Rancid & IPPlan

As a network engineer, I need plenty of good tools at my disposal. I help to maintain an enterprise-level network of hundreds of Cisco devices, many hosts and even more users. Linux and open source projects become the "glue" which helps me perform my job.

The Linux command line has all sorts of good tools for manipulating text. Awk, sed, grep, perl, bash scripts ... anything you can think of doing is available. And because Cisco config files are just simply text, the marriage of Linux and Cisco makes perfect sense. I run access servers (I call them utility servers) and access all of our equipment from these heavily-secured hosts, which happen to be virtual guest machines. I can then tell the Cisco equipment only to trust these particular hosts. I also run tftp servers on these hosts, for easy config/file management and manipulation.

Two of my favorite projects are Rancid and IPPlan.

Rancid is a CVS or SVN repository for Cisco router configs. If you're like me, and you missed the kernel programmer calling in life, and ended up as only a network engineer, here's your chance to feel like a real kernel hacker superstar. Rancid treats all your configs like a software repository, backing them all up every hour (or whatever you setup in cron) and can email your whole team the diffs. It doesn't matter if you have 3 people on your team or 30, this program is automatic change control.

The commits are done automatically, and you can even checkout any revisions of your "code" that you would like. Want to know what the routers in Texas were configured with three months ago? Go back to your email, find the proper revision and check it out. I've learned more about SVN (Subversion) than I've ever wanted to. There may be a bit of a learning curve, but once you get it up and running, it's solid and does it's job well. There are a few good HowTo links out there.

My other choice was IPPlan. Everyone knows just about anything in IT is about organizing data and people or people's data. When you're a rather large service provider, you have one main issue with IP addresses: keeping track of them. What do you use? A spreadsheet? (Which is popular). Spreadsheets work for small deployments, but for very large netblocks, you need something enterprise level.

And forget buying one of the fancy software packages. They are typically very expensive, and incorporate other features you may not need like DNS servers and DHCP servers. We wanted a single-purpose IP management program.

IPPlan is a database which is structured exactly the way your network is numbered and organized, in areas, ASNs (autonomous system numbers), supernets and VLSM subnets (variable legnth subnet masks).

Once you get the database organized, adding a new network or customer assignment is easy. You can even let your users have access to request new IPs (or blocks of IPs), and provide all sorts of information, including a link from private addresses to public for NAT. I believe I can find any host on our network within about 10 seconds using IPPlan. IPPlan can also use NMAP to automatically scan subnets for used machines and enter their information automatically.

Routing Tables

FredR's picture

IPPlan can read routing tables of remote equipment via snmp. I've done this very thing myself. It's not an automated action, but it does list the contents of the routing table next to your IPPlan database, and one can "fill in the blanks" for the netblocks you're missing.

Some quick perl (or python, or bash, or...) script could grep out all the ip addresses from your CVS/SVN repo and perhaps format it in a way which was importable to IPPlan.

-- FLR or flrichar is a superfan of Linux Journal, and goofs around in the LJ IRC Channel

Can you integrate the two?

Josh's picture

We use these two tools as well. I'd love to find a way to integrate the two. Ideally, a method of crawling router configs for IP addresses, and populating IP Plan accordingly. That way if someone forgets to update ip plan, it'll still get marked in use.

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState