I monitor about 100 devices, and all was well so far.
Now I've come across a device that I can't reach directly from my rancid host. It's not possible to create a direct network connection, or to use ssh tunnels or netcat to forward those ports using a relay host.
Instead I found a much simpler and more elegant solution. Albeit this involves patching rancid.
After playing with ProxyCommands and netcat I came across this patch on the rancid-discuss list from 2006.
The principle seems simple, elegant but still straight forward. Extending the clogin script to define a new method that can use custom commands to establish the connection.
This is accomplished by adding two new commands.
Now I've come across a device that I can't reach directly from my rancid host. It's not possible to create a direct network connection, or to use ssh tunnels or netcat to forward those ports using a relay host.
Instead I found a much simpler and more elegant solution. Albeit this involves patching rancid.
After playing with ProxyCommands and netcat I came across this patch on the rancid-discuss list from 2006.
The principle seems simple, elegant but still straight forward. Extending the clogin script to define a new method that can use custom commands to establish the connection.
This is accomplished by adding two new commands.
add method testrouter {usercmd}In my case I wanted to ssh to the relay host, and then telnet to my device from there. This is how I set that up:
add usercmd testrouter {ssh} {-t} {termserver01} {cu -l /dev/tty01 -s 9600}
add usercmd_chat testrouter {Connected.} {\r}
add method my-alias usercmdTwo caveats to this situation:
add usercmd my-alias {ssh} {-t} {rancid@my-relay-host} {telnet my-device}
add user my-alias rancid
add password my-alias rancid
- The username on my-relay-host must match the username used on the device my-alias.
- This requires password less authentication to my-relay-host. I've used ssh standard key exchange.