Use 'configure replace' Instead of 'copy start run'
Newbie Cisco networking admins are typically taught the command copy running-config startup-config, or copy run start, to save their configurations to NVRAM (i.e. Flash memory). (This is in contrast to the older yet much much more convenient write memory command, or simply wr.) Students quickly realize that the corollary of copying the running configuration to the startup configuration is that the startup configuration can likewise be copied to the running configuration. However, this operation doesn't work quite like one might expect.
copy run start generates a new configuration file and overwrites entirely the previous configuration file. copy start run, however, acts more like a copy & paste operation: the contents of the startup configuration are processed as though they were issued via the CLI. This means that running configuration lines that aren't in the startup configuration won't be overwritten or removed. The result is usually a messy, incomplete configuration.
As an example, consider the following configuration excerpt from a startup configuration:
interface FastEthernet0/0 description WAN Uplink ip address 172.16.0.2 255.255.255.252 load-interval 60 duplex auto speed auto service-policy input Foo ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto
After a few changes are made to accommodate a new uplink, the running configuration now looks like this:
interface FastEthernet0/0 no ip address shutdown duplex auto speed auto ! interface FastEthernet0/1 description New WAN Uplink ip address 10.0.42.2 255.255.255.252 load-interval 60 duplex auto speed auto service-policy input Foo2
Before writing the new configuration to the startup configuration, the admin decides that the new uplink isn't ready yet and opts to revert the changes using copy start run, which he assumes will restore the running configuration to the startup configuration. Here is the result:
interface FastEthernet0/0 description WAN Uplink ip address 172.16.0.2 255.255.255.252 load-interval 60 shutdown duplex auto speed auto service-policy input Foo ! interface FastEthernet0/1 description New WAN Uplink no ip address load-interval 60 shutdown duplex auto speed auto service-policy input Foo2
We can see that a number of statements under interface FastEthernet0/1 remain from the prior running configuration. Additionally, the shutdown line was not removed from the FastEthernet0/0 interface as the startup configuration does not contain the no shutdown command.
A better alternative is to use the command configure replace, which is provided as part of IOS' configuration archival feature. This operation may take a moment depending on the size of your configuration file.
Router# configure replace nvram:startup-config This will apply all necessary additions and deletions to replace the current running configuration with the contents of the specified configuration file, which is assumed to be a complete configuration, not a partial configuration. Enter Y if you are sure you want to proceed. ? [no]: y *Mar 1 00:22:03.095: Rollback:Acquired Configuration lock. *Mar 1 00:22:06.619: %PARSER-6-EXPOSEDLOCKRELEASED: Exclusive configuration lock released from terminal '0' -Process= "Exec", ipl= 0, pid= 193 *Mar 1 00:22:08.627: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up *Mar 1 00:22:09.655: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up The rollback configlet from the last pass is listed below: ******** !List of Commands: line vty 0 4 no login end ******** Rollback aborted after 5 passes Router# *Mar 1 00:22:14.995: %PARSER-3-CONFIGNOTLOCKED: Unlock requested by process '193'. Configuration not locked. Router#
We can verify that our running configuration is now identical to our startup configuration:
interface FastEthernet0/0 description WAN Uplink ip address 172.16.0.2 255.255.255.252 load-interval 60 duplex auto speed auto service-policy input Foo ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto
As you might have guessed, configure replace can be used to load a configuration file from any supported filesystem, not just NVRAM/Flash.
About the Author
Jeremy Stretch is a networking engineer and the maintainer of PacketLife.net. He currently lives in the Raleigh-Durham area of North Carolina. Although employed full-time out of necessity, his true passion lies in improving the field of network engineering around the world. You can contact him by email or follow him on Twitter.
Comments
IOS in general is very weak with configuration management, I see that JunOS is more flexible and smarter in regards to management tasks.
"configure replace" is awesome, especially when you throw in the archive stuff. I may have posted about it on my blog awhile back.:p
Why does the output say "Rollback aborted after 5 passes"?
That sounds like it didn't complete its actions?
I used this command a lot during my CCIE training to bring back my routers to a my default setup after completing a chapter. Much better than "wr erase" and "reload".
You can simply setup your routers to a default config complete with interface descriptions and your console line with "no exec time-out", "logging sychronous", "privilige level 15", etc etc... save it to flash and once you have finished a study session you can reset back to your pre-configured default using that command. No need to reboot at all!
So "configure replace" has the same effect as "reload" without rebooting time?
This is an awsome way of timesaving.
Thanks!
Great blog post, however, I have just tried to use the command on a router with a certificate and it does not seem to play nicely.
This has been something that really has bugged be for a while. Actually since I attended a Cisco Networking Academy Program. Thanks for bringing it up! In the CNAP curriculum they tell you to use copy running-config startup-config, without telling you the consequences of using copy startup-config running-config.
And for people who are entirely new to the world of Cisco IOS it’s a recipe for confusion.
They should really just throw it out the windows and simply learn people to use "wr".
Being a Cisco turned Juniper engineer, I love the flexibility of JUNOS. Always thought Cisco may not have anything closer. So fear would always grip me when making some serious config changes on production devices. You solved my problem. Thank you for that.
Thanks for this awesome blog!
So, if I were replacing a switch with a new switch, could I copy running to flash. Then swap flash to new switch and then configure recover flash:"configfromoldswitch.txt?
Hi Stretch
I allways use this with the archive configuration, because I can allways go back to the initial config or stable config. Since I usually work remotely to the devices, it helps more than the "reload in".
Config:
!
archive
log config
hidekeys
path flash:$h.txt
maximum 4
write-memory
!
Verification:
877W_RPU#sh archive
The maximum archive configurations allowed is 14.
There are currently 1 archive configurations saved.
The next archive file will be named flash:877W_RPU.txt-1
Archive # Name
1 flash:877W.txt-0 <- Most Recent
2
3
4
Before making any alteration:
877W#configure replace flash:877W.txt-0 time 15
With this command if I loose access to the router the initial config will take place!!!
Cheers and continue the good work
Pedro Avila
So by using this command, will the links on the device incur any downtime by initiating a configure replace back to the startup config?
I work on a lot of devices and lay down a lot of configs. If I were to mix up my script and overwrite the wrong ports would I be able to use the configure replace command to revert back to the config prior to my changes without taking down connections on the device?
If so, that would be rather sweet.
I am curious...can this command be used to write the startup config to a brand new CF card? I need to replace one in the coming days and have not found anything helpful, besides an option to TFTP to the 2811 (which I find rather rediculous). Any insight or thoughts on this would be much appreciated...
Little late, but try using this:
switch#copy run flash:confbackup.txt
Destination filename [confbackup.txt]?
17984 bytes copied in 5.025 secs (3579 bytes/sec)
switch#sh flash
Directory of flash:/
2 -rwx 17984 May 9 2012 11:09:36 +02:00 config.text
3 -rwx 6732 May 9 2012 10:19:02 +02:00 vlan.dat
4 -rwx 1048 May 9 2012 11:09:36 +02:00 multiple-fs
5 -rwx 12106419 Dec 7 2011 15:22:46 +01:00 c3560-ipservicesk9-mz.122-50.SE4.bin
6 -rwx 17984 May 9 2012 11:18:36 +02:00 confbackup.txt
7 -rwx 1114 May 9 2012 11:09:36 +02:00 private-config.text
32514048 bytes total (20359168 bytes free)
Hilarious, I was going to write this exact blog post yesterday, but decided to postpone it.
Some things worth mentioning.. The list option ( ie Router# configure replace nvram:startup-config list ) will list all commands that will be applied to the router’s configuration. Great for tracking changes that the IOS makes to the current config.
Another thing worth talking about is using this in conjunction with configuration archives.
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gtrollbk.html