rancid is really more than just a Cisco configuration differ. It
handles several different device's configurations; currently including
Alteon, Arista, Bay Networks (Nortel), Cisco, Extreme, F5 BigIP,
Force10, Fortinet, Foundry, HP Procurve switches, Hitachi, Juniper
Routers and edge (ERX) routers, MRTd daemon, Microtik routers,
Netscalar load balancers, Netscreen firewalls, Procket, Redback, SMC
switches, Xirrus arrays, Zebra routing software, and the ADC-Kentrox
rancid uses an expect script to login using ssh, telnet, or rsh to each
of a list of devices and run a set of commands for that device-type and
collects the output. The output is run through some filtering to
summarize, reformat, and/or snip unwanted or security related data such
as chassis temperature and easily reverse-able passwords.
Named after the device's name in the group's configuration file
(router.db), the resulting files are saved in the directory
<group>/configs. Except for the data filtered from the configuration
file for security reasons, such as reversable passwords, these files
are suitable for loading directly to restore a lost configuration. See
rancid.conf(5) for more information on <group>s.
After filtering, a uni-diff (see diff(1)) of the result is produced for
each of the devices in a group against that of the previous run of
rancid and is e-mailed to that group's mail list, "rancid-<group>".
This e-mail will also include any differences of the device list in the
group's configuration file, router.db.
Lastly, all the updated files are checked into the revision control
system (CVS, Subversion, or git). And, administrative messages, such
as collections that are failing for longer than OLDTIME, are mailed to
Additional utilities, including a looking glass, come with rancid. See
rancid's share directory ( share/rancid).
Below is a sample of a uni-diff produced from the group "shrubbery" for
the device named dfw.shrubbery.net, which happens to be a Cisco GSR.
Subject: shrubbery router config diffs
retrieving revision 1.144
diff -u -4 -r1.144 dfw.shrubbery.net
@@ -57,14 +57,8 @@
In this example, we see that a Gigabit Ethernet linecard was removed
from slot 6. However, since this data is collected from "show"
commands on the router, it could just as easily be that the card
crashed so the RP can not communicate with it to collect information.
Installation instructions are included in the distribution's top-level
directory in the README file (which will be installed in share/rancid).
Once the installation is complete, start by reading the man pages
listed below or follow the basic instructions included in the README
See http://www.shrubbery.net/rancid for information on new versions,
mail lists, etc.
ADDING NEW GROUPS
Follow this procedure for adding new groups:
o Update the LIST_OF_GROUPS variable in etc/rancid.conf (see
o Run rancid-cvs(1).
o Update the system's mail aliases file /etc/aliases (see
clogin(1), cloginrc(5), control_rancid(1), lg_intro(1), rancid(1),
rancid-run(1), rancid.conf(5), router.db(5)
17 December 2014 rancid_intro(1)
Man(1) output converted with