[nsp] "show archive"
Jared Mauch
jared at puck.nether.net
Wed Jun 2 23:23:49 EDT 2004
On Sun, May 23, 2004 at 09:16:39AM +0200, Yuval Ben-Ari wrote:
> > I'm wondeirng if many people have played with this yet.
> >
> > for those of you that don't know, this is very similar to
> > show | compare rollback on the juniper..
> >
> > - jared
> >
> >
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft
> /123t/123t_4/gt_diff.htm
>
>
> my colleague was checking this feature out and getting quite excited :-)
> not sure I understand the motivation Cisco has to move more "smart
> auditing" capabilities into the IOS (i.e. Config archive / Role-Based
> CLI).
> also, what if a box crashed completely / having a flash fauilure, you
> sure want an external copy of the config.
> what reason do someone already using rancid / tacacs have to move
> management of these tasks to be distributes on routers themselves ?
Well, I think the idea here is that you could generate
your configuration out of a database and output a router config that
you would "upload". This would allow you to retain centralized change
control of policies.. even if someone puts in a temp acl or something
that isn't "right" that you miss in your rancid diffs, the correct
policy would be enforced upon a reboot.
it would also allow better acl/prefix-list managment by machine
generated tools.
you can also use the clogin supplied w/ rancid to login to the
routers and issue various commands on the routers..
- jared
--
Jared Mauch | pgp key available via finger from jared at puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
More information about the cisco-nsp
mailing list