I have a kind of complicated script I need to run and I'm not sure if it's possible or the best way to do it. I need to update NTP servers across every device (about 500). All devices are Cisco but there are some Switches (nexus and catalyst), routers and ASA. I have no problem adding the new servers, in fact this has mostly been done already, but I'm having issues removing the old one as there was no standard before so there is no way of just stating something like "if RegEx expression 'NTP server 126.96.36.199' is found, run script 'no NTP server 188.8.131.52" as the IP I need to remove can vary.
So let's say the new NTP servers have an IP of 10.0.0.1 and 10.0.0.2. Is there a way of running something to search for instances of "ntp server" but ignore the "ntp server 10.0.0.1" and "ntp server 10.0.0.2", and then to take that output and "no" them?
I'm sure that there's a way to do it, but when I did this for TACACS+ servers at my last company, I elected to do it the simple way.
My script was basically:
no ntp server 10.0.0.1
no ntp server 10.0.0.2
no ntp server 10.0.0.3
(repeat for however many you might have)
ntp server 10.1.1.1
ntp server 10.2.2.2
ntp server 10.3.3.3
(repeat for the new ones and put them in the preferred order)
I don't know the exact SW command syntax, but if the old servers are all in private IP space, you can search for ranges of IP addresses to remove, and just avoid the new addresses.
10.0.0.3 - 10.0.0.254 (skip .1 and .2) = 10\.0\.0\.([3-9]|[1-9]\d|1\d\d|2[0-4]\d|25[0-4])
Thankfully there is an online tool for creating IP ranges here: https://www.analyticsmarket.com/freetools/ipregex
It puts a ^ at the beginning and a $ at the end of each expression. They specify 'start of line' and 'end of line' respectively. You probably want to leave those off.
The longer the range of IPs, the longer the expression, so if the old servers use random Internet-routable IPs, this method might get a little crazy. In that case, it might be better to simply search for all entries (ntp server .*) and save them to a list. Then you can create multiple smaller ranges and make a few passes.
Just for fun ...
184.108.40.206 - 220.127.116.11:
This is fairly simply to due with compliance policies. I only use 2 rules to fix this for all of my Cisco IOS/IOS XE devices.
First rule is to remove any non-approved NTP servers
The other is to input the new correct servers.
Setup in this way I have been able to turn on auto-remediation for them and having had an issue since. Just make sure you don't apply this policy to your NTP servers if you are using a router for that.
Let me know if this works out for you!
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.