配置交换机是一个繁琐而且重复的工作。使用脚本配置的话,可以大大减轻网络管理员的工作量。当然,编写脚本的能力呢,必须具备。
编写脚本,你可以有很多种选择,尤其当前python最为火热,可以优先考虑。
但,本人之前编写过一个可以运行在SecureCRT中的VBScript的也不错,唯一遗憾的是SecureCRT对python的支持还是比较弱的。
这里,我用VBScript为例,来创建一个配置交换机的脚本。
首先定义一些常量
#$language = "VBScript"
#$interface = "1.0"
'设备名称
sysname = "DT01"
'设备IP地址
admin_ip="192.168.99.123"
admin_user="zmrbak"
admin_pass="MyPassword@123"
snmp_read_pass="MyPassword@124"
接下来定义一些函数
Sub Set_Host
'设置设备名称
crt.Screen.Send "sysname "&sysname & chr(13)
crt.Screen.WaitForString sysname
'设置VlanIP
crt.Screen.Send "interface Vlanif1" & chr(13)
crt.Screen.WaitForString sysname&"-Vlanif1"
crt.Screen.Send "ip address "&admin_ip &" 255.0.0.0" & chr(13)
crt.Screen.WaitForString sysname&"-Vlanif1"
crt.Screen.Send "q"& chr(13)
'设置Telnet
crt.Screen.Send "telnet server enable" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "stelnet server enable" & chr(13)
crt.Screen.WaitForString sysname
End Sub
Sub Set_Web
'设置Web
'crt.Screen.Send "undo http server enable" & chr(13)
'crt.Screen.WaitForString sysname
'crt.Screen.Send "http server load s2300-52p-ei-v100r006c05.web.zip" & chr(13)
'crt.Screen.WaitForString sysname
'启动Https Web
'crt.Screen.Send "http secure-server enable" & chr(13)
'crt.Screen.WaitForString sysname
End Sub
Sub Set_User
'设置登录用户
crt.Screen.Send "aaa" & chr(13)
crt.Screen.WaitForString sysname&"-aaa"
crt.Screen.Send "local-user "& admin_user &" password cipher "&admin_pass & chr(13)
crt.Screen.WaitForString sysname&"-aaa"
crt.Screen.Send "local-user "& admin_user &" privilege level 15" & chr(13)
crt.Screen.WaitForString sysname&"-aaa"
crt.Screen.Send "local-user "& admin_user &" ftp-directory flash://" & chr(13)
crt.Screen.WaitForString sysname&"-aaa"
crt.Screen.Send "local-user "& admin_user &" service-type telnet terminal ftp http ssh" & chr(13)
crt.Screen.WaitForString sysname&"-aaa"
'设置admin密码
crt.Screen.Send "local-user admin password cipher "&admin_pass & chr(13)
crt.Screen.WaitForString sysname&"-aaa"
'登陆信息
crt.Screen.Send "user-interface con 0" & chr(13)
crt.Screen.WaitForString sysname&"-ui-console0"
crt.Screen.Send "authentication-mode aaa" & chr(13)
crt.Screen.WaitForString sysname&"-ui-console0"
crt.Screen.Send "user privilege level 15" & chr(13)
crt.Screen.WaitForString sysname&"-ui-console0"
crt.Screen.Send "user-interface vty 0 4" & chr(13)
crt.Screen.WaitForString sysname&"-ui-vty0-4"
crt.Screen.Send "authentication-mode aaa" & chr(13)
crt.Screen.WaitForString sysname&"-ui-vty0-4"
crt.Screen.Send "user privilege level 15" & chr(13)
crt.Screen.WaitForString sysname&"-ui-vty0-4"
crt.Screen.Send "protocol inbound all" & chr(13)
crt.Screen.WaitForString sysname&"-ui-vty0-4"
crt.Screen.Send "q"& chr(13)
End Sub
Sub Set_DHCP_SNOOPing
'启动DHCP SNOOPing
crt.Screen.Send "dhcp enable" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "dhcp snooping enable" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "dhcp snooping alarm threshold 120" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "dhcp server detect" & chr(13)
crt.Screen.WaitForString sysname
End Sub
Sub Clear_Ethernet(start_port,end_port)
ports=start_port
Do
if ports<=end_port then
crt.Screen.Send "interface Ethernet0/0/"&ports & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
crt.Screen.Send "port link-type access" & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
crt.Screen.Send "port default vlan 1" & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
crt.Screen.Send "loopback-detect recovery-time 30" & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
crt.Screen.Send "loopback-detect enable" & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
crt.Screen.Send "loopback-detect action shutdown" & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
crt.Screen.Send "undo shutdown" & chr(13)
crt.Screen.WaitForString sysname&"-Ethernet0/0/"&ports
ports=ports+1
else
crt.Screen.Send "q"& chr(13)
exit do
end if
Loop
End Sub
Sub Clear_GigabitEthernet(start_port,end_port)
ports=start_port
Do
if ports<=end_port then
crt.Screen.Send "interface GigabitEthernet0/0/"&ports & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
crt.Screen.Send "port link-type access" & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
crt.Screen.Send "port default vlan 1" & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
crt.Screen.Send "loopback-detect recovery-time 30" & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
crt.Screen.Send "loopback-detect enable" & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
crt.Screen.Send "loopback-detect action shutdown" & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
crt.Screen.Send "undo shutdown" & chr(13)
crt.Screen.WaitForString sysname&"-GigabitEthernet0/0/"&ports
ports=ports+1
else
crt.Screen.Send "q"& chr(13)
exit do
end if
Loop
End Sub
Sub Set_Vlan(nettype,vlan_id,start_port,end_port)
crt.Screen.Send "vlan batch "&vlan_id & chr(13)
crt.Screen.WaitForString sysname
ports=start_port
Do
if ports<=end_port then
crt.Screen.Send "interface "&nettype&"0/0/"&ports & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "port link-type access" & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "port default vlan "&vlan_id & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "loopback-detect recovery-time 30" & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "loopback-detect enable" & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "loopback-detect action shutdown" & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
ports=ports+1
else
crt.Screen.Send "q"& chr(13)
exit do
end if
Loop
End Sub
Sub Set_Trunk(nettype,start_port,end_port)
ports=start_port
Do
if ports<=end_port then
crt.Screen.Send "interface "&nettype&"0/0/"&ports & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "port link-type trunk" & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "port trunk allow-pass vlan all"& chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "dhcp snooping enable" & chr(13)
crt.Screen.WaitForString sysname&"-"&nettype&"0/0/"&ports
crt.Screen.Send "dhcp snooping trusted" & chr(13)
ports=ports+1
else
crt.Screen.Send "q"& chr(13)
exit do
end if
Loop
End Sub
Sub Set_SNMP
'SNMP配置
crt.Screen.Send "snmp-agent" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "snmp-agent community read cipher "&snmp_read_pass & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "snmp-agent sys-info contact DengJian" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "snmp-agent sys-info location "&sysname & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "snmp-agent sys-info version v2c v3" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "snmp-agent trap enable" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "y" & chr(13)
crt.Screen.WaitForString sysname
End Sub
Sub Set_Save
'退出,保存
crt.Screen.Send "return" & chr(13)
crt.Screen.WaitForString sysname
crt.Screen.Send "save" & chr(13)
crt.Screen.WaitForString "continue"
crt.Screen.Send "y" & chr(13)
crt.Screen.WaitForString sysname
End Sub
最后定义一个Main函数,用来调用这些函数,对交换机进行配置
Sub Main
'Call Set_Host
'Call Set_User
'Call Set_SNMP
'Call Set_DHCP_SNOOPing
'Call Clear_Ethernet(1, 20)
'Call Set_Vlan("Ethernet",531,1,20)
'Call Clear_Ethernet(40, 48)
'Call Set_Trunk("Ethernet",40,48)
'Call Clear_GigabitEthernet(1,4)
'Call Set_Trunk("GigabitEthernet",1,4)
Call Set_Save
End Sub
这样,每次配置交换机的时候,只需修改一些参数,然后在SecureCRT中运行一下就好。