field separator beginning with rancid 3.0. > > > I tail the logs and get these errors: > > > > > > Unknown option: t > > ciscowlc wlogin error: Error: Unknown host ciscowlc > > ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands > > ciscowlc: End of run not found > > ! > > Unknown option: t > > ciscowlc wlogin error: Error: Unknown host ciscowlc > > ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands > > ciscowlc: End of run not found > > > > can someone please show me the light? > > > > why does not use the working, /usr/local/rancid/bin/ciscowlc script? > > > > > > > > Thanks for your time I seem confused can someone please check my steps > for > > adding this script into rancid 3.0 to get it to backup the WLC also if I > > need to add other vendors in the future how to add them into RANCID 3.0? > > > > Thanks for your time. > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From gavinj84 at gmail.com Wed May 7 03:31:02 2014 From: gavinj84 at gmail.com (Gavin Jones) Date: Wed, 7 May 2014 13:31:02 +1000 Subject: [rancid] Cisco WLC: Rancid 3.0 add other vendor devices??? In-Reply-To: References: <20140506144940.GB75483@shrubbery.net> Message-ID: Ok I am pretty sure I have broken my /usr/local/rancid/etc/rancid.types.conf will get back to you guys soon. On Wed, May 7, 2014 at 12:46 PM, Gavin Jones wrote: > Hi heasley, thanks for you reply I made the changes by using the > semi-colons in the the router.db and used > /usr/local/rancid/etc/rancid.types.conf, however I still have no success. > > Here are my exact steps: > > /usr/local/rancid/bin/ciscowlc5 wlchostname : logs in and saves the config > fine. > > Removed the entry ciscowlc;script;ciscowlc5 from > /usr/local/rancid/etc/rancid.types.base > > Added it in: /usr/local/rancid/etc/rancid.types.conf > ciscowlc;script;ciscowlc5 > > Changed to semi-colons: > > vim /usr/local/rancid/var/networking/router.db > wlchost;ciscowlc;up > > rancid-run > > tail -f var/logs/networking.20140507.10330 > > Trying to get all of the configs. > Unknown option: t > ciscowlc wlogin error: Error: Unknown host ciscowlc > ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands > ciscowlc: End of run not found > > Thanks for your time and patience. > > > On Wed, May 7, 2014 at 12:49 AM, heasley wrote: > >> Tue, May 06, 2014 at 06:35:02PM +1000, Gavin Jones: >> > Hi all, >> > New user to RANCID 3.0 here, I can login to a Cisco WLC no >> > issues with: >> > >> > bin/clogin wlchostname >> > bin/wlogin wlchostname >> > >> > I also have custom WLC scripts, that login to the WLC and backup the >> config >> > and work fine, >> > which I obtained from here: >> > >> http://www.shrubbery.net/pipermail/rancid-discuss/2010-February/004652.html >> > >> > >> > Which I have placed in: /usr/local/rancid/bin and saved as ciscowlc5 >> > >> > /usr/local/rancid/bi*n/*ciscowlc5 wlchostname : logs in and saves the >> > config no problems. >> > >> > Now everywhere I read, to add a custom script / vendor device you need >> to >> > add the new details in rancid-fe. >> > >> > /usr/local/rancid/bin/rancid-fe now looks for Vendors in one of these >> files >> > >> > /usr/local/rancid/etc/rancid.types.base >> > /usr/local/rancid/etc/rancid.types.conf >> > >> > >> > vim /usr/local/rancid/etc/rancid.types.base >> >> you should put this in rancid.types.conf - YOUR localized config file. >> rancid.types.base will be overwritten by installation of new versions of >> rancid, as indicated at the top of rancid.types.base. >> >> > ciscowlc;script;ciscowlc5 >> > >> > I now update my router.db >> > >> > vim /usr/local/rancid/etc/router.db >> > >> > wlchost:ciscowlc:up >> >> ;'s, not :'s, are the field separator beginning with rancid 3.0. >> >> > I tail the logs and get these errors: >> > >> > >> > Unknown option: t >> > ciscowlc wlogin error: Error: Unknown host ciscowlc >> > ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands >> > ciscowlc: End of run not found >> > ! >> > Unknown option: t >> > ciscowlc wlogin error: Error: Unknown host ciscowlc >> > ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands >> > ciscowlc: End of run not found >> > >> > can someone please show me the light? >> > >> > why does not use the working, /usr/local/rancid/bin/ciscowlc script? >> > >> > >> > >> > Thanks for your time I seem confused can someone please check my steps >> for >> > adding this script into rancid 3.0 to get it to backup the WLC also if I >> > need to add other vendors in the future how to add them into RANCID 3.0? >> > >> > Thanks for your time. >> >> > _______________________________________________ >> > Rancid-discuss mailing list >> > Rancid-discuss at shrubbery.net >> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From gavinj84 at gmail.com Wed May 7 05:48:05 2014 From: gavinj84 at gmail.com (Gavin Jones) Date: Wed, 7 May 2014 15:48:05 +1000 Subject: [rancid] Cisco WLC: Rancid 3.0 add other vendor devices??? In-Reply-To: References: <20140506144940.GB75483@shrubbery.net> Message-ID: Started going a little crazy on this and I hope I am closer to it...... vim /usr/local/rancid/etc/rancid.types.conf ciscowlc;login;ciscowlc5 vim /usr/local/rancid/var/networking/router.db wlchost;ciscowlc;up rancid-run tail -f var/logs/networking unknown router manufacturer for wlchost: ciscowlc So it's still not reading the added vendor: ciscowlc Had another look in rancid-fe vim /usr/local/rancid/bin/rancid-fe # XXX use rancid::loadtype() to parse these files. foreach $file ("/usr/local/rancid/etc/rancid.types.base", "/usr/local/rancid/etc/rancid.types.conf") { The comment states that I need rancid::loadtype installed. Did a search to see if I had the rancid::loadtype library installed: [rancid at ranct1 configs]$ perl -Mrancid::loadtype -e "print\"Module installed.\\n\";" Can't locate rancid/loadtype.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .). BEGIN failed--compilation aborted. locate loadtype.pm = still no sign. Can anyone suggest where I get rancid::loadtype ?? I checked http://www.cpan.org/, OR this something I have messed up during compilation? Thanks On Wed, May 7, 2014 at 1:31 PM, Gavin Jones wrote: > Ok I am pretty sure I have broken my /usr/local/rancid/etc/rancid.types.conf > will get back to you guys soon. > > > On Wed, May 7, 2014 at 12:46 PM, Gavin Jones wrote: > >> Hi heasley, thanks for you reply I made the changes by using the >> semi-colons in the the router.db and used >> /usr/local/rancid/etc/rancid.types.conf, however I still have no success. >> >> Here are my exact steps: >> >> /usr/local/rancid/bin/ciscowlc5 wlchostname : logs in and saves the >> config fine. >> >> Removed the entry ciscowlc;script;ciscowlc5 from >> /usr/local/rancid/etc/rancid.types.base >> >> Added it in: /usr/local/rancid/etc/rancid.types.conf >> ciscowlc;script;ciscowlc5 >> >> Changed to semi-colons: >> >> vim /usr/local/rancid/var/networking/router.db >> wlchost;ciscowlc;up >> >> rancid-run >> >> tail -f var/logs/networking.20140507.10330 >> >> Trying to get all of the configs. >> Unknown option: t >> ciscowlc wlogin error: Error: Unknown host ciscowlc >> ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands >> ciscowlc: End of run not found >> >> Thanks for your time and patience. >> >> >> On Wed, May 7, 2014 at 12:49 AM, heasley wrote: >> >>> Tue, May 06, 2014 at 06:35:02PM +1000, Gavin Jones: >>> > Hi all, >>> > New user to RANCID 3.0 here, I can login to a Cisco WLC no >>> > issues with: >>> > >>> > bin/clogin wlchostname >>> > bin/wlogin wlchostname >>> > >>> > I also have custom WLC scripts, that login to the WLC and backup the >>> config >>> > and work fine, >>> > which I obtained from here: >>> > >>> http://www.shrubbery.net/pipermail/rancid-discuss/2010-February/004652.html >>> > >>> > >>> > Which I have placed in: /usr/local/rancid/bin and saved as ciscowlc5 >>> > >>> > /usr/local/rancid/bi*n/*ciscowlc5 wlchostname : logs in and saves the >>> > config no problems. >>> > >>> > Now everywhere I read, to add a custom script / vendor device you need >>> to >>> > add the new details in rancid-fe. >>> > >>> > /usr/local/rancid/bin/rancid-fe now looks for Vendors in one of these >>> files >>> > >>> > /usr/local/rancid/etc/rancid.types.base >>> > /usr/local/rancid/etc/rancid.types.conf >>> > >>> > >>> > vim /usr/local/rancid/etc/rancid.types.base >>> >>> you should put this in rancid.types.conf - YOUR localized config file. >>> rancid.types.base will be overwritten by installation of new versions of >>> rancid, as indicated at the top of rancid.types.base. >>> >>> > ciscowlc;script;ciscowlc5 >>> > >>> > I now update my router.db >>> > >>> > vim /usr/local/rancid/etc/router.db >>> > >>> > wlchost:ciscowlc:up >>> >>> ;'s, not :'s, are the field separator beginning with rancid 3.0. >>> >>> > I tail the logs and get these errors: >>> > >>> > >>> > Unknown option: t >>> > ciscowlc wlogin error: Error: Unknown host ciscowlc >>> > ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands >>> > ciscowlc: End of run not found >>> > ! >>> > Unknown option: t >>> > ciscowlc wlogin error: Error: Unknown host ciscowlc >>> > ciscowlc: missed cmd(s): show sysinfo,show udi,show run-config commands >>> > ciscowlc: End of run not found >>> > >>> > can someone please show me the light? >>> > >>> > why does not use the working, /usr/local/rancid/bin/ciscowlc script? >>> > >>> > >>> > >>> > Thanks for your time I seem confused can someone please check my steps >>> for >>> > adding this script into rancid 3.0 to get it to backup the WLC also if >>> I >>> > need to add other vendors in the future how to add them into RANCID >>> 3.0? >>> > >>> > Thanks for your time. >>> >>> > _______________________________________________ >>> > Rancid-discuss mailing list >>> > Rancid-discuss at shrubbery.net >>> > http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>> >>> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From marcus.mansfield at harman.com Wed May 7 11:55:34 2014 From: marcus.mansfield at harman.com (Mansfield, Marcus) Date: Wed, 7 May 2014 13:55:34 +0200 Subject: [rancid] RANCID : Riverbed Steelheads Message-ID: <418DDD5D3E0CE54091E20F30B184CB0A46FBEEAF45@HIKAWSEX04.ad.harman.com> So, like many I'm attempting to configure RANCID for use with our Riverbed population. It mostly works... I can log in, get to enable mode and send commands etc. ( using clogin ) In debug mode, the raw file shows everything exactly as I would expect. I'm processing a few commands. Show info, show version, show licenses, show boot, show admission, show limit bandwidth and show run. I'm not an expect / perl programmer so I've hacked a copy of the rancid file to just dump exactly what appears on the screen and as I said it debug mode it works perfectly. However, what its run in batchmode it always tells me its missed commands and even though when I watch the file creation, I see the ".new" file created and populated it is never saved, it enters the "missed router" process, deletes the file and starts again. I'm obviously missing setting some variables to tell either the rancid file or the clogin file that it was successful. Would apprecaite any pointers. For reference I'm running RANCID and ViewVC on CentOS. However, I also have a homegrown web application thats uses wscript files ( yes, Windows ) on another server to read the configuration files of each device and import it into a SQL DB that is used to generate a basic ASPX front end. The SQL DB is also use to generate the .cloginrc / router.db files automatically from the database content. It has a few extra functions to filter by device type, region, country, location and look for CDP neihbors that do not exist in the RANCID db file etc. Marcus -------------- next part -------------- An HTML attachment was scrubbed... URL: From peo at chalmers.se Thu May 8 05:35:47 2014 From: peo at chalmers.se (Per-Olof Olsson) Date: Thu, 8 May 2014 07:35:47 +0200 Subject: [rancid] clogin can't login to more then one router. In-Reply-To: <20140505230613.GK47109@shrubbery.net> References: <20140505230613.GK47109@shrubbery.net> Message-ID: <536B17B3.7070404@chalmers.se> Thanks. Now added your patch and it works nice. Better to rewrite, then just add one more fast fix. /Peo On 05/06/2014 01:06 AM, heasley wrote: > Mon, May 05, 2014 at 07:40:06AM +0200, Per-Olof Olsson: >> >> clogin only work if one router is listed at command line. >> (rancid 2.3.8 and 3.0 tested) >> >> clogin -c "show term" router1 router2 >> >> output for second router: >> -------------------------- >> can't read "autoenable": no such variable >> while executing >> "if { $enable && $do_enapasswd && $autoenable == 0 && [llength $pswd] < 2 } { >> send_user -- "\nError: no enable password for $router in $password_file...." >> ("foreach" body line 28) >> invoked from within >> "foreach router [lrange $argv $i end] { >> set router [string tolower $router] >> # attempt at platform switching. >> set platform "" >> send_user ..." >> (file "/usr/local/rancid/bin/clogin" line 759) >> ---------------------------- >> >> Possible more settings need to be reset before login to each router. >> Got it to work for my settings, by moving "set enable 0" inside foreach loop. >> > > I think you misread the error msg. this seems like a better fix, and yet > still somewhat lacking, in the sense that autoenable should just go away, > eventually. look good? > > Index: bin/clogin.in > =================================================================== > --- bin/clogin.in (revision 2838) > +++ bin/clogin.in (working copy) > @@ -750,7 +750,6 @@ > set in_proc 0 > set exitval 0 > set prompt_match "" > -set enable 0 > foreach router [lrange $argv $i end] { > set router [string tolower $router] > # attempt at platform switching. > @@ -769,9 +768,23 @@ > set prompt "(>|#| \\(enable\\))" > } > > - # look for noenable option in .cloginrc > - if { [find noenable $router] == "1" } { > + # look for autoenable option in .cloginrc & cmd-line > + set ae [find autoenable $router] > + if { "$ae" == "1" || $avautoenable } { > + set autoenable 1 > + } else { > + set autoenable 0 > + } > + # look for enable options in .cloginrc & cmd-line > + if { $avenable == 0 } { > set enable 0 > + } else { > + set ne [find noenable $router] > + if { "$ne" == "1" || "$autoenable" == "1" } { > + set enable 0 > + } else { > + set enable 1 > + } > } > > # Figure out passwords > @@ -882,18 +895,6 @@ > # Figure out the prompt. > if { [regexp -- "(#| \\(enable\\))" $prompt_match junk] == 1 } { > set enable 0 > - } else { > - if { $avenable == 0 } { > - set enable 0 > - } else { > - set ne [find noenable $router] > - set ae [find autoenable $router] > - if { "$ne" == "1" || "$ae" == "1" || $avautoenable } { > - set enable 0 > - } else { > - set enable 1 > - } > - } > } > if { $enable } { > if {[do_enable $enauser $enapasswd]} { > From daniel.schmidt at wyo.gov Thu May 8 18:58:16 2014 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Thu, 8 May 2014 12:58:16 -0600 Subject: [rancid] Cienna / Lightning Edge In-Reply-To: <52C29D8B.7010903@apolix.co.za> References: <52BC8847.700@qis.net> <52C29D8B.7010903@apolix.co.za> Message-ID: Anybody ever finish Ciena support? On Tue, Dec 31, 2013 at 3:33 AM, Graham Beneke wrote: > On 26/12/2013 21:49, Willie Bollinger wrote: > > Has anybody had any luck getting rancid to work with Ciena Switches? > > I'm also interested in collecting Ciena configs. > > Was planning to try code up the bits required in the new year as I have > not yet found any sign that they exist already. > > -- > Graham Beneke > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.schmidt at wyo.gov Thu May 8 19:02:52 2014 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Thu, 8 May 2014 13:02:52 -0600 Subject: [rancid] (no subject) and Re: System Up Time & Dell In-Reply-To: <20140505231151.GM47109@shrubbery.net> References: <5362ACDD.2070705@ale.cx> <20140505231151.GM47109@shrubbery.net> Message-ID: File of regex to cross reference? Granted, Regex is not much easier than modifying Perl to copy whatever the last guy did. Maybe a "howto modify Rancid" doc so lazy @$$ people like me fix their own problems instead of asking if somebody else has already done it. On Mon, May 5, 2014 at 5:11 PM, heasley wrote: > Thu, May 01, 2014 at 09:21:49PM +0100, Alex DEKKER: > > I wonder, given the sheer number of threads discussing the topic of > > cycling/incrementing output in RANCID emails, might some mechanism for > > either a) automatically detecting cycling/incrementing output or b) > > making it easier to get RANCID to ignore it be a worthy target for > > development? > > suggestions how to do that? it can't be too greedy; its possible for > things to cycle due to a bug, h/w failure, or intrusion, which should > not be ignored. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Thu May 8 20:28:20 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 08 May 2014 22:28:20 +0200 Subject: [rancid] (no subject) and Re: System Up Time & Dell In-Reply-To: References: <5362ACDD.2070705@ale.cx> <20140505231151.GM47109@shrubbery.net> Message-ID: <536BE8E4.3040608@gmail.com> Or just move rancid to git? Alex's original post was about finding a way for rancid to detect "cycling/incrementing output" and just deal with it somehow. I think we can all agree this is a bad idea, not least because it involves intelligent magic code that doesn't exist. And also because removing unwanted output requires knowing what the output *means* to decide if it's worthless or not. Code can't do that and any attempt to do so will be very error-prone. Bit the original problem remains - all serious rancid users seem to gather a large collection of tweaks and patches. Some are generally useful and haven't made it into the release yet, other patches scratch someone's itch but are unlikely to ship by default (eg prompt detection and banners). So if people patch rancid locally (and this does seem to be the best method overall), why not make it as easy as possible for sysadmins to do so? Git is ideal for this. Maintaining your own branch in cvs/svn and synced with upstream is not especially pleasant, in git it is rather trivial. Plus you get the ability to cherry pick other's patches if they use git. On 08/05/2014 21:02, Daniel Schmidt wrote: > File of regex to cross reference? Granted, Regex is not much easier > than modifying Perl to copy whatever the last guy did. Maybe a "howto > modify Rancid" doc so lazy @$$ people like me fix their own problems > instead of asking if somebody else has already done it. > > > On Mon, May 5, 2014 at 5:11 PM, heasley > wrote: > > Thu, May 01, 2014 at 09:21:49PM +0100, Alex DEKKER: > > I wonder, given the sheer number of threads discussing the topic of > > cycling/incrementing output in RANCID emails, might some mechanism for > > either a) automatically detecting cycling/incrementing output or b) > > making it easier to get RANCID to ignore it be a worthy target for > > development? > > suggestions how to do that? it can't be too greedy; its possible for > things to cycle due to a bug, h/w failure, or intrusion, which should > not be ignored. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > E-Mail to and from me, in connection with the transaction > of public business, is subject to the Wyoming Public Records > Act and may be disclosed to third parties. > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > -- Alan McKinnon alan.mckinnon at gmail.com From Niels.denOtter at surfnet.nl Thu May 8 20:52:51 2014 From: Niels.denOtter at surfnet.nl (Niels den Otter) Date: Thu, 08 May 2014 22:52:51 +0200 Subject: [rancid] Cienna / Lightning Edge In-Reply-To: References: <52BC8847.700@qis.net> <52C29D8B.7010903@apolix.co.za> Message-ID: <536BEEA3.6090203@surfnet.nl> Hello Daniel, On 08-05-14 20:58, Daniel Schmidt wrote: > Anybody ever finish Ciena support? What types of Ciena switches are you looking at? We use rancid extensively for Ciena CESD (SAOS6 and SAOS7) devices. -- Niels > > > On Tue, Dec 31, 2013 at 3:33 AM, Graham Beneke > wrote: > > On 26/12/2013 21:49, Willie Bollinger wrote: > > Has anybody had any luck getting rancid to work with Ciena Switches? > > I'm also interested in collecting Ciena configs. > > Was planning to try code up the bits required in the new year as I > have > not yet found any sign that they exist already. > > -- > Graham Beneke > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > E-Mail to and from me, in connection with the transaction > of public business, is subject to the Wyoming Public Records > Act and may be disclosed to third parties. > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.schmidt at wyo.gov Thu May 8 21:44:28 2014 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Thu, 8 May 2014 15:44:28 -0600 Subject: [rancid] Cienna / Lightning Edge In-Reply-To: <536BEEA3.6090203@surfnet.nl> References: <52BC8847.700@qis.net> <52C29D8B.7010903@apolix.co.za> <536BEEA3.6090203@surfnet.nl> Message-ID: Thank you for your reply! Don't know yet, haven't been told what kind of Ciena they will be. What rancid device type do you use to get the config? On Thu, May 8, 2014 at 2:52 PM, Niels den Otter wrote: > Hello Daniel, > > > On 08-05-14 20:58, Daniel Schmidt wrote: > > Anybody ever finish Ciena support? > > > What types of Ciena switches are you looking at? We use rancid extensively > for Ciena CESD (SAOS6 and SAOS7) devices. > > -- Niels > > > > On Tue, Dec 31, 2013 at 3:33 AM, Graham Beneke wrote: > >> On 26/12/2013 21:49, Willie Bollinger wrote: >> > Has anybody had any luck getting rancid to work with Ciena Switches? >> >> I'm also interested in collecting Ciena configs. >> >> Was planning to try code up the bits required in the new year as I have >> not yet found any sign that they exist already. >> >> -- >> Graham Beneke >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > > E-Mail to and from me, in connection with the transaction > of public business, is subject to the Wyoming Public Records > Act and may be disclosed to third parties. > > > > _______________________________________________ > Rancid-discuss mailing listRancid-discuss at shrubbery.nethttp://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From willie at qis.net Fri May 9 14:39:18 2014 From: willie at qis.net (Willie Bollinger) Date: Fri, 09 May 2014 10:39:18 -0400 Subject: [rancid] Cienna / Lightning Edge In-Reply-To: References: <52BC8847.700@qis.net> <52C29D8B.7010903@apolix.co.za> Message-ID: <536CE896.509@qis.net> I am interested in this too if it gets done ----------------------------------------------------------------------- Willie Bollinger | 2975B Manchester Rd.| E-Mail: willie at qis.net Quantum Internet Services| Manchester, MD 21102| Voice: 410-239-6920 ----------------------------------------------------------------------- On 5/8/2014 2:58 PM, Daniel Schmidt wrote: > Anybody ever finish Ciena support? > > > On Tue, Dec 31, 2013 at 3:33 AM, Graham Beneke > wrote: > > On 26/12/2013 21:49, Willie Bollinger wrote: > > Has anybody had any luck getting rancid to work with Ciena Switches? > > I'm also interested in collecting Ciena configs. > > Was planning to try code up the bits required in the new year as I have > not yet found any sign that they exist already. > > -- > Graham Beneke > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > E-Mail to and from me, in connection with the transaction > of public business, is subject to the Wyoming Public Records > Act and may be disclosed to third parties. > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > From daniel.schmidt at wyo.gov Fri May 9 15:00:59 2014 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Fri, 9 May 2014 09:00:59 -0600 Subject: [rancid] Cienna / Lightning Edge In-Reply-To: <536CE896.509@qis.net> References: <52BC8847.700@qis.net> <52C29D8B.7010903@apolix.co.za> <536CE896.509@qis.net> Message-ID: Ciena 5142. I could probably write a basic one, but I'd have to learn... (shudder)... Perl. On Fri, May 9, 2014 at 8:39 AM, Willie Bollinger wrote: > I am interested in this too if it gets done > > > > > ----------------------------------------------------------------------- > Willie Bollinger | 2975B Manchester Rd.| E-Mail: willie at qis.net > Quantum Internet Services| Manchester, MD 21102| Voice: 410-239-6920 > ----------------------------------------------------------------------- > > On 5/8/2014 2:58 PM, Daniel Schmidt wrote: > >> Anybody ever finish Ciena support? >> >> >> On Tue, Dec 31, 2013 at 3:33 AM, Graham Beneke > > wrote: >> >> On 26/12/2013 21:49, Willie Bollinger wrote: >> > Has anybody had any luck getting rancid to work with Ciena >> Switches? >> >> I'm also interested in collecting Ciena configs. >> >> Was planning to try code up the bits required in the new year as I >> have >> not yet found any sign that they exist already. >> >> -- >> Graham Beneke >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> >> E-Mail to and from me, in connection with the transaction >> of public business, is subject to the Wyoming Public Records >> Act and may be disclosed to third parties. >> >> >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> >> >> _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pxb368 at motorola.com Fri May 9 12:59:00 2014 From: pxb368 at motorola.com (Danilo Gouveia) Date: Fri, 9 May 2014 09:59:00 -0300 Subject: [rancid] Aruba Backups Message-ID: Hello guys, I'm having some problems to add Aruba Controllers to Aruba. I google it but did not found good information regarding this. Anyone successfully added Aruba Controllers to Rancid ? I tried to add it as Cisco classification on my router.db. I can login, however the error that the logs shows is "missed cmd(s) ...". I changed the PIPE values in the rancid.conf to NOPIPE=YES; export NOPIPE and I did rancid -d controller. Got the error below: couldn't compile regular expression pattern: parentheses () not balanced while executing "expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } }" (procedure "run_commands" line 21) invoked from within "run_commands $prompt $command" ("foreach" body line 174) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/lib/rancid/bin/clogin" line 757) Thanks in advance, -- Atenciosamente / Best Regards, Danilo Marques de Gouveia IT - Network Administrator 55 19 3847 8424 55 19 9160 6441 -------------- next part -------------- An HTML attachment was scrubbed... URL: From ttk at trippscott.com Sat May 10 00:45:11 2014 From: ttk at trippscott.com (Terry Knight) Date: Sat, 10 May 2014 00:45:11 +0000 Subject: [rancid] rancid for watchguard Message-ID: <81737CDA75C0504D9E961E566A6357F1608412@POSTMAN.TrippScott.net> Hey Everyone, I wanted to know if anyone has a script or made a script for WatchGuard firewall router devices? As I want to monitor/audit the config differ for the devices I have on my network. [cid:image7d518a.JPG at da5f8317.4fa1ec6e] Terry Knight Network Admin/Business Analyst phone 954-525-7500 | fax 954-761-8475 | direct 954-525-7500 110 SE Sixth Street, Suite 1500, Fort Lauderdale, FL 33301 | www.trippscott.com Best Place to Work | Florida Trend | South Florida Business Journal _________________________________________ CONFIDENTIALITY NOTE: The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it. Thank you. CIRCULAR 230 NOTICE: To comply with U.S. Treasury Department and IRS regulations, we are required to advise you that, unless expressly stated otherwise, any U.S. federal tax advice contained in this e-mail, including attachments to this e-mail, is not intended or written to be used, and cannot be used, by any person for the purpose of (i) avoiding penalties under the U.S. Internal Revenue Code, or (ii) promoting, marketing or recommending to another party any transaction or matter addressed in this e-mail or attachment. _________________________________________ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image7d518a.JPG Type: image/jpeg Size: 46286 bytes Desc: image7d518a.JPG URL: From willie at qis.net Mon May 12 09:28:46 2014 From: willie at qis.net (Willie Bollinger) Date: Mon, 12 May 2014 05:28:46 -0400 Subject: [rancid] Cienna / Lightning Edge In-Reply-To: <536BEEA3.6090203@surfnet.nl> References: <52BC8847.700@qis.net> <52C29D8B.7010903@apolix.co.za> <536BEEA3.6090203@surfnet.nl> Message-ID: <5370944E.7040200@qis.net> we use 3942 and old 311's -------------------------------------------------------------------------- Willie Bollinger | Quantum Internet and Telecommunications 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 -------------------------------------------------------------------------- On 5/8/14, 4:52 PM, Niels den Otter wrote: > Hello Daniel, > > On 08-05-14 20:58, Daniel Schmidt wrote: >> Anybody ever finish Ciena support? > > What types of Ciena switches are you looking at? We use rancid > extensively for Ciena CESD (SAOS6 and SAOS7) devices. > > -- Niels >> >> >> On Tue, Dec 31, 2013 at 3:33 AM, Graham Beneke > > wrote: >> >> On 26/12/2013 21:49, Willie Bollinger wrote: >> > Has anybody had any luck getting rancid to work with Ciena Switches? >> >> I'm also interested in collecting Ciena configs. >> >> Was planning to try code up the bits required in the new year as I >> have >> not yet found any sign that they exist already. >> >> -- >> Graham Beneke >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> >> E-Mail to and from me, in connection with the transaction >> of public business, is subject to the Wyoming Public Records >> Act and may be disclosed to third parties. >> >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > From mark.tinka at seacom.mu Tue May 13 20:04:38 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Tue, 13 May 2014 22:04:38 +0200 Subject: [rancid] Repetitive RANCID Checks Message-ID: <201405132204.39000.mark.tinka@seacom.mu> Hi all. We upgraded to Perl-5.18 today on FreeBSD-10, and rebuilt all ports that depend on Perl, including RANCID. Since then, RANCID has been continuously e-mailing the same changes at every interval, even though those changes have not been actually effected. The changes are essentially re-ordered prefix list entries for Cisco IOS-based systems. Anyone know what this is, before I go hacking at this? RANCID version is 2.3.8. Thanks. Cheers, Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From alan.mckinnon at gmail.com Tue May 13 20:57:18 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Tue, 13 May 2014 22:57:18 +0200 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <201405132204.39000.mark.tinka@seacom.mu> References: <201405132204.39000.mark.tinka@seacom.mu> Message-ID: <5372872E.8090108@gmail.com> On 13/05/2014 22:04, Mark Tinka wrote: > Hi all. > > We upgraded to Perl-5.18 today on FreeBSD-10, and rebuilt > all ports that depend on Perl, including RANCID. > > Since then, RANCID has been continuously e-mailing the same > changes at every interval, even though those changes have > not been actually effected. > > The changes are essentially re-ordered prefix list entries > for Cisco IOS-based systems. > > Anyone know what this is, before I go hacking at this? > > RANCID version is 2.3.8. Thanks. > > Cheers, > > Mark. There's a setting for this in rancid.conf: SORTACL what is yours set to? The upgrade may have overwritten your config file. -- Alan McKinnon alan.mckinnon at gmail.com From mark.tinka at seacom.mu Wed May 14 05:59:52 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Wed, 14 May 2014 07:59:52 +0200 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <5372872E.8090108@gmail.com> References: <201405132204.39000.mark.tinka@seacom.mu> <5372872E.8090108@gmail.com> Message-ID: <201405140759.52532.mark.tinka@seacom.mu> On Tuesday, May 13, 2014 10:57:18 PM Alan McKinnon wrote: > There's a setting for this in rancid.conf: > > SORTACL > > what is yours set to? # if ACLSORT is NO, access-lists will NOT be sorted. #ACLSORT=YES; export ACLSORT As you can see, currently commented out. My guess is uncommenting this and toggling between "YES" and "NO" is worth a try, non? > The upgrade may have overwritten > your config file. I only upgraded Perl. I've been running RANCID-2.3.8 for a long time now, and haven't had this issue. Would Perl do anything to RANCID? Cheers, Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From alan.mckinnon at gmail.com Wed May 14 07:51:42 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 14 May 2014 09:51:42 +0200 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <201405140759.52532.mark.tinka@seacom.mu> References: <201405132204.39000.mark.tinka@seacom.mu> <5372872E.8090108@gmail.com> <201405140759.52532.mark.tinka@seacom.mu> Message-ID: <5373208E.2060900@gmail.com> On 14/05/2014 07:59, Mark Tinka wrote: > On Tuesday, May 13, 2014 10:57:18 PM Alan McKinnon wrote: > >> There's a setting for this in rancid.conf: >> >> SORTACL >> >> what is yours set to? > > # if ACLSORT is NO, access-lists will NOT be sorted. > #ACLSORT=YES; export ACLSORT > > As you can see, currently commented out. > > My guess is uncommenting this and toggling between "YES" and > "NO" is worth a try, non? As shipped, the commented value is the default. Toggling it is worth a try, but is not likely to change anything for you as you haven't changed it > >> The upgrade may have overwritten >> your config file. > > I only upgraded Perl. I've been running RANCID-2.3.8 for a > long time now, and haven't had this issue. Would Perl do > anything to RANCID? Ah, my mistake. I read your mail as saying you'd also upgraded rancid. Perl would only change rancid's behaviour if perl features that rancid uses now behave differently. A few routine questions? Is there anything in your logs about this? The rancid code that deals with prefix lists is /^ip(v6)? prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\S+)(\/.*)$/ && ProcessHistory("PACL $2 $4","$aclsort","$5", "ip$1 prefix-list $2 $4 $5$6\n") && next; Is yours still unchanged? if you run "perl -cw " o each perl script in your rancid bin/ directory, does perlc omplain about any of them? -- Alan McKinnon alan.mckinnon at gmail.com From mark.tinka at seacom.mu Wed May 14 12:54:03 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Wed, 14 May 2014 14:54:03 +0200 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <5373208E.2060900@gmail.com> References: <201405132204.39000.mark.tinka@seacom.mu> <201405140759.52532.mark.tinka@seacom.mu> <5373208E.2060900@gmail.com> Message-ID: <201405141454.03583.mark.tinka@seacom.mu> On Wednesday, May 14, 2014 09:51:42 AM Alan McKinnon wrote: > As shipped, the commented value is the default. Toggling > it is worth a try, but is not likely to change anything > for you as you haven't changed it So I initially set "ACLSORT=YES" and that didn't help. Toggling it to "ACLSORT=NO" seems to be helping. I haven't received another annoying update in almost 3hrs. > Ah, my mistake. I read your mail as saying you'd also > upgraded rancid. Perl would only change rancid's > behaviour if perl features that rancid uses now behave > differently. That's my thinking. > Is there anything in your logs about this? I didn't find anything interesting when I checked yesterday, when it began. > The rancid code that deals with prefix lists is > > /^ip(v6)? > prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\S+) > (\/.*)$/ && ProcessHistory("PACL $2 $4","$aclsort","$5", > "ip$1 prefix-list $2 $4 $5$6\n") && next; > > Is yours still unchanged? Yes, this still looks good. > if you run "perl -cw " o each perl script in > your rancid bin/ directory, does perlc omplain about any > of them? I'll try this if I get another update. But nothing in 3hrs, so it's looking better than the last 24hrs. Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From alan.mckinnon at gmail.com Wed May 14 14:09:43 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 14 May 2014 16:09:43 +0200 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <201405141454.03583.mark.tinka@seacom.mu> References: <201405132204.39000.mark.tinka@seacom.mu> <201405140759.52532.mark.tinka@seacom.mu> <5373208E.2060900@gmail.com> <201405141454.03583.mark.tinka@seacom.mu> Message-ID: <53737927.9000706@gmail.com> On 14/05/2014 14:54, Mark Tinka wrote: > On Wednesday, May 14, 2014 09:51:42 AM Alan McKinnon wrote: > >> As shipped, the commented value is the default. Toggling >> it is worth a try, but is not likely to change anything >> for you as you haven't changed it > > So I initially set "ACLSORT=YES" and that didn't help. > > Toggling it to "ACLSORT=NO" seems to be helping. I haven't > received another annoying update in almost 3hrs. That's interesting because it's the wrong way round :-) My gut feel hunch is that sorting inside ProcessHistory() isn't working properly since the perl upgrade; the code is randomly reordering things whereas what's in show run is already consistent. However I don't see anything in that sub or the sorting routines that 5.18 would complain about. We'd probably need a sample of your show run to properly debug further as this looks awfully like a data issue -- Alan McKinnon alan.mckinnon at gmail.com From mark.tinka at seacom.mu Wed May 14 14:15:19 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Wed, 14 May 2014 16:15:19 +0200 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <53737927.9000706@gmail.com> References: <201405132204.39000.mark.tinka@seacom.mu> <201405141454.03583.mark.tinka@seacom.mu> <53737927.9000706@gmail.com> Message-ID: <201405141615.19891.mark.tinka@seacom.mu> On Wednesday, May 14, 2014 04:09:43 PM Alan McKinnon wrote: > We'd probably need a sample of your show run to properly > debug further as this looks awfully like a data issue Do you want to see the RANCID diffs against what is actually on the device for the affected section of the configuration? Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From olivier.boudry at gmail.com Wed May 14 09:19:18 2014 From: olivier.boudry at gmail.com (Olivier Boudry) Date: Wed, 14 May 2014 11:19:18 +0200 Subject: [rancid] "rancid -d " works, but "rancid-run " does nothing Message-ID: Hi, I just installed rancid 2.3.8 and configured it as described in http://www.routereflector.com/2013/09/configuration-versioning-using-rancid/ I can get bin/clogin to work for all my devices. bin/rancid -d will also work and create me a localfile called devicename.new and containing the full configuration, but when I try to run the full group of devices "gb1", nothing happens. The group is defined in etc/rancid.conf as LIST_OF_GROUPS="gb1" (uncommented). I ran rancid-cvs which created the var/gb1 folder, and edited var/gb1/router.db which looks like this: 10.210.9.2|cisco|up 10.210.9.3|cisco|up 10.210.9.4|cisco|up 10.210.9.5|cisco|up Running "rancid-run gb1", or simply "rancid-run" has no effect. In the log I find the following: starting: Wed May 14 09:52:28 BST 2014 ending: Wed May 14 09:52:28 BST 2014 But if I run directly "bin/rancid 10.210.9.2", it works and I get the config in 10.210.9.2.new Any idea what could go wrong and how I could troubleshoot this? Thanks, Olivier. -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Wed May 14 15:09:50 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 14 May 2014 17:09:50 +0200 Subject: [rancid] "rancid -d " works, but "rancid-run " does nothing In-Reply-To: References: Message-ID: <5373873E.2010804@gmail.com> On 14/05/2014 11:19, Olivier Boudry wrote: > Hi, > > I just installed rancid 2.3.8 and configured it as described in > http://www.routereflector.com/2013/09/configuration-versioning-using-rancid/ > > > I can get bin/clogin to work for all my devices. bin/rancid -d will also > work and create me a localfile called devicename.new and containing the > full configuration, but when I try to run the full group of devices > "gb1", nothing happens. > > The group is defined in etc/rancid.conf as LIST_OF_GROUPS="gb1" > (uncommented). I ran rancid-cvs which created the var/gb1 folder, and > edited var/gb1/router.db which looks like this: > > 10.210.9.2|cisco|up > 10.210.9.3|cisco|up > 10.210.9.4|cisco|up > 10.210.9.5|cisco|up The separators must be colon ":" not pipes "|" That howto you are following is just flat-out wrong (or it's author is using a locally modified rancid and forgot that he did that) The rancid tarballs ship with decent install docs that describe everything nicely, rather use those in preference to anything else. -- Alan McKinnon alan.mckinnon at gmail.com From alan.mckinnon at gmail.com Thu May 15 14:44:46 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 15 May 2014 16:44:46 +0200 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <201405132204.39000.mark.tinka@seacom.mu> References: <201405132204.39000.mark.tinka@seacom.mu> Message-ID: <5374D2DE.1060309@gmail.com> On 13/05/2014 22:04, Mark Tinka wrote: > Hi all. > > We upgraded to Perl-5.18 today on FreeBSD-10, and rebuilt > all ports that depend on Perl, including RANCID. > > Since then, RANCID has been continuously e-mailing the same > changes at every interval, even though those changes have > not been actually effected. > > The changes are essentially re-ordered prefix list entries > for Cisco IOS-based systems. > > Anyone know what this is, before I go hacking at this? > > RANCID version is 2.3.8. Thanks. I see what the bug is here, the solution probably needs list discussion first. With rancid-2.3.8 and perl-5.18, ipv6 prefix-lists are always output in random order if ACLSORT=yes The cause is twofold: 1. "sub ipaddrval" is ipv4-specific and cannot deal with ipv6 addresses properly, so sortbyipaddr() doesn't work as intended. I believe that %history in ProcessHistory() is not being sorted at all 2. A recent perl version re-implemented hashes to guarantee that keys are randomly ordered internally and different between runs of the same script. The previous implementation would order the same data consistently between invocations. So ipv6 prefix-list ordering just happened to work with References: <52BC8847.700@qis.net> <52C29D8B.7010903@apolix.co.za> <536BEEA3.6090203@surfnet.nl> <5370944E.7040200@qis.net> Message-ID: Now, looky here folks: https://code.google.com/p/vdxrancid/source/browse/trunk/rancid-fe?r=2 Look at them' rancid types 'thar' - 'cienarancid'. This seems to imply that one "Nick Buraglio" has written, or at least was working on, Ciena support. On Mon, May 12, 2014 at 3:28 AM, Willie Bollinger wrote: > we use 3942 and old 311's > > -------------------------------------------------------------------------- > Willie Bollinger | Quantum Internet and Telecommunications > 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 > -------------------------------------------------------------------------- > > > On 5/8/14, 4:52 PM, Niels den Otter wrote: > >> Hello Daniel, >> >> On 08-05-14 20:58, Daniel Schmidt wrote: >> >>> Anybody ever finish Ciena support? >>> >> >> What types of Ciena switches are you looking at? We use rancid >> extensively for Ciena CESD (SAOS6 and SAOS7) devices. >> >> -- Niels >> >>> >>> >>> On Tue, Dec 31, 2013 at 3:33 AM, Graham Beneke >> > wrote: >>> >>> On 26/12/2013 21:49, Willie Bollinger wrote: >>> > Has anybody had any luck getting rancid to work with Ciena >>> Switches? >>> >>> I'm also interested in collecting Ciena configs. >>> >>> Was planning to try code up the bits required in the new year as I >>> have >>> not yet found any sign that they exist already. >>> >>> -- >>> Graham Beneke >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> >>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>> >>> >>> E-Mail to and from me, in connection with the transaction >>> of public business, is subject to the Wyoming Public Records >>> Act and may be disclosed to third parties. >>> >>> >>> >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>> >>> >>> >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Thu May 15 16:58:58 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 15 May 2014 18:58:58 +0200 Subject: [rancid] Cienna / Lightning Edge In-Reply-To: References: <52BC8847.700@qis.net> <52C29D8B.7010903@apolix.co.za> <536BEEA3.6090203@surfnet.nl> <5370944E.7040200@qis.net> Message-ID: <5374F252.80900@gmail.com> On 15/05/2014 18:03, Daniel Schmidt wrote: > Now, looky here folks: > > https://code.google.com/p/vdxrancid/source/browse/trunk/rancid-fe?r=2 > > Look at them' rancid types 'thar' - 'cienarancid'. This seems to imply > that one "Nick Buraglio" has written, or at least was working on, Ciena > support. Wow, you're miles ahead of me in this game. I'm still trying to figure out what a Ciena even *is* All I've got so far is "stuff what we don't use here where I work" :-) -- Alan McKinnon alan.mckinnon at gmail.com From mark.tinka at seacom.mu Thu May 15 19:49:09 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Thu, 15 May 2014 21:49:09 +0200 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <5374D2DE.1060309@gmail.com> References: <201405132204.39000.mark.tinka@seacom.mu> <5374D2DE.1060309@gmail.com> Message-ID: <201405152149.10060.mark.tinka@seacom.mu> On Thursday, May 15, 2014 04:44:46 PM Alan McKinnon wrote: > 2. Why are we sorting these lists by ip address? Surely > sorting 1) by prefix name then 2) by seq makes more > sense? This is what my NetOps colleagues would like to > see happen. Well, yes - sorting by prefix name and sequence number would make more sense to me, as an operator. That said, I've always noticed that RANCID does not include the sequence number of prefix lists in the final output that gets saved and/or sent out via e-mails. Is this something that is problematic to implement? Thanks. Cheers, Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From daniel.schmidt at wyo.gov Thu May 15 21:00:50 2014 From: daniel.schmidt at wyo.gov (Daniel Schmidt) Date: Thu, 15 May 2014 15:00:50 -0600 Subject: [rancid] Cienna / Lightning Edge In-Reply-To: <5374F252.80900@gmail.com> References: <52BC8847.700@qis.net> <52C29D8B.7010903@apolix.co.za> <536BEEA3.6090203@surfnet.nl> <5370944E.7040200@qis.net> <5374F252.80900@gmail.com> Message-ID: Ciena people - can somebody please test: https://github.com/buraglio/cienarancid/blob/master/cienarancid Let me know what changes we need. Perhaps Alan would be willing to help because I t?h?i?n?k? ?p?e?r?l? ?s?u?c?k?s? am no good at perl. On Thu, May 15, 2014 at 10:58 AM, Alan McKinnon wrote: > On 15/05/2014 18:03, Daniel Schmidt wrote: > > Now, looky here folks: > > > > https://code.google.com/p/vdxrancid/source/browse/trunk/rancid-fe?r=2 > > > > Look at them' rancid types 'thar' - 'cienarancid'. This seems to imply > > that one "Nick Buraglio" has written, or at least was working on, Ciena > > support. > > > Wow, you're miles ahead of me in this game. I'm still trying to figure > out what a Ciena even *is* > > > All I've got so far is "stuff what we don't use here where I work" > > :-) > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Fri May 16 18:17:42 2014 From: heas at shrubbery.net (heasley) Date: Fri, 16 May 2014 18:17:42 +0000 Subject: [rancid] Aruba Backups In-Reply-To: References: Message-ID: <20140516181742.GH68823@shrubbery.net> Fri, May 09, 2014 at 09:59:00AM -0300, Danilo Gouveia: > Hello guys, > > I'm having some problems to add Aruba Controllers to Aruba. > I google it but did not found good information regarding this. > > Anyone successfully added Aruba Controllers to Rancid ? > > I tried to add it as Cisco classification on my router.db. I can login, > however the error that the logs shows is "missed cmd(s) ...". > > > I changed the PIPE values in the rancid.conf to NOPIPE=YES; export NOPIPE > and I did rancid -d controller. Got the error below: > > couldn't compile regular expression pattern: parentheses () not balanced > while executing does the device have a prompt with ()s? if so, it will need to be escaped so that when it is used as a regex it will not be interpretted as an atom of the regex. clogin normally does this, so perhaps you have a really old version or you've applied a patch that does not work? you could also remove the ()s from your prompt, perhaps - i am not familiar with Aruba. > "expect { > -re $reprompt {} > -re "\[\n\r]+" { exp_continue } > }" > (procedure "run_commands" line 21) > invoked from within > "run_commands $prompt $command" > ("foreach" body line 174) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > # attempt at platform switching. > set platform "" > send_user ..." > (file "/usr/lib/rancid/bin/clogin" line 757) > > Thanks in advance, > -- > Atenciosamente / Best Regards, > > Danilo Marques de Gouveia > IT - Network Administrator > 55 19 3847 8424 > 55 19 9160 6441 > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Fri May 16 18:25:33 2014 From: heas at shrubbery.net (heasley) Date: Fri, 16 May 2014 18:25:33 +0000 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <5374D2DE.1060309@gmail.com> References: <201405132204.39000.mark.tinka@seacom.mu> <5374D2DE.1060309@gmail.com> Message-ID: <20140516182533.GJ68823@shrubbery.net> Thu, May 15, 2014 at 04:44:46PM +0200, Alan McKinnon: > I see what the bug is here, the solution probably needs list discussion > first. > > With rancid-2.3.8 and perl-5.18, ipv6 prefix-lists are always output in > random order if ACLSORT=yes > > The cause is twofold: > > 1. "sub ipaddrval" is ipv4-specific and cannot deal with ipv6 addresses > properly, so sortbyipaddr() doesn't work as intended. I believe that > %history in ProcessHistory() is not being sorted at all > > 2. A recent perl version re-implemented hashes to guarantee that keys > are randomly ordered internally and different between runs of the same > script. The previous implementation would order the same data > consistently between invocations. bugger. thanks for that. another user was asking about this problem and i was having trouble recreating it. > So ipv6 prefix-list ordering just happened to work with because %history just happened to be consistently ordered. > > Solutions: > > 1. Implement ipv6 sorting in sortbyipaddr(). I really want to find an > excuse not to do this (being essentially a lazy bum at heart) > > 2. Why are we sorting these lists by ip address? Surely sorting 1) by > prefix name then 2) by seq makes more sense? This is what my NetOps > colleagues would like to see happen. the sequences just tend to create noise, esp. when the whole list is reloaded (therefore renumbered), and hides the actual change or makes it less obvious. From mark.tinka at seacom.mu Fri May 16 18:52:24 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Fri, 16 May 2014 20:52:24 +0200 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <20140516182533.GJ68823@shrubbery.net> References: <201405132204.39000.mark.tinka@seacom.mu> <5374D2DE.1060309@gmail.com> <20140516182533.GJ68823@shrubbery.net> Message-ID: <201405162052.24323.mark.tinka@seacom.mu> On Friday, May 16, 2014 08:25:33 PM heasley wrote: > the sequences just tend to create noise, esp. when the > whole list is reloaded (therefore renumbered), and hides > the actual change or makes it less obvious. Could you kindly elaborate, Heasley? Thanks. Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From heas at shrubbery.net Sat May 17 01:37:52 2014 From: heas at shrubbery.net (heasley) Date: Sat, 17 May 2014 01:37:52 +0000 Subject: [rancid] Rancid and Git In-Reply-To: References: <20140429143929.GE19840@shrubbery.net> Message-ID: <20140517013752.GA83679@shrubbery.net> trying to integrate, test and sanitize the git patch; does anyone know the significance of the flock in control_rancid around commits: + git ) + ( + flock -x 200 + git add $router + git commit -m "$message" + ) 200>$BASEDIR/.lockfile git must do its own locking, and rancid does its own per-group. so, paranoia or some special git thing? From sclebo05 at gmail.com Fri May 16 20:36:56 2014 From: sclebo05 at gmail.com (Joshua Lebo) Date: Fri, 16 May 2014 16:36:56 -0400 Subject: [rancid] Cisco WLC: Rancid 3.0 add other vendor devices??? Message-ID: Gavin, I'm having the exact same issues. I'm also poking around at code, and I have noticed that Rancid::loadtype is a subrouting in lib/rancid/rancid.pmnot it's own module. For completeness, I'm showing my rancid.types.conf contents: ciscowlc;login;wlogin ciscowlc;script;ciscowlc5 and my error: Trying to get all of the configs. Unknown option: t ciscowlc5 wlogin error: Error: no password for ciscowlc5 in /home/rancid/.cloginrc. ciscowlc5: missed cmd(s): show sysinfo,show udi,show run-config commands ciscowlc5: End of run not found I was able to resolve 'Unknown option: t' was resolved by catching the option, by editing line 30 and adding 't'. The above wlogin error should probably read instead of , leading me to believe that our scripts are not parsing something correctly. Did the change in router.db from ':' to ';' in version 3.0 break the script? Interestingly, if I run ./ciscowlc5 from within the bin directory, the complete config is pulled down and saved as a .new file. Password, etc is correctly configured. So I know the scripts work, having trouble getting them to run via rancid-run in version 3.0. - Josh -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Sat May 17 07:08:41 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sat, 17 May 2014 09:08:41 +0200 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <20140516182533.GJ68823@shrubbery.net> References: <201405132204.39000.mark.tinka@seacom.mu> <5374D2DE.1060309@gmail.com> <20140516182533.GJ68823@shrubbery.net> Message-ID: <53770AF9.7080104@gmail.com> On 16/05/2014 20:25, heasley wrote: > Thu, May 15, 2014 at 04:44:46PM +0200, Alan McKinnon: >> I see what the bug is here, the solution probably needs list discussion >> first. >> >> With rancid-2.3.8 and perl-5.18, ipv6 prefix-lists are always output in >> random order if ACLSORT=yes >> >> The cause is twofold: >> >> 1. "sub ipaddrval" is ipv4-specific and cannot deal with ipv6 addresses >> properly, so sortbyipaddr() doesn't work as intended. I believe that >> %history in ProcessHistory() is not being sorted at all >> >> 2. A recent perl version re-implemented hashes to guarantee that keys >> are randomly ordered internally and different between runs of the same >> script. The previous implementation would order the same data >> consistently between invocations. > > bugger. thanks for that. another user was asking about this problem and > i was having trouble recreating it. To recreate it reliably, have a sort function (the ones with automagic $a and $b) return a 0. This never happens with sortbyipaddr and ipv4 addresses as they are always different and you always get a reliable sort > >> So ipv6 prefix-list ordering just happened to work with > because %history just happened to be consistently ordered. >> >> Solutions: >> >> 1. Implement ipv6 sorting in sortbyipaddr(). I really want to find an >> excuse not to do this (being essentially a lazy bum at heart) >> >> 2. Why are we sorting these lists by ip address? Surely sorting 1) by >> prefix name then 2) by seq makes more sense? This is what my NetOps >> colleagues would like to see happen. > > the sequences just tend to create noise, esp. when the whole list is > reloaded (therefore renumbered), and hides the actual change or makes it > less obvious. I think we should document more explicitly what ACLSORT achieves. I was under the impression for years that it ensures lists are sorted in evaluation order if show run were to display them mixed them up a bit. Then I read the code in detail :-) When does a list reload occur? My NetOps colleagues maintain it only happens when the router itself is rebooted, and they don't care about that (the diff after a reboot is already quite large) -- Alan McKinnon alan.mckinnon at gmail.com From mark.tinka at seacom.mu Sat May 17 08:45:05 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Sat, 17 May 2014 10:45:05 +0200 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <53770AF9.7080104@gmail.com> References: <201405132204.39000.mark.tinka@seacom.mu> <20140516182533.GJ68823@shrubbery.net> <53770AF9.7080104@gmail.com> Message-ID: <201405171045.08407.mark.tinka@seacom.mu> On Saturday, May 17, 2014 09:08:41 AM Alan McKinnon wrote: > When does a list reload occur? My NetOps colleagues > maintain it only happens when the router itself is > rebooted, and they don't care about that (the diff after > a reboot is already quite large) That's right - in the context of RANCID, prefix lists are not constantly reloaded while the router is running, only after a reboot of the device occurs. Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From alan.mckinnon at gmail.com Sat May 17 16:09:52 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sat, 17 May 2014 18:09:52 +0200 Subject: [rancid] Repetitive RANCID Checks In-Reply-To: <201405171045.08407.mark.tinka@seacom.mu> References: <201405132204.39000.mark.tinka@seacom.mu> <20140516182533.GJ68823@shrubbery.net> <53770AF9.7080104@gmail.com> <201405171045.08407.mark.tinka@seacom.mu> Message-ID: <537789D0.6030807@gmail.com> On 17/05/2014 10:45, Mark Tinka wrote: > On Saturday, May 17, 2014 09:08:41 AM Alan McKinnon wrote: > >> When does a list reload occur? My NetOps colleagues >> maintain it only happens when the router itself is >> rebooted, and they don't care about that (the diff after >> a reboot is already quite large) > > That's right - in the context of RANCID, prefix lists are > not constantly reloaded while the router is running, only > after a reboot of the device occurs. > > Mark. > Thanks for that confirmation, I suspected as such -- Alan McKinnon alan.mckinnon at gmail.com From gavinj84 at gmail.com Sun May 18 23:56:11 2014 From: gavinj84 at gmail.com (Gavin Jones) Date: Mon, 19 May 2014 09:56:11 +1000 Subject: [rancid] Cisco WLC: Rancid 3.0 add other vendor devices??? In-Reply-To: References: Message-ID: Hi Josh, Heasley who is on this list recently solved this issue for me, he gave me a patch to recompile back into the source. I will await him to reply with the patch as he can explain it better. Thanks On Sat, May 17, 2014 at 6:36 AM, Joshua Lebo wrote: > Gavin, > > I'm having the exact same issues. I'm also poking around at code, and I > have noticed that Rancid::loadtype is a subrouting in lib/rancid/rancid.pmnot it's own module. > > For completeness, I'm showing my rancid.types.conf contents: > > ciscowlc;login;wlogin > ciscowlc;script;ciscowlc5 > > and my error: > > > Trying to get all of the configs. > Unknown option: t > ciscowlc5 wlogin error: Error: no password for ciscowlc5 in > /home/rancid/.cloginrc. > ciscowlc5: missed cmd(s): show sysinfo,show udi,show run-config commands > ciscowlc5: End of run not found > > I was able to resolve 'Unknown option: t' was resolved by catching the > option, by editing line 30 and adding 't'. > > The above wlogin error should probably read instead of > , leading me to believe that our scripts are not parsing > something correctly. Did the change in router.db from ':' to ';' in > version 3.0 break the script? > Interestingly, if I run ./ciscowlc5 from within the bin > directory, the complete config is pulled down and saved as a .new file. > Password, etc is correctly configured. So I know the scripts work, having > trouble getting them to run via rancid-run in version 3.0. > > - Josh > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From david.brown at pnnl.gov Mon May 19 15:11:39 2014 From: david.brown at pnnl.gov (Brown, David M JR) Date: Mon, 19 May 2014 15:11:39 +0000 Subject: [rancid] Rancid and Git In-Reply-To: <20140517013752.GA83679@shrubbery.net> References: <20140429143929.GE19840@shrubbery.net> <20140517013752.GA83679@shrubbery.net> Message-ID: Heasley, My guess is that they wanted to make the git add/commit in one transaction in case someone else might be manipulating the repo. Subversion does something similar in that svn add just adds that file and then the commit pushes it to the repository. So the flock doesn?t seem relevant to me unless you do a similar lock around svn add/commit. Thanks, - David Brown On 5/16/14, 6:37 PM, "heasley" wrote: >trying to integrate, test and sanitize the git patch; does anyone know the >significance of the flock in control_rancid around commits: > >+ git ) >+ ( >+ flock -x 200 >+ git add $router >+ git commit -m "$message" >+ ) 200>$BASEDIR/.lockfile > >git must do its own locking, and rancid does its own per-group. so, >paranoia or some special git thing? From heas at shrubbery.net Mon May 19 20:59:57 2014 From: heas at shrubbery.net (heasley) Date: Mon, 19 May 2014 20:59:57 +0000 Subject: [rancid] Cisco WLC: Rancid 3.0 add other vendor devices??? In-Reply-To: References: Message-ID: <20140519205957.GN68099@shrubbery.net> Mon, May 19, 2014 at 09:56:11AM +1000, Gavin Jones: > Hi Josh, > Heasley who is on this list recently solved this issue for me, > he gave me a patch to recompile back into the source. I will await him to > reply with the patch as he can explain it better. > > Thanks imo, the better fix is to move the cmd-line options from rancid-fe to rancid.types* so the older scripts do not need to change. This seems like an important fix, aka big cockup; so, I've dropped rancid 3.1: ftp://ftp.shrubbery.net/pub/rancid/rancid-3.1.tar.gz (git, v6 prefix sorting, and few others didnt make it.) > On Sat, May 17, 2014 at 6:36 AM, Joshua Lebo wrote: > > > Gavin, > > > > I'm having the exact same issues. I'm also poking around at code, and I > > have noticed that Rancid::loadtype is a subrouting in lib/rancid/rancid.pmnot it's own module. > > > > For completeness, I'm showing my rancid.types.conf contents: > > > > ciscowlc;login;wlogin > > ciscowlc;script;ciscowlc5 > > > > and my error: > > > > > > Trying to get all of the configs. > > Unknown option: t > > ciscowlc5 wlogin error: Error: no password for ciscowlc5 in > > /home/rancid/.cloginrc. > > ciscowlc5: missed cmd(s): show sysinfo,show udi,show run-config commands > > ciscowlc5: End of run not found > > > > I was able to resolve 'Unknown option: t' was resolved by catching the > > option, by editing line 30 and adding 't'. > > > > The above wlogin error should probably read instead of > > , leading me to believe that our scripts are not parsing > > something correctly. Did the change in router.db from ':' to ';' in > > version 3.0 break the script? > > Interestingly, if I run ./ciscowlc5 from within the bin > > directory, the complete config is pulled down and saved as a .new file. > > Password, etc is correctly configured. So I know the scripts work, having > > trouble getting them to run via rancid-run in version 3.0. > > > > - Josh > > > > > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From hvgeekwtrvl at gmail.com Mon May 19 18:16:37 2014 From: hvgeekwtrvl at gmail.com (james machado) Date: Mon, 19 May 2014 11:16:37 -0700 Subject: [rancid] Rancid and Git In-Reply-To: <20140517013752.GA83679@shrubbery.net> References: <20140429143929.GE19840@shrubbery.net> <20140517013752.GA83679@shrubbery.net> Message-ID: there was a message about git and locks back in 2007 http://www.shrubbery.net/pipermail/rancid-discuss/2007-March/002154.html that talked about this or something related to this. best i can remember from past research on using git and rancid. james On Fri, May 16, 2014 at 6:37 PM, heasley wrote: > trying to integrate, test and sanitize the git patch; does anyone know the > significance of the flock in control_rancid around commits: > > + git ) > + ( > + flock -x 200 > + git add $router > + git commit -m "$message" > + ) 200>$BASEDIR/.lockfile > > git must do its own locking, and rancid does its own per-group. so, > paranoia or some special git thing? > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From jeff at ocjtech.us Mon May 19 18:15:02 2014 From: jeff at ocjtech.us (Jeffrey Ollie) Date: Mon, 19 May 2014 13:15:02 -0500 Subject: [rancid] Rancid and Git In-Reply-To: <20140517013752.GA83679@shrubbery.net> References: <20140429143929.GE19840@shrubbery.net> <20140517013752.GA83679@shrubbery.net> Message-ID: On Fri, May 16, 2014 at 8:37 PM, heasley wrote: > trying to integrate, test and sanitize the git patch; does anyone know the > significance of the flock in control_rancid around commits: > > + git ) > + ( > + flock -x 200 > + git add $router > + git commit -m "$message" > + ) 200>$BASEDIR/.lockfile > > git must do its own locking, and rancid does its own per-group. so, > paranoia or some special git thing? Paranoia mostly. -- Jeff Ollie From Michael.Josten at hs-niederrhein.de Wed May 21 12:53:38 2014 From: Michael.Josten at hs-niederrhein.de (Josten, Michael) Date: Wed, 21 May 2014 14:53:38 +0200 Subject: [rancid] Rancid 3.0 & Rancid 3.1 issues with foundry / enterasys Message-ID: <9BDA0B754D62C64FBE6B0CFFA429C47A29B1BF352A@prometheus> I made a test rancid installation to check if problems occur with an version upgrade. Necessary changes were made to router.db files and most of the config ported from 2.3.8 to version 3.1. My syslog messages show that the user I assigned to rancid via tacacs+ logs into all devices and and executes commands like "show running-config" So the scripts must be working to some point. Sadly only configurations from HP ProCurve 2510G Switches are checked into my svn repo. Settings in my .cloginrc are working, so I guess something Broke and stops my previous config from working with this particular setup. I am a real noob When it comes to analyzing the scripts rancid uses, so I hope you can help me out. Switches we use BigIron FastIron N7 N3 Michael Josten Mitarbeiter IT-Betrieb Hochschule Niederrhein KIS - Kommunikations und Informationssysteme Service Niederrhein University of Applied Sciences Communication and Informationsystems Service Reinarzstr. 49 D - 47805 Krefeld Telefon: +49 2151 822 3129 Fax: +49 2151 822 853123 Email: michael.josten at hs-niederrhein.de www.hs-niederrhein.de -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed May 21 18:55:44 2014 From: heas at shrubbery.net (heasley) Date: Wed, 21 May 2014 18:55:44 +0000 Subject: [rancid] Rancid and Git In-Reply-To: References: <20140429143929.GE19840@shrubbery.net> <20140517013752.GA83679@shrubbery.net> Message-ID: <20140521185544.GG76997@shrubbery.net> Mon, May 19, 2014 at 11:16:37AM -0700, james machado: > there was a message about git and locks back in 2007 > http://www.shrubbery.net/pipermail/rancid-discuss/2007-March/002154.html > that talked about this or something related to this. > > best i can remember from past research on using git and rancid. Thanks for that. ---- > $BASEDIR is the dir into which all groups go. If you put a generic > lockfile here you will make it so multiple groups can't be polled at one > time. Typically a temp dir is used where the file includes the group name > so there is no stepping on of toes, and stale lockfiles aren't left in > unexpected places. The locks shouldn't slow down polling, the lock is only held when making commits to the Git repository which shouldn't happen during polling (unless I'm misunderstanding something about the code). I needed the locks because I need to run a series of git commands atomically or changes from other groups might become part of the wrong commit. ---- That seems out of scope to me. Perhaps i do not yet understand the process in git. how would the commits in one group become part of another group's commit? the commit occurs in the group's directory. > james > > On Fri, May 16, 2014 at 6:37 PM, heasley wrote: > > trying to integrate, test and sanitize the git patch; does anyone know the > > significance of the flock in control_rancid around commits: > > > > + git ) > > + ( > > + flock -x 200 > > + git add $router > > + git commit -m "$message" > > + ) 200>$BASEDIR/.lockfile > > > > git must do its own locking, and rancid does its own per-group. so, > > paranoia or some special git thing? > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From lexore at gmail.com Wed May 21 11:18:16 2014 From: lexore at gmail.com (lexore) Date: Wed, 21 May 2014 15:18:16 +0400 Subject: [rancid] show policy detail on extreme switches Message-ID: Hello. We use rancid to backup configs of Extreme switches. I noticed, that rancid don't save output of "show policy detail". We need to backup this too. I tried to add support of this command to xrancid. I wrote subroutine (copy of WriteTerm), added string to @commandtable, but without success. Syntax of output "show policy detail" significant differ from usual cisco-style configs. Is anyone solved this for it's own needs? Or maybe you could suggest, how i can add support of this command in xrancid? I attached example of ouput "show policy detail" to message. Copy here: http://pastebin.com/p6h4bgsE We use Extreme Summit X670V ExtremeXOS version 15.3.1.4 v1531b4-patch1-29 Thanks in advance. Igor. -- lexore at gmail.com -------------- next part -------------- Policies at Policy Server: Policy: IXFilter entry IXFilter1 { if match all { ethernet-destination-address 01:80:c2:00:00:02 ; ethernet-type 0x8809 ; } then { permit ; } } entry IXFilter2 { if match all { ethernet-type 0x0800 ; } then { permit ; } } entry IXFilter3 { if match all { ethernet-type 0x0806 ; } then { permit ; } } entry IXFilter4 { if match all { ethernet-type 0x86dd ; } then { permit ; } } entry IXFilter6 { if match all { ethernet-destination-address 00:00:00:00:00:00 / 00:00:00:00:00:00 ; } then { deny ; } } Number of clients bound to policy: 1 Client: acl bound once Policy: SrvFilter entry SrvFilter1 { if match all { ethernet-destination-address 01:80:c2:00:00:02 ; ethernet-type 0x8809 ; } then { permit ; } } entry SrvFilter2 { if match all { ethernet-type 0x0800 ; } then { permit ; } } entry SrvFilter3 { if match all { ethernet-type 0x0806 ; } then { permit ; } } entry SrvFilter4 { if match all { ethernet-type 0x86dd ; } then { permit ; } } entry SrvFilter5 { if match all { ethernet-destination-address 00:00:00:00:00:00 / 00:00:00:00:00:00 ; } then { deny ; } } Number of clients bound to policy: 1 Client: acl bound once Policy: UpStreamFilter entry LACP_permit { if match all { ethernet-destination-address 01:80:c2:00:00:02 ; ethernet-type 0x8809 ; } then { packet-count LACP_permit ; permit ; } } entry IPV4_permit { if match all { ethernet-type 0x0800 ; } then { packet-count IPV4_permit ; permit ; } } entry ARP_permit { if match all { ethernet-type 0x0806 ; } then { packet-count ARP_permit ; permit ; } } entry IPV6_permit { if match all { ethernet-type 0x86dd ; } then { packet-count IPV6_permit ; permit ; } } entry STP_deny { if match all { ethernet-type 0x0802 ; } then { packet-count STP_deny ; permit ; } } entry ALL_deny { if match all { ethernet-destination-address 00:00:00:00:00:00 / 00:00:00:00:00:00 ; } then { packet-count ALL_deny ; permit ; } } Number of clients bound to policy: 1 Client: acl bound once Policy: vty-access entry AllowTheseSubnets { if match any { source-address 1.1.1.0/24 ; } then { permit ; } } Number of clients bound to policy: 1 Client: exsshd bound once From david.brown at pnnl.gov Wed May 21 20:07:26 2014 From: david.brown at pnnl.gov (Brown, David M JR) Date: Wed, 21 May 2014 20:07:26 +0000 Subject: [rancid] Rancid and Git Message-ID: >---- >> $BASEDIR is the dir into which all groups go. If you put a generic >> lockfile here you will make it so multiple groups can't be polled at one >> time. Typically a temp dir is used where the file includes the group >>name >> so there is no stepping on of toes, and stale lockfiles aren't left in >> unexpected places. > >The locks shouldn't slow down polling, the lock is only held when making >commits to the Git repository which shouldn't happen during polling >(unless I'm misunderstanding something about the code). I needed the >locks because I need to run a series of git commands atomically or >changes from other groups might become part of the wrong commit. >---- > >That seems out of scope to me. Perhaps i do not yet understand the >process >in git. how would the commits in one group become part of another group's >commit? the commit occurs in the group's directory. One of the big differences between svn commit and git commit is the current working directory doesn?t matter for git and it does for svn. My guess is that they did this then to ensure that commits to on group don?t have race conditions with another group being modified. A fix to this would be to do a 'git commit -m ?$message? *' this should only commit things in the current working directory and not differences in the entire tree. Hopefully this helps. Thanks, - David Brown From jeff at ocjtech.us Wed May 21 19:58:22 2014 From: jeff at ocjtech.us (Jeffrey Ollie) Date: Wed, 21 May 2014 14:58:22 -0500 Subject: [rancid] Rancid and Git In-Reply-To: <20140521185544.GG76997@shrubbery.net> References: <20140429143929.GE19840@shrubbery.net> <20140517013752.GA83679@shrubbery.net> <20140521185544.GG76997@shrubbery.net> Message-ID: On Wed, May 21, 2014 at 1:55 PM, heasley wrote: > Mon, May 19, 2014 at 11:16:37AM -0700, james machado: >> there was a message about git and locks back in 2007 >> http://www.shrubbery.net/pipermail/rancid-discuss/2007-March/002154.html >> that talked about this or something related to this. >> >> best i can remember from past research on using git and rancid. > > Thanks for that. > > ---- >> $BASEDIR is the dir into which all groups go. If you put a generic >> lockfile here you will make it so multiple groups can't be polled at one >> time. Typically a temp dir is used where the file includes the group name >> so there is no stepping on of toes, and stale lockfiles aren't left in >> unexpected places. > > The locks shouldn't slow down polling, the lock is only held when making > commits to the Git repository which shouldn't happen during polling > (unless I'm misunderstanding something about the code). I needed the > locks because I need to run a series of git commands atomically or > changes from other groups might become part of the wrong commit. > ---- > > That seems out of scope to me. Perhaps i do not yet understand the process > in git. how would the commits in one group become part of another group's > commit? the commit occurs in the group's directory. Git is different from CVS or SVN. In CVS and SVN directories are significant in that they are essentially separate repositories. In Git there is only one repository and a "git add" done in one directory will be included in a "git commit" done in a different directory. -- Jeff Ollie From alan.mckinnon at gmail.com Wed May 21 22:31:43 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 22 May 2014 00:31:43 +0200 Subject: [rancid] show policy detail on extreme switches In-Reply-To: References: Message-ID: <537D294F.4090505@gmail.com> On 21/05/2014 13:18, lexore wrote: > Hello. > > We use rancid to backup configs of Extreme switches. > I noticed, that rancid don't save output of "show policy detail". > We need to backup this too. > I tried to add support of this command to xrancid. > I wrote subroutine (copy of WriteTerm), added string to @commandtable, > but without success. > Syntax of output "show policy detail" significant differ from usual > cisco-style configs. > Is anyone solved this for it's own needs? > Or maybe you could suggest, how i can add support of this command in xrancid? > > I attached example of ouput "show policy detail" to message. > Copy here: http://pastebin.com/p6h4bgsE > We use Extreme Summit X670V > ExtremeXOS version 15.3.1.4 v1531b4-patch1-29 Indeed, that output looks nothing like anything from a Cisco :-) When I look over the output your supplied, nothing in there looks like it might cycle or need to be removed. So that makes life much easier - all you need is a sub that accepts everything and throws nothing away. Like this: 1. add to end of @commandtable near line 420: {'show policy detail' => 'ShowPolicy'}, 2. A new sub: # This routine parses "show policy detail" sub ShowPolicy { print STDERR " In ShowMemory: $_" if ($debug); while () { tr/\015//d; last if(/^$prompt/); next if(/^(\s*|\s*$cmd\s*)$/); # Any tweaks to individual lines get done here # catch anything that wasnt match above. ProcessHistory("COMMENTS","keysort","H0","$_"); } return(0); } That's about it. Completely untested so YMMV but the basics are there. If you do need to tweak individual lines, the existing code is full of examples. You just need some fegex-fu and it's quite obvious - -- Alan McKinnon alan.mckinnon at gmail.com From Michael.Josten at hs-niederrhein.de Thu May 22 06:39:59 2014 From: Michael.Josten at hs-niederrhein.de (Josten, Michael) Date: Thu, 22 May 2014 08:39:59 +0200 Subject: [rancid] Rancid 3.0 & Rancid 3.1 issues with foundry / enterasys In-Reply-To: <20140521144613.GC70211@shrubbery.net> References: <9BDA0B754D62C64FBE6B0CFFA429C47A29B1BF352A@prometheus> <20140521144613.GC70211@shrubbery.net> Message-ID: <9BDA0B754D62C64FBE6B0CFFA429C47A29B1BF352B@prometheus> Hi and thanks for the reply, I found several errors inside the logs. starting: Wed May 21 13:47:18 CEST 2014 property 'svn:ignore' set on '.' Updating '.': At revision 6. Sending . Sending router.db Transmitting file data . Committed revision 7. /usr/local/rancid/bin/control_rancid: 309: /usr/local/rancid/bin/control_rancid: no: not found I don't know if this is bad or not, but "not found" doesn't sound so good ;) Here's an log example of a brocade ( foundry ) FCX648S-HPOE switch. 172.18.0.245: found unexpected command - "write term" 172.18.0.245: missed cmd(s): show running-config 172.18.0.245: End of run not found Another example for the N7 Matrix Switch ( Enterasys ) send: spawn id exp6 not open while executing "send "\r"" (procedure "login" line 92) invoked from within "login $router $user $userpswd $passwd $enapasswd " ("foreach" body line 70) invoked from within "foreach router [lrange $argv $idx end] { set router [string tolower $router] send_user -- "$router\n" # device timeout set timeout [f..." (file "/usr/local/rancid/bin/rivlogin" line 842) 172.18.1.21: missed cmd(s): all commands 172.18.1.21: End of run not found -----Urspr?ngliche Nachricht----- Von: heasley [mailto:heas at shrubbery.net] Gesendet: Mittwoch, 21. Mai 2014 16:46 An: Josten, Michael Betreff: Re: [rancid] Rancid 3.0 & Rancid 3.1 issues with foundry / enterasys Wed, May 21, 2014 at 02:53:38PM +0200, Josten, Michael: > I made a test rancid installation to check if problems occur with an version upgrade. > Necessary changes were made to router.db files and most of the config > ported from 2.3.8 to version 3.1. My syslog messages show that the > user I assigned to rancid via tacacs+ logs into all devices and and executes commands like "show running-config" > So the scripts must be working to some point. Sadly only > configurations from HP ProCurve 2510G Switches are checked into my svn > repo. Settings in my .cloginrc are working, so I guess something Broke > and stops my previous config from working with this particular setup. I am a real noob When it comes to analyzing the scripts rancid uses, so I hope you can help me out. > Switches we use > > BigIron > FastIron > N7 > N3 Are N7 and N3 foundry switches? Please look at the logs directory for per-group logs and review them for errors. This is the easiest place to start. Tsch?? > Michael Josten > Mitarbeiter IT-Betrieb > Hochschule Niederrhein > KIS - Kommunikations und Informationssysteme Service Niederrhein > University of Applied Sciences Communication and Informationsystems > Service Reinarzstr. 49 D - 47805 Krefeld > Telefon: +49 2151 822 3129 > Fax: +49 2151 822 853123 > Email: > michael.josten at hs-niederrhein.de. > de> www.hs-niederrhein.de> > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From mus3 at Lehigh.EDU Thu May 22 14:29:58 2014 From: mus3 at Lehigh.EDU (Munroe Sollog) Date: Thu, 22 May 2014 10:29:58 -0400 Subject: [rancid] HP switches Message-ID: <537E09E6.1080206@lehigh.edu> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm investigating rancid as a way to reliably download configs from HP switches. Below I have included my .cloginrc file as well as the output from hlogin. It seems to log in successfully, however it never executes the command. Any help would be appreciated .cloginrc - --------------------- add password * password add user * user $ /usr/local/rancid/bin/hlogin -d -noenable -c "y;show version" 172.16.203.244 172.16.203.244 spawn hpuifilter -- telnet 172.16.203.244 parent: waiting for sync byte parent: telling child to go ahead parent: now unsynchronized from child spawn: returns {23604} expect: does "" (spawn_id exp6) match glob pattern "Press any key to continue"? no "Enter switch number to connect to or :"? no "(Connection refused|Secure connection [^\n\r]+ refused|Connection closed by)"? no "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).* \(yes/no\)\?"? no "HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? no "HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? no "Offending key for .* \(yes/no\)\?"? no expect: does "" (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does "" (spawn_id exp6) match regular expression "Enter passphrase.*: "? no "([Uu]sername|[Ll]ogin|user name|Login Name):"? no "([Pp]assword|passwd):"? no ">"? no "denied"? no "% Bad passwords"? no Trying 172.16.203.244... telnet: connect to address 172.16.203.244: Connection refused telnet: Unable to connect to remote host: Connection refused expect: does "Trying 172.16.203.244...\r\r\r\ntelnet: connect to address 172.16.203.244: Connection refused\r\r\ntelnet: Unablo "Enter switch number to connect to or :"? no "(Connection refused|Secure connection [^\n\r]+ refused|Connection closed by)"? yes expect: set expect_out(0,string) "Connection refused" expect: set expect_out(1,string) "Connection refused" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) "Trying 172.16.203.244...\r\r\r\ntelnet: connect to address 172.16.203.244: Connection refused" spawn hpuifilter -- ssh -c 3des -x -l user 172.16.203.244 parent: waiting for sync byte parent: telling child to go ahead parent: now unsynchronized from child spawn: returns {23608} expect: does "" (spawn_id exp6) match glob pattern "Press any key to continue"? no "Enter switch number to connect to or :"? no "(Connection refused|Secure connection [^\n\r]+ refused|Connection closed by)"? no "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).* \(yes/no\)\?"? no "HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? no "HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? no "Offending key for .* \(yes/no\)\?"? no expect: does "" (spawn_id exp6) match glob pattern "unknown host\r"? no expect: does "" (spawn_id exp6) match regular expression "Enter passphrase.*: "? no "([Uu]sername|[Ll]ogin|user name|Login Name):"? no "([Pp]assword|passwd):"? no ">"? no "denied"? no "% Bad passwords"? no We'd like to keep you up to date about: * Software feature updates * New product announcements expect: does "We'd like to keep you up to date about:\r\r\n * Software feature updates\r\r\n * New product announcements\r\ro "Enter switch number to connect to or :"? no "(Connection refused|Secure connection [^\n\r]+ refused|Connection closed by)"? no "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).* \(yes/no\)\?"? no "HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? no "HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? no "Offending key for .* \(yes/no\)\?"? no expect: does "We'd like to keep you up to date about:\r\r\n * Software feature updates\r\r\n * New product announcements\r\ro expect: does "We'd like to keep you up to date about:\r\r\n * Software feature updates\r\r\n * New product announcements\r\ro "([Uu]sername|[Ll]ogin|user name|Login Name):"? no "([Pp]assword|passwd):"? no ">"? no "denied"? no "% Bad passwords"? no * Special events Please register your products now at: www.ProCurve.com user at 172.16.203.244's password: expect: does "We'd like to keep you up to date about:\r\r\n * Software feature updates\r\r\n * New product announcements\r\ro "Enter switch number to connect to or :"? no "(Connection refused|Secure connection [^\n\r]+ refused|Connection closed by)"? no "Host is unreachable"? no "No address associated with name"? no "(Host key not found |The authenticity of host .* be established).* \(yes/no\)\?"? no "HOST IDENTIFICATION HAS CHANGED.* \(yes/no\)\?"? no "HOST IDENTIFICATION HAS CHANGED[^\n\r]+"? no "Offending key for .* \(yes/no\)\?"? no expect: does "We'd like to keep you up to date about:\r\r\n * Software feature updates\r\r\n * New product announcements\r\ro expect: does "We'd like to keep you up to date about:\r\r\n * Software feature updates\r\r\n * New product announcements\r\ro "([Uu]sername|[Ll]ogin|user name|Login Name):"? no "([Pp]assword|passwd):"? yes expect: set expect_out(0,string) "password:" expect: set expect_out(1,string) "password" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) "We'd like to keep you up to date about:\r\r\n * Software feature updates\r\r\n * New product" send: sending "password\r" to { exp6 } expect: does " " (spawn_id exp6) match glob pattern "Press any key to continue"? no "[Pp]assword:"? no ">"? no expect: does " \r\r\n" (spawn_id exp6) match glob pattern "Press any key to continue"? no "[Pp]assword:"? no ">"? no ProCurve J9299A Switch 2520G-24-PoE Software revision J.14.01 expect: does " \r\r\nProCurve J9299A Switch 2520G-24-PoE\r\r\r\nSoftware revision J.14.01\r\r\r\n\r\r\r\n" (spawn_id exp6) mato "[Pp]assword:"? no ">"? no Copyright (C) 1991-2009 Hewlett-Packard Co. All Rights Reserved. RESTRICTED RIGHTS LEGEND Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data and expect: does " \r\r\nProCurve J9299A Switch 2520G-24-PoE\r\r\r\nSoftware revision J.14.01\r\r\r\n\r\r\r\nCopyright (C) 1991-20o "[Pp]assword:"? no ">"? no Computer Software clause at 52.227-7013. HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303 Press any key to continue expect: does " \r\r\nProCurve J9299A Switch 2520G-24-PoE\r\r\r\nSoftware revision J.14.01\r\r\r\n\r\r\r\nCopyright (C) 1991-20s expect: set expect_out(0,string) "Press any key to continue" expect: set expect_out(spawn_id) "exp6" expect: set expect_out(buffer) " \r\r\nProCurve J9299A Switch 2520G-24-PoE\r\r\r\nSoftware revision J.14.01\r\r\r\n\r\r\r\nCop" send: sending " " to { exp6 } expect: continuing expect expect: does "" (spawn_id exp6) match glob pattern "Press any key to continue"? no "[Pp]assword:"? no ">"? no Richards_switch_F# expect: does "Richards_switch_F# " (spawn_id exp6) match glob pattern "Press any key to continue"? no "[Pp]assword:"? no ">"? no sighandler: handling signal(2) async event handler: Tcl_Eval(exit 130) - -- Munroe Sollog LTS - Network Analyst x85002 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iQEcBAEBAgAGBQJTfgnlAAoJEPbbZiWCKDVC5SQH/30YAKrkZu8h7ZnOwP4XYf9E JNC1xGykdXQ/to/AAFvyBXmgeDGnXjypGbKCoi/xAEbfElGxa6PI4p69XK9z0gxS 1aGNy0SIJrCy2/AnYg7sneYitt8JC1vHkNoxUGDioIkMoYbOzVvUH6rerx7imXNU BaIVWG43FUHJ2YSU4nNlxfF+WjhTbZXt3djJiGUuwW9vWDUy9JHqG71y8UmUb57w GgPJwpIk5nIFeYB6CU+lTVNGoAwbLhISilWsTywT+ctyv9dtVY64fz+QOwkgC4Oc EB0ZH2gi8rAXtFHMIPcOC7hGSoV+NbVZFb8SoG3EskbYC3Tk6X8bnl/rmmhf0ac= =jJ1n -----END PGP SIGNATURE----- From peo at chalmers.se Sat May 24 05:05:46 2014 From: peo at chalmers.se (Per-Olof Olsson) Date: Sat, 24 May 2014 07:05:46 +0200 Subject: [rancid] HP switches In-Reply-To: <537E09E6.1080206@lehigh.edu> References: <537E09E6.1080206@lehigh.edu> Message-ID: <538028AA.9040908@chalmers.se> Munroe Sollog skrev 2014-05-22 16:29: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I'm investigating rancid as a way to reliably download configs from HP switches. Below I have > included my .cloginrc file as well as the output from hlogin. It seems to log in successfully, > however it never executes the command. Any help would be appreciated > > .cloginrc > - --------------------- > add password * password > add user * user > > > > $ /usr/local/rancid/bin/hlogin -d -noenable -c "y;show version" 172.16.203.244 > 172.16.203.244 ... Yes, looks like login working but you have to use "-autoenable" instead of -noenable or set "add autoenable 1" in your .cloginrc -noenable only useful if you login and stay at operator level. HP switches, and some other devices that login directly to manager level, need to have autoenable on. /Peo ---------------------------------------------------------- Per-Olof Olsson Email: peo at chalmers.se Chalmers tekniska h?gskola IT-service Arvid Hedvalls backe 6 412 96 G?teborg Tel: 031/772 6738 Fax: 031/772 8680 ----------------------------------------------------------