[rancid] Re: Backing up Routers behind Cisco Router in VRF instance
Ed Ravin
eravin at panix.com
Thu Mar 22 15:27:55 UTC 2007
On Fri, Mar 16, 2007 at 04:28:31PM +0100, Flavio Curti wrote:
> I'm trying to backup cisco-routers behind another cisco router. This
> should work using the usercmd patch. However I have two problems:
>
> - The routers are in vrf instances on the router, so i have to login
> like this: telnet routerip /vrf vrfinstance
That's easy, just put the /vrf option in the usercmd_chat variable for
the instance.
> - the routers have the same internal ip-addresses, so i can have a
> router on 192.168.0.1 in vrf "one" and vrf "two"
Ouch. This is such a bad idea, for this and many other reasons.
But if you insist on having duplicate IP in your network, it can be
supported with the usercmd patches.
You need to use names for the routers in cloginrc rather than IP addresses,
and "translate" the names in the usercmd_chat entries. For example:
add method vrf_NYC_192.168.0.1 usercmd
add usercmd vrf_NYC_192.168.0.1 {clogin} {GATEWAY-ROUTER}
add usercmd_chat vrf_NYC_192.168.0.1 {>} {telnet 192.168.0.1 /vrf VRF-INSTANCE\r} {User Access Verification\r} {}
And then add an entry for another city:
add method vrf_Chicago_192.168.0.1 usercmd
add usercmd vrf_Chicago_192.168.0.1 {clogin} {GATEWAY-ROUTER}
add usercmd_chat vrf_Chicago_192.168.0.1 {>} {telnet 192.168.0.1 /vrf VRF-INSTANCE\r} {User Access Verification\r} {}
Naturally, you'll need the right values for "GATEWAY-ROUTER" and
"VRF-INSTANCE" for your environment. My examples above also assume that
you've already got clogin working for "GATEWAY-ROUTER".
This will be a bit tricky to set up. Suggest you think long and hard about
how to name everything so you will be able to maintain your settings as
you add new routers to this scheme. And think of whoever takes over your
job several years from now - they're probably already tossing in their
sleep muttering nasty things about the network numbering scheme they're
going to inherit.
> Do I have to make a public dns
> entry for every router I have?
I don't think you have to if you don't want to. My examples above do
not depend on DNS - the "vrf_CITY_IP-address" names never get resolved.
There's not much point to using DNS when you have duplicate IP addresses,
since the context, not the DNS name, controls which host you see.
More information about the Rancid-discuss
mailing list