Mailing List Archive

Restore config on cisco devices
Dear All,
I have rancid running and also installed viewvc and all working great and backing up switches and routersNow I just had one query about restoring the backed up config
if there is a router or switch failure and is replaced with a new same model router or switch can I follow the below steps for restore
1)  connect the switch to console2) login to new switch3) copy and paste the config from the rancid backup
write the config and reboot
Is that OK or is there any other way to restore , 
I would really appreciate your kind help

Thanks and regards
simon
Restore config on cisco devices [ In reply to ]
Dear All,
I have rancid running and also installed viewvc and all working great and backing up switches and routersNow I just had one query about restoring the backed up config
if there is a router or switch failure and is replaced with a new same model router or switch can I follow the below steps for restore
1)  connect the switch to console2) login to new switch3) copy and paste the config from the rancid backup
write the config and reboot
Is that OK or is there any other way to restore , 
I would really appreciate your kind help

Thanks and regards
simon
Re: Restore config on cisco devices [ In reply to ]
Tue, Sep 28, 2021 at 06:58:33AM +0000, simon ben:
> Dear All,
> I have rancid running and also installed viewvc and all working great and backing up switches and routersNow I just had one query about restoring the backed up config
> if there is a router or switch failure and is replaced with a new same model router or switch can I follow the below steps for restore
> 1)? connect the switch to console2) login to new switch3) copy and paste the config from the rancid backup
> write the config and reboot
> Is that OK or is there any other way to restore ,?

Yes, in general this works. If you have configured rancid to filter
passwords or other configuration contents, then those must be restored
separately. And, there are a few devices that simply have bugs (imo)
that do not permit the configuration they display to be loaded in their
entirety; ISTR procurve being one.

Another way to restore the config, instead of cut/paste, is to apply
the minimal config to the device for network connectivity, then use
http/rcp/ftp/tftp to load the config. Not all devices support this.

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@www.shrubbery.net
https://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: Restore config on cisco devices [ In reply to ]
Dear Heasley 
Thanks for your quick reply. 
just wanted to know regarding the alternate way mentioned by you after doing a minimum config for the cisco switch or router for network connectivity as guess it would be a better option
Is it possible to restore the config from viewvc screen from the browser as I dont see any option neither no option to down and save it as a file on my local desktop pc
appreciate your advice and help if the restore could be done from viewvc screen or if any tool is available with viewvc to achieve this
Thanks and Regards
simon


On Tuesday, September 28, 2021, 07:42:35 PM GMT+3, heasley <heas@shrubbery.net> wrote:

Tue, Sep 28, 2021 at 06:58:33AM +0000, simon ben:
> Dear All,
> I have rancid running and also installed viewvc and all working great and backing up switches and routersNow I just had one query about restoring the backed up config
> if there is a router or switch failure and is replaced with a new same model router or switch can I follow the below steps for restore
> 1)  connect the switch to console2) login to new switch3) copy and paste the config from the rancid backup
> write the config and reboot
> Is that OK or is there any other way to restore , 

Yes, in general this works.  If you have configured rancid to filter
passwords or other configuration contents, then those must be restored
separately.  And, there are a few devices that simply have bugs (imo)
that do not permit the configuration they display to be loaded in their
entirety; ISTR procurve being one.

Another way to restore the config, instead of cut/paste, is to apply
the minimal config to the device for network connectivity, then use
http/rcp/ftp/tftp to load the config.  Not all devices support this.
Re: Restore config on cisco devices [ In reply to ]
Thu, Sep 30, 2021 at 05:53:51AM +0000, simon ben:
> just wanted to know regarding the alternate way mentioned by you after doing a minimum config for the cisco switch or router for network connectivity as guess it would be a better option
> Is it possible to restore the config from viewvc screen from the browser as I dont see any option neither no option to down and save it as a file on my local desktop pc

No, viewvc is only a CVS repository viewer.

> appreciate your advice and help if the restore could be done from viewvc screen or if any tool is available with viewvc to achieve this

Each device family may require its own procedure to restore a config, possibly
manual cut/paste. One could automate it with expect talking to the console,
but I have not done this.

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@www.shrubbery.net
https://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: Restore config on cisco devices [ In reply to ]
Dear Heasley,
Once again really appreciate your quick response and thanks for the clarification

regards
simon

On Thursday, September 30, 2021, 11:07:37 PM GMT+3, heasley <heas@shrubbery.net> wrote:

Thu, Sep 30, 2021 at 05:53:51AM +0000, simon ben:
> just wanted to know regarding the alternate way mentioned by you after doing a minimum config for the cisco switch or router for network connectivity as guess it would be a better option
> Is it possible to restore the config from viewvc screen from the browser as I dont see any option neither no option to down and save it as a file on my local desktop pc

No, viewvc is only a CVS repository viewer.

> appreciate your advice and help if the restore could be done from viewvc screen or if any tool is available with viewvc to achieve this

Each device family may require its own procedure to restore a config, possibly
manual cut/paste.  One could automate it with expect talking to the console,
but I have not done this.
Re: Restore config on cisco devices [ In reply to ]
Pasting into a Cisco comes with risks, as it won't negate any default
configuration that is already there. The safest approach is to give the
switch a temporary IP address, and then TFTP / FTP the file into the
startup-config position and reboot.

On Thu, 30 Sept 2021 at 21:07, heasley <heas@shrubbery.net> wrote:

> Thu, Sep 30, 2021 at 05:53:51AM +0000, simon ben:
> > just wanted to know regarding the alternate way mentioned by you after
> doing a minimum config for the cisco switch or router for network
> connectivity as guess it would be a better option
> > Is it possible to restore the config from viewvc screen from the browser
> as I dont see any option neither no option to down and save it as a file on
> my local desktop pc
>
> No, viewvc is only a CVS repository viewer.
>
> > appreciate your advice and help if the restore could be done from viewvc
> screen or if any tool is available with viewvc to achieve this
>
> Each device family may require its own procedure to restore a config,
> possibly
> manual cut/paste. One could automate it with expect talking to the
> console,
> but I have not done this.
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss@www.shrubbery.net
> https://www.shrubbery.net/mailman/listinfo/rancid-discuss
>
Re: Restore config on cisco devices [ In reply to ]
Even with this, there are caveats, and it should be tested on a non-production unit and put into SOP form. Examples of things that can bite you:

1. Passwords might be obfuscated. If you’re not careful, some configurations can make it so that you can’t log on to the CLI, and would require a password recovery procedure to regain access to the unit. In some super-duper high security environments, you might not be able to recover the password and would need to RMA the unit. There’s a rancid parameter that I think addresses this, but test for it.

2. Passwords are not the only things obfuscated. Our ISIS keystrings and SNMP community strings I think are also obfuscated in rancid. I think there’s similarly a rancid parameter that affects this (might be the same one).

3. Some parameters are not stored in the running-config. VTP is particularly notorious about this. Even if you have “vtp mode off”, not everything is in the running config. I’m running vtp version 3 / vtp mode off, and a “show run | include vtp” the “vtp mode off” shows up but “vtp version 3” does not. Versions 1 and 2 had this messed up idea about extended VLANs that made a mess of some of our noisy edge cases, and we needed to set VTPv3 to fix them.

4. Depending on the particular operating system (ASAOS, IOS, NX-OS, etc) I’ve found different experiences with TFTP. Sometimes I needed to use the full path, sometimes just the relative path from the tftproot folder, sometimes something else. I’ve never had an issue with SCP (and I’ve not tested FTP).

End result: test, test, test, document, retest, update documentation, and test again.

[Description: Description: Description: Description: cid:image001.png@01CC278D.7D527650]

Weylin Piegorsch | Manager, Network Engineering
Boston University Information Services & Technology
weylin@bu.edu<mailto:weylin@bu.edu> | 617.353.8128 | bu.edu/tech<http://www.bu.edu/tech>
Listen. Learn. Lead.






From: Craig Hopkins <c.o.hopkins@gmail.com>
Date: Friday, October 1, 2021 at 6:07 AM
To: heasley <heas@shrubbery.net>
Cc: simon ben <guy20034u@yahoo.com>, "rancid-discuss@shrubbery.net" <rancid-discuss@shrubbery.net>
Subject: Re: [rancid] Restore config on cisco devices

Pasting into a Cisco comes with risks, as it won't negate any default configuration that is already there. The safest approach is to give the switch a temporary IP address, and then TFTP / FTP the file into the startup-config position and reboot.

On Thu, 30 Sept 2021 at 21:07, heasley <heas@shrubbery.net<mailto:heas@shrubbery.net>> wrote:
Thu, Sep 30, 2021 at 05:53:51AM +0000, simon ben:
> just wanted to know regarding the alternate way mentioned by you after doing a minimum config for the cisco switch or router for network connectivity as guess it would be a better option
> Is it possible to restore the config from viewvc screen from the browser as I dont see any option neither no option to down and save it as a file on my local desktop pc

No, viewvc is only a CVS repository viewer.

> appreciate your advice and help if the restore could be done from viewvc screen or if any tool is available with viewvc to achieve this

Each device family may require its own procedure to restore a config, possibly
manual cut/paste. One could automate it with expect talking to the console,
but I have not done this.

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@www.shrubbery.net<mailto:Rancid-discuss@www.shrubbery.net>
https://www.shrubbery.net/mailman/listinfo/rancid-discuss