Need help with a script
I have to config 187 routers by march and I would like to see if anybody can help creating an script that would help me do this in a most efficient way. The way I'm doing it is by having a template that most of the config are the same ecept for the loop interface, both primary and backup line, interface for one access point and couple of more configs. Anybody up to this? thanks
Comments
-
Forsaken_GA
Member Posts: 4,024
You're probably not going to find anyone willing to do this for free on this forum. You're essentially requesting a custom script, and that's something you should either contract out, or learn enough to code yourself. -
amb1s1
Member Posts: 408
Forsaken_GA wrote: »You're probably not going to find anyone willing to do this for free on this forum. You're essentially requesting a custom script, and that's something you should either contract out, or learn enough to code yourself.
I actually prefer just an sample how to do this because at the end I would like to learn how to do this myself. The other day I was looking for a way to do a batch to do different ping and traceroute, I didn't know anything about batch script, but I found a sample and then little by little I create a batch that I was looking for. All the sample that I see online for TCL is about testing and diagnostic, but nothing about configuring multiple routers.
About people doing it for free, well if I knew how to do TCL scripting and if someone here need help I would help them for free and I know must of the people here would do it, but I guess we don't have a lots of people with TCL knowledge here, but I may be wrong. -
Forsaken_GA
Member Posts: 4,024
a tcl script on one router isnt going to do you much good, as they tend to reside on the router, and you'd need to add it to multiple routers in order to run it, which defeats your purpose - you could have just configured the routers individually.
There isn't any one scripting language to use for this, pick one you like and go to it. I've seen everything from bash shell scripts, to perl scripts, to python, to php, to expect.
I personally tend to use a bash for loop with an expect script, since I find expect the easiest to make log in and run a few commands. There isn't going to be any one size fits all for this kind of thing, because everyone's needs are different. I can't really share any examples of my work, as they were developed on company time, and are property of the company, and it's a major no no to reveal operational details. -
mikej412
Member Posts: 10,086 ■■■■■■■■■■
I have to agree with Forsaken_GA, this sounds too much like work
I use Excel to create a tab delimited file of specific router/switch information and a UNIX shell script to create the individual configuration files. The configs get dumped on a TFTP server.
If you like programming Excel Macros, you can do it all within Excel.
If you remember the old days when people sent letters, you can use the mail merge function in Word.
Automating configurations
You can learn about Autoconfiguration on The Cisco Learning Network: https://learningnetwork.cisco.com/docs/DOC-9872
Cisco has their solution: No Strings Attached: Cisco Live! Session - Auto Config Deployment using Cisco Config Engine | Network World
You might be able to pay to have your vendor do it (or they can pay to have their distributor do it): http://www.crn.com/news/channel-programs/18840487/tech-data-adds-cisco-auto-configuration-service.htm;jsessionid=vs92GrWaNeDth7W-4sGFhg**.ecappj03:mike: Cisco Certifications -- Collect the Entire Set! -
shednik
Member Posts: 2,005
Depending on what you're actually doing on these routers I see a few options.
I agree with mike and forsaken all of their suggestions are good ones and will definitely be a great learning experience for you.
The one windows utility that is fairly inexpensive you can look at it is kiwi cat tools, I manage about 100 remote routers that are in peoples homes. It has been helpful in doing config back ups and updates. I would prefer to use a better solution but I just don't have the time currently to set something up. -
Netwurk
Member Posts: 1,155 ■■■■■□□□□□
I also use the kiwi tools
You could also use the free trial of the solarwinds product, which a lot of NOCs use (although that might not work as there may be some limitations with the trial version)
And there's always the good old copy and paste method. In other words, you config one router and then copy the config into notepad or gedit (linux). Modify the config as needed and paste it into the second router. Then modify it again for the third and so forth
Time consuming, but hey it's free
-
amb1s1
Member Posts: 408
That was an user on the cisco support forum that help me out with this script. What this script does is create a config output. I'm going to play around to have the script save the output as a .txt file. It would be also if it can look into an excel row and automaticly add the info to the variable. Anybody knows if this is possible, if not with TCL what languange can I use?
unset config_router1 unset config_router2 #set string "hostname loopback G0/0 S0/0 RIP BGP next_hop" set Router(1) "router1 10.1.1.1 20.1.1.1 30.1.1.2 40.0.0.0 50.1.1.1 60.1.1.1" set Router(2) "router2 10.1.2.1 20.1.2.1 30.1.2.2 40.0.0.0 50.1.2.1 60.1.2.1" for {set i 1} {$i<3} {incr i} { append config_router$i "hostname [lrange $Router($i) 0 0]\n interface loopback0\n ip address [lrange $Router($i) 1 1] 255.255.255.255 \n interface gig 0/0\n ip address [lrange $Router($i) 2 2] 255.255.255.0 \n interface Serial 0/0\n ip address [lrange $Router($i) 3 3] 255.255.255.0 \n router rip\n network [lrange $Router($i) 4 4]\n router bgp 1\n neighbor [lrange $Router($i) 5 5] remote-as 100\n ip route [lrange $Router($i) 6 6] 255.255.255.255 70.1.1.1" } puts $config_router1 puts $config_router2 ***************************************** Output will be something like this... puts $config_router1 puts $config_router2 router2 10.1.2.1 20.1.2.1 30.1.2.2 40.0.0.0 50.1.2.1 60.1.2.1 expect1.311> expect1.312> +> +> +> +> +> +> +> +> +> +> +> +> +> +> +> expect1.313> expect1.314> hostname router1 interface loopback0 ip address 10.1.1.1 255.255.255.255 interface gig 0/0 ip address 20.1.1.1 255.255.255.0 interface Serial 0/0 ip address 30.1.1.2 255.255.255.0 router rip network 40.0.0.0 router bgp 1 neighbor 50.1.1.1 remote-as 100 ip route 60.1.1.1 255.255.255.255 70.1.1.1 expect1.315> hostname router2 interface loopback0 ip address 10.1.2.1 255.255.255.255 interface gig 0/0 ip address 20.1.2.1 255.255.255.0 interface Serial 0/0 ip address 30.1.2.2 255.255.255.0 router rip network 40.0.0.0 router bgp 1 neighbor 50.1.2.1 remote-as 100 ip route 60.1.2.1 255.255.255.255 70.1.1.1 -
amb1s1
Member Posts: 408
By the way, all the routers are brand new, no config on it. They are not even out of the box. All 2911 routers.
-
Cucumber
Member Posts: 192
You would need a licensed CRT and Visual Basic script skills to create what you want.
Here is a little example of a CRT script, this would execute a single ping. Not really useful, unless you start throw some more code into it.
#$language = "VBScript"
#$interface = "1.0"
Sub WriteToRouter ( CommandLine )
On Error Resume Next
crt.Screen.send CommandLine&vBCR
if err.Number <> 0 then
On Error Goto 0
end if
End Sub
WriteToRouter "ping 10.0.101.224"
I currently have a 134 KB script that reads a CSV input file, with each row having a IP address. The script connects to said IP address, feeds a predefined username and password, and have an empty routine to basically do whatever you want. I am not sure I would want to give it away, it took me a year to write it and debug it.I hate pandas -
tiersten
Member Posts: 4,505
Eh? 134KB just to do that? Seems a bit big.I currently have a 134 KB script that reads a CSV input file, with each row having a IP address. The script connects to said IP address, feeds a predefined username and password, and have an empty routine to basically do whatever you want.
If I was doing this then I'd be doing it under UNIX and it's easy to do with Expect or Perl/Python if you really want it. OpenSSH or regular telnet would handle the actual network portion and just pipe it into that.
There are plenty of snippets available for Perl and Python which show you respectively how to connect to a network device and snippets on waiting for specific output before sending predefined values or calculated values. -
Cucumber
Member Posts: 192
Eh? 134KB just to do that? Seems a bit big.
Yup it does a couple of fancy stuff. Like spawning several processes for large CSV input files. The input file may have several IP addreses per device, along other flags to alter script behavior (device type, exception passwords, etc). It detects whether VTY or user/pass is asked for. Detects EXEC level and executes "enable" accordingly. It also has several predefined library routines (i.e. to generate and parse inventories, to save command outputs to a file, etc).
EDIT: Oh yeah, and if it cant connect to a device it saves the device in a pending device list, it may try connecting several times, and produces a single log CSV file for further processing.I hate pandas -
tiersten
Member Posts: 4,505
Ahh okay. I was just wondering as 134K just seemed massive with the basic feature list you gave earlier. If you've got all that extra support stuff and handlers then its understandable. Sounds like a very powerful tool.Yup it does a couple of fancy stuff. Like spawning several processes for large CSV input files. The input file may have several IP addreses per device, along other flags to alter script behavior (device type, exception passwords, etc). It detects whether VTY or user/pass is asked for. Detects EXEC level and executes "enable" accordingly. It also has several predefined library routines (i.e. to generate and parse inventories, to save command outputs to a file, etc).
EDIT: Oh yeah, and if it cant connect to a device it saves the device in a pending device list, it may try connecting several times, and produces a single log CSV file for further processing. -
Netwurk
Member Posts: 1,155 ■■■■■□□□□□
I think perl is the best for cisco scripting but I'll admit I'm sort of a noob when it comes to programming. Although I was very good at command line Basic back in the day and I can still write some awesome DOS/Win batch scripts.
The Cisco IOS Cookbook (O'Reilly) has some cool perl scripts for anyone who is interested. Just make sure you grab the 2nd edition - a lot of bookstores have old copies of the 1st edition and you don't want to spend 60 bucks for old (but admittedly still good) material. I think perl works best with the 'nix platforms although some day I might try the Windows port.
Good luck scripting friends -
jason_lunde
Member Posts: 567
Just get another person to open boxes, modify a text file, and cntrl-a, right-click and be done...should take a solid day at most. You'll take more time trying to perfect a script than to just go all old school on it.
-
daisytele
Member Posts: 4 ■□□□□□□□□□
Actually their is a great excel macro worksheet called CLI template for Cisco 851W/871W standard IOS . works great ...
It's on TechRepublic website. Example below:
service password-encryption
hostname [Router-Name]
enable secret [Some-Password]
enable password [Some-Other-Password]
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
ip http server
ip http secure-server
line con 0
password [Some-Password]
line vty 0 4
password [Some-Password]
ip domain name [Domain-name]
no ip domain lookup
username [Your-username] privilege 15 password [Your-password]
ip dhcp excluded-address [Start-exclude-1] [End-exclude-1]
ip dhcp excluded-address [Start-exclude-20] [End-exclude-20]
service dhcp
ip dhcp pool Internal-net
network [Network1-ID] [Subnet-mask-1]
default-router [Gateway-1]
import all
domain-name [Domain-name]
lease 4
ip dhcp pool VLAN20
network [Network20-ID] [Subnet-mask-20]
default-router [Gateway-20]
import all
domain-name [Domain-name]
lease 4
access-list 1 permit [Network1-ID] [Reverse-mask-1]
access-list 1 permit [Network20-ID] [Reverse-mask-20]
ip nat inside source list 1 interface FastEthernet4 overload
ip access-list extended Guest-ACL
deny ip any [Network1-ID] [Reverse-mask-1]
permit ip any any
interface FastEthernet4
ip address [WAN-IP] [WAN-SM]
ip tcp adjust-mss 1460
ip nat outside
no cdp enable
ip route 0.0.0.0 0.0.0.0 [WAN-GW]
interface FastEthernet0
spanning-tree portfast
interface FastEthernet1
spanning-tree portfast
interface FastEthernet2
spanning-tree portfast
interface FastEthernet3
spanning-tree portfast
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no snmp trap link-status
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0.20
description Guest wireless LAN - routed WLAN
encapsulation dot1Q 20
ip address [Gateway-20] [Subnet-mask-20]
ip nat inside
interface Vlan1
description Internal Network
ip nat inside
ip virtual-reassembly
bridge-group 1
bridge-group 1 spanning-disabled
interface BVI1
description Bridge to Internal Network
ip address [Gateway-1] [Subnet-mask-1]
ip nat inside
ip virtual-reassembly
bridge 1 route ip
int f0
no shut
int f1
no shut
int f2
no shut
int f3
no shut
int f4
no shut
int dot0
no shut
ip access-list extended Internet-inbound-ACL
permit icmp any any echo
permit icmp any any echo-reply
permit icmp any any traceroute
permit gre any any
permit esp any any
interface FastEthernet4
ip access-group Internet-inbound-ACL in
interface Dot11Radio0.20
Good luck. just modified to your setup
