Good Software Engineering Practices

Unanswered Question
Mar 4th, 2009

I'm new to Cisco and can't find an appropriate place to discuss general practices, so let me know if there is a better place for this message.

I was a bit disappointed by the approach my Cisco partner took to configuring my router which seemed to be not much better than hacking (as in MIT Model Railway Club). This caused me a lot of lost time and I'm still trying to sort out the mess with TAC.

I've worked in software development for the last 25+ years and so understand the need to control changes. Therefore, I propose setting up a version control system (subversion) for my router's configuration file so I can implement the following sort of change control procedure:

1. Make changes to the 'source' config file using NotePad on my laptop

2. Upload the 'source' config file to the router's running-config using the TFTP server on my laptop

3. Test the changes

4. Copy the running-config to the startup-config on my router

5. Restart the router

6. Test the changes

7. Download the new running-config to the TFTP server on my laptop

8. Update version control for both the 'source' config file and the running-config file in order record + document the change

I'm expecting the 'source' config file and the running-config file to differ only in respect of their comments as I understand that comments are removed by the router's command interpreter when uploading a file to running-config. Is that correct?

Do you have any comments about my proposed change control procedure? What is Cisco's general advice about change control for configuration files? What are people's thoughts about this issue? I can't help feel that my Cisco partner could save themselves (and their clients) a lot of time and money by better handling configuration changes. Like I said, I'm new to the Cisco world so perhaps there are good reasons for doing things like my Cisco Partner. If so, what are they?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Justin Brenton Thu, 03/05/2009 - 08:03

Hi Will,

No need to restart the router. This is only needed in rare situations.

Sounds like your taking control of the situation, good job.

! comments will be ignored when copied to the router.

HTH, Please rate



jgagznos Fri, 03/06/2009 - 15:20

Industry best practice calls for a change management process. The days of changing things in a vacuum are long over and have no place in today's production environments.

It sounds like you have a good handle on how things should be handled. The other thing to mention is that many of us in this industry utilize configuration management tools to automate and backup configurations. If things are properly configured, a config management tool can notify you when things have been changed, by who, and what they changed.

Best of luck,


WillStott Mon, 03/09/2009 - 07:38

I'm very surprised that my Cisco Partner and the people handling TACs don't seem to do change management as a matter of course - as clearly you and others do. I really wanted to know whether this is a localized problem, or something that is endemic. I suspect the later. I haven't done any Cisco training, but perhaps configuration management (and appropriate tools) is something that needs to be taught day 1, lesson 1. What advice does Cisco give about configuration management of router settings?

dbeare Mon, 03/09/2009 - 06:41

I would use an automated process (such as Kiwi tools) to back up your config files across your devices on a nightly basis. You can also configure it to only back up if changes are made. I would then implement something like TACACS+ that can track who made changes and what changes were made. Automate as much as possible, otherwise you will eventually miss a change that was made, or forget to do a backup, or be sick and miss it, and the system will not have the most recent changes backed up. Just my thoughts


This Discussion