On Sep 13, 2007, at 5:33 AM, <michael.dillon@xxxxxx>
<michael.dillon@xxxxxx> wrote:
OK, how is it possible to automate the renumbering of my firewall
entries which contain IPv6 addresses and prefixes?
How is it possible to automate the renumbering of my extranet business
partner firewalls who also contain some of my IPv6 addresses and
prefixes?
How do I automate the renumbering of router ACLs in my own IPv6
network?
As a practical matter, these things are quite doable. Sane network
management
practices store the configuration for such devices in offline
management stations.
By then writing these configurations in a parameterized form, you can
then use
the current variable definitions to expand out a concrete
configuration. The tools
for this are not rare. Languages such as Perl, or macro processors
such as cpp or
m4 are more than adequate to the task.
Loading the results of these tools into devices is also trivial. See
rancid, for example.
For larger cases, one can also integrate a SQL database to help
provide organized
scalability.
This is not theoretical, I've worked with all of the above.
Regards,
Tony
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf