oreilly.comSafari Books Online.Conferences.


AddThis Social Bookmark Button

Cisco Router Management Using Tcl on Mac OS X
Pages: 1, 2

Connecting to the router's HTTP server using Tcl

Related Articles

Network Test Automation with Mac OS X and Tcl

Multicast Architectures

Accessing a Cisco Router

Our first Tcl coding project will demonstrate how to connect to the Cisco router's IOS HTTP server. The Tcl routines we need have been placed into a library file, IOSHttp.tcl. This file needs to be sourced in our Tcl script. The library IOSHttp.tcl initializes the Tcl HTTP library. The library also contains routines for basic HTTP authentication; see Website Password Authentication with Tcl by Tony Darugar. Darugar's libraries, base64.tcl and http_pwd_encode.tcl, are loaded for base 64 authentication. The first line of the coding example looks like:

source IOSHttp.tcl 

This loads our library of canned HTTP routines into the Tcl interpreter. Next, we set up the router IP address and authentication ID.

# set router http server address 
set router "" 
set url $router 
# set the HTTP Basic Authentication 
set username "spongebob" 
set password "ixnay123" 
set basicAuth [GetBase64String $username $password] 

The Tcl procedure GetBase64String, in IOSHttp.tcl, is the wrapper for Tony Darugar's base 64 library calls. The encoded base 64 result is stored in the Tcl variable basicAuth. This variable initialization is critical for basic HTTP authentication. Once basicAuth is set, we can connect to the Cisco router's IOS HTTP server, using the following code snippet.

# connect to the router via http server 
set statusToken [GetHttpServerURL $basicAuth $url] 

Once again, the IOSHttp.tcl library primarily contains wrapper functions. GetHttpServerURL is the wrapper for the Tcl HTTP package. The parameters passed in are the basicAuth string and a url string. The function returns a token that contains the name of the global status array. The status array holds information about the state of the URL transaction. To retrieve the actual contents of the HTML sent by the router, we must pass the statusToken to the IOSHttp procedure, GetHttpServerHTML.

# retrieve the HTML response from the globl state array 
set rawHtml [GetHttpServerHTML $statusToken] 
puts $rawHtml 

That's it! Everything you need to connect to your router in about nine lines of Tcl code. The complete listing for this example is provided in source code file, example1.tcl. Next, let's take a look at how to access the router's Cisco IOS exec mode. This is the level you'll need to access for router automation and control. To test the script, execute the following from the workstation command line:

spongebob# tclsh example1.tcl 

IOS exec level operation

All critical router operations and modifications are performed at the IOS exec level. This includes show commands and entering the router's configuration mode. I'll demonstrate in this example how to execute the IOS exec command show interfaces.

lab_router#sh interfaces 
Ethernet0 is up, line protocol is up 
Hardware is Lance, address is 0050.5433.813c (bia0050.5433.813c) 
Internet address is 
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation ARPA, loopback not set 
Keepalive set (10 sec) 
ARP type: ARPA, ARP Timeout 04:00:00 
Last input 00:00:00, output 00:00:00, output hang never 
Last clearing of "show interface" counters never 
Queueing strategy: fifo 
Output queue 0/40, 0 drops; input queue 0/75, 0 drops 
5 minute input rate 1000 bits/sec, 2 packets/sec 
5 minute output rate 1000 bits/sec, 2 packets/sec 
237207 packets input, 17505813 bytes, 0 no buffer 
Received 147438 broadcasts, 0 runts, 0 giants, 0 throttles 
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 
0 input packets with dribble condition detected 
209269 packets output, 14241109 bytes, 0 underruns(3/1/0) 
2 output errors, 4 collisions, 11 interface resets 
0 babbles, 0 late collision, 20 deferred 
2 lost carrier, 0 no carrier 
0 output buffer failures, 0 output buffers swapped out 

You can accomplish this functionality using our IOSHttp.tcl library. First, you must understand how the IOS parser operates and which mode commands operate in. All the show commands in IOS belong to the exec mode. The URL for show interfaces is simply /exec/show/interfaces/CR. Our code looks like this:

set router 
set iosurl /exec/show/interfaces/CR 
set url $router$iosurl 

In case you were wondering, yes, the CR is required at the end of a command. The CR instructs the parser to terminate and no other command options are present. The code for show interfaces is presented in example2.tcl. The example script can be executed from your workstation:

spongebob# tclsh example1.tcl 

The tip of the iceberg

Okay, so you can execute a "show interfaces" command via HTTP. Big deal, right? Well, this simple snippet of code is just to get you started. You now have your foot in the door -- of your router, that is. All operations can be performed on your router using the HTTP server, just as if you were sitting at a console. The exception to the rule is in the fact you can't perform a reload (reboot the router). You can do everything else though, and this is where the HTTP server becomes invaluable. Another consideration is to incorporate TACACS+ with the HTTP server, if you're using these network security authentication servers. Once you master regular expressions in Tcl, you'll be banging out traffic statistic charts, or monitoring what routers are running what images. The possibilities are limitless.

Michael J. Norton is a software engineer at Cisco Systems.

Return to the Mac DevCenter.