RE: [nsp] Bulk config changes and experiences ?

From: Andrew Fort (afort@staff.webcentral.com.au)
Date: Fri Jun 22 2001 - 00:59:30 EDT


>> On Thu, 21 Jun 2001, Kevin Gannon wrote:
>>
>> > We are looking at ways of making simple bulk changes to some
>> > of our routers (2,000+). The changes are changing communities
>> > and adding single lines of configs.
>>
>> I haven't done anything near that scale, but is there a
>reason you can't
>> get this done with expect and some shell or perl scripting?
>
>rancid makes stuff like this pretty easy.
>
>http://www.shrubbery.net/rancid/

We actively use RANCID also, but I'm not sure I'd be comfortable running
thousands of rancid 'clogin' processes to update thousands of routers :-).
However it does have some "large" users, so it's possible they use it for
this (as well as its more direct use, the config management). My own
experience with updating routers via clogin -s is that vast changes as
suggested may be slow and have other unexpected results.

however, RANCID is a very useful tool for configuration management (it
places your router configs from various vendors in a CVS tree). It provides
login programs to do this via your favourite CLI access mechanism (rcp,
telnet, ssh, whatever's supported). It's quite flexible.

For this type of application, I'd be more for what Jared Mauch suggested, a
configuration backend for partial or whole configurations (possibly using an
sql backend). A combination of WANdoc O.S., RANCID, etc, is what I'm after
(using the snmp cisco config MIB to initiate the transfers, for example).

-afort



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:43 EDT