Monday, March 21, 2011

Cisco Config Diff Tools

In the last post I examined the archive tools provided in IOS to backup device configurations to a FTP, TFTP or SCP server.  Now I would like to look at some of the tools IOS provides to work with these archived configurations.


Diff


Contextual Configuration Diff Utility is the official Cisco name for what Linux people call diff.  Diff in it's most basic form takes two text files and tells you what is different between the two files line by line.  Before we look at IOS let's take a basic example of diff from a Linux box.


Listing of File1.txt
apples
beer
coffee
donuts
eclairs
 Listing of File2.txt
apples
beer
cottage cheese
donuts
fudge

 Example of diff



storyb@nettools:~$ diff file1.txt file2.txt
3c3
< coffee
---
> cottage cheese
5c5
< eclairs
---
> fudge

In this example, you can see that it shows that coffee was in the first file, but cottage cheese was in the second and likewise that on line 5 eclairs was in the first file, but fudge was in the second.


Cisco's Diff


Cisco's diff works very similarly to Linux's.  In the following example of using IOS' diff we will use the following two abbreviated IOS configuration files.


Listing of iosconfig1.cfg


no ip subnet-zero
ip routing
router ospf 1
  network 192.168.1.0 0.0.0.255 area 0
interface Ethernet 0/0
  ip address 192.168.1.1 255.255.255.0
  no ip route-cache
  no ip mroute-cache
interface Ethernet 0/1
  shutdown
Listing of iosconfig2.cfg
ip subnet-zero
ip routing
router ospf 1
  network 192.168.1.0 0.0.0.255 area 0
interface Ethernet 0/0
  shutdown
interface Ethernet 0/1
  ip address 192.168.1.1 255.255.255.0
  no ip route-cache
  no ip mroute-cache
 Example 1: show archive config differences
show archive config differences scp://scpuser@server/iosconfig1.cfg scp://scpuser@server/iosconfig2.cfg

+ip subnet-zero
interface Ethernet 0/0
  +shutdown
+interface Ethernet 0/1
  +ip address 192.168.1.1 255.255.255.0
  +no ip route-cache
  +no ip mroute-cache
interface Ethernet 0/0
  -ip address 192.168.1.1 255.255.255.0
  -no ip route-cache
  -no ip mroute-cache
interface Ethernet 0/1
  -shutdown
There is also a second version of the diff utility for IOS that compares a configuration file with the running configuration and tells you what lines are in the config file that are not in the running configuration.  This command is show archive config incremental-diffs <filename>.  It is useful to compare a previous archive to the running configuration to see what had been deleted from a configuration.


My next post will look at the tools that IOS provides to do configuration replacement and rollback using archived configurations.

2 comments:

  1. do you know of any linux/windows command line tools that will do a diff contextually as "cisco's diff" does?

    ReplyDelete
  2. I don't, NeDi makes some attempt at that, but it's a web PHP application.

    ReplyDelete