Problem
You want to back up the router's configuration to a remote server.
Solution
You can use the following command to copy the active configuration file to a server:
aviva@router1> file copy /config/juniper.conf.gz server1:/homes/aviva/tmp aviva@server1's password: juniper.conf.gz 100% 2127 2.1KB/s 00:00
From configuration mode, use the save command to copy the candidate configuration to your home directory on a server:
[edit] aviva@router1# save server1:configuration-march02 aviva@server1's password: tempfile 100% 11KB 11.2KB/s 00:00 Wrote 433 lines of configuration to 'server1:configuration-march02'
You can also save it to a file in your home directory on the router:
[edit] aviva@router1# save configuration-march02 Wrote 433 lines of configuration to 'configuration-march02' aviva@router1# run file list /var/home/aviva: .ssh/ configuration-march02
Another way to back up configuration files is to automatically transfer the file each time you commit the configuration:
[edit system] aviva@router1# set archival configuration transfer-on-commit aviva@router1# set archival configuration archive-sites ftp: //aviva:password@server1. mynetwork.com:/m20-config-archives
Discussion
This recipe shows several ways to save a backup copy of the router's configuration. Use the first command from operational mode to copy the currently running version of the configuration to a server. The next two commands are configuration mode commands that save the candidate configuration either to a server or to your home directory on the router. If you use the save command after committing the configuration, you are effectively backing up the running configuration. The save command saves the configuration starting at your current hierarchy level. In this recipe, the commands are issued from the top hierarchy level (the [edit] level), so the entire configuration is saved. If you issue the command from a lower level, only that portion of the configuration is saved. The following command saves only the BGP configuration:
[edit protocols bgp] aviva@router1# save configuration-bgp-march02 Wrote 15 lines of configuration to 'configuration-bgp-march02'
Use the file show command to verify the contents:
[edit protocols bgp] aviva@router1# run file show configuration-bgp-march02 protocols { replace: bgp { export send-statics; group internal { type internal; local-address 10.0.0.1; neighbor 10.0.0.2; neighbor 10.0.0.3; neighbor 10.0.0.5; neighbor 10.0.0.4; neighbor 10.0.0.6; } } }
Notice that the CLI inserts the replace: tag into the file. If you later load this file into the configuration with the load replace configuration-bgp-march02 command, the CLI replaces the entire [edit protocols bgp] portion of the configuration with the contents of the file you are loading.
The last command in this recipe automatically transfers the configuration file each time you commit the configuration, in this case saving all files in the server's directory m20-config-archives. The file is saved in a compressed ( .gz) format with a name that includes the router name and the date and time of the commit operation, as in this example:
router1_juniper.conf.gz_20050627_190538
The numbers at the end of the filename are the date (27 June 2005) and the time (1905 hours, or 7:05 p.m., and 38 seconds). One thing to pay attention to is that the time is always in UTC, even if your router is set to run local time. A variation is to use the set archival command to save the configuration at specific time intervalshere, every 1,440 minutes (24 hours):
[edit system] aviva@router1# set archival configuration transfer-interval 1440 aviva@router1# set archival configuration archive-sites ftp://aviva:password@server1. mynetwork.com:/m20-config-archives
You can specify any interval from 15 minutes up to 2,880 minutes (48 hours).
One disadvantage of the set archival command is that the password is not encrypted in the configuration file but is shown in ASCII (clear text).
The JUNOS software also saves a copy of a configuration each time you activate it with any version of the commit command. The JUNOS software saves the last 50 versions of the configuration: the currently active configuration and the last 49 committed ones. The active (currently running) configuration (juniper.conf.gz) and the three most recent previous configurations (juniper.conf.1.gz, juniper.conf.2.gz, and juniper.conf.3.gz) are in the /config directory, which is on the router's flash disk. Because space is limited on the flash disk, the files are stored in a compressed format (.gz).
aviva@router1> file list /config /config: juniper.conf.1.gz juniper.conf.2.gz juniper.conf.3.gz juniper.conf.gz license/ rescue.conf.gz
The remaining configurationsnamed juniper.conf.4.gz through juniper.conf.49.gz are in the /var/db/config directory on the router's hard disk.
These files are also compressed.
aviva@router1> file list /var/db/config /var/db/config: juniper.conf++ juniper.conf.10.gz juniper.conf.11.gz juniper.conf.12.gz juniper.conf.13.gz juniper.conf.14.gz juniper.conf.15.gz … juniper.conf.49.gz juniper.conf.5.gz juniper.conf.6.gz juniper.conf.7.gz juniper.conf.8.gz juniper.conf.9.gz
Each time you commit a configuration, that configuration is named juniper.conf.gz, the existing juniper.conf.gz file is renamed juniper.conf.1.gz, and all the remaining numbered configurations from before are renumbered. This means that the JUNOS backup configuration files are continually renamed. This behavior points out one advantage of using the save command: it allows you to store the configuration in a file with a fixed name.
A publicly available software tool for archiving and monitoring router hardware and software configuration is RANCID (http://www.shurbbery.net/rancid). You can also use this tool to track configuration changes.
See Also
Recipe 1.18
Router Configuration and File Management
Basic Router Security and Access Control
IPSec
SNMP
Logging
NTP
Router Interfaces
IP Routing
Routing Policy and Firewall Filters
RIP
IS-IS
OSPF
BGP
MPLS
VPNs
IP Multicast