[f-nsp] Pasting long configs using Console to MLX

Piper, James James.Piper at railcorp.nsw.gov.au
Mon Jun 11 23:36:10 EDT 2007


Thought I'd tell you all how we have worked around this particular
problem.

We started with a scripted login to the switches which is just horrible
but could take a blanked switch and upload config via a cosole server.

What we have implemented a script using SNMP and TFTP to manage our
uploading. This obviously requires a "bootstrapped" switch, but it works
great!
1. Uses SNMP to verify identity and suitability of target switch (MAC,
hostname, software versions etc)
2. Uses SNMP to upload the config from a TFTP server to the start-config
of the switch. 
3. Waits for the operation to complete.
4. Uses SNMP to TFTP download the config from the switch and checks
against the original version. If this fails it tries again for a
definable number of attempts before aborting the operation. It probably
should use SNMP to copy run to start but we haven't done this yet.
5. Uses SNMP to reboot the switch.

We have full redundancy and periods of time where we can perform reloads
without affecting services. 

James Piper 


-----Original Message-----
From: foundry-nsp-bounces at puck.nether.net
[mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Richard A
Steenbergen
Sent: Monday, 11 June 2007 05:31 AM
To: Mike Leber
Cc: foundry-nsp at puck.nether.net; Morten Isaksen
Subject: Re: [f-nsp] Pasting long configs using Console to MLX

On Sat, Jun 09, 2007 at 11:45:14PM -0700, Mike Leber wrote:
> 
> On Fri, 8 Jun 2007, Morten Isaksen wrote:
> > You could use TFTP.
> 
> Does TFTP support sending just partial config changes to do things 
> like add customers addresses or BGP sessions to routers?
> 
> (Also, we don't allow SNMP write communities anywhere on our network 
> due to repeated and numerous ASN.1 holes.)

TFTP does partial changes, just like if you TFTP'd a config file to a
Cisco, the downside being that if you don't want to trigger it via SNMP
you have to script a login to the box. SCP is a better way, but on older
code scping to running-config overwrote the entire thing and replaced it
with what you were uploading, which is Bad (tm). I submitted a feature
request for partial updates of the config from SCP, which I'm pretty
sure was implemented in newer MLX/XMR code, but I forget the exact
version where this happened offhand.

-- 
Richard A Steenbergen <ras at e-gerbil.net>
http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1
2CBC) _______________________________________________
foundry-nsp mailing list
foundry-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp




This e-mail and any attachments may contain confidential information that is intended solely for the use of the intended recipient and may be subject to copyright. If you receive this e-mail in error, please notify the sender immediately and delete the e-mail and its attachments from your system. You must not disclose, copy or use any part of this e-mail if you are not the intended recipient. Any opinion expressed in this e-mail and any attachments is not an opinion of RailCorp unless stated or apparent from its content. RailCorp is not responsible for any unauthorised alterations to this e-mail or any attachments. RailCorp will not incur any liability resulting directly or indirectly as a result of the recipient accessing any of the attached files that may contain a virus.



More information about the foundry-nsp mailing list