[c-nsp] Tracking config changes

[Jeremy Bresley]

On 5/24/2010 11:34 AM, Mike wrote:
> Hi Gang,
>
>    In my smallish network I am guilty sometimes of using cli to make 
> cisco switch and router config changes, and sometimes I have been 
> known to forget to 'wr mem' when I'm sure it's what I want. The 
> reasons for this vary, but I want to be better than this disaster 
> waiting for a power outage or other event to force a reset, losing 
> something that could potentially be important that I may forget about 
> later. I know there are approaches to this in larger envionments using 
> config version control systems and such, but I think I want something 
> simpler to at least notify me when/if I have a 'running config' that 
> has been modified from the 'startup config' and not committed to nvram.
>
>    One approach I might think of would be to poll the devices on my 
> normal snmp schedule and include a check for the last date of 
> configuration change. I could easilly throw an alert if it's been more 
> than an hour since the last config change/write to memory, but I don't 
> know which variables I would poll for that. A secondary idea might 
> also be to download the configs and commit them to cvs anytime a 
> change is detected, but some here might think this is backwards and 
> that configs should only be uploaded? What do you other service 
> provider folks do?
>
> Mike-
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

As far as downloading the configs into CVS, look at RANCID.

http://www.shrubbery.net/rancid/

As far as checking the configs, if you're going to write a script to 
login anyway, why not just do a write mem on the device?  Or snmpset on 
.1.3.6.1.4.1.9.2.1.54.0 to do the same thing.  (Which I believe is how 
CW2K saves the running config when it detects a mismatch between 
running/startup configurations.)

Jeremy