From owner-rancid-discuss Mon Jul 30 03:27:38 2001 Return-Path: Received: from localhost (localhost [[UNIX: localhost]]) by guelah.shrubbery.net (8.11.4/8.11.1) id f6U3Ln922594 for rancid-discuss-outgoing; Mon, 30 Jul 2001 03:21:49 GMT Received: from twmaine.com (IDENT:postfix@one.twmaine.com [208.3.248.2]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6U3LkH22590 for ; Mon, 30 Jul 2001 03:21:46 GMT Received: from joemobileq (unknown [63.167.222.67]) by twmaine.com (Postfix) with ESMTP id 15D53290C20 for ; Sun, 29 Jul 2001 23:20:26 -0400 (EDT) Reply-To: From: "Joe Marr" To: Subject: problems with rancid and catalyst Date: Sun, 29 Jul 2001 23:17:05 -0400 Organization: Roadrunner Message-ID: <008a01c118a6$1c14d690$43dea73f@joemobileq> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_008B_01C11884.95033690" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Status: RO Content-Length: 7848 Lines: 199 This is a multi-part message in MIME format. ------=_NextPart_000_008B_01C11884.95033690 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Ive been using rancid in various forms for over a year now, but I have never been able to have it successfully acquire the config from a catalyst 5505 (or a older 2900). I always get the following error: ===================================== Getting missed routers: round 4. ! ptldme-swt01.maine.rr.com clogin error: Error: TIMEOUT reached missed cmd(s): write term,dir slot0:,dir bootflash:,dir slot1:,show port ifindex,show boot,show module,show flash,show version End of run not found ! ptldme-swt02.maine.rr.com clogin error: Error: TIMEOUT reached missed cmd(s): write term,dir slot0:,dir bootflash:,dir slot1:,show port ifindex,show boot,show module,show flash,show version End of run not found Im not sure what I may be doing wrong, I will include the portions that are relevant from the router.db and .cloginrc ptldme-swt01.maine.rr.com:cat5:up ptldme-swt02.maine.rr.com:cat5:up add user ptldme-swt* XXXX add enableprompt ptldme-swt* Enter password: add password ptldme-swt* {XXXXXXX} {XXXXXX} I currently have about 30+ other devices on this (all IOS driven) but have never been able to get cats to work, Can anyone help me. Joe Marr Network Engineer Roadrunner "I do not hate my enemies. After all, I made them." - Red Skelton From owner-rancid-discuss Mon Jul 30 04:02:20 2001 Return-Path: Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6U41uO24192 for rancid-discuss-outgoing; Mon, 30 Jul 2001 04:01:57 GMT Received: from tower.partan.com (tower.partan.com [198.6.255.248]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6U41qH24186 for ; Mon, 30 Jul 2001 04:01:53 GMT Received: (from asp@localhost) by tower.partan.com (8.9.3/8.9.3) id AAA07034; Mon, 30 Jul 2001 00:01:51 -0400 (EDT) From: Andrew Partan Message-Id: <200107300401.AAA07034@tower.partan.com> Subject: Re: problems with rancid and catalyst To: jmarr@twmaine.com Date: Mon, 30 Jul 2001 00:01:51 -0400 (EDT) Cc: rancid-discuss@shrubbery.net In-Reply-To: <008a01c118a6$1c14d690$43dea73f@joemobileq> from "Joe Marr" at Jul 29, 1 11:17:05 pm X-Mailer: ELM [version 2.4 PL25] Content-Type: text Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Content-Length: 1734 Lines: 41 > Ive been using rancid in various forms for over a year now, but I have > never been able to have it successfully acquire the config from a > catalyst 5505 (or a older 2900). My usual diagnositic procedure for this sort of thing is: - Make sure that the appropriate *login (clogin for cat5s) works. This tests to make sure you don't have routing or firewall types of issues, or dns or hostname errors, and that your .cloginrc settings are correct. - See if you can send commands to the router - something like clogin -c "command1;command2" This makes sure that the this basic function of clogin is working. Typical problems here are where clogin does not recognize the router prompt correctly. - Then see if the correct rancid commands works against the router - "cat5rancid router" in this case. You should get a router.new file if it does. Otherwise try "cat5rancid -d router" and see if you can figure out what is going wrong. If all of this works, then make sure that you have the correct router name in router.db and check the log file for errors. In any case, I suspect the problem is in your .cloginrc. I always put things like passwords & the like inside of {} to get around expect goo. [expect is a rather fragile program.] > add user ptldme-swt* XXXX > add enableprompt ptldme-swt* Enter password: > add password ptldme-swt* {XXXXXXX} {XXXXXX} I'd change these to: add user ptldme-swt* {XXXX} add enableprompt ptldme-swt* {Enter password:} add password ptldme-swt* {XXXXXXX} {XXXXXX} I'm also not sure if you need to set the enableprompt; I've not done that on the cat5s I've had. --asp From owner-rancid-discuss@shrubbery.net Mon Jul 30 17:55:21 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6UHtLN17016 for ; Mon, 30 Jul 2001 17:55:21 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6UHrPn19973 for rancid-discuss-outgoing; Mon, 30 Jul 2001 17:53:25 GMT Received: from twmaine.com (IDENT:postfix@one.twmaine.com [208.3.248.2]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6UHrKH19968 for ; Mon, 30 Jul 2001 17:53:21 GMT Received: from joemobileq (rrf1.rrpro.maine.rr.com [204.210.68.241]) by twmaine.com (Postfix) with ESMTP id 7A0EC29054E; Mon, 30 Jul 2001 13:52:04 -0400 (EDT) Reply-To: From: "Joe Marr" To: "'Andrew Partan'" Cc: Subject: RE: problems with rancid and catalyst Date: Mon, 30 Jul 2001 13:48:49 -0400 Organization: Roadrunner Message-ID: <002601c1191f$e4247680$f144d2cc@joemobileq> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 Importance: Normal In-Reply-To: <200107300401.AAA07034@tower.partan.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk I tried the clogin test, clogin -c "show ver" ptldme-swt01 It accesses the router and sits the prompt, which would lead me to believe that it doesn't recognize the prompt. What's the best way to approach this, what should the prompt be? Currently its ptldme-swt01: Joe Marr Network Engineer Roadrunner "I do not hate my enemies. After all, I made them." - Red Skelton -----Original Message----- From: owner-rancid-discuss@shrubbery.net [mailto:owner-rancid-discuss@shrubbery.net] On Behalf Of Andrew Partan Sent: Monday, July 30, 2001 12:02 AM To: jmarr@twmaine.com Cc: rancid-discuss@shrubbery.net Subject: Re: problems with rancid and catalyst > Ive been using rancid in various forms for over a year now, but I have > never been able to have it successfully acquire the config from a > catalyst 5505 (or a older 2900). My usual diagnositic procedure for this sort of thing is: - Make sure that the appropriate *login (clogin for cat5s) works. This tests to make sure you don't have routing or firewall types of issues, or dns or hostname errors, and that your .cloginrc settings are correct. - See if you can send commands to the router - something like clogin -c "command1;command2" This makes sure that the this basic function of clogin is working. Typical problems here are where clogin does not recognize the router prompt correctly. - Then see if the correct rancid commands works against the router - "cat5rancid router" in this case. You should get a router.new file if it does. Otherwise try "cat5rancid -d router" and see if you can figure out what is going wrong. If all of this works, then make sure that you have the correct router name in router.db and check the log file for errors. In any case, I suspect the problem is in your .cloginrc. I always put things like passwords & the like inside of {} to get around expect goo. [expect is a rather fragile program.] > add user ptldme-swt* XXXX > add enableprompt ptldme-swt* Enter password: > add password ptldme-swt* {XXXXXXX} {XXXXXX} I'd change these to: add user ptldme-swt* {XXXX} add enableprompt ptldme-swt* {Enter password:} add password ptldme-swt* {XXXXXXX} {XXXXXX} I'm also not sure if you need to set the enableprompt; I've not done that on the cat5s I've had. --asp From owner-rancid-discuss@shrubbery.net Mon Jul 30 17:59:09 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6UHx9N17022 for ; Mon, 30 Jul 2001 17:59:09 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6UHvVV20058 for rancid-discuss-outgoing; Mon, 30 Jul 2001 17:57:31 GMT Received: from pianosa.catch22.org (IDENT:postfix@pianosa.catch22.org [64.81.48.19]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6UHvSH20054 for ; Mon, 30 Jul 2001 17:57:28 GMT Received: by pianosa.catch22.org (Postfix, from userid 1000) id ABED817A5; Mon, 30 Jul 2001 10:57:27 -0700 (PDT) Date: Mon, 30 Jul 2001 10:57:27 -0700 From: David Terrell To: rancid-discuss@shrubbery.net Subject: rancid in a push configuration? Message-ID: <20010730105727.B14235@pianosa.catch22.org> Reply-To: David Terrell Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i X-Nethack: You feel like someone is making a pointless Nethack reference.--More-- X-Uptime: 10:16AM up 9 days, 12:55, 36 users, load averages: 0.11, 0.19, 0.16 X-Baby: Theodore Marvin Wolpinsky Terrell born 152 days, 19 hours, 30 minutes, 43 seconds ago Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Anybody ever used rancid or a similar tool in a push configuration? i.e. make changes to the cvs repository and rancid updates the router with that instead of vice versa. We'd like to have useful committer names and commit logs... -- David Terrell | "If NNTP had a protocol extension for dbt@meat.net | administering a spanking (long overdue if Nebcorp Prime Minister | you ask me), you'd be yelping right now." http://wwn.nebcorp.com/ | - Miguel Cruz From owner-rancid-discuss@shrubbery.net Mon Jul 30 18:07:42 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6UI7gN17039 for ; Mon, 30 Jul 2001 18:07:42 GMT Received: from localhost (localhost [[UNIX: localhost]]) by guelah.shrubbery.net (8.11.4/8.11.1) id f6UI6IG20330 for rancid-discuss-outgoing; Mon, 30 Jul 2001 18:06:18 GMT Received: from lenny.harvard.edu (lenny.harvard.edu [128.103.60.67]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6UI6EH20325 for ; Mon, 30 Jul 2001 18:06:14 GMT Received: from apache (apache.harvard.edu [128.103.209.29]) by lenny.harvard.edu (Postfix) with SMTP id 7D3B6709; Mon, 30 Jul 2001 14:06:08 -0400 (EDT) Reply-To: From: "David LaPorte" To: , "'Andrew Partan'" Cc: Subject: RE: problems with rancid and catalyst Date: Mon, 30 Jul 2001 14:06:08 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 In-Reply-To: <002601c1191f$e4247680$f144d2cc@joemobileq> Importance: Normal Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk I had a similar problem - try setting your path to ptldme-swt01> rancid appears to expect a ">" suffix on the prompt. Dave LaPorte -- David LaPorte Network Engineer Harvard University Network Operations Center -------------------------------------------- Email: david_laporte@harvard.edu Phone: (617) 496-7462 Mobile: (617) 429-8458 > -----Original Message----- > From: owner-rancid-discuss@shrubbery.net > [mailto:owner-rancid-discuss@shrubbery.net]On Behalf Of Joe Marr > Sent: Monday, July 30, 2001 1:49 PM > To: 'Andrew Partan' > Cc: rancid-discuss@shrubbery.net > Subject: RE: problems with rancid and catalyst > > > I tried the clogin test, clogin -c "show ver" ptldme-swt01 > > It accesses the router and sits the prompt, which would lead me to > believe that it doesn't recognize the prompt. > > What's the best way to approach this, what should the prompt be? > Currently its ptldme-swt01: > > Joe Marr > Network Engineer > Roadrunner > > "I do not hate my enemies. After all, I made them." - Red Skelton > > > -----Original Message----- > From: owner-rancid-discuss@shrubbery.net > [mailto:owner-rancid-discuss@shrubbery.net] On Behalf Of Andrew Partan > Sent: Monday, July 30, 2001 12:02 AM > To: jmarr@twmaine.com > Cc: rancid-discuss@shrubbery.net > Subject: Re: problems with rancid and catalyst > > > Ive been using rancid in various forms for over a year now, but I have > > never been able to have it successfully acquire the config from a > > catalyst 5505 (or a older 2900). > > My usual diagnositic procedure for this sort of thing is: > > - Make sure that the appropriate *login (clogin for cat5s) works. > This tests to make sure you don't have routing or firewall types > of issues, or dns or hostname errors, and that your .cloginrc > settings are correct. > > - See if you can send commands to the router - something like > clogin -c "command1;command2" > This makes sure that the this basic function of clogin is working. > Typical problems here are where clogin does not recognize the > router prompt correctly. > > - Then see if the correct rancid commands works against the router > - "cat5rancid router" in this case. You should get a router.new > file if it does. Otherwise try "cat5rancid -d router" and see > if you can figure out what is going wrong. > > If all of this works, then make sure that you have the correct > router name in router.db and check the log file for errors. > > In any case, I suspect the problem is in your .cloginrc. I always > put things like passwords & the like inside of {} to get around > expect goo. [expect is a rather fragile program.] > > > add user ptldme-swt* XXXX > > add enableprompt ptldme-swt* Enter password: > > add password ptldme-swt* {XXXXXXX} {XXXXXX} > > I'd change these to: > add user ptldme-swt* {XXXX} > add enableprompt ptldme-swt* {Enter password:} > add password ptldme-swt* {XXXXXXX} {XXXXXX} > > I'm also not sure if you need to set the enableprompt; I've not > done that on the cat5s I've had. > --asp > From owner-rancid-discuss@shrubbery.net Mon Jul 30 18:36:16 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6UIaGN17070 for ; Mon, 30 Jul 2001 18:36:16 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6UIYb520945 for rancid-discuss-outgoing; Mon, 30 Jul 2001 18:34:37 GMT Received: from sfoexh01.yipes.com (sfo002ns01.yipes.com [209.213.212.199]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6UIYZH20941 for ; Mon, 30 Jul 2001 18:34:35 GMT Received: by sfoexh01.yipes.com with Internet Mail Service (5.5.2653.19) id ; Mon, 30 Jul 2001 11:32:11 -0700 Message-ID: <2C830A8269AD084CA51CBA07982BB03001DFAA98@sfoexh01.yipes.com> From: ABochannek@yipes.com To: dbt@meat.net, rancid-discuss@shrubbery.net Cc: ABochannek@yipes.com Subject: RE: rancid in a push configuration? Date: Mon, 30 Jul 2001 11:32:01 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk I'd like to second this request. In fact, I meant to send in a request like this today myself. Alex Bochannek Senior Unix/Network Engineer Yipes ... that's fast! (415) 901-2000 (415) 901-2090 (direct) www.yipes.com -----Original Message----- From: David Terrell [mailto:dbt@meat.net] Sent: Monday, July 30, 2001 10:57 AM To: rancid-discuss@shrubbery.net Subject: rancid in a push configuration? Anybody ever used rancid or a similar tool in a push configuration? i.e. make changes to the cvs repository and rancid updates the router with that instead of vice versa. We'd like to have useful committer names and commit logs... -- David Terrell | "If NNTP had a protocol extension for dbt@meat.net | administering a spanking (long overdue if Nebcorp Prime Minister | you ask me), you'd be yelping right now." http://wwn.nebcorp.com/ | - Miguel Cruz From owner-rancid-discuss@shrubbery.net Mon Jul 30 18:46:42 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6UIkgN17082 for ; Mon, 30 Jul 2001 18:46:42 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6UIjIE21646 for rancid-discuss-outgoing; Mon, 30 Jul 2001 18:45:18 GMT Received: from fire.jasonlewis.net (diablo.jasonlewis.net [216.181.64.130]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6UIjEH21640 for ; Mon, 30 Jul 2001 18:45:14 GMT Received: from spinalcord (spinalcord.jasonlewis.net [192.168.120.77]) by fire.jasonlewis.net (Postfix) with SMTP id 742B99513 for ; Mon, 30 Jul 2001 14:14:44 -0400 (EDT) Reply-To: From: "Jason Lewis" To: Subject: RE: rancid in a push configuration? Date: Mon, 30 Jul 2001 14:46:38 -0400 Message-ID: <002101c11927$f7c13d60$4d78a8c0@spinalcord> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 In-Reply-To: <20010730105727.B14235@pianosa.catch22.org> Importance: Normal Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk I have wondered about this also.... What about something similar to rancid for servers? I would need a big CVS box, but it would be handy to store machine configs in CVS. Has anyone seen anything like this? jas -----Original Message----- From: owner-rancid-discuss@shrubbery.net [mailto:owner-rancid-discuss@shrubbery.net]On Behalf Of David Terrell Sent: Monday, July 30, 2001 1:57 PM To: rancid-discuss@shrubbery.net Subject: rancid in a push configuration? Anybody ever used rancid or a similar tool in a push configuration? i.e. make changes to the cvs repository and rancid updates the router with that instead of vice versa. We'd like to have useful committer names and commit logs... -- David Terrell | "If NNTP had a protocol extension for dbt@meat.net | administering a spanking (long overdue if Nebcorp Prime Minister | you ask me), you'd be yelping right now." http://wwn.nebcorp.com/ | - Miguel Cruz From owner-rancid-discuss@shrubbery.net Mon Jul 30 18:56:35 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6UIuZN17091 for ; Mon, 30 Jul 2001 18:56:35 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6UIt3221934 for rancid-discuss-outgoing; Mon, 30 Jul 2001 18:55:04 GMT Received: (from heas@localhost) by guelah.shrubbery.net (8.11.4/8.11.1) id f6UIswI21926; Mon, 30 Jul 2001 18:54:58 GMT Date: Mon, 30 Jul 2001 11:54:58 -0700 From: john heasley To: ABochannek@yipes.com Cc: dbt@meat.net, rancid-discuss@shrubbery.net Subject: Re: rancid in a push configuration? Message-ID: <20010730115457.A20946@shrubbery.net> References: <2C830A8269AD084CA51CBA07982BB03001DFAA98@sfoexh01.yipes.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <2C830A8269AD084CA51CBA07982BB03001DFAA98@sfoexh01.yipes.com>; from ABochannek@yipes.com on Mon, Jul 30, 2001 at 11:32:01AM -0700 X-note: live free, or die! X-homer: there ya go, fish bulb Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk this is not what rancid was intended for. i am not saying that this functionality is not useful ... or not _required_ for sane config management! i believe that rancid is a configuration monitoring tool primarily and second a disaster recovery tool. that is, a baked config in the repository can be loaded (for exmaple, h/w-replacement -- after replacing passwords, etc) for fast recovery. writing a parser to determine changes, or rather commands necessary to apply those changes, is not only difficult, but a rapidly moving target. to this, i note the paramount importance of the IETD ops-nm WG draft (refer to internet drafts at www.ietf.org). configuration generation, loading, and change-application is best suited for a second tool (or suite of) with rancid integrated. where most information is stored in a database (which *any* complimentary tool can also utilize) and canonical configs are generated from this and templates (for multiple router/switch platforms). i have written such a tool for my employer, but can not release it. i have started a tool for free release ("pita" [because it is]) which i hope to mangle into a config generator (loader, etc), config monitoring (via rancid), NMS, and some other useful bits. making slow progress.... Mon, Jul 30, 2001 at 11:32:01AM -0700, ABochannek@yipes.com: > I'd like to second this request. In fact, I meant to send in a request like > this today myself. > > Alex Bochannek > Senior Unix/Network Engineer > Yipes ... that's fast! > (415) 901-2000 > (415) 901-2090 (direct) > www.yipes.com > > > -----Original Message----- > From: David Terrell [mailto:dbt@meat.net] > Sent: Monday, July 30, 2001 10:57 AM > To: rancid-discuss@shrubbery.net > Subject: rancid in a push configuration? > > Anybody ever used rancid or a similar tool in a push configuration? i.e. > make changes to the cvs repository and rancid updates the router with > that instead of vice versa. > > We'd like to have useful committer names and commit logs... > > -- > David Terrell | "If NNTP had a protocol extension for > dbt@meat.net | administering a spanking (long overdue if > Nebcorp Prime Minister | you ask me), you'd be yelping right now." > http://wwn.nebcorp.com/ | - Miguel Cruz From owner-rancid-discuss@shrubbery.net Mon Jul 30 18:59:28 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6UIxSN17097 for ; Mon, 30 Jul 2001 18:59:28 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6UIw5822034 for rancid-discuss-outgoing; Mon, 30 Jul 2001 18:58:05 GMT Received: (from heas@localhost) by guelah.shrubbery.net (8.11.4/8.11.1) id f6UIw1e22029; Mon, 30 Jul 2001 18:58:01 GMT Date: Mon, 30 Jul 2001 11:58:01 -0700 From: john heasley To: Jason Lewis Cc: rancid-discuss@shrubbery.net Subject: Re: rancid in a push configuration? Message-ID: <20010730115801.C20946@shrubbery.net> References: <20010730105727.B14235@pianosa.catch22.org> <002101c11927$f7c13d60$4d78a8c0@spinalcord> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <002101c11927$f7c13d60$4d78a8c0@spinalcord>; from jlewis@packetnexus.com on Mon, Jul 30, 2001 at 02:46:38PM -0400 X-note: live free, or die! X-homer: there ya go, fish bulb Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Mon, Jul 30, 2001 at 02:46:38PM -0400, Jason Lewis: > I have wondered about this also.... What about something similar to rancid > for servers? I would need a big CVS box, but it would be handy to store > machine configs in CVS. Has anyone seen anything like this? if you can bake that idea a bit more (what to collect, etc), we're willing to listen and/or implement. > jas > > -----Original Message----- > From: owner-rancid-discuss@shrubbery.net > [mailto:owner-rancid-discuss@shrubbery.net]On Behalf Of David Terrell > Sent: Monday, July 30, 2001 1:57 PM > To: rancid-discuss@shrubbery.net > Subject: rancid in a push configuration? > > > Anybody ever used rancid or a similar tool in a push configuration? i.e. > make changes to the cvs repository and rancid updates the router with > that instead of vice versa. > > We'd like to have useful committer names and commit logs... > > -- > David Terrell | "If NNTP had a protocol extension for > dbt@meat.net | administering a spanking (long overdue if > Nebcorp Prime Minister | you ask me), you'd be yelping right now." > http://wwn.nebcorp.com/ | - Miguel Cruz From owner-rancid-discuss@shrubbery.net Mon Jul 30 19:02:05 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6UJ25N17110 for ; Mon, 30 Jul 2001 19:02:05 GMT Received: from localhost (localhost [[UNIX: localhost]]) by guelah.shrubbery.net (8.11.4/8.11.1) id f6UJ0gG22108 for rancid-discuss-outgoing; Mon, 30 Jul 2001 19:00:42 GMT Received: from twmaine.com (IDENT:postfix@one.twmaine.com [208.3.248.2]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6UJ0bH22103 for ; Mon, 30 Jul 2001 19:00:37 GMT Received: from joemobileq (rrf1.rrpro.maine.rr.com [204.210.68.241]) by twmaine.com (Postfix) with ESMTP id AF24C290E8E; Mon, 30 Jul 2001 14:59:21 -0400 (EDT) Reply-To: From: "Joe Marr" To: , "'Andrew Partan'" Cc: Subject: RE: problems with rancid and catalyst Date: Mon, 30 Jul 2001 14:56:07 -0400 Organization: Roadrunner Message-ID: <004301c11929$4a68a4d0$f144d2cc@joemobileq> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 Importance: Normal In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Great this works! Joe Marr Network Engineer Roadrunner "I do not hate my enemies. After all, I made them." - Red Skelton -----Original Message----- From: owner-rancid-discuss@shrubbery.net [mailto:owner-rancid-discuss@shrubbery.net] On Behalf Of David LaPorte Sent: Monday, July 30, 2001 2:06 PM To: jmarr@twmaine.com; 'Andrew Partan' Cc: rancid-discuss@shrubbery.net Subject: RE: problems with rancid and catalyst I had a similar problem - try setting your path to ptldme-swt01> rancid appears to expect a ">" suffix on the prompt. Dave LaPorte -- David LaPorte Network Engineer Harvard University Network Operations Center -------------------------------------------- Email: david_laporte@harvard.edu Phone: (617) 496-7462 Mobile: (617) 429-8458 > -----Original Message----- > From: owner-rancid-discuss@shrubbery.net > [mailto:owner-rancid-discuss@shrubbery.net]On Behalf Of Joe Marr > Sent: Monday, July 30, 2001 1:49 PM > To: 'Andrew Partan' > Cc: rancid-discuss@shrubbery.net > Subject: RE: problems with rancid and catalyst > > > I tried the clogin test, clogin -c "show ver" ptldme-swt01 > > It accesses the router and sits the prompt, which would lead me to > believe that it doesn't recognize the prompt. > > What's the best way to approach this, what should the prompt be? > Currently its ptldme-swt01: > > Joe Marr > Network Engineer > Roadrunner > > "I do not hate my enemies. After all, I made them." - Red Skelton > > > -----Original Message----- > From: owner-rancid-discuss@shrubbery.net > [mailto:owner-rancid-discuss@shrubbery.net] On Behalf Of Andrew Partan > Sent: Monday, July 30, 2001 12:02 AM > To: jmarr@twmaine.com > Cc: rancid-discuss@shrubbery.net > Subject: Re: problems with rancid and catalyst > > > Ive been using rancid in various forms for over a year now, but I have > > never been able to have it successfully acquire the config from a > > catalyst 5505 (or a older 2900). > > My usual diagnositic procedure for this sort of thing is: > > - Make sure that the appropriate *login (clogin for cat5s) works. > This tests to make sure you don't have routing or firewall types > of issues, or dns or hostname errors, and that your .cloginrc > settings are correct. > > - See if you can send commands to the router - something like > clogin -c "command1;command2" > This makes sure that the this basic function of clogin is working. > Typical problems here are where clogin does not recognize the > router prompt correctly. > > - Then see if the correct rancid commands works against the router > - "cat5rancid router" in this case. You should get a router.new > file if it does. Otherwise try "cat5rancid -d router" and see > if you can figure out what is going wrong. > > If all of this works, then make sure that you have the correct > router name in router.db and check the log file for errors. > > In any case, I suspect the problem is in your .cloginrc. I always > put things like passwords & the like inside of {} to get around > expect goo. [expect is a rather fragile program.] > > > add user ptldme-swt* XXXX > > add enableprompt ptldme-swt* Enter password: > > add password ptldme-swt* {XXXXXXX} {XXXXXX} > > I'd change these to: > add user ptldme-swt* {XXXX} > add enableprompt ptldme-swt* {Enter password:} > add password ptldme-swt* {XXXXXXX} {XXXXXX} > > I'm also not sure if you need to set the enableprompt; I've not > done that on the cat5s I've had. > --asp > From owner-rancid-discuss@shrubbery.net Mon Jul 30 19:59:27 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6UJxRN17171 for ; Mon, 30 Jul 2001 19:59:27 GMT Received: from localhost (localhost [[UNIX: localhost]]) by guelah.shrubbery.net (8.11.4/8.11.1) id f6UJvuV24065 for rancid-discuss-outgoing; Mon, 30 Jul 2001 19:57:56 GMT Received: (from heas@localhost) by guelah.shrubbery.net (8.11.4/8.11.1) id f6UJvnV24060; Mon, 30 Jul 2001 19:57:49 GMT Date: Mon, 30 Jul 2001 12:57:49 -0700 From: john heasley To: Joe Marr Cc: david_laporte@harvard.edu, "'Andrew Partan'" , rancid-discuss@shrubbery.net Subject: Re: problems with rancid and catalyst Message-ID: <20010730125749.B22977@shrubbery.net> References: <004301c11929$4a68a4d0$f144d2cc@joemobileq> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <004301c11929$4a68a4d0$f144d2cc@joemobileq>; from jmarr@twmaine.com on Mon, Jul 30, 2001 at 02:56:07PM -0400 X-note: live free, or die! X-homer: there ya go, fish bulb Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk perhaps what we need is a .cloginrc switch which allows the prompt to be adjusted? Mon, Jul 30, 2001 at 02:56:07PM -0400, Joe Marr: > Great this works! > > Joe Marr > Network Engineer > Roadrunner > > "I do not hate my enemies. After all, I made them." - Red Skelton > > > -----Original Message----- > From: owner-rancid-discuss@shrubbery.net > [mailto:owner-rancid-discuss@shrubbery.net] On Behalf Of David LaPorte > Sent: Monday, July 30, 2001 2:06 PM > To: jmarr@twmaine.com; 'Andrew Partan' > Cc: rancid-discuss@shrubbery.net > Subject: RE: problems with rancid and catalyst > > I had a similar problem - try setting your path to ptldme-swt01> > > rancid appears to expect a ">" suffix on the prompt. > > Dave LaPorte > > -- > David LaPorte > Network Engineer > Harvard University Network Operations Center > -------------------------------------------- > Email: david_laporte@harvard.edu > Phone: (617) 496-7462 > Mobile: (617) 429-8458 > > > -----Original Message----- > > From: owner-rancid-discuss@shrubbery.net > > [mailto:owner-rancid-discuss@shrubbery.net]On Behalf Of Joe Marr > > Sent: Monday, July 30, 2001 1:49 PM > > To: 'Andrew Partan' > > Cc: rancid-discuss@shrubbery.net > > Subject: RE: problems with rancid and catalyst > > > > > > I tried the clogin test, clogin -c "show ver" ptldme-swt01 > > > > It accesses the router and sits the prompt, which would lead me to > > believe that it doesn't recognize the prompt. > > > > What's the best way to approach this, what should the prompt be? > > Currently its ptldme-swt01: > > > > Joe Marr > > Network Engineer > > Roadrunner > > > > "I do not hate my enemies. After all, I made them." - Red Skelton > > > > > > -----Original Message----- > > From: owner-rancid-discuss@shrubbery.net > > [mailto:owner-rancid-discuss@shrubbery.net] On Behalf Of Andrew Partan > > Sent: Monday, July 30, 2001 12:02 AM > > To: jmarr@twmaine.com > > Cc: rancid-discuss@shrubbery.net > > Subject: Re: problems with rancid and catalyst > > > > > Ive been using rancid in various forms for over a year now, but I > have > > > never been able to have it successfully acquire the config from a > > > catalyst 5505 (or a older 2900). > > > > My usual diagnositic procedure for this sort of thing is: > > > > - Make sure that the appropriate *login (clogin for cat5s) works. > > This tests to make sure you don't have routing or firewall types > > of issues, or dns or hostname errors, and that your .cloginrc > > settings are correct. > > > > - See if you can send commands to the router - something like > > clogin -c "command1;command2" > > This makes sure that the this basic function of clogin is working. > > Typical problems here are where clogin does not recognize the > > router prompt correctly. > > > > - Then see if the correct rancid commands works against the router > > - "cat5rancid router" in this case. You should get a router.new > > file if it does. Otherwise try "cat5rancid -d router" and see > > if you can figure out what is going wrong. > > > > If all of this works, then make sure that you have the correct > > router name in router.db and check the log file for errors. > > > > In any case, I suspect the problem is in your .cloginrc. I always > > put things like passwords & the like inside of {} to get around > > expect goo. [expect is a rather fragile program.] > > > > > add user ptldme-swt* XXXX > > > add enableprompt ptldme-swt* Enter password: > > > add password ptldme-swt* {XXXXXXX} {XXXXXX} > > > > I'd change these to: > > add user ptldme-swt* {XXXX} > > add enableprompt ptldme-swt* {Enter password:} > > add password ptldme-swt* {XXXXXXX} {XXXXXX} > > > > I'm also not sure if you need to set the enableprompt; I've not > > done that on the cat5s I've had. > > --asp > > From owner-rancid-discuss@shrubbery.net Mon Jul 30 20:07:13 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6UK7DN17196 for ; Mon, 30 Jul 2001 20:07:13 GMT Received: from localhost (localhost [[UNIX: localhost]]) by guelah.shrubbery.net (8.11.4/8.11.1) id f6UK5n824243 for rancid-discuss-outgoing; Mon, 30 Jul 2001 20:05:49 GMT Received: from twmaine.com (IDENT:postfix@one.twmaine.com [208.3.248.2]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6UK5hH24234; Mon, 30 Jul 2001 20:05:43 GMT Received: from joemobileq (rrf1.rrpro.maine.rr.com [204.210.68.241]) by twmaine.com (Postfix) with ESMTP id 23FC0290BB1; Mon, 30 Jul 2001 16:04:26 -0400 (EDT) Reply-To: From: "Joe Marr" To: "'john heasley'" Cc: , "'Andrew Partan'" , Subject: RE: problems with rancid and catalyst Date: Mon, 30 Jul 2001 16:01:11 -0400 Organization: Roadrunner Message-ID: <005301c11932$623f7670$f144d2cc@joemobileq> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 Importance: Normal In-Reply-To: <20010730125749.B22977@shrubbery.net> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk That would be best, at some point Ill run into an issue with some other software that expects the prompt to be formatted a different way. Joe Marr Network Engineer Roadrunner "I do not hate my enemies. After all, I made them." - Red Skelton -----Original Message----- From: john heasley [mailto:heas@shrubbery.net] Sent: Monday, July 30, 2001 3:58 PM To: Joe Marr Cc: david_laporte@harvard.edu; 'Andrew Partan'; rancid-discuss@shrubbery.net Subject: Re: problems with rancid and catalyst perhaps what we need is a .cloginrc switch which allows the prompt to be adjusted? Mon, Jul 30, 2001 at 02:56:07PM -0400, Joe Marr: > Great this works! > > Joe Marr > Network Engineer > Roadrunner > > "I do not hate my enemies. After all, I made them." - Red Skelton > > > -----Original Message----- > From: owner-rancid-discuss@shrubbery.net > [mailto:owner-rancid-discuss@shrubbery.net] On Behalf Of David LaPorte > Sent: Monday, July 30, 2001 2:06 PM > To: jmarr@twmaine.com; 'Andrew Partan' > Cc: rancid-discuss@shrubbery.net > Subject: RE: problems with rancid and catalyst > > I had a similar problem - try setting your path to ptldme-swt01> > > rancid appears to expect a ">" suffix on the prompt. > > Dave LaPorte > > -- > David LaPorte > Network Engineer > Harvard University Network Operations Center > -------------------------------------------- > Email: david_laporte@harvard.edu > Phone: (617) 496-7462 > Mobile: (617) 429-8458 > > > -----Original Message----- > > From: owner-rancid-discuss@shrubbery.net > > [mailto:owner-rancid-discuss@shrubbery.net]On Behalf Of Joe Marr > > Sent: Monday, July 30, 2001 1:49 PM > > To: 'Andrew Partan' > > Cc: rancid-discuss@shrubbery.net > > Subject: RE: problems with rancid and catalyst > > > > > > I tried the clogin test, clogin -c "show ver" ptldme-swt01 > > > > It accesses the router and sits the prompt, which would lead me to > > believe that it doesn't recognize the prompt. > > > > What's the best way to approach this, what should the prompt be? > > Currently its ptldme-swt01: > > > > Joe Marr > > Network Engineer > > Roadrunner > > > > "I do not hate my enemies. After all, I made them." - Red Skelton > > > > > > -----Original Message----- > > From: owner-rancid-discuss@shrubbery.net > > [mailto:owner-rancid-discuss@shrubbery.net] On Behalf Of Andrew Partan > > Sent: Monday, July 30, 2001 12:02 AM > > To: jmarr@twmaine.com > > Cc: rancid-discuss@shrubbery.net > > Subject: Re: problems with rancid and catalyst > > > > > Ive been using rancid in various forms for over a year now, but I > have > > > never been able to have it successfully acquire the config from a > > > catalyst 5505 (or a older 2900). > > > > My usual diagnositic procedure for this sort of thing is: > > > > - Make sure that the appropriate *login (clogin for cat5s) works. > > This tests to make sure you don't have routing or firewall types > > of issues, or dns or hostname errors, and that your .cloginrc > > settings are correct. > > > > - See if you can send commands to the router - something like > > clogin -c "command1;command2" > > This makes sure that the this basic function of clogin is working. > > Typical problems here are where clogin does not recognize the > > router prompt correctly. > > > > - Then see if the correct rancid commands works against the router > > - "cat5rancid router" in this case. You should get a router.new > > file if it does. Otherwise try "cat5rancid -d router" and see > > if you can figure out what is going wrong. > > > > If all of this works, then make sure that you have the correct > > router name in router.db and check the log file for errors. > > > > In any case, I suspect the problem is in your .cloginrc. I always > > put things like passwords & the like inside of {} to get around > > expect goo. [expect is a rather fragile program.] > > > > > add user ptldme-swt* XXXX > > > add enableprompt ptldme-swt* Enter password: > > > add password ptldme-swt* {XXXXXXX} {XXXXXX} > > > > I'd change these to: > > add user ptldme-swt* {XXXX} > > add enableprompt ptldme-swt* {Enter password:} > > add password ptldme-swt* {XXXXXXX} {XXXXXX} > > > > I'm also not sure if you need to set the enableprompt; I've not > > done that on the cat5s I've had. > > --asp > > From owner-rancid-discuss@shrubbery.net Tue Jul 31 00:18:45 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V0IjN17384 for ; Tue, 31 Jul 2001 00:18:45 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V0H2002712 for rancid-discuss-outgoing; Tue, 31 Jul 2001 00:17:02 GMT Received: from sfoexh01.yipes.com (sfo002ns01.yipes.com [209.213.212.199]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6V0GwH02705; Tue, 31 Jul 2001 00:16:59 GMT Received: by sfoexh01.yipes.com with Internet Mail Service (5.5.2653.19) id ; Mon, 30 Jul 2001 17:14:39 -0700 Message-ID: <2C830A8269AD084CA51CBA07982BB03001DFAA9E@sfoexh01.yipes.com> From: ABochannek@yipes.com To: heas@shrubbery.net Cc: dbt@meat.net, rancid-discuss@shrubbery.net, ABochannek@yipes.com Subject: RE: rancid in a push configuration? Date: Mon, 30 Jul 2001 17:14:34 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk John, I understand that this isn't what Rancid wasn't meant to do, but you can't blame David or myself for trying ;-) Can you offer a more specific pointer to the IETF work you referred to? Are you talking about draft-ops-operator-req-mgmt-00.txt? Thanks. Alex Bochannek Senior Unix/Network Engineer Yipes ... that's fast! (415) 901-2000 (415) 901-2090 (direct) www.yipes.com -----Original Message----- From: john heasley [mailto:heas@shrubbery.net] Sent: Monday, July 30, 2001 11:55 AM To: Alex Bochannek Cc: dbt@meat.net; rancid-discuss@shrubbery.net Subject: Re: rancid in a push configuration? this is not what rancid was intended for. i am not saying that this functionality is not useful ... or not _required_ for sane config management! i believe that rancid is a configuration monitoring tool primarily and second a disaster recovery tool. that is, a baked config in the repository can be loaded (for exmaple, h/w-replacement -- after replacing passwords, etc) for fast recovery. writing a parser to determine changes, or rather commands necessary to apply those changes, is not only difficult, but a rapidly moving target. to this, i note the paramount importance of the IETD ops-nm WG draft (refer to internet drafts at www.ietf.org). configuration generation, loading, and change-application is best suited for a second tool (or suite of) with rancid integrated. where most information is stored in a database (which *any* complimentary tool can also utilize) and canonical configs are generated from this and templates (for multiple router/switch platforms). i have written such a tool for my employer, but can not release it. i have started a tool for free release ("pita" [because it is]) which i hope to mangle into a config generator (loader, etc), config monitoring (via rancid), NMS, and some other useful bits. making slow progress.... Mon, Jul 30, 2001 at 11:32:01AM -0700, ABochannek@yipes.com: > I'd like to second this request. In fact, I meant to send in a request like > this today myself. > > Alex Bochannek > Senior Unix/Network Engineer > Yipes ... that's fast! > (415) 901-2000 > (415) 901-2090 (direct) > www.yipes.com > > > -----Original Message----- > From: David Terrell [mailto:dbt@meat.net] > Sent: Monday, July 30, 2001 10:57 AM > To: rancid-discuss@shrubbery.net > Subject: rancid in a push configuration? > > Anybody ever used rancid or a similar tool in a push configuration? i.e. > make changes to the cvs repository and rancid updates the router with > that instead of vice versa. > > We'd like to have useful committer names and commit logs... > > -- > David Terrell | "If NNTP had a protocol extension for > dbt@meat.net | administering a spanking (long overdue if > Nebcorp Prime Minister | you ask me), you'd be yelping right now." > http://wwn.nebcorp.com/ | - Miguel Cruz From owner-rancid-discuss@shrubbery.net Tue Jul 31 00:46:17 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V0kHN17400 for ; Tue, 31 Jul 2001 00:46:17 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V0irT03804 for rancid-discuss-outgoing; Tue, 31 Jul 2001 00:44:53 GMT Received: (from heas@localhost) by guelah.shrubbery.net (8.11.4/8.11.1) id f6V0ina03790; Tue, 31 Jul 2001 00:44:49 GMT Date: Mon, 30 Jul 2001 17:44:49 -0700 From: john heasley To: ABochannek@yipes.com Cc: dbt@meat.net, rancid-discuss@shrubbery.net Subject: Re: rancid in a push configuration? Message-ID: <20010730174449.Y22977@shrubbery.net> References: <2C830A8269AD084CA51CBA07982BB03001DFAA9E@sfoexh01.yipes.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <2C830A8269AD084CA51CBA07982BB03001DFAA9E@sfoexh01.yipes.com>; from ABochannek@yipes.com on Mon, Jul 30, 2001 at 05:14:34PM -0700 X-note: live free, or die! X-homer: there ya go, fish bulb Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Mon, Jul 30, 2001 at 05:14:34PM -0700, ABochannek@yipes.com: > John, > > I understand that this isn't what Rancid wasn't meant to do, but you can't > blame David or myself for trying ;-) no blame being flung from here! perhaps maliciously trying to spark discussion. but, i believe rancid isnt the right place for config generation. i might even say impractical for that kind of jobs, but perhaps my expectation of such a system is greater than is necessary. > Can you offer a more specific pointer to the IETF work you referred to? Are > you talking about draft-ops-operator-req-mgmt-00.txt? yes, that is the draft and the maillist is (currently) ops-nm@ops.ietf.org (i think ops-nm-request@ works for subscription). From owner-rancid-discuss@shrubbery.net Tue Jul 31 02:54:58 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V2swN17486 for ; Tue, 31 Jul 2001 02:54:58 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V2re307445 for rancid-discuss-outgoing; Tue, 31 Jul 2001 02:53:40 GMT Received: from sfoexh01.yipes.com (sfo002ns01.yipes.com [209.213.212.199]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6V2raH07438; Tue, 31 Jul 2001 02:53:36 GMT Received: by sfoexh01.yipes.com with Internet Mail Service (5.5.2653.19) id ; Mon, 30 Jul 2001 19:51:17 -0700 Message-ID: <2C830A8269AD084CA51CBA07982BB03001DFAAA4@sfoexh01.yipes.com> From: ABochannek@yipes.com To: heas@shrubbery.net Cc: dbt@meat.net, rancid-discuss@shrubbery.net, ABochannek@yipes.com Subject: RE: rancid in a push configuration? Date: Mon, 30 Jul 2001 19:51:15 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk The particular job I was interested in is single configuration command submission to a list of devices. A simple change like the syslog destination comes to mind as an example. Full-fledged configuration generation is highly vendor-specific and not what I was looking for. I'll have a look at the ops-nm list and see what they are up to. Thanks. Alex Bochannek Senior Unix/Network Engineer Yipes ... that's fast! (415) 901-2000 (415) 901-2090 (direct) www.yipes.com -----Original Message----- From: john heasley [mailto:heas@shrubbery.net] Sent: Monday, July 30, 2001 5:45 PM To: Alex Bochannek Cc: dbt@meat.net; rancid-discuss@shrubbery.net Subject: Re: rancid in a push configuration? Mon, Jul 30, 2001 at 05:14:34PM -0700, ABochannek@yipes.com: > John, > > I understand that this isn't what Rancid wasn't meant to do, but you can't > blame David or myself for trying ;-) no blame being flung from here! perhaps maliciously trying to spark discussion. but, i believe rancid isnt the right place for config generation. i might even say impractical for that kind of jobs, but perhaps my expectation of such a system is greater than is necessary. > Can you offer a more specific pointer to the IETF work you referred to? Are > you talking about draft-ops-operator-req-mgmt-00.txt? yes, that is the draft and the maillist is (currently) ops-nm@ops.ietf.org (i think ops-nm-request@ works for subscription). From owner-rancid-discuss@shrubbery.net Tue Jul 31 03:07:39 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V37dN17499 for ; Tue, 31 Jul 2001 03:07:39 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V36F207683 for rancid-discuss-outgoing; Tue, 31 Jul 2001 03:06:16 GMT Received: from bnc.powerup.com.au (bnc.webcentral.com.au [202.139.236.123]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6V36AH07677 for ; Tue, 31 Jul 2001 03:06:10 GMT Received: by bnc.webcentral.com.au with Internet Mail Service (5.5.2653.19) id <3SNCD8BL>; Tue, 31 Jul 2001 13:05:46 +1000 Message-ID: <415DD4BF903BD311A3D900A0C99F902209607127@bnc.webcentral.com.au> From: Andrew Fort To: "'ABochannek@yipes.com'" Cc: rancid-discuss@shrubbery.net Subject: RE: rancid in a push configuration? Date: Tue, 31 Jul 2001 13:05:42 +1000 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Alex, Some of us do this the 'ugly way': $ cat hostlist bb1 bb2 $ cat syslog-change.scr no logging 1.2.3.4 no logging 5.6.7.8 no logging 11.12.13.14 logging 6.6.6.1 $ for i in `cat hostlist` ; do rcp syslog-change.scr $i:system:/running-config & ; done $ I think this is a fairly good example of why the ops-nm mailing list exists; to help eradicate evil things like the above. :) To Ciscos' credit, you could always setup an FTP server and use the CISCO-CONFIG-MIB, which should let you trigger the 'pull' of the configs from the devices themselves. If you're maintaining local devices where you can be 'happy' with rcp (they're on a private management VLAN, that VLAN is pruned to customers, you can guarantee (thru IGP auth) no prefix theft and spoofing, etc), you may find better performance with rcp than sending a few SNMP set to each device and then having it login to the FTP (or tftp, or rcp) server. Cisco now (12.2(2)T) support scp also, but no RSA authentication yet (as far as I can see), so it makes it not very useful for doing automated stuff. >From: ABochannek@yipes.com [mailto:ABochannek@yipes.com] >Sent: Tuesday, 31 July 2001 12:51 PM >Subject: RE: rancid in a push configuration? > > >The particular job I was interested in is single configuration command >submission to a list of devices. A simple change like the >syslog destination >comes to mind as an example. Full-fledged configuration >generation is highly >vendor-specific and not what I was looking for. > >I'll have a look at the ops-nm list and see what they are up to. From owner-rancid-discuss@shrubbery.net Tue Jul 31 03:19:46 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V3JkN17509 for ; Tue, 31 Jul 2001 03:19:46 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V3INP07907 for rancid-discuss-outgoing; Tue, 31 Jul 2001 03:18:23 GMT Received: from tower.partan.com (tower.partan.com [198.6.255.248]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6V3IJH07900; Tue, 31 Jul 2001 03:18:19 GMT Received: (from asp@localhost) by tower.partan.com (8.9.3/8.9.3) id XAA19181; Mon, 30 Jul 2001 23:18:17 -0400 (EDT) From: Andrew Partan Message-Id: <200107310318.XAA19181@tower.partan.com> Subject: Re: rancid in a push configuration? To: ABochannek@yipes.com Date: Mon, 30 Jul 2001 23:18:17 -0400 (EDT) Cc: heas@shrubbery.net, dbt@meat.net, rancid-discuss@shrubbery.net In-Reply-To: <2C830A8269AD084CA51CBA07982BB03001DFAAA4@sfoexh01.yipes.com> from "ABochannek@yipes.com" at Jul 30, 1 07:51:15 pm X-Mailer: ELM [version 2.4 PL25] Content-Type: text Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk > The particular job I was interested in is single configuration command > submission to a list of devices. A simple change like the syslog destination > comes to mind as an example. You can also write an expect script that clogin can call to do this sort of thing. There is a script util/cisco-load.exp (comes as part of rancid) that loads cisco config files from a rcp server. Ditto cisco-reload.exp for rebooting routers. At one point (like 7 years ago) I had a collection of 50 some expect scripts that did various things to ciscos. --asp From owner-rancid-discuss@shrubbery.net Tue Jul 31 03:34:47 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V3YlN17522 for ; Tue, 31 Jul 2001 03:34:47 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V3We408300 for rancid-discuss-outgoing; Tue, 31 Jul 2001 03:32:41 GMT Received: from sfoexh01.yipes.com (sfo002ns01.yipes.com [209.213.212.199]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6V3WaH08289; Tue, 31 Jul 2001 03:32:37 GMT Received: by sfoexh01.yipes.com with Internet Mail Service (5.5.2653.19) id ; Mon, 30 Jul 2001 20:30:17 -0700 Message-ID: <2C830A8269AD084CA51CBA07982BB03001DFAAA6@sfoexh01.yipes.com> From: ABochannek@yipes.com To: asp@partan.com Cc: heas@shrubbery.net, dbt@meat.net, rancid-discuss@shrubbery.net, ABochannek@yipes.com Subject: RE: rancid in a push configuration? Date: Mon, 30 Jul 2001 20:30:16 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Not a bad suggestion. I used to be at Cisco, actually, and we had our own Expect libraries which you could use to log in and execute commands on remote routers. That was extremely handy. Alex Bochannek Senior Unix/Network Engineer Yipes ... that's fast! (415) 901-2000 (415) 901-2090 (direct) www.yipes.com -----Original Message----- From: Andrew Partan [mailto:asp@partan.com] Sent: Monday, July 30, 2001 8:18 PM To: Alex Bochannek Cc: heas@shrubbery.net; dbt@meat.net; rancid-discuss@shrubbery.net Subject: Re: rancid in a push configuration? > The particular job I was interested in is single configuration command > submission to a list of devices. A simple change like the syslog destination > comes to mind as an example. You can also write an expect script that clogin can call to do this sort of thing. There is a script util/cisco-load.exp (comes as part of rancid) that loads cisco config files from a rcp server. Ditto cisco-reload.exp for rebooting routers. At one point (like 7 years ago) I had a collection of 50 some expect scripts that did various things to ciscos. --asp From owner-rancid-discuss@shrubbery.net Tue Jul 31 03:35:08 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V3Z8N17528 for ; Tue, 31 Jul 2001 03:35:08 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V3Y5308319 for rancid-discuss-outgoing; Tue, 31 Jul 2001 03:34:05 GMT Received: from sfoexh01.yipes.com (sfo002ns01.yipes.com [209.213.212.199]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6V3Y2H08315 for ; Tue, 31 Jul 2001 03:34:02 GMT Received: by sfoexh01.yipes.com with Internet Mail Service (5.5.2653.19) id ; Mon, 30 Jul 2001 20:31:43 -0700 Message-ID: <2C830A8269AD084CA51CBA07982BB03001DFAAA7@sfoexh01.yipes.com> From: ABochannek@yipes.com To: afort@staff.webcentral.com.au Cc: rancid-discuss@shrubbery.net, ABochannek@yipes.com Subject: RE: rancid in a push configuration? Date: Mon, 30 Jul 2001 20:31:37 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk OK, that is indeed pretty evil ;-) I currently use the config MIB to pull configs, but that's what I want to replace with Rancid. Alex Bochannek Senior Unix/Network Engineer Yipes ... that's fast! (415) 901-2000 (415) 901-2090 (direct) www.yipes.com -----Original Message----- From: Andrew Fort [mailto:afort@staff.webcentral.com.au] Sent: Monday, July 30, 2001 8:06 PM To: Alex Bochannek Cc: rancid-discuss@shrubbery.net Subject: RE: rancid in a push configuration? Alex, Some of us do this the 'ugly way': $ cat hostlist bb1 bb2 $ cat syslog-change.scr no logging 1.2.3.4 no logging 5.6.7.8 no logging 11.12.13.14 logging 6.6.6.1 $ for i in `cat hostlist` ; do rcp syslog-change.scr $i:system:/running-config & ; done $ I think this is a fairly good example of why the ops-nm mailing list exists; to help eradicate evil things like the above. :) To Ciscos' credit, you could always setup an FTP server and use the CISCO-CONFIG-MIB, which should let you trigger the 'pull' of the configs from the devices themselves. If you're maintaining local devices where you can be 'happy' with rcp (they're on a private management VLAN, that VLAN is pruned to customers, you can guarantee (thru IGP auth) no prefix theft and spoofing, etc), you may find better performance with rcp than sending a few SNMP set to each device and then having it login to the FTP (or tftp, or rcp) server. Cisco now (12.2(2)T) support scp also, but no RSA authentication yet (as far as I can see), so it makes it not very useful for doing automated stuff. >From: ABochannek@yipes.com [mailto:ABochannek@yipes.com] >Sent: Tuesday, 31 July 2001 12:51 PM >Subject: RE: rancid in a push configuration? > > >The particular job I was interested in is single configuration command >submission to a list of devices. A simple change like the >syslog destination >comes to mind as an example. Full-fledged configuration >generation is highly >vendor-specific and not what I was looking for. > >I'll have a look at the ops-nm list and see what they are up to. From owner-rancid-discuss@shrubbery.net Tue Jul 31 03:43:33 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V3hXN17537 for ; Tue, 31 Jul 2001 03:43:33 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V3hHH08947 for rancid-discuss-outgoing; Tue, 31 Jul 2001 03:43:17 GMT Received: from fire.jasonlewis.net (diablo.jasonlewis.net [216.181.64.130]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6V3hDH08943 for ; Tue, 31 Jul 2001 03:43:13 GMT Received: from spinalcord (spinalcord.jasonlewis.net [192.168.120.77]) by fire.jasonlewis.net (Postfix) with SMTP id 724C99513 for ; Mon, 30 Jul 2001 23:12:43 -0400 (EDT) Reply-To: From: "Jason Lewis" To: Subject: RE: rancid in a push configuration? Date: Mon, 30 Jul 2001 23:44:39 -0400 Message-ID: <000001c11973$209406f0$4d78a8c0@spinalcord> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <2C830A8269AD084CA51CBA07982BB03001DFAAA6@sfoexh01.yipes.com> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk That is what I am looking for! I want to be able to change passwords quickly and easily. My current process is to login to each one. Passwords get changed on a regular basis and the time spent making the change is time I could be doing other stuff. Anyone have any expect scripts they would like to share? jas -----Original Message----- From: owner-rancid-discuss@shrubbery.net [mailto:owner-rancid-discuss@shrubbery.net]On Behalf Of ABochannek@yipes.com Sent: Monday, July 30, 2001 11:30 PM To: asp@partan.com Cc: heas@shrubbery.net; dbt@meat.net; rancid-discuss@shrubbery.net; ABochannek@yipes.com Subject: RE: rancid in a push configuration? Not a bad suggestion. I used to be at Cisco, actually, and we had our own Expect libraries which you could use to log in and execute commands on remote routers. That was extremely handy. Alex Bochannek Senior Unix/Network Engineer Yipes ... that's fast! (415) 901-2000 (415) 901-2090 (direct) www.yipes.com -----Original Message----- From: Andrew Partan [mailto:asp@partan.com] Sent: Monday, July 30, 2001 8:18 PM To: Alex Bochannek Cc: heas@shrubbery.net; dbt@meat.net; rancid-discuss@shrubbery.net Subject: Re: rancid in a push configuration? > The particular job I was interested in is single configuration command > submission to a list of devices. A simple change like the syslog destination > comes to mind as an example. You can also write an expect script that clogin can call to do this sort of thing. There is a script util/cisco-load.exp (comes as part of rancid) that loads cisco config files from a rcp server. Ditto cisco-reload.exp for rebooting routers. At one point (like 7 years ago) I had a collection of 50 some expect scripts that did various things to ciscos. --asp From owner-rancid-discuss@shrubbery.net Tue Jul 31 03:44:29 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V3iTN17543 for ; Tue, 31 Jul 2001 03:44:29 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V3iDa08961 for rancid-discuss-outgoing; Tue, 31 Jul 2001 03:44:13 GMT Received: from tower.partan.com (tower.partan.com [198.6.255.248]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6V3i9H08954; Tue, 31 Jul 2001 03:44:09 GMT Received: (from asp@localhost) by tower.partan.com (8.9.3/8.9.3) id XAA20992; Mon, 30 Jul 2001 23:44:07 -0400 (EDT) From: Andrew Partan Message-Id: <200107310344.XAA20992@tower.partan.com> Subject: Re: rancid in a push configuration? To: ABochannek@yipes.com Date: Mon, 30 Jul 2001 23:44:07 -0400 (EDT) Cc: asp@partan.com, heas@shrubbery.net, dbt@meat.net, rancid-discuss@shrubbery.net In-Reply-To: <2C830A8269AD084CA51CBA07982BB03001DFAAA6@sfoexh01.yipes.com> from "ABochannek@yipes.com" at Jul 30, 1 08:30:16 pm X-Mailer: ELM [version 2.4 PL25] Content-Type: text Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk > Not a bad suggestion. I used to be at Cisco, actually, and we had our own > Expect libraries which you could use to log in and execute commands on > remote routers. That was extremely handy. That is basically what clogin is. --asp From owner-rancid-discuss@shrubbery.net Tue Jul 31 03:47:28 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V3lRN17550 for ; Tue, 31 Jul 2001 03:47:27 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V3lBG09103 for rancid-discuss-outgoing; Tue, 31 Jul 2001 03:47:11 GMT Received: from sfoexh01.yipes.com (sfo002ns01.yipes.com [209.213.212.199]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6V3l7H09096; Tue, 31 Jul 2001 03:47:07 GMT Received: by sfoexh01.yipes.com with Internet Mail Service (5.5.2653.19) id ; Mon, 30 Jul 2001 20:44:48 -0700 Message-ID: <2C830A8269AD084CA51CBA07982BB03001DFAAAA@sfoexh01.yipes.com> From: ABochannek@yipes.com To: asp@partan.com Cc: heas@shrubbery.net, dbt@meat.net, rancid-discuss@shrubbery.net, ABochannek@yipes.com Subject: RE: rancid in a push configuration? Date: Mon, 30 Jul 2001 20:44:47 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Understood. The Cisco internal libraries had a whole bunch of higher level protocol-specific tools built on top of the login process. I don't recall all the details since I didn't use them that much though. Alex Bochannek Senior Unix/Network Engineer Yipes ... that's fast! (415) 901-2000 (415) 901-2090 (direct) www.yipes.com -----Original Message----- From: Andrew Partan [mailto:asp@partan.com] Sent: Monday, July 30, 2001 8:44 PM To: Alex Bochannek Cc: asp@partan.com; heas@shrubbery.net; dbt@meat.net; rancid-discuss@shrubbery.net Subject: Re: rancid in a push configuration? > Not a bad suggestion. I used to be at Cisco, actually, and we had our own > Expect libraries which you could use to log in and execute commands on > remote routers. That was extremely handy. That is basically what clogin is. --asp From owner-rancid-discuss@shrubbery.net Tue Jul 31 04:26:39 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V4QdN17588 for ; Tue, 31 Jul 2001 04:26:39 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V4QTV09832 for rancid-discuss-outgoing; Tue, 31 Jul 2001 04:26:29 GMT Received: (from heas@localhost) by guelah.shrubbery.net (8.11.4/8.11.1) id f6V4QJn09819; Tue, 31 Jul 2001 04:26:20 GMT Date: Mon, 30 Jul 2001 21:26:19 -0700 From: john heasley To: Andrew Partan Cc: ABochannek@yipes.com, heas@shrubbery.net, dbt@meat.net, rancid-discuss@shrubbery.net Subject: Re: rancid in a push configuration? Message-ID: <20010730212619.F22977@shrubbery.net> References: <2C830A8269AD084CA51CBA07982BB03001DFAAA4@sfoexh01.yipes.com> <200107310318.XAA19181@tower.partan.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200107310318.XAA19181@tower.partan.com>; from asp@partan.com on Mon, Jul 30, 2001 at 11:18:17PM -0400 X-note: live free, or die! X-homer: there ya go, fish bulb Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk Mon, Jul 30, 2001 at 11:18:17PM -0400, Andrew Partan: > > The particular job I was interested in is single configuration command > > submission to a list of devices. A simple change like the syslog destination > > comes to mind as an example. > > You can also write an expect script that clogin can call to do this > sort of thing. > > There is a script util/cisco-load.exp (comes as part of rancid) > that loads cisco config files from a rcp server. Ditto cisco-reload.exp > for rebooting routers. just so no one goes off flailing trying to find these, neither of these are in the current release (or beta). i added those samples just a few weeks ago. > At one point (like 7 years ago) I had a collection of 50 some expect > scripts that did various things to ciscos. > > --asp From owner-rancid-discuss@shrubbery.net Tue Jul 31 04:29:22 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V4TMN17594 for ; Tue, 31 Jul 2001 04:29:22 GMT Received: from localhost (localhost [[UNIX: localhost]]) by guelah.shrubbery.net (8.11.4/8.11.1) id f6V4TLH09887 for rancid-discuss-outgoing; Tue, 31 Jul 2001 04:29:21 GMT Received: (from heas@localhost) by guelah.shrubbery.net (8.11.4/8.11.1) id f6V4TIV09882 for rancid-discuss@shrubbery.net; Tue, 31 Jul 2001 04:29:18 GMT Date: Mon, 30 Jul 2001 21:29:18 -0700 From: john heasley To: rancid-discuss@shrubbery.net Subject: Re: rancid in a push configuration? Message-ID: <20010730212917.G22977@shrubbery.net> References: <2C830A8269AD084CA51CBA07982BB03001DFAAA6@sfoexh01.yipes.com> <200107310344.XAA20992@tower.partan.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="i9LlY+UWpKt15+FH" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200107310344.XAA20992@tower.partan.com>; from asp@partan.com on Mon, Jul 30, 2001 at 11:44:07PM -0400 X-note: live free, or die! X-homer: there ya go, fish bulb Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk --i9LlY+UWpKt15+FH Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Mon, Jul 30, 2001 at 11:44:07PM -0400, Andrew Partan: > > Not a bad suggestion. I used to be at Cisco, actually, and we had our own > > Expect libraries which you could use to log in and execute commands on > > remote routers. That was extremely handy. > > That is basically what clogin is. > --asp attached are the two samples. we're not quite ready for a 2.2 release. --i9LlY+UWpKt15+FH Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="cisco-load.exp" Content-Transfer-Encoding: quoted-printable ## ## Copyright (C) 1997-2001 by Henry Kilmer. ## All rights reserved. ## ## This software may be freely copied, modified and redistributed without ## fee for non-commerical purposes provided that this copyright notice is ## preserved intact on all copies and modified copies. ## ## There is no warranty or other guarantee of fitness of this software. ## It is provided solely "as is". The author(s) disclaim(s) all ## responsibility and liability with respect to this software's usage ## or its effect upon hardware, computer systems, other software, or ## anything else. # # this expect snipit is sourced by clogin (-s option) to load a configurati= on # file (named -confg into nvram from an rcp/tftp host. this is= an # _example_ as it not guaranteed to work for all applications. PLEASE test # for your environment. # # it expects the following variables via the -E option: # rcphost =3D'host to rcp from' such as 'foo.org' or '192.168.0.1' # confgpath =3D'path under /tftpboot where configs are held' # # the config file is expected to be routername-confg, where routername is t= he # name as grok'd from the router's cmd-line prompt # # example usage: # % clogin -s ./cisco-load.exp -Ercphost=3Dfoo.shrubbery.net router # router # loading router config from foo.shrubbery.net # # keep in mind that it is important to NOT polute the global variable space. # particularly, do not use variables used within clogin. this may result in # indeterministic results. an easy way to avoid this is to use a variable # name prefix (like 'E' or '_'). # # useful variables from clogin global space: # router router name as provided on the cmd-line # prompt cmd-line prompt as determined by clogin # # note: the tcl/expect parser is extremely stoopid. comment lines are NOT # completely ignored!! so, a '{' or '}' in a comment might produce # unexpected results. ## # log_user 1 # exp_internal 1 # sometimes this is a bit slow. note: this overrides clogin -t set timeout 90 # take rcp host from -Ercphost=3D'foo' if ([info exists Ercphost]) { #puts "CONFGHOST =3D=3D $Ercphost" set confghost [string tolower $Ercphost] } else { send_error "ERROR: -Ercphost=3D was not set on the command-line.\n" exit } # # logout of the router # proc logout { ecode } { global prompt send "quit\r" expect { "$prompt" { logout $ecode } timeout { send_error "Error: timeout waiting for EOF after quit\n"} eof { send_user "\n" exit $ecode } } } # # erase the nvram # proc erase { } { global prompt send "\r" expect $prompt {} send "write erase\r" expect { -re " Continue\[^\n\]\*confirm\]" { send "\r" exp_continue } "$prompt" { } timeout { send_error "Error: timeout waiting for write erase.\n" logout 1 } eof { logout 1 } } } # # load a config via rcp into nvram # proc doload { confghost routername config retry } { global prompt # send a return just to be sure we have a prompt. send "\r" expect "$prompt" # start the copy and send the host to load from # use tftp if retry =3D=3D 1 if { $retry =3D=3D 0 } { send "copy tftp startup-config\r" } else { send "copy rcp startup-config\r" } expect { timeout { send_error "\nError: timeout exceeded waiting for rcp/tftp host prompt\r" logout 1 } "mbiguous command" { if { $retry =3D=3D 0 } { send "copy tftp: startup-config\r" } else { send "copy rcp: startup-config\r" } exp_continue } -re "Host or network .*\]\?" { send "host\r" exp_continue } "\]\?" { send "$confghost\r" } } # # fill in the rest of the blanks. username (12.0), filename, dest, etc. # expect { -re "Source username .\*\]\?" { send "$routername\r"; exp_continue } -re "Source filename .\*\]\?" { send "$config\r"; exp_continue } -re "Name of configur.\*\]\?" { send "$config\r"; exp_continue } -re "Destination filename .\*\]\?" { send "startup-config\r"; exp_continue } -re "Configure using .\*confirm\]" { send "\r" } "proceed\? \\\[" { send "yes\r" } -re "Do you want to over write.\*confirm\]" { send "\r" } -re "Accessing (rcp|tftp):" { } timeout { send_error "\n\tError: timeout exceeded while matching load prompts\n"; send "=03" } } expect { timeout { send_error "Error: timeout exceeded while loading config\n" logout 1 } -re "\[^\n\]*Connection refused" { send_error "Error: $expect_out(0,string)\n"=20 logout 1 } -re "\[^\n\]*Destination unreachable" { send_error "Error: $expect_out(0,string)\n"=20 logout 1 } -re "\[^\n\]*Permission denied" { send_error "Error: $expect_out(0,string)\n" logout 1 } -re "\[^\n]*No such file or directory" { send_error "Error: $expect_out(0,string)\n" logout 1 } -re "\[^\n]*Error copying\[^\n]*Not enough space on device\[^\n]*\r" { send_error "Error: $expect_out(0,string)\n" if { $retry =3D=3D 2 } { # erase stomps ssh rsa key # send_user "erasing nvram\n" # erase send_user "retrying load\n" doload $confghost $routername $config 1 } elseif { $retry =3D=3D 1 } { # erase stomps ssh rsa key # send_user "erasing nvram\n" # erase send_user "retrying load with tftp.\n" doload $confghost $routername $config 0 } else { send_error "Error: $expect_out(0,string)\n" logout 1 } } -re "\[^\n]*.*configuration is too large.*\n" { send_error "Error: $expect_out(0,string)\n" expect { -re "\[^\n]*Truncate config.*:" { send "no\r" } } logout 1 } -re "\[^\n]*Error (opening|copying).*\r" { send_error "Error: $expect_out(0,string)\n" logout 1 } -nocase -re "\[^\n]* error\[^a-z\n]+\[^\n]*" { send_error "$expect_out(0,string)\n" logout 1 } "\n" { exp_continue } -re "^\[^ ]*\#" { send_user "load successful.\n" } } return 0; } send_user "loading $router config from $confghost\n"; # look for router hostname in prompt (ie: deal with fqdn) send "\r" expect { timeout { send_error "Error: did not receive prompt\n" exit } "\n" { exp_continue } -re "^(\[^ ]*)\#" { set routername $expect_out(1,string) } } # deal with config subdir? from Econfgpath if ([info exists confgpath]) { set config "$confgpath/$routername-confg" } else { set config "$routername-confg" } # load the config if { [doload $confghost $routername $config 1] !=3D 0 } { logout 1 } logout 0 # these were my original transcripts of performing loads. it is a useful # example of info you may collect to get an idea of what needs to be handled # in the expect{}s # =20 # pdx-oob# # pdx-oob#copy rcp start # Address of remote host [255.255.255.255]? 205.238.52.35 # Name of configuration file [a]? pdx-oob-confg # Configure using pdx-oob-confg from 205.238.52.35? [confirm] # =20 # Connected to 205.238.52.35 # Loading 8131 byte file pdx-oob-confg: !!!! [OK] # Compressing configuration from 8131 bytes to 3886 bytes # [OK] # pdx-oob# # =20 # 12.0S-isms # pao2#cop rcp sta # Address or name of remote host []? eng0 # Translating "eng0"...domain server (205.238.52.46) [OK] # =20 # Source username [pao2]?=20 # Source filename []? pao2-confg # Destination filename [startup-config]?=20 # Warning: Copying this config directly into the nvram from a network serv= er may # cause damage the the startup config. It is advisable to copy th= e file # into the running config first, and then save it using copy run = start. # Do you wish to proceed? [no]: yes # Accessing rcp://pao2@eng0/pao2-confg... # Connected to 205.238.52.35 # Loading 30138 byte file pao2-confg: !!!!!! [OK] # =20 # 30138 bytes copied in 2.576 secs (15069 bytes/sec) # pao2# # OR IS IT # sea0#cop rcp sta # Address or name of remote host []? eng0 # Source username [sea0]?=20 # Source filename []? sea0-confg # Destination filename [startup-config]?=20 # Accessing rcp://sea0@eng0/sea0-confg...!!!!!!!!!!!!!!!!!! # 89794 bytes copied in 0.704 secs # sea0#q # Connection closed by foreign host. # pdx-oob#copy rcp start # Address of remote host [255.255.255.255]? 205.238.52.35 # Name of configuration file [a]? pdx-oob-confg # Configure using pdx-oob-confg from 205.238.52.35? [confirm] # =20 # Connected to 205.238.52.35 # Loading 8131 byte file pdx-oob-confg: !!!! [OK] # Compressing configuration from 8131 bytes to 3886 bytes # [OK] # pdx-oob#copy rcp start # Address of remote host [205.238.52.35]? 205.238.52.35 # Name of configuration file [pdx-oob-confg]? pdx-oob-confg # Configure using pdx-oob-confg from 205.238.52.35? [confirm] # =20 # Connected to 205.238.52.35 # %rcp: /tftpboot/pdx-oob-confg: No such file or directory # pdx-oob# # =20 # pdx-oob#copy rcp start # Address of remote host [205.238.52.35]? 205.238.52.35=20 # Name of configuration file [pdx-oob-confg]? pdx-oob-confg=20 # Configure using pdx-oob-confg from 205.238.52.35? [confirm] # =20 # Connected to 205.238.52.35 # %rcp: /tftpboot/pdx-oob-confg: Permission denied # pdx-oob# # # *** response from filtered pkt # pdx-oob#copy rcp sta # Address of remote host [205.238.52.35]? 205.238.1.94 # Name of configuration file [pdx-oob-confg]?=20 # Configure using pdx-oob-confg from 205.238.1.94? [confirm] # % Destination unreachable; gateway or host down # =20 # pdx-oob# # =20 # *** response from host w/o rcp daemon # pdx-oob#cop rcp sta=20 # Address of remote host [205.238.52.35]? 205.238.1.66 # Name of configuration file [pdx-oob-confg]?=20 # Configure using pdx-oob-confg from 205.238.1.66? [confirm] # % Connection refused by remote host # =20 # pdx-oob# # =20 --i9LlY+UWpKt15+FH Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="cisco-reload.exp" ## ## Copyright (C) 1997-2001 by Henry Kilmer. ## All rights reserved. ## ## This software may be freely copied, modified and redistributed without ## fee for non-commerical purposes provided that this copyright notice is ## preserved intact on all copies and modified copies. ## ## There is no warranty or other guarantee of fitness of this software. ## It is provided solely "as is". The author(s) disclaim(s) all ## responsibility and liability with respect to this software's usage ## or its effect upon hardware, computer systems, other software, or ## anything else. # # this expect snipit is sourced by clogin (-s option) to issue a reload # command on a cisco router. it DOES NOT save the config if it has been # modified. this is an _example_ as it not guaranteed to work for all # applications. PLEASE test for your environment. # # it expects the following variables via the -E option: # reload_arg ='command argument' such as 'at 05:00' or 'cancel # # eg usage: # % clogin -s cisco-reload.exp -Ereload_arg='at 01:00' router # router # Reload scheduled for 01:00:00 UTC Sat Jun 23 2001 (in 7 hours and 16 minutes) # % clogin -s cisco-reload.exp -Ereload_arg='at cancel' router # router # % Ambiguous command: "reload at cancel" # # % clogin -s cisco-reload.exp -Ereload_arg='cancel' router # router # SHUTDOWN ABORTED # # # keep in mind that it is important to NOT polute the global variable space. # particularly, do not use variables used within clogin. this may result in # indeterministic results. an easy way to avoid this is to use a variable # name prefix (like 'E' or '_'). # # useful variables from clogin global space: # router router name as provided on the cmd-line # prompt cmd-line prompt as determined by clogin # # note: the tcl/expect parser is extremely stoopid. comment lines are NOT # completely ignored!! so, a '{' or '}' in a comment might produce # unexpected results. ## # exp_internal 1 # log_user 1 # take reload command from -Ereload_arg='at 05:00' if ([info exists Ereload_arg]) { #puts "reload_arg == $Ereload_arg" set reloadcmd "reload $Ereload_arg" } else { send_error "ERROR: -Ereload_arg= was not set on the command-line.\n" exit } #send_user "$router\n" send "\r" expect { timeout { send_error "Error: did not receive prompt\n" exit } -re "^.*$prompt" { send "$reloadcmd\r" expect * {} } } # look for response expect { -re "configuration has been modified.*no.:" { send "no\r"; exp_continue } -re "Reload scheduled .*\r" { set sched $expect_out(0,string) exp_continue } -re "SHUTDOWN ABORTED" { set sched $expect_out(0,string) } -re "Proceed with .*confirm\]" { send "\r" } -re "\n.*No reload " { set sched "no reload scheduled" send "\r" } -re "% Ambig\[^\n\r]*" { set sched $expect_out(0,string) } } send "\r" expect "$prompt" if ([info exists sched]) { send_user "\t$sched\n" } send "quit\r" expect { timeout { send_error "Error: timeout waiting for EOF after quit\n"} eof { exit 0 } } ## dennis#reload in ? ## Delay before reload (mmm or hhh:mm) ## ## dennis#reload in 100:10 ## ## System configuration has been modified. Save? [yes/no]: no ## Reload scheduled in 100 hours and 9 minutes ## Proceed with reload? [confirm] ## dennis#reload ca ## dennis#reload cancel ## dennis# ## ## ## *** ## *** --- SHUTDOWN ABORTED --- ## *** ## ## dennis#wr ## Building configuration... ## [OK] ## dennis#reload in 100:10 ## Reload scheduled in 100 hours and 10 minutes ## Proceed with reload? [confirm] ## dennis#rel ## dennis#reload can ## dennis#reload cancel ## dennis# ## ## ## *** ## *** --- SHUTDOWN ABORTED --- ## *** ## System configuration has been modified. Save? [yes/no]: no ## Reload scheduled for 11:51:48 PST Thu Dec 10 1998 (in 299 hours and 59 minutes) ## Proceed with reload? [confirm] ## ultra#reload can ## ultra# ## ## ## *** ## *** --- SHUTDOWN ABORTED --- ## *** ## ultra# reload at 8:10 10 dec ## ## System configuration has been modified. Save? [yes/no]: no ## Reload scheduled for 08:10:00 PST Thu Dec 10 1998 (in 296 hours and 17 minutes) ## Proceed with reload? [confirm] ## ultra# ## --i9LlY+UWpKt15+FH-- From owner-rancid-discuss@shrubbery.net Tue Jul 31 04:38:38 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V4ccN17609 for ; Tue, 31 Jul 2001 04:38:38 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V4cWF10295 for rancid-discuss-outgoing; Tue, 31 Jul 2001 04:38:32 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V4cTx10281 for rancid-discuss@shrubbery.net; Tue, 31 Jul 2001 04:38:29 GMT Received: from bnc.powerup.com.au (bnc.webcentral.com.au [202.139.236.123]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6V3omH09189 for ; Tue, 31 Jul 2001 03:50:48 GMT Received: by bnc.webcentral.com.au with Internet Mail Service (5.5.2653.19) id <3SNCD82V>; Tue, 31 Jul 2001 13:50:26 +1000 Message-ID: <415DD4BF903BD311A3D900A0C99F902209607129@bnc.webcentral.com.au> From: Andrew Fort To: "'jlewis@packetnexus.com'" , rancid-discuss@shrubbery.net Subject: RE: rancid in a push configuration? Date: Tue, 31 Jul 2001 13:50:22 +1000 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk >That is what I am looking for! > >I want to be able to change passwords quickly and easily. My current >process is to login to each one. Passwords get changed on a >regular basis >and the time spent making the change is time I could be doing >other stuff. OT: Is there a reason why using TACACS+ (or RADIUS) or unsuitable in your environment? back on topic: As mentioned by Andrew Partan, the contrib'd scripts in rancid distro (look for *.exp) provide the sort of stuff you're looking for. From owner-rancid-discuss@shrubbery.net Tue Jul 31 04:38:56 2001 Received: from guelah.shrubbery.net (guelah.shrubbery.net [198.58.5.1]) by ni.shrubbery.net (8.11.3/8.11.1) with ESMTP id f6V4cuN17615 for ; Tue, 31 Jul 2001 04:38:56 GMT Received: by guelah.shrubbery.net (8.11.4/8.11.1) id f6V4cr310407 for rancid-discuss-outgoing; Tue, 31 Jul 2001 04:38:53 GMT Received: from tower.partan.com (tower.partan.com [198.6.255.248]) by guelah.shrubbery.net (8.11.4/8.11.1) with ESMTP id f6V4cnH10395 for ; Tue, 31 Jul 2001 04:38:49 GMT Received: (from asp@localhost) by tower.partan.com (8.9.3/8.9.3) id AAA22364; Tue, 31 Jul 2001 00:38:43 -0400 (EDT) From: Andrew Partan Message-Id: <200107310438.AAA22364@tower.partan.com> Subject: Re: rancid in a push configuration? To: jlewis@packetnexus.com Date: Tue, 31 Jul 2001 00:38:43 -0400 (EDT) Cc: rancid-discuss@shrubbery.net In-Reply-To: <000001c11973$209406f0$4d78a8c0@spinalcord> from "Jason Lewis" at Jul 30, 1 11:44:39 pm X-Mailer: ELM [version 2.4 PL25] Content-Type: text Sender: owner-rancid-discuss@shrubbery.net Precedence: bulk > I want to be able to change passwords quickly and easily. My current > process is to login to each one. Passwords get changed on a regular basis > and the time spent making the change is time I could be doing other stuff. The process I recall happening at a former job was that someone would generate the new password commands on a local router, get the encrypted passwords from that router's config, put them into a config file, and then use an expect script like cisco-load to push that config to all of the routers. > Anyone have any expect scripts they would like to share? If folks do have scripts they would like to share, we can add them to the rancid distribution. --asp