RANCID configuration file in-depth
In this article you can find description of parameters in rancid.conf. By changing parameters in this file you can impact the way RANCID will behave, collect and process collected information. You can also define type of version control repository and email notifications as well as many other option.
Information in this article are from rancid.conf(5) man pages included with RANCID.
RCSSYS - Revision Control System
Identifies which version control system is used by RANCID to store config collections.
Allowed values are:
- cvs – Concurrent Versions System
- svn – Subversion
# # Select which RCS system to use, &quot;cvs&quot; (default) or &quot;svn&quot;. Do not change # this after CVSROOT has been created with rancid-cvs. Changing between these # requires manual conversions. RCSSYS=cvs; export RCSSYS
NOTE: Make sure that repository type is set to correct versioning system which will be used.
FILTER_PWDS - Password Filtering
This parameter determines which password will be filtered from configs collected by RANCID. Values can be set are:
- NO – does not filter any password. All passwords are included in configs in RANCID repository
- YES – passwords which are stored in plain-text or using reversible enryption method will be removed from configs.
- ALL – all password will be removed from configs
# # FILTER_PWDS determines which passwords are filtered from configs by the # value set (NO | YES | ALL). see rancid.conf(5). FILTER_PWDS=NO; export FILTER_PWDS
NOTE: When setting password filtering be aware that RANCID is sending configuration and changes via email, so including any passwords is not recommended
ACLSORT - Sorting ACLs
# # if ACLSORT is NO, access-lists will NOT be sorted. ACLSORT=YES; export ACLSORT
NOTE: Make sure that ACL sort is set the way you want
NOCOMMSTR - SNMP Community String
Filters SNMP community strings from configs. Can have two settings:
- NO – allows to store SNMP community string in configs collected by RANCID
- YES – removes SNMP community string from configs collected by RANCID
By default this parameter is set to NO, so community strings will be stored in configs collected by RANCID.
# # if NOCOMMSTR is set, snmp community strings will be stripped from the configs NOCOMMSTR=NO; export NOCOMMSTR
NOTE: Make sure that SNMP community string is set to correct value (depends if you want to have community strings in repository or not)
LIST_OF_GROUPS - Groups of devices
# # list of rancid groups LIST_OF_GROUPS=&quot;LAB&quot;
BASEDIR - Main folder for RANCID files
BASEDIR is the directory where rancid-run’s log directory, the revision control system’s repository, and rancid group directories will be placed. Its value is configure’s localstatedir and should be modified if rancid is moved to a new location in the file system without re-installing from the distribution.
CVSROOT - Location of version repositories
LOCKTIME - Time to wait until reportgroup lock error
LOGDIR - Directory for RANCID logs
Directory where rancid-run places log files.
MAILDOMAIN - Defines email domain
Define the domain part of addresses for administrative and diff e-mail. The value of this variable is simply appended to the normal mail addresses. For example email@example.com, if MAILDOMAIN had been set to “@example.com”.
MAILHEADERS - Additional mail headers
Define additional mail headers to be added to rancid mail, such as Precedence or X- style headers. Individual headers must be separated by a n (new line).
Default: Precedence: bulk
Example: Precedence: bulknX-clamation: beef cake
MAX_ROUNDS - Number of retry attempts
Defines how many times rancid should retry collection of devices that fail. The minimum is 1.
NOPIPE - Temporary files vs. IPC
If set, rancid(1) will use temporary files to save the output from the router and then read these to build the file which will be saved in CVS (or Subversion). Otherwise, an IPC pipe will be used. We have found that the buffering mechanisms used in perl and expect are heinous. Using temporary files may result in a noticeable improvement in speed. By default, this is not set.
OLDTIME - Failure report interval
Specified as a number of hours, OLDTIME defines how many hours should pass since a successful collection of a device’s configuration and when control_rancid(1) should start complaining about failures. The value should be greater than the number of hours between rancid-run cron runs.
PAR_COUNT - Failure report interval
Defines the number of rancid processes that par(1) will start simultaneously as control_rancid(1) attempts to perform collections. Raising this value will decrease the amount of time necessary for a complete collection of a (or all) rancid groups at the expense of system load. The default is relatively cautious. If collections are not completing quickly enough for users, use trial and error of speed versus system load to find a suitable value.
TERM - Terminal type
Some Unix utilities require TERM, the terminal type, to be set to a sane value. Some clients, such as telnet(1) and ssh(1), communicate this to the server (i.e.: the remote device), thus this can affect the behavior of login sessions on a device. The default should suffice.
TMPDIR - Temporary files directory
TMPDIR Some Unix utilities recognize TMPDIR as a directory where temporary files can be stored. In some cases, rancid utilizes this directory for lock files and other temporary files.