PCI and text-based configuration synchronization.

As a followup to my earlier post of Perl scripts to automate configuring Cisco devices and archiving their configurations using TFTP and SNMP, I thought I'd follow up with my script to run this against all my devices.  I track our network devices in /etc/hosts on a Linux server that uses h2n to create zone files to act as a nameserver for a dedicated domain.Note that you may wish to change italicized values.

There is a PCI requirement stating that configurations must be synchronized and differences reported on.  We call a shell script that does this, which assumes the filename format from my "snag" script - the wildcarded name below will work until the year 3000, at which point I probably won't be responsible for determining why it broke - and accepts the hostname as an argument. Note that we just call diff for the newest 2 files, ignoring a couple differences we won't care about, and if there is any output, we print it. No difference? No output.

#!/bin/bash

#Script "confdif"
cd /tftproot.directory

Food Insecurity and Income

I do a lot of thinking in the car, and I've been spending a lot of time listening to public radio during my commute, which occupies a total of three hours a day (WHYY, a fine station, go support them if you agree). BBC's The World in particular has been covering a lot of unrest in the middle east, eastern Europe, and Africa, and it started me thinking about competition for resources, and resources in general.

A lot of the suffering in the world seems to stem from hunger, or the lack of food in a particular place. This is true not only abroad but here in America, where right now nearly 48 million people are enrolled in Supplemental Nutritional Assurance Program, (or SNAP, formerly food stamps.) Since the population of America was about 313 million last year, that is about 15% - a sizable chunk - of Americans who are not able to meet the nutritional needs of their families with their present income at any given time.

Automating Cisco configuration tasks with perl and SNMP, or, I work smarter because I'm lazy

My job as a network engineer is one which lends itself to automating repetitive tasks. I was also, for some period of time, reporting to a manager whose approach to IT expenditure was to ignore our pleas to spend money to avert a spectacular disaster until that disaster occurred, either because he didn't understand the problems we told him would occur, or because after it blew up it was an easier sell to the business. Due to the poor funding of everything, engineer toolsets were the last thing that got any money, and due to that paucity I have achieved some success in implementing complex control systems with some very simple tools using Linux shell and perl scripts. After successive generations of improvement, I wanted to share these with the engineer community.

One of the earliest toolsets I built utilized SNMP to back up the configuration of our Cisco routers and switches. From there it was a simple step to use this save running configurations to backup configurations, and to push out configuration changes. Note that these tools assume you have:

• A Linux server with
• a writable TFTP directory
• SNMP tools using a default SNMP string
• Perl installed
• The necessary Cisco MIBs installed, though you could go look up the numeric equivalent OIDs and substitute them. 

Just copy these into a directory in your path and make them executable.