From owner-rancid-discuss-outgoing@shrubbery.net Sun Jan 1 04:59:45 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 3B35511CE2E for ; Sun, 1 Jan 2006 04:59:44 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 78C7786543; Sun, 1 Jan 2006 04:59:38 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 6C43686545; Sun, 1 Jan 2006 04:59:38 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id EDA7D86544; Sun, 1 Jan 2006 04:59:37 +0000 (UTC) Received: from mail.gt.ca (mail.gt.ca [216.18.99.22]) by guelah.shrubbery.net (Postfix) with SMTP id DC56D86545 for ; Fri, 30 Dec 2005 13:32:50 +0000 (UTC) Received: from unknown(172.22.198.31) by mail.gt.ca via csmap id 8b3ea8fe_7939_11da_89cb_00304811dcb9_6011; Fri, 30 Dec 2005 05:38:21 -0800 (PST) Received: by svbcexgr01.gt.ca with Internet Mail Service (5.5.2653.19) id ; Fri, 30 Dec 2005 05:32:33 -0800 Message-ID: From: "Roderick B. Greening" To: 'Austin Schutz' , Andrew Partan Cc: rancid-discuss@shrubbery.net Subject: RE: Rancid crashing routers/remove commands Date: Fri, 30 Dec 2005 05:32:46 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk If it's a Cisco router (like a Cat 5500 RSM) it's possible that the router could be crashing upon multiple executions of "sh running" and "write term". There is a memory issue in certain IOS's that when examining the running memory config causes a memory leak. I have personally watched this happen via a SNMP poll to my RSM. The memory will leak over a few hours or sometimes days, and then start having problems. This is a bug with the Cisco IOS. I would expect that same with whatever hardware/software you are using. It's not really a RANCID problem as such. However, one possible work around would be to not have RANCID execute a "sh running" or "write term", and instead use "sh start" or "sh config". The only issue doing this is that you do not capture any changes if they haven't been written to memory (via "write memory" or "copy running start"). Of course, you could write a rule/patch to detect the RSM, and if it is issue a "write mem" first and then do a "sh config". This gets around the memory leak issue. Although, now this forces the change to be committed to memory, and perhaps it shouldn't, at the time RANCID is polling. Anyway, some food for thought. -----Original Message----- From: owner-rancid-discuss@shrubbery.net [mailto:owner-rancid-discuss@shrubbery.net] On Behalf Of Austin Schutz Sent: Friday, December 30, 2005 5:57 AM To: Andrew Partan Cc: Austin Schutz; rancid-discuss@shrubbery.net Subject: Re: Rancid crashing routers/remove commands On Thu, Dec 29, 2005 at 03:48:36PM -0500, Andrew Partan wrote: > On Thu, Dec 29, 2005 at 12:38:28PM -0800, Austin Schutz wrote: > > We've had problems here which the vendor "suspects" is due to > > rancid rapid firing off commands during polling. > > What vendor is feeding you that line of bull? > Well the bull is second hand from one of our engineers, so I'll skip the public flogging for now. It sounds pretty far fetched to me as well, but I'm not part of the team responsible for maintaining these albatrosses - excepting the rancid polling. It's far easier in my case to just add the kludge rather than try to prove the polling isn't causing side effects. Austin From owner-rancid-discuss-outgoing@shrubbery.net Wed Jan 4 12:47:44 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 995FF11CE33 for ; Wed, 4 Jan 2006 12:47:44 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id A2EB28653C; Wed, 4 Jan 2006 12:47:43 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 9B2FD86543; Wed, 4 Jan 2006 12:47:43 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from pipitsa.forthnet.gr (pipitsa.forthnet.gr [193.92.110.77]) by guelah.shrubbery.net (Postfix) with ESMTP id A314D8653C for ; Wed, 4 Jan 2006 12:47:41 +0000 (UTC) Received: from thetrm01.forthnet.gr ([193.92.110.7]) by pipitsa.forthnet.gr with esmtp (Exim 3.35 #1 (Debian)) id 1Eu83E-0001vG-00 for ; Wed, 04 Jan 2006 14:47:40 +0200 Message-ID: <43BBC3E6.7080209@irc.gr> Date: Wed, 04 Jan 2006 14:47:34 +0200 From: Sotiris Tsimbonis User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: rancid-discuss@shrubbery.net Subject: cisco hostname too long Content-Type: text/plain; charset=ISO-8859-7; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Hi everyone, Recently I faced a problem where rancid could not fetch the config of a new router in my network. The logfile reported the following: ------------------------------------------------------------------------ couldn't compile regular expression pattern: parentheses () not balanced while executing "expect -nobrace -re {pcsrouter$02\([^#>\r\n]+)?[#>](\([^)\r\n]+$)?} {} -re {[ ^M]+} { exp_continue }" invoked from within "expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } }" (procedure "run_commands" line 23) invoked from within "run_commands $prompt $command" ("foreach" body line 144) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # Figure out prompt. # Since autoena..." (file "/opt/rancid/bin/clogin" line 617)^M ! ------------------------------------------------------------------------ The problem was the hostname length, which was more than 14 characters long.. My solution was to change line 511 of clogin, and put a bigger number instead of 14 (say, 24) ...and the problem was solved :-) HTH, Sotiris. From owner-rancid-discuss-outgoing@shrubbery.net Wed Jan 4 13:02:13 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 3A78C11CE33 for ; Wed, 4 Jan 2006 13:02:12 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id B78B686543; Wed, 4 Jan 2006 13:02:11 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id AFBC486545; Wed, 4 Jan 2006 13:02:11 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from elektra.ultra.net (elektra.ultra.net [146.115.9.13]) by guelah.shrubbery.net (Postfix) with ESMTP id 9EF3986543 for ; Wed, 4 Jan 2006 13:02:10 +0000 (UTC) Received: (from jprovo@localhost) by elektra.ultra.net (8.12.10/ult.n26500) id k04D1wjc008981 for rancid-discuss@shrubbery.net; Wed, 4 Jan 2006 08:01:58 -0500 (EST) Date: Wed, 4 Jan 2006 08:01:58 -0500 From: Joe Provo To: rancid-discuss@shrubbery.net Subject: Re: cisco hostname too long Message-ID: <20060104080158.A10635@noc.ultra.net> Reply-To: joe.provo@rcn.com References: <43BBC3E6.7080209@irc.gr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <43BBC3E6.7080209@irc.gr>; from stsimb@irc.gr on Wed, Jan 04, 2006 at 02:47:34PM +0200 X-PGP-Key: http://www.gweep.net/~crimson/pgp.txt X-Disclaimer: "I'm the only one foolish enough to claim these opinions." Organization: Network Planning and Engineering, RCN Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On Wed, Jan 04, 2006 at 02:47:34PM +0200, Sotiris Tsimbonis wrote: > Hi everyone, > > Recently I faced a problem where rancid could not fetch the config of a > new router in my network. The logfile reported the following: [snip] While I'd probably never personally name something this long, seems prudent to have rancid follow venerable rfc1048 to have a leg to stand on WRT static lengths. -- Joe Provo Voice 617.670.2904 Senior Manager, Internet Planning & Design Fax 617.670.2920 Network Engineering, RCN From owner-rancid-discuss-outgoing@shrubbery.net Wed Jan 4 17:01:17 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 4E99D11CE33 for ; Wed, 4 Jan 2006 17:01:16 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id DE2EF8653C; Wed, 4 Jan 2006 17:01:15 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id D13EC86543; Wed, 4 Jan 2006 17:01:15 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id 1D2068653F; Wed, 4 Jan 2006 17:01:15 +0000 (UTC) Date: Wed, 4 Jan 2006 09:01:15 -0800 From: john heasley To: Sotiris Tsimbonis Cc: rancid-discuss@shrubbery.net Subject: Re: cisco hostname too long Message-ID: <20060104170115.GC19083@shrubbery.net> References: <43BBC3E6.7080209@irc.gr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <43BBC3E6.7080209@irc.gr> User-Agent: Mutt/1.4.2.1i X-PGPkey: http://www.shrubbery.net/~heas/public-key.asc X-note: live free, or die! X-homer: i just want to have a beer while i am caring. Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Wed, Jan 04, 2006 at 02:47:34PM +0200, Sotiris Tsimbonis: > Hi everyone, > > Recently I faced a problem where rancid could not fetch the config of a > new router in my network. The logfile reported the following: > > ------------------------------------------------------------------------ > couldn't compile regular expression pattern: parentheses () not balanced > while executing > "expect -nobrace -re {pcsrouter$02\([^#>\r\n]+)?[#>](\([^)\r\n]+$)?} > {} -re {[ > ^M]+} { exp_continue }" > invoked from within > "expect { > -re $reprompt {} > -re "\[\n\r]+" { exp_continue } > }" > (procedure "run_commands" line 23) > invoked from within > "run_commands $prompt $command" > ("foreach" body line 144) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > send_user "$router\n" > > # Figure out prompt. > # Since autoena..." > (file "/opt/rancid/bin/clogin" line 617)^M > ! > ------------------------------------------------------------------------ > > The problem was the hostname length, which was more than 14 characters > long.. > > My solution was to change line 511 of clogin, and put a bigger number > instead of 14 (say, 24) ...and the problem was solved :-) The regex does not exactly limit the length of the hostname, it grabs up to the first 14 characters, which IOS truncates the name to when entering config mode (see -x). w/o truncation, the regex would not match. my router's configured hostname is "somereallylonghostnamehere" and it works fine. Something else is wrong; if altering the size of the bound atom fixes it, it may be an expect or regex library problem. what is the full hostname? From owner-rancid-discuss-outgoing@shrubbery.net Wed Jan 4 17:22:06 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id C989D11CE33 for ; Wed, 4 Jan 2006 17:22:06 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id E132C86546; Wed, 4 Jan 2006 17:22:05 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id D3D4186547; Wed, 4 Jan 2006 17:22:05 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from pipitsa.forthnet.gr (pipitsa.forthnet.gr [193.92.110.77]) by guelah.shrubbery.net (Postfix) with ESMTP id BD9C686545 for ; Wed, 4 Jan 2006 17:22:04 +0000 (UTC) Received: from thetrm01.forthnet.gr ([193.92.110.7]) by pipitsa.forthnet.gr with esmtp (Exim 3.35 #1 (Debian)) id 1EuCKo-0004Wi-00 for ; Wed, 04 Jan 2006 19:22:02 +0200 Message-ID: <43BC0437.4050302@irc.gr> Date: Wed, 04 Jan 2006 19:21:59 +0200 From: Sotiris Tsimbonis User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: rancid-discuss@shrubbery.net Subject: Re: cisco hostname too long References: <43BBC3E6.7080209@irc.gr> <20060104170115.GC19083@shrubbery.net> In-Reply-To: <20060104170115.GC19083@shrubbery.net> Content-Type: text/plain; charset=ISO-8859-7; format=flowed Content-Transfer-Encoding: 8bit Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk john heasley said the following on 4/1/2006 7:01 לל: > The regex does not exactly limit the length of the hostname, it grabs up > to the first 14 characters, which IOS truncates the name to when entering > config mode (see -x). w/o truncation, the regex would not match. > > my router's configured hostname is "somereallylonghostnamehere" and it > works fine. Something else is wrong; if altering the size of the bound > atom fixes it, it may be an expect or regex library problem. what is > the full hostname? It's "pcsrouter(02)".. Sotiris. From owner-rancid-discuss-outgoing@shrubbery.net Wed Jan 4 19:00:19 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 01EC411CE33 for ; Wed, 4 Jan 2006 19:00:18 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 1183E8653F; Wed, 4 Jan 2006 19:00:18 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 053C186543; Wed, 4 Jan 2006 19:00:18 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from habitcafe.com (roman.off.org [198.145.4.117]) by guelah.shrubbery.net (Postfix) with ESMTP id CD1298653C for ; Wed, 4 Jan 2006 19:00:14 +0000 (UTC) Received: from off.org (peace.off.org [198.145.4.116]) by habitcafe.com (8.12.10/8.12.10/SuSE Linux 0.7) with ESMTP id k04J0C6h027466 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Wed, 4 Jan 2006 11:00:12 -0800 Received: from off.org (localhost [127.0.0.1]) by off.org (8.12.7/8.12.7/SuSE Linux 0.6) with ESMTP id k04J03V7024048; Wed, 4 Jan 2006 11:00:03 -0800 Received: (from tex@localhost) by off.org (8.12.7/8.12.7/Submit) id k04J038W024047; Wed, 4 Jan 2006 11:00:03 -0800 Date: Wed, 4 Jan 2006 11:00:03 -0800 From: Austin Schutz To: Sotiris Tsimbonis Cc: rancid-discuss@shrubbery.net Subject: Re: cisco hostname too long Message-ID: <20060104190003.GF2711@gblx.net> References: <43BBC3E6.7080209@irc.gr> <20060104170115.GC19083@shrubbery.net> <43BC0437.4050302@irc.gr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <43BC0437.4050302@irc.gr> User-Agent: Mutt/1.4i Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On Wed, Jan 04, 2006 at 07:21:59PM +0200, Sotiris Tsimbonis wrote: > john heasley said the following on 4/1/2006 7:01 ??: > > >The regex does not exactly limit the length of the hostname, it grabs up > >to the first 14 characters, which IOS truncates the name to when entering > >config mode (see -x). w/o truncation, the regex would not match. > > > >my router's configured hostname is "somereallylonghostnamehere" and it > >works fine. Something else is wrong; if altering the size of the bound > >atom fixes it, it may be an expect or regex library problem. what is > >the full hostname? > > > It's "pcsrouter(02)".. > If you would like software to be able to interact with your machine you might consider changing the name to something a little more standardized. Following rfc1034 (not 1048 :-) might be a good choice here. Essentially the idea is you want to avoid any characters that aren't alphanumeric, numbers, hyphens, or dots. Austin From owner-rancid-discuss-outgoing@shrubbery.net Mon Jan 9 14:31:58 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id E8DC811CE30 for ; Mon, 9 Jan 2006 14:31:57 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 9B2708653C; Mon, 9 Jan 2006 14:31:56 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 90DAC86543; Mon, 9 Jan 2006 14:31:56 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from nproxy.gmail.com (nproxy.gmail.com [64.233.182.197]) by guelah.shrubbery.net (Postfix) with ESMTP id 3B8668653C for ; Mon, 9 Jan 2006 14:31:54 +0000 (UTC) Received: by nproxy.gmail.com with SMTP id o25so1597401nfa for ; Mon, 09 Jan 2006 06:31:53 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=XvyZYIFyNgZEtuJBEB1n/2TC+1XTS2JhxXYcgXbaP40JevhjLBYBfKp+DLIW945yXClO60iRwAffpXPvx/+gdokuH11bj2Cb1OkzyTUd+pIUsvcsuWguGYu0mTXXJ1neOoGPEUwzy15ErH/xKNfWgY9LcLUD5mJv8E7l6MuqO1w= Received: by 10.48.245.12 with SMTP id s12mr910619nfh; Mon, 09 Jan 2006 06:31:53 -0800 (PST) Received: by 10.49.42.2 with HTTP; Mon, 9 Jan 2006 06:31:53 -0800 (PST) Message-ID: Date: Mon, 9 Jan 2006 14:31:53 +0000 From: Mark Cooper To: rancid-discuss@shrubbery.net Subject: jerancid failing on asterix's ? MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_1538_2006487.1136817113175" Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk ------=_Part_1538_2006487.1136817113175 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Think I'm having problems with asterix's being returned in the 'show environment all' command output ... lab-srv-001:/var/lib/rancid/bin# cat jerancid.debug executing clogin -t 90 -c"show version;show redundancy;show boot;show environment all;dir;show hardware;show configuration" lab-bas-002 PROMPT MATCH: lab-bas-002# HIT COMMAND:lab-bas-002#show version In ShowVersion: lab-bas-002#show version HIT COMMAND:lab-bas-002#show redundancy In ShowRedundancy: lab-bas-002#show redundancy HIT COMMAND:lab-bas-002#show boot In ShowBoot: lab-bas-002#show boot HIT COMMAND:lab-bas-002#show environment all In ShowEnv: lab-bas-002#show environment all write(spawn_id=3D1): broken pipe while executing "send_user -- "$expect_out(buffer)"" invoked from within "expect -nobrace -re+ { exp_continue } -re {^[^ *]*lab-bas-002([^#>\r\n]+)?[#>]($[^)\r\n]+$)?} { send_user -- "$expect_out(buffer)" } -re {..." invoked from within "expect { -re "\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprompt." { send..." invoked from within "if [ string match "*\;*" "$command" ] { set commands [split $command \;] set num_commands [llength $commands] # the pager can not be turned off on ..." (procedure "run_commands" line 34) invoked from within "run_commands $prompt $command" ("foreach" body line 144) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # Figure out prompt. # Since autoena..." (file "/var/lib/rancid/bin/clogin" line 616) lab-bas-002: missed cmd(s): show configuration,show hardware,dir lab-bas-002: missed cmd(s): show configuration,show hardware,dir lab-bas-002: End of run not found lab-bas-002: End of run not found ! *** srp redundancy: mode is high-availability, state disabled rancid@lab-srv-001:~$ clogin lab-bas-002 lab-bas-002 spawn telnet lab-bas-002 Trying 10.240.8.3... Connected to lab-bas-002-mgt-lo0. Escape character is '^]'. Telnet password: ********* sLogged in on vty 1 via telnet. Copyright (c) 1999-2005 Juniper Networks, Inc. All rights reserved. lab-bas-002>enable Password: ********* lab-bas-002# lab-bas-002#show environment all chassis: 14 slot (id 0x5, rev. 0xa) fabric: 40 Gbps (rev. 0) fans: fanSubsystemOk *** nvs: near capacity (87%), matches running config power: A ok, B ok *** srp redundancy: mode is high-availability, state disabled auto-sync enabled, switch-on-error enabled status unknown *** slots: cards missing or offline online: 0 1 2 3 4 6 9 10 11 12 standby: 8 offline: 7 empty: 5 13 line redundancy: 1 redundancy group(s) width 6, spare 8, primary 9 10 11 12 temperature: ok timing: primary primary: internal SC oscillator (ok) secondary: internal SC oscillator (ok) tertiary: internal SC oscillator (ok) auto-upgrade enabled *** system operational: no processor processor IOA IOA temperature temperature temperature temperature slot (10C - 70C) status (10C - 70C) status ---- ----------- ----------- ----------- ----------- 0 32 normal --- unknown 1 32 normal 23 normal 2 34 normal 24 normal 3 32 normal 22 normal 4 36 normal 23 normal 6 30 normal 25 normal 8 33 normal --- unknown 9 34 normal 22 normal 10 35 normal 22 normal 11 36 normal 23 normal 12 36 normal 23 normal processor temperature ranges below -5C is too cold above 80C is too hot low temperature warning below 10C high temperature warning above 70C IOA temperature ranges below -5C is too cold above 80C is too hot low temperature warning below 10C high temperature warning above 70C lab-bas-002# ------=_Part_1538_2006487.1136817113175 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline

Think I'm having problems with asterix's being returned in the 'show e= nvironment all' command output ...

lab-srv-001:/var/lib/rancid/bin# cat jerancid.debug
executing clog= in -t 90 -c"show version;show redundancy;show boot;show environment al= l;dir;show hardware;show configuration" lab-bas-002
PROMPT MATCH: l= ab-bas-002#
HIT COMMAND:lab-bas-002#show version
    In ShowVersi= on: lab-bas-002#show version
HIT COMMAND:lab-bas-002#show redundancy
=     In ShowRedundancy: lab-bas-002#show redundancy
HIT CO= MMAND:lab-bas-002#show boot
    In ShowBoot: lab-bas-002#show boot
HIT COMMAND:la= b-bas-002#show environment all
    In ShowEnv: lab-bas-00= 2#show environment all
write(spawn_id=3D1): broken pipe
  &= nbsp; while executing
"send_user -- "$expect_out(buffer)"= "
    invoked from within
"expect -nobrace -re+ { = exp_continue } -re {^[^
*]*lab-bas-002([^#>\r\n]+)?[#>]($[^= )\r\n]+$)?} { send_user -- "$expect_out(buffer)"
  =             &nb= sp;            =             &nb= sp;        } -re {..."
    invoked from within
"expect {
  = ;            &n= bsp; -re "\b+"        &nb= sp;            = { exp_continue }
        =         -re "^\[^\n\r *]*$reprompt&= quot;     { send_user -- "$expect_out(buffer)"= ;
            = ;            &n= bsp;            = ;           }
&n= bsp;            = ; -re "^\[^\n\r]*$reprompt."      = { send..."
    invoked from within
"if [ str= ing match "*\;*" "$command" ] {
        set commands [split $command= \;]
        set num_commands [llengt= h $commands]
        # the pager can = not be turned off on ..."
    (procedure "run_c= ommands" line 34)
    invoked from within
"run_commands $prompt $command"
    ("= foreach" body line 144)
    invoked from within
&= quot;foreach router [lrange $argv $i end] {
    set route= r [string tolower $router]
    send_user "$router\n&= quot;

    # Figure out prompt.
    # Since au= toena..."
    (file "/var/lib/rancid/bin/clogin= " line 616)
lab-bas-002: missed cmd(s): show configuration,show har= dware,dir
lab-bas-002: missed cmd(s): show configuration,show hardware,d= ir
lab-bas-002: End of run not found
lab-bas-002: End of run not found<= br>! *** srp redundancy: mode is high-availability, state disabled
rancid@lab-srv-001:~$ clogin lab-ba= s-002
lab-bas-002
spawn telnet lab-bas-002
Trying 10.240.8.3...
Conn= ected to lab-bas-002-mgt-lo0.
Escape character is '^]'.

Telnet password: *********
sLogged in on vty 1 via telnet.
Cop= yright (c) 1999-2005 Juniper Networks, Inc. All rights reserved.

lab-bas-002>enable
Password: *********
lab-bas-002#
lab-bas-= 002#show environment all
    chassis: 14 slot (id 0x5, re= v. 0xa)
    fabric: 40 Gbps (rev. 0)
   = ; fans: fanSubsystemOk
*** nvs: near capacity (87%), matches running con= fig
    power: A ok, B ok
*** srp redundancy: mode is hig= h-availability, state disabled
       = ; auto-sync enabled, switch-on-error enabled
    &nb= sp;   status unknown
*** slots: cards missing or offline
&n= bsp;       online: 0 1 2 3 4 6 9 10 11 12
        standby: 8
  &n= bsp;     offline: 7
     &n= bsp; empty: 5 13
    line redundancy: 1 redundancy = group(s)
        width 6, spare 8, pr= imary 9 10 11 12
    temperature: ok
   = ; timing: primary
        primary: in= ternal SC oscillator (ok)
        secondary: internal SC oscil= lator (ok)
        tertiary: internal= SC oscillator (ok)
        auto-upgr= ade enabled

*** system operational: no

        processor   &n= bsp; processor        IOA  &nb= sp;        IOA
&nb= sp;      temperature   temperature = temperature   temperature
slot   (10C - 70C)&= nbsp;    status      (10C - 70C)&nb= sp;    status
----   -----------&n= bsp; -----------   -----------   -----------
0          32  &= nbsp;     normal      &nb= sp;     ---       unknown=
1        &nb= sp; 32        normal   &n= bsp;        23    &n= bsp;   normal
2   &nbs= p;      34      &nbs= p; normal           = 24        normal    = ;
3          32  = ;      normal      &= nbsp;     22        = normal    =20
4          36  &= nbsp;     normal      &nb= sp;     23        no= rmal
6       = ;   30        normal &nbs= p;          25  &nbs= p;     normal
8  =         33     =    normal         &n= bsp; ---       unknown   = ;
9          34  = ;      normal      &= nbsp;     22        = normal    =20
10         35   =      normal       &n= bsp;    22        normal&= nbsp;
11       &nb= sp; 36        normal   &n= bsp;        23    &n= bsp;   normal
12   &nb= sp;     36        no= rmal            23&n= bsp;       normal

processor temperature ranges
      &nbs= p; below -5C is too cold
        abov= e 80C is too hot
        low temperat= ure warning below 10C
        high te= mperature warning above 70C
IOA temperature ranges
   =      below -5C is too cold
        above 80C is too hot
&nbs= p;       low temperature warning below 10C        high temperature warning above = 70C
lab-bas-002#

------=_Part_1538_2006487.1136817113175-- From owner-rancid-discuss-outgoing@shrubbery.net Tue Jan 10 06:46:21 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 256E211CE2E for ; Tue, 10 Jan 2006 06:46:20 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id C40758653F; Tue, 10 Jan 2006 06:46:19 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id B741986544; Tue, 10 Jan 2006 06:46:19 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id 0725286543; Tue, 10 Jan 2006 06:46:18 +0000 (UTC) Date: Mon, 9 Jan 2006 22:46:18 -0800 From: john heasley To: Mark Cooper Cc: rancid-discuss@shrubbery.net Subject: Re: jerancid failing on asterix's ? Message-ID: <20060110064618.GA6105@shrubbery.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i X-PGPkey: http://www.shrubbery.net/~heas/public-key.asc X-note: live free, or die! X-homer: i just want to have a beer while i am caring. Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Mon, Jan 09, 2006 at 02:31:53PM +0000, Mark Cooper: > Think I'm having problems with asterix's being returned in the 'show > environment all' command output ... though it does seem that there is a missing catch, i suspect its not the asterixs, rather it appears that the telnet died. does clogin -c 'show environment all' work? > > > lab-srv-001:/var/lib/rancid/bin# cat jerancid.debug > executing clogin -t 90 -c"show version;show redundancy;show boot;show > environment all;dir;show hardware;show configuration" lab-bas-002 > PROMPT MATCH: lab-bas-002# > HIT COMMAND:lab-bas-002#show version > In ShowVersion: lab-bas-002#show version > HIT COMMAND:lab-bas-002#show redundancy > In ShowRedundancy: lab-bas-002#show redundancy > HIT COMMAND:lab-bas-002#show boot > In ShowBoot: lab-bas-002#show boot > HIT COMMAND:lab-bas-002#show environment all > In ShowEnv: lab-bas-002#show environment all > write(spawn_id=1): broken pipe > while executing > "send_user -- "$expect_out(buffer)"" > invoked from within > "expect -nobrace -re+ { exp_continue } -re {^[^ > *]*lab-bas-002([^#>\r\n]+)?[#>]($[^)\r\n]+$)?} { send_user -- > "$expect_out(buffer)" > } -re {..." > invoked from within > "expect { > -re "\b+" { exp_continue } > -re "^\[^\n\r *]*$reprompt" { send_user -- > "$expect_out(buffer)" > } > -re "^\[^\n\r]*$reprompt." { send..." > invoked from within > "if [ string match "*\;*" "$command" ] { > set commands [split $command \;] > set num_commands [llength $commands] > # the pager can not be turned off on ..." > (procedure "run_commands" line 34) > invoked from within > "run_commands $prompt $command" > ("foreach" body line 144) > invoked from within > "foreach router [lrange $argv $i end] { > set router [string tolower $router] > send_user "$router\n" > > # Figure out prompt. > # Since autoena..." > (file "/var/lib/rancid/bin/clogin" line 616) > lab-bas-002: missed cmd(s): show configuration,show hardware,dir > lab-bas-002: missed cmd(s): show configuration,show hardware,dir > lab-bas-002: End of run not found > lab-bas-002: End of run not found > ! *** srp redundancy: mode is high-availability, state disabled > rancid@lab-srv-001:~$ clogin lab-bas-002 > lab-bas-002 > spawn telnet lab-bas-002 > Trying 10.240.8.3... > Connected to lab-bas-002-mgt-lo0. > Escape character is '^]'. > > > Telnet password: ********* > sLogged in on vty 1 via telnet. > Copyright (c) 1999-2005 Juniper Networks, Inc. All rights reserved. > > lab-bas-002>enable > Password: ********* > lab-bas-002# > lab-bas-002#show environment all > chassis: 14 slot (id 0x5, rev. 0xa) > fabric: 40 Gbps (rev. 0) > fans: fanSubsystemOk > *** nvs: near capacity (87%), matches running config > power: A ok, B ok > *** srp redundancy: mode is high-availability, state disabled > auto-sync enabled, switch-on-error enabled > status unknown > *** slots: cards missing or offline > online: 0 1 2 3 4 6 9 10 11 12 > standby: 8 > offline: 7 > empty: 5 13 > line redundancy: 1 redundancy group(s) > width 6, spare 8, primary 9 10 11 12 > temperature: ok > timing: primary > primary: internal SC oscillator (ok) > secondary: internal SC oscillator (ok) > tertiary: internal SC oscillator (ok) > auto-upgrade enabled > > *** system operational: no > > processor processor IOA IOA > temperature temperature temperature temperature > slot (10C - 70C) status (10C - 70C) status > ---- ----------- ----------- ----------- ----------- > 0 32 normal --- unknown > 1 32 normal 23 normal > 2 34 normal 24 normal > 3 32 normal 22 normal > 4 36 normal 23 normal > 6 30 normal 25 normal > 8 33 normal --- unknown > 9 34 normal 22 normal > 10 35 normal 22 normal > 11 36 normal 23 normal > 12 36 normal 23 normal > > processor temperature ranges > below -5C is too cold > above 80C is too hot > low temperature warning below 10C > high temperature warning above 70C > IOA temperature ranges > below -5C is too cold > above 80C is too hot > low temperature warning below 10C > high temperature warning above 70C > lab-bas-002# From owner-rancid-discuss-outgoing@shrubbery.net Tue Jan 10 17:16:30 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id C8DD911CE2E for ; Tue, 10 Jan 2006 17:16:30 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 289F18653F; Tue, 10 Jan 2006 17:16:29 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 1851B86544; Tue, 10 Jan 2006 17:16:29 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from nproxy.gmail.com (nproxy.gmail.com [64.233.182.200]) by guelah.shrubbery.net (Postfix) with ESMTP id 9A0D88653F for ; Tue, 10 Jan 2006 17:16:22 +0000 (UTC) Received: by nproxy.gmail.com with SMTP id o25so141304nfa for ; Tue, 10 Jan 2006 09:16:21 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=lfMEo1EnTGzNTMU09yDThcvNSuTvvUdrKdvWzvuUQ6eACV5aBe3ekWYiBJFRissMmfxWdLsAAiBDbgyxnjSoh0XtmJrlXTms2ooXBx4H5xXLTTqdhQW5i6Cpuz0Gw1/x7C3R4kY2nvMHCh70rhj44kFpAi0Md1puEwHHHCAQKE4= Received: by 10.48.142.8 with SMTP id p8mr998655nfd; Tue, 10 Jan 2006 07:05:21 -0800 (PST) Received: by 10.49.42.2 with HTTP; Tue, 10 Jan 2006 07:05:21 -0800 (PST) Message-ID: Date: Tue, 10 Jan 2006 15:05:21 +0000 From: Mark Cooper To: rancid-discuss@shrubbery.net Subject: Re: jerancid failing on asterix's ? In-Reply-To: <20060110064618.GA6105@shrubbery.net> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_20641_6775590.1136905521871" References: <20060110064618.GA6105@shrubbery.net> Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk ------=_Part_20641_6775590.1136905521871 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Yup, its not a clogin issue, but a jerancid one. rancid@lab-srv-001:~$ bin/clogin -c "show environment all" lab-bas-002 lab-bas-002 spawn telnet lab-bas-002 Trying 10.240.8.3... Connected to lab-bas-002-mgt-lo0. Escape character is '^]'. Telnet password: ******* Logged in on vty 0 via telnet. Copyright (c) 1999-2005 Juniper Networks, Inc. All rights reserved. lab-bas-002>enable Password: ******* lab-bas-002# lab-bas-002#term length 0 lab-bas-002#show environment all chassis: 14 slot (id 0x5, rev. 0xa) fabric: 40 Gbps (rev. 0) fans: fanSubsystemOk *** nvs: near capacity (87%), matches running config power: A ok, B ok *** srp redundancy: mode is high-availability, state disabled auto-sync enabled, switch-on-error enabled status unknown *** slots: cards missing or offline online: 0 1 2 3 4 6 9 10 11 12 standby: 8 offline: 7 empty: 5 13 line redundancy: 1 redundancy group(s) width 6, spare 8, primary 9 10 11 12 temperature: ok timing: primary primary: internal SC oscillator (ok) secondary: internal SC oscillator (ok) tertiary: internal SC oscillator (ok) auto-upgrade enabled *** system operational: no processor processor IOA IOA temperature temperature temperature temperature slot (10C - 70C) status (10C - 70C) status ---- ----------- ----------- ----------- ----------- 0 32 normal --- unknown 1 32 normal 23 normal 2 34 normal 24 normal 3 32 normal 22 normal 4 35 normal 22 normal 6 29 normal 25 normal 8 32 normal --- unknown 9 33 normal 22 normal 10 35 normal 22 normal 11 36 normal 23 normal 12 36 normal 23 normal processor temperature ranges below -5C is too cold above 80C is too hot low temperature warning below 10C high temperature warning above 70C IOA temperature ranges below -5C is too cold above 80C is too hot low temperature warning below 10C high temperature warning above 70C lab-bas-002#exit Logging out. Connection closed by foreign host. On 1/10/06, john heasley wrote: > > Mon, Jan 09, 2006 at 02:31:53PM +0000, Mark Cooper: > > Think I'm having problems with asterix's being returned in the 'show > > environment all' command output ... > > though it does seem that there is a missing catch, i suspect its not the > asterixs, rather it appears that the telnet died. does clogin -c 'show > environment all' work? > > ------=_Part_20641_6775590.1136905521871 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline

Yup, its not a clogin issue, but a jerancid one.

rancid@lab-srv-001:~$ bin/c= login -c "show environment all" lab-bas-002
lab-bas-002
spa= wn telnet lab-bas-002
Trying 10.240.8.3...
Connected to lab-bas-002-m= gt-lo0.
Escape character is '^]'.

Telnet password: *******
Logged in on vty 0 via telnet.
Copyri= ght (c) 1999-2005 Juniper Networks, Inc. All rights reserved.

lab-bas-002>enable
Password: *******
lab-bas-002#
lab-bas-00= 2#term length 0
lab-bas-002#show environment all
    c= hassis: 14 slot (id 0x5, rev. 0xa)
    fabric: 40 Gbps (r= ev. 0)
    fans: fanSubsystemOk
*** nvs: near capacity (87%), matches running config
  &nb= sp; power: A ok, B ok
*** srp redundancy: mode is high-availability, sta= te disabled
        auto-sync enabled= , switch-on-error enabled
        sta= tus unknown
*** slots: cards missing or offline
     &n= bsp; online: 0 1 2 3 4 6 9 10 11 12
     =    standby: 8
        offli= ne: 7
        empty: 5 13
&n= bsp; line redundancy: 1 redundancy group(s)
   &nbs= p;    width 6, spare 8, primary 9 10 11 12
    temperature: ok
    timing: primar= y
        primary: internal SC oscill= ator (ok)
        secondary: internal= SC oscillator (ok)
        tertiary:= internal SC oscillator (ok)
        = auto-upgrade enabled

*** system operational: no

        processor   &n= bsp; processor        IOA  &nb= sp;        IOA
&nb= sp;      temperature   temperature = temperature   temperature
slot   (10C - 70C)&= nbsp;    status      (10C - 70C)&nb= sp;    status
----   -----------&n= bsp; -----------   -----------   -----------
0          32  &= nbsp;     normal      &nb= sp;     ---       unknown=
1        &nb= sp; 32        normal   &n= bsp;        23    &n= bsp;   normal
2   &nbs= p;      34      &nbs= p; normal           = 24        normal    = ;
3          32  = ;      normal      &= nbsp;     22        = normal    =20
4          35  &= nbsp;     normal      &nb= sp;     22        no= rmal
6       = ;   29        normal &nbs= p;          25  &nbs= p;     normal
8  =         32     =    normal         &n= bsp; ---       unknown   = ;
9          33  = ;      normal      &= nbsp;     22        = normal    =20
10         35   =      normal       &n= bsp;    22        normal&= nbsp;
11       &nb= sp; 36        normal   &n= bsp;        23    &n= bsp;   normal
12   &nb= sp;     36        no= rmal            23&n= bsp;       normal

Connection closed by foreign host.

On 1/10/06, = john heasley <heas@shrubbery.n= et> wrote:

Mon, Jan 09, 2006 at 02:31:53PM = +0000, Mark Cooper:
> Think I'm having problems with asterix's being = returned in the 'show
> environment all' command output ...

though it does seem tha= t there is a missing catch, i suspect its not the
asterixs, rather it ap= pears that the telnet died. does clogin -c 'show
environment = all' work?

------=_Part_20641_6775590.1136905521871-- From owner-rancid-discuss-outgoing@shrubbery.net Wed Jan 11 19:03:20 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 4C32811CE2E for ; Wed, 11 Jan 2006 19:03:20 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id EF0D88653F; Wed, 11 Jan 2006 19:03:18 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id E2BEC86544; Wed, 11 Jan 2006 19:03:18 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id 6EEAE86543; Wed, 11 Jan 2006 19:03:18 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Received: from mx.mdcs.at (mx.mdcs.at [193.110.28.55]) by guelah.shrubbery.net (Postfix) with ESMTP id D54F78653F for ; Wed, 11 Jan 2006 11:31:34 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by mx.mdcs.at (Postfix) with ESMTP id 5D960107BDE for ; Wed, 11 Jan 2006 12:31:23 +0100 (CET) Received: from mx.mdcs.at ([127.0.0.1]) by localhost (mx.mdcs.at [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id 05531-07 for ; Wed, 11 Jan 2006 12:31:23 +0100 (CET) Received: from mx02.mdcs.at (atrbgmdcs2.wien.rbgat.net [10.14.33.90]) by mx.mdcs.at (Postfix) with ESMTP for ; Wed, 11 Jan 2006 12:31:23 +0100 (CET) To: rancid-discuss@shrubbery.net Subject: 3Com Routers MIME-Version: 1.0 Message-ID: From: georg.naggies@r-it.at Date: Wed, 11 Jan 2006 12:30:15 +0100 Content-Type: text/plain; charset="US-ASCII" X-Virus-Scanned: amavisd-new at mdcs.at Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk hello list! anyone has a Rancid module for 3com-routers that he would care to share? login is ok, with enable = 1 and setting the prompt to "]", but my efforts so far failed at the pager which cannot be turned off so I thought maybe someone else has worked on this and would like to spare me the work of reinventing the wheel btw, thanks to the Rancid developers, it's a great solution for config management, far superior to Cisco Works best regards georg From owner-rancid-discuss-outgoing@shrubbery.net Wed Jan 11 19:03:24 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 748FD11CE2E for ; Wed, 11 Jan 2006 19:03:24 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 9C36686544; Wed, 11 Jan 2006 19:03:23 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 9316286546; Wed, 11 Jan 2006 19:03:23 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from malcolm.berkeley.edu (malcolm.Berkeley.EDU [128.32.206.239]) by guelah.shrubbery.net (Postfix) with ESMTP id B4B1E86544 for ; Wed, 11 Jan 2006 19:03:20 +0000 (UTC) Received: from [128.32.155.51] (soliloquy.Net.Berkeley.EDU [128.32.155.51]) (authenticated bits=0) by malcolm.berkeley.edu (8.13.3/8.13.3) with ESMTP id k0BJ3GrS007214 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO) for ; Wed, 11 Jan 2006 11:03:17 -0800 (PST) (envelope-from dpz@ack.berkeley.edu) Mime-Version: 1.0 (Apple Message framework v623) Content-Transfer-Encoding: 7bit Message-Id: <197b5297fb9a809665b45b2f7408ea4d@ack.berkeley.edu> Content-Type: text/plain; charset=US-ASCII; format=flowed To: rancid-discuss@shrubbery.net From: David Paul Zimmerman Subject: RANCID to FWSM blade Date: Wed, 11 Jan 2006 11:03:11 -0800 X-Mailer: Apple Mail (2.623) X-Greylist: Sender succeded SMTP AUTH authentication, not delayed by milter-greylist-1.6 (malcolm.berkeley.edu [128.32.206.239]); Wed, 11 Jan 2006 11:03:17 -0800 (PST) Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Hi, all. Does anyone have any successful experiences with setting up RANCID to pull configs from FWSM blades? It would be great to be able to pull the system context, but it isn't critical. I'll be happy if I can set up automation to at least pull the others. All my non-system contexts (including the admin context) have IP addresses assigned and are ssh'able from the network. dp From owner-rancid-discuss-outgoing@shrubbery.net Wed Jan 11 23:44:18 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 1968111CE2E for ; Wed, 11 Jan 2006 23:44:17 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id BFBE48653F; Wed, 11 Jan 2006 23:44:16 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id B992A86544; Wed, 11 Jan 2006 23:44:16 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from malcolm.berkeley.edu (malcolm.Berkeley.EDU [128.32.206.239]) by guelah.shrubbery.net (Postfix) with ESMTP id C15448653F for ; Wed, 11 Jan 2006 23:44:11 +0000 (UTC) Received: from [128.32.155.51] (soliloquy.Net.Berkeley.EDU [128.32.155.51]) (authenticated bits=0) by malcolm.berkeley.edu (8.13.3/8.13.3) with ESMTP id k0BNi7xi017337 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO); Wed, 11 Jan 2006 15:44:07 -0800 (PST) (envelope-from dpz@ack.berkeley.edu) In-Reply-To: <200601111320.01951.jeremy.guthrie@berbee.com> References: <197b5297fb9a809665b45b2f7408ea4d@ack.berkeley.edu> <200601111320.01951.jeremy.guthrie@berbee.com> Mime-Version: 1.0 (Apple Message framework v623) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <089cee6e57ea782d1a34d50d9bab0936@ack.berkeley.edu> Content-Transfer-Encoding: 7bit Cc: rancid-discuss@shrubbery.net From: David Paul Zimmerman Subject: Re: RANCID to FWSM blade Date: Wed, 11 Jan 2006 15:44:03 -0800 To: jeremy.guthrie@berbee.com X-Mailer: Apple Mail (2.623) X-Greylist: Sender succeded SMTP AUTH authentication, not delayed by milter-greylist-1.6 (malcolm.berkeley.edu [128.32.206.239]); Wed, 11 Jan 2006 15:44:07 -0800 (PST) Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk That's good to hear. What device type are you using? Any mods to make this work? dp On Jan 11, 2006, at 11:19 AM, Jeremy M. Guthrie wrote: > We use RANCID to manage our FWSM contexts. It's run great for us. > > On Wednesday 11 January 2006 01:03 pm, David Paul Zimmerman wrote: >> Hi, all. Does anyone have any successful experiences with setting up >> RANCID to pull configs from FWSM blades? It would be great to be able >> to pull the system context, but it isn't critical. I'll be happy if I >> can set up automation to at least pull the others. All my non-system >> contexts (including the admin context) have IP addresses assigned and >> are ssh'able from the network. From owner-rancid-discuss-outgoing@shrubbery.net Thu Jan 12 09:31:59 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id D5EEE11CE2E for ; Thu, 12 Jan 2006 09:31:58 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id B0B6F86543; Thu, 12 Jan 2006 09:31:57 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id A48A486544; Thu, 12 Jan 2006 09:31:57 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from tux.nerdheaven.dk (tux.nerdheaven.dk [193.88.12.43]) by guelah.shrubbery.net (Postfix) with ESMTP id AF7AC8653F for ; Thu, 12 Jan 2006 09:31:56 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by tux.nerdheaven.dk (Postfix) with ESMTP id 7BFC03FF36 for ; Thu, 12 Jan 2006 10:31:34 +0100 (CET) Received: from tux.nerdheaven.dk ([127.0.0.1]) by localhost (tux.nerdheaven.dk [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 57183-04 for ; Thu, 12 Jan 2006 10:30:52 +0100 (CET) Received: by tux.nerdheaven.dk (Postfix, from userid 1000) id 606C83FF35; Thu, 12 Jan 2006 10:30:52 +0100 (CET) Date: Thu, 12 Jan 2006 10:30:52 +0100 From: "Sonny T. Larsen" To: rancid-discuss@shrubbery.net Subject: Re: RANCID to FWSM blade Message-ID: <20060112093052.GN4458@unix.dk> References: <197b5297fb9a809665b45b2f7408ea4d@ack.berkeley.edu> <200601111320.01951.jeremy.guthrie@berbee.com> <089cee6e57ea782d1a34d50d9bab0936@ack.berkeley.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <089cee6e57ea782d1a34d50d9bab0936@ack.berkeley.edu> User-Agent: Mutt/1.4.2.1i X-PGP-Key: http://www.nerdheaven.dk/pgp.html X-Virus-Scanned: by amavisd-new at nerdheaven.dk Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On Wed, Jan 11, 2006 at 03:44:03PM -0800, David Paul Zimmerman wrote: >That's good to hear. What device type are you using? Any mods to make >this work? Using device-type 'cisco' works nicely. I just wonder how to back up the system context, since it cannot be accessed via ssh. -- Bye, Sonny! "Respect is fine, but actually I've always wanted to be feared." From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 00:30:50 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id E603211CE2E for ; Fri, 13 Jan 2006 00:30:49 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 89C0C86543; Fri, 13 Jan 2006 00:30:48 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 7D46A86544; Fri, 13 Jan 2006 00:30:48 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from malcolm.berkeley.edu (malcolm.Berkeley.EDU [128.32.206.239]) by guelah.shrubbery.net (Postfix) with ESMTP id 843338653F for ; Fri, 13 Jan 2006 00:30:42 +0000 (UTC) Received: from [128.32.155.51] (soliloquy.Net.Berkeley.EDU [128.32.155.51]) (authenticated bits=0) by malcolm.berkeley.edu (8.13.3/8.13.3) with ESMTP id k0D0Ugnv055320 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO) for ; Thu, 12 Jan 2006 16:30:42 -0800 (PST) (envelope-from dpz@ack.berkeley.edu) Mime-Version: 1.0 (Apple Message framework v623) In-Reply-To: <20060112093052.GN4458@unix.dk> References: <197b5297fb9a809665b45b2f7408ea4d@ack.berkeley.edu> <200601111320.01951.jeremy.guthrie@berbee.com> <089cee6e57ea782d1a34d50d9bab0936@ack.berkeley.edu> <20060112093052.GN4458@unix.dk> Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <7fc62bbe6b924b55faf9310ab0d990ac@ack.berkeley.edu> Content-Transfer-Encoding: 7bit From: David Paul Zimmerman Subject: Re: RANCID to FWSM blade Date: Thu, 12 Jan 2006 16:30:44 -0800 To: rancid-discuss@shrubbery.net X-Mailer: Apple Mail (2.623) X-Greylist: Sender succeded SMTP AUTH authentication, not delayed by milter-greylist-1.6 (malcolm.berkeley.edu [128.32.206.239]); Thu, 12 Jan 2006 16:30:42 -0800 (PST) Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On Jan 12, 2006, at 1:30 AM, Sonny T. Larsen wrote: > On Wed, Jan 11, 2006 at 03:44:03PM -0800, David Paul Zimmerman wrote: > >> That's good to hear. What device type are you using? Any mods to >> make >> this work? > > Using device-type 'cisco' works nicely. That's what I'm hearing. I'll probably get to this tomorrow or Monday... really itching to start seeing what my firewall customers are doing to themselves. > I just wonder how to back up the system context, since it cannot be > accessed via ssh. Too bad there's no DB-9 on the blade that one could attach an SSH-capable terminal server to :-) dp From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 02:13:19 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id B8CD711CE2E for ; Fri, 13 Jan 2006 02:13:18 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 800748653F; Fri, 13 Jan 2006 02:13:17 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 7A0B086544; Fri, 13 Jan 2006 02:13:17 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from smtcorav01.samuelmanutech.com (secure.samuelmanutech.com [66.241.134.43]) by guelah.shrubbery.net (Postfix) with ESMTP id 8F4588653F for ; Fri, 13 Jan 2006 02:13:15 +0000 (UTC) Received: from localhost (smtcorav01.samuelmanutech.com [127.0.0.1]) by secure.samuelmanutech.com (Postfix) with ESMTP id EC8D333C011 for ; Thu, 12 Jan 2006 21:13:12 -0500 (EST) Received: from smtcorav01.samuelmanutech.com ([127.0.0.1]) by localhost (smtcorav01.samuelmanutech.com [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 02677-01 for ; Thu, 12 Jan 2006 21:13:12 -0500 (EST) Received: from smtcorms04 (smtcorms04.samuelmanutech.com [10.10.0.27]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by secure.samuelmanutech.com (Postfix) with ESMTP id 93C0733C002 for ; Thu, 12 Jan 2006 21:13:12 -0500 (EST) Date: Thu, 12 Jan 2006 21:13:13 -0500 (EST) From: Robin Mordasiewicz X-X-Sender: robin@smtcorms04.samuelmanutech.com To: rancid-discuss@shrubbery.net Subject: really aweful naming convention I dislike Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: by smtp-auth at secure.samuelmanutech.com Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk I really love what rancid is doing for me, but I just cannot tell the company that I am contracting for that I have installed a program called rancid that logs into all their routers regulary and gathers config files. I have changed the user that rancid runs as to "NetConfig" my .02$ keep up the good work. mebbe one day someone will think of a better acronym. From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 02:51:38 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 099CB11CE2E for ; Fri, 13 Jan 2006 02:51:37 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id B24DA8653F; Fri, 13 Jan 2006 02:51:36 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id AA2C386544; Fri, 13 Jan 2006 02:51:36 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from S2.cableone.net (s2.cableone.net [24.116.0.228]) by guelah.shrubbery.net (Postfix) with ESMTP id AAF948653F for ; Fri, 13 Jan 2006 02:51:35 +0000 (UTC) Received: from [192.168.1.139] (unverified [24.119.164.164]) by S2.cableone.net (CableOne SMTP Service S2) with ESMTP id 41894143 for multiple; Thu, 12 Jan 2006 20:19:03 -0700 Message-ID: <43C715A2.4040706@grote.name> Date: Thu, 12 Jan 2006 19:51:14 -0700 From: Justin Grote User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Robin Mordasiewicz Cc: rancid-discuss@shrubbery.net Subject: Re: really aweful naming convention I dislike References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-IP-stats: Incoming Last 0, First 99, in=84, out=0, spam=0 X-External-IP: 24.119.164.164 X-Abuse-Info: Send abuse complaints to abuse@cableone.net Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Robin Mordasiewicz wrote: > I really love what rancid is doing for me, but I just cannot tell the > company that I am contracting for that I have installed a program > called rancid that logs into all their routers regulary and gathers > config files. > > I have changed the user that rancid runs as to "NetConfig" > > my .02$ > > keep up the good work. mebbe one day someone will think of a better > acronym. Do your employers also get offended that you run an Apache web server? Or maybe that you want their servers to run on a LAMP? Or that you hired an assassin for their spam? How about running their mission critical java apps on the back of a Tomcat? Just teasing, your point is well understood :) You could leave off the really awesome new part and just call it Cid, for Cisco Internet Differ (or Configuration Internet Differ to be more general) -- Justin Grote Network Architect JWG Networks From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 03:00:08 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 88D9011CE2E for ; Fri, 13 Jan 2006 03:00:08 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 61E2286544; Fri, 13 Jan 2006 03:00:07 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 544BC86546; Fri, 13 Jan 2006 03:00:07 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from smtcorav01.samuelmanutech.com (secure.samuelmanutech.com [66.241.134.43]) by guelah.shrubbery.net (Postfix) with ESMTP id 7163586544 for ; Fri, 13 Jan 2006 03:00:06 +0000 (UTC) Received: from localhost (smtcorav01.samuelmanutech.com [127.0.0.1]) by secure.samuelmanutech.com (Postfix) with ESMTP id 8363B33C014; Thu, 12 Jan 2006 22:00:05 -0500 (EST) Received: from smtcorav01.samuelmanutech.com ([127.0.0.1]) by localhost (smtcorav01.samuelmanutech.com [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 02759-07; Thu, 12 Jan 2006 22:00:05 -0500 (EST) Received: from smtcorms04 (smtcorms04.samuelmanutech.com [10.10.0.27]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by secure.samuelmanutech.com (Postfix) with ESMTP id 1DFB133C011; Thu, 12 Jan 2006 22:00:05 -0500 (EST) Date: Thu, 12 Jan 2006 22:00:07 -0500 (EST) From: Robin Mordasiewicz X-X-Sender: robin@smtcorms04.samuelmanutech.com To: Justin Grote Cc: Robin Mordasiewicz , rancid-discuss@shrubbery.net Subject: Re: really aweful naming convention I dislike In-Reply-To: <43C715A2.4040706@grote.name> Message-ID: References: <43C715A2.4040706@grote.name> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: by smtp-auth at secure.samuelmanutech.com Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On Thu, 12 Jan 2006, Justin Grote wrote: > Robin Mordasiewicz wrote: > > You could leave off the really awesome new part and just call it Cid, for > Cisco Internet Differ (or Configuration Internet Differ to be more general) > CID it will be... cheers. From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 04:19:10 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 653D511CE2E for ; Fri, 13 Jan 2006 04:19:10 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 4932A86543; Fri, 13 Jan 2006 04:19:09 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 3C78A86544; Fri, 13 Jan 2006 04:19:09 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from mail.padfoot.com (mail.PADFOOT.COM [198.137.194.43]) by guelah.shrubbery.net (Postfix) with ESMTP id 7BC5E8653F for ; Fri, 13 Jan 2006 04:19:01 +0000 (UTC) Received: from [198.137.194.2] (pool-151-196-251-118.balt.east.verizon.net [151.196.251.118]) (using TLSv1 with cipher DHE-DSS-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mail.padfoot.com (Postfix) with ESMTP id DE7F1A15F8; Thu, 12 Jan 2006 23:18:54 -0500 (EST) Message-ID: <43C72A47.2010805@rem.com> Date: Thu, 12 Jan 2006 23:19:19 -0500 From: Hank Kilmer User-Agent: Thunderbird 1.4 (Windows/20050908) MIME-Version: 1.0 To: Robin Mordasiewicz Cc: rancid-discuss@shrubbery.net Subject: Re: really aweful naming convention I dislike References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Hey, I'm open to suggestions. It is an outdated and sometimes "odd" name. For those interested in history: I picked the name many moons ago because I knew it would solve 80% of my problem and therefore the "right" solution to my problem at that time would never get done. Just for the record, the "right" solution at the time was to have a database that could generate my router configurations and have the database be authoritative...not the routers. So I wanted a toxic name. -Hank Robin Mordasiewicz wrote: > I really love what rancid is doing for me, but I just cannot tell the > company that I am contracting for that I have installed a program called > rancid that logs into all their routers regulary and gathers config files. > > I have changed the user that rancid runs as to "NetConfig" > > my .02$ > > keep up the good work. mebbe one day someone will think of a better > acronym. From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 07:23:13 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 24E5611CE2E for ; Fri, 13 Jan 2006 07:23:12 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id C63178653F; Fri, 13 Jan 2006 07:23:11 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id BE63586544; Fri, 13 Jan 2006 07:23:11 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from ni.shrubbery.net (ni.shrubbery.net [198.58.5.4]) by guelah.shrubbery.net (Postfix) with ESMTP id CE1D68653F for ; Fri, 13 Jan 2006 07:23:10 +0000 (UTC) Received: from ytti.fi (ytti.fi [62.236.255.178]) by ni.shrubbery.net (Postfix) with ESMTP id 20B3911CE2E for ; Fri, 13 Jan 2006 07:23:07 +0000 (UTC) Received: by ytti.fi (Postfix, from userid 1000) id 13B5112DBD5; Fri, 13 Jan 2006 09:22:43 +0200 (EET) Date: Fri, 13 Jan 2006 09:22:43 +0200 From: Saku Ytti To: rancid-discuss@shrubbery.net Subject: Re: really aweful naming convention I dislike Message-ID: <20060113072243.GA6431@ytti.fi> References: <43C72A47.2010805@rem.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <43C72A47.2010805@rem.com> User-Agent: Mutt/1.5.11 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On (2006-01-12 23:19 -0500), Hank Kilmer wrote: > Hey, I'm open to suggestions. It is an outdated and sometimes "odd" > name. For those interested in history: I picked the name many moons ago > because I knew it would solve 80% of my problem and therefore the > "right" solution to my problem at that time would never get done. Just > for the record, the "right" solution at the time was to have a database > that could generate my router configurations and have the database be > authoritative...not the routers. So I wanted a toxic name. This is indeed the holy grail of networking, master configuration in routers/switches has quite few issues. I've been pondering about such system myself, and it would be quite challenging to implement. What I'd personally want is some router/switch independent description language of features which would interfacexs with several parser scripts that turn it to vendor spesific configuration. Of course it should be able to reasonably gracefully support unknown portitions of the code. Now combine that with wizard functionality where poller first gets the configurations, tosses them to parser, tosses them to backend system, which would then either directly put them to database or then suggest unifications/sanitazation to the configurations :) > -Hank > > Robin Mordasiewicz wrote: > >I really love what rancid is doing for me, but I just cannot tell the > >company that I am contracting for that I have installed a program called > >rancid that logs into all their routers regulary and gathers config files. > > > >I have changed the user that rancid runs as to "NetConfig" > > > >my .02$ > > > >keep up the good work. mebbe one day someone will think of a better > >acronym. > -- ++ytti From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 14:33:46 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 6D4DB11CE2E for ; Fri, 13 Jan 2006 14:33:46 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 35D8D86544; Fri, 13 Jan 2006 14:33:45 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 2F02486546; Fri, 13 Jan 2006 14:33:45 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from nwc.com (nwc.com [128.230.97.51]) by guelah.shrubbery.net (Postfix) with ESMTP id 30E5686544 for ; Fri, 13 Jan 2006 14:33:43 +0000 (UTC) X-SpamCatcher-Score: 2 [X] Received: from [172.16.32.254] (HELO trex) by nwc.com (CommuniGate Pro SMTP 5.0.6) with ESMTP id 5386604; Fri, 13 Jan 2006 09:30:53 -0500 Reply-To: From: "Bruce" To: "'Saku Ytti'" , Subject: RE: really aweful naming convention I dislike Date: Fri, 13 Jan 2006 09:33:31 -0500 Organization: Network Computing Magazine Message-ID: <007e01c6184e$53e2b540$fe2010ac@trex> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 In-Reply-To: <20060113072243.GA6431@ytti.fi> Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk FWIW I've reviewed a number of commercial network configuration products and none have fully succeeded in implementing a cross vendor/model normalization language. It seems to require too much heavy lifting. And as far as wizard's go they all have one, but each tells me that their customers avoid using them. Instead they interface with the CLI or their production control system interfaces with the CLI. I'm all for improvement, but one of the things I like about RANCID (besides the name) is it's straight forward functionality. Bruce Boardman, Network Computing Magazine bboardman@nwc.com 206 Hines Hall, Syracuse University Syracuse NY 13244 -----Original Message----- From: owner-rancid-discuss@shrubbery.net [mailto:owner-rancid-discuss@shrubbery.net] On Behalf Of Saku Ytti Sent: Friday, January 13, 2006 2:23 AM To: rancid-discuss@shrubbery.net Subject: Re: really aweful naming convention I dislike On (2006-01-12 23:19 -0500), Hank Kilmer wrote: > Hey, I'm open to suggestions. It is an outdated and sometimes "odd" > name. For those interested in history: I picked the name many moons ago > because I knew it would solve 80% of my problem and therefore the > "right" solution to my problem at that time would never get done. Just > for the record, the "right" solution at the time was to have a database > that could generate my router configurations and have the database be > authoritative...not the routers. So I wanted a toxic name. This is indeed the holy grail of networking, master configuration in routers/switches has quite few issues. I've been pondering about such system myself, and it would be quite challenging to implement. What I'd personally want is some router/switch independent description language of features which would interfacexs with several parser scripts that turn it to vendor spesific configuration. Of course it should be able to reasonably gracefully support unknown portitions of the code. Now combine that with wizard functionality where poller first gets the configurations, tosses them to parser, tosses them to backend system, which would then either directly put them to database or then suggest unifications/sanitazation to the configurations :) > -Hank > > Robin Mordasiewicz wrote: > >I really love what rancid is doing for me, but I just cannot tell the > >company that I am contracting for that I have installed a program called > >rancid that logs into all their routers regulary and gathers config files. > > > >I have changed the user that rancid runs as to "NetConfig" > > > >my .02$ > > > >keep up the good work. mebbe one day someone will think of a better > >acronym. > -- ++ytti From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 14:45:11 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id C3A8711CE2E for ; Fri, 13 Jan 2006 14:45:10 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id D15AA8653F; Fri, 13 Jan 2006 14:45:09 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id CAA4586546; Fri, 13 Jan 2006 14:45:09 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from ytti.fi (ytti.fi [62.236.255.178]) by guelah.shrubbery.net (Postfix) with ESMTP id CD4D28653F for ; Fri, 13 Jan 2006 14:45:08 +0000 (UTC) Received: by ytti.fi (Postfix, from userid 1000) id EC214134920; Fri, 13 Jan 2006 16:45:06 +0200 (EET) Date: Fri, 13 Jan 2006 16:45:06 +0200 From: Saku Ytti To: rancid-discuss@shrubbery.net Subject: Re: really aweful naming convention I dislike Message-ID: <20060113144506.GA10821@ytti.fi> References: <20060113072243.GA6431@ytti.fi> <007e01c6184e$53e2b540$fe2010ac@trex> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <007e01c6184e$53e2b540$fe2010ac@trex> User-Agent: Mutt/1.5.11 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On (2006-01-13 09:33 -0500), Bruce wrote: > FWIW I've reviewed a number of commercial network configuration products > and none have fully succeeded in implementing a cross vendor/model > normalization language. It seems to require too much heavy lifting. And > as far as wizard's go they all have one, but each tells me that their > customers avoid using them. Instead they interface with the CLI or their > production control system interfaces with the CLI. I'm all for > improvement, but one of the things I like about RANCID (besides the > name) is it's straight forward functionality. It really wouldn't be rancid upgrade, but whole another beast. They're quite different in complexity :). It's definitely doable but it has distinct risk of become bloated beast which requires more time to setup and maintain than it saves time. -- ++ytti From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 16:26:21 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 978FE11CE2E for ; Fri, 13 Jan 2006 16:26:21 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 554538653F; Fri, 13 Jan 2006 16:26:20 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 4D1A586544; Fri, 13 Jan 2006 16:26:20 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from S2.cableone.net (s2.cableone.net [24.116.0.228]) by guelah.shrubbery.net (Postfix) with ESMTP id 483368653F for ; Fri, 13 Jan 2006 16:26:18 +0000 (UTC) Received: from [192.168.1.139] (unverified [24.119.164.164]) by S2.cableone.net (CableOne SMTP Service S2) with ESMTP id 41976540 for multiple; Fri, 13 Jan 2006 09:53:54 -0700 Message-ID: <43C7D490.2000402@grote.name> Date: Fri, 13 Jan 2006 09:25:52 -0700 From: Justin Grote User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Saku Ytti Cc: rancid-discuss@shrubbery.net Subject: Re: really aweful naming convention I dislike References: <20060113072243.GA6431@ytti.fi> <007e01c6184e$53e2b540$fe2010ac@trex> <20060113144506.GA10821@ytti.fi> In-Reply-To: <20060113144506.GA10821@ytti.fi> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-SpamDetect: **: 2.000000 Content: cid=309(2.0) =2.0 X-IP-stats: Incoming Last 0, First 99, in=86, out=0, spam=0 X-External-IP: 24.119.164.164 X-Abuse-Info: Send abuse complaints to abuse@cableone.net Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Saku Ytti wrote: >It really wouldn't be rancid upgrade, but whole another beast. They're >quite different in complexity :). It's definitely doable but it has >distinct risk of become bloated beast which requires more time to setup >and maintain than it saves time. > > Indeed. The closest way I could think to coming up with a unified description for would be an XML DTD, but again, that's hard to develop a schema that could include every possible device description, and I'm not that smart :) -- Justin Grote Network Architect JWG Networks From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 16:38:32 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id CFCD011CE2E for ; Fri, 13 Jan 2006 16:38:31 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 7B37F86544; Fri, 13 Jan 2006 16:38:30 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 732DE86546; Fri, 13 Jan 2006 16:38:30 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from ytti.fi (ytti.fi [62.236.255.178]) by guelah.shrubbery.net (Postfix) with ESMTP id 89E3486544 for ; Fri, 13 Jan 2006 16:38:29 +0000 (UTC) Received: by ytti.fi (Postfix, from userid 1000) id 51C39134CB8; Fri, 13 Jan 2006 18:38:28 +0200 (EET) Date: Fri, 13 Jan 2006 18:38:27 +0200 From: Saku Ytti To: Justin Grote Cc: rancid-discuss@shrubbery.net Subject: Re: really aweful naming convention I dislike Message-ID: <20060113163827.GA11876@ytti.fi> References: <20060113072243.GA6431@ytti.fi> <007e01c6184e$53e2b540$fe2010ac@trex> <20060113144506.GA10821@ytti.fi> <43C7D490.2000402@grote.name> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <43C7D490.2000402@grote.name> User-Agent: Mutt/1.5.11 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On (2006-01-13 09:25 -0700), Justin Grote wrote: > Indeed. The closest way I could think to coming up with a unified > description for would be an XML DTD, but again, that's hard to develop a > schema that could include every possible device description, and I'm not > that smart :) It would always be more or less work in progress, so it would be critical that design allows 'unmanaged' configurations, that currently are not describable with the XML DTD but that can safely be used as-is. But even doing that properly is a challenge (if doable at all), as order how it's eventually pushed to the box may still be very important. IIRC DTAG had some presentation in nanog about XML based system for their internal use and I'm sure some other have done similiar home-grown systems to have master config in database. But doing such tool to work in _your_ network is way more trivial to make general purpose tool. -- ++ytti From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 16:43:28 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id EBCEC11CE2E for ; Fri, 13 Jan 2006 16:43:23 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id A0CD986547; Fri, 13 Jan 2006 16:43:22 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 929E886549; Fri, 13 Jan 2006 16:43:22 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from S2.cableone.net (s2.cableone.net [24.116.0.228]) by guelah.shrubbery.net (Postfix) with ESMTP id 7425686547 for ; Fri, 13 Jan 2006 16:43:20 +0000 (UTC) Received: from [192.168.1.139] (unverified [24.119.164.164]) by S2.cableone.net (CableOne SMTP Service S2) with ESMTP id 41978888 for multiple; Fri, 13 Jan 2006 10:11:01 -0700 Message-ID: <43C7D893.2040404@grote.name> Date: Fri, 13 Jan 2006 09:42:59 -0700 From: Justin Grote User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Saku Ytti Cc: rancid-discuss@shrubbery.net Subject: Re: really aweful naming convention I dislike References: <20060113072243.GA6431@ytti.fi> <007e01c6184e$53e2b540$fe2010ac@trex> <20060113144506.GA10821@ytti.fi> <43C7D490.2000402@grote.name> <20060113163827.GA11876@ytti.fi> In-Reply-To: <20060113163827.GA11876@ytti.fi> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-SpamDetect: **: 2.000000 Content: cid=309(2.0) =2.0 X-IP-stats: Incoming Last 0, First 99, in=87, out=0, spam=0 X-External-IP: 24.119.164.164 X-Abuse-Info: Send abuse complaints to abuse@cableone.net Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Saku Ytti wrote: > It would always be more or less work in progress, so it would be critical >that design allows 'unmanaged' configurations, that currently are not >describable with the XML DTD but that can safely be used as-is. > But even doing that properly is a challenge (if doable at all), as order how >it's eventually pushed to the box may still be very important. > > These guys had an interesting thing going, but I don't think it's been updated since 2002: http://www.cesnet.cz/doc/techzpravy/2002/xmldesign/ -- Justin Grote Network Architect JWG Networks From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 16:54:29 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 0078411CE2E for ; Fri, 13 Jan 2006 16:54:28 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id E74FD8653F; Fri, 13 Jan 2006 16:54:27 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id E10EF86549; Fri, 13 Jan 2006 16:54:27 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from pogostick.net (pogostick.net [80.91.36.18]) by guelah.shrubbery.net (Postfix) with ESMTP id F22268653F for ; Fri, 13 Jan 2006 16:54:26 +0000 (UTC) Received: from pogostick.net (localhost [127.0.0.1]) by pogostick.net (Postfix) with ESMTP id 8D94A1B658; Fri, 13 Jan 2006 17:54:10 +0100 (MET) Received: by pogostick.net (Postfix, from userid 30149) id 2846C1B67D; Fri, 13 Jan 2006 17:54:10 +0100 (MET) Received: from localhost (localhost [127.0.0.1]) by pogostick.net (Postfix) with ESMTP id 0F74D1B658; Fri, 13 Jan 2006 17:54:09 +0100 (MET) Date: Fri, 13 Jan 2006 17:54:09 +0100 (MET) From: Rikard Stemland Skjelsvik To: Justin Grote Cc: Saku Ytti , rancid-discuss@shrubbery.net Subject: Re: really aweful naming convention I dislike In-Reply-To: <43C7D893.2040404@grote.name> Message-ID: References: <20060113072243.GA6431@ytti.fi> <007e01c6184e$53e2b540$fe2010ac@trex> <20060113144506.GA10821@ytti.fi> <43C7D490.2000402@grote.name> <20060113163827.GA11876@ytti.fi> <43C7D893.2040404@grote.name> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: ClamAV using ClamSMTP on pogostick.net Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk They wrote another document about a year later. http://www.cesnet.cz/doc/techzpravy/2003/netopeer-dtd/ -- Rikard On Fri, 13 Jan 2006, Justin Grote wrote: > Saku Ytti wrote: > >> It would always be more or less work in progress, so it would be critical >> that design allows 'unmanaged' configurations, that currently are not >> describable with the XML DTD but that can safely be used as-is. >> But even doing that properly is a challenge (if doable at all), as order >> how >> it's eventually pushed to the box may still be very important. >> > These guys had an interesting thing going, but I don't think it's been > updated since 2002: > > http://www.cesnet.cz/doc/techzpravy/2002/xmldesign/ > > -- > Justin Grote > Network Architect > JWG Networks > From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 17:37:14 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id BE62411CE2E for ; Fri, 13 Jan 2006 17:37:11 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 3151586543; Fri, 13 Jan 2006 17:37:10 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 2496886547; Fri, 13 Jan 2006 17:37:10 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from S3.cableone.net (s3.cableone.net [24.116.0.229]) by guelah.shrubbery.net (Postfix) with ESMTP id 0CF958653F for ; Fri, 13 Jan 2006 17:37:08 +0000 (UTC) Received: from [192.168.1.139] (unverified [24.119.164.164]) by S3.cableone.net (CableOne SMTP Service S3) with ESMTP id 42934073 for multiple; Fri, 13 Jan 2006 11:01:57 -0700 Message-ID: <43C7E52E.1080304@grote.name> Date: Fri, 13 Jan 2006 10:36:46 -0700 From: Justin Grote User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Rikard Stemland Skjelsvik Cc: Saku Ytti , rancid-discuss@shrubbery.net Subject: Re: really aweful naming convention I dislike References: <20060113072243.GA6431@ytti.fi> <007e01c6184e$53e2b540$fe2010ac@trex> <20060113144506.GA10821@ytti.fi> <43C7D490.2000402@grote.name> <20060113163827.GA11876@ytti.fi> <43C7D893.2040404@grote.name> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-SpamDetect: **: 2.000000 Content: cid=309(2.0) =2.0 X-IP-stats: Incoming Last 0, First 112, in=78, out=0, spam=0 X-External-IP: 24.119.164.164 X-Abuse-Info: Send abuse complaints to abuse@cableone.net Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Rikard Stemland Skjelsvik wrote: > They wrote another document about a year later. > http://www.cesnet.cz/doc/techzpravy/2003/netopeer-dtd/ Ah, I thought that previous article looked familiar. Yes, I do remember this one as well. Thanks for bringing it up. -- Justin Grote Network Architect JWG Networks From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 13 18:45:08 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 6152E11CE2E for ; Fri, 13 Jan 2006 18:45:07 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id C73A386543; Fri, 13 Jan 2006 18:45:06 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id BAA6686547; Fri, 13 Jan 2006 18:45:06 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from filesrv1.baby-dragons.com (filesrv1.baby-dragons.com [199.33.245.55]) by guelah.shrubbery.net (Postfix) with ESMTP id 92AA68653F for ; Fri, 13 Jan 2006 18:45:03 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by filesrv1.baby-dragons.com (8.13.4/8.13.4) with ESMTP id k0DIioV5011940; Fri, 13 Jan 2006 11:44:50 -0700 Date: Fri, 13 Jan 2006 11:44:50 -0700 (MST) From: "Mr. James W. Laferriere" To: Rikard Stemland Skjelsvik Cc: Justin Grote , Saku Ytti , rancid-discuss@shrubbery.net Subject: Re: really aweful naming convention I dislike In-Reply-To: Message-ID: References: <20060113072243.GA6431@ytti.fi> <007e01c6184e$53e2b540$fe2010ac@trex> <20060113144506.GA10821@ytti.fi> <43C7D490.2000402@grote.name> <20060113163827.GA11876@ytti.fi> <43C7D893.2040404@grote.name> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Hello All , On Fri, 13 Jan 2006, Rikard Stemland Skjelsvik wrote: > They wrote another document about a year later. > http://www.cesnet.cz/doc/techzpravy/2003/netopeer-dtd/ > -- > Rikard > > On Fri, 13 Jan 2006, Justin Grote wrote: > >> Saku Ytti wrote: >> >>> It would always be more or less work in progress, so it would be critical >>> that design allows 'unmanaged' configurations, that currently are not >>> describable with the XML DTD but that can safely be used as-is. >>> But even doing that properly is a challenge (if doable at all), as order >>> how >>> it's eventually pushed to the box may still be very important. >>> >> These guys had an interesting thing going, but I don't think it's been >> updated since 2002: >> >> http://www.cesnet.cz/doc/techzpravy/2002/xmldesign/ >> Seems to be used in their Liberouter project . http://www.liberouter.org/netopeer/about.php -- +------------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network Engineer | 3542 Broken Yoke Dr. | Give me Linux | | babydr@baby-dragons.com | Billings , MT. 59105 | only on AXP | +------------------------------------------------------------------+ From owner-rancid-discuss-outgoing@shrubbery.net Thu Jan 19 19:15:35 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id EA31D11CE33 for ; Thu, 19 Jan 2006 19:15:06 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id C14CB86543; Thu, 19 Jan 2006 19:15:05 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id B44D086546; Thu, 19 Jan 2006 19:15:05 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id 3EE0986544; Thu, 19 Jan 2006 19:15:05 +0000 (UTC) Received: from panorama.Covad.COM (panorama.covad.com [66.134.72.15]) by guelah.shrubbery.net (Postfix) with ESMTP id 0187086543 for ; Thu, 19 Jan 2006 19:12:00 +0000 (UTC) Received: from zanxmb00a.cc-ntd1.covad.com (zanxmb00a.corp.covad.com [172.16.2.75]) by panorama.Covad.COM (8.9.3/8.8.7) with ESMTP id LAA06550; Thu, 19 Jan 2006 11:11:20 -0800 (PST) Received: from ZANEVS03.cc-ntd1.covad.com ([172.16.2.84]) by zanxmb00a.cc-ntd1.covad.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 19 Jan 2006 11:11:01 -0800 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable Subject: RE: really aweful naming convention I dislike Date: Thu, 19 Jan 2006 11:11:01 -0800 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: really aweful naming convention I dislike Thread-Index: AcYX5uYdbRFhGohzSKWhHWsl/5xCMwFRIDVQ From: "Lemaster, Rob" To: Cc: "Robin Mordasiewicz" X-OriginalArrivalTime: 19 Jan 2006 19:11:01.0620 (UTC) FILETIME=[1647AB40:01C61D2C] X-Immunity-Tally: 0 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk You could spend gobs of dough and use Tripwire. Maybe that would be more pleasing to the execs.=20 -----Original Message----- From: owner-rancid-discuss@shrubbery.net [mailto:owner-rancid-discuss@shrubbery.net] On Behalf Of Robin Mordasiewicz Sent: Thursday, January 12, 2006 6:13 PM To: rancid-discuss@shrubbery.net Subject: really aweful naming convention I dislike I really love what rancid is doing for me, but I just cannot tell the=20 company that I am contracting for that I have installed a program called rancid that logs into all their routers regulary and gathers config files. I have changed the user that rancid runs as to "NetConfig" my .02$ keep up the good work. mebbe one day someone will think of a better=20 acronym. From owner-rancid-discuss-outgoing@shrubbery.net Thu Jan 19 19:15:57 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 124A111CE33 for ; Thu, 19 Jan 2006 19:15:57 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 32F6086546; Thu, 19 Jan 2006 19:15:56 +0000 (UTC) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 28D0E86548; Thu, 19 Jan 2006 19:15:56 +0000 (UTC) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id 94DE286547; Thu, 19 Jan 2006 19:15:55 +0000 (UTC) Received: from panorama.Covad.COM (panorama.covad.com [66.134.72.15]) by guelah.shrubbery.net (Postfix) with ESMTP id 0B10586543 for ; Thu, 19 Jan 2006 19:12:44 +0000 (UTC) Received: from zanxmb00b.cc-ntd1.covad.com (zanxmb00b.corp.covad.com [172.16.2.76]) by panorama.Covad.COM (8.9.3/8.8.7) with ESMTP id LAA06877 for ; Thu, 19 Jan 2006 11:12:44 -0800 (PST) Received: from ZANEVS03.cc-ntd1.covad.com ([172.16.2.84]) by zanxmb00b.cc-ntd1.covad.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 19 Jan 2006 11:12:25 -0800 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C61D2C.480BE8A0" Subject: Rancid error when pulling ERX configs Date: Thu, 19 Jan 2006 11:12:25 -0800 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Rancid error when pulling ERX configs Thread-Index: AcYdLEiPKpUl/Ax9Rz2ZEEB38R5HOw== From: "Lemaster, Rob" To: X-OriginalArrivalTime: 19 Jan 2006 19:12:25.0483 (UTC) FILETIME=[484425B0:01C61D2C] X-Immunity-Tally: 0 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk This is a multi-part message in MIME format. ------_=_NextPart_001_01C61D2C.480BE8A0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable Rancid v. 2.3.2a3 on Linux FC4 w/ ViewCVS v 0.9.4 =20 Rancid is pulling configs from all devices except one. I have another of the same device and that is pulling configs fine. I tried adding the device by IP only in router.db, unsuccessful. Device type in router.db is correct. I can log in and pull configs by using ./clogin -c 'show configuration e i a; show hardware' IP, DNS info is correct, device is reachable by rancid. Password info is correct (using AAA, autoenable is set to 1) =20 Any ideas on fixing this issue would be appreciated. Thanks for your time! =20 Error log: =20 Trying to get all of the configs. write(spawn_id=3D1): broken pipe while executing "send_user -- "$expect_out(buffer)"" invoked from within "expect -nobrace -re+ { exp_continue } -re {^[^ ^M *]*Lab-ERX-02([^#>\r\n]+)?[#>]($[^)\r\n]+$)?} { send_user -- "$expect_out(buffer)" } -re {^..." invoked from within "expect { -re "\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprompt." { send..." invoked from within "if [ string match "*\;*" "$command" ] { set commands [split $command \;] set num_commands [llength $commands] # the pager can not be turned off on ..." (procedure "run_commands" line 34) invoked from within "run_commands $prompt $command" ("foreach" body line 145) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" =20 # Figure out the prompt. # autoenabl..." (file "/usr/local/rancid//bin/clogin" line 688) lab-erx-02: missed cmd(s): show configuration e i a,show hardware lab-erx-02: End of run not found ! ------_=_NextPart_001_01C61D2C.480BE8A0 Content-Type: text/html; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable

Rancid v. 2.3.2a3 on Linux FC4 w/ ViewCVS v = 0.9.4

Rancid is pulling configs from all devices except = one.

I have another of the same device and that is pulling = configs fine.

I tried adding the device by IP only in router.db, unsuccessful.

Device type in router.db is = correct.

I can log in and pull configs by using ./clogin -c = 'show configuration e i a; show hardware' <devicename>

IP, DNS info is correct, device is = reachable by rancid.

Password info is correct (using AAA, autoenable is = set to 1)

Any ideas on fixing this issue would be = appreciated.

Thanks for your time!

Error log:

Trying to get all of the configs.

write(spawn_id=3D1): broken pipe

while executing

"send_user -- = "$expect_out(buffer)""

invoked from = within

"expect -nobrace -re+ { exp_continue } -re = {^[^

^M = *]*Lab-ERX-02([^#>\r\n]+)?[#>]($[^)\r\n]+$)?} { send_user -- "$expect_out(buffer)"

= &= nbsp; &n= bsp; &nb= sp; } -re {^..."

invoked from = within

"expect {

= -re "\b+" &nbs= p; = ; { exp_continue }

= -re "^\[^\n\r *]*$reprompt" { = send_user -- "$expect_out(buffer)"

= &= nbsp; &n= bsp; &nb= sp; }

= -re "^\[^\n\r]*$reprompt." { = send..."

invoked from = within

"if [ string match "*\;*" "$command" ] {

set = commands [split $command \;]

set = num_commands [llength $commands]

# the = pager can not be turned off on ..."

(procedure = "run_commands" line 34)

invoked from = within

"run_commands $prompt = $command"

("foreach" body line = 145)

invoked from = within

"foreach router [lrange $argv $i end] = {

set router [string tolower = $router]

send_user = "$router\n"

# Figure out the = prompt.

# = autoenabl..."

(file = "/usr/local/rancid//bin/clogin" line 688)

lab-erx-02: missed cmd(s): show configuration e i = a,show hardware

lab-erx-02: End of run not found

------_=_NextPart_001_01C61D2C.480BE8A0-- From owner-rancid-discuss-outgoing@shrubbery.net Wed Jan 25 19:31:26 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 40FB211CE2E for ; Wed, 25 Jan 2006 19:31:25 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 7097086543; Wed, 25 Jan 2006 11:31:24 -0800 (PST) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 63AFF86546; Wed, 25 Jan 2006 11:31:24 -0800 (PST) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 7053) id DFD0086544; Wed, 25 Jan 2006 11:31:23 -0800 (PST) Received: from panorama.Covad.COM (panorama.covad.com [66.134.72.15]) by guelah.shrubbery.net (Postfix) with ESMTP id BE5F086546 for ; Tue, 24 Jan 2006 02:10:13 +0000 (UTC) Received: from zanxmb00b.cc-ntd1.covad.com (zanxmb00b.corp.covad.com [172.16.2.76]) by panorama.Covad.COM (8.9.3/8.8.7) with ESMTP id SAA16690 for ; Mon, 23 Jan 2006 18:10:10 -0800 (PST) Received: from ZANEVS03.cc-ntd1.covad.com ([172.16.2.84]) by zanxmb00b.cc-ntd1.covad.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 23 Jan 2006 18:09:50 -0800 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Subject: ERX bugs in Rancid? Date: Mon, 23 Jan 2006 18:09:50 -0800 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: ERX bugs in Rancid? Thread-Index: AcYdLEiPKpUl/Ax9Rz2ZEEB38R5HOwDVTpNw From: "Lemaster, Rob" To: X-OriginalArrivalTime: 24 Jan 2006 02:09:50.0491 (UTC) FILETIME=[41E816B0:01C6208B] X-Immunity-Tally: 0 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk I overheard that there are some bugs with Rancid & Unisphere/Juniper ERX = BRASs. Can anyone confirm or deny this? I'm running 2 ERXs, one works = fine, but Rancid can't get the config off the other one even though = clogin works just fine.. I've run clogin -c with no errors, I've triple-checked my .cloginrc, = routers.db, etc, etc. and still can't get Rancid to pick up the last ERX = config. Any thoughts or feedback would be greatly appreciated! ERROR: [rancid@rancid-01 bin]$ ./jerancid -d lab-erx-02.lab.covad.com executing clogin -t 90 -c"show version;show redundancy;show boot;show = environment all;dir;show hardware;show configuration" = lab-erx-02.lab.covad.com PROMPT MATCH: Lab-ERX-02# HIT COMMAND:Lab-ERX-02#show version In ShowVersion: Lab-ERX-02#show version HIT COMMAND:Lab-ERX-02#show redundancy In ShowRedundancy: Lab-ERX-02#show redundancy HIT COMMAND:Lab-ERX-02#show boot In ShowBoot: Lab-ERX-02#show boot HIT COMMAND:Lab-ERX-02#show environment all In ShowEnv: Lab-ERX-02#show environment all HIT COMMAND:Lab-ERX-02#dir In DirSlotN: Lab-ERX-02#dir write(spawn_id=3D1): broken pipe while executing "send_user -- "$expect_out(buffer)"" invoked from within "expect -nobrace -re+ { exp_continue } -re {^[^ *]*Lab-ERX-02([^#>\r\n]+)?[#>]($[^)\r\n]+$)?} { send_user -- = "$expect_out(buffer)" } -re {^..." invoked from within "expect { -re "\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- = "$expect_out(buffer)" } -re "^\[^\n\r]*$reprompt." { send..." invoked from within "if [ string match "*\;*" "$command" ] { set commands [split $command \;] set num_commands [llength $commands] # the pager can not be turned off on ..." (procedure "run_commands" line 34) invoked from within "run_commands $prompt $command" ("foreach" body line 145) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] send_user "$router\n" # Figure out the prompt. # autoenabl..." (file "/usr/local/rancid/bin/clogin" line 688) lab-erx-02.lab.covad.com: missed cmd(s): show configuration,show = hardware lab-erx-02.lab.covad.com: missed cmd(s): show configuration,show = hardware lab-erx-02.lab.covad.com: End of run not found lab-erx-02.lab.covad.com: End of run not found ! -----Original Message----- From: owner-rancid-discuss@shrubbery.net = [mailto:owner-rancid-discuss@shrubbery.net] On Behalf Of Lemaster, Rob Sent: Thursday, January 19, 2006 11:12 AM To: rancid-discuss@shrubbery.net Subject: Rancid error when pulling ERX configs Rancid v. 2.3.2a3 on Linux FC4 w/ ViewCVS v 0.9.4 =A0 Rancid is pulling configs from all devices except one. I have another of the same device and that is pulling configs fine. I tried adding the device by IP only in router.db, unsuccessful. Device type in router.db is correct. I can log in and pull configs by using ./clogin -c 'show configuration e = i a; show hardware' =A0=A0 IP, DNS info is correct, device is reachable by rancid. Password info is correct (using AAA, autoenable is set to 1) =A0 Any ideas on fixing this issue would be appreciated. Thanks for your time! =A0 Error log: =A0 Trying to get all of the configs. write(spawn_id=3D1): broken pipe =A0=A0=A0 while executing "send_user -- "$expect_out(buffer)"" =A0=A0=A0 invoked from within "expect -nobrace -re+ { exp_continue } -re {^[^ ^M *]*Lab-ERX-02([^#>\r\n]+)?[#>]($[^)\r\n]+$)?} { send_user -- = "$expect_out(buffer)" =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 } -re = {^..." =A0=A0=A0 invoked from within "expect { =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 -re = "\b+"=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 = { exp_continue } =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 -re "^\[^\n\r = *]*$reprompt"=A0=A0=A0=A0 { send_user -- "$expect_out(buffer)" =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 } =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 -re = "^\[^\n\r]*$reprompt."=A0=A0=A0=A0=A0 { send..." =A0=A0=A0 invoked from within "if [ string match "*\;*" "$command" ] { =A0=A0=A0=A0=A0=A0=A0 set commands [split $command \;] =A0=A0=A0=A0=A0=A0=A0 set num_commands [llength $commands] =A0=A0=A0=A0=A0=A0=A0 # the pager can not be turned off on ..." =A0=A0=A0 (procedure "run_commands" line 34) =A0=A0=A0 invoked from within "run_commands $prompt $command" =A0=A0=A0 ("foreach" body line 145) =A0=A0=A0 invoked from within "foreach router [lrange $argv $i end] { =A0=A0=A0 set router [string tolower $router] =A0=A0=A0 send_user "$router\n" =A0 =A0=A0=A0 # Figure out the prompt. =A0=A0=A0 # autoenabl..." =A0=A0=A0 (file "/usr/local/rancid//bin/clogin" line 688) lab-erx-02: missed cmd(s): show configuration e i a,show hardware lab-erx-02: End of run not found ! From owner-rancid-discuss-outgoing@shrubbery.net Thu Jan 26 09:12:00 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id AC95D11CE2E for ; Thu, 26 Jan 2006 09:12:00 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id CD78F86546; Thu, 26 Jan 2006 01:11:59 -0800 (PST) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id C30538654B; Thu, 26 Jan 2006 01:11:59 -0800 (PST) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from mail.aims.com.my (mail.aims.com.my [203.223.128.169]) by guelah.shrubbery.net (Postfix) with ESMTP id E63C586546; Thu, 26 Jan 2006 01:11:56 -0800 (PST) Received: from kana (kana.aims.com.my [203.223.134.107]) by mail.aims.com.my (8.12.8/8.12.8) with SMTP id k0Q9Bhmk029442; Thu, 26 Jan 2006 17:11:44 +0800 Message-ID: <018c01c62258$87e89170$6b86dfcb@kana> From: "Kanagaraj Krishna" To: , Subject: Re: RANCID login info Date: Thu, 26 Jan 2006 17:11:45 +0800 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0189_01C6229B.95F403B0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk This is a multi-part message in MIME format. ------=_NextPart_000_0189_01C6229B.95F403B0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable Hi, I'm using RANCID config management tool. As we know the login for = the equipments/devices are kept in the .cloginrc file. I'm quite worried = about this as brings a security vulnerability. Is there a way of keeping = the user login password in encrypted format? Regards, Kanagaraj Krishna ------=_NextPart_000_0189_01C6229B.95F403B0 Content-Type: text/html; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable

Hi,

I'm using RANCID config management = tool. As=20 we know the login for the equipments/devices are kept in = the .cloginrc=20 file. I'm quite worried about this as brings a security vulnerability. = Is there=20 a way of keeping the user login password in encrypted = format?

Regards,

Kanagaraj Krishna

------=_NextPart_000_0189_01C6229B.95F403B0-- From owner-rancid-discuss-outgoing@shrubbery.net Thu Jan 26 09:17:13 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id BA8D911CE2E for ; Thu, 26 Jan 2006 09:17:13 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 67CF086549; Thu, 26 Jan 2006 01:17:12 -0800 (PST) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 599358654B; Thu, 26 Jan 2006 01:17:12 -0800 (PST) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from omta01ps.mx.bigpond.com (omta01ps.mx.bigpond.com [144.140.82.153]) by guelah.shrubbery.net (Postfix) with ESMTP id 496A386549 for ; Thu, 26 Jan 2006 01:17:10 -0800 (PST) Received: from [192.168.1.250] (really [144.133.86.49]) by omta01ps.mx.bigpond.com with ESMTP id <20060126091708.SJEI19070.omta01ps.mx.bigpond.com@[192.168.1.250]>; Thu, 26 Jan 2006 09:17:08 +0000 Message-ID: <43D89390.3020604@choqolat.org> Date: Thu, 26 Jan 2006 20:17:04 +1100 From: Andrew Fort User-Agent: Thunderbird 1.5 (Windows/20051201) MIME-Version: 1.0 To: Kanagaraj Krishna Cc: rancid-discuss@shrubbery.net Subject: Re: RANCID login info References: <018c01c62258$87e89170$6b86dfcb@kana> In-Reply-To: <018c01c62258$87e89170$6b86dfcb@kana> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Kanagaraj Krishna wrote: > Hi, > I'm using RANCID config management tool. As we know the login for > the equipments/devices are kept in the .cloginrc file. I'm quite > worried about this as brings a security vulnerability. Is there a way > of keeping the user login password in encrypted format? > > Regards, > Kanagaraj Krishna No, RANCID doesn't support this presently. From owner-rancid-discuss-outgoing@shrubbery.net Thu Jan 26 15:13:42 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id EC97B11CE2E for ; Thu, 26 Jan 2006 15:13:41 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 1C26786549; Thu, 26 Jan 2006 07:13:41 -0800 (PST) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 0E5BD8654A; Thu, 26 Jan 2006 07:13:41 -0800 (PST) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.198]) by guelah.shrubbery.net (Postfix) with ESMTP id 28D9586548 for ; Thu, 26 Jan 2006 07:13:39 -0800 (PST) Received: by zproxy.gmail.com with SMTP id s18so403012nze for ; Thu, 26 Jan 2006 07:13:39 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=PCxPkMvlx3+6vGAlwouQKxKqhAyKXFpDqJZFYI07A/csk6qHyHj3CURAobCPxzSWMYJpsAnKtIA9U+pfh110GPDN4uARCz2yLKWLryWyGhJ2G7MqFUp6XYhImJkcCuPaijQvtCLGX6WLt4T3Jt5/m+h+uzxOTqB8cUqHIAxqPNA= Received: by 10.36.227.38 with SMTP id z38mr592314nzg; Thu, 26 Jan 2006 07:13:38 -0800 (PST) Received: by 10.36.154.9 with HTTP; Thu, 26 Jan 2006 07:13:31 -0800 (PST) Message-ID: Date: Thu, 26 Jan 2006 15:13:31 +0000 From: Jee Kay To: rancid-discuss@shrubbery.net Subject: [PATCH] Fix SSH usage for nlogin MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_3332_13295699.1138288411069" Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk ------=_Part_3332_13295699.1138288411069 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline The regular expression to allow SSH logins to Netscreens seems to be broken. The attached patch fixes it (at least for me..). Ras ------=_Part_3332_13295699.1138288411069 Content-Type: application/octet-stream; name="nlogin.diff" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="nlogin.diff" LS0tIG5sb2dpbi5vbGQJMjAwNi0wMS0yNiAxNTowODoyMS4wMDAwMDAwMDAgKzAwMDAKKysrIG5s b2dpbgkyMDA2LTAxLTI2IDE1OjExOjAyLjAwMDAwMDAwMCArMDAwMApAQCAtMzU1LDcgKzM1NSw3 IEBACiAJCQkJCSAgc2V0IHVwcm9tcHRfc2VlbiAxCiAJCQkJCSAgZXhwX2NvbnRpbnVlCiAJCQkJ CX0KLQkiQFxbXlxyXG5dK1xbUHBdYXNzd29yZDoiCXsKKyAJLXJlICJAXFteXHJcbl0rXFtQcF1h c3N3b3JkOiIJewogCQkJCQkgICMgc3NoIHB3ZCBwcm9tcHQKIAkJCQkJICBzbGVlcCAxCiAJCQkJ CSAgc2VuZCAiJHVzZXJwc3dkXHIiCg== ------=_Part_3332_13295699.1138288411069-- From owner-rancid-discuss-outgoing@shrubbery.net Thu Jan 26 15:32:16 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 9A3CA11CE2E for ; Thu, 26 Jan 2006 15:32:16 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 47DEB8654D; Thu, 26 Jan 2006 07:32:15 -0800 (PST) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 3A2AF8654F; Thu, 26 Jan 2006 07:32:15 -0800 (PST) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from zenu.net (zenu.net [64.210.23.9]) by guelah.shrubbery.net (Postfix) with ESMTP id 3E9288654D for ; Thu, 26 Jan 2006 07:32:13 -0800 (PST) Received: from zenu.net (lavermil@localhost [127.0.0.1]) by zenu.net (8.13.3/8.13.3) with ESMTP id k0QFW0BJ059755 for ; Thu, 26 Jan 2006 07:32:00 -0800 (PST) (envelope-from lavermil@zenu.net) Received: (from lavermil@localhost) by zenu.net (8.13.3/8.13.3/Submit) id k0QFW0Pv059754 for rancid-discuss@shrubbery.net; Thu, 26 Jan 2006 07:32:00 -0800 (PST) (envelope-from lavermil) Date: Thu, 26 Jan 2006 07:32:00 -0800 From: Lance Vermilion To: rancid-discuss@shrubbery.net Subject: IOS Software version Regex broken/fix Message-ID: <20060126153200.GA59595@viol8tr.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk All, There appears to be issues with the IOS script rancid. It appeats it doesn't pick up all the possible matches. I did a small change that appears to get all IOS software versions. Ranvid Version: rancid.in,v 1.193 2005/08/14 22:29:29 heas Function: sub ShowVersion OLD line 170: /^(Cisco )?IOS .* Software,? $([A-Za-z-0-9]*)$, .*Version\s+(.*)$/ && NEW line 170: /^(Cisco|IOS ).* $([A-Za-z0-9_-]+)$, Version (.*)$/ && -- -Lance From owner-rancid-discuss-outgoing@shrubbery.net Thu Jan 26 16:12:17 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id A6E6811CE2E for ; Thu, 26 Jan 2006 16:12:17 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 7571D86550; Thu, 26 Jan 2006 08:12:16 -0800 (PST) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 68BDA86551; Thu, 26 Jan 2006 08:12:16 -0800 (PST) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from S1.cableone.net (s1.cableone.net [24.116.0.227]) by guelah.shrubbery.net (Postfix) with ESMTP id 5ED528654F for ; Thu, 26 Jan 2006 08:12:14 -0800 (PST) Received: from authmail.cableone.net (unverified [24.116.0.62]) by S1.cableone.net (CableOne SMTP Service S1) with ESMTP id 44499709 for multiple; Thu, 26 Jan 2006 09:12:37 -0700 Received: from [192.168.1.139] ([24.119.164.164]) by authmail.cableone.net with Microsoft SMTPSVC(5.5.1877.447.44); Thu, 26 Jan 2006 09:12:05 -0700 Message-ID: <43D8F4D1.7070809@grote.name> Date: Thu, 26 Jan 2006 09:12:01 -0700 From: Justin Grote User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: kanagaraj@aims.com.my, rancid-discuss@shrubbery.net Subject: Re: RANCID login info References: <018c01c62258$87e89170$6b86dfcb@kana> <43D89390.3020604@choqolat.org> In-Reply-To: <43D89390.3020604@choqolat.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-NotAscii: charset=windows-1252; X-IP-stats: Incoming Last 0, First 452, in=204872, out=0, spam=0 X-External-IP: 24.116.0.62 X-Abuse-Info: Send abuse complaints to abuse@cableone.net Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Andrew Fort wrote: > Kanagaraj Krishna wrote: > >> Hi, >> I'm using RANCID config management tool. As we know the login >> for the equipments/devices are kept in the .cloginrc file. I'm quite >> worried about this as brings a security vulnerability. Is there a way >> of keeping the user login password in encrypted format? > > No, RANCID doesn't support this presently. And probably won't until most network devices support hashed passwords in a standardized format (yeah, thats gonna happen...). Sure you could encrypt the .cloginrc file and decrypt it on demand for RANCID, but since the decryption key is part of the automated process, all you do is obscure the system a little without making it secure (unless you want to manually type a password to decrypt the keystore each time you run rancid). This is a usability/security tradeoff that goes in favor of useability I'm afraid. In the meantime, just chmod 600 your .cloginrc file so no other users can view it. Generally then you only have to worry about either a root or physical compromise, both of which, if happen, you will probably have more problems than just that .cloginrc. If you're really paranoid and your devices support RADIUS or OTP, use a RADIUS read-only user or set up an OTP hook. If you put mysql usernames and passwords in the configuration files for PHP apps like MediaWiki and Mambo, you shouldn't worry about RANCID. -- Justin Grote Network Architect JWG Networks From owner-rancid-discuss-outgoing@shrubbery.net Thu Jan 26 17:33:21 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id A564911CE2E for ; Thu, 26 Jan 2006 17:33:20 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 8334A86552; Thu, 26 Jan 2006 09:33:19 -0800 (PST) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 78EEB86558; Thu, 26 Jan 2006 09:33:19 -0800 (PST) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from mail1.panix.com (mail1.panix.com [166.84.1.72]) by guelah.shrubbery.net (Postfix) with ESMTP id 0F67886552; Thu, 26 Jan 2006 09:33:17 -0800 (PST) Received: from panix5.panix.com (panix5.panix.com [166.84.1.5]) by mail1.panix.com (Postfix) with ESMTP id BF25F58887; Thu, 26 Jan 2006 12:33:16 -0500 (EST) Received: (from eravin@localhost) by panix5.panix.com (8.11.6p3/8.8.8/PanixN1.1) id k0QHXG707833; Thu, 26 Jan 2006 12:33:16 -0500 (EST) Date: Thu, 26 Jan 2006 12:33:16 -0500 From: Ed Ravin To: Kanagaraj Krishna Cc: rancid-discuss@shrubbery.net, rancid@shrubbery.net Subject: Re: RANCID login info Message-ID: <20060126173316.GB7268@panix.com> References: <018c01c62258$87e89170$6b86dfcb@kana> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <018c01c62258$87e89170$6b86dfcb@kana> X-Y-Z: 1, 2, 3? User-Agent: Mutt/1.5.10i Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On Thu, Jan 26, 2006 at 05:11:45PM +0800, Kanagaraj Krishna wrote: > I'm using RANCID config management tool. As we know the login for the > equipments/devices are kept in the .cloginrc file. I'm quite worried about > this as brings a security vulnerability. Is there a way of keeping the > user login password in encrypted format? If you get a root-level compromise on your RANCID box, even if the passwords are stored in encrypted format, an intelligent intruder would be able to find them. After all, RANCID has to be able to decrypt the passwords somehow. Since the .cloginrc is executed just like another expect script - you could write your own code to read encrypted passwords from somewhere else and decrypt them on the fly. That would at least keep the passwords reasonably safe in your backups, if you're not encrypted the backups. Of course, the program would need the key to decrypt the passwords, which itself might end up on your backup tape unencrypted or be obtained by an intruder during a breakin. From owner-rancid-discuss-outgoing@shrubbery.net Thu Jan 26 19:00:00 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id C28C311CE2E for ; Thu, 26 Jan 2006 18:59:58 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 0B69A86551; Thu, 26 Jan 2006 10:59:58 -0800 (PST) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id F2E1586555; Thu, 26 Jan 2006 10:59:57 -0800 (PST) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from habitcafe.com (roman.off.org [198.145.4.117]) by guelah.shrubbery.net (Postfix) with ESMTP id B12208654F for ; Thu, 26 Jan 2006 10:59:55 -0800 (PST) Received: from off.org (peace.off.org [198.145.4.116]) by habitcafe.com (8.12.10/8.12.10/SuSE Linux 0.7) with ESMTP id k0QIxq6h018128 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Thu, 26 Jan 2006 10:59:52 -0800 Received: from off.org (localhost [127.0.0.1]) by off.org (8.12.7/8.12.7/SuSE Linux 0.6) with ESMTP id k0QIxkV7016486; Thu, 26 Jan 2006 10:59:46 -0800 Received: (from tex@localhost) by off.org (8.12.7/8.12.7/Submit) id k0QIxkeJ016485; Thu, 26 Jan 2006 10:59:46 -0800 Date: Thu, 26 Jan 2006 10:59:46 -0800 From: Austin Schutz To: Justin Grote Cc: kanagaraj@aims.com.my, rancid-discuss@shrubbery.net Subject: Re: RANCID login info Message-ID: <20060126185946.GR16653@gblx.net> References: <018c01c62258$87e89170$6b86dfcb@kana> <43D89390.3020604@choqolat.org> <43D8F4D1.7070809@grote.name> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <43D8F4D1.7070809@grote.name> User-Agent: Mutt/1.4i Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On Thu, Jan 26, 2006 at 09:12:01AM -0700, Justin Grote wrote: > Andrew Fort wrote: > > >Kanagaraj Krishna wrote: > > > >>Hi, > >> I'm using RANCID config management tool. As we know the login > >>for the equipments/devices are kept in the .cloginrc file. I'm quite > >>worried about this as brings a security vulnerability. Is there a way > >>of keeping the user login password in encrypted format? > > You can mitigate the vulnerability somewhat by applying an ACL to make sure only the polling box can login to the devices. Austin From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 27 03:21:54 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id BAC1E11CE2E for ; Fri, 27 Jan 2006 03:21:53 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 5793386558; Thu, 26 Jan 2006 19:21:47 -0800 (PST) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 4A80F86559; Thu, 26 Jan 2006 19:21:47 -0800 (PST) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from mail.aims.com.my (mail.aims.com.my [203.223.128.169]) by guelah.shrubbery.net (Postfix) with ESMTP id E3DA18654F for ; Thu, 26 Jan 2006 19:21:44 -0800 (PST) Received: from kana (kana.aims.com.my [203.223.134.107]) by mail.aims.com.my (8.12.8/8.12.8) with SMTP id k0R3LXpr010981; Fri, 27 Jan 2006 11:21:34 +0800 Message-ID: <008f01c622f0$fb22dfe0$6b86dfcb@kana> From: "Kanagaraj Krishna" To: "Austin Schutz" , "Justin Grote" Cc: References: <018c01c62258$87e89170$6b86dfcb@kana> <43D89390.3020604@choqolat.org> <43D8F4D1.7070809@grote.name> <20060126185946.GR16653@gblx.net> Subject: Re: RANCID login info Date: Fri, 27 Jan 2006 11:23:01 +0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Thanks. Do you mean, using hosts.allow/deny or are there builtin function in RANCID. ----- Original Message ----- From: "Austin Schutz" To: "Justin Grote" Cc: ; Sent: Friday, January 27, 2006 2:59 AM Subject: Re: RANCID login info > On Thu, Jan 26, 2006 at 09:12:01AM -0700, Justin Grote wrote: > > Andrew Fort wrote: > > > > >Kanagaraj Krishna wrote: > > > > > >>Hi, > > >> I'm using RANCID config management tool. As we know the login > > >>for the equipments/devices are kept in the .cloginrc file. I'm quite > > >>worried about this as brings a security vulnerability. Is there a way > > >>of keeping the user login password in encrypted format? > > > > > You can mitigate the vulnerability somewhat by applying an ACL > to make sure only the polling box can login to the devices. > > Austin > From owner-rancid-discuss-outgoing@shrubbery.net Fri Jan 27 03:24:03 2006 Return-Path: X-Original-To: rancid-discuss-archive@ni.shrubbery.net Delivered-To: rancid-discuss-archive@ni.shrubbery.net Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (Postfix) with ESMTP id 3C71511CE2E for ; Fri, 27 Jan 2006 03:24:02 +0000 (UTC) Received: by guelah.shrubbery.net (Postfix) id 75BD086559; Thu, 26 Jan 2006 19:24:01 -0800 (PST) Delivered-To: rancid-discuss-outgoing@shrubbery.net Received: by guelah.shrubbery.net (Postfix, from userid 10007) id 67FFD8655B; Thu, 26 Jan 2006 19:24:01 -0800 (PST) X-Original-To: rancid-discuss@shrubbery.net Delivered-To: rancid-discuss@shrubbery.net Received: from tower.partan.com (tower.partan.com [198.6.255.248]) by guelah.shrubbery.net (Postfix) with ESMTP id 9313486559 for ; Thu, 26 Jan 2006 19:24:00 -0800 (PST) Received: from tower.partan.com (localhost.partan.com [127.0.0.1]) by tower.partan.com (8.13.1/8.13.1) with ESMTP id k0R3NrUp096142; Thu, 26 Jan 2006 22:23:53 -0500 (EST) (envelope-from asp@tower.partan.com) Received: (from asp@localhost) by tower.partan.com (8.13.1/8.13.1/Submit) id k0R3NrHL096139; Thu, 26 Jan 2006 22:23:53 -0500 (EST) (envelope-from asp) Date: Thu, 26 Jan 2006 22:23:53 -0500 From: Andrew Partan To: Kanagaraj Krishna Cc: rancid-discuss@shrubbery.net Subject: Re: RANCID login info Message-ID: <20060127032353.GA96123@partan.com> References: <018c01c62258$87e89170$6b86dfcb@kana> <43D89390.3020604@choqolat.org> <43D8F4D1.7070809@grote.name> <20060126185946.GR16653@gblx.net> <008f01c622f0$fb22dfe0$6b86dfcb@kana> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <008f01c622f0$fb22dfe0$6b86dfcb@kana> User-Agent: Mutt/1.4.2.1i Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk On Fri, Jan 27, 2006 at 11:23:01AM +0800, Kanagaraj Krishna wrote: > Thanks. Do you mean, using hosts.allow/deny or are there builtin function in > RANCID. No, do it with an access-list on the router itself. --asp