Continuing to prove that we are never to old to learn, I bring another tip to the table today, this time to do with the show config. Of course, by that alone I show my age because I’m sure “show config” was supposed to have been phased out by now along with “wr t” and the like, in favor of “show running-config” and “show startup-config”. For your amusement perhaps, I tend to use two variations of the commands:
- show config (to show the startup configuration)
- show running (to show the running confiuration)
Enough about my habits though; what’s the “new” thing I learned?
I tend to fall back on doing things the same way over time (old habits die hard), so when I’m examining specific parts of a configuration I find myself doing the same thing, and I’ve never seen a need to change. My way works on pretty much every version of IOS going back a long way. It’s the same reason I learned to edit text files in vi rather than using emac or pico; not every *nix system had emacs on it, but pretty much every single system had vi, so my skills were eminently portable!
What this means is that I don’t go looking for new ways to do things if what I have works already. So for example, if I want to view the BGP configuration on a router, my habit is thus:
show run | b r bgp
Works very nicely in 99% of cases, and this way of doing things can be applied to things other than BGP. Want to see the raw route-map configuration (rather than via “show route-map”)? Easy:
show run | b ^route-m
Want to see the static routes? Sure:
show run | i ip route
I’m a regex geek, so putting aside my annoyance that regular IOS doesn’t allow you to pipe output from one command into another, I can usually pull out the information I need.
Learning New Things
A year or so back I was working on a project with an engineer from a service provider and he pasted me some output we needed from one of his routers. The command was:
show run | sec bgp
Huh? What’s the “sec” thing? I hadn’t come across it before. The ‘section’ filter was apparently added in 12.3(2)T, so it has been around for a long time, but it had somehow totally passed me by. When I queried this, the other engineer laughed and asked me how I survived without that command? Well, just fine it seems, but… another tool for the toolbox, right?
Reading the command reference for IOS doesn’t really make it very clear how cool this command is for viewing configurations. When you use the ‘sec’ command, it not only includes lines containing the expression you supply, but it also matches sections of the configuration (bits with a blank line above them) that contain the expression you give, and includes the whole section (the indented configuration below) in the output. So when you execute “show run | sec bgp” it’s going to match on the line “router bgp xxxxx” and include the entire block of BGP configuration that follows. It would also match on any other line including “bgp”. And like all IOS matches, it’s case sensitive (and I don’t think you can change that), which is a shame, because in an ideal case-insensitive world you could use ‘BGP’ in any BGP-related route-map names, and then get those returned too. As it stands, you’d have to use ‘bgp’ in order to match. Still, food for thought.
So let’s try looking for ‘bgp’:
router#sh run | sec bgp redistribute bgp 65000 metric 50000 400 254 1 1500 router bgp 65000 no synchronization bgp router-id 10.1.1.1 bgp log-neighbor-changes network 0.0.0.0 network 10.0.0.0 timers bgp 10 30 neighbor 10.1.1.2 remote-as 65001 neighbor 10.1.1.2 send-community both neighbor 10.1.1.2 soft-reconfiguration inbound no auto-summary ! ip bgp-community new-format access-list 198 permit tcp host 184.108.40.206 eq bgp any access-list 198 permit tcp host 220.127.116.11 any eq bgp snmp-server view MONITOR bgp excluded snmp-server enable traps bgp
What do we see? Well, we see some lines from within other sections:
redistribute bgp 65000 metric 50000 400 254 1 1500
In this case, it’s from within the ‘router eigrp’ section, but since it contains the word ‘bgp’, it’s included. The same applies to the last 5 lines of the output:
ip bgp-community new-format access-list 198 permit tcp host 18.104.22.168 eq bgp any access-list 198 permit tcp host 22.214.171.124 any eq bgp snmp-server view MONITOR bgp excluded snmp-server enable traps bgp
These lines are the same ones you would see if you did “show run | i bgp” – a simple pattern match. Where the ‘section’ command is different is that because the pattern “bgp” was matched in this line:
router bgp 65000
and this line begins a ‘section’, the whole section (the BGP configuration) is included.
Really though, “section” is just semi-smart pattern matching, and it’s not quite as powerful as I’d ideally want. You can’t use the command and assume you have seen all relevant configuration.
What I would like to see is a new command – let’s call it “related” – that shows me all configuration related to BGP. So for example, if I have a route-map applied to a BGP neighbor, I’d like that route-map configuration to be shown in my output too. In turn, if that route-map refers to a prefix-list or access-list in a match clause, I’d like the option to include those too. Perhaps the command needs to have a default behavior which is to only follow references one layer down, and an option to specify how many iterations you can go through, e.g.:
|show running | related bgp||Shows bgp router config, and includes any referenced route-maps, prefix-lists, etc.|
|show running | related2 bgp||Shows bgp router config, and includes any referenced route-maps, prefix-lists, etc. Where a route-map references an ACL, prefix-list, as-path access-list or similar, that too would be included in the output – i.e. we are recursing references two layers down|
Think about how handy this would be for QoS configurations, for example? The standard modular QoS configuration is very logical but it’s a huge pain to follow in the configuration because every clause refers to some other snippet of configuration. Wouldn’t it be great if you could see all referenced configuration for a particular policy in a single command?
I can dream… Would you like a command like this? Do you have a better idea? Please let me know!