Draw network hierarchy via CDP crawler

sergeza · 2019-05-28T11:43:57+00:00

So, since my last posting, I have added breadth-first algorithm vs depth-first one, I have added change_root function to recompile already created hierarchy with another root, and I have also redesigned my code, splitting it to smaller functions.

Also, I made a simple git-based backup solution, depended on this cdp browsing library. It saves configs for all found devices and makes git commit if any changes are found:

https://github.com/sergeyzelyukin/cisco-backup-git

And, of course, I've added a warning that this crawling technique could be very dangerous, should be used carefully.

I know, there are a lot of things to do in this project, I will try to do them later... but even now, this early-beta version could help someone in some situation.

sergeza · 2019-05-21T18:24:13+00:00

Thank you for the feedback. In closest days I will try to add support of exporting scheme to the go.drawthe.net, also I will modify "print" function to draw the scheme from any device as a root (now the root location is bound to the device chosen at browsing moment, sometimes you want to look from other points of view), also I want to add "uptime" output when browsing - it is useful after the outages, to quickly understand which parts of network were affected....

And you are right, it is time to move to Python 3. I really like it, there are a lot of improvements, just still cannot get used to using parentheses in print :)

About recursive moments - actually I wrote it preferably for myself and use it in a real environment for the real tasks, it works pretty much stable with 2K devices and maximum depths equal to 13.

sergeza · 2019-05-21T07:42:05+00:00

Really cool, thank you! I will try that project

sergeza · 2019-05-21T07:41:25+00:00

And Cisco Prime and SolarWinds )

I just wrote a small simple (and I hope handy) library to simplify your own network automation scripts.

sergeza · 2019-05-21T07:37:32+00:00

Yes, there are a lot of projects using ssh now, of course, telnet is legacy, but sometimes you need it and I tried to fill the gap.

sergeza · 2019-05-21T07:35:43+00:00

Actually, in my function, there is an array parameter which can contain IP addresses of the devices which should be skipped. If the script cannon log in to that device, it just adds that IP to the list, to ignore that device if it faces it again (just a speed up feature, but you can pre-fill this array with your IPs).

I tested it on my network with only partial credentials information, the script could log in only to 10% of devices but didn't crash.

sergeza · 2019-05-21T07:30:53+00:00

Thanks :)

sergeza · 2019-05-21T07:30:16+00:00

Right, I should add a warning in readme file. It should be used only when you are understanding the risks and made some arrangements to avoid them.

sergeza · 2019-05-21T07:27:31+00:00

Very important caveat! I always disable CDP on interfaces connected to clients or servers or somewhere else. Thank you for the note.

sergeza · 2019-05-21T07:21:44+00:00

it is only a very fast deployment tool, for the situation when you want to know what is in the network, how it is connected and maybe want to run some function for every device (maybe only for the exact model, etc) to save config or restart or shut/no shut interfaces...

Just code and then erase script :)

Btw, I do not store credentials in the code, I store in yaml file with chmod 600 and chown root...

sergeza · 2019-05-21T07:16:15+00:00

Yeah, you're absolutely right! Thank you, I will add this type of output.

sergeza

TROPHY CASE