[[nsp] Cisco/Router Management Tool]

joshua sahala joshua.ej.smith at usa.net
Tue Nov 25 16:06:31 EST 2003

Chris Bissell <cbissell at frii.com> wrote:
> 	I was wondering if a tool had been already created that did the 
> following.  It would be nice if we could have a daemon running on one of 
> our management servers that kept a ssh/telnet connection open to the 
> majority of our routers (currently Cisco, but a few other brands as 
> well).  You could have users send commands to this daemon which would 
> then send the command to the router and reply back with the output,
> using any authentication scheme you wrote into the daemon.
> 	The reason for this is as follows, we could use this program to 
> repeatedly run certain commands from a script for troubleshooting 
> purposes (for things that you can't get via SNMP).  Since the 
> connection to the router is kept open, you could then reduce the 
> overhead connection setup and teardown.  We could also, through a bit 
> of coding create a way for low privilege techs to access particular 
> commands without having to know the passwords to the router. (I know 
> that can also be accomplished a few different ways with TACACS+ and 
> privilege levels as well).  Does anybody know of a tool that 
> accomplishes this?
> 	I could see a tool like this being the only way the majority of 
> people would access the routers, which would give us full flexibility
> to write dynamic access rules and such.  We run mostly FreeBSD here so
> a tool that worked on that system would be easiest, but any platform 
> would do.

in the ports - net/rancid (i seem to be the rancid evangelist today ;) )

it comes with a modified version of the digex looking glass code.  you
can then use cvs-web (devel/cvsweb) to provide a web frontend to the 
rancid cvs files (handy for reivewing change trends/etc, or for learning)

another looking glass that seems very kewl is version6.net's - 

or check out traceroute.org for even more - the cistron code is nice 
(based on the digex code too), as are some of the others ;)



> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

"Walk with me through the Universe,
 And along the way see how all of us are Connected.
 Feast the eyes of your Soul,
 On the Love that abounds.
 In all places at once, seemingly endless,
 Like your own existence."
     - Stephen Hawking -

More information about the cisco-nsp mailing list