Ethernet Switching
Ethernet Switching

Script in EX 2200

12.14.16   |  
‎12-14-2016 12:24 PM

Hello,

 

I want to know how I can do a script for all ours Switches in our network, I need to know which Switch has enabled:

show configuration ethernet-switching-options secure-access-port

 interface all {

allowed-mac......}

 

Does any body know about this?

 

Thanks

7 REPLIES
Ethernet Switching

Re: Script in EX 2200

12.14.16   |  
‎12-14-2016 07:53 PM

Hi tuff,

 

can you please clarify your question, do you want to know which switch has a script enabled on it ??.

 

or do you need a script.

 

Thanks,

Ramesh.G

Ethernet Switching

Re: Script in EX 2200

12.15.16   |  
‎12-15-2016 06:43 AM


Thanks for your reply rgopi,

I want to know which Switches are the port security enabled in by using a script :
@XXX> show configuration ethernet-switching-options secure-access-port
interface all {
allowed-mac [ ];
}

I need to enable it in ours Switches, is there any script I can use to know which are enabled and which are not?

Ethernet Switching

Re: Script in EX 2200

12.15.16   |  
‎12-15-2016 06:50 AM

Do you have Space running?  If not you could get a free demo version to use via download from Juniper Support site.  You could use the Looking Glass feature for this.  Depends on how many actual switches you need to look at, if you might need to use multiple interations.  For info look here:

 

https://www.juniper.net/documentation/en_US/junos-space12.3/platform/topics/task/operational/platfor...

 

Good luck.

Ethernet Switching

Re: Script in EX 2200

12.15.16   |  
‎12-15-2016 07:04 AM

 

Hi,

 

We have a linux server,   We can running the script from here, all devices have connection with it.

Ethernet Switching

Re: Script in EX 2200

03.16.17   |  
‎03-16-2017 06:19 AM

Hi, 

 

You could use a bash script for this.

I used a similar script to extract all ospf interfaces and build a template for RSVP [attached].

I had a file 'node.txt' listing the nodes/routers to query. 

 

You could adapt this for your purpose by including an if not empty condition. Below is an example:

#!/bin/bash
        for node in $(cat /tmp/node.txt)
        do
            sshpass -p "password" ssh $node -o PubKeyAuthentication=no "show configuration ethernet-switching-options secure-access-port" >> /tmp/$node.yml 
	    echo "$node config present"
        done

I may be able to test it later.

Hope this helps.

 

Cheers,

Ashvin

Attachments

Ethernet Switching

Re: Script in EX 2200

03.16.17   |  
‎03-16-2017 10:59 PM

Hi Folks,

If you have netconf in the box, you can also pull same information via netconfig, dump it and run scripts based on the context check as above refered by AshvinO..

 

Sample RPC:

<rpc>

    <get-config>

        <source>

                <running/>

        </source>

        <filter type="subtree">

            <configuration>

                <system>

                                        <login>

                                                <user>

                                                        <name>lab</name>

                                                </user>

                                        </login>

                </system>

            </configuration>

        </filter>

    </get-config>

</rpc>

]]>]]>

-Python JNCIP [SP|ENT|DC|SEC] CCIP JNCDA ITIL
#Please mark my solution as accepted if it helped, Kudos are appreciated as well.
Highlighted
Ethernet Switching

Re: Script in EX 2200

03.18.17   |  
‎03-18-2017 01:59 AM

Hi, 

 

Equivalent python script:

import warnings
warnings.filterwarnings("ignore")

from jnpr import junos
device={'node1', 'node2'}
for dev_host in device:
 dev=junos.Device(host=dev_host, user='username', password='pass', gather_facts=False)
 dev.open( )
 out=dev.cli("show configuration protocols rsvp", warning=False)
 if out:
  print "%s: Config is present" %(dev_host)
 dev.close( )

Python script requires the Junos automation python library to be installed and netconf to be enabled on the devices.

 

The bash script with "if not empty" condition:

#!/bin/bash
        for node in $(cat /tmp/node.txt)
        do
        	command=$(sshpass -p "password" ssh $node -o PubKeyAuthentication=no "show configuration protocols rsvp")
		if [ -n "$command" ]
	    	then
	            echo "$node config present"
	    	else 
		    echo "$node config not present"
            	fi
        done

 Example:

#python show_config.py 
node1: Config is present

# ./show-command.sh 
node1 config not present
node2 config present

 

Please adapt the show commands & credentials accordingly.

Hope this helps.

 

Cheers,

Ashvin