rancid_intro(1) introduction to the Really Awesome New Cisco confIg Differ

INTRODUCTION

rancid is really more than just a Cisco configuration differ. It handles several different device's configurations; currently including Alteon, Arista, Bay Networks (Nortel), Cisco, Extreme, F5 BigIP, Force10, Fortinet, Foundry, HP Procurve switches, Hitachi, Juniper Routers and edge (ERX) routers, MRTd daemon, Microtik routers, Netscalar load balancers, Netscreen firewalls, Procket, Redback, SMC switches, Xirrus arrays, Zebra routing software, and the ADC-Kentrox EZ-T3 mux.

rancid uses an expect script to login using ssh, telnet, or rsh to each of a list of devices and run a set of commands for that device-type and collects the output. The output is run through some filtering to summarize, reformat, and/or snip unwanted or security related data such as chassis temperature and easily reverse-able passwords.

Named after the device's name in the group's configuration file (router.db), the resulting files are saved in the directory <group>/configs. Except for the data filtered from the configuration file for security reasons, such as reversable passwords, these files are suitable for loading directly to restore a lost configuration. See rancid.conf(5) for more information on <group>s.

After filtering, a uni-diff (see diff(1)) of the result is produced for each of the devices in a group against that of the previous run of rancid and is e-mailed to that group's mail list, "rancid-<group>". This e-mail will also include any differences of the device list in the group's configuration file, router.db.

Lastly, all the updated files are checked into the revision control system (CVS, Subversion, or git). And, administrative messages, such as collections that are failing for longer than OLDTIME, are mailed to "rancid-admin-<group>".

Additional utilities, including a looking glass, come with rancid. See rancid's share directory ( share/rancid).

EXAMPLE E-MAIL

Below is a sample of a uni-diff produced from the group "shrubbery" for the device named dfw.shrubbery.net, which happens to be a Cisco GSR.

From: rancid 
To: [email protected]
Subject: shrubbery router config diffs
Precedence: bulk
  
Index: configs/dfw.shrubbery.net
===================================================================
retrieving revision 1.144
diff -u -4 -r1.144 dfw.shrubbery.net
@@ -57,14 +57,8 @@
  !Slot 2/MBUS: hvers 1.1
  !Slot 2/MBUS: software 01.36 (RAM) (ROM version is 01.33)
  !Slot 2/MBUS: 128 Mbytes DRAM, 16384 Kbytes SDRAM
  !
- !Slot 6: 1 Port Gigabit Ethernet
- !Slot 6/PCA: part 73-3302-03 rev C0 ver 3, serial CAB031216OL
- !Slot 6/PCA: hvers 1.1
- !Slot 6/MBUS: part 73-2146-07 rev B0 dev 0, serial CAB031112SB
- !Slot 6/MBUS: hvers 1.2
- !Slot 6/MBUS: software 01.36 (RAM) (ROM version is 01.33)
  !Slot 7: Route Processor
  !Slot 7/PCA: part 73-2170-03 rev B0 ver 3, serial CAB024901SI
  !Slot 7/PCA: hvers 1.4
  !Slot 7/MBUS: part 73-2146-06 rev A0 dev 0, serial CAB02060044

In this example, we see that a Gigabit Ethernet linecard was removed from slot 6. However, since this data is collected from "show" commands on the router, it could just as easily be that the card crashed so the RP can not communicate with it to collect information.

GETTING STARTED

Installation instructions are included in the distribution's top-level directory in the README file (which will be installed in share/rancid). Once the installation is complete, start by reading the man pages listed below or follow the basic instructions included in the README file.

See http://www.shrubbery.net/rancid for information on new versions, mail lists, etc.

ADDING NEW GROUPS

Follow this procedure for adding new groups:
  • Update the LIST_OF_GROUPS variable in etc/rancid.conf (see rancid.conf(5)).
  • Run rancid-cvs(1).
  • Update the system's mail aliases file /etc/aliases (see rancid.conf(5)).