Backup Your Router Config’s Automatically [Archive]

tranmyphuc

10-06-2008, 01:04 AM

Backup Your Router Config’s Automatically

So I know there are alot of great tools out there that do this for you, some of them are made by us @ Cisco and others by our great ecosystem of partners but I really wanted to see just what the router could do for me without having to ‘buy’ another piece of software (hey I was a customer at one time too!). So I got to looking around and came across the archive command and put together the following config that will archive the configs automatically for me. In my sample, I configure the router to automatically backs up the config every 1 minute and anytime someone writes the config to memory, in addition the router logs every configuration command typed on the routers….The administrator sees the config written to the tftp server directory as filenames ‘router-cfg-1’ and the number increments each time the router archives it off like ‘router-cfg-2, router-cfg-3, ect.’ Just change the name in the path for each router you want it to run on an each routers config’s can be kept seperate or you put them in different directories.

archive
log config
logging enable
logging persistent reload
hidekeys
path tftp://192.168.1.126/router-cfg
write-memory
time-period 1
!

After enabling this you can use the ’show archive’ command to display the information about the files saved in the Cisco IOS configuration archive. In my case this will point to the TFTP server and the filename.

CCIE6200-1841#sh archive
Load for five secs: 0%/0%; one minute: 3%; five minutes: 3%
Time source is NTP, 09:31:09.876 CDT Fri Jun 6 2008

The next archive file will be named tftp://192.168.1.126/router-cfg-12
Archive # Name
0
1 tftp://192.168.1.126/router-cfg-1
2 tftp://192.168.1.126/router-cfg-2
3 tftp://192.168.1.126/router-cfg-3
4 tftp://192.168.1.126/router-cfg-4
5 tftp://192.168.1.126/router-cfg-5
6 tftp://192.168.1.126/router-cfg-6
7 tftp://192.168.1.126/router-cfg-7
8 tftp://192.168.1.126/router-cfg-8
9 tftp://192.168.1.126/router-cfg-9
10 tftp://192.168.1.126/router-cfg-10
11 tftp://192.168.1.126/router-cfg-11 <- Most Recent
12
13
14
CCIE6200-1841#

Notice that the router keeps track of the most recent configuration archive by pointing to the most recent. Also notice that the router keeps tracks of 15 total configs at any point in time, so what happens when we reach like 17 or 18? Let’s a took at the ’show archive’ after at a later period in time:

CCIE6200-1841#sh archive
Load for five secs: 0%/0%; one minute: 5%; five minutes: 4%
Time source is NTP, 09:36:39.075 CDT Fri Jun 6 2008

The next archive file will be named tftp://192.168.1.126/router-cfg-18
Archive # Name
0 tftp://192.168.1.126/router-cfg-15
1 tftp://192.168.1.126/router-cfg-16
2 tftp://192.168.1.126/router-cfg-17 <- Most Recent
3 tftp://192.168.1.126/router-cfg-3
4 tftp://192.168.1.126/router-cfg-4
5 tftp://192.168.1.126/router-cfg-5
6 tftp://192.168.1.126/router-cfg-6
7 tftp://192.168.1.126/router-cfg-7
8 tftp://192.168.1.126/router-cfg-8
9 tftp://192.168.1.126/router-cfg-9
10 tftp://192.168.1.126/router-cfg-10
11 tftp://192.168.1.126/router-cfg-11
12 tftp://192.168.1.126/router-cfg-12
13 tftp://192.168.1.126/router-cfg-13
14 tftp://192.168.1.126/router-cfg-14
CCIE6200-1841#

Well it appears the router begins to overwrite the earlier config archives that it maintains in buffer however if you have access to the files like in my case that are written off to a tftp/ftp/http/ect server you can still perform all the other functions that archiving provides. For instance, I want to compare any configuration change differences between router-cfg-1 and router-cfg-17:

CCIE6200-1841#sh archive config differences tftp://192.168.1.126/router-cfg-1 tftp://192.168.1.126/router-cfg-17

Load for five secs: 1%/0%; one minute: 5%; five minutes: 4%
Time source is NTP, 09:39:37.473 CDT Fri Jun 6 2008

Loading router-cfg-1 .from 192.168.1.126 (via BVI1): !
[OK - 7692 bytes]

Loading router-cfg-17 .from 192.168.1.126 (via BVI1): !
[OK - 7692 bytes]

Contextual Config Diffs:
!No changes were found

CCIE6200-1841#

Well it appears that there is not config differences between these config’s, so why not create a few differences. Lets do that and then run the command again.

CCIE6200-1841(config)#ip vrf CONFIG_TEST
CCIE6200-1841(config-vrf)#rd 100:100
CCIE6200-1841(config-vrf)#route-target
CCIE6200-1841(config-vrf)#route-target bot 100:100
CCIE6200-1841(config-vrf)#exit
CCIE6200-1841(config)#exit
CCIE6200-1841#

Now let’s check and see if there are any differences

CCIE6200-1841#sh archive config differences tftp://192.168.1.126/router-cfg-1 tftp://192.168.1.126/router-cfg-25
Load for five secs: 1%/0%; one minute: 4%; five minutes: 4%
Time source is NTP, 09:45:19.510 CDT Fri Jun 6 2008

Loading router-cfg-1 .from 192.168.1.126 (via BVI1): !
[OK - 7692 bytes]

Loading router-cfg-25 .from 192.168.1.126 (via BVI1): !
[OK - 7783 bytes]

Contextual Config Diffs:
+ip vrf CONFIG_TEST
+rd 100:100
+route-target export 100:100
+route-target import 100:100

CCIE6200-1841#

This archive configuration also gives me the ability to see who typed what and what they typed. I can get that information via the ’show archive log config all’ command:

CCIE6200-1841#sh archive log config all
Load for five secs: 3%/0%; one minute: 5%; five minutes: 4%
Time source is NTP, 09:46:54.841 CDT Fri Jun 6 2008

idx sess user@line Logged command
1 1 CCIE6200@vty0 | logging enable
2 1 CCIE6200@vty0 | logging persistent reload
3 1 CCIE6200@vty0 | hidekeys
4 1 CCIE6200@vty0 | path tftp://192.168.1.126/router-cfg
5 1 CCIE6200@vty0 | write-memory
6 1 CCIE6200@vty0 | time-period 1
7 2 CCIE6200@vty0 |archive
8 2 CCIE6200@vty0 | log config
9 3 CCIE6200@vty0 |ip vrf CONFIG_TEST
10 3 CCIE6200@vty0 | rd 100:100
11 3 CCIE6200@vty0 | route-target both 100:100
12 3 CCIE6200@vty0 | exit

CCIE6200-1841#

Bonus :
BTW…you can also use EEM to do this as well. Check out some samples @ http://forums.cisco.com/eforum/servlet/EEM?page=main

an example would be:

event manager environment backuploc tftp:// 192.168.1.126
event manager applet backcfg
event cli pattern “write memory” sync no skip no
action 1.0 cli command “enable”
action 2.0 cli command “config t”
action 3.0 cli command “file prompt quiet”
action 4.0 cli command “end”
action 5.0 cli command “copy running $backuploc”
action 6.0 cli command “config t”
action 7.0 cli command “no file prompt quiet”
action 8.0 cli command “end”
!

Have fun !!!

vokhoa

10-06-2008, 03:34 PM

Did you check it? Or depend on IOS
FYI:

Configuration Replace and Configuration Rollback

Beginning in Cisco IOS Software Release 12.3(7)T, the Configuration Replace and Configuration Rollback features allow for archiving of the Cisco IOS device configuration on the device. Stored manually or automatically, the configurations in this archive can be used in order to replace the current running configuration using the configure replace filename command. This is in contrast to the copy filename running-config command. The configure replace filename command replaces the running configuration as opposed to the merge performed by the copy command.

You are advised to enable this feature on all Cisco IOS devices in the network. Once enabled, an administrator can cause the current running configuration to be added to the archive by using the archive config privileged EXEC command. The archived configurations can be viewed using the show archive EXEC command.

This example illustrates the configuration of automatic configuration archiving. This example instructs the Cisco IOS device to store archived configurations as files named archived-config-N on the disk0: file system, to maintain a maximum of 14 backups, and to archive once per day (1440 minutes) and when an administrator issues the write memory EXEC command.
!
archive
path disk0:archived-config
maximum 14
time-period 1440
write-memory
!
Although the configuration archive functionality can store up to 14 backup configurations, you are advised to consider the space requirements before using the maximum command.