[rancid] Reasoning behind not running a "show vlan" if specific VTP options are set?

Lee ler762 at gmail.com
Sun Jan 22 23:09:12 UTC 2017 

On 1/21/17, Piegorsch, Weylin William <weylin at bu.edu> wrote:
> Thanks Lee.  Is ios.pm called for NX-OS devices (“cisco-nx”)?  I tried
> looking through nxos.pm but didn’t see anything equivalent.  I’m using
> v3.4.1 if it makes a difference.

It looks like 3.4.1 already has code to blank out the file size &
timestamp.  Starting at line 509 of rancid-3.4.1/lib/rancid/nxos.pm

# This routine parses "dir /all ((disk|slot)N|bootflash|nvram):"
sub DirSlotN {

down a bit further it's got:
        next if (/BufferMonitor-1HourData/);
        if (/ log\/$/) {
            # change
            #         8192    Jan 08 14:05:05 2015  log/
            # to
            #                                       log/
            if (/(\s*\d+\s+)(\S+ \d+\s+\d+:\d+:\d+ \d+)(.*)/) {
                my($a, $dt, $rem) = ($1, $2, $3);
                my($dtl) = length($dt);
                my($fmt) = "%s%-". $dtl ."s%s\n";
                $_ = sprintf($fmt, $a, "", $rem);
            }
        }

Regards,
Lee


> weylin
>
> On 1/21/17, 13:33, "Lee" <ler762 at gmail.com> wrote:
>
>     On 1/20/17, Piegorsch, Weylin William <weylin at bu.edu> wrote:
>     >> What we see on most of our Nexus infrastructure is every night:
>     >> ...
>     >> Which is quite annoying...
>     >
>     > If there’s a mechanism for removing these “debug” updates for NX-OS,
> that
>     > would be *awesome.*  I opened a TAC case about this, it’s not
> something I
>     > have any kind level of control over, whatsoever.
>
>     Take a look at rancid/lib/rancid/ios.pm - it has code to blank the
>     file size & timestamp so that updates to the file(s) don't cause
>     rancid to think the config has changed.  Look for
>      # filter frequently changing files (dhcp & vlan database)
>      # change from:
>      #    9  -rw-         660  Jan 15 2011 20:43:54 vlan.dat
>      #    9  -rw-         660  Jan 15 2011 20:43:54 +00:00  vlan.dat
>      # to:
>      #       -rw-                                   vlan.dat
>      #       -rw-                                           vlan.dat
>     and adapt as needed
>
>     Regards,
>     Lee
>
>     >
>     > weylin
>     >
>     > On 1/19/17, 15:55, "Mischa Diehm" <mischa.diehm at unibas.ch> wrote:
>     >
>     >     Hi,
>     >
>     >
>     >     On 13.01.17, 19:37, "heasley" <heas at shrubbery.net> wrote:
>     >
>     >
>     >     >It causes nevery-ending changes in the config as ports become
>     >     >active/inactive,
>     >     >eg: someone disconnects or powers-off equipment.  and in the case
> of
>     > VTP,
>     >     >it
>     >     >potentially is network wide.  if you wanted to monitor such
> things,
>     > its
>     >     >probably best done in a NMS, where you'd catch all such changes.
>     >     >
>     >     >rancid 3.5 added for some modules:
>     >     >
>     >     ># FILTER_OSC determines if oscillating data such as keys,
> passwords,
>     > etc
>     >     >are
>     >     ># filtered from configs by the value set (NO | YES).  FILTER_PWDS
> may
>     >     >override
>     >     ># this.  see rancid.conf(5).
>     >     >#FILTER_OSC=YES; export FILTER_OSC
>     >     >
>     >     >such a thing could be dependent upon this configuration, but
> again I
>     > do
>     >     >not
>     >     >see the point.
>     >
>     >     Thanks for the clarification. This really kind of depends on
> where
>     > rancid
>     >     is run. In a campus/client env. I see your point but we also have
> more
>     >     static parts where this is usesful information. There it actually
> is
>     > also
>     >     useful to see what ports actually have changed. But you are right
> maybe
>     > no
>     >     worth it overall.
>     >     But thanks for pointing out the OSC part. What we see on most of
> our
>     > Nexus
>     >     infrastructure is every night:
>     >
>     >     - !Flash: debug:      124053    Jan 18 05:38:00 2017
> bootvar_debug.log
>     >     - !Flash: debug:           6    Jan 18 05:38:00 2017
>     > bootvar_debug.meta
>     >     + !Flash: debug:      124872    Jan 19 05:38:05 2017
> bootvar_debug.log
>     >     + !Flash: debug:           6    Jan 19 05:38:05 2017
>     > bootvar_debug.meta
>     >
>     >
>     >     And this:
>     >     - !Flash: logflash:       87092    Jan 17 05:43:42 2017
> accounting_log
>     >     + !Flash: logflash:      136367    Jan 18 05:43:35 2017
> accounting_log
>     >
>     >
>     >
>     >     Which is quite annoying...
>     >
>     >     >if you're not using VTP and its not including the vlan stuff, i
> do want
>     > to
>     >     >fix that.
>     >
>     >     Well then you have to fix it for this as said:
>     >     XXX-cc# show vtp status
>     >     Service not enabled
>     >
>     >
>     >     Cheers,
>     >     Mischa
>     >
>     >     >
>     >     >> Yes.  Which is yet another reason why it's so nice having the
> source
>     > -
>     >     >> it's easy to make trivial changes like that.  Or adding
> commands
>     > like
>     >     >> 'show vlan all-ports'
>     >     >>
>     >     >> Regards,
>     >     >> Lee
>     >     >>
>     >     >> _______________________________________________
>     >     >> Rancid-discuss mailing list
>     >     >> Rancid-discuss at shrubbery.net
>     >     >> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>     >
>     >
>     > _______________________________________________
>     > Rancid-discuss mailing list
>     > Rancid-discuss at shrubbery.net
>     > http://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
>
>
>
>

More information about the Rancid-discuss mailing list