Search This Blog

Friday, May 10, 2013

Cisco archive and config



Archive Configuration

Cisco IOS feature to archive running-configuration automatically for later review or backup purposes.

Here is a sample configuration:

Archive
 log config
  logging enable
  notify syslog contenttype plaintext
  Hidekeys
path flash:configs/archive
maximum 11
write-memory

This configuration will log and backup the running-configuration every time a write-memory (wr) command is issued. The archive will keep up to 11 files in the flash of the device on the specified path. 

The configuration file will be saved without keys/passwords and each change will also notified on the syslog service.

The path parameter can be set to local storage on the device (flash, PCMCIA, USB) or to remote server such FTP, TFTP, SCP, HTTP or HTTPS.
Also the archive can occur due to write-mem command or on specific time using the time-period command.

Archive Configuration differences 

We can compare between 2 configuration files which has been saved using the archive feature.

show archive config differences flash:/configs/archive-Mar-11-21-27-13.863-0 flash:/configs/archive-Mar-12-17-29-14.403-4

Here is an example output:

!Contextual Config Diffs:
interface GigabitEthernet0
 +no ip redirects
 +no ip unreachables
 +no ip proxy-arp
 +ip flow ingress
 +ip flow egress
 +load-interval 30
+monitor session 1 source interface Fa6
+monitor session 1 destination interface Fa0
interface FastEthernet7
-load-interval 30
interface GigabitEthernet0
 -no ip address
 -ip flow-export destination 192.168.0.250 2055

The process always compare the 2nd file to the 1st file, Lines that marked with ‘+’ sign have been added while lines marked with ‘-‘ signed are deleted from the 2nd file compare to the 1st.

Replace configuration

This is my configuration for archive and saving files on TFTP server each time I’m issuing write-memory on my router:

archive
 log config
  notify syslog
  hidekeys
 path tftp://10.88.0.1/
 write-memory

In order to replace the current running-configuration with one of the archive backup do the following steps:

R1#configure replace tftp://10.88.0.1/-1 force time 10
!!Timed Rollback: Backing up to tftp://10.88.0.1/-5

Loading -1 from 10.88.0.1 (via FastEthernet0/0): !
[OK - 1022 bytes]

% Not all config may be removed and may reappear after reactivating the logical-interface/sub-interfaces
Total number of passes: 1
Rollback Done

R1#
R1#configure confirm

This command replace the running-configuration with the file named -1 found on my TFTP server, also used the parameter force, which replace the config without prompt for user approval and time 10 which waits 10 seconds for confirmation before doing rollback. You can see my confirmation at the last line.

Configure through network

This is the option to copy a configuration file from the network (TFTP, FTP etc.) to device:

R1#configure network tftp://10.88.0.1
Host or network configuration file [host]?
This command has been replaced by the command:
         'copy <url> system:/running-config'
Address or name of remote host [10.88.0.1]?
Source filename []? -2
Configure using tftp://10.88.0.1/-2? [confirm]
Loading -2 from 10.88.0.1 (via FastEthernet0/0): !
[OK - 1083 bytes]

R1#
*Mar  1 00:18:22.387: %SYS-5-CONFIG_I: Configured from tftp://10.88.0.1/-2 by console
R1#

This feature can be very useful when you need to configure large amount of devices with already configured template.

No comments:

Post a Comment