Real network failure causes Was: What do you want your ISP to block today?
Joe Abley
jabley at isc.org
Thu Sep 4 14:56:55 UTC 2003
On Thursday, Sep 4, 2003, at 09:59 Canada/Eastern, Ian Mason wrote:
> The best diagnostic tool I've ever had is a script I cobbled together
> over two hours one night. Once an hour, it simply collected all the
> router configs across the network, did a 'diff' between the current
> and last config, and if there were changes, emailed them to me, along
> with a TACACS+ log summary that showed who had logged into which
> router when.
There are a couple of tools I know about which will do the first part
(the config diffing part). Both are easy to extend if you wanted to
include other bits (such as tac-plus log summaries).
http://www.shrubbery.net/rancid/
http://buffoon.automagic.org/dist/ciscoconf-1.1.tar.gz
I wrote ciscoconf. I would recommend that everybody use rancid instead.
> Experience with this quickly taught me to check these summary change
> logs whenever a problem was escalated to me. Most times the problem
> was related to a config change, not an external cause. Further
> experience taught me to look out for one particular engineers name in
> the logs but that's another story.
Amen to all that.
Joe
More information about the NANOG
mailing list