API tools faq
paste
Guest User

Untitled

a guest
Feb 14th, 2019
137
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.85 KB | None | 0 0
raw download clone embed print report
  1. # Using non-standard SSH port for IOS router
  2. Verify Ansible playbook using non-standard SSH port to an IOS router.
  3. ## Configure the router
  4.  
  5. ```
  6. csr1000v-1#config t
  7.  
  8. ip ssh port 2222 rotary 1
  9.  
  10. line vty 0 4
  11. login local
  12. rotary 1
  13.  
  14. exit
  15. ```
  16.  
  17. ## Enable debug
  18.  
  19. Verify the control host is using port 2222
  20.  
  21. ```
  22. csr1000v-1#debug ip tcp transactions port 2222
  23. ```
  24.  
  25. ## Configure Ansible inventory
  26. Create a group or host with the following configuration:
  27.  
  28. ```
  29. sshport2222:
  30. hosts:
  31. csr1000v-1.sandbox.wwtatc.local: {}
  32. vars:
  33. ansible_connection: network_cli
  34. ansible_network_os: ios
  35. ansible_become: yes
  36. ansible_become_method: enable
  37. ansible_ssh_user: admin
  38. ansible_port: 2222
  39. ```
  40.  
  41. ## Run a playbook
  42. ```yaml
  43. #!/usr/bin/ansible-playbook
  44. ---
  45. # Copyright (c) 2019 World Wide Technology, Inc.
  46. # All rights reserved.
  47. #
  48. # author: @joelwking
  49. #
  50. # Use connection method network_cli
  51. #
  52. - name: Test using ssh port other than 22
  53. hosts: sshport2222
  54. gather_facts: no
  55.  
  56. vars_files:
  57. - "{{ playbook_dir }}/passwords.yml"
  58. vars:
  59. ansible_ssh_pass: "{{ ios.password }}"
  60.  
  61. tasks:
  62. - name: Using the IOS module
  63. ios_facts:
  64. authorize: no
  65. gather_subset: all
  66.  
  67. - debug:
  68. msg: "{{item.key}} {{item.value.type}} {{item.value.description}} {{item.value.lineprotocol}}/{{item.value.operstatus}}"
  69. with_dict: "{{ansible_net_interfaces}}"
  70.  
  71. ```
  72. ## Playbook output
  73. ```
  74. $ ./ios_gather_facts.yml
  75.  
  76. PLAY [Test using ssh port other than 22] ************************************************************************************************
  77.  
  78. TASK [Using the IOS module] ****************************************************************************************************
  79. ok: [csr1000v-1.sandbox.wwtatc.local]
  80.  
  81. TASK [debug] *******************************************************************************************************************
  82. ok: [csr1000v-1.sandbox.wwtatc.local] => (item={'value': {u'macaddress': u'0050.56b9.b798', u'lineprotocol': u'up ', u'description': None, u'duplex': u'Full', u'mediatype': u'RJ45', u'mtu': 1500, u'operstatus': u'up', u'bandwidth': 1000000, u'ipv4': [{u'subnet': u'24', u'address': u'10.255.40.49'}], u'type': u'CSR vNIC'}, 'key': u'GigabitEthernet1'}) => {}
  83.  
  84. MSG:
  85.  
  86. GigabitEthernet1 CSR vNIC up /up
  87.  
  88. ok: [csr1000v-1.sandbox.wwtatc.local] => (item={'value': {u'macaddress': u'0050.56b9.acf0', u'lineprotocol': u'up ', u'description': u'TEST-NET-2::OUTSIDE', u'duplex': u'Full', u'mediatype': u'RJ45', u'mtu': 1500, u'operstatus': u'up', u'bandwidth': 1000000, u'ipv4': [{u'subnet': u'24', u'address': u'198.51.100.1'}], u'type': u'CSR vNIC'}, 'key': u'GigabitEthernet2'}) => {}
  89.  
  90. MSG:
  91.  
  92. GigabitEthernet2 CSR vNIC TEST-NET-2::OUTSIDE up /up
  93.  
  94. ok: [csr1000v-1.sandbox.wwtatc.local] => (item={'value': {u'macaddress': u'0050.56b9.ce90', u'lineprotocol': u'up ', u'description': u'TEST-NET-3::INSIDE', u'duplex': u'Full', u'mediatype': u'RJ45', u'mtu': 1500, u'operstatus': u'up', u'bandwidth': 1000000, u'ipv4': [{u'subnet': u'24', u'address': u'203.0.113.1'}], u'type': u'CSR vNIC'}, 'key': u'GigabitEthernet3'}) => {}
  95.  
  96. MSG:
  97.  
  98. GigabitEthernet3 CSR vNIC TEST-NET-3::INSIDE up /up
  99.  
  100.  
  101. PLAY RECAP *********************************************************************************************************************
  102. csr1000v-1.sandbox.wwtatc.local : ok=2 changed=0 unreachable=0 failed=0
  103.  
  104. ```
  105. ## Debug output from router
  106. ```
  107. csr1000v-1#
  108. *Feb 12 19:57:45.571: TCP0: state was LISTEN -> SYNRCVD [2222 -> 172.31.1.186(55730)]
  109. *Feb 12 19:57:45.571: TCP: tcb 7F035BC72500 connection to 172.31.1.186:55730, peer MSS 1000, MSS is 516
  110. *Feb 12 19:57:45.571: TCP: Selective ack is disabled from the CLI
  111. *Feb 12 19:57:45.571: TCP: sending SYN, seq 3727312790, ack 1555190096
  112. *Feb 12 19:57:45.571: TCP0: Connection to 172.31.1.186:55730, advertising MSS 536
  113. *Feb 12 19:57:45.631: TCP0: state was SYNRCVD -> ESTAB [2222 -> 172.31.1.186(55730)]
  114. *Feb 12 19:57:45.631: TCB7F035BC72500 setting property TCP_TOS (11) 56422D35A97E
  115. *Feb 12 19:57:45.631: TCB7F035BC72500 getting property TCP_COND_ACCEPT (1)
  116. *Feb 12 19:57:45.631: TCB7F035BC72500 setting property TCP_MSG_NOTIFY (8) 7F03C40D6B64
  117. *Feb 12 19:57:50.215: TCP1: FIN processed
  118. *Feb 12 19:57:50.215: TCP1: state was ESTAB -> CLOSEWAIT [2222 -> 172.31.1.186(55730)]
  119. *Feb 12 19:57:50.251: TCP1: state was CLOSEWAIT -> LASTACK [2222 -> 172.31.1.186(55730)]
  120. *Feb 12 19:57:50.251: TCP1: sending FIN
  121. *Feb 12 19:57:50.313: TCP1: Got ACK for our FIN
  122. *Feb 12 19:57:50.313: TCP1: state was LASTACK -> CLOSED [2222 -> 172.31.1.186(55730)]
  123.  
  124. csr1000v-1#show ip int brief
  125. Interface IP-Address OK? Method Status Protocol
  126. GigabitEthernet1 10.255.40.49 YES NVRAM up up
  127. GigabitEthernet2 198.51.100.1 YES manual up up
  128. GigabitEthernet3 203.0.113.1 YES manual up up
  129.  
  130. ```
  131. ## Author
  132. joel.king@wwt.com
  133. 12 February 2019
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!