[rancid] archive cisco command and rancid

'Heasley' heas at shrubbery.net
Mon Mar 23 18:26:53 UTC 2015 

Mon, Mar 23, 2015 at 06:35:18PM +0100, alligator94:
> We use rancid to backup daily around 3700 cisco devices (routers and switches + some WAP and FW) all around the world and let’s say that 10 percent randomly may not be reachable because they are switched off at night or due to any other connectivity issue. As we have the standard rancid configuration, I think that there are 3 retries, so it may take time.
> 
> I have no access right now to the rancid config, but several clogin run in //.
> 
> We have a lot of different models of cisco devices, connected through a stable and not overloaded mpls network or using ipsec tunnels. Some use satellite connectivity in the far east countries.

A few things I can suggest to improve the collection time:
- since you have a lot of devices (probably) with long RTTs
	- increase rancid.conf:PAR_COUNT.  Perhaps double the number of CPUs.
	  most processes will be waiting on the network.  if the host *only*
	  does rancid, increase it furture - perhaps 4 times.  you will have
	  to play with the value a bit to find your acceptable load vs time
	  comfort.
	- if you can separate topologically distanct devices from near by
	  group, you could use <group>/rancid.conf to tailor PAR_COUNT for the
	  workload w/ 3.2.
- if devices may be turned-off or may suffer outages often, these two could be
  separated into a separate group and use <group>/rancid.conf to lower the
  MAX_ROUNDS variable.
- you could also try lowering the timeout in cloginrc for devices that are
  often inaccessible.
- you may also consider switching to svn, which is faster than cvs.  or git,
  but please create a test instance for yourself before moving to git as the
  support is new.
- rancid.conf:NOPIPE=YES will improve performance of the perl part of a
  collection a little.
- also, see the FAQ for triggering rancid runs from syslog configuration
  change messages.  Use that for daily activity and run once a week to CYA.

> Rancid runs on a separate linux system, so it is not disturbing while rancid run is  below 24hours . But I was wondering if, as we don’t change the devices configuration very often, once a week would be enough if we use the “archive “ cisco command to store the updated config. Today we run rancid on a daily basis not to miss any change in the devices configurations.

> As, most part of the time, the configurations have not changed, I would like to use the cisco archive command to ftp the configuration when it is saved in the cisco device. So we could run rancid only once a week .
> 
> Is there a way to process the files sent by ftp as input to rancid to have the formatting and the differences processed and stored as with native rancid?

I've not tried transfering the archives from devices.  there is no support
currently for reading the ftp file, but it is of course entirely possible
to add such a mechanism.  but, it would still need to connect to the device
to collect other info, or at least show version.

More information about the Rancid-discuss mailing list