Discussion:
[rancid] -cloginrc ip range
Josten, Michael
2014-03-24 08:23:36 UTC
Permalink
Hello everyone,

instead of using

add method * {telnet} {ssh}

I want to speed up everything by avoiding failed telnet login attempts on switches that are accessed via ssh as long as
We haven't configured every switch to ssh access only.
I am wondering if there is a way to configure ip address ranges as this example looks kinda bloated

add method x.x.x.1 {ssh:10022}
add method x.x.x.2 {telnet}
add method x.x.x.3 {telnet}
add method x.x.x.4 {telnet}
add method x.x.x.5 {telnet}
add method x.x.x.6 {telnet}
add method x.x.x.8 {ssh:22}
add method * {telnet} {ssh}

best regards
michael
Alan McKinnon
2014-03-24 12:08:02 UTC
Permalink
.cloginrc supports the use of globs in the hostname/address field.
It's a glob and not a regex, so you are somewhat limited in how you can
express ranges. But nonetheless I can prove very useful.


I can think of two other ways to make your life easier:

- use default settings intelligently and only configure method for those
devices that are different.

- consider whether this aspect really needs optimizing or not. My
devices across the board take an average of 30 seconds for clogin to
login and finish running all commands and rancid runs 30 jobs in
parallel. Failed ssh and telnet connections fail in about half a second.
When added up the amount of time spent on failed connection attempts is
miniscule and not worth bothering about. True, my devices send an
explicit reset so I don't have to wait 30 seconds every time because
port 23 went to some bit bucket in the sky :-) Not every network is set
up like mine though.
Post by Josten, Michael
Hello everyone,
instead of using
add method * {telnet} {ssh}
I want to speed up everything by avoiding failed telnet login attempts
on switches that are accessed via ssh as long as
We haven’t configured every switch to ssh access only.
I am wondering if there is a way to configure ip address ranges as this
example looks kinda bloated
add method x.x.x.1 {ssh:10022}
add method x.x.x.2 {telnet}
add method x.x.x.3 {telnet}
add method x.x.x.4 {telnet}
add method x.x.x.5 {telnet}
add method x.x.x.6 {telnet}
add method x.x.x.8 {ssh:22}
add method * {telnet} {ssh}
best regards
michael
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
--
Alan McKinnon
***@gmail.com
Josten, Michael
2014-03-24 13:43:16 UTC
Permalink
Thanks for your answer. I'll put some thoughts into those intelligent settings ;P some address ranges allow the use of wildcards.
I already did some testing and it works quite well so far.


-----Ursprüngliche Nachricht-----
Von: rancid-discuss-***@shrubbery.net [mailto:rancid-discuss-***@shrubbery.net] Im Auftrag von Alan McKinnon
Gesendet: Montag, 24. März 2014 13:08
An: rancid-***@shrubbery.net
Betreff: Re: [rancid] -cloginrc ip range

.cloginrc supports the use of globs in the hostname/address field.
It's a glob and not a regex, so you are somewhat limited in how you can express ranges. But nonetheless I can prove very useful.


I can think of two other ways to make your life easier:

- use default settings intelligently and only configure method for those devices that are different.

- consider whether this aspect really needs optimizing or not. My devices across the board take an average of 30 seconds for clogin to login and finish running all commands and rancid runs 30 jobs in parallel. Failed ssh and telnet connections fail in about half a second.
When added up the amount of time spent on failed connection attempts is miniscule and not worth bothering about. True, my devices send an explicit reset so I don't have to wait 30 seconds every time because port 23 went to some bit bucket in the sky :-) Not every network is set up like mine though.
Post by Josten, Michael
Hello everyone,
instead of using
add method * {telnet} {ssh}
I want to speed up everything by avoiding failed telnet login attempts
on switches that are accessed via ssh as long as
We haven't configured every switch to ssh access only.
I am wondering if there is a way to configure ip address ranges as
this example looks kinda bloated
add method x.x.x.1 {ssh:10022}
add method x.x.x.2 {telnet}
add method x.x.x.3 {telnet}
add method x.x.x.4 {telnet}
add method x.x.x.5 {telnet}
add method x.x.x.6 {telnet}
add method x.x.x.8 {ssh:22}
add method * {telnet} {ssh}
best regards
michael
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
--
Alan McKinnon
***@gmail.com
Alan McKinnon
2014-03-24 13:46:31 UTC
Permalink
There was a very similar question posed about a month back, the poster
was asking if clogin could use regexes instead of globs for the hostname
field.

IIRC one of the replies was a reasonable design about how it could be
done, you might want to find that in the archives and read further. It
would mean you'd have to patch and maintain clogin locally.
Post by Josten, Michael
Thanks for your answer. I'll put some thoughts into those intelligent settings ;P some address ranges allow the use of wildcards.
I already did some testing and it works quite well so far.
-----Ursprüngliche Nachricht-----
Gesendet: Montag, 24. März 2014 13:08
Betreff: Re: [rancid] -cloginrc ip range
.cloginrc supports the use of globs in the hostname/address field.
It's a glob and not a regex, so you are somewhat limited in how you can express ranges. But nonetheless I can prove very useful.
- use default settings intelligently and only configure method for those devices that are different.
- consider whether this aspect really needs optimizing or not. My devices across the board take an average of 30 seconds for clogin to login and finish running all commands and rancid runs 30 jobs in parallel. Failed ssh and telnet connections fail in about half a second.
When added up the amount of time spent on failed connection attempts is miniscule and not worth bothering about. True, my devices send an explicit reset so I don't have to wait 30 seconds every time because port 23 went to some bit bucket in the sky :-) Not every network is set up like mine though.
Post by Josten, Michael
Hello everyone,
instead of using
add method * {telnet} {ssh}
I want to speed up everything by avoiding failed telnet login attempts
on switches that are accessed via ssh as long as
We haven't configured every switch to ssh access only.
I am wondering if there is a way to configure ip address ranges as
this example looks kinda bloated
add method x.x.x.1 {ssh:10022}
add method x.x.x.2 {telnet}
add method x.x.x.3 {telnet}
add method x.x.x.4 {telnet}
add method x.x.x.5 {telnet}
add method x.x.x.6 {telnet}
add method x.x.x.8 {ssh:22}
add method * {telnet} {ssh}
best regards
michael
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
--
Alan McKinnon
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
--
Alan McKinnon
***@gmail.com
heasley
2014-03-31 00:33:30 UTC
Permalink
Post by Alan McKinnon
There was a very similar question posed about a month back, the poster
was asking if clogin could use regexes instead of globs for the hostname
field.
expect glob does support []s, so just be careful about escaping and you can
use a\.b\.c\.\[0-9].

http://my.safaribooksonline.com/book/operating-systems-and-server-administration/unix/9781565920903/glob-patterns-and-other-basics/glob_patterns_and_other_basics
Post by Alan McKinnon
IIRC one of the replies was a reasonable design about how it could be
done, you might want to find that in the archives and read further. It
would mean you'd have to patch and maintain clogin locally.
Post by Josten, Michael
Thanks for your answer. I'll put some thoughts into those intelligent settings ;P some address ranges allow the use of wildcards.
I already did some testing and it works quite well so far.
-----Ursprüngliche Nachricht-----
Gesendet: Montag, 24. März 2014 13:08
Betreff: Re: [rancid] -cloginrc ip range
.cloginrc supports the use of globs in the hostname/address field.
It's a glob and not a regex, so you are somewhat limited in how you can express ranges. But nonetheless I can prove very useful.
- use default settings intelligently and only configure method for those devices that are different.
- consider whether this aspect really needs optimizing or not. My devices across the board take an average of 30 seconds for clogin to login and finish running all commands and rancid runs 30 jobs in parallel. Failed ssh and telnet connections fail in about half a second.
When added up the amount of time spent on failed connection attempts is miniscule and not worth bothering about. True, my devices send an explicit reset so I don't have to wait 30 seconds every time because port 23 went to some bit bucket in the sky :-) Not every network is set up like mine though.
Post by Josten, Michael
Hello everyone,
instead of using
add method * {telnet} {ssh}
I want to speed up everything by avoiding failed telnet login attempts
on switches that are accessed via ssh as long as
We haven't configured every switch to ssh access only.
I am wondering if there is a way to configure ip address ranges as
this example looks kinda bloated
add method x.x.x.1 {ssh:10022}
add method x.x.x.2 {telnet}
add method x.x.x.3 {telnet}
add method x.x.x.4 {telnet}
add method x.x.x.5 {telnet}
add method x.x.x.6 {telnet}
add method x.x.x.8 {ssh:22}
add method * {telnet} {ssh}
best regards
michael
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
--
Alan McKinnon
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
--
Alan McKinnon
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Loading...