[rancid] Rate-limiting connections through one host?

heasley heas at shrubbery.net
Mon Feb 26 18:21:24 UTC 2018

Mon, Feb 26, 2018 at 11:30:36AM +0000, Howard Jones:
> I have a slightly unusual RANCID problem - we have some multi-context
> Cisco ASAs, where for convenience, each context is backed up as a
> separate 'host'. To do that:
> 1) hostnames are firewallname[contextname]
> 2) removed some 'force lower case stuff' because our context names are
> capitalised
> 3) Pass the [contextname] bit as a separate parameter to the polling process
> 4) *rancid script that knows to switch to the correct context
> 5) some small patches to allow the filename to be different from the hostname
> All of that is not standard, but the problem I see now is that rancid
> blitzes the firewall with dozens of concurrent connections, as these
> "different" devices are all polled together. It occurred to me that
> anyone with a terminal server, or some other proxy would see similar
> issues though, so maybe there's already a solution for it.
> My current plan is to randomize the order of the hosts during
> control_rancid passes, so at least it's not deterministic which ones
> will fail 3 times, and I get a fairly recent backup of everything.
> Has anyone else run across similar issues and found a more elegant solution?

reduce the number of concurrent connections in <group>/rancid.conf.

More information about the Rancid-discuss mailing list