Cisco Network Management with Open-Source Tools
If you're like me, you don't relish the idea of paying good money for
tools that could be had for free. When I first started working in my
Network Engineer role, I went looking for tools to help me manage a
network of 400+ Cisco switches. What I found were some awesome tools
like Kiwi CatTools
and (on the high-end)
Cisco Works.
These tools looked great, but they were expensive (at least for our budget).
So, I set off on a quest to develop some network management tools that both
fit our budget and met our needs.
Sidenote: Net::Telnet::Cisco Dependency
The scripts on this page depend on the Net::Telnet::Cisco perl module. This
module can be installed from CPAN like this:
perl -MCPAN -e shell
install Net::Telnet::Cisco
Locate an IP on Your Network
Keeping a table of last-known MAC address locations is so tedious when you could just
track them on-demand.
This script will scan through your network (intelligently, given the
address of a core device) to track down an IP address (or a MAC address/VLAN pair). When
run, it looks something like this:
$ tracemacz -i 10.0.96.62
Best match network for 10.0.96.62 is 10.0.96.0/255.255.252.0
Found route to 10.0.96.0 out interface 14 (Vlan96) on 10.0.2.3
Host is known by switch 10.0.2.3: 10.0.96.62 - 00:14:A8:68:B1:40
starting at 10.0.2.2:
> 10.0.2.2 ---> 4/1 (Quad Core 3750)
> 10.0.2.5 <--- GigabitEthernet1/0/1
next hop 10.0.2.5:
> 10.0.2.5 ---> GigabitEthernet1/0/11
> 10.0.2.4 <--- GigabitEthernet0/1
next hop 10.0.2.4:
> 10.0.2.4 ---> FastEthernet0/4
> 10.0.96.62 <--- GigabitEthernet0/1
next hop 10.0.96.62:
You have traced to a switch. You are now at 10.0.96.62 (PhysPlant_A.clarkson.edu).
Sidenote: Directory Structure
Several of the tools that I have included on this page will depend on a basic directory structure
that looks something like this:
.
|-badports
|---20040923
...
|-bin
|-changes
|-configurations
|---20040923
...
|-etc
|-inventory
|-logs
|-temp
Configuration Backup and Archival
One of the most immediate needs for our environment was to backup all switch
configurations and to create a "time capsule" for them. Towards
this end, I developed a perl script that relies heavily on the perl module Net::Telnet::Cisco.
This script lives in the ./bin directory and expects two other directories to exist:
configurations and etc. The script will create a folder with the date stamp inside
configurations and will symlink current to this directory. In the etc folder, the
script expects to find a file titled comm-iplist.dat. This file should be of this
format:
Name of Switch - 10.0.1.2
Name of Switch - 10.0.1.3
Generate a Switch Inventory
Another need that we had was for an inventory tool to gather information like IOS version,
memory size, serial number, etc. All of this information is able to be queried through
Cisco CLI, so it was a simple matter to script using Net::Telnet::Cisco.
This script lives in the ./bin directory and expects two other directories to exist:
inventory and etc. The script will create a file with today's date stamp inside the
inventory folder. This file will include a csv formatted inventory of the switches
found in ./etc/comm-iplist.dat (format above).
Locate Bad Ports
This script will scan through all of your switches that support the "sh post" command
looking for ports that fail at POST. It depends on two directories: badports and etc.
In etc, it expects to find a file containing all of your switches supporting the "sh post"
command. It will output a directory under badports that includes the date stamp and a
batch of files, named by IP address, for any switches that fail at POST. If there are
no files in this directory, then you've got a clean network.
|
