Rhett Hooper
2011-02-01 21:08:39 UTC
Hello all,
I recently installed rancid 2.3.6 to provide revision control for our Cisco gear. Thanks for this great project.
I quickly found that VTP pruning was causing VLAN port membership changes that show up in the diffs. I found the thread from last July where Marty noticed the same problem (http://www.shrubbery.net/pipermail/rancid-discuss/2010-July/005054.html).
I really wish the output from "show vlan brief" was truly brief. I couldn't find a way to get IOS to just show a list of the VLAN numbers with their names, so I made the following patch to rancid. It filters the VLAN port membership from the output of "show vlan" when it finds that VTP Pruning is enabled.
In our environment, 802.1X VLAN assignments also cause port membership changes that result in needless diffs. On our install, I plan to always filter VLAN port membership.
Since we have less than 100 routers and switches in our environment, I thought I'd submit this VTP Pruning patch to the list for wider review.
--- rancid-2.3.6/bin/rancid.orig 2011-01-28 13:36:40.000000000 -0700
+++ rancid-2.3.6/bin/rancid 2011-02-01 10:52:22.000000000 -0700
@@ -1503,6 +1503,10 @@
if (/^VTP Operating Mode\s+:\s+(Transparent|Server)/) {
$DO_SHOW_VLAN = 1;
}
+ # check for VTP pruning so VLAN port membership can be filtered later
+ if (/^VTP Pruning Mode\s+:\s+Enabled/) {
+ $DO_FILTER_VLAN_PORTS = 1;
+ }
ProcessHistory("COMMENTS","keysort","I0","!VTP: $_");
}
ProcessHistory("COMMENTS","keysort","I0","!\n");
@@ -1515,6 +1519,8 @@
($_ = <INPUT>, return(1)) if (!$DO_SHOW_VLAN);
+ my($in_vlan_brief) = 0;
+
while (<INPUT>) {
tr/\015//d;
last if (/^$prompt/);
@@ -1529,6 +1535,22 @@
my($len) = length($1);
s/^$1\s{$len}//;
}
+ if ($DO_FILTER_VLAN_PORTS) {
+ # exclude port membership so VTP pruning won't cause oscillations
+ # toggle flag if we exit or enter the "show vlan brief" section
+ $in_vlan_brief = 0 if ($in_vlan_brief and not /^[-\d\s]/);
+ $in_vlan_brief = 1 if (/^VLAN\s+Name\s+Status/);
+ # if we are in the "show vlan brief" section remove port membership info
+ if ($in_vlan_brief) {
+ # skip the wrapped port membership lines
+ next unless (/^(VLAN|-{4}|\d+)/);
+ # keep the first part of the header
+ s/^(VLAN\sName\s+Status).*$/$1/;
+ s/^(-{4}\s-{6,}\s-{6,}).*$/$1/;
+ # keep the VLAN number, name, and status
+ s/^(\d+\s+\b.{32}\s\S*).*$/$1/;
+ }
+ }
ProcessHistory("COMMENTS","keysort","IO","!VLAN: $_");
}
I recently installed rancid 2.3.6 to provide revision control for our Cisco gear. Thanks for this great project.
I quickly found that VTP pruning was causing VLAN port membership changes that show up in the diffs. I found the thread from last July where Marty noticed the same problem (http://www.shrubbery.net/pipermail/rancid-discuss/2010-July/005054.html).
I really wish the output from "show vlan brief" was truly brief. I couldn't find a way to get IOS to just show a list of the VLAN numbers with their names, so I made the following patch to rancid. It filters the VLAN port membership from the output of "show vlan" when it finds that VTP Pruning is enabled.
In our environment, 802.1X VLAN assignments also cause port membership changes that result in needless diffs. On our install, I plan to always filter VLAN port membership.
Since we have less than 100 routers and switches in our environment, I thought I'd submit this VTP Pruning patch to the list for wider review.
--- rancid-2.3.6/bin/rancid.orig 2011-01-28 13:36:40.000000000 -0700
+++ rancid-2.3.6/bin/rancid 2011-02-01 10:52:22.000000000 -0700
@@ -1503,6 +1503,10 @@
if (/^VTP Operating Mode\s+:\s+(Transparent|Server)/) {
$DO_SHOW_VLAN = 1;
}
+ # check for VTP pruning so VLAN port membership can be filtered later
+ if (/^VTP Pruning Mode\s+:\s+Enabled/) {
+ $DO_FILTER_VLAN_PORTS = 1;
+ }
ProcessHistory("COMMENTS","keysort","I0","!VTP: $_");
}
ProcessHistory("COMMENTS","keysort","I0","!\n");
@@ -1515,6 +1519,8 @@
($_ = <INPUT>, return(1)) if (!$DO_SHOW_VLAN);
+ my($in_vlan_brief) = 0;
+
while (<INPUT>) {
tr/\015//d;
last if (/^$prompt/);
@@ -1529,6 +1535,22 @@
my($len) = length($1);
s/^$1\s{$len}//;
}
+ if ($DO_FILTER_VLAN_PORTS) {
+ # exclude port membership so VTP pruning won't cause oscillations
+ # toggle flag if we exit or enter the "show vlan brief" section
+ $in_vlan_brief = 0 if ($in_vlan_brief and not /^[-\d\s]/);
+ $in_vlan_brief = 1 if (/^VLAN\s+Name\s+Status/);
+ # if we are in the "show vlan brief" section remove port membership info
+ if ($in_vlan_brief) {
+ # skip the wrapped port membership lines
+ next unless (/^(VLAN|-{4}|\d+)/);
+ # keep the first part of the header
+ s/^(VLAN\sName\s+Status).*$/$1/;
+ s/^(-{4}\s-{6,}\s-{6,}).*$/$1/;
+ # keep the VLAN number, name, and status
+ s/^(\d+\s+\b.{32}\s\S*).*$/$1/;
+ }
+ }
ProcessHistory("COMMENTS","keysort","IO","!VLAN: $_");
}
--
Rhett Hooper
Network Administrator
Wheeler Machinery Co.
Rhett Hooper
Network Administrator
Wheeler Machinery Co.