TCL Scripting for Cisco IOS

Petr Grygrek

2009 Petr Grygarek, Advanced Computer Networks Technolog es

Automation using TCL Scriptiong

Network mon tor ng Trou"leshoot ng tools Added ntell gence

2009 Petr Grygarek, Advanced Computer Networks Technolog es

Tool Command Language (TCL)

Invented by John K. Ousterhout,

Berkeley, 1980s Inter reted l!ngu!ge

&unt%$e !v!%l!ble "or $!ny http#$$www%tcl%tk$

2009 Petr Grygarek, Advanced Computer Networks Technolog es

su

ort "or #o$ %l!t%on %nto byte#ode

l!t"or$s

Tool Command Language (TCL)

Invented by John K. Ousterhout,

Berkeley, 1980s, http#$$www%tcl%tk$ Inter reted l!ngu!ge

Intended "or s#r%

t%ng, r! %d rototy %ng, e$bedd%ng %nto ! l%#!t%ons, #re!t%on o" G'Is ()*+,)k toolk%t&unt%$e eng%ne !v!%l!ble "or $!ny l!t"or$s
2009 Petr Grygarek, Advanced Computer Networks Technolog es "

su

ort "or #o$ %l!t%on %nto byte#ode

(taken from http://en.wikipedia.org/wiki/Tcl)

TCL Basic Features

Pre"%. #o$$!nd not!t%on /o d!t! ty

es

v!r%!ble nu$ber o" !rgu$ents !ll v!lues tre!ted !s str%ngs

0veryth%ng #!n be dyn!$%#!lly rede"%ned

!nd overr%den Ob1e#t2or%ented e.tens%ons !re !v!%l!ble 3!ny e.tens%on l%br!r%es 4ere develo ed
2009 Petr Grygarek, Advanced Computer Networks Technolog es #

IOS Policies

)*+ 7#r%

se6uen#es o" IO7 #o$$!nds 7tored %n dev%#e8s runn%ng #on"%g Progr!$s %n )*+ 7tored on 9+57: or e.tern!l stor!ge
ts

lets

Pol%#%es !re subs#r%bed 4%th 0$bedded

0vent 3!n!ger (003- to be !#t%v!ted 4hen s e#%"%# event(s- o##ur(s-

)hey !lso #!n be !#t%v!ted $!nu!lly

2009 Petr Grygarek, Advanced Computer Networks Technolog es

;ete#ts %nterest%ng events )r%ggers s

us%ng 0vent ;ete#tors

Em edded E!ent "anager

e#%"%# ol%#y b!sed 4hen ! s e#%"%# event (or #o$b%n!t%on o" events- o##urs

2009 Petr Grygarek, Advanced Computer Networks Technolog es

E!ent #etectors

3on%tor 7< !nd :< #o$

s e#%"%# events 0.!$ les o" event dete#tors=

onents "or

*+I, )%$er 7yslog Ob1e#t )r!#k%ng %nter"!#e st!te #h!nge dete#tor %nsert%on,re$ov!l o" $odule dete#tor ...
2009 Petr Grygarek, Advanced Computer Networks Technolog es

&

$ow to E%ecute TCL &cript from Cisco '(&

t#lsh "l!sh0=$y7#r% t.t#l )*+ %nter!#t%ve shell $ode= t#lsh

!re !ssed to IO7 *+I

're#ogn%>ed (%.e. non2)*+- #o$$!nds

2009 Petr Grygarek, Advanced Computer Networks Technolog es

Basic TCL Commands and &tructures

2009 Petr Grygarek, Advanced Computer Networks Technolog es

'0

%n"o #o$$!nds %n"o e.%sts ?v!r/!$e@ %n"o !rgs ? ro#/!$e@ %n"o body ? ro#/!$e@ %n"o glob!ls %n"o v!rs

)etting $elp

*o$$!nd ty ed 4%th 4rong !rgu$ent(s$!ke t#lsh to d%s l!y us!ge hel A th%s %s ! #o$$ent
2009 Petr Grygarek, Advanced Computer Networks Technolog es ''

*ssignments+ E%pressions+ #ispla,ing (utputs

set . 1 uts B. set . Ce. r B.D1E uts B. %n#r . 210 set set set 1 ko#our F $our G HB 1 B FH 2@ ko#our $our

2009 Petr Grygarek, Advanced Computer Networks Technolog es

'2

-printf.like/ (utput Formatting

set ! 1 set s ko#our set " C"or$!t H%nt= Id, str%ng= IsH B! BsE f now contains int: 1, string: kocour Text in [] is replaced with result of executed TCL code contained in block

2009 Petr Grygarek, Advanced Computer Networks Technolog es

'!

E%pr command

0.!$

set r Ce.

les=
r Jr!nd(-KE &' (loat )0,!*

2009 Petr Grygarek, Advanced Computer Networks Technolog es

'"

5rr!y %s tre!ted !s set o" !sso#%!ted

no s !#e re2!llo#!t%on keys o" !ny ty e

*rra,s

!%rs

set !(1- 10 set !(dog- Leryk uts B!(1- 2@ 10 uts B!(dog- 2@ Leryk uts B!(F- 2@ #!n8t re!d H!(F-H= no su#h ele$ent %n !rr!y !rr!y set ! Mko#our $our nu$ber FN uts B!(ko#our- 2@ $our uts B!(nu$ber- 2@ F
2009 Petr Grygarek, Advanced Computer Networks Technolog es '#

*rra, Functions

unset !(1unset !

deletes one !sso#%!t%on "ro$ ! destroys the 4hole !rr!y

set !(1- 10 set !(F- F0 !rr!y get ! 2@ 1 10 F F0 !rr!y get ! 1 2@ 1 10 !rr!y s%>e ! 2@ F !rr!y n!$es ! 2@ ! 2

2009 Petr Grygarek, Advanced Computer Networks Technolog es

'$

&trings

str%ng ?o

e.g. str%ng "%rst MneedleN Bh!y

er!t%on@ ?!rgu$ent(s-O

h!y J!! bb ## bb ddK str%ng "%rst bb Bh!y 2@ G

2009 Petr Grygarek, Advanced Computer Networks Technolog es

'%

Lists

+%st %s ! str%ng #ons%st%ng o" v!lues

se !r!ted by 4h%tes !#es. +%st $!n% ul!t%on "un#t%ons=

+length, l! end, l%nsert, lre l%nde., lse!r#h, lsort

l!#e, lr!nge

2009 Petr Grygarek, Advanced Computer Networks Technolog es

'&

Loops and 'terators

"or Jset % 0K JB%?10K J%n#r %K J puts + K set % 0 4h%le JB% ? 10K J uts B%P %n#r % K set lst J1 F G Q R S T 8 9K "ore!#h J!1 !F !GK Blst J uts N!1UB!1, !FUB!F, !GUB!GN K !1U1,!FUF,!GUG !1UQ,!FUR,!GUS !1UT,!FU8,!GU9
2009 Petr Grygarek, Advanced Computer Networks Technolog es '9

Conditional E%ecution
set . 1 %" JB. ? 10K J uts +077 K else J uts G&05)0& K 2@ +077

2009 Petr Grygarek, Advanced Computer Networks Technolog es

20

0rocedures
ro# $y ro# J 1 FK J set res Ce. r B 1DB FE return Bres K set su$ C$y ro# 10 F0E

2009 Petr Grygarek, Advanced Computer Networks Technolog es

2'

Files
set "d Co en "l!sh=".t.t 4E uts B"d ko#our uts B"d $our #lose B"d &outerA $ore "l!sh=".t.t set "d Co en "l!sh=".t.t rE 4h%le J Cgets B"d l%neE @ 0 K J uts Bl%ne K #lose B"d tell B"d, seek B"d ? os@ "%le ?o er!t%on@ ?!rgu$ent(s-@ e.g. "%le delete "l!sh=".t.t
2009 Petr Grygarek, Advanced Computer Networks Technolog es

22

sample.tcl: uts HVnH

$andling &cript *rguments

uts H5rgu$ent #ount= B!rg#H uts H5rgv0= B!rgv0H uts H5rgv= B!rgvH uts HInd%v%du!l !rgu$ents=H "ore!#h J%terW!rK B!rgv J uts B%terW!r K router At#lsh htt =,,10.0.0.F,s!$ le.t#l !!! bbb ### 2@ 5rgu$ent #ount= G 5rgv0= htt =,,10.0.0.F,ko#our.t#l 5rgv= !!! bbb ### Ind%v%du!l !rgu$ents= !!! bbb ###
2009 Petr Grygarek, Advanced Computer Networks Technolog es 2!

'nteractions etween TCL 0olicies and '(& CL'

2009 Petr Grygarek, Advanced Computer Networks Technolog es

2"

1unning TCL &cripts

9ro$ )*+ shell

router(t#l-Asour#e "l!sh=$ysr#.t#l router(t#l-Asour#e htt =,,10.0.0.F,ko#our.t#l

Msour#eN )*+ #o$$!nd

9ro$ IO7 e.e# $ode

routerAt#lsh htt =,,10.0.0.F,ko#our.t#l !rgs

Mt#lshN #o$$!nd "ollo4ed by s#r%

t n!$e

5rgu$ents #!nnot be

us%ng sour#e #o$$!nd 3ult% le s#r% ts $!y run %n !r!llel.

2009 Petr Grygarek, Advanced Computer Networks Technolog es

!ssed to s#r% t

2#

E%ec "ode Commands

logXuser 0,1 2
disables enables displa!ing of CL" co##ands outputs set #l%Out ut Ce.e# Hsh % %nter"!#e br%e"HE Y works both in interacti$e TCL shell and TCL scripts

2009 Petr Grygarek, Advanced Computer Networks Technolog es

2$

Config "ode Commands (TCL &hell)

%osX#on"%g Hhostn!$e 3Z/530H %osX#on"%g Hrouter r% H Hnet4ork 10.0.0.0H HendH

It %s

re#o$$ended to e.%t "ro$ )*+ shell "or the #on"%gur!t%on #h!nges to t!ke e""e#t 5l4!ys end the #on"%gur!t%on #o$$!nds 4%th end to !vo%d lo#k%ng
2009 Petr Grygarek, Advanced Computer Networks Technolog es 2%

9;2style "un#t%ons #l%Xo en, #l%X4r%te, <ork %n )*+ s#r%

Config "ode Commands (EE" TCL 0olicies)

#l%Xe.e# U #l%X4r%te D #l%Xre!d
#l%Xre!d, #l%Xe.e#

ts, /O) %n %nter!#t%ve )*+ shell. On the other h!nd, %osX#on"%g does /O) 4ork %n )*+ s#r% ts (O-

2009 Petr Grygarek, Advanced Computer Networks Technolog es

2&

#ealing with 'nteracti!e Commands

&outer(t#l-Aty e!he!d VnVnVn &outer(t#l-Ae.e# H#o y run "l!sh=...H ;oes not 4ork %n )*+ 7hell %nter!#t%ve $ode 5ltern!t%ve= "%le ro$ t 6u%et IO7 #o$!nd

2009 Petr Grygarek, Advanced Computer Networks Technolog es

29

0olic, 1egistration with EE"

0%ther !

let or )*+ s#r% t $!y be reg%stered to be !#t%v!ted 4hen !n event %s dete#ted e#%"%#!t%on o" the event to tr%gger the ol%#y %s de"%ned !t the beg%nn%ng o" ol%#y8s )*+ s#r% t=

event $!n!ger d%re#tory user ol%#y "l!sh=,s#r% ts event $!n!ger ol%#y $y7#r% t.t#l

==#%s#o==ee$==eventXreg%sterXt%$er #ron n!$e

$y*ron1 #ronXentry H02R9 02FG [ [ 02TH
2009 Petr Grygarek, Advanced Computer Networks Technolog es

!0

Checking 1egistered 0olicies

sho4 event $!n!ger

Cuser \ syste$E sho4 event $!n!ger ol%#y reg%stered sh event $!n!ger h%story event

ol%#y !v!%l!ble

003 ol%#%es h!ve to be stored on so$e lo#!l "%lesyste$ to ensure the%r !v!%l!b%l%ty reg!rdless o" the #urrent st!te o" the #onne#t%v%ty to !ny e.tern!l stor!ge server.

2009 Petr Grygarek, Advanced Computer Networks Technolog es

!'

"anual 0olic, Launching

event $!n!ger run $y7#r%

only !

t.t#l

l%#!ble "or ol%#%es reg%stered 4%th none event

2009 Petr Grygarek, Advanced Computer Networks Technolog es

!2

&outer(#on"%g-Aevent $!n!ger

&pecification of 0olic,2s En!ironment

env%ron$ent $yW!r%!ble $yW!lue &outer(#on"%g-Aevent $!n!ger sess%on #l% usern!$e ko#our sh event $!n!ger sess%on #l% usern!$e

2009 Petr Grygarek, Advanced Computer Networks Technolog es

!!

E%ample 0olic, (launched manuall,)

==#%s#o==ee$==eventXreg%sterXnone n!$es !#e %$ ort ==#%s#o==ee$==[ n!$es !#e %$ ort ==#%s#o==l%b==[ !rr!y set #l%#onn C #l%Xo en E uts B#l%#onn #l%Xe.e# B#l%#onn("d- Hhostn!$e *:5/G0;2/530H #l%X#lose B#l%#onn("d 2009 Petr Grygarek, Advanced Computer Networks Technolog es !"

EE" *pplets

;e"%n%t%on #ons%sts o"

! let
003 vers%ons

0vents to be dete#ted to tr%gger the

!v!%l!ble events $!y v!ry 4%th d%""erent IO7,

7e6uen#e o" IO7 #o$$!nds to be

e.e#uted
t!gs

7orted le.%#ogr!

h%#!lly !##ord%ng to l%ne

2009 Petr Grygarek, Advanced Computer Networks Technolog es

!#

"ost 'nteresting &upported Features (3) &e!#t%on to #o$ os%te events &e!#t%ng to %nter"!#e st!tus #h!nge Pro#ess%ng o" &IB #h!nge events &e!#t%ng to IO7 ob1e#t st!tus #h!nge 0nh!n#ed Ob1e#t )r!#k%ng &e!#t%ng to 7yslog $ess!ges &e!#t%ng to %n#re!sed resour#e ut%l%>!t%on (*P',
$e$ory, ... Integr!t%on 4%th 7+5 $on%tor%ng )%$ers ] *ounters events
2009 Petr Grygarek, Advanced Computer Networks Technolog es

!$

"ost 'nteresting &upported Features (4) 7o#kets +%br!ry 7/3P +%br!ry (outgo%ng,%n#o$%ng $ess!ges 73)P +%br!ry Integr!t%on 4%th /et"lo4 *+I l%br!ry ] events %ssu%ng IO7 e.e# !nd #on"%g #o$$!nds %nter#e t%on o" #o$$!nd h!ndl%ng ro#ess #re!t%on o" user #o$$!nds !nd,or e.tend%ng
#o$$!nd !r!$eters

2009 Petr Grygarek, Advanced Computer Networks Technolog es

!%

"ost 'nteresting &upported Features (5) 3ess!g%ng bet4een

ol%#%es runn%ng %n !r!llel, ol%#y syn#hron%>!t%on Pol%#y r%or%>!t%on

Pers%stent stor!ge to kee

$ult%

le s#hedul%ng 6ueues, n%#e, ...

bet4een runs &e$ote Pro#edure *!ll (&P* ^3+2PI )*+ s#r% ts debugg%ng su ort

s#r% t8s %ntern!l st!te

2009 Petr Grygarek, Advanced Computer Networks Technolog es

!&

1eferences

7u$$!r%>ed !t

htt =,,4h.#s.vsb.#>,s s,%nde.. h ,)*+ Xs#r% t%ngXonX*%s#oXIO7

2009 Petr Grygarek, Advanced Computer Networks Technolog es

!9