How to Configure RANCID (Part-1)

***Network Management and Monitoring Using RANCID ***

Important notes:

* Commands preceded with “$” imply that you should execute the command as a general user – not as root.

* Commands preceded with “#” imply that you should be working as root.

* Commands with more specific command lines (e.g. “RTR-GW>” or “mysql>”) imply that you are executing commands on remote equipment, or within another program.

Exercises:

Step-1: Connect to your PC using ssh

Step-2:Become root, and install the Subversion Version Control System:

In addition to Subversion we will specify to install telnet and the mutt email client. Both these package may already be installed from prior exercises. If so, don’t worry – the apt-get command will not reinstall them.

$ sudo bash

# apt-get install subversion telnet mutt

Step-3:Install Rancid itself

# apt-get install rancid

– It will prompt with a warning – Select <OK> and press ENTER to continue.

– It will give you another warning about making a backup copy of your rancid data. We have no data, so select <YES> and press ENTER to continue.

Step-4:Add an alias for the rancid user in /etc/aliases file

# editor /etc/aliases

rancid-all: sysadm

rancid-admin-all: sysadm

Save the file, then run:

# newaliases

Step-5:Edit /etc/rancid/rancid.conf

# editor /etc/rancid/rancid.conf

Find this line in rancid.conf:

#LIST_OF_GROUPS=”sl joebobisp”

And, underneath it add the following line:

LIST_OF_GROUPS=”all”

(with no ‘#’ at the front of line, and aligned to the left)

We want to use Subversion for our Version Control System, and not CVS, so find the line with the parameter RCSSYS:

RCSSYS=cvs; export RCSSYS

And, change it to:

RCSSYS=svn; export RCSSYS

and the line with CVSROOT:

CVSROOT=$BASEDIR/CVS; export CVSROOT

And, change it to:

CVSROOT=$BASEDIR/svn; export CVSROOT

Note the lowercase “svn”. Now exit and save the file.

Step-6:Change to the rancid user

IMPORTANT: 

Pay very close attention to what userid you are using during the rest of these exercises. If you are not sure simply

type “id” on the command line at any time. From a root prompt (“#”), switch identity to become the ‘rancid’ user:

# su -s /bin/bash rancid

Check that you ARE the rancid user:

$ id

You should see something similar (numbers may be different):

uid=104(rancid) gid=109(rancid) groups=109(rancid)

Note:  IF YOU ARE NOT USER RANCID NOW, do NOT continue.

Step-7:Create /var/lib/rancid/.cloginrc

$ editor /var/lib/rancid/.cloginrc

Add the following two lines to the file:

add user *.ws.gpontutorials.com cisco

add password *.ws.gpontutorials.com nsrc+ws nsrc+ws

(The first ‘cisco’ is the username, the first and second ‘nsrc+ws’ are the password and enable password used to login to your router. The star in the name means that it will try to use this username and password for all routers whose names end .ws.gpontutorials.com)

Exit and save the file.

Now protect this file so that it cannot be read by other users:

$ chmod 600 /var/lib/rancid/.cloginrc

Step-8:Test login to the router of your group

Login to your router with clogin. You might have to type yes to the first warning, but should not need to enter a password, this should be automatic.

$ /var/lib/rancid/bin/clogin rtrX.ws.gpontutorials.com

(replace X with your group number. So, group 1 is rtr1.ws.gpontutorials.com)

You should get something like:

spawn ssh -c 3des -x -l cisco rtr2.ws.gpontutorials.com

The authenticity of host ‘rtr2.ws.gpontutorials.com (10.10.2.254)’ can’t be established.

RSA key fingerprint is 73:f3:f0:e8:78:ab:49:1c:d9:5d:49:01:a4:e1:2a:83.

Are you sure you want to continue connecting (yes/no)?

Host rtr1.ws.gpontutorials.com added to the list of known hosts.

yes

Warning: Permanently added ‘rtr1.ws.gpontutorials.com’ (RSA) to the list of known

hosts.

Password:

rtr1>enable

Password:

rtr1#

Exit the from the router login:

rtr2#exit

Step-9:Initialize the SVN repository for rancid:

Make sure you are the rancid user before doing this:

$ id

If you do not see something like

“uid=108(rancid) gid=113(rancid) groups=113(rancid)”

then DO NOT CONTINUE until you have become the rancid user. See exercise 6 for details.

Now initialize the Version Control repository (it will use Subversion):

$ /usr/lib/rancid/bin/rancid-cvs

You should see something similar to this:

Committed revision 1.

Checked out revision 1.

At revision 1.

A configs

Adding configs

Committed revision 2.

A router.db

Adding router.db

Transmitting file data .

Committed revision 3.

******** Do this ONLY if you have problems (Troubleshooting) *******

If this does not work, then either you are missing the subversion package, or something was not properly configured during the previous steps. You should verify that subversion is installed and then before running the rancid-cvs command again do the following:

$ exit

# apt-get install subversion

# su -s /bin/bash rancid

$ cd /var/lib/rancid

$ rm -rf all

$ rm -rf svn

Now try running the rancid-cvs command again:

$ /usr/lib/rancid/bin/rancid-cvs

**********************End of Troubleshooting part****************

Step-10:Create the router.db file

$ editor /var/lib/rancid/all/router.db

Add this line:

rtrX.ws.gpontutorials.com:cisco:up

(remember to replace X as appropriate)

Exit and save the file.

Step-11:Let’s run rancid!

$ /usr/lib/rancid/bin/rancid-run

This will take a few moments so be patient.

Run it again, since the first time it might not commit correctly:

$ /usr/lib/rancid/bin/rancid-run

Step-12:Check the rancid log files:

$ cd /var/lib/rancid/logs

$ ls -l

… View the contents of the file(s):

$ less all.*

NOTE! Using “less” – to see the next file press “:n”. To see the Previous

file press “:p”. To exit from less press “q”.

Step-13:Look at the configs

$ cd /var/lib/rancid/all/configs

$ less rtrX.ws.gpontutorials.com

Where you should replace “X” with your group number.

If all went well, you can see the config of the router.

Step-14:Let’s change an interface Description on the router

$ /usr/lib/rancid/bin/clogin rtrX.ws.gpontutorials.com

Where you should replace “X” with your group number.

At the “rtrX#” prompt, enter the command:

rtrX# conf term

You should see:

Enter configuration commands, one per line. End with CNTL/Z.

rtrX(config)#

Enter:

rtrX(config)# interface LoopbackXX (replace XX with your PC no)

You should get this prompt:

rtrX(config-if)#

Enter:

rtr2(config-if)# description <put your name here>

rtr2(config-if)# end

You should now have this prompt:

rtrX#

To save the config to memory:

rtrX# write memory

You should see:

Building configuration…

[OK]

To exit type:

rtrX# exit

Now you should be back at your rancid user prompt on your system:

Step-15:Let’s run rancid again:

$ /usr/lib/rancid/bin/rancid-run

Look at the rancid logs

$ ls /var/lib/rancid/logs/

You should see the latest rancid execution as a new log file with the date and time in the name.

Step-16:Let’s see the differences

$ cd /var/lib/rancid/all/configs

$ ls -l

You should see the router config file for your group:

$ svn log rtrX.ws.gpontutorials.com

(where X is the number of your router)

Notice the revisions. Let’s view the difference between two versions:

$ svn diff -r 5:7 rtrX.ws.gpontutorials.com | less

… can you find your changes?

Notice that svn is the Subversion Version Control system command line tool for viewing Subversion repositories of information. If you type:

$ ls -lah

You will see a hidden directory called “.svn” – this actually contains all the information about the changes between router configurations from each time you run rancid using /usr/lib/rancid/bin/rancid-run.

Next Part(Part-2)>>

 

 

 

Be the first to comment

Leave a Reply

Your email address will not be published.


*


For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

I agree to these terms.