[c-nsp] Spanning Tree works great - except when it doesn't
Lee
ler762 at gmail.com
Sat Oct 17 12:40:37 EDT 2015
On 10/16/15, Jason Lixfeld <jason at lixfeld.ca> wrote:
> You could use RANCID, or you could use something like Ansible.
Right - I can probably do it with RANCID. On every switch, collect
the output from
sh int trunk
sh cdp nei
and then
save list of vlans defined (ie. "vlan xxx" or "xxx-yyy" lines) by switch
for every trunk port flag ports where 'vlans allowed' does not match
'vlans allowed & active'
save device name, port, vlans allowed, cdp neighbor, cdp neighbor port
run thru the list of vlans allowed & check every one is defined
run thru the list of cdp neighbors & flag ports where 'vlans
allowed' != neighbor port 'vlans allowed'
But I was hoping that someone had already written that script :)
> Bronwyn and
> Matt did a great NetDevOps presentation that described how you could use
> Ansible for things like that in Montreal a couple weeks back.
>
> https://www.youtube.com/watch?v=ArqvSGRzUBw
I managed to watch almost 30 minutes & bailed; for mass updates I tend
to use rancid:
$ cat doit
#!/bin/sh
# apply the same command to a set of devices
cat > ~/cmdList <<E_O_F
conf t
snmp-server host 10.10.10.10 version 2c trapString
end
E_O_F
clogin -x ~/cmdList devname1 devname2 ... devnameN
### done ###
Thanks,
Lee
>
>> On Oct 15, 2015, at 8:23 PM, Lee <ler762 at gmail.com> wrote:
>>
>>>> The downstream switchport was also configured for native vlan of 999 -
>>>> BUT
>>>> vlan999 was not created in the vlan database so defaulted to ...
>>
>> Does anyone know of a program that will check all of the trunk ports
>> on switches for vlans allowed + vlans allowed and active on both sides
>> of a trunk port?
>>
>> Seems like it shouldn't be all _that_ hard to write, but downloading
>> an already written program is easier still :)
>>
>> Thanks,
>> Lee
>>
>>
>>
>> On 10/15/15, Patrick M. Hausen <hausen at punkt.de> wrote:
>>> Hi, Nick,
>>>
>>>> Am 15.10.2015 um 13:43 schrieb Nick Cutting <ncutting at edgetg.co.uk>:
>>>> I came across a curly one like this a few months back - turned out the
>>>> STP
>>>> handling of native VLan frames VS a non-created but configured native
>>>> vlan
>>>> on the downstream switch port.
>>>> The downstream switchport was also configured for native vlan of 999 -
>>>> BUT
>>>> vlan999 was not created in the vlan database so defaulted to expecting
>>>> STP
>>>> frames untagged I think - it was something like that.
>>>
>>> You nailed it! for some reason that I now need to investigate
>>> I do not have VLAN 999 in my VLAN database.
>>>
>>> *argh*
>>>
>>> Thanks, everyone.
>>> Patrick
>>> --
>>> punkt.de GmbH * Kaiserallee 13a * 76133 Karlsruhe
>>> Tel. 0721 9109 0 * Fax 0721 9109 100
>>> info at punkt.de http://www.punkt.de
>>> Gf: Jürgen Egeling AG Mannheim 108285
>>>
>>>
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
More information about the cisco-nsp
mailing list