1 | Network Management & Monitoring |
---|
2 | |
---|
3 | Using RANCID |
---|
4 | ============ |
---|
5 | |
---|
6 | Notes: |
---|
7 | ------ |
---|
8 | * Commands preceded with "$" imply that you should execute the command as |
---|
9 | a general user - not as root. |
---|
10 | * Commands preceded with "#" imply that you should be working as root. |
---|
11 | * Commands with more specific command lines (e.g. "RTR-GW>" or "mysql>") |
---|
12 | imply that you are executing commands on remote equipment, or within |
---|
13 | another program. |
---|
14 | |
---|
15 | Exercises |
---|
16 | --------- |
---|
17 | |
---|
18 | 1. Connect to your PC using ssh |
---|
19 | |
---|
20 | 2. Become root, verify that postfix (mail system) is installed and running. |
---|
21 | |
---|
22 | $ sudo bash |
---|
23 | # service postfix status |
---|
24 | ... result should be "postfix is running" |
---|
25 | |
---|
26 | Also check that the 'mutt' mail client is installed: |
---|
27 | |
---|
28 | # apt-get install mutt |
---|
29 | |
---|
30 | 3. Add an alias for the rancid user in /etc/aliases file |
---|
31 | |
---|
32 | # editor /etc/aliases |
---|
33 | |
---|
34 | rancid-all: sysadm |
---|
35 | rancid-admin-all: sysadm |
---|
36 | |
---|
37 | Save the file, then run: |
---|
38 | |
---|
39 | # newaliases |
---|
40 | |
---|
41 | 4. Install Rancid itself |
---|
42 | |
---|
43 | # apt-get install rancid telnet |
---|
44 | |
---|
45 | 5. Edit /etc/rancid/rancid.conf |
---|
46 | |
---|
47 | # editor /etc/rancid/rancid.conf |
---|
48 | |
---|
49 | Find the line with the parameter LIST_OF_GROUPS, and add a similar |
---|
50 | line with: |
---|
51 | |
---|
52 | LIST_OF_GROUPS="all" |
---|
53 | |
---|
54 | (with no '#' at the front of line) |
---|
55 | |
---|
56 | 6. Change to the rancid user |
---|
57 | |
---|
58 | From a root prompt, switch identity to become the 'rancid' user: |
---|
59 | |
---|
60 | # su -s /bin/bash rancid |
---|
61 | |
---|
62 | Check that you ARE the rancid user: |
---|
63 | |
---|
64 | $ id |
---|
65 | |
---|
66 | You should see something similar (numbers may be different): |
---|
67 | |
---|
68 | uid=114(rancid) gid=124(rancid) groups=124(rancid) |
---|
69 | |
---|
70 | 7. Create /var/lib/rancid/.cloginrc |
---|
71 | |
---|
72 | $ editor /var/lib/rancid/.cloginrc |
---|
73 | |
---|
74 | add user 10.10.254.xxx cisco |
---|
75 | add password 10.10.254.xxx cisco cisco |
---|
76 | |
---|
77 | (Replace 10.10.254.xxx with your router's IP address. The first |
---|
78 | 'cisco' is the username, the second and third 'cisco' are the |
---|
79 | password and enable password used to login to your router) |
---|
80 | |
---|
81 | Now protect this file so that it cannot be read by other users: |
---|
82 | |
---|
83 | $ chmod 600 /var/lib/rancid/.cloginrc |
---|
84 | |
---|
85 | 8. Initialize the CVS repository for rancid: |
---|
86 | |
---|
87 | $ /usr/lib/rancid/bin/rancid-cvs |
---|
88 | |
---|
89 | You should see something similar to this: |
---|
90 | |
---|
91 | No conflicts created by this import |
---|
92 | |
---|
93 | cvs checkout: Updating all |
---|
94 | Directory /var/lib/rancid/CVS/all/configs added to the repository |
---|
95 | cvs commit: Examining configs |
---|
96 | cvs add: scheduling file `router.db' for addition |
---|
97 | cvs add: use `cvs commit' to add this file permanently |
---|
98 | /var/lib/rancid/CVS/all/router.db,v <-- router.db |
---|
99 | initial revision: 1.1 |
---|
100 | |
---|
101 | 9. Test login to the router |
---|
102 | |
---|
103 | $ /usr/lib/rancid/bin/clogin 10.10.254.xxx |
---|
104 | |
---|
105 | If all goes well, rancid will proceed to automatically log you |
---|
106 | into the router. You should see this on your screen: |
---|
107 | |
---|
108 | User Access Verification |
---|
109 | |
---|
110 | Username: cisco |
---|
111 | Password: |
---|
112 | |
---|
113 | router16>enable |
---|
114 | Password: |
---|
115 | Router16# |
---|
116 | |
---|
117 | ... all this without having to type a username or password! |
---|
118 | |
---|
119 | Type 'exit' to logout |
---|
120 | |
---|
121 | 10. Create the router.db |
---|
122 | |
---|
123 | $ editor /var/lib/rancid/all/router.db |
---|
124 | |
---|
125 | Add this line: |
---|
126 | |
---|
127 | 10.10.254.xxx:cisco:up |
---|
128 | |
---|
129 | (remember to replace xxx as appropriate) |
---|
130 | |
---|
131 | 11. Let's run rancid! |
---|
132 | |
---|
133 | $ /usr/lib/rancid/bin/rancid-run |
---|
134 | |
---|
135 | (Should take a few seconds) |
---|
136 | |
---|
137 | 12. Check out the logs: |
---|
138 | |
---|
139 | $ cd /var/lib/rancid/logs |
---|
140 | $ ls -l |
---|
141 | |
---|
142 | ... View the contents of the file(s): |
---|
143 | |
---|
144 | $ less all.* |
---|
145 | |
---|
146 | 13. Look at the configs |
---|
147 | |
---|
148 | $ cd /var/lib/rancid/all/configs |
---|
149 | $ less 10.10.254.xxx |
---|
150 | |
---|
151 | If all went well, you can see the config of the router. |
---|
152 | |
---|
153 | 14. Let's change an interface Description on the router |
---|
154 | |
---|
155 | $ /usr/lib/rancid/bin/clogin 10.10.254.xxx |
---|
156 | |
---|
157 | At the "RouterX#" prompt, enter the command: |
---|
158 | |
---|
159 | conf term |
---|
160 | |
---|
161 | You should see: |
---|
162 | |
---|
163 | Enter configuration commands, one per line. End with CNTL/Z. |
---|
164 | RouterX(config)# |
---|
165 | |
---|
166 | Enter: |
---|
167 | |
---|
168 | interface Fa0/0 |
---|
169 | |
---|
170 | You should get this prompt: |
---|
171 | |
---|
172 | RouterX(config-if)# |
---|
173 | |
---|
174 | Enter: |
---|
175 | |
---|
176 | RouterX(config-if)# description External interface to classroom |
---|
177 | RouterX(config-if)# end |
---|
178 | |
---|
179 | You should now have this prompt: |
---|
180 | |
---|
181 | RouterX# |
---|
182 | |
---|
183 | To save the config to memory: |
---|
184 | |
---|
185 | write memory |
---|
186 | |
---|
187 | You should see: |
---|
188 | |
---|
189 | Building configuration... |
---|
190 | [OK] |
---|
191 | |
---|
192 | To exit type: |
---|
193 | |
---|
194 | exit |
---|
195 | |
---|
196 | 15. Let's run rancid again: |
---|
197 | |
---|
198 | $ /usr/lib/rancid/bin/rancid-run |
---|
199 | |
---|
200 | Look at the config and logs |
---|
201 | |
---|
202 | $ ls /var/lib/rancid/logs/ |
---|
203 | |
---|
204 | 16. Let's see the differences |
---|
205 | |
---|
206 | $ cd /var/lib/rancid/all/configs |
---|
207 | $ ls -l |
---|
208 | |
---|
209 | You should see all the router config files |
---|
210 | |
---|
211 | $ cvs log 10.10.254.xxx |
---|
212 | |
---|
213 | (where xxx is the IP of your router, .129 or .161) |
---|
214 | |
---|
215 | Notice the revisions. Let's view the difference between two versions: |
---|
216 | |
---|
217 | $ cvs diff -u -r 1.2 -r 1.3 10.10.254.xxx | less |
---|
218 | |
---|
219 | ... can you find your changes ? |
---|
220 | |
---|
221 | 17. Check your mail |
---|
222 | |
---|
223 | Now we will exit from these shells to get back to being the "sysadm" |
---|
224 | user, and run 'mutt' to see the mails which rancid has sent: |
---|
225 | |
---|
226 | $ exit |
---|
227 | # exit |
---|
228 | $ id |
---|
229 | ... check that you are now the 'sysadm' user again; |
---|
230 | ... if not, log out and in again |
---|
231 | $ mutt |
---|
232 | |
---|
233 | (When asked to create the Mail directory, say Yes) |
---|
234 | |
---|
235 | If everything goes as planned, you should be able to read the mails |
---|
236 | sent by Rancid. |
---|
237 | |
---|
238 | (use 'q' return to mail index, and 'q' again to quit mutt) |
---|
239 | |
---|
240 | 18. Finally, let's make rancid run automatically every 30 minutes from cron |
---|
241 | |
---|
242 | # crontab -e -u rancid |
---|
243 | |
---|
244 | Add this line: |
---|
245 | |
---|
246 | */30 * * * * /usr/lib/rancid/bin/rancid-run |
---|
247 | |
---|
248 | ... then save and quit |
---|
249 | |
---|