Telnet to switches in the Lab is fine, However, in a production environment for security reasons we should use SSH.
For SSH connections to the network devices, we use Netmiko. Netmiko is a multi vendor library that simplifies paramiko ssh connections to network devices.
if we want we can use Paramiko as well but its usage is slightly complex.
You can read information about Netmiko on this [link.](GitHub – ktbyers/netmiko: Multi-vendor library to simplify Paramiko SSH connections to network devices)
In order for to proceed further, the network devices should be configured for SSH. For the network devices to be work on SSH, we need to set a username and password & allow the transport of SSH under Line VTY. Since, we have done both earlier itself. I am going to generate a RSA Key required for SSH. I am using the script below to configure the devices quickly for SSH.
import getpass
import telnetlib
user = input("Enter user name: ")
password = getpass.getpass()
f= open('myswitches')
for ip in f:
ip = ip.strip() # Remove any leading/trailing whitespace or newline characters
print ("Getting Running configuration of the Switch" + (ip))
HOST= ip
tn = telnetlib.Telnet(HOST)
tn.read_until(b"Username: ")
tn.write(user.encode('ascii') + b"\n")
if password:
tn.read_until(b"Password: ")
tn.write(password.encode('ascii') + b"\n")
tn.write(b"enable\n")
tn.write(b"kapil\n")
tn.write(b"configure terminal\n")
tn.write(b"ip domain-name ethernetdude.com\n")
tn.write(b"crypto key generate rsa\n")
tn.write(b"1024\n")
tn.write(b"end\n")
tn.write(b"exit\n")
print(tn.read_all().decode('ascii'))Below is the first Netmiko script. In the below example, I am going to configure one switch using SSH. Later on we will extend it to multiple switch.
This is Python Dictionary that we mentioned under variable ios_l2. We will talk about the theory in detail.
We are then going to connect to the switch and send a show command which is show ip interface brief.
from netmiko import ConnectHandler
ios_l2 = {
'device_type': 'cisco_ios',
'ip': '192.168.0.17',
'username': 'kapil',
'password': 'kapil',
}
# sending show commands to the switch
net_connect = ConnectHandler(**ios_l2)
output = net_connect.send_command('show ip int brief')
print(output)
# sending list of configuration commands to the switch
config_commands = ['int loop 0', 'ip address 1.1.1.1 255.255.255.0']
output = net_connect.send_config_set(config_commands)
print(output)
for n in range(2, 21):
print ("creating vlan" + str(n))
config_commands = ['vlan ' + str(n), 'name vlan' + str(n)]
output = net_connect.send_config_set(config_commands)
print(output)Now if we try to execute this program we are going to get an error because the network automation container is not aware of the module called netmiko. to fix that we need to run the below commands on the network automation controller.
apt-get update
apt-get install python3-pip
pip3 install -U netmikoonce these commands are executed, the netmiko script should run fine. It is also important to note that netmiko needs to login with level 15 privilege or enable mode in order to be able to complete the above.
Now, let us see how we can configure multiple switches using netmiko. We can make further modifications to the below script by asking the user to enter the username and password instead of pushing it into the code.
We created three dictionaries & then looped thru each switch to push the configuration.
from netmiko import ConnectHandler
ios_l2_s1 = {
'device_type': 'cisco_ios',
'ip': '192.168.0.15',
'username': 'kapil',
'password': 'kapil',
}
ios_l2_s2 = {
'device_type': 'cisco_ios',
'ip': '192.168.0.16',
'username': 'kapil',
'password': 'kapil',
}
ios_l2_s3 = {
'device_type': 'cisco_ios',
'ip': '192.168.0.17',
'username': 'kapil',
'password': 'kapil',
}
all_switches = [ios_l2_s1, ios_l2_s2, ios_l2_s3]
# Loop through each switch and configure it
for switch in all_switches:
net_connect = ConnectHandler(**switch)
for n in range(1,25):
print ("creating vlan" + str(n))
config_commands = ['vlan ' + str(n),'name Python_VLAN_' + str(n)]
output = net_connect.send_config_set(config_commands)
print(output)Now the next step is to separate the python program from the actual Network configuration. What we can do is to create a separate file with network configuration in it & then the python script can be used to call that configuration file & push it to multiple devices.
First, lets create a template for our network configuration on the switches.
vtp mode transpearent
spanning-tree mode rapid-pvst
udld enable
ip name-server 8.8.8.8
no ip http server
ip http secure-server
snmp-server community python1 ro
snmp-server community python2 rwNow the Python script we are going to use as below.
from netmiko import ConnectHandler
ios_l2_S4 = {
'device_type': 'cisco_ios',
'ip': '192.168.0.17',
'username': 'kapil',
'password': 'kapil',
}
ios_l2_S5 = {
'device_type': 'cisco_ios',
'ip': '192.168.0.18',
'username': 'kapil',
'password': 'kapil',
}
ios_l2_S6 = {
'device_type': 'cisco_ios',
'ip': '192.168.0.19',
'username': 'kapil',
'password': 'kapil',
}
with open ('ciscoconfig') as f:
lines = f.read().splitlines()
print (lines)
all_devices = [ios_l2_S4, ios_l2_S5, ios_l2_S6]
for devices in all_devices:
netconnect = ConnectHandler(**devices)
output = netconnect.send_config_set(lines)
print (output)