[rancid] Re: Pulling down context configs from a Cisco FWSM

Lance rancid at gheek.net
Thu Mar 29 20:55:54 UTC 2007


I guess if you can actually do as you think they can, then that is a
much better approach.

> -------- Original Message --------
> Subject: [rancid] Re: Pulling down context configs from a Cisco FWSM
> From: Krzysztof Adamski <kadamski at akn.ca>
> Date: Wed, March 28, 2007 7:51 am
> To: Rob Shepherd <rob at techniumcast.com>
> Cc: rancid-discuss at shrubbery.net
> 
> I should start this email by saying I have not ever used context on the ASA.
> 
> Now saying this, if you are allowing users to SSH into individual context, maybe
> you can backup the context separately by having each context listed in the rancid
> database as separate PIXes. You will need to have a username for rancid in each
> context, this may be a show stopper.
> 
> K
> 
>  On Wed, 28 Mar 2007, Rob Shepherd wrote:
> 
> > Lance wrote:
> > > Rob,
> > >
> > > When you do a "show run" after changing contexts does it give you a
> > > slightly different config or an entirely different config.
> >
> > It's an entirely different config. Each context is like a virtual PIX.
> > (until you get down to feature completeness and command compatability
> > that is :) )
> >
> > > Unfortunately at my place of business we only have a need to run 2
> > > basic contexts, the default admin and system. So I don't work with
> > > them.
> > >
> > > I don't intend on this being a context session 101, but why do you
> > > create contexts for each customer you have (as it appears to me)? You
> > > might enlighten me and I might switch to such a model. :-D
> > >
> >
> > I do this because it permits me to hand off control of a context to a
> > particular customer, if they want to do the config themselves.
> >
> > They can then SSH or PDM independently.
> >
> > Also there is some limitations with things like DNS/DHCP. I havn't found
> > a way to have different DNS server options outputted by the dhcpd
> > service on different interfaces. Same for extra options, like vendor
> > specific 43, which different for each customer, for Alcatel AVA.
> >
> > I'm really eager to get the context's + system backed up automatically
> > by rancid. I do it manually at present. :(
> >
> > If there's anything I can do to progress the development of such a
> > feature, somebody please enlighten me. I'm not a perl devel though, but
> > there's one sat next to me, who isn't a network engineer however. If I
> > know what to code I can help get it done.....
> > But i need the input from somebody who knows the architecture of rancid....
> >
> > Cheers
> >
> > Rob
> >
> >
> >
> >
> >
> >
> >
> > --
> > Rob Shepherd BEng PhD | Computer and Network Engineer | CAST Ltd
> > Technium CAST | LL57 4HJ | http://www.techniumcast.com
> > rob at techniumcast.com | 01248 675024 | 077988 72480
> > _______________________________________________
> > Rancid-discuss mailing list
> > Rancid-discuss at shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> >
> 
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss




More information about the Rancid-discuss mailing list