Saturday, August 8, 2009

Periodical Configuration Save of Cisco Devices

Periodical configuration save of Cisco devices can be done from inside the device by using a combination of "kron" and "archive" commands. As we had no routine of taking backup of our router but yesterday after a long search now i have successfully configured all stuff like backup, monitoring my router through Nipper (see my full blog on it, click Nipper), Now i will take my backup and will save at remote place :).

Define the location of your configuration save apart from the default Flash location. Based on your IOS support, this can be a HTTP, HTTPS, FTP, or TFTP path. I am taking the backup using tftp.

The following commands is used to enable archive and define the path, while third command is used that when ever someone copy configuration to NVRAM so it will take backup also.

PSW-DXX (config) # archive
PSW-DXX (config-archive)# path tftp://
PSW-DXX(config-archive) # write-memory

If you want to suppress the display of password information in configuration log files, use the hidekeys command in configuration change logger configuration mode. or To allow the display of password information in configuration log files, use the no form of this command

PSW-DXX (config)# archive
PSW-DXX (config-archive)# log config
PSW-DXX (config-archive-log-cfg)# hidekeys or no hidekeys
PSW-DXX (config-archive-log-cfg)# exit

To enable the logging of configuration changes, use the logging enable command in configuration change logger configuration mode. To disable the logging of configuration changes, use the no form of this command.

PSW-DXX (config-archive-log-cfg)# logging enable
PSW-DXX (config-archive-log-cfg)# no logging enable

To specify the maximum number of entries retained in the configuration log, use the logging size command in configuration change logger configuration mode. By default value is 100. To reset the default value, use the no form of this command.

PSW-DXX (config-archive-log-cfg)# logging size 200


Define the policy list for the scheduler. The following is calling the "write config" command which will trigger the copy over network from the above:

PSW-DXX (config) # kron policy-list backup-config
PSW-DXX (config-kron-policy) # cli write memory

Define the schedule of the policy. The following example is for ten minutes past evening, everyday:

PSW-DXX (config) # kron occurrence daily-config-backup at 05:10 recurring
PSW-DXX (config-kron-occurrence) # policy-list backup-config

Note: Every time the "write memory" command is issued, the device will trigger a network copy to the path specified above.

I hope this will be informative for you. :)

Cheers :)


nayyares said...

man, this is really bad! your office has too critical services and they never took backup of router's configurations...!

in our office we even have separate configuration for separate week days. that our cisco admins are always tweaking and forcing routers work according to situation...



yes sir u r right, i think its the most important thing and they should keep this thing in priority. but now i m here so everything will be fine related to cisco heeeeee :)

