[rancid] SSH public-keys
shouldbe q931
shouldbeq931 at gmail.com
Wed Jan 11 19:40:54 UTC 2012
On Wed, Jan 11, 2012 at 4:50 PM, Michael Maymann <michael at maymann.org> wrote:
> Hi Shouldbe,
>
> Sorry for not stating this... busy day at work...:
> tried to change "show system-information" -> "show system" to hrancid but
> still:
> hlogin -c "sh ver" <HOSTNAME>
> is "hanging"...
>
> So it seems I have run into 2 problems:
> 1. trying to use hlogin with ssh-key-share (add identity * id_rsa)
> configured to .cloginrc is still giving an error about password is missing
> in .cloginrc. "ssh user at host" is working fine with key-sharing
> (password-lessly)...
> 2. hlogin is "hanging" also if I use username/password directly in .cloginrc
> and even if I make the modifications to hrancid (stated above...)
>
> Am I using this wrong somehow, as it works for you...?
> Shouldbe: can you provide your .cloginrc and a tar of rancid-bin-dir (where
> hlogin/hrancid etc is located)... and perhaps give examples of how you use
> the tool to run commands on HP ProCurve equipment.
> Heasley: is this an easy/quick fix or can you recommend anything else that
> is working with both HP ProCurve and Cisco equipment... ?
>
>
> Thanks in advance :-) !
> ~maymann
>
>
I've attached a copy of hrancid, and what we "see" via ViewVC on the rancid box
I've had to slightly sanitise the output...
-------------- next part --------------
cat /usr/local/rancid/bin/hrancid
#! /usr/bin/perl
##
## $Id: hrancid.in 2246 2010-09-08 01:36:07Z heas $
##
## rancid 2.3.6
## Copyright (c) 1997-2008 by Terrapin Communications, Inc.
## All rights reserved.
##
## This code is derived from software contributed to and maintained by
## Terrapin Communications, Inc. by Henry Kilmer, John Heasley, Andrew Partan,
## Pete Whiting, Austin Schutz, and Andrew Fort.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted provided that the following conditions
## are met:
## 1. Redistributions of source code must retain the above copyright
## notice, this list of conditions and the following disclaimer.
## 2. Redistributions in binary form must reproduce the above copyright
## notice, this list of conditions and the following disclaimer in the
## documentation and/or other materials provided with the distribution.
## 3. All advertising materials mentioning features or use of this software
## must display the following acknowledgement:
## This product includes software developed by Terrapin Communications,
## Inc. and its contributors for RANCID.
## 4. Neither the name of Terrapin Communications, Inc. nor the names of its
## contributors may be used to endorse or promote products derived from
## this software without specific prior written permission.
## 5. It is requested that non-binding fixes and modifications be contributed
## back to Terrapin Communications, Inc.
##
## THIS SOFTWARE IS PROVIDED BY Terrapin Communications, INC. AND CONTRIBUTORS
## ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
## TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
## PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COMPANY OR CONTRIBUTORS
## BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
## CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
## SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
## INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
## CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
## POSSIBILITY OF SUCH DAMAGE.
#
# Amazingly hacked version of Hank's rancid - this one tries to
# deal with HP procurves.
#
# RANCID - Really Awesome New Cisco confIg Differ
#
# usage: rancid [-dV] [-l] [-f filename | hostname]
#
use Getopt::Std;
getopts('dflV');
if ($opt_V) {
print "rancid 2.3.6\n";
exit(0);
}
$log = $opt_l;
$debug = $opt_d;
$file = $opt_f;
$host = $ARGV[0];
$clean_run = 0;
$found_end = 0; # unused - hp lacks an end-of-config tag
$timeo = 90; # hlogin timeout in seconds
my(@commandtable, %commands, @commands);# command lists
my($aclsort) = ("ipsort"); # ACL sorting mode
my($filter_commstr); # SNMP community string filtering
my($filter_pwds); # password filtering mode
my($systeminfo) = 0; # show system-information
# This routine is used to print out the router configuration
sub ProcessHistory {
my($new_hist_tag,$new_command,$command_string, at string) = (@_);
if ((($new_hist_tag ne $hist_tag) || ($new_command ne $command))
&& scalar(%history)) {
print eval "$command \%history";
undef %history;
}
if (($new_hist_tag) && ($new_command) && ($command_string)) {
if ($history{$command_string}) {
$history{$command_string} = "$history{$command_string}@string";
} else {
$history{$command_string} = "@string";
}
} elsif (($new_hist_tag) && ($new_command)) {
$history{++$#history} = "@string";
} else {
print "@string";
}
$hist_tag = $new_hist_tag;
$command = $new_command;
1;
}
sub numerically { $a <=> $b; }
# This is a sort routine that will sort numerically on the
# keys of a hash as if it were a normal array.
sub keynsort {
local(%lines) = @_;
local($i) = 0;
local(@sorted_lines);
foreach $key (sort numerically keys(%lines)) {
$sorted_lines[$i] = $lines{$key};
$i++;
}
@sorted_lines;
}
# This is a sort routine that will sort on the
# keys of a hash as if it were a normal array.
sub keysort {
local(%lines) = @_;
local($i) = 0;
local(@sorted_lines);
foreach $key (sort keys(%lines)) {
$sorted_lines[$i] = $lines{$key};
$i++;
}
@sorted_lines;
}
# This is a sort routine that will sort on the
# values of a hash as if it were a normal array.
sub valsort{
local(%lines) = @_;
local($i) = 0;
local(@sorted_lines);
foreach $key (sort values %lines) {
$sorted_lines[$i] = $key;
$i++;
}
@sorted_lines;
}
# This is a numerical sort routine (ascending).
sub numsort {
local(%lines) = @_;
local($i) = 0;
local(@sorted_lines);
foreach $num (sort {$a <=> $b} keys %lines) {
$sorted_lines[$i] = $lines{$num};
$i++;
}
@sorted_lines;
}
# This is a sort routine that will sort on the
# ip address when the ip address is anywhere in
# the strings.
sub ipsort {
local(%lines) = @_;
local($i) = 0;
local(@sorted_lines);
foreach $addr (sort sortbyipaddr keys %lines) {
$sorted_lines[$i] = $lines{$addr};
$i++;
}
@sorted_lines;
}
# These two routines will sort based upon IP addresses
sub ipaddrval {
my(@a) = ($_[0] =~ m#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#);
$a[3] + 256 * ($a[2] + 256 * ($a[1] +256 * $a[0]));
}
sub sortbyipaddr {
&ipaddrval($a) <=> &ipaddrval($b);
}
# This routine parses "show version"
sub ShowVersion {
print STDERR " In ShowVersion: $_" if ($debug);
while (<INPUT>) {
tr/\015//d;
last if(/^$prompt/);
next if(/^(\s*|\s*$cmd\s*)$/);
return(-1) if (/command authorization failed/i);
return(-1) if /^(Invalid|Ambiguous) input:/i;
s/^image//i;
s/^\s*//g;
ProcessHistory("COMMENTS","keysort","C1", ";Image: $_") && next;
}
return(0);
}
# This routine parses "show flash"
sub ShowFlash {
print STDERR " In ShowFlash: $_" if ($debug);
while (<INPUT>) {
tr/\015//d;
last if (/^$prompt/);
next if (/^(\s*|\s*$cmd\s*)$/);
return(-1) if (/command authorization failed/i);
return(1) if /^(Invalid|Ambiguous) input:/i;
return(1) if /^\s*\^\s*$/;
ProcessHistory("COMMENTS","keysort","D0",";Flash: $_");
}
return;
}
# This routine parses "show system-information" or "show system information"
sub ShowSystem {
print STDERR " In ShowSystem: $_" if ($debug);
if ($systeminfo) {
$_ = <INPUT>;
return(0);
}
while (<INPUT>) {
tr/\015//d;
last if (/^$prompt/);
next if (/^(\s*|\s*$cmd\s*)$/);
return(-1) if (/command authorization failed/i);
return(0) if /^(Invalid|Ambiguous) input:/i;
if (/memory\s+-\s+total\s+:\s+(\S+)/i) {
my($mem) = $1;
$mem =~ s/,//g;
$mem /= (1024 * 1024);
ProcessHistory("COMMENTS","keysort","B0",";Memory: " . int($mem) .
"M\n");
next;
}
/serial\s+number\s+:\s+(\S+)/i &&
ProcessHistory("COMMENTS","keysort","A1",";Serial Number: $1\n");
/firmware\s+revision\s+:\s+(\S+)/i &&
ProcessHistory("COMMENTS","keysort","C0",";Image: Firmware $1\n");
/rom\s+version\s+:\s+(\S+)/i &&
ProcessHistory("COMMENTS","keysort","C1",";Image: ROM $1\n");
}
$systeminfo = 1;
return(0);
}
# This routine parses "show module".
sub ShowModule {
print STDERR " In ShowModule: $_" if ($debug);
my(@lines);
my($slot);
while (<INPUT>) {
tr/\015//d;
return if (/^\s*\^$/);
last if (/^$prompt/);
next if (/^(\s*|\s*$cmd\s*)$/);
return(-1) if (/command authorization failed/i);
return(1) if /^(Invalid|Ambiguous) input:/i;
ProcessHistory("COMMENTS","keysort","E0","; $_") && next;
}
return(0);
}
# This routine parses "show stack"
sub ShowStack {
print STDERR " In ShowStack: $_" if ($debug);
while (<INPUT>) {
tr/\015//d;
last if (/^$prompt/);
next if (/^(\s*|\s*$cmd\s*)$/);
return(-1) if (/command authorization failed/i);
return(1) if /^(Invalid|Ambiguous) input:/i;
s/stacking - (Stacking Status).*/$1/i;
s/\s*members unreachable .*$//i;
ProcessHistory("COMMENTS","keysort","F0",";$_");
/auto grab/i && last;
}
return(0);
}
# This routine processes a "write term"
sub WriteTerm {
print STDERR " In WriteTerm: $_" if ($debug);
while (<INPUT>) {
tr/\015//d;
last if(/^$prompt/);
return(-1) if (/command authorization failed/i);
# the pager can not be disabled per-session on the PIX
s/^<-+ More -+>\s*//;
s/^$/;/;
# skip the crap
/^running configuration:/i && next;
# filter out any RCS/CVS tags to avoid confusing local CVS storage
s/\$(Revision|Id):/ $1:/;
/^; (\S+) configuration editor;/i &&
ProcessHistory("COMMENTS","keysort","A0",";Chassis type: $1\n") &&
next;
# order logging statements - doesnt appear to do syslog as of right now
/^logging (\d+\.\d+\.\d+\.\d+)/ &&
ProcessHistory("LOGGING","ipsort","$1","$_") && next;
# no so sure this match is correct. show running doesnt seem to
# actually o/p anything after "password (manager|operator)"
if (/^(\s*)password (manager|operator)?/ && $filter_pwds >= 1) {
ProcessHistory("LINE-PASS","","",";$1password $2 <removed>\n");
next;
}
if (/^(snmp-server community) (\S+)/) {
if ($filter_commstr) {
ProcessHistory("SNMPSERVERCOMM","keysort","$_",
";$1 <removed>$'") && next;
} else {
ProcessHistory("SNMPSERVERCOMM","keysort","$_","$_") && next;
}
}
# order/prune snmp-server host statements - it actually appears to do
# the sortting for us, but just in case it changes ...
# we only prune lines of the form
# snmp-server host a.b.c.d <community>
if (/^snmp-server host (\d+\.\d+\.\d+\.\d+) /) {
if ($filter_commstr) {
my($ip) = $1;
my($line) = "snmp-server host $ip";
my(@tokens) = split(' ', $');
my($token);
while ($token = shift(@tokens)) {
if ($token eq 'version') {
$line .= " " . join(' ', ($token, shift(@tokens)));
} elsif ($token =~ /^(informs?|traps?|(no)?auth)$/) {
$line .= " " . $token;
} else {
$line = ";$line " . join(' ', ("<removed>", join(' ', at tokens)));
last;
}
}
ProcessHistory("SNMPSERVERHOST","ipsort","$ip","$line\n");
} else {
ProcessHistory("SNMPSERVERHOST","ipsort","$1","$_");
}
next;
}
# order/prune tacacs/radius server statements
if (/^(tacacs-server|radius-server) key / && $filter_pwds >= 1) {
ProcessHistory("","","",";$1 key <removed>\n");
next;
}
if (/^(tacacs-server host \d+\.\S+) key / && $filter_pwds >= 1) {
ProcessHistory("","","",";$1 key <removed>\n");
next;
}
# prune passwords from stack member statements
if (/^(stack member .* password )\S+/ && $filter_pwds >= 1) {
ProcessHistory("","","",";$1<removed>$'");
next;
}
# order arp lists
/^ip arp\s+(\d+\.\d+\.\d+\.\d+)/ &&
ProcessHistory("ARP","$aclsort","$1","$_") && next;
/^ip prefix-list\s+(\S+)\s+seq\s+(\d+)\s+(permit|deny)\s+(\d\S+)(\/.*)$/ &&
ProcessHistory("PACL $1 $3","$aclsort","$4","ip prefix-list $1 $3 $4$5\n")
&& next;
# blech!!!!
/^auto-tftp / &&
ProcessHistory("","","",";$_") && next;
# the rest are from rancid (i.e.: cisco), but suspect they will someday
# be applicable or close to it.
/^tftp-server flash / && next; # kill any tftp remains
/^ntp clock-period / && next; # kill ntp clock-period
/^ length / && next; # kill length on serial lines
/^ width / && next; # kill width on serial lines
if (/^(enable )?(password|passwd) / && $filter_pwds >= 1) {
ProcessHistory("ENABLE","","",";$1$2 <removed>\n");
next;
}
if (/^username (\S+)(\s.*)? password /) {
if ($filter_pwds >= 1) {
ProcessHistory("USER","keysort","$1",";username $1$2 password <removed>\n");
} else {
ProcessHistory("USER","keysort","$1","$_");
}
next;
}
if (/^(ip ftp password) / && $filter_pwds >= 1) {
ProcessHistory("","","",";$1 <removed>\n"); next;
}
if (/^( ip ospf authentication-key) / && $filter_pwds >= 1) {
ProcessHistory("","","",";$1 <removed>\n"); next;
}
if (/^( ip ospf message-digest-key \d+ md5) / && $filter_pwds >= 1) {
ProcessHistory("","","",";$1 <removed>\n"); next;
}
# sort route-maps
if (/^route-map (\S+)/) {
my($key) = $1;
my($routemap) = $_;
while (<INPUT>) {
tr/\015//d;
last if (/^$prompt/ || ! /^(route-map |[ !])/);
if (/^route-map (\S+)/) {
ProcessHistory("ROUTEMAP","keysort","$key","$routemap");
$key = $1;
$routemap = $_;
} else {
$routemap .= $_;
}
}
ProcessHistory("ROUTEMAP","keysort","$key","$routemap");
}
# order access-lists
/^access-list\s+(\d\d?)\s+(\S+)\s+(\S+)/ &&
ProcessHistory("ACL $1 $2","$aclsort","$3","$_") && next;
# order extended access-lists
/^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+host\s+(\S+)/ &&
ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next;
/^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+(\d\S+)/ &&
ProcessHistory("EACL $1 $2","$aclsort","$3","$_") && next;
/^access-list\s+(\d\d\d)\s+(\S+)\s+ip\s+any/ &&
ProcessHistory("EACL $1 $2","$aclsort","0.0.0.0","$_") && next;
# order alias statements
/^alias / && ProcessHistory("ALIAS","keysort","$_","$_") && next;
# delete ntp auth password
if (/^(ntp authentication-key \d+ md5) / && $filter_pwds >= 1) {
ProcessHistory("","","",";$1 <removed>\n"); next;
}
# order ntp peers/servers
if (/^ntp (server|peer) (\d+)\.(\d+)\.(\d+)\.(\d+)/) {
$sortkey = sprintf("$1 %03d%03d%03d%03d",$2,$3,$4,$5);
ProcessHistory("NTP","keysort",$sortkey,"$_");
next;
}
# order ip host line statements
/^ip host line(\d+)/ &&
ProcessHistory("IPHOST","numsort","$1","$_") && next;
# order ip nat source static statements
/^ip nat (\S+) source static (\S+)/ &&
ProcessHistory("IP NAT $1","ipsort","$2","$_") && next;
# order ip rcmd lines
/^ip rcmd/ && ProcessHistory("RCMD","keysort","$_","$_") && next;
# catch anything that wasnt match above.
ProcessHistory("","","","$_");
}
return(0);
}
# dummy function
sub DoNothing {print STDOUT;}
# Main
@commandtable = (
{'show version' => 'ShowVersion'},
{'show flash' => 'ShowFlash'},
{'show system' => 'ShowSystem'},
{'show system information' => 'ShowSystem'},
{'show module' => 'ShowModule'},
{'show stack' => 'ShowStack'},
{'write term' => 'WriteTerm'}
);
# Use an array to preserve the order of the commands and a hash for mapping
# commands to the subroutine and track commands that have been completed.
@commands = map(keys(%$_), @commandtable);
%commands = map(%$_, @commandtable);
$cisco_cmds=join(";", at commands);
$cmds_regexp = join("|", map quotemeta($_), @commands);
if (length($host) == 0) {
if ($file) {
print(STDERR "Too few arguments: file name required\n");
exit(1);
} else {
print(STDERR "Too few arguments: host name required\n");
exit(1);
}
}
open(OUTPUT,">$host.new") || die "Can't open $host.new for writing: $!\n";
select(OUTPUT);
# make OUTPUT unbuffered if debugging
if ($debug) { $| = 1; }
if ($file) {
print STDERR "opening file $host\n" if ($debug);
print STDOUT "opening file $host\n" if ($log);
open(INPUT,"<$host") || die "open failed for $host: $!\n";
} else {
print STDERR "executing hlogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($debug);
print STDOUT "executing hlogin -t $timeo -c\"$cisco_cmds\" $host\n" if ($log);
if (defined($ENV{NOPIPE})) {
system "hlogin -t $timeo -c \"$cisco_cmds\" $host </dev/null > $host.raw 2>&1" || die "hlogin failed for $host: $!\n";
open(INPUT, "< $host.raw") || die "hlogin failed for $host: $!\n";
} else {
open(INPUT,"hlogin -t $timeo -c \"$cisco_cmds\" $host </dev/null |") || die "hlogin failed for $host: $!\n";
}
}
# determine ACL sorting mode
if ($ENV{"ACLSORT"} =~ /no/i) {
$aclsort = "";
}
# determine community string filtering mode
if (defined($ENV{"NOCOMMSTR"}) &&
($ENV{"NOCOMMSTR"} =~ /yes/i || $ENV{"NOCOMMSTR"} =~ /^$/)) {
$filter_commstr = 1;
} else {
$filter_commstr = 0;
}
# determine password filtering mode
if ($ENV{"FILTER_PWDS"} =~ /no/i) {
$filter_pwds = 0;
} elsif ($ENV{"FILTER_PWDS"} =~ /all/i) {
$filter_pwds = 2;
} else {
$filter_pwds = 1;
}
ProcessHistory("","","",";RANCID-CONTENT-TYPE: hp\n;\n");
ProcessHistory("COMMENTS","keysort","B0",";\n"); # memory info
ProcessHistory("COMMENTS","keysort","C0",";\n"); # showversion
ProcessHistory("COMMENTS","keysort","D0",";\n"); # showflash
ProcessHistory("COMMENTS","keysort","E0",";\n"); # showmodule
ProcessHistory("COMMENTS","keysort","F0",";\n"); # showstack
ProcessHistory("COMMENTS","keysort","G0",";\n");
TOP: while(<INPUT>) {
tr/\015//d;
if (/$prompt\s*exit\s*$/i) {
$clean_run=1;
last;
}
if (/^Error:/) {
print STDOUT ("$host clogin error: $_");
print STDERR ("$host clogin error: $_") if ($debug);
$clean_run=0;
last;
}
while (/#\s*($cmds_regexp)\s*$/) {
$cmd = $1;
if (!defined($prompt)) {
$prompt = ($_ =~ /^([^#]+)/)[0];
$prompt =~ s/([][}{)(\\])/\\$1/g;
$prompt .= "[#>]";
print STDERR ("PROMPT MATCH: $prompt\n") if ($debug);
}
print STDERR ("HIT COMMAND:$_") if ($debug);
if (! defined($commands{$cmd})) {
print STDERR "$host: found unexpected command - \"$cmd\"\n";
$clean_run = 0;
last TOP;
}
$rval = &{$commands{$cmd}};
delete($commands{$cmd});
if ($rval == -1) {
$clean_run = 0;
last TOP;
}
}
}
print STDOUT "Done $logincmd: $_\n" if ($log);
# Flush History
ProcessHistory("","","","");
# Cleanup
close(INPUT);
close(OUTPUT);
if (defined($ENV{NOPIPE})) {
unlink("$host.raw") if (! $debug);
}
# check for completeness
if (scalar(%commands) || !$clean_run) {
if (scalar(%commands)) {
printf(STDOUT "$host: missed cmd(s): %s\n", join(',', keys(%commands)));
printf(STDERR "$host: missed cmd(s): %s\n", join(',', keys(%commands))) if ($debug);
}
if (!$clean_run) {
print STDOUT "$host: End of run not found\n";
print STDERR "$host: End of run not found\n" if ($debug);
system("/usr/bin/tail -1 $host.new");
}
unlink "$host.new" if (! $debug);
-------------- next part --------------
;RANCID-CONTENT-TYPE: hp
;
;Chassis type: J8698A
;Serial Number: SG843SV10Q
;
;Memory: 122M
;
;Image: stamp: /sw/code/build/btm(K_15_06)
;Image: Oct 8 2011 17:39:18
;Image: K.15.06.0008
;Image: 85
;Image: Boot Image: Primary
;Image: ROM K.15.19
;
;Flash: Image Size (bytes) Date Version
;Flash: ----------------- ------------ -------- --------------------
;Flash: Primary Image : 14844423 10/09/11 K.15.06.0008
;Flash: Secondary Image : 14844423 10/09/11 K.15.06.0008
;Flash: Boot ROM Version : K.15.19
;Flash: Default Boot : Primary
;
; Status and Counters - Module Information
; Chassis: E5412zl J8698A! Serial Number: SG843SV10Q
; Allow V1 Modules: Yes
; Management Module: J8726A Serial Number: ID840AS027 Core Dump: YES
; Core Mod
; Slot Module Description Serial Number Status Dump Ver
; ---- -------------------------------------- -------------- -------- ----- ---
; A HP J8702A 24p Gig-T zl Module SG934AT1FD Up NO 1
; B HP J8702A 24p Gig-T zl Module SG837AT0L2 Up NO 1
; C HP J8702A 24p Gig-T zl Module SG842AT0JQ Up NO 1
; D HP J8702A 24p Gig-T zl Module SG835AT0HN Up NO 1
; I HP J8702A 24p Gig-T zl Module SG820AT1RM Up NO 1
; J HP J8702A 24p Gig-T zl Module SG835AT0H9 Up NO 1
; K HP J8702A 24p Gig-T zl Module SG937AT06S Up NO 1
; L HP J8702A 24p Gig-T zl Module SG837AT0H9 Up NO 1
;
;
; Ver #01:0d:0c
;
hostname "PS-5412zl-2nd"
time daylight-time-rule Middle-Europe-and-Portugal
fastboot
qos dscp-map 101110 priority 6
module 1 type J8702A
module 2 type J8702A
module 3 type J8702A
module 4 type J8702A
module 9 type J8702A
module 10 type J8702A
module 11 type J8702A
module 12 type J8702A
interface A1
name "trunk to dc-8 with C1"
exit
interface B18
name "ASA Secondary Venus"
exit
interface B21
name "Venus 500mb"
exit
interface B23
name "PS-LSQ-Venus-Link"
exit
interface B24
name "Venus External"
exit
interface C1
name "trunk to dc-8 with A1"
exit
interface C2
name "Company-AP-1"
exit
interface D24
name "Link to LSQ"
speed-duplex 100-full
exit
interface I1
name "trunk to clusterfs"
exit
interface I2
name "trunk to clusterfs"
exit
interface K1
name "trunk to clusterfs"
exit
interface K2
name "trunk to clusterfs"
exit
interface K3
name "ASA Primary Venus"
exit
interface K4
name "ASA Primary Inside"
exit
interface K5
name "ASA Primary VLANS"
exit
interface K6
name "ASA Primary Management"
exit
interface K7
name "BeBonded"
exit
interface K8
name "Company-SSL-2"
exit
interface K9
name "Team-DC-1"
exit
interface K11
name "Company-x64-b"
exit
interface K12
name "Company-Hyperv-1"
exit
interface K22
name "Cisco IPv6"
exit
interface L6
name "Netgear VLAN access point"
exit
interface L20
name "Company-csm-c"
exit
interface L21
name "trunk to 1st floor"
exit
interface L22
name "trunk to 1st floor"
exit
interface L23
name "trunk to 5406"
exit
interface L24
name "trunk to 5406"
exit
trunk L21-L22 Trk21 Trunk
trunk L23-L24 Trk22 Trunk
trunk I1-I2,K1-K2 Trk23 LACP
trunk A1,C1 Trk28 LACP
ip default-gateway 10.200.1.254
ip routing
vlan 1
name "DEFAULT_VLAN"
untagged B23,D24,Trk28
tagged B24
no untagged A2-A24,B1-B22,C2-C24,D1-D23,I3-I24,J1-J24,K3-K24,L1-L20,Trk21-Trk23
no ip address
exit
vlan 40
name "LSQ-40"
tagged Trk21-Trk22
no ip address
exit
vlan 41
name "LSQ-41"
tagged Trk21-Trk22
no ip address
exit
vlan 200
name "PS-200"
untagged A3-A24,B1-B16,B19,B22,C2-C24,D1-D23,I3-I24,J1-J24,K4,K8-K21,L1-L5,L7-L20,Trk21-Trk23
ip address 10.200.1.11 255.255.0.0
ipv6 address 386:386:386:200::11/64
tagged B23,D24,L6,Trk28
exit
vlan 201
name "PS-201"
untagged K23-K24
ip address 10.201.1.1 255.255.255.0
tagged Trk21-Trk22,Trk28
exit
vlan 202
name "PS 202"
forbid K3
ip address 10.202.1.11 255.255.0.0
tagged A2-A24,B1-B16,B22-B23,C2-C24,D1-D24,I3-I24,J1-J24,K8-K21,K23,L1-L20,Trk21-Trk22,Trk28
exit
vlan 220
name "UrbanWimax"
tagged B20,K5,Trk21-Trk22
no ip address
exit
vlan 205
name "Guest Wifi"
tagged B20,C2,K5,L6,Trk21-Trk22
no ip address
exit
vlan 215
name "Venus"
untagged B18,B21,K3,K22
tagged K5,Trk21-Trk22
no ip address
exit
vlan 209
name "Blueprint"
tagged B20,B23,D24,K5,Trk21-Trk22
no ip address
exit
vlan 210
name "WebDMZ"
tagged B20,K5,Trk21-Trk22
no ip address
exit
vlan 250
name "ccr"
untagged A2
ip address 10.250.1.1 255.255.255.0
tagged Trk21-Trk22
exit
vlan 251
name "ccr-priv"
tagged A2,Trk21-Trk22,Trk28
no ip address
exit
vlan 999
name "nowhere"
tagged Trk21-Trk22
no ip address
exit
vlan 1001
name "PS-LSQ-LINK"
ip address 10.1.1.1 255.255.255.0
ipv6 address 386:386:386:1001::200/64
tagged B23,D24,Trk21-Trk22
exit
vlan 221
name "ASA Cluster"
untagged B17,K6
tagged Trk21-Trk22
no ip address
exit
vlan 225
name "BeBonded"
untagged K7
tagged B20,Trk22
no ip address
exit
fault-finder bad-driver sensitivity high
fault-finder bad-transceiver sensitivity high
fault-finder bad-cable sensitivity high
fault-finder too-long-cable sensitivity high
fault-finder over-bandwidth sensitivity high
fault-finder broadcast-storm sensitivity high
fault-finder loss-of-link sensitivity high
fault-finder duplex-mismatch-hdx sensitivity high
fault-finder duplex-mismatch-fdx sensitivity high
power-over-ethernet pre-std-detect
qos device-priority 10.201.1.5 priority 6
qos device-priority 10.202.0.0/16 priority 6
sflow 1 destination 10.200.105.51
sflow 1 polling A2-A24,B1-B24,C2-C24,D1-D24,I3-I24,J1-J24,K3-K24,L1-L20,Trk21-Trk23,Trk28 20
sflow 1 sampling A2-A24,B1-B24,C2-C24,D1-D24,I3-I24,J1-J24,K3-K24,L1-L20,Trk21-Trk23,Trk28 50
timesync sntp
sntp unicast
sntp server priority 1 10.200.100.231
sntp server priority 2 10.200.100.232
ip dns server-address priority 1 10.200.100.231
ip ssh filetransfer
ip route 0.0.0.0 0.0.0.0 10.200.1.254
ip route 10.40.0.0 255.255.0.0 10.1.1.2
ipv6 route ::/0 386:386:386:200::254
ipv6 route 386:386:386:40::/64 386:386:386:1001::40
ipv6 unicast-routing
snmp-server community "public" unrestricted
spanning-tree
spanning-tree Trk21 priority 4
spanning-tree Trk22 priority 4
spanning-tree Trk23 priority 4
spanning-tree Trk28 priority 4
spanning-tree priority 1
no tftp client
no tftp server
no autorun
no dhcp config-file-update
no dhcp image-file-update
;password manager <removed>
;
More information about the Rancid-discuss
mailing list