But what if you want to make bulk edits to those devices? what if clearpass or the aruba controller blips and your devices are not connecting? How can you find all of the devices across your network that are in a failed state? Below we well work through how to set up Python to allow for you to solve some of these issues and fix them without manually logging into every switch.
Python + Aruba CX
The below code is for Aruba CX switches that are configured for UBT, based on the role that the devices are pulling we can sort by those devices only to be able get the data we need.
* In this program we will be finding all of the devices that are pulling a certain role and then shutting the port off then turning it back on.
1. First thing we will need will be all of the packages.
from netmiko import ConnectHandler
from getpass import getpass
import requests
import urllib3
import re
import time
import getpass
2. Next set up our input. this will allow us to select a "site" which will be a text file with all of our switch IP's that we are going to be logging into.print(" 1 = Site1 \n 2 = Site2 \n Select Site:")
site = input()
print(f"Site Selected: {site}")
print("----------------------------------")
print("----------------------------------")
print(" 1 = wired_l1_game_dur-3142-2 \n 2 = wired_l2_print_dur-3134-6 \n Select Role:")
role = input()
if campus == "1":
file = [line.strip() for line in open("site1.txt", 'r')]
if campus == "2":
file = [line.strip() for line in open("site2.txt", 'r')]
##### Add more roles to the print output line if you have more to add
#print(file[])
#file.close()
if role == "1":
policyrole = "wired_l1_game_dur-3142-2"
if role == "2":
policyrole = "wired_l2_print_dur-3134-6"
## Add more roles if you have more to add
print("Enter Username:")
username = input()
print("Enter Password:")
password = getpass.getpass()
creds = {"username": {username}, "password": {password}}
3. We need to be able to log into the switch, we do this with the plugin NetMiko with the Connection Handler, this will read the text file we have loaded and pull in the switch IP address for each line so we can check the switch interfaces. The program will run through each line from the text file until it reaches the end.for selectIP in file:
#print("Enter the Switch IP:")
ip_add = selectIP
print(ip_add)
session = requests.session()
net_connect = ConnectHandler(
device_type="aruba_procurve",
host=ip_add,
username=ausername,
password=apassword,
)
4. Here is where the ports are actually changed. We will send a command to the switch to show the port role, get the information then bounce each interface with the same role. The program will print out which switch it is connected to as well as the ports that were changed when you run the command... This will help you know which ports were changed as well as to go back and check if you wanted to.4. Here is where the ports are actually changed. We will send a command to the switch to show the port role get the information then bounce each on of those ports for that specific role.output = net_connect.send_command(f"show port-access clients role {policyrole}")
to1 = output.split("\n")
print(f"Ports that have role: {policyrole}:")
for to in to1 :
to = to[2:]
to = to.split(" ")[0]
if re.search("[\d]+/[\d]/[\d]+",to):
print (to)
to2 = to.split("/")
output1 = [f"interface {to2[0]}/{to2[1]}/{to2[2]}","shut"]
net_connect.send_config_set(output1)
time.sleep(1)
output2 = [f"interface {to2[0]}/{to2[1]}/{to2[2]}","no shut"]
net_connect.send_config_set(output2)
net_connect.send_config_set(f"wr mem")
net_connect.disconnect()
print(f"Logged out from Switch!")
