[rancid] Reasoning behind not running a "show vlan" if specific VTP options are set?

heasley heas at shrubbery.net
Fri Jan 13 18:37:54 UTC 2017 

Fri, Jan 13, 2017 at 10:24:43AM -0500, Lee:
> On 1/13/17, Mischa Diehm <mischa.diehm at unibas.ch> wrote:
> > Hi
> >
> > I was wondering why we didn’t get any
> > !VLAN…
> > lines for our nexus 7700 rancid runs and found out that on the nexus a „show
> > vtp“ gives:
> >
> > XXX-cc# show vtp status
> > Service not enabled
> >
> > looking at the code I found that in /usr/share/perl5/rancid/nxos.pm:
> >
> > In sub ShowVTP
> >         # Nexus 5k and 1000v do note support vtp
> >         if (!/^VTP Operating Mode\s+:\s+(Transparent|Server)/) {
> >             $DO_SHOW_VLAN = 0;
> >         }
> > and later in sub ShowVLAN:
> >
> >     ($_ = <$INPUT>, return(1)) if (!$DO_SHOW_VLAN);
> >
> > Similar for ios.. I wonder why it would be bad to have the output of „show
> > vlan“ in the config even if we were running the VTP-Modes exclude like
> > „Server“. Okay the vlan configs might be inside the config (not always like
> > in the „Server“ case) but the „show vlan“ shows more information like which
> > interfaces are configured etc. So wouldn’t it be good to just remove this
> > restriction?

It causes nevery-ending changes in the config as ports become active/inactive,
eg: someone disconnects or powers-off equipment.  and in the case of VTP, it
potentially is network wide.  if you wanted to monitor such things, its
probably best done in a NMS, where you'd catch all such changes.

rancid 3.5 added for some modules:

# FILTER_OSC determines if oscillating data such as keys, passwords, etc are
# filtered from configs by the value set (NO | YES).  FILTER_PWDS may override
# this.  see rancid.conf(5).
#FILTER_OSC=YES; export FILTER_OSC

such a thing could be dependent upon this configuration, but again I do not
see the point.

if you're not using VTP and its not including the vlan stuff, i do want to
fix that.

> Yes.  Which is yet another reason why it's so nice having the source -
> it's easy to make trivial changes like that.  Or adding commands like
> 'show vlan all-ports'
> 
> Regards,
> Lee
> 
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss

More information about the Rancid-discuss mailing list