[rancid] Need some Help - F5's in RANCID

Eric Jagaeus eric at rebtel.com
Wed Jun 22 13:02:32 UTC 2011

> Chris,


> You're doing anything wrong.  You'll probably find that you can 'rancid-run -r <dev name>' and have it backup properly.  I would recommend getting a good backup of the keys once and then comment out the lines in the command table.

why?  what is special about the keys?

> -ryan


> -----Original Message-----

> From: rancid-discuss-bounces at shrubbery.net<http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss> [mailto:rancid-discuss-bounces at shrubbery.net<http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss>] On Behalf Of Chris Moody

> Sent: Monday, January 31, 2011 3:29 PM

> To: rancid-discuss at shrubbery.net<http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss>

> Subject: [rancid] Need some Help - F5's in RANCID


> I need a second set of eyes to help me figure out what I'm missing or doing wrong.


> I have a number of F5 LTM Load-Balancers that I'm trying to back up with

> RANCID.    The trouble I'm running into is that they were backing up

> fine for a short while, but have recently stopped backing up and continue showing the following in the logs:

> =====================================

> Getting missed routers: round 4.

> xxxx.yyyy.com: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key

> zzzz.yyyy.com: missed cmd(s): ls --full-time --color=never /config/ssl/ssl.crt,ls --full-time --color=never /config/ssl/ssl.key


> I've been debugging and have verified the following:

> - I have valid and functioning credentials in the .cloginrc file

> - I have the devices listed in a 'load-balancer' group's router.db file with the keyword 'f5' and the flag 'up'

> - I have tested the login via clogin  - works fine

>     (I have run clogin with the '-c' command list that f5rancid issues...and everything works fine)

> - I have run f5rancid in debug mode - works fine

>     (when I run this I see that all the commands run and see a "HIT COMMAND" next to every command issued)


> I am running version '2.3.2' (I have plans to upgrade to '2.3.6' soon)


> Anyone run into this kind of behavior with F5's?


> Any insights, hints, comments or criticisms welcome.

> -Chris

Hi Chris,

Got exactly the same issue when we deployed some new F5's running 10.x

What version of Big-IP are you running? Got these errors with BIG-IP 10.2.1 Build 297.0 Final but not in 9.x.

Removing the commands from f5rancid solved it, but I'd like to know why it fails.

--- /usr/libexec/rancid/f5rancid        2011-06-22 12:11:48.000000000 +0000
+++ /usr/libexec/rancid/f5rancid.org    2011-06-22 11:58:27.000000000 +0000
@@ -524,8 +524,8 @@
        {'bigpipe base list'            => 'ShowBaseRun'},
        {'bigpipe db show'              => 'ShowDb'},
        {'bigpipe route static show'    => 'ShowRouteStatic'},
-       #{'ls --full-time --color=never /config/ssl/ssl.crt' => 'ShowSslCrt'},
-       #{'ls --full-time --color=never /config/ssl/ssl.key' => 'ShowSslKey'},
+       {'ls --full-time --color=never /config/ssl/ssl.crt' => 'ShowSslCrt'},
+       {'ls --full-time --color=never /config/ssl/ssl.key' => 'ShowSslKey'},
        {'bigpipe list'                 => 'WriteTerm'}

Eric Jagaeus
Rebtel Networks AB
Augustendalsvägen 19, 7th floor
Box 1182
131 27 Nacka Strand
Mobile:   +46 70 7885989
eric.jagaeus at rebtel.com<mailto:eric.jagaeus at rebtel.com>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20110622/351daea2/attachment.html>

More information about the Rancid-discuss mailing list