Hello, we have many different devices which we would like to make bulk changes on. Currently we use RANCID for configuration backups. We are thinking of using RANCID's use of expect scripts to do these changes. Some remote sites require accessing one device via its public IP address and then accessing the internal devices through there. This requires a lot of extra configuration in RANCID, however. And we will need to add many devices that aren't currently in RANCID for these changes.
So, my question is, does anyone have any ideas of tools that can make bulk changes to routers and switches with this type of scenario? The main issue here are the network devices that are only available behind one Internet-facing device.
No matter what tool you will use, that tool needs access to the devices behind the one with public IP address. From your explanation, I assume that Rancid (or the new tool) is located somewhere remote and the connection to the devices that has to be managed is done over Internet.
In this conditions, I would suggest that at least temporary to configure static NAT inside on the device with public IP address and to forward some ports to the devices behind it. E.g. for ssh connection
port 22 - remain for device with public IP
port 2221 forward through NAT - 1st device with private IP behind the device with public one
port 2222 forward through NAT - 2nd device with private IP behind the device with public one
and so on...
If you have problems with NAT configuration let us know.
Even is you have a Cisco tool, like CiscoWorks, and configure the devices with private IP address with SNMP to reach the CiscoWorks system, this will not know how to get back to those devices. So, again back to NAT.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...