I like RCS better than RANCID for config change tracking, although an
ideal system would probably involve both.
Indeed, an ideal management framework would include:
1. A tool in which to record the desired (past, current, future) state
of network devices. Bonus points for having a difference engine
capable of providing the difference between revisions in the form
of config statements.
2. A tool in which to record the actual state of network devices
(rancid falls into this category).
3. A tool to reconcile 1 and 2. Bonus points for an ability to
differentiate planned-but-yet-to-be-applied changes (i.e. the
current revision in tool 2's repository matches a les-than-current
revision in tool 1's repository) from unauthorized changes detected
by tool 2 but not documented in tool 1. More bonus points for
applying the difference engine described in tool 1 to propose the
configuration statements necessary to undo unauthorized changes.
Stephen
Indeed, an ideal management framework would include:
0. a system to generate all pieces of network configuration
from high-level descriptions and enterprise data such as
dns, ip addr assignments, ...
at least those parts of configuration which are not
created dynamically by self-configuring components.
1. A tool in which to record the desired (past, current, future) state
of network devices. Bonus points for having a difference engine
capable of providing the difference between revisions in the form
of config statements.
2. A tool in which to record the actual state of network devices
(rancid falls into this category).
3. A tool to reconcile 1 and 2. Bonus points for an ability to
differentiate planned-but-yet-to-be-applied changes (i.e. the
current revision in tool 2's repository matches a les-than-current
revision in tool 1's repository) from unauthorized changes detected
by tool 2 but not documented in tool 1. More bonus points for
applying the difference engine described in tool 1 to propose the
configuration statements necessary to undo unauthorized changes.
randy