[CLI Tip]: How to make a brief squeeze-review of running-config
Often you get a piece of iron in your hands, you need to evaluate how it is finished. At the same time, the size of the running config can be huge (say, a full dump of the controller config from my labs in this example, 21KB ~ = 29 pages). For a first look, I want to see which sections of the config are present. The Motorola Solutions WING5 (WLAN) platform is taken as an example, but, in principle, it will work on any piece of hardware where the " | include " construction supports regexp (Cisco, Motorola WING4, other IOS-like interfaces).
We write:
We get:
For the WING5 platform, this command is highly relevant, since the controller holds the master configuration for the entire network (and there may be hundreds, if not thousands of sections for profiles / policies / devices / services and even other controllers) - to dig into the full dump of the running config is unrealistic. <IMHO> In general, how abruptly the structure and synchronization of the config is implemented in WING5 (distributed network), and how the CLI for mass configuration / administration and troubleshooting can be written separately is a separate cycle of articles (such as running centralized packet collection from all points remote site with a single line command). Now I don’t want to go back to the third generation networks. </ Imho>
For hardware with a “stand-alone” config (switches, routers), the command can show all ACLs, route maps, VPNs and other sections of the config, which is also convenient.
show run ... | include <regexp> shows only the lines in which regexp occurs.
')
The structure of the config (the output of the “pure” show run) looks like this (note the indents):
We only need section headers - lines with no indentation. Accordingly, we need all the lines that do not begin with a space. But there are still comments and section separators in the form of exclamation marks - we do not need them either. It turns out that regexp should look like “strings that do not begin with a space or exclamation mark”.
We use the construct ' [ <XYZ> ] ', which matches any character enclosed in square brackets. [! ] will give us a “space or wax sign”, [^! ] will give us a "no space and not a voskl sign." Add ' ^ <X>' (“string starts with X”): ^ [^! ] = "The string starts with any character except a space or exclamation mark".
However, knowing that the section name is always a letter - you can simplify the regexp and save yourself a few seconds treading on the keyboard: ^ \\ w . ' \ w ' means “any letter” (uppercase and lowercase), another backslash is needed to escape backslash in ' \ w ' - we get ' \ \ w'. Add “beginning of line” - ' ^ \\ w'. It turns out "show me the lines that start with the letter."
PS Two pages of text to describe one line ... o_O What do you think, could one have managed to do without losses with one or two lines?
We write:
RFS-ADSP>sh run | include ^\\w We get:
version 2.1 ip access-list BROADCAST-MULTICAST-CONTROL ip access-list fw-acl-full ip access-list fw-acl-limited ip access-list fw-acl-verylimited mac access-list 12-block-mint mac access-list PERMIT-ARP-AND-IPv4 mac access-list l2-block-mint firewall-policy default firewall-policy lab-fw-wips role-policy lab-rolepol mint-policy global-default wlan-qos-policy default radio-qos-policy default aaa-policy lab-aaapol captive-portal lab-hotspot wlan ADSP-TRG wlan team6-eap wlan team6-hotspot wlan team6-psk1 wlan team6-psk2 smart-rf-policy lab-smartrf wips-policy lab-wips-basic advanced-wips-policy lab-wips-adv auto-provisioning-policy lab-autopolicy radius-group radgroup-fullusers radius-group radgrp-hotspot radius-user-pool-policy lab-radpool radius-server-policy lab-radius dhcp-server-policy ADSPLAB dhcp-server-policy RFS2 management-policy default management-policy lab-mgmt l2tpv3 policy default profile rfs4000 default-rfs4000 profile rfs4000 lab-rfs4000 profile ap71xx lab-7131 profile ap650 default-ap650 profile ap650 lab-ap650 profile ap6521 lab-6521 profile ap621 lab-621 rf-domain default rf-domain lab-rfdomain rfs4000 5C-0E-8B-1B-9B-44 ap650 5C-0E-8B-98-C5-44 ap6521 5C-0E-8B-E8-31-68 ap621 5C-0E-8B-97-C2-48 ap621 5C-0E-8B-97-DA-AA end For the WING5 platform, this command is highly relevant, since the controller holds the master configuration for the entire network (and there may be hundreds, if not thousands of sections for profiles / policies / devices / services and even other controllers) - to dig into the full dump of the running config is unrealistic. <IMHO> In general, how abruptly the structure and synchronization of the config is implemented in WING5 (distributed network), and how the CLI for mass configuration / administration and troubleshooting can be written separately is a separate cycle of articles (such as running centralized packet collection from all points remote site with a single line command). Now I don’t want to go back to the third generation networks. </ Imho>
For hardware with a “stand-alone” config (switches, routers), the command can show all ACLs, route maps, VPNs and other sections of the config, which is also convenient.
Parsing regexp (just in case gurus can skip)
show run ... | include <regexp> shows only the lines in which regexp occurs.
')
The structure of the config (the output of the “pure” show run) looks like this (note the indents):
! <> <> ! < X> <> <> .. ! < Y> <> <> .. ! ... ! <> We only need section headers - lines with no indentation. Accordingly, we need all the lines that do not begin with a space. But there are still comments and section separators in the form of exclamation marks - we do not need them either. It turns out that regexp should look like “strings that do not begin with a space or exclamation mark”.
We use the construct ' [ <XYZ> ] ', which matches any character enclosed in square brackets. [! ] will give us a “space or wax sign”, [^! ] will give us a "no space and not a voskl sign." Add ' ^ <X>' (“string starts with X”): ^ [^! ] = "The string starts with any character except a space or exclamation mark".
However, knowing that the section name is always a letter - you can simplify the regexp and save yourself a few seconds treading on the keyboard: ^ \\ w . ' \ w ' means “any letter” (uppercase and lowercase), another backslash is needed to escape backslash in ' \ w ' - we get ' \ \ w'. Add “beginning of line” - ' ^ \\ w'. It turns out "show me the lines that start with the letter."
PS Two pages of text to describe one line ... o_O What do you think, could one have managed to do without losses with one or two lines?
Source: https://habr.com/ru/post/148516/
All Articles