02-02-2011 07:04 AM - edited 03-03-2019 06:12 AM
I setup archive feature on our switch stack, thinking it will back up the full running config to an FTP server. The setup works fine when a write-memory is performed - the entire config gets sent to text file on FTP server. When it does a scheduled archive; however, the text file is virtually empty.
Here is the config:
Switch#sh run | beg archive
archive
path ftp://<server-ip>/A06_3750/$h-
write-memory
time-period 1440
!
Every 1440 minutes, my understanding is it would archive the config to the ftp server. Here is the text file it leaves instead:
!
! Last configuration change at 07:04:29 PST Sat Jan 29 2011 by user
! NVRAM config last updated at 06:52:01 PST Sat Jan 29 2011 by user
!
boot-start-marker
boot-end-marker
!
!
!
!
!
!
end
What am I missing here? Do I have to setup a kron job to run the "archive config" EXEC command?
02-08-2011 08:50 AM
Check out the below link for archive configuration on switches
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
02-13-2011 12:44 PM
Hi Michael,
use this config
archive
path tftp://172.16.0.30/INTERNET_ROUTER_BACKUP/$h
write-memory
kron occurrence BACKUP in 15:00:00 recurring
policy-list BACKUP_CONFIG
!
kron policy-list BACKUP_CONFIG
cli write memory
!
where INTERNET_ROUTER_BACKUP is the backup folder over TFTP server---- and ----- 15:00:00 is every 15 days
sh kron schedule
Kron Occurrence Schedule
BACKUP inactive, will run again in 14 days 23:59:29
HTH
02-15-2011 02:36 AM
Hi ahmed,
Your kron job will do a copy run start( or wr mem) every fortnight but will never write the running config to the tftp server.
If you want to do this with a kron job you'll have to issue following command in your kron policy: cli show run | redirect tftp:/172.16.0.30/xxx
But then no more need for the archive command.
Regards.
Alain.
02-15-2011 04:39 AM
Hi Alain,
YES you are right "never write the running config to the tftp server". I knew about this
I was not aware of redirect command.. i tried to configure redirect and remove archive configuration but it didnot work for me
Check my TFTP server logs.
Write request for file
Using local port 1449 [15/02 15:36:34.359]
Thanks & Regards
Ahmed...
02-15-2011 06:41 AM
Hi,
Can you post output of sh run | be kron and also while kron is active the ouput of debug ip packet 101
where 101 is ACl like this access-list 101 permit udp host "your router IP" host "your tftp server IP".
Regards.
Alain.
02-15-2011 09:55 AM
Router#sh run | be kron
kron occurrence BACKUP at 20:45 recurring
policy-list BACKUP
!
kron policy-list BACKUP
cli sh run | redirect tftp://172.16.0.30/TFTP
Feb 15 17:45:59.800: IP: tableid=0, s=172.16.0.1 (local), d=172.16.0.30 (FastEthernet0/0.1), routed via FIB
Feb 15 17:45:59.800: IP: s=172.16.0.1 (local), d=172.16.0.30 (FastEthernet0/0.1), len 41, sending
Feb 15 17:46:02.425: IP: tableid=0, s=172.16.0.1 (local), d=172.16.0.30 (FastEthernet0/0.1), routed via FIB
Feb 15 17:46:02.425: IP: s=172.16.0.1 (local), d=172.16.0.30 (FastEthernet0/0.1), len 544, sending
Feb 15 17:46:05.425: IP: tableid=0, s=172.16.0.1 (local), d=172.16.0.30 (FastEthernet0/0.1), routed via FIB
Feb 15 17:46:05.425: IP: s=172.16.0.1 (local), d=172.16.0.30 (FastEthernet0/0.1), len 544, sending
Feb 15 17:46:09.425: IP: tableid=0, s=172.16.0.1 (local), d=172.16.0.30 (FastEthernet0/0.1), routed via FIB
Feb 15 17:46:09.425: IP: s=172.16.0.1 (local), d=172.16.0.30 (FastEthernet0/0.1), len 544, sending
Feb 15 17:46:14.425: IP: tableid=0, s=172.16.0.1 (local), d=172.16.0.30 (FastEthernet0/0.1), routed via FIB
Feb 15 17:46:14.425: IP: s=172.16.0.1 (local), d=172.16.0.30 (FastEthernet0/0.1), len 544, sending
Feb 15 17:46:20.425: IP: tableid=0, s=172.16.0.1 (local), d=172.16.0.30 (FastEthernet0/0.1), routed via FIB
Feb 15 17:46:20.425: IP: s=172.16.0.1 (local), d=172.16.0.30 (FastEthernet0/0.1), len 544, sending
Feb 15 17:46:27.425: %SYS-3-URLWRITEFAIL: redirection url write failed 'Timed out'
TFTP SERVER LOGS
Connection received from 172.16.0.1 on port 52956 [15/02 20:45:56.078]
Write request for file
Using local port 1167 [15/02 20:45:56.093]
interstingly routers CPU goes up to 70%.
When i tried first time, i crashed my router and had to reconfigure again.
Thanks & Regards
Ahmed...
NOTE:dont look at debug time as i forgot to configure timestamp debug command after restoring my router config
02-15-2011 11:06 AM
Hi,
Can you try a copy run tftp://172.16.0.30 and if it fails can you sniff with wireshark or another software on the tftp server then send pcap file.
if it's ok then retry the kron and sniff on tftp server.
Regards.
Alain.
02-16-2011 09:56 AM
Hi Alain,
copy tftp was successful. but when i ran wireshark over TFTP server while configuring kron on my router, i got unusual error.few lines of my router were being sent to TFTP server repeatedly and i could see TFTP server received it properly but i could see ICMP Destination unreachable (port unreachable ) from TFTP server to router.
Actually in my pcap file which i ran on my server includes all other sensitives information, so i cant share that file here, please check the screenshots of it.
Thanks
02-16-2011 12:31 PM
hi,
Can you do the same when doing the copy tftp command and then compare the 2 ways to see any difference.
I don't understand why it's working with the copy command and not with the kron policy.
Regards.
Alain.
02-16-2011 01:43 PM
Hi,
I pointed out my issue, actually i have configured my NIC of server to be trunk port (intel VLANs option). when i tried same kron configuration to my notebook it worked as desired.
Thanks for i can use ths command for other devices as well.
09-21-2011 04:52 PM
The fix in my case was the following config:
archive
path ftp://
write-memory
kron occurrence backup at 0:01 recurring
policy-list backup
!
kron policy-list backup
cli archive config
I applied this to all my IOS devices and have had no issue since. Hope this helps others.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: