Discussion:
[rancid] Extra spaces being randomly added - and seen as config changes
Aaron Wasserott
2013-01-01 22:29:02 UTC
Permalink
I am running RANCID 2.3.8 on Ubuntu 12.04.1 LTS, Precise Pangolin, kernel 3.2.0-35-generic x86_64.

I am seeing some odd behavior when running rancid against Cisco and Mikrotik devices. The output will sometimes have extra spaces - or line breaks maybe? - that is then seen as a config change when it's not. Two examples below. The first from a Mikrotik router and the second a Cisco router.

In the first example an extra space was seen after "sensitive source=" . In the second example the ports listed in the VLAN output break across two lines, but sometimes only one. In this second example, I have noticed it will go back and forth. Sometimes the ports are listed all on one line, sometimes two. I have many Mikrotiks with many lines of configs, so I haven't checked to see if there is a recurring issue with the same line or not.

-----------------

- add name=startup-tone policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=":for t1 from=1 to=10 step=1 do={\r\n :for t2 from=300 to=1800 step=40 do={\r \n :beep frequency=\$t2 length=11ms;\r \n :delay 11ms;\r \n }\r \n }\r \n"
+ add name=startup-tone policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=": for t1 from=1 to=10 step=1 do={\r \n :for t2 from=300 to=1800 step=40 do={\r \n :beep frequency=\$t2 length=11ms;\r \n :delay 11ms;\r \n }\r \n }\r \n"

- !VLAN: 1 default active Fa2, Fa3, Fa4, Fa5, Fa6, Fa7
- !VLAN: Fa8, Fa9
+ !VLAN: 1 default active Fa2, Fa3, Fa4, Fa5, Fa6, Fa7, Fa8, Fa9

-----------------

Anyone know how to fix this?

Thanks,

-Aaron
heasley
2013-01-02 17:24:00 UTC
Permalink
Post by Aaron Wasserott
I am running RANCID 2.3.8 on Ubuntu 12.04.1 LTS, Precise Pangolin, kernel 3.2.0-35-generic x86_64.
I am seeing some odd behavior when running rancid against Cisco and Mikrotik devices. The output will sometimes have extra spaces - or line breaks maybe? - that is then seen as a config change when it's not. Two examples below. The first from a Mikrotik router and the second a Cisco router.
In the first example an extra space was seen after "sensitive source=" . In the second example the ports listed in the VLAN output break across two lines, but sometimes only one. In this second example, I have noticed it will go back and forth. Sometimes the ports are listed all on one line, sometimes two. I have many Mikrotiks with many lines of configs, so I haven't checked to see if there is a recurring issue with the same line or not.
-----------------
- add name=startup-tone policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=":for t1 from=1 to=10 step=1 do={\r\n :for t2 from=300 to=1800 step=40 do={\r \n :beep frequency=\$t2 length=11ms;\r \n :delay 11ms;\r \n }\r \n }\r \n"
+ add name=startup-tone policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=": for t1 from=1 to=10 step=1 do={\r \n :for t2 from=300 to=1800 step=40 do={\r \n :beep frequency=\$t2 length=11ms;\r \n :delay 11ms;\r \n }\r \n }\r \n"
I suspect this is the device. try mtlogin -c 'export' device in a loop and
look for the change. the mtlogin code looks ok to me, but i dont have one of
these for testing.
Post by Aaron Wasserott
- !VLAN: 1 default active Fa2, Fa3, Fa4, Fa5, Fa6, Fa7
- !VLAN: Fa8, Fa9
+ !VLAN: 1 default active Fa2, Fa3, Fa4, Fa5, Fa6, Fa7, Fa8, Fa9
-----------------
this is the device itself, which i thought was due to the terminal width. but
2.3.8 should have the change that sets the width. unless the use that runs
rancid does not have permission to alter the terminal width, i havent an idea
why this would be occuring.
Per-Olof Olsson
2013-01-02 19:09:59 UTC
Permalink
Post by heasley
Post by Aaron Wasserott
I am running RANCID 2.3.8 on Ubuntu 12.04.1 LTS, Precise Pangolin, kernel 3.2.0-35-generic x86_64.
I am seeing some odd behavior when running rancid against Cisco and Mikrotik devices. The output will sometimes have extra spaces - or line breaks maybe? - that is then seen as a config change when it's not. Two examples below. The first from a Mikrotik router and the second a Cisco router.
In the first example an extra space was seen after "sensitive source=" . In the second example the ports listed in the VLAN output break across two lines, but sometimes only one. In this second example, I have noticed it will go back and forth. Sometimes the ports are listed all on one line, sometimes two. I have many Mikrotiks with many lines of configs, so I haven't checked to see if there is a recurring issue with the same line or not.
-----------------
- add name=startup-tone policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=":for t1 from=1 to=10 step=1 do={\r\n :for t2 from=300 to=1800 step=40 do={\r \n :beep frequency=\$t2 length=11ms;\r \n :delay 11ms;\r \n }\r \n }\r \n"
+ add name=startup-tone policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=": for t1 from=1 to=10 step=1 do={\r \n :for t2 from=300 to=1800 step=40 do={\r \n :beep frequency=\$t2 length=11ms;\r \n :delay 11ms;\r \n }\r \n }\r \n"
I suspect this is the device. try mtlogin -c 'export' device in a loop and
look for the change. the mtlogin code looks ok to me, but i dont have one of
these for testing.
Post by Aaron Wasserott
- !VLAN: 1 default active Fa2, Fa3, Fa4, Fa5, Fa6, Fa7
- !VLAN: Fa8, Fa9
+ !VLAN: 1 default active Fa2, Fa3, Fa4, Fa5, Fa6, Fa7, Fa8, Fa9
-----------------
this is the device itself, which i thought was due to the terminal width. but
2.3.8 should have the change that sets the width. unless the use that runs
rancid does not have permission to alter the terminal width, i havent an idea
why this would be occuring.
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
If you upgrade to 2.3.8 it's good habit to compare the new
rancid.conf.sample with current rancid.conf.

Check if you have the new settings for fixed terminal width and
sort order in place, else it will differ if you run rancid from terminal
window och cron.

---------rancid.conf.sample-----------------
#
TERM=network;export TERM
#
# Collating locale
LC_COLLATE="POSIX"; export LC_COLLATE
#
-----------------------------------------

/Peo
----------------------------------------------------------
Per-Olof Olsson Email: ***@chalmers.se
Chalmers tekniska högskola IT-service
Hörsalsvägen 5 412 96 Göteborg
Tel: 031/772 6738 Fax: 031/772 8680
----------------------------------------------------------
Aaron Wasserott
2013-01-04 10:30:43 UTC
Permalink
RANCID is running from crontab, not from a terminal, and the user on the network devices has root-level permissions. All RANCID scripts are at 2.3.8. I am having the same issue discussed here:

http://www.gossamer-threads.com/lists/rancid/users/5887

Where it's just the email output showing a false difference, not the saved config in CVS.

I am pretty sure it's not the device either as I just got it on a ScreenOS firewall and there is no option to set terminal width, just paging (length) which is currently off. Here is an example from a ScreenOS device:

set ike gateway "xcolo" address 123.45.67.89 Main outgoing-interface "bgroup0" preshare "wLE/x18INtTxJ6sT42CM5FxvOphJ/3%YZg==" sec-level standard
+ #set ike gateway "xcolo" address 123.45.67.89 Main outgoing-interface
+ "bgroup0" preshare <removed> sec-level standard

I also setup my internal devices to run every 1min per crontab and it only sees changes when there are actual changes. So it's something in processing the output. I did check against the rancid.conf.sample file and my config was the same. I did add the NOPIPE option recently to see if that would do anything, but it didn't.

umask 027
TMPDIR=/tmp; export TMPDIR
BASEDIR=/var/lib/rancid; export BASEDIR
PATH=/usr/lib/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/bin; export PATH
CVSROOT=$BASEDIR/CVS; export CVSROOT
LOGDIR=$BASEDIR/logs; export LOGDIR
RCSSYS=cvs; export RCSSYS
LIST_OF_GROUPS="internal external"
MAX_ROUNDS=2; export MAX_ROUNDS
FILTER_PWDS=YES; export FILTER_PWDS
NOPIPE=YES; export NOPIPE

Anyone have any ideas how I can fix this? Thanks.

-----Original Message-----
From: Per-Olof Olsson [mailto:***@chalmers.se]
Sent: Wednesday, January 02, 2013 12:10 PM
To: heasley; Aaron Wasserott
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] Extra spaces being randomly added - and seen as config changes
Post by heasley
Post by Aaron Wasserott
I am running RANCID 2.3.8 on Ubuntu 12.04.1 LTS, Precise Pangolin, kernel 3.2.0-35-generic x86_64.
I am seeing some odd behavior when running rancid against Cisco and Mikrotik devices. The output will sometimes have extra spaces - or line breaks maybe? - that is then seen as a config change when it's not. Two examples below. The first from a Mikrotik router and the second a Cisco router.
In the first example an extra space was seen after "sensitive source=" . In the second example the ports listed in the VLAN output break across two lines, but sometimes only one. In this second example, I have noticed it will go back and forth. Sometimes the ports are listed all on one line, sometimes two. I have many Mikrotiks with many lines of configs, so I haven't checked to see if there is a recurring issue with the same line or not.
-----------------
- add name=startup-tone policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=":for t1 from=1 to=10 step=1 do={\r\n :for t2 from=300 to=1800 step=40 do={\r \n :beep frequency=\$t2 length=11ms;\r \n :delay 11ms;\r \n }\r \n }\r \n"
+ add name=startup-tone policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=": for t1 from=1 to=10 step=1 do={\r \n :for t2 from=300 to=1800 step=40 do={\r \n :beep frequency=\$t2 length=11ms;\r \n :delay 11ms;\r \n }\r \n }\r \n"
I suspect this is the device. try mtlogin -c 'export' device in a
loop and look for the change. the mtlogin code looks ok to me, but i
dont have one of these for testing.
Post by Aaron Wasserott
- !VLAN: 1 default active Fa2, Fa3, Fa4, Fa5, Fa6, Fa7
- !VLAN: Fa8, Fa9
+ !VLAN: 1 default active Fa2, Fa3, Fa4, Fa5, Fa6, Fa7, Fa8, Fa9
-----------------
this is the device itself, which i thought was due to the terminal width. but
2.3.8 should have the change that sets the width. unless the use that
runs rancid does not have permission to alter the terminal width, i
havent an idea why this would be occuring.
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
If you upgrade to 2.3.8 it's good habit to compare the new rancid.conf.sample with current rancid.conf.

Check if you have the new settings for fixed terminal width and sort order in place, else it will differ if you run rancid from terminal window och cron.

---------rancid.conf.sample-----------------
#
TERM=network;export TERM
#
# Collating locale
LC_COLLATE="POSIX"; export LC_COLLATE
#
-----------------------------------------

/Peo
----------------------------------------------------------
Per-Olof Olsson Email: ***@chalmers.se
Chalmers tekniska högskola IT-service
Hörsalsvägen 5 412 96 Göteborg
Tel: 031/772 6738 Fax: 031/772 8680
----------------------------------------------------------
Kerry Cox
2013-01-04 15:39:24 UTC
Permalink
Aaron,
Yes, this is the exact same issue I am experiencing with our Cisco ASAs. I get about 8-10 emails a day when they bounce back and forth between the BOOT Variable being populated and then being not populated.

Index: configs/216.51.xx.xx
===================================================================
retrieving revision 1.303
diff -U 4 -r1.303 216.51.xx.xx
@@ -18,9 +18,9 @@
!BootFlash: Current BOOT variable = disk0:/asa911-k8.bin;disk0:/asa901-k8.bin
!BootFlash: CONFIG_FILE variable =
!BootFlash: Current CONFIG_FILE variable =
!
- !BootFlash: BOOT variable = disk0:/asa911-k8.bin;disk0:/asa901-k8.bin
+ !BootFlash: BOOT variable =
!BootFlash: Current BOOT variable = disk0:/asa911-k8.bin;disk0:/asa901-k8.bin
!BootFlash: CONFIG_FILE variable =
!BootFlash: Current CONFIG_FILE variable =
!

I agree it is definitely NOT the device, contrary to what everyone says. And, this is the latest IOS. I am not calling Cisco TAC to let them know that their firmware is causing rancid to detect changes in the BOOT variable.
I also agree it is probably the terminal window settings or cron or something inherent in rancid that is causing it to get changing variables when queried.
If anyone else have any ideas or the rancid developers could shed some light on editing the default settings, that would be most useful.
Kerry


-----Original Message-----
From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Aaron Wasserott
Sent: Friday, January 04, 2013 3:31 AM
To: rancid-***@shrubbery.net
Subject: Re: [rancid] Extra spaces being randomly added - and seen as config changes

RANCID is running from crontab, not from a terminal, and the user on the network devices has root-level permissions. All RANCID scripts are at 2.3.8. I am having the same issue discussed here:

http://www.gossamer-threads.com/lists/rancid/users/5887

Where it's just the email output showing a false difference, not the saved config in CVS.

I am pretty sure it's not the device either as I just got it on a ScreenOS firewall and there is no option to set terminal width, just paging (length) which is currently off. Here is an example from a ScreenOS device:

set ike gateway "xcolo" address 123.45.67.89 Main outgoing-interface "bgroup0" preshare "wLE/x18INtTxJ6sT42CM5FxvOphJ/3%YZg==" sec-level standard
+ #set ike gateway "xcolo" address 123.45.67.89 Main outgoing-interface
+ "bgroup0" preshare <removed> sec-level standard

I also setup my internal devices to run every 1min per crontab and it only sees changes when there are actual changes. So it's something in processing the output. I did check against the rancid.conf.sample file and my config was the same. I did add the NOPIPE option recently to see if that would do anything, but it didn't.

umask 027
TMPDIR=/tmp; export TMPDIR
BASEDIR=/var/lib/rancid; export BASEDIR
PATH=/usr/lib/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/bin; export PATH CVSROOT=$BASEDIR/CVS; export CVSROOT LOGDIR=$BASEDIR/logs; export LOGDIR RCSSYS=cvs; export RCSSYS LIST_OF_GROUPS="internal external"
MAX_ROUNDS=2; export MAX_ROUNDS
FILTER_PWDS=YES; export FILTER_PWDS
NOPIPE=YES; export NOPIPE

Anyone have any ideas how I can fix this? Thanks.

-----Original Message-----
From: Per-Olof Olsson [mailto:***@chalmers.se]
Sent: Wednesday, January 02, 2013 12:10 PM
To: heasley; Aaron Wasserott
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] Extra spaces being randomly added - and seen as config changes
Post by heasley
Post by Aaron Wasserott
I am running RANCID 2.3.8 on Ubuntu 12.04.1 LTS, Precise Pangolin, kernel 3.2.0-35-generic x86_64.
I am seeing some odd behavior when running rancid against Cisco and Mikrotik devices. The output will sometimes have extra spaces - or line breaks maybe? - that is then seen as a config change when it's not. Two examples below. The first from a Mikrotik router and the second a Cisco router.
In the first example an extra space was seen after "sensitive source=" . In the second example the ports listed in the VLAN output break across two lines, but sometimes only one. In this second example, I have noticed it will go back and forth. Sometimes the ports are listed all on one line, sometimes two. I have many Mikrotiks with many lines of configs, so I haven't checked to see if there is a recurring issue with the same line or not.
-----------------
- add name=startup-tone policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=":for t1 from=1 to=10 step=1 do={\r\n :for t2 from=300 to=1800 step=40 do={\r \n :beep frequency=\$t2 length=11ms;\r \n :delay 11ms;\r \n }\r \n }\r \n"
+ add name=startup-tone policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=": for t1 from=1 to=10 step=1 do={\r \n :for t2 from=300 to=1800 step=40 do={\r \n :beep frequency=\$t2 length=11ms;\r \n :delay 11ms;\r \n }\r \n }\r \n"
I suspect this is the device. try mtlogin -c 'export' device in a
loop and look for the change. the mtlogin code looks ok to me, but i
dont have one of these for testing.
Post by Aaron Wasserott
- !VLAN: 1 default active Fa2, Fa3, Fa4, Fa5, Fa6, Fa7
- !VLAN: Fa8, Fa9
+ !VLAN: 1 default active Fa2, Fa3, Fa4, Fa5, Fa6, Fa7, Fa8, Fa9
-----------------
this is the device itself, which i thought was due to the terminal width. but
2.3.8 should have the change that sets the width. unless the use that
runs rancid does not have permission to alter the terminal width, i
havent an idea why this would be occuring.
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
If you upgrade to 2.3.8 it's good habit to compare the new rancid.conf.sample with current rancid.conf.

Check if you have the new settings for fixed terminal width and sort order in place, else it will differ if you run rancid from terminal window och cron.

---------rancid.conf.sample-----------------
#
TERM=network;export TERM
#
# Collating locale
LC_COLLATE="POSIX"; export LC_COLLATE
#
-----------------------------------------

/Peo
----------------------------------------------------------
Per-Olof Olsson Email: ***@chalmers.se
Chalmers tekniska högskola IT-service
Hörsalsvägen 5 412 96 Göteborg
Tel: 031/772 6738 Fax: 031/772 8680
----------------------------------------------------------
_______________________________________________
Rancid-discuss mailing list
Rancid-***@shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
**Electronic Privacy Notice** This e-mail and any attachments contain
information that is or may be covered by electronic communication
privacy laws, and is also confidential and proprietary in nature.
If you are not the intended recipient, please be advised that you are
legally prohibited from retaining, using, copying, distributing or otherwise
disclosing this information in any manner. Instead, please reply to the
sender that you have received this communication in error and then
immediately delete it. Thank you for your cooperation.
heasley
2013-01-04 21:12:35 UTC
Permalink
Post by Kerry Cox
Aaron,
Yes, this is the exact same issue I am experiencing with our Cisco ASAs. I get about 8-10 emails a day when they bounce back and forth between the BOOT Variable being populated and then being not populated.
Index: configs/216.51.xx.xx
===================================================================
retrieving revision 1.303
diff -U 4 -r1.303 216.51.xx.xx
@@ -18,9 +18,9 @@
!BootFlash: Current BOOT variable = disk0:/asa911-k8.bin;disk0:/asa901-k8.bin
!BootFlash: CONFIG_FILE variable =
!BootFlash: Current CONFIG_FILE variable =
!
- !BootFlash: BOOT variable = disk0:/asa911-k8.bin;disk0:/asa901-k8.bin
+ !BootFlash: BOOT variable =
!BootFlash: Current BOOT variable = disk0:/asa911-k8.bin;disk0:/asa901-k8.bin
!BootFlash: CONFIG_FILE variable =
!BootFlash: Current CONFIG_FILE variable =
!
I agree it is definitely NOT the device, contrary to what everyone says. And, this is the latest IOS. I am not calling Cisco TAC to let them know that their firmware is causing rancid to detect changes in the BOOT variable.
I also agree it is probably the terminal window settings or cron or something inherent in rancid that is causing it to get changing variables when queried.
If anyone else have any ideas or the rancid developers could shed some light on editing the default settings, that would be most useful.
i dont see anything in the code that might cause this. if you can use clogin
to run the command repeatedly in cron to try to reproduce it, or use
NOPIPE=YES and run rancid with -d for the device from cron, saving the .raw
file after each run, we might confirm that its the device or find the cause.

i still suspect its an o/s bug or intermittent hardward failure.
Alex DEKKER
2013-01-04 22:38:33 UTC
Permalink
Post by Kerry Cox
- !BootFlash: BOOT variable = disk0:/asa911-k8.bin;disk0:/asa901-k8.bin
+ !BootFlash: BOOT variable =
-----Original Message-----
Sent: Friday, January 04, 2013 3:31 AM
set ike gateway "xcolo" address 123.45.67.89 Main outgoing-interface "bgroup0" preshare "wLE/x18INtTxJ6sT42CM5FxvOphJ/3%YZg==" sec-level standard
+ #set ike gateway "xcolo" address 123.45.67.89 Main outgoing-interface
+ "bgroup0" preshare<removed> sec-level standard
Did you add the <removed> or do you have RANCID set to strip certain
keys and passwords from configs? If the latter, then I would say that
your [Aaron's] issue is not related to Kerry's.

alexd
Kerry Cox
2013-01-04 22:54:20 UTC
Permalink
My issue is that every hour, the configs from my Cisco ASAs are reporting as alternating between having content in the BootFlash: setting and then having no content.
I have changed the setting in rancid.conf to be NOPIPE = YES and also NO, with no change.
I have also run "rancid -d 10.10.0.1" against the firewalls from the command line and seen zero issues. Everything checks out.
I have run rancid by itself against the firewall and saved the raw output and then done a diff against over 10 files. The output is always the same, no change.
So, I guess it is my cron job that is causing the variations?

# Run config differ hourly at 5 minutes past the hour
5 * * * * /usr/local/rancid/bin/rancid-run

Is there another setting I am missing that could be causing the BootFlash: BOOT variable to change?
Thanks for all the input. I guess I'll set my cron to once a day rather than once an hour so I don't get so many false alerts.
Kerry

-----Original Message-----
From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Alex DEKKER
Sent: Friday, January 04, 2013 3:39 PM
To: rancid-***@shrubbery.net
Subject: Re: [rancid] Extra spaces being randomly added - and seen as config changes
Post by Kerry Cox
- !BootFlash: BOOT variable =
disk0:/asa911-k8.bin;disk0:/asa901-k8.bin
+ !BootFlash: BOOT variable =
-----Original Message-----
Wasserott
Sent: Friday, January 04, 2013 3:31 AM Here is an example from a
set ike gateway "xcolo" address 123.45.67.89 Main outgoing-interface
"bgroup0" preshare "wLE/x18INtTxJ6sT42CM5FxvOphJ/3%YZg==" sec-level
standard
+ #set ike gateway "xcolo" address 123.45.67.89 Main
+ outgoing-interface "bgroup0" preshare<removed> sec-level standard
Did you add the <removed> or do you have RANCID set to strip certain keys and passwords from configs? If the latter, then I would say that your [Aaron's] issue is not related to Kerry's.

alexd
_______________________________________________
Rancid-discuss mailing list
Rancid-***@shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
**Electronic Privacy Notice** This e-mail and any attachments contain
information that is or may be covered by electronic communication
privacy laws, and is also confidential and proprietary in nature.
If you are not the intended recipient, please be advised that you are
legally prohibited from retaining, using, copying, distributing or otherwise
disclosing this information in any manner. Instead, please reply to the
sender that you have received this communication in error and then
immediately delete it. Thank you for your cooperation.
Aaron Wasserott
2013-01-04 22:46:33 UTC
Permalink
I had changed RANCID to strip passwords and when it ran next that's what I got (repeated below)

set ike gateway "xcolo" address 123.45.67.89 Main outgoing-interface "bgroup0" preshare "wLE/x18INtTxJ6sT42CM5FxvOphJ/3%YZg==" sec-level standard
+ #set ike gateway "xcolo" address 123.45.67.89 Main outgoing-interface
+ "bgroup0" preshare <removed> sec-level standard

It should show a config difference in this case, but not split across lines like that - in the case above it's showing 1 removed line and 2 added lines when it should be 1 and 1.

I do agree that Kerry's issue does seem different. In her case the output from the router for that parameter appears to be missing entirely, not just on a different line. Unless of course RANCID is really doing something funky and just ignoring the output after the : altogether.

-----Original Message-----
From: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] On Behalf Of Alex DEKKER
Sent: Friday, January 04, 2013 3:39 PM
To: rancid-***@shrubbery.net
Subject: Re: [rancid] Extra spaces being randomly added - and seen as config changes
Post by Kerry Cox
- !BootFlash: BOOT variable =
disk0:/asa911-k8.bin;disk0:/asa901-k8.bin
+ !BootFlash: BOOT variable =
-----Original Message-----
Wasserott
Sent: Friday, January 04, 2013 3:31 AM Here is an example from a
set ike gateway "xcolo" address 123.45.67.89 Main outgoing-interface
"bgroup0" preshare "wLE/x18INtTxJ6sT42CM5FxvOphJ/3%YZg==" sec-level
standard
+ #set ike gateway "xcolo" address 123.45.67.89 Main
+ outgoing-interface "bgroup0" preshare<removed> sec-level standard
Did you add the <removed> or do you have RANCID set to strip certain keys and passwords from configs? If the latter, then I would say that your [Aaron's] issue is not related to Kerry's.

alexd

Daniel Schmidt
2013-01-04 20:48:03 UTC
Permalink
Have seen the vlan thing on Cisco. With no time to upgrade or try to
write a proper fix, I slapped on a couple of things together and called it
good. (Heas says these are fixed in 2.3.8 though) Again, none of this
was done well, it was more: "Well, that works. Onto the next problem."
You are welcome to try the cobbles below.


diff -U 4 control_rancid.bak control_rancid
--- control_rancid.bak 2011-11-22 10:15:36.000000000 -0700
+++ control_rancid 2011-11-22 10:19:51.000000000 -0700
@@ -42,8 +42,12 @@
#
# control_rancid $GROUP
#

+# #*@& sort locale!!
+LC_COLLATE="POSIX"
+export LC_COLLATE
+
# print a usage message to stderr
pr_usage() {
echo "usage: $0 [-V] [-r device_name] [-m mail rcpt] group" >&2;
}

Clogin:

623 } else {
624 send "terminal length 0\r"
625 expect -re $prompt {}
626 send "terminal width 80\r"
627 }

-----Original Message-----
From: rancid-discuss-***@shrubbery.net
[mailto:rancid-discuss-***@shrubbery.net] On Behalf Of heasley
Sent: Wednesday, January 02, 2013 10:24 AM
To: Aaron Wasserott
Cc: rancid-***@shrubbery.net
Subject: Re: [rancid] Extra spaces being randomly added - and seen as
config changes
Post by Aaron Wasserott
I am running RANCID 2.3.8 on Ubuntu 12.04.1 LTS, Precise Pangolin,
kernel 3.2.0-35-generic x86_64.
Post by Aaron Wasserott
I am seeing some odd behavior when running rancid against Cisco and
Mikrotik devices. The output will sometimes have extra spaces - or line
breaks maybe? - that is then seen as a config change when it's not. Two
examples below. The first from a Mikrotik router and the second a Cisco
router.
Post by Aaron Wasserott
In the first example an extra space was seen after "sensitive source=" .
In the second example the ports listed in the VLAN output break across two
lines, but sometimes only one. In this second example, I have noticed it
will go back and forth. Sometimes the ports are listed all on one line,
sometimes two. I have many Mikrotiks with many lines of configs, so I
haven't checked to see if there is a recurring issue with the same line or
not.
Post by Aaron Wasserott
-----------------
- add name=startup-tone
policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive
source=":for t1 from=1 to=10 step=1 do={\r\n :for t2 from=300 to=1800
step=40 do={\r \n :beep frequency=\$t2 length=11ms;\r \n :delay
11ms;\r \n }\r \n }\r \n"
Post by Aaron Wasserott
+ add name=startup-tone
policy=ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive
source=": for t1 from=1 to=10 step=1 do={\r \n :for t2 from=300 to=1800
step=40 do={\r \n :beep frequency=\$t2 length=11ms;\r \n :delay
11ms;\r \n }\r \n }\r \n"

I suspect this is the device. try mtlogin -c 'export' device in a loop
and look for the change. the mtlogin code looks ok to me, but i dont have
one of these for testing.
Post by Aaron Wasserott
- !VLAN: 1 default active Fa2, Fa3, Fa4, Fa5, Fa6, Fa7
- !VLAN: Fa8, Fa9
+ !VLAN: 1 default active Fa2, Fa3, Fa4,
Fa5, Fa6, Fa7, Fa8, Fa9
Post by Aaron Wasserott
-----------------
this is the device itself, which i thought was due to the terminal width.
but
2.3.8 should have the change that sets the width. unless the use that
runs rancid does not have permission to alter the terminal width, i havent
an idea why this would be occuring.
_______________________________________________
Rancid-discuss mailing list
Rancid-***@shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

E-Mail to and from me, in connection with the transaction
of public business, is subject to the Wyoming Public Records
Act and may be disclosed to third parties.
heasley
2013-01-04 21:06:15 UTC
Permalink
Post by Aaron Wasserott
http://www.gossamer-threads.com/lists/rancid/users/5887
Where it's just the email output showing a false difference, not the saved config in CVS.
set ike gateway "xcolo" address 123.45.67.89 Main outgoing-interface "bgroup0" preshare "wLE/x18INtTxJ6sT42CM5FxvOphJ/3%YZg==" sec-level standard
+ #set ike gateway "xcolo" address 123.45.67.89 Main outgoing-interface
+ "bgroup0" preshare <removed> sec-level standard
would you try this change? i'm uncertain that this will have any affect,
its jut a hunch.


Index: bin/nrancid.in
===================================================================
--- bin/nrancid.in (revision 2658)
+++ bin/nrancid.in (working copy)
@@ -217,7 +217,7 @@
next if /^Total Config.+$/i;
last if(/$prompt/);
# throw away the pager prompts
- s/^--- more ---[\s\b]*//g;
+ s/^--- more ---[ \b]*//g;

if (/^set admin name "(\S+)"$/ && $filter_pwds >= 1) {
ProcessHistory("ADMIN","","","#set admin name <removed>\n");
Loading...