RANCID

From Wikitech
Jump to: navigation, search

RANCID is a tool that can monitor configuration changes on network devices, and mail the diffs periodically. It's installed on netmon1002 from the (rather alpha-quality) Debian/Ubuntu packages.

Rancid configuration is in /etc/rancid/ and /var/lib/rancid/.

You can clone the rancid repo with:

git clone ssh://netmon1002.wikimedia.org:/var/lib/rancid/core/ rancid-configs

Equipment notes

Juniper

The following configuration works on JUNOS:

system {
    login {
        class rancid {
            permissions [ view view-configuration ];
        }
        user rancid {
            uid 2002;
            class rancid;
            authentication {
                ssh-rsa "ssh-rsa rancid public-key"; ## SECRET-DATA
            }
        }
    }
}