Contents

Managing configuration files· 1

Overview·· 1

Configuration types· 1

Configuration file content organization and format 1

Startup with a configuration file· 2

FIPS compliance· 2

Saving the running configuration· 2

Enabling configuration encryption· 2

Saving configuration by using different methods· 3

Using automatic configuration backup after a software upgrade· 3

Specifying a configuration file for the next startup· 4

Backing up the next-startup configuration file to a TFTP server 4

Restoring the next-startup configuration file from a TFTP server 5

Deleting the next-startup configuration file· 5

Displaying and maintaining configuration files· 6

 

Managing configuration files

Overview

A configuration file saves configurations as a set of text commands. You can save the running configuration to a configuration file so the configuration takes effect after you reboot the device. You can also back up the configuration file on to a host and download the file to the device as needed.

You can use the CLI or the BootWare menus to manage configuration files. This chapter only describes managing configuration files from the CLI.

Configuration types

The device has the following types of configurations: factory defaults, startup configuration, and running configuration.

Factory defaults

The device is shipped with some basic settings called "factory defaults." These default settings make sure the device can start up and run correctly when it has no configuration file or when the configuration file is corrupt.

Factory defaults vary with device models and might differ from the default settings of commands.

To display factory defaults, use the display current-configuration command the first time you start up the device before making any configuration.

Startup configuration

The device uses startup configuration to configure software features during startup. After the device starts up, you can specify a different configuration file to be loaded at the next startup. This configuration file is called the "next-startup configuration file." The configuration file that has been loaded is called the "current startup configuration file."

You can display the current startup configuration in either of the following ways:

·          Execute the display startup command. To display detailed file contents, use the more command.

·          After the device reboots, execute the display current-configuration command before making any configuration changes.

Running configuration

The running configuration includes startup settings that have not been changed and new settings you made. The running configuration is stored in the memory and is cleared at a device reboot or power off. To use the running configuration after a power cycling or reboot, save it to a configuration file.

To display the running configuration, use the display current-configuration command.

Configuration file content organization and format

	IMPORTANT: To run on the device, a configuration file must meet the content and format requirements. To ensure a successful configuration loading at startup, use a configuration file created on the device. If you edit the configuration file, make sure all edits are compliant with the requirements.

 

A configuration file must meet the following requirements:

·          All commands are saved in their complete form.

·          Commands are sorted in sections by view, typically in this order: system view, interface view, protocol views, and user interface view.

·          Sections are separated with one or more blank lines or comment lines that start with a pound sign (#).

·          The configuration file ends with the word return.

You can execute the save command to save the running configuration to a configuration file. To ensure that the configuration file can be loaded, H3C recommends not editing the content and format of the configuration file.

Startup with a configuration file

The device selects the configuration file to load at startup, as follows:

1.        If you have specified a startup configuration file that already exists on the storage medium, the device starts up with this startup configuration file.

2.        If the specified startup configuration file does not exist, the device starts up with the factory defaults.

FIPS compliance

The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide.

Saving the running configuration

To make configuration changes take effect at the next startup, save the running configuration to the startup configuration file to be used at the next startup before rebooting the device.

Complete the following tasks to save the running configuration:

 

Task	Remarks
Enabling configuration encryption	Optional. Perform this task to make sure a configuration file is accessible only to trustworthy devices.
Saving configuration by using different methods	Required.

 

Enabling configuration encryption

Configuration encryption enables the device to automatically encrypt a startup configuration file when saving the running configuration to it. This function provides the following methods:

·          Private key method—Only the current device can decrypt the encrypted configuration file.

·          Public key method—Any device that supports the configuration encryption function can decrypt the encrypted configuration file.

To view encrypted configuration, use the display saved-configuration command instead of the more command. If you use the more command, the system displays a failure message or garbled text.

To enable configuration encryption:

 

Step	Command	Remarks
1.       Enter system view.	system-view	N/A
2.       Enable configuration encryption.	configuration encrypt { private-key | public-key }	By default, configuration encryption is disabled. Configuration is saved unencrypted.

 

Saving configuration by using different methods

When saving the running configuration to a configuration file, you can specify the file as the next-startup configuration file.

If you are specifying the file as the next-startup configuration file, use one of the following methods to save the configuration:

·          Fast mode—Use the save command without the safely keyword. In this mode, the device directly overwrites the target next-startup configuration file. If a reboot or power failure occurs during this process, the next-startup configuration file is lost. You must re-specify a new startup configuration file after the device reboots (see "Specifying a configuration file for the next startup").

·          Safe mode—Use the save command with the safely keyword. Safe mode is slower than fast mode, but more secure. In safe mode, the system saves configuration in a temporary file and starts overwriting the target next-startup configuration file after the save operation is complete. If a reboot or power failure occurs during the save operation, the next-startup configuration file is still retained.

Use the safe mode if the power source is not reliable or you are remotely configuring the device.

The configuration file extension must be .cfg.

To save the running configuration, perform either of the following tasks in any view:

 

Task	Command	Remarks
Save the running configuration to a configuration file without specifying the file as the next-startup configuration file.	save file-url	N/A
Save the running configuration to a configuration file and specify the file as the next-startup configuration file.	save [ safely ] [ force ]	If the force keyword is specified, the command saves the configuration to the existing next-startup configuration file. If the force keyword is not specified, the command allows you to specify a next-startup configuration file.

 

Using automatic configuration backup after a software upgrade

After a software upgrade, the next-startup configuration file created on the old software version might have settings that are incompatible with the new software version.

To verify the compatibility of the next-startup configuration file with the software version and enable automatic configuration backup, use the save command the first time you save configuration to the file after a software upgrade.

If any incompatibility is found, the system uses the running configuration to overwrite the configuration file after backing up the file for future rollback. The backup file is named in the _old-filename_bak.cfg format. For example, if the old configuration file is named config.cfg, the backup file is named _config_bak.cfg.

Make sure the storage medium has enough space for the backup configuration file and the new next-startup configuration file.

To load the backup configuration file after a software downgrade, specify the backup file as the next-startup configuration file.

Specifying a configuration file for the next startup

You can specify a .cfg configuration file as the startup configuration file to be used at the next startup when you use the save command to save the running configuration to it.

Alternatively, perform the following task in user view to specify the next-startup configuration file:

 

Task	Command	Remarks
Specify the next-startup configuration file.	startup saved-configuration cfgfile	The configuration file must use the .cfg extension and be saved in the root directory of the storage medium.

 

Backing up the next-startup configuration file to a TFTP server

Before performing this task, make sure the following requirements are met:

·          The server is reachable.

·          The server is enabled with TFTP service.

·          You have read and write permissions to the server.

To back up the next-startup configuration file to a TFTP server:

 

Step	Command	Remarks
1.       Verify that the next-startup configuration file has been specified in user view.	display startup	Optional. If no next-startup configuration file has been specified, the backup operation will fail.
2.       Verify that the specified configuration file exists on the device.	dir	Optional. If the specified next-startup configuration file does not exist on the device, the backup operation will fail.
3.       Back up the next-startup configuration file to a TFTP server in user view.	backup startup-configuration to dest-addr [ dest-filename ]	This command is not supported in FIPS mode.

 

Restoring the next-startup configuration file from a TFTP server

Perform this task to download a configuration file from a TFTP server to the device and specify the file as the next-startup configuration file.

Before restoring the next-startup configuration file, make sure the following requirements are met:

·          The server is reachable.

·          The server is enabled with TFTP service.

·          You have read and write permissions to the server.

To restore the next-startup configuration file from a TFTP server:

 

Step	Command	Remarks
1.       Restore the next-startup configuration file from a TFTP server in user view.	restore startup-configuration from src-addr src-filename	This command is not supported in FIPS mode.
2.       Verify that the specified configuration file has been set as the next-startup configuration file.	display startup	Optional.
3.       Verify that the specified configuration file exists on the device.	dir	Optional.

 

Deleting the next-startup configuration file

	CAUTION: This task permanently deletes the next-startup configuration file from the device. Before performing this task, back up the file as needed.

 

Delete the next-startup configuration file if one of the following occurs:

·          After you upgrade system software, the file does not match the new system software.

·          The file is corrupt or not fully compatible with the device.

After the file is deleted, the device uses factory defaults at the next startup.

Perform the following task in user view:

 

Task	Command
Delete the next-startup configuration file.	reset saved-configuration

 

Displaying and maintaining configuration files

Task	Command	Remarks
Display the running configuration.	display current-configuration [ configuration [ configuration ] | interface [ interface-type [ interface-number ] ] | exclude modules ] [ by-linenum ] [ | { begin | exclude | include } regular-expression ]	Available in any view.
Display the next-startup configuration file.	display saved-configuration [ by-linenum ] [ | { begin | exclude | include } regular-expression ]	Available in any view.
Display names of the configuration files used at this startup and the next startup.	display startup [ | { begin | exclude | include } regular-expression ]	Available in any view.
Display the valid configuration in the current view.	display this [ by-linenum ] [ | { begin | exclude | include } regular-expression ]	Available in any view.