The best place for network developers

Automatic interface configuration

Automatic interface configuration on a Cisco Switch for connected Access Points.

Have you ever thought how easily you can configure Switch Interfaces to which are connected Cisco Access Points? Do you still use a simple template which you copy from notepad and paste the configuration into your Switch CLI? Now you can stop doing that – use python scripts which do that for you!

In our topology lab, we used a very simple infrastructure but the only difference between our lab and bigger infrastructure is a scale. The amount of devices that we are configuring manually makes our manual configuration error prone. For Python, it does not really matter if we are configuring one device or 100 devices. To make our code clearer and faster we decided to use very simple topology:

As we can see, we have one switch:

  • US-LAB-SW-01

And 3 access points which are connected to above switch:

  • US-AP-2 connected on port Fa0/2
  • US-AP-3 connected on port Fa0/3
  • US-AP-4 connected on port Fa0/4

TIP

Our script is going to be very short and quick so I decided to put everything in main() function in Python. Please note that this is not recommended for some real projects and this is not recommended behavior of having a clean code in Python.

As a first step in the main() function we are going to use Netmiko library (https://devnetspace.com/netmiko-python-library/).  

  1. cisco_switch = {
  2. 'device_type': 'cisco_ios_telnet',
  3. 'ip': '10.110.11.1',
  4. 'username': 'root',
  5. 'password': 'admin',
  6. 'port': 23,
  7. 'secret': 'enable'
  8. }
  9. net_connect = ConnectHandler(**cisco_switch)

TIP

If you are going to configure more than one switch, you can use "for" loop and in each iteration of "for" loop make a connection to every device step by step.

In line 1 we define a dictionary where we put our device settings (lines 2-7) and then, in line 9, we do a connection to this device.

  1. get_cdp_output = net_connect.send_command('show cdp neigh')
  2. time.sleep(1)
  3. device_and_interface_regex = re.compile(r'(\S+)\s + (Fas \d/\d) ')
  4. device_and_interface = device_and_interface_regex.findall(get_cdp_output)

Next via (line 1) net_connect.send_command method I am going to send one command “show cdp neighbor” to my switch. Theoretically, using “time.sleep” is not necessary but I strongly recommend it to use… just in case 😉.

TIP

Regarding regex I can recommend links: https://automatetheboringstuff.com/chapter7/ - here you can get to know a lot about regex from scratch and https://regex101.com/ - here you can test your regex search.

Going briefly through regex commands (lines 3-4) the most important part is regex query “(\S+)\s + (Fas  \d/\d)”

Firstly, let me describe each character:

  • \S – any non-whitespace character
  • \s – any whitespace character
  • \d – any digital character

Why do I use such regex query? Let we have a look on our output from show cdp neighbor command:

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, 
                  D - Remote, C - CVTA, M - Two-port Mac Relay 
 
Device ID        Local Interface     Holdtime    Capability  Platform  Port ID
US-AP-4          Fas 0/4           177              R B   AIR-CAP2702I-E-K9 GigabitEthernet0
US-AP-3          Fas 0/3           121              R B   AIR-CAP2702I-E-K9 GigabitEthernet0
US-AP-2          Fas 0/2           172              R B   AIR-CAP2702I-E-K9 GigabitEthernet0

So with query (\S+)\s we can catch all strings which consist of any non-whitespace character (\S) and which finishes (+) as a whitespace character(\s) – as a result we capture all strings with “space” between them. Additionally, in query we added (\S+)\s + (Fas (…)) – thanks to that we can find only strings (here it is US-AP-X) with spaces where next characters are Fas (on my switch Access Points are connected only via FastEthernet interfaces. If you have multiple interfaces on your device, you can also search them using pipe (|) e.g. Eth|Fas|Gig etc.)

Next part in our regex query (Fas \d/\d) is… finding FastEthernet port Number – because /d is just a digital – on our device always after Fas string will be syntax X/X with port number. If you want, you can always specify port numbers more precisely like deciding to look only for 0-19 ports or any other regex you want.

Our variable device_and_interface (line 4) gives the following output:

[('US-AP-4', 'Fas 0/4'), ('US-AP-3', 'Fas 0/3'), ('US-AP-2', 'Fas 0/2')]

We receive a list which consists of 3 lists, that each of them contains 2 elements:

  • Access Point name
  • Interface to which above AP is connected to
  1. for i in range(0, len(device_and_interface)):
  2. config_commands = ['interface ' + str(device_and_interface[i][1]),
  3. 'description connected to ' + str(device_and_interface[i][0]),
  4. 'switchport mode access',
  5. 'switchport access vlan 100']
  6. print(config_commands)
  7. net_connect.send_config_set(config_commands)

Last step of our code if a for loop, which goes through all elements of above list (line 1). Then via variable config_commands (line 2-5) we create a list of commands which will be applied on our device.

In my template we always use vlan 100 for Access Points, but for sure, if you have different VLANs for different APs you can apply any logic that you want with Python script.

Our printed config_commands are:

['interface Fas 0/4', 'description connected to US-AP-4', 'switchport mode access', 'switchport access vlan 100']
['interface Fas 0/3', 'description connected to US-AP-3', 'switchport mode access', 'switchport access vlan 100']
['interface Fas 0/2', 'description connected to US-AP-2', 'switchport mode access', 'switchport access vlan 100']

Our configuration has been generated, last step we have to do is to send those commands on our switch – this is done in line 7.

As a result, let we go on our switch let we check our current configuration on these interfaces:

US-LAB-SW-01#show running-config | begin FastEthernet0/2
interface FastEthernet0/2
description connected to US-AP-2
switchport access vlan 100
switchport mode access
!
interface FastEthernet0/3
description connected to US-AP-3
switchport access vlan 100
switchport mode access
!
interface FastEthernet0/4
description connected to US-AP-4
switchport access vlan 100
switchport mode access
!

As you can see, applying some simple logic with finding device connected to our port and generating automatic configuration on these ports can be quite easy and simple. Our LAB environment is quite small, but you can imagine configuring 100 switches, to which connected are 1000 (10 per switch) Access Points. Writing some simple code can help you to automate your boring stuff.

What is more, you can use this script not only for new Access Points connections but also when you change switch or ports which are connected to APs. You can use our script to create a configuration on new Ports (and of course removing old, not needed configuration on not-used ports) instead of doing it manually!

What is more, if you have any doubts / issues / problems with your script, please do not hesitate to contact me: contact@devnetspace.com or directly piotr@devnetspace.com.

And as always, you can find full script on our GitHub: https://github.com/DevNetSpace/Articles/blob/master/cdp_interface_configuration.py

Access Point – automatic report

Do you remember when last time local IT / your colleague / HelpDesk / anyone asked you for gathering a report about some devices which are connected in your network? Do you remember all the boring stuff that you had to do? Login into 5, 10, 15… 50 devices and gathering information like IP, port number, description, device name, mac address?

Building lab environment

Every time I have to automate specific kind of a job I write down and answer project specific questions, which help me to prepare algorithm and general idea, how a new solution will work.

Of course, this list can be easily extended during algorithm preparation. A good approach is to prepare small working solution and extend it, every time you need it, by adding new functionality. Building small peaces and extracting specific functions will help in troubleshooting, reduce downtime during writing a code and of course, give a better planning and estimation of time when whole project will be finished.

Automatic interface configuration

For all of us entering same commands / text into CLI becomes boring after some time. Do you remember your fascination when you created a VLAN 10, connected two switches together and they pinged each other? Yes, probably for most of us were very enthusiastic that time. But after some time copying same command, creating same VLANs can become a little bit boring. What can we do to make it faster, better and less prone to mistakes?