[rancid] Brocade TurboIron24

Pedrosi, Derek G. pedrosi at millercanfield.com
Wed Aug 5 20:14:13 UTC 2015


I'm afraid that SSH is quite operational...


SSH seems to be working just fine.  All of my Cisco gear (50+ devices) have no issues, moreover when I SSH from the CLI to the Brocades using my rancid credentials I have no issue (works everytime).

Something else interesting, is that I spun up a new install of 2.3.8 (same version as my production) and flogin works as expexted!  So I copied the "working" flogin and to my production server, but no luck.  Same results with error TIMEOUT.   Does this shine any light on all of this?




derek



-----Original Message-----
From: Alan McKinnon [mailto:alan.mckinnon at gmail.com] 
Sent: Wednesday, August 05, 2015 2:28 PM
To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net
Subject: Re: [rancid] Brocade TurboIron24

How odd. ssh was launched 4 times and only the last time worked (clogin using ssh -c).

I'm not willing just yet to say that flogin doesn't work on your devices, I have a hunch that the 4th command just happened to work, and that ssh is erratic for you. I've heard occasional reports where this causes issues between linux distros, and my spidey sense is still on alert about it :-)

There have been changes in ssh recently, mostly dropping and deprecating old crypto methods. It could be that ssh on your rancid server is not properly compatible with your device and it works sometimes.

If you are willing, the following test would be useful:

Run flogin and clogin, both with and without "-t 30 -c "show version;show flash" " (plus plain ssh to the device) multiple times, around 10-20 each. See if there's a pattern of some kind. Once we get ssh working reliably, then we can move onto which parser script to use.





On 05/08/2015 17:40, Pedrosi, Derek G. wrote:
> Help me rancid mailing list, you are my only hope...
> 
> 
> ___________________________________________________________
> flogin DC-TurboIron2.network.XXXX.com
> dc-turboiron2.network.XXXX.com
> spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com 
> svc_rancid at dc-turboiron2.network.XXXX.com's password:
> SSH at DC-TurboIron2#
> Error: TIMEOUT reached
> root at rancid:/var/lib/rancid#
> ___________________________________________________________
> clogin DC-TurboIron2.network.XXXX.com
> dc-turboiron2.network.XXXX.com
> spawn ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com 
> svc_rancid at dc-turboiron2.network.XXXX.com's password:
> SSH at DC-TurboIron2#
> It seems to just hang here forever....
> ___________________________________________________________
> But, if I try...
> flogin -t 30 -c "show version;show flash" 
> dc-turboiron2.network.XXXX.com spawn ssh -c 3des -x -l svc_rancid 
> dc-turboiron2.network.XXXX.com svc_rancid at dc-turboiron2.network.XXXX.com's password:
> SSH at DC-TurboIron2#
> Error: TIMEOUT reached
> ___________________________________________________________
> 
> clogin -t 30 -c "show version;show flash" 
> dc-turboiron2.network.XXXX.com dc-turboiron2.network.XXXX.com spawn 
> ssh -c 3des -x -l svc_rancid dc-turboiron2.network.XXXX.com 
> svc_rancid at dc-turboiron2.network.XXXX.com's password:
> SSH at DC-TurboIron2#
> SSH at DC-TurboIron2#terminal length 0
> Invalid input -> terminal length 0
> Type ? for a list
> SSH at DC-TurboIron2#terminal width 132
> Invalid input -> terminal width 132
> Type ? for a list
> SSH at DC-TurboIron2#show version
>   SW: Version x.x.xxx Copyright (c) 1996-2013 Brocade Communications Systems, Inc. All rights reserved.
>       Compiled on xxx xxxxx
>       (xxxxx bytes) from Primary
>       Compressed Boot-Monitor Image size = 369366, Version:xxxxx
>   HW: Stackable TurboIron-X24
> ==========================================================================
>       Serial  #: xxxxxxxxxxxxxxxxxxx
>       P-ASIC  0: type B820, rev 11  subrev 00 
> ==========================================================================
>   825 MHz Power PC processor MPC8541E (version 8020/0020) 330 MHz bus
>   512 KB boot flash memory
> 31744 KB code flash memory
>   512 MB DRAM
> The system uptime is 4 days 12 hours 24 minutes 55 seconds The system 
> started at 23:04:36 Eastern Fri Jul 31 2015
> 
>  The system : started=warm start   reloaded=by "reload"
> 
> SSH at DC-TurboIron2#show flash
> Compressed Pri Code size = xxxxxxxxxxxxxxxxxxxxxx Compressed Sec Code 
> size = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Compressed Boot-Monitor Image size = 
> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Code Flash Free Space = 20447232
> 
> 
> 
> 
> BEST regards,
> derek
> 
> 
> 
> 
> -----Original Message-----
> From: Alan McKinnon [mailto:alan.mckinnon at gmail.com]
> Sent: Wednesday, August 05, 2015 10:10 AM
> To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net
> Subject: Re: [rancid] Brocade TurboIron24
> 
> According to the various scripts, flogin is the correct usage, but it's failing to return successfully (looks like it waits 90 seconds then times out).
> 
> We need to find why flogin does not work for you.
> 
> What happens when you run these commands:
> 
> flogin DC-TurboIron2.network.XXXX.com
> clogin DC-TurboIron2.network.XXXX.com
> 
> 
> 
> On 04/08/2015 18:03, Pedrosi, Derek G. wrote:
>>
>> OK,
>> From the "rancid-fe" file, it looks like I'm running Rancid 2.3.8.
>> The switches SNMP OS string is "Brocade FastIron/IronWare 08.0.01eT201", but I know these switches are based on Brocade's Foundry acquisition.  So I will run francid.
>>
>> Here is the output...
>>
>> root at rancid:/var/lib/rancid/bin# francid -d 
>> DC-TurboIron2.network.XXX.com executing flogin -t 90 -c"show 
>> version;show chassis;show module;show flash;write term;show 
>> running-config" DC-TurboIron2.network.XXXX.com 
>> DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached 
>> DC-TurboIron2.network.XXXX.com flogin error: Error: TIMEOUT reached
>> DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show 
>> module,show flash,show version,show running-config,write term
>> DC-TurboIron2.network.XXXX.com: missed cmd(s): show chassis,show 
>> module,show flash,show version,show running-config,write term
>> DC-TurboIron2.network.XXXX.com: End of run not found 0 || 0
>> DC-TurboIron2.network.XXXX.com: End of run not found
>> DC-TurboIron2.network.XXXX.com: End of run not found !
>> root at rancid:/var/lib/rancid/bin#
>>
>>
>> I am able to SSH the device without issue from the rancid box using the rancid credentials.
>> And my router.db is correct, listed as " DC-TurboIron2.network.XXXX.com:foundry:up'
>>
>>
>> Thank you for your assistance.
>>
>> derek
>>
>> -----Original Message-----
>> From: Alan McKinnon [mailto:alan.mckinnon at gmail.com]
>> Sent: Monday, August 03, 2015 3:48 PM
>> To: Pedrosi, Derek G.; rancid-discuss at shrubbery.net
>> Subject: Re: [rancid] Brocade TurboIron24
>>
>> OK. In that case your cloginrc is correct.
>>
>> Looking back over the thread, I think you have a simple problem of 
>> the wrong device type in router.db
>>
>> Cisco kit is generally of type "cisco" and Brocades of type "foundry".
>> With rancid-2.3.x the separator in that file is ":"
>> With rancid-3.x the separator is ";"
>> This change was made for excellent reasons but has caused much pain and misery :-) Do make sure your router.db is using the correct syntax for your rancid version.
>>
>> I see "unexpected command" errors in your previous posts, that should 
>> not happen. I've only seen that when I run the generic cisco script 
>> against a Nexus (those use nxrancid)
>>
>>
>> On to which helper script is used for what (there's a LOT of legacy naming issues here, one of the goals of rancid-3 is to fix this).
>>
>> rancid-run launches rancid-fe which reads router.db and launches a "parser script" (my term) for each device to do the heavy lifting.
>>
>> Originally long ago there was only one parser as Cisco was the only thing out there and the parser was called "rancid". As new types were added the parsers were named <something>rancid. So with 2.3.x you have the odd situation where the main parser (Cisco) is called "rancid" but Foundry is "francid". It's a naming quirk.
>>
>> I believe heasley has renamed that parser in v3 to follow convention.
>>
>> clogin is the expect script to do logins and many things use it, not just the Cisco parser. All it needs to do is log in with user/pass, enable if necessary, detect the prompt and issue all required commands.
>> All of this info, including the actual login script to use for a 
>> type, is in the parser script. So it's one more oddity, you might 
>> have a type "XYZ" with it's own peculiar commands and output so it's 
>> parser is xyzrancid. But login works much like cisco (which really is 
>> a classic telnet login) so xyz uses clogin![1]
>>
>> To debug a given device, you have to run the correct parser manually.
>> Look up your type in rancid-fe (it's a large hashmap near the top) and run that script on the device with the -d option.
>> You will get debug output including the *login command used.
>> Paste that into your terminal (it's often clogin but not always) and look carefully at what your device is returning.
>>
>> Or post the output so we can help further.
>>
>>
>>
>> [1] I'm used to all this real-life weirdness as I've used rancid so 
>> much I don't think much about it anymore. It's only when I type mails 
>> like this that I realise just how nuts the field of a netadmin has 
>> become :-)
>>
>>
>>
>>
>>
>> On 03/08/2015 21:23, Pedrosi, Derek G. wrote:
>>> Yes.
>>> When I manually logon to my devices (Cisco and Brocade) with said service account I am dropped into an admin command prompt (#).
>>>
>>>
>>>
>>> derek
>>>
>>>
>>> -----Original Message-----
>>> From: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] 
>>> On Behalf Of Alan McKinnon
>>> Sent: Monday, August 03, 2015 3:20 PM
>>> To: rancid-discuss at shrubbery.net
>>> Subject: Re: [rancid] Brocade TurboIron24
>>>
>>> I'd like to check we're all on the same page with regard to autoenable, it's a topic that seems to cause much confusion.
>>>
>>> It's used when the device enables that user automatically on login with no need to explicitly run the enable command.
>>>
>>> Are all your devices (with the exception of
>>> DC-Cisco5525x.network.xxxx.com) set up to behave like that?
>>>
>>>
>>> On 03/08/2015 16:42, Pedrosi, Derek G. wrote:
>>>> My sanitized .cloginrc:
>>>>
>>>>  
>>>>
>>>> root at rancid:/var/lib/rancid# head -50 .cloginrc
>>>>
>>>> #XXXX
>>>>
>>>>  
>>>>
>>>> add method * {ssh}
>>>>
>>>> add user * svc_rancid
>>>>
>>>> add password * StandPW EnablePW
>>>>
>>>> add autoenable 1
>>>>
>>>>  
>>>>
>>>> add autoenable DC-Cisco5525x.network.xxxx.com 0
>>>>
>>>>  
>>>>
>>>> -------------------------------------------------------------------
>>>> -
>>>> -
>>>> -
>>>> --
>>>>
>>>> *Derek G Pedrosi*| Manager of Technology Infrastructure
>>>>
>>>> *Miller Canfield*
>>>> Detroit, Michigan 48226 (USA)
>>>>
>>>> -------------------------------------------------------------------
>>>> -
>>>> -
>>>> -
>>>> --
>>>>
>>>>  
>>>>
>>>>  
>>>>
>>>> *From:*Nick Hilliard [mailto:nick at foobar.org]
>>>> *Sent:* Monday, August 03, 2015 10:29 AM
>>>> *To:* Pedrosi, Derek G.
>>>> *Cc:* rancid-discuss at shrubbery.net
>>>> *Subject:* Re: [rancid] Brocade TurboIron24
>>>>
>>>>  
>>>>
>>>> Looks like a .cloginrc problem related to autoenable. 
>>>>
>>>>  
>>>>
>>>> Nick
>>>>
>>>> Sent from my iWotsit.
>>>>
>>>>
>>>> On 3 Aug 2015, at 14:59, Pedrosi, Derek G. 
>>>> <pedrosi at millercanfield.com <mailto:pedrosi at millercanfield.com>> wrote:
>>>>
>>>>     I've tried that to no success...
>>>>
>>>>      
>>>>
>>>>     The bit of debugging that I can do yielded this...
>>>>
>>>>      
>>>>
>>>>     root at rancid:/usr/lib/rancid/bin# flogin -t 300 -c "show version;show
>>>>     chassis;show module;show flash;show running-config" 10.1.1.3
>>>>
>>>>     10.1.1.3
>>>>
>>>>     spawn ssh -c 3des -x -l svc_rancid 10.1.1.3
>>>>
>>>>     svc_rancid at 10.1.1.3 <mailto:svc_rancid at 10.1.1.3>'s password:
>>>>
>>>>     SSH at DC-TurboIron2#
>>>>
>>>>     Error: TIMEOUT reached
>>>>
>>>>     root at rancid:/usr/lib/rancid/bin#
>>>>
>>>>      
>>>>
>>>>     Rancid is able to logon, but no commands are issued?
>>>>
>>>>      
>>>>
>>>>      
>>>>
>>>>     BUT, strangely enough when I do the same command as above with
>>>>     "clogin" it works as it should.
>>>>
>>>>     BUT, if in my "router.db" I set the type to "cisco" (which I assume
>>>>     means use clogin) I do get a SVN entry in my repository, but it is
>>>>     blank.
>>>>
>>>>      
>>>>
>>>>     Trying to get all of the configs.
>>>>
>>>>     dc-turboiron2.network.XXXX.com
>>>>     <http://dc-turboiron2.network.XXXX.com>: found unexpected command -
>>>>     "dir /all sup-bootflash:"
>>>>
>>>>     dc-turboiron2.network.XXXX.com
>>>>     <http://dc-turboiron2.network.XXXX.com>: missed cmd(s): dir /all
>>>>     slavedisk2:,show capture,dir /all sec-slot2:,show diag,dir /all
>>>>     sec-nvram:,show running-config view full,dir /all 
>>>> sec-bootflash:,sho$
>>>>
>>>>     dc-turboiron2.network.XXXX.com
>>>>     <http://dc-turboiron2.network.XXXX.com>: End of run not found
>>>>
>>>>     =====================================
>>>>
>>>>      
>>>>
>>>>      
>>>>
>>>>      
>>>>
>>>>      
>>>>
>>>>     Ps Why do you suggest v7.4.00j
>>>>
>>>>      
>>>>
>>>>      
>>>>
>>>>     Many thanks,
>>>>
>>>>     derek
>>>>
>>>>      
>>>>
>>>>      
>>>>
>>>>      
>>>>
>>>>     From: Nick Hilliard [mailto:nick at foobar.org]
>>>>
>>>>     Sent: Sunday, August 2, 2015 9:15 AM
>>>>
>>>>     To: Pedrosi, Derek G. <pedrosi at millercanfield.com
>>>>     <mailto:pedrosi at millercanfield.com>>
>>>>
>>>>     Cc: rancid-discuss at shrubbery.net 
>>>> <mailto:rancid-discuss at shrubbery.net>
>>>>
>>>>     Subject: Re: [rancid] Brocade TurboIron24
>>>>
>>>>      
>>>>
>>>>     These are type: "foundry".
>>>>
>>>>      
>>>>
>>>>      
>>>>
>>>>     7.4.00j would be a good choice for software. 
>>>>
>>>>      
>>>>
>>>>      
>>>>
>>>>     Nick
>>>>
>>>>      
>>>>
>>>>     Sent from my iWotsit.
>>>>
>>>>      
>>>>
>>>>     On 31 Jul 2015, at 19:11, Pedrosi, Derek G.
>>>>     <pedrosi at millercanfield.com <mailto:pedrosi at millercanfield.com>> wrote:
>>>>
>>>>     Greetings all,
>>>>
>>>>     I have a few of Brocade's TI24s in my environment.  I would like to
>>>>     intergrate them into Rancid with my Cisco gear, but I have not had
>>>>     any luck.  Can someone possibly point my in the right direction?
>>>>
>>>>      
>>>>
>>>>      
>>>>
>>>>     Many thanx,
>>>>
>>>>     derek
>>>>
>>>>     _______________________________________________
>>>>
>>>>     Rancid-discuss mailing list
>>>>
>>>>     Rancid-discuss at shrubbery.net
>>>> <mailto:Rancid-discuss at shrubbery.net>
>>>>
>>>>     http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Rancid-discuss mailing list
>>>> Rancid-discuss at shrubbery.net
>>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>>>>
>>>
>>>
>>> --
>>> Alan McKinnon
>>> alan.mckinnon at gmail.com
>>>
>>> _______________________________________________
>>> Rancid-discuss mailing list
>>> Rancid-discuss at shrubbery.net
>>> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>>>
>>
>>
>> --
>> Alan McKinnon
>> alan.mckinnon at gmail.com
>>
> 
> 
> --
> Alan McKinnon
> alan.mckinnon at gmail.com
> 


--
Alan McKinnon
alan.mckinnon at gmail.com



More information about the Rancid-discuss mailing list