Executing CISCO IOS Commands Via Perlscript?

Unanswered Question
Dec 15th, 2009

Hello There,

Essentially I'm familair with Cisco IOS and looking to integrate commands submitted via telnet using Perlscript with a variable.

eg iproute.pl -0

iproute.pl -1

iproute.pl -2

Variables Are:

-0

config t

ip route 192.168.1.209 255.255.255.255 131.X.X.109

-1

config t

ip route 192.168.1.209 255.255.255.255 131.X.X.107

-2

config t

ip route 192.168.1.209 255.255.255.255 131.X.X.109

This script will also need to login to the router first, to simplify explanation here is an example:

  1. script iproute.pl -1
  2. telnet opens to 192.168.1.1
  3. telnet submits username + password
  4. telnet enters ios command and arguments
  5. Quit

Any Ideas? Also it doesn't have to be perlscript, it's just preferable.  It can be another form of scripting.

Thanks,

Jesse Moore

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Jon Marshall Tue, 12/15/2009 - 04:41

jessemoore wrote:

Hello There,

Essentially I'm familair with Cisco IOS and looking to integrate commands submitted via telnet using Perlscript with a variable.

eg iproute.pl -0

iproute.pl -1

iproute.pl -2

Variables Are:

-0

config t

ip route 192.168.1.209 255.255.255.255 131.X.X.109

-1

config t

ip route 192.168.1.209 255.255.255.255 131.X.X.107

-2

config t

ip route 192.168.1.209 255.255.255.255 131.X.X.109

This script will also need to login to the router first, to simplify explanation here is an example:

  1. script iproute.pl -1
  2. telnet opens to 192.168.1.1
  3. telnet submits username + password
  4. telnet enters ios command and arguments
  5. Quit

Any Ideas? Also it doesn't have to be perlscript, it's just preferable.  It can be another form of scripting.

Thanks,

Jesse Moore

Jesse

The 2 approaches i have used before are

1) Expect which is an extension of TCL. Expect allows you to send commands to a device and then based on the result do different things ie. if you sent a command but it didn't work then you might want to take different action than if it did work.

If you have a look on sourceforge.net there are a number of Expect scripts that would do most of the hardwork for you ie. logging in, verfiying username/password etc..

2) Perl - i have used both the Expect.pm module which is a Perl version of Expect. However if you are looking to use Perl i suggest you use Net::Telnet::Cisco which is an extension of the Net::Telnet module which again simplifies the logging on etc. to the device.

Net::Telnet::Cisco is probably the easiest one to use as Expect can be a bit of a learning curve.

Edit - you may also want to look at EEM (Embedded Event Manager) which is available on later IOS versions. This allows you to load scripts onto the router and then if something happens that you are tracking eg. an interface goes down, the script will then execute so you could enter another route etc. EEM uses TCL as it's programming language and is supported by Cisco. A quick search on EEM on the Cisco site will bring up the relevant information.

Jon

jessemoore Tue, 12/15/2009 - 04:47

Hello Jon,

Thank you for the swift reply, much appreciated.........

I've cobbled this together, does this seem right to you? I am a bit of a perl novice but know enough to get by on msot things. Using perl to telnet commands a new one to me.......

$-0 = $ARGV[0];
$-1 = $ARGV[1];
$-2 = $ARGV[2];

;host = hostname of router
;login = 'user', 'password

$ARGV[0]
#! c:/perl/bin/perl.exe -slw
use strict;

use Net::Telnet();
use Net::Telnet::Cisco;

my $session = Net::Telnet::Cisco->new(Host => 'router');
$session->login('root', 'password');
config t
ip route 192.168.1.209 255.255.255.255 131.X.X.109
quit


$ARGV[1]
#! c:/perl/bin/perl.exe -slw
use strict;

use Net::Telnet();
use Net::Telnet::Cisco;

my $session = Net::Telnet::Cisco->new(Host => 'router');
$session->login('root', 'secret');
config t
ip route 192.168.1.209 255.255.255.255 131.X.X.107
quit


$ARGV[2];
#! c:/perl/bin/perl.exe -slw
use strict;

use Net::Telnet();
use Net::Telnet::Cisco;

my $session = Net::Telnet::Cisco->new(Host => 'router');
$session->login('root', 'secret');
config t
ip route 192.168.1.209 255.255.255.255 131.X.X.106
quit

Does that seem right to you?

Kind Regards,

Jesse Moore

Jon Marshall Tue, 12/15/2009 - 04:56

jessemoore wrote:

Hello Jon,

Thank you for the swift reply, much appreciated.........

I've cobbled this together, does this seem right to you? I am a bit of a perl novice but know enough to get by on msot things. Using perl to telnet commands a new one to me.......

$-0 = $ARGV[0];
$-1 = $ARGV[1];
$-2 = $ARGV[2];

;host = hostname of router
;login = 'user', 'password

$ARGV[0]
#! c:/perl/bin/perl.exe -slw
use strict;

use Net::Telnet();
use Net::Telnet::Cisco;

my $session = Net::Telnet::Cisco->new(Host => 'router');
$session->login('root', 'password');
config t
ip route 192.168.1.209 255.255.255.255 131.X.X.109
quit


$ARGV[1]
#! c:/perl/bin/perl.exe -slw
use strict;

use Net::Telnet();
use Net::Telnet::Cisco;

my $session = Net::Telnet::Cisco->new(Host => 'router');
$session->login('root', 'secret');
config t
ip route 192.168.1.209 255.255.255.255 131.X.X.107
quit


$ARGV[2];
#! c:/perl/bin/perl.exe -slw
use strict;

use Net::Telnet();
use Net::Telnet::Cisco;

my $session = Net::Telnet::Cisco->new(Host => 'router');
$session->login('root', 'secret');
config t
ip route 192.168.1.209 255.255.255.255 131.X.X.106
quit

Does that seem right to you?

Kind Regards,

Jesse Moore

Jesse

It's been a while since i did Perl but a couple of things -

1) Use a separate file for the username/password and make sure that file is only readable by you. If you ever need to print off the script or share it, the last thing you want are the router logon credentials in clear text.

2) From memory when you create a new session ie.

my $session = Net::Telnet::Cisco->new(Host => 'router');

you then need to use that object for all subsequent interactions. So you use it correctly here -

$session->login('root', 'secret');

but then you just enter IOS commands which i don't think you can do. You would need to do for example

$session->enable("password");

$session->cmd("command string");

etc.

Note the syntax above may need modifying, like i say it's been a while.

The best thing to do is read the man page that comes with the Net::Telnet::Cisco module which has some example in it as to how to login, go ot enable mode and then execute commands.

Also note, that in the above unless when you login you go straight to enable mode then you are missing a step ie. you login then enter config t but you haven't gone into enable mode. This is where these things shine ie. after each command you can check the return value to see if it worked or not, or in the case of Expect you can check the IOS output. So you would see that you had missed a step.

It can be quite time consuming at first but once you have worked out the basics you then have a template you can use time and again.

Jon

jessemoore Tue, 12/15/2009 - 08:34

Hello Jon,

Thank you for the advise, it now goes something like this.......

$-0 = $ARGV[0];
$-1 = $ARGV[1];
$-2 = $ARGV[2];

$ARGV[0];
use Net::Telnet::Cisco;

  my $session = Net::Telnet::Cisco->new(Host => '192.168.1.1');
  $session->login('root', 'password');

  # Enable mode
  if ($session->enable("enable_password") ) {
      @output = $session->cmd('show privilege');
      print "My privileges: @output\n";
  } else {
      warn "Can't enable: " . $session->errmsg;
  }

  # Issue Routing Change
my @output = $session->cmd('config t');
my @output = $session->cmd('ip route 192.168.1.209 255.255.255.255 131.X.X.109');
my @output = $session->cmd('');
  print @output;
$session->close;


$ARGV[1];
use Net::Telnet::Cisco;

  my $session = Net::Telnet::Cisco->new(Host => '192.168.1.1');
  $session->login('root', 'password');

  # Enable mode
  if ($session->enable("enable_password") ) {
      @output = $session->cmd('show privilege');
      print "My privileges: @output\n";
  } else {
      warn "Can't enable: " . $session->errmsg;
  }

  # Issue Routing Change
my @output = $session->cmd('config t');
my @output = $session->cmd('ip route 192.168.1.209 255.255.255.255 131.X.X.107');
  print @output;
$session->close;


$ARGV[2];
use Net::Telnet::Cisco;

  my $session = Net::Telnet::Cisco->new(Host => '192.168.1.1');
  $session->login('root', 'password');

  # Enable mode
  if ($session->enable("enable_password") ) {
      @output = $session->cmd('show privilege');
      print "My privileges: @output\n";
  } else {
      warn "Can't enable: " . $session->errmsg;
  }

  # Issue Routing Change
my @output = $session->cmd('config t');
my @output = $session->cmd('ip route 192.168.1.209 255.255.255.255 131.X.X.106');
  print @output;
$session->close;

I'll test tomorrow on a 2600 Series and see how it goes.

Cheers,

Jesse Moore

Actions

This Discussion