Tracer: Verify Packet Paths Through Network (tracer)

The tracer program is a utility that performs traceroutes from a Cisco Router and compares the recorded path with the expected path. The expected path is predefined through an input file. The script will cycle through a list of routers and perform traceroutes to predefined destinations. If the recorded path does not match the expected path an error message is written to the summary log file. An error message is also logged if the traceroute fails. Due to new newly added features in for version 4.3.2, the new tracer input file is slightly different although the tracer script is backward compatible with the previous tracer input file.

Script Argument	Description
-nopath	Perform the traceroutes but do not compare the actual traceroute path against the expected traceroute path. This may be useful if you would just like to perform the traceroutes and record the output. If the actual path is not equal to the expected path, an error message will NOT be logged.
-sf <filename>	Input variable file which tells the program which routers the pings will be performed from, the source IP addresses to use for the pings and the addresses to ping. The sample template filename is pinger_template.txt (REQUIRED)
-ual (1 or 2)	User Access Level. Tells the script what access-level (1st or 2nd) to log into the router before sending the commands. By default the script will only go into 1st level access. (OPTIONAL but most likely necessary)
-nokey	Don’t prompt user for encryption key when using encrypted password file. (OPTIONAL)
-ssh	Use Secure Shell when accessing routers. Do NOT use with -pw option. (OPTIONAL)
-pw <filename>	Login/Password File. (OPTIONAL)
-log <filename>	Save detailed trace file to a name other than the default file name. (OPTIONAL)
-ulog	Unique Log file. Save detailed trace log file to a Unique filename automatically created by script. Filename will be in format of scriptname_timestamp.log. (OPTIONAL)

The traceroutes that will be performed are controlled by the variables in the input file (-sf <filename>). This file is in TCL format and contains TCL list variables. The list variable RTR_LIST defines the list of routers that the script will telnet to, as well as the source IP address that should be used for the traceroutes. It also includes another variable, DEST_LIST_x, that defines the traceroutes that will be performed while telneted into each router. The value of x, in DEST_LIST_x, is a numerical value that must be different for each router.

Below shows a sample entry for the RTR_LIST variable. The first item in the list “ny1” is the router that the traceroutes will be performed from. The script will actually telnet into this router. This must be an IP Address or a name that can be resolved through DNS. If the -pw <password_file> option is used, then this IP Address/Name must also be defined in the password_file. (Note, they must match exactly [case sensitive]). The second argument is another variable (DEST_LIST_x) that contains the associated list of traceroutes to check while in that router. The last item in the list is the source IP address to use when performing trace routes from this router. If you would like to use the default source IP address that the router would use, then just specify two double quotes with nothing between them ( the sample line below shows this) or you could specify the key word default for the source IP.

Below shows a sample of DEST_LIST_x. The first item in the list, “10.30.30.1” is the destination of the traceroute. The second item can have a value of yes or no and tells the script whether to compare the expected route to the actual route or to just check whether the trace route is successful. The third item, “1.1.1.1 1.1.2.1 1.1.3.1 1.1.4.1”, is the actual expected trace route path. If a value of no is entered for the second item, the third item must still have a “dummy” expected trace route path or just two double quotes with nothing in between them (e.g. “”)

New in version 4.3.2, the tracer script now supports traceroute paths with multiple “primary” paths due to “load balancing”/redundancy. For this scenario, all you do is add a second (or third, forth, or more!) list entry with the same exact destination but a different path. The script will then check both of these entries. Here is an example of traceroute paths to 10.30.30.1 with 3 possible different trace route paths:

lappend DEST_LIST_1 [list "10.30.30.1" "yes" "1.1.1.1 1.1.100.1 1.1.150.1 1.1.4.1"]

lappend DEST_LIST_1 [list "10.30.30.1" "yes" "1.1.1.1 1.1.200.1 1.1.250.1 1.1.4.1"]

Below shows the sample input file (tracer_template.txt) that is provided with the program and should be used as a template when creating your own input files. If the end-user installation instructions were followed (Section 3.2.2), this sample template file should be in the same directory where you run the scripts from. (Note, for MS Windows, the installation utility automatically copies this template file to the C:\Program Files\net-sense\userdata directory.)

###############################################################################################
# Note, the yes/no field is whether or not the traceroute should be successfull.
# This is good for failure scenarios where you may want to confirm that a
# traceroute fails after a failure scenario was introduced
# The expected "trace route path list" is compared against the actual
# path when the script runs
#########################################################################################################
# For router: BR1
# Variables                  subnet     yes/no "expected trace route path list"
#########################################################################################################
lappend DEST_LIST_1 [list "10.30.30.1" "yes" "1.1.1.1 1.1.2.1 1.1.3.1 1.1.4.1"]
lappend DEST_LIST_1 [list "10.4.4.2" "yes" "1.1.1.1 1.1.6.1 1.1.7.1 1.1.8.1"]

#########################################################################################################
# For router: SJ2
# Variables                  subnet     yes/no "trace route path list"
#########################################################################################################
lappend DEST_LIST_2 [list "10.30.30.1" "yes" "2.1.1.1 2.1.2.1 2.1.3.1 2.1.4.1"]
lappend DEST_LIST_2 [list "10.4.4.2" "yes" "2.1.1.1 2.1.6.1 2.1.7.1 2.1.8.1"]

#########################################################################################################
# For router: 192.168.1.40 (3745)
# Variables                  subnet     yes/no "trace route path list"
#########################################################################################################
lappend DEST_LIST_3 [list "10.30.30.1" "yes" "3.1.1.1 3.1.2.1 3.1.3.1 3.1.4.1"]
lappend DEST_LIST_3 [list "10.30.30.1" "yes" "3.1.1.1 3.1.6.1 3.1.6.1 3.1.6.1"]

################################################################################
# The list of routers to telnet to and perform a trace route
# Field Definitions:
# 1. rtr: Router to telnet to and perform trace routes
# 2. The associated trace route destinations to check on this router
# 3. Source IP Address used for traceroutes from this router. To use the default
#    address that the router wants to use, just leave the value, between the two
#    double quotes, to nothing, or put in the key word default (see samples below)
################################################################################
#                       rtr dest_list        src_IP
################################################################################
lappend RTR_LIST [list "br1" "$DEST_LIST_1" "1.1.1.1"]
lappend RTR_LIST [list "sj2" "$DEST_LIST_2" ""]
lappend RTR_LIST [list "192.168.1.40" "$DEST_LIST_3" "default"]

Sample Command: The following command will run the tracer utility using the information contained in the file tracer_northeast.txt. The –ual option instructs the script to login into 2nd level access (i.e. privileged mode). The script will not prompt the user for passwords because the passwords are being read in from the logins.txt file (-pw option).