RANCID / WebSVN AfNOG 12, Dar Es Salaam, Tanzania.

Slides:

Advertisements

Similar presentations

Point Protection 111. Check List AAA to the Network Devices Controlling Packets Destined to the Network Devices Config Audits.

Advertisements

ESafe Reporter V3.0 eSafe Learning and Certification Program February 2007.

Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile.

CCNA2 Module 4. Discovering and Connecting to Neighbors Enable and disable CDP Use the show cdp neighbors command Determine which neighboring devices.

Network Management Workshop intERlab at AIT Thailand March 11-15, 2008 Network Operations and Network Management.

NOC Tools Donal O’Cearbhaill HEAnet Ltd.. Ireland’s National Education and Research Network Provides Internet services to Irish Universities Broadband.

Managing Your Network Environment © 2004 Cisco Systems, Inc. All rights reserved. Managing Cisco IOS Devices INTRO v2.0—9-1.

Linux’ Security Haifa Linux Club Orr Dunkelman.

COEN 252: Computer Forensics Router Investigation.

Privilege Levels Cisco IOS provides for 16 different privilege levels ranging from 0 to 15. Cisco IOS comes with 2 predefined user levels. User mode.

System Administration: Linux Track 2 Workshop June 2010 Pago Pago, American Samoa.

Routers A router is a computer Computers have four basic components:

These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (

These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Chapter 2: Installing and Upgrading to Windows Server 2008 R2 BAI617.

One to One instructions Installing and configuring samba on Ubuntu Linux to enable Linux to share files and documents with Windows XP.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Troubleshooting Your Network Networking for Home and Small Businesses.

1 © 2004, Cisco Systems, Inc. All rights reserved. Chapter 6 Configuring a Router/ Learning About Other Devices/ Managing Cisco IOS Software.

NMS Labs Mikko Suomi LAB1 Choose SNMP device managment software Features: –Gives Nice overview of network –Bandwith monitoring –Multible.

2010 Cisco Configuration Elements APRICOT 2010 Kuala Lumpur, Malaysia.

CLI modes Accessing the configuration Basic configuration (hostname and DNS) Authentication and authorization (AAA) Log collection Time Synchronization.

Module 4: Add Client Computers and Devices to the Network.

NOC TOOLS rancid AfNOG Cairo, SI-E, 4 of 5 Sunday Folayan.

CLI modes Accessing the configuration Basic configuration (hostname and DNS) Authentication and authorization (AAA) Log collection Time Synchronization.

IPv6 Network Assessor 111 © 2005 Cisco Systems, Inc. All rights reserved. Susan Shareshian Solutions Manager, Cisco Systems, Inc.

1 © 2007 Cisco Systems, Inc. All rights reserved.Cisco Public Remote access typically involves allowing telnet, SSH connections to the router Remote requires.

Cisco Routers Objectives –How to log into a Cisco router and determine basic settings. Contents –Differences in available methods of access. –Different.

Cisco Configuration Elements Network Monitoring and Management Tutorial.

RANCID / Version Control AfNOG 11, Kigali/Rwanda.

CISCO NETWORKING ACADEMY Chabot College ELEC telnet.

Basic Router Configuration 1.1 Global configuration Cisco allows us to configure the router to support various protocols and interfaces. The router stores.

User Access to Router Securing Access.

Subversion (SVN) A Revision Control System Successor to CVS Carlos Armas Hervey Allen.

Alarm Network System Supervised by: Dr. Luai Malhis. Prepared by: Mahmoud Musa & Mustafa Assaf.

Graphing and statistics with Cacti AfNOG 11, Kigali/Rwanda.

WSM Administrator Training. WSM Administrator Discussion of WSM Administrator responsibilities Discussion of WSM administrative interfaces Detailed discussion.

Maintaining and Updating Windows Server Monitoring Windows Server It is important to monitor your Server system to make sure it is running smoothly.

By: Anuj Sharma. Topics covered:  GIT Introduction  GIT Benefits over different tools  GIT workflow  GIT server creation  How to use GIT for first.

Module 3 Configuring a Router.

These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (

1 Linux Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise.

Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.

Core 3: Communication Systems. Network software includes the Network Operating Software (NOS) and also network based applications such as those running.

Network Management Workshop Apricot 2010 Kuala Lumpur Managing network configuration with RANCID.

How to Deploy and Configure the Smart Net Total Care CSPC Collector

Configuring AAA requires four basic steps: 1.Enable AAA (new-model). 2.Configure security server network parameters. 3.Define one or more method lists.

CCNA2 Chapter 2 Cisco IOS Software. Cisco’s operating system is called Cisco Internetwork Operating System (IOS) IOS provides the following network services:

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Router Initialization steps.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 LAN Connections Understanding Cisco Router Security.

These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (

 Router Configurations part1 2 nd semester

Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.

Installing the ALSMS Software on a Windows Platform Configuration Example Alcatel-Lucent Security Products Configuration Example Series.

Ubuntu Checklist. 1.Examine the ReadMe.txt file 2.Manage user and root passwords – sudo passwd change password of username –Change password policies in.

Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.

Cisco 2 - Routers Perrine. J Page 16/26/2016 Chapter 2 Cisco IOS Software Cisco’s operating system is called Cisco Internetwork Operating System (IOS)

1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 2 Introduction to Routers.

Using Grsync with Ubuntu Presented by Dave Mawdsley, DACS Member, Linux SIG August 20, 2008 (making rsync easy with a memory key or a server)

Managing network configuration with RANCID

Operating & Configuring a Cisco IOS Device

Network Operations and Network Management

Introduction to Networking

Understanding Cisco Router Security

Haifa Linux Club Orr Dunkelman

Configuring a Router Module 3 Semester 2.

Linux Security.

Protocol Application TCP/IP Layer Model

Module 3 Configuring a Router.

CCNA 2 2 Double JEOPARDY Midterm REVIEW S2C06 Jeopardy Review.

Presentation transcript:

RANCID / WebSVN AfNOG 12, Dar Es Salaam, Tanzania

Agenda What is RANCID? What can I do with RANCID? How does it work Setting up RANCID A few more considerations

What is RANCID? Really Awesome New Cisco ConfIg Differ o Not only for Cisco now though Monitors a set of routers/devices configuration and hardware status and keeps track of changes Keeps configurations in a versioning system (CVS or subversion) Can notify by on configuration changes

What can I do with RANCID? Backup configurations of your network devices (in case of emergency) and keep inventory Keep track of changes (when did we put in this line/this linecard) Be informed when someone with access does changes to the ACLs or something similar Help with network monitoring o Not everything can be checked via SNMP o Great ideas in NANOG 2005 techtalk

How does it work? RANCID is run (manually or automated) Lookup list of groups (of devices). For each group o Connect to the router (SSH or Telnet) o Run show commands (configuration/inventory) o Collect/filter/format data (remove passwords etc) o Retrieve resulting files, check in changes to CVS/SVN o Create a diff between current and last configuration o configuration diff to interested parties

Setting up RANCID Author speaks of an "easy 12-step install process" The first two are taken care off with current Ubuntu and apt-get ( sudo apt-get install rancid-core rancid-util build-essential expect ) We'll go through the rest, but a few concepts: o You have groups of devices in rancid.conf o Every group has a routers.db file which lists status o Login to devices through a tool called clogin (or jlogin/flogin etc.), has it's own configuration o If you want the functionality, it uses your MTA (like sendmail/exim) so configure that correctly o Run it every hour or so by using a cronjob

A few more considerations Security o RANCID needs permissions to run "show running-configuration" - on Cisco that means a user with privilege 15 o Make sure to secure your box (password is in cleartext), and ACL the router, or restrict RANCID user to show commands with TACACS clogin/jlogin o These tools to login to routers might be useful for yourself if you do it often o Same security questions apply Seriously, you can do so much more with the data collected o Check Stephen Stuart's NANOG 2005 techtalk for a few ideas o For example, you can automate checking your configs o Or produce graphs of your network based on IPs o Or generate nice DNS entries for your routers

References RANCID homepage NANOG 26, Stephen Stuart's Presentation Subversion (SVN) Home Page NANOG 29 Rancid presentation HOWTOs: o Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid o o Exercises for this session