[rancid] Gathering switch information via SNMP or web interfaces

Discussion:

Lars Kruse

2016-02-15 19:30:19 UTC

Hello,

currently I am involved with the maintenance of a dozen switches (Netgear
GS724T, Netgear GS728TP and Netgear GS748T).
I would like to distribute notifications to our small group of administrators
after a switch configuration change was made by one of us.
As far as I understand RANCID, I assume that it could be used for this purpose.

Sadly our switches do not allow commandline access (ssh or telnet). They offer
only a web interface and SNMP.

I took a quick look at the rancid code and came to the conclusion that it uses
expect for all its operations. Thus I could imagine that it only works with
switches with commandline interfaces.

Please correct my assumptions above, if necessary.

I am prepared to write some code (extending RANCID or writing single-purpose
scripts for our environment).
But I cannot judge if it is possible (and desirable) to extend RANCID in a way
to would allow the gathering of information via SNMP or web interfaces (with all
the related complications of sessions and/or cookies).
Would someone please share some thoughts regarding this approach?

Thank you for your time!

Cheers,
Lars

Howard Jones

2016-02-15 21:34:43 UTC

Permalink

Post by Lars Kruse
Hello,
currently I am involved with the maintenance of a dozen switches (Netgear
GS724T, Netgear GS728TP and Netgear GS748T).
I would like to distribute notifications to our small group of administrators
after a switch configuration change was made by one of us.
As far as I understand RANCID, I assume that it could be used for this purpose.
Sadly our switches do not allow commandline access (ssh or telnet). They offer
only a web interface and SNMP.
I took a quick look at the rancid code and came to the conclusion that it uses
expect for all its operations. Thus I could imagine that it only works with
switches with commandline interfaces.
Please correct my assumptions above, if necessary.
I am prepared to write some code (extending RANCID or writing single-purpose
scripts for our environment).
But I cannot judge if it is possible (and desirable) to extend RANCID in a way
to would allow the gathering of information via SNMP or web interfaces (with all
the related complications of sessions and/or cookies).
Would someone please share some thoughts regarding this approach?
Thank you for your time!

I used to have some old Nortel/Bay switches that had no CLI. I used
wraprancid, which allows you to use the output of a script as input to
RANCID, and then wrote a small perl program that polled the switches
with SNMP and output a 'cisco-like' config for them, just covering port
descriptions, speeds and VLAN membership (they were just 24-port 10/100
access switches). That allowed me to use them with RANCID, and also
meant that I could drop in 2950s as replacements when they went pop :-)

Interface info comes from the standard IF-MIB and IP-MIB. VLAN
membership is either a vendor-specific thing or via Q-BRIDGE-MIB.
Someone on StackExchange is using Q-BRIDGE-MIB with Netgear, so that
should do it for you. The very basic script could literally be a few
snmpwalk commands, and leave RANCID to spot the diffs.

http://serverfault.com/questions/441273/configure-vlan-on-netgear-switch-via-snmp

Howard

heasley

2016-02-15 21:46:11 UTC

Permalink

Yes, I would like to add something to do this, preferably maintaining the
current organization or process so that it is not disjoint. I have just
not found the time to work on it.

Post by Lars Kruse
Thank you for your time!
Cheers,
Lars
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Incudie

2016-02-17 00:43:27 UTC

Permalink

I've been working on something similar for Sonicwalls using python and
selenium. Perhaps you can have selenium call up Firefox into xvfb (to keep
it headless), connect to your device and download the config, then pipe the
config into rancid using the wraprancid script mentioned.

Hopefully I'm understanding your correctly.

-Tim

Post by Lars Kruse
Hello,
currently I am involved with the maintenance of a dozen switches (Netgear
GS724T, Netgear GS728TP and Netgear GS748T).
I would like to distribute notifications to our small group of
administrators
after a switch configuration change was made by one of us.
As far as I understand RANCID, I assume that it could be used for this purpose.
Sadly our switches do not allow commandline access (ssh or telnet). They offer
only a web interface and SNMP.
I took a quick look at the rancid code and came to the conclusion that it uses
expect for all its operations. Thus I could imagine that it only works with
switches with commandline interfaces.
Please correct my assumptions above, if necessary.
I am prepared to write some code (extending RANCID or writing
single-purpose
scripts for our environment).
But I cannot judge if it is possible (and desirable) to extend RANCID in a way
to would allow the gathering of information via SNMP or web interfaces (with all
the related complications of sessions and/or cookies).
Would someone please share some thoughts regarding this approach?
Thank you for your time!
Cheers,
Lars
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Graham Allan

2016-02-17 15:05:09 UTC

Permalink

Possibly something like perl's WWW::Mechanize would be simpler for this.

Graham

Post by Incudie
I've been working on something similar for Sonicwalls using python and
selenium. Perhaps you can have selenium call up Firefox into xvfb (to
keep it headless), connect to your device and download the config, then
pipe the config into rancid using the wraprancid script mentioned.
Hopefully I'm understanding your correctly.
-Tim