Configuration Replace
The Problem Cisco devices keep two copies of the configuration in memory. The startup-config is stored in NVRAM (non- volatile RAM) while the running-config(the configuration that the router uses) is stored in RAM. These two configurations can be ( and often are) different. Any changes you make to the router’s configuration alter the running-config. You can reconcile these configurations at any point by copying the running-configuration from RAM to NVRAM(‘write’, ‘write memory’, ‘copy run start’). So let’s say that you just totally boned - up your running configuration. Provided you haven’t locked yourself out of the router, you can get into configuration mode and start undoing the damage you’ve done. This is easy to do if you’ve only made a few changes and you know how to reverse them. What happens if you – or more likely – someone else has configured a lot of commands and you’re not sure what they are and/or how to reverse them. Or, your pointy- haired boss is over your shoulder and you’re under a time constraint. You know that the startup- config is stable, so it should be a simple matter of issuing the ‘copy start run’ command and replacing the corrupted running-config with the pure as the driven snow startup-config, right? Unfortunately, this copy command is more of a MERGE command and not a REPLACE command, so now you may have an even bigger mess on your hands.
Why ‘copy start run’ isn’t an option •The copy source-url running-config command is a merge operation and preserves all the commands from both the source file and the current running configuration. This command does not remove commands from the current running configuration that are not present in the source file. In contrast, the configure replace target-url command removes commands from the current running configuration that are not present in the replacement file and adds commands to the current running configuration that need to be added. •The copy source-url running-config command applies every command in the source file, whether or not the command is already present in the current running configuration. This algorithm is inefficient and, in some cases, can result in service outages. In contrast, the configure replace target-url command only applies the commands that need to be applied — no existing commands in the current running configuration are reapplied. •A partial configuration file may be used as the source file for the copy source-url running-config command, whereas a complete Cisco IOS configuration file must be used as the replacement file for the configure replace target-url command.
A Reload will work, but… You always have the option (provided that the startup configuration is stable) as the router will load the startup- config (that’s where the non -volatile part of NVRAM comes into play) into RAM and your startup- config and running- config will be one and the same. I call this a “hard replace”. Sure, you’ve fixed your issue, but most places I’ve worked at don’t take kindly to dropping a production router…especially during business hours. You’re also rolling the dice with router reloads. While Cisco routers are very good, they do occasionally lock up on reload. I like to minimize the number of reloads I perform. Let’s say that the startup -config is corrupt as well. Maybe some monkey wrote the config right after corrupting the running-config. Now a reload is worthless. What you would need to do now is somehow get a good configuration from an alternate source like a TFTP server. You could accomplish this, but it’s a little convoluted (copy from TFTP to flash:, write erase, copy flash: start, reload). Thankfully, Cisco has rolled out a feature which gives you the ability to REPLACE (not merge) the running- config with any valid, full configuration from a variety of sources (TFTP server, startup-config, flash:, etc).
‘configure replace’ to the rescue The configure replace command provides the capability to replace the current running configuration with any saved Cisco IOS configuration file. This functionality can be used to revert to a previous configuration state, effectively rolling back any configuration changes that were made since the previous configuration state was saved. When using the configure replace command, you must specify a saved Cisco IOS configuration as the replacement configuration file for the current running configuration. The replacement file must be a complete configuration generated by a Cisco IOS device (for example, a configuration generated by the copy running-config destination-url command), or, if generated externally, the replacement file must comply with the format of files generated by Cisco IOS devices. When the configure replace command is entered, the current running configuration is compared with the specified replacement configuration and a set of diffs is generated. The algorithm used to compare the two files is the same as that employed by the show archive config differences command. The resulting diffs are then applied by the Cisco IOS parser to achieve the replacement configuration state. Only the diffs are applied, avoiding potential service disruption from reapplying configuration commands that already exist in the current running configuration. This algorithm effectively handles configuration changes to order-dependent commands (such as access lists) through a multiple pass process. Under normal circumstances, no more than three passes are needed to complete a configuration replace operation, and a limit of five passes is performed to preclude any looping behavior.
configure replace ROUTER_2#show archive config differences nvram:startup-config system:running-config Contextual Config Diffs: +hostname ROUTER_2 interface FastEthernet0/0 +description ->WHIMMY WHAM WHAM WHUZZLE +ip address 10.1.123.1 255.255.255.0 +snmp-server host 10.1.1.100 PUBLIC -hostname r2 interface FastEthernet0/0 -description ->r1 f0/0 -ip address 10.1.12.2 255.255.255.0 ROUTER_2#configure replace nvram:startup-config This will apply all necessary additions and deletions to replace the current running configuration with the contents of the specified configuration file, which is assumed to be a complete configuration, not a partial configuration. Enter Y if you are sure you want to proceed. ? [no]: y *Mar 1 17:31:30.467: Rollback:Acquired Configuration lock. Total number of passes: 1 Rollback Done r2#show archive config differences nvram:startup-config system:running-config Contextual Config Diffs: !No changes were found
configure replace options r2#configure replace nvram:startup-config ? force Forcibly replace without prompting for user input ignorecase Ignore case list List the commands applied in each pass time Time for which to wait for confirmation <cr> force (Optional) - Replaces the current running configuration file with the specified saved Cisco IOS configuration file without prompting you for confirmation. list (Optional) - Displays a list of the command lines applied by the Cisco IOS software parser during each pass of the configuration replace operation. The total number of passes performed is also displayed. ignorecase (Optional) - Instructs the configuration to ignore the case of the configuration confirmation. time (Optional) - Time (in minutes) within which you must enter the configure confirm command to confirm replacement of the current running configuration file. If the configure confirm command is not entered within the specified time limit, the configuration replace operation is automatically reversed (in other words, the current running configuration file is restored to the configuration state that existed prior to entering the configure replace command). •The list keyword must be entered before the force and time keywords. •The force keyword must be entered before the time keyword.
configure replace - Configuration Lock In Cisco IOS Release 12.2(25)S, a locking feature for the configuration replace operation was introduced. When the configure replace command is enabled, the Cisco IOS running configuration file is locked by default for the duration of the configuration replace operation. This locking mechanism prevents other users from changing the running configuration while the replace operation is taking place, which might otherwise cause the replace operation to terminate unsuccessfully. You can disable the locking of the running configuration using the configure replace nolock command. The running configuration lock is automatically cleared at the end of the configuration replace operation. It is not expected that you should need to clear the lock manually during the replace operation, but as a protection against any unforeseen circumstances, you can manually clear the lock using the clear configuration lock command. You can also display any locks that may be currently applied to the running configuration using the show configuration lock command. Jan 7 12:18:54.736 UTC: Rollback:Acquired Configuration lock. Jan 7 12:19:01.488: %PARSER-6-EXPOSEDLOCKRELEASED: Exclusive configuration lock released from terminal '0' -Process= "Exec", ipl= 0, pid= 93 Jan 7 12:19:25.372: %PARSER-3-CONFIGNOTLOCKED: Unlock requested by process '93'. Configuration not locked.
Recommend
More recommend