Main Nav

Howdy! We are keeping our eyes open for network equipment configuration management tools (commercial or open-source) that can give us : * configuration backups, * diff detection/alerting, * capability to issue commands to multiple devices * some way to automate / auto-discover the devices We are using older switches and need a solution that supports multiple vendors and some kind of access to the backend or an API is important for us. In the past we've been using cat-tools which is "meh" but doesn't provide any interface for us to automate it outside the GUI. I realize this topic seems to come up every few years (just based off sifting through the archives). I wanted to bring it up again to determine if there are any new technologies out there I should check out. Thanks in advance for any advice. -- --Mike Sheinberg ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Comments

Message from elvis_seth@brown.edu

Solarwinds Orion Network Configuration Manager is a simple but effective tool. It is a commercial tool but relatively low cost depending on the number of devices. It has a scripting engine that allows you to add devices that might not be supported.

We currently use Kiwi CatTools. We use it for backups and modify configurations on different cisco switches and routers. Backups also can be done for Juniper equipment. Pretty customizable and can simply send the sequence of commands as if on the device itself. The GUI is pretty straight forward and easy to work with. It is a commercial solution but not expensive. We currently have 150+ devices and dont recall any license limitations.

Thanks,
Gonzalo
---
Gonzalo Cervantes
Associate Director, Network Services
Barnard College, Columbia University
gcervantes@barnard.edu
212-854-8795
barnard.edu/bcit

《Sent from mobile device》

On Sep 23, 2013 4:36 PM, "Elvis Seth" <elvis_seth@brown.edu> wrote:
Solarwinds Orion Network Configuration Manager is a simple but effective
tool. It is a commercial tool but relatively low cost depending on the
number of devices. It has a scripting engine that allows you to add
devices that might not be supported.

We also use Kiwi CatTools. I feel it's the best bang for buck network management tool out there. I've never had an issue with backups or with running mass commands to over 100 devices. I've used it to issue commands to a few non-Cisco devices as well.


On 9/23/2013 5:24 PM, Gonzalo Cervantes wrote:

We currently use Kiwi CatTools. We use it for backups and modify configurations on different cisco switches and routers. Backups also can be done for Juniper equipment. Pretty customizable and can simply send the sequence of commands as if on the device itself. The GUI is pretty straight forward and easy to work with. It is a commercial solution but not expensive. We currently have 150+ devices and dont recall any license limitations.

Thanks,
Gonzalo
---
Gonzalo Cervantes
Associate Director, Network Services
Barnard College, Columbia University
gcervantes@barnard.edu
212-854-8795
barnard.edu/bcit

《Sent from mobile device》

On Sep 23, 2013 4:36 PM, "Elvis Seth" <elvis_seth@brown.edu> wrote:
Solarwinds Orion Network Configuration Manager is a simple but effective
tool. It is a commercial tool but relatively low cost depending on the
number of devices. It has a scripting engine that allows you to add
devices that might not be supported.

Message from dwcarder@wisc.edu

Thus spake Michael L. Sheinberg (msheiny@SEAS.UPENN.EDU) on Mon, Sep 23, 2013 at 04:32:01PM -0400: > > We are keeping our eyes open for network equipment configuration > management tools (commercial or open-source) that > can give us : > > * configuration backups, > * diff detection/alerting, > * capability to issue commands to multiple devices > * some way to automate / auto-discover the devices Have you looked at RANCID? Dale ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

We use Kiwi here as well for about 700 devices. The only thing on your list it won’t do is auto-discovery, but if you have the necessary information (IP address and authentication) it is easy to import your devices. Like others have said, it’s relatively cheap, and I think it’s free for up to 10 devices if you wanted to try it out.

 

From: The EDUCAUSE Network Management Constituent Group Listserv [mailto:NETMAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Vlade Ristevski
Sent: Tuesday, September 24, 2013 7:47 AM
To: NETMAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [NETMAN] Configuration Management ?

 

We also use Kiwi CatTools. I feel it's the best bang for buck network management tool out there. I've never had an issue with backups or with running mass commands to over 100 devices. I've used it to issue commands to a few non-Cisco devices as well.

On 9/23/2013 5:24 PM, Gonzalo Cervantes wrote:

We currently use Kiwi CatTools. We use it for backups and modify configurations on different cisco switches and routers. Backups also can be done for Juniper equipment. Pretty customizable and can simply send the sequence of commands as if on the device itself. The GUI is pretty straight forward and easy to work with. It is a commercial solution but not expensive. We currently have 150+ devices and dont recall any license limitations.

Thanks,
Gonzalo
---
Gonzalo Cervantes
Associate Director, Network Services
Barnard College, Columbia University
gcervantes@barnard.edu
212-854-8795
barnard.edu/bcit

《Sent from mobile device》

On Sep 23, 2013 4:36 PM, "Elvis Seth" <elvis_seth@brown.edu> wrote:

Solarwinds Orion Network Configuration Manager is a simple but effective
tool. It is a commercial tool but relatively low cost depending on the
number of devices. It has a scripting engine that allows you to add
devices that might not be supported.

+1 for Rancid, for backup and change notification and version control.  Tho it does not auto-discover or send config changes to multiple switches without a great deal of scripting and re-tooling.



Dennis Bohn
Manager of Network and Systems
Adelphi University
bohn@adelphi.edu
5168773327


Message from dwcarder@wisc.edu

Thus spake Dennis Bohn (bohn@ADELPHI.EDU) on Tue, Sep 24, 2013 at 09:57:34AM -0400: > +1 for Rancid, for backup and change notification and version control. Tho > it does not auto-discover or send config changes to multiple switches > without a great deal of scripting and re-tooling. I wouldn't call sending config changes a great deal of scripting: cat mydevices.txt | xargs clogin -x run_these_commands.txt At our peak when we had autonomous AP's we managed ~4500 devices with little more than this plus using xarg's -P option. Dale ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Message from dannyeaton@rice.edu

We use Kiwi Cat Tools, as well (albeit, an old version from many years ago, v3.2.19).  We’ve got about 450 routers/switches in it.  For configuration backup and/or config-diff reports, it’s great – runs automatically, and emails a report of the differences every night.  The only issue we’ve encountered is that the database seems to grow ever larger – even with a “squeeze”.

 

 

 

We currently use Kiwi CatTools. We use it for backups and modify configurations on different cisco switches and routers. Backups also can be done for Juniper equipment. Pretty customizable and can simply send the sequence of commands as if on the device itself. The GUI is pretty straight forward and easy to work with. It is a commercial solution but not expensive. We currently have 150+ devices and dont recall any license limitations.

Thanks,
Gonzalo
---
Gonzalo Cervantes
Associate Director, Network Services
Barnard College, Columbia University
gcervantes@barnard.edu
212-854-8795
barnard.edu/bcit

《Sent from mobile device》

On Sep 23, 2013 4:36 PM, "Elvis Seth" <elvis_seth@brown.edu> wrote:

Solarwinds Orion Network Configuration Manager is a simple but effective
tool. It is a commercial tool but relatively low cost depending on the
number of devices. It has a scripting engine that allows you to add
devices that might not be supported.


I've used Rancid as well in the past. Being open source and CLI it is very versatile if you have the right skill set, but most network engineers I've worked with weren't comfortable in linux and certainly weren't going to be doing any scripting. I moved to Kiwi because I don't like being the only person who can work on a system (my plan didn't work, I still got stuck managing Kiwi).
I'm surprised by how many people are using cat-tools to manage a large number of switches. I guess there aren't a lot of cheap alternatives. Although I did just discover today that they have a VB script API to manage device listings. I've briefly looked into rancid and am definitely comfortable with the scripting/linux aspect. I didn't realize rancid had this clogin command to run arbitrary switch commands. Is rancid a pain for non-IOS devices? Is anyone here using the rancid-git patches? I like the whole repository thing but didn't like that the original is using CVS. Thanks! Mike ----------------------------------------------------------------------- I've used Rancid as well in the past. Being open source and CLI it is very versatile if you have the right skill set, but most network engineers I've worked with weren't comfortable in linux and certainly weren't going to be doing any scripting. I moved to Kiwi because I don't like being the only person who can work on a system (my plan didn't work, I still got stuck managing Kiwi).
+10 for rancid!  :)  I am able to run 'show' commands to all my switches simultaneously and record the results in a file hierarchy using a simple script using rancid facilities.  It's invaluable.

John


On Tue, Sep 24, 2013 at 11:21:42AM -0400, Michael L. Sheinberg wrote: > Is rancid a pain for non-IOS devices? We've been using RANCID with Nortel/Avaya (BayStack, Passport, 7230 wireless bridges), F5 load balancers, A10 load balancers, Ruckus wireless, Trapeze wireless, and Juniper JUNOS devices for years. We did write our own support for several of these, and I've done some tweaks to the JUNOS scripts, mainly adding new commands to collect the output from. We're currently working on developing Ubiquiti scripts. RANCID has been great due to the ease of extending it to support new devices. I can't imagine a commercial product supporting all of these devices and having the same level of flexibility. > Is anyone here using the rancid-git patches? I like the whole repository > thing but didn't like that the original is using CVS. Hadn't heard of them, but I'll check those out now, thanks. We've been using Subversion instead of CVS. I also wrote a custom "diff" filter for it because the stock "svn diff" doesn't support diff filters well. The custom "diff" filters out changes we don't want to see in the hourly emails. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

I’ve used it with Cisco, Adtran (very IOS-like) , and Foundry/Brocade equipment (and probably a few I don’t remember) without much trouble. It’s been a long time since I used it, but my recollection is that it’s basically just a bunch of expect scripts, so modifying existing scripts or creating your own is relatively easy.

 

From: The EDUCAUSE Network Management Constituent Group Listserv [mailto:NETMAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Dennis Bohn
Sent: Tuesday, September 24, 2013 10:53 AM
To: NETMAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [NETMAN] Configuration Management ?

 

+1 for Rancid, used for config backups and diff with Cisco and Juniper devices. ---- Brett Kish Network Engineer Northwood University 989-837-4235 kishb@northwood.edu From: John McMillan > Reply-To: The EDUCAUSE Network Management Constituent Group Listserv > Date: Tuesday, September 24, 2013 11:59 AM To: "NETMAN@LISTSERV.EDUCAUSE.EDU" > Subject: Re: [NETMAN] Configuration Management ? I’ve used it with Cisco, Adtran (very IOS-like) , and Foundry/Brocade equipment (and probably a few I don’t remember) without much trouble. It’s been a long time since I used it, but my recollection is that it’s basically just a bunch of expect scripts, so modifying existing scripts or creating your own is relatively easy. From: The EDUCAUSE Network Management Constituent Group Listserv [mailto:NETMAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Dennis Bohn Sent: Tuesday, September 24, 2013 10:53 AM To: NETMAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [NETMAN] Configuration Management ?
RANCID can be installed as a package in Ubuntu.  This can mitigate much of the heartache of an open-source install so one is not caught in a dependency hell-realm.  As we like to say whenever we are making a network change:
"What's the worst that could happen?"
Good Luck!  

Dennis Bohn
Manager of Network and Systems
Adelphi University
bohn@adelphi.edu
5168773327


We started using rancid back in 2001 and we've done a lot of work on the code to customize it for our environment.  Among other things we've pulled out the subroutines into separate Perl modules for different vendors/devices (plus a generic "RANCIDsubs.pm" for those routines common to all devices), etc., to make it easy to write new scripts for whatever new devices, commands, or syntax changes due to firmware updates that may come along.

W've got Xlogin scripts working for X = IOS, CatOS, Force10, and JunOS; Cisco CSS, ACE, ASA and FWSM; Meru and Cisco wireless controllers and access points; and maybe a few others I've forgotten.  

W've got scripts to pull configs from multi-context ACE and ASA/FWSM devices; pull ARP and routing tables from IOS, Force10 and JunOS; collect OSPF neighbors and interface costs; etc.

If you have any facility with Perl then it's pretty easy to add whatever commands you want to issue; dealing with expect to handle different vendors is a bit more complicated (at least for me, since I'm not fluent in TCL) but doable.

So I too highly recommend Rancid.  (Besides, I've got carpal tunnel problems and hate having to mouse through a GUI.)



Hi Kurt,

Have you thought of submitting your changes upstream?  John Heasley is in the process of releasing v3.0, in alpha now.

    -John

Sent from my iPad

On Sep 24, 2013, at 1:48 PM, "Kurt Hillig" <khillig@UMICH.EDU> wrote:

We started using rancid back in 2001 and we've done a lot of work on the code to customize it for our environment.  Among other things we've pulled out the subroutines into separate Perl modules for different vendors/devices (plus a generic "RANCIDsubs.pm" for those routines common to all devices), etc., to make it easy to write new scripts for whatever new devices, commands, or syntax changes due to firmware updates that may come along.

W've got Xlogin scripts working for X = IOS, CatOS, Force10, and JunOS; Cisco CSS, ACE, ASA and FWSM; Meru and Cisco wireless controllers and access points; and maybe a few others I've forgotten.  

W've got scripts to pull configs from multi-context ACE and ASA/FWSM devices; pull ARP and routing tables from IOS, Force10 and JunOS; collect OSPF neighbors and interface costs; etc.

If you have any facility with Perl then it's pretty easy to add whatever commands you want to issue; dealing with expect to handle different vendors is a bit more complicated (at least for me, since I'm not fluent in TCL) but doable.

So I too highly recommend Rancid.  (Besides, I've got carpal tunnel problems and hate having to mouse through a GUI.)



Close
Close


Annual Conference
September 29–October 2
Register Now!

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.