■Cisco Switch(2970G)のコンフィグ、vlan.datの保存、初期化、復元 Cisco IOS(WS-C2970G-24T-E)のバックアップ http://labunix.hateblo.jp/entry/20140330/1396189684 Cisco 1812-Jのコンフィグの保存、初期化、復元とssh鍵の再作成 http://labunix.hateblo.jp/entry/20140422/1398175148 ■ルータとの違いはvlan.datの削除が要ること。 S1>en S1#show running-config | include 2014 S1#verify /md5 system:running-config .Done! verify /md5 (system:running-config) = c3867fbc425bb2297bea382d0ae6c1e9 S1#verify /md5 nvram:startup-config .Done! verify /md5 (nvram:startup-config) = cfe1805e694e42c816fc4b119fd7ac0a S1#copy running-config flash:myswconfig20140422 Destination filename [myswconfig20140422]? 1511 bytes copied in 0.360 secs (4197 bytes/sec) ■vlan.datが無い環境なので、一時的に作成 1~1001までがvlan.datに。 1002~1005までは予約されている。 1006~4094までは拡張範囲VLANとしてstartup-configに保存される。 ※vlan database(vlan.dat)には保存されない。 S1#show flash: | include vlan.dat S1#configure terminal S1(config)#vtp mode transparent Device mode already VTP TRANSPARENT. S1(config)#vlan 10 S1(config-vlan)#name sample S1(config-vlan)#exit S1(config)#exit S1#show flash: | include vlan.dat 354 -rwx 616 Mar 1 1993 00:17:23 +00:00 vlan.dat S1#verify /md5 flash:vlan.dat .Done! verify /md5 (flash:vlan.dat) = 2b3d028fb6b6b75fdb71ff7f89cb4935 S1#configure terminal S1(config)#vtp mode transparent Device mode already VTP TRANSPARENT. S1(config)#no vlan 10 S1(config)#exit S1#show vlan | include sample S1#verify /md5 flash:vlan.dat .Done! verify /md5 (flash:vlan.dat) = 8f2d96f1537fcfab4f4e616557071be7 S1#copy flash:vlan.dat flash:vlan.dat.old Destination filename [vlan.dat.old]? Copy in progress...C 556 bytes copied in 0.025 secs (22240 bytes/sec) ■使えるのはtelnetサーバとftpクライアント 「archive」コマンドより、ルータと同じ「copy」コマンドを使う方が楽。 S1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. S1(config)#ip ftp usernam labunix S1(config)#ip ftp password XXXXXXXX S1(config)#end S1#copy nvram:startup-config ftp: Address or name of remote host []? 172.16.16.200 Destination filename [s1-confg]? myswconfig20140422001 Writing myswconfig20140422001 ! 1532 bytes copied in 1.099 secs (1394 bytes/sec) ■変更の保存 S1#show running-config | include 2014 ! Last configuration change at 15:15:18 UTC Tue Apr 22 2014 ! NVRAM config last updated at 15:23:25 UTC Tue Apr 22 2014 S1#write memory Building configuration... [OK] S1#copy running-config startup-config Destination filename [startup-config]? Building configuration... [OK] S1#show running-config | include 2014 ! Last configuration change at 15:15:18 UTC Tue Apr 22 2014 ! NVRAM config last updated at 15:25:26 UTC Tue Apr 22 2014 S1#show startup-config | include 2014 ! Last configuration change at 15:15:18 UTC Tue Apr 22 2014 ! NVRAM config last updated at 15:25:26 UTC Tue Apr 22 2014 S1#write memory Building configuration... [OK] S1#verify /md5 nvram:startup-config .Done! verify /md5 (nvram:startup-config) = dd23ef0abdcd1603d9d8285d7ec05c08 S1#verify /md5 system:running-config .Done! verify /md5 (system:running-config) = dd23ef0abdcd1603d9d8285d7ec05c08 S1#copy nvram:startup-config flash:myswconfig20140422001 Destination filename [myswconfig20140422001]? 1713 bytes copied in 0.050 secs (34260 bytes/sec) ■初期化 vlan.datの削除とstartup-configの削除の順番はどちらからでも良い。 S1# copy flash:vlan.dat flash:vlan.dat.old S1#delete flash:vlan.dat Delete filename [vlan.dat]? Delete flash:vlan.dat? [confirm] S1#show flash: | include vlan 356 -rwx 556 Mar 1 1993 00:34:06 +00:00 vlan.dat.old S1#erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK] Erase of nvram: complete S1# S1#reload System configuration has been modified. Save? [yes/no]: no Proceed with reload? [confirm] Would you like to enter the initial configuration dialog? [yes/no]: no Would you like to terminate autoinstall? [yes]: no Switch> ■復元したらvlan.datが作成されていた。 Switch>enable Switch#show flash: | include vlan 356 -rwx 556 Mar 1 1993 00:34:06 +00:00 vlan.dat.old Switch#copy flash:myswconfig20140422001 running-config Destination filename [running-config]? 1713 bytes copied in 0.193 secs (8876 bytes/sec) S1#show flash: | include vlan 353 -rwx 556 Mar 1 1993 00:02:40 +00:00 vlan.dat 356 -rwx 556 Mar 1 1993 00:34:06 +00:00 vlan.dat.old ■設定の変更 今回はタイムゾーンの修正 S1#show clock 15:45:07.950 UTC Tue Apr 22 2014 S1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. S1(config)#clock timezone JST +9 S1#show clock 00:47:21.456 JST Wed Apr 23 2014 S1#show running-config | include 2014 ! Last configuration change at 00:47:16 JST Wed Apr 23 2014 S1#write memory Building configuration... [OK] S1#show running-config | include 2014 ! Last configuration change at 00:47:16 JST Wed Apr 23 2014 ! NVRAM config last updated at 00:48:25 JST Wed Apr 23 2014 S1#show startup-config | include 2014 ! Last configuration change at 00:47:16 JST Wed Apr 23 2014 ! NVRAM config last updated at 00:48:25 JST Wed Apr 23 2014 S1#reload Proceed with reload? [confirm] S1>enable Password: S1#show running-config | include 2014 S1#copy system:running-config ftp: Address or name of remote host []? 172.16.16.200 Destination filename [s1-confg]? myswconfig20140422002 Writing myswconfig20140422002 ! 1719 bytes copied in 0.402 secs (4276 bytes/sec) S1#verify /md5 nvram:startup-config .Done! verify /md5 (nvram:startup-config) = 089e7e462ad187092ee74d4c24a9fbe6 S1#verify /md5 system:running-config .Done! verify /md5 (system:running-config) = 089e7e462ad187092ee74d4c24a9fbe6 ■Debian Wheezyからの確認 $ md5sum myswconfig20140422002 089e7e462ad187092ee74d4c24a9fbe6 myswconfig20140422002 ■telnetなのでssh鍵の再作成は不要。