configuration sanity check

• Previous message (by thread): configuration sanity check
• Next message (by thread): configuration sanity check
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Oct 29, 2015 at 09:16:48AM +0100, marcel.duregards at yahoo.fr wrote:
> Hi Nanogers,
> 
> Any recommendation about a software which check the live config of
> cisco/juniper devices against some templates ?
> 
> The goal is to have a template about different function device, like:
> - CORE device must have this bloc and this clock
> - PE device must have at least that and that
> - CPE must have this and that
> - Distrib switch block 1 and block2
> - etc...
> 
> And the software run once every day to check which device do not
> comply with those rules and generate an alert.

For Juniper at least, you can use "commit scripts" to enforce these
rules in real time each time a configuration commit is performed--if
the candidiate configuration change doesn't follow the rules, the
commit fails (or the configuration can be changed automatically to do
something).  For example "all interfaces must have a description on
them", or "changes to MSTI configuration are not allowed".

• Previous message (by thread): configuration sanity check
• Next message (by thread): configuration sanity check
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]