Connecting to Lab Devices

netlab connect command uses information stored in the netlab snapshot file and reported with the netlab inspect --node command to connect to a lab device or tool using SSH or docker exec.


usage: netlab connect [-h] [-v] [-q] [--dry-run] [--snapshot [SNAPSHOT]]
                      [-s SHOW [SHOW ...]]

Connect to a network device or an external tool

positional arguments:
  host                  Device or tool to connect to

  -h, --help            show this help message and exit
  -v, --verbose         Verbose logging
  -q, --quiet           No logging
  --dry-run             Print the commands that would be executed, but do not execute them
  --snapshot [SNAPSHOT]
                        Transformed topology snapshot file
  -s SHOW [SHOW ...], --show SHOW [SHOW ...]
                        Show command to execute on the device

The rest of the arguments are passed to SSH or docker exec command


The ‌–show option must be used after the host parameter, as the ‌–show option consumes all arguments specified after it.

Collecting Device Data

netlab connect uses the lab snapshot file (default: netlab.snapshot.yml) to read device- and node information. You can overwrite the default snapshot file with the --snapshot command line parameter.

netlab connect command uses the following device data. Most of that data is derived from the device group_vars, although you can override it on node- or custom group level; use the netlab inspect --node _name_ command to inspect it.

  • ansible_connection: Use docker exec if the connection is set to docker[1]. Use ssh if the connection is set to ssh, paramiko[2], network_cli[3], or netconf[4]. Fail for all other connection types.

  • ansible_host: IP address or alternate FQDN for the lab device (default: hostname specified on the command line)

  • ansible_user: remote username for SSH session (default: not specified)

  • ansible_ssh_pass to specify password (default: use SSH keys)

  • ansible_port to specify alternate SSH port (used primarily in VirtualBox environment)

  • netlab_show_command: command to execute when using the --show option. Primarily used to deal with FRR/Cumulus Linux running vtysh to execute show commands.

Executing a Single Command

Command line parameters specified after the device name are passed to the ssh or docker exec command, allowing you to execute a single command on a lab device.

If you want to process the results of the command executed on a lab device, use netlab connect -q to remove the “we are going to connect to device X” message.

Executing a Show Command

You can run netlab connect with –show args option to execute a show command on a lab device. In most cases, this is equivalent to running netlab connect host show args (see above); the major exceptions are FRR and Cumulus Linux.

For example, this is how you could execute show ip route command on Cumulus Linux or FRR container without worrying about the FRR vtysh details[5]:

$ netlab connect r2 --show ip route
Connecting to container clab-X-r2, executing sudo vtysh -c "show ip route"
Use vtysh to connect to FRR daemon

Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure
O>* [110/20] via, swp1, weight 1, 00:23:17
O [110/0] is directly connected, lo, weight 1, 00:23:24
C>* is directly connected, lo, 00:23:36
O [110/10] is directly connected, swp1, weight 1, 00:23:24
C>* is directly connected, swp1, 00:23:35

Handling SSH Keys

netlab connect command disables SSH host key checking and uses /dev/null as known hosts file to simplify lab connectivity (some virtual devices change SSH key on every restart).


Do not use netlab connect in a production environment.