[c-nsp] IOS archive in addition to RANCID

[Ian Henderson]

Hi folks,

I'm working on updating our base templates using some more modern features and am considering if IOS' built in configuration archiver/change logger have a place in our network.

Is anybody using the config archiver in addition to/in place of RANCID?
Syslog command logging in addition to/in place of TACACS?
Thoughts on pros/cons?
Are you using EEM to catch config changes that aren't followed by a 'wr mem'?
Any other neat tricks?

archive
 log config
  record rc
  logging enable
  logging size 200
  notify syslog contenttype plaintext
  hidekeys
 path tftp://tftp/Config-Archive/$h-$t
 write-memory

My thoughts so far:

* RANCID is a single solution that works for all vendors and all versions of IOS, no need for separate dirty hacks per vendor, but new vendor/device type maintenance can be tricky.

* With a sizeable RANCID installation, collection interval needs to be pushed out to 4 hours plus, which means we could miss changes within the interval. 

* RANCID does automated diff, having a directory full of router-datetime files isn't as easy to manipulate.

* TACACS command logging catches commands performed outside config mode.

* Having two methods ensures that if one method breaks, we still have useful logs/archives. This is particularly nice in our environment - if someone deploys hardware without following procedure of adding it to the database that runs RANCID, it still gets config collection (plus they get a bonus larting, but thats another story…).

Any additional insight?

Rgds,




- I.