We heavily comment our configs and back them up in RCS file (mostly 6500s). There are also commands that are more clearly understood when entered as a multiple single CLIs, but then show up in config as a summarized single entry. There is also the ACL entries which get optimized and are not in the order they were entered.
Doesn't RANCID only compare the current running to a saved running config. So in our case we still have to keep a commented file history around. Not sure what the best solution is, and in our case mistakes can be made. Jeff Fitzwater OIT Network & Communications Systems Princeton University On May 24, 2010, at 12:53 , Jeff Rooney wrote: > +1 Rancid > > Jeff Rooney > [email protected] > > > > On Mon, May 24, 2010 at 11:38 AM, Bill Blackford > <[email protected]> wrote: >> Rancid >> >> http://www.shrubbery.net/rancid/ >> >> -b >> >> -----Original Message----- >> From: [email protected] >> [mailto:[email protected]] On Behalf Of Mike >> Sent: Monday, May 24, 2010 9:34 AM >> To: 'Cisco-nsp' >> Subject: [c-nsp] Tracking config changes >> >> Hi Gang, >> >> In my smallish network I am guilty sometimes of using cli to make >> cisco switch and router config changes, and sometimes I have been known >> to forget to 'wr mem' when I'm sure it's what I want. The reasons for >> this vary, but I want to be better than this disaster waiting for a >> power outage or other event to force a reset, losing something that >> could potentially be important that I may forget about later. I know >> there are approaches to this in larger envionments using config version >> control systems and such, but I think I want something simpler to at >> least notify me when/if I have a 'running config' that has been modified >> from the 'startup config' and not committed to nvram. >> >> One approach I might think of would be to poll the devices on my >> normal snmp schedule and include a check for the last date of >> configuration change. I could easilly throw an alert if it's been more >> than an hour since the last config change/write to memory, but I don't >> know which variables I would poll for that. A secondary idea might also >> be to download the configs and commit them to cvs anytime a change is >> detected, but some here might think this is backwards and that configs >> should only be uploaded? What do you other service provider folks do? >> >> Mike- >> _______________________________________________ >> cisco-nsp mailing list [email protected] >> https://puck.nether.net/mailman/listinfo/cisco-nsp >> archive at http://puck.nether.net/pipermail/cisco-nsp/ >> >> _______________________________________________ >> cisco-nsp mailing list [email protected] >> https://puck.nether.net/mailman/listinfo/cisco-nsp >> archive at http://puck.nether.net/pipermail/cisco-nsp/ >> > > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
