Thank you for knowing two big guys: @ Yixin and @ Zhu Jiasheng
@The experiment of chess player is mainly based on linux system, Cisco equipment or GNS3 simulator.
@Considering the current mainstream of Huawei in China, Zhu Jiasheng also uses the Windows system to try to use Huawei's real machine or eNSP simulator to do the experiments mentioned in the book, so as to facilitate everyone's learning, recording and communication.
The Xiaobian uses Eve ng + Linux for Cisco and Ensp+windows for Huawei's experiment.
First, let's take a look at Cisco's experiment brought by Yixin boss:
Platform tools:
-
Experimental platform: Linux Centos7
-
Tools used: Eve ng, python 3.6.8
Experimental topology:
be careful:
192.168.2.0/24 is used in the book. I have the virtual network segment 192.168.242.0/24 bridged by eve to demonstrate this experiment.
This experiment only needs Linux, transparent switch SW (startup, no configuration), LSW1 (device to be controlled by Python third-party library paramiko), Other lsws are not started and can be reused in subsequent experiments.
Purpose of the experiment:
Use Python Paramiko module to log in to a single switch LSW1 (192.168.242.11) through SSH, and configure IP address 1.1.1.1/32 for its LoopBack0 port. After configuration, save the device configuration and exit.
Pre test inspection
Check the network connectivity (PC ping 192.168.242.11), open Linux and Ping 192.168.242.11.
Check the arp table entry of Linux and execute arp -a# to view the table entry.
Check the MAC address of interface vlanif 1 on the switch LSW1, which corresponds to the MAC in the arp table entry in win10. Both are 4c1f-ccf2-1fdb
show interface vlanif 1
Check the arp table entry of interface vlanif 1 on switch LSW1, and it can correspond to
show arp interface vlanif 1
Switch LSW1 confirms that loopback 0 port does not exist, and if it does exist, it will be deleted (caused by multiple experiments)
LSW1 configuration
Initialization 1.to configure hostname and domain-namehostname LSW1ip domain-name shiranit.com2.Generate a key and generate a 1024 bit key crypto key generate rsa general-keys modulus 10243.to configure sssh Information session timeout for ip ssh time-out 120 Maximum authentication times ip ssh authentication-retries 3 Enable ssh and telnet authentication line vty 0 4 transport input ssh telnet login local4.Locally authenticated user enable passwod 123 username python privilege 15 password 123 PS: privilege 15 This setting is to avoid entering when logging in enable password
Python code
The great God has explained the code one by one in the book and column
# import Import module import paramikoimport time# Define three variables of string type ip = '192.168.242.11'username = 'python'password = '123'# open SSH Session assignment to variable ssh_client = paramiko.SSHClient()# Open to receive strange ssh Service session ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())ssh_client.connect(hostname=ip, username=username, password=password, look_for_keys=False)# Open interactive session command = ssh_client.invoke_shell()print ('You have successfully logged in to the router' + ip)# Issue command to router command.send('configure terminal\n')command.send('interface loop 0\n')command.send('ip add 1.1.1.1 255.255.255.255\n')command.send('end\n')command.send('wr mem\n')# Delay 5 seconds time.sleep(5)# Set the screen capture length and print it out output = command.recv(65535).decode('ascii')print (output)# Exit ssh session_ client. close
Observation in experiment
Start debugging (observed in the experiment), and debug the interactive package during code execution.
LSW1# debug ip packet
Inspection of experimental results
After the script runs, you can go to LSW1 to check whether the IP address of LoopBack 0 port has been correctly configured.
show running-config interface LoopBack 0
Screenshot of code operation
Great God explained in the book. The following is a comparison of whether there is an effect with decode("ascii") when running the script.
Effect with decode("ascii")
Effect without decode("ascii")
Let's take a look at the Huawei experiment brought by @ Zhu Jiasheng:
Platform tools:
-
Experimental platform: WIN10
-
Tool used: ENSP v1 3.00.100,python 3.7.3
be careful:
1. The eNSP simulator is currently officially off the shelf temporarily. It is not difficult to find it on the Internet. It is said that the official is develop ing a new and more powerful version.
2. It doesn't matter whether Python uses 3.9 or 3.7.
3. If we start from scratch, we don't need any integrated development environment. First, we use Python's own editor to start from the simplest and slowly accumulate precipitation bit by bit.
Experimental topology:
The 192.168.2.0/24 network segment used in the book is just in conflict with my own NAS network segment, so I replaced it with 192.168.242.0/24 network segment. My own computer (Win10 has installed python 3.7.3) sets a virtual network card with an address of 192.168.242.1/24, which is bridged to the cloud and connected to the experimental topology.
This experiment only needs a PC, transparent switch SW1 (start, no configuration), LSW1 (the device to be controlled by the Python third-party library paramiko), Other lsws are not started and can be reused in subsequent experiments.
Purpose of the experiment:
Use Python Paramiko module to log in to a single switch LSW1 (192.168.242.11) through SSH, and configure IP address 1.1.1.1/32 for its LoopBack0 port. After configuration, save the device configuration and exit.
Pre test inspection
Check the network connectivity (PC ping 192.168.242.11), open cmd and Ping 192.168.242.11.
Check the arp table entry of win10, open cmd, execute arp -a, and find the interface: 192.168.242.1 --- 0x10.
Check the MAC address of interface vlanif 1 on the switch LSW1, which corresponds to the MAC in the arp table entry in win10. Both are 4c1f-ccf2-1fdb
display interface vlanif 1
Check the arp table entry of interface vlanif 1 on switch LSW1, and it can correspond to
display arp interface vlanif 1
Switch LSW1 confirms that loopback 0 port does not exist, and if it does exist, it will be deleted (caused by multiple experiments)
LSW1 configuration
sysname LSW1aaa# Password plaintext 123 local-user python password cipher #*C>*$C`S!INZPO3JBXBHA!! local-user python privilege level 3 local-user python service-type sshinterface Vlanif1 ip address 192.168.242.11 255.255.255.0stelnet server enable# The following one is very important. I didn't configure this one at the beginning, but it has been ssh Feedback error.# The simulator's product manual says this is the default value, but it needs to be manually configured after testing. ssh authentication-type default passworduser-interface vty 0 4 authentication-mode aaa protocol inbound ssh
Python code
I have explained the code one by one in the book and column. My main goal is to turn the linux + Cisco device of the great God into a windows + Huawei device.
import paramikoimport timeip = "192.168.242.11"username = "python"password = "123"ssh_client = paramiko.SSHClient()ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy())ssh_client.connect(hostname=ip, username=username, \ password=password, look_for_keys=False)print("Successfully connected to ",ip)command = ssh_client.invoke_shell()command.send("sys\n")command.send("interface LoopBack 0\n")command.send("ip address 1.1.1.1 255.255.255.255\n")command.send("return\n")command.send("save\n")command.send("y\n")time.sleep(3)command.send("display this\n")time.sleep(1)output = command.recv(65535)print(output.decode("ascii"))ssh_client.close()
Observation in experiment
Start debugging (observed in the experiment), and debug the interactive package during code execution.
debugging ip packet terminal debugging
Inspection of experimental results
After the script runs, you can go to LSW1 to check whether the IP address of LoopBack 0 port has been correctly configured.
display current-configuration interface LoopBack 0
Screenshot of code operation
I've been tortured for a long time. In Python 3, the format of echo content is byte string, so we have to use decode(), encode() and other methods to operate the string display. The great God explained in the book. The following is a comparison of whether there is an effect with decode("ascii") when running the script.
follow-up:
In addition to Ensp installation and use, Python installation and use, and the installation and use of the third-party library paramiko, there may be the following questions. If necessary, we will communicate later (see if anyone pays attention to me = = HA in this article).
1. How does WIN 10 configure the loop return port for testing?
2. How to manually use Securecrt to bridge the [simulator cloud] through the win ring backport network card to log in and operate the simulator ne?
3. Although telnet is a clear text transmission with insufficient security, in fact, a large number of non-public network business devices are still managed by telnet. How to mobilize the telnetlib module? (I tried earlier and found that Huawei's telnet settings may have been simplified. After using telnetlib, errors will occur when printing all screenshots, which has not been sorted out yet.)
More highlights:
Basic notes on the Python road of network engineering (I)
Fast ping network segment with python
python practical script: batch debugging and backup of network equipment
python implements simple repetitive operations