Login
- Table of Contents
-
- 01-Fundamentals Configuration Guide
- 00-Preface
- 01-CLI configuration
- 02-Login management configuration
- 03-RBAC configuration
- 04-FTP and TFTP configuration
- 05-File system management configuration
- 06-Configuration file management configuration
- 07-Software upgrade configuration
- 08-ISSU configuration
- 09-Device management configuration
- 10-Python configuration
- 11-License management(HP不支持)
- 12-Preprovisioning feature configuration
- 13-Automatic configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 06-Configuration file management configuration | 143.97 KB |
Startup configuration loading process
Startup configuration file selection
Configuration file content organization and format
General configuration restrictions and guidelines
Enabling configuration encryption
Comparing configurations for their differences
Saving the running configuration
Using different methods to save the running configuration
Configuring configuration commit delay
Specifying a next-startup configuration file
Backing up the main next-startup configuration file to a TFTP server
Restoring the main next-startup configuration file from a TFTP server
Deleting a next-startup configuration file
Displaying and maintaining configuration files
Managing configuration files
Overview
You can manage configuration files from the CLI or the BootWare menus. The following information explains how to manage configuration files from the CLI.
A configuration file saves a set of commands for configuring software features on the device. You can save any configuration to a configuration file so the configuration can survive a reboot. You can also back up configuration files to a host for future use.
Configuration types
The configuration loaded at startup is called startup configuration and the configuration that is running on the device is called running configuration in this chapter.
Startup configuration
The device uses startup configuration to configure software features during startup.
The following are sources of startup configuration:
· Initial settings—Initial values or states for parameters. If the device starts up with empty configuration, all parameters use their initial settings at startup.
· Startup configuration file—Configuration file you specify in the BootWare menus or CLI for startup. The file is called the next-startup configuration file. After the file is loaded at startup, it is also called the current startup configuration file. For high availability, you can specify two next-startup configuration files, one main and one backup (see "Specifying a next-startup configuration file").
To display the names of the current startup configuration file and the next-startup configuration files, use the display startup command.
To display the contents of the configuration file for the next system startup, use the display saved-configuration command.
Running configuration
The running configuration includes startup settings that have not been changed and new settings you made. The running configuration is stored in memory and is cleared at a device reboot or power off. To use the running configuration after a power cycling or reboot, save it to a configuration file.
To view the running configuration, use the display current-configuration command. The displayed configuration does not include parameters that use initial settings.
Startup configuration loading process
Figure 1 shows the configuration loading process during startup.
Figure 1 Configuration loading process during startup
The device uses the following process to select the configuration to load at startup:
1. If you access the BootWare menus to select the Skip Current System Configuration option, the device starts up with empty configuration. All parameters use their initial settings.
2. If you do not access the BootWare menus to select the Skip Current System Configuration option, the following process applies:
a. If you have specified a main startup configuration file, and this configuration file is available, the device starts up with this startup configuration file.
b. If you have not specified a main startup configuration file, or the specified main startup configuration file is not available, the device searches for the backup startup configuration file.
c. If you have not specified a backup startup configuration file, or the specified backup startup configuration file is not available, the device starts up with initial settings.
Configuration file formats
Configuration files you specify for saving configuration must use the .cfg extension. A .cfg configuration file is a human-readable text file. When you save configuration to a .cfg file, the device automatically saves the configuration to an .mdb binary file that has the same name as the .cfg file. The device loads an .mdb file faster than loading a .cfg file. You are allowed to delete an .mdb file but disallowed to create an .mdb file or access its contents.
Startup configuration file selection
At startup, the device uses the following procedure to identify the configuration file to load:
1. The device searches for a valid .cfg next-startup configuration file.
2. If one is found, the device searches for an .mdb file that has the same name and content as the .cfg file.
3. If an .mdb file has the same name and content as the .cfg file, the device starts up with the .mdb file. If none is found, the device starts up with the .cfg file.
Unless otherwise stated, the term "configuration file" in this document refers to a .cfg configuration file.
Configuration file content organization and format
|
|
IMPORTANT: To run on the device, a configuration file must meet the content and format requirements. To ensure a successful configuration load at startup, use a configuration file that was automatically created on the device or created by using the save command. If you edit the configuration file, make sure all edits are compliant with the requirements. |
A configuration file must meet the following requirements:
· All commands are saved in their complete form.
· Commands are sorted in sections by different command views, including system view, interface views, protocol views, and user line views.
· Two adjacent sections are separated by a comment line that starts with a pound sign (#).
· The configuration file ends with the word return.
The following is a sample configuration file excerpt:
#
local-user root
password hash $h$6$Twd73mLrN8O2vvD5$Cz1vgdpR4KoTiRQNE9pg33gU14Br2p1VguczLSVyJLO2huV5Syx/LfDIf8ROLtVErJ/C31oq2rFtmNuyZf4STw==
service-type ssh telnet terminal
authorization-attribute user-role network-admin
#
interface FortyGigE1/0/1
port link-mode route
ip address 1.1.1.1 255.255.255.0
#
FIPS compliance
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide.
General configuration restrictions and guidelines
When you manage the next-startup configuration files, follow these restrictions and guidelines:
· Save the next-startup configuration files to the root directory of the default storage medium on each MPU. The device loads startup configuration files only from the default storage medium. You can access the BootWare menus to specify the built-in flash memory or the USB disk as the default storage medium.
· Make sure all MPUs use the same type of storage medium as the default storage medium.
· If the USB disk is used to store the startup configuration files, the file must be saved to the root directory of the first partition on the USB disk. Do not remove the USB disk during the startup process. If you remove the USB disk, one of the following events occurs:
¡ In standalone mode, the device will start up with the initial settings.
¡ In an IRF fabric, the device will leave the IRF fabric at startup and run the initial settings.
Enabling configuration encryption
|
|
IMPORTANT: Any devices running Comware 7 software can decrypt the encrypted configuration files. To prevent an encrypted file from being decoded by unauthorized users, make sure the file is accessible only to authorized users. You cannot use the more command to view the contents of an encrypted configuration file. |
Configuration encryption enables the device to encrypt a startup configuration file automatically when it saves the running configuration. All devices running Comware 7 software use the same private key or public key to encrypt configuration files.
To enable configuration encryption:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable configuration encryption. |
configuration encrypt { private-key | public-key } |
By default, configuration encryption is disabled. Configuration is saved unencrypted. |
Comparing configurations for their differences
You can compare configuration files or compare a configuration file with the running configuration for their differences.
If you specify the next-startup configuration for a comparison, the system selects the next-startup configuration file to be compared with in the following order:
1. The main next-startup configuration file.
2. The backup next-startup configuration file if the main next-startup configuration file is unavailable or corrupt.
If both the main and backup next-startup configuration files are unavailable or corrupt, the system displays a message indicating that no next-startup configuration files exist.
To compare configurations for their differences in any view:
|
Task |
Command |
|
Display the differences that a configuration file, the running configuration, or the next-startup configuration has as compared with the specified source configuration file. |
display diff configfile file-name-s { configfile file-name-d | current-configuration | startup-configuration } |
|
Display the differences that a configuration file or next-startup configuration has as compared with the running configuration. |
display diff current-configuration { configfile file-name-d | startup-configuration } |
|
Display the differences that a configuration file has as compared with the next-startup configuration. |
display diff startup-configuration configfile file-name-d |
|
Display the differences that the running configuration has as compared with the next-startup configuration. |
·
Method 1: ·
Method 2: |
Saving the running configuration
Restrictions and guidelines
After you remove a card, the card's settings are removed from the running configuration and will not be recovered until the replacement card is inserted. Saving the running configuration before installing the replacement card will remove the card's settings from the next-startup configuration file.
If you have saved the running configuration after removing a card, perform the following steps to restore the card settings to the next-startup configuration file:
1. Install the replacement card.
2. After the replacement card comes online, execute the display current-configuration command to verify that the card's settings have been automatically restored to the running configuration.
3. Save the running configuration to the next-startup configuration file.
|
|
IMPORTANT: To ensure a successful configuration restoration, make sure the device has not rebooted after the card was removed. |
On an IRF fabric, a member device's settings will be removed from the running configuration if that member device leaves because of an IRF split. Saving the running configuration before the IRF fabric recovers will remove the member device's settings from the next-startup configuration file.
If you have saved the running configuration before the member device rejoins the IRF fabric, perform the following steps to restore the member device settings to the next-startup configuration file:
1. Resolve the split issue.
2. Reboot the member device to rejoin the IRF fabric.
3. After the member device rejoins the IRF fabric, execute the display current-configuration command to verify that the member device's settings have been restored to the running configuration.
4. Save the running configuration to the next-startup configuration file on the IRF fabric.
|
|
IMPORTANT: To ensure a successful configuration restoration, make sure the IRF fabric has not rebooted after the member device left. |
Using different methods to save the running configuration
When you save the running configuration to a configuration file, you can specify the file as the next-startup configuration file.
If you are specifying the file as a next-startup configuration file, use one of the following methods to save the configuration:
· Fast mode—Use the save command without the safely keyword. In this mode, the device directly overwrites the target next-startup configuration file. If a reboot or power failure occurs during this process, the next-startup configuration file is lost. You must specify a new startup configuration file after the device reboots (see "Specifying a next-startup configuration file").
· Safe mode—Use the save command with the safely keyword. Safe mode is slower than fast mode, but more secure. In safe mode, the system saves the configuration in a temporary file and starts overwriting the target next-startup configuration file after the save operation is complete. If a reboot or power failure occurs during the save operation, the next-startup configuration file is still retained.
As a best practice, use the safe mode if the power source is not reliable or you are remotely configuring the device.
To save the running configuration, perform one of the following tasks in any view:
|
Task |
Command |
Remarks |
|
Save the running configuration to a configuration file. |
·
In standalone mode: ·
In IRF mode: |
N/A |
|
Save the running configuration to a configuration file in the root directory of each MPU's default storage medium and specify the file as a next-startup configuration file. |
save [ safely ] [ backup | main ] [ force ] |
If you execute the save [ safely ] command without specifying any other keyword, the command saves the configuration to the main startup configuration file. If the force keyword is specified, the command saves the configuration to the existing next-startup configuration file. If the force keyword is not specified, the command allows you to specify a new next-startup configuration file. |
Configuring configuration commit delay
This feature enables the system to automatically remove the settings you made during a configuration commit delay interval if you have not manually committed them.
You specify the configuration commit delay interval by using the configuration commit delay timer. Any settings made during the delay interval will be automatically removed if you have not manually committed them before the timer expires.
This feature prevents a misconfiguration from causing the inability to access the device and is especially useful when you configure the device remotely.
When you use this feature, follow these restrictions and guidelines:
· In a multi-user context, make sure no one else is configuring the device.
· You cannot perform any operations during the configuration rollback.
· The configuration commit delay feature is a one-time setting. The feature is disabled when the commit delay timer expires or after a manual commit is performed.
· You can reconfigure the configuration commit delay timer before it expires to shorten or extend the commit delay interval. The settings made during the delay interval will be removed if you have not committed them before the new timer expires.
To configure the configuration commit delay feature:
|
Step |
Command |
|
1. Enter system view. |
system-view |
|
2. Start the commit delay timer. |
configuration commit delay delay-time |
|
3. (Optional.) Commit the settings configured after the commit delay timer started. |
configuration commit |
Specifying a next-startup configuration file
|
|
CAUTION: Using the undo startup saved-configuration command can cause an IRF split after the IRF fabric or an IRF member reboots. When you execute this command, make sure you understand its impact on your network. |
You can specify a .cfg file as a next-startup configuration file when you execute the save [ safely ] [ backup | main ] [ force ] command.
Alternatively, you can execute the startup saved-configuration cfgfile [ backup | main ] command to specify a .cfg configuration file as the main or backup next-startup configuration file. When performing this task, follow these restrictions and guidelines:
· Make sure the specified configuration file is valid and has been saved to the root directory of the default storage medium on each MPU.
· If a partitioned USB disk is used, make sure the specified file is saved to the root directory of the first partition on the USB disk.
To specify a next-startup configuration file, perform the following task in user view:
|
Task |
Command |
Remarks |
|
Specify a next-startup configuration file. |
startup saved-configuration cfgfile [ backup | main ] |
By default, no configuration files are specified for the next startup. Use the display startup command and the display saved-configuration command in any view to verify the configuration. If you do not specify the backup or main keyword, this command specifies the configuration file as the main next-startup configuration file. As a best practice, specify different files as the main and backup next-startup configuration files. The undo startup saved-configuration command changes the attribute of the main or backup next-startup configuration file to NULL instead of deleting the file. |
Backing up the main next-startup configuration file to a TFTP server
Before performing this task, make sure the following requirements are met:
· The server is reachable.
· The server is enabled with TFTP service.
· You have read and write permissions to the server.
To back up the main next-startup configuration file to a TFTP server:
|
Step |
Command |
Remarks |
|
1. (Optional.) Verify that a next-startup configuration file has been specified in user view. |
display startup |
If no next-startup configuration file has been specified or the specified configuration file does not exist, the backup operation will fail. |
|
2. Back up the next-startup configuration file to a TFTP server in user view. |
backup startup-configuration to dest-addr [ dest-filename ] |
This command is not supported in FIPS mode. |
Restoring the main next-startup configuration file from a TFTP server
Perform this task to download a configuration file to the device from a TFTP server and specify the file as the main next-startup configuration file.
Before restoring the next-startup configuration file, make sure the following requirements are met:
· The server is reachable.
· The server is enabled with TFTP service.
· You have read and write permissions to the server.
To restore the main next-startup configuration file from a TFTP server:
|
Step |
Command |
Remarks |
|
1. Restore the main next-startup configuration file from a TFTP server in user view. |
restore startup-configuration from src-addr src-filename |
This command is not supported in FIPS mode. |
|
2. (Optional.) Verify that the specified configuration file has been set as the main next-startup configuration file. |
display startup display saved-configuration |
N/A |
Deleting a next-startup configuration file
|
|
CAUTION: This task permanently deletes a next-startup configuration file from each MPU. Before performing this task, back up the file as needed. |
If both the main and backup next-startup configuration files are deleted, the device uses initial settings at the next startup.
To delete a file that is set as both main and backup next-startup configuration files, you must execute both the reset saved-configuration backup command and the reset saved-configuration main command. Using only one of the commands removes the specified file attribute instead of deleting the file.
For example, if the reset saved-configuration backup command is executed, the backup next-startup configuration file setting is set to NULL, but the file is still used as the main file. To delete the file, you must also execute the reset saved-configuration main command.
Perform the following task in user view:
|
Task |
Command |
Remarks |
|
Delete a next-startup configuration file. |
reset saved-configuration [ backup | main ] |
If you do not specify the backup or main keyword, this command deletes the main next-startup configuration file. |
Displaying and maintaining configuration files
Execute display commands in any view.
|
Task |
Command |
|
Display the running configuration. |
display current-configuration [ configuration [ module-name ] | interface [ interface-type [ interface-number ] ] ] |
|
Display the differences that the running configuration has as compared with the next-startup configuration. |
|
|
Display the factory defaults. |
display default-configuration |
|
Display the differences between configurations. |
· display diff current-configuration { configfile file-name-d | startup-configuration } · display diff startup-configuration { configfile file-name-d | current-configuration } |
|
Display the contents of the configuration file for the next system startup. |
display saved-configuration |
|
Display names of the configuration files used at this startup and the next startup. |
display startup |
|
Display the valid configuration in the current view. |
display this |
