Is anybody automating router/switch configs in any manner other then telnet scripts or Ciscoworks? I am just trying to get some ideas. Thanks Jason
On (11/03/04 20:50), Jason Graun wrote:
Is anybody automating router/switch configs in any manner other then telnet scripts or Ciscoworks? I am just trying to get some ideas.
lexicon/netclarity - www.network-clarity.com - young, only cisco ios/catos devices right now, easy to tailor to your change management process, working on policy compliance auditing truecontrol - www.renditionnetworks.com - no juniper support yet, less flexible change process flow, can/will act as central access point for device access (will proxy ssh/telnet/etc based upon your login credentials), decent config/policy compliance auditing and reporting capabilities formulator - www.goldwiretech.com - more mature than truecontrol, more devices supported (including some servers), robust compliance auditing/reporting features and last, but not least, rancid - www.shrubbery.net/rancid/ - support for lots of devices (and easy to add more with a little expect knowledge), easily extended (perl, expect, awk, shell, etc), FREE - for more on what you can do see: http://www.shrubbery.net/rancid/NANOG29/index.html http://www.nanog.org/mtg-0210/abley.html i am using/have used rancid, and am evaluating the others hth /joshua -- Fixing Unix is easier than living with NT. Jonathan Gilpin
On Thu, 11 Mar 2004 20:50:57 -0600, "Jason Graun" <jgraun@comcast.net> said: Is anybody automating router/switch configs in any manner other then telnet scripts or Ciscoworks? I am just trying to get some ideas.
are you talking about access routers or backbone/core/peering routers? - for core/backbone routers, use rancid (www.shrubbery.net) whatever your automation scheme, it might not be your primary tool, but it will save you one day Something that doesn't get mentioned on NANOG very much is automating/managing lots and lots of access customers -- ie DSL/T1/Frame etc.. If that interests you, then maybe something I used circa 1999 but I haven't really heard being used recently (but probably is) might give you some ideas (an interview question yesterday reminded me): - we had a Redback SMS 1000 that we could preconfigure ATM PVCs/Frame DLCIs/DS3 Channels for T1s on with all the Layer 2 stuff - all the Layer 3 stuff like routed networks, interface IP addresses, IP filters etc. could be assigned out of radius. I believe Redback had plans to introduce a cable "blade" for their SMS boxes - we took DSL/T1 orders entered into a web front end and had IP/PVC etc. configs stored in an SQL database and updated radius within a few minutes (Covad had (has?) a very nice XML-RPC backend that let us assign the PVCs to our customers etc.. MCI/Worldcom also allowed us to assign channels on a DS3, so our software did that and sent them email with the order) - the Redback had an excellent feature by which, upon receipt of a packet on a hitherto "unbound" PVC (a few weeks after we were setup the DSL/Frame layer-2 circuit would be installed), it would read the config from radius and "bind" the PVC - when a customer cancelled or didn't pay their bill, a script, triggered by certain fields that support/billing-folks could set in the web-frontend, would log into the Redback and "unbind" the circuit Since most frequent "updates" and config changes happened to access routers, this minimized the amount of mundane work a router-monkey had to do. I only hope that all ISPs selling such services are doing things in a nice, automated way. FWIW, my ISP was swallowed by a cable provider who was well subsidized by Cisco. And the rest, you can probably guess. amazed by how little has changed in the ISP world since 2000, Adi
Aditya writes on 3/12/2004 9:41 AM:
On Thu, 11 Mar 2004 20:50:57 -0600, "Jason Graun" <jgraun@comcast.net> said: Is anybody automating router/switch configs in any manner other then telnet scripts or Ciscoworks? I am just trying to get some ideas.
are you talking about access routers or backbone/core/peering routers?
Then there are a few others available in /usr/ports/net-mgmt/ on freebsd cisco_conf, ciscoconf (read / store cisco configs from rcs) - one of those is by Joe Abley, forgot which one. Then there's a perl module called p5-JUNOScript Rancid and a few other useful tools are there as well. srs -- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 manager, outblaze.com security and antispam operations
participants (4)
-
Aditya -
Jason Graun -
joshua sahala -
Suresh Ramasubramanian