[afnog] I would be interested in Cisco (and non-Cisco) Config Management Scripts - RE: AS filtering question

[Nishal Goburdhan]

On 05 Sep 2013, at 3:51 PM, Jeff Mason <jmason at Nashville-MDHA.org> wrote:

> FYI, if you do write professional configuration scripts for any level of Cisco routers, I would be very interested in those scripts.

i don't.  mostly, because i'm lazy, i re-use known good working stuff like:  http://rancid.shrubbery.net
with a little massaging, that's usually worked fine for 95% use case.

> At a previous job, I wrote scripts that automated password changes on all Cisco switches, routers & firewalls. Granted, there's no direct ability to script in any "elegant" manner; i.e., I had to write scripts based on partially "feeding" input via TFTP & telnet/ssh and so forth. I know there are expensive tools you can purchase (CiscoWorks, is that the right name?) - we tried that, and it lets you manage a certain number of devices (50? before you have to purchase a licensed version); and we had more devices than the "free version" supported; and it did not seem to be as robust and/or flexible as what we wanted. At any rate, I had written a set of scripts that more or  less automated Cisco/ASA firewall, switch, router & concentrator changes (as well as config changes, as needed). 
> 
> What solutions for scripting Cisco router/firewall/switch changes are most common among the Afnog community?
> NOTE: I have begun publishing on Microsoft's Technet Script Gallery some of my scripts (none of the Cisco scripts yet - I will have to dig them out of the cobwebs and dust - LOL)
> It is  free to publish on Technet, and you do get some form of "professional/industry" recognition. Also, it's a great repository to find existing scripts and keep from re-inventing the wheel.
> 
> Below are my 6 script contributions so far.
[snip]
> As I said, I would LOVE to see any scripts you may have for Cisco (or non-Cisco) network devices, and to understand what tools are best for managing those devices.


thank you for sharing your material;  i truly hope that someone who uses windows finds them useful.

i always have a master list of equipment (or something that can be pulled into a list).
clogin - a script that's shipped with rancid, is smart enough to run through particular such lists, and issue $command.
honestly, that was easy enough to get most things done - and because simple is better (for me), that work(ed) well.

you can find some really useful management foo here:  http://www.nanog.org/meetings/nanog26/presentations/stephen.pdf
and depending on your needs, you might find gerty interesting too:  https://github.com/ssinyagin/gerty

--n.