[rancid] Reasoning behind not running a "show vlan" if specific VTP options are set?

Lee ler762 at gmail.com
Sat Jan 21 18:33:22 UTC 2017 

On 1/20/17, Piegorsch, Weylin William <weylin at bu.edu> wrote:
>> What we see on most of our Nexus infrastructure is every night:
>> ...
>> Which is quite annoying...
>
> If there’s a mechanism for removing these “debug” updates for NX-OS, that
> would be *awesome.*  I opened a TAC case about this, it’s not something I
> have any kind level of control over, whatsoever.

Take a look at rancid/lib/rancid/ios.pm - it has code to blank the
file size & timestamp so that updates to the file(s) don't cause
rancid to think the config has changed.  Look for
 # filter frequently changing files (dhcp & vlan database)
 # change from:
 #    9  -rw-         660  Jan 15 2011 20:43:54 vlan.dat
 #    9  -rw-         660  Jan 15 2011 20:43:54 +00:00  vlan.dat
 # to:
 #       -rw-                                   vlan.dat
 #       -rw-                                           vlan.dat
and adapt as needed

Regards,
Lee

>
> weylin
>
> On 1/19/17, 15:55, "Mischa Diehm" <mischa.diehm at unibas.ch> wrote:
>
>     Hi,
>
>
>     On 13.01.17, 19:37, "heasley" <heas at shrubbery.net> wrote:
>
>
>     >It causes nevery-ending changes in the config as ports become
>     >active/inactive,
>     >eg: someone disconnects or powers-off equipment.  and in the case of
> VTP,
>     >it
>     >potentially is network wide.  if you wanted to monitor such things,
> its
>     >probably best done in a NMS, where you'd catch all such changes.
>     >
>     >rancid 3.5 added for some modules:
>     >
>     ># FILTER_OSC determines if oscillating data such as keys, passwords,
> etc
>     >are
>     ># filtered from configs by the value set (NO | YES).  FILTER_PWDS may
>     >override
>     ># this.  see rancid.conf(5).
>     >#FILTER_OSC=YES; export FILTER_OSC
>     >
>     >such a thing could be dependent upon this configuration, but again I
> do
>     >not
>     >see the point.
>
>     Thanks for the clarification. This really kind of depends on where
> rancid
>     is run. In a campus/client env. I see your point but we also have more
>     static parts where this is usesful information. There it actually is
> also
>     useful to see what ports actually have changed. But you are right maybe
> no
>     worth it overall.
>     But thanks for pointing out the OSC part. What we see on most of our
> Nexus
>     infrastructure is every night:
>
>     - !Flash: debug:      124053    Jan 18 05:38:00 2017  bootvar_debug.log
>     - !Flash: debug:           6    Jan 18 05:38:00 2017
> bootvar_debug.meta
>     + !Flash: debug:      124872    Jan 19 05:38:05 2017  bootvar_debug.log
>     + !Flash: debug:           6    Jan 19 05:38:05 2017
> bootvar_debug.meta
>
>
>     And this:
>     - !Flash: logflash:       87092    Jan 17 05:43:42 2017  accounting_log
>     + !Flash: logflash:      136367    Jan 18 05:43:35 2017  accounting_log
>
>
>
>     Which is quite annoying...
>
>     >if you're not using VTP and its not including the vlan stuff, i do want
> to
>     >fix that.
>
>     Well then you have to fix it for this as said:
>     XXX-cc# show vtp status
>     Service not enabled
>
>
>     Cheers,
>     Mischa
>
>     >
>     >> Yes.  Which is yet another reason why it's so nice having the source
> -
>     >> it's easy to make trivial changes like that.  Or adding commands
> like
>     >> 'show vlan all-ports'
>     >>
>     >> Regards,
>     >> Lee
>     >>
>     >> _______________________________________________
>     >> Rancid-discuss mailing list
>     >> Rancid-discuss at shrubbery.net
>     >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss

More information about the Rancid-discuss mailing list