From adam.korab at gmail.com Tue Aug 2 15:21:16 2011 From: adam.korab at gmail.com (Adam Korab) Date: Tue, 2 Aug 2011 10:21:16 -0500 Subject: [rancid] Cisco Message-ID: Hi rancideers, Just added a couple SAN switches (Cisco MDS 9216i, SAN-OS 3.3(3)) to rancid using the regular device type cisco and receive the below cycling outputs every hour: What could cause this, a pager problem? FWIW I've already added 'term width 0' to the usual 'terminal length 0' in bin/clogin to address the VLAN membership line-wrap behavior. Thanks, --Adam Index: configs/s1 =================================================================== - -- configs/s1 (revision 1777) - Hide quoted text - @@ -135,10 +135,10 @@ snmp-server enable traps fcs snmp-server enable traps rscn snmp-server enable traps vrrp - snmp-server enable traps snmp authentication snmp-server enable traps fspf snmp-server enable traps fdmi snmp-server enable traps license + snmp-server enable traps snmp authentication zone mode enhanced vsan 10 callhome snmp-server enable traps aaa server-state-change Index: configs/s1 =================================================================== - -- configs/s1(revision 1816) - Hide quoted text - @@ -135,10 +135,10 @@ snmp-server enable traps fcs snmp-server enable traps rscn snmp-server enable traps vrrp + snmp-server enable traps snmp authentication snmp-server enable traps fspf snmp-server enable traps fdmi snmp-server enable traps license - snmp-server enable traps snmp authentication zone mode enhanced vsan 10 callhome snmp-server enable traps aaa server-state-change From heas at shrubbery.net Tue Aug 2 15:45:41 2011 From: heas at shrubbery.net (john heasley) Date: Tue, 2 Aug 2011 15:45:41 +0000 Subject: [rancid] Cisco In-Reply-To: References: Message-ID: <20110802154541.GS25308@shrubbery.net> Tue, Aug 02, 2011 at 10:21:16AM -0500, Adam Korab: > Hi rancideers, > > Just added a couple SAN switches (Cisco MDS 9216i, SAN-OS 3.3(3)) to > rancid using the regular device type cisco and receive the below > cycling outputs every hour: What could cause this, a pager problem? > FWIW I've already added 'term width 0' to the usual 'terminal length > 0' in bin/clogin to address the VLAN membership line-wrap behavior. it wasn't coded properly when the command was added to the ios code. report it to the TAC and try a newer image or filter the line in the rancid script. From adam.korab at gmail.com Tue Aug 2 16:16:09 2011 From: adam.korab at gmail.com (Adam Korab) Date: Tue, 2 Aug 2011 11:16:09 -0500 Subject: [rancid] Cisco In-Reply-To: <20110802154541.GS25308@shrubbery.net> References: <20110802154541.GS25308@shrubbery.net> Message-ID: Hi John, On Tue, Aug 2, 2011 at 10:45 AM, john heasley wrote: > > it wasn't coded properly when the command was added to the ios code. > report it to the TAC and try a newer image or filter the line in the > rancid script. Can I get a quick how-to on filtering lines within rancid? I need this for another application as well; I've got another line to filter within the fortigate. I attempted modeling it after what I saw in fnracid for conf_file_ver # remove occurrances of conf_file_ver next if (/^#?conf_file_ver=/); I added a next if immediately after this one, matching off of Disk Usage, which is also prepended with # in the config: # remove disk usage cycling from fortianalyzer next if (/^ #?Disk Usage/); But it's not suppressing these. What am I missing? The line in question is: - #Disk Usage: Free 145.30GB, Total 330.10GB + #Disk Usage: Free 144.76GB, Total 330.10GB Thanks, --Adam From rancid at gheek.net Wed Aug 3 16:07:51 2011 From: rancid at gheek.net (Lance Vermilion) Date: Wed, 3 Aug 2011 09:07:51 -0700 Subject: [rancid] RANCID and Redcom Labs Slice 2100 In-Reply-To: <20110728102508.GQ13113@gmail.com> References: <20110728102508.GQ13113@gmail.com> Message-ID: It is a typical menu system where you enter and option and then from there you might get to set values or go into sub menus. I think it is going to be a very trialing experiment to get it to work. I might just start with expect and see if I can get it to work. If I succeed then move to a rancid script and going from there. On Thu, Jul 28, 2011 at 3:25 AM, Gavin McCullagh wrote: > Hi, > > On Wed, 27 Jul 2011, Lance Vermilion wrote: > > > Has anyone used Expect or RANCID to connect to the Redcom Labs Slice 2100 > or > > HDX? It has a menu like interface but nothing like routers/switches that > are > > menu based. > > I take it this is a menu system in a text console? Many 3Com switches have > something similar to this. Regrettably, the 3Coms don't seem to have a way > to dump the config to the command line. This is the key issue really. > After that, you may need to massage the code a little to best deal with > your device's syntax and output. > > The 3Coms have a way to upload the config to a remote TFTP server and I've > been considering using that as a workaround, ie connect to switch, > upload the config to a server, then connect to the server over tftp and > download the config for rancid to work on. It's messy though. > > Gavin > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Fri Aug 5 00:18:24 2011 From: heas at shrubbery.net (john heasley) Date: Fri, 5 Aug 2011 00:18:24 +0000 Subject: [rancid] Cisco In-Reply-To: References: <20110802154541.GS25308@shrubbery.net> Message-ID: <20110805001824.GK12426@shrubbery.net> Tue, Aug 02, 2011 at 11:16:09AM -0500, Adam Korab: > Hi John, > > On Tue, Aug 2, 2011 at 10:45 AM, john heasley wrote: > > > > it wasn't coded properly when the command was added to the ios code. > > report it to the TAC and try a newer image or filter the line in the > > rancid script. > > Can I get a quick how-to on filtering lines within rancid? I need > this for another application as well; I've got another line to filter > within the fortigate. I attempted modeling it after what I saw in > fnracid for conf_file_ver > > # remove occurrances of conf_file_ver > next if (/^#?conf_file_ver=/); > > I added a next if immediately after this one, matching off of Disk > Usage, which is also prepended with # in the config: > > # remove disk usage cycling from fortianalyzer > next if (/^ #?Disk Usage/); either the format or case doesn't match the line properly or its in the wrong location. I do not have a fortinet, so i don't know which it is. > But it's not suppressing these. What am I missing? The line in question is: > > - #Disk Usage: Free 145.30GB, Total 330.10GB > + #Disk Usage: Free 144.76GB, Total 330.10GB > > Thanks, > > --Adam From rancid at ale.cx Fri Aug 5 07:19:31 2011 From: rancid at ale.cx (Alex DEKKER) Date: Fri, 05 Aug 2011 08:19:31 +0100 Subject: [rancid] Cisco In-Reply-To: References: <20110802154541.GS25308@shrubbery.net> Message-ID: <4c3b0a5748577e39297939a0617ad638@ale.cx> On Tue, 2 Aug 2011 11:16:09 -0500, Adam Korab wrote: > I added a next if immediately after this one, matching off of Disk > Usage, which is also prepended with # in the config: > > # remove disk usage cycling from fortianalyzer > next if (/^ #?Disk Usage/); > > But it's not suppressing these. What am I missing? The line in > question is: > > - #Disk Usage: Free 145.30GB, Total 330.10GB > + #Disk Usage: Free 144.76GB, Total 330.10GB Does the line really start with a space as your regexp [and that excerpt from RANCID] suggests? I ask this because the diff emails I get from RANCID have a space between the - or + and the line, but I don't think that space is really there in the config. alexd From bha.Qaqish at NITC.gov.jo Sun Aug 7 08:48:00 2011 From: bha.Qaqish at NITC.gov.jo (bha Qaqish) Date: Sun, 7 Aug 2011 11:48:00 +0300 Subject: [rancid] rancid all hung Message-ID: Dear What is the meaning of rancid all hung on ubuntu? Old lockfile still exists: -rw-r----- 1 rancid rancid 0 2011-08-05 12:41 /tmp/.all.run.lock And what the cause of it And how can I solve it PLZ THANKS BHA QAQISH -------------- next part -------------- An HTML attachment was scrubbed... URL: From rwest at zyedge.com Sun Aug 7 14:38:48 2011 From: rwest at zyedge.com (Ryan West) Date: Sun, 7 Aug 2011 14:38:48 +0000 Subject: [rancid] rancid all hung In-Reply-To: References: Message-ID: <4FE56C44-9E90-427E-8EEC-849CEC1E9CD0@zyedge.com> Are you backing up an IPS? ps -aux | grep rancid and look for the hung process. That should allow it to finish and clear out the tmp file. Sent from handheld On Aug 7, 2011, at 4:49 AM, bha Qaqish > wrote: Dear What is the meaning of rancid all hung on ubuntu? Old lockfile still exists: -rw-r----- 1 rancid rancid 0 2011-08-05 12:41 /tmp/.all.run.lock And what the cause of it And how can I solve it PLZ THANKS BHA QAQISH _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: From jethro.binks at strath.ac.uk Sun Aug 7 14:51:30 2011 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Sun, 7 Aug 2011 15:51:30 +0100 (BST) Subject: [rancid] rancid all hung In-Reply-To: <4FE56C44-9E90-427E-8EEC-849CEC1E9CD0@zyedge.com> References: <4FE56C44-9E90-427E-8EEC-849CEC1E9CD0@zyedge.com> Message-ID: On Sun, 7 Aug 2011, Ryan West wrote: > Are you backing up an IPS? ps -aux | grep rancid and look for the hung > process. That should allow it to finish and clear out the tmp file. If there is no rancid process running, then you can just delete the lockfile. I occasionally found that sometimes if you rancid-run from the CLI then ^C to kill it quickly, it won't clear up the lockfile. If once you've tidied up and let it run again the lockfile re-appears and rancid doesn't complete properly, you'll need to look into why it is taking so long. If you can identify which device, try running in debug mode which might give some clues. Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. > > Sent from handheld > > On Aug 7, 2011, at 4:49 AM, bha Qaqish > wrote: > > > Dear > What is the meaning of > > rancid all hung on ubuntu? Old lockfile still exists: > > -rw-r----- 1 rancid rancid 0 2011-08-05 12:41 /tmp/.all.run.lock > > > > And what the cause of it > > And how can I solve it PLZ > THANKS > > BHA QAQISH From bha.Qaqish at NITC.gov.jo Mon Aug 8 07:33:23 2011 From: bha.Qaqish at NITC.gov.jo (bha Qaqish) Date: Mon, 8 Aug 2011 10:33:23 +0300 Subject: [rancid] rancid all hung In-Reply-To: <4FE56C44-9E90-427E-8EEC-849CEC1E9CD0@zyedge.com> References: <4FE56C44-9E90-427E-8EEC-849CEC1E9CD0@zyedge.com> Message-ID: Dear Am just backup routers and SWs. BR [cid:image001.jpg at 01CC55B6.992CA330] ???? ????????? ????????? ?????? ?. ???? ???? ????? ????? ????? /??? ????? ???????/ ????? ??????? ??????? ?.?. 259 ?????? 11941 ?????? ????: 371 - 5300222 6 (962+) ????: 5300277 6 (962+) ???? ????????: bha.qaqish at nitc.gov.jo __________________________ Disclaimer The message contained in this e-mail is meant for the use of the intended recipient only. If you are not the intended recipient, please notify the sender immediately. Any unauthorized disclosure, copying, distribution of or taking any action in reliance on the contents of the information contained herein is strictly prohibited. From: Ryan West [mailto:rwest at zyedge.com] Sent: Sunday, August 07, 2011 5:39 PM To: bha Qaqish Cc: rancid-discuss at shrubbery.net; rancid-discuss-bounces at shrubbery.net Subject: Re: [rancid] rancid all hung Are you backing up an IPS? ps -aux | grep rancid and look for the hung process. That should allow it to finish and clear out the tmp file. Sent from handheld On Aug 7, 2011, at 4:49 AM, bha Qaqish > wrote: Dear What is the meaning of rancid all hung on ubuntu? Old lockfile still exists: -rw-r----- 1 rancid rancid 0 2011-08-05 12:41 /tmp/.all.run.lock And what the cause of it And how can I solve it PLZ THANKS BHA QAQISH _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 2018 bytes Desc: image001.jpg URL: From jesse_house at yahoo.com Thu Aug 11 00:10:44 2011 From: jesse_house at yahoo.com (Jesse House) Date: Wed, 10 Aug 2011 17:10:44 -0700 (PDT) Subject: [rancid] working nslogin / nsrancid for netscaler 9.12 Message-ID: <1313021444.28415.YahooMailNeo@web126111.mail.ne1.yahoo.com> Hi All, I was having quite a time w/ nslogin and nsrancid, so I modified them and have them working now w/ Citrix netscaler 9.2? Here are my diffs: diff nslogin.original nslogin 520c520 < ? ? set prompt "#" --- > ? ? set prompt ">" 621,622c621,624 < ? ? ? -re "^.+$prompt" ? ? ? ?{ set junk $expect_out(0,string); < ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? regsub -all "\[\]\[]" $junk {\\&} prompt; } --- > # ? ? -re "^.+$prompt" ? ? ? ?{ set junk $expect_out(0,string); > # ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? regsub -all "\[\]\[]" $junk {\\&} prompt; } > ? ? ? ? -re "^$prompt" ? ? ? ?{ set junk $expect_out(0,string); > ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? regsub -all "\[\]\[]" $junk {\\&} prompt; } --------------------------------------- diff nsrancid.original nsrancid 69c69,70 < $prompt = "netscaler#"; --- > #$prompt = "netscaler#"; > $prompt = ">"; 177c178 < ? ? ? last if (/^$prompt/); --- > ? ? ? last if (/ Done/); 192c193 < ? ? if (/exit$/) { --- > ? ? if (/ Done$/) { --------------------------------------- Regards, Jesse House? p.s. this is my first time posting to this list so please forgive an formatting, subject line mistakes... Cheers!? -------------- next part -------------- An HTML attachment was scrubbed... URL: From dmack at verizon.com Fri Aug 19 15:12:35 2011 From: dmack at verizon.com (Mack, David A (Dave)) Date: Fri, 19 Aug 2011 11:12:35 -0400 Subject: [rancid] Email Question Message-ID: Hello All! I tried looking at the FAQ and email achieves and I could not find any discussions on this topic. We have a very large network and having been using Rancid for many years. It has work really well for us. However, the number of devices and changes has gone beyond ability to track on a daily basis. By this I mean that we no longer require the daily diff and possibly even the changes emails for each device group. Is there a clean way to stop Rancid from sending these emails? Thanks in Advance! Dave ___________________________________________________________________________ David A. Mack (703) 886-2661 (W) CCIE #6963 (Sec, SP OPS, SP and R&S) JNCIE-M #399 CISSP (703) 431-7617 (C) email: dmack at verizon.com ___________________________________________________________________________ "We are now the knights who say... Ping!" From keith at it-manage.com Fri Aug 19 15:22:39 2011 From: keith at it-manage.com (Keith Todd) Date: Fri, 19 Aug 2011 11:22:39 -0400 Subject: [rancid] Newbie --need direction Message-ID: I just need some direction for rancid. I am running Ubuntu server 11.04 postfix as MTA Subversion If anyone could point me to a doc(s) for best practice. I have looked but they are some many. Thanks Keith Todd From heas at shrubbery.net Fri Aug 19 16:37:19 2011 From: heas at shrubbery.net (john heasley) Date: Fri, 19 Aug 2011 16:37:19 +0000 Subject: [rancid] Email Question In-Reply-To: References: Message-ID: <20110819163719.GB4590@shrubbery.net> Fri, Aug 19, 2011 at 11:12:35AM -0400, Mack, David A (Dave): > Hello All! > I tried looking at the FAQ and email achieves and I could not find any discussions on this topic. We have a very large network and having been using Rancid for many years. It has work really well for us. However, the number of devices and changes has gone beyond ability to track on a daily basis. By this I mean that we no longer require the daily diff and possibly even the changes emails for each device group. Is there a clean way to stop Rancid from sending these emails? the easiest way would be to redirect the mail alias for the given group(s) to /dev/null or better yet (imo), let those who wish not to receive them filter them via procmail. From heas at shrubbery.net Fri Aug 19 16:39:40 2011 From: heas at shrubbery.net (john heasley) Date: Fri, 19 Aug 2011 16:39:40 +0000 Subject: [rancid] Newbie --need direction In-Reply-To: References: Message-ID: <20110819163940.GC4590@shrubbery.net> Fri, Aug 19, 2011 at 11:22:39AM -0400, Keith Todd: > > I just need some direction for rancid. > > > I am running > Ubuntu server 11.04 > postfix as MTA > Subversion > > If anyone could point me to a doc(s) for best practice. I have looked but they are some many. direction to do what? I presume installation/initial config; there are a few how-to get started docs linked from the rancid page for linux/freebsd. From adam.korab at gmail.com Fri Aug 19 16:35:16 2011 From: adam.korab at gmail.com (Adam Korab) Date: Fri, 19 Aug 2011 11:35:16 -0500 Subject: [rancid] Newbie --need direction In-Reply-To: References: Message-ID: On Fri, Aug 19, 2011 at 10:22 AM, Keith Todd wrote: > > I just need some direction for rancid. > > > I am running > Ubuntu server 11.04 > postfix as MTA > Subversion > > If anyone could point me to a doc(s) for best practice. ?I have looked but they are some many. Start with the README file in the directory created when you unpacked the tar.gz. Look for the section titled "Quick Installation Guide" --Adam From dmack at verizon.com Fri Aug 19 17:38:31 2011 From: dmack at verizon.com (Mack, David A (Dave)) Date: Fri, 19 Aug 2011 13:38:31 -0400 Subject: [rancid] Email Question In-Reply-To: <20110819163719.GB4590@shrubbery.net> References: <20110819163719.GB4590@shrubbery.net> Message-ID: John, Thanks for the quick response! The challenge with procmail is that the users are in a corporate environment where email is handled by MS Exchange. Thanks! Dave -----Original Message----- From: john heasley [mailto:heas at shrubbery.net] Sent: Friday, August 19, 2011 12:37 PM To: Mack, David A (Dave) Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Email Question Fri, Aug 19, 2011 at 11:12:35AM -0400, Mack, David A (Dave): > Hello All! > I tried looking at the FAQ and email achieves and I could not find any discussions on this topic. We have a very large network and having been using Rancid for many years. It has work really well for us. However, the number of devices and changes has gone beyond ability to track on a daily basis. By this I mean that we no longer require the daily diff and possibly even the changes emails for each device group. Is there a clean way to stop Rancid from sending these emails? the easiest way would be to redirect the mail alias for the given group(s) to /dev/null or better yet (imo), let those who wish not to receive them filter them via procmail. From adam.korab at gmail.com Fri Aug 19 17:42:07 2011 From: adam.korab at gmail.com (Adam Korab) Date: Fri, 19 Aug 2011 12:42:07 -0500 Subject: [rancid] Email Question In-Reply-To: References: <20110819163719.GB4590@shrubbery.net> Message-ID: On Fri, Aug 19, 2011 at 12:38 PM, Mack, David A (Dave) wrote: > John, > ? ? ? ?Thanks for the quick response! The challenge with procmail is that the users are in a corporate environment where email is handled by MS Exchange. Do you have local aliases defined on the machine running rancid itself, like rancid-foo and rancid-admin-foo? If so, just change that to /dev/null and bitbucket it. --Adam From dmack at verizon.com Fri Aug 19 17:43:38 2011 From: dmack at verizon.com (Mack, David A (Dave)) Date: Fri, 19 Aug 2011 13:43:38 -0400 Subject: [rancid] Email Question In-Reply-To: References: <20110819163719.GB4590@shrubbery.net> Message-ID: Adam, Check! That is exactly what I will do. Thanks! Dave -----Original Message----- From: Adam Korab [mailto:adam.korab at gmail.com] Sent: Friday, August 19, 2011 1:42 PM To: Mack, David A (Dave) Cc: john heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Email Question On Fri, Aug 19, 2011 at 12:38 PM, Mack, David A (Dave) wrote: > John, > ? ? ? ?Thanks for the quick response! The challenge with procmail is that the users are in a corporate environment where email is handled by MS Exchange. Do you have local aliases defined on the machine running rancid itself, like rancid-foo and rancid-admin-foo? If so, just change that to /dev/null and bitbucket it. --Adam From heas at shrubbery.net Fri Aug 19 17:48:27 2011 From: heas at shrubbery.net ('john heasley') Date: Fri, 19 Aug 2011 17:48:27 +0000 Subject: [rancid] Email Question In-Reply-To: References: <20110819163719.GB4590@shrubbery.net> Message-ID: <20110819174827.GA506@shrubbery.net> Fri, Aug 19, 2011 at 01:38:31PM -0400, Mack, David A (Dave): > John, > Thanks for the quick response! The challenge with procmail is that the users are in a corporate environment where email is handled by MS Exchange. eliminate them [from the mail list]. or, use mailman to expand the list, where users can individually configure themselves to receive the mail, block the mail, receive a digest, or review archives. From adam.korab at gmail.com Fri Aug 19 17:45:38 2011 From: adam.korab at gmail.com (Adam Korab) Date: Fri, 19 Aug 2011 12:45:38 -0500 Subject: [rancid] Email Question In-Reply-To: References: <20110819163719.GB4590@shrubbery.net> Message-ID: On Fri, Aug 19, 2011 at 12:43 PM, Mack, David A (Dave) wrote: > Adam, > ? ? ? ?Check! That is exactly what I will do. Been there, done that. ;-) And thus, the great philsophical debate of whether you put an Exchange DL as the target in /etc/aliases and control the user distribution at Exchange, or add the individual user accounts to the localhost alias.... --Adam From dmack at verizon.com Fri Aug 19 17:50:49 2011 From: dmack at verizon.com (Mack, David A (Dave)) Date: Fri, 19 Aug 2011 13:50:49 -0400 Subject: [rancid] Email Question In-Reply-To: References: <20110819163719.GB4590@shrubbery.net> Message-ID: Adam, John, Thanks to you both for your responses. I too can see the pros and cons of both approaches. Being a very small team, /dev/null is the path of least resistance. Thanks! Dave ___________________________________________________________________________ David A. Mack (703) 886-2661 (W) CCIE #6963 (Sec, SP OPS, SP and R&S) JNCIE-M #399 CISSP (703) 431-7617 (C) email: dmack at verizon.com ___________________________________________________________________________ "We are now the knights who say... Ping!" -----Original Message----- From: Adam Korab [mailto:adam.korab at gmail.com] Sent: Friday, August 19, 2011 1:46 PM To: Mack, David A (Dave) Cc: john heasley; rancid-discuss at shrubbery.net Subject: Re: [rancid] Email Question On Fri, Aug 19, 2011 at 12:43 PM, Mack, David A (Dave) wrote: > Adam, > ? ? ? ?Check! That is exactly what I will do. Been there, done that. ;-) And thus, the great philsophical debate of whether you put an Exchange DL as the target in /etc/aliases and control the user distribution at Exchange, or add the individual user accounts to the localhost alias.... --Adam From keith at it-manage.com Fri Aug 19 17:09:04 2011 From: keith at it-manage.com (Keith Todd) Date: Fri, 19 Aug 2011 13:09:04 -0400 Subject: [rancid] Newbie --need direction In-Reply-To: References: Message-ID: I install apt-get install rancid I add the groups I need in the rancid.conf I change from cvs to svn i run rancid-cvs I added the alias need to email = postfix MTA what I need to know, using the apt-get install rancid is correct way? I am can get the configs from routers, switches (cisco only for now) with clogin -c 'write term" -autoenable ipaddress > location HP switches I cannot. Just make sure I have the correct distro. Thanks again for any insight. Keith On Aug 19, 2011, at 12:35 PM, Adam Korab wrote: > On Fri, Aug 19, 2011 at 10:22 AM, Keith Todd wrote: >> >> I just need some direction for rancid. >> >> >> I am running >> Ubuntu server 11.04 >> postfix as MTA >> Subversion >> >> If anyone could point me to a doc(s) for best practice. I have looked but they are some many. > > Start with the README file in the directory created when you unpacked > the tar.gz. Look for the section titled "Quick Installation Guide" > > --Adam > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From Brian.Mahaffey at schneider-electric.com Fri Aug 19 18:33:59 2011 From: Brian.Mahaffey at schneider-electric.com (Mahaffey, Brian) Date: Fri, 19 Aug 2011 11:33:59 -0700 Subject: [rancid] Newbie --need direction In-Reply-To: References: Message-ID: <99E4E17B1348404D878FA9382AA5F3E20FA6DF@WMVUSClo01Mail.pelco.org> With HP are you using hlogin -c 'write term" -autoenable ipaddress -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Keith Todd Sent: Friday, August 19, 2011 10:09 AM To: Rancid-discuss at shrubbery.net Subject: Re: [rancid] Newbie --need direction I install apt-get install rancid I add the groups I need in the rancid.conf I change from cvs to svn i run rancid-cvs I added the alias need to email = postfix MTA what I need to know, using the apt-get install rancid is correct way? I am can get the configs from routers, switches (cisco only for now) with clogin -c 'write term" -autoenable ipaddress > location HP switches I cannot. Just make sure I have the correct distro. Thanks again for any insight. Keith On Aug 19, 2011, at 12:35 PM, Adam Korab wrote: > On Fri, Aug 19, 2011 at 10:22 AM, Keith Todd wrote: >> >> I just need some direction for rancid. >> >> >> I am running >> Ubuntu server 11.04 >> postfix as MTA >> Subversion >> >> If anyone could point me to a doc(s) for best practice. I have looked but they are some many. > > Start with the README file in the directory created when you unpacked > the tar.gz. Look for the section titled "Quick Installation Guide" > > --Adam > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ From keith at it-manage.com Fri Aug 19 18:46:29 2011 From: keith at it-manage.com (Keith Todd) Date: Fri, 19 Aug 2011 14:46:29 -0400 Subject: [rancid] Newbie --need direction In-Reply-To: <99E4E17B1348404D878FA9382AA5F3E20FA6DF@WMVUSClo01Mail.pelco.org> References: <99E4E17B1348404D878FA9382AA5F3E20FA6DF@WMVUSClo01Mail.pelco.org> Message-ID: will try the hlogin thanks for your help On Aug 19, 2011, at 2:33 PM, Mahaffey, Brian wrote: > With HP are you using hlogin -c 'write term" -autoenable ipaddress > > > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Keith Todd > Sent: Friday, August 19, 2011 10:09 AM > To: Rancid-discuss at shrubbery.net > Subject: Re: [rancid] Newbie --need direction > > > I install > apt-get install rancid > > I add the groups I need in the rancid.conf > > I change from cvs to svn > > i run rancid-cvs > > I added the alias need to email = postfix MTA > > what I need to know, > > using the apt-get install rancid is correct way? > > I am can get the configs from routers, switches (cisco only for now) > with clogin -c 'write term" -autoenable ipaddress > location > > HP switches I cannot. > > Just make sure I have the correct distro. > > Thanks again for any insight. > > Keith > > > On Aug 19, 2011, at 12:35 PM, Adam Korab wrote: > >> On Fri, Aug 19, 2011 at 10:22 AM, Keith Todd > wrote: >>> >>> I just need some direction for rancid. >>> >>> >>> I am running >>> Ubuntu server 11.04 >>> postfix as MTA >>> Subversion >>> >>> If anyone could point me to a doc(s) for best practice. I have > looked but they are some many. >> >> Start with the README file in the directory created when you unpacked >> the tar.gz. Look for the section titled "Quick Installation Guide" >> >> --Adam >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > > ______________________________________________________________________ > This email has been scanned by the MessageLabs Email Security System. > For more information please visit http://www.messagelabs.com/email > ______________________________________________________________________ From adam.korab at gmail.com Fri Aug 19 18:15:56 2011 From: adam.korab at gmail.com (Adam Korab) Date: Fri, 19 Aug 2011 13:15:56 -0500 Subject: [rancid] Newbie --need direction In-Reply-To: References: Message-ID: On Fri, Aug 19, 2011 at 12:09 PM, Keith Todd wrote: > > I am can get the configs from routers, switches (cisco only for now) with clogin -c 'write term" -autoenable ?ipaddress > location > > HP switches I cannot. Try using hlogin instead of clogin for your HP devices, and make sure that in router.db for the group you use: switchname:hp:up instead of switchname:cisco:up so rancid will know to use hrancid/hlogin) for that device. --Adam From paul at gear.dyndns.org Sat Aug 20 00:29:54 2011 From: paul at gear.dyndns.org (Paul Gear) Date: Sat, 20 Aug 2011 10:29:54 +1000 Subject: [rancid] Newbie --need direction In-Reply-To: References: <99E4E17B1348404D878FA9382AA5F3E20FA6DF@WMVUSClo01Mail.pelco.org> Message-ID: On 20/08/11 04:46, Keith Todd wrote: > will try the hlogin > > thanks for your help > ... > On Aug 19, 2011, at 2:33 PM, Mahaffey, Brian wrote: > >> With HP are you using hlogin -c 'write term" -autoenable ipaddress Note that for interactive use, clogin is often better than hlogin for recent ProCurve models. I use RANCID with 5400, 2810/2800, 2610/2600, and 2520/2510, and in every case, clogin works better than hlogin when logging in interactively via ssh. For batch use, hlogin is necessary. YMMV. Paul From paul at gear.dyndns.org Sat Aug 20 00:31:02 2011 From: paul at gear.dyndns.org (Paul Gear) Date: Sat, 20 Aug 2011 10:31:02 +1000 Subject: [rancid] Newbie --need direction In-Reply-To: References: Message-ID: On 20/08/11 03:09, Keith Todd wrote: > ... > HP switches I cannot. Another suggestion: set autoenable in .cloginrc for recent ProCurve models. From adam.korab at gmail.com Mon Aug 22 14:38:28 2011 From: adam.korab at gmail.com (Adam Korab) Date: Mon, 22 Aug 2011 09:38:28 -0500 Subject: [rancid] Discussion of what is almost certainly a terrible idea Message-ID: Hi gang, Has anybody ever attempted to coerce running rancid on a Windows host[0], using cygwin or the like? If so, met with any success? --Adam [0] I know, I know. It's a layer 8 problem of "We don't use any Linux servers here, only Windows!" From dmack at verizon.com Mon Aug 22 16:34:01 2011 From: dmack at verizon.com (Mack, David A (Dave)) Date: Mon, 22 Aug 2011 12:34:01 -0400 Subject: [rancid] Strange Jerancid/Rancid behavior Message-ID: All, Hello! I am in the process of bringing up a new Rancid server and have run into something with at least the jerancid script for Juniper ERXs. What I am seeing is related to password removal. I have filter passwords globally set to "no". However the ERXs have certain passwords that have their hashes calculated on the fly. So each time they are display the values shown will change. This means you get a new CVS every run. Jerancid has routines to handle two of these conditions for FTP and MPLS LDP passwords: # ftp host encrypted password oscillates if (/^(host \S+ \S+ ftp) /) { if ($filter_pwds >= 1 || /^host \S+ \S+ ftp \d /) { ProcessHistory("","","","!$1 \n"); next; } } # mpls ldp encrypted password oscillates if (/^(mpls ldp neighbor \S+ password)/) { if ($filter_pwds >= 1 || /^mpls ldp neighbor \S+ password \d /) { ProcessHistory("","","","!$1 \n"); next; } } I am comparing the collected configuration files between my old Rancid install and my new one and here is what I am seeing: Old Rancid: !host "FTP1" 172.15.1.1 ftp !host "FTP2" 172.15.1.2 ftp New Rancid: ! ! I looked at the code for jerancid and I could not find any significant changes that would cause this. When I jerancid from the command line with the debug flag I got: csrest01(opseng)$ jerancid -d -l erx-ser-01 executing clogin -t 90 -c"show version;show redundancy;show boot;show environment all;dir;show hardware;show configuration" ERX-ser-01 executing clogin -t 90 -c"show version;show redundancy;show boot;show environment all;dir;show hardware;show configuration" ERX-ser-01 PROMPT MATCH: ERX-SER-01# HIT COMMAND:ERX-SER-01#show version In ShowVersion: ERX-SER-01#show version HIT COMMAND:ERX-SER-01#show redundancy In ShowRedundancy: ERX-SER-01#show redundancy HIT COMMAND:ERX-SER-01#show boot In ShowBoot: ERX-SER-01#show boot HIT COMMAND:ERX-SER-01#show environment all In ShowEnv: ERX-SER-01#show environment all HIT COMMAND:ERX-SER-01#dir In DirSlotN: ERX-SER-01#dir HIT COMMAND:ERX-SER-01#show hardware In ShowHardware: ERX-SER-01#show hardware HIT COMMAND:ERX-SER-01#show configuration In WriteTerm: ERX-SER-01#show configuration Done : ERX-SER-01#exit When I look at the .new file created, it does have full commands: !host "FTP1" 172.15.1.1 ftp !host "FTP2" 172.15.1.2 ftp What gives? Any ideas how to troubleshoot and resolve this? My setup: Rancid 2.3.6 CVS-1.11.23 Perl 5.8.8 Solaris 10 x86 Thanks! Dave From babydr at baby-dragons.com Mon Aug 22 18:57:22 2011 From: babydr at baby-dragons.com (Mr. James W. Laferriere) Date: Mon, 22 Aug 2011 10:57:22 -0800 (AKDT) Subject: [rancid] dlogin ( http://www.rickyninja.net/rancid/ ) Message-ID: Hello All , Does anyone know howto contact the site administrator & get them to fix the redirect to port :81 for the webpage in the subject matter . ie: http://www.rickyninja.net/rancid/ Firefox can't establish a connection to the server at web.rickyninja.net:81. Tia , JimL -- +------------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network&System Engineer | 3237 Holden Road | Give me Linux | | babydr at baby-dragons.com | Fairbanks, AK. 99709 | only on AXP | +------------------------------------------------------------------+ From babydr at baby-dragons.com Mon Aug 22 20:55:24 2011 From: babydr at baby-dragons.com (Mr. James W. Laferriere) Date: Mon, 22 Aug 2011 12:55:24 -0800 (AKDT) Subject: [rancid] dlogin ( http://www.rickyninja.net/rancid/ ) In-Reply-To: References: Message-ID: Hello All , On Mon, 22 Aug 2011, Mr. James W. Laferriere wrote: > Hello All , Does anyone know howto contact the site administrator & > get them to fix the redirect to port :81 for the webpage in the subject > matter . > ie: http://www.rickyninja.net/rancid/ > > Firefox can't establish a connection to the server at web.rickyninja.net:81. This is a problem with a firewall configuration at place of employ . Thank you all for your help . Twyl , JimL -- +------------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network&System Engineer | 3237 Holden Road | Give me Linux | | babydr at baby-dragons.com | Fairbanks, AK. 99709 | only on AXP | +------------------------------------------------------------------+ From heas at shrubbery.net Mon Aug 22 22:32:10 2011 From: heas at shrubbery.net (john heasley) Date: Mon, 22 Aug 2011 22:32:10 +0000 Subject: [rancid] Strange Jerancid/Rancid behavior In-Reply-To: References: Message-ID: <20110822223210.GK17092@shrubbery.net> Mon, Aug 22, 2011 at 12:34:01PM -0400, Mack, David A (Dave): > All, > Hello! I am in the process of bringing up a new Rancid server and have run into something with at least the jerancid script for Juniper ERXs. What I am seeing is related to password removal. I have filter passwords globally set to "no". However the ERXs have certain passwords that have their hashes calculated on the fly. So each time they are display the values shown will change. This means you get a new CVS every run. Jerancid has routines to handle two of these conditions for FTP and MPLS LDP passwords: > > # ftp host encrypted password oscillates > if (/^(host \S+ \S+ ftp) /) { > if ($filter_pwds >= 1 || /^host \S+ \S+ ftp \d /) { > ProcessHistory("","","","!$1 \n"); next; > } > } > # mpls ldp encrypted password oscillates > if (/^(mpls ldp neighbor \S+ password)/) { > if ($filter_pwds >= 1 || /^mpls ldp neighbor \S+ password \d /) { > ProcessHistory("","","","!$1 \n"); next; > } > } > > I am comparing the collected configuration files between my old Rancid install and my new one and here is what I am seeing: > > Old Rancid: > > !host "FTP1" 172.15.1.1 ftp > !host "FTP2" 172.15.1.2 ftp > > New Rancid: > > ! > ! Does this fix it? Index: jerancid.in =================================================================== --- jerancid.in (revision 2320) +++ jerancid.in (working copy) @@ -444,14 +444,16 @@ # ftp host encrypted password oscillates if (/^(host \S+ \S+ ftp) /) { + my($prefix) = $1; if ($filter_pwds >= 1 || /^host \S+ \S+ ftp \d /) { - ProcessHistory("","","","!$1 \n"); next; + ProcessHistory("","","","!$prefix \n"); next; } } # mpls ldp encrypted password oscillates if (/^(mpls ldp neighbor \S+ password)/) { + my($prefix) = $1; if ($filter_pwds >= 1 || /^mpls ldp neighbor \S+ password \d /) { - ProcessHistory("","","","!$1 \n"); next; + ProcessHistory("","","","!$prefix \n"); next; } } From dmack at verizon.com Mon Aug 22 23:39:38 2011 From: dmack at verizon.com (Mack, David A (Dave)) Date: Mon, 22 Aug 2011 19:39:38 -0400 Subject: [rancid] Strange Jerancid/Rancid behavior In-Reply-To: <20110822223210.GK17092@shrubbery.net> References: <20110822223210.GK17092@shrubbery.net> Message-ID: John, That fixed it. Can you tell me what the issue was? Thanks! Dave ___________________________________________________________________________ David A. Mack (703) 886-2661 (W) CCIE #6963 (Sec, SP OPS, SP and R&S) JNCIE-M #399 CISSP (703) 431-7617 (C) email: dmack at verizon.com ___________________________________________________________________________ "We are now the knights who say... Ping!" -----Original Message----- From: john heasley [mailto:heas at shrubbery.net] Sent: Monday, August 22, 2011 6:32 PM To: Mack, David A (Dave) Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Strange Jerancid/Rancid behavior Mon, Aug 22, 2011 at 12:34:01PM -0400, Mack, David A (Dave): > All, > Hello! I am in the process of bringing up a new Rancid server and have run into something with at least the jerancid script for Juniper ERXs. What I am seeing is related to password removal. I have filter passwords globally set to "no". However the ERXs have certain passwords that have their hashes calculated on the fly. So each time they are display the values shown will change. This means you get a new CVS every run. Jerancid has routines to handle two of these conditions for FTP and MPLS LDP passwords: > > # ftp host encrypted password oscillates > if (/^(host \S+ \S+ ftp) /) { > if ($filter_pwds >= 1 || /^host \S+ \S+ ftp \d /) { > ProcessHistory("","","","!$1 \n"); next; > } > } > # mpls ldp encrypted password oscillates > if (/^(mpls ldp neighbor \S+ password)/) { > if ($filter_pwds >= 1 || /^mpls ldp neighbor \S+ password \d /) { > ProcessHistory("","","","!$1 \n"); next; > } > } > > I am comparing the collected configuration files between my old Rancid install and my new one and here is what I am seeing: > > Old Rancid: > > !host "FTP1" 172.15.1.1 ftp > !host "FTP2" 172.15.1.2 ftp > > New Rancid: > > ! > ! Does this fix it? Index: jerancid.in =================================================================== --- jerancid.in (revision 2320) +++ jerancid.in (working copy) @@ -444,14 +444,16 @@ # ftp host encrypted password oscillates if (/^(host \S+ \S+ ftp) /) { + my($prefix) = $1; if ($filter_pwds >= 1 || /^host \S+ \S+ ftp \d /) { - ProcessHistory("","","","!$1 \n"); next; + ProcessHistory("","","","!$prefix \n"); next; } } # mpls ldp encrypted password oscillates if (/^(mpls ldp neighbor \S+ password)/) { + my($prefix) = $1; if ($filter_pwds >= 1 || /^mpls ldp neighbor \S+ password \d /) { - ProcessHistory("","","","!$1 \n"); next; + ProcessHistory("","","","!$prefix \n"); next; } } From dmack at verizon.com Mon Aug 22 23:44:27 2011 From: dmack at verizon.com (Mack, David A (Dave)) Date: Mon, 22 Aug 2011 19:44:27 -0400 Subject: [rancid] Strange Jerancid/Rancid behavior In-Reply-To: <20110822223210.GK17092@shrubbery.net> References: <20110822223210.GK17092@shrubbery.net> Message-ID: Oh and btw the bgp neighbor passwords are also fluctuating. So I am going to use the same logic on them as well. You might want to include that with future updates. Thanks! Dave -----Original Message----- From: john heasley [mailto:heas at shrubbery.net] Sent: Monday, August 22, 2011 6:32 PM To: Mack, David A (Dave) Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Strange Jerancid/Rancid behavior Mon, Aug 22, 2011 at 12:34:01PM -0400, Mack, David A (Dave): > All, > Hello! I am in the process of bringing up a new Rancid server and have run into something with at least the jerancid script for Juniper ERXs. What I am seeing is related to password removal. I have filter passwords globally set to "no". However the ERXs have certain passwords that have their hashes calculated on the fly. So each time they are display the values shown will change. This means you get a new CVS every run. Jerancid has routines to handle two of these conditions for FTP and MPLS LDP passwords: > > # ftp host encrypted password oscillates > if (/^(host \S+ \S+ ftp) /) { > if ($filter_pwds >= 1 || /^host \S+ \S+ ftp \d /) { > ProcessHistory("","","","!$1 \n"); next; > } > } > # mpls ldp encrypted password oscillates > if (/^(mpls ldp neighbor \S+ password)/) { > if ($filter_pwds >= 1 || /^mpls ldp neighbor \S+ password \d /) { > ProcessHistory("","","","!$1 \n"); next; > } > } > > I am comparing the collected configuration files between my old Rancid install and my new one and here is what I am seeing: > > Old Rancid: > > !host "FTP1" 172.15.1.1 ftp > !host "FTP2" 172.15.1.2 ftp > > New Rancid: > > ! > ! Does this fix it? Index: jerancid.in =================================================================== --- jerancid.in (revision 2320) +++ jerancid.in (working copy) @@ -444,14 +444,16 @@ # ftp host encrypted password oscillates if (/^(host \S+ \S+ ftp) /) { + my($prefix) = $1; if ($filter_pwds >= 1 || /^host \S+ \S+ ftp \d /) { - ProcessHistory("","","","!$1 \n"); next; + ProcessHistory("","","","!$prefix \n"); next; } } # mpls ldp encrypted password oscillates if (/^(mpls ldp neighbor \S+ password)/) { + my($prefix) = $1; if ($filter_pwds >= 1 || /^mpls ldp neighbor \S+ password \d /) { - ProcessHistory("","","","!$1 \n"); next; + ProcessHistory("","","","!$prefix \n"); next; } } From ler762 at gmail.com Tue Aug 23 04:56:27 2011 From: ler762 at gmail.com (Lee) Date: Tue, 23 Aug 2011 00:56:27 -0400 Subject: [rancid] Discussion of what is almost certainly a terrible idea In-Reply-To: References: Message-ID: On 8/22/11, Adam Korab wrote: > Hi gang, > > Has anybody ever attempted to coerce running rancid on a Windows > host[0], using cygwin or the like? If so, met with any success? It works great using cygwin. The problems I remember were that a timeout tended to hang clogin. My fix was sending an "exit" to the ssh process somewhere around line 433: # This helps cleanup each expect clause. expect_after { timeout { send_user "\nError: TIMEOUT reached\n" send "exit\r" ;# -LR- catch {close}; catch {wait}; if { $in_proc} { return 1 } else { continue } The other issue was that long device names caused [i forgot what problem] in clogin. My fix was bumping up the match length somewhere around line 644: # match cisco config mode prompts too, such as router(config-if)#, # but catalyst does not change in this fashion. # -LR- regsub -all fails on cygwin + long device name. {1,21} works regsub -all {^(.{1,21}).*([#>])$} $prompt {\1([^#>\r\n]+)?[#>](\\([^)\\r\\n]+\\))?} reprompt expect { -re $reprompt {} -re "\[\n\r]+" { exp_continue } } Lee From sarikoudis at googlemail.com Tue Aug 23 08:42:35 2011 From: sarikoudis at googlemail.com (theodoros sarikoudis) Date: Tue, 23 Aug 2011 11:42:35 +0300 Subject: [rancid] Discussion of what is almost certainly a terrible idea In-Reply-To: References: Message-ID: The only issue is a modification on the ping command Install cygwin with gcc download and untar rancid sources run (from untar directory ) the standard: ./configure install any missing components from the ./configure output then run : make report if you get any errors. (I used rancid from 2005 on cygwin till now. I got also the same answer: we are a windows shop!) On Mon, Aug 22, 2011 at 5:38 PM, Adam Korab wrote: > Hi gang, > > Has anybody ever attempted to coerce running rancid on a Windows > host[0], using cygwin or the like? ?If so, met with any success? > > --Adam > > [0] I know, I know. ?It's a layer 8 problem of "We don't use any Linux > servers here, only Windows!" > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From kyudayev at verizon.com Tue Aug 23 13:16:25 2011 From: kyudayev at verizon.com (Yudayev, Konstantin) Date: Tue, 23 Aug 2011 09:16:25 -0400 Subject: [rancid] Strange Jerancid/Rancid behavior In-Reply-To: <20110822223210.GK17092@shrubbery.net> References: <20110822223210.GK17092@shrubbery.net> Message-ID: <9AC0C0E7EE58024D9FCD4BE6E956E1F41CC443F94F@FLDP1LUMXC7V53.us.one.verizon.com> John, Is there any way to make rancid ignore "fluctuating" password lines during diff rather than removing them from configs? Configs with removed passwords are not suitable for restore for example. ---- Konstantin Yudayev Verizon - IP Systems Operations & Support Office: (703) 886-6694 22001 Loudoun County Parkway, Ashburn, VA 20147 Email: kyudayev at verizon.com -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of john heasley Sent: Monday, August 22, 2011 18:32 To: Mack, David A (Dave) Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Strange Jerancid/Rancid behavior Mon, Aug 22, 2011 at 12:34:01PM -0400, Mack, David A (Dave): > All, > Hello! I am in the process of bringing up a new Rancid server and have run into something with at least the jerancid script for Juniper ERXs. What I am seeing is related to password removal. I have filter passwords globally set to "no". However the ERXs have certain passwords that have their hashes calculated on the fly. So each time they are display the values shown will change. This means you get a new CVS every run. Jerancid has routines to handle two of these conditions for FTP and MPLS LDP passwords: > > # ftp host encrypted password oscillates > if (/^(host \S+ \S+ ftp) /) { > if ($filter_pwds >= 1 || /^host \S+ \S+ ftp \d /) { > ProcessHistory("","","","!$1 \n"); next; > } > } > # mpls ldp encrypted password oscillates > if (/^(mpls ldp neighbor \S+ password)/) { > if ($filter_pwds >= 1 || /^mpls ldp neighbor \S+ password \d /) { > ProcessHistory("","","","!$1 \n"); next; > } > } > > I am comparing the collected configuration files between my old Rancid install and my new one and here is what I am seeing: > > Old Rancid: > > !host "FTP1" 172.15.1.1 ftp > !host "FTP2" 172.15.1.2 ftp > > New Rancid: > > ! > ! Does this fix it? Index: jerancid.in =================================================================== --- jerancid.in (revision 2320) +++ jerancid.in (working copy) @@ -444,14 +444,16 @@ # ftp host encrypted password oscillates if (/^(host \S+ \S+ ftp) /) { + my($prefix) = $1; if ($filter_pwds >= 1 || /^host \S+ \S+ ftp \d /) { - ProcessHistory("","","","!$1 \n"); next; + ProcessHistory("","","","!$prefix \n"); next; } } # mpls ldp encrypted password oscillates if (/^(mpls ldp neighbor \S+ password)/) { + my($prefix) = $1; if ($filter_pwds >= 1 || /^mpls ldp neighbor \S+ password \d /) { - ProcessHistory("","","","!$1 \n"); next; + ProcessHistory("","","","!$prefix \n"); next; } } _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From dmack at verizon.com Tue Aug 23 17:26:48 2011 From: dmack at verizon.com (Mack, David A (Dave)) Date: Tue, 23 Aug 2011 13:26:48 -0400 Subject: [rancid] XRRANCID with CRS-1 devices Message-ID: All, As I progress with our new install of Rancid version 2.3.6 I am taking a close look at how the xrrancid script handles CRS-1 routers running IOS-XR. We have single and multi-chassis CSR-1 systems currently running IOS-XR 3.9. What I am seeing is that some of the commands syntax are not supported on the device at all and others are not pulling all the information that they might. In the hopes that it might help improve this script, I have listed my observations below: 1) Show Version Is not picking up the following: 2 Management Ethernet 192 GigabitEthernet 95 SONET/SDH 95 Packet over SONET/SDH 1019k bytes of non-volatile configuration memory. 76170M bytes of hard disk. 2049888k bytes of disk0: (Sector size 512 bytes). It is also showing the processor as !Chassis type: CRS-16/S - a CRS-16/S router !CPU: 7457 Where the raw output is this: cisco CRS-16/S (7457) processor with 4194304K bytes of memory. 7457 processor at 1197Mhz, Revision 1.2 So perhaps we could make it more descriptive? 2) show redundancy secondary That syntax is not supported on the CRS-1: RP/0/RP0/CPU0:ROUTER#show redundancy secondary ^ % Invalid input detected at '^' marker. RP/0/RP0/CPU0:ROUTER#show redundancy ? location Location to display statistics Redundancy statistics information summary Show summary of all redundant node pairs trace Show redundancy trace data | Output Modifiers 3) admin show env all output None of the output of this command is making into the output from xrrancid 4) show diag chassis-info This syntax is also not supported on the CRS-1 RP/0/RP0/CPU0:ROUTER#sh diag ? 0/0/CPU0 Fully qualified location specification 0/1/CPU0 Fully qualified location specification 0/11/CPU0 Fully qualified location specification 0/12/CPU0 Fully qualified location specification 0/13/CPU0 Fully qualified location specification 0/14/CPU0 Fully qualified location specification 0/15/CPU0 Fully qualified location specification 0/2/CPU0 Fully qualified location specification 0/3/CPU0 Fully qualified location specification 0/4/CPU0 Fully qualified location specification 0/5/CPU0 Fully qualified location specification 0/6/CPU0 Fully qualified location specification 0/8/CPU0 Fully qualified location specification 0/9/CPU0 Fully qualified location specification 0/RP0/CPU0 Fully qualified location specification 0/RP1/CPU0 Fully qualified location specification WORD Fully qualified location specification WORD Partially qualified location specification details display more details than the normal show diag summary display a summary (one line per slot) of the chassis | Output Modifiers 5) show controllers This command requires an argument on the CRS-1: RP/0/RP0/CPU0:ROUTER#sh controllers % Incomplete command. RP/0/RP0/CPU0:ROUTER#sh controllers ? ATM ATM Network Interface(s) E1 E1 Port controller(s) E3 E3 Port controller(s) GigabitEthernet GigabitEthernet/IEEE 802.3 interface(s) MgmtEth Ethernet/IEEE 802.3 interface(s) MgmtMultilink Controller for the management of multilink interfacess POS Packet over SONET/SDH network interface(s) SONET SONET/SDH Port controller(s) T1 T1 Port controller(s) T3 T3 Port controller(s) asic Select ASIC to peek & poke. asic-scan Generic ASIC Scan cpuctrl Show commands for the cpuctrl ASIC egressq Egressq show commands egressq Show Egress Queue Manager information fabricq Fabric queue ASIC show screens. fia Display Fabric Interface ASIC (FIA) information ingressq Show commands for the ingressq queueing ASIC. karachi Karachi Framer information null show commands for null interface plim PLIM Information plim-oc768 OC768 PLIM information pm Show commands for Platform-mgr. pse Packet Switching Engine information services show PLIM services Information system System controller information 6) show vlan This command also requires an argument on the CRS-1: RP/0/RP0/CPU0:ROUTER#sh vlan % Incomplete command. RP/0/RP0/CPU0:ROUTER#sh vlan ? interface VLAN interface status and configuration tags VLAN tag allocation trunks VLAN trunks status and configuration 7) We should also have the command "admin show running-config" added. The reason for this is that on multi-chassis systems each chassis has it S/N entered and is assigned a rack number. In addition, fabric chassis information is recorded here. Single chassis RP/0/RP0/CPU0:ROUTER#admin show running-config Building configuration... !! IOS XR Admin Configuration 3.9.0 username root group root-system group cisco-support secret ! aaa authentication login remote local end Multi-chassis RP/0/RP0/CPU0:ROUTER#admin show run Building configuration... !! IOS XR Admin Configuration 3.9.0 username root group root-system group cisco-support secret 5 ! aaa authentication login remote local dsc serial TBA12380069 rack 240 dsc serial TBA12380105 rack 0 dsc serial TBM15055938 rack 1 controllers fabric plane 0 oim count 1 oim width 1 oim instance 0 location F0/SM9/FM ! controllers fabric plane 1 oim count 1 oim width 1 oim instance 0 location F0/SM6/FM ! controllers fabric plane 2 oim count 1 oim width 1 oim instance 0 location F0/SM3/FM ! controllers fabric plane 3 oim count 1 oim width 1 oim instance 0 location F0/SM0/FM ! controllers fabric plane 4 oim count 1 oim width 1 oim instance 0 location F0/SM12/FM ! controllers fabric plane 5 oim count 1 oim width 1 oim instance 0 location F0/SM15/FM ! controllers fabric plane 6 oim count 1 oim width 1 oim instance 0 location F0/SM18/FM ! controllers fabric plane 7 oim count 1 oim width 1 oim instance 0 location F0/SM21/FM ! end If anyone wants to look into these issues, I will be more than happy to work with them and provide output/feedback! Thanks! Dave From dmack at verizon.com Tue Aug 23 17:31:54 2011 From: dmack at verizon.com (Mack, David A (Dave)) Date: Tue, 23 Aug 2011 13:31:54 -0400 Subject: [rancid] Strange Jerancid/Rancid behavior In-Reply-To: <9AC0C0E7EE58024D9FCD4BE6E956E1F41CC443F94F@FLDP1LUMXC7V53.us.one.verizon.com> References: <20110822223210.GK17092@shrubbery.net> <9AC0C0E7EE58024D9FCD4BE6E956E1F41CC443F94F@FLDP1LUMXC7V53.us.one.verizon.com> Message-ID: All, I agree with Konstantin. Would it be possible to pass a REGEX to diff so that it will ignore the offending password lines. Perhaps using the command line option below: -I RE --ignore-matching-lines=RE Ignore changes whose lines all match RE. Thanks! Dave -----Original Message----- From: Yudayev, Konstantin Sent: Tuesday, August 23, 2011 9:16 AM To: john heasley; Mack, David A (Dave) Cc: rancid-discuss at shrubbery.net; Yudayev, Konstantin Subject: RE: [rancid] Strange Jerancid/Rancid behavior John, Is there any way to make rancid ignore "fluctuating" password lines during diff rather than removing them from configs? Configs with removed passwords are not suitable for restore for example. ---- Konstantin Yudayev Verizon - IP Systems Operations & Support Office: (703) 886-6694 22001 Loudoun County Parkway, Ashburn, VA 20147 Email: kyudayev at verizon.com -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of john heasley Sent: Monday, August 22, 2011 18:32 To: Mack, David A (Dave) Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] Strange Jerancid/Rancid behavior Mon, Aug 22, 2011 at 12:34:01PM -0400, Mack, David A (Dave): > All, > Hello! I am in the process of bringing up a new Rancid server and have run into something with at least the jerancid script for Juniper ERXs. What I am seeing is related to password removal. I have filter passwords globally set to "no". However the ERXs have certain passwords that have their hashes calculated on the fly. So each time they are display the values shown will change. This means you get a new CVS every run. Jerancid has routines to handle two of these conditions for FTP and MPLS LDP passwords: > > # ftp host encrypted password oscillates > if (/^(host \S+ \S+ ftp) /) { > if ($filter_pwds >= 1 || /^host \S+ \S+ ftp \d /) { > ProcessHistory("","","","!$1 \n"); next; > } > } > # mpls ldp encrypted password oscillates > if (/^(mpls ldp neighbor \S+ password)/) { > if ($filter_pwds >= 1 || /^mpls ldp neighbor \S+ password \d /) { > ProcessHistory("","","","!$1 \n"); next; > } > } > > I am comparing the collected configuration files between my old Rancid install and my new one and here is what I am seeing: > > Old Rancid: > > !host "FTP1" 172.15.1.1 ftp > !host "FTP2" 172.15.1.2 ftp > > New Rancid: > > ! > ! Does this fix it? Index: jerancid.in =================================================================== --- jerancid.in (revision 2320) +++ jerancid.in (working copy) @@ -444,14 +444,16 @@ # ftp host encrypted password oscillates if (/^(host \S+ \S+ ftp) /) { + my($prefix) = $1; if ($filter_pwds >= 1 || /^host \S+ \S+ ftp \d /) { - ProcessHistory("","","","!$1 \n"); next; + ProcessHistory("","","","!$prefix \n"); next; } } # mpls ldp encrypted password oscillates if (/^(mpls ldp neighbor \S+ password)/) { + my($prefix) = $1; if ($filter_pwds >= 1 || /^mpls ldp neighbor \S+ password \d /) { - ProcessHistory("","","","!$1 \n"); next; + ProcessHistory("","","","!$prefix \n"); next; } } _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From lists at quux.de Wed Aug 24 08:50:00 2011 From: lists at quux.de (Jens Link) Date: Wed, 24 Aug 2011 10:50:00 +0200 Subject: [rancid] NX-OS VDC Message-ID: <87mxezxkg7.fsf@pc8.berlin.quux.de> Hi, anybody using RANCID with NX-OS and multiple VDCs (Virtual Device Context)? I see two ways of using RANCID but can't decide which one is better: - Treat each VDC as independent device - Log into the default VDC and use "switchto" to access the other VDCs, and then run commands (e..g. "show run") for each context. Any ideas? Jens -- ------------------------------------------------------------------------- | Foelderichstr. 40 | 13595 Berlin, Germany | +49-151-18721264 | | http://blog.quux.de | jabber: jenslink at guug.de | ------------------- | ------------------------------------------------------------------------- From heas at shrubbery.net Wed Aug 24 16:27:24 2011 From: heas at shrubbery.net (john heasley) Date: Wed, 24 Aug 2011 16:27:24 +0000 Subject: [rancid] NX-OS VDC In-Reply-To: <87mxezxkg7.fsf@pc8.berlin.quux.de> References: <87mxezxkg7.fsf@pc8.berlin.quux.de> Message-ID: <20110824162724.GA1774@shrubbery.net> Wed, Aug 24, 2011 at 10:50:00AM +0200, Jens Link: > Hi, > > anybody using RANCID with NX-OS and multiple VDCs (Virtual Device > Context)? > > I see two ways of using RANCID but can't decide which one is better: > > - Treat each VDC as independent device this way From srau at rauhaus.org Wed Aug 24 18:03:00 2011 From: srau at rauhaus.org (Stafford Rau) Date: Wed, 24 Aug 2011 11:03:00 -0700 Subject: [rancid] NX-OS VDC In-Reply-To: <20110824162724.GA1774@shrubbery.net> References: <87mxezxkg7.fsf@pc8.berlin.quux.de> <20110824162724.GA1774@shrubbery.net> Message-ID: Yeah - you could modify rancid to do a "show running-configuration vdc-all" from the default vdc, but if you're doing any kind of snmp polling, syslog collection, or whatever, you'll need to poll/collect from the individual VDCs anyway so makes more sense to treat each as a separate device. --Stafford On Wed, Aug 24, 2011 at 9:27 AM, john heasley wrote: > Wed, Aug 24, 2011 at 10:50:00AM +0200, Jens Link: > > Hi, > > > > anybody using RANCID with NX-OS and multiple VDCs (Virtual Device > > Context)? > > > > I see two ways of using RANCID but can't decide which one is better: > > > > - Treat each VDC as independent device > > this way > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Thu Aug 25 00:29:31 2011 From: heas at shrubbery.net (john heasley) Date: Thu, 25 Aug 2011 00:29:31 +0000 Subject: [rancid] XRRANCID with CRS-1 devices In-Reply-To: References: Message-ID: <20110825002931.GE25087@shrubbery.net> Tue, Aug 23, 2011 at 01:26:48PM -0400, Mack, David A (Dave): > All, > As I progress with our new install of Rancid version 2.3.6 I am taking a close look at how the xrrancid script handles CRS-1 routers running IOS-XR. We have single and multi-chassis CSR-1 systems currently running IOS-XR 3.9. What I am seeing is that some of the commands syntax are not supported on the device at all and others are not pulling all the information that they might. In the hopes that it might help improve this script, I have listed my observations below: > > 1) Show Version > > Is not picking up the following: > > 2 Management Ethernet > 192 GigabitEthernet > 95 SONET/SDH > 95 Packet over SONET/SDH > 1019k bytes of non-volatile configuration memory. > 76170M bytes of hard disk. > 2049888k bytes of disk0: (Sector size 512 bytes). > > It is also showing the processor as > > > !Chassis type: CRS-16/S - a CRS-16/S router > !CPU: 7457 > > Where the raw output is this: > > cisco CRS-16/S (7457) processor with 4194304K bytes of memory. > 7457 processor at 1197Mhz, Revision 1.2 > > So perhaps we could make it more descriptive? That is intentional; sort of an artifact of rancid's day 1 behavior. it is a CRS 16 router and that is the model of the cpu. the memory should follow those lines, such as an ASR: !Memory: main 4194304K !Memory: nvram 219k !Memory: pcmcia disk0 1605616k !Memory: pcmcia disk1 1605616k perhaps this isn't happening for the CRS? I dont have access to any; the ASR is bad enough :) > 2) show redundancy secondary > > That syntax is not supported on the CRS-1: > > RP/0/RP0/CPU0:ROUTER#show redundancy secondary > ^ > % Invalid input detected at '^' marker. > RP/0/RP0/CPU0:ROUTER#show redundancy ? > location Location to display > statistics Redundancy statistics information > summary Show summary of all redundant node pairs > trace Show redundancy trace data > | Output Modifiers > I think this was blindly assumed from IOS-rancid. Does the ASR 1k have this command? the 9k doesnt support it. > > 3) admin show env all output > > None of the output of this command is making into the output from xrrancid Looks like RSP LED info (perhaps) and PS capacity are the only interesting bits on the ASR. on the CRS? > 4) show diag chassis-info > > This syntax is also not supported on the CRS-1 nor on the 9k. on the 1k? Perhaps show diag summary is interesting; but it seems mostly a duplicate of show inventory. > 5) show controllers > > This command requires an argument on the CRS-1: also likely a remnant of IOS. on the 1k? > 6) show vlan > > This command also requires an argument on the CRS-1: > > RP/0/RP0/CPU0:ROUTER#sh vlan > % Incomplete command. > RP/0/RP0/CPU0:ROUTER#sh vlan ? > interface VLAN interface status and configuration > tags VLAN tag allocation > trunks VLAN trunks status and configuration again, probably a remnant of IOS switches. the 9k doesnt have show vlan. do those show anything interesting that isnt in the config? > 7) We should also have the command "admin show running-config" added. The reason for this is that on multi-chassis systems each chassis has it S/N entered and is assigned a rack number. In addition, fabric chassis information is recorded here. > > Single chassis > > RP/0/RP0/CPU0:ROUTER#admin show running-config > Building configuration... > !! IOS XR Admin Configuration 3.9.0 > username root > group root-system > group cisco-support > secret > ! > aaa authentication login remote local > end > > Multi-chassis > > RP/0/RP0/CPU0:ROUTER#admin show run > Building configuration... > !! IOS XR Admin Configuration 3.9.0 > username root > group root-system > group cisco-support > secret 5 > ! > aaa authentication login remote local > dsc serial TBA12380069 rack 240 > dsc serial TBA12380105 rack 0 > dsc serial TBM15055938 rack 1 > controllers fabric plane 0 > oim count 1 > oim width 1 > oim instance 0 location F0/SM9/FM > ! > controllers fabric plane 1 > oim count 1 > oim width 1 > oim instance 0 location F0/SM6/FM > ! > controllers fabric plane 2 > oim count 1 > oim width 1 > oim instance 0 location F0/SM3/FM > ! > controllers fabric plane 3 > oim count 1 > oim width 1 > oim instance 0 location F0/SM0/FM > ! > controllers fabric plane 4 > oim count 1 > oim width 1 > oim instance 0 location F0/SM12/FM > ! > controllers fabric plane 5 > oim count 1 > oim width 1 > oim instance 0 location F0/SM15/FM > ! > controllers fabric plane 6 > oim count 1 > oim width 1 > oim instance 0 location F0/SM18/FM > ! > controllers fabric plane 7 > oim count 1 > oim width 1 > oim instance 0 location F0/SM21/FM > ! > end ack. From pelle at hemmop.com Thu Aug 25 09:06:36 2011 From: pelle at hemmop.com (Per Carlson) Date: Thu, 25 Aug 2011 11:06:36 +0200 Subject: [rancid] XRRANCID with CRS-1 devices In-Reply-To: <20110825002931.GE25087@shrubbery.net> References: <20110825002931.GE25087@shrubbery.net> Message-ID: Hi. > I think this was blindly assumed from IOS-rancid. Very much of the xrrancid(.in) code is just copied from plain rancid(.in) despite having a lot of new commands, and not least, a total remake of the config file. > Does the ASR 1k have this command? ?the 9k doesnt support it. Just a small comment John: ASR1k doesn't run IOS XR, but IOS XE. The only Cisco devices (currently) which run IOS XR are CRS-1/3, ASR9k and XR12k. Note that a 12k/GSR can run either IOS or IOS XR. I do have an updated xrrancid.in in the works, it just needs some fine tuning. I'll post it here when it's ready. -- Pelle RFC1925, truth 11: ?Every old idea will be proposed again with a different name and ?a different presentation, regardless of whether it works. From dmack at verizon.com Thu Aug 25 14:33:51 2011 From: dmack at verizon.com (Mack, David A (Dave)) Date: Thu, 25 Aug 2011 10:33:51 -0400 Subject: [rancid] XRRANCID with CRS-1 devices In-Reply-To: <20110825002931.GE25087@shrubbery.net> References: <20110825002931.GE25087@shrubbery.net> Message-ID: John, Hello! Thanks for getting back to me! Based on your responses, here is what I see: Item 1) Yes, xrrancid is picking up the memory from sh version !RANCID-CONTENT-TYPE: cisco-xr ! !Chassis type: CRS-16/S - a CRS-16/S router !CPU: 7457 ! !Memory: main 4194304K !Memory: nvram 1019k !Memory: pcmcia disk0 2049888k ! So it is working as designed Item 2) I can't speak for the ASR series. We don't have any, but for the CRS-1, I would recommend "show redundancy". Here is the output RP/0/RP0/CPU0:ROUTER#sh redundancy Redundancy information for node 0/RP0/CPU0: ========================================== Node 0/RP0/CPU0 is in ACTIVE role Partner node (0/RP1/CPU0) is in STANDBY role Standby node in 0/RP1/CPU0 is ready Standby node in 0/RP1/CPU0 is NSR-ready Reload and boot info ---------------------- RP reloaded Thu Feb 24 06:19:05 2011: 26 weeks, 7 hours, 35 minutes ago Active node booted Thu Feb 24 06:19:05 2011: 26 weeks, 7 hours, 35 minutes ago Standby node boot Thu Feb 24 06:17:54 2011: 26 weeks, 7 hours, 36 minutes ago Standby node last went not ready Thu Aug 4 21:39:49 2011: 2 weeks, 6 days, 16 hours, 14 minutes ago Standby node last went ready Thu Aug 4 21:39:51 2011: 2 weeks, 6 days, 16 hours, 14 minutes ago Standby node last went not NSR-ready Thu Aug 25 13:39:31 2011: 15 minutes ago Standby node last went NSR-ready Thu Aug 25 13:39:32 2011: 15 minutes ago There have been 0 switch-overs since reload Active node reload "Cause: Lost Connection to all fabric racks" Standby node reload "Cause: HBAgent reloading node on receiving reload notification" Redundancy information for node 1/RP0/CPU0: ========================================== Node 1/RP0/CPU0 is in ACTIVE role Partner node (1/RP1/CPU0) is in STANDBY role Standby node in 1/RP1/CPU0 is ready Standby node in 1/RP1/CPU0 is NSR-ready Reload and boot info ---------------------- RP reloaded Fri Jul 15 05:39:32 2011: 5 weeks, 6 days, 8 hours, 15 minutes ago Active node booted Fri Jul 15 05:39:32 2011: 5 weeks, 6 days, 8 hours, 15 minutes ago Standby node boot Fri Jul 15 05:39:29 2011: 5 weeks, 6 days, 8 hours, 15 minutes ago Standby node last went not ready Fri Aug 19 05:05:59 2011: 6 days, 8 hours, 48 minutes ago Standby node last went ready Fri Aug 19 05:08:24 2011: 6 days, 8 hours, 46 minutes ago There have been 0 switch-overs since reload Active node reload "Cause: self-reset to use new boot image" Standby node reload "Cause: self-reset to use new boot image" Item 3) The output from "admin show env all" is quite verbose on the CRS-1. It includes readings for the following: Temperature readings from LOTS of sensors Threshold Information for temperatures Voltage Information LED Information Fan Information Power supply information I will not post the full output here, but anyone wants it, I can provide sample output. Personally, I don't know what I would want from this command Item 4) On the CRS-1 "show diag summary" is far less verbose than show inventory: Show inventory: RP/0/RP0/CPU0:ROUTER#sh inventory NAME: "0/0/*", DESCR: "Cisco CRS-1 Series Modular Services Card revision B" PID: CRS-MSC-B , VID: V06, SN: SAD142803SV NAME: "0/PL0/*", DESCR: "Cisco CRS-1 Series 1xOC768/STM256 POS Interface Module/SR" PID: 1OC768-POS-SR , VID: V06, SN: SAD1444027H NAME: "0/0/CPU0/0", DESCR: "OC768 PLIM - Optic Port" PID: , VID: N/A, SN: NAME: "0/0/CPU0/129", DESCR: "CPU_PORT_1" PID: , VID: N/A, SN: NAME: "0/1/*", DESCR: "Cisco CRS-1 Series Modular Services Card revision B" PID: CRS-MSC-B , VID: V06, SN: SAD142302BU NAME: "0/PL1/*", DESCR: "Cisco Carrier Routing System SPA Interface Processor Card" PID: CRS1-SIP-800 , VID: V04, SN: SAD1434005N NAME: "0/1/CPU0/129", DESCR: "CPU_PORT_1" PID: , VID: N/A, SN: NAME: "0/1/0", DESCR: "8-port Gigabit Ethernet Shared Port Adapter_V2" PID: SPA-8X1GE-V2 , VID: V02, SN: JAE143302E5 NAME: "0/1/0/0", DESCR: "GE LX" PID: SFP-GE-L , VID: V01 , SN: SPC1431022G NAME: "0/1/0/1", DESCR: "GE LX" PID: SFP-GE-L , VID: V01 , SN: SPC1431022P NAME: "0/1/0/2", DESCR: "GE LX" PID: SFP-GE-L , VID: V01 , SN: SPC1431022R NAME: "0/1/0/3", DESCR: "GE LX" PID: SFP-GE-L , VID: V01 , SN: SPC1431022Q NAME: "0/1/0/4", DESCR: "GE LX" PID: SFP-GE-L , VID: V01 , SN: SPC1431022M NAME: "0/1/0/5", DESCR: "GE LX" PID: SFP-GE-L , VID: V01 , SN: SPC1431007N NAME: "0/1/0/6", DESCR: "GE LX" PID: SFP-GE-L , VID: V01 , SN: SPC1431007M NAME: "0/1/0/7", DESCR: "GE LX" PID: SFP-GE-L , VID: V01 , SN: SPC1431022N ----- SNIP ------- Show diag summary RP/0/RP0/CPU0:ROUTER#sh diag summary CARD 0/0/* : Cisco CRS-1 Series Modular Services Card revision B PLIM 0/PL0/* : Cisco CRS-1 Series 1xOC768/STM256 POS Interface Module/SR CARD 0/1/* : Cisco CRS-1 Series Modular Services Card revision B PLIM 0/PL1/* : Cisco Carrier Routing System SPA Interface Processor Card SPA 0/1/0 : 8-port Gigabit Ethernet Shared Port Adapter_V2 SPA 0/1/1 : 8-port Gigabit Ethernet Shared Port Adapter_V2 SPA 0/1/2 : 8-port Gigabit Ethernet Shared Port Adapter_V2 SPA 0/1/3 : 8-port Gigabit Ethernet Shared Port Adapter_V2 SPA 0/1/4 : 8-port Gigabit Ethernet Shared Port Adapter_V2 CARD 0/2/* : Cisco CRS-1 Series Modular Services Card revision B PLIM 0/PL2/* : Cisco Carrier Routing System SPA Interface Processor Card SPA 0/2/0 : 8-port OC12/STM4 POS Shared Port Adapters SPA 0/2/1 : 8-port OC12/STM4 POS Shared Port Adapters SPA 0/2/2 : 8-port OC12/STM4 POS Shared Port Adapters SPA 0/2/3 : 8-port OC12/STM4 POS Shared Port Adapters SPA 0/2/4 : 8-port OC12/STM4 POS Shared Port Adapters SPA 0/2/5 : 8-port OC12/STM4 POS Shared Port Adapters ----- SNIP ------ Item 5) Yeah, the "show controllers" command is not much help on the CRS-1. Item 6) The show vlan command does not show anything interesting for the CRS-1. If anyone wants any output/feedback on the CRS-1. Please let me know! Thanks! Dave -----Original Message----- From: john heasley [mailto:heas at shrubbery.net] Sent: Wednesday, August 24, 2011 8:30 PM To: Mack, David A (Dave) Cc: rancid-discuss at shrubbery.net Subject: Re: [rancid] XRRANCID with CRS-1 devices Tue, Aug 23, 2011 at 01:26:48PM -0400, Mack, David A (Dave): > All, > As I progress with our new install of Rancid version 2.3.6 I am taking a close look at how the xrrancid script handles CRS-1 routers running IOS-XR. We have single and multi-chassis CSR-1 systems currently running IOS-XR 3.9. What I am seeing is that some of the commands syntax are not supported on the device at all and others are not pulling all the information that they might. In the hopes that it might help improve this script, I have listed my observations below: > > 1) Show Version > > Is not picking up the following: > > 2 Management Ethernet > 192 GigabitEthernet > 95 SONET/SDH > 95 Packet over SONET/SDH > 1019k bytes of non-volatile configuration memory. > 76170M bytes of hard disk. > 2049888k bytes of disk0: (Sector size 512 bytes). > > It is also showing the processor as > > > !Chassis type: CRS-16/S - a CRS-16/S router > !CPU: 7457 > > Where the raw output is this: > > cisco CRS-16/S (7457) processor with 4194304K bytes of memory. > 7457 processor at 1197Mhz, Revision 1.2 > > So perhaps we could make it more descriptive? That is intentional; sort of an artifact of rancid's day 1 behavior. it is a CRS 16 router and that is the model of the cpu. the memory should follow those lines, such as an ASR: !Memory: main 4194304K !Memory: nvram 219k !Memory: pcmcia disk0 1605616k !Memory: pcmcia disk1 1605616k perhaps this isn't happening for the CRS? I dont have access to any; the ASR is bad enough :) > 2) show redundancy secondary > > That syntax is not supported on the CRS-1: > > RP/0/RP0/CPU0:ROUTER#show redundancy secondary > ^ > % Invalid input detected at '^' marker. > RP/0/RP0/CPU0:ROUTER#show redundancy ? > location Location to display > statistics Redundancy statistics information > summary Show summary of all redundant node pairs > trace Show redundancy trace data > | Output Modifiers > I think this was blindly assumed from IOS-rancid. Does the ASR 1k have this command? the 9k doesnt support it. > > 3) admin show env all output > > None of the output of this command is making into the output from xrrancid Looks like RSP LED info (perhaps) and PS capacity are the only interesting bits on the ASR. on the CRS? > 4) show diag chassis-info > > This syntax is also not supported on the CRS-1 nor on the 9k. on the 1k? Perhaps show diag summary is interesting; but it seems mostly a duplicate of show inventory. > 5) show controllers > > This command requires an argument on the CRS-1: also likely a remnant of IOS. on the 1k? > 6) show vlan > > This command also requires an argument on the CRS-1: > > RP/0/RP0/CPU0:ROUTER#sh vlan > % Incomplete command. > RP/0/RP0/CPU0:ROUTER#sh vlan ? > interface VLAN interface status and configuration > tags VLAN tag allocation > trunks VLAN trunks status and configuration again, probably a remnant of IOS switches. the 9k doesnt have show vlan. do those show anything interesting that isnt in the config? > 7) We should also have the command "admin show running-config" added. The reason for this is that on multi-chassis systems each chassis has it S/N entered and is assigned a rack number. In addition, fabric chassis information is recorded here. > > Single chassis > > RP/0/RP0/CPU0:ROUTER#admin show running-config > Building configuration... > !! IOS XR Admin Configuration 3.9.0 > username root > group root-system > group cisco-support > secret > ! > aaa authentication login remote local > end > > Multi-chassis > > RP/0/RP0/CPU0:ROUTER#admin show run > Building configuration... > !! IOS XR Admin Configuration 3.9.0 > username root > group root-system > group cisco-support > secret 5 > ! > aaa authentication login remote local > dsc serial TBA12380069 rack 240 > dsc serial TBA12380105 rack 0 > dsc serial TBM15055938 rack 1 > controllers fabric plane 0 > oim count 1 > oim width 1 > oim instance 0 location F0/SM9/FM > ! > controllers fabric plane 1 > oim count 1 > oim width 1 > oim instance 0 location F0/SM6/FM > ! > controllers fabric plane 2 > oim count 1 > oim width 1 > oim instance 0 location F0/SM3/FM > ! > controllers fabric plane 3 > oim count 1 > oim width 1 > oim instance 0 location F0/SM0/FM > ! > controllers fabric plane 4 > oim count 1 > oim width 1 > oim instance 0 location F0/SM12/FM > ! > controllers fabric plane 5 > oim count 1 > oim width 1 > oim instance 0 location F0/SM15/FM > ! > controllers fabric plane 6 > oim count 1 > oim width 1 > oim instance 0 location F0/SM18/FM > ! > controllers fabric plane 7 > oim count 1 > oim width 1 > oim instance 0 location F0/SM21/FM > ! > end ack. From freehsophia at gmail.com Fri Aug 26 14:42:40 2011 From: freehsophia at gmail.com (Freeh Sophia) Date: Fri, 26 Aug 2011 17:42:40 +0300 Subject: [rancid] FW: Cisco Message-ID: Hi rancideers, Just added a couple SAN switches (Cisco MDS 9216i, SAN-OS 3.3(3)) to rancid using the regular device type cisco and receive the below cycling outputs every hour: What could cause this, a pager problem? FWIW I've already added 'term width 0' to the usual 'terminal length 0' in bin/clogin to address the VLAN membership line-wrap behavior. Thanks, --Adam Index: configs/s1 =================================================================== - -- configs/s1 (revision 1777) - Hide quoted text - @@ -135,10 +135,10 @@ snmp-server enable traps fcs snmp-server enable traps rscn snmp-server enable traps vrrp - snmp-server enable traps snmp authentication snmp-server enable traps fspf snmp-server enable traps fdmi snmp-server enable traps license + snmp-server enable traps snmp authentication zone mode enhanced vsan 10 callhome snmp-server enable traps aaa server-state-change Index: configs/s1 =================================================================== - -- configs/s1(revision 1816) - Hide quoted text - @@ -135,10 +135,10 @@ snmp-server enable traps fcs snmp-server enable traps rscn snmp-server enable traps vrrp + snmp-server enable traps snmp authentication snmp-server enable traps fspf snmp-server enable traps fdmi snmp-server enable traps license - snmp-server enable traps snmp authentication zone mode enhanced vsan 10 callhome snmp-server enable traps aaa server-state-change Freeh Sophia Marketing GmbH Emanuelstr. 3, 10317 Berlin Deutschland Telefon: +49 (33) 5310967 Email: freehsophia at gmail.com Site: http://flug.airego.de/ From b225ccc at gmail.com Fri Aug 26 20:37:19 2011 From: b225ccc at gmail.com (Brian Talley) Date: Fri, 26 Aug 2011 14:37:19 -0600 Subject: [rancid] FW: Cisco In-Reply-To: References: Message-ID: http://www.shrubbery.net/pipermail/rancid-discuss/2011-August/005813.html On Fri, Aug 26, 2011 at 8:42 AM, Freeh Sophia wrote: > Hi rancideers, > > Just added a couple SAN switches (Cisco MDS 9216i, SAN-OS 3.3(3)) to > rancid using the regular device type cisco and receive the below > cycling outputs every hour: What could cause this, a pager problem? > FWIW I've already added 'term width 0' to the usual 'terminal length > 0' in bin/clogin to address the VLAN membership line-wrap behavior. > > Thanks, > > --Adam > > Index: configs/s1 > =================================================================== > - -- configs/s1 (revision 1777) > - Hide quoted text - > @@ -135,10 +135,10 @@ > snmp-server enable traps fcs > snmp-server enable traps rscn > snmp-server enable traps vrrp > - snmp-server enable traps snmp authentication > snmp-server enable traps fspf > snmp-server enable traps fdmi > snmp-server enable traps license > + snmp-server enable traps snmp authentication > zone mode enhanced vsan 10 > callhome > snmp-server enable traps aaa server-state-change > > Index: configs/s1 > =================================================================== > - -- configs/s1(revision 1816) > - Hide quoted text - > @@ -135,10 +135,10 @@ > snmp-server enable traps fcs > snmp-server enable traps rscn > snmp-server enable traps vrrp > + snmp-server enable traps snmp authentication > snmp-server enable traps fspf > snmp-server enable traps fdmi > snmp-server enable traps license > - snmp-server enable traps snmp authentication > zone mode enhanced vsan 10 > callhome > snmp-server enable traps aaa server-state-change > > > Freeh Sophia > Marketing GmbH > Emanuelstr. 3, > 10317 Berlin > Deutschland > Telefon: +49 (33) 5310967 > Email: freehsophia at gmail.com > Site: http://flug.airego.de/ > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: