HN3BC7ARUXHE
This past week I had to update selected edge ports on a set of Cisco Catalyst 4507 and 4510 switches. Two things forced me to take the time to use NetMRI's Configuration Command Scripting (CCS) language to automate the process. The first was an inconsistent deployment and the second was an IOS bug. Using a script greatly reduced the opportunity for me to make a mistake that would ultimately be very difficult to find. Each switch contained at least four 48-port 10/100/1000 blades (WS-X4648-RJ45V+E).
I started out with one set of switches and scanned the configuration to verify the range of edge ports on each blade. The 'interface range' command made it easy to add the appropriate interface configuration to the large ranges of edge ports. That worked well for a few devices. Then I ran into problems.
The use of some of the ports varied from system to system. For example, each switch hosted four or five Wireless APs. Each set of four APs was connected to a known set of ports, but AP1 was not consistently connected to the same port on different switches. And where there were five APs, the fifth unit was connected to a random port on the switch. There were similar configurations for other ports, where a server or some other device was connected. So I had to be careful about selecting the port ranges to which my updated configuration commands should be applied. I started by carefully examining the current configurations to find edge ports that could be manually configured. This severely impacted my productivity and I started thinking about building a script.
The second problem was that in some of the 4500s, I ran into an IOS bug that affects systems that have redundant Supervisors. Syslog shows the following error:
%SYS-3-TIMERNEG: Cannot start timer (0xXXXXXXXX) with negative offset (-YYYYYYYYYY). -Process= "<interrupt level>", ipl= 2
A traceback follows the message (see https://supportforums.cisco.com/message/623987). I tried a variety of ranges and some would work, but it was random and I was wasting time. Two problems, each of which required that I carefully examine the device configurations was enough to get me to take the time to write the script. It was a short script. It had to identify edge ports and add my configuration commands to each one. Fortunately, all the edge ports were easily identified by two statements:
switchport mode access
switchport voice vlan XX
The script started by executing 'show run'. For each interface, it then extracts the configuration for just that interface, using 'show run interface XX'. It parses the output to make sure that it is an edge port and if it is, it will add the desired commands. When it has finished configuring all ports, it saves the configuration. This approach takes a while to run and I had to change the NetMRI script timer to give it enough time to run for all the interfaces that might be on 8 blades of 48 ports each in a 4510. What I liked about it was that I didn't have to spend a lot of time executing commands. It could handle randomly assigned ports, as long as there was a standard configuration for the edge ports. If there had been a couple of configuration styles for edge ports, I'd have built more sections into the script to match each one.
Marty Adkins and I discussed the approach and he came up with a more elegant mechanism. He would have had the first command do
show run | i ^interface|switchport\ mode\ access|switchport\ voice\ vlan
This would group the necessary lines together, making it easy to match the combination of three lines that were needed. I wouldn't have needed to use 'show run interface XX' with his approach, allowing the script to run much faster and more efficiently.
I now have a neat script that will allow me to make future edge port configuration changes with little effort, and I like that.
-Terry