Discussion:
[rancid] RANCID is incorrectly parsing my Cisco IOS Firewall, adding linebreaks, joining lines, etc
Jason Humes
2014-09-12 19:06:12 UTC
Permalink
Hi
Recently upgraded to RANCID 3.1 and I'm finding all our Cisco devices are coming up with new configs after every run due to rancid adding line breaks in some cases and in others it joins two lines of the config.

Any thoughts on why this might be going on? I'm running Ubuntu 14.04.

Thanks


Jason
Jason Humes
2014-09-12 20:10:32 UTC
Permalink
Here is an example;

Index: configs/ core4506
===================================================================
- -- configs/ core4506 (revision 198)
@@ -446,9 +446,9 @@
!VLAN: Fa2/6, Fa2/7, Fa2/8, Fa2/10, Fa2/11, Fa2/13, Fa2/14, Fa2/15, Fa2/16, Fa2/17, Fa2/19
!VLAN: Fa2/20, Fa2/22, Fa2/23, Fa2/24, Fa2/29, Fa2/32, Fa2/33, Fa2/34, Fa2/40, Fa2/41
!VLAN: Fa2/42, Fa2/43, Fa2/44, Fa2/45, Fa2/46, Fa2/47, Fa2/48, Te3/1, Te3/2, Gi3/3, Gi3/4
- !VLAN: Gi3/5, Gi3/6, Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/34, Gi6/5, Gi6/15
- !VLAN: Gi6/18, Gi6/19, Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35, Gi6/36
- !VLAN: Gi6/37, Gi6/38, Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
+ !VLAN: Gi3/5, Gi3/6, Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/14, Gi5/34, Gi6/5
+ !VLAN: Gi6/15, Gi6/18, Gi6/19, Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35
+ !VLAN: Gi6/36, Gi6/37, Gi6/38, Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
!VLAN: 2 Engineering active Fa1/29, Fa1/32, Fa1/35, Fa1/44, Fa1/45, Fa1/47, Fa2/18, Gi5/15, Gi5/33, Gi6/32
!VLAN: Gi6/40
!VLAN: 3 EDM active


Jason

-----Original Message-----
From: Jason Humes
Sent: Friday, September 12, 2014 3:06 PM
To: rancid-***@shrubbery.net
Subject: RANCID is incorrectly parsing my Cisco IOS Firewall, adding linebreaks, joining lines, etc

Hi
Recently upgraded to RANCID 3.1 and I'm finding all our Cisco devices are coming up with new configs after every run due to rancid adding line breaks in some cases and in others it joins two lines of the config.

Any thoughts on why this might be going on? I'm running Ubuntu 14.04.

Thanks


Jason
Alan McKinnon
2014-09-12 20:41:24 UTC
Permalink
Post by Jason Humes
Here is an example;
Index: configs/ core4506
===================================================================
- -- configs/ core4506 (revision 198)
@@ -446,9 +446,9 @@
!VLAN: Fa2/6, Fa2/7, Fa2/8, Fa2/10, Fa2/11, Fa2/13, Fa2/14, Fa2/15, Fa2/16, Fa2/17, Fa2/19
!VLAN: Fa2/20, Fa2/22, Fa2/23, Fa2/24, Fa2/29, Fa2/32, Fa2/33, Fa2/34, Fa2/40, Fa2/41
!VLAN: Fa2/42, Fa2/43, Fa2/44, Fa2/45, Fa2/46, Fa2/47, Fa2/48, Te3/1, Te3/2, Gi3/3, Gi3/4
- !VLAN: Gi3/5, Gi3/6, Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/34, Gi6/5, Gi6/15
- !VLAN: Gi6/18, Gi6/19, Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35, Gi6/36
- !VLAN: Gi6/37, Gi6/38, Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
+ !VLAN: Gi3/5, Gi3/6, Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/14, Gi5/34, Gi6/5
+ !VLAN: Gi6/15, Gi6/18, Gi6/19, Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35
+ !VLAN: Gi6/36, Gi6/37, Gi6/38, Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
!VLAN: 2 Engineering active Fa1/29, Fa1/32, Fa1/35, Fa1/44, Fa1/45, Fa1/47, Fa2/18, Gi5/15, Gi5/33, Gi6/32
!VLAN: Gi6/40
!VLAN: 3 EDM active
Jason
-----Original Message-----
From: Jason Humes
Sent: Friday, September 12, 2014 3:06 PM
Subject: RANCID is incorrectly parsing my Cisco IOS Firewall, adding linebreaks, joining lines, etc
Hi
Recently upgraded to RANCID 3.1 and I'm finding all our Cisco devices are coming up with new configs after every run due to rancid adding line breaks in some cases and in others it joins two lines of the config.
Any thoughts on why this might be going on? I'm running Ubuntu 14.04.
Thanks
Jason,

That doesn't look like "adding linebreaks, joining lines" to me, it
looks like the device is simply not sorting the list so the order ir
seemingly random.

Sort the list in the main processing loop before outputting it. The code
for prefix lists has some clues of how to approach this (but the final
implementation will be very different)
--
Alan McKinnon
***@gmail.com
Lee
2014-09-13 17:07:11 UTC
Permalink
looks like there was a change - Gi5/14 was added to vlan 1

lee
Post by Jason Humes
Here is an example;
Index: configs/ core4506
===================================================================
- -- configs/ core4506 (revision 198)
@@ -446,9 +446,9 @@
!VLAN: Fa2/6, Fa2/7,
Fa2/8, Fa2/10, Fa2/11, Fa2/13, Fa2/14, Fa2/15, Fa2/16, Fa2/17, Fa2/19
!VLAN: Fa2/20, Fa2/22,
Fa2/23, Fa2/24, Fa2/29, Fa2/32, Fa2/33, Fa2/34, Fa2/40, Fa2/41
!VLAN: Fa2/42, Fa2/43,
Fa2/44, Fa2/45, Fa2/46, Fa2/47, Fa2/48, Te3/1, Te3/2, Gi3/3, Gi3/4
- !VLAN: Gi3/5, Gi3/6,
Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/34, Gi6/5, Gi6/15
- !VLAN: Gi6/18, Gi6/19,
Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35, Gi6/36
- !VLAN: Gi6/37, Gi6/38,
Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
+ !VLAN: Gi3/5, Gi3/6,
Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/14, Gi5/34, Gi6/5
+ !VLAN: Gi6/15, Gi6/18,
Gi6/19, Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35
+ !VLAN: Gi6/36, Gi6/37,
Gi6/38, Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
!VLAN: 2 Engineering active Fa1/29, Fa1/32,
Fa1/35, Fa1/44, Fa1/45, Fa1/47, Fa2/18, Gi5/15, Gi5/33, Gi6/32
!VLAN: Gi6/40
!VLAN: 3 EDM active
Jason
-----Original Message-----
From: Jason Humes
Sent: Friday, September 12, 2014 3:06 PM
Subject: RANCID is incorrectly parsing my Cisco IOS Firewall, adding
linebreaks, joining lines, etc
Hi
Recently upgraded to RANCID 3.1 and I'm finding all our Cisco devices are
coming up with new configs after every run due to rancid adding line breaks
in some cases and in others it joins two lines of the config.
Any thoughts on why this might be going on? I'm running Ubuntu 14.04.
Thanks
Jason
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
heasley
2014-09-15 19:59:37 UTC
Permalink
Post by Lee
looks like there was a change - Gi5/14 was added to vlan 1
Correct. the catalyst do not seem to be consistent with how they order
ports in the list when the list changes, but do not seem to change the
order otherwise.
Post by Lee
lee
Post by Jason Humes
Here is an example;
are you doing vtp?
Post by Lee
Post by Jason Humes
Index: configs/ core4506
===================================================================
- -- configs/ core4506 (revision 198)
@@ -446,9 +446,9 @@
!VLAN: Fa2/6, Fa2/7,
Fa2/8, Fa2/10, Fa2/11, Fa2/13, Fa2/14, Fa2/15, Fa2/16, Fa2/17, Fa2/19
!VLAN: Fa2/20, Fa2/22,
Fa2/23, Fa2/24, Fa2/29, Fa2/32, Fa2/33, Fa2/34, Fa2/40, Fa2/41
!VLAN: Fa2/42, Fa2/43,
Fa2/44, Fa2/45, Fa2/46, Fa2/47, Fa2/48, Te3/1, Te3/2, Gi3/3, Gi3/4
- !VLAN: Gi3/5, Gi3/6,
Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/34, Gi6/5, Gi6/15
- !VLAN: Gi6/18, Gi6/19,
Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35, Gi6/36
- !VLAN: Gi6/37, Gi6/38,
Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
+ !VLAN: Gi3/5, Gi3/6,
Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/14, Gi5/34, Gi6/5
+ !VLAN: Gi6/15, Gi6/18,
Gi6/19, Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35
+ !VLAN: Gi6/36, Gi6/37,
Gi6/38, Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
!VLAN: 2 Engineering active Fa1/29, Fa1/32,
Fa1/35, Fa1/44, Fa1/45, Fa1/47, Fa2/18, Gi5/15, Gi5/33, Gi6/32
!VLAN: Gi6/40
!VLAN: 3 EDM active
Jason
-----Original Message-----
From: Jason Humes
Sent: Friday, September 12, 2014 3:06 PM
Subject: RANCID is incorrectly parsing my Cisco IOS Firewall, adding
linebreaks, joining lines, etc
Hi
Recently upgraded to RANCID 3.1 and I'm finding all our Cisco devices are
coming up with new configs after every run due to rancid adding line breaks
in some cases and in others it joins two lines of the config.
Any thoughts on why this might be going on? I'm running Ubuntu 14.04.
Thanks
Jason
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Lee
2014-09-17 02:01:22 UTC
Permalink
Post by heasley
Post by Lee
looks like there was a change - Gi5/14 was added to vlan 1
Correct. the catalyst do not seem to be consistent with how they order
ports in the list when the list changes,
really? Not that I've paid all that much attention to it, but the
list always seems to be in ascending order. At least for cat6500s...

Lee
Post by heasley
Post by Lee
lee
Post by Jason Humes
Here is an example;
are you doing vtp?
Post by Lee
Post by Jason Humes
Index: configs/ core4506
===================================================================
- -- configs/ core4506 (revision 198)
@@ -446,9 +446,9 @@
!VLAN: Fa2/6, Fa2/7,
Fa2/8, Fa2/10, Fa2/11, Fa2/13, Fa2/14, Fa2/15, Fa2/16, Fa2/17, Fa2/19
!VLAN: Fa2/20, Fa2/22,
Fa2/23, Fa2/24, Fa2/29, Fa2/32, Fa2/33, Fa2/34, Fa2/40, Fa2/41
!VLAN: Fa2/42, Fa2/43,
Fa2/44, Fa2/45, Fa2/46, Fa2/47, Fa2/48, Te3/1, Te3/2, Gi3/3, Gi3/4
- !VLAN: Gi3/5, Gi3/6,
Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/34, Gi6/5, Gi6/15
- !VLAN: Gi6/18, Gi6/19,
Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35, Gi6/36
- !VLAN: Gi6/37, Gi6/38,
Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
+ !VLAN: Gi3/5, Gi3/6,
Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/14, Gi5/34, Gi6/5
+ !VLAN: Gi6/15, Gi6/18,
Gi6/19, Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35
+ !VLAN: Gi6/36, Gi6/37,
Gi6/38, Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
!VLAN: 2 Engineering active Fa1/29, Fa1/32,
Fa1/35, Fa1/44, Fa1/45, Fa1/47, Fa2/18, Gi5/15, Gi5/33, Gi6/32
!VLAN: Gi6/40
!VLAN: 3 EDM active
Jason
-----Original Message-----
From: Jason Humes
Sent: Friday, September 12, 2014 3:06 PM
Subject: RANCID is incorrectly parsing my Cisco IOS Firewall, adding
linebreaks, joining lines, etc
Hi
Recently upgraded to RANCID 3.1 and I'm finding all our Cisco devices are
coming up with new configs after every run due to rancid adding line breaks
in some cases and in others it joins two lines of the config.
Any thoughts on why this might be going on? I'm running Ubuntu 14.04.
Thanks
Jason
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Per-Olof Olsson
2014-09-16 21:17:35 UTC
Permalink
Hello

Have seen diffs like this when vtp trunks change up/down state.

Formating is done by IOS for "show vlan", so it will be hard to fix splited lines in rancid.
You are not alone to dislike diffs like this.
In many IOS versions it posible turn of all line wrapping by setting "terminal length 0".
I think it's one way of make diffs from "show vlan" more readable.
Post by Jason Humes
Here is an example;
Index: configs/ core4506
===================================================================
- -- configs/ core4506 (revision 198)
@@ -446,9 +446,9 @@
!VLAN: Fa2/6, Fa2/7, Fa2/8, Fa2/10, Fa2/11, Fa2/13, Fa2/14, Fa2/15, Fa2/16, Fa2/17, Fa2/19
!VLAN: Fa2/20, Fa2/22, Fa2/23, Fa2/24, Fa2/29, Fa2/32, Fa2/33, Fa2/34, Fa2/40, Fa2/41
!VLAN: Fa2/42, Fa2/43, Fa2/44, Fa2/45, Fa2/46, Fa2/47, Fa2/48, Te3/1, Te3/2, Gi3/3, Gi3/4
- !VLAN: Gi3/5, Gi3/6, Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/34, Gi6/5, Gi6/15
- !VLAN: Gi6/18, Gi6/19, Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35, Gi6/36
- !VLAN: Gi6/37, Gi6/38, Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
+ !VLAN: Gi3/5, Gi3/6, Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/14, Gi5/34, Gi6/5
+ !VLAN: Gi6/15, Gi6/18, Gi6/19, Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35
+ !VLAN: Gi6/36, Gi6/37, Gi6/38, Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
!VLAN: 2 Engineering active Fa1/29, Fa1/32, Fa1/35, Fa1/44, Fa1/45, Fa1/47, Fa2/18, Gi5/15, Gi5/33, Gi6/32
!VLAN: Gi6/40
!VLAN: 3 EDM active
Jason
-----Original Message-----
From: Jason Humes
Sent: Friday, September 12, 2014 3:06 PM
Subject: RANCID is incorrectly parsing my Cisco IOS Firewall, adding linebreaks, joining lines, etc
Hi
Recently upgraded to RANCID 3.1 and I'm finding all our Cisco devices are coming up with new configs after every run due to rancid adding line breaks in some cases and in others it joins two lines of the config.
Any thoughts on why this might be going on? I'm running Ubuntu 14.04.
Thanks
Jason
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
/Peo
----------------------------------------------------------
Per-Olof Olsson Email: ***@chalmers.se
Chalmers tekniska högskola IT-service
Arvid Hedvalls backe 6 412 96 Göteborg
Tel: 031/772 6738 Fax: 031/772 8680
----------------------------------------------------------
Lee
2014-09-17 02:15:57 UTC
Permalink
Post by Per-Olof Olsson
Hello
Have seen diffs like this when vtp trunks change up/down state.
Doesn't need to be vtp. We have lots of blade servers & their switch
ports are configured as trunks (_without_ vlan 1 on the trunk). When
the server people move the blade to another slot, shut the server
down, etc. the switch port goes down & a "show vlan" says the port is
on vlan 1 :(

Lee
Post by Per-Olof Olsson
Formating is done by IOS for "show vlan", so it will be hard to fix splited
lines in rancid.
You are not alone to dislike diffs like this.
In many IOS versions it posible turn of all line wrapping by setting "terminal length 0".
I think it's one way of make diffs from "show vlan" more readable.
Post by Jason Humes
Here is an example;
Index: configs/ core4506
===================================================================
- -- configs/ core4506 (revision 198)
@@ -446,9 +446,9 @@
!VLAN: Fa2/6, Fa2/7,
Fa2/8, Fa2/10, Fa2/11, Fa2/13, Fa2/14, Fa2/15, Fa2/16, Fa2/17, Fa2/19
!VLAN: Fa2/20, Fa2/22,
Fa2/23, Fa2/24, Fa2/29, Fa2/32, Fa2/33, Fa2/34, Fa2/40, Fa2/41
!VLAN: Fa2/42, Fa2/43,
Fa2/44, Fa2/45, Fa2/46, Fa2/47, Fa2/48, Te3/1, Te3/2, Gi3/3, Gi3/4
- !VLAN: Gi3/5, Gi3/6,
Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/34, Gi6/5, Gi6/15
- !VLAN: Gi6/18, Gi6/19,
Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35, Gi6/36
- !VLAN: Gi6/37, Gi6/38,
Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
+ !VLAN: Gi3/5, Gi3/6,
Te4/1, Te4/2, Gi4/3, Gi4/4, Gi4/5, Gi4/6, Gi5/14, Gi5/34, Gi6/5
+ !VLAN: Gi6/15, Gi6/18,
Gi6/19, Gi6/20, Gi6/22, Gi6/23, Gi6/24, Gi6/28, Gi6/34, Gi6/35
+ !VLAN: Gi6/36, Gi6/37,
Gi6/38, Gi6/39, Gi7/7, Gi7/8, Gi7/9, Gi7/10, Gi7/11, Gi7/12
!VLAN: 2 Engineering active Fa1/29, Fa1/32,
Fa1/35, Fa1/44, Fa1/45, Fa1/47, Fa2/18, Gi5/15, Gi5/33, Gi6/32
!VLAN: Gi6/40
!VLAN: 3 EDM active
Jason
-----Original Message-----
From: Jason Humes
Sent: Friday, September 12, 2014 3:06 PM
Subject: RANCID is incorrectly parsing my Cisco IOS Firewall, adding
linebreaks, joining lines, etc
Hi
Recently upgraded to RANCID 3.1 and I'm finding all our Cisco devices are
coming up with new configs after every run due to rancid adding line
breaks in some cases and in others it joins two lines of the config.
Any thoughts on why this might be going on? I'm running Ubuntu 14.04.
Thanks
Jason
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
/Peo
----------------------------------------------------------
Chalmers tekniska högskola IT-service
Arvid Hedvalls backe 6 412 96 Göteborg
Tel: 031/772 6738 Fax: 031/772 8680
----------------------------------------------------------
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
heasley
2014-09-23 15:31:17 UTC
Permalink
Post by Per-Olof Olsson
Hello
Have seen diffs like this when vtp trunks change up/down state.
Formating is done by IOS for "show vlan", so it will be hard to fix splited lines in rancid.
You are not alone to dislike diffs like this.
In many IOS versions it posible turn of all line wrapping by setting "terminal length 0".
I think it's one way of make diffs from "show vlan" more readable.
The code should not save show vlan output if the switch is not doing VTP
transparent, which is why I was asking if VTP was being used.

another option, for rancid 3.0, is just comment-out the show vlan command.

yet another option, for formatting, is to break-up each port member into an
individual line. less compact, but more easily read diffs

Loading...