On Wed, Feb 26, 2014 at 6:27 PM, Ryan Shea <ryanshea@google.com> wrote:
Robert - all great suggestions. Big cross-vendor configuration generation and deployment is outside the scope of what I was hoping for here. The goal is to have the version information somehow encoded into the configuration, and I'm not sure that NETCONF has anything to say about that matter. Certainly the same problem of which-versions-are-where exists in the puppet/chef world and there are platform specific ways to answer those
puppet solves this by comparing a complete md5(file) with deployed md5(file)... not as simple to do that on: access-list 150 permit icmp any any access-list 150 permit tcp any eq 80 any access-list 150 deny ip any any it'd be super nice if you could grab out just the hermetic bit of config you care about, and md5sum() that, eh? provided your stored config was written out in the IOS version (specific?) spacing/etc manner, of course.
questions. Deep analysis of the router configuration itself can give pretty strong hints about which version are deployed, but lets assume full config digestion and comparison is out of the question. From some off-list responses I am hearing that some folks do similar kludges with other text fields, wether they be remark/banner/snmp-foo/interface descriptions.
this makes me sad... but go 'state of the art network equipment!' is it time to start asking vendors for more operable configuration storage and access?