[185600] in North American Network Operators' Group
Re: configuration sanity check
daemon@ATHENA.MIT.EDU (Justin Seabrook-Rocha)
Thu Oct 29 11:57:33 2015
X-Original-To: nanog@nanog.org
From: Justin Seabrook-Rocha <xenith@xenith.org>
In-Reply-To: <5631D5F0.5030705@yahoo.fr>
Date: Thu, 29 Oct 2015 07:42:00 -0700
To: marcel.duregards@yahoo.fr
Cc: nanog <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Oct 29, 2015, at 01:16, marcel.duregards@yahoo.fr wrote:
>=20
> Hi Nanogers,
>=20
> Any recommendation about a software which check the live config of =
cisco/juniper devices against some templates ?
>=20
> The goal is to have a template about different function device, like:
> - CORE device must have this bloc and this clock
> - PE device must have at least that and that
> - CPE must have this and that
> - Distrib switch block 1 and block2
> - etc...
>=20
> And the software run once every day to check which device do not =
comply with those rules and generate an alert.
>=20
> Thank,
> - Marcel
We implemented an in-house solution using Cisco Template Manager =
(http://www.gelogic.net/cisco-template-manager/). Its basically a bunch =
of bash/perl scripts doing regex matching against the saved configs from =
RANCID. Works fine for both Cisco and Juniper.
It requires some hand tooling, but we have it doing exactly what you =
want (checking against different device function templates).
Justin Seabrook-Rocha
--=20
Xenith || xenith@xenith.org || http://xenith.org/
Jabber: xenith@xenith.org
