Want to learn more
about router and switch management? Automatically
sign up for our free Cisco Routers and Switches newsletter, delivered each
Friday!

A few weeks ago, I wrote an article to share the top three
Cisco administration tools I use on a daily basis, and I asked TechRepublic
members to chime in with their own favorites (“Learn which
three tools no Cisco admin should be without”). In response, two TechRepublic
members, Cstone
and EjayHire,
mentioned how open source tools have been a great help with administering their
networks.

I decided to look into some of these free tools and found
several worth sharing with TechRepublic readers. After you check out my
recommendations, post to this article’s discussion with your own.

Familiarize yourself with COSI

A great place to start is the Cisco-centric Open Source Community
(COSI). COSI is an Internet-based community that develops free Cisco tools
and makes them available for download from its Web site. Currently available
for download from this Web site are six Web-based tools and almost 50 scripts
and utilities. The scripts and utilities all include documentation, and the
community has developed all of these tools to work with Cisco IOS routers,
switches, firewalls, or CiscoWorks management software.

In addition to providing all of these great tools for free,
COSI’s Web site also offers other benefits. Clicking the link to download a
script takes you to a community download page, which also features discussion
forums for questions and support of these tools. It’s important to remember
that Cisco’s Technical Assistance Center (TAC) doesn’t support these tools, so
you must count on your own skills and the help of others in the community.

Of course, the basic idea behind open source development and
these types of communities is that, by working together, users can share and
enhance software to provide free and powerful software for everyone. More
specifically, COSI’s efforts hope to create tools that can ease some of the
management burden for Cisco administrators.

Before we delve deeper into COSI’s offerings, I have one
caveat: These tools aren’t ideal for new Cisco IOS users or anyone who doesn’t
have some Linux experience. Many of these tools help automate more advanced
Cisco admin tasks when administering a midsize to large Cisco network.

Tools that made the short list

As I mentioned, many of these tools are advanced. Designed
to fit specific needs, most of them don’t fall into the category of a tool that
“every Cisco administrator must have.”

After perusing COSI’s Web site, I came up with a list of some
of the tools that I think could be particularly useful to Cisco administrators.

  • ARPTrack: This Perl script
    maintains a history of MAC/IP pairs in a Cisco router’s ARP table.
  • Ciscocmd: This script sends
    commands to a large number of Cisco routers.
  • CiscoConf: This program fetches
    Cisco configurations anytime syslog indicates that a router’s
    configuration has changed. This could serve as a “poor man’s system
    integrity verifier,” similar to a very basic Rancid or Tripwire.
  • cosi-ciscotool: This tool executes
    configuration changes on Cisco routers.
  • GrotG: Also known as Gary’s real-time
    on-demand traffic grapher, this script lets you monitor an interface
    (inbound, outbound, or both) in real-time.
  • MRTG: Also known as Multi-Router Traffic
    Grapher, this tool helps monitor traffic patterns. (For more information
    on MRTG, check out “Configure
    IT Quick: Use MRTG to monitor Linux routers and firewalls.”    )
  • RouteCheck: These Perl scripts check
    a router’s routing table for stability.
  • Show CPU load: This Perl script
    offers a quick look at the CPU load on a Cisco router.

While some of these tools’ functionality may seem less than
extraordinary at first glance, the important thing to remember with these
scripts is not just what they can do by themselves but what you can do by
combining their functionality with other scripts or your own scripts.

In addition, keep in mind that the benefits of such scripts often
don’t become evident until you have implemented several Cisco devices. When you
have to individually work with every router to make a single configuration
change, you’ll start seeing the advantages of such automation.

Possible uses

I’ve been working with a UNIX administrator at my company to
use some of these scripts to automate Cisco IOS troubleshooting commands for a
level-one support desk. We want the support desk to be able to access a menu of
troubleshooting choices from a UNIX server.

For example, one of the choices might be to go to the
routers and issue a show logging | inc
{today’s date} command to return all of the log entries for the specified
day. It could then use UNIX tools such as arp and grep to parse the output
further—for example, to show if the serial interface bounced that day.

Another possible use is to schedule a copy running-configuration startup-configuration and copy startup-configuration tftp to run every
night. This process would save any configuration changes that occurred during
the day, which could help prevent further problems if an administrator forgets
to save and copy the configuration to a TFTP server.

While larger enterprise shops more than likely already have
scripts and tools like these, many companies that have grown from small shops
don’t have such tools at their disposal. It’s important to develop automated
tools like these by combining the help of free Internet communities and
commercial software products.

David Davis has worked
in the IT industry for 12 years and holds several certifications, including
CCIE, MCSE+I, CISSP, CCNA, CCDA, and CCNP. He currently manages a group of
systems/network administrators for a privately owned retail company and
performs networking/systems consulting on a part-time basis.