By:
On:
In: automation, Scripting, Windows
With: 0 Comments

After provisioning a new Cisco CSR1000V-Router this script waits until the router is fully deployed got it’s Management-IP-Address assigned via DHCP. and returns this Management IP-Address. Prepare First, install „netaddr“-package. needed to check, if the management-IP of the CDP-Neighbor is in the correct IP-Subnet the „wait-for-CDP“-Script Obviously far to much hard-coded stuff, just as an example 😉 waiting for a CDP-Neighbor to appear with the following properties: hostname „CSR-A“ an IP-Address within the network „192.168.56.0 /24“ at the interface VirtualBox Host-Only-Network Provision a new CSR1000V Router named „CSR-A“ Run the „wait-for-CDP-Neighbor“-Script In a second CMD-Box, and… Be patient, of course. Or store the returned IP-AddressRead More →

By:
On:
In: Scripting
With: 0 Comments

Watch and decode Cisco Discovery Protocol Packetes. CDP Monitor-Script Inspired by the Scapy ARP-Monitor i created an CDP-Monitor displaying hostname and an optional Management-IP-Address. Real-Life Example Run this script: Open another CMD-Window to spin up a new CSR1000V-Router: Go back to the „python“-Screen and wait: It works, the IOS-XE CSR1000V-Router is installed and it got it’s baseline-config applied: Hostname Interface set to „ip address dhcp“ CDP enabled takes some time, but these first CDP-Packets captured were not sent in 60s interval, so don’t be scared 😉Read More →

By:
On:
In: Scripting
With: 0 Comments

It’s hard to believe, how easy it is to capture (and to craft) LAN-Data using Python Scapy. I need to capture CDP-Packets and to extract information like the hostname of the sender and it’s IP-Address. As an modification of the „ARP-Monitor“-example taken from the manual Using scapy in your tools. Scapy Installation nothing special: pip install Python: Install Scapy Example: List all Interfaces of my Laptop Capture 10 Packets on a specific interface Capture CDP-Packets Decode CDP (with inactive dissector) Activate the CDP-Parser Capture again and display CDP-Information as cleartext Decode CDP-Hostname Decode CDP-Management-IP-AddressRead More →

By:
On:
In: Scripting, Windows
With: 0 Comments

How often had i to look up this in the web, always wondering about myself still using the Windows-CMD-shell… Should move on to powershell… store the output of another command in a variable Example: the „date“-command Copy the date into the variable „TTT“ Not elegant, not intuitive, not self-explanatory: This Shell Scripting language seems not to be made for daily usage 😉Read More →

By:
On:
In: automation
With: 0 Comments

To enable immediate remote-access to brandnew deployed virtual Cisco CSR1000V-Routers by scripts, ansible etc. it’s necessary to predeploy the startup-config at least with public-rsa-keys etc. Prepare Download and install the nice tool http://CDBurnerXP. This will install a companion cli-tool cdbxpcmd.exe along with the GUI-Version. It’ll be used to prepare an ISO-„CDROM“ containing the prepared „startup-config“-file. Prepare Prepare an IOS-XE Configuration file… Modify the existing script These commands create the ISO-File in the %LOC%-Path. Mount this ISO to the VM The contained config-file will get automatically applied when the router boots the first time. Run the VM the config-file gets applied access the router This dependsRead More →

By:
On:
In: automation
With: 0 Comments

In a lab environment it might be handy to quickly rollout new (virtual) routers without much manual intervention. The following script creates a VirtualBox-VM and boots it up. Prepare Install VirtualBox and have a CSR1000V-ISO-File ready. Execute The Inventory populates: Use it After another reboot the serial console can be accessed by a windows pipe: The pipe provides access to the serial-console:Read More →

By:
On:
In: client, linux
With: 0 Comments

It’s a two step process to get rid of insecure username/password-authentication. Generate a RSA keypair at your SSH-client btw. Cisco-IOS doesn’t support DSA-keys Configure your network device(s) to assign the (public-)key of this keypair to an user-account This user-account could get privileges from a Radius/TACACS+-Server which could provide access-logs, too. Generate RSA-Key: Windows as SSH-Client I prefer Putty, usually in form of „mRemoteNG“, so i use PuttyGen to generate the RSA keypair. Windows.Start => PuttyGen (x) RSA, 4096-bits are supported, use it [Generate] move the mouse to improve the randomgenerator change the „comment“ – for example replace it by an username add a passphrase –Read More →

By:
On:
In: automation, linux
With: 0 Comments

Background: Python-Requests wants to verify https-certificates, which makes sense to me. – but my VCenter uses a self-signed Certificate Don’t think about ignoring certificate errors 😉 Prerequisites Download the certificate from the VCenter: Install the certificate: Now Python.requests validates the vCenter: Add the Export to ~/.bashrc at the end of the fileRead More →

By:
On:
In: automation, linux
With: 0 Comments

…this article should have been published at 2017-11-23, i forgot to press the right botton. So, an update might be needed, anyone still interested in cot today? Release 2.1 (2018-01-29) is the current release, containing some fixes (https://github.com/glennmatthews/cot/blob/master/CHANGELOG.rst) COT installation using PIP So, let’s go, following thats embarassing. Install PIP first Try it again Optional: Argument-Completion Not essential, but handy. COT helpers A full installation requires so called „cot-helpers“ to use all features. first fix „fatdisk“ which is used to inject configs into OVA-Files uncomment to and run the helper-installation again: But it threw a lot of warnings.. warning: format ‘%lu’ expects argument of typeRead More →

By:
On:
In: linux
With: 0 Comments

A new linux-VM takes ages to boot: it waits for 2 minutes for the network to come up Whats the reason for the delay? „routable“ interfaces with not router-address provided by the dhcp-service never come up for the „networkd-wait-online“-service. find more information at GitHub Issue 3752 – systemd-networkd can’t configure interface if dhcp server does not provide routers State: forever „configuring“ not „configured“ Background information „enp0s3“ is a virtual-box „host-only“ network with no routing provided Action Plan: „Set this interface to not be checked.“ locate the systemd-unit-file: Path: /run/systemd/generator/network-online.target.wants File: systemd-networkd-wait-online.service Edit (sudo) file add „ignore“-Option docs: networkd wait online service The service specific configurationRead More →