[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

configuration sanity check

Subject: configuration sanity check
From: cra at WPI.EDU (Chuck Anderson)
Date: Thu, 29 Oct 2015 08:23:41 -0400
In-reply-to: <[email protected]>
References: <[email protected]>

On Thu, Oct 29, 2015 at 09:16:48AM +0100, marcel.duregards at yahoo.fr wrote:
> Hi Nanogers,
> 
> Any recommendation about a software which check the live config of
> cisco/juniper devices against some templates ?
> 
> The goal is to have a template about different function device, like:
> - CORE device must have this bloc and this clock
> - PE device must have at least that and that
> - CPE must have this and that
> - Distrib switch block 1 and block2
> - etc...
> 
> And the software run once every day to check which device do not
> comply with those rules and generate an alert.

For Juniper at least, you can use "commit scripts" to enforce these
rules in real time each time a configuration commit is performed--if
the candidiate configuration change doesn't follow the rules, the
commit fails (or the configuration can be changed automatically to do
something).  For example "all interfaces must have a description on
them", or "changes to MSTI configuration are not allowed".

References:
- configuration sanity check
  - From: marcel.duregards at yahoo.fr (marcel.duregards at yahoo.fr)

Prev by Date: configuration sanity check
Next by Date: configuration sanity check
Previous by thread: configuration sanity check
Next by thread: configuration sanity check
Index(es):
- Date
- Thread