[rancid] Re: ASA and Cryptochecksum?
Daniel Medina
daniel.medina at gmail.com
Sat Aug 23 02:34:22 UTC 2008
On Fri, Aug 22, 2008 at 05:57:34PM -0500, K K wrote:
> With an ASA5510, every so often there is a "... router config diffs"
> email where the only diff reported is the Cryptochecksum. Is this
> normal?
Since Cryptochecksum is supposed to represent the contents of the config, I'm
guessing that something actually is changing, but Rancid is suppressing the
change to avoid spurious diffs. Think junk like "ntp clock-period" or
"<removed>" passwords. Or it could be happening on the device side with
"password ****************", but I'm not sure how that masking affects the
checksum on that device.
Having the raw output (pre-processing) may help to figure out what's going on.
> Index: configs/employeevpn
> ===================================================================
> retrieving revision 1.9
> diff -U4 -r1.9 employeevpn
> @@ -953,6 +953,6 @@
> inspect xdmcp
> !
> service-policy global_policy global
> prompt hostname context
> - Cryptochecksum:ddc64c508c15f2db0b322eeae8842877
> + Cryptochecksum:28a9e4a2481c5008cd6431ff34bb23d6
> : end
--
Dan
More information about the Rancid-discuss
mailing list