Posts Tagged ‘tcl’

Jul
08

For a limited time we are publishing the Route Redistribution videos from our CCIE Routing & Switching Advanced Technologies Class for public viewing.  These videos cover all aspects of Route Redistribution needed for the CCIE R&S Lab Exam outside of the scope of MPLS, and will also be useful for any engineers looking for more information on how the Route Redistribution process works.

Specifically these videos cover basic and advanced route redistribution configuration, verification, and troubleshooting, including how and why route redistribution loops occur, how to identify and fix loops related to both Administrative Distance and Metric, TCL scripting for reachability testing, route tagging, the IP Route Profile feature, how to use and interpret the debug ip routing output, and other related topics.  Links the videos are as follows:

For technical questions about the topics covered in these videos please visit INE’s Online Community.

All of these videos and others totalling over 80 hours for the CCIE R&S ATC series are included in all of our All Access Pass subscriptions at just $159 per month, along with access to over 900 hours of other training videos that include, but are not limited to:

  • CCNA Routing & Switching
  • CCNA Security
  • CCNA Voice
  • CCNA Wireless
  • CCNP Routing & Switching
  • CCNP Security
  • CCNP Voice
  • CCIE Routing & Switching
  • CCIE Security
  • CCIE Voice
  • CCIE Service Provider

Tags: , , , , , , , ,

Feb
22

One common problem that causes candidates to fail the CCIE Routing & Switching Lab Exam is the lack of complete IP reachability to various segments used in the network topology. However, due to the short time constraints of the lab exam itself it can be difficult to dedicate enough time to properly verify that reachability exists between all relevant segments. In order to solve this problem two very useful features can be implemented during the lab exam, TCL scripting on the routers and macro scripting on the Catalyst switches.

TCL (Tool Control Language) is a scripting language used extensively by Cisco to facilitate the testing and automating of various functions in the IOS. For example advanced implementations on IOS can go as far as programming a router to send you an email when its interface utilization exceeds the normally defined average. In our case we will be using very basic TCL programming to sequentially run the “ping” command.

Macro scripting on the Catalyst switches is a simple way to define templates of configuration that can be applied globally or to interfaces by issuing a single command. Examples of predefined macros include the “switchport host” command, which enables portfast, sets an interface to access mode, and disabled DTP, and the “auto qos” feature. For our implementation we will be using the macros to run pings commands sequentially.

The first step in configuring a ping script is to collect the IP addresses that will be tested in the topology. There are two simple ways to do this, either through the “show ip interface brief” command or the “show ip alias”. Both of these commands show local IP addresses allocated on the device and any addresses that are being proxied for (i.e. dns proxy or NAT). The “show ip interface brief” output can be filtered through quickly by using the “show ip interface brief | exclude unassigned” command so that only interfaces with IP addresses are listed.

Next we’ll need to copy these addresses into a text editor (i.e. Windows notepad in the CCIE lab exam), and do some basic manipulation. To do so use the column select feature of SecureCRT (the terminal emulator used in the lab exam) by holding down the ALT key and then selecting with your left mouse button. This will minimize the amount of text that we have to sort through. Once you’re done you should have a neat list of addresses in notepad that looks something like this:


192.168.255.1
192.168.255.2
192.168.255.3
192.168.255.4
192.168.255.5
192.168.255.6
192.168.255.7
192.168.255.8
192.168.255.9
192.168.255.10

Next we need to manipulate these addresses for TCL on the routers and macro scripting on the switches. For TCL we are going to define the IP addresses as an array, and then use a “for” loop to run the ping command with the array as its argument. The syntax in IOS 12.4 for this implementation is as follows:


foreach VAR {
192.168.255.1
192.168.255.2
192.168.255.3
192.168.255.4
192.168.255.5
192.168.255.6
192.168.255.7
192.168.255.8
192.168.255.9
192.168.255.10
} { puts [exec "ping $VAR"] }

Specifically we are defining the array “VAR”, which represents the IP addresses, then sending the exec command “ping” with “VAR” as the argument. Now to actually run the script in IOS we first must invoke the TCL shell. This is accomplished with the exec command “tclsh”.


Rack17R1#tclsh
+>

Now paste the script from notepad into the router and it should run the pings:


Rack17R1#tclsh
+>foreach VAR {
+>192.168.255.1
+>192.168.255.2
+>192.168.255.3
+>192.168.255.4
+>192.168.255.5
+>192.168.255.6
+>192.168.255.7
+>192.168.255.8
+>192.168.255.9
+>192.168.255.10
+>} { puts [exec "ping $VAR"] }

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/58/60 ms

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 84/86/89 ms

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 140/147/164 ms

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 140/142/144 ms

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/59/65 ms

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.8, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/57/60 ms

Rack17R1(tcl)#

Note that in the above test we can see that the address 192.168.255.8 is unreachable. Once TCL is completed we must now make sure to exit the shell. This can be accomplished with either the “tclquit” command, or simply typing “exit” to leave the exec process. Unless TCL is exited the IOS can have some unexpected behavior, like the below example:


Rack17R1(tcl)#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Rack17R1(config)#route-map TCL_BREAKS_SET_COMMAND

Rack17R1(config-route-map)#set local-preference 100
100
Rack17R1(config-route-map)#end

Rack17R1(tcl)#
*Mar  1 05:45:49.906: %SYS-5-CONFIG_I: Configured from console by console
Rack17R1(tcl)#show run | section route-map
route-map TCL_BREAKS_SET_COMMAND permit 10

Rack17R1(tcl)#tclquit
Rack17R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Rack17R1(config)#route-map SET_FIXED_WITH_TCL_EXITED
Rack17R1(config-route-map)#set local-preference 100
Rack17R1(config-route-map)#end
Rack17R1#
*Mar  1 05:46:28.882: %SYS-5-CONFIG_I: Configured from console by console
Rack17R1#show run | section route-map
route-map TCL_BREAKS_SET_COMMAND permit 10
route-map SET_FIXED_WITH_TCL_EXITED permit 10
 set local-preference 100

The above output shows that TCL was invoked, then a global route-map named “TCL_BREAKS_SET_COMMAND” was defined. In this route-map the “set” command was issued. However with TCL still running the “set” command is first interpreted by TCL as an attempt to set an environment variable, instead of sent to the exec process itself. The result is that instead of setting local-preference for the purpose of BGP manipulation we are actually creating a variable named “local-preference” that has a value of 100. Once the “tclquit” command is issued we can see that the next route-map, “SET_FIXED_WITH_TCL_EXITED” successfully uses the set command.

Next for macro scripting on the Catalyst switches we will take the same list of IP addresses used before and prefix them with the commands “do ping”. The resulting list in notepad should look like this:


do ping 192.168.255.1
do ping 192.168.255.2
do ping 192.168.255.3
do ping 192.168.255.4
do ping 192.168.255.5
do ping 192.168.255.6
do ping 192.168.255.7
do ping 192.168.255.8
do ping 192.168.255.9
do ping 192.168.255.10

Next we’ll insert these commands as a sequence in a global macro as follows:


Rack17SW1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Rack17SW1(config)#macro name PING_SCRIPT
Enter macro commands one per line. End with the character '@'.
do ping 192.168.255.1
do ping 192.168.255.2
do ping 192.168.255.3
do ping 192.168.255.4
do ping 192.168.255.5
do ping 192.168.255.6
do ping 192.168.255.7
do ping 192.168.255.8
do ping 192.168.255.9
do ping 192.168.255.10
@
Rack17SW1(config)#

We now have a script named “PING_SCRIPT” that can be run from global configuration. To apply the script use the following syntax:


Rack17SW1(config)#macro global apply PING_SCRIPT

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 51/57/59 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 25/30/34 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 84/89/101 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 83/87/93 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 50/57/59 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 50/57/59 ms
Rack17SW1(config)#

Once you are proficient in this methodology building both the TCL and macro scripts should only take about 2 – 3 minutes in the lab, with another 5 minutes to run them. The resulting time savings versus running manual pings to all segments, and the resulting information on what is reachable and what is not can be the difference between passing and failing the CCIE lab exam.

Tags: , , , , ,

Categories

CCIE Bloggers