Network Management & Monitoring

Using RANCID

Notes:

Exercises

  1. Connect to your PC using ssh

  2. Become root, verify that postfix (mail system) is installed and running.

    $ sudo bash
    # service postfix status
    ... result should be "postfix is running"
    

    Also check that the 'mutt' mail client is installed:

    # apt-get install mutt
    
  3. Add an alias for the rancid user in /etc/aliases file

    # editor /etc/aliases
    
    
    rancid-all:     sysadm
    rancid-admin-all:   sysadm
    

    Save the file, then run:

    # newaliases
    
  4. Install Rancid itself

    # apt-get install rancid telnet
    
  5. Edit /etc/rancid/rancid.conf

    # editor /etc/rancid/rancid.conf
    

    Find the line with the parameter LISTOFGROUPS, and add a similar line with:

    LIST_OF_GROUPS="all"
    

    (with no '#' at the front of line)

  6. Change to the rancid user

    From a root prompt, switch identity to become the 'rancid' user:

    # su -s /bin/bash rancid
    

    Check that you ARE the rancid user:

    $ id
    

    You should see something similar (numbers may be different):

    uid=114(rancid) gid=124(rancid) groups=124(rancid)
    
  7. Create /var/lib/rancid/.cloginrc

    $ editor /var/lib/rancid/.cloginrc
    
    
    add user 10.10.254.xxx cisco
    add password 10.10.254.xxx cisco cisco
    

    (Replace 10.10.254.xxx with your router's IP address. The first 'cisco' is the username, the second and third 'cisco' are the password and enable password used to login to your router)

    Now protect this file so that it cannot be read by other users:

    $ chmod 600 /var/lib/rancid/.cloginrc
    
  8. Initialize the CVS repository for rancid:

    $ /usr/lib/rancid/bin/rancid-cvs
    

    You should see something similar to this:

    No conflicts created by this import
    
    
    cvs checkout: Updating all
    Directory /var/lib/rancid/CVS/all/configs added to the repository
    cvs commit: Examining configs
    cvs add: scheduling file `router.db' for addition
    cvs add: use `cvs commit' to add this file permanently
    /var/lib/rancid/CVS/all/router.db,v  <--  router.db
    initial revision: 1.1
    
  9. Test login to the router

    $  /usr/lib/rancid/bin/clogin 10.10.254.xxx
    

    If all goes well, rancid will proceed to automatically log you into the router. You should see this on your screen:

    User Access Verification
    
    
    Username: cisco
    Password: 
    
    
    router16>enable
    Password: 
    Router16#
    

    ... all this without having to type a username or password!

    Type 'exit' to logout

  10. Create the router.db

    $ editor /var/lib/rancid/all/router.db
    

    Add this line:

    10.10.254.xxx:cisco:up
    

    (remember to replace xxx as appropriate)

  11. Let's run rancid!

    $ /usr/lib/rancid/bin/rancid-run
    

    (Should take a few seconds)

  12. Check out the logs:

    $ cd /var/lib/rancid/logs
    $ ls -l
    

    ... View the contents of the file(s):

    $ less all.*
    
  13. Look at the configs

    $ cd /var/lib/rancid/all/configs
    $ less 10.10.254.xxx
    

    If all went well, you can see the config of the router.

  14. Let's change an interface Description on the router

    $ /usr/lib/rancid/bin/clogin 10.10.254.xxx
    

    At the "RouterX#" prompt, enter the command:

    conf term
    

    You should see:

    Enter configuration commands, one per line.  End with CNTL/Z.
    RouterX(config)#
    

    Enter:

    interface Fa0/0
    

    You should get this prompt:

    RouterX(config-if)#
    

    Enter:

    RouterX(config-if)# description External interface to classroom
    RouterX(config-if)# end
    

    You should now have this prompt:

    RouterX#
    

    To save the config to memory:

    write memory
    

    You should see:

    Building configuration...
    [OK]
    

    To exit type:

    exit
    
  15. Let's run rancid again:

    $ /usr/lib/rancid/bin/rancid-run
    

    Look at the config and logs

    $ ls /var/lib/rancid/logs/
    
  16. Let's see the differences

    $ cd /var/lib/rancid/all/configs
    $ ls -l
    

    You should see all the router config files

    $ cvs log 10.10.254.xxx
    

    (where xxx is the IP of your router, .129 or .161)

    Notice the revisions. Let's view the difference between two versions:

    $ cvs diff -u -r 1.2 -r 1.3 10.10.254.xxx | less
    

    ... can you find your changes ?

  17. Check your mail

    Now we will exit from these shells to get back to being the "sysadm" user, and run 'mutt' to see the mails which rancid has sent:

    $ exit
    # exit
    $ id
    ... check that you are now the 'sysadm' user again;
    ... if not, log out and in again
    $ mutt
    

    (When asked to create the Mail directory, say Yes)

    If everything goes as planned, you should be able to read the mails sent by Rancid.

    (use 'q' return to mail index, and 'q' again to quit mutt)

  18. Finally, let's make rancid run automatically every 30 minutes from cron

    # crontab -e -u rancid
    

    Add this line:

    */30  *  *  *  *  /usr/lib/rancid/bin/rancid-run
    

    ... then save and quit