Welcome, Guest. Please login or register.

Author Topic: configure line with device-write  (Read 5512 times)

ingoh

  • Newbie
  • *
  • Posts: 6
    • View Profile
configure line with device-write
« on: July 22, 2014, 11:16:25 AM »
We tried to reconfigure lines on several ios-devices. Unfortunately nothing changes after these commands were sent. We get no error, log looks ok  and other config-commands (outside the line-section) work fine. Commands are the following:

Code: [Select]
line vty 0 15
 transport input ssh
 login local
exit

Are these line-commands handled in a special way or are we missing something?
Thanks in advance
Ingo


jonesamu

  • Guest
Re: configure line with device-write
« Reply #1 on: November 18, 2014, 09:46:08 PM »
In testing I also am having issues with the Device-write as well.  My issue seems to be similar but I can get 1 or 2 lines to push out to the switches but never a write mem.

What version of Nedi are you using?
What OS are you running Nedi on?
What Make and Model of switches are you connecting to?
What version of switch software are you running on your switches?

Have you found a solution to this issue?


Our environment we are running:
Nedi version 1.0.9-010
running on CentOS 6.5
Cisco switches 3560CG
running IOS version 15.0(2)
« Last Edit: November 18, 2014, 09:50:17 PM by Sam Jones »

ntmark

  • Full Member
  • ***
  • Posts: 136
    • View Profile
    • tvnz.co.nz
Re: configure line with device-write
« Reply #2 on: November 19, 2014, 03:38:49 AM »
Try turning on command logging on Cisco switches first and see if the commands show up in logs.

Code: [Select]
! Enable command logging
!
archive
 log config
  logging enable
  notify syslog contenttype plaintext
  hidekeys
!
end

Mark.

Edit: Should of noted OP post date.
« Last Edit: November 19, 2014, 03:41:32 AM by ntmark »

Grisu

  • Newbie
  • *
  • Posts: 12
    • View Profile
Re: configure line with device-write
« Reply #3 on: November 19, 2014, 10:18:29 AM »
Seems as if no line feed is received
A simple command to run:

no tacacs-server host 1.1.1.1

In the preview window it looks correct:

conf t
no tacacs-server host 1.1.1.1
end
write mem


is performed:

Conf t no tacacs-server host 1.1.1.1 end write mem

Because the command is incorrect nothing will be logged.

Tested with NeDi Version 1.0.9-010 and 1.1.155

Rainer

rickli

  • Administrator
  • Hero Member
  • *****
  • Posts: 2701
    • View Profile
    • NeDi
Re: configure line with device-write
« Reply #4 on: November 19, 2014, 10:35:41 AM »
Try with $opt{d} = 1 set in inc/devwrite.pl. There was a bug breaking cli functions on certain Linux derivatives. In addition you'll get input.log and output.log, which help determine what's transmitted...
Please consider Other-Invoices on your NeDi installation for an annual contribution, tx!
-Remo

Grisu

  • Newbie
  • *
  • Posts: 12
    • View Profile
Re: configure line with device-write
« Reply #5 on: November 19, 2014, 10:54:21 AM »
The first:
no tacacs-server host 1.1.1.1
                  ^
% Invalid input detected at '^' marker.


The second:
conf t no tacacs-server host 1.1.1.1 end write mem

jonesamu

  • Guest
Re: configure line with device-write
« Reply #6 on: November 19, 2014, 07:24:42 PM »
Remo,

Here some information while testing and troubleshooting.  I have not found the cause of this issue.
It seems to break consistently when I try to run more than 3 lines using the configuration button.

Try one: Successful
CLI :IO-Pty loaded IOS nedi CMD=log/cmd_admin(5) T:10s

SSH :nedi@SwIP:22 Tout:10s OS:IOS EN:[\w+().-]+#\s?$ PTY :Forking ssh -o 'StrictHostKeyChecking no' -l nedi SwIP CLI2:Matched 'Password:' sending password CLI3:Password sent CLI8:Matched enable prompt, OK CMD :conf t RES :Enter configuration commands, one per line. End with CNTL/Z. CMD :access-list 50 remark RES :Duplicate remark statement CMD :end RES :CMD :write mem RES :CMD : RES :Building configuration... RES :[OK]

tail: /opt/nedi/html/log/cmd_admin.php: file truncated
<?php exit; ?>
conf t
access-list 50 remark
end
write mem


tail: /opt/nedi/html/log/cmd_admin-SwIP.log: file truncated
conf t
Enter configuration commands, one per line.  End with CNTL/Z.
access-list 50 remark
Duplicate remark statement
end
write mem

Building configuration...
[OK]

# tail -f /opt/nedi/html/output.log
Switch#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#access-list 50 remark
Duplicate remark statement
Switch(config)#
Switch(config)#end
Switch#write mem
Building configuration...
[OK]
Switch#



Try two: broke
CLI :IO-Pty loaded IOS nedi CMD=log/cmd_admin(9) T:10s

SSH :nedi@SwIP:22 Tout:10s OS:IOS EN:[\w+().-]+#\s?$ PTY :Forking ssh -o 'StrictHostKeyChecking no' -l nedi SwIP CLI2:Matched 'Password:' sending password CLI3:Password sent CLI8:Matched enable prompt, OK CMD :conf t RES :Enter configuration commands, one per line. End with CNTL/Z. CMD :access-list 50 remark RES :Duplicate remark statement CMD :access-list 51 remark RES :CMD :access-list 52 remark RES :Duplicate remark statement CMD :access-list 53 remark RES :CMD :access-list 54 remark RES :Duplicate remark statement CMD :end RES :CMD :write mem RES :Duplicate remark statement CMD : RES :Duplicate remark statement


tail: /opt/nedi/html/log/cmd_admin.php: file truncated
<?php exit; ?>
conf t
access-list 50 remark
access-list 51 remark
access-list 52 remark
access-list 53 remark
access-list 54 remark
end
write mem



tail: /opt/nedi/html/log/cmd_admin-SwIP.log: file truncated
conf t
Enter configuration commands, one per line.  End with CNTL/Z.
access-list 50 remark
Duplicate remark statement
access-list 51 remark
access-list 52 remark
Duplicate remark statement
access-list 53 remark
access-list 54 remark
Duplicate remark statement
end
write mem
Duplicate remark statement

Duplicate remark statement

#tail: /opt/nedi/html/output.log: file truncated
Password:
Switch#terminal length 0
Switch#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#access-list 50 remark
Duplicate remark statement
Switch(config)#
Switch(config)#access-list 51 remark
Duplicate remark statement
Switch(config)#
Switch(config)#access-list 52 remark
Duplicate remark statement
Switch(config)#
Switch(config)#access-list 53 remark
Duplicate remark statement
Switch(config)#
Switch(config)#access-list 54 remark
Duplicate remark statement
Switch(config)#

sjobergh

  • Newbie
  • *
  • Posts: 24
    • View Profile
Re: configure line with device-write
« Reply #7 on: November 20, 2014, 10:21:11 PM »
do you have TACACS+ with authorization in your devices,   we found that if we pushed alot of rows to alot of devices at the same time TACACS couldnt keep up and verify every line. We did a workaround in dev-write and added 0,75 sec wait-time before sending next row.

/swepart

jonesamu

  • Guest
Re: configure line with device-write
« Reply #8 on: November 25, 2014, 01:02:35 AM »
Quote
We did a workaround in dev-write and added 0,75 sec wait-time before sending next row.

Where and how did you do this?

sjobergh

  • Newbie
  • *
  • Posts: 24
    • View Profile
Re: configure line with device-write
« Reply #9 on: November 26, 2014, 09:57:31 AM »
in  libcli-iopty.pm



                        }
                        foreach my $line (@out){
                                $line =~ s/\x1b\[(24;1H|2K|1;24r)//g;                   # ProCurve clensing...
                                print LOG $line;
                                &misc::Prt("RES :$line");
                                $err = $line if $line =~ /^(\s?% )?(Invalid|Unknown|Failed|cannot)/;    # Catch errors, but ignore "% Warnings" (doesn't seem to work on ProCurv$
                        }
                        if($err){
                                print "X";
                                last;
                        }else{
                                print ".";
                        }
##############
# wait for next line  #
##############
                        select(undef, undef, undef, 0.75);
############
                }
                $session->close;
                close (LOG);
        }
        return $err;
}


=head2 FUNCTION Spawn()

Spawns a pty.

B<Options> command

B<Globals> -

B<Returns> pty

=cut
sub Spawn{

jonesamu

  • Guest
Re: configure line with device-write
« Reply #10 on: November 27, 2014, 12:51:28 AM »
This workaround worked.  Thanks sjobergh.  Also we do not use TACACS+ for authentication just Radius.

I was even able to reduce the time of pause from 0.75 to 0.01 and it has been successful in pushing out 45+ lines of config to my cisco switches.

Below details what I changed:
File: libcli.pm
Function: SendCmd()
Line: 1049
Code: [Select]
##############
# wait for next line  #
#############
select(undef, undef, undef, 0.01);
############