[rancid] support for D-Link switches, where to start?

john heasley heas at shrubbery.net
Wed Feb 16 00:35:42 UTC 2011 

Sun, Feb 13, 2011 at 12:30:39PM +0000, Gavin McCullagh:
> Hi,
> 
> On Wed, 02 Feb 2011, Gavin McCullagh wrote:
> 
> > we have a lot of D-Link switches which we'd like to use Rancid to version
> > the config of.  It appears that D-Link is not supported at the moment, but
> > I'm hoping I might be able to work on that a little.
> 
> I've spent some time on this and have moreorless working dlrancid and
> dllogin scripts which login to the switches (over ssh only just now) and
> run:
> 	show switch   			for getSystem
> 	show config current_config	for getConf
> 
> This generally works, but there are a few problems which I wonder if people
> might have come across in other models and already have strategies for
> dealing with.
> 
> 1. Some of the switches seem very slow to respond.  I've had to up $timeo
>    in dlrancid to 300 seconds as the configs were getting truncated.  The
>    dllogin timeout is set at 45 seconds.
> 
> 2. Occasionally, I'm getting a truncated config, like this:
> 
>   config igmp_snooping querier management last_member_query_interval 1 state disable
>   config igmp_snooping staff host_timeout 260 router_timeout 260 leave_timer 2 state enable                                                                               
> - config igmp_snooping querier staff query_iConnection to sw-w106-3 closed by remote host.                                                                      
> - Connection to sw-w106-3 closed

that could be a network issue or you're just asking too much of the switch
or it's software ... i mean, did you really expect to read the config? :)

> 3. We're having some intermittent network issues which might be explained
>    by switches dropping frames.   I can't really pinpoint it as being due
>    to rancid, but we've cut it back to running once overnight for now
>    instead of hourly. It appears our problems have cleared up since.

its possible; if the box switches in s/w and doesnt give scheduling priority
to switching or is one non-interruptible context ... it could hurt.

> 4. One model of D-Link switch (DES-3250TG) appears not to have a single
>    getConf command.  I can probably constuct a config from 30 commands, but
>    I'm not keen on that.  The switch is capable of uploading the config to
>    a TFTP server though.
> 
> 
> Obviously ssh has much greater CPU requirements than telnet or tftp would
> so I guess switching to telnet is my main plan for now.  Has anyone else
> noted issues like this, or is it just these D-Links?  Is there another
> possible explanation?

this occurs on some old ciscos, though rarely results in a timeout.  you
might try a smaller key, less cpu intensive cypher, etc.

> Where there isn't a getConf() command available, do people have a solution,
> eg maybe run command to put config to a tftp server, then have rancid
> download from the tftp server.

that could work, but I've not done it before (ie: have no examples).

More information about the Rancid-discuss mailing list