Advanced Registry Operations Curriculum Using Rancid - Part I --------------------- 0. Log in to your PC or open a terminal window as the tladmain user. 1. Verify that postfix (mail system) is installed and running. $ ps ax | grep postfix 2. Add an alias for the rancid user in /etc/aliases file $ sudo vi /etc/aliases rancid-all: tldadmin rancid-admin-all: tldadmin Save the file, then run: $ sudo newaliases 3. Install Rancid itself $ sudo apt-get install rancid-core (Say yes to the questions) $ sudo apt-get install rancid-util $ sudo apt-get install rancid-cgi $ sudo apt-get install cvsweb $ sudo apt-get install cvs Or you could install everything at once: $ sudo apt-get install rancid-util rancid-cgi cvsweb cvs 4. Edit /etc/rancid/rancid.conf $ sudo vi /etc/rancid/rancid.conf Find the line with the parameter LIST_OF_GROUPS, and replace it with LIST_OF_GROUPS="all" 5. Choose which router you will manage: tld1 - tld9 10.10.10.21 tld10 - tld18 10.10.10.22 6. Change to the rancid user - First you need to become the root user: $ su - Now you can become the RANCID user: # su -s /bin/bash rancid - Check that you ARE the rancid user: $ id - You should see something similar: uid=115(rancid) gid=123(rancid) groups=123(rancid) 7. Create /var/lib/rancid/.cloginrc R vi /var/lib/rancid/.cloginrc add user 10.10.10.xxx tldadmin add password 10.10.10.xxx tldadmin tldadmin (Remember to replace xxx with .21 for group 1, or .22 for group 2) $ chmod 600 /var/lib/rancid/.cloginrc 7. Initialize the CVS repository for rancid: $ /usr/lib/rancid/bin/rancid-cvs - You should see something similar to this: No conflicts created by this import cvs checkout: Updating all Directory /var/lib/rancid/CVS/all/configs added to the repository cvs commit: Examining configs cvs add: scheduling file `router.db' for addition cvs add: use `cvs commit' to add this file permanently /var/lib/rancid/CVS/all/router.db,v <-- router.db initial revision: 1.1 8. Test login to the router $ /usr/lib/rancid/bin/clogin 10.10.10.xxx (where xxx is the IP of the router (either .21 or .22)) - You should now be logged in to the router, and see something like: router1> - Type 'exit' to logout 9. Add the router.db $ vi /var/lib/rancid/all/router.db Add: 10.10.10.xxx:cisco:up (remember to replace xxx with .21 or .22) 10. Let's run rancid! $ /usr/lib/rancid/bin/rancid-run (Should take a few seconds) 11. Check out the logs: $ cd /var/lib/rancid/logs $ ls -l ... View the contents of the file: $ more all.* 12. Look at the configs $ cd /var/lib/rancid/all/configs $ more 10.10.10.xxx - If all went well, you can see the config of the router. 13. Let's change an interface Description on the router $ /usr/lib/rancid/bin/clogin 10.10.10.xxx - At the "router1>" prompt, enter the command: config terminal - You should see: Enter configuration commands, one per line. End with CNTL/Z. router1(config)# - Enter: interface Ethernet0/0 - You should get this prompt: router1(config-if)# - Enter: router1(config-if)> description Internal Interface for 10.10.10.xxx/24 - Then type CTRL-Z (press Control + the Z key) - You should now have this prompt: router1> - To save the config to memory: write memory - You should see: Building configuration... [OK] - To exit type: exit 14. Let's run rancid again: $ /usr/lib/rancid/bin/rancid-run Look at the config and logs $ ls /var/lib/rancid/logs/ 15. Let's see the differences $ cd /var/lib/rancid/all/configs $ ls -l You should see all the router config files $ cvs log 10.10.10.xxx (where xxx is the IP of your router, .21 or .22) Notice the revisions. Let's view the difference between two versions: $ cvs diff -r 1.2 -r 1.3 10.10.10.xxx | more ... can you find your changes ? 16. Check your mail As the user "tldadmin", run the "mutt" mailer to see the mails that Rancid has sent: $ exit # su - tldadmin $ mutt If everything goes as planned, you should be able to read the mails sent by Rancid. (use q or x to quit mutt) 17. Finally, let's make rancid run automatically every 30 minutes from cron $ crontab -e - Add this line: */30 * * * * /usr/lib/rancid/bin/rancid-run ... then save and quit