Agenda: exercises-rancid.txt

File exercises-rancid.txt, 5.1 KB (added by admin, 8 years ago)
Line 
1Network Management & Monitoring
2
3Using RANCID
4
5Notes:
6------
7* Commands preceded with "$" imply that you should execute the command as
8  a general user - not as root.
9* Commands preceded with "#" imply that you should be working as root.
10* Commands with more specific command lines (e.g. "RTR-GW>" or "mysql>")
11  imply that you are executing commands on remote equipment, or within
12  another program.
13
14Exercises
15---------
16
170. Log in to your PC or open a terminal window as the sysadmin user.
18
191. Verify that postfix (mail system) is installed and running.
20
21    $ ps ax | grep postfix
22
232. Add an alias for the rancid user in /etc/aliases file
24
25    $ sudo joe /etc/aliases
26
27    rancid-all:     sysadmin
28    rancid-admin-all:   sysadmin
29
30    Save the file, then run:
31
32    $ sudo newaliases
33
343. Install Rancid itself
35
36    $ sudo apt-get install rancid
37
38    (Say yes to the questions)
39
40    $ sudo apt-get install rancid-cgi
41    $ sudo apt-get install cvsweb
42    $ sudo apt-get install cvs
43
44    Or you could install everything at once:
45   
46    $ sudo apt-get install rancid rancid-cgi cvsweb cvs
47
484. Edit /etc/rancid/rancid.conf
49
50    $ sudo joe /etc/rancid/rancid.conf
51
52    Find the line with the parameter LIST_OF_GROUPS, and replace it with
53
54    LIST_OF_GROUPS="all"
55
56    (with no '#' at the front of line)
57
585. Choose which router you will manage:
59
60        rX         ->          10.10.254.xxx
61
62
636. Change to the rancid user
64
65    - First you need to become the root user:
66
67    $ sudo bash
68   
69      Now you can become the RANCID user:
70   
71    # su -s /bin/bash rancid
72   
73    - Check that you ARE the rancid user:
74
75    $ id
76
77    - You should see something similar (numbers may be different):
78
79    uid=114(rancid) gid=124(rancid) groups=124(rancid)
80
817. Create /var/lib/rancid/.cloginrc
82
83    $ joe /var/lib/rancid/.cloginrc
84
85    add user 10.10.254.xxx sysadmin
86    add password 10.10.254.xxx pass enable_pass
87
88        (Replace 10.10.254.xxx with your router's IP address. 'sysadmin',
89        'pass' and 'enable_pass' are the username, password and enable
90        password used to login to your router)
91
92        Now protect this file so that it cannot be read by other users:
93
94    $ chmod 600 /var/lib/rancid/.cloginrc
95
967. Initialize the CVS repository for rancid:
97
98    $ /usr/lib/rancid/bin/rancid-cvs
99
100    - You should see something similar to this:
101
102No conflicts created by this import
103
104cvs checkout: Updating all
105Directory /var/lib/rancid/CVS/all/configs added to the repository
106cvs commit: Examining configs
107cvs add: scheduling file `router.db' for addition
108cvs add: use `cvs commit' to add this file permanently
109/var/lib/rancid/CVS/all/router.db,v  <--  router.db
110initial revision: 1.1
111
112
1138. Test login to the router
114
115    $  /usr/lib/rancid/bin/clogin 10.10.254.xxx
116
117        - If all goes well, rancid will proceed to automatically log you
118          into the router.  You should see this on your screen:
119
120User Access Verification
121
122Username: cisco
123Password:
124
125R16>enable
126Password:
127R16#
128
129        ... all this without having to type a username or password!
130
131    - Type 'exit' to logout
132
1339. Add the router.db
134
135    $ joe /var/lib/rancid/all/router.db
136
137    Add:
138
139    10.10.254.xxx:cisco:up
140
141    (remember to replace xxx as appropriate)
142
14310. Let's run rancid!
144
145    $ /usr/lib/rancid/bin/rancid-run
146
147    (Should take a few seconds)
148
14911. Check out the logs:
150
151    $ cd /var/lib/rancid/logs
152    $ ls -l
153
154    ... View the contents of the file:
155
156    $ less all.*
157
158
15912. Look at the configs
160
161    $ cd /var/lib/rancid/all/configs
162    $ less 10.10.254.xxx
163
164    - If all went well, you can see the config of the router.
165
166
16713. Let's change an interface Description on the router
168
169    $ /usr/lib/rancid/bin/clogin 10.10.254.xxx
170
171    - At the "Rx#" prompt, enter the command:
172
173    conf term
174
175    - You should see:
176
177Enter configuration commands, one per line.  End with CNTL/Z.
178Rx(config)#
179
180    - Enter:
181
182    interface Fa0/1
183
184    - You should get this prompt:
185
186Rx(config-if)#
187
188    - Enter:
189
190    Rx(config-if)> description Internal Interface to PCx
191
192
193    - Then type CTRL-Z (press Control + the Z key)
194
195    - You should now have this prompt:
196
197Rx#
198
199    - To save the config to memory:
200
201    write memory
202
203    - You should see:
204
205Building configuration...
206[OK]
207
208    - To exit type:
209
210    exit
211
21214. Let's run rancid again:
213
214    $ /usr/lib/rancid/bin/rancid-run
215
216    Look at the config and logs
217
218    $ ls /var/lib/rancid/logs/
219
22015. Let's see the differences
221
222    $ cd /var/lib/rancid/all/configs
223    $ ls -l
224
225    You should see all the router config files
226
227    $ cvs log 10.10.254.xxx
228
229    (where xxx is the IP of your router, .129 or .161)
230
231    Notice the revisions.  Let's view the difference between two versions:
232
233    $ cvs diff -u -r 1.2 -r 1.3 10.10.254.xxx | less
234
235    ... can you find your changes ?
236
23716. Check your mail
238
239    As the user "sysadmin", run the "mutt" mailer to see the mails that
240    Rancid has sent:
241
242    $ exit
243    # su - sysadmin
244
245    $ mutt
246
247    If everything goes as planned, you should be able to read the mails
248    sent by Rancid.
249
250    (use q or x to quit mutt)
251
25217. Finally, let's make rancid run automatically every 30 minutes from cron
253
254    $ crontab -e
255
256    - Add this line:
257
258    */30  *  *  *  *  /usr/lib/rancid/bin/rancid-run
259
260    ... then save and quit
261