nanog mailing list archives
Re: Nipper and Cisco configuration results
From: Tim Durack <tdurack () gmail com>
Date: Sat, 4 Apr 2009 21:52:19 -0400
The problem I have with both RAT and Nipper is they're geared towards security and I'm more interested in verifying that the routers are configured correctly. What kind of tools are people using for that? For an example of the type of thing I'm interested in, see filter_audit in the presentation at http://www.nanog.org/mtg-0210/abley.html
Homebrew: pull configs on a regular basis. Decompose monolithic configs into a file tree of "configlets." Diff configlet tree against peer and template devices. "Invert" device specific configlet tree into element specific tree. This helps diffs stand out for config elements that should be consistent. Put it all into a git repository for revision control. Run git-web for the user interface. Catches most of the obvious stuff, and gives a nice history of changes. The configlet tree also gets used for "grep | xarg" style pipelines for automation scripts. Would like to improve the diff process to mask out common information (ip address, hsrp priority etc.) This would help reduce the amount of diff noise for interfaces. We looked at free (RANCID, Ziptie) and expen$ive (Opsware) but none of them really did what we wanted. Tim:>
Current thread:
- RE: Nipper and Cisco configuration results, (continued)
- RE: Nipper and Cisco configuration results Jo¢ (Apr 02)
- Re: Nipper and Cisco configuration results Lee (Apr 02)
- Re: Nipper and Cisco configuration results Christopher (Apr 03)
- RE: Nipper and Cisco configuration results Subba Rao (Apr 02)
- RE: Nipper and Cisco configuration results Jo¢ (Apr 02)
- RE: Nipper and Cisco configuration results Subba Rao (Apr 02)
- RE: Nipper and Cisco configuration results Jo¢ (Apr 02)
- Re: Nipper and Cisco configuration results Subba Rao (Apr 03)
- Re: Nipper and Cisco configuration results Subba Rao (Apr 03)
- Re: Nipper and Cisco configuration results Lee (Apr 04)
- Re: Nipper and Cisco configuration results Tim Durack (Apr 04)
- Re: Nipper and Cisco configuration results Lee (Apr 04)
- Re: Nipper and Cisco configuration results Subba Rao (Apr 04)
- Re: Nipper and Cisco configuration results Lee (Apr 04)