Re: [rancid] Extreme switch policy backup.
On 27/08/2019 20:17, john heasley wrote: ping. I'd be grateful if someone would test this change for policy backup on extreme. Oops, sorry. That fell off the list. I'll take a look in the next couple of days. Paul. ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: [rancid] Extreme switch policy backup.
Fri, Jul 12, 2019 at 08:05:30PM +, john heasley:
> Fri, Jul 12, 2019 at 08:30:28PM +0100, Paul Thornton:
> > Hi
> >
> > We had a patch to 2.3's xrancid which we were running at some stage in
> > the past N years that did this already - but can't I find it, and we
> > aren't running it on our current rancid system either. Thanks to Chris'
> > E-mail at least I've been reminded of that.
> >
> > It wasn't a hard thing to add.
> >
> > On 12/07/2019 20:15, john heasley wrote:
> > > Tue, Jul 09, 2019 at 09:55:56PM +, Chris Davis:
> > >> We've just gotten a few Extreme switches (model X440-G2) and I've gotten
> > >> them set up in Rancid. But while I get the configs, I have a few
> > >> policies as well. They're kept as .pol files on the switch. Is there a
> > >> way to include the policy files in the backup that Rancid takes? It
> > >> would be particularly helpful. I've done some searching, and seen folks
> > >> ask about it. But no real answers. Lots of modifications to commands
> > >> from 4 years ago but nothing current. There's a command that will print
> > >> it all out, just not sure how to add it into the mix. Don't like to
> > >> modify something like Rancid if there's already a way within the system
> > >> to make it happen.
> > >
> > > what is the command to display the policy? can you provide an example of
> > > the command and output, from prompt to the next prompt? is the output
> > > format and order stable?
> > >
> > > i see an incomplete example here;
> > > http://www.shrubbery.net/pipermail/rancid-discuss/2014-May/007659.html
> >
> > The format isn't great. The switch basically outputs
> > Policies at Policy Server:
> > Policy:
> >
> > Number of clients bound to policy:
> > Client:
> >
> > My hunch would be not to try and parse this lot at all, but just execute
> > the 'show policy detail' and wait for the prompt to come back. I'm
> > pretty sure that's all we did; I remember it just diffed everything and
> > you saw quickly if a policy was added/removed just as easily.
> > It is theoretically possible for someone to have a prompt matching
> > string in the policy file as a comment, but lets ignore that madness for
> > now.
> >
> > This example shows three policies as an example:
> >
> > * ag1.hbr.2 # dis clip
> > * ag1.hbr.3 # show policy detail
> > Policies at Policy Server:
> > Policy: as65001-in-v4
> > entry term10 {
>
> Cool. Could you test this?
ping. I'd be grateful if someone would test this change for policy
backup on extreme.
> diff --git a/etc/rancid.types.base b/etc/rancid.types.base
> index 18139479..6c3a80aa 100644
> --- a/etc/rancid.types.base
> +++ b/etc/rancid.types.base
> @@ -381,6 +381,7 @@ extreme;command;exos::ShowMemory;show memory
> extreme;command;exos::ShowDiag;show diag
> extreme;command;exos::ShowSwitch;show switch
> extreme;command;exos::ShowSlot;show slot
> +extreme;command;exos::ShowPolicy;show policy detail
> extreme;command;exos::WriteTerm;show configuration detail
> extreme;command;exos::WriteTerm;show configuration
> #
> diff --git a/lib/exos.pm.in b/lib/exos.pm.in
> index fd7d1482..710a5c0f 100644
> --- a/lib/exos.pm.in
> +++ b/lib/exos.pm.in
> @@ -1,7 +1,5 @@
> package exos;
> ##
> -## $Id$
> -##
> ## @PACKAGE@ @VERSION@
> @copyright@
> #
> @@ -161,6 +159,21 @@ sub ShowDiag {
> return(0);
> }
>
> +# This routine parses "show policy detail"
> +sub ShowPolicy {
> +my($INPUT, $OUTPUT, $cmd) = @_;
> +print STDERR "In ShowPolicy: $_" if ($debug);
> +
> +while (<$INPUT>) {
> + tr/\015//d;
> + last if (/^$prompt/);
> + next if (/^(\s*|\s*$cmd\s*)$/);
> +
> + ProcessHistory("POLICY","","","# $_");
> +}
> +return(0);
> +}
> +
> # This routine parses "show slot"
> sub ShowSlot {
> my($INPUT, $OUTPUT, $cmd) = @_;
>
> ___
> Rancid-discuss mailing list
> Rancid-discuss@shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss
___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: [rancid] Extreme switch policy backup.
Fri, Jul 12, 2019 at 08:30:28PM +0100, Paul Thornton:
> Hi
>
> We had a patch to 2.3's xrancid which we were running at some stage in
> the past N years that did this already - but can't I find it, and we
> aren't running it on our current rancid system either. Thanks to Chris'
> E-mail at least I've been reminded of that.
>
> It wasn't a hard thing to add.
>
> On 12/07/2019 20:15, john heasley wrote:
> > Tue, Jul 09, 2019 at 09:55:56PM +, Chris Davis:
> >> We've just gotten a few Extreme switches (model X440-G2) and I've gotten
> >> them set up in Rancid. But while I get the configs, I have a few policies
> >> as well. They're kept as .pol files on the switch. Is there a way to
> >> include the policy files in the backup that Rancid takes? It would be
> >> particularly helpful. I've done some searching, and seen folks ask about
> >> it. But no real answers. Lots of modifications to commands from 4 years
> >> ago but nothing current. There's a command that will print it all out,
> >> just not sure how to add it into the mix. Don't like to modify something
> >> like Rancid if there's already a way within the system to make it happen.
> >
> > what is the command to display the policy? can you provide an example of
> > the command and output, from prompt to the next prompt? is the output
> > format and order stable?
> >
> > i see an incomplete example here;
> > http://www.shrubbery.net/pipermail/rancid-discuss/2014-May/007659.html
>
> The format isn't great. The switch basically outputs
> Policies at Policy Server:
> Policy:
>
> Number of clients bound to policy:
> Client:
>
> My hunch would be not to try and parse this lot at all, but just execute
> the 'show policy detail' and wait for the prompt to come back. I'm
> pretty sure that's all we did; I remember it just diffed everything and
> you saw quickly if a policy was added/removed just as easily.
> It is theoretically possible for someone to have a prompt matching
> string in the policy file as a comment, but lets ignore that madness for
> now.
>
> This example shows three policies as an example:
>
> * ag1.hbr.2 # dis clip
> * ag1.hbr.3 # show policy detail
> Policies at Policy Server:
> Policy: as65001-in-v4
> entry term10 {
Cool. Could you test this?
diff --git a/etc/rancid.types.base b/etc/rancid.types.base
index 18139479..6c3a80aa 100644
--- a/etc/rancid.types.base
+++ b/etc/rancid.types.base
@@ -381,6 +381,7 @@ extreme;command;exos::ShowMemory;show memory
extreme;command;exos::ShowDiag;show diag
extreme;command;exos::ShowSwitch;show switch
extreme;command;exos::ShowSlot;show slot
+extreme;command;exos::ShowPolicy;show policy detail
extreme;command;exos::WriteTerm;show configuration detail
extreme;command;exos::WriteTerm;show configuration
#
diff --git a/lib/exos.pm.in b/lib/exos.pm.in
index fd7d1482..710a5c0f 100644
--- a/lib/exos.pm.in
+++ b/lib/exos.pm.in
@@ -1,7 +1,5 @@
package exos;
##
-## $Id$
-##
## @PACKAGE@ @VERSION@
@copyright@
#
@@ -161,6 +159,21 @@ sub ShowDiag {
return(0);
}
+# This routine parses "show policy detail"
+sub ShowPolicy {
+my($INPUT, $OUTPUT, $cmd) = @_;
+print STDERR "In ShowPolicy: $_" if ($debug);
+
+while (<$INPUT>) {
+ tr/\015//d;
+ last if (/^$prompt/);
+ next if (/^(\s*|\s*$cmd\s*)$/);
+
+ ProcessHistory("POLICY","","","# $_");
+}
+return(0);
+}
+
# This routine parses "show slot"
sub ShowSlot {
my($INPUT, $OUTPUT, $cmd) = @_;
___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: [rancid] Extreme switch policy backup.
Hi
We had a patch to 2.3's xrancid which we were running at some stage in
the past N years that did this already - but can't I find it, and we
aren't running it on our current rancid system either. Thanks to Chris'
E-mail at least I've been reminded of that.
It wasn't a hard thing to add.
On 12/07/2019 20:15, john heasley wrote:
Tue, Jul 09, 2019 at 09:55:56PM +, Chris Davis:
We've just gotten a few Extreme switches (model X440-G2) and I've gotten them
set up in Rancid. But while I get the configs, I have a few policies as well.
They're kept as .pol files on the switch. Is there a way to include the policy
files in the backup that Rancid takes? It would be particularly helpful. I've
done some searching, and seen folks ask about it. But no real answers. Lots
of modifications to commands from 4 years ago but nothing current. There's a
command that will print it all out, just not sure how to add it into the mix.
Don't like to modify something like Rancid if there's already a way within the
system to make it happen.
what is the command to display the policy? can you provide an example of
the command and output, from prompt to the next prompt? is the output
format and order stable?
i see an incomplete example here;
http://www.shrubbery.net/pipermail/rancid-discuss/2014-May/007659.html
The format isn't great. The switch basically outputs
Policies at Policy Server:
Policy:
Number of clients bound to policy:
Client:
My hunch would be not to try and parse this lot at all, but just execute
the 'show policy detail' and wait for the prompt to come back. I'm
pretty sure that's all we did; I remember it just diffed everything and
you saw quickly if a policy was added/removed just as easily.
It is theoretically possible for someone to have a prompt matching
string in the policy file as a comment, but lets ignore that madness for
now.
This example shows three policies as an example:
* ag1.hbr.2 # dis clip
* ag1.hbr.3 # show policy detail
Policies at Policy Server:
Policy: as65001-in-v4
entry term10 {
if match all {
nlri 185.0.0.0/23 exact ;
nlri 185.0.2.0/24 exact ;
nlri 185.0.3.0/24 exact ;
}
then {
local-preference 500 ;
community add "65301:200" ;
permit ;
}
}
entry term999 {
if match all {
}
then {
deny ;
}
}
Number of clients bound to policy: 1
Client: bgp bound once
Policy: as65001-in-v6
entry term10 {
if match all {
nlri 2001:db8:0::/45 ;
}
then {
local-preference 500 ;
community add "65301:200" ;
permit ;
}
}
entry term999 {
if match all {
}
then {
deny ;
}
}
Number of clients bound to policy: 1
Client: bgp bound once
Policy: as65001-out-v4
entry term10 {
if match all {
nlri 0.0.0.0/0 exact ;
}
then {
permit ;
}
}
entry term999 {
if match all {
}
then {
deny ;
}
}
Number of clients bound to policy: 1
Client: bgp bound once
* ag1.hbr.3 #
___
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: [rancid] Extreme switch policy backup.
Tue, Jul 09, 2019 at 09:55:56PM +, Chris Davis: > We've just gotten a few Extreme switches (model X440-G2) and I've gotten them > set up in Rancid. But while I get the configs, I have a few policies as > well. They're kept as .pol files on the switch. Is there a way to include > the policy files in the backup that Rancid takes? It would be particularly > helpful. I've done some searching, and seen folks ask about it. But no real > answers. Lots of modifications to commands from 4 years ago but nothing > current. There's a command that will print it all out, just not sure how to > add it into the mix. Don't like to modify something like Rancid if there's > already a way within the system to make it happen. what is the command to display the policy? can you provide an example of the command and output, from prompt to the next prompt? is the output format and order stable? i see an incomplete example here; http://www.shrubbery.net/pipermail/rancid-discuss/2014-May/007659.html ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss
[rancid] Extreme switch policy backup.
We've just gotten a few Extreme switches (model X440-G2) and I've gotten them set up in Rancid. But while I get the configs, I have a few policies as well. They're kept as .pol files on the switch. Is there a way to include the policy files in the backup that Rancid takes? It would be particularly helpful. I've done some searching, and seen folks ask about it. But no real answers. Lots of modifications to commands from 4 years ago but nothing current. There's a command that will print it all out, just not sure how to add it into the mix. Don't like to modify something like Rancid if there's already a way within the system to make it happen. Thanks. Chris ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss
