Rancid is a "Really Awesome New Cisco confIg Differ" developed to maintain CVS controlled copies of router configs. The following is the packing list for Rancid. .in is stripped from the files below by configure with substitutions completed: README - This file. CHANGES - List of changes to Rancid. Todo - partial Todo list of what needs to be done. env.in - Enviromental settings needed. do-diffs.in - Script designed to be run from cron calling control_rancid. control_rancid.in - Builds router list, calls rancid on each router and handles cvs routines. rancid-fe.in - chooses between rancid/[efjr]rancid/cat5rancid. rancid.in - Runs commands on cisco routers and processes the output - the meat. erancid.in - Runs commands on ADC EZ-T3 muxes and processes the output. francid.in - Runs commands on foundry switches and processes the output. jrancid.in - Runs commands on juniper routers and processes the output. rrancid.in - Runs commands on redback routers and processes the output. cat5rancid.in -Runs commands on cisco cat5 switches and processes the output. clogin.in - Expect script that logs into routers either interactively, runs a set of commands, or runs another expect script. elogin.in - Expect script that logs into ADC EZ-T3 muxes either interactively, runs a set of commands, or runs another expect script. flogin.in - Expect script that logs into foundry switches. Once foundry cleans up their bloody UI, clogin should do the job. jlogin.in - Expect script that logs into juniper routers similarly to clogin. It is not terribly robust, but mainly used for it's -c and -s options. .cloginrc - TCL commands to set passwords, usernames etc. used by clogin and jlogin. par.in - Parallel processing of commands - any commands. rename.in - Perl script to rename files. create_cvs.in - Creates all of the CVS and config directories. util/ - utilities / contribs The following are included as part of the installation tools: Makefile.in - processed by configure to produce Makefiles configure - gnu autoconf script install-sh - shell script to simulate BSD style install mkinstalldirs - shell script to make installation directories rancid will also need to have the following packages: cvs - code revision system available from prep.ai.mit.edu:/pub/gnu gnudiff - gnudiff provides the -u option. if you do not have gnudiff, you will have to modify control_rancid to use 'diff -c' or some such. see examples. perl5 - perl version 5 or greater available from www.cpan.org expect - http://expect.nist.gov/ tcl - required by expect. Bill Fenner has a cgi script for interacting with CVS repositories via a web interface. This provides a great way to view rancid diffs and full configs, especially for those unfamiliar with cvs. The package is not included, but can be found here: http://www.freebsd.org/~fenner/cvsweb/cvsweb-1.0.tar.gz Quick Installation Guide (an example): 1) ./configure [--prefix=] By default, All rancid crud will be installed under /usr/local/rancid. This can be overridden with the --prefix option. E.g.: ./configure --prefix=/home/rancid The user who will run rancid must have write permission in this directory. 2) make install 3) Modify /bin/env. The variable LIST_OF_GROUPS is a space delimited list of router "groups". E.g.: LIST_OF_GROUPS="backbone aggregation switches" 4) Put .cloginrc in the home directory of the user who will run rancid. 5) Modify .cloginrc. Test to make sure that you can log into every router. Note: the juniper user you use *must* log into a cli shell (which is the default on a juniper). 6) Modify /etc/aliases Rancid sends the diffs and other controlling emails to rancid- and problems to rancid-admin-, where is the "GROUP" of routers. This way you can seperate your backbone routers from your access routers or seperate based upon network etc... Different router uses forced different people being interested in router "groups" - thus this setup. Make sure email to rancid- works. /etc/aliases can be maintainable by Majordomo stuff. - OR - Modify your home directory's .mailrc. Control_rancid uses sendmail to send diffs. To use a private .mailrc, control_rancid will have to be modified to use ucbmail or, better yet, something else which allow the Precedence header to be set. Pick your poison. The Precedence header set to bulk or junk *hopefully* avoids replies from auto-responders and vacation type mail filters. 7) Run create_cvs. This creates all of the CVS necessary directories and all of the config directories. 8) For each "group", modify the router.db file in the group directory. The file is of the form "router:mfg:state" where "router" is the name (we use FQDN) of the router, mfg is the manufacturer from the set of (cisco|ezt3|foundry|juniper|redback|cat5), and "state" is either up or down. Each router listed as "up" will have the configuration grabbed. Note: manufacturer cat5 is intended only for catalyst switches running catalyst (not IOS) code. eg //router.db: cisco-router.domain.com:cisco:up adc-mux.domain.com:ezt3:up foundry-switch-router.domain.com:foundry:up juniper-router.domain.com:juniper:up redback-dsl-router.domain.com:redback:down 9) Put do-diffs in cron to be called however often you want it to run for each group (do-diffs []). If you run it less often than once/hour, check the setting of OLDTIME in bin/env. E.g.: # run config differ hourly 1 * * * * /bin/do-diffs # clean out config differ logs 50 23 * * * /usr/bin/find /logs -mtime +2 -exec rm {} \; 10) Send any bugs, suggestions or updates to rancid@shrubbery.net. See the web page at http://www.shrubbery.net/rancid. We have created the standard mailing lists for those interested; rancid-announce@shrubbery.net and rancid-discuss@shrubbery.net. Subscribe by sending an email whose body contains "subscribe rancid-" to majordomo@shrubbery.net. -Hank