From jm+rancid at roth.lu Sat Aug 1 09:48:39 2015 From: jm+rancid at roth.lu (jm+rancid at roth.lu) Date: Sat, 1 Aug 2015 11:48:39 +0200 Subject: [rancid] How to extend Rancid. Basics. Message-ID: <55BC95F7.60506@roth.lu> Hi there, I wanted to extend Rancid with a script to monitor some Checkpoint Gaia firewalls. What needs to be done there is login, issue a command to stop pagination, and then say "show configuration". That's it. Yeah I know these devices allow a scheduled backup that I could somehow inject into SVN. Certainly. But that is not the question. Now I find a myriad of scripts for other devices but which seem too complicated to me, since I'm not the absolute Perl guru. Clogin works fine for the login, expect for some commands for setting up the terminal that it gives, which don't make sense on Checkpoint. The question thus is: what is the absolute minimum required feature set of the actual script to interact with the main rancid application i.e. feed it the content so it is stored in SVN? I don't want to use any advanced features. Is there a doc on all of this? I'd love to provide "signatures" for certain devices but this somehow stands in my way. I also see that there seem to be several approchaches. There are different xxrancid scripts in the bin directory. On the other hand, some devices seem to call rancid directly with the -t parameter, which seems to use libs from the lib directory, which looks like a more modular approach. What's the difference, and what is the official/recommended approach? Thanks. Marki From rancid at ale.cx Sat Aug 1 11:30:06 2015 From: rancid at ale.cx (Alex DEKKER) Date: Sat, 01 Aug 2015 12:30:06 +0100 Subject: [rancid] How to extend Rancid. Basics. In-Reply-To: <55BC95F7.60506@roth.lu> References: <55BC95F7.60506@roth.lu> Message-ID: <55BCADBE.6020406@ale.cx> On 01/08/15 10:48, jm+rancid at roth.lu wrote: > Hi there, > > I wanted to extend Rancid with a script to monitor some Checkpoint > Gaia firewalls. Obviously not wanting to hijack the thread or anything, I have a related question: If one wanted to add a new device type, what is the best existing device type to use as a starting point? alexd From alan.mckinnon at gmail.com Sat Aug 1 12:12:19 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sat, 1 Aug 2015 14:12:19 +0200 Subject: [rancid] How to extend Rancid. Basics. In-Reply-To: <55BCADBE.6020406@ale.cx> References: <55BC95F7.60506@roth.lu> <55BCADBE.6020406@ale.cx> Message-ID: <55BCB7A3.10405@gmail.com> On 01/08/2015 13:30, Alex DEKKER wrote: > On 01/08/15 10:48, jm+rancid at roth.lu wrote: >> Hi there, >> >> I wanted to extend Rancid with a script to monitor some Checkpoint >> Gaia firewalls. > > Obviously not wanting to hijack the thread or anything, I have a related > question: If one wanted to add a new device type, what is the best > existing device type to use as a starting point? It's not that simple, there is no "master reference device type" so to speak. Here's how rancid works: For each device, a process is fired off that will return a text file. This file is checked into CVS. If it has changed, CVS tracks the change. If it has not changed, CVS does nothing (the usual CVS behaviour). You will notice that the only thing rancid wants back from this script is a text file, which could in fact be anything. You could return a Mickey Mouse cartoon screenplay and rancid will dutifully book it into CVS for you, complete with a diff. That this file is of no real use to you is irrelevant, rancid will still track it, The oldest and still most used of the various parsers is the one for Cisco IOS and there is a persistent view that this script and it's associated clogin is somehow a canonical script or a master model. Nothing could be further from the truth - it is nothing more than a script the original author wrote that reliably gets the job done. If you need to track a different device type that mostly resembles IOS[1], then start with that one. Note that you don't have to, it's just a reasonable way to get started and get a result. It's also the most generic script of the lot because it has to deal with everything Cisco has done for years - the others all tend to be much more device-specific. I wrote such a parser for AudioCodes once, the IOS script was a decent starting point. To do the same for my NetGear DSL modem at home, using the same starting point would be totally pointless, it is just so different. To help you find a starting point, you would need to say what device it is, clearly define exactly how one logs into it, what commands must be run and what the output looks like. This last is most important, the bulk of getting rancid to behave properly is getting the regexes right that process the output text. So the question you need to answer is how similar to IOS is your device? [1] By "resemble", I mean log in with telnet or ssh, possibly enable, issue some terminal setup commands, issue a bunch of get config commands then trawl through it all with heaps of magic regexes. The exact list of commands is completely irrelevant, they are stored in a perl array in the script itself and you should change the list to suit what your device needs. The list need not share anything in common with IOS! It does need to do telnet/ssh and give EOL similarly. -- Alan McKinnon alan.mckinnon at gmail.com From mnewton at pofp.com Sat Aug 1 14:54:33 2015 From: mnewton at pofp.com (Michael Newton) Date: Sat, 1 Aug 2015 14:54:33 +0000 Subject: [rancid] How to extend Rancid. Basics. In-Reply-To: <55BC95F7.60506@roth.lu> References: <55BC95F7.60506@roth.lu> Message-ID: I did something up for our Aruba switches a couple of months ago. I'm not a Perl guy but my PHP and regular expressions background was enough to figure it out: https://github.com/miken32/rancid-aruba/. As you suspect, the modular method is the way that modern RANCID works. If clogin works for your gear then you're one step ahead; you just need to write the Perl module. (Note that even though the Cisco login works, it may not react properly to failure conditions since error messages aren't necessarily the same.) Use an existing Perl module to figure out what's going on, and rebuild to your liking. -- Michael Newton On Sat, Aug 1, 2015 at 2:49 AM -0700, "jm+rancid at roth.lu" > wrote: Hi there, I wanted to extend Rancid with a script to monitor some Checkpoint Gaia firewalls. What needs to be done there is login, issue a command to stop pagination, and then say "show configuration". That's it. Yeah I know these devices allow a scheduled backup that I could somehow inject into SVN. Certainly. But that is not the question. Now I find a myriad of scripts for other devices but which seem too complicated to me, since I'm not the absolute Perl guru. Clogin works fine for the login, expect for some commands for setting up the terminal that it gives, which don't make sense on Checkpoint. The question thus is: what is the absolute minimum required feature set of the actual script to interact with the main rancid application i.e. feed it the content so it is stored in SVN? I don't want to use any advanced features. Is there a doc on all of this? I'd love to provide "signatures" for certain devices but this somehow stands in my way. I also see that there seem to be several approchaches. There are different xxrancid scripts in the bin directory. On the other hand, some devices seem to call rancid directly with the -t parameter, which seems to use libs from the lib directory, which looks like a more modular approach. What's the difference, and what is the official/recommended approach? Thanks. Marki _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From jm+rancid at roth.lu Sat Aug 1 16:46:04 2015 From: jm+rancid at roth.lu (JM) Date: Sat, 1 Aug 2015 16:46:04 +0000 (UTC) Subject: [rancid] How to extend Rancid. Basics. References: <55BC95F7.60506@roth.lu> <55BCADBE.6020406@ale.cx> <55BCB7A3.10405@gmail.com> Message-ID: Alan McKinnon gmail.com> writes: > > On 01/08/2015 13:30, Alex DEKKER wrote: > > On 01/08/15 10:48, jm+rancid roth.lu wrote: > >> Hi there, > >> > >> I wanted to extend Rancid with a script to monitor some Checkpoint > >> Gaia firewalls. > > > > It's not that simple, there is no "master reference device type" so to > speak. > > Here's how rancid works: Ok, as I thought, you just give rancid some text to store. For non-perl gurus, the modern modular method is complicated. In fact, the regexes you are talking about are specific to that I believe. As are variables like $found_end and $clean_run that seem to be important to talk to the main process. (Or is it just the return codes?) Nothing will however prevent me from using the "old" method, give it a "script" and a "login" (in the types file). "login" can be, well, expect the login prompt, send the username, etc. you get it. The "script" can be a stupid expect script running "show configuration" and capturing the output. Maybe with some wrapper in a language one is fluent in around it to carry out additional checks. Don't get me wrong. It's great that the "modern method" to use rancid is more modular (also less code duplication like with copying scripts etc.). It could however be interesting to have some abstract configuration file where you just tell it what to do, what to expect as a return, what to treat as error. Much like "expect" in itself, but simpler, because in that case you'd need to be a TCL guru. I'm thinking more along the lines of an INI file or something =D From matta at surveymonkey.com Sun Aug 2 03:02:10 2015 From: matta at surveymonkey.com (Matt Almgren) Date: Sun, 2 Aug 2015 03:02:10 +0000 Subject: [rancid] Grab the f5 UCS file and check it into CVS In-Reply-To: References: Message-ID: Resending as I didn't see this make it to the mailing list. -- Matt Almgren, Sr. Networking Engineer 101 Lytton Ave., Palo Alto. CA 94301 matta at surveymonkey.com 408.499.9669 ________________________________ From: Matt Almgren Sent: Saturday, August 1, 2015 4:06 PM To: rancid-discuss at shrubbery.net Subject: Grab the f5 UCS file and check it into CVS Is there any way Rancid can grab the UCS file from an f5 and then store that in CVS? I'm sure I can figure out a way to issue the command. But I'm not sure how to dump it (is it even in text?) and then store it into CVS. Thanks! -- Matt Almgren, Sr. Networking Engineer 101 Lytton Ave., Palo Alto. CA 94301 matta at surveymonkey.com 408.499.9669 -------------- next part -------------- An HTML attachment was scrubbed... URL: From matta at surveymonkey.com Sat Aug 1 23:06:37 2015 From: matta at surveymonkey.com (Matt Almgren) Date: Sat, 1 Aug 2015 23:06:37 +0000 Subject: [rancid] Grab the f5 UCS file and check it into CVS Message-ID: Is there any way Rancid can grab the UCS file from an f5 and then store that in CVS? I'm sure I can figure out a way to issue the command. But I'm not sure how to dump it (is it even in text?) and then store it into CVS. Thanks! -- Matt Almgren, Sr. Networking Engineer 101 Lytton Ave., Palo Alto. CA 94301 matta at surveymonkey.com 408.499.9669 -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Sun Aug 2 10:39:52 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sun, 2 Aug 2015 12:39:52 +0200 Subject: [rancid] How to extend Rancid. Basics. In-Reply-To: References: <55BC95F7.60506@roth.lu> <55BCADBE.6020406@ale.cx> <55BCB7A3.10405@gmail.com> Message-ID: <55BDF378.60403@gmail.com> On 01/08/2015 18:46, JM wrote: > Alan McKinnon gmail.com> writes: > >> >> On 01/08/2015 13:30, Alex DEKKER wrote: >>> On 01/08/15 10:48, jm+rancid roth.lu wrote: >>>> Hi there, >>>> >>>> I wanted to extend Rancid with a script to monitor some Checkpoint >>>> Gaia firewalls. >>> >> >> It's not that simple, there is no "master reference device type" so to >> speak. >> >> Here's how rancid works: > > Ok, as I thought, you just give rancid some text to store. > > For non-perl gurus, the modern modular method is complicated. In fact, the > regexes you are talking about are specific to that I believe. As are > variables like $found_end and $clean_run that seem to be important to talk > to the main process. (Or is it just the return codes?) The regexes are the bulk of the main loop inside the *rancid scripts, and there are hundreds of them. Each one follows these general sort of examples: /some regular expression/ && next; /some regular expression/ && ProcessHistory(...); These are the magic bits of code that determine exactly what text will make it into the output file that is eventually stored in CVS. They are a monumental pain in the butt to maintain but there's really no other way to do it. It's not rancid's fault - blame the kit vendors for not agreeing to provide a standard way to access the info (which just happens to be the second most important thing about it once the device works as intended). So each line has to be examined individually and treated as a separate entity. $found_end and $clean_run are internal true/false flag variables. They indicate if the script got the full text it was expecting (a chunk of text corresponding to each command issues plus a proper EOF at the end), and if no errors were found. These flags tell the script if it must exit with success or failure. > > Nothing will however prevent me from using the "old" method, give it a > "script" and a "login" (in the types file). Yes, you can do this. It's probably the better route if you only need to deal with one device type not supported by rancid as shipped. The code will be clean and you know right away it's a local addition to the codebase > > "login" can be, well, expect the login prompt, send the username, etc. you > get it. The "script" can be a stupid expect script running "show > configuration" and capturing the output. Maybe with some wrapper in a > language one is fluent in around it to carry out additional checks. Yes, that's the way to do it. Use whatever tool you know and feels right > > Don't get me wrong. It's great that the "modern method" to use rancid is > more modular (also less code duplication like with copying scripts etc.). It > could however be interesting to have some abstract configuration file where > you just tell it what to do, what to expect as a return, what to treat as > error. Much like "expect" in itself, but simpler, because in that case you'd > need to be a TCL guru. I'm thinking more along the lines of an INI file or > something =D I'm not sure I understand this paragraph. What is it that you want to configure? -- Alan McKinnon alan.mckinnon at gmail.com From jm+rancid at roth.lu Sun Aug 2 12:49:24 2015 From: jm+rancid at roth.lu (JM) Date: Sun, 2 Aug 2015 12:49:24 +0000 (UTC) Subject: [rancid] How to extend Rancid. Basics. References: <55BC95F7.60506@roth.lu> <55BCADBE.6020406@ale.cx> <55BCB7A3.10405@gmail.com> <55BDF378.60403@gmail.com> Message-ID: Alan McKinnon gmail.com> writes: > > > > Don't get me wrong. It's great that the "modern method" to use rancid is > > more modular (also less code duplication like with copying scripts etc.). It > > could however be interesting to have some abstract configuration file where > > you just tell it what to do, what to expect as a return, what to treat as > > error. Much like "expect" in itself, but simpler, because in that case you'd > > need to be a TCL guru. I'm thinking more along the lines of an INI file or > > something =D > > I'm not sure I understand this paragraph. What is it that you want to > configure? > As far as that section goes, I was just wondering why there has to be code for what could be considered configuration/definition in a format everyone is able to use. Maybe we should take a step back and get a look at the big picture. What do we want rancid to do? Login, issue commands, get some replies, filter what's deemed useful, and then logout again. What could a simple definition in an abstract langugage (INI file, JSON, ...) look like? -------------------------------------------------- [router1] ## metadata connectmethod=ssh username=x password=y passphrase=z # login prompts userprompt=User Name: passprompt=Password: # command prompt (regex) commprompt=/>\s*$/ # enable mode required/exists # this could even be generalized to any other special modes # or even issued as a simple cmd[] below enable=1 enablecommand=enable enableprompt=/#\s*$/ ## now tell it what to do # command after successful login (commprompt seen) cmd[1]=show configuration # how to find out when previous command has sent all output? (default=commprompt) end[1]=commprompt # filters on output filter[1][1]=s/password (.*)/x/ filter[1][2]=s/bla/blubb/ cmd[2]=show version #end[2]=commprompt (default) cmd[3]=show dir # instead of using special "enable" statement above, just do it manually here cmd[4]=enable end[4]=/#\s*/ # then do more stuff cmd[5]=exit end[5]=Connection closed. -------------------------------------------------- From nick at foobar.org Sun Aug 2 13:15:23 2015 From: nick at foobar.org (Nick Hilliard) Date: Sun, 2 Aug 2015 14:15:23 +0100 Subject: [rancid] Brocade TurboIron24 In-Reply-To: References: Message-ID: <87D9E1F6-9637-4ECC-9224-089A859869E2@foobar.org> These are type: "foundry". 7.4.00j would be a good choice for software. Nick Sent from my iWotsit. > On 31 Jul 2015, at 19:11, Pedrosi, Derek G. wrote: > > Greetings all, > I have a few of Brocade?s TI24s in my environment. I would like to intergrate them into Rancid with my Cisco gear, but I have not had any luck. Can someone possibly point my in the right direction? > > > Many thanx, > derek > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Sun Aug 2 14:50:40 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Sun, 2 Aug 2015 16:50:40 +0200 Subject: [rancid] How to extend Rancid. Basics. In-Reply-To: References: <55BC95F7.60506@roth.lu> <55BCADBE.6020406@ale.cx> <55BCB7A3.10405@gmail.com> <55BDF378.60403@gmail.com> Message-ID: <55BE2E40.8010602@gmail.com> On 02/08/2015 14:49, JM wrote: > Alan McKinnon gmail.com> writes: > >>> >>> Don't get me wrong. It's great that the "modern method" to use rancid is >>> more modular (also less code duplication like with copying scripts etc.). It >>> could however be interesting to have some abstract configuration file where >>> you just tell it what to do, what to expect as a return, what to treat as >>> error. Much like "expect" in itself, but simpler, because in that case you'd >>> need to be a TCL guru. I'm thinking more along the lines of an INI file or >>> something =D >> >> I'm not sure I understand this paragraph. What is it that you want to >> configure? >> > > > As far as that section goes, I was just wondering why there has to be code > for what could be considered configuration/definition in a format everyone > is able to use. > > Maybe we should take a step back and get a look at the big picture. What do > we want rancid to do? Login, issue commands, get some replies, filter what's > deemed useful, and then logout again. "filter what is deemed useful" is where it all breaks down. There are not a few of these, there are HUNDREDS of them for each device. Again, blame the vendors for forcing us to resort to the worst possible solution - manually parse free-form text output to derive information. And we haven't even touched yet on the bits where stuff needs to be redacted. "show run" dumps plenty secrets to the output - encryption keys, community strings, passwords, hashes, certificates, private keys and who knows what else, all of which has to be manually examined and a regex written. And it's not just "write stuff to output", it's "write stuff to output in such a way that it is consistently ordered to not continually upset CVS with noise that isn't a real change". See the ACL handling for the best example of why this is vital. It very quickly explodes out of control if you attempt to do it any other way than how it is done. > > What could a simple definition in an abstract langugage (INI file, JSON, > ...) look like? At heart, it would be a lookup pair. I'm only concentrating on the output text mangling as everything else is easy, .ini key-value pairs will suffice. You'd have a regex on the left (no other descriptive language comes close to a regex) and an action on the right. The trouble is, that action can only be a code snippet, and this opens a world of hurt. I'm glad you've opened this topic as I've tried to find ways to solve it, and like you I figure there must be an easier way. But every time a good solution trips up on real life requirements... If you have a viable and well-thought out idea, I'm all ears. I've looked for years and haven't found one. But it won't be the first time I overlook something :-) > > > -------------------------------------------------- > > [router1] > > ## metadata > > connectmethod=ssh > username=x > password=y > passphrase=z > # login prompts > userprompt=User Name: > passprompt=Password: > # command prompt (regex) > commprompt=/>\s*$/ > # enable mode required/exists > # this could even be generalized to any other special modes > # or even issued as a simple cmd[] below > enable=1 > enablecommand=enable > enableprompt=/#\s*$/ > > ## now tell it what to do > > # command after successful login (commprompt seen) > cmd[1]=show configuration > # how to find out when previous command has sent all output? > (default=commprompt) > end[1]=commprompt > # filters on output > filter[1][1]=s/password (.*)/x/ > filter[1][2]=s/bla/blubb/ > > cmd[2]=show version > #end[2]=commprompt (default) > > cmd[3]=show dir > > # instead of using special "enable" statement above, just do it manually here > cmd[4]=enable > end[4]=/#\s*/ > # then do more stuff > > cmd[5]=exit > end[5]=Connection closed. > > -------------------------------------------------- > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Alan McKinnon alan.mckinnon at gmail.com From rdrake at direcpath.com Mon Aug 3 04:12:57 2015 From: rdrake at direcpath.com (Robert Drake) Date: Mon, 3 Aug 2015 00:12:57 -0400 Subject: [rancid] How to extend Rancid. Basics. In-Reply-To: <55BE2E40.8010602@gmail.com> References: <55BC95F7.60506@roth.lu> <55BCADBE.6020406@ale.cx> <55BCB7A3.10405@gmail.com> <55BDF378.60403@gmail.com> <55BE2E40.8010602@gmail.com> Message-ID: <55BEEA49.40405@direcpath.com> Not that the capability exists now, but check out NETCONF/YANG for what could be and then ask your vendors why they can't make something standard. Some of the big players are involved with it but the problem is you're inevitably going to have some big boy gear that supports netconf and then 10 shit-tier vendors that never will. Most ISP's are at least going to have some mission critical gear that needs to be backed up that is going to be built by someone in the shit-tier category. I've got some gear from people who build routing and switching products and still don't have a "show config/show run" of any sort. Their latest product doesn't have a "show ip interface brief" equivalent so you need to either SNMP poll it for interface status, use their dumb management console or use the web frontend. I don't think there will be a good solution within our careers. It would be nice if we could convince vendors that configuration isn't a special thing that requires years of careful study in manuals then specialized testing per platform. The problems are that certifications make the vendors money and keep us locked in to their products, which are generally all just thin software shells around the same set of chips the other guy is using. On 8/2/2015 10:50 AM, Alan McKinnon wrote: > You'd have a regex on the left (no other descriptive language comes > close to a regex) and an action on the right. The trouble is, that > action can only be a code snippet, and this opens a world of hurt. > > I'm glad you've opened this topic as I've tried to find ways to solve > it, and like you I figure there must be an easier way. But every time a > good solution trips up on real life requirements... > > If you have a viable and well-thought out idea, I'm all ears. I've > looked for years and haven't found one. But it won't be the first time I > overlook something:-) From nick at foobar.org Mon Aug 3 14:28:54 2015 From: nick at foobar.org (Nick Hilliard) Date: Mon, 3 Aug 2015 15:28:54 +0100 Subject: [rancid] Brocade TurboIron24 In-Reply-To: References: Message-ID: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> Looks like a .cloginrc problem related to autoenable. Nick Sent from my iWotsit. > On 3 Aug 2015, at 14:59, Pedrosi, Derek G. wrote: > > I?ve tried that to no success? > > The bit of debugging that I can do yielded this? > > root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show chassis;show module;show flash;show running-config" 10.1.1.3 > 10.1.1.3 > spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 > svc_rancid at 10.1.1.3's password: > SSH at DC-TurboIron2# > Error: TIMEOUT reached > root at rancid:/usr/lib/rancid/bin# > > Rancid is able to logon, but no commands are issued? > > > BUT, strangely enough when I do the same command as above with ?clogin? it works as it should. > BUT, if in my ?router.db? I set the type to ?cisco? (which I assume means use clogin) I do get a SVN entry in my repository, but it is blank. > > Trying to get all of the configs. > dc-turboiron2.network.mcps.com: found unexpected command - "dir /all sup-bootflash:" > dc-turboiron2.network.mcps.com: missed cmd(s): dir /all slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all sec-nvram:,show running-config view full,dir /all sec-bootflash:,sho$ > dc-turboiron2.network.mcps.com: End of run not found > ===================================== > > > > > Ps Why do you suggest v7.4.00j > > > Many thanks, > derek > > > > From: Nick Hilliard [mailto:nick at foobar.org] > Sent: Sunday, August 2, 2015 9:15 AM > To: Pedrosi, Derek G. > Cc: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Brocade TurboIron24 > > These are type: "foundry". > > > 7.4.00j would be a good choice for software. > > > Nick > > Sent from my iWotsit. > > On 31 Jul 2015, at 19:11, Pedrosi, Derek G. wrote: > Greetings all, > I have a few of Brocade?s TI24s in my environment. I would like to intergrate them into Rancid with my Cisco gear, but I have not had any luck. Can someone possibly point my in the right direction? > > > Many thanx, > derek > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From pedrosi at millercanfield.com Mon Aug 3 14:42:42 2015 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Mon, 3 Aug 2015 14:42:42 +0000 Subject: [rancid] Brocade TurboIron24 In-Reply-To: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> References: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> Message-ID: My sanitized .cloginrc: root at rancid:/var/lib/rancid# head -50 .cloginrc #XXXX add method * {ssh} add user * svc_rancid add password * StandPW EnablePW add autoenable 1 add autoenable DC-Cisco5525x.network.xxxx.com 0 ________________________________ Derek G Pedrosi | Manager of Technology Infrastructure Miller Canfield Detroit, Michigan 48226 (USA) ________________________________ From: Nick Hilliard [mailto:nick at foobar.org] Sent: Monday, August 03, 2015 10:29 AM To: Pedrosi, Derek G. Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Brocade TurboIron24 Looks like a .cloginrc problem related to autoenable. Nick Sent from my iWotsit. On 3 Aug 2015, at 14:59, Pedrosi, Derek G. > wrote: I?ve tried that to no success? The bit of debugging that I can do yielded this? root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show chassis;show module;show flash;show running-config" 10.1.1.3 10.1.1.3 spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 svc_rancid at 10.1.1.3's password: SSH at DC-TurboIron2# Error: TIMEOUT reached root at rancid:/usr/lib/rancid/bin# Rancid is able to logon, but no commands are issued? BUT, strangely enough when I do the same command as above with ?clogin? it works as it should. BUT, if in my ?router.db? I set the type to ?cisco? (which I assume means use clogin) I do get a SVN entry in my repository, but it is blank. Trying to get all of the configs. dc-turboiron2.network.mcps.com: found unexpected command - "dir /all sup-bootflash:" dc-turboiron2.network.mcps.com: missed cmd(s): dir /all slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all sec-nvram:,show running-config view full,dir /all sec-bootflash:,sho$ dc-turboiron2.network.mcps.com: End of run not found ===================================== Ps Why do you suggest v7.4.00j Many thanks, derek From: Nick Hilliard [mailto:nick at foobar.org] Sent: Sunday, August 2, 2015 9:15 AM To: Pedrosi, Derek G. > Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Brocade TurboIron24 These are type: "foundry". 7.4.00j would be a good choice for software. Nick Sent from my iWotsit. On 31 Jul 2015, at 19:11, Pedrosi, Derek G. > wrote: Greetings all, I have a few of Brocade?s TI24s in my environment. I would like to intergrate them into Rancid with my Cisco gear, but I have not had any luck. Can someone possibly point my in the right direction? Many thanx, derek _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From pedrosi at millercanfield.com Mon Aug 3 13:59:13 2015 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Mon, 3 Aug 2015 13:59:13 +0000 Subject: [rancid] Brocade TurboIron24 Message-ID: I?ve tried that to no success? The bit of debugging that I can do yielded this? root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show chassis;show module;show flash;show running-config" 10.1.1.3 10.1.1.3 spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 svc_rancid at 10.1.1.3's password: SSH at DC-TurboIron2# Error: TIMEOUT reached root at rancid:/usr/lib/rancid/bin# Rancid is able to logon, but no commands are issued? BUT, strangely enough when I do the same command as above with ?clogin? it works as it should. BUT, if in my ?router.db? I set the type to ?cisco? (which I assume means use clogin) I do get a SVN entry in my repository, but it is blank. Trying to get all of the configs. dc-turboiron2.network.mcps.com: found unexpected command - "dir /all sup-bootflash:" dc-turboiron2.network.mcps.com: missed cmd(s): dir /all slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all sec-nvram:,show running-config view full,dir /all sec-bootflash:,sho$ dc-turboiron2.network.mcps.com: End of run not found ===================================== Ps Why do you suggest v7.4.00j Many thanks, derek From: Nick Hilliard [mailto:nick at foobar.org] Sent: Sunday, August 2, 2015 9:15 AM To: Pedrosi, Derek G. Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Brocade TurboIron24 These are type: "foundry". 7.4.00j would be a good choice for software. Nick Sent from my iWotsit. On 31 Jul 2015, at 19:11, Pedrosi, Derek G. wrote: Greetings all, I have a few of Brocade?s TI24s in my environment. I would like to intergrate them into Rancid with my Cisco gear, but I have not had any luck. Can someone possibly point my in the right direction? Many thanx, derek _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Mon Aug 3 19:20:22 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Mon, 3 Aug 2015 21:20:22 +0200 Subject: [rancid] Brocade TurboIron24 In-Reply-To: References: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> Message-ID: <55BFBEF6.4060205@gmail.com> I'd like to check we're all on the same page with regard to autoenable, it's a topic that seems to cause much confusion. It's used when the device enables that user automatically on login with no need to explicitly run the enable command. Are all your devices (with the exception of DC-Cisco5525x.network.xxxx.com) set up to behave like that? On 03/08/2015 16:42, Pedrosi, Derek G. wrote: > My sanitized .cloginrc: > > > > root at rancid:/var/lib/rancid# head -50 .cloginrc > > #XXXX > > > > add method * {ssh} > > add user * svc_rancid > > add password * StandPW EnablePW > > add autoenable 1 > > > > add autoenable DC-Cisco5525x.network.xxxx.com 0 > > > > ------------------------------------------------------------------------ > > *Derek G Pedrosi*| Manager of Technology Infrastructure > > *Miller Canfield* > Detroit, Michigan 48226 (USA) > > ------------------------------------------------------------------------ > > > > > > *From:*Nick Hilliard [mailto:nick at foobar.org] > *Sent:* Monday, August 03, 2015 10:29 AM > *To:* Pedrosi, Derek G. > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Brocade TurboIron24 > > > > Looks like a .cloginrc problem related to autoenable. > > > > Nick > > Sent from my iWotsit. > > > On 3 Aug 2015, at 14:59, Pedrosi, Derek G. > wrote: > > I?ve tried that to no success? > > > > The bit of debugging that I can do yielded this? > > > > root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show > chassis;show module;show flash;show running-config" 10.1.1.3 > > 10.1.1.3 > > spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 > > svc_rancid at 10.1.1.3 's password: > > SSH at DC-TurboIron2# > > Error: TIMEOUT reached > > root at rancid:/usr/lib/rancid/bin# > > > > Rancid is able to logon, but no commands are issued? > > > > > > BUT, strangely enough when I do the same command as above with > ?clogin? it works as it should. > > BUT, if in my ?router.db? I set the type to ?cisco? (which I assume > means use clogin) I do get a SVN entry in my repository, but it is > blank. > > > > Trying to get all of the configs. > > dc-turboiron2.network.mcps.com > : found unexpected command - > "dir /all sup-bootflash:" > > dc-turboiron2.network.mcps.com > : missed cmd(s): dir /all > slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all > sec-nvram:,show running-config view full,dir /all sec-bootflash:,sho$ > > dc-turboiron2.network.mcps.com > : End of run not found > > ===================================== > > > > > > > > > > Ps Why do you suggest v7.4.00j > > > > > > Many thanks, > > derek > > > > > > > > From: Nick Hilliard [mailto:nick at foobar.org] > > Sent: Sunday, August 2, 2015 9:15 AM > > To: Pedrosi, Derek G. > > > Cc: rancid-discuss at shrubbery.net > > Subject: Re: [rancid] Brocade TurboIron24 > > > > These are type: "foundry". > > > > > > 7.4.00j would be a good choice for software. > > > > > > Nick > > > > Sent from my iWotsit. > > > > On 31 Jul 2015, at 19:11, Pedrosi, Derek G. > > wrote: > > Greetings all, > > I have a few of Brocade?s TI24s in my environment. I would like to > intergrate them into Rancid with my Cisco gear, but I have not had > any luck. Can someone possibly point my in the right direction? > > > > > > Many thanx, > > derek > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Alan McKinnon alan.mckinnon at gmail.com From alan.mckinnon at gmail.com Mon Aug 3 19:47:31 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Mon, 3 Aug 2015 21:47:31 +0200 Subject: [rancid] Brocade TurboIron24 In-Reply-To: References: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> <55BFBEF6.4060205@gmail.com> Message-ID: <55BFC553.6020203@gmail.com> OK. In that case your cloginrc is correct. Looking back over the thread, I think you have a simple problem of the wrong device type in router.db Cisco kit is generally of type "cisco" and Brocades of type "foundry". With rancid-2.3.x the separator in that file is ":" With rancid-3.x the separator is ";" This change was made for excellent reasons but has caused much pain and misery :-) Do make sure your router.db is using the correct syntax for your rancid version. I see "unexpected command" errors in your previous posts, that should not happen. I've only seen that when I run the generic cisco script against a Nexus (those use nxrancid) On to which helper script is used for what (there's a LOT of legacy naming issues here, one of the goals of rancid-3 is to fix this). rancid-run launches rancid-fe which reads router.db and launches a "parser script" (my term) for each device to do the heavy lifting. Originally long ago there was only one parser as Cisco was the only thing out there and the parser was called "rancid". As new types were added the parsers were named rancid. So with 2.3.x you have the odd situation where the main parser (Cisco) is called "rancid" but Foundry is "francid". It's a naming quirk. I believe heasley has renamed that parser in v3 to follow convention. clogin is the expect script to do logins and many things use it, not just the Cisco parser. All it needs to do is log in with user/pass, enable if necessary, detect the prompt and issue all required commands. All of this info, including the actual login script to use for a type, is in the parser script. So it's one more oddity, you might have a type "XYZ" with it's own peculiar commands and output so it's parser is xyzrancid. But login works much like cisco (which really is a classic telnet login) so xyz uses clogin![1] To debug a given device, you have to run the correct parser manually. Look up your type in rancid-fe (it's a large hashmap near the top) and run that script on the device with the -d option. You will get debug output including the *login command used. Paste that into your terminal (it's often clogin but not always) and look carefully at what your device is returning. Or post the output so we can help further. [1] I'm used to all this real-life weirdness as I've used rancid so much I don't think much about it anymore. It's only when I type mails like this that I realise just how nuts the field of a netadmin has become :-) On 03/08/2015 21:23, Pedrosi, Derek G. wrote: > Yes. > When I manually logon to my devices (Cisco and Brocade) with said service account I am dropped into an admin command prompt (#). > > > > derek > > > -----Original Message----- > From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Alan McKinnon > Sent: Monday, August 03, 2015 3:20 PM > To: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Brocade TurboIron24 > > I'd like to check we're all on the same page with regard to autoenable, it's a topic that seems to cause much confusion. > > It's used when the device enables that user automatically on login with no need to explicitly run the enable command. > > Are all your devices (with the exception of > DC-Cisco5525x.network.xxxx.com) set up to behave like that? > > > On 03/08/2015 16:42, Pedrosi, Derek G. wrote: >> My sanitized .cloginrc: >> >> >> >> root at rancid:/var/lib/rancid# head -50 .cloginrc >> >> #XXXX >> >> >> >> add method * {ssh} >> >> add user * svc_rancid >> >> add password * StandPW EnablePW >> >> add autoenable 1 >> >> >> >> add autoenable DC-Cisco5525x.network.xxxx.com 0 >> >> >> >> ---------------------------------------------------------------------- >> -- >> >> *Derek G Pedrosi*| Manager of Technology Infrastructure >> >> *Miller Canfield* >> Detroit, Michigan 48226 (USA) >> >> ---------------------------------------------------------------------- >> -- >> >> >> >> >> >> *From:*Nick Hilliard [mailto:nick at foobar.org] >> *Sent:* Monday, August 03, 2015 10:29 AM >> *To:* Pedrosi, Derek G. >> *Cc:* rancid-discuss at shrubbery.net >> *Subject:* Re: [rancid] Brocade TurboIron24 >> >> >> >> Looks like a .cloginrc problem related to autoenable. >> >> >> >> Nick >> >> Sent from my iWotsit. >> >> >> On 3 Aug 2015, at 14:59, Pedrosi, Derek G. > > wrote: >> >> I've tried that to no success... >> >> >> >> The bit of debugging that I can do yielded this... >> >> >> >> root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show >> chassis;show module;show flash;show running-config" 10.1.1.3 >> >> 10.1.1.3 >> >> spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 >> >> svc_rancid at 10.1.1.3 's password: >> >> SSH at DC-TurboIron2# >> >> Error: TIMEOUT reached >> >> root at rancid:/usr/lib/rancid/bin# >> >> >> >> Rancid is able to logon, but no commands are issued? >> >> >> >> >> >> BUT, strangely enough when I do the same command as above with >> "clogin" it works as it should. >> >> BUT, if in my "router.db" I set the type to "cisco" (which I assume >> means use clogin) I do get a SVN entry in my repository, but it is >> blank. >> >> >> >> Trying to get all of the configs. >> >> dc-turboiron2.network.mcps.com >> : found unexpected command - >> "dir /all sup-bootflash:" >> >> dc-turboiron2.network.mcps.com >> : missed cmd(s): dir /all >> slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all >> sec-nvram:,show running-config view full,dir /all >> sec-bootflash:,sho$ >> >> dc-turboiron2.network.mcps.com >> : End of run not found >> >> ===================================== >> >> >> >> >> >> >> >> >> >> Ps Why do you suggest v7.4.00j >> >> >> >> >> >> Many thanks, >> >> derek >> >> >> >> >> >> >> >> From: Nick Hilliard [mailto:nick at foobar.org] >> >> Sent: Sunday, August 2, 2015 9:15 AM >> >> To: Pedrosi, Derek G. > > >> >> Cc: rancid-discuss at shrubbery.net >> >> >> Subject: Re: [rancid] Brocade TurboIron24 >> >> >> >> These are type: "foundry". >> >> >> >> >> >> 7.4.00j would be a good choice for software. >> >> >> >> >> >> Nick >> >> >> >> Sent from my iWotsit. >> >> >> >> On 31 Jul 2015, at 19:11, Pedrosi, Derek G. >> > wrote: >> >> Greetings all, >> >> I have a few of Brocade's TI24s in my environment. I would like to >> intergrate them into Rancid with my Cisco gear, but I have not had >> any luck. Can someone possibly point my in the right direction? >> >> >> >> >> >> Many thanx, >> >> derek >> >> _______________________________________________ >> >> Rancid-discuss mailing list >> >> Rancid-discuss at shrubbery.net >> >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Alan McKinnon alan.mckinnon at gmail.com From pedrosi at millercanfield.com Mon Aug 3 19:23:19 2015 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Mon, 3 Aug 2015 19:23:19 +0000 Subject: [rancid] Brocade TurboIron24 In-Reply-To: <55BFBEF6.4060205@gmail.com> References: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> <55BFBEF6.4060205@gmail.com> Message-ID: Yes. When I manually logon to my devices (Cisco and Brocade) with said service account I am dropped into an admin command prompt (#). derek -----Original Message----- From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Alan McKinnon Sent: Monday, August 03, 2015 3:20 PM To: rancid-discuss at shrubbery.net Subject: Re: [rancid] Brocade TurboIron24 I'd like to check we're all on the same page with regard to autoenable, it's a topic that seems to cause much confusion. It's used when the device enables that user automatically on login with no need to explicitly run the enable command. Are all your devices (with the exception of DC-Cisco5525x.network.xxxx.com) set up to behave like that? On 03/08/2015 16:42, Pedrosi, Derek G. wrote: > My sanitized .cloginrc: > > > > root at rancid:/var/lib/rancid# head -50 .cloginrc > > #XXXX > > > > add method * {ssh} > > add user * svc_rancid > > add password * StandPW EnablePW > > add autoenable 1 > > > > add autoenable DC-Cisco5525x.network.xxxx.com 0 > > > > ---------------------------------------------------------------------- > -- > > *Derek G Pedrosi*| Manager of Technology Infrastructure > > *Miller Canfield* > Detroit, Michigan 48226 (USA) > > ---------------------------------------------------------------------- > -- > > > > > > *From:*Nick Hilliard [mailto:nick at foobar.org] > *Sent:* Monday, August 03, 2015 10:29 AM > *To:* Pedrosi, Derek G. > *Cc:* rancid-discuss at shrubbery.net > *Subject:* Re: [rancid] Brocade TurboIron24 > > > > Looks like a .cloginrc problem related to autoenable. > > > > Nick > > Sent from my iWotsit. > > > On 3 Aug 2015, at 14:59, Pedrosi, Derek G. > wrote: > > I've tried that to no success... > > > > The bit of debugging that I can do yielded this... > > > > root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show > chassis;show module;show flash;show running-config" 10.1.1.3 > > 10.1.1.3 > > spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 > > svc_rancid at 10.1.1.3 's password: > > SSH at DC-TurboIron2# > > Error: TIMEOUT reached > > root at rancid:/usr/lib/rancid/bin# > > > > Rancid is able to logon, but no commands are issued? > > > > > > BUT, strangely enough when I do the same command as above with > "clogin" it works as it should. > > BUT, if in my "router.db" I set the type to "cisco" (which I assume > means use clogin) I do get a SVN entry in my repository, but it is > blank. > > > > Trying to get all of the configs. > > dc-turboiron2.network.mcps.com > : found unexpected command - > "dir /all sup-bootflash:" > > dc-turboiron2.network.mcps.com > : missed cmd(s): dir /all > slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all > sec-nvram:,show running-config view full,dir /all > sec-bootflash:,sho$ > > dc-turboiron2.network.mcps.com > : End of run not found > > ===================================== > > > > > > > > > > Ps Why do you suggest v7.4.00j > > > > > > Many thanks, > > derek > > > > > > > > From: Nick Hilliard [mailto:nick at foobar.org] > > Sent: Sunday, August 2, 2015 9:15 AM > > To: Pedrosi, Derek G. > > > Cc: rancid-discuss at shrubbery.net > > > Subject: Re: [rancid] Brocade TurboIron24 > > > > These are type: "foundry". > > > > > > 7.4.00j would be a good choice for software. > > > > > > Nick > > > > Sent from my iWotsit. > > > > On 31 Jul 2015, at 19:11, Pedrosi, Derek G. > > wrote: > > Greetings all, > > I have a few of Brocade's TI24s in my environment. I would like to > intergrate them into Rancid with my Cisco gear, but I have not had > any luck. Can someone possibly point my in the right direction? > > > > > > Many thanx, > > derek > > _______________________________________________ > > Rancid-discuss mailing list > > Rancid-discuss at shrubbery.net > > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Alan McKinnon alan.mckinnon at gmail.com _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss From pedrosi at millercanfield.com Tue Aug 4 16:03:26 2015 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Tue, 4 Aug 2015 16:03:26 +0000 Subject: [rancid] Brocade TurboIron24 In-Reply-To: <55BFC553.6020203@gmail.com> References: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> <55BFBEF6.4060205@gmail.com> <55BFC553.6020203@gmail.com> Message-ID: OK, >From the "rancid-fe" file, it looks like I'm running Rancid 2.3.8. The switches SNMP OS string is "Brocade FastIron/IronWare 08.0.01eT201", but I know these switches are based on Brocade's Foundry acquisition. So I will run francid. Here is the output... root at rancid:/var/lib/rancid/bin# francid -d DC-TurboIron2.network.XXX.com executing flogin -t 90 -c"show version;show chassis;show module;show flash;write term;show running-config" DC-TurboIron2.network.XXXX.com DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show module,show flash,show version,show running-config,write term DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show module,show flash,show version,show running-config,write term DC-TurboIron2.network.XXXX.com: End of run not found 0 || 0 DC-TurboIron2.network.XXXX.com: End of run not found DC-TurboIron2.network.XXXX.com: End of run not found ! root at rancid:/var/lib/rancid/bin# I am able to SSH the device without issue from the rancid box using the rancid credentials. And my router.db is correct, listed as " DC-TurboIron2.network.XXXX.com:foundry:up' Thank you for your assistance. derek -----Original Message----- From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] Sent: Monday, August 03, 2015 3:48 PM To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net Subject: Re: [rancid] Brocade TurboIron24 OK. In that case your cloginrc is correct. Looking back over the thread, I think you have a simple problem of the wrong device type in router.db Cisco kit is generally of type "cisco" and Brocades of type "foundry". With rancid-2.3.x the separator in that file is ":" With rancid-3.x the separator is ";" This change was made for excellent reasons but has caused much pain and misery :-) Do make sure your router.db is using the correct syntax for your rancid version. I see "unexpected command" errors in your previous posts, that should not happen. I've only seen that when I run the generic cisco script against a Nexus (those use nxrancid) On to which helper script is used for what (there's a LOT of legacy naming issues here, one of the goals of rancid-3 is to fix this). rancid-run launches rancid-fe which reads router.db and launches a "parser script" (my term) for each device to do the heavy lifting. Originally long ago there was only one parser as Cisco was the only thing out there and the parser was called "rancid". As new types were added the parsers were named rancid. So with 2.3.x you have the odd situation where the main parser (Cisco) is called "rancid" but Foundry is "francid". It's a naming quirk. I believe heasley has renamed that parser in v3 to follow convention. clogin is the expect script to do logins and many things use it, not just the Cisco parser. All it needs to do is log in with user/pass, enable if necessary, detect the prompt and issue all required commands. All of this info, including the actual login script to use for a type, is in the parser script. So it's one more oddity, you might have a type "XYZ" with it's own peculiar commands and output so it's parser is xyzrancid. But login works much like cisco (which really is a classic telnet login) so xyz uses clogin![1] To debug a given device, you have to run the correct parser manually. Look up your type in rancid-fe (it's a large hashmap near the top) and run that script on the device with the -d option. You will get debug output including the *login command used. Paste that into your terminal (it's often clogin but not always) and look carefully at what your device is returning. Or post the output so we can help further. [1] I'm used to all this real-life weirdness as I've used rancid so much I don't think much about it anymore. It's only when I type mails like this that I realise just how nuts the field of a netadmin has become :-) On 03/08/2015 21:23, Pedrosi, Derek G. wrote: > Yes. > When I manually logon to my devices (Cisco and Brocade) with said service account I am dropped into an admin command prompt (#). > > > > derek > > > -----Original Message----- > From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On > Behalf Of Alan McKinnon > Sent: Monday, August 03, 2015 3:20 PM > To: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Brocade TurboIron24 > > I'd like to check we're all on the same page with regard to autoenable, it's a topic that seems to cause much confusion. > > It's used when the device enables that user automatically on login with no need to explicitly run the enable command. > > Are all your devices (with the exception of > DC-Cisco5525x.network.xxxx.com) set up to behave like that? > > > On 03/08/2015 16:42, Pedrosi, Derek G. wrote: >> My sanitized .cloginrc: >> >> >> >> root at rancid:/var/lib/rancid# head -50 .cloginrc >> >> #XXXX >> >> >> >> add method * {ssh} >> >> add user * svc_rancid >> >> add password * StandPW EnablePW >> >> add autoenable 1 >> >> >> >> add autoenable DC-Cisco5525x.network.xxxx.com 0 >> >> >> >> --------------------------------------------------------------------- >> - >> -- >> >> *Derek G Pedrosi*| Manager of Technology Infrastructure >> >> *Miller Canfield* >> Detroit, Michigan 48226 (USA) >> >> --------------------------------------------------------------------- >> - >> -- >> >> >> >> >> >> *From:*Nick Hilliard [mailto:nick at foobar.org] >> *Sent:* Monday, August 03, 2015 10:29 AM >> *To:* Pedrosi, Derek G. >> *Cc:* rancid-discuss at shrubbery.net >> *Subject:* Re: [rancid] Brocade TurboIron24 >> >> >> >> Looks like a .cloginrc problem related to autoenable. >> >> >> >> Nick >> >> Sent from my iWotsit. >> >> >> On 3 Aug 2015, at 14:59, Pedrosi, Derek G. >> > wrote: >> >> I've tried that to no success... >> >> >> >> The bit of debugging that I can do yielded this... >> >> >> >> root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show >> chassis;show module;show flash;show running-config" 10.1.1.3 >> >> 10.1.1.3 >> >> spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 >> >> svc_rancid at 10.1.1.3 's password: >> >> SSH at DC-TurboIron2# >> >> Error: TIMEOUT reached >> >> root at rancid:/usr/lib/rancid/bin# >> >> >> >> Rancid is able to logon, but no commands are issued? >> >> >> >> >> >> BUT, strangely enough when I do the same command as above with >> "clogin" it works as it should. >> >> BUT, if in my "router.db" I set the type to "cisco" (which I assume >> means use clogin) I do get a SVN entry in my repository, but it is >> blank. >> >> >> >> Trying to get all of the configs. >> >> dc-turboiron2.network.mcps.com >> : found unexpected command - >> "dir /all sup-bootflash:" >> >> dc-turboiron2.network.mcps.com >> : missed cmd(s): dir /all >> slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all >> sec-nvram:,show running-config view full,dir /all >> sec-bootflash:,sho$ >> >> dc-turboiron2.network.mcps.com >> : End of run not found >> >> ===================================== >> >> >> >> >> >> >> >> >> >> Ps Why do you suggest v7.4.00j >> >> >> >> >> >> Many thanks, >> >> derek >> >> >> >> >> >> >> >> From: Nick Hilliard [mailto:nick at foobar.org] >> >> Sent: Sunday, August 2, 2015 9:15 AM >> >> To: Pedrosi, Derek G. > > >> >> Cc: rancid-discuss at shrubbery.net >> >> >> Subject: Re: [rancid] Brocade TurboIron24 >> >> >> >> These are type: "foundry". >> >> >> >> >> >> 7.4.00j would be a good choice for software. >> >> >> >> >> >> Nick >> >> >> >> Sent from my iWotsit. >> >> >> >> On 31 Jul 2015, at 19:11, Pedrosi, Derek G. >> > wrote: >> >> Greetings all, >> >> I have a few of Brocade's TI24s in my environment. I would like to >> intergrate them into Rancid with my Cisco gear, but I have not had >> any luck. Can someone possibly point my in the right direction? >> >> >> >> >> >> Many thanx, >> >> derek >> >> _______________________________________________ >> >> Rancid-discuss mailing list >> >> Rancid-discuss at shrubbery.net >> >> >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Alan McKinnon alan.mckinnon at gmail.com From chris at node-nine.com Tue Aug 4 21:14:34 2015 From: chris at node-nine.com (Chris Moody) Date: Tue, 04 Aug 2015 14:14:34 -0700 Subject: [rancid] Grab the f5 UCS file and check it into CVS In-Reply-To: References: Message-ID: <55C12B3A.8050008@node-nine.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 UCS files are just "fancy tarballs" of various bits on an F5 (configs, certs, etc). As such, they are self-contained entities. I wrote a separate routine to generate and back up datestamped UCS files across all my client's F5's. These lent themselves to quick restoration of a failed/replaced unit. RANCID's place on the other hand was not so much for copy/paste type config restores (as one would do on say, a Cisco IOS node), but more from the perspective of change tracking across the enterprise. - -Chris On 8/1/15 8:02 PM, Matt Almgren wrote: > Resending as I didn't see this make it to the mailing list. > > > -- > > Matt Almgren, Sr. Networking Engineer > > 101 Lytton Ave., Palo Alto. CA 94301 > > matta at surveymonkey.com > > 408.499.9669 > > > > ---------------------------------------------------------------------- - -- > > *From:* Matt Almgren > *Sent:* Saturday, August 1, 2015 4:06 PM *To:* > rancid-discuss at shrubbery.net *Subject:* Grab the f5 UCS file and > check it into CVS > > > Is there any way Rancid can grab the UCS file from an f5 and then > store that in CVS? I'm sure I can figure out a way to issue the > command. But I'm not sure how to dump it (is it even in text?) and > then store it into CVS. > > > Thanks! > > > -- > > Matt Almgren, Sr. Networking Engineer > > 101 Lytton Ave., Palo Alto. CA 94301 > > matta at surveymonkey.com > > 408.499.9669 > > > > _______________________________________________ Rancid-discuss > mailing list Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQEcBAEBCgAGBQJVwSs6AAoJEOO37M6Idh8NL1UIAIXqjVuSWr8LsJcNIKPtjDiS cEl+bS4lYgyf51Q6aDTUQ9Qlac4wC8NPEqS4vG6TVAQOmj4Bf8Fg6jZaboei1C9B 9b0LMXTYkHWRsc6p66x5/6SO2uDmJUn7MVDQcCPoWaeljEYunsUXn1UUYmQsMSHx M1ku3mV3+nyFmviRQECUiIn7DOVRI6Smc85ABeozPrn0yi6OGHJpETJb2WNtHcn/ hOFwpxIFzJtBqFXWGO6wN9AYFd0WVnpv9WwxRnoQ5BrqL1/SMyivM+zt0tszhWCJ OW5fp9MR9fcE+vLS21It4jMq5cQHmrNoWbvVhSCO2SCK/i8VNyEbZoytz52gbHY= =VWye -----END PGP SIGNATURE----- From matta at surveymonkey.com Tue Aug 4 22:31:19 2015 From: matta at surveymonkey.com (Matt Almgren) Date: Tue, 4 Aug 2015 22:31:19 +0000 Subject: [rancid] Grab the f5 UCS file and check it into CVS In-Reply-To: References: , , Message-ID: I just stumbled across this. It might work better than Rancid since it's pushing the config tarballs out. https://devcentral.f5.com/wiki/AdvDesignConfig.LTM_Backup_Shell_Script.ashx?lc=1#_Script_-_backup_cron_scriptvBBsh__6 -- Matt ________________________________ From: Matt Almgren Sent: Tuesday, August 4, 2015 3:17 PM To: Deny IP Any Any; rancid-discuss at shrubbery.net Subject: Re: [rancid] Grab the f5 UCS file and check it into CVS Yes, it's a compressed file. I'm not looking to check it in to CVS. Perhaps just add something to the script to grab it and store the last 7 days worth. This might not even be remotely related to rancid, but thought I'd pose the question here before diving into scripting this myself. -- Matt ________________________________ From: Deny IP Any Any Sent: Tuesday, August 4, 2015 7:43 AM To: Matt Almgren Subject: Re: [rancid] Grab the f5 UCS file and check it into CVS the ucs files appear to be gzip'ed tarballs. $ file f5-backup-12Jun2015-0301.ucs f5-backup-12Jun2015-0301.ucs: gzip compressed data, was "configsync-2.0-1-Linux-2.6.1816", from Unix, last modified: Fri Jun 12 03:01:06 2015, max speed On Sat, Aug 1, 2015 at 7:06 PM, Matt Almgren > wrote: Is there any way Rancid can grab the UCS file from an f5 and then store that in CVS? I'm sure I can figure out a way to issue the command. But I'm not sure how to dump it (is it even in text?) and then store it into CVS. Thanks! -- Matt Almgren, Sr. Networking Engineer 101 Lytton Ave., Palo Alto. CA 94301 matta at surveymonkey.com 408.499.9669 _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -- deny ip any any (4393649193 matches) -------------- next part -------------- An HTML attachment was scrubbed... URL: From matta at surveymonkey.com Tue Aug 4 22:17:11 2015 From: matta at surveymonkey.com (Matt Almgren) Date: Tue, 4 Aug 2015 22:17:11 +0000 Subject: [rancid] Grab the f5 UCS file and check it into CVS In-Reply-To: References: , Message-ID: Yes, it's a compressed file. I'm not looking to check it in to CVS. Perhaps just add something to the script to grab it and store the last 7 days worth. This might not even be remotely related to rancid, but thought I'd pose the question here before diving into scripting this myself. -- Matt ________________________________ From: Deny IP Any Any Sent: Tuesday, August 4, 2015 7:43 AM To: Matt Almgren Subject: Re: [rancid] Grab the f5 UCS file and check it into CVS the ucs files appear to be gzip'ed tarballs. $ file f5-backup-12Jun2015-0301.ucs f5-backup-12Jun2015-0301.ucs: gzip compressed data, was "configsync-2.0-1-Linux-2.6.1816", from Unix, last modified: Fri Jun 12 03:01:06 2015, max speed On Sat, Aug 1, 2015 at 7:06 PM, Matt Almgren > wrote: Is there any way Rancid can grab the UCS file from an f5 and then store that in CVS? I'm sure I can figure out a way to issue the command. But I'm not sure how to dump it (is it even in text?) and then store it into CVS. Thanks! -- Matt Almgren, Sr. Networking Engineer 101 Lytton Ave., Palo Alto. CA 94301 matta at surveymonkey.com 408.499.9669 _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -- deny ip any any (4393649193 matches) -------------- next part -------------- An HTML attachment was scrubbed... URL: From jm+rancid at roth.lu Wed Aug 5 11:38:27 2015 From: jm+rancid at roth.lu (Marki) Date: Wed, 5 Aug 2015 11:38:27 +0000 (UTC) Subject: [rancid] IOS interfaces (show controllers) reappear after rancid upgrade Message-ID: Hi, I noticed a thing going from Rancid 2.3 to 3.2. For ISDN PRIs rancid checks in a change every time a connection is up when rancid is checking: !Interface: Serial0/0/0:27, HDLC32 In fact, I checked our old repos and there were no more "!Interface" lines at all since 2011. That must have been the time when we upgraded to 2.3. (Bug or feature?) It seems to be getting this from "show controllers": ... Interface Serial0/0/0:15 Hardware is HDLC32 ... I have tried to compare bin/rancid in 2.3 and lib/rancid/ios.pm in 3.2 and I fail to see why this seems to work differently. Anyone have an idea? (Note: In this case the control channel Serial0/0/0:15, HDLC32 is always there.) Bye, Marki From alan.mckinnon at gmail.com Wed Aug 5 12:07:17 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 5 Aug 2015 14:07:17 +0200 Subject: [rancid] IOS interfaces (show controllers) reappear after rancid upgrade In-Reply-To: References: Message-ID: <55C1FC75.1070105@gmail.com> On 05/08/2015 13:38, Marki wrote: > Hi, > > I noticed a thing going from Rancid 2.3 to 3.2. > > For ISDN PRIs rancid checks in a change every time a connection is up when > rancid is checking: > > !Interface: Serial0/0/0:27, HDLC32 > > In fact, I checked our old repos and there were no more "!Interface" lines > at all since 2011. That must have been the time when we upgraded to 2.3. > (Bug or feature?) > > It seems to be getting this from "show controllers": > > ... > Interface Serial0/0/0:15 > Hardware is HDLC32 > ... > > I have tried to compare bin/rancid in 2.3 and lib/rancid/ios.pm in 3.2 and I > fail to see why this seems to work differently. Anyone have an idea? > > (Note: In this case the control channel Serial0/0/0:15, HDLC32 is always there.) What 2.3 version were you running? 2.3.8 should be doing the same as 3.2, here is the 2.3.8 code that does it: # This routine parses "show controllers" sub ShowContAll { # ... while () { if (/^Interface ([^ \n(]*)/) { $INT = "$1, "; next; } # ... /^Hardware is (.*)/ && ProcessHistory("INT","","","!Interface: $INT$1\n") && next; # ... Possibly you were running a 2.3 that did not have that code? -- Alan McKinnon alan.mckinnon at gmail.com From jm+rancid at roth.lu Wed Aug 5 12:45:22 2015 From: jm+rancid at roth.lu (Marki) Date: Wed, 5 Aug 2015 12:45:22 +0000 (UTC) Subject: [rancid] IOS interfaces (show controllers) reappear after rancid upgrade References: <55C1FC75.1070105@gmail.com> Message-ID: Alan McKinnon gmail.com> writes: > > What 2.3 version were you running? > > 2.3.8 should be doing the same as 3.2, here is the 2.3.8 code that does it: Hmm, it was 2.3.6 I believe. Doesn't matter, ok, so it's there now/again, and we have to deal with it. Can we add something to get rid of the PRI interfaces (up/down on-demand)? I have included this now in our rancid: # Remove dynamic PRI interfaces if (/^Hardware is HDLC32/) { if ($INT =~ /Serial[\d\/]+\d:(\d+), /) { $1!=15 && next; } } right before the part above. Seems to work for me. Feel free to use/include the snippet. From alan.mckinnon at gmail.com Wed Aug 5 13:01:18 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 5 Aug 2015 15:01:18 +0200 Subject: [rancid] IOS interfaces (show controllers) reappear after rancid upgrade In-Reply-To: References: <55C1FC75.1070105@gmail.com> Message-ID: <55C2091E.10405@gmail.com> On 05/08/2015 14:45, Marki wrote: > Alan McKinnon gmail.com> writes: > >> >> What 2.3 version were you running? >> >> 2.3.8 should be doing the same as 3.2, here is the 2.3.8 code that does it: > > > Hmm, it was 2.3.6 I believe. Doesn't matter, ok, so it's there now/again, > and we have to deal with it. > > Can we add something to get rid of the PRI interfaces (up/down on-demand)? > > I have included this now in our rancid: > > # Remove dynamic PRI interfaces > if (/^Hardware is HDLC32/) { > if ($INT =~ /Serial[\d\/]+\d:(\d+), /) { > $1!=15 && next; > } > } > > right before the part above. Seems to work for me. > Feel free to use/include the snippet. That will work :-) Foe heasley to add this to upstream, you might want to reply and expound a little on how IOS lists these dynamic PRIs, with some output snippets. This is so it will work best for the general case. -- Alan McKinnon alan.mckinnon at gmail.com From alan.mckinnon at gmail.com Wed Aug 5 14:09:56 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 5 Aug 2015 16:09:56 +0200 Subject: [rancid] Brocade TurboIron24 In-Reply-To: References: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> <55BFBEF6.4060205@gmail.com> <55BFC553.6020203@gmail.com> Message-ID: <55C21934.2020204@gmail.com> According to the various scripts, flogin is the correct usage, but it's failing to return successfully (looks like it waits 90 seconds then times out). We need to find why flogin does not work for you. What happens when you run these commands: flogin DC-TurboIron2.network.XXXX.com clogin DC-TurboIron2.network.XXXX.com On 04/08/2015 18:03, Pedrosi, Derek G. wrote: > > OK, > From the "rancid-fe" file, it looks like I'm running Rancid 2.3.8. > The switches SNMP OS string is "Brocade FastIron/IronWare 08.0.01eT201", but I know these switches are based on Brocade's Foundry acquisition. So I will run francid. > > Here is the output... > > root at rancid:/var/lib/rancid/bin# francid -d DC-TurboIron2.network.XXX.com > executing flogin -t 90 -c"show version;show chassis;show module;show flash;write term;show running-config" DC-TurboIron2.network.XXXX.com > DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached > DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached > DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show module,show flash,show version,show running-config,write term > DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show module,show flash,show version,show running-config,write term > DC-TurboIron2.network.XXXX.com: End of run not found 0 || 0 > DC-TurboIron2.network.XXXX.com: End of run not found > DC-TurboIron2.network.XXXX.com: End of run not found > ! > root at rancid:/var/lib/rancid/bin# > > > I am able to SSH the device without issue from the rancid box using the rancid credentials. > And my router.db is correct, listed as " DC-TurboIron2.network.XXXX.com:foundry:up' > > > Thank you for your assistance. > > derek > > -----Original Message----- > From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] > Sent: Monday, August 03, 2015 3:48 PM > To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Brocade TurboIron24 > > OK. In that case your cloginrc is correct. > > Looking back over the thread, I think you have a simple problem of the wrong device type in router.db > > Cisco kit is generally of type "cisco" and Brocades of type "foundry". > With rancid-2.3.x the separator in that file is ":" > With rancid-3.x the separator is ";" > This change was made for excellent reasons but has caused much pain and misery :-) Do make sure your router.db is using the correct syntax for your rancid version. > > I see "unexpected command" errors in your previous posts, that should not happen. I've only seen that when I run the generic cisco script against a Nexus (those use nxrancid) > > > On to which helper script is used for what (there's a LOT of legacy naming issues here, one of the goals of rancid-3 is to fix this). > > rancid-run launches rancid-fe which reads router.db and launches a "parser script" (my term) for each device to do the heavy lifting. > > Originally long ago there was only one parser as Cisco was the only thing out there and the parser was called "rancid". As new types were added the parsers were named rancid. So with 2.3.x you have the odd situation where the main parser (Cisco) is called "rancid" but Foundry is "francid". It's a naming quirk. > > I believe heasley has renamed that parser in v3 to follow convention. > > clogin is the expect script to do logins and many things use it, not just the Cisco parser. All it needs to do is log in with user/pass, enable if necessary, detect the prompt and issue all required commands. > All of this info, including the actual login script to use for a type, is in the parser script. So it's one more oddity, you might have a type "XYZ" with it's own peculiar commands and output so it's parser is xyzrancid. But login works much like cisco (which really is a classic telnet login) so xyz uses clogin![1] > > To debug a given device, you have to run the correct parser manually. > Look up your type in rancid-fe (it's a large hashmap near the top) and run that script on the device with the -d option. > You will get debug output including the *login command used. > Paste that into your terminal (it's often clogin but not always) and look carefully at what your device is returning. > > Or post the output so we can help further. > > > > [1] I'm used to all this real-life weirdness as I've used rancid so much I don't think much about it anymore. It's only when I type mails like this that I realise just how nuts the field of a netadmin has become :-) > > > > > > On 03/08/2015 21:23, Pedrosi, Derek G. wrote: >> Yes. >> When I manually logon to my devices (Cisco and Brocade) with said service account I am dropped into an admin command prompt (#). >> >> >> >> derek >> >> >> -----Original Message----- >> From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On >> Behalf Of Alan McKinnon >> Sent: Monday, August 03, 2015 3:20 PM >> To: rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Brocade TurboIron24 >> >> I'd like to check we're all on the same page with regard to autoenable, it's a topic that seems to cause much confusion. >> >> It's used when the device enables that user automatically on login with no need to explicitly run the enable command. >> >> Are all your devices (with the exception of >> DC-Cisco5525x.network.xxxx.com) set up to behave like that? >> >> >> On 03/08/2015 16:42, Pedrosi, Derek G. wrote: >>> My sanitized .cloginrc: >>> >>> >>> >>> root at rancid:/var/lib/rancid# head -50 .cloginrc >>> >>> #XXXX >>> >>> >>> >>> add method * {ssh} >>> >>> add user * svc_rancid >>> >>> add password * StandPW EnablePW >>> >>> add autoenable 1 >>> >>> >>> >>> add autoenable DC-Cisco5525x.network.xxxx.com 0 >>> >>> >>> >>> --------------------------------------------------------------------- >>> - >>> -- >>> >>> *Derek G Pedrosi*| Manager of Technology Infrastructure >>> >>> *Miller Canfield* >>> Detroit, Michigan 48226 (USA) >>> >>> --------------------------------------------------------------------- >>> - >>> -- >>> >>> >>> >>> >>> >>> *From:*Nick Hilliard [mailto:nick at foobar.org] >>> *Sent:* Monday, August 03, 2015 10:29 AM >>> *To:* Pedrosi, Derek G. >>> *Cc:* rancid-discuss at shrubbery.net >>> *Subject:* Re: [rancid] Brocade TurboIron24 >>> >>> >>> >>> Looks like a .cloginrc problem related to autoenable. >>> >>> >>> >>> Nick >>> >>> Sent from my iWotsit. >>> >>> >>> On 3 Aug 2015, at 14:59, Pedrosi, Derek G. >>> > wrote: >>> >>> I've tried that to no success... >>> >>> >>> >>> The bit of debugging that I can do yielded this... >>> >>> >>> >>> root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show >>> chassis;show module;show flash;show running-config" 10.1.1.3 >>> >>> 10.1.1.3 >>> >>> spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 >>> >>> svc_rancid at 10.1.1.3 's password: >>> >>> SSH at DC-TurboIron2# >>> >>> Error: TIMEOUT reached >>> >>> root at rancid:/usr/lib/rancid/bin# >>> >>> >>> >>> Rancid is able to logon, but no commands are issued? >>> >>> >>> >>> >>> >>> BUT, strangely enough when I do the same command as above with >>> "clogin" it works as it should. >>> >>> BUT, if in my "router.db" I set the type to "cisco" (which I assume >>> means use clogin) I do get a SVN entry in my repository, but it is >>> blank. >>> >>> >>> >>> Trying to get all of the configs. >>> >>> dc-turboiron2.network.mcps.com >>> : found unexpected command - >>> "dir /all sup-bootflash:" >>> >>> dc-turboiron2.network.mcps.com >>> : missed cmd(s): dir /all >>> slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all >>> sec-nvram:,show running-config view full,dir /all >>> sec-bootflash:,sho$ >>> >>> dc-turboiron2.network.mcps.com >>> : End of run not found >>> >>> ===================================== >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> Ps Why do you suggest v7.4.00j >>> >>> >>> >>> >>> >>> Many thanks, >>> >>> derek >>> >>> >>> >>> >>> >>> >>> >>> From: Nick Hilliard [mailto:nick at foobar.org] >>> >>> Sent: Sunday, August 2, 2015 9:15 AM >>> >>> To: Pedrosi, Derek G. >> > >>> >>> Cc: rancid-discuss at shrubbery.net >>> >>> >>> Subject: Re: [rancid] Brocade TurboIron24 >>> >>> >>> >>> These are type: "foundry". >>> >>> >>> >>> >>> >>> 7.4.00j would be a good choice for software. >>> >>> >>> >>> >>> >>> Nick >>> >>> >>> >>> Sent from my iWotsit. >>> >>> >>> >>> On 31 Jul 2015, at 19:11, Pedrosi, Derek G. >>> > wrote: >>> >>> Greetings all, >>> >>> I have a few of Brocade's TI24s in my environment. I would like to >>> intergrate them into Rancid with my Cisco gear, but I have not had >>> any luck. Can someone possibly point my in the right direction? >>> >>> >>> >>> >>> >>> Many thanx, >>> >>> derek >>> >>> _______________________________________________ >>> >>> Rancid-discuss mailing list >>> >>> Rancid-discuss at shrubbery.net >>> >>> >>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>> >>> >>> >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>> >> >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > -- Alan McKinnon alan.mckinnon at gmail.com From pedrosi at millercanfield.com Wed Aug 5 15:40:22 2015 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Wed, 5 Aug 2015 15:40:22 +0000 Subject: [rancid] Brocade TurboIron24 In-Reply-To: <55C21934.2020204@gmail.com> References: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> <55BFBEF6.4060205@gmail.com> <55BFC553.6020203@gmail.com> <55C21934.2020204@gmail.com> Message-ID: Help me rancid mailing list, you are my only hope... ___________________________________________________________ flogin DC-TurboIron2.network.XXXX.com dc-turboiron2.network.XXXX.com spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com svc_rancid at dc-turboiron2.network.XXXX.com's password: SSH at DC-TurboIron2# Error: TIMEOUT reached root at rancid:/var/lib/rancid# ___________________________________________________________ clogin DC-TurboIron2.network.XXXX.com dc-turboiron2.network.XXXX.com spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com svc_rancid at dc-turboiron2.network.XXXX.com's password: SSH at DC-TurboIron2# It seems to just hang here forever.... ___________________________________________________________ But, if I try... flogin -t 30 -c "show version;show flash" dc-turboiron2.network.XXXX.com spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com svc_rancid at dc-turboiron2.network.XXXX.com's password: SSH at DC-TurboIron2# Error: TIMEOUT reached ___________________________________________________________ clogin -t 30 -c "show version;show flash" dc-turboiron2.network.XXXX.com dc-turboiron2.network.XXXX.com spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com svc_rancid at dc-turboiron2.network.XXXX.com's password: SSH at DC-TurboIron2# SSH at DC-TurboIron2#terminal length 0 Invalid input -> terminal length 0 Type ? for a list SSH at DC-TurboIron2#terminal width 132 Invalid input -> terminal width 132 Type ? for a list SSH at DC-TurboIron2#show version SW: Version x.x.xxx Copyright (c) 1996-2013 Brocade Communications Systems, Inc. All rights reserved. Compiled on xxx xxxxx (xxxxx bytes) from Primary Compressed Boot-Monitor Image size = 369366, Version:xxxxx HW: Stackable TurboIron-X24 ========================================================================== Serial #: xxxxxxxxxxxxxxxxxxx P-ASIC 0: type B820, rev 11 subrev 00 ========================================================================== 825 MHz Power PC processor MPC8541E (version 8020/0020) 330 MHz bus 512 KB boot flash memory 31744 KB code flash memory 512 MB DRAM The system uptime is 4 days 12 hours 24 minutes 55 seconds The system started at 23:04:36 Eastern Fri Jul 31 2015 The system : started=warm start reloaded=by "reload" SSH at DC-TurboIron2#show flash Compressed Pri Code size = xxxxxxxxxxxxxxxxxxxxxx Compressed Sec Code size = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Compressed Boot-Monitor Image size = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Code Flash Free Space = 20447232 BEST regards, derek -----Original Message----- From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] Sent: Wednesday, August 05, 2015 10:10 AM To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net Subject: Re: [rancid] Brocade TurboIron24 According to the various scripts, flogin is the correct usage, but it's failing to return successfully (looks like it waits 90 seconds then times out). We need to find why flogin does not work for you. What happens when you run these commands: flogin DC-TurboIron2.network.XXXX.com clogin DC-TurboIron2.network.XXXX.com On 04/08/2015 18:03, Pedrosi, Derek G. wrote: > > OK, > From the "rancid-fe" file, it looks like I'm running Rancid 2.3.8. > The switches SNMP OS string is "Brocade FastIron/IronWare 08.0.01eT201", but I know these switches are based on Brocade's Foundry acquisition. So I will run francid. > > Here is the output... > > root at rancid:/var/lib/rancid/bin# francid -d > DC-TurboIron2.network.XXX.com executing flogin -t 90 -c"show > version;show chassis;show module;show flash;write term;show > running-config" DC-TurboIron2.network.XXXX.com > DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached > DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached > DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show > module,show flash,show version,show running-config,write term > DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show > module,show flash,show version,show running-config,write term > DC-TurboIron2.network.XXXX.com: End of run not found 0 || 0 > DC-TurboIron2.network.XXXX.com: End of run not found > DC-TurboIron2.network.XXXX.com: End of run not found ! > root at rancid:/var/lib/rancid/bin# > > > I am able to SSH the device without issue from the rancid box using the rancid credentials. > And my router.db is correct, listed as " DC-TurboIron2.network.XXXX.com:foundry:up' > > > Thank you for your assistance. > > derek > > -----Original Message----- > From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] > Sent: Monday, August 03, 2015 3:48 PM > To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Brocade TurboIron24 > > OK. In that case your cloginrc is correct. > > Looking back over the thread, I think you have a simple problem of the > wrong device type in router.db > > Cisco kit is generally of type "cisco" and Brocades of type "foundry". > With rancid-2.3.x the separator in that file is ":" > With rancid-3.x the separator is ";" > This change was made for excellent reasons but has caused much pain and misery :-) Do make sure your router.db is using the correct syntax for your rancid version. > > I see "unexpected command" errors in your previous posts, that should > not happen. I've only seen that when I run the generic cisco script > against a Nexus (those use nxrancid) > > > On to which helper script is used for what (there's a LOT of legacy naming issues here, one of the goals of rancid-3 is to fix this). > > rancid-run launches rancid-fe which reads router.db and launches a "parser script" (my term) for each device to do the heavy lifting. > > Originally long ago there was only one parser as Cisco was the only thing out there and the parser was called "rancid". As new types were added the parsers were named rancid. So with 2.3.x you have the odd situation where the main parser (Cisco) is called "rancid" but Foundry is "francid". It's a naming quirk. > > I believe heasley has renamed that parser in v3 to follow convention. > > clogin is the expect script to do logins and many things use it, not just the Cisco parser. All it needs to do is log in with user/pass, enable if necessary, detect the prompt and issue all required commands. > All of this info, including the actual login script to use for a type, > is in the parser script. So it's one more oddity, you might have a > type "XYZ" with it's own peculiar commands and output so it's parser > is xyzrancid. But login works much like cisco (which really is a > classic telnet login) so xyz uses clogin![1] > > To debug a given device, you have to run the correct parser manually. > Look up your type in rancid-fe (it's a large hashmap near the top) and run that script on the device with the -d option. > You will get debug output including the *login command used. > Paste that into your terminal (it's often clogin but not always) and look carefully at what your device is returning. > > Or post the output so we can help further. > > > > [1] I'm used to all this real-life weirdness as I've used rancid so > much I don't think much about it anymore. It's only when I type mails > like this that I realise just how nuts the field of a netadmin has > become :-) > > > > > > On 03/08/2015 21:23, Pedrosi, Derek G. wrote: >> Yes. >> When I manually logon to my devices (Cisco and Brocade) with said service account I am dropped into an admin command prompt (#). >> >> >> >> derek >> >> >> -----Original Message----- >> From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On >> Behalf Of Alan McKinnon >> Sent: Monday, August 03, 2015 3:20 PM >> To: rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Brocade TurboIron24 >> >> I'd like to check we're all on the same page with regard to autoenable, it's a topic that seems to cause much confusion. >> >> It's used when the device enables that user automatically on login with no need to explicitly run the enable command. >> >> Are all your devices (with the exception of >> DC-Cisco5525x.network.xxxx.com) set up to behave like that? >> >> >> On 03/08/2015 16:42, Pedrosi, Derek G. wrote: >>> My sanitized .cloginrc: >>> >>> >>> >>> root at rancid:/var/lib/rancid# head -50 .cloginrc >>> >>> #XXXX >>> >>> >>> >>> add method * {ssh} >>> >>> add user * svc_rancid >>> >>> add password * StandPW EnablePW >>> >>> add autoenable 1 >>> >>> >>> >>> add autoenable DC-Cisco5525x.network.xxxx.com 0 >>> >>> >>> >>> -------------------------------------------------------------------- >>> - >>> - >>> -- >>> >>> *Derek G Pedrosi*| Manager of Technology Infrastructure >>> >>> *Miller Canfield* >>> Detroit, Michigan 48226 (USA) >>> >>> -------------------------------------------------------------------- >>> - >>> - >>> -- >>> >>> >>> >>> >>> >>> *From:*Nick Hilliard [mailto:nick at foobar.org] >>> *Sent:* Monday, August 03, 2015 10:29 AM >>> *To:* Pedrosi, Derek G. >>> *Cc:* rancid-discuss at shrubbery.net >>> *Subject:* Re: [rancid] Brocade TurboIron24 >>> >>> >>> >>> Looks like a .cloginrc problem related to autoenable. >>> >>> >>> >>> Nick >>> >>> Sent from my iWotsit. >>> >>> >>> On 3 Aug 2015, at 14:59, Pedrosi, Derek G. >>> > wrote: >>> >>> I've tried that to no success... >>> >>> >>> >>> The bit of debugging that I can do yielded this... >>> >>> >>> >>> root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show >>> chassis;show module;show flash;show running-config" 10.1.1.3 >>> >>> 10.1.1.3 >>> >>> spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 >>> >>> svc_rancid at 10.1.1.3 's password: >>> >>> SSH at DC-TurboIron2# >>> >>> Error: TIMEOUT reached >>> >>> root at rancid:/usr/lib/rancid/bin# >>> >>> >>> >>> Rancid is able to logon, but no commands are issued? >>> >>> >>> >>> >>> >>> BUT, strangely enough when I do the same command as above with >>> "clogin" it works as it should. >>> >>> BUT, if in my "router.db" I set the type to "cisco" (which I assume >>> means use clogin) I do get a SVN entry in my repository, but it is >>> blank. >>> >>> >>> >>> Trying to get all of the configs. >>> >>> dc-turboiron2.network.XXXX.com >>> : found unexpected command - >>> "dir /all sup-bootflash:" >>> >>> dc-turboiron2.network.XXXX.com >>> : missed cmd(s): dir /all >>> slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all >>> sec-nvram:,show running-config view full,dir /all >>> sec-bootflash:,sho$ >>> >>> dc-turboiron2.network.XXXX.com >>> : End of run not found >>> >>> ===================================== >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> Ps Why do you suggest v7.4.00j >>> >>> >>> >>> >>> >>> Many thanks, >>> >>> derek >>> >>> >>> >>> >>> >>> >>> >>> From: Nick Hilliard [mailto:nick at foobar.org] >>> >>> Sent: Sunday, August 2, 2015 9:15 AM >>> >>> To: Pedrosi, Derek G. >> > >>> >>> Cc: rancid-discuss at shrubbery.net >>> >>> >>> Subject: Re: [rancid] Brocade TurboIron24 >>> >>> >>> >>> These are type: "foundry". >>> >>> >>> >>> >>> >>> 7.4.00j would be a good choice for software. >>> >>> >>> >>> >>> >>> Nick >>> >>> >>> >>> Sent from my iWotsit. >>> >>> >>> >>> On 31 Jul 2015, at 19:11, Pedrosi, Derek G. >>> > wrote: >>> >>> Greetings all, >>> >>> I have a few of Brocade's TI24s in my environment. I would like to >>> intergrate them into Rancid with my Cisco gear, but I have not had >>> any luck. Can someone possibly point my in the right direction? >>> >>> >>> >>> >>> >>> Many thanx, >>> >>> derek >>> >>> _______________________________________________ >>> >>> Rancid-discuss mailing list >>> >>> Rancid-discuss at shrubbery.net >>> >>> >>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>> >>> >>> >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>> >> >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > -- Alan McKinnon alan.mckinnon at gmail.com From alan.mckinnon at gmail.com Wed Aug 5 18:28:27 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 5 Aug 2015 20:28:27 +0200 Subject: [rancid] Brocade TurboIron24 In-Reply-To: References: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> <55BFBEF6.4060205@gmail.com> <55BFC553.6020203@gmail.com> <55C21934.2020204@gmail.com> Message-ID: <55C255CB.4000909@gmail.com> How odd. ssh was launched 4 times and only the last time worked (clogin using ssh -c). I'm not willing just yet to say that flogin doesn't work on your devices, I have a hunch that the 4th command just happened to work, and that ssh is erratic for you. I've heard occasional reports where this causes issues between linux distros, and my spidey sense is still on alert about it :-) There have been changes in ssh recently, mostly dropping and deprecating old crypto methods. It could be that ssh on your rancid server is not properly compatible with your device and it works sometimes. If you are willing, the following test would be useful: Run flogin and clogin, both with and without "-t 30 -c "show version;show flash" " (plus plain ssh to the device) multiple times, around 10-20 each. See if there's a pattern of some kind. Once we get ssh working reliably, then we can move onto which parser script to use. On 05/08/2015 17:40, Pedrosi, Derek G. wrote: > Help me rancid mailing list, you are my only hope... > > > ___________________________________________________________ > flogin DC-TurboIron2.network.XXXX.com > dc-turboiron2.network.XXXX.com > spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com > svc_rancid at dc-turboiron2.network.XXXX.com's password: > SSH at DC-TurboIron2# > Error: TIMEOUT reached > root at rancid:/var/lib/rancid# > ___________________________________________________________ > clogin DC-TurboIron2.network.XXXX.com > dc-turboiron2.network.XXXX.com > spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com > svc_rancid at dc-turboiron2.network.XXXX.com's password: > SSH at DC-TurboIron2# > It seems to just hang here forever.... > ___________________________________________________________ > But, if I try... > flogin -t 30 -c "show version;show flash" dc-turboiron2.network.XXXX.com > spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com > svc_rancid at dc-turboiron2.network.XXXX.com's password: > SSH at DC-TurboIron2# > Error: TIMEOUT reached > ___________________________________________________________ > > clogin -t 30 -c "show version;show flash" dc-turboiron2.network.XXXX.com > dc-turboiron2.network.XXXX.com > spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com > svc_rancid at dc-turboiron2.network.XXXX.com's password: > SSH at DC-TurboIron2# > SSH at DC-TurboIron2#terminal length 0 > Invalid input -> terminal length 0 > Type ? for a list > SSH at DC-TurboIron2#terminal width 132 > Invalid input -> terminal width 132 > Type ? for a list > SSH at DC-TurboIron2#show version > SW: Version x.x.xxx Copyright (c) 1996-2013 Brocade Communications Systems, Inc. All rights reserved. > Compiled on xxx xxxxx > (xxxxx bytes) from Primary > Compressed Boot-Monitor Image size = 369366, Version:xxxxx > HW: Stackable TurboIron-X24 > ========================================================================== > Serial #: xxxxxxxxxxxxxxxxxxx > P-ASIC 0: type B820, rev 11 subrev 00 > ========================================================================== > 825 MHz Power PC processor MPC8541E (version 8020/0020) 330 MHz bus > 512 KB boot flash memory > 31744 KB code flash memory > 512 MB DRAM > The system uptime is 4 days 12 hours 24 minutes 55 seconds > The system started at 23:04:36 Eastern Fri Jul 31 2015 > > The system : started=warm start reloaded=by "reload" > > SSH at DC-TurboIron2#show flash > Compressed Pri Code size = xxxxxxxxxxxxxxxxxxxxxx > Compressed Sec Code size = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > Compressed Boot-Monitor Image size = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > Code Flash Free Space = 20447232 > > > > > BEST regards, > derek > > > > > -----Original Message----- > From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] > Sent: Wednesday, August 05, 2015 10:10 AM > To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Brocade TurboIron24 > > According to the various scripts, flogin is the correct usage, but it's failing to return successfully (looks like it waits 90 seconds then times out). > > We need to find why flogin does not work for you. > > What happens when you run these commands: > > flogin DC-TurboIron2.network.XXXX.com > clogin DC-TurboIron2.network.XXXX.com > > > > On 04/08/2015 18:03, Pedrosi, Derek G. wrote: >> >> OK, >> From the "rancid-fe" file, it looks like I'm running Rancid 2.3.8. >> The switches SNMP OS string is "Brocade FastIron/IronWare 08.0.01eT201", but I know these switches are based on Brocade's Foundry acquisition. So I will run francid. >> >> Here is the output... >> >> root at rancid:/var/lib/rancid/bin# francid -d >> DC-TurboIron2.network.XXX.com executing flogin -t 90 -c"show >> version;show chassis;show module;show flash;write term;show >> running-config" DC-TurboIron2.network.XXXX.com >> DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached >> DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached >> DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show >> module,show flash,show version,show running-config,write term >> DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show >> module,show flash,show version,show running-config,write term >> DC-TurboIron2.network.XXXX.com: End of run not found 0 || 0 >> DC-TurboIron2.network.XXXX.com: End of run not found >> DC-TurboIron2.network.XXXX.com: End of run not found ! >> root at rancid:/var/lib/rancid/bin# >> >> >> I am able to SSH the device without issue from the rancid box using the rancid credentials. >> And my router.db is correct, listed as " DC-TurboIron2.network.XXXX.com:foundry:up' >> >> >> Thank you for your assistance. >> >> derek >> >> -----Original Message----- >> From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] >> Sent: Monday, August 03, 2015 3:48 PM >> To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Brocade TurboIron24 >> >> OK. In that case your cloginrc is correct. >> >> Looking back over the thread, I think you have a simple problem of the >> wrong device type in router.db >> >> Cisco kit is generally of type "cisco" and Brocades of type "foundry". >> With rancid-2.3.x the separator in that file is ":" >> With rancid-3.x the separator is ";" >> This change was made for excellent reasons but has caused much pain and misery :-) Do make sure your router.db is using the correct syntax for your rancid version. >> >> I see "unexpected command" errors in your previous posts, that should >> not happen. I've only seen that when I run the generic cisco script >> against a Nexus (those use nxrancid) >> >> >> On to which helper script is used for what (there's a LOT of legacy naming issues here, one of the goals of rancid-3 is to fix this). >> >> rancid-run launches rancid-fe which reads router.db and launches a "parser script" (my term) for each device to do the heavy lifting. >> >> Originally long ago there was only one parser as Cisco was the only thing out there and the parser was called "rancid". As new types were added the parsers were named rancid. So with 2.3.x you have the odd situation where the main parser (Cisco) is called "rancid" but Foundry is "francid". It's a naming quirk. >> >> I believe heasley has renamed that parser in v3 to follow convention. >> >> clogin is the expect script to do logins and many things use it, not just the Cisco parser. All it needs to do is log in with user/pass, enable if necessary, detect the prompt and issue all required commands. >> All of this info, including the actual login script to use for a type, >> is in the parser script. So it's one more oddity, you might have a >> type "XYZ" with it's own peculiar commands and output so it's parser >> is xyzrancid. But login works much like cisco (which really is a >> classic telnet login) so xyz uses clogin![1] >> >> To debug a given device, you have to run the correct parser manually. >> Look up your type in rancid-fe (it's a large hashmap near the top) and run that script on the device with the -d option. >> You will get debug output including the *login command used. >> Paste that into your terminal (it's often clogin but not always) and look carefully at what your device is returning. >> >> Or post the output so we can help further. >> >> >> >> [1] I'm used to all this real-life weirdness as I've used rancid so >> much I don't think much about it anymore. It's only when I type mails >> like this that I realise just how nuts the field of a netadmin has >> become :-) >> >> >> >> >> >> On 03/08/2015 21:23, Pedrosi, Derek G. wrote: >>> Yes. >>> When I manually logon to my devices (Cisco and Brocade) with said service account I am dropped into an admin command prompt (#). >>> >>> >>> >>> derek >>> >>> >>> -----Original Message----- >>> From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On >>> Behalf Of Alan McKinnon >>> Sent: Monday, August 03, 2015 3:20 PM >>> To: rancid-discuss at shrubbery.net >>> Subject: Re: [rancid] Brocade TurboIron24 >>> >>> I'd like to check we're all on the same page with regard to autoenable, it's a topic that seems to cause much confusion. >>> >>> It's used when the device enables that user automatically on login with no need to explicitly run the enable command. >>> >>> Are all your devices (with the exception of >>> DC-Cisco5525x.network.xxxx.com) set up to behave like that? >>> >>> >>> On 03/08/2015 16:42, Pedrosi, Derek G. wrote: >>>> My sanitized .cloginrc: >>>> >>>> >>>> >>>> root at rancid:/var/lib/rancid# head -50 .cloginrc >>>> >>>> #XXXX >>>> >>>> >>>> >>>> add method * {ssh} >>>> >>>> add user * svc_rancid >>>> >>>> add password * StandPW EnablePW >>>> >>>> add autoenable 1 >>>> >>>> >>>> >>>> add autoenable DC-Cisco5525x.network.xxxx.com 0 >>>> >>>> >>>> >>>> -------------------------------------------------------------------- >>>> - >>>> - >>>> -- >>>> >>>> *Derek G Pedrosi*| Manager of Technology Infrastructure >>>> >>>> *Miller Canfield* >>>> Detroit, Michigan 48226 (USA) >>>> >>>> -------------------------------------------------------------------- >>>> - >>>> - >>>> -- >>>> >>>> >>>> >>>> >>>> >>>> *From:*Nick Hilliard [mailto:nick at foobar.org] >>>> *Sent:* Monday, August 03, 2015 10:29 AM >>>> *To:* Pedrosi, Derek G. >>>> *Cc:* rancid-discuss at shrubbery.net >>>> *Subject:* Re: [rancid] Brocade TurboIron24 >>>> >>>> >>>> >>>> Looks like a .cloginrc problem related to autoenable. >>>> >>>> >>>> >>>> Nick >>>> >>>> Sent from my iWotsit. >>>> >>>> >>>> On 3 Aug 2015, at 14:59, Pedrosi, Derek G. >>>> > wrote: >>>> >>>> I've tried that to no success... >>>> >>>> >>>> >>>> The bit of debugging that I can do yielded this... >>>> >>>> >>>> >>>> root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show >>>> chassis;show module;show flash;show running-config" 10.1.1.3 >>>> >>>> 10.1.1.3 >>>> >>>> spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 >>>> >>>> svc_rancid at 10.1.1.3 's password: >>>> >>>> SSH at DC-TurboIron2# >>>> >>>> Error: TIMEOUT reached >>>> >>>> root at rancid:/usr/lib/rancid/bin# >>>> >>>> >>>> >>>> Rancid is able to logon, but no commands are issued? >>>> >>>> >>>> >>>> >>>> >>>> BUT, strangely enough when I do the same command as above with >>>> "clogin" it works as it should. >>>> >>>> BUT, if in my "router.db" I set the type to "cisco" (which I assume >>>> means use clogin) I do get a SVN entry in my repository, but it is >>>> blank. >>>> >>>> >>>> >>>> Trying to get all of the configs. >>>> >>>> dc-turboiron2.network.XXXX.com >>>> : found unexpected command - >>>> "dir /all sup-bootflash:" >>>> >>>> dc-turboiron2.network.XXXX.com >>>> : missed cmd(s): dir /all >>>> slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all >>>> sec-nvram:,show running-config view full,dir /all >>>> sec-bootflash:,sho$ >>>> >>>> dc-turboiron2.network.XXXX.com >>>> : End of run not found >>>> >>>> ===================================== >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> Ps Why do you suggest v7.4.00j >>>> >>>> >>>> >>>> >>>> >>>> Many thanks, >>>> >>>> derek >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> From: Nick Hilliard [mailto:nick at foobar.org] >>>> >>>> Sent: Sunday, August 2, 2015 9:15 AM >>>> >>>> To: Pedrosi, Derek G. >>> > >>>> >>>> Cc: rancid-discuss at shrubbery.net >>>> >>>> >>>> Subject: Re: [rancid] Brocade TurboIron24 >>>> >>>> >>>> >>>> These are type: "foundry". >>>> >>>> >>>> >>>> >>>> >>>> 7.4.00j would be a good choice for software. >>>> >>>> >>>> >>>> >>>> >>>> Nick >>>> >>>> >>>> >>>> Sent from my iWotsit. >>>> >>>> >>>> >>>> On 31 Jul 2015, at 19:11, Pedrosi, Derek G. >>>> > wrote: >>>> >>>> Greetings all, >>>> >>>> I have a few of Brocade's TI24s in my environment. I would like to >>>> intergrate them into Rancid with my Cisco gear, but I have not had >>>> any luck. Can someone possibly point my in the right direction? >>>> >>>> >>>> >>>> >>>> >>>> Many thanx, >>>> >>>> derek >>>> >>>> _______________________________________________ >>>> >>>> Rancid-discuss mailing list >>>> >>>> Rancid-discuss at shrubbery.net >>>> >>>> >>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>>> >>>> >>>> >>>> _______________________________________________ >>>> Rancid-discuss mailing list >>>> Rancid-discuss at shrubbery.net >>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>>> >>> >>> >>> -- >>> Alan McKinnon >>> alan.mckinnon at gmail.com >>> >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>> >> >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > -- Alan McKinnon alan.mckinnon at gmail.com From alan.mckinnon at gmail.com Wed Aug 5 20:27:33 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 5 Aug 2015 22:27:33 +0200 Subject: [rancid] Brocade TurboIron24 In-Reply-To: References: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> <55BFBEF6.4060205@gmail.com> <55BFC553.6020203@gmail.com> <55C21934.2020204@gmail.com> <55C255CB.4000909@gmail.com> Message-ID: <55C271B5.2020501@gmail.com> Ah, that is significant. After all that, we may have overlooked an error in .cloginrc. What does yours look like? Is the 4th entry still add autoenable 1 if so, it needs to be add autoenable * 1 and the following line for DC-Cisco5525x.network.xxxx.com needs to be before, not after. .cloginrc is not processed as best match wins, it is first match wins. So * is a default and goes at the end of the list. If you have corrected .cloginrc already, then you have a faulty rancid install. Un-install it, verify all code is gone and your local files are intact, the reinstall. If that doesn't fix it, then your distro has given you an unsuitable dependant code package, quite likely expect. On 05/08/2015 22:14, Pedrosi, Derek G. wrote: > I'm afraid that SSH is quite operational... > > > SSH seems to be working just fine. All of my Cisco gear (50+ devices) have no issues, moreover when I SSH from the CLI to the Brocades using my rancid credentials I have no issue (works everytime). > > Something else interesting, is that I spun up a new install of 2.3.8 (same version as my production) and flogin works as expexted! So I copied the "working" flogin and to my production server, but no luck. Same results with error TIMEOUT. Does this shine any light on all of this? > > > > > derek > > > > -----Original Message----- > From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] > Sent: Wednesday, August 05, 2015 2:28 PM > To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Brocade TurboIron24 > > How odd. ssh was launched 4 times and only the last time worked (clogin using ssh -c). > > I'm not willing just yet to say that flogin doesn't work on your devices, I have a hunch that the 4th command just happened to work, and that ssh is erratic for you. I've heard occasional reports where this causes issues between linux distros, and my spidey sense is still on alert about it :-) > > There have been changes in ssh recently, mostly dropping and deprecating old crypto methods. It could be that ssh on your rancid server is not properly compatible with your device and it works sometimes. > > If you are willing, the following test would be useful: > > Run flogin and clogin, both with and without "-t 30 -c "show version;show flash" " (plus plain ssh to the device) multiple times, around 10-20 each. See if there's a pattern of some kind. Once we get ssh working reliably, then we can move onto which parser script to use. > > > > > > On 05/08/2015 17:40, Pedrosi, Derek G. wrote: >> Help me rancid mailing list, you are my only hope... >> >> >> ___________________________________________________________ >> flogin DC-TurboIron2.network.XXXX.com >> dc-turboiron2.network.XXXX.com >> spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com >> svc_rancid at dc-turboiron2.network.XXXX.com's password: >> SSH at DC-TurboIron2# >> Error: TIMEOUT reached >> root at rancid:/var/lib/rancid# >> ___________________________________________________________ >> clogin DC-TurboIron2.network.XXXX.com >> dc-turboiron2.network.XXXX.com >> spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com >> svc_rancid at dc-turboiron2.network.XXXX.com's password: >> SSH at DC-TurboIron2# >> It seems to just hang here forever.... >> ___________________________________________________________ >> But, if I try... >> flogin -t 30 -c "show version;show flash" >> dc-turboiron2.network.XXXX.com spawn ssh -c 3des -x -l svc_rancid >> dc-turboiron2.network.XXXX.com svc_rancid at dc-turboiron2.network.XXXX.com's password: >> SSH at DC-TurboIron2# >> Error: TIMEOUT reached >> ___________________________________________________________ >> >> clogin -t 30 -c "show version;show flash" >> dc-turboiron2.network.XXXX.com dc-turboiron2.network.XXXX.com spawn >> ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com >> svc_rancid at dc-turboiron2.network.XXXX.com's password: >> SSH at DC-TurboIron2# >> SSH at DC-TurboIron2#terminal length 0 >> Invalid input -> terminal length 0 >> Type ? for a list >> SSH at DC-TurboIron2#terminal width 132 >> Invalid input -> terminal width 132 >> Type ? for a list >> SSH at DC-TurboIron2#show version >> SW: Version x.x.xxx Copyright (c) 1996-2013 Brocade Communications Systems, Inc. All rights reserved. >> Compiled on xxx xxxxx >> (xxxxx bytes) from Primary >> Compressed Boot-Monitor Image size = 369366, Version:xxxxx >> HW: Stackable TurboIron-X24 >> ========================================================================== >> Serial #: xxxxxxxxxxxxxxxxxxx >> P-ASIC 0: type B820, rev 11 subrev 00 >> ========================================================================== >> 825 MHz Power PC processor MPC8541E (version 8020/0020) 330 MHz bus >> 512 KB boot flash memory >> 31744 KB code flash memory >> 512 MB DRAM >> The system uptime is 4 days 12 hours 24 minutes 55 seconds The system >> started at 23:04:36 Eastern Fri Jul 31 2015 >> >> The system : started=warm start reloaded=by "reload" >> >> SSH at DC-TurboIron2#show flash >> Compressed Pri Code size = xxxxxxxxxxxxxxxxxxxxxx Compressed Sec Code >> size = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >> Compressed Boot-Monitor Image size = >> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >> Code Flash Free Space = 20447232 >> >> >> >> >> BEST regards, >> derek >> >> >> >> >> -----Original Message----- >> From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] >> Sent: Wednesday, August 05, 2015 10:10 AM >> To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Brocade TurboIron24 >> >> According to the various scripts, flogin is the correct usage, but it's failing to return successfully (looks like it waits 90 seconds then times out). >> >> We need to find why flogin does not work for you. >> >> What happens when you run these commands: >> >> flogin DC-TurboIron2.network.XXXX.com >> clogin DC-TurboIron2.network.XXXX.com >> >> >> >> On 04/08/2015 18:03, Pedrosi, Derek G. wrote: >>> >>> OK, >>> From the "rancid-fe" file, it looks like I'm running Rancid 2.3.8. >>> The switches SNMP OS string is "Brocade FastIron/IronWare 08.0.01eT201", but I know these switches are based on Brocade's Foundry acquisition. So I will run francid. >>> >>> Here is the output... >>> >>> root at rancid:/var/lib/rancid/bin# francid -d >>> DC-TurboIron2.network.XXX.com executing flogin -t 90 -c"show >>> version;show chassis;show module;show flash;write term;show >>> running-config" DC-TurboIron2.network.XXXX.com >>> DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached >>> DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached >>> DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show >>> module,show flash,show version,show running-config,write term >>> DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show >>> module,show flash,show version,show running-config,write term >>> DC-TurboIron2.network.XXXX.com: End of run not found 0 || 0 >>> DC-TurboIron2.network.XXXX.com: End of run not found >>> DC-TurboIron2.network.XXXX.com: End of run not found ! >>> root at rancid:/var/lib/rancid/bin# >>> >>> >>> I am able to SSH the device without issue from the rancid box using the rancid credentials. >>> And my router.db is correct, listed as " DC-TurboIron2.network.XXXX.com:foundry:up' >>> >>> >>> Thank you for your assistance. >>> >>> derek >>> >>> -----Original Message----- >>> From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] >>> Sent: Monday, August 03, 2015 3:48 PM >>> To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net >>> Subject: Re: [rancid] Brocade TurboIron24 >>> >>> OK. In that case your cloginrc is correct. >>> >>> Looking back over the thread, I think you have a simple problem of >>> the wrong device type in router.db >>> >>> Cisco kit is generally of type "cisco" and Brocades of type "foundry". >>> With rancid-2.3.x the separator in that file is ":" >>> With rancid-3.x the separator is ";" >>> This change was made for excellent reasons but has caused much pain and misery :-) Do make sure your router.db is using the correct syntax for your rancid version. >>> >>> I see "unexpected command" errors in your previous posts, that should >>> not happen. I've only seen that when I run the generic cisco script >>> against a Nexus (those use nxrancid) >>> >>> >>> On to which helper script is used for what (there's a LOT of legacy naming issues here, one of the goals of rancid-3 is to fix this). >>> >>> rancid-run launches rancid-fe which reads router.db and launches a "parser script" (my term) for each device to do the heavy lifting. >>> >>> Originally long ago there was only one parser as Cisco was the only thing out there and the parser was called "rancid". As new types were added the parsers were named rancid. So with 2.3.x you have the odd situation where the main parser (Cisco) is called "rancid" but Foundry is "francid". It's a naming quirk. >>> >>> I believe heasley has renamed that parser in v3 to follow convention. >>> >>> clogin is the expect script to do logins and many things use it, not just the Cisco parser. All it needs to do is log in with user/pass, enable if necessary, detect the prompt and issue all required commands. >>> All of this info, including the actual login script to use for a >>> type, is in the parser script. So it's one more oddity, you might >>> have a type "XYZ" with it's own peculiar commands and output so it's >>> parser is xyzrancid. But login works much like cisco (which really is >>> a classic telnet login) so xyz uses clogin![1] >>> >>> To debug a given device, you have to run the correct parser manually. >>> Look up your type in rancid-fe (it's a large hashmap near the top) and run that script on the device with the -d option. >>> You will get debug output including the *login command used. >>> Paste that into your terminal (it's often clogin but not always) and look carefully at what your device is returning. >>> >>> Or post the output so we can help further. >>> >>> >>> >>> [1] I'm used to all this real-life weirdness as I've used rancid so >>> much I don't think much about it anymore. It's only when I type mails >>> like this that I realise just how nuts the field of a netadmin has >>> become :-) >>> >>> >>> >>> >>> >>> On 03/08/2015 21:23, Pedrosi, Derek G. wrote: >>>> Yes. >>>> When I manually logon to my devices (Cisco and Brocade) with said service account I am dropped into an admin command prompt (#). >>>> >>>> >>>> >>>> derek >>>> >>>> >>>> -----Original Message----- >>>> From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] >>>> On Behalf Of Alan McKinnon >>>> Sent: Monday, August 03, 2015 3:20 PM >>>> To: rancid-discuss at shrubbery.net >>>> Subject: Re: [rancid] Brocade TurboIron24 >>>> >>>> I'd like to check we're all on the same page with regard to autoenable, it's a topic that seems to cause much confusion. >>>> >>>> It's used when the device enables that user automatically on login with no need to explicitly run the enable command. >>>> >>>> Are all your devices (with the exception of >>>> DC-Cisco5525x.network.xxxx.com) set up to behave like that? >>>> >>>> >>>> On 03/08/2015 16:42, Pedrosi, Derek G. wrote: >>>>> My sanitized .cloginrc: >>>>> >>>>> >>>>> >>>>> root at rancid:/var/lib/rancid# head -50 .cloginrc >>>>> >>>>> #XXXX >>>>> >>>>> >>>>> >>>>> add method * {ssh} >>>>> >>>>> add user * svc_rancid >>>>> >>>>> add password * StandPW EnablePW >>>>> >>>>> add autoenable 1 >>>>> >>>>> >>>>> >>>>> add autoenable DC-Cisco5525x.network.xxxx.com 0 >>>>> >>>>> >>>>> >>>>> ------------------------------------------------------------------- >>>>> - >>>>> - >>>>> - >>>>> -- >>>>> >>>>> *Derek G Pedrosi*| Manager of Technology Infrastructure >>>>> >>>>> *Miller Canfield* >>>>> Detroit, Michigan 48226 (USA) >>>>> >>>>> ------------------------------------------------------------------- >>>>> - >>>>> - >>>>> - >>>>> -- >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> *From:*Nick Hilliard [mailto:nick at foobar.org] >>>>> *Sent:* Monday, August 03, 2015 10:29 AM >>>>> *To:* Pedrosi, Derek G. >>>>> *Cc:* rancid-discuss at shrubbery.net >>>>> *Subject:* Re: [rancid] Brocade TurboIron24 >>>>> >>>>> >>>>> >>>>> Looks like a .cloginrc problem related to autoenable. >>>>> >>>>> >>>>> >>>>> Nick >>>>> >>>>> Sent from my iWotsit. >>>>> >>>>> >>>>> On 3 Aug 2015, at 14:59, Pedrosi, Derek G. >>>>> > wrote: >>>>> >>>>> I've tried that to no success... >>>>> >>>>> >>>>> >>>>> The bit of debugging that I can do yielded this... >>>>> >>>>> >>>>> >>>>> root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show >>>>> chassis;show module;show flash;show running-config" 10.1.1.3 >>>>> >>>>> 10.1.1.3 >>>>> >>>>> spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 >>>>> >>>>> svc_rancid at 10.1.1.3 's password: >>>>> >>>>> SSH at DC-TurboIron2# >>>>> >>>>> Error: TIMEOUT reached >>>>> >>>>> root at rancid:/usr/lib/rancid/bin# >>>>> >>>>> >>>>> >>>>> Rancid is able to logon, but no commands are issued? >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> BUT, strangely enough when I do the same command as above with >>>>> "clogin" it works as it should. >>>>> >>>>> BUT, if in my "router.db" I set the type to "cisco" (which I assume >>>>> means use clogin) I do get a SVN entry in my repository, but it is >>>>> blank. >>>>> >>>>> >>>>> >>>>> Trying to get all of the configs. >>>>> >>>>> dc-turboiron2.network.XXXX.com >>>>> : found unexpected command - >>>>> "dir /all sup-bootflash:" >>>>> >>>>> dc-turboiron2.network.XXXX.com >>>>> : missed cmd(s): dir /all >>>>> slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all >>>>> sec-nvram:,show running-config view full,dir /all >>>>> sec-bootflash:,sho$ >>>>> >>>>> dc-turboiron2.network.XXXX.com >>>>> : End of run not found >>>>> >>>>> ===================================== >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Ps Why do you suggest v7.4.00j >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Many thanks, >>>>> >>>>> derek >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> From: Nick Hilliard [mailto:nick at foobar.org] >>>>> >>>>> Sent: Sunday, August 2, 2015 9:15 AM >>>>> >>>>> To: Pedrosi, Derek G. >>>> > >>>>> >>>>> Cc: rancid-discuss at shrubbery.net >>>>> >>>>> >>>>> Subject: Re: [rancid] Brocade TurboIron24 >>>>> >>>>> >>>>> >>>>> These are type: "foundry". >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> 7.4.00j would be a good choice for software. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Nick >>>>> >>>>> >>>>> >>>>> Sent from my iWotsit. >>>>> >>>>> >>>>> >>>>> On 31 Jul 2015, at 19:11, Pedrosi, Derek G. >>>>> > wrote: >>>>> >>>>> Greetings all, >>>>> >>>>> I have a few of Brocade's TI24s in my environment. I would like to >>>>> intergrate them into Rancid with my Cisco gear, but I have not had >>>>> any luck. Can someone possibly point my in the right direction? >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Many thanx, >>>>> >>>>> derek >>>>> >>>>> _______________________________________________ >>>>> >>>>> Rancid-discuss mailing list >>>>> >>>>> Rancid-discuss at shrubbery.net >>>>> >>>>> >>>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Rancid-discuss mailing list >>>>> Rancid-discuss at shrubbery.net >>>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>>>> >>>> >>>> >>>> -- >>>> Alan McKinnon >>>> alan.mckinnon at gmail.com >>>> >>>> _______________________________________________ >>>> Rancid-discuss mailing list >>>> Rancid-discuss at shrubbery.net >>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>>> >>> >>> >>> -- >>> Alan McKinnon >>> alan.mckinnon at gmail.com >>> >> >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > -- Alan McKinnon alan.mckinnon at gmail.com From pedrosi at millercanfield.com Wed Aug 5 20:14:13 2015 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Wed, 5 Aug 2015 20:14:13 +0000 Subject: [rancid] Brocade TurboIron24 In-Reply-To: <55C255CB.4000909@gmail.com> References: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> <55BFBEF6.4060205@gmail.com> <55BFC553.6020203@gmail.com> <55C21934.2020204@gmail.com> <55C255CB.4000909@gmail.com> Message-ID: I'm afraid that SSH is quite operational... SSH seems to be working just fine. All of my Cisco gear (50+ devices) have no issues, moreover when I SSH from the CLI to the Brocades using my rancid credentials I have no issue (works everytime). Something else interesting, is that I spun up a new install of 2.3.8 (same version as my production) and flogin works as expexted! So I copied the "working" flogin and to my production server, but no luck. Same results with error TIMEOUT. Does this shine any light on all of this? derek -----Original Message----- From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] Sent: Wednesday, August 05, 2015 2:28 PM To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net Subject: Re: [rancid] Brocade TurboIron24 How odd. ssh was launched 4 times and only the last time worked (clogin using ssh -c). I'm not willing just yet to say that flogin doesn't work on your devices, I have a hunch that the 4th command just happened to work, and that ssh is erratic for you. I've heard occasional reports where this causes issues between linux distros, and my spidey sense is still on alert about it :-) There have been changes in ssh recently, mostly dropping and deprecating old crypto methods. It could be that ssh on your rancid server is not properly compatible with your device and it works sometimes. If you are willing, the following test would be useful: Run flogin and clogin, both with and without "-t 30 -c "show version;show flash" " (plus plain ssh to the device) multiple times, around 10-20 each. See if there's a pattern of some kind. Once we get ssh working reliably, then we can move onto which parser script to use. On 05/08/2015 17:40, Pedrosi, Derek G. wrote: > Help me rancid mailing list, you are my only hope... > > > ___________________________________________________________ > flogin DC-TurboIron2.network.XXXX.com > dc-turboiron2.network.XXXX.com > spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com > svc_rancid at dc-turboiron2.network.XXXX.com's password: > SSH at DC-TurboIron2# > Error: TIMEOUT reached > root at rancid:/var/lib/rancid# > ___________________________________________________________ > clogin DC-TurboIron2.network.XXXX.com > dc-turboiron2.network.XXXX.com > spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com > svc_rancid at dc-turboiron2.network.XXXX.com's password: > SSH at DC-TurboIron2# > It seems to just hang here forever.... > ___________________________________________________________ > But, if I try... > flogin -t 30 -c "show version;show flash" > dc-turboiron2.network.XXXX.com spawn ssh -c 3des -x -l svc_rancid > dc-turboiron2.network.XXXX.com svc_rancid at dc-turboiron2.network.XXXX.com's password: > SSH at DC-TurboIron2# > Error: TIMEOUT reached > ___________________________________________________________ > > clogin -t 30 -c "show version;show flash" > dc-turboiron2.network.XXXX.com dc-turboiron2.network.XXXX.com spawn > ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com > svc_rancid at dc-turboiron2.network.XXXX.com's password: > SSH at DC-TurboIron2# > SSH at DC-TurboIron2#terminal length 0 > Invalid input -> terminal length 0 > Type ? for a list > SSH at DC-TurboIron2#terminal width 132 > Invalid input -> terminal width 132 > Type ? for a list > SSH at DC-TurboIron2#show version > SW: Version x.x.xxx Copyright (c) 1996-2013 Brocade Communications Systems, Inc. All rights reserved. > Compiled on xxx xxxxx > (xxxxx bytes) from Primary > Compressed Boot-Monitor Image size = 369366, Version:xxxxx > HW: Stackable TurboIron-X24 > ========================================================================== > Serial #: xxxxxxxxxxxxxxxxxxx > P-ASIC 0: type B820, rev 11 subrev 00 > ========================================================================== > 825 MHz Power PC processor MPC8541E (version 8020/0020) 330 MHz bus > 512 KB boot flash memory > 31744 KB code flash memory > 512 MB DRAM > The system uptime is 4 days 12 hours 24 minutes 55 seconds The system > started at 23:04:36 Eastern Fri Jul 31 2015 > > The system : started=warm start reloaded=by "reload" > > SSH at DC-TurboIron2#show flash > Compressed Pri Code size = xxxxxxxxxxxxxxxxxxxxxx Compressed Sec Code > size = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > Compressed Boot-Monitor Image size = > xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > Code Flash Free Space = 20447232 > > > > > BEST regards, > derek > > > > > -----Original Message----- > From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] > Sent: Wednesday, August 05, 2015 10:10 AM > To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Brocade TurboIron24 > > According to the various scripts, flogin is the correct usage, but it's failing to return successfully (looks like it waits 90 seconds then times out). > > We need to find why flogin does not work for you. > > What happens when you run these commands: > > flogin DC-TurboIron2.network.XXXX.com > clogin DC-TurboIron2.network.XXXX.com > > > > On 04/08/2015 18:03, Pedrosi, Derek G. wrote: >> >> OK, >> From the "rancid-fe" file, it looks like I'm running Rancid 2.3.8. >> The switches SNMP OS string is "Brocade FastIron/IronWare 08.0.01eT201", but I know these switches are based on Brocade's Foundry acquisition. So I will run francid. >> >> Here is the output... >> >> root at rancid:/var/lib/rancid/bin# francid -d >> DC-TurboIron2.network.XXX.com executing flogin -t 90 -c"show >> version;show chassis;show module;show flash;write term;show >> running-config" DC-TurboIron2.network.XXXX.com >> DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached >> DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached >> DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show >> module,show flash,show version,show running-config,write term >> DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show >> module,show flash,show version,show running-config,write term >> DC-TurboIron2.network.XXXX.com: End of run not found 0 || 0 >> DC-TurboIron2.network.XXXX.com: End of run not found >> DC-TurboIron2.network.XXXX.com: End of run not found ! >> root at rancid:/var/lib/rancid/bin# >> >> >> I am able to SSH the device without issue from the rancid box using the rancid credentials. >> And my router.db is correct, listed as " DC-TurboIron2.network.XXXX.com:foundry:up' >> >> >> Thank you for your assistance. >> >> derek >> >> -----Original Message----- >> From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] >> Sent: Monday, August 03, 2015 3:48 PM >> To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Brocade TurboIron24 >> >> OK. In that case your cloginrc is correct. >> >> Looking back over the thread, I think you have a simple problem of >> the wrong device type in router.db >> >> Cisco kit is generally of type "cisco" and Brocades of type "foundry". >> With rancid-2.3.x the separator in that file is ":" >> With rancid-3.x the separator is ";" >> This change was made for excellent reasons but has caused much pain and misery :-) Do make sure your router.db is using the correct syntax for your rancid version. >> >> I see "unexpected command" errors in your previous posts, that should >> not happen. I've only seen that when I run the generic cisco script >> against a Nexus (those use nxrancid) >> >> >> On to which helper script is used for what (there's a LOT of legacy naming issues here, one of the goals of rancid-3 is to fix this). >> >> rancid-run launches rancid-fe which reads router.db and launches a "parser script" (my term) for each device to do the heavy lifting. >> >> Originally long ago there was only one parser as Cisco was the only thing out there and the parser was called "rancid". As new types were added the parsers were named rancid. So with 2.3.x you have the odd situation where the main parser (Cisco) is called "rancid" but Foundry is "francid". It's a naming quirk. >> >> I believe heasley has renamed that parser in v3 to follow convention. >> >> clogin is the expect script to do logins and many things use it, not just the Cisco parser. All it needs to do is log in with user/pass, enable if necessary, detect the prompt and issue all required commands. >> All of this info, including the actual login script to use for a >> type, is in the parser script. So it's one more oddity, you might >> have a type "XYZ" with it's own peculiar commands and output so it's >> parser is xyzrancid. But login works much like cisco (which really is >> a classic telnet login) so xyz uses clogin![1] >> >> To debug a given device, you have to run the correct parser manually. >> Look up your type in rancid-fe (it's a large hashmap near the top) and run that script on the device with the -d option. >> You will get debug output including the *login command used. >> Paste that into your terminal (it's often clogin but not always) and look carefully at what your device is returning. >> >> Or post the output so we can help further. >> >> >> >> [1] I'm used to all this real-life weirdness as I've used rancid so >> much I don't think much about it anymore. It's only when I type mails >> like this that I realise just how nuts the field of a netadmin has >> become :-) >> >> >> >> >> >> On 03/08/2015 21:23, Pedrosi, Derek G. wrote: >>> Yes. >>> When I manually logon to my devices (Cisco and Brocade) with said service account I am dropped into an admin command prompt (#). >>> >>> >>> >>> derek >>> >>> >>> -----Original Message----- >>> From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] >>> On Behalf Of Alan McKinnon >>> Sent: Monday, August 03, 2015 3:20 PM >>> To: rancid-discuss at shrubbery.net >>> Subject: Re: [rancid] Brocade TurboIron24 >>> >>> I'd like to check we're all on the same page with regard to autoenable, it's a topic that seems to cause much confusion. >>> >>> It's used when the device enables that user automatically on login with no need to explicitly run the enable command. >>> >>> Are all your devices (with the exception of >>> DC-Cisco5525x.network.xxxx.com) set up to behave like that? >>> >>> >>> On 03/08/2015 16:42, Pedrosi, Derek G. wrote: >>>> My sanitized .cloginrc: >>>> >>>> >>>> >>>> root at rancid:/var/lib/rancid# head -50 .cloginrc >>>> >>>> #XXXX >>>> >>>> >>>> >>>> add method * {ssh} >>>> >>>> add user * svc_rancid >>>> >>>> add password * StandPW EnablePW >>>> >>>> add autoenable 1 >>>> >>>> >>>> >>>> add autoenable DC-Cisco5525x.network.xxxx.com 0 >>>> >>>> >>>> >>>> ------------------------------------------------------------------- >>>> - >>>> - >>>> - >>>> -- >>>> >>>> *Derek G Pedrosi*| Manager of Technology Infrastructure >>>> >>>> *Miller Canfield* >>>> Detroit, Michigan 48226 (USA) >>>> >>>> ------------------------------------------------------------------- >>>> - >>>> - >>>> - >>>> -- >>>> >>>> >>>> >>>> >>>> >>>> *From:*Nick Hilliard [mailto:nick at foobar.org] >>>> *Sent:* Monday, August 03, 2015 10:29 AM >>>> *To:* Pedrosi, Derek G. >>>> *Cc:* rancid-discuss at shrubbery.net >>>> *Subject:* Re: [rancid] Brocade TurboIron24 >>>> >>>> >>>> >>>> Looks like a .cloginrc problem related to autoenable. >>>> >>>> >>>> >>>> Nick >>>> >>>> Sent from my iWotsit. >>>> >>>> >>>> On 3 Aug 2015, at 14:59, Pedrosi, Derek G. >>>> > wrote: >>>> >>>> I've tried that to no success... >>>> >>>> >>>> >>>> The bit of debugging that I can do yielded this... >>>> >>>> >>>> >>>> root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show >>>> chassis;show module;show flash;show running-config" 10.1.1.3 >>>> >>>> 10.1.1.3 >>>> >>>> spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 >>>> >>>> svc_rancid at 10.1.1.3 's password: >>>> >>>> SSH at DC-TurboIron2# >>>> >>>> Error: TIMEOUT reached >>>> >>>> root at rancid:/usr/lib/rancid/bin# >>>> >>>> >>>> >>>> Rancid is able to logon, but no commands are issued? >>>> >>>> >>>> >>>> >>>> >>>> BUT, strangely enough when I do the same command as above with >>>> "clogin" it works as it should. >>>> >>>> BUT, if in my "router.db" I set the type to "cisco" (which I assume >>>> means use clogin) I do get a SVN entry in my repository, but it is >>>> blank. >>>> >>>> >>>> >>>> Trying to get all of the configs. >>>> >>>> dc-turboiron2.network.XXXX.com >>>> : found unexpected command - >>>> "dir /all sup-bootflash:" >>>> >>>> dc-turboiron2.network.XXXX.com >>>> : missed cmd(s): dir /all >>>> slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all >>>> sec-nvram:,show running-config view full,dir /all >>>> sec-bootflash:,sho$ >>>> >>>> dc-turboiron2.network.XXXX.com >>>> : End of run not found >>>> >>>> ===================================== >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> Ps Why do you suggest v7.4.00j >>>> >>>> >>>> >>>> >>>> >>>> Many thanks, >>>> >>>> derek >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> From: Nick Hilliard [mailto:nick at foobar.org] >>>> >>>> Sent: Sunday, August 2, 2015 9:15 AM >>>> >>>> To: Pedrosi, Derek G. >>> > >>>> >>>> Cc: rancid-discuss at shrubbery.net >>>> >>>> >>>> Subject: Re: [rancid] Brocade TurboIron24 >>>> >>>> >>>> >>>> These are type: "foundry". >>>> >>>> >>>> >>>> >>>> >>>> 7.4.00j would be a good choice for software. >>>> >>>> >>>> >>>> >>>> >>>> Nick >>>> >>>> >>>> >>>> Sent from my iWotsit. >>>> >>>> >>>> >>>> On 31 Jul 2015, at 19:11, Pedrosi, Derek G. >>>> > wrote: >>>> >>>> Greetings all, >>>> >>>> I have a few of Brocade's TI24s in my environment. I would like to >>>> intergrate them into Rancid with my Cisco gear, but I have not had >>>> any luck. Can someone possibly point my in the right direction? >>>> >>>> >>>> >>>> >>>> >>>> Many thanx, >>>> >>>> derek >>>> >>>> _______________________________________________ >>>> >>>> Rancid-discuss mailing list >>>> >>>> Rancid-discuss at shrubbery.net >>>> >>>> >>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>>> >>>> >>>> >>>> _______________________________________________ >>>> Rancid-discuss mailing list >>>> Rancid-discuss at shrubbery.net >>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>>> >>> >>> >>> -- >>> Alan McKinnon >>> alan.mckinnon at gmail.com >>> >>> _______________________________________________ >>> Rancid-discuss mailing list >>> Rancid-discuss at shrubbery.net >>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>> >> >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > -- Alan McKinnon alan.mckinnon at gmail.com From pedrosi at millercanfield.com Wed Aug 5 20:57:22 2015 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Wed, 5 Aug 2015 20:57:22 +0000 Subject: [rancid] Brocade TurboIron24 In-Reply-To: <55C271B5.2020501@gmail.com> References: <5C753918-CA6A-42B7-B990-1A93960FCE1E@foobar.org> <55BFBEF6.4060205@gmail.com> <55BFC553.6020203@gmail.com> <55C21934.2020204@gmail.com> <55C255CB.4000909@gmail.com> <55C271B5.2020501@gmail.com> Message-ID: BINGO. add autoenable * 1 That was it, a silly * in the .cloginrc file Many, many thanks. derek -----Original Message----- From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] Sent: Wednesday, August 05, 2015 4:28 PM To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net Subject: Re: [rancid] Brocade TurboIron24 Ah, that is significant. After all that, we may have overlooked an error in .cloginrc. What does yours look like? Is the 4th entry still add autoenable 1 if so, it needs to be add autoenable * 1 and the following line for DC-Cisco5525x.network.xxxx.com needs to be before, not after. .cloginrc is not processed as best match wins, it is first match wins. So * is a default and goes at the end of the list. If you have corrected .cloginrc already, then you have a faulty rancid install. Un-install it, verify all code is gone and your local files are intact, the reinstall. If that doesn't fix it, then your distro has given you an unsuitable dependant code package, quite likely expect. On 05/08/2015 22:14, Pedrosi, Derek G. wrote: > I'm afraid that SSH is quite operational... > > > SSH seems to be working just fine. All of my Cisco gear (50+ devices) have no issues, moreover when I SSH from the CLI to the Brocades using my rancid credentials I have no issue (works everytime). > > Something else interesting, is that I spun up a new install of 2.3.8 (same version as my production) and flogin works as expexted! So I copied the "working" flogin and to my production server, but no luck. Same results with error TIMEOUT. Does this shine any light on all of this? > > > > > derek > > > > -----Original Message----- > From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] > Sent: Wednesday, August 05, 2015 2:28 PM > To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net > Subject: Re: [rancid] Brocade TurboIron24 > > How odd. ssh was launched 4 times and only the last time worked (clogin using ssh -c). > > I'm not willing just yet to say that flogin doesn't work on your > devices, I have a hunch that the 4th command just happened to work, > and that ssh is erratic for you. I've heard occasional reports where > this causes issues between linux distros, and my spidey sense is still > on alert about it :-) > > There have been changes in ssh recently, mostly dropping and deprecating old crypto methods. It could be that ssh on your rancid server is not properly compatible with your device and it works sometimes. > > If you are willing, the following test would be useful: > > Run flogin and clogin, both with and without "-t 30 -c "show version;show flash" " (plus plain ssh to the device) multiple times, around 10-20 each. See if there's a pattern of some kind. Once we get ssh working reliably, then we can move onto which parser script to use. > > > > > > On 05/08/2015 17:40, Pedrosi, Derek G. wrote: >> Help me rancid mailing list, you are my only hope... >> >> >> ___________________________________________________________ >> flogin DC-TurboIron2.network.XXXX.com dc-turboiron2.network.XXXX.com >> spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com >> svc_rancid at dc-turboiron2.network.XXXX.com's password: >> SSH at DC-TurboIron2# >> Error: TIMEOUT reached >> root at rancid:/var/lib/rancid# >> ___________________________________________________________ >> clogin DC-TurboIron2.network.XXXX.com dc-turboiron2.network.XXXX.com >> spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com >> svc_rancid at dc-turboiron2.network.XXXX.com's password: >> SSH at DC-TurboIron2# >> It seems to just hang here forever.... >> ___________________________________________________________ >> But, if I try... >> flogin -t 30 -c "show version;show flash" >> dc-turboiron2.network.XXXX.com spawn ssh -c 3des -x -l svc_rancid >> dc-turboiron2.network.XXXX.com svc_rancid at dc-turboiron2.network.XXXX.com's password: >> SSH at DC-TurboIron2# >> Error: TIMEOUT reached >> ___________________________________________________________ >> >> clogin -t 30 -c "show version;show flash" >> dc-turboiron2.network.XXXX.com dc-turboiron2.network.XXXX.com spawn >> ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com >> svc_rancid at dc-turboiron2.network.XXXX.com's password: >> SSH at DC-TurboIron2# >> SSH at DC-TurboIron2#terminal length 0 >> Invalid input -> terminal length 0 >> Type ? for a list >> SSH at DC-TurboIron2#terminal width 132 >> Invalid input -> terminal width 132 >> Type ? for a list >> SSH at DC-TurboIron2#show version >> SW: Version x.x.xxx Copyright (c) 1996-2013 Brocade Communications Systems, Inc. All rights reserved. >> Compiled on xxx xxxxx >> (xxxxx bytes) from Primary >> Compressed Boot-Monitor Image size = 369366, Version:xxxxx >> HW: Stackable TurboIron-X24 >> ========================================================================== >> Serial #: xxxxxxxxxxxxxxxxxxx >> P-ASIC 0: type B820, rev 11 subrev 00 >> ========================================================================== >> 825 MHz Power PC processor MPC8541E (version 8020/0020) 330 MHz bus >> 512 KB boot flash memory >> 31744 KB code flash memory >> 512 MB DRAM >> The system uptime is 4 days 12 hours 24 minutes 55 seconds The system >> started at 23:04:36 Eastern Fri Jul 31 2015 >> >> The system : started=warm start reloaded=by "reload" >> >> SSH at DC-TurboIron2#show flash >> Compressed Pri Code size = xxxxxxxxxxxxxxxxxxxxxx Compressed Sec Code >> size = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >> Compressed Boot-Monitor Image size = >> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx >> Code Flash Free Space = 20447232 >> >> >> >> >> BEST regards, >> derek >> >> >> >> >> -----Original Message----- >> From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] >> Sent: Wednesday, August 05, 2015 10:10 AM >> To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net >> Subject: Re: [rancid] Brocade TurboIron24 >> >> According to the various scripts, flogin is the correct usage, but it's failing to return successfully (looks like it waits 90 seconds then times out). >> >> We need to find why flogin does not work for you. >> >> What happens when you run these commands: >> >> flogin DC-TurboIron2.network.XXXX.com clogin >> DC-TurboIron2.network.XXXX.com >> >> >> >> On 04/08/2015 18:03, Pedrosi, Derek G. wrote: >>> >>> OK, >>> From the "rancid-fe" file, it looks like I'm running Rancid 2.3.8. >>> The switches SNMP OS string is "Brocade FastIron/IronWare 08.0.01eT201", but I know these switches are based on Brocade's Foundry acquisition. So I will run francid. >>> >>> Here is the output... >>> >>> root at rancid:/var/lib/rancid/bin# francid -d >>> DC-TurboIron2.network.XXX.com executing flogin -t 90 -c"show >>> version;show chassis;show module;show flash;write term;show >>> running-config" DC-TurboIron2.network.XXXX.com >>> DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached >>> DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached >>> DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show >>> module,show flash,show version,show running-config,write term >>> DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show >>> module,show flash,show version,show running-config,write term >>> DC-TurboIron2.network.XXXX.com: End of run not found 0 || 0 >>> DC-TurboIron2.network.XXXX.com: End of run not found >>> DC-TurboIron2.network.XXXX.com: End of run not found ! >>> root at rancid:/var/lib/rancid/bin# >>> >>> >>> I am able to SSH the device without issue from the rancid box using the rancid credentials. >>> And my router.db is correct, listed as " DC-TurboIron2.network.XXXX.com:foundry:up' >>> >>> >>> Thank you for your assistance. >>> >>> derek >>> >>> -----Original Message----- >>> From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] >>> Sent: Monday, August 03, 2015 3:48 PM >>> To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net >>> Subject: Re: [rancid] Brocade TurboIron24 >>> >>> OK. In that case your cloginrc is correct. >>> >>> Looking back over the thread, I think you have a simple problem of >>> the wrong device type in router.db >>> >>> Cisco kit is generally of type "cisco" and Brocades of type "foundry". >>> With rancid-2.3.x the separator in that file is ":" >>> With rancid-3.x the separator is ";" >>> This change was made for excellent reasons but has caused much pain and misery :-) Do make sure your router.db is using the correct syntax for your rancid version. >>> >>> I see "unexpected command" errors in your previous posts, that >>> should not happen. I've only seen that when I run the generic cisco >>> script against a Nexus (those use nxrancid) >>> >>> >>> On to which helper script is used for what (there's a LOT of legacy naming issues here, one of the goals of rancid-3 is to fix this). >>> >>> rancid-run launches rancid-fe which reads router.db and launches a "parser script" (my term) for each device to do the heavy lifting. >>> >>> Originally long ago there was only one parser as Cisco was the only thing out there and the parser was called "rancid". As new types were added the parsers were named rancid. So with 2.3.x you have the odd situation where the main parser (Cisco) is called "rancid" but Foundry is "francid". It's a naming quirk. >>> >>> I believe heasley has renamed that parser in v3 to follow convention. >>> >>> clogin is the expect script to do logins and many things use it, not just the Cisco parser. All it needs to do is log in with user/pass, enable if necessary, detect the prompt and issue all required commands. >>> All of this info, including the actual login script to use for a >>> type, is in the parser script. So it's one more oddity, you might >>> have a type "XYZ" with it's own peculiar commands and output so it's >>> parser is xyzrancid. But login works much like cisco (which really >>> is a classic telnet login) so xyz uses clogin![1] >>> >>> To debug a given device, you have to run the correct parser manually. >>> Look up your type in rancid-fe (it's a large hashmap near the top) and run that script on the device with the -d option. >>> You will get debug output including the *login command used. >>> Paste that into your terminal (it's often clogin but not always) and look carefully at what your device is returning. >>> >>> Or post the output so we can help further. >>> >>> >>> >>> [1] I'm used to all this real-life weirdness as I've used rancid so >>> much I don't think much about it anymore. It's only when I type >>> mails like this that I realise just how nuts the field of a netadmin >>> has become :-) >>> >>> >>> >>> >>> >>> On 03/08/2015 21:23, Pedrosi, Derek G. wrote: >>>> Yes. >>>> When I manually logon to my devices (Cisco and Brocade) with said service account I am dropped into an admin command prompt (#). >>>> >>>> >>>> >>>> derek >>>> >>>> >>>> -----Original Message----- >>>> From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] >>>> On Behalf Of Alan McKinnon >>>> Sent: Monday, August 03, 2015 3:20 PM >>>> To: rancid-discuss at shrubbery.net >>>> Subject: Re: [rancid] Brocade TurboIron24 >>>> >>>> I'd like to check we're all on the same page with regard to autoenable, it's a topic that seems to cause much confusion. >>>> >>>> It's used when the device enables that user automatically on login with no need to explicitly run the enable command. >>>> >>>> Are all your devices (with the exception of >>>> DC-Cisco5525x.network.xxxx.com) set up to behave like that? >>>> >>>> >>>> On 03/08/2015 16:42, Pedrosi, Derek G. wrote: >>>>> My sanitized .cloginrc: >>>>> >>>>> >>>>> >>>>> root at rancid:/var/lib/rancid# head -50 .cloginrc >>>>> >>>>> #XXXX >>>>> >>>>> >>>>> >>>>> add method * {ssh} >>>>> >>>>> add user * svc_rancid >>>>> >>>>> add password * StandPW EnablePW >>>>> >>>>> add autoenable 1 >>>>> >>>>> >>>>> >>>>> add autoenable DC-Cisco5525x.network.xxxx.com 0 >>>>> >>>>> >>>>> >>>>> ------------------------------------------------------------------ >>>>> - >>>>> - >>>>> - >>>>> - >>>>> -- >>>>> >>>>> *Derek G Pedrosi*| Manager of Technology Infrastructure >>>>> >>>>> *Miller Canfield* >>>>> Detroit, Michigan 48226 (USA) >>>>> >>>>> ------------------------------------------------------------------ >>>>> - >>>>> - >>>>> - >>>>> - >>>>> -- >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> *From:*Nick Hilliard [mailto:nick at foobar.org] >>>>> *Sent:* Monday, August 03, 2015 10:29 AM >>>>> *To:* Pedrosi, Derek G. >>>>> *Cc:* rancid-discuss at shrubbery.net >>>>> *Subject:* Re: [rancid] Brocade TurboIron24 >>>>> >>>>> >>>>> >>>>> Looks like a .cloginrc problem related to autoenable. >>>>> >>>>> >>>>> >>>>> Nick >>>>> >>>>> Sent from my iWotsit. >>>>> >>>>> >>>>> On 3 Aug 2015, at 14:59, Pedrosi, Derek G. >>>>> > wrote: >>>>> >>>>> I've tried that to no success... >>>>> >>>>> >>>>> >>>>> The bit of debugging that I can do yielded this... >>>>> >>>>> >>>>> >>>>> root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show >>>>> chassis;show module;show flash;show running-config" 10.1.1.3 >>>>> >>>>> 10.1.1.3 >>>>> >>>>> spawn ssh -c 3des -x -l svc_rancid 10.1.1.3 >>>>> >>>>> svc_rancid at 10.1.1.3 's password: >>>>> >>>>> SSH at DC-TurboIron2# >>>>> >>>>> Error: TIMEOUT reached >>>>> >>>>> root at rancid:/usr/lib/rancid/bin# >>>>> >>>>> >>>>> >>>>> Rancid is able to logon, but no commands are issued? >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> BUT, strangely enough when I do the same command as above with >>>>> "clogin" it works as it should. >>>>> >>>>> BUT, if in my "router.db" I set the type to "cisco" (which I assume >>>>> means use clogin) I do get a SVN entry in my repository, but it is >>>>> blank. >>>>> >>>>> >>>>> >>>>> Trying to get all of the configs. >>>>> >>>>> dc-turboiron2.network.XXXX.com >>>>> : found unexpected command - >>>>> "dir /all sup-bootflash:" >>>>> >>>>> dc-turboiron2.network.XXXX.com >>>>> : missed cmd(s): dir /all >>>>> slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all >>>>> sec-nvram:,show running-config view full,dir /all >>>>> sec-bootflash:,sho$ >>>>> >>>>> dc-turboiron2.network.XXXX.com >>>>> : End of run not found >>>>> >>>>> ===================================== >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Ps Why do you suggest v7.4.00j >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Many thanks, >>>>> >>>>> derek >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> From: Nick Hilliard [mailto:nick at foobar.org] >>>>> >>>>> Sent: Sunday, August 2, 2015 9:15 AM >>>>> >>>>> To: Pedrosi, Derek G. >>>> > >>>>> >>>>> Cc: rancid-discuss at shrubbery.net >>>>> >>>>> >>>>> Subject: Re: [rancid] Brocade TurboIron24 >>>>> >>>>> >>>>> >>>>> These are type: "foundry". >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> 7.4.00j would be a good choice for software. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Nick >>>>> >>>>> >>>>> >>>>> Sent from my iWotsit. >>>>> >>>>> >>>>> >>>>> On 31 Jul 2015, at 19:11, Pedrosi, Derek G. >>>>> > wrote: >>>>> >>>>> Greetings all, >>>>> >>>>> I have a few of Brocade's TI24s in my environment. I would like to >>>>> intergrate them into Rancid with my Cisco gear, but I have not had >>>>> any luck. Can someone possibly point my in the right direction? >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Many thanx, >>>>> >>>>> derek >>>>> >>>>> _______________________________________________ >>>>> >>>>> Rancid-discuss mailing list >>>>> >>>>> Rancid-discuss at shrubbery.net >>>>> >>>>> >>>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Rancid-discuss mailing list >>>>> Rancid-discuss at shrubbery.net >>>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>>>> >>>> >>>> >>>> -- >>>> Alan McKinnon >>>> alan.mckinnon at gmail.com >>>> >>>> _______________________________________________ >>>> Rancid-discuss mailing list >>>> Rancid-discuss at shrubbery.net >>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss >>>> >>> >>> >>> -- >>> Alan McKinnon >>> alan.mckinnon at gmail.com >>> >> >> >> -- >> Alan McKinnon >> alan.mckinnon at gmail.com >> > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > -- Alan McKinnon alan.mckinnon at gmail.com From Wiethoff at tfh-bochum.de Thu Aug 6 10:26:50 2015 From: Wiethoff at tfh-bochum.de (Wiethoff, Helge) Date: Thu, 6 Aug 2015 10:26:50 +0000 Subject: [rancid] script itself runs - rancid-run: Couldn't login Message-ID: <194290040642FB4D952083D79F7F7D1D40E59AA7@BOHEMSX2010.rbbk.de> Hi all, I programmed a login script and a "rancid-script" for the previously unsupported device type Microsens G6 based on xilogin+xirancid. My msg6login uses .cloginrc for automated username+password input. "msg6rancid x-sw1k25.tfhbomgmt.de " works great and writes the correct config file to x-sw1k25.tfhbomgmt.de.new I declared the new device typ in my rancid.types.conf: #MicrosensG6 msg6;login;msg6login msg6;script;msg6rancid and added a device to my router.db: x-sw1k25.tfhbomgmt.de;msg6;up when running rancid-run, i can't login and get the following in the log: x-sw1k25.tfh-bochum.de: missed cmd(s): all commands x-sw1k25.tfh-bochum.de msg6login error: Error: Couldn't login: x-sw1k25.tfh-bochum.de x-sw1k25.tfh-bochum.de: End of run not found Did i miss something obvious? A env variable or something? Or is the reason in my msg6login as a i get this error inside an expect-block with EOF. Cheers, Helge ________________________________ Helge Wiethoff Medienzentrum Telefon: +49 (234) 968 8717 Fax: +49 (234) 968 3453 E-Mail: Wiethoff at tfh-bochum.de Technische Fachhochschule Georg Agricola f?r Rohstoff, Energie und Umwelt zu Bochum Staatlich anerkannte Fachhochschule der DMT-Gesellschaft f?r Lehre und Bildung mbH Herner Stra?e 45 44787 Bochum http://www.tfh-bochum.de ________________________________ Tr?ger: DMT-Gesellschaft f?r Lehre und Bildung mbH Sitz der Gesellschaft: Bochum Registergericht: Amtsgericht Bochum Handelsregister: B 4052 Gesch?ftsf?hrung: Prof. Dr. J?rgen Kretschmann (Vorsitzender) Manfred Freitag From jm+rancid at roth.lu Sat Aug 8 16:40:13 2015 From: jm+rancid at roth.lu (Marki) Date: Sat, 8 Aug 2015 16:40:13 +0000 (UTC) Subject: [rancid] script itself runs - rancid-run: Couldn't login References: <194290040642FB4D952083D79F7F7D1D40E59AA7@BOHEMSX2010.rbbk.de> Message-ID: Wiethoff, Helge tfh-bochum.de> writes: > I programmed a login script and a "rancid-script" for the previously unsupported device type Microsens G6 > based on xilogin+xirancid. My msg6login uses .cloginrc for automated username+password input. > > "msg6rancid x-sw1k25.tfhbomgmt.de " works great and writes the correct config file to x-sw1k25.tfhbomgmt.de.new > > when running rancid-run, i can't login and get the following in the log: > x-sw1k25.tfh-bochum.de: missed cmd(s): all commands > x-sw1k25.tfh-bochum.de msg6login error: Error: Couldn't login: x-sw1k25.tfh-bochum.de > x-sw1k25.tfh-bochum.de: End of run not found Hi, I see x.tfhbomgmt.de and x.tfh-bochum.de in your post. Maybe one works and the other does not? Are you maybe developing on one machine and running rancid itself on another? -> firewall issues? I suppose you are running all commands as the rancid user, even when calling them manually? Bye, Marki From Wayne.Eisenberg at CarolinasIT.com Mon Aug 10 20:33:01 2015 From: Wayne.Eisenberg at CarolinasIT.com (Wayne Eisenberg) Date: Mon, 10 Aug 2015 20:33:01 +0000 Subject: [rancid] error in Cisco MDS config retrieval Message-ID: Hi all, I have some Cisco MDS 9148 switches running NX-OS 5.2(2) (m9100-s3ek9-kickstart-mz.5.2.2.bin) and rancid is v3.1. Unfortunately I am not getting good retrievals from them. Below is the results of nxrancid -d. Can someone assist in understanding the problem and suggesting a solution? [rancid at vm bin]$ nxrancid -d mds-9148-1.____.local executing clogin -t 90 -c"term no monitor-force;show version;show version build-info all;show license;show license usage;show license host-id;show system redundancy status;show environment clock;show environment fan;show environment fex all fan;show environment temperature;show environment power;show boot;dir bootflash:;dir debug:;dir logflash:;dir slot0:;dir usb1:;dir usb2:;dir volatile:;show module;show module xbar;show inventory;show vtp status;show vlan;show debug;show cores vdc-all;show processes log vdc-all;show module fex;show fex;show running-config" mds-9148-1.____.local PROMPT MATCH: Cisco-9148-Top# HIT COMMAND:Cisco-9148-Top# term no monitor-force In RunCommand: Cisco-9148-Top# term no monitor-force HIT COMMAND:Cisco-9148-Top# show version In ShowVersion: Cisco-9148-Top# show version TYPE = NXOS HIT COMMAND:Cisco-9148-Top# show version build-info all In ShowVersionBuild: Cisco-9148-Top# show version build-info all HIT COMMAND:Cisco-9148-Top# show license In ShowLicense: Cisco-9148-Top# show license HIT COMMAND:Cisco-9148-Top# show license usage In ShowLicense: Cisco-9148-Top# show license usage HIT COMMAND:Cisco-9148-Top# show license host-id In ShowLicense: Cisco-9148-Top# show license host-id HIT COMMAND:Cisco-9148-Top# show system redundancy status In ShowRedundancy: Cisco-9148-Top# show system redundancy status HIT COMMAND:Cisco-9148-Top# show environment clock In ShowEnv: Cisco-9148-Top# show environment clock HIT COMMAND:Cisco-9148-Top# show environment fan In ShowEnv: Cisco-9148-Top# show environment fan HIT COMMAND:Cisco-9148-Top# show environment fex all fan In ShowEnv: Cisco-9148-Top# show environment fex all fan HIT COMMAND:Cisco-9148-Top# show environment temperature In ShowEnvTemp: Cisco-9148-Top# show environment temperature HIT COMMAND:Cisco-9148-Top# show environment power In ShowEnvPower: Cisco-9148-Top# show environment power HIT COMMAND:Cisco-9148-Top# show boot In ShowBoot: Cisco-9148-Top# show boot HIT COMMAND:Cisco-9148-Top# dir bootflash: In DirSlotN: Cisco-9148-Top# dir bootflash: HIT COMMAND:Cisco-9148-Top# dir debug: In DirSlotN: Cisco-9148-Top# dir debug: HIT COMMAND:Cisco-9148-Top# dir logflash: In DirSlotN: Cisco-9148-Top# dir logflash: HIT COMMAND:Cisco-9148-Top# dir slot0: In DirSlotN: Cisco-9148-Top# dir slot0: HIT COMMAND:Cisco-9148-Top# dir usb1: In DirSlotN: Cisco-9148-Top# dir usb1: HIT COMMAND:Cisco-9148-Top# dir usb2: In DirSlotN: Cisco-9148-Top# dir usb2: HIT COMMAND:Cisco-9148-Top# dir volatile: In DirSlotN: Cisco-9148-Top# dir volatile: HIT COMMAND:Cisco-9148-Top# show module In ShowModule: Cisco-9148-Top# show module HIT COMMAND:Cisco-9148-Top# show module xbar In ShowModule: Cisco-9148-Top# show module xbar HIT COMMAND:Cisco-9148-Top# show inventory In ShowInventory: Cisco-9148-Top# show inventory HIT COMMAND:Cisco-9148-Top# show vtp status In ShowVTP: Cisco-9148-Top# show vtp status HIT COMMAND:Cisco-9148-Top# show vlan In ShowVLAN: Cisco-9148-Top# show vlan HIT COMMAND:Cisco-9148-Top# show debug In ShowDebug: Cisco-9148-Top# show debug HIT COMMAND:Cisco-9148-Top# show cores vdc-all In ShowCores: Cisco-9148-Top# show cores vdc-all HIT COMMAND:Cisco-9148-Top# show processes log vdc-all In ShowProcLog: Cisco-9148-Top# show processes log vdc-all mds-9148-1.____.local: show processes log vdc-all failed: -1 write(spawn_id=1): broken pipe while executing "send_user -- "$expect_out(buffer)"" invoked from within "expect -nobrace -re+ { exp_continue } -re {^[^ *]*Cisco-9148-([^#>\r\n]+)?[#>](\([^)\r\n]+\))?} { send_user -- "$expect_out(buffer)" } -re {..." invoked from within "expect { -re "\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprom..." (procedure "run_commands" line 30) invoked from within "run_commands $prompt $command" ("foreach" body line 196) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/local/rancid3/bin/clogin" line 754) mds-9148-1.____.local: missed cmd(s): show module fex,show fex,show running-config mds-9148-1.____.local: missed cmd(s): show module fex,show fex,show running-config mds-9148-1.____.local: End of run not found mds-9148-1.____.local: End of run not found mds-9148-1.____.local: clean: 0, end: 0 !PROC_LOGS: ^ [rancid at vm bin]$ Wayne Eisenberg ________________________________ The information in this Internet e-mail (and any attachments) is confidential, may be legally privileged and is intended solely for the Addressee(s) named above. If you are not the intended recipient, or the employee or agent responsible for delivering it to the intended recipient, then any dissemination or copying of this e-mail (and any attachments) is prohibited and may be unlawful. If you received this e-mail in error, please immediately notify us by e-mail or telephone, then delete the message. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: From dan.w.anderson at gmail.com Mon Aug 10 22:48:48 2015 From: dan.w.anderson at gmail.com (Dan Anderson) Date: Mon, 10 Aug 2015 18:48:48 -0400 Subject: [rancid] error in Cisco MDS config retrieval In-Reply-To: References: Message-ID: It has to do with how NX-OS handles features that aren't enabled (and/or aren't available on that hardware platform). In 3.1, I went into the nxrancid script and changed the return value for invalid commands since I have some devices that can use some of the stock commands and some cannot and I didn't want to create a slew of new device types. diff -u nxrancid.orig nxrancid --- nxrancid.orig 2014-09-24 10:02:46.017969251 -0400 +++ nxrancid 2014-09-24 10:03:06.039305060 -0400 @@ -660,7 +660,7 @@ next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /Line has invalid autocommand /; return(1) if /(Invalid input detected|Type help or )/; - return(-1) if (/\% Invalid command at /); + return(1) if (/\% Invalid command at /); return(-1) if (/\% Permission denied/); return(-1) if (/command authorization failed/i); In 3.2, that has moved to the nxos module. I'm sure there's probably a better way to handle it, but I was feeling pretty lazy at the time and haven't had a chance to revisit it. On Mon, Aug 10, 2015 at 4:33 PM, Wayne Eisenberg < Wayne.Eisenberg at carolinasit.com> wrote: > Hi all, > > > > I have some Cisco MDS 9148 switches running NX-OS 5.2(2) > (m9100-s3ek9-kickstart-mz.5.2.2.bin) and rancid is v3.1. Unfortunately I > am not getting good retrievals from them. Below is the results of nxrancid > ?d. Can someone assist in understanding the problem and suggesting a > solution? > > > > > > [rancid at vm bin]$ nxrancid -d mds-9148-1.____.local > > > > executing clogin -t 90 -c"term no monitor-force;show version;show version > build-info all;show license;show license usage;show license host-id;show > system redundancy status;show environment clock;show environment fan;show > environment fex all fan;show environment temperature;show environment > power;show boot;dir bootflash:;dir debug:;dir logflash:;dir slot0:;dir > usb1:;dir usb2:;dir volatile:;show module;show module xbar;show > inventory;show vtp status;show vlan;show debug;show cores vdc-all;show > processes log vdc-all;show module fex;show fex;show running-config" > mds-9148-1.____.local > > PROMPT MATCH: Cisco-9148-Top# > > HIT COMMAND:Cisco-9148-Top# term no monitor-force > > In RunCommand: Cisco-9148-Top# term no monitor-force > > HIT COMMAND:Cisco-9148-Top# show version > > In ShowVersion: Cisco-9148-Top# show version > > TYPE = NXOS > > HIT COMMAND:Cisco-9148-Top# show version build-info all > > In ShowVersionBuild: Cisco-9148-Top# show version build-info all > > HIT COMMAND:Cisco-9148-Top# show license > > In ShowLicense: Cisco-9148-Top# show license > > HIT COMMAND:Cisco-9148-Top# show license usage > > In ShowLicense: Cisco-9148-Top# show license usage > > HIT COMMAND:Cisco-9148-Top# show license host-id > > In ShowLicense: Cisco-9148-Top# show license host-id > > HIT COMMAND:Cisco-9148-Top# show system redundancy status > > In ShowRedundancy: Cisco-9148-Top# show system redundancy status > > HIT COMMAND:Cisco-9148-Top# show environment clock > > In ShowEnv: Cisco-9148-Top# show environment clock > > HIT COMMAND:Cisco-9148-Top# show environment fan > > In ShowEnv: Cisco-9148-Top# show environment fan > > HIT COMMAND:Cisco-9148-Top# show environment fex all fan > > In ShowEnv: Cisco-9148-Top# show environment fex all fan > > HIT COMMAND:Cisco-9148-Top# show environment temperature > > In ShowEnvTemp: Cisco-9148-Top# show environment temperature > > HIT COMMAND:Cisco-9148-Top# show environment power > > In ShowEnvPower: Cisco-9148-Top# show environment power > > HIT COMMAND:Cisco-9148-Top# show boot > > In ShowBoot: Cisco-9148-Top# show boot > > HIT COMMAND:Cisco-9148-Top# dir bootflash: > > In DirSlotN: Cisco-9148-Top# dir bootflash: > > HIT COMMAND:Cisco-9148-Top# dir debug: > > In DirSlotN: Cisco-9148-Top# dir debug: > > HIT COMMAND:Cisco-9148-Top# dir logflash: > > In DirSlotN: Cisco-9148-Top# dir logflash: > > HIT COMMAND:Cisco-9148-Top# dir slot0: > > In DirSlotN: Cisco-9148-Top# dir slot0: > > HIT COMMAND:Cisco-9148-Top# dir usb1: > > In DirSlotN: Cisco-9148-Top# dir usb1: > > HIT COMMAND:Cisco-9148-Top# dir usb2: > > In DirSlotN: Cisco-9148-Top# dir usb2: > > HIT COMMAND:Cisco-9148-Top# dir volatile: > > In DirSlotN: Cisco-9148-Top# dir volatile: > > HIT COMMAND:Cisco-9148-Top# show module > > In ShowModule: Cisco-9148-Top# show module > > HIT COMMAND:Cisco-9148-Top# show module xbar > > In ShowModule: Cisco-9148-Top# show module xbar > > HIT COMMAND:Cisco-9148-Top# show inventory > > In ShowInventory: Cisco-9148-Top# show inventory > > HIT COMMAND:Cisco-9148-Top# show vtp status > > In ShowVTP: Cisco-9148-Top# show vtp status > > HIT COMMAND:Cisco-9148-Top# show vlan > > In ShowVLAN: Cisco-9148-Top# show vlan > > HIT COMMAND:Cisco-9148-Top# show debug > > In ShowDebug: Cisco-9148-Top# show debug > > HIT COMMAND:Cisco-9148-Top# show cores vdc-all > > In ShowCores: Cisco-9148-Top# show cores vdc-all > > HIT COMMAND:Cisco-9148-Top# show processes log vdc-all > > In ShowProcLog: Cisco-9148-Top# show processes log vdc-all > > mds-9148-1.____.local: show processes log vdc-all failed: -1 > > write(spawn_id=1): broken pipe > > while executing > > "send_user -- "$expect_out(buffer)"" > > invoked from within > > "expect -nobrace -re+ { exp_continue } -re {^[^ > > *]*Cisco-9148-([^#>\r\n]+)?[#>](\([^)\r\n]+\))?} { send_user -- > "$expect_out(buffer)" > > } -re {..." > > invoked from within > > "expect { > > -re "\b+" { exp_continue } > > -re "^\[^\n\r *]*$reprompt" { send_user -- > "$expect_out(buffer)" > > } > > -re "^\[^\n\r]*$reprom..." > > (procedure "run_commands" line 30) > > invoked from within > > "run_commands $prompt $command" > > ("foreach" body line 196) > > invoked from within > > "foreach router [lrange $argv $i end] { > > set router [string tolower $router] > > # attempt at platform switching. > > set platform "" > > send_user ..." > > (file "/usr/local/rancid3/bin/clogin" line 754) > > mds-9148-1.____.local: missed cmd(s): show module fex,show fex,show > running-config > > mds-9148-1.____.local: missed cmd(s): show module fex,show fex,show > running-config > > mds-9148-1.____.local: End of run not found > > mds-9148-1.____.local: End of run not found > > mds-9148-1.____.local: clean: 0, end: 0 > > !PROC_LOGS: ^ > > [rancid at vm bin]$ > > > > > > > > *Wayne Eisenberg * > > > > ------------------------------ > > The information in this Internet e-mail (and any attachments) is > confidential, may be legally privileged and is intended solely for the > Addressee(s) named above. If you are not the intended recipient, or the > employee or agent responsible for delivering it to the intended recipient, > then any dissemination or copying of this e-mail (and any attachments) is > prohibited and may be unlawful. If you received this e-mail in error, > please immediately notify us by e-mail or telephone, then delete the > message. Thank you. > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Dan -------------- next part -------------- An HTML attachment was scrubbed... URL: From Wiethoff at tfh-bochum.de Tue Aug 11 07:36:27 2015 From: Wiethoff at tfh-bochum.de (Wiethoff, Helge) Date: Tue, 11 Aug 2015 07:36:27 +0000 Subject: [rancid] script itself runs - rancid-run: Couldn't login In-Reply-To: References: <194290040642FB4D952083D79F7F7D1D40E59AA7@BOHEMSX2010.rbbk.de> Message-ID: <194290040642FB4D952083D79F7F7D1D40E6B6A9@BOHEMSX2010.rbbk.de> Hi, the problem was the unset env(TERM) variable. After I added the declaration of the variable in the rancid script (as with zrancid) it works. Thanks to heasley! cheers, helge ________________________________ Helge Wiethoff Medienzentrum Telefon: +49 (234) 968 8717 Fax: +49 (234) 968 3453 E-Mail: Wiethoff at tfh-bochum.de Technische Fachhochschule Georg Agricola f?r Rohstoff, Energie und Umwelt zu Bochum Staatlich anerkannte Fachhochschule der DMT-Gesellschaft f?r Lehre und Bildung mbH Herner Stra?e 45 44787 Bochum http://www.tfh-bochum.de ________________________________ Tr?ger: DMT-Gesellschaft f?r Lehre und Bildung mbH Sitz der Gesellschaft: Bochum Registergericht: Amtsgericht Bochum Handelsregister: B 4052 Gesch?ftsf?hrung: Prof. Dr. J?rgen Kretschmann (Vorsitzender) Manfred Freitag From heas at shrubbery.net Tue Aug 11 16:28:47 2015 From: heas at shrubbery.net (heasley) Date: Tue, 11 Aug 2015 16:28:47 +0000 Subject: [rancid] error in Cisco MDS config retrieval In-Reply-To: References: Message-ID: <20150811162847.GA9904@shrubbery.net> Mon, Aug 10, 2015 at 06:48:48PM -0400, Dan Anderson: > It has to do with how NX-OS handles features that aren't enabled (and/or > aren't available on that hardware platform). Please, if you have TAC account, open a PR for that bug. From Wayne.Eisenberg at CarolinasIT.com Tue Aug 11 19:09:31 2015 From: Wayne.Eisenberg at CarolinasIT.com (Wayne Eisenberg) Date: Tue, 11 Aug 2015 19:09:31 +0000 Subject: [rancid] error in Cisco MDS config retrieval In-Reply-To: References: Message-ID: That fixed it. You guys are great! Thanks again. Wayne From: Dan Anderson [mailto:dan.w.anderson at gmail.com] Sent: Monday, August 10, 2015 6:49 PM To: Wayne Eisenberg Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] error in Cisco MDS config retrieval It has to do with how NX-OS handles features that aren't enabled (and/or aren't available on that hardware platform). In 3.1, I went into the nxrancid script and changed the return value for invalid commands since I have some devices that can use some of the stock commands and some cannot and I didn't want to create a slew of new device types. diff -u nxrancid.orig nxrancid --- nxrancid.orig 2014-09-24 10:02:46.017969251 -0400 +++ nxrancid 2014-09-24 10:03:06.039305060 -0400 @@ -660,7 +660,7 @@ next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /Line has invalid autocommand /; return(1) if /(Invalid input detected|Type help or )/; - return(-1) if (/\% Invalid command at /); + return(1) if (/\% Invalid command at /); return(-1) if (/\% Permission denied/); return(-1) if (/command authorization failed/i); In 3.2, that has moved to the nxos module. I'm sure there's probably a better way to handle it, but I was feeling pretty lazy at the time and haven't had a chance to revisit it. On Mon, Aug 10, 2015 at 4:33 PM, Wayne Eisenberg > wrote: Hi all, I have some Cisco MDS 9148 switches running NX-OS 5.2(2) (m9100-s3ek9-kickstart-mz.5.2.2.bin) and rancid is v3.1. Unfortunately I am not getting good retrievals from them. Below is the results of nxrancid ?d. Can someone assist in understanding the problem and suggesting a solution? [rancid at vm bin]$ nxrancid -d mds-9148-1.____.local executing clogin -t 90 -c"term no monitor-force;show version;show version build-info all;show license;show license usage;show license host-id;show system redundancy status;show environment clock;show environment fan;show environment fex all fan;show environment temperature;show environment power;show boot;dir bootflash:;dir debug:;dir logflash:;dir slot0:;dir usb1:;dir usb2:;dir volatile:;show module;show module xbar;show inventory;show vtp status;show vlan;show debug;show cores vdc-all;show processes log vdc-all;show module fex;show fex;show running-config" mds-9148-1.____.local PROMPT MATCH: Cisco-9148-Top# HIT COMMAND:Cisco-9148-Top# term no monitor-force In RunCommand: Cisco-9148-Top# term no monitor-force HIT COMMAND:Cisco-9148-Top# show version In ShowVersion: Cisco-9148-Top# show version TYPE = NXOS HIT COMMAND:Cisco-9148-Top# show version build-info all In ShowVersionBuild: Cisco-9148-Top# show version build-info all HIT COMMAND:Cisco-9148-Top# show license In ShowLicense: Cisco-9148-Top# show license HIT COMMAND:Cisco-9148-Top# show license usage In ShowLicense: Cisco-9148-Top# show license usage HIT COMMAND:Cisco-9148-Top# show license host-id In ShowLicense: Cisco-9148-Top# show license host-id HIT COMMAND:Cisco-9148-Top# show system redundancy status In ShowRedundancy: Cisco-9148-Top# show system redundancy status HIT COMMAND:Cisco-9148-Top# show environment clock In ShowEnv: Cisco-9148-Top# show environment clock HIT COMMAND:Cisco-9148-Top# show environment fan In ShowEnv: Cisco-9148-Top# show environment fan HIT COMMAND:Cisco-9148-Top# show environment fex all fan In ShowEnv: Cisco-9148-Top# show environment fex all fan HIT COMMAND:Cisco-9148-Top# show environment temperature In ShowEnvTemp: Cisco-9148-Top# show environment temperature HIT COMMAND:Cisco-9148-Top# show environment power In ShowEnvPower: Cisco-9148-Top# show environment power HIT COMMAND:Cisco-9148-Top# show boot In ShowBoot: Cisco-9148-Top# show boot HIT COMMAND:Cisco-9148-Top# dir bootflash: In DirSlotN: Cisco-9148-Top# dir bootflash: HIT COMMAND:Cisco-9148-Top# dir debug: In DirSlotN: Cisco-9148-Top# dir debug: HIT COMMAND:Cisco-9148-Top# dir logflash: In DirSlotN: Cisco-9148-Top# dir logflash: HIT COMMAND:Cisco-9148-Top# dir slot0: In DirSlotN: Cisco-9148-Top# dir slot0: HIT COMMAND:Cisco-9148-Top# dir usb1: In DirSlotN: Cisco-9148-Top# dir usb1: HIT COMMAND:Cisco-9148-Top# dir usb2: In DirSlotN: Cisco-9148-Top# dir usb2: HIT COMMAND:Cisco-9148-Top# dir volatile: In DirSlotN: Cisco-9148-Top# dir volatile: HIT COMMAND:Cisco-9148-Top# show module In ShowModule: Cisco-9148-Top# show module HIT COMMAND:Cisco-9148-Top# show module xbar In ShowModule: Cisco-9148-Top# show module xbar HIT COMMAND:Cisco-9148-Top# show inventory In ShowInventory: Cisco-9148-Top# show inventory HIT COMMAND:Cisco-9148-Top# show vtp status In ShowVTP: Cisco-9148-Top# show vtp status HIT COMMAND:Cisco-9148-Top# show vlan In ShowVLAN: Cisco-9148-Top# show vlan HIT COMMAND:Cisco-9148-Top# show debug In ShowDebug: Cisco-9148-Top# show debug HIT COMMAND:Cisco-9148-Top# show cores vdc-all In ShowCores: Cisco-9148-Top# show cores vdc-all HIT COMMAND:Cisco-9148-Top# show processes log vdc-all In ShowProcLog: Cisco-9148-Top# show processes log vdc-all mds-9148-1.____.local: show processes log vdc-all failed: -1 write(spawn_id=1): broken pipe while executing "send_user -- "$expect_out(buffer)"" invoked from within "expect -nobrace -re+ { exp_continue } -re {^[^ *]*Cisco-9148-([^#>\r\n]+)?[#>](\([^)\r\n]+\))?} { send_user -- "$expect_out(buffer)" } -re {..." invoked from within "expect { -re "\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprom..." (procedure "run_commands" line 30) invoked from within "run_commands $prompt $command" ("foreach" body line 196) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/local/rancid3/bin/clogin" line 754) mds-9148-1.____.local: missed cmd(s): show module fex,show fex,show running-config mds-9148-1.____.local: missed cmd(s): show module fex,show fex,show running-config mds-9148-1.____.local: End of run not found mds-9148-1.____.local: End of run not found mds-9148-1.____.local: clean: 0, end: 0 !PROC_LOGS: ^ [rancid at vm bin]$ Wayne Eisenberg ________________________________ The information in this Internet e-mail (and any attachments) is confidential, may be legally privileged and is intended solely for the Addressee(s) named above. If you are not the intended recipient, or the employee or agent responsible for delivering it to the intended recipient, then any dissemination or copying of this e-mail (and any attachments) is prohibited and may be unlawful. If you received this e-mail in error, please immediately notify us by e-mail or telephone, then delete the message. Thank you. _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -- Dan -------------- next part -------------- An HTML attachment was scrubbed... URL: From pradeepanan at gmail.com Tue Aug 11 18:52:09 2015 From: pradeepanan at gmail.com (pradeep s) Date: Tue, 11 Aug 2015 15:52:09 -0300 Subject: [rancid] Rancid for Ciena Message-ID: Hi, I would like to know how to configure rancid to get configuration information of ciena. I have done it in cisco but that?s not supporting ciena. It would be great if you I get any help. Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Wed Aug 12 16:18:27 2015 From: heas at shrubbery.net (heasley) Date: Wed, 12 Aug 2015 09:18:27 -0700 Subject: [rancid] IOS interfaces (show controllers) reappear after rancid upgrade In-Reply-To: <55C2091E.10405@gmail.com> References: <55C1FC75.1070105@gmail.com> <55C2091E.10405@gmail.com> Message-ID: <20150812161827.GH17537@shrubbery.net> Wed, Aug 05, 2015 at 03:01:18PM +0200, Alan McKinnon: > On 05/08/2015 14:45, Marki wrote: > > Alan McKinnon gmail.com> writes: > > > >> > >> What 2.3 version were you running? > >> > >> 2.3.8 should be doing the same as 3.2, here is the 2.3.8 code that does it: > > > > > > Hmm, it was 2.3.6 I believe. Doesn't matter, ok, so it's there now/again, > > and we have to deal with it. > > > > Can we add something to get rid of the PRI interfaces (up/down on-demand)? > > > > I have included this now in our rancid: > > > > # Remove dynamic PRI interfaces > > if (/^Hardware is HDLC32/) { > > if ($INT =~ /Serial[\d\/]+\d:(\d+), /) { > > $1!=15 && next; > > } > > } > > > > right before the part above. Seems to work for me. > > Feel free to use/include the snippet. > > > That will work :-) > > Foe heasley to add this to upstream, you might want to reply and expound > a little on how IOS lists these dynamic PRIs, with some output snippets. More output context would help; esp. if there is something in the o/p of that show command that will indicate that it is a dynamic interface. > This is so it will work best for the general case. > > > -- > Alan McKinnon > alan.mckinnon at gmail.com > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Wed Aug 12 18:46:25 2015 From: heas at shrubbery.net (heasley) Date: Wed, 12 Aug 2015 18:46:25 +0000 Subject: [rancid] How to extend Rancid. Basics. In-Reply-To: <55BC95F7.60506@roth.lu> References: <55BC95F7.60506@roth.lu> Message-ID: <20150812184625.GA59928@shrubbery.net> Sat, Aug 01, 2015 at 11:48:39AM +0200, jm+rancid at roth.lu: > The question thus is: what is the absolute minimum required feature set > of the actual script to interact with the main rancid application i.e. > feed it the content so it is stored in SVN? These don't seem to have been answered. Your script must retrieve and filter the output it wishes to collect and deposit it in a file named .new. control_rancid does the svn parts. > I also see that there seem to be several approchaches. There are > different xxrancid scripts in the bin directory. On the other hand, some > devices seem to call rancid directly with the -t parameter, which seems > to use libs from the lib directory, which looks like a more modular > approach. What's the difference, and what is the official/recommended > approach? rancid with the -t is a wrapper for the devices handled by libraries. But, the script definition in rancid.types.* can be any program (with args) that achieves the aforementioned output via the arguments that control_rancid/rancid-fe pass. This allows the old method of rancid, see examples in rancid.types.base, and the new way, plus user-defined methods. It also means that not every script need be transitioned to the library method before this could be released. that was the goal - along with more modularity and the ability for users to changes commands and/or filtering without altering the rancid code - which is thus easier to upgrade and easier for me and the mail list participants to support users. Admittedly, more can be done to improve flexibility and modularity. From pradeepanan at gmail.com Wed Aug 12 17:45:16 2015 From: pradeepanan at gmail.com (pradeep s) Date: Wed, 12 Aug 2015 14:45:16 -0300 Subject: [rancid] Add Ciena to Rancid Message-ID: I would like to add ciena switch in rancid. I got stuck with no help. It will be great if i get guidance to do that. Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Wed Aug 12 19:25:50 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 12 Aug 2015 21:25:50 +0200 Subject: [rancid] Add Ciena to Rancid In-Reply-To: References: Message-ID: <55CB9DBE.1000509@gmail.com> On 12/08/2015 19:45, pradeep s wrote: > I would like to add ciena switch in rancid. I got stuck with no help. It > will be great if i get guidance to do that. > Thanks This is your second post and I assume you googled first looking for pre-written scripts that support those devices? Seems like you found nothing so you will probably have to write the code yourself. Study all threads in this ML for about the past month, there is lots of info posted recently about how rancid hangs together. Good luck. -- Alan McKinnon alan.mckinnon at gmail.com From heas at shrubbery.net Wed Aug 12 19:32:30 2015 From: heas at shrubbery.net (heasley) Date: Wed, 12 Aug 2015 12:32:30 -0700 Subject: [rancid] Add Ciena to Rancid In-Reply-To: <55CB9DBE.1000509@gmail.com> References: <55CB9DBE.1000509@gmail.com> Message-ID: <20150812193230.GA61918@shrubbery.net> Wed, Aug 12, 2015 at 09:25:50PM +0200, Alan McKinnon: > On 12/08/2015 19:45, pradeep s wrote: > > I would like to add ciena switch in rancid. I got stuck with no help. It > > will be great if i get guidance to do that. > > Thanks > > > This is your second post and I assume you googled first looking for > pre-written scripts that support those devices? > > Seems like you found nothing so you will probably have to write the code > yourself. Study all threads in this ML for about the past month, there > is lots of info posted recently about how rancid hangs together. I've taken that ML discussion to start a new section in the FAQ for extending rancid. S4 of http://www.shrubbery.net/rancid/FAQ From pradeepanan at gmail.com Thu Aug 13 14:55:25 2015 From: pradeepanan at gmail.com (pradeep s) Date: Thu, 13 Aug 2015 11:55:25 -0300 Subject: [rancid] Rancid shows empty file Message-ID: I have added Cisco switch in rancid. I can see its pulling the configuration . No error in that but when i see the web interface of it, it shows empty. Where am i missing? [image: Inline image 1] When i click "text" i can see only empty file -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image.png Type: image/png Size: 12282 bytes Desc: not available URL: From jan.krueger at qsc.de Thu Aug 13 15:15:19 2015 From: jan.krueger at qsc.de (=?utf-8?B?S3LDvGdlciwgSmFu?=) Date: Thu, 13 Aug 2015 15:15:19 +0000 Subject: [rancid] Add Ciena to Rancid In-Reply-To: References: Message-ID: you will find attached the script from my old rancid. I didn?t use them for a year, but I think they should work for you? regards jan From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of pradeep s Sent: Wednesday, August 12, 2015 7:45 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Add Ciena to Rancid I would like to add ciena switch in rancid. I got stuck with no help. It will be great if i get guidance to do that. Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: cnlogin Type: application/octet-stream Size: 22403 bytes Desc: cnlogin URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: cnrancid Type: application/octet-stream Size: 18713 bytes Desc: cnrancid URL: From alan.mckinnon at gmail.com Thu Aug 13 15:31:22 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 13 Aug 2015 17:31:22 +0200 Subject: [rancid] Rancid shows empty file In-Reply-To: References: Message-ID: <55CCB84A.9010301@gmail.com> On 13/08/2015 16:55, pradeep s wrote: > I have added Cisco switch in rancid. I can see its pulling the > configuration . No error in that but when i see the web interface of it, > it shows empty. Where am i missing? > > > Inline image 1 > When i click "text" i can see only empty file Search these mail archives for the last 6 weeks. This is an extremely common problem (as in, daily) and has no single cause or solution. It really is a case of "something went wrong" and the code has no idea what. I myself have answered this very query about once a week for a month, so there should be lots of hits to your searches. First establish that you really can log in, and that you did follow the install and setup instructions exactly. -- Alan McKinnon alan.mckinnon at gmail.com From marktees at gmail.com Sat Aug 15 00:29:14 2015 From: marktees at gmail.com (Mark Tees) Date: Sat, 15 Aug 2015 00:29:14 +0000 (UTC) Subject: [rancid] rancid use scenarios References: <447C9BFC.8040509@siliconhotrod.com> <20060531062608.GA30763@mx.ytti.net> Message-ID: Saku Ytti ytti.fi> writes: > > On (2006-05-30 12:24 -0700), Chris Moody wrote: > > > What are some of the largest deployments of rancid (also anyone willing > > to give contact info to vouch for their numbers?)? Anyone have > > experience in enterprise scale usage? Any caveats? Any tips? > > % LC_ALL=C;find -name "router.db"|xargs wc -l|tail -n 1 > 6163 total > > Works for us, 1700 of these are collected every 4h, rest once a week. > Several hardware vendors (~7 vendors), including support for telco systems > (binos) and corecess that we've added in-house (happy to provide if needed). > Hi Saku, Any chance I can get the Corecess parsing module you guys wrote? Im trying to get a Corecess OLT to save write mem output and failing miserably. Thanks, Mark From dandenoth at gmail.com Fri Aug 14 19:34:01 2015 From: dandenoth at gmail.com (Derek) Date: Fri, 14 Aug 2015 14:34:01 -0500 Subject: [rancid] Rancid stopped working after going from Ubuntu 12.04 to 14.04 Message-ID: Hello all, I recently updated from Ubuntu 12.04 to 14.04 on my server running Rancid. I noticed first that the e-mails had stopped coming, and then looking into it further, I see there are no changes being recorded either. My log files show a lot of these messages: svn: E155036: Please see the 'svn upgrade' command svn: E155036: The working copy at '/var/lib/rancid/network/configs' is too old (format 10) to work with client version '1.8.8 (r1568071)' (expects format 31). You need to upgrade the working copy first. Do I need to downgrade the version of SVN I'm running, or perhaps regenerate initial configurations or something? -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Sat Aug 15 04:46:31 2015 From: heas at shrubbery.net (heasley) Date: Sat, 15 Aug 2015 04:46:31 +0000 Subject: [rancid] Rancid stopped working after going from Ubuntu 12.04 to 14.04 In-Reply-To: References: Message-ID: <20150815044631.GB91756@shrubbery.net> Fri, Aug 14, 2015 at 02:34:01PM -0500, Derek: > Hello all, > > I recently updated from Ubuntu 12.04 to 14.04 on my server running Rancid. > I noticed first that the e-mails had stopped coming, and then looking into > it further, I see there are no changes being recorded either. My log files > show a lot of these messages: > > svn: E155036: Please see the 'svn upgrade' command > svn: E155036: The working copy at '/var/lib/rancid/network/configs' > is too old (format 10) to work with client version '1.8.8 (r1568071)' > (expects format 31). You need to upgrade the working copy first. > > Do I need to downgrade the version of SVN I'm running, or perhaps > regenerate initial configurations or something? the svn db format changes from time to time. do as the msg suggests. su - rancid cd network svn upgrade exit From denyipanyany at gmail.com Tue Aug 18 13:27:20 2015 From: denyipanyany at gmail.com (Deny IP Any Any) Date: Tue, 18 Aug 2015 09:27:20 -0400 Subject: [rancid] unable to download old rancid versions Message-ID: I am unable to download any file from ftp://ftp.shrubbery.net/pub/rancid/.old/ I can browse the .old directory but can't start a download of anything in it; picking files from other directories (such as /pub/rancid/) works. $ wget ftp://ftp.shrubbery.net/pub/rancid/.old/rancid-2.3.3.tar.gz --2015-08-18 09:22:29-- ftp://ftp.shrubbery.net/pub/rancid/.old/rancid-2.3.3.tar.gz => `rancid-2.3.3.tar.gz' Resolving ftp.shrubbery.net (ftp.shrubbery.net)... 129.250.47.99 Connecting to ftp.shrubbery.net (ftp.shrubbery.net)|129.250.47.99|:21... connected. Logging in as anonymous ... Logged in! ==> SYST ... done. ==> PWD ... done. ==> TYPE I ... done. ==> CWD (1) /pub/rancid/.old ... done. ==> SIZE rancid-2.3.3.tar.gz ... 356679 ==> PASV ... done. ==> RETR rancid-2.3.3.tar.gz ... No such file `rancid-2.3.3.tar.gz'. This is also failing from Chrome in Windows. -- deny ip any any (4393649193 matches) -------------- next part -------------- An HTML attachment was scrubbed... URL: From bbridges at o1.com Wed Aug 19 00:53:01 2015 From: bbridges at o1.com (Brooks Bridges) Date: Wed, 19 Aug 2015 00:53:01 +0000 Subject: [rancid] unable to download old rancid versions In-Reply-To: References: Message-ID: <1ebe64d7-1894-45fb-917b-c0478f639d8c@o1.com> If you search the list, this is an issue that has existed for a very long time. It appears that no one cares. Sorry to be the bearer of bad news. Sent from Nine From: Deny IP Any Any Sent: Aug 18, 2015 5:50 PM To: rancid-discuss Subject: [rancid] unable to download old rancid versions I am unable to download any file from ftp://ftp.shrubbery.net/pub/rancid/.old/ I can browse the .old directory but can't start a download of anything in it; picking files from other directories (such as /pub/rancid/) works. $ wget ftp://ftp.shrubbery.net/pub/rancid/.old/rancid-2.3.3.tar.gz --2015-08-18 09:22:29-- ftp://ftp.shrubbery.net/pub/rancid/.old/rancid-2.3.3.tar.gz => `rancid-2.3.3.tar.gz' Resolving ftp.shrubbery.net (ftp.shrubbery.net)... 129.250.47.99 Connecting to ftp.shrubbery.net (ftp.shrubbery.net)|129.250.47.99|:21... connected. Logging in as anonymous ... Logged in! ==> SYST ... done. ==> PWD ... done. ==> TYPE I ... done. ==> CWD (1) /pub/rancid/.old ... done. ==> SIZE rancid-2.3.3.tar.gz ... 356679 ==> PASV ... done. ==> RETR rancid-2.3.3.tar.gz ... No such file `rancid-2.3.3.tar.gz'. This is also failing from Chrome in Windows. -- deny ip any any (4393649193 matches) From heas at shrubbery.net Wed Aug 19 01:40:40 2015 From: heas at shrubbery.net (Heasley) Date: Tue, 18 Aug 2015 18:40:40 -0700 Subject: [rancid] unable to download old rancid versions In-Reply-To: <1ebe64d7-1894-45fb-917b-c0478f639d8c@o1.com> References: <1ebe64d7-1894-45fb-917b-c0478f639d8c@o1.com> Message-ID: <7F5BEEB0-AE99-4434-BDCF-95553075FF86@shrubbery.net> > Am 18.08.2015 um 17:53 schrieb Brooks Bridges : > > If you search the list, this is an issue that has existed for a very long time. It appears that no one cares. Sorry to be the bearer of bad news. > Its not a problem, it is purposeful. > Sent from Nine > > From: Deny IP Any Any > Sent: Aug 18, 2015 5:50 PM > To: rancid-discuss > Subject: [rancid] unable to download old rancid versions > > I am unable to download any file from > > ftp://ftp.shrubbery.net/pub/rancid/.old/ > > I can browse the .old directory but can't start a download of anything in it; picking files from other directories (such as /pub/rancid/) works. > > $ wget ftp://ftp.shrubbery.net/pub/rancid/.old/rancid-2.3.3.tar.gz > --2015-08-18 09:22:29-- ftp://ftp.shrubbery.net/pub/rancid/.old/rancid-2.3.3.tar.gz > => `rancid-2.3.3.tar.gz' > Resolving ftp.shrubbery.net (ftp.shrubbery.net)... 129.250.47.99 > Connecting to ftp.shrubbery.net (ftp.shrubbery.net)|129.250.47.99|:21... connected. > Logging in as anonymous ... Logged in! > ==> SYST ... done. ==> PWD ... done. > ==> TYPE I ... done. ==> CWD (1) /pub/rancid/.old ... done. > ==> SIZE rancid-2.3.3.tar.gz ... 356679 > ==> PASV ... done. ==> RETR rancid-2.3.3.tar.gz ... > No such file `rancid-2.3.3.tar.gz'. > > > This is also failing from Chrome in Windows. > > > > -- > deny ip any any (4393649193 matches) > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From pedrosi at millercanfield.com Wed Aug 19 19:15:04 2015 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Wed, 19 Aug 2015 19:15:04 +0000 Subject: [rancid] Saving unsanitized configs Message-ID: Is there a way to have rancid NOT sanitize the configs that it saves? Our repositories already have security applied to them. thanks, derek -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Wed Aug 19 19:32:11 2015 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 19 Aug 2015 21:32:11 +0200 Subject: [rancid] Saving unsanitized configs In-Reply-To: References: Message-ID: <55D4D9BB.7000901@gmail.com> On 19/08/2015 21:15, Pedrosi, Derek G. wrote: > Is there a way to have rancid NOT sanitize the configs that it saves? > > Our repositories already have security applied to them. Can you elaborate on what "not sanitize" means? If you just want to not redact passwords and other secrets, there's a well documented variable in the conf file controlling whether it is done or not -- Alan McKinnon alan.mckinnon at gmail.com From rwest at zyedge.com Wed Aug 19 19:33:57 2015 From: rwest at zyedge.com (Ryan West) Date: Wed, 19 Aug 2015 19:33:57 +0000 Subject: [rancid] Saving unsanitized configs In-Reply-To: References: Message-ID: On Wed, Aug 19, 2015 at 15:15:04, Pedrosi, Derek G. wrote: > Subject: [rancid] Saving unsanitized configs > > Is there a way to have rancid NOT sanitize the configs that it saves? > > Our repositories already have security applied to them. # FILTER_PWDS determines which passwords are filtered from configs by the # value set (NO | YES | ALL). see rancid.conf(5). FILTER_PWDS=NO; export FILTER_PWDS -ryan From pedrosi at millercanfield.com Wed Aug 19 19:46:22 2015 From: pedrosi at millercanfield.com (Pedrosi, Derek G.) Date: Wed, 19 Aug 2015 19:46:22 +0000 Subject: [rancid] Saving unsanitized configs In-Reply-To: References: Message-ID: Thank you Ryan, I found a good explination here... http://manpages.ubuntu.com/manpages/hardy/man5/rancid.conf.5.html This link, not so much... http://www.shrubbery.net/rancid/man/rancid.conf.5.html Thank you for the assitance. derek -----Original Message----- From: Ryan West [mailto:rwest at zyedge.com] Sent: Wednesday, August 19, 2015 3:34 PM To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net Subject: RE: Saving unsanitized configs On Wed, Aug 19, 2015 at 15:15:04, Pedrosi, Derek G. wrote: > Subject: [rancid] Saving unsanitized configs > > Is there a way to have rancid NOT sanitize the configs that it saves? > > Our repositories already have security applied to them. # FILTER_PWDS determines which passwords are filtered from configs by the # value set (NO | YES | ALL). see rancid.conf(5). FILTER_PWDS=NO; export FILTER_PWDS -ryan From heas at shrubbery.net Wed Aug 19 21:46:12 2015 From: heas at shrubbery.net (heasley) Date: Wed, 19 Aug 2015 14:46:12 -0700 Subject: [rancid] Saving unsanitized configs In-Reply-To: References: Message-ID: <20150819214612.GB91123@shrubbery.net> Wed, Aug 19, 2015 at 07:46:22PM +0000, Pedrosi, Derek G.: > Thank you Ryan, I found a good explination here... > http://manpages.ubuntu.com/manpages/hardy/man5/rancid.conf.5.html > > This link, not so much... > http://www.shrubbery.net/rancid/man/rancid.conf.5.html > man2html was mangling it. groff appears to produce the correct output, though uglier. ps. the manpages are installed with rancid. ie: man rancid.conf > > Thank you for the assitance. > derek > > > > > -----Original Message----- > From: Ryan West [mailto:rwest at zyedge.com] > Sent: Wednesday, August 19, 2015 3:34 PM > To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net > Subject: RE: Saving unsanitized configs > > On Wed, Aug 19, 2015 at 15:15:04, Pedrosi, Derek G. wrote: > > Subject: [rancid] Saving unsanitized configs > > > > Is there a way to have rancid NOT sanitize the configs that it saves? > > > > Our repositories already have security applied to them. > > # FILTER_PWDS determines which passwords are filtered from configs by the # value set (NO | YES | ALL). see rancid.conf(5). > FILTER_PWDS=NO; export FILTER_PWDS > > -ryan > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From jan.krueger at qsc.de Mon Aug 24 13:55:20 2015 From: jan.krueger at qsc.de (=?utf-8?B?S3LDvGdlciwgSmFu?=) Date: Mon, 24 Aug 2015 13:55:20 +0000 Subject: [rancid] Add Ciena to Rancid In-Reply-To: References: Message-ID: please look at the pastebin ? you?ll find the scripts there: http://pastebin.com/JLvGqMx1 - cnrancid http://pastebin.com/Mb556V5f - cnlogin From: pradeep s [mailto:pradeepanan at gmail.com] Sent: Monday, August 24, 2015 3:47 PM To: Kr?ger, Jan Subject: Re: [rancid] Add Ciena to Rancid Hi , You have mentioned i can use mrvrancid and mrvlogin for ciena.what prompt i need to change? I am really stuck in this for weeks. Can you please help me out On Thu, Aug 13, 2015 at 1:07 PM, pradeep s > wrote: Thanks for helping me out. Unfortunately the file you have sent cannot be accessed or opened. You have any other file format? Orelse can i send my file if you need to look at it On Thu, Aug 13, 2015 at 12:15 PM, Kr?ger, Jan > wrote: you will find attached the script from my old rancid. I didn?t use them for a year, but I think they should work for you? regards jan From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of pradeep s Sent: Wednesday, August 12, 2015 7:45 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Add Ciena to Rancid I would like to add ciena switch in rancid. I got stuck with no help. It will be great if i get guidance to do that. Thanks _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From jan.krueger at qsc.de Mon Aug 24 14:19:54 2015 From: jan.krueger at qsc.de (=?utf-8?B?S3LDvGdlciwgSmFu?=) Date: Mon, 24 Aug 2015 14:19:54 +0000 Subject: [rancid] Add Ciena to Rancid In-Reply-To: References: Message-ID: that?s no Error! Look at line 463, how ever, I don?t use these scripts for over 1 year ;-) comment this line with a ?#? out and test again? regards From: pradeep s [mailto:pradeepanan at gmail.com] Sent: Monday, August 24, 2015 4:17 PM To: Kr?ger, Jan Subject: Re: [rancid] Add Ciena to Rancid I think you sent this file before. When I run it am getting below error. #perl cnrancid switch02.edsoabfw02.bxi.lan In WriteTerm: CN 3920> configuration show 383<<<<---- Line Count!! On Mon, Aug 24, 2015 at 10:55 AM, Kr?ger, Jan > wrote: please look at the pastebin ? you?ll find the scripts there: http://pastebin.com/JLvGqMx1 - cnrancid http://pastebin.com/Mb556V5f - cnlogin From: pradeep s [mailto:pradeepanan at gmail.com] Sent: Monday, August 24, 2015 3:47 PM To: Kr?ger, Jan Subject: Re: [rancid] Add Ciena to Rancid Hi , You have mentioned i can use mrvrancid and mrvlogin for ciena.what prompt i need to change? I am really stuck in this for weeks. Can you please help me out On Thu, Aug 13, 2015 at 1:07 PM, pradeep s > wrote: Thanks for helping me out. Unfortunately the file you have sent cannot be accessed or opened. You have any other file format? Orelse can i send my file if you need to look at it On Thu, Aug 13, 2015 at 12:15 PM, Kr?ger, Jan > wrote: you will find attached the script from my old rancid. I didn?t use them for a year, but I think they should work for you? regards jan From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of pradeep s Sent: Wednesday, August 12, 2015 7:45 PM To: rancid-discuss at shrubbery.net Subject: [rancid] Add Ciena to Rancid I would like to add ciena switch in rancid. I got stuck with no help. It will be great if i get guidance to do that. Thanks _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From A.Hongens at netmatch.nl Tue Aug 25 17:20:39 2015 From: A.Hongens at netmatch.nl (=?iso-8859-1?Q?Angelo_H=F6ngens?=) Date: Tue, 25 Aug 2015 17:20:39 +0000 Subject: [rancid] Error: invalid command name "aadd" Message-ID: <6A7ABA19243F1E4EADD8BB1563CDDCCB8A64E16A@TIL-EXCH-05.netmatch.local> Hey, I've been running rancid for quite some years now, makes me happy! I now want to replace my old centos6 vm with a new centos7 one, and at the same start using our central git server (company gitlab server). (The new vm is also managed by puppet, so I'll write my own puppet module). I installed rancid from the epel7 repo, now running rancid-3.2-2.el7.x86_64. I see the following error when I run clogin: [rancid at nmo-ran-02 rancid]$ /usr/libexec/rancid/clogin foo Error: invalid command name "aadd" Any idea why that could be? Am I missing some dependency? (yum whatprovides shows no aadd executables). -- With kind regards, Angelo H?ngens Systems Administrator ------------------------------------------ NetMatch travel technology solutions Professor Donderstraat 46 5017 HL Tilburg T: +31 (0)13 5811088 F: +31 (0)13 5821239 mailto:A.Hongens at netmatch.nl http://www.netmatch.nl ------------------------------------------ Disclaimer Deze e-mail is vertrouwelijk en uitsluitend bedoeld voor geadresseerde(n) en de organisatie van geadresseerde(n) en mag niet openbaar worden gemaakt aan derde partijen This e-mail is confidential and may not be disclosed to third parties since this e-mail is only intended for the addressee and the organization the addressee represents. From Brad.Shifflett at micromenders.com Tue Aug 25 21:58:27 2015 From: Brad.Shifflett at micromenders.com (Brad Shifflett) Date: Tue, 25 Aug 2015 21:58:27 +0000 Subject: [rancid] Eliminating fan speed and external temp from diffs Message-ID: I am trying to take out some info in the configurations: ! Configured Country............................... US - United States ! Operating Environment............................ Commercial (0 to 40 C) ! Internal Temp Alarm Limits....................... 0 to 65 C ! External Temperature............................. +34 C - ! Fan Status....................................... 4500 rpm + ! Fan Status....................................... 4600 rpm ! State of 802.11b Network......................... Enabled ! State of 802.11a Network......................... Enabled ! Number of WLANs.................................. 3 ! System Stats Normal Interval..................... 180 ! Configured Country............................... US - United States ! Operating Environment............................ Commercial (0 to 40 C) ! Internal Temp Alarm Limits....................... 0 to 65 C - ! External Temperature............................. +34 C + ! External Temperature............................. +35 C ! Fan Status....................................... 3200 rpm ! State of 802.11b Network......................... Enabled ! State of 802.11a Network......................... Enabled ! Number of WLANs.................................. 2 @@ -206,9 +206,8 @@ I am running version 3.2 of rancid. Which files do I have to modify to take this out? This is on cisco wireless lan controllers and access-points mostly. I already took care of another entry for the Flash changes, that was easier to locate. Brad Shifflett --------------------------------------------------------------------------------------- This email has been scanned for email related threats and delivered safely by Mimecast. For more information please visit http://www.mimecast.com --------------------------------------------------------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: From jwbensley at gmail.com Wed Aug 26 08:10:15 2015 From: jwbensley at gmail.com (James Bensley) Date: Wed, 26 Aug 2015 09:10:15 +0100 Subject: [rancid] Eliminating fan speed and external temp from diffs In-Reply-To: References: Message-ID: Hi Brad, I wrote a small script and diff to apply the script to the RANCID process for this exact reason (more of less), the simple install process is written down here: http://null.53bits.co.uk/index.php?page=rancid-filter Just apply the diff to call the external script I wrote, I will basically drop any device sections from your RANCID update emails where you have an equal number of "-" and "+" lines like you example, See the two examples emails on that page from before and after the script is applied, router2 and router3 have config changes but router one only has the following changes which I don't want to know about (is not a configuration change); - !Flash: nvram: 178 -rw- 10463 startup-config + !Flash: nvram: 178 -rw- 10431 startup-config !Flash: nvram: 179 ---- 1930 private-config - !Flash: nvram: 180 -rw- 10463 underlying-config + !Flash: nvram: 180 -rw- 10431 underlying-config !Flash: nvram: 1 -rw- 0 ifIndex-table !Flash: nvram: 2 -rw- 2945 cwmp_inventory !Flash: nvram: 5 ---- 64 persistent-data - !Flash: nvram: 196600 bytes total (179035 bytes free) + !Flash: nvram: 196600 bytes total (179067 bytes free) Just to clarify, the script only prevents that unwanted "junk" info from being emailed to you, it will still go into your RANCID CVS so the information is still recorded, it just means if nothing has changed you won't get an email. Cheers, James. From jan.krueger at qsc.de Thu Aug 27 03:59:28 2015 From: jan.krueger at qsc.de (=?utf-8?B?S3LDvGdlciwgSmFu?=) Date: Thu, 27 Aug 2015 03:59:28 +0000 Subject: [rancid] Add Ciena to Rancid In-Reply-To: References: Message-ID: see http://www.barryodonovan.com/2011/02/05/useful-rancid-debugging-tips-2 Show what RANCID does with debugging output: > rancid -d rtr1.example.com regards From: pradeep s [mailto:pradeepanan at gmail.com] Sent: Wednesday, August 26, 2015 4:42 PM To: Kr?ger, Jan Subject: Re: [rancid] Add Ciena to Rancid Hi, Is there any debug log file i can see in rancid? -------------- next part -------------- An HTML attachment was scrubbed... URL: