On Tue, Mar 10, 2009 at 6:49 AM, Craig Cook <[email protected]> wrote: >> I'm going to be making the initial release of the automated network >> config generation tool that I've been working on (see >> http://www.netomata.com/products/ncg). > > Is this in a similar space to RANCID? > > http://www.shrubbery.net/rancid/ > > I have worked with network people who used that and were happy with it.
RANCID is analogous to Nagios and the other network monitoring tools that we've been discussing in this thread, except that it monitors config files rather than SNMP statistics. NCG, on the other hand, is more analogous to a tool like Puppet or cfengine , though it's intended for networking gear rather than UNIX/LInux hosts; it _generates_ the config files, rather than simply monitoring them for changes made by hand or using other tools. To answer your question in more detail, RANCID is a popular tool for monitoring for changes in the configurations of network devices (routers, switches, firewalls, etc.). If it detects any meaningful changes, it emails you about them, and checks the new config into a version control system. RANCID doesn't generate configs, though; it doesn't know or care where a config originally comes from, or whether changes to it are made manually or by some automated system, it merely monitors those changes. In contrast, NCG generates whole config files from templates and a high-level description of your network. Because the config files are generated rather than hand-maintained, they are more likely to be complete and consistent (particularly across multiple related devices, such as multiple redundant switches in a hosting environment, or across firewalls and load balancers serving the same hosting environment). More complete and consistent configs makes your network more reliable. Generating configs rather than maintaining them by hand makes your network easier to manage and grow; when you need to make a change, you change the templates and/or description of the network as appropriate, run NCG, and regenerate a new set of complete, consistent configs for all your devices (routers, switches, load balancers, firewalls, etc.) and services (DNS servers, DHCP servers, monitoring systems such as Nagios and Cacti and Munin, etc.). You can read more about the philosophy behind NCG at http://www.netomata.com/benefits The initial release of NCG doesn't actually attempt to place the generated configs on any of the devices; it merely generates config files which you can review and install as, when, and however you see fit. In the future, we'll be looking at integrating NCG with tools like Puppet (for installing config files for UNIX/Linux-based services such as DNS, DHCP, and monitoring) and Ziptie (for installing configs on network devices; see http://www.ziptie.org). -Brent -- Brent Chapman <[email protected]> Founder and CEO // Netomata, Inc. // www.netomata.com Making networks more reliable and flexible by automating network configuration _______________________________________________ Discuss mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
