As well as working on the “Automation Lab Project” I’ve been busy documenting the LAB infrastructure I’ve built up at home. When I start to study, I’ll be using GNS3 and Juniper Olive VMs to learn with, and also have access to the Physical Juniper Router.
When I was studying for CCNP, I did a similar thing where I connected up real kit to GNS3 using a breakout switch and it worked quite well. What I didn’t do very well is keep track of my configurations and any changes I made. This time round I wanted to try again and ensure that I document what I do.
As an added extra I wanted to keep track of my LAB configurations so I looked into building a Raspberry Pi with RANCiD, a tool that backups network configurations and you can also run diffs against the changes made. I found a really good YouTube video here from a lecture at SAINTCon 2015 and just followed the steps.
Watching the video I found out about a really good Raspberry Pi OS called DietPi. Installing software for it is fairly easy, and there is a really good backup system. As I’m still getting to grips with Administrating Linux it’s been really handy being able to backup/restore quickly, when trying out new things. Below is a screenshot of the front end to RANCiD on the Pi.
The tutorial uses a newer version of Rancid that I’m used to and opts for GIT instead of CVS to diff the configurations. Since I’ve been learning a little bit more about how GIT works, I’ve found out from a Dev friend that you can push your GIT to multiple remote repositories using GIT remotes. So using a bash script and cron job, I’m able to PUSH the configurations up to a remote GIT site as well as keeping a copy locally and on USB (via dietpi-backup).
Testing the LAB
So far, I’ve been testing small topologies in GNS3 with the Cisco IOS routers in GNS3 and it’s working well. Out of the 8 Cisco devices you can see below, they all backed up correctly.
The Raspberry PI on the physical network can access the GNS3 lab and can back up the configurations. What may complicate the Juniper SRX lab configs will be ensuring that the LAB can get to the 192.168.1.0/24 network so that they can all backup – we’ll see.
I wrote up some notes during the Raspberry Pi installation as it was a bit hit as miss at times – so I’ll write up a post in the future.
Study for the JNCIS-SEC
As I prepare for the JCNIS-SEC exam I’m hoping to be able to use this LAB infrastructure as a way to keep track of configurations when I’m using GNS3, and also keep practicing. I’ve got the Juniper book Juniper SRX Series to read through and Juniper Security, to accompany it.
The RANCiD backups might be a little bit overkill at this point but it should help with learning the structure of configurations. I’m pretty sure a lot of my time is going to be understanding NAT and Firewall Polices over the next few months and at some point I need to review my MPLS knowledge so it should help with x amount of router configs.
LAB Diagram and Photos