01-26-2019 07:40 AM - edited 03-08-2019 05:09 PM
I am looking at cost effective solutions to automatically backup around 80-200 switches. Due to the latter, I am researching the capability of the schedule and a Tcl script on the physical switch 2960x, and some 3750. The idea is to have the switch generate the backup and off-load to a tftp server.
I am conflicted – I can do these tasks with a Tcl\expect script from a server, and have the script login via SSH; however, I really do not want to manage a server and worry about passwords floating around in a Tcl\expect script. My skill set is not great with Linux/Windows security, nor do I want to worry about permissions and other aspects of a server; however, I will if needed.
So – my question is – does anyone use the schedule to auto generate backups? What is a cost-effective way to get automatic backups of switches? Currently I am just backup up my switches when a config change has been made. It seems to be working ‘OK’ for now, and it is only one more step once config changes have been made.
STEP 1: copy run start
STEP 2: copy start tftp
01-26-2019 08:08 AM
01-26-2019 08:10 AM
If you are using an application like SolarWinds to manage all your switches via SNMP, you can also use the same application to backup the configs daily nightly or any time you want.
HTH
01-26-2019 09:10 AM
There is 2 Option you have
1. if you know linux environment, you can setup with expect to backup automatically every night. making cron job.
2. Cattools is simple tool for windows, and it will do for you automatically and send report backup failed and success.
01-26-2019 03:17 PM
01-27-2019 01:52 AM
I understand the security concern, you can create a use who has only certain command to take back up and use in the script for backup only, so this will not get harm in terms of security.
or if you writing perl or shell, you make them as excutable, so no one can see the content inside.
Linux is like sky limit option and no cost involved.
The same task can be done in windows tried once long ago..but i still go with Linux. it has capabilites also with report what device backup and any changes and send report in the daily basis and strored.
we using Linux and nexus backup working as expected, this can be done with RAncid als.
I also like the idea @Leo Laohoo suggested. if taht suites your needs.
01-28-2019 05:40 AM
You make a good point about being compiled. I have used Perl in the past, and use Perl Packer to roll into executable; however, I have noted used the Perl Expect module from CPAN. Can you recommend a good CPAN Expect module?
I guess I can look into the Expect module for Python; however, always liked the native Expect/Tcl support the best. Yet not sure if you can compile Tcl scripts that leverage Expect.
01-26-2019 04:14 PM
archive log config logging enable hidekeys path tftp://<TFTP_IP_ADDRESS>/path/$h-$t time 86400 write-memory
(Except for the 2960X/XR, Cat 2K doesn't support TCL.)
Try the method above. There are two ways to save the config:
01-28-2019 05:36 AM
Thank you for the script. I should have pointed out that I am using 2960x - is anyone still using 2k Cat switches? I thought those units were end of life and if so, TIME FOR UPGRADE!!!
01-28-2019 09:40 PM
@romanroma wrote:
I should have pointed out that I am using 2960x
The script will work for a 2960/G/S/X/XR. Try it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide