heas at shrubbery
Aug 7, 2012, 4:18 PM
Post #3 of 4
(507 views)
Permalink
|
|
Re: ignoring toggling/changing output lines
[In reply to]
|
|
Tue, Aug 07, 2012 at 09:57:18AM -0700, heasley:
> Tue, Aug 07, 2012 at 11:27:56AM +0200, Roman Hochuli:
> > Dear All
> >
> > As much as I love RANCID I am fighting with two anoyances which I, at
> > the moment, have no ideas how to fix them.
> >
> >
> > The first one I do not seem to be the only one beeing hit by: changing
> > type 7 passwords within l2tp-class-sections on Cisco routers. As from
> > what the archives say this is probably even expected behaviour according
> > to TAC. Changesets look something like this:
> > --snip
> > l2tp-class NAME
> > hidden
> > authentication
> > - password 7 abcabcabcabcabcabc
> > + password 7 xyzxyzxyzxyzxyzxyz
> > !
> > --snap
> >
> > To be honest: I would be glad with a solution that simply ingores the
> > password, but only the l2tp-class one. I would like to keep the other
> > passwords in the config. Any ideas?
>
> that must be an ios bug. you should contact TAC and insist that they open
> a ticket.
>
> the only way to filter it would be to filter all passwords, or write a
> filter that kept state to know when it enters/leaves a l2t-class def.
I came across these; tell us if it works:
http://www.shrubbery.net/pipermail/rancid-discuss/2010-July/005023.html
Thu, Jul 08, 2010 at 08:34:46AM +0200, Martin Moens:
> Hi John,
>
> I have tested several sw and hw combinations, a few of them:
> 3925: c3900-universalk9-mz.SPA.150-1 and c3900-universalk9-mz.SPA.150-1.M2
> 2811: c2800nm-advipservicesk9-mz.124-24.T
> 7206: c7200-advipservicesk9-mz.122-33.SRD1
> 7606: c7600rsp72043-advipservicesk9-mz.122-33.SRD4
> As you can see the problem is not specific to a certain hardware or software
> version, I suppuse I can assume all versions have this problem....
Hack for rancid 2.3.4
> >
> >Index: rancid.in
> >===================================================================
> >--- rancid.in (revision 2211)
> >+++ rancid.in (working copy)
> >@@ -1523,6 +1523,7 @@
> > sub WriteTerm {
> > print STDERR " In WriteTerm: $_" if ($debug);
> > my($lineauto,$comment,$linecnt) = (0,0,0);
> >+ my($subconfig) = "";
> >
> > while (<INPUT>) {
> > tr/\015//d;
> >@@ -1539,6 +1540,9 @@
> > my($len) = length($1);
> > s/^$1\s{$len}//;
> > }
> >+ if (/^\S/) {
> >+ $subconfig = "";
> >+ }
> > /^! no configuration change since last restart/i && next;
> > # skip emtpy lines at the beginning
> > if (!$linecnt && /^\s*$/) {
> >@@ -1579,6 +1583,21 @@
> > }
> > $comment = 0;
> >
> >+ # l2tp-class
> >+ if (/^l2tp-class /) { $subconfig = "l2tp-class"; }
> >+ if ($subconfig == "l2tp-class" && /password ((\d) \S+|\S+)/) {
> >+ if ($filter_pwds >= 2) {
> >+ ProcessHistory("L2TP","keysort","$subconfig",
> >+ "! password <removed>\n");
> >+ } elsif ($filter_pwds >= 1 && $4 ne "5"){
> >+ ProcessHistory("L2TP","keysort","$subconfig",
> >+ "! password <removed>\n");
> >+ } else {
> >+ ProcessHistory("L2TP","keysort","$subconfig","$_");
> >+ }
> >+ next;
> >+ }
> >+
> > # Dog gone Cool matches to process the rest of the config
> > The second issue involves Brocades (former Foundry Networks) Metro Ring
> > Protocol. You have to specify two interfaces which are defining the east
> > and west side of the ring as from this boxes perspective. Sure, they
> > might change if a break in the ring happens. But I am seeing toggling
> > between these interfaces way more than we have ring-breaks...
> >
> > A typical output of such a changeset would look like this:
> > --snip
> > metro-ring ID
> > - ring-interfaces ethernet 1 ethernet 7
> > + ring-interfaces ethernet 7 ethernet 1
> > --snap
> >
> > Any ideas how to filter this toggling, but still keep the informations
> > about the ring-interfaces in the output?
>
> same answer; the state should never be reflected in the configuration. of
> course, i do not know if foundry has ever fixed a UI bug, so they're
> unlikely to fix it. so, you will need a filter or some sorting; if ring
> interfaces can be configured one per-line, like
> ring-interfaces ethernet 7
> ring-interfaces ethernet 1
> then i would split those lines like this and use ProcessHistory to sort on
> the interface.
>
> > --
> > Best regards,
> > Roman Hochuli
> > Operations Manager
> >
> > nexellent ag
> > Saegereistrasse 33
> > CH-8152 Glattbrugg
> >
> > Phone: +41 44 872 20 00
> > Fax: +41 44 872 20 01
> > URL: www.nexellent.ch
> > X-NCC-RegID: ch.nexellent
> >
> > Imagination is the one weapon in the war
> > against reality.
> > -- Jules de Gaultier
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss [at] shrubbery
> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss [at] shrubbery
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
|
