Sebuah perusahaan memiliki ratusan cisco devices (switch,router) dan memiliki beberapa networks engineer yang bertugas mengadminister semua devices tersebut. Untuk memantau setiap perubahan yang terjadi di antara ratusan cisco tersebut dibutuhkan software. Untuk ini saya mengajukan Rancid sebagai software tools untuk melakukan update setiap perubahan konfigurasi yang terjadi di ratusan cisco tersebut disamping itu Rancid juga dapat dijadikan backup konfigurasi pada ratusan Cisco di perusahaan ini. Rancid dapat menggantikan fungsi CiscoWorks yang berbayar. Fitur reportnya bisa melalui email dan web based. Rancid menggunakan CVS (Concurrent Version System) atau Subversion untuk memaintain setiap history perubahan pada cisco. Rancid juga dapat digunakan pada produk switch lain seperti Juniper routers, Catalyst switches, Foundry switches, Redback NASs, ADC EZT3 muxes, MRTd (IRRd), Alteon switches, HP Procurve switches dan sebagainya.
Berikut cara installasi, setup, dan konfigurasi Rancid 2.3.6 pada mesin sistem operasi Linux distribusi Debian Lenny.
Sistem operasi Linux distribusi Debian Lenny sudah terinstall.
INSTALASI RANCID
rancid:/home/gtoms# apt-get install rancid-core rancid-util cvs cvsweb
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following extra packages will be installed:
expect libconvert-binhex-perl libio-pty-perl libio-stringy-perl libipc-run-perl libmime-tools-perl rancid rcs tcl8.5
Suggested packages:
cvsgraph enscript libmime-types-perl expectk diffstat tclreadline
The following NEW packages will be installed:
cvs cvsweb expect libconvert-binhex-perl libio-pty-perl libio-stringy-perl libipc-run-perl libmime-tools-perl rancid rancid-core rancid-util rcs tcl8.5
0 upgraded, 13 newly installed, 0 to remove and 0 not upgraded.
Need to get 4,834 kB of archives.
After this operation, 12.8 MB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://ftp.us.debian.org/debian/ squeeze/main cvs amd64 1:1.12.13-12 [1,721 kB]
Get:2 http://ftp.us.debian.org/debian/ squeeze/main rcs amd64 5.7-25 [378 kB]
Get:3 http://ftp.us.debian.org/debian/ squeeze/main libio-pty-perl amd64 1:1.08-1 [42.5 kB]
Get:4 http://ftp.us.debian.org/debian/ squeeze/main libipc-run-perl all 0.89-1 [109 kB]
Get:5 http://ftp.us.debian.org/debian/ squeeze/main libconvert-binhex-perl all 1.119+pristine-3 [30.3 kB]
Get:6 http://ftp.us.debian.org/debian/ squeeze/main libio-stringy-perl all 2.110-4 [99.7 kB]
Get:7 http://ftp.us.debian.org/debian/ squeeze/main libmime-tools-perl all 5.428-1 [238 kB]
Get:8 http://ftp.us.debian.org/debian/ squeeze/main cvsweb all 3:3.0.6-5 [67.2 kB]
Get:9 http://ftp.us.debian.org/debian/ squeeze/main tcl8.5 amd64 8.5.8-2 [1,599 kB]
Get:10 http://ftp.us.debian.org/debian/ squeeze/main expect amd64 5.44.1.15-4 [250 kB]
Get:11 http://ftp.us.debian.org/debian/ squeeze/main rancid amd64 2.3.3-1 [258 kB]
Get:12 http://ftp.us.debian.org/debian/ squeeze/main rancid-core all 2.3.3-1 [20.7 kB]
Get:13 http://ftp.us.debian.org/debian/ squeeze/main rancid-util all 2.3.3-1 [20.7 kB]
Fetched 4,834 kB in 10s (462 kB/s)
Preconfiguring packages …
Selecting previously deselected package cvs.
(Reading database … 34070 files and directories currently installed.)
Unpacking cvs (from …/cvs_1%3a1.12.13-12_amd64.deb) …
Selecting previously deselected package rcs.
Unpacking rcs (from …/archives/rcs_5.7-25_amd64.deb) …
Selecting previously deselected package libio-pty-perl.
Unpacking libio-pty-perl (from …/libio-pty-perl_1%3a1.08-1_amd64.deb) …
Selecting previously deselected package libipc-run-perl.
Unpacking libipc-run-perl (from …/libipc-run-perl_0.89-1_all.deb) …
Selecting previously deselected package libconvert-binhex-perl.
Unpacking libconvert-binhex-perl (from …/libconvert-binhex-perl_1.119+pristine-3_all.deb) …
Selecting previously deselected package libio-stringy-perl.
Unpacking libio-stringy-perl (from …/libio-stringy-perl_2.110-4_all.deb) …
Selecting previously deselected package libmime-tools-perl.
Unpacking libmime-tools-perl (from …/libmime-tools-perl_5.428-1_all.deb) …
Selecting previously deselected package cvsweb.
Unpacking cvsweb (from …/cvsweb_3%3a3.0.6-5_all.deb) …
Selecting previously deselected package tcl8.5.
Unpacking tcl8.5 (from …/tcl8.5_8.5.8-2_amd64.deb) …
Selecting previously deselected package expect.
Unpacking expect (from …/expect_5.44.1.15-4_amd64.deb) …
Selecting previously deselected package rancid.
Unpacking rancid (from …/rancid_2.3.3-1_amd64.deb) …
Selecting previously deselected package rancid-core.
Unpacking rancid-core (from …/rancid-core_2.3.3-1_all.deb) …
Selecting previously deselected package rancid-util.
Unpacking rancid-util (from …/rancid-util_2.3.3-1_all.deb) …
Processing triggers for install-info …
Processing triggers for man-db …
Setting up cvs (1:1.12.13-12) …
Ignoring install-info called from maintainer script
The package cvs should be rebuilt with new debhelper to get trigger support
Ignoring install-info called from maintainer script
The package cvs should be rebuilt with new debhelper to get trigger support
Setting up rcs (5.7-25) …
Setting up libio-pty-perl (1:1.08-1) …
Setting up libipc-run-perl (0.89-1) …
Setting up libconvert-binhex-perl (1.119+pristine-3) …
Setting up libio-stringy-perl (2.110-4) …
Setting up libmime-tools-perl (5.428-1) …
Setting up cvsweb (3:3.0.6-5) …
Setting up tcl8.5 (8.5.8-2) …
update-alternatives: using /usr/bin/tclsh8.5 to provide /usr/bin/tclsh (tclsh) in auto mode.
Setting up expect (5.44.1.15-4) …
Setting up rancid (2.3.3-1) …
adduser: Warning: The home directory `/var/lib/rancid’ does not belong to the user you are currently creating.
Setting up rancid-core (2.3.3-1) …
Setting up rancid-util (2.3.3-1) …
rancid:/home/gtoms#
Definisikan semua hostname dan IP Addres Cisco pada /etc/hosts seperti contoh dibawah ini :
202.100.1.2 1.Africa01-COR01-C6509
41.41.41.41 2.Africa01-COR01-C6509
196.1.2.3 3.US01-UST01-C3550
——-dan seterusnya————
KONFIGURASI RANCID
rancid:/home/gtoms# nano /var/lib/rancid/bin/rancid
{‘show running-config’ => ‘WriteTerm’},
change to :
{‘show config’ => ‘WriteTerm’},
rancid:/home/gtoms# nano /etc/rancid/rancid.conf
TERM=network;export TERM
umask 027
TMPDIR=/tmp; export TMPDIR
BASEDIR=/var/lib/rancid; export BASEDIR
PATH=/usr/lib/rancid/bin:/usr/bin:/usr/sbin:/bin:/usr/local/bin:/usr/bin; export PATH
CVSROOT=$BASEDIR/CVS; export CVSROOT
LOGDIR=$BASEDIR/logs; export LOGDIR
RCSSYS=cvs; export RCSSYS
LIST_OF_GROUPS=”africacisco”
rancid:/home/gtoms# cd /etc/rancid
rancid:/etc/rancid# su -s /bin/bash rancid
Untuk bisa login dan mendapatkan konfigurasi pada Cisco ya ng aktif dibutuhkan user login ke Cisco, User dan password dicreate di semua Cisco, jika Cisconya berjumlah ratusan bisa pakai Radius untuk memudahkan pembuatan user, jadi tidak dicreate satu persatu pada semua Cisco. Pada implementasi ini Radiusnya menggunakan Radiator.
rancid@rancid:/etc/rancid$ nano /var/lib/rancid/.cloginrc
add autoenable * 1
add method * telnet
add user * rancid
add password * blablabla
rancid@rancid:/etc/rancid$ chmod 640 /var/lib/rancid/.cloginrc
rancid@rancid:/etc/rancid$ /usr/lib/rancid/bin/rancid-cvs
No conflicts created by this import
cvs checkout: Updating africacisco
Directory /var/lib/rancid/CVS/netcomcisco/configs added to the repository
cvs commit: Examining configs
cvs add: scheduling file `router.db’ for addition
cvs add: use `cvs commit’ to add this file permanently
/var/lib/rancid/CVS/africacisco/router.db,v <– router.db
initial revision: 1.1
rancid@rancid:/etc/rancid$
rancid@rancid:/etc/rancid$ nano /var/lib/rancid/netcomcisco/router.db
1.Africa01-COR01-C6509:cisco:up
2.Africa01-EDG01-C3550:cisco:up
3.Africa01-DMZ01-C3500:cisco:up
4.Africa01-ACS01-C3550:cisco:up
5.Africa03-ACS01-3750ME:cisco:up
6.Africa01-ACS01-C3550:cisco:up
7.Africa01-ACS01-C3550:cisco:up
8.Africa01-ACS01-C3550:cisco:up
9.Africa01-ACS01-C3550:cisco:up
10.AfricaL01-ACS01-C3560:cisco:up
11.Africa01-ACS02-C3550:cisco:up
12.Africa02-ACS01-C3750ME:cisco:up
13.Africa01-ACS02-C3550:cisco:up
14.Africa01-ACS02-C3550:cisco:up
15.Africa03-ACS02-C3550:cisco:up
16.Africa03-ACS03-C3550:cisco:up
17.Africa_CR_L2W2950:cisco:up
18.Africa01-ENG01-C3524:cisco:up
19.Africa7A-ENG02-C3524:cisco:up
20.Africa7B-ENG03-C3524:cisco:up
21.Africa02-ACS01-C3550:cisco:up
22.Africa01-ACS02-C3550:cisco:up
23.Africa01-EDG02-C3750G:cisco:up
24.US01-TUN01-C3550:cisco:up
25.US01-TUN02-C3550:cisco:up
26.AfricaDC01-C3640:cisco:up
27.US01-UST02-C3550:cisco:up
28.LAG7140_P:cisco:up
29.US01-EDG01-C7204:cisco:up
30.US01-COR01-C6509:cisco:up
31.US01-UST01-C3550:cisco:up
32.AfricaLAG2511:cisco:up
33.UK01-SVR01-ConS:cisco:up
34.UK01-COR01-C7613:cisco:up
35.Africa01-COR01-C7613:cisco:up
36.UK01-EDG01-C3750:cisco:up
37.UK01-COR01-C7206:cisco:up
38.Africa01-ACS01-C7301:cisco:up
39.Africa01-ACS01-C3750ME:cisco:up
40.Africa01-ACR01-C7206VXR:cisco:up
—–dan seterusnya————
rancid@rancid:/etc/rancid$ /usr/bin/rancid-run
——sample ps axf——————
1426 ? Ss 0:00 \_ sshd: gtoms [priv]
1429 ? S 0:00 | \_ sshd: gtoms@pts/0
1430 pts/0 Ss 0:00 | \_ -bash
1445 pts/0 S 0:00 | \_ sudo su
1446 pts/0 S 0:00 | \_ su
1447 pts/0 S 0:00 | \_ bash
1931 pts/0 S 0:00 | \_ su -s /bin/bash rancid
1932 pts/0 S 0:00 | \_ bash
1933 pts/0 S+ 0:00 | \_ /bin/sh /usr/lib/rancid/bin/rancid-run
1935 pts/0 S+ 0:00 | \_ /bin/sh /usr/lib/rancid/bin/rancid-run
1938 pts/0 S+ 0:00 | \_ /bin/sh /usr/lib/rancid/bin/control_rancid africacisco
3781 pts/0 S+ 0:00 | \_ /usr/bin/perl /usr/lib/rancid/bin/rancid_par -q -n 5 -c rancid-fe \{} /var/lib/rancid/africacisco/routers.up.missed
3968 pts/0 S+ 0:00 | \_ sh -c (rancid-fe \32.africa2511:cisco)
3969 pts/0 S+ 0:00 | \_ /usr/bin/perl /usr/lib/rancid/bin/rancid 32.africa2511
3970 pts/0 S+ 0:00 | \_ sh -c clogin -t 90 -c “admin show version;show version;show redundancy secondary;show idprom backplane;show install acti
3971 pts/0 Sl+ 0:00 | \_ /usr/bin/expect — /usr/lib/rancid/bin/clogin -t 90 -c admin show version;show version;show redundancy secondary;sho
3973 pts/2 Ss+ 0:00 | \_ telnet 32.africa2511
rancid:/etc/rancid# cd /var/log/rancid/
rancid:/var/log/rancid# ls -al
total 56
drwxr-xr-x 2 rancid rancid 4096 Jul 3 17:21 .
drwxr-xr-x 13 root root 4096 Jul 3 16:56 ..
-rw-r—– 1 rancid rancid 45215 Jul 3 17:31 africacisco.20110703.172129
rancid@rancid:/etc/rancid$ /usr/lib/rancid/bin/rancid-run
You have new mail in /var/mail/rancid
rancid@rancid:/etc/rancid$ exit
LOG :
rancid:/var/log/rancid# cat africacisco.20110703.172129
starting: Sun Jul 3 17:21:29 WAT 2011
cvs add: scheduling file `10.africa01-acs01-c3560′ for addition
cvs add: use `cvs commit’ to add this file permanently
/var/lib/rancid/CVS/africacisco/configs/10.africa01-acs01-c3560,v <– 10.africa01-acs01-c3560
initial revision: 1.1
Added 10.africa01-acs01-c3560
cvs add: scheduling file `11.africa01-acs02-c3550′ for addition
cvs add: use `cvs commit’ to add this file permanently
/var/lib/rancid/CVS/africacisco/configs/11.africa01-acs02-c3550,v <– 11.africa01-acs02-c3550
initial revision: 1.1
Added 11.africa01-acs02-c3550
cvs add: scheduling file `12.africa02-acs01-c3750me’ for addition
cvs add: use `cvs commit’ to add this file permanently
/var/lib/rancid/CVS/africamcisco/configs/12.africa02-acs01-c3750me,v <– 12.africa02-acs01-c3750me
initial revision: 1.1
Added 12.africa02-acs01-c3750me
cvs add: scheduling file `13.africa01-acs02-c3550′ for addition
cvs add: use `cvs commit’ to add this file permanently
/var/lib/rancid/CVS/africacisco/configs/13.africa01-acs02-c3550,v <– 13.africa01-acs02-c3550
initial revision: 1.1
Added 13.africa01-acs02-c3550
cvs add: scheduling file `14.africa01-acs02-c3550′ for addition
cvs add: use `cvs commit’ to add this file permanently
/var/lib/rancid/CVS/africacisco/configs/14.africa01-acs02-c3550,v <– 14.africa01-acs02-c3550
initial revision: 1.1
Added 14.africa01-acs02-c3550
cvs add: scheduling file `15.africa03-acs02-c3550′ for addition
cvs add: use `cvs commit’ to add this file permanently
/var/lib/rancid/CVS/africacisco/configs/15.lafrica03-acs02-c3550,v <– 15.africa03-acs02-c3550
initial revision: 1.1
Added 15.africa03-acs02-c3550
rancid:/var/log/rancid# cat /var/log/rancid/africacisco.20110803.100001
starting: Wed Aug 3 10:00:01 WAT 2011
Trying to get all of the configs.
All routers sucessfully completed.
cvs diff: Diffing .
cvs diff: Diffing configs
cvs commit: Examining .
cvs commit: Examining configs
ending: Wed Aug 3 10:01:51 WAT 2011
rancid:/var/log/rancid#
KONFIGURASI REPORTING via WEB & EMAIL
rancid:/etc/rancid# nano /etc/cvsweb/cvsweb.conf
@CVSrepositories = (
‘local’ => [‘Local Repository’, ‘/var/cvs’],
‘africacisco’ => [‘africacisco backup’, ‘/var/lib/rancid/CVS’],
# ‘openbsd’ => [‘OpenBSD’, ‘/var/ncvs’],
# ‘netbsd’ => [‘NetBSD’, ‘/var/ncvs’],
# ‘ruby’ => [‘Ruby’, ‘/var/anoncvs/ruby’],
);
rancid:/etc/rancid# ln -s /usr/share/cvsweb /var/www/cvsweb
Testing browse : http://ipatauhostname/cgi-bin/cvsweb/africacisco/configs/?cvsroot=africacisco
Jangan lupa Setup htpasswd untuk user authentication.
Konfigurasi email reporting, bisa diatur setiap berapa jam mengupdate.
rancid:/etc/rancid# sudo crontab -u rancid -e
0 */2 * * * /usr/bin/rancid-run
rancid:/etc/rancid# nano /etc/aliases
rancid-africacisco: net-admin@africang.com
rancid:/etc/rancid# newaliases
rancid:/etc/rancid# apt-get install postfix
rancid:/etc/rancid# nano /etc/postfix/main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_dot_mydomain = no
readme_directory = no
myhostname = rancid.africang.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = rancid.africang.com, localhost.africang.com, localhost
relayhost = mail.corps.africang.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a “$EXTENSION”
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
rancid:/etc/rancid# /etc/init.d/postfix restart
sample capture reporting via email :
Selesai.
Contact : henry@gultom.or.id
bang untuk status router yang di nano /var/lib/rancid/netcomcisco/router.db itu sudah otomatis ada ya atau kita tulis manual . . soalnya sya sudah cobak tapi kok itu ditempat sya gak keliatan,, padahal sya sudah mendefinisikan nama dari masing2 routernya … sya membuat simulasi routernya menggunakan GNS3 bang . . mohon pencerahannya bang
bang untuk daftar router yang di file nano /var/lib/rancid/netcomcisco/router.db itu sudah otomatis ada yaa . .kok sya coba ndak ada keluar bang . . saya simulasikan routernya menggunakan GNS3 . . .mohon pencerahannya bang thanks :)