Monitor Changes in Network Switches using Python: Majority of the network failures are the results of either wrongly configured network devices or sudden changes in their network configuration, it shuts down the entire network or slows down the network performance. If someone breaks in and changes the configuration of the devices, network operators won’t notice until the network shows issues. And to solve these issues, if network administrators go on to manually track those changes in every single network device, it will take forever to check in a bigger network and it can further complicate networks because of possible human errors.
Out of all possible solutions that address network failures due to changes in the structure of network devices, automating the process to save those changes in the files and forwarding those changes to respective network administrator is the best possible solution, and that is what my project is all about. I have used three virtual Arista machines to replicate physical switches. I used netmiko module in python to connect to network switches. I created Microsoft loop back adapter to connect my computer to virtual Arista switches. I used difflib module to compare two configuration files, date time module to track when configurations were recorded and smtplib module to send email to the network administrator.
Introduction to Monitor Changes in Network Switches using Python
It is pretty clear that the changes in the structural aspect of network devices have contributed to high percentage of network failure issues. It is unavoidable in the network industry we are in, the changes in those devices sometimes can be a result of attackers taking over the network and we will not know unless it directly starts impacting the network performance and causes it to shutdown at some point.
To solve this issue, manually checking the configuration of network devices could be one option, a network administrator would go to the device location physically and check for changes in the network structure, however in the wide-network, this approach is not feasible, considering the time it would take to go and manually check for configuration changes in every single device on a network, also if network administrator misses or alters something by mistake, it will produce another series of failure in the network. Hence, to avoid further impacts on network because of human errors, I suggest we should take automation as a solution to issues caused by configuration changes in our network.
In this project, “Monitor changes in network switches and report back to network administrator through email”, I used different modules like difflib, datetime and smptplib in python to compare differences between two configuration files, record time of when those settings were recorded and forward changes notifications through email.
Modules Used
- Netmiko
Netmiko is the easiest python script that helps to establish connection with device types of different providers, and paramiko is another alternative but it offers SSH connections at lower level and since netmiko can be used to connect a wide number of devices, I decided to go with it. I used ConnectHandler class from netmiko to establish a connection with Arista switch in my project. The ConnectHandler class takes parameters required for SSH connection as inputs. In this projects it takes device_type, ip_address, username, password and global_delay_factor as inputs. I included global_delay_factor as well so that even if there is some delay and the connection is not established for a while, netmiko won’t give error.
|
1 2 |
session = ConnectHandler(device_type=device_type, ip=ip_address_Switch, username=user_name, password=password_key, global_delay_factor=4) |
- Difflib
Difflib module in python is used to comparison. It takes multiple inputs and after differentiating between these files, produces desired output in different forms. I used htmldiff class to get the output in a table form for easy comparison and clear visual. I used make_file constructor for line by line comparison in between two files from different time format.
|
1 2 3 |
compare = difflib.HtmlDiff().make_file(fromlines=old_file.readlines(), tolines=new_file.readlines(), fromdesc=(datetime.date.today() - datetime.timedelta(days=1)).isoformat(), todesc=datetime.date.today().isoformat()) |
- Datetime
The datetime module of python is used to record date and time parameters when working with classes, they are objects and, in this project, since I was comparing files from two different time formats, I used this module to record time of when the configuration file was recorded. In this project, datetime.date.today() gives today’s date and I used timedelta(days=1) to mimic yesterday’s date in the project for date-to-date comparison. The isoformat provides date in the format of (YYYY-MM-DD).
|
1 |
datetime.date.today() - datetime.timedelta(days=1)).isoformat() |
- Smtplib
This module in python is used by the client to establish a connection and transfer mail to any other device on internet. I used this module here for sending email notifications about configuration changes in network devices to the network administrator. I used gmail server as the host ‘smtp.gmail.com’ and assigned it’s port number 587 on port field. To make the connection more secure, I used starttls command to make the connection secure so that everything that follows after SMTP will be encrypted and network configuration changes file will not be accessed by attackers.
|
1 |
server = smtplib.SMTP('smtp.gmail.com', 587)server.starttls() |
Network Switch_Setup
I used oracle VM VirtualBox manager to create replicas of three network switches as shown in the image below:
Figure 3: Oracle virtualBox manager showing threee network Switch 1, Switch 2 and Switch 3
Figure 4: Three network switches up and running
Project Source Code
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 |
# Importing the necessary modules import difflib import datetime import smtplib from email.mime.multipart import MIMEMultipart from email.mime.text import MIMEText from netmiko import ConnectHandler #defining the command to send to each device command = 'show running' class read_from_files(object): #defined class and the init function contains initialization for information of virtual arista devices fro successful ssh connection def __init__(self, device_type, ip_address, username, password): self.device_type=device_type self.ip=ip_address self.username=username self.password=password #defining write function to read configuration information of network devices from yesterday's date and today's date and compare those two files def write_fromfile(self): #establishing session to connect to device using SSH session = ConnectHandler(device_type=self.device_type, ip=self.ip, username=self.username, password=self.password) #entering the session enable = session.enable() #sending commmand and storing output output = session.send_command(command) #defining the file from yesterday, for comparison old_configfile = 'configfiles/' + self.ip + '_' + ( datetime.date.today() - datetime.timedelta(days=1)).isoformat() #writing the command to a file for today with open('configfiles/' + self.ip + '_' + datetime.date.today().isoformat(), 'w') as new_configfile: new_configfile.write(output + '\n') #extracting differences between yesterday's and todays file in HTML format with open(old_configfile, 'r') as old_file, open( 'configfiles/' + self.ip + '_' + datetime.date.today().isoformat(), 'r') as new_file: compare = difflib.HtmlDiff().make_file(fromlines=old_file.readlines(), tolines=new_file.readlines(), fromdesc=(datetime.date.today() - datetime.timedelta( days=1)).isoformat(), todesc=datetime.date.today().isoformat()) #sending differences to mail function for forwarding as email read_from_files.mail(compare) #defining function for sending comparison report via email def mail(compare): #using mimemultipart to email differences msg = MIMEMultipart() msg['From'] = fromaddr msg['To'] = toaddr msg['Subject'] = 'Configuration comparision Report' msg.attach(MIMEText(compare, 'html')) try: server = smtplib.SMTP('smtp.gmail.com', 587) server.starttls() server.sendmail(fromaddr, toaddr, msg.as_string()) server.quit() print("email sent successfully") except Exception as e: print(e) print('something went wrong...') #defining information of each arista virtual switches like device_type,ip,username and password if __name__ == "__main__": Switch1 = read_from_files("arista_eos", "10.10.10.2", "paru", "5182") #sending information of each virtual device to write function for reading and comparison read_from_files.write_fromfile(Switch1) Switch2 = read_from_files("arista_eos", "10.10.10.3", "paru", "5182") read_from_files.write_fromfile(Switch2) Switch3 = read_from_files("arista_eos", "10.10.10.4", "paru", "5182") read_from_files.write_fromfile(Switch3) |
For Automation
Crontab
For automation of the project that compares the configuration file for a networking device and sends the changes through email, I used crontab in the ubuntu machine. Crontab can be used for any program repeatedly in a given schedule. My project is supposed to automatically send the comparison file to network administrator every day and hence I used crontab to run my project file ‘config.py’ every morning at 5 a.m.
05*** cd /home/paru && sudo python3 config.py
Output:
Figure 6: Program Output
Figure 7: Mail Report of Switch 1
Figure 8: Mail report of switch 2
Figure 9: Mail report of Switch 3.
After successfully executing the project code, I got the comparison file in the email I specified ‘[email protected]’ which I designed just for the execution of this project. Above is the side-by-side comparison of configuration file for three Arista switches in different time formats of 2020-05-11 and 2020-05-12.
Conclusion and Lesson Learned
I found that automatically monitoring for changes in the network devices and letting a software do the comparison in between config. files of different time format is much more reliable and time-saving approach than the other possible solutions out there. And, emailing those changes to concerned network authorities solves these configuration failure issues and saves time. With these types of simple approaches, network is advancing towards progressive automation. Thus we can prevent accidents even before they happen.
Finally, by the end of this project I was familiar with virtual machines and how they work.
I got errors while trying to email those files using smptp and I found that goggle automatically band the email from certain servers considering them unsafe, so I had to change the gmail setting to allow for those emails, I went through tackling multiple errors like that which helped me to better understand the programming environment and how easy it is to learn coding with python. I will continue developing codes with python.
_______________________________________________________________________________
Pramila Parajuli Gautam is an electronics engineer complected her engineering degree from Western Regional Campus, Pokhara Nepal. Now she is working as Network Engineer and studying Master’s degree in Telecommunication George Mason University, fairfax, USA.