OP script - look up a vendor mac oui directly from a juniper switch using slax and cURL

I found a couple of cool things in Juniper scripting.

There is the ability to retrieve data over an internet connection using curl. From Juniper - cURL is a tool that uses the libcurl library and permits data transfers using a number of protocols, including FTP, FTPS, HTTP, HTTPS, SCP, and SMTP.

BTW I'm using cURL on an EX switch that is running 12.3R3.4. I didn't see this on 11.4 code.

This got me thinking. Whenever I'm troubleshooting a switch, usually due to some errant device in the network, I have to look up the IEEE Mac OUI address. This entails copying each mac address in the mac table of the script. Then I can go to a website like www.macvendors.com and paste the MACOUI to retrieve the vendor of the mac. This could be a pain if you had to parse through hundreds of mac addresses.

Luckily, macvendors.com has an API. 

So what if we used the power of curl and scripting to do this for you. Instead of having to open up a separate web browser, have the switch fetch the info over the internet and do it for you.

See the difference below.

{master:0}[edit]

user@SWITCH# run show ethernet-switching table                  

Ethernet-switching table: 9 entries, 6 learned, 0 persistent entries

  VLAN             MAC address       Type         Age Interfaces

  v250              *                 Flood          - All-members

  v150              *                 Flood          - All-members

  v150              00:00:05:00:00:00 Learn          0 ge-0/0/47.0

  v150              00:21:59:c7:09:41 Learn          0 ge-0/0/47.0

  v150              00:24:dc:d3:1a:10 Learn          0 ge-0/0/45.0

  v100              *                 Flood          - All-members

  v100              00:00:03:00:00:00 Learn          0 ge-0/0/45.0

  v100              00:24:dc:d3:1a:10 Learn          0 ge-0/0/45.0

  v100              a8:d0:e5:5a:59:08 Learn          0 ge-0/0/45.0

Now as an OP script:

{master:0}[edit]

user@SWITCH# run op mac-resolve                   

Vlan           Mac address Interfaces       Age Vendor 

v150  00:00:05:00:00:00 ge-0/0/47.0 0 XEROX CORPORATION

v150  00:21:59:c7:09:41 ge-0/0/47.0 0 Juniper Networks

v150  00:24:dc:d3:1a:10 ge-0/0/45.0 0 Juniper Networks

v100  00:00:03:00:00:00 ge-0/0/45.0 0 XEROX CORPORATION

v100  00:24:dc:d3:1a:10 ge-0/0/45.0 0 Juniper Networks

v100  a8:d0:e5:5a:59:08 ge-0/0/45.0 0 Juniper Networks


Now I can imagine if you really wanted to do some kind of accounting, you could create a Web page of equipment and users in your network. You could create scripts to populate this database. For example, DHCP users would have both their user logins and mac addresses. Then you could build onto this script by extracting the user login and show the user who is connected to the interface above.

The source code

-----------------

version 1.1;

ns curl extension = "http://xml.libslax.org/curl";

ns junos= "http://xml.juniper.net/junos/*/junos";

ns xnm= "http://xml.juniper.net/xnm/1.1/xnm";

ns jcs= "http://xml.juniper.net/junos/commit-scripts/1.0";

import "../import/junos.xsl";

match / {

    <op-script-results> {

        var $mac-info =  <command> "show ethernet-switching table";

        var $mac-table = jcs:invoke($mac-info);

        <output> "Vlan\tMac address\t\tInterfaces\tAge\tVendor ";

        for-each($mac-table//mac-table-entry) {

          if (current()/mac-address != "*") {

        var $test = current()/mac-address;

        var $str = substring ($test,1,8);

          var $url = "http://api.macvendors.com/" _ $str;

        var $options := {

        <url> $url;

        <method> "get";

        }

        var $curl = curl:open();

        var $results = curl:perform($curl,$options);

        var $int = current()/mac-interfaces-list;

        var $int2 = translate ($int, "\t\n\r", "");

        <output> current()/mac-vlan _"\t" _ current()/mac-address _"\t" _ $int2 

_ "\t"_ current()/mac-age _ "\t"_ $results/raw-data;

        expr curl:close($curl);

            }

        }

    }

}