How I re-configured my Home Lab Switch using Python

Funny story about how I came home one day, only to find that one of the switches in my home lab that had been up and running for 2 years now had stopped functioning....

I was met with blinking amber lights. I tried telnetting and even consoling into it to no avail. After a few failed attempts, I just decided to reboot it because, it is a pretty old switch that at some point was in production for years after all. When it came back up, I was met with the dreaded "Continue with configuration dialog? [yes/no]" message. Now, I'm sure that the Startup Config on the Switch had been saved before since it's gone through several reboots since then and luckily I keep a backup copy of the latest config for my devices, so it wasn't such a big deal. Now, I could have just replaced the empty config file with a backup copy through TFTP, but...I thought that this would be the perfect opportunity to test out some of the Network Programmability techniques that I had been learning!

One of the topics that really intrigued me during my CCNA studies was Software Defined Networking/Network Programmability. One of the uses for SDN could be, using programming tools to automate mundane networking tasks. For example, it could enable network engineers to significantly decrease the amount of time it would take to configure and roll out networking devices, yet with more efficiency and less chance of human error.

There are multiple "planes" of logic that control and effect how data is transmitted/forwarded between networking devices. There's the "Control Plane" which controls how Routers advertise and learn routes (routing protocols) and also determines how Routing Tables are to be populated. For Switches, the control plane controls the MAC Address Table and how it's populated, it also controls how the Spanning Tree Protocol elects the 'Root Bridge' and decides which port(s) to block in order to prevent Layer 2 loops. Then there's the "Data" or "Forwarding" Plane, which would determine for example; which exit or 'egress' interface to send a packet/frame out of according to the information from the Control Plane.

One of the things that SDN does is, it separates the Control Plane (which relies heavily on the CPU) from the Data Plane (which typically has hardware such as an "ASIC" chip associated with it.) This also allows for less strain on the CPU. Normally, we would have centralized servers or “SDN Controllers” that would take on the role of the Control Plane by pushing down configurations and instructions to our networking devices by leveraging programming tools such as ‘OpenFlow’, for example to facilitate the communication between the SDN Controller and the devices. But there are other ways we can accomplish these tasks.

Let’s say, we’re using traditional Cisco devices (like my home lab switch) that don't support any SDN tools or APIs. The way this would work is that we can use a machine (like my home PC or a Linux VM) running Python to configure templates that could be pushed down to the device, by way of applications such as Telnet, SSH, or SNMP.

[TL;DR]

I used a nifty little Python script called "Telnetlib" that would allow me push down the old config that I had on the switch previously through Telnet (we're using Telnet because this Switch isn't running code that supports cryptographic services). I had already created a Management VLAN and a Management IP Address on the Switch so that I could remote into it:

We can also see that all of the interfaces are still using the defaults:

Here's a look at the script that I ran in Python:

Here's a high level rundown of what the script does:

• Where it says "HOST" you want to put the IP address of the device that you'll be remoting into
• The script authenticates into the device by prompting you for the username and password (I had pre-configured a local username with a privilege level of 15 beforehand) and using your credentials to initiate the telnet session.
• Once authenticated, the script will run each command according to the line of code shown above. In a nutshell, the script will:

1. Enter enable mode
2. Enter Global Configuration mode and change the Hostname of the device
3. Create the 'Users' VLAN, a 'Voice' VLAN (for the switchports connected to VoIP phones) and a "Parking" VLAN for switchports that are not in use named: "DEADPOOL" ;-)
4. Move switchports 2-8 into the Users/Voice VLANs
5. Configure them as static access ports to prevent them from unwarranted trunking
6. Enable Portfast on them so they can come online without having to wait for the Spanning Tree Forward Delay timers to complete.
7. Exit out to Privilege mode, terminate the telnet session and display the output of the commands that were set to run.

I then turned on Telnet debugging on the Switch and ran the script. Right after I authenticated with my credentials, we can see the results of the script running through a separate Console window shown below. After the script ran, we can see that the telnet session on line vty0 by the user "jackson" had terminated and as soon as we hit the 'enter' key, the Hostname changed immediately according to what we had configured in the script:

When we do a "show vlan brief", we can see that the script had added the VLANs as expected (previously, only the default and 'MANAGEMENT' VLAN existed) and our switchports (2-8) had been moved into their respective VLANs:

Verifying further, when we do a "show run interface" we can see that the configurations that we scripted have been added as well:

And finally, when we do a "show interface FastEthernet 0/2 switchport", we can see that it's an access port and that the Voice VLAN has been properly configured:

I ran the script again in the Python Shell to show that it displays the output of the script when it's done running:

Here's a picture of the Switch that crashed on me (The Last Catalyst 2950 Switch at the very bottom of the rack):

As we can see Python is a very powerful tool that can enable Network Engineers to automate mundane networking tasks. Let's say we wanted to roll out a few new Branch offices, we could configure multiple networking devices simultaneously using Python. Of course, in a production network we would want to use tools such as 'Paramiko', which would leverage SSH for a more secure connection to the Network devices.

Now, Developers and Programming purists may scoff at this very simple little script however, I'm taking baby steps to learn basic techniques that would be helpful from a Network Engineer's perspective and I can always iterate later on by using techniques such as "While Loops" or "Else-If" statements etc. I’ll be learning more about SDN and Network Programmability and I’ll probably be posting up more lab scenarios with Python.

Hope you all enjoyed! :)