Sample configuration: periodic upload of router configuration

Pete Vickers sent me a very interesting configuration sample:

To get an IOS device to upload it’s configuration periodically to an external FTP server:

ip ftp source-interface loopback 0
ip ftp username ftp_username
ip ftp password ftp_password
file prompt quiet
!
kron policy-list backup
 cli copy running-config ftp://10.20.30.40
!
kron occurrence daily-backup at 0:30 recurring
 policy-list backup

The beauty of this example is that you can use it on platforms that don't support Embedded Event Manager (which has a very similar cron functionality) as the kron commands were introduced in 12.2T and 12.3 IOS releases.

Note: You have to use the file prompt quiet configuration command as the commands executed by kron cannot supply any user input

7 comments:

  1. On 12.4:

    router(config)#archive
    ! configure config archival
    router(config-archive)#path scp://user:password@host/
    ! where to archive
    router(config-archive)#write-memory
    ! archive every "write mem"
    router(config-archive)#time-period 1440
    ! also archive daily

    ReplyDelete
  2. I want to use scp to copy the running config in a daily cron job, how can I add a public key to the router so I don't have to include the password in the scp command?

    e.g. I've got
    "scp -q administrator@$ROUTER:running-config $CONFIGFILE"

    and on my linux box I've generated a public/private key pair, and I'm wanting to put the public key onto the router...

    I know I could save from the router to a server as per this blog post, but I want to have the server make the request as I have it doing it for other devices and it makes sense to have it all in one place.

    ReplyDelete
  3. Haven't found a solution yet, if anyone knows how to do it, please share it with us.

    ReplyDelete
  4. Why not just use:

    do show run | redirect tftp://192.168.0.43/router.txt

    as the kron policy? Then you don't need additional commands to copy the config. I'm putting these on all my routers, naming the file after the router, so I have a central repository of backups that get automatically replaced once a week.

    ReplyDelete
  5. Can you do this also vice versa? e.g. copy tftp:x.x.x.x running-config? I cannot make it work because the command is interactive...

    ReplyDelete
    Replies
    1. Either disable the verbose option (there's a configuration command to do that) or use EEM with prompts. Both things are described somewhere on my blog.

      Delete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.