From ishaqgbo at yahoo.co.uk Thu Jul 1 14:09:42 2010 From: ishaqgbo at yahoo.co.uk (ishaq gbola) Date: Thu, 1 Jul 2010 14:09:42 +0000 (GMT) Subject: [rancid] funny messages Message-ID: <529070.1700.qm@web27208.mail.ukl.yahoo.com> Hi Guys, Am new to this user group but I have Rancid running on my network, Rancid has been sending me some funny messages and I don't know what it means, can anyone help me decode this... Index: configs/bookshop-pe =================================================================== retrieving revision 1.99 diff -U4 -r1.99 bookshop-pe @@ -29,15 +29,15 @@ ? !Variable: BOOTLDR variable = ? !Variable: Configuration register is 0x2102 ? ! ? !Flash: nvram: Directory of nvram:/ - !Flash: nvram:? 1918? -rw-?????? 29558??????????????????? ? startup-config + !Flash: nvram:? 1918? -rw-?????? 30088??????????????????? ? startup-config ? !Flash: nvram:? 1919? ----????????? 24??????????? ????????? private-config - !Flash: nvram:? 1920? -rw-?????? 29558??????????????????? ? underlying-config + !Flash: nvram:? 1920? -rw-?????? 30088??????????????????? ? underlying-config ? !Flash: nvram:???? 1? ----?????????? 4??????????????????? ? rf_cold_starts ? !Flash: nvram:???? 2? ----????????? 48??????????????????? ? persistent-data - !Flash: nvram:???? 3? -rw-??????? 2585??????????????????? ? ifIndex-table - !Flash: nvram: 1964024 bytes total (1929270 bytes free) + !Flash: nvram:???? 3? -rw-??????? 2699??????????????????? ? ifIndex-table + !Flash: nvram: 1964024 bytes total (1928740 bytes free) ? ! ? !Flash: bootflash: Directory of bootflash:/ ? !Flash: bootflash: No files in directory ? !Flash: bootflash: 65536000 bytes total (65536000 bytes free) @@ -45,9 +45,11 @@ ? !Flash: disk1: Directory of disk1:/ ? !Flash: disk1: No files in directory ? !Flash: disk1: 511705088 bytes total (511705088 bytes free) ? ! - !Flash: sup-bootflash: % Authorization failed. + !Flash: sup-bootflash: Directory of sup-bootdisk:/ + !Flash: sup-bootflash:???? 1? -rw-??? 88563236? Feb 15 2007 00:37:34 +01:00? s72033-adventerprisek9_wan-mz.122-33.SRA2.bin + !Flash: sup-bootflash: 512040960 bytes total (389914624 bytes free) ? ! ? !Flash: sup-microcode: Directory of sup-microcode:/ ? !Flash: sup-microcode:???? 0? dr--?? ??????????????????? ? ? !Flash: sup-microcode:???? 1? -r--???? 4852526?????????????????? ?? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100701/0fd502ad/attachment.html From kraussml at hdpcrew.de Fri Jul 2 07:05:10 2010 From: kraussml at hdpcrew.de (=?ISO-8859-1?Q?Andreas_Krau=DF?=) Date: Fri, 02 Jul 2010 09:05:10 +0200 Subject: [rancid] Re: funny messages In-Reply-To: <529070.1700.qm@web27208.mail.ukl.yahoo.com> References: <529070.1700.qm@web27208.mail.ukl.yahoo.com> Message-ID: <4C2D8FA6.7020701@hdpcrew.de> > > Am new to this user group but I have Rancid running on my network, > Rancid has been sending me some funny messages and I don't know what > it means, can anyone help me decode this... > > Hi, this is an "diff" output - diff compares the old/new-Config http://en.wikipedia.org/wiki/Diff HDPnet GmbH Erwin-Rohde-Str. 18 69120 Heidelberg Geschaeftsfuehrer: Marc Hermann Registergericht: Mannheim HRB 337012 Sitz: Heidelberg Umsatzsteuer ID Nr.: DE 211 257 470 www.hdpnet.de Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100702/33c1512c/attachment.html From collabrotech at gmail.com Sat Jul 3 05:45:21 2010 From: collabrotech at gmail.com (A J) Date: Fri, 2 Jul 2010 22:45:21 -0700 (PDT) Subject: [rancid] Step by step Message-ID: <7448d416-3c81-4f29-b9fc-73c5d50cb17c@m17g2000prl.googlegroups.com> Is there a good step by step guide to setting this up with cvs-web? Thanks, A J From collabrotech at gmail.com Sat Jul 3 20:28:11 2010 From: collabrotech at gmail.com (A J) Date: Sat, 3 Jul 2010 13:28:11 -0700 (PDT) Subject: [rancid] Rancid and cisco nexus gear Message-ID: <4265a3b7-933d-4db2-b5e3-7c4b06fd8b49@z15g2000prn.googlegroups.com> does rancid work with Nexus switches? Any special configuring I need to do? Does rancid work with tacacs? From willie at qis.net Mon Jul 5 15:31:14 2010 From: willie at qis.net (Willie Bollinger) Date: Mon, 05 Jul 2010 11:31:14 -0400 Subject: [rancid] Re: Dell Switch Errors In-Reply-To: <20100630203558.GB3197@pegasus.billn.net> References: <20100623045200.GB25126@shrubbery.net> <4C2193A8.8030601@qis.net> <20100623155107.GA17369@shrubbery.net> <4C222FF2.3060504@qis.net> <20100623160915.GA12324@shrubbery.net> <4C2233A6.2060305@qis.net> <20100623162003.GB12324@shrubbery.net> <4C22364D.7050901@qis.net> <20100630200816.GA3197@pegasus.billn.net> <20100630201751.GA7365@shrubbery.net> <20100630203558.GB3197@pegasus.billn.net> Message-ID: <4C31FAC2.9090209@qis.net> I removed the $ from the below regex and this is what I am getting now. Its still not writing out the config rancid at staff$ drancid -dl 10.10.111.2 executing dlogin -t 90 -c"show version;show vlan;show running-config" 10.10.111.2 executing dlogin -t 90 -c"show version;show vlan;show running-config" 10.10.111.2 opened network stream from 10.10.111.2 if (1) at /home2/rancid/bin/drancid line 272. PROMPT MATCH: dsw1-cc# HIT COMMAND:dsw1-cc# show version In ShowVersion: dsw1-cc# show version SW version 2.0.0.35 ( date 27-Jan-2009 time 18:13:34 ) ShowVersion: Boot version 2.0.0.0 ( date 12-Nov-2008 time 12:56:52 ) ShowVersion: HW version 00.00.02 ShowVersion: dsw1-cc# show vlan FOUND PROMPT: dsw1-cc# HIT COMMAND:dsw1-cc# show vlan In ShowVLAN: dsw1-cc# show vlan ShowVLAN: ShowVLAN: Vlan Name Ports Type Authorization ShowVLAN: ---- ----------------- --------------------------- ------------ ------------- ShowVLAN: 1 1 g(1-12,14-47),ch(1-8) other Required ShowVLAN: 200 management g(13,48) permanent Required ShowVLAN: ShowVLAN: dsw1-cc# show running-config HIT COMMAND:dsw1-cc# show running-config In WriteTerm: dsw1-cc# show running-config interface ethernet g1 WriteTerm: description "CIRRUS PORT 3-A" WriteTerm: exit WriteTerm: interface ethernet g2 WriteTerm: description "CIRRUS PORT 4-A" WriteTerm: exit WriteTerm: interface ethernet g5 WriteTerm: description "DIAMOND4 PORT 8-A" WriteTerm: exit WriteTerm: interface ethernet g6 WriteTerm: description "DIAMOND4 PORT 9-A" WriteTerm: exit WriteTerm: interface ethernet g7 WriteTerm: description "DIAMOND5 PORT 8-A" WriteTerm: exit WriteTerm: interface ethernet g8 WriteTerm: description "DIAMOND5 PORT 9-A" WriteTerm: exit WriteTerm: interface ethernet g13 WriteTerm: description "MANAGEMENT INTERFACE TO DIAMOND4" WriteTerm: exit WriteTerm: interface ethernet g47 description "INTERCONNECT TO DSW2-CC" : WriteTerm: exit WriteTerm: interface ethernet g48 WriteTerm: description "INTERCONNECT TO CSW1-CC" WriteTerm: exit WriteTerm: port jumbo-frame WriteTerm: interface range ethernet g(47-48) WriteTerm: switchport mode trunk WriteTerm: exit WriteTerm: vlan database WriteTerm: vlan 200 WriteTerm: exit WriteTerm: interface ethernet g13 WriteTerm: switchport access vlan 200 WriteTerm: exit WriteTerm: interface ethernet g48 WriteTerm: switchport trunk native vlan 200 WriteTerm: exit WriteTerm: interface vlan 200 WriteTerm: name management WriteTerm: exit WriteTerm: voice vlan oui-table add 0001e3 Siemens_AG_phone________ voice vlan oui-table add 00036b Cisco_phone_____________ WriteTerm: voice vlan oui-table add 00096e Avaya___________________ WriteTerm: voice vlan oui-table add 000fe2 H3C_Aolynk______________ WriteTerm: voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone WriteTerm: voice vlan oui-table add 00d01e Pingtel_phone___________ WriteTerm: voice vlan oui-table add 00e075 Polycom/Veritel_phone___ WriteTerm: voice vlan oui-table add 00e0bb 3Com_phone______________ WriteTerm: iscsi target port 860 address 0.0.0.0 WriteTerm: iscsi target port 3260 address 0.0.0.0 WriteTerm: interface vlan 200 WriteTerm: ip address 10.10.111.2 255.255.255.0 WriteTerm: exit WriteTerm: ip default-gateway 10.10.111.1 WriteTerm: hostname dsw1-cc WriteTerm: ip ssh server WriteTerm: snmp-server community Dell_Network_Manager rw view DefaultSuper WriteTerm: clock timezone -4 WriteTerm: clock summer-time recurring usa sntp client enable vlan 200 : WriteTerm: clock source sntp WriteTerm: sntp server 209.150.96.19 poll WriteTerm: WriteTerm: WriteTerm: WriteTerm: WriteTerm: WriteTerm: WriteTerm: Default settings: WriteTerm: Service tag: 9QJQFH1 WriteTerm: WriteTerm: SW version 2.0.0.35 (date 27-Jan-2009 time 18:13:34) WriteTerm: WriteTerm: Gigabit Ethernet Ports WriteTerm: ============================= WriteTerm: no shutdown WriteTerm: speed 1000 WriteTerm: duplex full WriteTerm: negotiation WriteTerm: flow-control off WriteTerm: mdix auto no back-pressure : WriteTerm: WriteTerm: interface vlan 1 WriteTerm: interface port-channel 1 - 8 WriteTerm: WriteTerm: spanning-tree WriteTerm: spanning-tree mode STP WriteTerm: WriteTerm: qos basic WriteTerm: qos trust cos WriteTerm: dsw1-cc#exitConnection to 10.10.111.2 closed by foreign host. left WriteTerm on: dsw1-cc#exitConnection to 10.10.111.2 closed by foreign host. Done : rancid at staff$ Jeremy Singletary wrote: > On 06/30/10, john heasley said: >> Wed, Jun 30, 2010 at 01:08:16PM -0700, Jeremy Singletary: >>> On 06/23/10, Willie Bollinger said: >>>> WriteTerm: qos basic >>>> WriteTerm: qos trust cos >>>> WriteTerm: dsw1-cc#exitConnection to 10.10.111.2 closed by foreign host. >>> The line above leads me to believe that the regex is failing because the >>> regex expects the last character on the line to be the t in exit. >>> >>> drancid: >>> if (/$prompt\s?exit$/) { warn "left WriteTerm on: $_"; $clean_run=1;last; } >>> >>> also in drancid: >>> if (/[>#]\s?exit$/) { >>> $clean_run=1; >>> last; >>> } >>> >>> Try removing the $ after the word exit in one or both of those regex conditions. >> you should try it like the extreme script (xrancid) to be safer. > > Thanks, I'll copy that regex from xrancid. > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss -- -------------------------------------------------------------------------- Willie Bollinger | Quantum Internet and Telecommunications 410-239-6920 | 2975B Manchester Rd., Manchester, MD 21102 -------------------------------------------------------------------------- From Moens at carrier2carrier.com Mon Jul 5 16:09:20 2010 From: Moens at carrier2carrier.com (Martin Moens) Date: Mon, 5 Jul 2010 18:09:20 +0200 Subject: [rancid] Cisco L2tp class with password and rancid Message-ID: <42F0C766A9A8DB47B5E86CA64738DC8B02150EC4@bilbo.bdhz.c2c.local> Hi lists, I have an issue when I configure a l2tp-class with a password in it, every time I do a "sho run" the level 7 encrypted password is shown differently. When using Rancid for config backups, every time Rancid runs I receive a complaint my config has "changed". According to Cisco's TAC this is expected behavior.... Apart from the option to not-encrypt passwords any ideas how to solve this? Martin From rhys.evans at Redblade.co.uk Sat Jul 3 10:46:49 2010 From: rhys.evans at Redblade.co.uk (Rhys Evans) Date: Sat, 3 Jul 2010 11:46:49 +0100 Subject: [rancid] Re: Step by step In-Reply-To: <7448d416-3c81-4f29-b9fc-73c5d50cb17c@m17g2000prl.googlegroups.com> References: <7448d416-3c81-4f29-b9fc-73c5d50cb17c@m17g2000prl.googlegroups.com> Message-ID: Hi Here is a document I have created to get this up and running, it doesn't cover the OS setup, security or anything other than getting rancid and CVS up and running. This is also what worked for me (a few times now) but it may not work for you Obviously standard terms apply, use at you own risk, I'm not responsible for any issues arising from following this doc etc etc Thanks Rhys Evans Technical Consultant | Redblade Ltd | Tel: +44 (0)845 094 2389 | Fax: +44 (0)20 7735 1555 | Southbank House, Vauxhall | www.redblade.co.uk | -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of A J Sent: 03 July 2010 06:45 To: rancid-discuss at shrubbery.net Subject: [rancid] Step by step Is there a good step by step guide to setting this up with cvs-web? Thanks, A J _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss Redblade Ltd is a Company Limited by Guarantee, registered in England, no: 5821834 Registered Office: Southbank House, Black Prince Road, Vauxhall, London, SE1 7SJ This email and its content are subject to the disclaimer as displayed at the following link http://www.redblade.co.uk/disclaimer.htm -------------- next part -------------- A non-text attachment was scrubbed... Name: Rancid Server build and operation overview 0.3.pdf Type: application/pdf Size: 115680 bytes Desc: Rancid Server build and operation overview 0.3.pdf Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100703/fe272c10/attachment.pdf From arla at rn.dk Mon Jul 5 18:46:12 2010 From: arla at rn.dk (Arne Larsen / Region Nordjylland) Date: Mon, 5 Jul 2010 20:46:12 +0200 Subject: [rancid] Re: Rancid and cisco nexus gear In-Reply-To: <4265a3b7-933d-4db2-b5e3-7c4b06fd8b49@z15g2000prn.googlegroups.com> References: <4265a3b7-933d-4db2-b5e3-7c4b06fd8b49@z15g2000prn.googlegroups.com> Message-ID: <8D68760F464FFD40A01BF2FB374E4A280215717CEEF2@SRVEXC02.aas.its.nja.dk> Tacacs+ works fine on Nexus, and rancid works also. You need a priv. level for you tacacs+ user and more do not use numbers as the first character in the user name. It's unix. /Arne -----Oprindelig meddelelse----- Fra: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] P? vegne af A J Sendt: 3. juli 2010 22:28 Til: rancid-discuss at shrubbery.net Cc: aducey at water.ca.gov Emne: [rancid] Rancid and cisco nexus gear does rancid work with Nexus switches? Any special configuring I need to do? Does rancid work with tacacs? _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From ronnij at gmail.com Tue Jul 6 08:56:02 2010 From: ronnij at gmail.com (Ronni Jensen) Date: Tue, 6 Jul 2010 10:56:02 +0200 Subject: [rancid] Same email again and again every hour Message-ID: Hello, I hope someone can help sove this issue; I use rancid to backup configs og Cisco switches, firewalls, access points and in general this all works perfect. However, for one particular switch, a Cisco WS-C2960-8TC-L, I get the same mail with subject "switches router config diffs" every hour regarding this switch. The mails have the same contents and the same size, so why does it send? I deleted the switch from router.db, waited until it was moved to attic and then created it again - result is the same. Any idea how I can make it act normally? Best regards, Ronni -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100706/0ca7254e/attachment.html From rwest at zyedge.com Tue Jul 6 13:46:53 2010 From: rwest at zyedge.com (Ryan West) Date: Tue, 6 Jul 2010 13:46:53 +0000 Subject: [rancid] Re: Same email again and again every hour In-Reply-To: References: Message-ID: <5DC4853C6CC3EE4788779E0726E034DD305D98@zy-ex1.zyedge.local> From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Ronni Jensen Hello, I hope someone can help sove this issue; I use rancid to backup configs og Cisco switches, firewalls, access points and in general this all works perfect. However, for one particular switch, a Cisco WS-C2960-8TC-L, I get the same mail with subject "switches router config diffs" every hour regarding this switch. The mails have the same contents and the same size, so why does it send? I deleted the switch from router.db, waited until it was moved to attic and then created it again - result is the same. Any idea how I can make it act normally? What version of code are you running on the switch and where are the diffs coming from? Are the VLANs being formatted differently? Do you have dot1x configured on the switch? -ryan -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100706/d9243eba/attachment.html From stormjumper at gmail.com Wed Jul 7 03:08:05 2010 From: stormjumper at gmail.com (storm jumper) Date: Wed, 7 Jul 2010 11:08:05 +0800 Subject: [rancid] Re: Same email again and again every hour In-Reply-To: References: Message-ID: Ronni, Can you make a small inconsequential change (such as interface description), and it affects the RANCID generated email? If the new email includes the interface description change PLUS all the other previous changes, it's possible that your file permissions have changed, and that (the userid running) RANCID isn't able to modify the config for the device in question. regards, Hock Jim 2010/7/6 Ronni Jensen > Hello, > > I hope someone can help sove this issue; > > I use rancid to backup configs og Cisco switches, firewalls, access points > and in general this all works perfect. > > However, for one particular switch, a Cisco WS-C2960-8TC-L, I get the same > mail with subject "switches router config diffs" every hour regarding this > switch. The mails have the same contents and the same size, so why does it > send? I deleted the switch from router.db, waited until it was moved to > attic and then created it again - result is the same. > > Any idea how I can make it act normally? > > Best regards, > Ronni > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100707/4de6bf2c/attachment.html From ronnij at gmail.com Wed Jul 7 07:46:33 2010 From: ronnij at gmail.com (Ronni Jensen) Date: Wed, 7 Jul 2010 09:46:33 +0200 Subject: [rancid] Re: Same email again and again every hour In-Reply-To: References:

Message-ID: Hi, Thank you for the replies.. I'll try to answer the questions; - I am using this version: rancid-2.3.2-3.fc12.i686 I tried changing the description (on Fa0/8) and as you can see from this config snippet, it includes both the new line but also the whole config + old configs :-/ ------------------------------------ *+ interface FastEthernet0/6 + description CrossOver cable between MPLS-SW01 and MPLS-SW02 + switchport access vlan 350 + switchport mode access + ! + interface FastEthernet0/7 + description CrossOver cable between MPLS-SW01 and MPLS-SW02 + switchport access vlan 150 + switchport mode access + ! + interface FastEthernet0/8 + description C2940 Management Interface + switchport access vlan 150 + switchport mode access* ------------------------------------ I get this in the logs for switches though: ------------------------------------ Trying to get all of the configs. All routers sucessfully completed. cvs diff: Diffing . cvs diff: Diffing configs cvs commit: Examining . cvs commit: Examining configs cvs commit: Up-to-date check failed for `configs/sw11' cvs commit: Up-to-date check failed for `configs/sw03' cvs commit: Up-to-date check failed for `configs/sw06' cvs [commit aborted]: correct above errors first! ending: Wed Jul 7 09:15:38 CEST 2010 ------------------------------------ ..and it's sw03, 06 and 11 in all logs. Permissions looks ok, and the config files get updated: -rw-r----- 1 rancid rancid 14561 2010-07-07 09:15 sw03 -rw-r----- 1 rancid rancid 8798 2010-07-07 09:15 sw04 -rw-r----- 1 rancid rancid 8416 2010-07-07 09:15 sw05 -rw-r----- 1 rancid rancid 8485 2010-07-07 09:15 sw06 -rw-r----- 1 rancid rancid 48477 2010-07-07 09:15 sw11 Please let me know if you need more info? Best regards, Ronni On Wed, Jul 7, 2010 at 5:08 AM, storm jumper wrote: > Ronni, > > Can you make a small inconsequential change (such as interface > description), and it affects the RANCID generated email? > > If the new email includes the interface description change PLUS all the > other previous changes, it's possible that your file permissions have > changed, and that (the userid running) RANCID isn't able to modify the > config for the device in question. > > regards, > Hock Jim > > 2010/7/6 Ronni Jensen > >> Hello, >> >> I hope someone can help sove this issue; >> >> I use rancid to backup configs og Cisco switches, firewalls, access points >> and in general this all works perfect. >> >> However, for one particular switch, a Cisco WS-C2960-8TC-L, I get the same >> mail with subject "switches router config diffs" every hour regarding this >> switch. The mails have the same contents and the same size, so why does it >> send? I deleted the switch from router.db, waited until it was moved to >> attic and then created it again - result is the same. >> >> Any idea how I can make it act normally? >> >> Best regards, >> Ronni >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100707/abd6ec2f/attachment.html From istong at costar.com Fri Jul 9 12:03:43 2010 From: istong at costar.com (Ian Stong) Date: Fri, 9 Jul 2010 08:03:43 -0400 Subject: [rancid] Re: Rancid and cisco nexus gear In-Reply-To: <4265a3b7-933d-4db2-b5e3-7c4b06fd8b49@z15g2000prn.googlegroups.com> References: <4265a3b7-933d-4db2-b5e3-7c4b06fd8b49@z15g2000prn.googlegroups.com> Message-ID: Not sure if you received a response yet. If not then.... rancid works with the 7K's and 5K's. I had to use a special rancid file provided by this list. If you don't find it in the archives let me know and I can unicast it to you. Thanks, Ian Stong -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of A J Sent: Saturday, July 03, 2010 4:28 PM To: rancid-discuss at shrubbery.net Cc: aducey at water.ca.gov Subject: [rancid] Rancid and cisco nexus gear does rancid work with Nexus switches? Any special configuring I need to do? Does rancid work with tacacs? _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From tsr2600 at gmail.com Sun Jul 11 20:34:55 2010 From: tsr2600 at gmail.com (Gordon Stratton) Date: Sun, 11 Jul 2010 13:34:55 -0700 Subject: [rancid] HP switch garbled output results in Expect timeout Message-ID: <20100711203455.GG4516@3oh1.uhds.oregonstate.edu> Running stock RANCID version 2.3.3 on Debian Squeeze (not the Debian package, this is installed from source): expect 5.44.1.15-1 tcl8.5 8.5.8-2 It seems that some component is garbling output and causing Expect to time out on all of my HP switches. Here is some sample output: --- 8< --- # HOME=/root ./hlogin -c 'show version' spawn hpuifilter -- telnet Trying 10.194.182.114... Connected to . Escape character is '^]'. ProC1HProCurve J4899B Switch 2650 Software revision H.10.74 Copyright (C) 1991-2008 Hewlett-Packard Co. All Rights Reserved. RESTRICTED RIGHTS LEGEND Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subdivision (b) (3) (ii) of the Rights in Technical Data and Computer Software clause at 52.227-7013. HEWLETT-PACKARD COMPANY, 3000 Hanover St., Palo Alto, CA 94303 We'd like to keep you up to date about: * Software feature updates * New product announcements * Special events Please register your products now at: www.ProCurve.com Pr key to key to ctntieue --- >8 --- I noticed that the line: ProC1HProCurve J4899B Switch 2650 has Pro repeated with an extraneous "C1H", and the last line (which is the culprit, I think): Pr key to key to ctntieue should obviously be "Press any key to continue", which causes Expect to hang. Does anyone have any ideas about what could be causing this? I run RANCID on a daily basis, and the next run after I upgraded some packages, I noticed RANCID runs started timing out: 2010-06-14 08:24:44 upgrade libc6-dev 2.10.2-9 2.11.1-3 2010-06-14 08:24:45 upgrade libc-dev-bin 2.10.2-9 2.11.1-3 2010-06-14 08:24:45 upgrade locales 2.10.2-9 2.11.1-3 2010-06-14 08:24:46 upgrade libc-bin 2.10.2-9 2.11.1-3 2010-06-14 08:24:49 upgrade libc6 2.10.2-9 2.11.1-3 2010-06-14 08:25:30 upgrade udev 154-1 157-1 2010-06-14 08:25:31 upgrade binutils 2.20.1-9 2.20.1-10 2010-06-14 08:25:32 upgrade libgeoip1 1.4.7~beta3+dfsg-2 1.4.7~beta5+dfsg-1 I don't know if any of these could have caused the problems, but the coincidence is enough to make me think there might be something to it. Thanks for any ideas, Gordon From nicolau.dosreis at gmail.com Mon Jul 12 02:29:14 2010 From: nicolau.dosreis at gmail.com (Nicolau dos reis) Date: Mon, 12 Jul 2010 11:29:14 +0900 Subject: [rancid] hello.! Message-ID: I want to ask about how to install rancid on linux centos 5.4 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100712/f6311e93/attachment.html From arne.svennevik at met.no Mon Jul 12 13:25:51 2010 From: arne.svennevik at met.no (Arne Svennevik) Date: Mon, 12 Jul 2010 13:25:51 +0000 (UTC) Subject: [rancid] Re: provisioning a config with rancid In-Reply-To: <4d4125fc-7546-46e5-a0c5-d1375532c9b5@q12g2000yqj.googlegroups.com> Message-ID: <1086152946.5281.1278941151834.JavaMail.root@imap1b> ----- Original Message ----- > i noticed the [-x command-file] usage and was wondering if this is > perhaps the way to provision commands to the switches...like if I > wanted to change the password on a few different switches at once. You're right, you can use the -x switch to push config to several switches at once. We use it regularly to make sure a set of devices are configured the same way, like this: bin/clogin -x switch1 switch2 switch3 switch4 Just place the set of commands to execute in the text file and run clogin. It will log in to each device, run the set of commands and log off again. The list of commands can for example be: conf t enable secret exit wr mem If you only need to execute one command on each device, instead use the -c switch like this: bin/clogin -c "show version" switch1 switch2 switch3 switch4 Regards, Arne Svennevik From jmadrid2 at gmail.com Mon Jul 12 19:19:27 2010 From: jmadrid2 at gmail.com (Jose Madrid) Date: Mon, 12 Jul 2010 15:19:27 -0400 Subject: [rancid] Re: provisioning a config with rancid In-Reply-To: <1086152946.5281.1278941151834.JavaMail.root@imap1b> References: <4d4125fc-7546-46e5-a0c5-d1375532c9b5@q12g2000yqj.googlegroups.com> <1086152946.5281.1278941151834.JavaMail.root@imap1b> Message-ID: I have also run multiple commands with the -c switch. Something like bin/clogin -c "conf t; logging 10.0.0.1; exit; wri mem" router1 On Mon, Jul 12, 2010 at 9:25 AM, Arne Svennevik wrote: > ----- Original Message ----- >> i noticed the [-x command-file] usage and was wondering if this is >> perhaps the way to provision commands to the switches...like if I >> wanted to change the password on a few different switches at once. > > You're right, you can use the -x switch to push config to several switches at once. We use it regularly to make sure a set of devices are configured the same way, like this: > ?bin/clogin -x ?switch1 switch2 switch3 switch4 > > Just place the set of commands to execute in the text file and run clogin. It will log in to each device, run the set of commands and log off again. The list of commands can for example be: > ?conf t > ?enable secret > ?exit > ?wr mem > > > If you only need to execute one command on each device, instead use the -c switch like this: > ?bin/clogin -c "show version" ?switch1 switch2 switch3 switch4 > > > Regards, > Arne Svennevik > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > -- It has to start somewhere, it has to start sometime.? What better place than here? What better time than now? From nicolau.dosreis at gmail.com Tue Jul 13 03:24:28 2010 From: nicolau.dosreis at gmail.com (Nicolau dos reis) Date: Tue, 13 Jul 2010 12:24:28 +0900 Subject: [rancid] hello.! Message-ID: hello.......... i want to confirmation about rancid, how to install rancid on Linux CentOS 5.4. can you give the step by step to install rancid on Linux CentOS 5.4. thanks, best regards Nicolau From adudek16 at gmail.com Tue Jul 13 03:38:33 2010 From: adudek16 at gmail.com (Aaron Dudek) Date: Mon, 12 Jul 2010 23:38:33 -0400 Subject: [rancid] Re: hello.! In-Reply-To: References: Message-ID: Read the Readme file http://www.linux.com/archive/feature/55873 On Mon, Jul 12, 2010 at 23:24, Nicolau dos reis wrote: > hello.......... > i want to confirmation about rancid, how to install rancid on Linux CentOS 5.4. > can you give the step by step to install rancid on Linux CentOS 5.4. > > thanks, > best regards > > Nicolau > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From mylists at battleop.com Wed Jul 14 01:11:09 2010 From: mylists at battleop.com (Richey) Date: Tue, 13 Jul 2010 21:11:09 -0400 Subject: [rancid] Rancid / CVSWeb Problem Message-ID: <045501cb22f1$75ae96f0$610bc4d0$@com> When I add a new router to Rancid it will pick up the config from a router and place it in /home/rancid/var/rancid/Adtran/configs as expected. When I go to look at the config in CVS web it will show the router with version 1.1 and show the last log entry as new router. The only work around is to log into the router and make some small change to the config. Does anyone know how to get CVS to display the config even if there are no changes to version 1.1 of a config? Richey -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100713/3d25bac5/attachment.html From heas at shrubbery.net Wed Jul 14 05:09:46 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 14 Jul 2010 05:09:46 +0000 Subject: [rancid] Re: Rancid / CVSWeb Problem In-Reply-To: <045501cb22f1$75ae96f0$610bc4d0$@com> References: <045501cb22f1$75ae96f0$610bc4d0$@com> Message-ID: <20100714050946.GB17665@shrubbery.net> Tue, Jul 13, 2010 at 09:11:09PM -0400, Richey: > When I add a new router to Rancid it will pick up the config from a router > and place it in /home/rancid/var/rancid/Adtran/configs as expected. When I > go to look at the config in CVS web it will show the router with version 1.1 > and show the last log entry as new router. The only work around is to log > into the router and make some small change to the config. > > > > Does anyone know how to get CVS to display the config even if there are no > changes to version 1.1 of a config? choose 'download' (or whatever the link is) to get the full config, rather than the diffs. From jfribeiro at gmail.com Thu Jul 15 18:41:54 2010 From: jfribeiro at gmail.com (Jose Ribeiro) Date: Thu, 15 Jul 2010 18:41:54 +0000 (UTC) Subject: [rancid] Backup of a single device Message-ID: Hi there, How can I perform the backup of a single device? I have rancid configured with a couple of groups and around a dozen devices per group. What if I want to backup a single device from one of the groups? Or even a few devices from different groups. Thanks, Jose From cgauthier at mapscu.com Thu Jul 15 19:32:49 2010 From: cgauthier at mapscu.com (Chris Gauthier) Date: Thu, 15 Jul 2010 12:32:49 -0700 Subject: [rancid] Re: Backup of a single device In-Reply-To: References: Message-ID: I am not sure if this is what others would recommend, but I would make another group and just run rancid against that new group you made. Can't be too hard to do that, can it? Alternatively, you can just run a script to invoke clogin so it runs the specific commands you want. That was just discussed in the list a few days ago. Chris "For once you have tasted flight you will walk the earth with your eyes turned skywards, for there you have been and there you will long to return." -Leonardo da Vinci -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Jose Ribeiro Sent: Thursday, July 15, 2010 11:42 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Backup of a single device Hi there, How can I perform the backup of a single device? I have rancid configured with a couple of groups and around a dozen devices per group. What if I want to backup a single device from one of the groups? Or even a few devices from different groups. Thanks, Jose _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From heas at shrubbery.net Thu Jul 15 20:36:17 2010 From: heas at shrubbery.net (john heasley) Date: Thu, 15 Jul 2010 13:36:17 -0700 Subject: [rancid] Re: Backup of a single device In-Reply-To: References: Message-ID: <20100715203617.GC1370@shrubbery.net> Thu, Jul 15, 2010 at 12:32:49PM -0700, Chris Gauthier: > I am not sure if this is what others would recommend, but I would make another group and just run rancid against that new group you made. Can't be too hard to do that, can it? rancid-run -r > Alternatively, you can just run a script to invoke clogin so it runs the specific commands you want. That was just discussed in the list a few days ago. > > Chris > > "For once you have tasted flight you will walk the earth with your eyes turned skywards, for there you have been and there you will long to return." > -Leonardo da Vinci > > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Jose Ribeiro > Sent: Thursday, July 15, 2010 11:42 AM > To: rancid-discuss at shrubbery.net > Subject: [rancid] Backup of a single device > > Hi there, > > How can I perform the backup of a single device? > I have rancid configured with a couple of groups and around a dozen devices per group. What if I want to backup a single device from one of the groups? Or even a few devices from different groups. > > Thanks, > > Jose > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From ron.whitney at doitbest.com Thu Jul 15 22:57:16 2010 From: ron.whitney at doitbest.com (Ron Whitney) Date: Thu, 15 Jul 2010 18:57:16 -0400 Subject: [rancid] Re: Backup of a single device In-Reply-To: Message-ID: <1FD6BFAE6EA54341821D01FB8E617B6503EE79DB@EXCHANGE1.ntserv.doitbestcorp.com> Assuming I'm understanding the question correctly, you can have RANCID ignore any specific device by setting its status to "down" in the router.db file. Only devices tagged as "up" will be audited. Ron Whitney Network Administrator Do it Best Corp. | 6502 Nelson Road | Fort Wayne, IN 46803 260.748.5657 (direct) | 260.748.5623 (fax) > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of > Jose Ribeiro > Sent: Thursday, July 15, 2010 14:42 > To: rancid-discuss at shrubbery.net > Subject: [rancid] Backup of a single device > > > Hi there, > > How can I perform the backup of a single device? > I have rancid configured with a couple of groups and around > a dozen devices per group. What if I want to backup > a single device from one of the groups? Or even a few devices > from different groups. > > Thanks, > > Jose > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > From invite+pprpflff at facebookmail.com Fri Jul 16 04:46:19 2010 From: invite+pprpflff at facebookmail.com (Nicolau Reis) Date: Thu, 15 Jul 2010 21:46:19 -0700 Subject: [rancid] Check out my photos on Facebook Message-ID: Hi Rancid-discuss, I set up a Facebook profile where I can post my pictures, videos and events and I want to add you as a friend so you can see it. First, you need to join Facebook! Once you join, you can also create your own profile. Thanks, Nicolau To sign up for Facebook, follow the link below: http://www.facebook.com/p.php?i=100001206610149&k=Z6E3Y6U2SX6G5FMJPD65PRQVU3IB4ZVFQPEVG&r Already have an account? Add this email address to your account: http://www.facebook.com/n/?merge_accounts.php&e=rancid-discuss%40shrubbery.net&c=1f742ef051f7d4a8a05a79e2beb819b5 ======================================= rancid-discuss at shrubbery.net was invited to join Facebook by Nicolau Reis. If you do not wish to receive this type of email from Facebook in the future, please click on the link below to unsubscribe. http://www.facebook.com/o.php?k=e2197a&u=1602160569&mid=2a9e149G5f7f07b9G0G8 Facebook, Inc. P.O. Box 10005, Palo Alto, CA 94303 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100715/b43c271f/attachment.html From vmut at cable.net.co Mon Jul 19 13:37:26 2010 From: vmut at cable.net.co (vmut at cable.net.co) Date: Mon, 19 Jul 2010 15:37:26 +0200 Subject: [rancid] Newbie:Using cfg files instead real connection to equipment Message-ID: <618443f6ad7b.4c447136@cable.net.co> Newbie:Using cfg files instead real connection to equipment I want to use RANCID with Juniper (J and M series) and cisco routers (several models) but the administration wants to minimize the amount of people connected to the real equipment, so there are a daily cfg files are located in a share directory and the idea is using them instead a direct connection to the boxes, is it that possible? Base on the cvs philosophy I think the files could be used for populating the repository but I cannot be able to find out if RANCID allows that. What steps do I need to follow? Thank you in advance, vmut From heas at shrubbery.net Mon Jul 19 16:10:41 2010 From: heas at shrubbery.net (john heasley) Date: Mon, 19 Jul 2010 09:10:41 -0700 Subject: [rancid] Re: Newbie:Using cfg files instead real connection to equipment In-Reply-To: <618443f6ad7b.4c447136@cable.net.co> References: <618443f6ad7b.4c447136@cable.net.co> Message-ID: <20100719161041.GB5428@shrubbery.net> Mon, Jul 19, 2010 at 03:37:26PM +0200, vmut at cable.net.co: > Newbie:Using cfg files instead real connection to equipment > > I want to use RANCID with Juniper (J and M series) and cisco routers (several models) but the administration wants to minimize the amount of people connected to the real equipment, so there are a daily cfg files are located in a share directory and the idea is using them instead a direct connection to the boxes, is it that possible? > > Base on the cvs philosophy I think the files could be used for populating the repository but I cannot be able to find out if RANCID allows that. not really. why not reverse it; remove some folks' access and let them access the rancid repository via cvsweb instead. > What steps do I need to follow? > > Thank you in advance, > > vmut > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From jj33 at pobox.com Mon Jul 19 16:38:06 2010 From: jj33 at pobox.com (John Jetmore) Date: Mon, 19 Jul 2010 12:38:06 -0400 Subject: [rancid] Re: Newbie:Using cfg files instead real connection to equipment In-Reply-To: <618443f6ad7b.4c447136@cable.net.co> References: <618443f6ad7b.4c447136@cable.net.co> Message-ID: On Mon, Jul 19, 2010 at 9:37 AM, wrote: > Newbie:Using cfg files instead real connection to equipment > > I want to use RANCID with Juniper (J and M series) and cisco routers (several models) ?but ?the administration wants to minimize the amount of people connected to the real equipment, so there are a daily cfg files are located in a share directory and the idea is using them instead a direct connection to the boxes, ?is it that possible? > > Base on the cvs philosophy I think the files could be used for populating the repository but I cannot be able to find out if RANCID allows that. > > What steps do I need to follow? You need to be aware that rancid stores more than just the config. It stores vlan info, hardware inventory, and more. Your admin probably isn;t storing nearly as much info. That said, a while ago I wrote a plugin called "filerancid" that does more or less what you want. It's tuned to my environment but editable. I have defined a directory ~rancid/custom/ to hold stuff for this plugin. The logic then goes like this: For device = $device if there exists an executable named ~rancid/custom/bin/hosts/$device execute ~rancid/custom/bin/hosts/$device process ~rancid/custom/files/$device as the "new" device config after this rancid's normal cvs checkin and alert stuff takes over The idea is that you can store device configs in ~rancid/custom/files/$device via an external process or, by naming it in the bin/hosts dir the same as the device name, cause the plugin itself to execute a script to update the file. I used this as a "rapid adoption" method for several device types while working out how to get them to work more formally (for instance, dell power connect switches). The only thing I use it for now is some old Cisco 3005 VPN Concentrators that I don't care about enough to get a better system. I've attached a copy of filerancid if you're interested. There are two lines with the path /home/rancid/rancid in them. Both of these would need to be edited with the correct path to whereever you put your "custom" directory. In addition, you need to add the following to rancid-fe: 'file' => 'filerancid', Then in your router.db file the device type would be "file". Hope that helps some. --John -------------- next part -------------- A non-text attachment was scrubbed... Name: filerancid Type: application/octet-stream Size: 3889 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100719/f744a6bb/attachment.obj From rwest at zyedge.com Mon Jul 19 20:52:43 2010 From: rwest at zyedge.com (Ryan West) Date: Mon, 19 Jul 2010 20:52:43 +0000 Subject: [rancid] nxrancid 4.2(1)N1(1) on Nexus 5010 bombing on ShowEnv and ShowCores Message-ID: <5DC4853C6CC3EE4788779E0726E034DD32ABEF@zy-ex1.zyedge.local> John, Just upgraded to 2.3.4 and was having issues with nxrancid. Debugs on nxrancid showed the following: show environment clock In ShowEnv: cust-nx1# show environment clock cust-nx1: show environment clock failed: -1 write(spawn_id=1): broken pipe while executing "send_user -- "$expect_out(buffer)"" invoked from within "expect -nobrace -re+ { exp_continue } -re {^[^ *]*qpay-iad2-n([^#>\r\n]+)?[#>]($[^)\r\n]+$)?} { send_user -- "$expect_out(buffer)" } -re {..." invoked from within "expect { -re "\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprom..." (procedure "run_commands" line 39) invoked from within "run_commands $prompt $command" ("foreach" body line 159) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/local/rancid/bin/clogin" line 738) And .. show cores vdc-all In ShowCores: cust-nx1# show cores vdc-all cust-nx1: show cores vdc-all failed: -1 write(spawn_id=1): broken pipe while executing "send_user -- "$expect_out(buffer)"" invoked from within "expect -nobrace -re+ { exp_continue } -re {^[^ *]*qpay-iad2-n([^#>\r\n]+)?[#>]($[^)\r\n]+$)?} { send_user -- "$expect_out(buffer)" } -re {..." invoked from within "expect { -re "\b+" { exp_continue } -re "^\[^\n\r *]*$reprompt" { send_user -- "$expect_out(buffer)" } -re "^\[^\n\r]*$reprom..." (procedure "run_commands" line 39) invoked from within "run_commands $prompt $command" ("foreach" body line 159) invoked from within "foreach router [lrange $argv $i end] { set router [string tolower $router] # attempt at platform switching. set platform "" send_user ..." (file "/usr/local/rancid/bin/clogin" line 738) Commented out new additions to file at line 305 and 606: return(-1) if (/\% Invalid command at /); Thanks, -ryan -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100719/f7b5d378/attachment.html From heas at shrubbery.net Mon Jul 19 21:59:21 2010 From: heas at shrubbery.net (john heasley) Date: Mon, 19 Jul 2010 14:59:21 -0700 Subject: [rancid] Re: nxrancid 4.2(1)N1(1) on Nexus 5010 bombing on ShowEnv and ShowCores In-Reply-To: <5DC4853C6CC3EE4788779E0726E034DD32ABEF@zy-ex1.zyedge.local> References: <5DC4853C6CC3EE4788779E0726E034DD32ABEF@zy-ex1.zyedge.local> Message-ID: <20100719215921.GP229@shrubbery.net> Mon, Jul 19, 2010 at 08:52:43PM +0000, Ryan West: > John, > > Just upgraded to 2.3.4 and was having issues with nxrancid. Debugs on nxrancid showed the following: > ... > > Commented out new additions to file at line 305 and 606: > return(-1) if (/\% Invalid command at /); Got it, thanks! it should work by changing this to return(1). From rancid at gheek.net Mon Jul 19 22:17:02 2010 From: rancid at gheek.net (Lance Vermilion) Date: Mon, 19 Jul 2010 15:17:02 -0700 Subject: [rancid] RANCID :: RPM Message-ID: Has anyone tried this Spec file? Better yet has anyone got a spec file for 2.3.4? http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080227/39e1e42f/attachment.ksh -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100719/bc9d9af2/attachment.html From rancid at gheek.net Tue Jul 20 00:56:09 2010 From: rancid at gheek.net (Lance Vermilion) Date: Mon, 19 Jul 2010 17:56:09 -0700 Subject: [rancid] Re: RANCID :: RPM In-Reply-To: References: Message-ID: John, Any chance the already included SPEC file can be updated with what I have here so it will work with RANCID-2.3.4 right away? It might also be of help to others to have the rpmbuild instructions...especially if they want an RPM but aren't really familiar with building an RPM. All, After slightly modifying the spec file to match the current version "2.3.4" everything seems to work without an issue. It does an install (at least on CentOS 5.2) to /usr/bin/clogin...etc created a rancid user directory of /var/rancid and copies the .cloginrc there just fine. For those that don't know how to create and rpm from a spec file. Here are some short bits of info. Follow the link below to setup your CentOS. http://wiki.centos.org/HowTos/SetupRpmBuildEnvironment # # Short Instructions: # Assumptions: It is assumed you have Expect 5.40 or greater installed, your Time/Date are current, and you are not logged in as root. Install rpm-build if it isn't already: sudo?yum install rpm-build Install redhat-rpm-config if it isn't already:?sudo yum install redhat-rpm-config Create a build environment for your user (DO NOT USE ROOT):?mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS} Create your RPM macros (it is assumed you have do not have a .rpmmacros file): echo '%_topdir %(echo $HOME)/rpmbuild' > ~/.rpmmacros Install Make if it isn't already: sudo yum install make Install gcc if it isn't already: sudo yum install gcc Download RANCID 2.3.4: wget ftp://ftp.shrubbery.net/pub/rancid/rancid-2.3.4.tar.gz Copy the RANCID tar.gz where rpmbuild will look for it: cp rancid-2.3.4.tar.gz ~/rpmbuild/SOURCES/ Create the RPM spec file (see below for file contents): vi ~/rpmbuild/SPEC/rancid-2.3.4.spec Change to the SPEC directory: cd ~/rpmbuild/SPEC/ Create the RPM/SRPMs: rpmbuild -ba rancid.2.3.4.spec Copy/paste what I have below to the "~/rpmbuild/SPEC/rancid-2.3.4.spec". Exclude ### Start and ###Stop when you copy/paste. ### Start Name: rancid Version: 2.3.4 Release: 1%{?dist} Summary: Really Awesome New Cisco confIg Differ Group: Applications/System License: non-free URL: http://www.shrubbery.net/rancid/ Source: rancid-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-root Requires: cvs expect >= 5.40 %package lg Summary: RANCID Looking Glass CGI scripts Group: Applications/System %description Rancid is a "Really Awesome New Cisco confIg Differ" developed to maintain CVS controlled copies of router configs. Rancid is not limited to Cisco devices. It currently supports Cisco routers, Juniper routers, Catalyst switches, Foundry switches, Redback NASs, ADC EZT3 muxes, MRTd (and thus likely IRRd), Alteon switches, and HP procurve switches and a host of others. %description lg RANCID also includes looking glass software. It is based on Ed Kern's looking glass which was once used for http://nitrous.digex.net/, for the old-school folks who remember it. Our version has added functions, supports cisco, juniper, and foundry and uses the login scripts that come with rancid; so it can use telnet or ssh to connect to your devices(s). %prep %setup -q %build %configure --localstatedir=%{_localstatedir}/rancid make %install rm -rf $RPM_BUILD_ROOT make install DESTDIR=$RPM_BUILD_ROOT # Get rid of unwanted /usr/share/rancid install rm -rf $RPM_BUILD_ROOT/%{_datadir}/rancid # Move lg CGI scripts to CGI directory mkdir -p $RPM_BUILD_ROOT/var/www/cgi-bin mv $RPM_BUILD_ROOT/%{_bindir}/*.cgi $RPM_BUILD_ROOT/var/www/cgi-bin # Workaround for the stupid rpmbuild to NOT search for dependencies in the # documentation. We need to do it here as %doc ignores %attr. find share -type f -print | xargs chmod a-x # Install the sample .cloginrc file cp cloginrc.sample $RPM_BUILD_ROOT/%{_localstatedir}/rancid/.cloginrc %pre if [ $1 -eq 1 ]; then egrep -q '^rancid:' /etc/passwd || useradd -M -r -d %{_localstatedir}/rancid -c "RANCID User" rancid fi %postun if [ $1 -eq 0 ]; then # It's a matter of taste if we should remove the user on uninstall or not userdel rancid fi %clean rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root,-) %doc BUGS CHANGES COPYING FAQ README UPGRADING Todo %doc share/cisco-load.exp share/cisco-reload.exp %doc share/downreport share/getipacctg share/rtrfilter %config(noreplace) /etc/rancid.conf %{_bindir}/* %{_mandir}/man1/[a-k]* %{_mandir}/man1/[m-z]* %{_mandir}/man5/[a-k]* %{_mandir}/man5/[m-z]* %dir %attr(770,rancid,rancid) %{_localstatedir}/rancid %config(noreplace) %attr(640,rancid,rancid) %{_localstatedir}/rancid/.cloginrc %files lg %config(noreplace) /etc/lg.conf %{_mandir}/man1/lg_intro* %{_mandir}/man5/lg.conf* /var/www/cgi-bin/* %doc README.lg %changelog * Mon Jul 19 2010 Lance Vermilion 2.3.4 - Modified Version to be 2.3.4 and Release to be 1%{?dist} instead of 2%{?dist} * Fri Feb 15 2008 Steve Snodgrass 2.3.2a8-1 - Install .cloginrc as a configuration file - Don't try to create the rancid user if it already exists * Wed Feb 13 2008 Steve Snodgrass 2.3.2a8-1 - Create subpackage for looking glass CGI scripts - Include configuration files in RPM - Many other tweaks * Wed Nov 16 2005 Michael Stefaniuc 2.3.1-3 - Use /var/rancid as localstatedir - Create the rancid user on install and remove it on uninstall - Use %doc correctly * Wed Nov 02 2005 Michael Stefaniuc 2.3.1-2 - Original spec file by Dan Pfleger. - Add a changelog. - Make the formating of the spec file adhere to the Fedora Extras Packaging guidelines. - New %description based on the README and the website. - Add cvs Requires. - Changed Group - Use macros in the files section. Simplify it. - Do not install the looking glass cgi's. Those make rpm pull in more perl module dependencies. ### Stop On Mon, Jul 19, 2010 at 3:17 PM, Lance Vermilion wrote: > > Has anyone tried this Spec file? > Better yet has anyone got a spec file for 2.3.4? > http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080227/39e1e42f/attachment.ksh From rancid at gheek.net Tue Jul 20 01:07:51 2010 From: rancid at gheek.net (Lance Vermilion) Date: Mon, 19 Jul 2010 18:07:51 -0700 Subject: [rancid] Re: RANCID :: RPM In-Reply-To: References: Message-ID: Minor instructions missed. Added the following inline. RANCID RPM is located here: ~rpmbuild/RPMS/rancid-2.3.4-1.i386.rpm RANCID LookingGlass RPM is located here: ~rpmbuild/RPMS/rancid-lg-2.3.4-1.i386.rpm RANCID SRPM is located here: ~rpmbuild/SRPMS/rancid-2.3.4-1.src.rpm On Mon, Jul 19, 2010 at 5:56 PM, Lance Vermilion wrote: > John, > > Any chance the already included SPEC file can be updated with what I > have here so it will work with RANCID-2.3.4 right away? It might also > be of help to others to have the rpmbuild instructions...especially if > they want an RPM but aren't really familiar with building an RPM. > > All, > > After slightly modifying the spec file to match the current version > "2.3.4" everything seems to work without an issue. It does an install > (at least on CentOS 5.2) to /usr/bin/clogin...etc created a rancid > user directory of /var/rancid and copies the .cloginrc there just > fine. > > For those that don't know how to create and rpm from a spec file. Here > are some short bits of info. > Follow the link below to setup your CentOS. > http://wiki.centos.org/HowTos/SetupRpmBuildEnvironment > > # > # Short Instructions: > # > Assumptions: It is assumed you have Expect 5.40 or greater installed, > your Time/Date are current, and you are not logged in as root. > > Install rpm-build if it isn't already: sudo?yum install rpm-build > Install redhat-rpm-config if it isn't already:?sudo yum install > redhat-rpm-config > Create a build environment for your user (DO NOT USE ROOT):?mkdir -p > ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS} Create your RPM macros > (it is assumed you have do not have a .rpmmacros file): echo '%_topdir > %(echo $HOME)/rpmbuild' > ~/.rpmmacros > Install Make if it isn't already: sudo yum install make > Install gcc if it isn't already: sudo yum install gcc > Download RANCID 2.3.4: wget > ftp://ftp.shrubbery.net/pub/rancid/rancid-2.3.4.tar.gz > Copy the RANCID tar.gz where rpmbuild will look for it: cp > rancid-2.3.4.tar.gz ~/rpmbuild/SOURCES/ > Create the RPM spec file (see below for file contents): vi > ~/rpmbuild/SPEC/rancid-2.3.4.spec > Change to the SPEC directory: cd ~/rpmbuild/SPEC/ > Create the RPM/SRPMs: rpmbuild -ba rancid.2.3.4.spec RANCID RPM is located here: ~rpmbuild/RPMS/rancid-2.3.4-1.i386.rpm RANCID LookingGlass RPM is located here: ~rpmbuild/RPMS/rancid-lg-2.3.4-1.i386.rpm RANCID SRPM is located here: ~rpmbuild/SRPMS/rancid-2.3.4-1.src.rpm > > Copy/paste what I have below to the > "~/rpmbuild/SPEC/rancid-2.3.4.spec". Exclude ### Start and ###Stop > when you copy/paste. > ### Start > Name: ? ? ? ? ? rancid > Version: ? ? ? ?2.3.4 > Release: ? ? ? ?1%{?dist} > Summary: ? ? ? ?Really Awesome New Cisco confIg Differ > > Group: ? ? ? ? ?Applications/System > License: ? ? ? ?non-free > URL: ? ? ? ? ? ?http://www.shrubbery.net/rancid/ > Source: ? ? ? ? rancid-%{version}.tar.gz > BuildRoot: ? ? ?%{_tmppath}/%{name}-%{version}-root > Requires: ? ? ? cvs expect >= 5.40 > > %package lg > Summary: ? ? ? ?RANCID Looking Glass CGI scripts > Group: ? ? ? ? ?Applications/System > > %description > Rancid is a "Really Awesome New Cisco confIg Differ" developed to > maintain CVS controlled copies of router configs. Rancid is not limited > to Cisco devices. It currently supports Cisco routers, Juniper routers, > Catalyst switches, Foundry switches, Redback NASs, ADC EZT3 muxes, MRTd > (and thus likely IRRd), Alteon switches, and HP procurve switches and a > host of others. > > %description lg > RANCID also includes looking glass software. It is based on Ed Kern's > looking glass which was once used for http://nitrous.digex.net/, for the > old-school folks who remember it. Our version has added functions, supports > cisco, juniper, and foundry and uses the login scripts that come with > rancid; so it can use telnet or ssh to connect to your devices(s). > > %prep > %setup -q > > %build > %configure --localstatedir=%{_localstatedir}/rancid > make > > %install > rm -rf $RPM_BUILD_ROOT > make install DESTDIR=$RPM_BUILD_ROOT > # Get rid of unwanted /usr/share/rancid install > rm -rf $RPM_BUILD_ROOT/%{_datadir}/rancid > # Move lg CGI scripts to CGI directory > mkdir -p $RPM_BUILD_ROOT/var/www/cgi-bin > mv $RPM_BUILD_ROOT/%{_bindir}/*.cgi $RPM_BUILD_ROOT/var/www/cgi-bin > # Workaround for the stupid rpmbuild to NOT search for dependencies in the > # documentation. We need to do it here as %doc ignores %attr. > find share -type f -print | xargs chmod a-x > # Install the sample .cloginrc file > cp cloginrc.sample $RPM_BUILD_ROOT/%{_localstatedir}/rancid/.cloginrc > > %pre > if [ $1 -eq 1 ]; then > ? ?egrep -q '^rancid:' /etc/passwd || useradd -M -r -d > %{_localstatedir}/rancid -c "RANCID User" rancid > fi > > %postun > if [ $1 -eq 0 ]; then > ? ?# It's a matter of taste if we should remove the user on uninstall or not > ? ?userdel rancid > fi > > %clean > rm -rf $RPM_BUILD_ROOT > > %files > %defattr(-,root,root,-) > %doc BUGS CHANGES COPYING FAQ README UPGRADING Todo > %doc share/cisco-load.exp share/cisco-reload.exp > %doc share/downreport share/getipacctg share/rtrfilter > %config(noreplace) /etc/rancid.conf > %{_bindir}/* > %{_mandir}/man1/[a-k]* > %{_mandir}/man1/[m-z]* > %{_mandir}/man5/[a-k]* > %{_mandir}/man5/[m-z]* > %dir %attr(770,rancid,rancid) %{_localstatedir}/rancid > %config(noreplace) %attr(640,rancid,rancid) %{_localstatedir}/rancid/.cloginrc > > %files lg > %config(noreplace) /etc/lg.conf > %{_mandir}/man1/lg_intro* > %{_mandir}/man5/lg.conf* > /var/www/cgi-bin/* > %doc README.lg > > %changelog > * Mon Jul 19 2010 Lance Vermilion 2.3.4 > - Modified Version to be 2.3.4 and Release to be 1%{?dist} instead of 2%{?dist} > > * Fri Feb 15 2008 Steve Snodgrass 2.3.2a8-1 > - Install .cloginrc as a configuration file > - Don't try to create the rancid user if it already exists > > * Wed Feb 13 2008 Steve Snodgrass 2.3.2a8-1 > - Create subpackage for looking glass CGI scripts > - Include configuration files in RPM > - Many other tweaks > > * Wed Nov 16 2005 Michael Stefaniuc 2.3.1-3 > - Use /var/rancid as localstatedir > - Create the rancid user on install and remove it on uninstall > - Use %doc correctly > > * Wed Nov 02 2005 Michael Stefaniuc 2.3.1-2 > - Original spec file by Dan Pfleger. > - Add a changelog. > - Make the formating of the spec file adhere to the Fedora Extras Packaging > ?guidelines. > - New %description based on the README and the website. > - Add cvs Requires. > - Changed Group > - Use macros in the files section. Simplify it. > - Do not install the looking glass cgi's. Those make rpm pull in more perl > ?module dependencies. > ### Stop > > > On Mon, Jul 19, 2010 at 3:17 PM, Lance Vermilion wrote: >> >> Has anyone tried this Spec file? >> Better yet has anyone got a spec file for 2.3.4? >> http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20080227/39e1e42f/attachment.ksh > From rwest at zyedge.com Tue Jul 20 02:03:16 2010 From: rwest at zyedge.com (Ryan West) Date: Tue, 20 Jul 2010 02:03:16 +0000 Subject: [rancid] Re: nxrancid 4.2(1)N1(1) on Nexus 5010 bombing on ShowEnv and ShowCores In-Reply-To: <20100719215921.GP229@shrubbery.net> References: <5DC4853C6CC3EE4788779E0726E034DD32ABEF@zy-ex1.zyedge.local> <20100719215921.GP229@shrubbery.net> Message-ID: <5DC4853C6CC3EE4788779E0726E034DD32B33C@zy-ex1.zyedge.local> > -----Original Message----- > From: john heasley [mailto:heas at shrubbery.net] > Sent: Monday, July 19, 2010 5:59 PM > Mon, Jul 19, 2010 at 08:52:43PM +0000, Ryan West: > > John, > > > > Just upgraded to 2.3.4 and was having issues with nxrancid. Debugs on > nxrancid showed the following: > > > ... > > > > Commented out new additions to file at line 305 and 606: > > return(-1) if (/\% Invalid command at /); > > Got it, thanks! it should work by changing this to return(1). That did it, thanks for the quick fix. -ryan From rancid at gheek.net Fri Jul 23 21:20:49 2010 From: rancid at gheek.net (Lance Vermilion) Date: Fri, 23 Jul 2010 14:20:49 -0700 Subject: [rancid] Rancid-2.3.2a9.tar.gz Message-ID: Hello, I can not get ftp://ftp.shrubbery.net/pub/rancid/.old/rancid-2.3.2a9.tar.gz For some reason the ftp server is INCREDIBLY slow. Could some be so kind to offer up the file? TIA -Lance From heas at shrubbery.net Sat Jul 24 00:44:28 2010 From: heas at shrubbery.net (john heasley) Date: Sat, 24 Jul 2010 00:44:28 +0000 Subject: [rancid] Re: Rancid-2.3.2a9.tar.gz In-Reply-To: References: Message-ID: <20100724004428.GA11479@shrubbery.net> Fri, Jul 23, 2010 at 02:20:49PM -0700, Lance Vermilion: > Hello, > > I can not get ftp://ftp.shrubbery.net/pub/rancid/.old/rancid-2.3.2a9.tar.gz > > For some reason the ftp server is INCREDIBLY slow. Could some be so > kind to offer up the file? it should refuse to return any files in the .old directory. I do that to stop people asking for support on those versions. You should move to 2.3.4 instead. From sylvain74230 at yahoo.fr Mon Jul 26 15:17:46 2010 From: sylvain74230 at yahoo.fr (Sylvain 74) Date: Mon, 26 Jul 2010 15:17:46 +0000 (GMT) Subject: [rancid] Rancid cannot get Extreme XOS config file via crontab Message-ID: <339990.63431.qm@web28514.mail.ukl.yahoo.com> Hi all, Rancid v2.3.4 cannot retrieve automatically my Extreme x650 switch's configuration using SSH when I use crontab : 0 * * * * NOPIPE=YES && export NOPIPE && /usr/local/rancid/bin/rancid-run -r lapgensw0 I have the following error in log file : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trying to get all of the configs. lapgensw0: missed cmd(s): show configuration lapgensw0: End of run not found # ===================================== Getting missed routers: round 1. lapgensw0: missed cmd(s): show configuration lapgensw0: End of run not found # ===================================== Getting missed routers: round 2. lapgensw0: missed cmd(s): show configuration lapgensw0: End of run not found # ===================================== Getting missed routers: round 3. lapgensw0: missed cmd(s): show configuration lapgensw0: End of run not found # ===================================== Getting missed routers: round 4. lapgensw0: missed cmd(s): show configuration lapgensw0: End of run not found # ending: Mon Jul 26 15:08:06 CEST 2010 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ My switch's config file "lapgensw0" is never updated and after 24 hours I have the following mail : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The following routers have not been successfully contacted for more than 24 hours. -rw-r----- 1 rancid svn 31088 Jul 22 19:12 lapgensw0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Expect's version is 5.42.1. Rancid works great on my Cisco and HP Procurve switches. Crontab is not a problem as Rancid retrieve my other switches configs successfully. If I run the same rancid-run command from a terminal, it works : NOPIPE=YES && export NOPIPE && /usr/local/rancid/bin/rancid-run -r lapgensw0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ starting: lun jui 26 16:00:48 CEST 2010 Trying to get all of the configs. All routers sucessfully completed. Sending configs/lapgensw0 Transmitting file data . Committed revision 134. ending: lun jui 26 16:01:01 CEST 2010 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This issue seems to be related to SSH : if I replace "ssh" with "telnet" in .cloginrc I don't have the problem anymore (fetching by crontab is OK in this case). I tried to modify rancid.conf (to resolve this crontab issue) : # TERM=network;export TERM TERM=vt100;export TERM COLUMNS=160; LINES=48; export COLUMNS LINES as I've read it somewhere in the list but this doesn't work. I'm reading forum for days now but I didn't found topics related to the same problem. I upgraded Rancid from v2.3.3 to 2.3.4 and it didn't helped. Any help is greatly appreciated (I could give more details if you give me some commands to test). Thanks a lot for this awesome tool ! Sylvain; From sylvain74230 at yahoo.fr Mon Jul 26 16:33:27 2010 From: sylvain74230 at yahoo.fr (Sylvain 74) Date: Mon, 26 Jul 2010 16:33:27 +0000 (GMT) Subject: [rancid] Some lines are suppressed in Extreme X0S config files - Workaround Message-ID: <402287.13906.qm@web28506.mail.ukl.yahoo.com> Hi all, when Rancid gets Extreme Networks x650's configuration, it misses 1 line every 20 or 30 lines. It seems that Rancid suppresses the "Press to continue or to quit:" message but also the next[or previous?] line. I didn't notice this behavior before because I didn't read carefully fetched config files until now. My ExtremeXOS version is 12.3.3.6. As a workaround, there is a "disable clipaging" command since XOS v10.1, that disable the "Press to continue etc..." message. I know this is not the good way to do it but if I modify xrancid this way : # diff xrancid xrancid.new 414a415 > {'disable clipaging' => 'ShowVersion'}, I don't have this issue anymore and every line is collected as you can see below : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Index: configs/lapgensw0 =================================================================== - -- configs/lapgensw0 (revision 135) @@ -31,6 +31,7 @@ configure vlan grid_admin tag 5 enable flooding vlan grid_admin enable learning vlan grid_admin + create vlan "grid_info" configure vlan grid_info tag 7 enable flooding vlan grid_info enable learning vlan grid_info @@ -54,6 +55,7 @@ configure ports 2 far-end-fault-indication off disable flow-control tx-pause port 3 enable flow-control rx-pause port 3 + configure ports 3 display-string gra12_Blade_10G configure ports 3 auto off speed 10000 duplex full configure ports 3 far-end-fault-indication off disable flow-control tx-pause port 4 @@ -77,6 +79,7 @@ enable flow-control rx-pause port 8 configure ports 8 auto off speed 10000 duplex full configure ports 8 far-end-fault-indication off + disable flow-control tx-pause port 9 enable flow-control rx-pause port 9 configure ports 9 auto off speed 10000 duplex full configure ports 9 far-end-fault-indication off @@ -100,6 +103,7 @@ enable flow-control rx-pause port 14 configure ports 14 auto off speed 10000 duplex full configure ports 14 far-end-fault-indication off + disable flow-control tx-pause port 15 enable flow-control rx-pause port 15 configure ports 15 display-string dpmsrv15 configure ports 15 auto off speed 10000 duplex full @@ -123,6 +127,7 @@ enable flow-control rx-pause port 19 configure ports 19 display-string dpmsrv11 configure ports 19 auto off speed 10000 duplex full + configure ports 19 far-end-fault-indication off disable flow-control tx-pause port 20 enable flow-control rx-pause port 20 configure ports 20 display-string dpmsrv10 @@ -146,6 +151,7 @@ disable flow-control tx-pause port 24 enable flow-control rx-pause port 24 configure ports 24 display-string dpmsrv06 + configure ports 24 auto off speed 10000 duplex full configure ports 24 far-end-fault-indication off disable flow-control tx-pause port 25 enable flow-control rx-pause port 25 @@ -168,6 +174,8 @@ configure vlan grid_admin ipaddress 10.10.100.150 255.255.255.224 configure qosscheduler strict-priority # + # Module fdb configuration. + # configure fdb agingtime 300 configure fdb vpls agingtime 300 configure iparp vr VR-Default max_entries 8192 @@ -189,6 +197,7 @@ # Module rtmgr configuration. # disable iproute sharing + configure iproute priority mpls 20 vr VR-Default configure iproute priority blackhole 50 vr VR-Default configure iproute priority static 1100 vr VR-Default configure iproute priority icmp 1200 vr VR-Default [.....] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Every line marked with "+" is a config line that was missed during previous fetches (without disabling clipaging). I know that the right way is to patch clogin but I'm clearly not able to do that. Is there any candidate ? Thanks in advance ! Cheers, Sylvain; From marty at supine.com Tue Jul 27 14:08:39 2010 From: marty at supine.com (Martin Barry) Date: Tue, 27 Jul 2010 16:08:39 +0200 Subject: [rancid] VLAN 1 port members change when port goes down Message-ID: <20100727140839.GA13881@merboo.mamista.net> Hi list I'm trying to tune the signal to noise ratio from rancid and I have an issue with VLAN 1 (Yes, yes, I know you shouldn't use it. Dealing with legacy config here). When a port in VLAN 1 goes down, the next time rancid runs I get diffs like: ! !VLAN: VLAN Name Status Ports !VLAN: ---- -------------------------------- --------- ------------------------------- - !VLAN: 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/6 - !VLAN: Fa0/7, Fa0/9, Fa0/11, Fa0/13 - !VLAN: Fa0/15, Fa0/19, Fa0/20, Fa0/21 - !VLAN: Fa0/22, Fa0/23, Fa0/26, Fa0/28 - !VLAN: Fa0/30, Fa0/32, Fa0/34, Fa0/36 - !VLAN: Fa0/39, Gi0/2 + !VLAN: 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/5 + !VLAN: Fa0/6, Fa0/7, Fa0/9, Fa0/11 + !VLAN: Fa0/13, Fa0/15, Fa0/19, Fa0/20 + !VLAN: Fa0/21, Fa0/22, Fa0/23, Fa0/26 + !VLAN: Fa0/28, Fa0/30, Fa0/32, Fa0/34 + !VLAN: Fa0/36, Fa0/39, Gi0/2 !VLAN: 27 VLAN0027 active Fa0/45, Fa0/46, Fa0/47, Fa0/48 !VLAN: 100 VLAN0100 active !VLAN: 110 VLAN0110 active When the port comes back up, I get the reverse. Anyone figured out a way to stop the port memberships flapping or exclude it from the rancid diffs? cheers Marty From arjan at helix-nebula.org Tue Jul 27 14:16:31 2010 From: arjan at helix-nebula.org (Arjan Oosting) Date: Tue, 27 Jul 2010 16:16:31 +0200 Subject: [rancid] Re: Some lines are suppressed in Extreme X0S config files - Workaround In-Reply-To: <402287.13906.qm@web28506.mail.ukl.yahoo.com> References: <402287.13906.qm@web28506.mail.ukl.yahoo.com> Message-ID: <1280240191.23196.55.camel@reddwarf> Hi Sylvian, We had the same problems and I had to patch clogin.in and xrancid.in: arjan at reddwarf:~$ lsdiff rancid-2.3.3/debian/patches/26_extremexos.dpatch rancid-2.3.3/bin/clogin.in rancid-2.3.3/bin/xrancid.in Op maandag 26-07-2010 om 16:33 uur [tijdzone +0000], schreef Sylvain 74: > Hi all, > > when Rancid gets Extreme Networks x650's configuration, it misses 1 line every 20 or 30 lines. > > It seems that Rancid suppresses the "Press to continue or to quit:" message but also the next[or previous?] line. > > I didn't notice this behavior before because I didn't read carefully fetched config files until now. > > My ExtremeXOS version is 12.3.3.6. > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Every line marked with "+" is a config line that was missed during previous fetches (without disabling clipaging). > > > I know that the right way is to patch clogin but I'm clearly not able to do that. Is there any candidate ? > Attached is my patch for 2.3.3, maybe you could try it? It works for us with quite a collection of Extremeware and ExtremeXos versions. BTW, to the rest of the list how can I get this patch included in the default tarball of RANCID? Greetings Arjan -------------- next part -------------- A non-text attachment was scrubbed... Name: 26_extremexos.dpatch Type: application/x-shellscript Size: 4461 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100727/4eba57f1/attachment.bin From cderemer at phoebe.org Tue Jul 27 14:22:54 2010 From: cderemer at phoebe.org (Christopher DeRemer) Date: Tue, 27 Jul 2010 10:22:54 -0400 Subject: [rancid] ASA Time-Based License Diff Removal Message-ID: <671DC9312DF0CC4D8A7F3ABE978DD5ADE84D5B0BC7@MAIL.phoebe.local> Hello all, I just updated our license in an ASA 5520 and now they have "time-based licenses" for your subscription based services... in this case the bot-net filter. I would like to prevent a daily count-down diff like the one seen below. Can someone help me filter this out, I'm not very good at the expect and other code work. Example: Index: configs/10.10.1.254 =================================================================== - -- configs/10.10.1.254 (revision 251) @@ -8,7 +8,7 @@ ! !This platform has an ASA 5520 VPN Plus license. - !This platform has a time-based license that will expire in 364 day(s). + !This platform has a time-based license that will expire in 363 day(s). Cheers, Christoph DeRemer, CCENT Network Administrator Phoebe Services 484.619.2168 (Single # Reach) NOTICE: This confidential message/attachment contains information intended for a specific individual(s). Any inappropriate use, distribution or duplication is strictly prohibited. If received in error, notify the sender and immediately delete this transmission. From arjan at helix-nebula.org Tue Jul 27 14:28:48 2010 From: arjan at helix-nebula.org (Arjan Oosting) Date: Tue, 27 Jul 2010 16:28:48 +0200 Subject: [rancid] Patch to skip the echoed cmd in write term Message-ID: <1280240928.23196.62.camel@reddwarf> Hi, I have some patches I use in RANCID setup at work which I would like to share and see included in new versions of RANCID. One of these is the attached patch. We have some quite old IOS routers where the "more system:running-config" command appeared in the configuration backups after an upgrade to RANCID 2.3.3: The routers seemed to echo the unknown command before indicating it as an invalid command. A manual run confirmed this: example-router#more system:running-config more system:running-config ^ % Invalid input detected at '^' marker. example-router#show running-config Building configuration... Current configuration: Because the cmd was not skipped in the WriteTerm procedure it got included in the configuration backups. The attached patch fixes the issue. Could this patch be included in the next release of RANCID? Greetings Arjan -------------- next part -------------- A non-text attachment was scrubbed... Name: 18_skip-cmd-in-write-term.dpatch Type: application/x-shellscript Size: 814 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100727/80294fea/attachment.bin From arjan at helix-nebula.org Tue Jul 27 14:28:59 2010 From: arjan at helix-nebula.org (Arjan Oosting) Date: Tue, 27 Jul 2010 16:28:59 +0200 Subject: [rancid] BigBand Cuda 12000 Message-ID: <1280240939.23196.65.camel@reddwarf> Hi, I have some patches I use in RANCID setup at work which I would like to share and see included in new versions of RANCID. One of these is the attached patch. In our network we have a set of BigBand Cuda 12000 CMTS-es which we backup with RANCID. For these devices we took some *login and *rancid file and adjusted them until we had cudalogin and cudarancid. The result is attached. Greetings Arjan -------------- next part -------------- A non-text attachment was scrubbed... Name: 20_cuda.dpatch Type: application/x-shellscript Size: 30727 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100727/be7051d5/attachment.bin From arjan at helix-nebula.org Tue Jul 27 14:28:49 2010 From: arjan at helix-nebula.org (Arjan Oosting) Date: Tue, 27 Jul 2010 16:28:49 +0200 Subject: [rancid] Add -autoenable to clogin invocation of xrancid Message-ID: <1280240929.23196.64.camel@reddwarf> Hi, I have some patches I use in RANCID setup at work which I would like to share and see included in new versions of RANCID. One of these is the attached patch. As Extreme switches don't know the concept of an enabled-modus you have add an autoenable configuration statement to .cloginrc file. Sometimes people forget to add the autoenable statement to the .cloginrc file when adding a new device which causes xrancid failure to make a backup. I though it would make sense to always add the -autoenable argument to clogin call in xrancid to circumvent this issue. (See attached patch) Wat do you think, could/should this patch be included in the default tarball of RANCID? Greetings Arjan -------------- next part -------------- A non-text attachment was scrubbed... Name: 19_xrancid_autoenable.dpatch Type: application/x-shellscript Size: 1672 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100727/8aa78fdd/attachment.bin From arjan at helix-nebula.org Tue Jul 27 14:32:17 2010 From: arjan at helix-nebula.org (Arjan Oosting) Date: Tue, 27 Jul 2010 16:32:17 +0200 Subject: [rancid] Motorola BSR64000 Message-ID: <1280241137.23196.67.camel@reddwarf> Hi, I have some patches I use in our RANCID setup at work which I would like to share and see included in new versions of RANCID. One of these is the attached patch. In our network we have a set of Motorola BSR64000 CMTS-es which we backup with RANCID. For these devices we took some *login and *rancid file and adjusted them until we had bsrlogin and bsrrancid. The result is attached. Greetings Arjan -------------- next part -------------- A non-text attachment was scrubbed... Name: 22_bsr.dpatch Type: application/x-shellscript Size: 48568 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100727/101e6d31/attachment.bin From arjan at helix-nebula.org Tue Jul 27 13:17:42 2010 From: arjan at helix-nebula.org (Arjan Oosting) Date: Tue, 27 Jul 2010 15:17:42 +0200 Subject: [rancid] Re: Some lines are suppressed in Extreme X0S config files - Workaround In-Reply-To: <402287.13906.qm@web28506.mail.ukl.yahoo.com> References: <402287.13906.qm@web28506.mail.ukl.yahoo.com> Message-ID: <1280236662.23196.14.camel@reddwarf> Hi Sylvian, We had the same problems and I had to patch clogin.in and xrancid.in: arjan at reddwarf:~$ lsdiff rancid-2.3.3/debian/patches/26_extremexos.dpatch rancid-2.3.3/bin/clogin.in rancid-2.3.3/bin/xrancid.in Op maandag 26-07-2010 om 16:33 uur [tijdzone +0000], schreef Sylvain 74: > Hi all, > > when Rancid gets Extreme Networks x650's configuration, it misses 1 line every 20 or 30 lines. > > It seems that Rancid suppresses the "Press to continue or to quit:" message but also the next[or previous?] line. > > I didn't notice this behavior before because I didn't read carefully fetched config files until now. > > My ExtremeXOS version is 12.3.3.6. > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Every line marked with "+" is a config line that was missed during previous fetches (without disabling clipaging). > > > I know that the right way is to patch clogin but I'm clearly not able to do that. Is there any candidate ? > Attached is my patch for 2.3.3, maybe you could try it? It works for us with quite a collection of Extremeware and ExtremeXos versions. BTW, to the rest of the list how can I get this patch included in the default tarball of RANCID? Greetings Arjan -------------- next part -------------- A non-text attachment was scrubbed... Name: 26_extremexos.dpatch Type: application/x-shellscript Size: 4461 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100727/50abf4d6/attachment.bin From arjan at helix-nebula.org Tue Jul 27 13:49:47 2010 From: arjan at helix-nebula.org (Arjan Oosting) Date: Tue, 27 Jul 2010 15:49:47 +0200 Subject: [rancid] Patch to skip the echoed cmd in write term Message-ID: <1280238587.23196.40.camel@reddwarf> Hi, I have some patches I use in RANCID setup at work which I would like to share and see included in new versions of RANCID. One of these is the attached patch. We have some quite old IOS routers where the "more system:running-config" command appeared in the configuration backups after an upgrade to RANCID 2.3.3: The routers seemed to echo the unknown command before indicating it as an invalid command. A manual run confirmed this: example-router#more system:running-config more system:running-config ^ % Invalid input detected at '^' marker. example-router#show running-config Building configuration... Current configuration: Because the cmd was not skipped in the WriteTerm procedure it got included in the configuration backups. The attached patch fixes the issue. Could this patch be included in the next release of RANCID? Greetings Arjan -------------- next part -------------- A non-text attachment was scrubbed... Name: 18_skip-cmd-in-write-term.dpatch Type: application/x-shellscript Size: 814 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100727/aab0878a/attachment.bin From arjan at helix-nebula.org Tue Jul 27 14:05:08 2010 From: arjan at helix-nebula.org (Arjan Oosting) Date: Tue, 27 Jul 2010 16:05:08 +0200 Subject: [rancid] Add -autoenable to clogin invocation of xrancid Message-ID: <1280239508.23196.54.camel@reddwarf> Hi, I have some patches I use in RANCID setup at work which I would like to share and see included in new versions of RANCID. One of these is the attached patch. As Extreme switches don't know the concept of an enabled-modus you have add an autoenable configuration statement to .cloginrc file. Sometimes people forget to add the autoenable statement to the .cloginrc file when adding a new device which causes xrancid failure to make a backup. I though it would make sense to always add the -autoenable argument to clogin call in xrancid to circumvent this issue. (See attached patch) Wat do you think, could/should this patch be included in the default tarball of RANCID? Greetings Arjan -------------- next part -------------- A non-text attachment was scrubbed... Name: 19_xrancid_autoenable.dpatch Type: application/x-shellscript Size: 1672 bytes Desc: not available Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100727/27e8170e/attachment.bin From heas at shrubbery.net Tue Jul 27 17:59:35 2010 From: heas at shrubbery.net (john heasley) Date: Tue, 27 Jul 2010 17:59:35 +0000 Subject: [rancid] Re: Some lines are suppressed in Extreme X0S config files - Workaround In-Reply-To: <1280240191.23196.55.camel@reddwarf> References: <402287.13906.qm@web28506.mail.ukl.yahoo.com> <1280240191.23196.55.camel@reddwarf> Message-ID: <20100727175935.GH16087@shrubbery.net> Tue, Jul 27, 2010 at 04:16:31PM +0200, Arjan Oosting: > Hi Sylvian, > > We had the same problems and I had to patch clogin.in and xrancid.in: > > arjan at reddwarf:~$ lsdiff > rancid-2.3.3/debian/patches/26_extremexos.dpatch > rancid-2.3.3/bin/clogin.in > rancid-2.3.3/bin/xrancid.in > > > Op maandag 26-07-2010 om 16:33 uur [tijdzone +0000], schreef Sylvain 74: > > Hi all, > > > > when Rancid gets Extreme Networks x650's configuration, it misses 1 line every 20 or 30 lines. > > > > It seems that Rancid suppresses the "Press to continue or to quit:" message but also the next[or previous?] line. > > > > I didn't notice this behavior before because I didn't read carefully fetched config files until now. > > > > My ExtremeXOS version is 12.3.3.6. > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > Every line marked with "+" is a config line that was missed during previous fetches (without disabling clipaging). > > > > > > I know that the right way is to patch clogin but I'm clearly not able to do that. Is there any candidate ? > > > > Attached is my patch for 2.3.3, maybe you could try it? > It works for us with quite a collection of Extremeware and ExtremeXos > versions. > > BTW, to the rest of the list how can I get this patch included in the > default tarball of RANCID? Andrew is working on fixing/updating xrancid for extrememXOS. From heas at shrubbery.net Tue Jul 27 23:42:23 2010 From: heas at shrubbery.net (john heasley) Date: Tue, 27 Jul 2010 23:42:23 +0000 Subject: [rancid] Re: ASA Time-Based License Diff Removal In-Reply-To: <671DC9312DF0CC4D8A7F3ABE978DD5ADE84D5B0BC7@MAIL.phoebe.local> References: <671DC9312DF0CC4D8A7F3ABE978DD5ADE84D5B0BC7@MAIL.phoebe.local> Message-ID: <20100727234223.GI19348@shrubbery.net> Tue, Jul 27, 2010 at 10:22:54AM -0400, Christopher DeRemer: > Hello all, > > I just updated our license in an ASA 5520 and now they have "time-based licenses" for your subscription based services... in this case the bot-net filter. I would like to prevent a daily count-down diff like the one seen below. Can someone help me filter this out, I'm not very good at the expect and other code work. > > Example: > > Index: configs/10.10.1.254 > =================================================================== > - -- configs/10.10.1.254 (revision 251) > @@ -8,7 +8,7 @@ > ! > !This platform has an ASA 5520 VPN Plus license. > - !This platform has a time-based license that will expire in 364 day(s). > + !This platform has a time-based license that will expire in 363 day(s). Could filter it until its < 10 days to expiration like this: Index: bin/rancid.in =================================================================== --- bin/rancid.in (revision 2232) +++ bin/rancid.in (working copy) @@ -203,6 +203,10 @@ ProcessHistory("COMMENTS","keysort","F1", "!Image: $_") && next; /^Cisco Secure PIX /i && ProcessHistory("COMMENTS","keysort","F1", "!Image: $_") && next; + # ASA "time-based licenses" - eg: bot-net + /^This (PIX|platform) has a time-based license that will expire in\s+(\d{2,})\s+.*$/ && + ProcessHistory("COMMENTS","keysort","D1", + "!This $1 has a time-based license\n") && next; # PIX 6 fail-over license, as in "This PIX has an Unrestricted (UR) # license." PIX 7 as "his platform has ..." /^This (PIX|platform) has an?\s+(.*)$/ && From frnkblk at iname.com Wed Jul 28 04:09:48 2010 From: frnkblk at iname.com (Frank Bulk) Date: Tue, 27 Jul 2010 23:09:48 -0500 Subject: [rancid] Re: Motorola BSR64000 In-Reply-To: <1280241137.23196.67.camel@reddwarf> References: <1280241137.23196.67.camel@reddwarf> Message-ID: Thanks for developing that. I also made some changes -- would you like to see my complete motorancid? Frank -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Arjan Oosting Sent: Tuesday, July 27, 2010 9:32 AM To: rancid-discuss at shrubbery.net Subject: [rancid] Motorola BSR64000 Hi, I have some patches I use in our RANCID setup at work which I would like to share and see included in new versions of RANCID. One of these is the attached patch. In our network we have a set of Motorola BSR64000 CMTS-es which we backup with RANCID. For these devices we took some *login and *rancid file and adjusted them until we had bsrlogin and bsrrancid. The result is attached. Greetings Arjan From arjan at helix-nebula.org Wed Jul 28 07:51:20 2010 From: arjan at helix-nebula.org (Arjan Oosting) Date: Wed, 28 Jul 2010 09:51:20 +0200 Subject: [rancid] Re: Motorola BSR64000 In-Reply-To: References: <1280241137.23196.67.camel@reddwarf> Message-ID: <1280303480.11035.1.camel@brigand.as9143.internal> Op dinsdag 27-07-2010 om 23:09 uur [tijdzone -0500], schreef Frank Bulk: > Thanks for developing that. I also made some changes -- would you like to see my complete motorancid? > > Frank Sure, Please send it. Greetings Arjan From melchandler at firstam.com Wed Jul 28 16:32:56 2010 From: melchandler at firstam.com (Chandler, Mel) Date: Wed, 28 Jul 2010 09:32:56 -0700 Subject: [rancid] Re: VLAN 1 port members change when port goes down In-Reply-To: <20100727140839.GA13881@merboo.mamista.net> References: <20100727140839.GA13881@merboo.mamista.net> Message-ID: I'm seeing this same thing in our diffs. Any word on a work around or should I just ignore it? Chandler Bing -----Original Message----- From: rancid-discuss-bounces at shrubbery.net [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Martin Barry Sent: Tuesday, July 27, 2010 7:09 AM To: rancid-discuss at shrubbery.net Subject: [rancid] VLAN 1 port members change when port goes down Hi list I'm trying to tune the signal to noise ratio from rancid and I have an issue with VLAN 1 (Yes, yes, I know you shouldn't use it. Dealing with legacy config here). When a port in VLAN 1 goes down, the next time rancid runs I get diffs like: ! !VLAN: VLAN Name Status Ports !VLAN: ---- -------------------------------- --------- ------------------------------- - !VLAN: 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/6 - !VLAN: Fa0/7, Fa0/9, Fa0/11, Fa0/13 - !VLAN: Fa0/15, Fa0/19, Fa0/20, Fa0/21 - !VLAN: Fa0/22, Fa0/23, Fa0/26, Fa0/28 - !VLAN: Fa0/30, Fa0/32, Fa0/34, Fa0/36 - !VLAN: Fa0/39, Gi0/2 + !VLAN: 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/5 + !VLAN: Fa0/6, Fa0/7, Fa0/9, Fa0/11 + !VLAN: Fa0/13, Fa0/15, Fa0/19, Fa0/20 + !VLAN: Fa0/21, Fa0/22, Fa0/23, Fa0/26 + !VLAN: Fa0/28, Fa0/30, Fa0/32, Fa0/34 + !VLAN: Fa0/36, Fa0/39, Gi0/2 !VLAN: 27 VLAN0027 active Fa0/45, Fa0/46, Fa0/47, Fa0/48 !VLAN: 100 VLAN0100 active !VLAN: 110 VLAN0110 active When the port comes back up, I get the reverse. Anyone figured out a way to stop the port memberships flapping or exclude it from the rancid diffs? cheers Marty _______________________________________________ Rancid-discuss mailing list Rancid-discuss at shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss ****************************************************************************************** This message may contain confidential or proprietary information intended only for the use of the addressee(s) named above or may contain information that is legally privileged. If you are not the intended addressee, or the person responsible for delivering it to the intended addressee, you are hereby notified that reading, disseminating, distributing or copying this message is strictly prohibited. If you have received this message by mistake, please immediately notify us by replying to the message and delete the original message and any copies immediately thereafter. Thank you. ****************************************************************************************** FACLD - From heas at shrubbery.net Wed Jul 28 17:09:31 2010 From: heas at shrubbery.net (john heasley) Date: Wed, 28 Jul 2010 17:09:31 +0000 Subject: [rancid] Re: VLAN 1 port members change when port goes down In-Reply-To: References: <20100727140839.GA13881@merboo.mamista.net> Message-ID: <20100728170931.GE24240@shrubbery.net> Wed, Jul 28, 2010 at 09:32:56AM -0700, Chandler, Mel: > I'm seeing this same thing in our diffs. Any word on a work around or > should I just ignore it? > > Chandler Bing > > -----Original Message----- > From: rancid-discuss-bounces at shrubbery.net > [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Martin Barry > Sent: Tuesday, July 27, 2010 7:09 AM > To: rancid-discuss at shrubbery.net > Subject: [rancid] VLAN 1 port members change when port goes down > > Hi list > > I'm trying to tune the signal to noise ratio from rancid and I have an > issue > with VLAN 1 (Yes, yes, I know you shouldn't use it. Dealing with legacy > config here). > > When a port in VLAN 1 goes down, the next time rancid runs I get diffs > like: IIRC, this occurs when VTP is enabled. it may occur in other instances that i'm not aware of. either disable vtp or comment-out 'show vlan' in the rancid script. > ! > !VLAN: VLAN Name Status Ports > !VLAN: ---- -------------------------------- --------- > ------------------------------- > - !VLAN: 1 default active Fa0/1, Fa0/2, > Fa0/3, Fa0/6 > - !VLAN: Fa0/7, Fa0/9, > Fa0/11, Fa0/13 > - !VLAN: Fa0/15, Fa0/19, > Fa0/20, Fa0/21 > - !VLAN: Fa0/22, Fa0/23, > Fa0/26, Fa0/28 > - !VLAN: Fa0/30, Fa0/32, > Fa0/34, Fa0/36 > - !VLAN: Fa0/39, Gi0/2 > + !VLAN: 1 default active Fa0/1, Fa0/2, > Fa0/3, Fa0/5 > + !VLAN: Fa0/6, Fa0/7, > Fa0/9, Fa0/11 > + !VLAN: Fa0/13, Fa0/15, > Fa0/19, Fa0/20 > + !VLAN: Fa0/21, Fa0/22, > Fa0/23, Fa0/26 > + !VLAN: Fa0/28, Fa0/30, > Fa0/32, Fa0/34 > + !VLAN: Fa0/36, Fa0/39, > Gi0/2 > !VLAN: 27 VLAN0027 active Fa0/45, Fa0/46, > Fa0/47, Fa0/48 > !VLAN: 100 VLAN0100 active > !VLAN: 110 VLAN0110 active > > > When the port comes back up, I get the reverse. > > Anyone figured out a way to stop the port memberships flapping or > exclude it > from the rancid diffs? > > cheers > Marty > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss > ****************************************************************************************** > This message may contain confidential or proprietary information intended only for the use of the > addressee(s) named above or may contain information that is legally privileged. If you are > not the intended addressee, or the person responsible for delivering it to the intended addressee, > you are hereby notified that reading, disseminating, distributing or copying this message is strictly > prohibited. If you have received this message by mistake, please immediately notify us by > replying to the message and delete the original message and any copies immediately thereafter. > > Thank you. > ****************************************************************************************** > FACLD - > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From whall at whall.org Thu Jul 29 14:44:21 2010 From: whall at whall.org (Wayne Hall) Date: Thu, 29 Jul 2010 09:44:21 -0500 Subject: [rancid] sflow timeout filter for dell PowerConnects Message-ID: For those who take advantage of sflow on the newer powerconnect firmware (3.x supports it), you might find that the running-config now has a new timeout value, which is a countdown. Countdowns make babies cry. While I hate to see crying babies, sflow is way too useful to let a few whiny infants get in my way of using it, so instead I decided to modify rancid to stop informing me of this countdown reduction. 3c3 < ## $Id: drancid,v 1.2 2010/07/29 14:42:56 rancid Exp $ --- > ## $Id: drancid,v 1.1 2010/07/29 14:09:22 rancid Exp $ 229,237d228 < # ------------------------------- < # custom lines here < # ------------------------------- < # < # ignore sflow countdown timer < if (/(sflow\s+\d+.*timeout)/) { < ProcessHistory("","","","$1 4294967295\n"); next; < } I'm putting in that high number because that is the highest the command allows, and if you're wanting to paste it into a config again later, better it to be a usable command and not an or type of message. My thanx to *john heasley *on the post at http://www.shrubbery.net/pipermail/rancid-discuss/2010-July/005065.html for the hints I needed. This is my first filter, so be kind. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20100729/222b1b27/attachment.html From matthias.cramer at iway.ch Fri Jul 30 05:45:48 2010 From: matthias.cramer at iway.ch (Matthias Cramer) Date: Fri, 30 Jul 2010 07:45:48 +0200 Subject: [rancid] Patch for Brocade Stacking Switches Message-ID: <4C52670C.8070404@iway.ch> Hi Here is a patch which removes the system uptime in the output of newer stacking switches from Brocade (FLS, FWS, etc). ------------------------------------------------------------- --- francid-old 2010-07-15 19:21:00.681658978 +0200 +++ francid 2010-07-15 19:56:23.089908460 +0200 @@ -183,6 +183,8 @@ s/^\s*(HW|SW)/$1/; s/^\s*(Compiled on)/SW: $1/; s/^\s*($\d+ bytes$ from )/SW: $1/; + # remove uptime on newer switches + s/(STACKID \d+)\s+system uptime is.*$/$1/; #s/^(HW.*)/$1\n/; if (/^SL (\d+)/) { ------------------------------------------------------------- Would be nice if that could be incorporated into the next release. Regards Matthias -- Matthias Cramer / mc322-ripe Senior Network & Security Engineer iway AG Phone +41 43 500 1111 Josefstrasse 225 Fax +41 44 271 3535 CH-8005 Z?rich http://www.iway.ch/ GnuPG 1024D/2D208250 = DBC6 65B6 7083 1029 781E 3959 B62F DF1C 2D20 8250 From tore.anderson at redpill-linpro.com Fri Jul 30 12:45:24 2010 From: tore.anderson at redpill-linpro.com (Tore Anderson) Date: Fri, 30 Jul 2010 14:45:24 +0200 Subject: [rancid] Making zrancid work from cron Message-ID: <4C52C964.4010703@redpill-linpro.com> Hi list, I've got problems making RANCID fetch the config from a Quagga box when running from cron. It works fine when running from the command line, but from cron I just get a "TIMEOUT reached" error in my logs. It seems the problem is with the pseudo-terminal allocation. To demonstrate: if I add ?clogin -t 10 -c"show version;write term" rtr? to the rancid user's crontab, the mail I get in return contains: > rtr > spawn ssh -c 3des -x -l rancid rtr > Linux rtr 2.6.32-22-server x86_64 > Ubuntu 10.04.1 LTS > > This node is configured by puppet. Local changes may be overwritten. > > Last login: Fri Jul 30 14:22:02 2010 from 2001:db8:1002:102:214:22ff:fe12:99d9 > > > > Hello, this is Quagga (version 0.99.16). > > Copyright 1996-2005 Kunihiro Ishiguro, et al. > > > > WARNING: terminal is not fully functional > > - (press RETURN) > Error: TIMEOUT reached I tried adding ?-tt? to the ssh command line in clogin, but that had no effect. It works very well when I run it from the command line myself, though. Any suggestions on how to solve this would be greatly appreciated! Best regards, -- Tore Anderson Redpill Linpro AS - http://www.redpill-linpro.com/ Tel: +47 21 54 41 27 From heas at shrubbery.net Fri Jul 30 17:08:45 2010 From: heas at shrubbery.net (john heasley) Date: Fri, 30 Jul 2010 17:08:45 +0000 Subject: [rancid] Re: Making zrancid work from cron In-Reply-To: <4C52C964.4010703@redpill-linpro.com> References: <4C52C964.4010703@redpill-linpro.com> Message-ID: <20100730170845.GK15722@shrubbery.net> Fri, Jul 30, 2010 at 02:45:24PM +0200, Tore Anderson: > Hi list, > > I've got problems making RANCID fetch the config from a Quagga box when > running from cron. It works fine when running from the command line, > but from cron I just get a "TIMEOUT reached" error in my logs. It seems > the problem is with the pseudo-terminal allocation. To demonstrate: if > I add ?clogin -t 10 -c"show version;write term" rtr? to the rancid > user's crontab, the mail I get in return contains: > > > rtr > > spawn ssh -c 3des -x -l rancid rtr > > Linux rtr 2.6.32-22-server x86_64 > > Ubuntu 10.04.1 LTS > > > > This node is configured by puppet. Local changes may be overwritten. > > > > Last login: Fri Jul 30 14:22:02 2010 from 2001:db8:1002:102:214:22ff:fe12:99d9 > > > > > > > > Hello, this is Quagga (version 0.99.16). > > > > Copyright 1996-2005 Kunihiro Ishiguro, et al. > > > > > > > > WARNING: terminal is not fully functional > > > > - (press RETURN) > > Error: TIMEOUT reached > > I tried adding ?-tt? to the ssh command line in clogin, but that had no > effect. It works very well when I run it from the command line myself, > though. Any suggestions on how to solve this would be greatly appreciated! > is this directly to bgpd or via 'zebra' (or whatever that vtysh daemon is called)? From tore.anderson at redpill-linpro.com Fri Jul 30 17:28:03 2010 From: tore.anderson at redpill-linpro.com (Tore Anderson) Date: Fri, 30 Jul 2010 19:28:03 +0200 Subject: [rancid] Re: Making zrancid work from cron In-Reply-To: <20100730170845.GK15722@shrubbery.net> References: <4C52C964.4010703@redpill-linpro.com> <20100730170845.GK15722@shrubbery.net> Message-ID: <4C530BA3.4080809@redpill-linpro.com> Hi, * john heasley > is this directly to bgpd or via 'zebra' (or whatever that vtysh > daemon is called)? Neither, I've set up a UNIX account on the router that has /usr/bin/vtysh as its login shell. So clogin logs in to the standard system sshd. I believe that is the only way to get the complete configuration, if you use telnet to bgpd/ospfd/zebra/etc you only get the configuration for that particular routing protocol. Best regards, -- Tore Anderson Redpill Linpro AS - http://www.redpill-linpro.com/ Tel: +47 21 54 41 27 From heas at shrubbery.net Fri Jul 30 19:57:10 2010 From: heas at shrubbery.net (john heasley) Date: Fri, 30 Jul 2010 19:57:10 +0000 Subject: [rancid] Re: Patch for Brocade Stacking Switches In-Reply-To: <4C52670C.8070404@iway.ch> References: <4C52670C.8070404@iway.ch> Message-ID: <20100730195710.GQ15722@shrubbery.net> Fri, Jul 30, 2010 at 07:45:48AM +0200, Matthias Cramer: > Hi > > Here is a patch which removes the system uptime in the output of newer > stacking switches from Brocade (FLS, FWS, etc). > > ------------------------------------------------------------- > --- francid-old 2010-07-15 19:21:00.681658978 +0200 > +++ francid 2010-07-15 19:56:23.089908460 +0200 > @@ -183,6 +183,8 @@ > s/^\s*(HW|SW)/$1/; > s/^\s*(Compiled on)/SW: $1/; > s/^\s*($\d+ bytes$ from )/SW: $1/; > + # remove uptime on newer switches > + s/(STACKID \d+)\s+system uptime is.*$/$1/; is it different if the switch is non-stackable or not part of a stack? > #s/^(HW.*)/$1\n/; > if (/^SL (\d+)/) { > ------------------------------------------------------------- > > Would be nice if that could be incorporated into the next release. > > Regards > > Matthias > > -- > Matthias Cramer / mc322-ripe Senior Network & Security Engineer > iway AG Phone +41 43 500 1111 > Josefstrasse 225 Fax +41 44 271 3535 > CH-8005 Z?rich http://www.iway.ch/ > GnuPG 1024D/2D208250 = DBC6 65B6 7083 1029 781E 3959 B62F DF1C 2D20 8250 > > _______________________________________________ > Rancid-discuss mailing list > Rancid-discuss at shrubbery.net > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From heas at shrubbery.net Fri Jul 30 20:08:31 2010 From: heas at shrubbery.net (john heasley) Date: Fri, 30 Jul 2010 20:08:31 +0000 Subject: [rancid] Re: Making zrancid work from cron In-Reply-To: <4C530BA3.4080809@redpill-linpro.com> References: <20100730200733.AFC1E11CEB9@ni.shrubbery.net> <4C52C964.4010703@redpill-linpro.com> <20100730170845.GK15722@shrubbery.net> <4C530BA3.4080809@redpill-linpro.com> Message-ID: <20100730200831.GS15722@shrubbery.net> Fri, Jul 30, 2010 at 07:28:03PM +0200, Tore Anderson: > Hi, > > * john heasley > > > is this directly to bgpd or via 'zebra' (or whatever that vtysh > > daemon is called)? > > Neither, I've set up a UNIX account on the router that has > /usr/bin/vtysh as its login shell. So clogin logs in to the standard > system sshd. I believe that is the only way to get the complete > configuration, if you use telnet to bgpd/ospfd/zebra/etc you only get > the configuration for that particular routing protocol. > > Best regards, > -- > Tore Anderson > Redpill Linpro AS - http://www.redpill-linpro.com/ > Tel: +47 21 54 41 27 Does this fix it? Does linux not have terminfo/termcap for "dumb"? Index: zrancid.in =================================================================== --- zrancid.in (revision 2233) +++ zrancid.in (working copy) @@ -65,6 +65,9 @@ my($filter_commstr); # SNMP community string filtering my($filter_pwds); # password filtering mode +# force a terminal type so as not to confuse the POS +$ENV{'TERM'} = "vt100"; + # This routine is used to print out the router configuration sub ProcessHistory { my($new_hist_tag,$new_command,$command_string, at string) = (@_); From matthias.cramer at iway.ch Fri Jul 30 20:37:29 2010 From: matthias.cramer at iway.ch (Matthias Cramer) Date: Fri, 30 Jul 2010 22:37:29 +0200 Subject: [rancid] Re: Patch for Brocade Stacking Switches In-Reply-To: <20100730195710.GQ15722@shrubbery.net> References: <4C52670C.8070404@iway.ch> <20100730195710.GQ15722@shrubbery.net> Message-ID: <4C533809.5090607@iway.ch> Hi On 30/07/10 21:57, john heasley wrote: > Fri, Jul 30, 2010 at 07:45:48AM +0200, Matthias Cramer: >> Hi >> >> Here is a patch which removes the system uptime in the output of newer >> stacking switches from Brocade (FLS, FWS, etc). >> >> ------------------------------------------------------------- >> --- francid-old 2010-07-15 19:21:00.681658978 +0200 >> +++ francid 2010-07-15 19:56:23.089908460 +0200 >> @@ -183,6 +183,8 @@ >> s/^\s*(HW|SW)/$1/; >> s/^\s*(Compiled on)/SW: $1/; >> s/^\s*($\d+ bytes$ from )/SW: $1/; >> + # remove uptime on newer switches >> + s/(STACKID \d+)\s+system uptime is.*$/$1/; > > is it different if the switch is non-stackable or not part of a stack? Not as I know, only have switches which are not part of a stack. > >> #s/^(HW.*)/$1\n/; >> if (/^SL (\d+)/) { >> ------------------------------------------------------------- >> >> Would be nice if that could be incorporated into the next release. >> >> Regards >> >> Matthias >> >> -- >> Matthias Cramer / mc322-ripe Senior Network & Security Engineer >> iway AG Phone +41 43 500 1111 >> Josefstrasse 225 Fax +41 44 271 3535 >> CH-8005 Z?rich http://www.iway.ch/ >> GnuPG 1024D/2D208250 = DBC6 65B6 7083 1029 781E 3959 B62F DF1C 2D20 8250 >> >> _______________________________________________ >> Rancid-discuss mailing list >> Rancid-discuss at shrubbery.net >> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss From heas at shrubbery.net Fri Jul 30 21:22:12 2010 From: heas at shrubbery.net (john heasley) Date: Fri, 30 Jul 2010 21:22:12 +0000 Subject: [rancid] Re: Motorola BSR64000 In-Reply-To: <1280303480.11035.1.camel@brigand.as9143.internal> References: <1280241137.23196.67.camel@reddwarf> <1280303480.11035.1.camel@brigand.as9143.internal> Message-ID: <20100730212212.GG15722@shrubbery.net> Wed, Jul 28, 2010 at 09:51:20AM +0200, Arjan Oosting: > Op dinsdag 27-07-2010 om 23:09 uur [tijdzone -0500], schreef Frank Bulk: > > Thanks for developing that. I also made some changes -- would you like to see my complete motorancid? > > > > Frank > > Sure, > > Please send it. > Please verify that Frank's scripts work for you. From tore.anderson at redpill-linpro.com Sat Jul 31 09:30:56 2010 From: tore.anderson at redpill-linpro.com (Tore Anderson) Date: Sat, 31 Jul 2010 11:30:56 +0200 Subject: [rancid] Re: Making zrancid work from cron In-Reply-To: <20100730200831.GS15722@shrubbery.net> References: <20100730200733.AFC1E11CEB9@ni.shrubbery.net> <4C52C964.4010703@redpill-linpro.com> <20100730170845.GK15722@shrubbery.net> <4C530BA3.4080809@redpill-linpro.com> <20100730200831.GS15722@shrubbery.net> Message-ID: <4C53ED50.3040705@redpill-linpro.com> * john heasley > Does this fix it? Does linux not have terminfo/termcap for "dumb"? Yep, this fixes it, thanks! Should have thought of it myself... /lib/terminfo/d/dumb does exist on the system though, but perhaps it isn't considered sufficient for some reason? The message doesn't originate from vtysh - I get the exact same message when doing ?TERM=dumb man ls? also, so it is a system library that complains. Oh well, it works now, so I'm happy. Thanks again! Best regards, -- Tore Anderson Redpill Linpro AS - http://www.redpill-linpro.com/ Tel: +47 21 54 41 27