Roberto Greiner | 30 Apr 19:54 2015

[rancid] "End of run not found" when running with a DLink switch


I'm trying to set rancid to read the configuration for a D-Link DGS-3420
switch, but I'm hitting on an error where rancid fails to get the switch
configurations with an "End of run not found" message.

I'm running rancid 3.2 in a Debian 7 box, with cvsweb for reading the
cvs. Rancid is working properly, as I'm getting the all the configs for
some 3Com switches (3Com 4500 and 3Com 4800).

I added the following line do router.db:

Running "rancid -t dell -C dlink-poe-datacenter1.<mydomain>" I get the
following output:
dllogin -t 300 -c 'show switch;show config current_config'

Running "time dllogin -t 300 -c 'show switch;show config current_config'
dlink-poe-datacenter1.<mydomain>" (notice 'time' at the beginning), I
get all the configs for the switch, and a running time of ~19 seconds.
So, the switch is answering and sending all the config quickly,
indicating also that there is no timeout problem.

Running "rancid -t dell -d dlink-poe-datacenter1.<mydomain>", returns
the following output (also after ~19 seconds):
HIT COMMAND:DGS-3420-28PC:admin#show switch
    In GetSystem: DGS-3420-28PC:admin#show switch
HIT COMMAND:DGS-3420-28PC:admin#show config current_config
    In GetConf: DGS-3420-28PC:admin#show config current_config
(Continue reading)

Sean | 29 Apr 15:34 2015

[rancid] Cisco WAP VLAN packets/bytes not being filtered, triggering diff

Hi all,

New to the list, and more or less new to diggint into rancid deeper than the occasional device add. I recently moved to 3.2 and noticed that our Cisco WAPs started to report VLAN packet/byte counts on every configuration sync. Example:

- !VLAN:    0 packets, 0 bytes input
- !VLAN:    7944 packets, 3010776 bytes output
- !VLAN:         Other                                           0               79426
- !VLAN:    0 packets, 0 bytes input
- !VLAN:    7944 packets, 3010776 bytes output
- !VLAN:         Other                                           0               79426
- !VLAN:    7939 packets, 6224176 bytes input
- !VLAN:    63538 packets, 7157376 bytes output

I found this post ( that discusses the same issue, but for 3.1. I tried to apply the patch directly but it failed, presumably because of changes made between 3.1 and 3.2.

A manual application of the modified code did not work, either. $device is apparently undefined and throws an error in my rancid logs. Otherwise, it doesn't seem to have any effect.

Is there another update or patch available that might address this problem? Does the patch above still work, and I should re-apply it, stop being an idiot, and ignore the $device-related errors?

Any assistance would be appreciated.

Rancid-discuss mailing list
Rancid-discuss <at>
Todd Heide | 24 Apr 16:28 2015

[rancid] CGI front end

Years ago someone on this list sent me a script to use to make a web front. It worked great but that was with my
old job, and I looked everywhere in my backups and cannot find a copy of that script, or who sent it to me. 
Might have been Lance, or John. It was nothing more than a bunch of boxes to put in the Group, hostname, a
dropdown of what it is(Cisco,Juniper,HP, etc) and a button for up or down. 
Rancid-discuss mailing list
Rancid-discuss <at>

Todd Heide | 22 Apr 22:46 2015

[rancid] ACE Appliance

Does Rancid back up ACE and WLC? 
Rancid-discuss mailing list
Rancid-discuss <at>

Scott Granados | 22 Apr 20:34 2015

[rancid] Backing up F5 BigIP LTM with rancid?

	I recently have installed some F5 BigIPS in my network and wish to back these up with RANCID like I do my other
network elements.  I have tried to play with the included files but these seem out of date.  (I’m running
11.60.0 firmware)  While googling I found some mention of using TMSH instead of the older BigPipe command
but the patch I found to didn’t apply cleanly and seem to fail.  Has anyone else got this
configuration working and having success dealing with F5 devices using rancid?  If so could you post some
details on how you accomplished this or a pointer to a current f5rancid and f5login that works?  Any help
would be most appreciated.


Rancid-discuss mailing list
Rancid-discuss <at>

Chris Davis | 21 Apr 23:59 2015

Re: [rancid] Fortinet Fortigate problem.

A few weeks ago I posted the following.   A couple of very helpful folks pointed me at the fnlogin script and why
it might be failing.  I had just upgraded one of my Fortinet firewall clusters to 5.0.9 firmware and when I
upgraded the other cluster, I had the same problem.  One of the answers was to disable the strong encryption
on the firewall.   Not my favorite thing to do...  So, I had a look at the fnlogin code.   Now, I'm no expect
programmer, but it was straight enough to follow.  I found that the cypher was set to 3des.  I spoke with a
Fortinet engineer that I was working with on another issue, and he indeed confirmed that 3des-cbc was not
supported in strong encryption mode moving forward.  He said I should choose something else.  

This afternoon I tinkered with swapping aes256-ctr where it had said 3des before, and turned back on strong
encryption on the clusters.  And amazingly, it worked!  I'll know for sure when my hourly rancid runs kick
off, but I have a small job running every fifteen minutes grabbing some data for the other problem I was
working on, and it has successfully grabbed 2 iterations of data for that project.  

So, how hard is it to jump from 2.3.8 to 3.2?   (since I'm feeling flush with success)  I will remember the router
file change from : to ; for separators.  Any other gotchas?   

On 30/03/2015 19:03, Chris Davis wrote:
> I?ve been using Rancid 2.3.8 for some time now without any problems. 
> (once I got all the patches installed for it)
> This past week, we upgraded a unit from 5.0.7 firmware to 5.0.9.  This 
> had the negative effect of making it impossible for Rancid to log into 
> the unit.  I have checked all the normal things.  I deleted and 
> recreated the ssh Known_hosts entry.  I?ve even manually logged in 
> from the Rancid server using my own credentials and the rancid 
> credentials and not had any problems.
Rancid-discuss mailing list
Rancid-discuss <at>

Wiethoff, Helge | 21 Apr 13:06 2015

[rancid] Update from 2.3.8 to 3.2 all routers went to routers.down

Hello everyone!

I hope this is not a common issue and was already discussed a thousand times.
After updating from 2.3.8 to 3.2 all my routers are marked as down. Unfortunately I don't have the log files
anymore when this happened.

I double checked spelling issues in my router.db.
I checked the control_rancid script because I didn't get a mail from the system when the routers went to down state:
X-AS01:/srv/rancid/logs # cat TFH.20150421.114636
starting: Tue Apr 21 11:46:36 CEST 2015

/usr/lib64/rancid/bin/control_rancid: line 363: -t: command not found

Don't know if this is an issue?!

When I tested the part (line 281) in control_rancid where the list of all, up, & down routers is generated, I
figured out - in my newbie-eyes - a strange behaviour.
I created a test router.db named tests:
X-AS01:/srv/rancid/TFH # cat tests

X-AS01:/srv/rancid/TFH # perl -F\; -ane '{$F[2] =~ s/\s*\$//; ($F[0] =~ tr <at> A-Z <at> a-z <at> , print $_) if ($F[2]
!~ /^up$/i);}' tests

shoudn't this give me just the line without "up"?
X-AS01:/srv/rancid/TFH # perl -F\; -ane '{$F[2] =~ s/\s*\$//; ($F[0] =~ tr <at> A-Z <at> a-z <at> , print
"$F[0];$F[1]\n") if ($F[2] =~ /^up$/i);}' tests
X-AS01:/srv/rancid/TFH #

I guess I misunderstood something... :-(

Thanks for all support,
  Helge Wiethoff

Telefon: +49 (234) 968 8717
Fax: +49 (234) 968 3453
E-Mail: Wiethoff <at>

Technische Fachhochschule Georg Agricola
für Rohstoff, Energie und Umwelt zu Bochum
Staatlich anerkannte Fachhochschule der
DMT-Gesellschaft für Lehre und Bildung mbH
Herner Straße 45
44787 Bochum

Träger: DMT-Gesellschaft für Lehre und Bildung mbH
Sitz der Gesellschaft: Bochum
Registergericht: Amtsgericht Bochum
Handelsregister: B 4052

Prof. Dr. Jürgen Kretschmann (Vorsitzender)
Manfred Freitag
Rancid-discuss mailing list
Rancid-discuss <at>
Todd Heide | 21 Apr 02:29 2015

[rancid] Rancid user home

Been going nuts trying to figure this out, Google has been useless. When I created the user rancid, it set the $HOME as /home/rancid, and no matter what I try it never sticks to /usr/local/rancid.  I can change the variable and make it work, but on reboot it goes back to /home/rancid and breaks rancid-run and RWS. 

I need it to permanently change it to /usr/local/r ancid.
Rancid-discuss mailing list
Rancid-discuss <at>
Howard Jones | 20 Apr 18:31 2015

[rancid] ExtremeXOS 12.6 vs RANCID 3.1 - login out of step?

We have some Extreme X480 switches running XOS 12.6 which RANCID seems 
to dislike.

The basic symptom is that clogin enters a username, then does 
<something> then enters the password at the next username prompt. I've 
tried fiddling with the passprompt setting, to make it exactly as seen 
in the output from the switch, but as far as I can see the default 
should have worked anyway.

This appears to be the same issue, but without any particular resolution:

Does anyone have Summit X480s working in RANCID?



(looking forward to suffering from the various other problems folks seem 
to have once the login has actually worked! The couple of ours with SSH 
(and therefore no login script) seem to come and go from polling)
Rancid-discuss mailing list
Rancid-discuss <at>

alligator94 | 19 Apr 09:35 2015

[rancid] rancid : how to filter clogin -x or -c outcome



I very often use clogin –x or clogin –c to perform mass configuration updates. My concern is that clogin doesn’t analyze the outcome of the command passed with –x or –d, so there is no easy way to know if the command has been successfully accepted by the device . For instance, some old cisco ios don’t accept some commands.


I have tried to use the clogin debug (-d) option, but it generates a huge amount of lines. I have also tested to open a log file (I am using teraterm)  before running clogin, then to do a search but, it is not really easy because each time that you find an error condition, you need to look backward in the file to know which host the error message reports to.


I have also looked at the –s option but it looks complex to me.


What would be nice to have is a way to pass a file  to clogin as a parameter which would contain a list of keyword that you want to be extracted from the outcome.

I am thinking to some words like :





If some of them are trapped during the clogin run, then they could be stored in a file $hostname_date_time.err.log


Maybe there is an easy way to do it but I am not skilled with expect.

Any help or comment is welcomed.





Rancid-discuss mailing list
Rancid-discuss <at>
heasley | 18 Apr 16:40 2015

[rancid] cloginrc order

Sat, Apr 18, 2015 at 01:52:52PM +0200, Alan McKinnon:
> .cloginrc is read strictly in order so if you have "add user * joe" at
> the very top, it will be used everywhere.
> Check the ordering of .loginrc as step one.
> Step 2 is to run clogin manually and check the output

Would it be useful if clogin et al with an option printed the cloginrc line
that matched?
Rancid-discuss mailing list
Rancid-discuss <at>