Catalyst Configuration File Management

Catalyst Configuration File Management

For complete system recovery, make sure that you have a copy of each Catalyst's configuration file stored somewhere other than on the Catalyst itself. If anything happens to the Catalyst Supervisor module, you might not be able to recover the configuration file. It is a crime to have to rebuild the entire configuration file from scratch during a system outage when it is easy to create a backup on a network accessible machine.

Through TFTP, you can store your configuration file on a TFTP server and recover it later when needed. The syntax varies depending upon the version of Supervisor module you have. Catalyst 5000 Supervisor III modules and Catalyst 6000s use a syntax more like a Cisco router than do the Catalyst 5000 Supervisor I or II modules.

Tip

TFTP servers are inherently weak, security wise. It is strongly recommended that you do not keep your configuration files in a TFTP directory space until you actually need to retrieve the file. System attackers who compromise your TFTP server can modify the configuration files without your knowledge to provide a security opening the next time a device downloads the configuration file from the server. Move your configuration files to secure directory spaces and copy them back to the TFTP directory space when you are ready to use them.

Although this adds another step to your recovery process, the security benefits frequently outweigh the procedural disadvantages.


Supervisor I and Supervisor II Module Configuration

To save a configuration file from either a Catalyst 5000 Supervisor I or Supervisor II module, use the write net command. Example 4-12 shows a session writing a configuration file to a TFTP server. The server's IP address and the filename are clearly seen in the output. Note that the filename is the name that you want to call the file on the server. This is not the name of the file in the Catalyst. There is only one configuration file residing in the Catalyst, so specifying a source file here is redundant.

Example 4-12 Uploading a Configuration File to a TFTP Server
   Console> (enable) write ?   Usage: write network          write terminal          write <host> <file>   Console> (enable) write net   IP address or name of remote host? 144.254.100.50   Name of configuration file? cat   Upload configuration to cat on 144.254.100.50 (y/n) [n]? y   …..   ………   ………   ……..   ……..   ..   Finished network upload. (6193 bytes)   Console> (enable) 

Retrieving a file from the server uses the command configure network. When retrieving a file, you need to specify the source filename on the TFTP server (see Example 4-13).

Example 4-13 Retrieving a Configuration File
   Console> (enable) configure ?   Usage: configure <host> <file>   Console> (enable) configure network   IP address or name of remote host? 144.254.100.50   Name of configuration file? cat   Configure using cat from 144.254.100.50 (y/n) [n]? y   /   Finished network download. (6193 bytes)   [Truncated output would show the configuration lines] 

Note that in the command usage output, the configure network option is not displayed. However, it is a valid option to use.

Supervisor III Module Configuration

Transferring Supervisor III and Catalyst 6000 configuration files via TFTP to another device looks more like a router command. The command copy config {flash | file-id | tftp} copies the configuration file to one of three locations. You can store the configuration file in the bootflash memory, a flash card in a flash slot (with an appropriate Supervisor III module), or to a TFTP server. When copying configuration files from or to the Catalyst, you need to specify the source filename. Because of the flash architecture on the Supervisor III, you might have several configuration files local. However, only one can be active. Therefore, you need to specify which of the local files you are trying to copy.

Recovering a configuration file works in reverse. If you intend to retrieve the file from a TFTP server, use the command copy tftp {flash | file-id | config}. When retrieving, you can write the configuration file to your bootflash, a flash card, or to the running configuration. If you intend to write the configuration file to your running configuration, use the command form copy tftp config. Example 4-14 shows a session recovering the configuration filename cat to a flash device.

Example 4-14 Recovering Configuration Files from a TFTP Server
   Console> (enable) copy tftp flash   IP address or name of remote host []? 144.254.100.50   Name of file to copy from []? cat   Flash device [slot0]? <ret>   Name of file to copy to [cat]? <ret> 

If you store your configuration file in your flash, you can recover it with the command copy flash{tftp | file-id | config}. Again, any of three destinations are possible.

If the file is on any other flash device, use the command copy file-id {tftp | flash | file-id| config}.



Cisco(r) LAN Switching
Cisco Catalyst LAN Switching
ISBN: B00007FYCI
EAN: N/A
Year: 2005
Pages: 223

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net