From bakers at canbytel.com Wed Jul 2 16:41:03 2014 From: bakers at canbytel.com (Scott Baker) Date: Wed, 02 Jul 2014 09:41:03 -0700 Subject: [rancid] Trouble grabbing configs from a Foundry FesX Message-ID: <53B4361F.30202@canbytel.com> I had Rancid configured and working fine to get the config from my Foundry FesX for the past three months. We decided to change the login process from telnet to SSH. Now rancid complains about timeouts when try and grab the config. CLogin is able to login via SSH no problem. I can also run a handful of commands just fine: clogin -t 90 -c"show version;show run" foundry-needy.domain.com It just complains when I run rancid-run: starting: Wed Jul 2 09:12:54 PDT 2014 Trying to get all of the configs. foundry-needy.domain.com: End of run not found 0 || 0 foundry-needy.domain.com flogin error: Error: TIMEOUT reached foundry-needy.domain.com: missed cmd(s): show chassis,show module,show flash,show version,show running-config,write term foundry-needy.domain.com: End of run not found ! ===================================== Getting missed routers: round 1. Received signal - ending run (1). cat: /var/rancid/canby/routers.single: No such file or directory All routers sucessfully completed. cat: /var/rancid/canby/routers.single: No such file or directory Can't open /var/rancid/canby/routers.single: No such file or directory. If CLogin works, why would rancid complain about a timeout? -- Scott Baker - Canby Telcom Senior System Administrator - RHCE From alan.mckinnon at gmail.com Wed Jul 2 18:52:18 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 02 Jul 2014 20:52:18 +0200 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <53B4361F.30202@canbytel.com> References: <53B4361F.30202@canbytel.com> Message-ID: <53B454E2.10707@gmail.com> On 02/07/2014 18:41, Scott Baker wrote: > I had Rancid configured and working fine to get the config from my > Foundry FesX for the past three months. We decided to change the login > process from telnet to SSH. Now rancid complains about timeouts when try > and grab the config. CLogin is able to login via SSH no problem. I can > also run a handful of commands just fine: > > clogin -t 90 -c"show version;show run" foundry-needy.domain.com > > It just complains when I run rancid-run: > > starting: Wed Jul 2 09:12:54 PDT 2014 > > > > Trying to get all of the configs. > foundry-needy.domain.com: End of run not found 0 || 0 > foundry-needy.domain.com flogin error: Error: TIMEOUT reached > foundry-needy.domain.com: missed cmd(s): show chassis,show module,show > flash,show version,show running-config,write term > foundry-needy.domain.com: End of run not found > ! > ===================================== > Getting missed routers: round 1. > Received signal - ending run (1). > cat: /var/rancid/canby/routers.single: No such file or directory > All routers sucessfully completed. > > cat: /var/rancid/canby/routers.single: No such file or directory > Can't open /var/rancid/canby/routers.single: No such file or directory. > > If CLogin works, why would rancid complain about a timeout? > you are testing with clogin but your output clearly shows rancid-run is launching flogin. It's set in the *rancid script itself (the one referenced in rancid-fe) I don't have rancid code handy here, but it looks like you have 2 curses of action: - fix flogin to work properly with ssh - edit the rancid parser to use clogin and not flogin -- Alan McKinnon alan.mckinnon at gmail.com From jethro.binks at strath.ac.uk Wed Jul 2 20:38:09 2014 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Wed, 2 Jul 2014 21:38:09 +0100 (BST) Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <53B454E2.10707@gmail.com> References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> Message-ID: On Wed, 2 Jul 2014, Alan McKinnon wrote: > > Trying to get all of the configs. > > foundry-needy.domain.com: End of run not found 0 || 0 > > foundry-needy.domain.com flogin error: Error: TIMEOUT reached > > foundry-needy.domain.com: missed cmd(s): show chassis,show module,show > > flash,show version,show running-config,write term > > foundry-needy.domain.com: End of run not found > > ! > > ===================================== > > Getting missed routers: round 1. > > Received signal - ending run (1). > > cat: /var/rancid/canby/routers.single: No such file or directory > > All routers sucessfully completed. > > > > cat: /var/rancid/canby/routers.single: No such file or directory > > Can't open /var/rancid/canby/routers.single: No such file or directory. > > > > If CLogin works, why would rancid complain about a timeout? > > > you are testing with clogin > but your output clearly shows rancid-run is launching flogin. > > It's set in the *rancid script itself (the one referenced in rancid-fe) > > I don't have rancid code handy here, but it looks like you have 2 curses > of action: > > - fix flogin to work properly with ssh > - edit the rancid parser to use clogin and not flogin flogin is what you want. I have it working fine with ssh on similar Foundry/Brocade models. Run something like: env NOPIPE=YES PATH=${PATH}:/usr/local/libexec/rancid francid -d devicename (where /usr/local/libexec/rancid is the place your rancid scripts are located) and see what the .raw logfile says. The user rancid is logging in as will need to be suitable priviliged. If it isn't admin privileged, you may need to permit it to run additional commands at your user level. In my case, I have my rancid user privilege 5, and also then need to configure: privilege exec level 5 skip-page-display Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From alan.mckinnon at gmail.com Wed Jul 2 20:40:57 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 02 Jul 2014 22:40:57 +0200 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> Message-ID: <53B46E59.8050501@gmail.com> On 02/07/2014 22:38, Jethro R Binks wrote: > On Wed, 2 Jul 2014, Alan McKinnon wrote: > >>> Trying to get all of the configs. >>> foundry-needy.domain.com: End of run not found 0 || 0 >>> foundry-needy.domain.com flogin error: Error: TIMEOUT reached >>> foundry-needy.domain.com: missed cmd(s): show chassis,show module,show >>> flash,show version,show running-config,write term >>> foundry-needy.domain.com: End of run not found >>> ! >>> ===================================== >>> Getting missed routers: round 1. >>> Received signal - ending run (1). >>> cat: /var/rancid/canby/routers.single: No such file or directory >>> All routers sucessfully completed. >>> >>> cat: /var/rancid/canby/routers.single: No such file or directory >>> Can't open /var/rancid/canby/routers.single: No such file or directory. >>> >>> If CLogin works, why would rancid complain about a timeout? >> >> >> you are testing with clogin >> but your output clearly shows rancid-run is launching flogin. >> >> It's set in the *rancid script itself (the one referenced in rancid-fe) >> >> I don't have rancid code handy here, but it looks like you have 2 curses >> of action: >> >> - fix flogin to work properly with ssh >> - edit the rancid parser to use clogin and not flogin > > flogin is what you want. I have it working fine with ssh on similar > Foundry/Brocade models. > > Run something like: > > env NOPIPE=YES PATH=${PATH}:/usr/local/libexec/rancid francid -d devicename > > (where /usr/local/libexec/rancid is the place your rancid scripts are > located) and see what the .raw logfile says. > > The user rancid is logging in as will need to be suitable priviliged. If > it isn't admin privileged, you may need to permit it to run additional > commands at your user level. In my case, I have my rancid user privilege > 5, and also then need to configure: > > privilege exec level 5 skip-page-display I don't have any Foundry kit, but for the benefit of all, why would clogin work for the OP but flogin not work? -- Alan McKinnon alan.mckinnon at gmail.com From bakers at canbytel.com Wed Jul 2 20:55:33 2014 From: bakers at canbytel.com (Scott Baker) Date: Wed, 02 Jul 2014 13:55:33 -0700 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <53B46E59.8050501@gmail.com> References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> Message-ID: <53B471C5.10205@canbytel.com> On 07/02/2014 01:40 PM, Alan McKinnon wrote: > I don't have any Foundry kit, but for the benefit of all, why would > clogin work for the OP but flogin not work? flogin does work with telnet, but it's REALLY slow. It times out if I try and use SSH. Just to login and get to an enable prompt seems to take about 20 seconds. # Clogin time /usr/libexec/rancid/clogin -c "show chassis;" foundry-needy.domain.com 7.7 seconds # flogin time /usr/libexec/rancid/flogin -c "show chassis;" foundry-needy.domain.com 43.2 seconds!!! Both using (what I think is) the same ~/.cloginrc -- Scott Baker - Canby Telcom Senior System Administrator - RHCE From jethro.binks at strath.ac.uk Wed Jul 2 20:56:27 2014 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Wed, 2 Jul 2014 21:56:27 +0100 (BST) Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <53B46E59.8050501@gmail.com> References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> Message-ID: On Wed, 2 Jul 2014, Alan McKinnon wrote: > I don't have any Foundry kit, but for the benefit of all, why would > clogin work for the OP but flogin not work? Because the login process is similar enough to match the regexps? Actually, for most of my F kit, the login prompt is: Please Enter Login Name: and that doesn't match with the clogin I have. However, I have one device that happens to be just protected with a password rather than a username/pass: /usr/local/libexec/rancid/clogin ip.ad.re.ss spawn telnet ip.ad.re.ss Trying ip.ad.re.ss... Won't send login name and/or authentication information. Connected to ip.ad.re.ss Escape character is '^]'. User Access Verification Please Enter Password: User login successful. so in at least that circumstance, they are similar enough. Of course it all breaks if rancid starts sending cisco-esque commands rather than foundry-esque ones. clogin itself works with quite a lot of stuff that roughly looks cisco-ish, as they all tend to have a Username/Password prompt that matches the fairly generous clogin regexp, and tend to have a CLI prompt that ends with '>'. It all goes wrong afterwards ... (I do think it a source of confusion for the newcomer that 'rancid' the project now supports many types of device, but while in v2 the Cisco login script is clogin, the Cisco command script is not crancid, but just plain rancid - all the rest have a matching prefix for the *login and *rancid scripts afaicr). Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From alan.mckinnon at gmail.com Wed Jul 2 21:27:14 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 02 Jul 2014 23:27:14 +0200 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> Message-ID: <53B47932.3090909@gmail.com> On 02/07/2014 22:56, Jethro R Binks wrote: > (I do think it a source of confusion for the newcomer that 'rancid' the > project now supports many types of device, but while in v2 the Cisco login > script is clogin, the Cisco command script is not crancid, but just plain > rancid - all the rest have a matching prefix for the *login and *rancid > scripts afaicr). Agreed. I've lost count of the number of times I've explained to folks how the odd naming convention came about over time :-) -- Alan McKinnon alan.mckinnon at gmail.com From heas at shrubbery.net Thu Jul 3 01:03:28 2014 From: heas at shrubbery.net (heasley) Date: Thu, 3 Jul 2014 01:03:28 +0000 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <53B471C5.10205@canbytel.com> References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> Message-ID: <20140703010328.GK16642@shrubbery.net> Wed, Jul 02, 2014 at 01:55:33PM -0700, Scott Baker: > On 07/02/2014 01:40 PM, Alan McKinnon wrote: > > I don't have any Foundry kit, but for the benefit of all, why would > > clogin work for the OP but flogin not work? > > flogin does work with telnet, but it's REALLY slow. It times out if I > try and use SSH. Just to login and get to an enable prompt seems to take > about 20 seconds. > > # Clogin > time /usr/libexec/rancid/clogin -c "show chassis;" foundry-needy.domain.com > 7.7 seconds > > # flogin > time /usr/libexec/rancid/flogin -c "show chassis;" foundry-needy.domain.com > 43.2 seconds!!! Couldn't tell you - debug it. flogin -d ...., see where it's waiting and why. I do not know of a way to include timestamps in that debugging o/p, so you'd have to tell us where its waiting. or possibly good enough flogin -d ... 2>&1 | while read ln; do echo -n `date +%s`; echo " $ln"; done > Both using (what I think is) the same ~/.cloginrc > > -- > Scott Baker - Canby Telcom > Senior System Administrator - RHCE > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From bakers at canbytel.com Thu Jul 3 15:29:25 2014 From: bakers at canbytel.com (Scott Baker) Date: Thu, 03 Jul 2014 08:29:25 -0700 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <20140703010328.GK16642@shrubbery.net> References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> Message-ID: <53B576D5.4030408@canbytel.com> On 07/02/2014 06:03 PM, heasley wrote: > Couldn't tell you - debug it. flogin -d ...., see where it's waiting and > why. I do not know of a way to include timestamps in that debugging o/p, > so you'd have to tell us where its waiting. or possibly good enough > > flogin -d ... 2>&1 | while read ln; do echo -n `date +%s`; echo " $ln"; done > Good call, didn't think about doing that. I ended up using ts from moreutils to get the same effect. Looks like flogin uses "skip-page-display" and clogin uses "terminal length 0". Skip-page-display takes 4 seconds to run. The majority of the slowness in flogin appears to be the actual login process. Flogin is taking 20 seconds just to get to the enable prompt. Clogin is taking one second. I haven't even started to look at why clogin/ssh works, but flogin/ssh doesn't, which is how this whole thing started. rancid at green(~) :time /usr/libexec/rancid/flogin -c "show run" foundry-needy.domain.com 2>&1 | ts Jul 03 08:23:11 foundry-needy.domain.com Jul 03 08:23:11 spawn telnet foundry-needy.domain.com Jul 03 08:23:11 Trying 10.3.1.251... Jul 03 08:23:11 Connected to foundry-needy.domain.com. Jul 03 08:23:11 Escape character is '^]'. Jul 03 08:23:11 Jul 03 08:23:11 User Access Verification Jul 03 08:23:11 Jul 03 08:23:15 Please Enter Password: Jul 03 08:23:15 Jul 03 08:23:15 User login successful. Jul 03 08:23:15 Jul 03 08:23:22 BR-telnet at FESX-Needy>enable Jul 03 08:23:31 Password: Jul 03 08:23:31 BR-telnet at FESX-Needy# Jul 03 08:23:43 BR-telnet at FESX-Needy#skip-page-display Jul 03 08:23:43 Disable page display mode Jul 03 08:23:47 BR-telnet at FESX-Needy#show run Jul 03 08:23:47 Current configuration: Jul 03 08:23:47 ! [Snipped] Jul 03 08:23:47 ! Jul 03 08:23:47 end Jul 03 08:23:47 Jul 03 08:23:49 BR-telnet at FESX-Needy#exit Jul 03 08:23:53 BR-telnet at FESX-Needy>exit Jul 03 08:23:53 Connection closed by foreign host. real 0m42.563s user 0m0.048s sys 0m0.031s ---------------------------------------------------------------------- rancid at green(~) :time /usr/libexec/rancid/clogin -c "show run" foundry-needy.domain.com 2>&1 | ts Jul 03 08:24:37 foundry-needy.domain.com Jul 03 08:24:37 spawn telnet foundry-needy.domain.com Jul 03 08:24:37 Trying 10.3.1.251... Jul 03 08:24:37 Connected to foundry-needy.domain.com. Jul 03 08:24:37 Escape character is '^]'. Jul 03 08:24:37 Jul 03 08:24:37 User Access Verification Jul 03 08:24:37 Jul 03 08:24:38 Please Enter Password: Jul 03 08:24:38 Jul 03 08:24:38 User login successful. Jul 03 08:24:38 Jul 03 08:24:38 BR-telnet at FESX-Needy>enable Jul 03 08:24:38 Password: Jul 03 08:24:38 BR-telnet at FESX-Needy# Jul 03 08:24:38 BR-telnet at FESX-Needy#terminal length 0 Jul 03 08:24:38 Invalid input -> length 0 Jul 03 08:24:38 Type ? for a list Jul 03 08:24:38 BR-telnet at FESX-Needy#show run Jul 03 08:24:39 Current configuration: [Snipped] Jul 03 08:24:39 end Jul 03 08:24:39 Jul 03 08:24:40 BR-telnet at FESX-Needy#exit Jul 03 08:24:42 BR-telnet at FESX-Needy>exit Jul 03 08:24:42 Connection closed by foreign host. real 0m5.713s user 0m0.061s sys 0m0.023s -- Scott Baker - Canby Telcom Senior System Administrator - RHCE From heas at shrubbery.net Thu Jul 3 16:02:45 2014 From: heas at shrubbery.net (heasley) Date: Thu, 3 Jul 2014 16:02:45 +0000 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <53B576D5.4030408@canbytel.com> References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> <53B576D5.4030408@canbytel.com> Message-ID: <20140703160245.GC39613@shrubbery.net> Thu, Jul 03, 2014 at 08:29:25AM -0700, Scott Baker: > On 07/02/2014 06:03 PM, heasley wrote: > > Couldn't tell you - debug it. flogin -d ...., see where it's waiting and > > why. I do not know of a way to include timestamps in that debugging o/p, > > so you'd have to tell us where its waiting. or possibly good enough > > > > flogin -d ... 2>&1 | while read ln; do echo -n `date +%s`; echo " $ln"; done > > > > Good call, didn't think about doing that. I ended up using ts from > moreutils to get the same effect. Looks like flogin uses > "skip-page-display" and clogin uses "terminal length 0". > Skip-page-display takes 4 seconds to run. The majority of the slowness > in flogin appears to be the actual login process. Flogin is taking 20 > seconds just to get to the enable prompt. Clogin is taking one second. I > haven't even started to look at why clogin/ssh works, but flogin/ssh > doesn't, which is how this whole thing started. I couldnt say :) historically, foundry cli and configuration has been *awful*. but, you see in your o/p that term length doesn't actually work, so it will be paging the o/p, which just makes a mess. so, complain to the mfg about the speed of the command. or look for PRs and subsequently s/w where it is fixed. also, that may not be it; 4s is much less than the 90s that francid uses for timeout. on to the ssh problem, use -t 180 to debug and see where it is failing. the full collection commands are (francid -C): flogin -t 180 -c 'show version;show chassis;show module;show flash;write term;show running-config' hostname From bakers at canbytel.com Thu Jul 3 16:09:21 2014 From: bakers at canbytel.com (Scott Baker) Date: Thu, 03 Jul 2014 09:09:21 -0700 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <20140703160245.GC39613@shrubbery.net> References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> <53B576D5.4030408@canbytel.com> <20140703160245.GC39613@shrubbery.net> Message-ID: <53B58031.1040108@canbytel.com> On 07/03/2014 09:02 AM, heasley wrote: > flogin -t 180 -c 'show version;show chassis;show module;show flash;write term;show running-config' hostname > Looks like it times out waiting for the prompt? Maybe the regexp doesn't match it? rancid at green(~) :time /usr/libexec/rancid/flogin -t 30 -c "show version;show chassis;show module;show flash;write term;show running-config" foundry-needy.domain.com 2>&1 | ts Jul 03 09:05:55 foundry-needy.domain.com Jul 03 09:05:55 spawn ssh -c 3des -x -l root foundry-needy.domain.com Jul 03 09:06:02 root at foundry-needy.domain.com's password: Jul 03 09:06:32 BR-SSH at FESX-Needy# Jul 03 09:06:32 Error: TIMEOUT reached I noticed the telnet prompt and the ssh prompt are different? BR-SSH at FESX-Needy# vs BR-telnet at FESX-Needy# But that seems pretty minor. -- Scott Baker - Canby Telcom Senior System Administrator - RHCE From heas at shrubbery.net Thu Jul 3 16:17:31 2014 From: heas at shrubbery.net (heasley) Date: Thu, 3 Jul 2014 16:17:31 +0000 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <53B58168.60700@canbytel.com> References: <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> <53B576D5.4030408@canbytel.com> <20140703160245.GC39613@shrubbery.net> <53B58031.1040108@canbytel.com> <20140703161117.GE39613@shrubbery.net> <53B58168.60700@canbytel.com> Message-ID: <20140703161731.GF39613@shrubbery.net> Thu, Jul 03, 2014 at 09:14:32AM -0700, Scott Baker: > On 07/03/2014 09:11 AM, heasley wrote: > > it should be fine; is it auto-enabling but you dont have autoenable set in > > cloginrc? or try flogin with -autoenable. else show me flogin -d host o/p. > > Aha that was it... if I pass flogin -autoenable it works fine. I've > never had to specify this for my other hosts. Other hosts are Cisco, so > maybe that's the difference? clogin has morphed to try to be more accomodating to the enable/autoenable thing. we'd like to eventually remove that altogether, eventually. > How do I specify that in my .cloginrc? see cloginrc(5) manpage From jethro.binks at strath.ac.uk Thu Jul 3 21:05:57 2014 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Thu, 3 Jul 2014 22:05:57 +0100 (BST) Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <20140703160245.GC39613@shrubbery.net> References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> <53B576D5.4030408@canbytel.com> <20140703160245.GC39613@shrubbery.net> Message-ID: On Thu, 3 Jul 2014, heasley wrote: > Thu, Jul 03, 2014 at 08:29:25AM -0700, Scott Baker: > > On 07/02/2014 06:03 PM, heasley wrote: > > > Couldn't tell you - debug it. flogin -d ...., see where it's waiting and > > > why. I do not know of a way to include timestamps in that debugging o/p, > > > so you'd have to tell us where its waiting. or possibly good enough > > > > > > flogin -d ... 2>&1 | while read ln; do echo -n `date +%s`; echo " $ln"; done > > > > > > > Good call, didn't think about doing that. I ended up using ts from > > moreutils to get the same effect. Looks like flogin uses > > "skip-page-display" and clogin uses "terminal length 0". > > Skip-page-display takes 4 seconds to run. The majority of the slowness > > in flogin appears to be the actual login process. Flogin is taking 20 > > seconds just to get to the enable prompt. Clogin is taking one second. > > I haven't even started to look at why clogin/ssh works, but flogin/ssh > > doesn't, which is how this whole thing started. > > I couldnt say :) historically, foundry cli and configuration has been > *awful*. but, you see in your o/p that term length doesn't actually > work, so it will be paging the o/p, which just makes a mess. > > so, complain to the mfg about the speed of the command. or look for PRs > and subsequently s/w where it is fixed. also, that may not be it; 4s is > much less than the 90s that francid uses for timeout. All that may or may not be a valid view :), but doesn't have anything to do with the problem, which is that the same hardware is faster using clogin than flogin. The reason appears to be simply that flogin uses a lot more "send -h" for human-ish speed tping than clogin (now?) does. Historic reason? Experimentally, I modified my local flogin (which is roughly similar to that from v2.3.8) to remove all instances of -h, except where they match with those in clogin (around "exit" and "quit" it seems). We'll see tomorrow if that breaks any of my (varied antiquity Foundry/Brocade) kit, but testing randomly seems OK. Scott, maybe you'd like to try the same and see how you get on (remove the "-h" and "-h --" parts where you find them in flogin). Actually John, while we're at it, while looking at my flogin I found I'd made this addition in run_comands, which perhaps you'd like to add: ... send "skip-page-display\r" expect -re "$prompt" {} # If logging in as an unpriv user (i.e., level 5 read-only), then # "skip-page-display" isn't available, unless you also configure: # privilege exec level 5 skip-page-display # # On some platforms, like the MLX, you can work around that # with this: send "terminal length 0\r" expect -re "$prompt" {} set commands [split $command \;] ... Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From heas at shrubbery.net Thu Jul 3 21:22:28 2014 From: heas at shrubbery.net (heasley) Date: Thu, 3 Jul 2014 21:22:28 +0000 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> <53B576D5.4030408@canbytel.com> <20140703160245.GC39613@shrubbery.net> Message-ID: <20140703212228.GM45859@shrubbery.net> Thu, Jul 03, 2014 at 10:05:57PM +0100, Jethro R Binks: > All that may or may not be a valid view :), but doesn't have anything to > do with the problem, which is that the same hardware is faster using > clogin than flogin. you may have missed that clogin actually doesnt work for him per-se. term length 0 on the box he has does not work, so it skips that altogether and the pager will appear in the longer command output. but ... > The reason appears to be simply that flogin uses a > lot more "send -h" for human-ish speed tping than clogin (now?) does. > Historic reason? you may be onto something there, but i doubt it'd amount to much. it just affects sends, which is limited and the timeout is on reads. his box may just be slow. I do not recall why -h was used more heavily in flogin. > Experimentally, I modified my local flogin (which is roughly similar to > that from v2.3.8) to remove all instances of -h, except where they match > with those in clogin (around "exit" and "quit" it seems). We'll see > tomorrow if that breaks any of my (varied antiquity Foundry/Brocade) kit, > but testing randomly seems OK. > > Scott, maybe you'd like to try the same and see how you get on (remove the > "-h" and "-h --" parts where you find them in flogin). do not remove the --'s, that has nothing to do with -h. > Actually John, while we're at it, while looking at my flogin I found I'd > made this addition in run_comands, which perhaps you'd like to add: > > ... > send "skip-page-display\r" > expect -re "$prompt" {} would you rework that to only send term length 0 if skip-page fails? > # If logging in as an unpriv user (i.e., level 5 read-only), then > # "skip-page-display" isn't available, unless you also configure: > # privilege exec level 5 skip-page-display > # > # On some platforms, like the MLX, you can work around that > # with this: > send "terminal length 0\r" > expect -re "$prompt" {} > > set commands [split $command \;] > ... > > Jethro. > > . . . . . . . . . . . . . . . . . . . . . . . . . > Jethro R Binks, Network Manager, > Information Services Directorate, University Of Strathclyde, Glasgow, UK > > The University of Strathclyde is a charitable body, registered in > Scotland, number SC015263. From bakers at canbytel.com Thu Jul 3 21:30:32 2014 From: bakers at canbytel.com (Scott Baker) Date: Thu, 03 Jul 2014 14:30:32 -0700 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <20140703212228.GM45859@shrubbery.net> References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> <53B576D5.4030408@canbytel.com> <20140703160245.GC39613@shrubbery.net> <20140703212228.GM45859@shrubbery.net> Message-ID: <53B5CB78.2050604@canbytel.com> On 07/03/2014 02:22 PM, heasley wrote: > you may have missed that clogin actually doesnt work for him per-se. term > length 0 on the box he has does not work, so it skips that altogether and > the pager will appear in the longer command output. but ... terminal length 0 DOES work on Foundry boxes. The ones I have at least. -- Scott Baker - Canby Telcom Senior System Administrator - RHCE From heas at shrubbery.net Thu Jul 3 21:34:16 2014 From: heas at shrubbery.net (heasley) Date: Thu, 3 Jul 2014 21:34:16 +0000 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <53B5CB78.2050604@canbytel.com> References: <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> <53B576D5.4030408@canbytel.com> <20140703160245.GC39613@shrubbery.net> <20140703212228.GM45859@shrubbery.net> <53B5CB78.2050604@canbytel.com> Message-ID: <20140703213416.GO45859@shrubbery.net> Thu, Jul 03, 2014 at 02:30:32PM -0700, Scott Baker: > On 07/03/2014 02:22 PM, heasley wrote: > > you may have missed that clogin actually doesnt work for him per-se. term > > length 0 on the box he has does not work, so it skips that altogether and > > the pager will appear in the longer command output. but ... > > terminal length 0 > > DOES work on Foundry boxes. The ones I have at least. it didnt in the transcript that you sent. so your box must also have it or not based on privilege level. From jethro.binks at strath.ac.uk Thu Jul 3 21:48:07 2014 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Thu, 3 Jul 2014 22:48:07 +0100 (BST) Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <20140703212228.GM45859@shrubbery.net> References: <53B4361F.30202@canbytel.com> <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> <53B576D5.4030408@canbytel.com> <20140703160245.GC39613@shrubbery.net> <20140703212228.GM45859@shrubbery.net> Message-ID: On Thu, 3 Jul 2014, heasley wrote: > Thu, Jul 03, 2014 at 10:05:57PM +0100, Jethro R Binks: > > All that may or may not be a valid view :), but doesn't have anything to > > do with the problem, which is that the same hardware is faster using > > clogin than flogin. > > you may have missed that clogin actually doesnt work for him per-se. > term length 0 on the box he has does not work, so it skips that > altogether and the pager will appear in the longer command output. but > ... I was looking specifically at the timings of the sending of password and skip-page-display, regardless of whatever happens after that: Jul 03 08:23:11 Jul 03 08:23:15 Please Enter Password: Jul 03 08:23:15 Jul 03 08:23:15 User login successful. Jul 03 08:23:15 Jul 03 08:23:22 BR-telnet at FESX-Needy>enable Jul 03 08:23:31 Password: Jul 03 08:23:31 BR-telnet at FESX-Needy# Jul 03 08:23:43 BR-telnet at FESX-Needy#skip-page-display Jul 03 08:23:43 Disable page display mode Jul 03 08:23:47 BR-telnet at FESX-Needy#show run Jul 03 08:23:47 Current configuration: Not familiar with ts from moreutils, but my reading of the above is that line: Jul 03 08:23:22 BR-telnet at FESX-Needy>enable is issued after "enable" has been (slowly) sent and the whole line echoed once complete for timestamping. Same for: Jul 03 08:23:43 BR-telnet at FESX-Needy#skip-page-display which is 12 seconds after the previous line: echoed after all those characters have been slowly sent. > > The reason appears to be simply that flogin uses a > > lot more "send -h" for human-ish speed tping than clogin (now?) does. > > Historic reason? > > you may be onto something there, but i doubt it'd amount to much. it > just affects sends, which is limited and the timeout is on reads. his > box may just be slow. I see you are rewinding back to the original report about timeouts with clogin after changing to ssh from telnet; using flogin was slow. If we can get rid of the flogin slow but, whatever goes wrong when using clogin is irrelevant. Well anyway, I do know that throwing the -h away makes flogin about as fast as clogin for me. So if that solves Scott's problem and doesn't introduce another then that's good enough for me :). Scott: Jul 03 08:24:38 BR-telnet at FESX-Needy#terminal length 0 Jul 03 08:24:38 Invalid input -> length 0 suggests "terminal length 0" doesn't work for you here. I don't see it working on various of my older boxes; does on MLX though. > I do not recall why -h was used more heavily in flogin. > > > Experimentally, I modified my local flogin (which is roughly similar > > to that from v2.3.8) to remove all instances of -h, except where they > > match with those in clogin (around "exit" and "quit" it seems). > > We'll see tomorrow if that breaks any of my (varied antiquity > > Foundry/Brocade) kit, but testing randomly seems OK. > > > > Scott, maybe you'd like to try the same and see how you get on (remove > > the "-h" and "-h --" parts where you find them in flogin). > > do not remove the --'s, that has nothing to do with -h. Why does clogin not need them in the places that flogin apparently does (with "-h")? > > Actually John, while we're at it, while looking at my flogin I found I'd > > made this addition in run_comands, which perhaps you'd like to add: > > > > ... > > send "skip-page-display\r" > > expect -re "$prompt" {} > > would you rework that to only send term length 0 if skip-page fails? That would be sensible. I obviously just hacked this in at some point! Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From heas at shrubbery.net Thu Jul 3 22:03:34 2014 From: heas at shrubbery.net (heasley) Date: Thu, 3 Jul 2014 22:03:34 +0000 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: References: <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> <53B576D5.4030408@canbytel.com> <20140703160245.GC39613@shrubbery.net> <20140703212228.GM45859@shrubbery.net> Message-ID: <20140703220334.GS45859@shrubbery.net> Thu, Jul 03, 2014 at 10:48:07PM +0100, Jethro R Binks: > > I do not recall why -h was used more heavily in flogin. > > > > > Experimentally, I modified my local flogin (which is roughly similar > > > to that from v2.3.8) to remove all instances of -h, except where they > > > match with those in clogin (around "exit" and "quit" it seems). > > > We'll see tomorrow if that breaks any of my (varied antiquity > > > Foundry/Brocade) kit, but testing randomly seems OK. > > > > > > Scott, maybe you'd like to try the same and see how you get on (remove > > > the "-h" and "-h --" parts where you find them in flogin). > > > > do not remove the --'s, that has nothing to do with -h. > > Why does clogin not need them in the places that flogin apparently does > (with "-h")? they were added to clogin because some boxes were echo'g strangely and in some cases would drop chars at the end of a line. slowing it down, made it behave more often than not. but, what i mean there is the actual -- part, not the -h. as for its heavier use in flogin, i do not recall and its not in the commit log, so I do not know. so, it could be removed, worth experimentation, but might break collection of some boxes. the values of send_human can be adjusted too, current: {.4 .4 .7 .3 5} perhaps: {.2 .3 5 .2 3} From davee at ceu.ox.ac.uk Fri Jul 4 08:44:35 2014 From: davee at ceu.ox.ac.uk (Dave Ewart) Date: Fri, 4 Jul 2014 09:44:35 +0100 Subject: [rancid] Best way to avoid regular diffs? Message-ID: <20140704084435.GS8627@pandora.ceu.ox.ac.uk> Hello, I've been getting repeated diffs in my Rancid reports because our switches use dynamic VLANs. Bascially, the output from 'show vlan' is constantly varying and there is no need to capture it: its results are simply noise, for our purposes. So I've been wondering about the *correct* way to prevent that output hitting the diffs. I've done the following: - Copied /usr/lib/rancid/bin/rancid to a new file named /usr/lib/rancid/bin/rancid-custom - Modified router.db so that it refers to 'cisco-custom' instead of 'cisco' - Modified /usr/lib/rancid/bin/rancid-fe to add an extra link from 'cisco-custom' to 'rancid-custom' - Then edit /usr/lib/rancid/bin/rancid-custom to remove the 'show vlan' output. This works and does what I want, so far so good. This seems like a robust solution, but because I've modified stock files, I'm going to miss out on any updates to the rancid installation that the Debian packages bring, next time there's an update. Is my approach reasonable or can you suggest a better, more robust approach? Cheers, Dave. -- Dave Ewart davee at ceu.ox.ac.uk Computing Manager, Cancer Epidemiology Unit University of Oxford N 51.7516, W 1.2152 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1530 bytes Desc: Digital signature URL: From heas at shrubbery.net Fri Jul 4 15:30:47 2014 From: heas at shrubbery.net (heasley) Date: Fri, 4 Jul 2014 15:30:47 +0000 Subject: [rancid] Best way to avoid regular diffs? In-Reply-To: <20140704084435.GS8627@pandora.ceu.ox.ac.uk> References: <20140704084435.GS8627@pandora.ceu.ox.ac.uk> Message-ID: <20140704153047.GC72525@shrubbery.net> Fri, Jul 04, 2014 at 09:44:35AM +0100, Dave Ewart: > Hello, > > I've been getting repeated diffs in my Rancid reports because our > switches use dynamic VLANs. Bascially, the output from 'show vlan' is > constantly varying and there is no need to capture it: its results are > simply noise, for our purposes. > > So I've been wondering about the *correct* way to prevent that output > hitting the diffs. > > I've done the following: > > - Copied /usr/lib/rancid/bin/rancid to a new file named > /usr/lib/rancid/bin/rancid-custom > > - Modified router.db so that it refers to 'cisco-custom' instead of > 'cisco' > > - Modified /usr/lib/rancid/bin/rancid-fe to add an extra link from > 'cisco-custom' to 'rancid-custom' > > - Then edit /usr/lib/rancid/bin/rancid-custom to remove the 'show vlan' > output. > > This works and does what I want, so far so good. > > This seems like a robust solution, but because I've modified stock > files, I'm going to miss out on any updates to the rancid installation > that the Debian packages bring, next time there's an update. > > Is my approach reasonable or can you suggest a better, more robust > approach? move to rancid 3.1; copy the cisco definition from rancid.types.base to rancid.types.conf, rename it, and remove or comment the commands you do not want. so, no modification of stock, easier upgrades - i hope. I believe 3.1 will also filter the vlan command anyway, if the vlan type is dynamic (or whatever the value is). From davee at ceu.ox.ac.uk Fri Jul 4 15:39:16 2014 From: davee at ceu.ox.ac.uk (Dave Ewart) Date: Fri, 4 Jul 2014 16:39:16 +0100 Subject: [rancid] Best way to avoid regular diffs? In-Reply-To: <20140704153047.GC72525@shrubbery.net> References: <20140704084435.GS8627@pandora.ceu.ox.ac.uk> <20140704153047.GC72525@shrubbery.net> Message-ID: <20140704153916.GF26428@pandora.ceu.ox.ac.uk> On Friday, 04.07.2014 at 15:30 +0000, heasley wrote: > > [...] > > > > Is my approach reasonable or can you suggest a better, more robust > > approach? > > move to rancid 3.1; copy the cisco definition from rancid.types.base > to rancid.types.conf, rename it, and remove or comment the commands > you do not want. so, no modification of stock, easier upgrades - i > hope. > > I believe 3.1 will also filter the vlan command anyway, if the vlan > type is dynamic (or whatever the value is). Ah, that's interesting to know. I'm using a Debian server and it has nothing later than 2.3.8 packaged. I see a Debian bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751975 asking for 3.1 to be packaged. The method you describe is exactly the framework I was hoping to be able to use, certainly. Cheers, Dave. -- Dave Ewart davee at ceu.ox.ac.uk Computing Manager, Cancer Epidemiology Unit University of Oxford N 51.7516, W 1.2152 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 1530 bytes Desc: Digital signature URL: From fanachos at gmail.com Mon Jul 7 11:52:26 2014 From: fanachos at gmail.com (Andrei Sabau) Date: Mon, 7 Jul 2014 14:52:26 +0300 Subject: [rancid] Need help upgrading rancid from 2.7.2 to 3.0 Message-ID: Hello. I would like to upgrade the rancid on a machine, is there a method to do this without losing the CVS repositories? Should i just install the new rancid with the same installation prefix as the old one? Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Mon Jul 7 19:36:03 2014 From: heas at shrubbery.net (heasley) Date: Mon, 7 Jul 2014 19:36:03 +0000 Subject: [rancid] Rancid 3.1 and WAAS devices In-Reply-To: <8903D0A8F70EA74FBE57CA9B846B42C00142C7FD31@ZY-MBX2.zyedge.local> References: <8903D0A8F70EA74FBE57CA9B846B42C00142C7FD31@ZY-MBX2.zyedge.local> Message-ID: <20140707193603.GC5330@shrubbery.net> Tue, Jun 24, 2014 at 02:28:05PM +0000, Ryan West: > Before upgrading from 2.3.6 to 3.1, I was able to back up WAAS devices. Now it's throwing the following error - > > device-wave: End of run not found > ! End of WAAS configuration > > The line after this has the typical prompt# > > I added a paging exception for End of WAAS, but it still fails with End of run not found. > > clogin -t 90 -c "show run" seems to work fine as well. > > Rancid -d functionality seems to have changed as well. rancid -d device-wave -t cisco. rancid-run -r devicename -t cisco [groupname] is what you meant, i think > loadtype(): device_type is empty > Couldn't load device type spec for > > Thanks, > > -ryan > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From rwest at zyedge.com Mon Jul 7 19:41:59 2014 From: rwest at zyedge.com (Ryan West) Date: Mon, 7 Jul 2014 19:41:59 +0000 Subject: [rancid] Rancid 3.1 and WAAS devices In-Reply-To: <20140707193603.GC5330@shrubbery.net> References: <8903D0A8F70EA74FBE57CA9B846B42C00142C7FD31@ZY-MBX2.zyedge.local> <20140707193603.GC5330@shrubbery.net> Message-ID: <8903D0A8F70EA74FBE57CA9B846B42C00142CDE822@ZY-MBX2.zyedge.local> John, > Rancid -d functionality seems to have changed as well. rancid -d device-wave -t cisco. rancid-run -r devicename -t cisco [groupname] is what you meant, i think Thanks for replying, I'm trying to get the debug functionality working to see why it think's WAAS devices are not at the end of the configuration. I thought you could run rancid -d in the past for this. Thanks, -ryan > loadtype(): device_type is empty > Couldn't load device type spec for > > Thanks, > > -ryan From heas at shrubbery.net Mon Jul 7 20:14:55 2014 From: heas at shrubbery.net (heasley) Date: Mon, 7 Jul 2014 20:14:55 +0000 Subject: [rancid] Rancid 3.1 and WAAS devices In-Reply-To: <8903D0A8F70EA74FBE57CA9B846B42C00142CDE822@ZY-MBX2.zyedge.local> References: <8903D0A8F70EA74FBE57CA9B846B42C00142C7FD31@ZY-MBX2.zyedge.local> <20140707193603.GC5330@shrubbery.net> <8903D0A8F70EA74FBE57CA9B846B42C00142CDE822@ZY-MBX2.zyedge.local> Message-ID: <20140707201455.GE5330@shrubbery.net> Mon, Jul 07, 2014 at 07:41:59PM +0000, Ryan West: > John, > > > Rancid -d functionality seems to have changed as well. rancid -d device-wave -t cisco. > > rancid-run -r devicename -t cisco [groupname] oops, no '-t cisco' there. > is what you meant, i think > > > Thanks for replying, I'm trying to get the debug functionality working to see why it think's WAAS devices are not at the end of the configuration. I thought you could run rancid -d in the past for this. rancid -t type -d devicename > Thanks, > > -ryan > > > > loadtype(): device_type is empty > > Couldn't load device type spec for > > > > Thanks, > > > > -ryan > > From daniel.jacobs at doortodoororganics.com Mon Jul 7 19:45:00 2014 From: daniel.jacobs at doortodoororganics.com (Daniel Jacobs) Date: Mon, 7 Jul 2014 13:45:00 -0600 Subject: [rancid] Rancid 3.1, router.db using ; instead of :, device_type is empty Message-ID: I just installed rancid 3.1 from source on a Centos 6.5 machine. I'm trying to get the configs for our Adtran routers, so I figured I'd use the adtran definition from rancid.types.base, but I've also tried this with cisco in place of adtran in router.db and got the same results. Here is my router.db: router1.mydomain.com;adtran;up router2.mydomain.com;adtran;up router3.mydomain.com;adtran;up output: $ /usr/local/rancid/bin/rancid /usr/local/rancid/bin/rancid-run loadtype(): device_type is empty Couldn't load device type spec for It works if I do this: $ rancid -t cisco 10.4.0.1 And if I try this: $ rancid -t adtran 10.4.0.1 I get this as output: inloop is not configured for device type adtran at /usr/local/rancid/bin/rancid line 121. Since I've already made sure I'm using semicolons instead of colons, what am I missing? Thanks! Daniel -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Mon Jul 7 22:38:05 2014 From: heas at shrubbery.net (heasley) Date: Mon, 7 Jul 2014 22:38:05 +0000 Subject: [rancid] Rancid 3.1, router.db using ; instead of :, device_type is empty In-Reply-To: References: Message-ID: <20140707223805.GG16007@shrubbery.net> Mon, Jul 07, 2014 at 01:45:00PM -0600, Daniel Jacobs: > I just installed rancid 3.1 from source on a Centos 6.5 machine. I'm trying > to get the configs for our Adtran routers, so I figured I'd use the adtran > definition from rancid.types.base, but I've also tried this with cisco in > place of adtran in router.db and got the same results. Sorry, thats a bit of a tease. I'd started that script, but things consumed my time and I lost access to the one i'd been poking remotely. I can give you a copy of what I have. From daniel.jacobs at doortodoororganics.com Mon Jul 7 22:41:08 2014 From: daniel.jacobs at doortodoororganics.com (Daniel Jacobs) Date: Mon, 7 Jul 2014 16:41:08 -0600 Subject: [rancid] Rancid 3.1, router.db using ; instead of :, device_type is empty In-Reply-To: <20140707223805.GG16007@shrubbery.net> References: <20140707223805.GG16007@shrubbery.net> Message-ID: Thanks. I'd be glad to take a look. But it's not working if I choose cisco as the router type in router.db - I'm getting loadtype(): device_type is empty Couldn't load device type spec for And I do have semicolons rather than colons. On Mon, Jul 7, 2014 at 4:38 PM, heasley wrote: > Mon, Jul 07, 2014 at 01:45:00PM -0600, Daniel Jacobs: > > I just installed rancid 3.1 from source on a Centos 6.5 machine. I'm > trying > > to get the configs for our Adtran routers, so I figured I'd use the > adtran > > definition from rancid.types.base, but I've also tried this with cisco in > > place of adtran in router.db and got the same results. > > Sorry, thats a bit of a tease. I'd started that script, but things > consumed > my time and I lost access to the one i'd been poking remotely. I can give > you a copy of what I have. > -- *Daniel Jacobs * Senior IT Admin \|/ \|/ \|/ \|/ \|/ \|/ \|/ \|/ \|/ \|/ \|/ \|/ """"""""""""""""""""""""""""""""""""""""""""" *door to door organics* w. 303.620.5440 www.DoorToDoorOrganics.com """"""""""""""""""""""""""""""""""""""""""""" *delightfully *fresh -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.jacobs at doortodoororganics.com Mon Jul 7 22:41:45 2014 From: daniel.jacobs at doortodoororganics.com (Daniel Jacobs) Date: Mon, 7 Jul 2014 16:41:45 -0600 Subject: [rancid] Rancid 3.1, router.db using ; instead of :, device_type is empty In-Reply-To: References: Message-ID: Adam, from 3.0 on, router.db uses ; instead of : so that IPv6 addresses will work (at least that was my understanding). Daniel On Mon, Jul 7, 2014 at 4:40 PM, Adam Korab wrote: > Use colons instead of semicolons in router.db > > On Jul 7, 2014, at 5:18 PM, "Daniel Jacobs" < > daniel.jacobs at doortodoororganics.com> wrote: > > I just installed rancid 3.1 from source on a Centos 6.5 machine. I'm > trying to get the configs for our Adtran routers, so I figured I'd use the > adtran definition from rancid.types.base, but I've also tried this with > cisco in place of adtran in router.db and got the same results. > > Here is my router.db: > > router1.mydomain.com;adtran;up > router2.mydomain.com;adtran;up > router3.mydomain.com;adtran;up > > output: > > $ /usr/local/rancid/bin/rancid /usr/local/rancid/bin/rancid-run > loadtype(): device_type is empty > Couldn't load device type spec for > > It works if I do this: > $ rancid -t cisco 10.4.0.1 > > And if I try this: > $ rancid -t adtran 10.4.0.1 > I get this as output: > inloop is not configured for device type adtran at > /usr/local/rancid/bin/rancid line 121. > > Since I've already made sure I'm using semicolons instead of colons, > what am I missing? > > Thanks! > > Daniel > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -- *Daniel Jacobs * Senior IT Admin \|/ \|/ \|/ \|/ \|/ \|/ \|/ \|/ \|/ \|/ \|/ \|/ """"""""""""""""""""""""""""""""""""""""""""" *door to door organics* w. 303.620.5440 www.DoorToDoorOrganics.com """"""""""""""""""""""""""""""""""""""""""""" *delightfully *fresh -------------- next part -------------- An HTML attachment was scrubbed... URL: From sambath.chhoeunsam at gmail.com Tue Jul 8 01:38:01 2014 From: sambath.chhoeunsam at gmail.com (Sambath Chhoeun) Date: Tue, 8 Jul 2014 08:38:01 +0700 Subject: [rancid] perl scripting for BGP prefix monitoring/backup Message-ID: Dear Everyone, I am now looking for way to monitoring and backup the BGP prefix from Cisco/Juniper devices, and I am thinking if we could have a perl scripting to patch into the rancid and get it do the backup. Anyone experience with that? Much Appreciate with your help. Regards, Sambath -- Sambath CHHOEUN Networks Support Tel: (855) 77 900110/ 70 7887 62 -------------- next part -------------- An HTML attachment was scrubbed... URL: From heas at shrubbery.net Tue Jul 8 15:25:22 2014 From: heas at shrubbery.net (heasley) Date: Tue, 8 Jul 2014 15:25:22 +0000 Subject: [rancid] perl scripting for BGP prefix monitoring/backup In-Reply-To: References: Message-ID: <20140708152522.GG44379@shrubbery.net> Tue, Jul 08, 2014 at 08:38:01AM +0700, Sambath Chhoeun: > Dear Everyone, > > I am now looking for way to monitoring and backup the BGP prefix from > Cisco/Juniper devices, and I am thinking if we could have a perl scripting > to patch into the rancid and get it do the backup. Anyone experience with > that? Much Appreciate with your help. using rancid 3.1, create a new module in lib/rancid with a function to parse the output create a new type in rancid.types.conf(5) use the base definition as a template with a new name replace the commands with your show ip bgp command include the new module with your parsing function From roman.hochuli at nexellent.ch Wed Jul 9 09:01:43 2014 From: roman.hochuli at nexellent.ch (Roman Hochuli) Date: Wed, 9 Jul 2014 11:01:43 +0200 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <20140703220334.GS45859@shrubbery.net> References: <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> <53B576D5.4030408@canbytel.com> <20140703160245.GC39613@shrubbery.net> <20140703212228.GM45859@shrubbery.net> <20140703220334.GS45859@shrubbery.net> Message-ID: <53BD04F7.1080609@nexellent.ch> Hello All > they were added to clogin because some boxes were echo'g strangely and in > some cases would drop chars at the end of a line. slowing it down, made > it behave more often than not. but, what i mean there is the actual -- > part, not the -h. We've got quite a bunch of those boxes. It is well known to us that for example copy-pasting config snippets is not handled nicely under certain circumstances on the FESX. The keyboard-buffer of the telnet-session seems to be extremly limited. Depending on config-mode and preceding command it may be completely disabled, sometimes even ignoring or blocking input at all. Those behaviours are bascially undocumented, but seem to be by-design. The keyboard buffer issue is even worse with ssh. My rough guess for the root of that problem is, that the management-cpu is simply overloaded with calculating the encryption of the ssh-session. There were high-cpu situation where we were unable to access the device over ssh at all while telnet still worked (reasonably slow). To be fair: the FESX6-series devices seem to behave a lot better than the original FESX4-series devices. Newer firmware is also helping to solve the keyboard-buffer issue at certain points. So bottom-line: there are certainly reasons for slowing down command input on that platform. :) -- Best regards, Roman Hochuli Operations Manager nexellent ag Saegereistrasse 33 CH-8152 Glattbrugg Phone: +41 44 872 20 00 Fax: +41 44 872 20 01 URL: www.nexellent.ch X-NCC-RegID: ch.nexellent Imagination is the one weapon in the war against reality. -- Jules de Gaultier From jethro.binks at strath.ac.uk Wed Jul 9 10:50:12 2014 From: jethro.binks at strath.ac.uk (Jethro R Binks) Date: Wed, 9 Jul 2014 11:50:12 +0100 (BST) Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: <53BD04F7.1080609@nexellent.ch> References: <53B454E2.10707@gmail.com> <53B46E59.8050501@gmail.com> <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> <53B576D5.4030408@canbytel.com> <20140703160245.GC39613@shrubbery.net> <20140703212228.GM45859@shrubbery.net> <20140703220334.GS45859@shrubbery.net> <53BD04F7.1080609@nexellent.ch> Message-ID: That all sounds very plausible. So, -h may be required at least for some Brocade hardware, but at the cost of making the whole flogin session take longer (in comparison with clogin). Thanks for the additional info, Jethro. On Wed, 9 Jul 2014, Roman Hochuli wrote: > Hello All > > > they were added to clogin because some boxes were echo'g strangely and in > > some cases would drop chars at the end of a line. slowing it down, made > > it behave more often than not. but, what i mean there is the actual -- > > part, not the -h. > > We've got quite a bunch of those boxes. It is well known to us that for > example copy-pasting config snippets is not handled nicely under certain > circumstances on the FESX. The keyboard-buffer of the telnet-session > seems to be extremly limited. > Depending on config-mode and preceding command it may be completely > disabled, sometimes even ignoring or blocking input at all. Those > behaviours are bascially undocumented, but seem to be by-design. > > The keyboard buffer issue is even worse with ssh. My rough guess for the > root of that problem is, that the management-cpu is simply overloaded > with calculating the encryption of the ssh-session. There were high-cpu > situation where we were unable to access the device over ssh at all > while telnet still worked (reasonably slow). > > To be fair: the FESX6-series devices seem to behave a lot better than > the original FESX4-series devices. Newer firmware is also helping to > solve the keyboard-buffer issue at certain points. > > So bottom-line: there are certainly reasons for slowing down command > input on that platform. :) > > -- > Best regards, > Roman Hochuli > Operations Manager > > nexellent ag > Saegereistrasse 33 > CH-8152 Glattbrugg > > Phone: +41 44 872 20 00 > Fax: +41 44 872 20 01 > URL: www.nexellent.ch > X-NCC-RegID: ch.nexellent > > Imagination is the one weapon in the war > against reality. > -- Jules de Gaultier > > . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. From heas at shrubbery.net Wed Jul 9 14:32:33 2014 From: heas at shrubbery.net (heasley) Date: Wed, 9 Jul 2014 14:32:33 +0000 Subject: [rancid] Trouble grabbing configs from a Foundry FesX In-Reply-To: References: <53B471C5.10205@canbytel.com> <20140703010328.GK16642@shrubbery.net> <53B576D5.4030408@canbytel.com> <20140703160245.GC39613@shrubbery.net> <20140703212228.GM45859@shrubbery.net> <20140703220334.GS45859@shrubbery.net> <53BD04F7.1080609@nexellent.ch> Message-ID: <20140709143233.GA86981@shrubbery.net> Wed, Jul 09, 2014 at 11:50:12AM +0100, Jethro R Binks: > That all sounds very plausible. > > So, -h may be required at least for some Brocade hardware, but at the cost > of making the whole flogin session take longer (in comparison with > clogin). try it with the send_human values that i suggested in the previous emails. I have no manner of testing brocade/foundry; one reason that we stopped buying them was because of their cli, and when we asked them to fix the bugs, they told us that users were accustomed to the bugs. > the values of send_human can be adjusted too, > current: {.4 .4 .7 .3 5} > > perhaps: {.2 .3 5 .2 3} From heas at shrubbery.net Fri Jul 18 20:33:12 2014 From: heas at shrubbery.net (heasley) Date: Fri, 18 Jul 2014 20:33:12 +0000 Subject: [rancid] Rancid and Git In-Reply-To: References: Message-ID: <20140718203312.GK54108@shrubbery.net> Wed, May 21, 2014 at 08:07:26PM +0000, Brown, David M JR: > > >---- > >> $BASEDIR is the dir into which all groups go. If you put a generic > >> lockfile here you will make it so multiple groups can't be polled at one > >> time. Typically a temp dir is used where the file includes the group > >>name > >> so there is no stepping on of toes, and stale lockfiles aren't left in > >> unexpected places. > > > >The locks shouldn't slow down polling, the lock is only held when making > >commits to the Git repository which shouldn't happen during polling > >(unless I'm misunderstanding something about the code). I needed the > >locks because I need to run a series of git commands atomically or > >changes from other groups might become part of the wrong commit. > >---- > > > >That seems out of scope to me. Perhaps i do not yet understand the > >process > >in git. how would the commits in one group become part of another group's > >commit? the commit occurs in the group's directory. > > One of the big differences between svn commit and git commit is the > current working directory doesn?t matter for git and it does for svn. My > guess is that they did this then to ensure that commits to on group don?t > have race conditions with another group being modified. > > A fix to this would be to do a 'git commit -m ?$message? *' this should > only commit things in the current working directory and not differences in > the entire tree. > > Hopefully this helps. > > Thanks, > - David Brown I've been playing with git a bit to determine how to arrange the repository and understand the commands. I find the automatic search for changed files unwelcome. The original git patch arranges the repository at $BASEDIR (eg: /var/rancid), which creates a single repository with all groups. I experimented with creating a "remote" repository in $BASEDIR, then pushing individual groups to it, but they clash, which I suspect has to do with either the repository name (git push -u origin master). Assuming that is not the problem with that arrangement, another possibility is just making each group its own self-contained repository. However, I dislike this as well, as its easier to help users recover from RCS problems when they can just rm-rf the group and check-out a fresh copy. Also, I'd like to maintain the existing arrangement with CVS and SVN, where each rancid group is it's own path that admins can remove their working copy without remove-ing from the repository (yes, I understand that the history remains). Any guidance or comment welcome. From Douglas.Hughes at DEShawResearch.com Fri Jul 18 20:35:32 2014 From: Douglas.Hughes at DEShawResearch.com (Hughes, Doug) Date: Fri, 18 Jul 2014 20:35:32 +0000 Subject: [rancid] Rancid and Git In-Reply-To: <20140718203312.GK54108@shrubbery.net> References: <20140718203312.GK54108@shrubbery.net> Message-ID: I think 1 repo seems the sanest thing to do, but I might be missing some esoteric use cases where multiple would be valuable. From crowed at bendbroadband.net Fri Jul 18 21:05:01 2014 From: crowed at bendbroadband.net (Crowe, David) Date: Fri, 18 Jul 2014 14:05:01 -0700 Subject: [rancid] Rancid and Git In-Reply-To: References: <20140718203312.GK54108@shrubbery.net> Message-ID: i would agree with a single repo being the best approach. regarding the automatic search for changed files (i'll include untracked files in here), the additions to .gitignore helps with this tremendously. thanks, David On Jul 18, 2014, at 1:35 PM, Hughes, Doug wrote: > I think 1 repo seems the sanest thing to do, but I might be missing some esoteric use cases where multiple would be valuable. > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss From heas at shrubbery.net Fri Jul 18 21:18:57 2014 From: heas at shrubbery.net (John Heasley) Date: Fri, 18 Jul 2014 14:18:57 -0700 Subject: [rancid] Rancid and Git In-Reply-To: References: <20140718203312.GK54108@shrubbery.net> Message-ID: <42EC7FC3-07A3-4F65-86ED-406384C63A06@shrubbery.net> Am Jul 18, 2014 um 2:05 PM schrieb "Crowe, David" : > > i would agree with a single repo being the best approach. > > regarding the automatic search for changed files (i'll include untracked files in here), the additions to .gitignore helps with this tremendously. > I do not like its global behavior, but... Can you tell me what is wrong with the second approach i described? > thanks, > > David > >> On Jul 18, 2014, at 1:35 PM, Hughes, Doug wrote: >> >> I think 1 repo seems the sanest thing to do, but I might be missing some esoteric use cases where multiple would be valuable. >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss From crowed at bendbroadband.net Fri Jul 18 21:57:07 2014 From: crowed at bendbroadband.net (Crowe, David) Date: Fri, 18 Jul 2014 14:57:07 -0700 Subject: [rancid] Rancid and Git In-Reply-To: <42EC7FC3-07A3-4F65-86ED-406384C63A06@shrubbery.net> References: <20140718203312.GK54108@shrubbery.net> <42EC7FC3-07A3-4F65-86ED-406384C63A06@shrubbery.net> Message-ID: <15ADE43B-1590-44CA-8142-FF96D4D68F71@bendbroadband.net> On Jul 18, 2014, at 2:18 PM, John Heasley wrote: > Am Jul 18, 2014 um 2:05 PM schrieb "Crowe, David" : >> >> i would agree with a single repo being the best approach. >> >> regarding the automatic search for changed files (i'll include untracked files in here), the additions to .gitignore helps with this tremendously. >> > > I do not like its global behavior, but... > that is a bit of a pain but once you add the extraneous files and patterns to .gitignore file i've not had to touch it in a long time. having a separate repo for each group could make that a bit cleaner. > Can you tell me what is wrong with the second approach i described? > if i understand what you tried, the "remote" can't be within/under the same directory tree as $BASEDIR if that is the root of an existing git repo. if you stay with the single repo strategy, doing "git reset --hard $BASEDIR/group" is the best way to get back to the last known good repo copy for any group. David From heas at shrubbery.net Sat Jul 19 20:16:42 2014 From: heas at shrubbery.net (Heasley John) Date: Sat, 19 Jul 2014 20:16:42 +0000 Subject: [rancid] Rancid and Git In-Reply-To: <15ADE43B-1590-44CA-8142-FF96D4D68F71@bendbroadband.net> References: <20140718203312.GK54108@shrubbery.net> <42EC7FC3-07A3-4F65-86ED-406384C63A06@shrubbery.net> <15ADE43B-1590-44CA-8142-FF96D4D68F71@bendbroadband.net> Message-ID: <20140719201642.GH90588@shrubbery.net> Fri, Jul 18, 2014 at 02:57:07PM -0700, Crowe, David: > On Jul 18, 2014, at 2:18 PM, John Heasley wrote: > > > Am Jul 18, 2014 um 2:05 PM schrieb "Crowe, David" : > >> > >> i would agree with a single repo being the best approach. > >> > >> regarding the automatic search for changed files (i'll include untracked files in here), the additions to .gitignore helps with this tremendously. > >> > > > > I do not like its global behavior, but... > > > > that is a bit of a pain but once you add the extraneous files and patterns to .gitignore file i've not had to touch it in a long time. having a separate repo for each group could make that a bit cleaner. > > > > Can you tell me what is wrong with the second approach i described? > > > > if i understand what you tried, the "remote" can't be within/under the same directory tree as $BASEDIR if that is the root of an existing git repo. how do services like github arrange their store? is it a path per-project? another nice result of having this mehtod, is that the code remains generic for local (this host) or remote repositories. > if you stay with the single repo strategy, doing "git reset --hard $BASEDIR/group" is the best way to get back to the last known good repo copy for any group. thanks; i suspected that would be the result. From crowed at bendbroadband.net Sat Jul 19 20:47:42 2014 From: crowed at bendbroadband.net (Crowe, David) Date: Sat, 19 Jul 2014 13:47:42 -0700 Subject: [rancid] Rancid and Git In-Reply-To: <20140719201642.GH90588@shrubbery.net> References: <20140718203312.GK54108@shrubbery.net> <42EC7FC3-07A3-4F65-86ED-406384C63A06@shrubbery.net> <15ADE43B-1590-44CA-8142-FF96D4D68F71@bendbroadband.net> <20140719201642.GH90588@shrubbery.net> Message-ID: <162F0AF6-CDB4-4D84-8079-B9699AA74E60@bendbroadband.net> On Jul 19, 2014, at 1:16 PM, Heasley John wrote: > Fri, Jul 18, 2014 at 02:57:07PM -0700, Crowe, David: >> On Jul 18, 2014, at 2:18 PM, John Heasley wrote: >> >>> Am Jul 18, 2014 um 2:05 PM schrieb "Crowe, David" : >>>> >>>> i would agree with a single repo being the best approach. >>>> >>>> regarding the automatic search for changed files (i'll include untracked files in here), the additions to .gitignore helps with this tremendously. >>>> >>> >>> I do not like its global behavior, but... >>> >> >> that is a bit of a pain but once you add the extraneous files and patterns to .gitignore file i've not had to touch it in a long time. having a separate repo for each group could make that a bit cleaner. >> >> >>> Can you tell me what is wrong with the second approach i described? >>> >> >> if i understand what you tried, the "remote" can't be within/under the same directory tree as $BASEDIR if that is the root of an existing git repo. > > how do services like github arrange their store? is it a path per-project? > correct. > another nice result of having this mehtod, is that the code remains generic > for local (this host) or remote repositories. > agreed. >> if you stay with the single repo strategy, doing "git reset --hard $BASEDIR/group" is the best way to get back to the last known good repo copy for any group. > > thanks; i suspected that would be the result. From jeff at ocjtech.us Mon Jul 21 20:40:13 2014 From: jeff at ocjtech.us (Jeffrey Ollie) Date: Mon, 21 Jul 2014 15:40:13 -0500 Subject: [rancid] Rancid and Git In-Reply-To: <20140718203312.GK54108@shrubbery.net> References: <20140718203312.GK54108@shrubbery.net> Message-ID: On Fri, Jul 18, 2014 at 3:33 PM, heasley wrote: > > I've been playing with git a bit to determine how to arrange the repository > and understand the commands. I find the automatic search for changed files > unwelcome. Git should only be automatically searching for changed files if you are using "git commit -a". My patch didn't do that, it added changed files to the pending commit individually. > The original git patch arranges the repository at $BASEDIR (eg: /var/rancid), > which creates a single repository with all groups. > > I experimented with creating a "remote" repository in $BASEDIR, then pushing > individual groups to it, but they clash, which I suspect has to do with > either the repository name (git push -u origin master). That won't quite work the way that you expect... merging multiple unrelated repositories into one will make for a very confused repository. -- Jeff Ollie From mark.tinka at seacom.mu Wed Jul 23 15:02:44 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Wed, 23 Jul 2014 17:02:44 +0200 Subject: [rancid] Ignoring (Boot)Flash Changes (IOS and IOS XE) Message-ID: <201407231702.45031.mark.tinka@seacom.mu> Hi all. I've been checking around and can't seem to find any current solutionsk (most of the ones relate to earlier versions of RANCID, and there have been some changes to the "rancid" script since). Would anyone know the currently accepted method to ignore constant RANCID updates due to (Boot)flash changes on IOS and IOS XE systems? Thanks. Mark -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From mark.tinka at seacom.mu Wed Jul 23 15:03:56 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Wed, 23 Jul 2014 17:03:56 +0200 Subject: [rancid] Ignoring (Boot)Flash Changes (IOS and IOS XE) - Update! In-Reply-To: <201407231702.45031.mark.tinka@seacom.mu> References: <201407231702.45031.mark.tinka@seacom.mu> Message-ID: <201407231703.56525.mark.tinka@seacom.mu> Ah, and just to add, I'm running 2.3.8. Thanks. Mark. On Wednesday, July 23, 2014 05:02:44 PM Mark Tinka wrote: > Hi all. > > I've been checking around and can't seem to find any > current solutionsk (most of the ones relate to earlier > versions of RANCID, and there have been some changes to > the "rancid" script since). > > Would anyone know the currently accepted method to ignore > constant RANCID updates due to (Boot)flash changes on IOS > and IOS XE systems? Thanks. > > Mark -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From alan.mckinnon at gmail.com Wed Jul 23 15:15:35 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 23 Jul 2014 17:15:35 +0200 Subject: [rancid] Ignoring (Boot)Flash Changes (IOS and IOS XE) - Update! In-Reply-To: <201407231703.56525.mark.tinka@seacom.mu> References: <201407231702.45031.mark.tinka@seacom.mu> <201407231703.56525.mark.tinka@seacom.mu> Message-ID: <53CFD197.5050804@gmail.com> On 23/07/2014 17:03, Mark Tinka wrote: > Ah, and just to add, I'm running 2.3.8. Thanks. > > Mark. > > On Wednesday, July 23, 2014 05:02:44 PM Mark Tinka wrote: >> Hi all. >> >> I've been checking around and can't seem to find any >> current solutionsk (most of the ones relate to earlier >> versions of RANCID, and there have been some changes to >> the "rancid" script since). >> >> Would anyone know the currently accepted method to ignore >> constant RANCID updates due to (Boot)flash changes on IOS >> and IOS XE systems? Thanks. >> >> Mark >> >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss Hi Mark, I made patches to deal with that exact thing. But, I'm no longer employed at the company across the hallway from you so I can't look them up right now. I still have friends there though and can call in a favour. While we wait, you can give it a bash ourself, it's real easy. You edit the script "rancid", look up the sub that's run for "show bootflash" and add a check for the stuff to be ignored, something like: next if -- Alan McKinnon alan.mckinnon at gmail.com From mark.tinka at seacom.mu Wed Jul 23 15:29:03 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Wed, 23 Jul 2014 17:29:03 +0200 Subject: [rancid] Ignoring (Boot)Flash Changes (IOS and IOS XE) - Update! In-Reply-To: <53CFD197.5050804@gmail.com> References: <201407231702.45031.mark.tinka@seacom.mu> <201407231703.56525.mark.tinka@seacom.mu> <53CFD197.5050804@gmail.com> Message-ID: <201407231729.04177.mark.tinka@seacom.mu> On Wednesday, July 23, 2014 05:15:35 PM Alan McKinnon wrote: > I made patches to deal with that exact thing. But, I'm no > longer employed at the company across the hallway from > you so I can't look them up right now. That's too bad :-(... > I still have > friends there though and can call in a favour. Always helps :-). > While we wait, you can give it a bash ourself, it's real > easy. You edit the script "rancid", look up the sub > that's run for "show bootflash" and add a check for the > stuff to be ignored, something like: > > next if ----- This is what we have: sub ShowFlash { # skip if this is 7000, 7200, 7500, or 12000; else we end up with # redundant data from dir /all slot0: print STDERR " In ShowFlash: $_" if ($debug); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if ($type =~ /^(12[40]|7)/); return(1) if ($ios eq "XE"); return(1) if (/^\s*\^\s*$/); return(1) if (/Line has invalid autocommand /); return(1) if (/(Invalid (input|command) detected|Type help or )/i); return(-1) if (/command authorization failed/i); # the pager can not be disabled per-session on the PIX if (/^(<-+ More -+>)/) { my($len) = length($1); s/^$1\s{$len}//; } # Filter dhcp database next if (/dhcp_[^. ]*\.txt/); # /\s+(multiple-fs|nv_hdr|vlan\.dat)$/ && next; /\s+(config.text|private-config.text|multiple-fs|nv_hdr|vlan\.dat)$/ && next; ProcessHistory("FLASH","","","!Flash: $_"); } ProcessHistory("","","","!\n"); return; } ----- I hacked it a little, changing: /\s+(multiple-fs|nv_hdr|vlan\.dat)$/ && next; ... to: /\s+(config.text|private-config.text|multiple-fs|nv_hdr|vlan\.dat)$/ && But couldn't get it to work. That tip said to disable commands that run against checking of the file system, but that was a couple of RANCID's a go and the script has changed a great deal. I can estimate what those commands would be for this tip, but I'd rather ask here to be sure. Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From alan.mckinnon at gmail.com Wed Jul 23 15:50:24 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Wed, 23 Jul 2014 17:50:24 +0200 Subject: [rancid] Ignoring (Boot)Flash Changes (IOS and IOS XE) - Update! In-Reply-To: <201407231729.04177.mark.tinka@seacom.mu> References: <201407231702.45031.mark.tinka@seacom.mu> <201407231703.56525.mark.tinka@seacom.mu> <53CFD197.5050804@gmail.com> <201407231729.04177.mark.tinka@seacom.mu> Message-ID: <53CFD9C0.5070205@gmail.com> On 23/07/2014 17:29, Mark Tinka wrote: > On Wednesday, July 23, 2014 05:15:35 PM Alan McKinnon wrote: > >> I made patches to deal with that exact thing. But, I'm no >> longer employed at the company across the hallway from >> you so I can't look them up right now. > > That's too bad :-(... > >> I still have >> friends there though and can call in a favour. > > Always helps :-). > >> While we wait, you can give it a bash ourself, it's real >> easy. You edit the script "rancid", look up the sub >> that's run for "show bootflash" and add a check for the >> stuff to be ignored, something like: >> >> next if > > ----- > > This is what we have: > > sub ShowFlash { > # skip if this is 7000, 7200, 7500, or 12000; else we end up with > # redundant data from dir /all slot0: > print STDERR " In ShowFlash: $_" if ($debug); > > while () { > tr/\015//d; > last if (/^$prompt/); > next if (/^(\s*|\s*$cmd\s*)$/); > return(1) if ($type =~ /^(12[40]|7)/); > return(1) if ($ios eq "XE"); > return(1) if (/^\s*\^\s*$/); > return(1) if (/Line has invalid autocommand /); > return(1) if (/(Invalid (input|command) detected|Type help or )/i); > return(-1) if (/command authorization failed/i); > # the pager can not be disabled per-session on the PIX > if (/^(<-+ More -+>)/) { > my($len) = length($1); > s/^$1\s{$len}//; > } > > # Filter dhcp database > next if (/dhcp_[^. ]*\.txt/); > > # /\s+(multiple-fs|nv_hdr|vlan\.dat)$/ && next; > /\s+(config.text|private-config.text|multiple-fs|nv_hdr|vlan\.dat)$/ && next; > ProcessHistory("FLASH","","","!Flash: $_"); > } > ProcessHistory("","","","!\n"); > return; > } > > ----- > > I hacked it a little, changing: > > /\s+(multiple-fs|nv_hdr|vlan\.dat)$/ && next; > > ... to: > > /\s+(config.text|private-config.text|multiple-fs|nv_hdr|vlan\.dat)$/ && > > But couldn't get it to work. That tip said to disable > commands that run against checking of the file system, > but that was a couple of RANCID's a go and the script > has changed a great deal. > > I can estimate what those commands would be for this tip, > but I'd rather ask here to be sure. > > Mark. > You're on the right track, editing that regex is the way to do it. Because the Show* subs are used for so many different commands they can become cluttered if you are not careful. And being perl, there's always 429 ways to do the same thing, including all the varied syntaxes for different versions of perl. The form / References: <201407231702.45031.mark.tinka@seacom.mu> <201407231729.04177.mark.tinka@seacom.mu> <53CFD9C0.5070205@gmail.com> Message-ID: <201407231758.11647.mark.tinka@seacom.mu> On Wednesday, July 23, 2014 05:50:24 PM Alan McKinnon wrote: > I worked out a more general solution a while back as our > NetOps want to see that the file exists and want to see > huge changes in size. So I converted filesizes to > kilo-mega-giga byte form and diffed that. The noise > reduced cconsiderably. Check my postings for the last 3 > months, the subject starts with [PATCH] Yes, this would be a better approach, as the RANCID output is useful to know whether disk space will become an issue, but capturing all the small changes creates too much noise. Large changes in MB (instead of KB) deltas is acceptable. Let me hunt for your patch and revert. Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From john.kougoulos at gmail.com Wed Jul 23 20:52:10 2014 From: john.kougoulos at gmail.com (John Kougoulos) Date: Wed, 23 Jul 2014 22:52:10 +0200 Subject: [rancid] F5 rancid Message-ID: Hi all, just in case someone is interested, I faced recently this issue that f5rancid cannot receive the output of some tmsh commands in 11.4 when ran through cron. I didn't find any solutions in the mailing list archives, so, after wasting some time trying various tricks, I ended up that the easiest solution is to change this line in f5rancid: $ENV{'TERM'} = "vt100"; to $ENV{'TERM'} = "vt100-w"; The problem was that when the prompt+command was over 80 columns, rancid was confused with the escape characters. Hope it helps someone John -------------- next part -------------- An HTML attachment was scrubbed... URL: From aaron.wasserott at viawest.com Thu Jul 24 12:22:47 2014 From: aaron.wasserott at viawest.com (Aaron Wasserott) Date: Thu, 24 Jul 2014 12:22:47 +0000 Subject: [rancid] Ignore differences in certain lines? Message-ID: <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE3BF@mbx030-w1-co-6.exch030.domain.local> Trying to capture 'show interface status' output from Cisco IOS switches, but ignore the output for diff purposes. Is that possible? I guess it would have to be part of the mailer function to not send output for certain lines. I copied the ShowVLAN sub-routine because it already appends ! in front of the lines, so they are not considered config lines. But right now I can't even get the output captured. This is the new sub I am using: # This routine parses "show interface status" sub ShowIntStat { print STDERR " In ShowIntStat: $_" if ($debug); #($_ = , return(1)) if (!$DO_SHOW_INT_STAT); while () { tr/\015//d; last if (/^$prompt/); next if (/^(\s*|\s*$cmd\s*)$/); return(1) if /^\s*\^\s*$/; return(1) if /Line has invalid autocommand /; return(1) if /(Invalid input detected|Type help or )/; return(1) if /Ambiguous command/i; # newer releases (~12.1(9)) place the vlan config in the normal # configuration (write term). #return(1) if ($type =~ /^(3550|4500)$/); #return(1) if ($type !~ /^(2900XL|3500XL|6000)$/); return(-1) if (/command authorization failed/i); # the pager can not be disabled per-session on the PIX if (/^(<-+ More -+>)/) { my($len) = length($1); s/^$1\s{$len}//; } ProcessHistory("COMMENTS","keysort","IO","!INT: $_"); } ProcessHistory("COMMENTS","keysort","IO","!\n"); return(0); } -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Thu Jul 24 15:30:07 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 24 Jul 2014 17:30:07 +0200 Subject: [rancid] Ignore differences in certain lines? In-Reply-To: <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE3BF@mbx030-w1-co-6.exch030.domain.local> References: <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE3BF@mbx030-w1-co-6.exch030.domain.local> Message-ID: <53D1267F.2080009@gmail.com> On 24/07/2014 14:22, Aaron Wasserott wrote: > Trying to capture ?show interface status? output from Cisco IOS > switches, but ignore the output for diff purposes. Is that possible? I > guess it would have to be part of the mailer function to not send output > for certain lines. > > > > I copied the ShowVLAN sub-routine because it already appends ! in front > of the lines, so they are not considered config lines. But right now I > can?t even get the output captured. > > > > This is the new sub I am using: > > > > > > # This routine parses "show interface status" > > sub ShowIntStat { > > print STDERR " In ShowIntStat: $_" if ($debug); > > > > #($_ = , return(1)) if (!$DO_SHOW_INT_STAT); > > > > while () { > > tr/\015//d; > > last if (/^$prompt/); > > next if (/^(\s*|\s*$cmd\s*)$/); > > return(1) if /^\s*\^\s*$/; > > return(1) if /Line has invalid autocommand /; > > return(1) if /(Invalid input detected|Type help or )/; > > return(1) if /Ambiguous command/i; > > # newer releases (~12.1(9)) place the vlan config in the normal > > # configuration (write term). > > #return(1) if ($type =~ /^(3550|4500)$/); > > #return(1) if ($type !~ /^(2900XL|3500XL|6000)$/); > > return(-1) if (/command authorization failed/i); > > # the pager can not be disabled per-session on the PIX > > if (/^(<-+ More -+>)/) { > > my($len) = length($1); > > s/^$1\s{$len}//; > > } > > > > ProcessHistory("COMMENTS","keysort","IO","!INT: $_"); > > } > > ProcessHistory("COMMENTS","keysort","IO","!\n"); > > return(0); > > } Did you add corresponding entries to @command in the rancid script to match your new sub? Just follow the existing pattern, it's obvious how it must work. -- Alan McKinnon alan.mckinnon at gmail.com From aaron.wasserott at viawest.com Thu Jul 24 15:48:35 2014 From: aaron.wasserott at viawest.com (Aaron Wasserott) Date: Thu, 24 Jul 2014 15:48:35 +0000 Subject: [rancid] Ignore differences in certain lines? In-Reply-To: <53D1267F.2080009@gmail.com> References: <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE3BF@mbx030-w1-co-6.exch030.domain.local> <53D1267F.2080009@gmail.com> Message-ID: <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE735@mbx030-w1-co-6.exch030.domain.local> >> Trying to capture 'show interface status' output from Cisco IOS >> switches, but ignore the output for diff purposes. Is that possible? I >> guess it would have to be part of the mailer function to not send >> output for certain lines. >> >> >> >> I copied the ShowVLAN sub-routine because it already appends ! in >> front of the lines, so they are not considered config lines. But right >> now I can't even get the output captured. >> >> This is the new sub I am using: >> >> # This routine parses "show interface status" >> >> sub ShowIntStat { >> print STDERR " In ShowIntStat: $_" if ($debug); >> >> #($_ = , return(1)) if (!$DO_SHOW_INT_STAT); >> >> while () { >> tr/\015//d; >> last if (/^$prompt/); >> next if (/^(\s*|\s*$cmd\s*)$/); >> return(1) if /^\s*\^\s*$/; >> return(1) if /Line has invalid autocommand /; >> return(1) if /(Invalid input detected|Type help or )/; >> return(1) if /Ambiguous command/i; >> # newer releases (~12.1(9)) place the vlan config in the normal >> # configuration (write term). >> #return(1) if ($type =~ /^(3550|4500)$/); >> #return(1) if ($type !~ /^(2900XL|3500XL|6000)$/); >> return(-1) if (/command authorization failed/i); >> # the pager can not be disabled per-session on the PIX >> if (/^(<-+ More -+>)/) { >> my($len) = length($1); >> s/^$1\s{$len}//; >> } >> >> ProcessHistory("COMMENTS","keysort","IO","!INT: $_"); >> } >> >> ProcessHistory("COMMENTS","keysort","IO","!\n"); >> return(0); >> } > Did you add corresponding entries to @command in the rancid script to match your new sub? Just follow the existing pattern, it's obvious how it must work. Yep I added this line to the commandtable in the rancid file. {'show interface status' => 'ShowIntStat'}, It is picking it up, because if I rename the my sub-routine I see an error in the logs. So something inside the sub-routine is not parsing output right. I'll play around with it some more. Thanks, -Aaron From andrew.ohnstad at gmail.com Thu Jul 24 16:23:48 2014 From: andrew.ohnstad at gmail.com (Andrew Ohnstad) Date: Thu, 24 Jul 2014 12:23:48 -0400 Subject: [rancid] Ignoring (Boot)Flash Changes (IOS and IOS XE) - Update! In-Reply-To: <201407231758.11647.mark.tinka@seacom.mu> References: <201407231702.45031.mark.tinka@seacom.mu> <201407231729.04177.mark.tinka@seacom.mu> <53CFD9C0.5070205@gmail.com> <201407231758.11647.mark.tinka@seacom.mu> Message-ID: I found this: http://www.shrubbery.net/pipermail/rancid-discuss/2014-June/007677.html But I need the solution for Nexus/nxrancid. Alan, can you post that one too? Also, a more fundamental question... how does rancid fit in with the specialized scripts like nxrancid, cat5rancid, etc... Specifically, if I was using only Nexus gear in my Rancid-monitored network, would I need to make changes in rancid _and_ nxrancid, or just the latter? Thanks, Andrew On Wed, Jul 23, 2014 at 11:58 AM, Mark Tinka wrote: > On Wednesday, July 23, 2014 05:50:24 PM Alan McKinnon wrote: > > > I worked out a more general solution a while back as our > > NetOps want to see that the file exists and want to see > > huge changes in size. So I converted filesizes to > > kilo-mega-giga byte form and diffed that. The noise > > reduced cconsiderably. Check my postings for the last 3 > > months, the subject starts with [PATCH] > > Yes, this would be a better approach, as the RANCID output > is useful to know whether disk space will become an issue, > but capturing all the small changes creates too much noise. > > Large changes in MB (instead of KB) deltas is acceptable. > > Let me hunt for your patch and revert. > > Mark. > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: From alan.mckinnon at gmail.com Thu Jul 24 18:06:03 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 24 Jul 2014 20:06:03 +0200 Subject: [rancid] Ignoring (Boot)Flash Changes (IOS and IOS XE) - Update! In-Reply-To: References: <201407231702.45031.mark.tinka@seacom.mu> <201407231729.04177.mark.tinka@seacom.mu> <53CFD9C0.5070205@gmail.com> <201407231758.11647.mark.tinka@seacom.mu> Message-ID: <53D14B0B.6070005@gmail.com> On 24/07/2014 18:23, Andrew Ohnstad wrote: > I found this: > http://www.shrubbery.net/pipermail/rancid-discuss/2014-June/007677.html > > But I need the solution for Nexus/nxrancid. Alan, can you post that one > too? that's the very thread I was thinking of in my reply to Mark > > Also, a more fundamental question... how does rancid fit in with the > specialized scripts like nxrancid, cat5rancid, etc... Specifically, if > I was using only Nexus gear in my Rancid-monitored network, would I need > to make changes in rancid _and_ nxrancid, or just the latter? The names of the various *rancid scripts are a historical artifact: Once upon a time long long ago, Cisco was the only player. This may even have been in the days of CatOS. Anyway, there was only 1 major script that did all the heavy lifting and it was naturally called "rancid". It got other wrapper scripts to co-ordinate activities, like rancid-run to wrap everything, par to manage firing off several parallel threads, clogin and so on and so on. After a while, the word got out that rancid was truly awesome[1] so folks adapted the "rancid" worker script to deal with other OSes are prepended an initial to the name to tell them apart, hence names like "jrancid" and "xrancid". Enter the confusion: almost everyone nowadays logically assumes that "rancid" must be the main controller and launcher and the script for IOS would be named something else. Not so: "rancid" deals with IOS only[2] To find out what script you need to edit, get the device's type from router.db and look it up in the rancid-fe script, it's a perl hash-key. The corresponding value is the name of the parser script used. So, for Nexus you will edit either rancid or nxrancid depending on what you use in router.db. rancid actually does a reasonable job of dealing with Nexus although nxrancid is better at it. [1] Really Awesome New Cisco cOnfig Differ is not just a cute name, it's factually accurate :-) [2] Ignore for the moment that many router OSes are sufficiently IOS-like that rancid can actually do a mostly-decent job of dealing with them. > > Thanks, > Andrew > > > On Wed, Jul 23, 2014 at 11:58 AM, Mark Tinka > wrote: > > On Wednesday, July 23, 2014 05:50:24 PM Alan McKinnon wrote: > > > I worked out a more general solution a while back as our > > NetOps want to see that the file exists and want to see > > huge changes in size. So I converted filesizes to > > kilo-mega-giga byte form and diffed that. The noise > > reduced cconsiderably. Check my postings for the last 3 > > months, the subject starts with [PATCH] > > Yes, this would be a better approach, as the RANCID output > is useful to know whether disk space will become an issue, > but capturing all the small changes creates too much noise. > > Large changes in MB (instead of KB) deltas is acceptable. > > Let me hunt for your patch and revert. > > Mark. > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > > > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Alan McKinnon alan.mckinnon at gmail.com From alan.mckinnon at gmail.com Thu Jul 24 18:19:52 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 24 Jul 2014 20:19:52 +0200 Subject: [rancid] Ignore differences in certain lines? In-Reply-To: <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE735@mbx030-w1-co-6.exch030.domain.local> References: <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE3BF@mbx030-w1-co-6.exch030.domain.local> <53D1267F.2080009@gmail.com> <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE735@mbx030-w1-co-6.exch030.domain.local> Message-ID: <53D14E48.5070801@gmail.com> On 24/07/2014 17:48, Aaron Wasserott wrote: >>> Trying to capture 'show interface status' output from Cisco IOS >>> switches, but ignore the output for diff purposes. Is that possible? I >>> guess it would have to be part of the mailer function to not send >>> output for certain lines. >>> >>> >>> >>> I copied the ShowVLAN sub-routine because it already appends ! in >>> front of the lines, so they are not considered config lines. But right >>> now I can't even get the output captured. >>> >>> This is the new sub I am using: >>> >>> # This routine parses "show interface status" >>> >>> sub ShowIntStat { >>> print STDERR " In ShowIntStat: $_" if ($debug); >>> >>> #($_ = , return(1)) if (!$DO_SHOW_INT_STAT); >>> >>> while () { >>> tr/\015//d; >>> last if (/^$prompt/); >>> next if (/^(\s*|\s*$cmd\s*)$/); >>> return(1) if /^\s*\^\s*$/; >>> return(1) if /Line has invalid autocommand /; >>> return(1) if /(Invalid input detected|Type help or )/; >>> return(1) if /Ambiguous command/i; >>> # newer releases (~12.1(9)) place the vlan config in the normal >>> # configuration (write term). >>> #return(1) if ($type =~ /^(3550|4500)$/); >>> #return(1) if ($type !~ /^(2900XL|3500XL|6000)$/); >>> return(-1) if (/command authorization failed/i); >>> # the pager can not be disabled per-session on the PIX >>> if (/^(<-+ More -+>)/) { >>> my($len) = length($1); >>> s/^$1\s{$len}//; >>> } >>> >>> ProcessHistory("COMMENTS","keysort","IO","!INT: $_"); >>> } >>> >>> ProcessHistory("COMMENTS","keysort","IO","!\n"); >>> return(0); >>> } > >> Did you add corresponding entries to @command in the rancid script to match your new sub? Just follow the existing pattern, it's obvious how it must work. > > Yep I added this line to the commandtable in the rancid file. > > {'show interface status' => 'ShowIntStat'}, that's correct, it's also the only extra step you need to do. The call to clogin uses @commmand so it is guaranteed to be run on the switch > > It is picking it up, because if I rename the my sub-routine I see an error in the logs. So something inside the sub-routine is not parsing output right. > > I'll play around with it some more. It's such a simple sub it's hard to see where it could do wrong. If the ProcessHistory in the while loop is called, it will most certainly record and output each line. So I can only assume the sub exists early, or the switch output is odd somehow confusing the while. My first crude debug steps would be to add a print statement just before that ProcessHistory and run the script manually: rancid -d and check you get as many prints on the console as there are lines in "show interface status" Then closely examine the switches output of "show interface status". The form is simple: - presence of the prompt signals end of output and the sub exits - any line containing only whitespace and a carat is skipped - any line containing the $cmd is skipped > > Thanks, > > -Aaron > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > -- Alan McKinnon alan.mckinnon at gmail.com From aaron.wasserott at viawest.com Thu Jul 24 18:38:07 2014 From: aaron.wasserott at viawest.com (Aaron Wasserott) Date: Thu, 24 Jul 2014 18:38:07 +0000 Subject: [rancid] Ignore differences in certain lines? In-Reply-To: <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE735@mbx030-w1-co-6.exch030.domain.local> References: <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE3BF@mbx030-w1-co-6.exch030.domain.local> <53D1267F.2080009@gmail.com> <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE735@mbx030-w1-co-6.exch030.domain.local> Message-ID: <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE8F6@mbx030-w1-co-6.exch030.domain.local> I got it to work, at least capturing additional input. The main thing I did to fix it was -not- put my new command at the bottom of the list. I kept getting this error: Completed device.company.com: End of run not found Then after moving my new command up in the commandtable array it worked fine. Any thoughts/ideas on how to not email out based on changes to certain output? Thanks, -Aaron -----Original Message----- From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Aaron Wasserott Sent: Thursday, July 24, 2014 9:49 AM To: rancid-discuss at shrubbery.net Subject: Re: [rancid] Ignore differences in certain lines? >> Trying to capture 'show interface status' output from Cisco IOS >> switches, but ignore the output for diff purposes. Is that possible? >> I guess it would have to be part of the mailer function to not send >> output for certain lines. >> >> >> >> I copied the ShowVLAN sub-routine because it already appends ! in >> front of the lines, so they are not considered config lines. But >> right now I can't even get the output captured. >> >> This is the new sub I am using: >> >> # This routine parses "show interface status" >> >> sub ShowIntStat { >> print STDERR " In ShowIntStat: $_" if ($debug); >> >> #($_ = , return(1)) if (!$DO_SHOW_INT_STAT); >> >> while () { >> tr/\015//d; >> last if (/^$prompt/); >> next if (/^(\s*|\s*$cmd\s*)$/); >> return(1) if /^\s*\^\s*$/; >> return(1) if /Line has invalid autocommand /; >> return(1) if /(Invalid input detected|Type help or )/; >> return(1) if /Ambiguous command/i; >> # newer releases (~12.1(9)) place the vlan config in the normal >> # configuration (write term). >> #return(1) if ($type =~ /^(3550|4500)$/); >> #return(1) if ($type !~ /^(2900XL|3500XL|6000)$/); >> return(-1) if (/command authorization failed/i); >> # the pager can not be disabled per-session on the PIX >> if (/^(<-+ More -+>)/) { >> my($len) = length($1); >> s/^$1\s{$len}//; >> } >> >> ProcessHistory("COMMENTS","keysort","IO","!INT: $_"); >> } >> >> ProcessHistory("COMMENTS","keysort","IO","!\n"); >> return(0); >> } > Did you add corresponding entries to @command in the rancid script to match your new sub? Just follow the existing pattern, it's obvious how it must work. Yep I added this line to the commandtable in the rancid file. {'show interface status' => 'ShowIntStat'}, It is picking it up, because if I rename the my sub-routine I see an error in the logs. So something inside the sub-routine is not parsing output right. I'll play around with it some more. Thanks, -Aaron _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss From alan.mckinnon at gmail.com Thu Jul 24 20:38:01 2014 From: alan.mckinnon at gmail.com (Alan McKinnon) Date: Thu, 24 Jul 2014 22:38:01 +0200 Subject: [rancid] Ignore differences in certain lines? In-Reply-To: <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE8F6@mbx030-w1-co-6.exch030.domain.local> References: <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE3BF@mbx030-w1-co-6.exch030.domain.local> <53D1267F.2080009@gmail.com> <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE735@mbx030-w1-co-6.exch030.domain.local> <1FD1A2FED7E41F4ABD1D2E2BDDEA519B05ACE8F6@mbx030-w1-co-6.exch030.domain.local> Message-ID: <53D16EA9.4010903@gmail.com> On 24/07/2014 20:38, Aaron Wasserott wrote: > I got it to work, at least capturing additional input. The main thing I did to fix it was -not- put my new command at the bottom of the list. I kept getting this error: > > Completed device.company.com: End of run not found > > Then after moving my new command up in the commandtable array it worked fine. > > Any thoughts/ideas on how to not email out based on changes to certain output? I doubt that is possible without major surgery to the code. Two things happen: Files are booked into cvs/svn and that is an atomic process. CVS has to work like that, it is almost useless otherwise. If CVS recorded a diff, the diff is sent out as a mail. You'll notice that CVS has no way to tag a changed line as somehow to be recorded but not acted upon, so your only option is to hack rancid to grab the output to be mailed and pass it through yet another perl text parser (which you must maintain yourself) It's so much easier to just have the rancid parser output the exact information that you want to see. Rapidly changing data like current state of an interface is better tracked through other monitoring tools. Rancid is very bad at tracking state, but very very good at tracking the changes people made on the cli (and providing restorable backups) > > Thanks, > > -Aaron > > -----Original Message----- > From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Aaron Wasserott > Sent: Thursday, July 24, 2014 9:49 AM > To: rancid-discuss at shrubbery.net > Subject: Re: [rancid] Ignore differences in certain lines? > >>> Trying to capture 'show interface status' output from Cisco IOS >>> switches, but ignore the output for diff purposes. Is that possible? >>> I guess it would have to be part of the mailer function to not send >>> output for certain lines. >>> >>> >>> >>> I copied the ShowVLAN sub-routine because it already appends ! in >>> front of the lines, so they are not considered config lines. But >>> right now I can't even get the output captured. >>> >>> This is the new sub I am using: >>> >>> # This routine parses "show interface status" >>> >>> sub ShowIntStat { >>> print STDERR " In ShowIntStat: $_" if ($debug); >>> >>> #($_ = , return(1)) if (!$DO_SHOW_INT_STAT); >>> >>> while () { >>> tr/\015//d; >>> last if (/^$prompt/); >>> next if (/^(\s*|\s*$cmd\s*)$/); >>> return(1) if /^\s*\^\s*$/; >>> return(1) if /Line has invalid autocommand /; >>> return(1) if /(Invalid input detected|Type help or )/; >>> return(1) if /Ambiguous command/i; >>> # newer releases (~12.1(9)) place the vlan config in the normal >>> # configuration (write term). >>> #return(1) if ($type =~ /^(3550|4500)$/); >>> #return(1) if ($type !~ /^(2900XL|3500XL|6000)$/); >>> return(-1) if (/command authorization failed/i); >>> # the pager can not be disabled per-session on the PIX >>> if (/^(<-+ More -+>)/) { >>> my($len) = length($1); >>> s/^$1\s{$len}//; >>> } >>> >>> ProcessHistory("COMMENTS","keysort","IO","!INT: $_"); >>> } >>> >>> ProcessHistory("COMMENTS","keysort","IO","!\n"); >>> return(0); >>> } > >> Did you add corresponding entries to @command in the rancid script to match your new sub? Just follow the existing pattern, it's obvious how it must work. > > Yep I added this line to the commandtable in the rancid file. > > {'show interface status' => 'ShowIntStat'}, > > It is picking it up, because if I rename the my sub-routine I see an error in the logs. So something inside the sub-routine is not parsing output right. > > I'll play around with it some more. > > Thanks, > > -Aaron > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss > > -- Alan McKinnon alan.mckinnon at gmail.com From mark.tinka at seacom.mu Fri Jul 25 06:39:12 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Fri, 25 Jul 2014 08:39:12 +0200 Subject: [rancid] Ignoring (Boot)Flash Changes (IOS and IOS XE) - Update! In-Reply-To: References: <201407231702.45031.mark.tinka@seacom.mu> <201407231758.11647.mark.tinka@seacom.mu> Message-ID: <201407250839.12278.mark.tinka@seacom.mu> On Thursday, July 24, 2014 06:23:48 PM Andrew Ohnstad wrote: > I found this: > http://www.shrubbery.net/pipermail/rancid-discuss/2014-Ju > ne/007677.html Many thanks, Andrew. Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From mark.tinka at seacom.mu Fri Jul 25 06:39:36 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Fri, 25 Jul 2014 08:39:36 +0200 Subject: [rancid] Ignoring (Boot)Flash Changes (IOS and IOS XE) - Update! In-Reply-To: <53D14B0B.6070005@gmail.com> References: <201407231702.45031.mark.tinka@seacom.mu> <53D14B0B.6070005@gmail.com> Message-ID: <201407250839.37104.mark.tinka@seacom.mu> On Thursday, July 24, 2014 08:06:03 PM Alan McKinnon wrote: > that's the very thread I was thinking of in my reply to > Mark That's the one :-). I'll test it today and let you know. Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From mark.tinka at seacom.mu Mon Jul 28 13:11:10 2014 From: mark.tinka at seacom.mu (Mark Tinka) Date: Mon, 28 Jul 2014 15:11:10 +0200 Subject: [rancid] Ignoring (Boot)Flash Changes (IOS and IOS XE) - Update! In-Reply-To: <201407250839.37104.mark.tinka@seacom.mu> References: <201407231702.45031.mark.tinka@seacom.mu> <53D14B0B.6070005@gmail.com> <201407250839.37104.mark.tinka@seacom.mu> Message-ID: <201407281511.10356.mark.tinka@seacom.mu> Hi all. So I patched "rancid" and the noise has gone down owing to the change in measurement units for drive space. I now need to quiet down the "tracelogs" noise. I see an entry in "rancid" as below: ----- if ($ios eq "XE" && /^((\s+)?\d+\s+\S+)\s+\d+.*(tracelogs$)/) { $_ = "$1" . sprintf("%43s", "") . "$3\n"; } ----- What would I need to hack to quiet that as well? Thanks. Cheers, Mark. On Friday, July 25, 2014 08:39:36 AM Mark Tinka wrote: > On Thursday, July 24, 2014 08:06:03 PM Alan McKinnon wrote: > > that's the very thread I was thinking of in my reply to > > Mark > > That's the one :-). > > I'll test it today and let you know. > > Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From landono at qualtrics.com Mon Jul 28 23:04:24 2014 From: landono at qualtrics.com (Landon Orr) Date: Mon, 28 Jul 2014 17:04:24 -0600 Subject: [rancid] Flogin hanging after login Message-ID: Currently I'm trying to get rancid working for a Brocade ICX6610 switch. However, whenever I run flogin with any command, it successfully connects, hangs and then times out. In my router.db file I have brocadeip:foundry:up. If I run flogin -c "show version" brocadeip, it connects successfully and then just hangs. However, if I run it with clogin, it actually runs the command successfully. I've run flogin with the -d flag, however I don't see any log entries about trying to send the actual commands. Any idea what I could be doing wrong here? -- Landon Orr Qualtrics Site Reliability Engineer Phone: 801-709-2169 E-mail: landono at qualtrics.com | Website: qualtrics.com Connect with us via Facebook , Twitter , or our Q-munity Blog . Sophisticated research made simple.? -------------- next part -------------- An HTML attachment was scrubbed... URL: From jordan.cook at gyron.net Tue Jul 29 14:51:06 2014 From: jordan.cook at gyron.net (Jordan Cook - Gyron Networks) Date: Tue, 29 Jul 2014 14:51:06 +0000 Subject: [rancid] Commands being sent before previous command completed Message-ID: <53500458A0EBBD40A91A2D5CDE5D3B6604E8E11B@exchange-b.ad.gyron.net> Hi All, I'm having a few issues with rancid, and wondered if anyone has seen this before and possibly has a solution? It seems, that expect is sending commands to the devices before it has finished the previous command. Here's an excerpt from the diffs # hostname> show chassis environment + # show chassis firmware # Class Item Status # Power FPC 0 Power Supply 0 OK # FPC 0 Power Supply 1 OK As you can see, it is sending the 'show chassis firmware' command before completing 'show chassis environment'. This seems to occur randomly with different commands on different devices. I've had a look through the archives and dug out this http://www.shrubbery.net/pipermail/rancid-discuss/2013-August/006999.html - the problem seems the same, but this went unanswered Regards, Jordan Cook This message may be private and confidential. If you have received this message in error, please notify us and remove it from your system. Gyron may monitor email traffic data and the content of email for the purposes of security and staff training. Gyron Internet Ltd is a limited company registered in England and Wales. Registered number: 4239332. Registered office: 3 Centro, Boundary Way, Hemel Hempstead, HP2 7SU. VAT reg no 804 2532 63. Gyron is a registered trademark. Gyron is a Deloitte Technology Fast 50 ranked company. -------------- next part -------------- An HTML attachment was scrubbed... URL: