From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1SQoAn-0007Wa-Nb for garchives@archives.gentoo.org; Sat, 05 May 2012 23:13:58 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 859AAE08A4; Sat, 5 May 2012 23:13:30 +0000 (UTC) Received: from mail-wg0-f53.google.com (mail-wg0-f53.google.com [74.125.82.53]) by pigeon.gentoo.org (Postfix) with ESMTP id 152C2E07B7 for ; Sat, 5 May 2012 23:11:48 +0000 (UTC) Received: by wgbfm10 with SMTP id fm10so3640893wgb.10 for ; Sat, 05 May 2012 16:11:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:subject:message-id:in-reply-to:references :organization:x-mailer:mime-version:content-type :content-transfer-encoding; bh=tivJD3Rh8UZpT2iXsTYUn+No/DsmUkCSNBsL0qbChHw=; b=EagCVs5BgtRtdPLqTnyqpU7a4iZepWVAhlcLttPK1YSdo+eL3GkJ13iNVEclTBwmtr alk+4ZC7+yMBzg/iwzlGiaQsuhGPoDXprZvHhY3V96TTU1hiC4rW8cB1QgaXBA1ZFBlN 7GhAJULWdXpeK5HDynMWsE3jHMFTg9tp8sRo+r5X6ofplUD19jG1V9P9Ym4FQte0STmC yZg2luRNhtwgPuG+rmM4Mhc6hLwiSIbetxd5s2fjjdPcEAyJonsJKq+l1Z3ohGHsMa8N GNr7RC/MleTkqCx64fNyvHrVjmNWz00T49a+4f4aRrpCZ5+bJEnzcjMvjjhuqLPBbi1z 1Wog== Received: by 10.216.45.146 with SMTP id p18mr6658226web.47.1336259508190; Sat, 05 May 2012 16:11:48 -0700 (PDT) Received: from khamul.example.com (196-209-227-85.dynamic.isadsl.co.za. [196.209.227.85]) by mx.google.com with ESMTPS id gg2sm14491740wib.7.2012.05.05.16.11.45 (version=SSLv3 cipher=OTHER); Sat, 05 May 2012 16:11:47 -0700 (PDT) Date: Sun, 6 May 2012 01:09:11 +0200 From: Alan McKinnon To: gentoo-user@lists.gentoo.org Cc: wireless@tampabay.rr.com Subject: Re: [gentoo-user] Re: minimal web server Message-ID: <20120506010911.5ac81886@khamul.example.com> In-Reply-To: References: <20120505130400.1d7272a1@khamul.example.com> Organization: Internet Solutions X-Mailer: Claws Mail 3.8.0 (GTK+ 2.24.10; x86_64-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Archives-Salt: e55b540f-12ab-4a93-aa28-a8042ae9ecde X-Archives-Hash: 828e97475cabd90db1a3e5faa82441dd On Sat, 5 May 2012 16:29:47 +0000 (UTC) James wrote: > Alan McKinnon gmail.com> writes: > > > > > #copy running-config [http | https] > > > How many routers are you backing up and what are your needs? > > It varies. I seem to 'inherit' networks that are not populated > by humans (mostly machines & controls). I like to first copy > the running configurations to my laptop as often the routers are old > and nobody seems to know much about them. (yea as an old linux_hag > I get work on stuff that most other will not touch)..... > As a PE in Controls, I seem to get lucky and am able > to patch, enhance or replace equipment, with minimal > disturbances to the myriad of protocols and legacy > heuristics that inhabit these plants. It's a situation > where if you break it, you own the problem. I try very > hard to keep Microsoft based technologies out of the plants. > Microsoft(anything) is mostly a disaster in the Process > Controls space. I often prove this to a customer, by dropping > in a sniffer here and there and show them the myriad of > shit_traffic that Microsoft(anything) generates just to move > a few bits around. Besides, if you don't believe me, > just ask the IRANIANS how wonderful MS is (think stuxnet virus). > > (enough background?) > > I use a laptop, as often the sites do not have any remote > access or it is blocked. I grab a config and then figure > out a fix, only to return later, sometimes with drop in > replacement hardware. Too often, I'm content to just hack > at the old existing (shit) hardware. Industrial folks are not > so robust on their nets that control machines and such.Often, > Poor practices and little of a structured management system exist. > Still, I get to avoid humans, so I trudge along, meeking out a > living.... > > > > https://www.shrubbery.net/rancid > > Rancid looks interesting enough to explore. Do you have an > unofficial ebuild somewhere, or do you just hack the install on > gentoo? Our rancid stuff runs on FreeBSD (I banned Gentoo from all new production installs 3 years ago...) so we mostly don't bother with packages. Good old "./configure && make && make install" is what works for us. rancid is awesome for what it does, but I doubt it will suit your needs. Because it logs int a device periodically, it needs direct access somehow. And considering the age of some of the stuff you have[1] most of it won't support ssh properly, so you need telnet. There goes any idea of polling devices for backup purposes and we're back to grabbing the config off the router on-site. Like several others said already, I'd go for ftp rather than http for this, it's just easier. [1] lemme guess - you deal with actual live networks right? Real ones that people built. Not the kind of mythical networks described in Gartner white papers and Cisco training manual where everything is somehow supposed to all just magically work out the box (but doesn't...)? -- Alan McKinnnon alan.mckinnon@gmail.com