[185592] in North American Network Operators' Group
Re: configuration sanity check
daemon@ATHENA.MIT.EDU (Daniel Corbe)
Thu Oct 29 05:28:38 2015
X-Original-To: nanog@nanog.org
From: Daniel Corbe <dcorbe@hammerfiber.com>
To: "marcel.duregards\@yahoo.fr" <marcel.duregards@yahoo.fr>
Date: Thu, 29 Oct 2015 08:28:24 -0400
In-Reply-To: <5631D5F0.5030705@yahoo.fr> (marcel's message of "Thu, 29 Oct
2015 09:16:48 +0100")
Cc: nanog <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
"marcel.duregards@yahoo.fr" <marcel.duregards@yahoo.fr> writes:
> Hi Nanogers,
>
> Any recommendation about a software which check the live config of
> cisco/juniper devices against some templates ?
>
> The goal is to have a template about different function device, like:
> - CORE device must have this bloc and this clock
> - PE device must have at least that and that
> - CPE must have this and that
> - Distrib switch block 1 and block2
> - etc...
>
> And the software run once every day to check which device do not
> comply with those rules and generate an alert.
>
> Thank,
> - Marcel
You can also catch and minimize mistakes in real-time by:
1) Implementing and enforcing a proper change control system
2) Implementing tools like Rancid, which are designed to scrape router
configs and E-Mail changes in the format of a unified diff to everyone
in your engineering team.
3) Make liberal use of tools like RtConfig so routine changes aren't a
painful (read: manual) time-consuming process.
