Rancid is one of the best Open Source tools out there for network engineers to keep track of configuration change of network devices. It works very well with Cisco, Juniper, Arista, HP Procurve switches and some others. The current version is 3.4.1. I have played with it for many years up to now. However, there are some other specific platforms that does not work with Rancid as long as you know the code and can customize files to get it supports as you need. Example, some model of Huawei switches does not work [Not all of them, just some :-)]. I have many friends and readers who are having problem about using this awesome tool for Huawei switches.
Check out our previous article about using Rancid For H3C & Huawei Switches.
1. Sample Diffs Output
Below is some sample output of Rancid for Cisco IOS and Juniper Junos.
Cisco IOS
Index: configs/MY-LAB-C3750 =================================================================== - -- configs/MY-LAB-C3750 (revision 13584) @@ -38,17 +38,17 @@ ! !Flash: Directory of flash:/ !Flash: 2 -rwx 12305677 Mar 1 1993 13:35:33 +11:00 c3750-ipservicesk9-mz.122-52.SE.bin - !Flash: 3 -rwx 3597 Jul 14 2015 12:10:37 +10:00 private-config.text + !Flash: 5 -rwx 13383 Jul 23 2015 09:23:00 +10:00 config.text !Flash: 6 -rwx 12997 Oct 9 2014 12:08:35 +11:00 running-config - !Flash: 8 -rwx 13101 Jul 14 2015 12:10:37 +10:00 config.text - !Flash: 15998976 bytes total (3657216 bytes free) + !Flash: 8 -rwx 3597 Jul 23 2015 09:23:00 +10:00 private-config.text + !Flash: 15998976 bytes total (3656704 bytes free) ! !Flash: nvram: Directory of nvram:/ - !Flash: nvram: 501 -rw- 13101 startup-config + !Flash: nvram: 501 -rw- 13383 startup-config !Flash: nvram: 502 ---- 3597 private-config !Flash: nvram: 1 ---- 35 persistent-data !Flash: nvram: 2 -rw- 0 ifIndex-table - !Flash: nvram: 524288 bytes total (505490 bytes free) + !Flash: nvram: 524288 bytes total (505208 bytes free) ! ! !NAME: "Cat37xx Stacking", DESCR: "Catalyst 37xx Switch Stack" @@ -135,15 +135,15 @@ ! !VLAN: VLAN Name Status Ports !VLAN: ---- -------------------------------- --------- ------------------------------- - !VLAN: 1 default active Fa1/0/17, Fa1/0/24, Fa1/0/35, Fa1/0/36, Gi1/0/3, Gi1/0/4 + !VLAN: 1 default active Fa1/0/17, Fa1/0/24, Gi1/0/3, Gi1/0/4 !VLAN: 2 New-Vlan1 active Fa1/0/1, Fa1/0/4, !VLAN: 37 VLAN0037 active @@ -438,9 +438,11 @@ spanning-tree portfast ! interface FastEthernet1/0/33 - description TO-MY-PC - switchport access vlan 2 - switchport mode access + description L2-LINK-TO-CORE01 + switchport trunk encapsulation dot1q + switchport trunk allowed vlan 2,40,3335 + switchport mode trunk + speed 100 !
Juniper Junos
Index: configs/MY-LAB-SRX
===================================================================
- -- configs/MY-LAB-SRX (revision 13536)
@@ -205,7 +205,7 @@
# syshmd_trackip-actions-dd release 12.1X44.2 built by builder on 2014-08-28 11:38:49 UTC
#
#MY-LAB-SRX> show configuration
- ## Last commit: 2015-05-29 14:50:52 EST by admin
+ ## Last commit: 2015-06-02 14:31:10 EST by admin
version 12.1X44-D40.2;
system {
host-name MY-LAB-SRX;
@@ -809,6 +809,16 @@
permit;
}
}
+ policy ALLOW-VPN-IN {
+ match {
+ source-address any;
+ destination-address OpenVPN-Server;
+ application ei-udp-1194;
+ }
+ then {
+ permit;
+ }
+ }
+ policy allow-dvpn-in {
+ match {
+ source-address any;
@@ -858,6 +868,7 @@
address 10.101.0.5/3210.101.0.5/32;
+ address OpenVPN-Server 10.101.0.32/32;
}
host-inbound-traffic {
system-services {As you can see, the minus sign (-) refer to previous configuration or removed configuration. While the plus sign (+) refer to added configuration. So now you can keep a good track of what is added or removed. Cool, right?
2. Web Interface
There is no web interface to configure Rancid but there is one for viewing config diffs.
3. Getting Help
In case you have problem with Rancid related, there is a good mailing list specific to Rancid and many genius have joined.
- For Rancid discussion, you can send email to [email protected]. There will be many reply from genius of the community.
- If you have suggestion, problem or contribution, you also can tell Rancid team directly via [email protected].
4. Not enough and want more?
Check the official Rancid site or input your idea or feedback via comment box below and I will try my best to help.