RANCID/CVS Installation & Configuration Guide

RANCID/CVS Installation & Configuration Guide By: Aun Iqbal The first thing to do is to create a new user called rancid because you should avoid running any applications with the root rights for security reasons. #adduser rancid --home /var/lib/rancid This will create the rancid user and at the same time a rancid directory. The rancid user will own this directory. Installing the software: sudo apt-get install rancid Now, we can start to set the Rancid tool. We configure the /etc/rancid.conf file to create groups of devices. At least one group needs to be configured. Adding the line below will create the cisco group where all the device configurations will be stored: Rancid Home Directory rancid@ubuntu-desktop:~$ pwd /var/lib/rancid rancid@ubuntu-desktop:~$ Contents of Rancid Directory
rancid@ubuntu-desktop:~$ ls -la total 48 drwxr-xr-x 5 rancid rancid 4096 drwxr-xr-x 63 root root 4096 -rw------- 1 rancid rancid 1634 lrwxrwxrwx 1 rancid rancid 19 drwxr-x--- 4 rancid rancid 4096 -rw------- 1 rancid rancid 180 drwxrwxr-x 6 rancid rancid 4096 -rwxr-xr-x 1 rancid rancid 3739 -rwxr-xr-x 1 rancid rancid 5189 lrwxrwxrwx 1 rancid rancid 16 drwxr-x--- 4 rancid rancid 4096 -rwxr-xr-x 1 rancid rancid 5871 rancid@ubuntu-desktop:~$

2010-06-30 2010-06-29 2010-06-02 2010-05-25 2010-06-30 2010-06-30 2010-06-30 2009-08-20 2009-08-20 2010-05-25 2010-06-02 2009-08-20

13:59 23:31 20:01 20:44 14:00 13:59 11:39 13:00 13:00 20:44 15:28 13:00

. .. .bash_history bin -> /usr/lib/rancid/bin cisco .cloginrc CVS downreport getipacctg logs -> ../../log/rancid My_Config rtrfilter

.clogin file It allows user to logon to devices Syntax: #add password 10.156.1.1 {user_password} {enable_password rancid@ubuntu-desktop:~$ more .cloginrc #add password x.x.x.x {user_password} {enable_password} add password 192.168.40.110 cisco cisco add password 192.168.40.120 cisco cisco add password 192.168.40.130 cisco cisco rancid@ubuntu-desktop:~$

LIST_OF_GROUPS="cisco"

Page 1 of 6

By: Aun Iqbal

RANCID/CVS Installation & Configuration Guide

It can be very helpful to create several groups if you have a lot of devices and want to separate them by let's say geographical location. LIST_OF_GROUPS="cisco juniper extreme" The group names must be separated with a space. We need to configure a file called ".cloginrc" containing the passwords necessary to the access to the network devices. To create this file, we need to rename cloginrc.sample to .cloginrc. #cp /home/rancid/share/rancid/cloginrc.sample /var/rancid/.cloginrc Next, the ownership of the /var/lib/rancid directory including its files and directories must be transferred to the rancid user.

#chmod 600 /var/lib/rancid/.cloginrc #chown -R rancid:rancid /var/lib/rancid

Creating a CVS architecture Login as rancid: #su rancid rancid@linux#/var/lib/rancid/bin/rancid-cvs add devices to the groups: /home/rancid/var/rancid/"group_name"/router.db The syntax is the following: "ip_address or FQDN":"device_type":"status" 192.168.40.110:cisco:up 192.168.40.120:cisco:up Use clogin to logon to Cisco router: rancid@ubuntu-desktop:~$ bin/clogin 192.168.40.110 192.168.40.110 spawn telnet 192.168.40.110 Trying 192.168.40.110... Connected to 192.168.40.110. Escape character is '^]'.

User Access Verification Username: rancid Password: Router1>enable Password: Router1# Router1#

Page 2 of 6

By: Aun Iqbal

RANCID/CVS Installation & Configuration Guide

clogin Commands can also run with following aun@ubuntu-desktop:/var/lib/rancid$ bin/clogin 192.168.40.110 aun@ubuntu-desktop:/var/lib/rancid$ sudo bin/clogin -u rancid -p cisco 192.168.40.110

To run rancid to obtain backups from all devices bin/rancid-run CVS can read the backup configurations created by Rancid. The CVSWEB folder can be accessed using below aun@ubuntu-desktop:/var/lib/rancid$ ls bin cisco CVS downreport getipacctg logs My_Config rtrfilter aun@ubuntu-desktop:/var/lib/rancid$ aun@ubuntu-desktop:/etc/cvsweb$ ls cvsweb.conf cvsweb.css aun@ubuntu-desktop:/etc/cvsweb$ To access the RANCID/CVS website, type the following URL in browser: http://192.168.40.250/cgi-bin/cvsweb/

References: Please also see the links below for more installation options: RANCID The easy tutorial http://openmaniak.com/rancid_tutorial.php RANCID Ubuntu How-to Installation, device bulk imports & SSH setup http://travelingfrontiers.wordpress.com/2010/05/13/rancid-ubuntu-rancid-how-to-setup-bulkdevice-imports/ Manage CISCO Configurations with RANCID http://homepage.mac.com/duling/halfdozen/RANCID-Howto.html RANCID - Really Awesome New Cisco confIg Differ http://www.shrubbery.net/rancid/

Page 3 of 6

By: Aun Iqbal

RANCID/CVS Installation & Configuration Guide

Rancid/CVS Configuration Screenshots The following screenshot is the homepage for Rancid/CVS and it shows different folders in which configurations can be stored based on its device type.

Figure 1 CVS Repository Main Page This screen shot shows the different devices and their version numbers.

Figure 2 CVS Repository for Cisco Configs

Page 4 of 6

By: Aun Iqbal

RANCID/CVS Installation & Configuration Guide

The following screenshot show the comparison between two files version and provide the timestamp on which the files were generated.

Figure 3 Comparison between Rancid Configs

Page 5 of 6

By: Aun Iqbal

RANCID/CVS Installation & Configuration Guide

The following figure shows the differences and similarities between the contents of two files using colour-coded schemes.

Figure 4 Comparison of contents of Rancid Configs

Page 6 of 6

By: Aun Iqbal