Reply
Highlighted
Accepted Solution

Mass VLAN Change

Expert
Posts: 23
7576     0

So we are migrating from Microsoft to Infoblox DHCP this weekend.  We ahve about 40 vlans that we have to change, that removes the relay addresses from each vlan and then add the Infoblox relay address.  Equipment are Nexus 5Ks running NX-OS.  I am really struggling with creating a script that will go in, find all the vlans that meet a certrain criteria and then remove the domain controllers IPs and add Infoblox.  So far, the biggest issue that I am running into is the variables and triggers.  Any help would be greatly appreciated.

 

Script-Filter:
	$Vendor = "Cisco" and $sysdescr like /NX-OS/

########################

Action:
	DHCP_VLAN

Action-Description:
	Show the current DHCP configurations and pass the information to an input trigger to remove Domain Controllers and add Infoblox.

Action-Commands:
	show run int vlan1101-1334

Output-Triggers:

	dhcp_check

########################

Trigger:
	dhcp_check

Trigger-Description:
	Output of the dhcp configuration.

Trigger-Variables:
	$dhcp ipaddress
	$vlan /([0-4]|[0-4][0-4]|[0-5])/

Trigger-Template:
	ip dhcp relay address [[$dhcp]]
	vlan

Trigger-Commands: {$dhcp = "10.1.20.98"}

	set:$hasdhcp1="yes"

Trigger-Commands: {$dhcp = "10.1.20.99"}

	set:$hasdhcp2="yes"

Trigger-Commands: {$dhcp != "10.1.20.98" and $dhcp != "10.1.20.99"}

	set:$ms-dhcp="yes"

#############################

Action:
	removedhcp

Action-Description:
	Remove Domain Controller relay addresses.

Action-Filter:
	$ms-dhcp = "yes"

Action-Commands:
	conf t
	DEBUG:no ip dhcp relay address $dhcp
	set:$conft = "yes"

#############################

Action:
	Update DHCP configuration.

Action-Description:
	Add Infoblox dhcp servers and remove Domain Controller IPs.

Action-Commands: {$conft != "yes"}
	set:$conft = "yes"
	conf t

Action-Commands: {$hasdhcp1 != "yes"}
	DEBUG:ip dhcp relay address 10.1.20.149


Action-Commands: {$hasdhcp2 != "yes"}
	DEBUG:dhcp relay address 10.1.20.150

Action-Commands:
	exit

Re: Mass VLAN Change

[ Edited ]
Adviser
Posts: 414
7577     0

Can you post what the output of this command looks like please 

	show run int vlan1101-1334

 

Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

Re: Mass VLAN Change

DBotham
Techie
Posts: 11
7577     0

 

@sif should be able to help you with the script.

 

I would also recomment adding the new helpers in advance of the go live, and make sure that the DHCP data in Infoblox is disable (at the network or member level).  To go live, stop and disable the legacy DHCP and then start Infoblox DHCP (or enbable the networks).  To roll back, use the opposite.  If you pre-populate your helpers, you can go live in 2 steps and roll back in 2 steps. 

 

david

Re: Mass VLAN Change

Expert
Posts: 23
7577     0

We already did a POC for one of our floors with an Engineer and running DHCP currently.  We are also mass importing the rest of the zones Friday.

 

I am not allowed to make changes on this switch till Friday night due to change control requirements, so I was trying to go ahead and get the scripted out for that night.

Re: Mass VLAN Change

Expert
Posts: 23
7577     0

This is just a snippet of the result, but it basically shows the running config for all the vlans in that range.  I need to remove the two relay addresses and add Infoblox.

 

interface Vlan1101
  description FLR1A DATA
  no shutdown
  ip address 10.101.0.2/21
  hsrp version 2
  hsrp 1101
    preempt
    priority 255
    ip 10.101.0.1
  ip dhcp relay address 10.1.1.2
  ip dhcp relay address 10.1.1.1

interface Vlan1102
  description FLR2A DATA
  no shutdown
  ip address 10.102.0.2/21
  hsrp version 2
  hsrp 1102
    preempt
    priority 255
    ip 10.102.0.1
  ip dhcp relay address 10.1.1.2
  ip dhcp relay address 10.1.1.1

interface Vlan1103
  description FLR3A DATA
  no shutdown
  ip address 10.103.0.2/21
  hsrp version 2
  hsrp 1103
    preempt
    priority 255
    ip 10.103.0.1
  ip dhcp relay address 10.1.1.2
  ip dhcp relay address 10.1.1.1

Re: Mass VLAN Change

[ Edited ]
Adviser
Posts: 414
7577     0

This will allow you to add it to the list of Helpers, I added it with DEBUG so you can test it an make sure it works

DEBUG allows you to run the script with out making changes.

 

Sif

 

Script-Filter:
$Vendor = "Cisco" and $sysdescr like /NX-OS/

########################

Action:
DHCP_VLAN

Action-Commands:
SET: $UpdateMade = "no"
show run int vlan1101-1334

Output-Triggers:

dhcp_check

########################

Trigger:
dhcp_check

Trigger-Description:
Output of the dhcp configuration.

Trigger-Variables:
$dhcp ipaddress
$vlan /\d{4}/

Trigger-Template:
interface Vlan[[$vlan]]
ip dhcp relay address [[$dhcp]]

Trigger-Commands:{$UpdateMade eq "no"}
DEBUG:config t
SET: $UpdateMade = "yes"

Trigger-Commands:{$UpdateMade eq "yes"}
DEBUG:interface $intName
DEBUG:ip dhcp relay address 10.10.10.1
DEBUG:ip dhcp relay address 10.10.10.2

#############################

Action:
Save

Action-Commands:{$UpdateMade eq "yes"}
DEBUG:end
DEBUG:copy run start \r\r

 

Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

Re: Mass VLAN Change

[ Edited ]
Expert
Posts: 23
7577     0

I am getting the following errors:

 

script_error.PNG

 

 

Re: Mass VLAN Change

[ Edited ]
Adviser
Posts: 414
7577     0

Modify this area:

 

Trigger-Template:
interface Vlan[[$vlan]]
 ip dhcp relay address [[$dhcp]]

 

There needs to be a space in front of ip dhcp

 

I updated the file Smiley Happy

Follow me on LinkedIn: https://www.linkedin.com/in/sifbaksh
Twitter: https://twitter.com/sifbaksh

Re: Mass VLAN Change

Expert
Posts: 23
7577     0

Yeah, still no go.

Re: Mass VLAN Change

Expert
Posts: 23
7577     0

So I have been tinkering and I almost have it work.  I created a VLAN list that has all of the Vlans.  The scripts runs pretty well, but it just won't insert the VLANs from the list.  So I am really close though.

 

However, I've been so focused on getting this script to work that I forgot that I could go into config mode and enter in vlan range mode and mass edit there.  Our VLANs are quiet straight through that range, but I can prepopulate each data, phone and AP vlans which are in ranges. 

 

However, I am determined to figure this out because it helps learn and raise awareness on it.

 

conf t
int vlan1100-1300
no ip relay address 10.1.20.98
no ip relay address 10.1.20.149



 

Capture.PNG

Script-Filter:
$Vendor = "Cisco" and $sysdescr like /NX-OS/

########################

Action:
DHCP_VLAN

Action-Commands:
SET: $UpdateMade = "no"
show run int vlan1101-1334

Output-Triggers:
dhcp_check

########################

Trigger:
dhcp_check

Trigger-Description:
Output of the dhcp configuration.

Trigger-Variables:
$dhcp ipaddress

Trigger-Template:
 ip dhcp relay address [[$dhcp]]
 ip dhcp relay address [[$dhcp]]

Trigger-Commands:{$UpdateMade eq "no"}
DEBUG:config t
SET: $UpdateMade = "yes"


Trigger-Commands:{$UpdateMade eq "yes"}
expr: $counter = $counter + 1
SET: $vlan = getListValue(5k_vlans,VLAN,$counter,end)
DEBUG:interface $vlan
DEBUG:ip dhcp relay address 10.1.20.149
DEBUG:ip dhcp relay address 10.1.20.150

#############################

Action:
Save

Action-Commands:{$UpdateMade eq "yes"}
DEBUG:end
DEBUG:copy run start \r\r

 

Re: Mass VLAN Change

Adviser
Posts: 53
7577     0

So Actions seed an internal data buffer, so to speak. Triggers are then used to process this buffer from start to finish until no more matches are found (i.e. until there are no more Trigger-Template hits). I think the issue here is that the "show run int vlan1101-1334" is seeding the buffer with multiple interfaces, some of which may have one or more ip helper addresses (what if there were 3?). Additionally, when the ip helper addresses are found, the current script doesn't have a way to correlate the "hit" back to the corresponding interface. What I'd recommend is seeding the internal data buffer via an Action that lists the interfaces, then calling a Trigger that does a show for the specific interface (this will generate another internal data buffer just for the context of *this* Trigger), and then calling another Trigger from this Trigger that pulls out the ip helper addresses. An over simplistic example follows (note, not tested, but demonstrates the concept and only focuses on the removal of the existing ip helper addresses part):

 

Action: show interfaces

Action-Commands:

   show run int vlan1101-1334

Output-Triggers:

   Process VLANS

 

#####

 

Trigger: Process VLANS

Trigger-Variables:

   $vlan string

 

# Get the current VLAN. This Trigger will be called for each Trigger-Template match in the

# output from the Action-Commands in the Action show interfaces.

 

Trigger-Template:

   interface [[$vlan]]

Trigger-Commands:

   show run int $vlan

Output-Triggers:

   Process VLAN

 

#####

 

Trigger: Process VLAN

 

Trigger-Variables:
   $dhcp ipaddress

 

# Get the current ip helper address. This Trigger will be called for each Trigger-Template match

# in the output from the Trigger-Commands in the Trigger Process VLANS.

 

 

Trigger-Template:

   ip dhcp relay address [[$dhcp]]

Trigger-Commands:

   config t

 

   # Not positive you can see $vlan here. If not, you can SET it into a variable in the Trigger

   # Process VLANS. SET variables are global.

 

   interface $vlan

   no ip dhcp relay address $dhcp

   end

 

Hope this helps!

 

Thanks,

- Chris

 

 

Showing results for 
Search instead for 
Do you mean 

Recommended for You