Need help with a script

amb1s1

I have to config 187 routers by march and I would like to see if anybody can help creating an script that would help me do this in a most efficient way. The way I'm doing it is by having a template that most of the config are the same ecept for the loop interface, both primary and backup line, interface for one access point and couple of more configs. Anybody up to this? thanks

Forsaken_GA

You're probably not going to find anyone willing to do this for free on this forum. You're essentially requesting a custom script, and that's something you should either contract out, or learn enough to code yourself.

amb1s1

Forsaken_GA wrote: »

You're probably not going to find anyone willing to do this for free on this forum. You're essentially requesting a custom script, and that's something you should either contract out, or learn enough to code yourself.

I actually prefer just an sample how to do this because at the end I would like to learn how to do this myself. The other day I was looking for a way to do a batch to do different ping and traceroute, I didn't know anything about batch script, but I found a sample and then little by little I create a batch that I was looking for. All the sample that I see online for TCL is about testing and diagnostic, but nothing about configuring multiple routers.

About people doing it for free, well if I knew how to do TCL scripting and if someone here need help I would help them for free and I know must of the people here would do it, but I guess we don't have a lots of people with TCL knowledge here, but I may be wrong.

Forsaken_GA

a tcl script on one router isnt going to do you much good, as they tend to reside on the router, and you'd need to add it to multiple routers in order to run it, which defeats your purpose - you could have just configured the routers individually.

There isn't any one scripting language to use for this, pick one you like and go to it. I've seen everything from bash shell scripts, to perl scripts, to python, to php, to expect.

I personally tend to use a bash for loop with an expect script, since I find expect the easiest to make log in and run a few commands. There isn't going to be any one size fits all for this kind of thing, because everyone's needs are different. I can't really share any examples of my work, as they were developed on company time, and are property of the company, and it's a major no no to reveal operational details.

mikej412

I have to agree with Forsaken_GA, this sounds too much like work

I use Excel to create a tab delimited file of specific router/switch information and a UNIX shell script to create the individual configuration files. The configs get dumped on a TFTP server.

If you like programming Excel Macros, you can do it all within Excel.

If you remember the old days when people sent letters, you can use the mail merge function in Word.

Automating configurations

You can learn about Autoconfiguration on The Cisco Learning Network: https://learningnetwork.cisco.com/docs/DOC-9872

Cisco has their solution: No Strings Attached: Cisco Live! Session - Auto Config Deployment using Cisco Config Engine | Network World

You might be able to pay to have your vendor do it (or they can pay to have their distributor do it): http://www.crn.com/news/channel-programs/18840487/tech-data-adds-cisco-auto-configuration-service.htm;jsessionid=vs92GrWaNeDth7W-4sGFhg**.ecappj03

shednik

Depending on what you're actually doing on these routers I see a few options.

I agree with mike and forsaken all of their suggestions are good ones and will definitely be a great learning experience for you.

The one windows utility that is fairly inexpensive you can look at it is kiwi cat tools, I manage about 100 remote routers that are in peoples homes. It has been helpful in doing config back ups and updates. I would prefer to use a better solution but I just don't have the time currently to set something up.

Netwurk

I also use the kiwi tools

You could also use the free trial of the solarwinds product, which a lot of NOCs use (although that might not work as there may be some limitations with the trial version)

And there's always the good old copy and paste method. In other words, you config one router and then copy the config into notepad or gedit (linux). Modify the config as needed and paste it into the second router. Then modify it again for the third and so forth

Time consuming, but hey it's free

amb1s1

That was an user on the cisco support forum that help me out with this script. What this script does is create a config output. I'm going to play around to have the script save the output as a .txt file. It would be also if it can look into an excel row and automaticly add the info to the variable. Anybody knows if this is possible, if not with TCL what languange can I use?

unset config_router1
unset config_router2

 
#set string     "hostname loopback G0/0       S0/0      RIP        BGP      next_hop"
set Router(1) "router1  10.1.1.1    20.1.1.1  30.1.1.2  40.0.0.0 50.1.1.1 60.1.1.1"
set Router(2) "router2  10.1.2.1    20.1.2.1  30.1.2.2  40.0.0.0 50.1.2.1 60.1.2.1"

 
for {set i 1} {$i<3} {incr i} {

 
append config_router$i "hostname [lrange $Router($i) 0 0]\n
                       interface loopback0\n 
                       ip address [lrange $Router($i) 1 1] 255.255.255.255 \n
                       interface gig 0/0\n 
                       ip address [lrange $Router($i) 2 2] 255.255.255.0 \n
                       interface Serial 0/0\n
                       ip address [lrange $Router($i) 3 3] 255.255.255.0 \n
                       router rip\n
                       network [lrange $Router($i) 4 4]\n
                       router bgp 1\n
                       neighbor [lrange $Router($i) 5 5] remote-as 100\n
                       ip route [lrange $Router($i) 6 6] 255.255.255.255 70.1.1.1"
                       
}                      

 
puts $config_router1
puts $config_router2

 
*****************************************

 
Output will be something like this...

puts $config_router1
puts $config_router2
router2  10.1.2.1 20.1.2.1  30.1.2.2 40.0.0.0 50.1.2.1 60.1.2.1
expect1.311> expect1.312> +> +> +> +> +> +> +> +> +> +> +> +> +> +> +> expect1.313> expect1.314> hostname router1

 
                       interface loopback0

                       ip address 10.1.1.1 255.255.255.255

 
                       interface gig 0/0

                       ip address 20.1.1.1 255.255.255.0

 
                       interface Serial 0/0

 
                       ip address 30.1.1.2 255.255.255.0

 
                       router rip

 
                       network 40.0.0.0

 
                       router bgp 1

 
                       neighbor 50.1.1.1 remote-as 100

 
                       ip route 60.1.1.1 255.255.255.255 70.1.1.1
expect1.315> hostname router2

 
                       interface loopback0

                       ip address 10.1.2.1 255.255.255.255

 
                       interface gig 0/0

                       ip address 20.1.2.1 255.255.255.0

 
                       interface Serial 0/0

 
                       ip address 30.1.2.2 255.255.255.0

 
                       router rip

 
                       network 40.0.0.0

 
                       router bgp 1

 
                       neighbor 50.1.2.1 remote-as 100

 
                       ip route 60.1.2.1 255.255.255.255 70.1.1.1

amb1s1

By the way, all the routers are brand new, no config on it. They are not even out of the box. All 2911 routers.

Cucumber

You would need a licensed CRT and Visual Basic script skills to create what you want.
Here is a little example of a CRT script, this would execute a single ping. Not really useful, unless you start throw some more code into it.

#$language = "VBScript"
#$interface = "1.0"

Sub WriteToRouter ( CommandLine )
On Error Resume Next
crt.Screen.send CommandLine&vBCR
if err.Number <> 0 then
On Error Goto 0
end if
End Sub


WriteToRouter "ping 10.0.101.224"



I currently have a 134 KB script that reads a CSV input file, with each row having a IP address. The script connects to said IP address, feeds a predefined username and password, and have an empty routine to basically do whatever you want. I am not sure I would want to give it away, it took me a year to write it and debug it.

tiersten

Cucumber wrote: »

I currently have a 134 KB script that reads a CSV input file, with each row having a IP address. The script connects to said IP address, feeds a predefined username and password, and have an empty routine to basically do whatever you want.

Eh? 134KB just to do that? Seems a bit big.

If I was doing this then I'd be doing it under UNIX and it's easy to do with Expect or Perl/Python if you really want it. OpenSSH or regular telnet would handle the actual network portion and just pipe it into that.

There are plenty of snippets available for Perl and Python which show you respectively how to connect to a network device and snippets on waiting for specific output before sending predefined values or calculated values.

Cucumber

tiersten wrote: »

Eh? 134KB just to do that? Seems a bit big.

Yup it does a couple of fancy stuff. Like spawning several processes for large CSV input files. The input file may have several IP addreses per device, along other flags to alter script behavior (device type, exception passwords, etc). It detects whether VTY or user/pass is asked for. Detects EXEC level and executes "enable" accordingly. It also has several predefined library routines (i.e. to generate and parse inventories, to save command outputs to a file, etc).

EDIT: Oh yeah, and if it cant connect to a device it saves the device in a pending device list, it may try connecting several times, and produces a single log CSV file for further processing.

tiersten

Cucumber wrote: »

Yup it does a couple of fancy stuff. Like spawning several processes for large CSV input files. The input file may have several IP addreses per device, along other flags to alter script behavior (device type, exception passwords, etc). It detects whether VTY or user/pass is asked for. Detects EXEC level and executes "enable" accordingly. It also has several predefined library routines (i.e. to generate and parse inventories, to save command outputs to a file, etc).

EDIT: Oh yeah, and if it cant connect to a device it saves the device in a pending device list, it may try connecting several times, and produces a single log CSV file for further processing.

Ahh okay. I was just wondering as 134K just seemed massive with the basic feature list you gave earlier. If you've got all that extra support stuff and handlers then its understandable. Sounds like a very powerful tool.

Netwurk

I think perl is the best for cisco scripting but I'll admit I'm sort of a noob when it comes to programming. Although I was very good at command line Basic back in the day and I can still write some awesome DOS/Win batch scripts.

The Cisco IOS Cookbook (O'Reilly) has some cool perl scripts for anyone who is interested. Just make sure you grab the 2nd edition - a lot of bookstores have old copies of the 1st edition and you don't want to spend 60 bucks for old (but admittedly still good) material. I think perl works best with the 'nix platforms although some day I might try the Windows port.

Good luck scripting friends

jason_lunde

Just get another person to open boxes, modify a text file, and cntrl-a, right-click and be done...should take a solid day at most. You'll take more time trying to perfect a script than to just go all old school on it.

daisytele

Actually their is a great excel macro worksheet called CLI template for Cisco 851W/871W standard IOS . works great ...

It's on TechRepublic website. Example below:

service password-encryption
hostname [Router-Name]
enable secret [Some-Password]
enable password [Some-Other-Password]
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
ip http server
ip http secure-server
line con 0
password [Some-Password]
line vty 0 4
password [Some-Password]
ip domain name [Domain-name]
no ip domain lookup
username [Your-username] privilege 15 password [Your-password]
ip dhcp excluded-address [Start-exclude-1] [End-exclude-1]
ip dhcp excluded-address [Start-exclude-20] [End-exclude-20]
service dhcp
ip dhcp pool Internal-net
network [Network1-ID] [Subnet-mask-1]
default-router [Gateway-1]
import all
domain-name [Domain-name]
lease 4
ip dhcp pool VLAN20
network [Network20-ID] [Subnet-mask-20]
default-router [Gateway-20]
import all
domain-name [Domain-name]
lease 4
access-list 1 permit [Network1-ID] [Reverse-mask-1]
access-list 1 permit [Network20-ID] [Reverse-mask-20]
ip nat inside source list 1 interface FastEthernet4 overload
ip access-list extended Guest-ACL
deny ip any [Network1-ID] [Reverse-mask-1]
permit ip any any
interface FastEthernet4
ip address [WAN-IP] [WAN-SM]
ip tcp adjust-mss 1460
ip nat outside
no cdp enable
ip route 0.0.0.0 0.0.0.0 [WAN-GW]
interface FastEthernet0
spanning-tree portfast
interface FastEthernet1
spanning-tree portfast
interface FastEthernet2
spanning-tree portfast
interface FastEthernet3
spanning-tree portfast
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no snmp trap link-status
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0.20
description Guest wireless LAN - routed WLAN
encapsulation dot1Q 20
ip address [Gateway-20] [Subnet-mask-20]
ip nat inside
interface Vlan1
description Internal Network
ip nat inside
ip virtual-reassembly
bridge-group 1
bridge-group 1 spanning-disabled
interface BVI1
description Bridge to Internal Network
ip address [Gateway-1] [Subnet-mask-1]
ip nat inside
ip virtual-reassembly
bridge 1 route ip
int f0
no shut
int f1
no shut
int f2
no shut
int f3
no shut
int f4
no shut
int dot0
no shut
ip access-list extended Internet-inbound-ACL
permit icmp any any echo
permit icmp any any echo-reply
permit icmp any any traceroute
permit gre any any
permit esp any any
interface FastEthernet4
ip access-group Internet-inbound-ACL in
interface Dot11Radio0.20

Good luck. just modified to your setup