cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2397
Views
0
Helpful
7
Replies

TCL Scripting Trouble - DNS Query

Hello community!

 

I've been working on a TCL script that's been deployed to 20+ production routers.

This script does some very basic diagnostic tests, which are then relayed back to a central server to be audited.

Everything's automatic, which helps my team to be proactive to fix any errors that are found.

 

With that, I've been getting some odd results from a single device in the group. Sometimes I'll get a passing result, while other times it will fail.

I'm unable to track down the reason for this, so I was hoping that someone could review my work.

 

Quick overview:

The script will clear DNS cache on the router, and then ping a pre-defined FQDN that's imported from EEM.

If it finds a [OK] in the CLI output, the test will pass. If it doesn't find a [OK], it will fail.

 

What's happening (as you'll see below), is that the router pings the FQDN but it's not finding the [OK].

The ping is successful, but it's almost like the router never cleared the DNS cache before running the test. My debug shows that it did~ which is what's confusing me.

How should/could I address this problem?

All other routers pass this test without issue. It's just this one that's having the problem.

 

 

TCL Script:

 

...scripting omitted.

# ------------------------------------------------------------------------------ #
# Lets begin our DNS test. Lets update our log first.
# ------------------------------------------------------------------------------ #
action_syslog msg "..."
action_syslog msg "... Beginning DNS test."
 
# ------------------------------------------------------------------------------ #
# First, we need to clear out the cached DNS results from previous tests.
# ------------------------------------------------------------------------------ #
 
if [catch {cli_exec $cli1(fd) "clear host *"} _cli_result] {
    error $_cli_result $errorInfo
}
 
# ------------------------------------------------------------------------------ #
# We'll ping the clients Load Balanced FQDN, and see if it resolves.
# ------------------------------------------------------------------------------ #
 
if [catch {cli_exec $cli1(fd) "ping $office source $lan_interface"} _cli_result] {
    error $_cli_result $errorInfo
}
 
set _regexp_result [regexp {[OK]} "$_cli_result"]
if {$_regexp_result == "1"} {
set fd [open "flash:/$hostname.neht.csv" "a"]
puts $fd "DNS,$hostname,$loopback,Passed"
close $fd
action_syslog msg "... PASS: $office resolved successfully."
 
# ------------------------------------------------------------------------------ #
# If it didn't resolve, then lets update the CSV and add a log entry.
# ------------------------------------------------------------------------------ #
 
} else {
 
set fd [open "flash:/$hostname.neht.csv" "a"]
puts $fd "DNS,$hostname,$loopback,Failed - Unable to resolve $office from client DNS."
close $fd
action_syslog msg "... ---> FAIL: DNS was unable to resolve $office. Please verify DNS configuration."
 
}

...scripting omitted.

 

 

TCL Debugging : Test Failed

002098: Oct  4 06:00:07.368 CDT: %HA_EM-6-LOG: neht.tcl: ... Beginning DNS test.
002099: Oct  4 06:00:07.368 CDT: [fh_cli_debug_cmd]
002100: Oct  4 06:00:07.368 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : IN  : ROUTER#clear host *
002101: Oct  4 06:00:07.368 CDT: [fh_tty_write_cmd]
002102: Oct  4 06:00:07.368 CDT: [fh_tty_write_cmd] cmd = clear host *, cmdsize = 12
002103: Oct  4 06:00:07.368 CDT: [fh_sys_reqinfo_routername_cmd]
002104: Oct  4 06:00:07.396 CDT: [fh_tty_read_cmd]
002105: Oct  4 06:00:07.396 CDT: [fh_tty_read_cmd] size= 17
002106: Oct  4 06:00:07.396 CDT: [fh_tty_prompt_cmd]
002107: Oct  4 06:00:07.500 CDT: [fh_cli_debug_cmd]
002108: Oct  4 06:00:07.500 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : ROUTER#
002109: Oct  4 06:00:07.500 CDT: [fh_cli_debug_cmd]
002110: Oct  4 06:00:07.500 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : IN  : ROUTER#ping office.CLIENT.com source vlan1
002111: Oct  4 06:00:07.500 CDT: [fh_tty_write_cmd]
002112: Oct  4 06:00:07.500 CDT: [fh_tty_write_cmd] cmd = ping office.CLIENT.com source vlan1, cmdsize = 41
002113: Oct  4 06:00:07.500 CDT: [fh_sys_reqinfo_routername_cmd]
002114: Oct  4 06:00:07.528 CDT: [fh_tty_read_cmd]
002115: Oct  4 06:00:07.528 CDT: [fh_tty_read_cmd] read not ready
002116: Oct  4 06:00:07.628 CDT: [fh_tty_read_cmd]
002117: Oct  4 06:00:07.628 CDT: [fh_tty_read_cmd] size= 154
002118: Oct  4 06:00:07.628 CDT: [fh_tty_prompt_cmd]
002119: Oct  4 06:00:07.728 CDT: [fh_tty_read_cmd]
002120: Oct  4 06:00:07.728 CDT: [fh_tty_read_cmd] size= 1
002121: Oct  4 06:00:07.728 CDT: [fh_tty_prompt_cmd]
002122: Oct  4 06:00:07.828 CDT: [fh_tty_read_cmd]
002123: Oct  4 06:00:07.828 CDT: [fh_tty_read_cmd] size= 2
002124: Oct  4 06:00:07.828 CDT: [fh_tty_prompt_cmd]
002125: Oct  4 06:00:07.928 CDT: [fh_tty_read_cmd]
002126: Oct  4 06:00:07.928 CDT: [fh_tty_read_cmd] size= 1
002127: Oct  4 06:00:07.928 CDT: [fh_tty_prompt_cmd]
002128: Oct  4 06:00:08.028 CDT: [fh_tty_read_cmd]
002129: Oct  4 06:00:08.028 CDT: [fh_tty_read_cmd] size= 91
002130: Oct  4 06:00:08.028 CDT: [fh_tty_prompt_cmd]
002131: Oct  4 06:00:08.128 CDT: [fh_cli_debug_cmd]
002132: Oct  4 06:00:08.128 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : Type escape sequence to abort.
002133: Oct  4 06:00:08.128 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : Sending 5, 100-byte ICMP Echos to 10.77.67.2, timeout is 2 seconds:
002134: Oct  4 06:00:08.128 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : Packet sent with a source address of 192.168.1.1
002135: Oct  4 06:00:08.128 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : !!!!!
002136: Oct  4 06:00:08.128 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : Success rate is 100 percent (5/5), round-trip min/avg/max = 60/63/64 ms
002137: Oct  4 06:00:08.128 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : ROUTER#
002138: Oct  4 06:00:08.344 CDT: [fh_action_syslog_cmd]
002139: Oct  4 06:00:08.344 CDT: %HA_EM-6-LOG: neht.tcl: ... ---> FAIL: DNS was unable to resolve office.CLIENT.com. Please verify DNS configuration.

 

 

TCL Debugging : Test Passed
001495: Oct  3 06:00:07.480 CDT: %HA_EM-6-LOG: neht.tcl: ... Beginning DNS test.
001496: Oct  3 06:00:07.480 CDT: [fh_cli_debug_cmd]
001497: Oct  3 06:00:07.480 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : IN  : ROUTER#clear host *
001498: Oct  3 06:00:07.480 CDT: [fh_tty_write_cmd]
001499: Oct  3 06:00:07.480 CDT: [fh_tty_write_cmd] cmd = clear host *, cmdsize = 12
001500: Oct  3 06:00:07.480 CDT: [fh_sys_reqinfo_routername_cmd]
001501: Oct  3 06:00:07.512 CDT: [fh_tty_read_cmd]
001502: Oct  3 06:00:07.512 CDT: [fh_tty_read_cmd] size= 17
001503: Oct  3 06:00:07.512 CDT: [fh_tty_prompt_cmd]
001504: Oct  3 06:00:07.612 CDT: [fh_cli_debug_cmd]
001505: Oct  3 06:00:07.612 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : ROUTER#
001506: Oct  3 06:00:07.612 CDT: [fh_cli_debug_cmd]
001507: Oct  3 06:00:07.612 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : IN  : ROUTER#ping office.CLIENT.com source vlan1
001508: Oct  3 06:00:07.612 CDT: [fh_tty_write_cmd]
001509: Oct  3 06:00:07.612 CDT: [fh_tty_write_cmd] cmd = ping office.CLIENT.com source vlan1, cmdsize = 41
001510: Oct  3 06:00:07.612 CDT: [fh_sys_reqinfo_routername_cmd]
001511: Oct  3 06:00:07.640 CDT: [fh_tty_read_cmd]
001512: Oct  3 06:00:07.640 CDT: [fh_tty_read_cmd] read not ready
001513: Oct  3 06:00:07.740 CDT: [fh_tty_read_cmd]
001514: Oct  3 06:00:07.740 CDT: [fh_tty_read_cmd] size= 230
001515: Oct  3 06:00:07.740 CDT: [fh_tty_prompt_cmd]
001516: Oct  3 06:00:07.840 CDT: [fh_tty_read_cmd]
001517: Oct  3 06:00:07.840 CDT: [fh_tty_read_cmd] size= 1
001518: Oct  3 06:00:07.840 CDT: [fh_tty_prompt_cmd]
001519: Oct  3 06:00:07.940 CDT: [fh_tty_read_cmd]
001520: Oct  3 06:00:07.940 CDT: [fh_tty_read_cmd] size= 2
001521: Oct  3 06:00:07.940 CDT: [fh_tty_prompt_cmd]
001522: Oct  3 06:00:08.040 CDT: [fh_tty_read_cmd]
001523: Oct  3 06:00:08.040 CDT: [fh_tty_read_cmd] size= 1
001524: Oct  3 06:00:08.040 CDT: [fh_tty_prompt_cmd]
001525: Oct  3 06:00:08.140 CDT: [fh_tty_read_cmd]
001526: Oct  3 06:00:08.140 CDT: [fh_tty_read_cmd] size= 91
001527: Oct  3 06:00:08.140 CDT: [fh_tty_prompt_cmd]
001528: Oct  3 06:00:08.240 CDT: [fh_cli_debug_cmd]
001529: Oct  3 06:00:08.240 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : Translating "office.CLIENT.com"...domain server (10.12.25.12) [OK]
001530: Oct  3 06:00:08.240 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT :
001531: Oct  3 06:00:08.240 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : Type escape sequence to abort.
001532: Oct  3 06:00:08.240 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : Sending 5, 100-byte ICMP Echos to 10.77.67.2, timeout is 2 seconds:
001533: Oct  3 06:00:08.240 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : Packet sent with a source address of 192.168.1.1
001534: Oct  3 06:00:08.240 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : !!!!!
001535: Oct  3 06:00:08.240 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : Success rate is 100 percent (5/5), round-trip min/avg/max = 64/67/68 ms
001536: Oct  3 06:00:08.240 CDT: %HA_EM-6-LOG: neht.tcl : DEBUG(cli_lib) : OUT : ROUTER#
001537: Oct  3 06:00:08.456 CDT: [fh_action_syslog_cmd]
001538: Oct  3 06:00:08.456 CDT: %HA_EM-6-LOG: neht.tcl: ... PASS: office.CLIENT.com resolved successfully.

 

Router Config:

ip name-server 10.12.25.12
ip name-server 10.12.25.11

 

ip inspect dns-timeout 7

ip domain lookup source-interface Vlan1

 

 

 

 

Any input on this would be very much appreciated.

Thanks in advance everyone!

 

7 Replies 7

As I look deeper into this, I suppose I could use a regular expression and capture the ping results that come back. Does anyone know of a better way to perform this test? 

Thanks in advance,

Why not just match on the multi-bangs?

 

regexp {!!!!!} "$_cli_result"

That's what I was thinking and I even tested out last night in my lab.

The only reason I don't want to do it though, is because I'm using this portion of the script to test DNS functionality. If it pulls the IP from the routers cache, then it's not really running a query against the active DNS server that's pre-configured on the router. 

 

To make it all easier to understand, I'll show you the script in its entirety. If you see anything in it that jumps out at you as needing optimization, please let me know. I'm always happy to review. I enjoy constructive criticism. The goal is to test MTU, DNS, and server accessibility over a link.

 

Again, Thanks for your support or advice, Joseph!

 

 

 

 

TCL Script

 

 

# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  #
# Network Environment Health Test                   Created by Nate Mellendorf   #
# TCL Script                                                                     #
# Draft - v0.1                                                                   #
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  #
# This test requires that the following environment variables have been          #
# pre-defined on the Cisco router:                                               #
#                                                                                #
# event manager environment lan_interface <Client LAN Interface>                 #
# event manager environment lan_ip <Client LAN Interface IP>                     #
# event manager environment loopback <MGMT IP for this router>                   #
# event manager environment mtu_dest <Destination of the MTU test>               #
# event manager environment office <FQDN of clients LB IP>                       #
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  #
 
::cisco::eem::event_register_none queue_priority low nice 1 maxrun 70
::cisco::eem::description "This test policy is used verify current network health."
 
# ------------------------------------------------------------------------------ #
# We're going to use the namespace commands to import our custom EEM variables.
# ------------------------------------------------------------------------------ #
 
namespace import ::cisco::eem::*
namespace import ::cisco::lib::*
 
array set arr_einfo [event_reqinfo]
set hostname [info hostname]
 
if [catch {cli_open} result] {
    error $result $errorInfo
} else {
    array set cli1 $result
}
 
# ------------------------------------------------------------------------------ #
# Lets get into enable mode, and capture the current date.
# ------------------------------------------------------------------------------ #
 
if [catch {cli_exec $cli1(fd) "enable"} _cli_result] {
    error $_cli_result $errorInfo
}
 
if [catch {cli_exec $cli1(fd) "show clock"} predate] {
    error $_cli_result $errorInfo
}
 
if {[regexp "(\[0-9\]\[0-9\]:\[0-9\]\[0-9\]:\[0-9\]\[0-9\])" $predate temp dateclean] == 0} {
error $_cli_result $errorInfo
}
 
# ------------------------------------------------------------------------------ #
# We need to disable file prompting and update our ssh source interface for SCP.
# ------------------------------------------------------------------------------ #
 
if [catch {cli_exec $cli1(fd) "conf t"} _cli_result] {
    error $_cli_result $errorInfo
}
if [catch {cli_exec $cli1(fd) "file prompt quiet"} _cli_result] {
    error $_cli_result $errorInfo
}
if [catch {cli_exec $cli1(fd) "ip ssh source-interface lo10"} _cli_result] {
    error $_cli_result $errorInfo
}
if [catch {cli_exec $cli1(fd) "end"} _cli_result] {
    error $_cli_result $errorInfo
}
 
# ------------------------------------------------------------------------------ #
# We need to edit the date, because ":" can't be used in our file name later on.
# ------------------------------------------------------------------------------ #
 
regsub -all {\:} $dateclean {_} date
 
# ------------------------------------------------------------------------------ #
# All right. Lets begin our testing. First, we make note of this in the log.
# ------------------------------------------------------------------------------ #
 
action_syslog msg "... Starting Network Environment Health Test (v1.01)"
action_syslog msg "..."
action_syslog msg "... Beginning MTU tests."
 
 
if [catch {cli_exec $cli1(fd) "ping $mtu_dest size 1500 source $lan_interface"} _cli_result] {
    error $_cli_result $errorInfo
}
 
# ------------------------------------------------------------------------------ #
# MTU 1500 - If successful, move on to the 1600 test. If not, go to MTU 1500 Error.
# ------------------------------------------------------------------------------ #
 
set _regexp_result [regexp {Success rate is 100 percent} "$_cli_result"]
if {$_regexp_result == "1"} {
    if [catch {cli_exec $cli1(fd) "ping $mtu_dest size 1600 source $lan_interface"} _cli_result] {
        error $_cli_result $errorInfo
    }
 
# ------------------------------------------------------------------------------ #
# MTU 1600 - If successful, move on to the 3000 test. If not, go to MTU 1600 Error.
# ------------------------------------------------------------------------------ #
 
set _regexp_result [regexp {Success rate is 100 percent} "$_cli_result"]
    if {$_regexp_result == "1"} {
        if [catch {cli_exec $cli1(fd) "ping $mtu_dest size 3000 validate source $lan_interface"} _cli_result] {
            error $_cli_result $errorInfo
        }
 
# ------------------------------------------------------------------------------ #
# MTU 3000 - If successful, update the CSV. If not, go to MTU 3000 Error.
# ------------------------------------------------------------------------------ #
 
set _regexp_result [regexp {Success rate is 100 percent} "$_cli_result"]
    if {$_regexp_result == "1"} {
        set fd [open "flash:/$hostname.neht.csv" "w"]
        puts $fd "Test,Host,IP,Result \nMTU,$hostname,$loopback,Passed"
        close $fd
action_syslog msg "... PASS: All MTU tests were successful."
 
# ------------------------------------------------------------------------------ #
# MTU 3000 Error - Update the CSV and notify the log of this failure.
# ------------------------------------------------------------------------------ #
 
} else {
        set fd [open "flash:/$hostname.neht.csv" "w"]
        puts $fd "Test,Host,IP,Result \nMTU,$hostname,$loopback,Failed_3000 - Source:$lan_interface - Destination:$mtu_dest"
        close $fd
action_syslog msg "... ---> FAIL: Unable to ping $mtu_dest with an MTU of 3000."
 
}
 
# ------------------------------------------------------------------------------ #
# MTU 1600 Error - Update the CSV and notify the log of this failure.
# ------------------------------------------------------------------------------ #
 
} else {
set fd [open "flash:/$hostname.neht.csv" "w"]
        puts $fd "Test,Host,IP,Result \nMTU,$hostname,$loopback,Failed_1600 - Source:$lan_interface - Destination:$mtu_dest"
        close $fd
        action_syslog msg "... ---> FAIL: Unable to ping $mtu_dest with an MTU of 1600."
 
}
 
# ------------------------------------------------------------------------------ #
# MTU 1500 Error - Update the CSV and notify the log of this failure.
# ------------------------------------------------------------------------------ #
 
} else {
        set fd [open "flash:/$hostname.neht.csv" "w"]
        puts $fd "Test,Host,IP,Result \nMTU,$hostname,$loopback,Failed_1500 - Source:$lan_interface - Destination:$mtu_dest"
        close $fd
action_syslog msg "... ---> FAIL: Unable to ping $mtu_dest with an MTU of 1500."
 
}
 
 
# ------------------------------------------------------------------------------ #
# Lets begin our DNS tests. Lets update our log first.
# ------------------------------------------------------------------------------ #
 
action_syslog msg "..."
action_syslog msg "... Beginning DNS test."
 
# ------------------------------------------------------------------------------ #
# First, we need to clear out the cached DNS results from previous tests.
# ------------------------------------------------------------------------------ #
 
if [catch {cli_exec $cli1(fd) "clear host *"} _cli_result] {
    error $_cli_result $errorInfo
}
 
# ------------------------------------------------------------------------------ #
# We'll ping the clients Load Balanced FQDN, and see if it resolves.
# ------------------------------------------------------------------------------ #
 
if [catch {cli_exec $cli1(fd) "ping $office source $lan_interface"} _cli_result] {
    error $_cli_result $errorInfo
}
 
set _regexp_result [regexp {[OK]} "$_cli_result"]
if {$_regexp_result == "1"} {
set fd [open "flash:/$hostname.neht.csv" "a"]
puts $fd "DNS,$hostname,$loopback,Passed"
close $fd
action_syslog msg "... PASS: $office resolved successfully."
 
# ------------------------------------------------------------------------------ #
# If DNS resolved from router cache (which it shouldn't...), we check the response. 
# ------------------------------------------------------------------------------ #
 
} else {
 
set _regexp_result [regexp {!!!!} "$_cli_result"]
 
}
 
if {$_regexp_result == "1"} {
set fd [open "flash:/$hostname.neht.csv" "a"]
puts $fd "DNS,$hostname,$loopback,Passed"
close $fd
action_syslog msg "... PASS: $office responded to ping , but it was resolved from cache."
 
# ------------------------------------------------------------------------------ #
# If we didn't find an [OK] or a ping response, then we know some thing's wrong. 
# ------------------------------------------------------------------------------ #
 
} else {
 
set fd [open "flash:/$hostname.neht.csv" "a"]
puts $fd "DNS,$hostname,$loopback,Failed - Unable to resolve $office from client DNS."
close $fd
action_syslog msg "... ---> FAIL: DNS was unable to resolve $office. Please verify DNS configuration."
 
}
 
# ------------------------------------------------------------------------------ #
# Finally, lets check and see if the LB is actually listening on port 3389.
# If it's not, then we will update the log and CSV with a failure.
# ------------------------------------------------------------------------------ #
 
action_syslog msg "..."
action_syslog msg "... Beginning Load Balancer access test."
 
if { [catch {socket -myaddr $lan_ip $office 3389} result] } {
    action_syslog msg "... ---> FAIL: Unable to access $office over port 3389, from $lan_ip."
set fd [open "flash:/$hostname.neht.csv" "a"]
    puts $fd "Load balancer,$hostname,$loopback,Failed - Unable to access $office over port 3389 - source $lan_ip."
    close $fd
 
# ------------------------------------------------------------------------------ #
# If it did respond, we'll update the log and CSV with our results.
# Additionally, we will force close the connection we established.
# ------------------------------------------------------------------------------ #
 
} else {
set openport $result
    action_syslog msg "... PASS: $office responded over port 3389 - source $lan_ip."
set fd [open "flash:/$hostname.neht.csv" "a"]
    puts $fd "Load balancer,$hostname,$loopback,Passed"
    close $fd
close $openport
 
}
 
# ------------------------------------------------------------------------------ #
# All tests have now run. Good or Bad, lets log our current progress.
# ------------------------------------------------------------------------------ #
 
action_syslog msg "..."
action_syslog msg "... All tests have finished."
action_syslog msg "..."
action_syslog msg "... Uploading the results to NOP."
 
# ------------------------------------------------------------------------------ #
# Before we finish up, we need to upload the CSV to the NOP.
# ------------------------------------------------------------------------------ #
 
if [catch {cli_exec $cli1(fd) "copy flash:$hostname.neht.csv scp://username:password@host/$hostname.neht.csv"} _cli_result] {
error $_cli_result $errorInfo
}
set _regexp_result [regexp {Error} "$_cli_result"]
if {$_regexp_result == "1"} {
set fd [open "flash:/$hostname.neht.csv" "a"]
    puts $fd "Failed Upload,ERROR: $_cli_result"
    close $fd
action_syslog msg "... ---> FAIL: Upload was unsuccessful. The error dump can be viewed by running the following command:"
action_syslog msg "... ---> FAIL: \"more $hostname.neht.csv\" - These logs will be deleted on the next health test."
action_syslog msg "..."
} else {
action_syslog msg "... Upload Successful."
action_syslog msg "..."
}
 
# ------------------------------------------------------------------------------ #
# We'll enable file prompting now, since we disabled it earlier.
# ------------------------------------------------------------------------------ #
 
if [catch {cli_exec $cli1(fd) "conf t"} _cli_result] {
    error $_cli_result $errorInfo
}
 
if [catch {cli_exec $cli1(fd) "file prompt"} _cli_result] {
    error $_cli_result $errorInfo
}
 
if [catch {cli_exec $cli1(fd) "end"} _cli_result] {
    error $_cli_result $errorInfo
}
 
# ------------------------------------------------------------------------------ #
# Now that our results have been uploaded, lets log it and close the CLI.
# ------------------------------------------------------------------------------ #
 
catch {cli_close $cli1(fd) $cli1(tty_id)} result
action_syslog msg "... Network Environment Health Test is now complete."
 

 

 

In general, it looks okay.  You could consolidate the regexp checks into a single "if" block:

 

if { [regexp ...] } {

...

}

 

Also, sending a syslog of "..." doesn't really help that much as you could get syslogs interwoven with your script's messages and the clean format you're looking for won't happen.  You're trying to replace puts with syslog, and you just won't get that same behavior.

Thanks for the feedback!


I'll work on cleaning up my syslogs, as I noticed the behavior you described. After that, I'll do my best to consolidate the regular expressions. I noticed that this script is getting a bit longer than I'd like it to be.

 

DNS may be a pain point for me. It's so odd, because none of my other routers are displaying this behavior. All others run the DNS test without issue. I just have this single device that will sometimes fail the test because it's pulling from cache. The config doesn't show the router as handing its self out as the DNS server, so I have no clue why my clear cache command isn't clearing it...

Maybe I'll just keep this configuration, as checking for a ping response is a decent fallback if the [OK] isn't detected. It's just not ideal, as it could produce a false positive.

If you're really concerned, you can check out this tclsh script for performing DNS A and PTR lookups:

 

https://supportforums.cisco.com/document/77041/tclsh-implementation-host-nm

I didn't read all your description, but your error "read not ready" also occured to me. I read that your "clear" command freezes the TCL script. I think it could be because this type of command requires confirmation like "yes" and the cli_exec doesn' provides it. However I didn't find any solution now.

Review Cisco Networking for a $25 gift card