Network Configuration Diff Analysis - rConfig V8

Configuration Diffs: Understanding What Changed

Configuration diffs are where rConfig transforms raw configuration backup files into actionable intelligence. When something breaks after a change window, you don’t need to read through thousands of lines of configs. The diff shows you exactly what changed—added lines in green, removed lines in red, modified sections highlighted.

---

Why Diffs Matter

Troubleshooting

Device behavior changed overnight? Compare yesterday’s config to today’s. The diff reveals the smoking gun—a new ACL, changed routing protocol timer, or modified interface setting. Use Change Pulse for real-time change analytics.

Change Validation

Before implementing a change, generate a diff preview showing exactly what will change. After implementation, verify the diff matches expectations. No surprises.

Compliance Auditing

Regulators ask “when did you remove that security policy?” Pull up the diff from that date. Timestamp, user who made the change, before/after state—all documented in configuration reports.

Learning and Documentation

New engineer asks “why is this configured this way?” Show them the diff from when it was added, with context from the change ticket referenced in logs.

---

How Configuration Versioning Works

Every time rConfig backs up a device, it creates a new version—but only if the configuration changed.

Version Detection

On backup completion:

1. New configuration captured and processed
2. File hash calculated (MD5/SHA256)
3. Hash compared against previous backup’s hash
4. New version file created and stored (regardless of whether config changed)
5. Database record created with version metadata
6. Change detection flag set (changed vs. unchanged)

Version metadata stored:

• Version number (sequential: v1, v2, v3…)
• Timestamp of backup
• File hash for integrity verification
• Change detection flag (changed vs. unchanged)
• File size
• Associated user (if manual backup)

Storage Behavior

By default, rConfig stores every backup as a separate physical file. If you back up a device daily for 30 days, you get 30 configuration files—even if the configuration never changed. This provides complete historical records and ensures every backup is independently retrievable.

Per-command storage control: You can disable storage for specific commands if you want to reduce disk usage. For example, if you’re backing up show version purely for inventory purposes and don’t need historical versions, disable storage for that command. The data is still captured and parsed (for properties), but the file isn’t saved.

If you disable storage for a command, rConfig will not create a new file for that command on each backup. But a database record is still created but marked as “not stored.” This means you can still see when the command was run and its properties, but you won’t have a historical file to diff against.

You can enable the Hard Link option to save disk space when storing every file. This creates a hard link to the previous version’s file if the configuration is unchanged, rather than duplicating the file. This saves space while still maintaining a complete version history. See the Configuration Backup Implementation document for details.

Storage structure (default behavior):

/storage/app/rconfig/data/
  └── Routers/
      └── router-hq-01/
          └── 2025/
              └── Oct/
                  └── 01/
                      └── show-running-config_143022.txt  # v124
                  └── 02/
                      └── show-running-config_080515.txt  # v125 (stored even if unchanged)
                      └── show-running-config_143022.txt  # v126 (stored even if unchanged)

Benefits of storing every file:

• Complete audit trail: Every backup attempt has a corresponding file
• No dependency on change detection: If change detection fails, you still have the file
• Simplified recovery: Every version is a standalone file
• Forensic analysis: Compare any two points in time without gaps

When to disable storage per command:

• Commands capturing operational state that changes constantly (interface counters, uptime)
• Commands used solely for property extraction, not historical tracking
• High-frequency backups where storage is a concern
• Commands with very large outputs that aren’t needed for recovery

---

Viewing Configuration Diffs

rConfig provides three distinct methods for viewing configuration differences, each suited to different workflows and use cases:

1. Manual Config Diff Tool

Use case: Ad-hoc comparison of any two configuration files, regardless of device or timing.

Access: Navigate to Config Tools → Config Compare

Features:

• Select any two configuration files from any device
• Compare configurations across different devices
• Compare configurations from different time periods
• Upload external configuration files for comparison
• No restrictions on version relationships

Best for: Troubleshooting, one-off comparisons, comparing golden configs against production

Learn more about the Config Compare Tool →

2. Command/Config Basis Comparison

Use case: Track how a specific command output or configuration file evolved over time for a single device. You can browse the full version history and select any two versions to compare.

Access: Navigate to Devices → [Device Name] → Config → Config History

Features:

• View version history for a specific device
• Select a version to see the changes between it and the previous version
• See complete version timeline with metadata

Best for: Device-specific troubleshooting, change validation, audit trails

Interactive Video

3. Change Pulse Feature

Use case: Real-time monitoring of configuration changes across your entire infrastructure with automated change detection and notifications.

Access: Navigate to Config Tools → Change Manager → Change Pulse

Features:

• Holistic change detection across all devices
• Timeline view of recent changes
• Filter by device, category, or date range or commands
• Change frequency analytics

Best for: Ongoing change monitoring, compliance reporting, identifying unexpected changes

Learn more about Change Pulse →

---

Advanced Diff Features

Monaco Editor Integration

rConfig uses the Monaco Editor (the same engine powering VS Code) for diff display, providing professional-grade capabilities:

Features:

• Syntax highlighting (recognizes Cisco IOS, JunOS, etc.)
• Inline diff view or side-by-side view (toggle)
• Minimap for quick navigation in large configs
• Collapsible unchanged sections
• Line numbers with change indicators
• Copy left/right pane independently
• Download either version

Keyboard shortcuts (same as VS Code):

• Ctrl+F / Cmd+F: Find in diff
• Ctrl+D / Cmd+D: Select next occurrence
• Alt+Click: Multiple cursors
• Ctrl+/ / Cmd+/: Toggle line comment

Diff Export

Use case: Share diff output with colleagues, include in change documentation, attach to tickets.

Options:

1. Copy to clipboard: Copy either pane or both
2. Download as text: Save diff output locally

---

Best Practices

Regular Backups Enable Better Diffs

The more frequently you back up, the more granular your diffs become. Daily backups mean each diff shows one day’s changes. Weekly backups mean diffs are cluttered with a week’s worth of changes.

Recommendation: Daily backups for critical infrastructure, weekly for stable edge devices.

Use Meaningful Change Documentation

When triggering manual backups (UI or API), add context in change tickets or logs. Future diff reviews benefit from knowing why a change was made.

Archive Long-Term

Keep at least 90 days of configuration versions online. Archive older versions to cold storage if needed, but maintain metadata for searchability using configuration search.

Monitor CIC Status

Failed Config Integrity Checks indicate truncated or incomplete backups. These versions produce misleading diffs. Fix CIC failures immediately.

Leverage Search for Compliance

Build reports showing devices with specific configurations (or lacking required configurations) using configuration search. Export results for audit documentation.

---

Troubleshooting Diffs

Diff Shows No Changes But Config Actually Changed

Possible causes:

1. Timestamps/comments: Configs include timestamps that change every backup
2. Dynamic content: Uptime counters, packet counts in output
3. Whitespace differences: Extra spaces or line endings

Solution: Check CIC definitions—they may need refinement to ignore dynamic content.

Diff Is Unreadable (Too Many Changes)

Possible causes:

1. Comparing configs from devices with different templates
2. Comparing across major software version upgrades
3. Comparing default config vs. fully configured device

Solution: Use incremental comparisons (version N vs. N+1) instead of jumping large gaps.

Search Returns No Results

Possible causes:

1. Search syntax error (typo, wrong regex)
2. Searching wrong device category
3. Searching date range without matching configs

Solution: Broaden search scope, verify search terms against sample config.

---

Related Documentation

• Config Editor - Understanding the Monaco Editor interface
• CIC Definitions - Config Integrity Check setup
• Configuration Backup Implementation - How to run backups
• Device Connectivity Process - How configs are captured
• CLI Commands - Manual backup commands

---

Quick Reference

Common Diff Scenarios

Scenario	Action
Compare today vs. yesterday	Device history → select two adjacent versions → Compare
Find when config element was added	Device history search → filter by text → review matching versions
Compare similar devices	Devices view → multi-select → Compare Configurations
Search all devices for specific config	Search → Configuration Search → enter text/regex
Export diff for documentation	Compare view → Download or Copy

Diff Color Coding

• Green: Lines added in newer version
• Red: Lines removed from older version
• Yellow/Orange: Lines modified (content changed)
• Gray: Unchanged sections (collapsed by default)