cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Using Kron to backup device configuration using non-native vlan

oslopez
Beginner
Beginner

Hi,

I'm trying to backup a 3560 Switch configuration in a remote TFTP server using Kron. The switch is connected to the Gateway router via the GigabitEthernet0/0 management port which is using a management vrf:

vrf forwarding Mgmt-vrf

 

A static route is included to ensure all management traffic goes thru that GW:

ip route vrf Mgmt-vrf 0.0.0.0 0.0.0.0 GigabitEthernet0/0 <GW-IP> name DEFAULT-MGM

 

On the remote side I have an Ubuntu server running tftpd-hpa.service, it has been verified as active. 

 

The path is Switch -> Gateway -> Backbone -> Server.

 

There are no Firewalls nor ACLs in between. I can ping the remote server from the switch as follows:

Switch# ping vrf Mgmt-vrf <Server-IP> source <Switch-IP>
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to <Server-IP>, timeout is 2 seconds:
Packet sent with a source address of <Switch-IP> 
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 560/572/590 ms

 

The other way around is also successful :

Server$ ping <Switch-IP>
PING <Switch-IP> 56(84) bytes of data.
64 bytes from <Switch-IP>: icmp_seq=1 ttl=247 time=575 ms
64 bytes from <Switch-IP>: icmp_seq=2 ttl=247 time=573 ms

 

So I created the following Policy and occurrence in kron to have the running configuration saved every day at 23:59 :

kron policy-list conf_bkp
 cli show running-config | redirect tftp://<Server-IP>/home/Backups/Switch.conf 
!
kron occurrence conf_bkp_Schedule at 23:59 recurring
 policy-list conf_bkp
!

 

Unfortunately, the policy is not working as expected because after two days, no configuration from this switch has been saved in the tftp server. I'm running the same policy in other devices and in those cases all is working fine. The main difference is that the other devices are communicating to the server via the native Vlan (Vlan 1) while the switch is communicating by using a vrf, But since the the switch and the server can ping each other thru the vrf, I'm wondering what's missing in this setup.

 

Thank you.

1 ACCEPTED SOLUTION

Accepted Solutions

Hi ngkin2010, Yes that solved the problem. Thanks!

View solution in original post

2 REPLIES 2

ngkin2010
Rising star
Rising star

Hi,

 

Did you try to specify the tftp source interface?

 

(config)# ip tftp source-interface <source-interface>

Hi ngkin2010, Yes that solved the problem. Thanks!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: