Wednesday, November 28, 2018

Brocade Backup to Git

Our Fiber Switches are the Brocade 65xx series, and recently needed a way to back them up. The configUpload command offers backing up to an FTP server, SCP, or locally. Since I wanted to push them to Git, the easiest option was SCP and found this script from TheSanGuy on automating config zone backups for the Brocade's. I modified it a bit to not add the date to the script, because Git would handle the diff and each day the script gets overwritten on the local server. After cloning the repo from GitHub to the local server, the script logs in with SSH keys to the switch and then each switch has a public key for the server to SCP the file back to the server

The version of the script is below, broken up into two zones:

#!/bin/bash
#Set Environment
TODAY=`date`
TIMESTAMP=`date +"%Y%m%d%H%M"`
LOCALPATH="/home/username"
SCPHOST="172.20.14.7"
SCPUSER="username"
SCPPATH="/home/username/Brocade-Backup"

#List of Switches to be backed up
SWITCHLIST1="zoneswitch1 zoneswitch2"
SWITCHLIST2="zoneswitch3 zoneswitch4"

for x in $SWITCHLIST1
do
ssh admin@$x configupload -scp $SCPHOST,$SCPUSER,$SCPPATH/$x.cfg
done

for x in $SWITCHLIST2
do
ssh admin@$x configupload -scp $SCPHOST,$SCPUSER,$SCPPATH/$x.cfg
done

cd $SCPPATH && \
git add . && \
git add -u && \
git commit -m "$TIMESTAMP" && \
git push

The next step is to be able to keep the old version so only the changes are pushed to Git and then also be able to push the config back to the script when creating zones instead of logging into the Java interface. But, unfortunately we don't have a lab switch and I don't feel comfortable testing that in production.
Posted by at No comments:
Labels: , , , , ,

Tuesday, November 20, 2018

Google Dynamic DNS with DD-WRT

I recently switched my router back to dd-wrt. I moved away from it in favor of Google's Wi-Fi, which I had no complaints with using it other than wanted more control of my router and wanted to test some network automation. Don't get me wrong the mesh feature of Google's Wi-Fi router is amazing, but didn't have a chance to really take advantage of it while living in an apartment. Some of the other features are excellent as well

One shortcoming however of dd-wrt is that the version of inadyn (the dynamic dns client used in dd-wrt) couldn't talk with Google's registrar and update synthetic records. There were a few posts that I found where they used OpenWRT instead, which is definitely on my list to try out and get configured instead because the support and updates on that seem to happen more than dd-wrt. I chose dd-wrt for the ease of use and because it was something I was familiar with (and completely disabled http access, so management is all done through SSH).

The step I went to go around this was to use my Raspberry Pi to update the DNS record on a fifteen minute interval using a script and crontab. Here is a sample of the script:

#!/bin/bash

 USERNAME="username"
PASSWORD="password"
HOSTNAME="home.domain.com"

 # Resolve IP for DDNS record
NS=$( dig +short home.domain.com @resolver1.opendns.com )
# Resolve current public IP
IP=$( dig +short myip.opendns.com @resolver1.opendns.com )
# Update Google DNS Record

 if [ "$NS" != "$IP" ] ; then 
    echo "IP address changed, updating"
    URL="https://${USERNAME}:${PASSWORD}@domains.google.com/nic/update?hostname=${HOSTNAME}&myip=${IP}"
    curl -s $URL
else
    echo "IP address has not changed"
fi

 The script itself still needs some work, but I thought that the fifteen minute interval was a short enough period of time for the job to run. It could go even shorter, because with the if statement, it will only run if the IP address changes and not cause a large number of requests to Google. There are a few things that I am working on to update the script to increase some logging, etc. But it is simply called from crontab like this:

15 * * * * /home/pi/google-ddns-check.sh > /home/pi/google-ddns.log 2>&1

 Next step is to add the time and the IP address to the log as well as append to the log file instead of overwriting it each time, but this works pretty well in a pinch for now. Hope this helps for anyone wanting to use Google's Synthetic DNS with dd-wrt.

Thanks!
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)