[rancid] Intermittent Rancid Failures

heasley heas at shrubbery.net
Tue Jun 24 19:09:48 UTC 2025 

Tue, Jun 24, 2025 at 06:28:16PM +0000, Dan Mahoney (Gushi):
> (a few hours later)
> 
> I think I have one (silly) theory about what's going wrong.  I have a bit of
> ASCII art in the motd, and when I removed it, things started running more
> fluidly.  (It has # signs, carets, and slashes in it).

clogin(1):
BUGS
       Do not use greater than (>) or pound sign (#) in device banners or
       hostnames or prompts.  These are the normal terminating characters of
       device prompts and the login scripts need to locate the initial prompt.
       Afterward, the full prompt is collected and makes a more precise match
       so that the scripts know when the device is ready for the next command.

> https://www.gushi.org/routerferret.png  Too many weasels in the router.
> 
> I still don't know why this would only break things half the time, though.

that is simply timing.  How the input is chucked is largely random.
When it first connects, the prompt match is somewhat loose; when it
finds the prompt, it adjusts the match to be more precise.

You can override this in cloginrc(5):
       add prompt <router name glob> {<regex>}
              Match login prompt, or initial login prompt in the case of some
              of the login scripts.  This is provided only as a work-around
              for login banners that contain forbidden characters that
              conflict with CLI prompt markers.

              Note that not all login scripts support this.


> I still don't know why things always work fluidly when I just paste commands
> in -- perhaps the clogin goes fine, but what happens after is breaking.

when you use clogin for an interactive login, it connects, logs in, then
steps out of the way.

> I also still don't know why -t 90 is being reported if I've set an explicit
> timeout of longer.

This I will have to look into.

> I'm also not sure why rancid does something like:
> 
> more system:running-config;show running-config view full;show
> running-config;write term -- if multiple of these commands work, are they
> post-processed/deduplicated down to a single config before they're committed
> to CVS?

it is because cisco evolved and/or had trouble being consistent or one
version shows more data than the other but is not supported everywhere.
You can create per-family device types of your own in rancid.types.conf
(separate file in same dir) that exclude those extra commands.

> Does it make sense to pare these down to a single command-set that works
> only on my version of IOS-XE, and define my own device type for it? Rancid
> seems to have a very "throw all the commands at the wall and see what
> sticks" point of view.

YMMV; collect a bit more output that is discarded or an error that is
ignored - meh.

More information about the Rancid-discuss mailing list