[rancid] comparing device running config against startup config

Per-Olof Olsson peo at chalmers.se
Sat Oct 8 07:29:00 UTC 2011


Looks like I have a working version that compare timestamps from
Cisco IOS show running-config output.
We only have Cisco switches/routers running later versions of IOS 12.2, 
so thats what I have run tests on.

Found on our site, 5 switches with not proper saved config.

Note that time have to be in sync to get timestamps in config files.
After boot it take several minutes to get time in sync.

------------------------------------------------------
diff -c rancid.in_pre_ts rancid.in
*** rancid.in_pre_ts    Sat Oct  8 08:43:50 2011
--- rancid.in   Sat Oct  8 08:39:27 2011
***************
*** 63,68 ****
--- 63,75 ----
   $found_diag = 0;
   $timeo = 90;                          # clogin timeout in seconds

+ #Timestamp for running and saved config
+ use Time::Local
+ $ts_runing_cfg = 0;
+ $ts_saved_cfg = 0;
+ %ts_mon=("Jan",0,"Feb",1,"Mar",2,"Apr",3,"May",4,"Jun",5,
+       "Jul",6,"Aug",7,"Sep",8,"Oct",9,"Nov",10,"Dec",11);
+
   my(@commandtable, %commands, @commands);# command lists
   my($aclsort) = ("ipsort");            # ACL sorting mode
   my($config_register);                 # configuration register value
***************
*** 1586,1591 ****
--- 1593,1612 ----
             }
             tr/\015//d;
         }
+
+ #Get timestamps from Cisco IOS.
+ #! Last configuration change at 11:04:03 MET-DST Tue Sep 6 2011 by XXX
+ #! NVRAM config last updated at 11:04:12 MET-DST Tue Sep 6 2011 by XXX
+ #! Last configuration change at 11:28:27 MET-DST Wed May 25 2011
+ #! NVRAM config last updated at 11:44:14 MET-DST Wed May 25 2011
+ #
+       if (/^! Last configuration change at (\d+):(\d+):(\d+) \S+ \w+ 
(\w+) (\d+) (\d+)/) {
+               $ts_running_cfg = timelocal($3,$2,$1,$5,$ts_mon{$4},$6);
+       }
+       if (/^! NVRAM config last updated at (\d+):(\d+):(\d+) \S+ \w+ 
(\w+) (\d+) (\d+)/) {
+               $ts_saved_cfg = timelocal($3,$2,$1,$5,$ts_mon{$4},$6);
+       }
+
         # skip ASA 5520 configuration author line
         /^: written by /i && next;
         # some versions have other crap mixed in with the bits in the
***************
*** 2053,2058 ****
--- 2074,2089 ----
         }
       }
   }
+ # Check if running config is't saved
+ if ($ts_running_cfg > $ts_saved_cfg) {
+       ProcessHistory("","","","! Running config not saved!\n");
+ }
+ #if ($debug) {
+ #     print STDERR ("Running config from:" . 
localtime($ts_running_cfg) . "\n");
+ #     print STDERR ("Saved cofnig from:" . localtime($ts_saved_cfg) . 
"\n");
+ #}
+
+
   print STDOUT "Done $logincmd: $_\n" if ($log);
   # Flush History
   ProcessHistory("","","","");
---------------------------------------------------


/Peo
----------------------------------------------------------
Per-Olof Olsson               Email: peo at chalmers.se
Chalmers tekniska högskola    IT-service
Hörsalsvägen 5                412 96 Göteborg
Tel: 031/772 6738  Fax: 031/772 8680
----------------------------------------------------------


Per-Olof Olsson  2011-09-20 20:32:
> Ian Stong 2011-09-20 16:10:
>> We are using rancid to grab the running config and look for differences
>> over the previous running config. That works great and as advertised. I
>> was wondering what others are doing to catch the occasional issue where
>> someone makes a change to the running config but for whatever reason it
>> doesn't get saved and the device crashes - hence loosing that part of
>> the config.
>>
>> What suggestions do you have for ensuring the running config matches the
>> startup config?
>>
> Thinks there begin to be useful info for some platforms.
>
> HP procurve have on later switches "show running-config status"
> Not fully working on 2650! After reboot it always differ.
> HP support have fixed this for 2610's after I bug report it.
>
>
> Cisco IOS. Compare time stamp  from "show running-config"
> Some of the first lines.
>
>
> Nexus. Look at output from  "show running-config diff".
> Can't test latest version if it still generate diffs for some lines.
>
>
>>
>> Thanks,
>>
>> Ian
>> _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
>
> /Peo
> ----------------------------------------------------------
> Per-Olof Olsson               Email: peo at chalmers.se
> Chalmers tekniska högskola    IT-service
> Hörsalsvägen 5                412 96 Göteborg
> Tel: 031/772 6738  Fax: 031/772 8680
> ----------------------------------------------------------
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss





More information about the Rancid-discuss mailing list