Network-Automation: Re: CLI transactions

Network-Automation
(April 2005)

Indexed By Thread: [Previous] [Next]

Subject:	Re: CLI transactions
From:	Andrew Fort <andrew . fort @ gmail . com>
Date:	Wed, 20 Apr 2005 07:18:38 +1000
To:	"albert @ research . att . com" <albert @ research . att . com>
Cc:	network-automation @ greatcircle . com
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=flg0J4ckNYl4PUBQbkHRKktYBZoUhKtvn7acIry4ToRZfAkjAG/8O86ePrv7D/tKjHMRN2rwuSOLj7f5SraulEpsmli1cJ8ABE00UVYW/K+Mc6ETJSTcYwTmd6h7OnHfbvVfZWD/I5sJpZ5lUoK9uoIyKTXnoWXakeG9o1aWBMo=
In-reply-to:	<387B5A9BF31B5D43A2B18DD9F326B8E1018566AD@NJFPSRVEXG2KCL.research.att.com>
References:	<387B5A9BF31B5D43A2B18DD9F326B8E1018566AD@NJFPSRVEXG2KCL.research.att.com>
Reply-to:	Andrew Fort <andrew . fort @ gmail . com>

On 4/20/05, albert@research.att.com <albert@research.att.com> wrote:

> > And given that there are already (large) operators that use the "see
> > you on the other side, hope your configuration updated!" to do major
> > changes with "reload soft" on cisco boxen, are any of these operators
> > on this list and would care to comment on the nature of such changes?
> >
> > -andrew

> Hi Andrew,  I don't quite follow the example and the point, and would
> you mind elaborating?  -- Albert

Lets say you build your configurations with m4 and data in some
repository (ldap, sql, whatever), as some folks do (I find this a
quite reasonable approach here).  For consistency and congruence,
you're building an entire configuration file, making liberal use of
includes for your network-wide stuff, like AAA, standard access-lists,
and so on.

Say also you have a large scale network change to enact across a large
number of boxes.  It's a pretty large change to the configuration, and
the network in question is IOS devices.

So you choose to load the configuration to startup-config and reload
the devices.  Since staff from large providers talked about  the
"reload soft" feature in some fora, my assumption is that this method
of major change is quite alive inside some networks since "it's
probably better to reboot the IOS box than change its configuration
too much" (assumption based on experience).  So you reload soft and
hope for the best, that all the configuration comes up and is loaded
successfully by the device, and that any network-derived state comes
good also (c.f., the stp, igp, egp state).

I was hoping people could talk about how they cope with the cases
where the configurations are not in sync after the change; not war
stories so much as insight we can learn from.

My approach is to make sure working OOB access is available to such
devices and ops will rectify conditions as appropriate; reloading
again from the existing configuration can be scripted through this
network, so this could also enacted upon a rollback requirement.  In
the perhaps more realistic case where you are rebooting CPE or
far-flung devices and you have no asynchronous access, what then?

Randy's quip was perhaps highlighting that this is not the most
pleasant way to have to enact such changes, or perhaps that I just
shouldn't ask :).

-andrew

References:

Re: CLI transactions
From: <albert@research.att.com>

Indexed By Date	Previous:	Re: CLI transactions From: <albert@research.att.com>
Indexed By Date	Next:	Magic and Oracles (was: Re: CLI transactions) From: Tim Nelson <architect@webalive.biz>
Indexed By Thread	Previous:	Re: CLI transactions From: <albert@research.att.com>
Indexed By Thread	Next:	objects and relationships From: Andrew Fort <andrew.fort@gmail.com>