This command saves the running configuration to the specified configuration archive directory with file names generated from the specified name prefix.

Before executing this command, you must use one of the following methods to specify a directory and a name prefix for the configuration archives:

· For local archiving, use the archive configuration location command to specify a local configuration archive directory and a name prefix.

· For remote archiving, use the archive configuration server command to configure server parameters.

If you specify a local configuration archive directory, manual configuration archiving saves the running configuration only on the master device.

Examples

# Archive the running configuration.

<Sysname> archive configuration

Save the running configuration to an archive file. Continue? [Y/N]: Y

The archive configuration file myarchive_1.cfg is saved.

Related commands

archive configuration interval

archive configuration location

archive configuration max

archive configuration server

archive configuration server password

archive configuration server user

display archive configuration

archive configuration interval

Use archive configuration interval to enable automatic running-configuration archiving and set the archiving interval for local archiving.

Use undo archive configuration interval to disable automatic running-configuration archiving for local archiving.

Syntax

archive configuration interval interval

undo archive configuration interval

Default

The automatic running-configuration archiving feature is disabled for local archiving.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

interval: Specifies the interval for automatically saving the running configuration. The value range is 10 to 525600, in minutes.

Usage guidelines

Automatic configuration archiving enables the system to periodically save the running configuration to the archive directory. After the system finishes an automatic archive, it resets the archiving interval timer.

Before enabling automatic configuration archiving, you must use the archive configuration location command to specify a directory and a name prefix for the configuration archives.

Automatic configuration archiving saves the running configuration only on the master device.

Examples

# Set the system to archive the running configuration every 60 minutes.

<Sysname> system-view

[Sysname] archive configuration interval 60

Archive file will be saved every 60 minutes.

Related commands

archive configuration

archive configuration location

archive configuration max

display archive configuration

archive configuration location

Use archive configuration location to specify a local directory and file name prefix for archiving the running configuration.

Use undo archive configuration location to restore the default.

Syntax

archive configuration location directory filename-prefix filename-prefix

undo archive configuration location

Default

No local directory or file name prefix is specified on the device for archiving the running configuration.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

directory: Specifies the archive directory, a string of 1 to 63 characters. The value for this argument must take the format of storage-medium-name:/folder-name. The directory must already exist on the master.

filename-prefix: Specifies a file name prefix for configuration archives, a case-insensitive string of 1 to 30 characters. Valid characters are letters, digits, underscores (_), and hyphens (-).

Usage guidelines

Before archiving the running configuration, either manually or automatically, you must specify a directory and file name prefix for configuration archives.

The configuration archives are named in the format of prefix_serial number.cfg, for example, archive_1.cfg and archive_2.cfg. The serial number is automatically assigned from 1 to 1000, increasing by 1. After the serial number reaches 1000, it restarts from 1.

If you change the file directory or file name prefix, the following events occur:

· The old configuration archives change to common configuration files.

· The configuration archive counter is reset. The serial number for new configuration archives starts at 1.

· The display archive configuration command no longer displays the old configuration archives.

The configuration archive counter does not restart when you delete configuration archives from the archive directory. However, if the device reboots after all configuration archives have been deleted, the configuration archive counter restarts. The serial number for new configuration archives starts at 1.

The undo archive configuration location command removes the local configuration archive directory and file name prefix settings. The command also performs the following operations:

· Disables the configuration archive feature (both manual and automatic methods).

· Restores the default settings of the archive configuration interval and archive configuration max commands.

· Clears the configuration archive information displayed by using the display archive configuration command.

Examples

# Set the configuration archive directory as flash:/archive and the archive file name prefix as my_archive.

<Sysname> mkdir flash:/archive

Creating directory flash:/archive... Done.

<Sysname> system-view

[Sysname] archive configuration location flash:/archive filename-prefix my_archive

Related commands

archive configuration

archive configuration interval

archive configuration max

display archive configuration

archive configuration max

Use archive configuration max to set the maximum number of configuration archives that can be saved on the device.

Use undo archive configuration max to restore the default.

Syntax

archive configuration max file-number

undo archive configuration max

Default

The maximum number is 5.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

file-number: Specifies the maximum number of configuration archives that can be saved on the device. The value range is 1 to 10. Adjust the setting depending on the amount of storage space available.

Usage guidelines

Before you execute this command, use the archive configuration location command to specify a configuration archive directory and archive file name prefix on the device.

After the maximum number of configuration archives is reached, the system deletes the oldest archive for the new archive.

Changing the limit setting to a lower value does not cause immediate deletion of excess archives. Instead, the configuration archive feature deletes the oldest n files when a new archive is manually or automatically saved, where n = current archive count – new archive limit + 1. For example, seven configuration archives have been saved before the archive limit is set to four. When saving a new configuration archive, the system first deletes the oldest four (7 – 4 + 1) archives.

If you execute the undo archive configuration location command, the default archive limit is restored.

Examples

# Set the maximum number of configuration archives to 10.

<Sysname> system-view

[Sysname] archive configuration max 10

Related commands

archive configuration

archive configuration location

archive configuration interval

display archive configuration

archive configuration server

Use archive configuration server to configure the parameters for archiving the running configuration to a remote server.

Use undo archive configuration server to restore the default.

Syntax

archive configuration server { ftp | tftp } { ipv4-address | ipv6 ipv6-address } [ port port-number ] [ vpn-instance vpn-instance-name ] [ directory directory ] filename-prefix filename-prefix [ interval interval ]

undo archive configuration server

Default

No parameters are configured for archiving the running configuration to a remote server.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

ftp: Specifies a remote FTP server.

tftp: Specifies a remote TFTP server.

ipv4-address: Specifies the IPv4 address of the remote server.

ipv6 ipv6-address: Specifies the IPv6 address of the remote server.

port port-number: Specifies the TCP port number of the remote server, in the range of 1 to 65535. By default, the FTP port number is 21 and the TFTP port number is 69.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If the remote server is on the public network, do not specify this option.

directory directory: Specifies the remote archive directory, a case-insensitive string. If you do not specify this option, the archive directory is the root directory of the remote server.

filename-prefix filename-prefix: Specifies a file name prefix for configuration archives, a case-insensitive string of 1 to 30 characters. Valid characters are letters, digits, underscores (_), and hyphens (-).

interval interval: Enables automatic running-configuration remote archiving and sets the archiving interval. The value range for the interval argument is 10 to 525600 minutes.

Usage guidelines

Local archiving (the archive configuration location command) and remote archiving (the archive configuration server command) are mutually exclusive. You cannot use the two features at the same time.

If you use a remote FTP server, make sure that the device is consistent with that FTP server in FTP settings. If a login username and password is configured on the FTP server, you must use the archive configuration server user and archive configuration server password commands to specify that login username and password on the device.

If you use the archive configuration server command multiple times to configure parameters for remote archiving, the most recent configuration takes effect.

After you configure the remote archiving parameters, you can use the archive configuration command to manually archive the running configuration.

By default, automatic running-configuration remote archiving is disabled. To enable automatic running-configuration remote archiving, specify the interval interval option when you use the archive configuration server command. To disable automatic running-configuration remote archiving, use the undo archive configuration server command.

On the specified remote server, configuration archives are named in the format of filename-prefix_YYYYMMDD_HHMMSS.cfg (for example, archive_20170526_203430.cfg).

Examples

# Set the configuration archive directory as archive/ on the server at 192.168.1.1 and configure the archive file name prefix as my_archive.

<Sysname> system-view

[Sysname] archive configuration server ftp 192.168.1.1 port 22 directory /archive/ filename-prefix my_archive

Related commands

archive configuration

archive configuration location

archive configuration server password

archive configuration server user

display archive configuration

archive configuration server password

Use archive configuration server password to configure the password for accessing the FTP server that stores the configuration archives.

Use undo archive configuration server password to restore the default.

Syntax

archive configuration server password { cipher | simple } string

undo archive configuration server password

Default

No password is configured for accessing the FTP server that stores the configuration archives.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

cipher: Specifies a password in encrypted form.

simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form.

string: Specifies the password. Its plaintext form is a case-sensitive string of 1 to 63 characters. Its encrypted form is a case-sensitive string of 33 to 117 characters.

Examples

# Set the password to admin in plaintext form for accessing the FTP server that stores the configuration archives.

<Sysname> system-view

[Sysname] archive configuration server password simple admin

Related commands

archive configuration server

archive configuration server user

display archive configuration

archive configuration server user

Use archive configuration server user to configure the username for accessing the FTP server that stores the configuration archives.

Use undo archive configuration server user to restore the default.

Syntax

archive configuration server user user-name

undo archive configuration server user

Default

No username is configured for accessing the FTP server that stores the configuration archives.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

user-name: Specifies the username, a case-sensitive string of 1 to 63 characters.

Usage guidelines

If no username is configured, the username will be anonymous.

Examples

# Set the username to admin for accessing the FTP server that stores the configuration archives.

<Sysname> system-view

[Sysname] archive configuration server user admin

Related commands

archive configuration server

archive configuration server password

display archive configuration

backup startup-configuration

Use backup startup-configuration to back up the main next-startup configuration file to a TFTP server.

Syntax

backup startup-configuration to { ipv4-server | ipv6 ipv6-server } [ dest-filename ] [ vpn-instance vpn-instance-name ]

Views

User view

Predefined user roles

network-admin

context-admin

Parameters

ipv4-server: Specifies a TFTP server by its IPv4 address or host name. The host name is a case-insensitive string of 1 to 253 characters. Valid characters include letters, digits, hyphens (-), underscores (_), and dots (.).

ipv6 ipv6-server: Specifies a TFTP server by its IPv6 address or host name. The host name is a case-insensitive string of 1 to 253 characters. Valid characters include letters, digits, hyphens (-), underscores (_), and dots (.).

dest-filename: Specifies the name of the target file used for saving the file on the server. The file must be a .cfg file. The file name is a case-insensitive string of up to 255 characters. If you do not specify a target file name, the source file name is used.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If the TFTP server is on the public network, do not specify this option.

Examples

# Back up the main next-startup configuration file to the IPv4 TFTP server at 2.2.2.2 in the public network, and set the target file name to 192-168-1-26.cfg.

<Sysname> backup startup-configuration to 2.2.2.2 192-168-1-26.cfg

Backing up the main startup configuration file to 2.2.2.2...

Done.

# Back up the main next-startup configuration file to the IPv4 TFTP server at 2.2.2.2 in MPLS L3VPN instance VPN1, and set the target file name to 192-168-1-26.cfg.

<Sysname> backup startup-configuration to 2.2.2.2 192-168-1-26.cfg vpn-instance VPN1

Backing up the main startup configuration file to 2.2.2.2 in VPN VPN1...

Done.

# Back up the main next-startup configuration file to the IPv6 TFTP server at 2001::2 in the public network, and set the target file name to 192-168-1-26.cfg.

<Sysname> backup startup-configuration to ipv6 2001::2 192-168-1-26.cfg

Backing up the main startup configuration file to 2001::2...

Done.

Related commands

restore startup-configuration

configuration encrypt

Use configuration encrypt to enable configuration encryption.

Use undo configuration encrypt to disable configuration encryption.

Syntax

configuration encrypt { private-key | public-key }

undo configuration encrypt

Default

Configuration encryption is disabled.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

private-key: Encrypts configuration with a private key. All devices running Comware 7 software use the same private key.

public-key: Encrypts configuration with a public key. All devices running Comware 7 software use the same public key.

Usage guidelines

Configuration encryption enables the device to automatically encrypt a configuration file when saving the running configuration to the file.

Any devices running Comware 7 software can decrypt the encrypted configuration file. To prevent an encrypted file from being decoded by unauthorized users, make sure the file is accessible only to authorized users.

Examples

# Enable the public-key method for configuration encryption.

<Sysname> system-view

[Sysname] configuration encrypt public-key

configuration replace file

Use configuration replace file to roll the running configuration back by using a local replacement configuration file.

Syntax

configuration replace file filename

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

filename: Specifies the path of the replacement configuration file, a string of up to 255 characters. The file must be a .cfg file. The file and file path must be valid and on the local system.

Usage guidelines

To replace the running configuration with the configuration in a local configuration file without rebooting the device, use this command. This command helps you revert to a previous configuration state or adapt the running configuration to different network environments.

To ensure a successful rollback, follow these guidelines:

· Make sure the replacement configuration file is created by using the configuration archive feature or the save command on the device.

· If the configuration file is not created on the device, make sure the command lines in the configuration file are fully compatible with the device.

· Make sure the replacement configuration file is not encrypted.

Examples

# Replace the running configuration with the configuration in the my_archive_1.cfg configuration file.

<Sysname> system-view

[Sysname] configuration replace file my_archive_1.cfg

Current configuration will be lost, save current configuration? [Y/N]:n

Now replacing the current configuration. Please wait...

Succeeded in replacing current configuration with the file my_archive_1.cfg.

configuration replace server

Use configuration replace server to roll the running configuration back by using a configuration file on a remote server.

Use undo configuration replace server to restore the default.

Syntax

configuration replace server { ftp | tftp } { ipv4-address | ipv6 ipv6-address } [ port port-number ] [ vpn-instance vpn-instance-name ] [ directory directory ] file filename

undo configuration replace server

Default

No parameters are configured for remote configuration rollback.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

ftp: Specifies a remote FTP server.

tftp: Specifies a remote TFTP server.

ipv4-address: Specifies the IPv4 address of the remote server.

ipv6 ipv6-address: Specifies the IPv6 address of the remote server.

port port-number: Specifies the TCP port number of the remote server, in the range of 1 to 65535. By default, the FTP port number is 21 and the TFTP port number is 69.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If the remote server is on the public network, do not specify this option.

directory directory: Specifies the remote rollback directory. The directory argument is a case-insensitive string. If you do not specify this option, the rollback directory is the root directory of the remote server.

file filename: Specifies the default replacement configuration file for running-configuration remote rollback. The filename argument is a case-insensitive string. The file must be a .cfg file.

Usage guidelines

If you use a remote FTP server, make sure the device is consistent with that FTP server in FTP settings. If a login username and password is configured on the FTP server, you must use the configuration replace server user and configuration replace server password commands to specify that login username and password on the device.

Examples

# Replace the running configuration with the configuration in the archive/ directory of the FTP server at 192.168.1.1.

<Sysname> system-view

[Sysname] configuration replace server ftp 192.168.1.1 port 22 directory /archive/

Related commands

configuration replace server file

configuration replace server password

configuration replace server user

display configuration replace server

configuration replace server file

Use configuration replace server file to enable remote configuration rollback.

Use undo configuration replace server file to disable remote configuration rollback.

Syntax

configuration replace server file [ filename ] [ at time [ date ] ]

undo configuration replace server file

Default

Remote configuration rollback is disabled.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

filename: Specifies a replacement configuration file by its name, a string of up to 255 characters. The file must be a .cfg file. If you do not specify a replacement configuration file, this command uses the default replacement configuration file specified by using the configuration replace server command for a rollback.

at time: Specifies the time at which the system downloads the replacement configuration file and performs configuration rollback. The time argument is in the format of HH:MM. HH represents the hours, in the range of 0 to 23. MM represents the minutes, in the range of 0 to 59.

date: Specifies the date on which the system downloads the replacement configuration file and performs configuration rollback. This argument is in the format of MM/DD/YYYY or YYYY/MM/DD. YYYY represents the year, in the range of 2000 to 2035. MM represents the month, in the range of 1 to 12. DD represents the day, in the range of 1 to N. The value for N depends on the month.

Usage guidelines

CAUTION:

A configuration rollback might disrupt some services. Before you perform a rollback on a live network, make sure you understand its impact on services.

This command enables the device to perform the following operations:

1. Downloads the replacement configuration file from the remote rollback server.

2. Saves the downloaded file as a temporary file.

3. Replaces the running configuration with the configuration in the temporary file.

4. Deletes the temporary file after the configuration rollback finishes.

To perform an immediate configuration rollback, do not specify a rollback time or date. An immediate configuration rollback cannot be canceled.

To schedule a configuration rollback, specify a rollback time and optionally a date. A configuration rollback schedule can be canceled before the specified rollback time. When you schedule a rollback, follow these restrictions and guidelines:

· If you specify a rollback date with the rollback time, the specified date must be the same or later than the current system date. If the specified date is the same as the current system date, the specified time must be later than the current system time. After you create the rollback schedule, be careful with changing the system clock backward. The rollback schedule will be canceled automatically if it expires before it could be executed because the system date or time is changed backward.

· If you do not specify a rollback date with the rollback time, the device compares the specified rollback time with the current system time.

¡ If the specified rollback time is later than the current system time, the device performs a rollback at the specified time on the current day.

¡ If the specified rollback time is earlier than the current system time, the device performs a rollback at the specified time on the next day.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Roll back the running configuration immediately with the specified replacement configuration file on the remote server for configuration rollback.

<Sysname> system-view

[Sysname] configuration replace server file my_archive_2017-05-09_14:20:18.cfg

The running configuration will be lost. Do you want to save the running configuration? [Y/N]: N

Now replacing the running configuration...

Successfully replaced running configuration with file my_archive_2017-05-09_14:20:18.cfg.

Related commands

configuration replace server

configuration replace server password

configuration replace server user

configuration replace server password

Use configuration replace server password to configure the password for accessing the remote FTP server for configuration rollback.

Use undo configuration replace server password to restore the default.

Syntax

configuration replace server password { cipher | simple } string

undo configuration replace server password

Default

No password is configured for accessing the remote FTP server for remote configuration rollback.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

cipher: Specifies a password in encrypted form.

simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form.

string: Specifies the password. Its plaintext form is a case-sensitive string of 1 to 63 characters. Its encrypted form is a case-sensitive string of 33 to 117 characters.

Examples

# Set the password to admin in plaintext form for accessing the remote FTP server for configuration rollback.

<Sysname> system-view

[Sysname] configuration replace server password simple admin

Related commands

configuration replace server

configuration replace server file

configuration replace server user

Use configuration replace server user to specify the username for accessing the remote FTP server for configuration rollback.

Use undo configuration replace server user to restore the default.

Syntax

configuration replace server user user-name

undo configuration replace server user

Default

No username is configured for accessing the remote FTP server for configuration rollback.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

user-name: Specifies the username, a case-sensitive string of 1 to 63 characters.

Usage guidelines

If no username is configured, the username will be anonymous.

Examples

# Set the username to admin for accessing the remote FTP server for configuration rollback.

<Sysname> system-view

[Sysname] configuration replace server user admin

Related commands

configuration replace server

configuration replace server file

configuration replace server password

display configuration replace server

display archive configuration

Use display archive configuration to display configuration archive information.

Syntax

display archive configuration

Views

Any view

Predefined user roles

network-admin

network-operator

context-admin

context-operator

Usage guidelines

If you use remote archiving, this command displays configuration archive information on the remote server. If you use local archiving, this command displays configuration archive information on the local device.

Examples

# Display information about the configuration archives. The sample output was created based on local archiving.

<Sysname> display archive configuration

Location: flash:/archive

Filename prefix: my_archive

Archive interval in minutes: 120

Maximum number of archive files: 10

Archive history:

No. TimeStamp FileName

1 Sat Oct 20 22:50:26 2018 my_archive_1.cfg

2 Sat Oct 20 22:50:31 2018 my_archive_2.cfg

# 3 Sat Oct 20 22:50:35 2018 my_archive_3.cfg

The pound sign (#) indicates the most recent archive file.

Next archive file to be saved: my_archive_4.cfg

# Display information about the configuration archives. The sample output was created based on remote archiving.

<Sysname> display archive configuration

Username: test

Location: ftp://192.168.21.21:21/archive

VPN instance: VPN1

Filename prefix: my_archive

Archive interval in minutes: 120

Archive history:

No. TimeStamp FileName

! 1 Thu Oct 18 14:23:51 2018 my_archive_20181018_142351.cfg

! 2 Sat Oct 20 22:46:44 2018 my_archive_20181020_224644.cfg

#! 3 Sat Oct 20 22:46:49 2018 my_archive_20181020_224649.cfg

The exclamation mark (!) indicates that the remote archiving attempt failed.

The pound sign (#) indicates the most recent archive file.

Table 1 Command output

Field	Description
Username	Username for accessing the remote FTP server that stores the configuration archives. If the remote server is a TFTP server, this field is not available.
Location	Absolute path of the directory for saving running-configuration archives.
VPN instance	VPN instance to which the remote server belongs.
Filename prefix	File name prefix for configuration archives.
Archive interval in minutes	Interval (in minutes) for the system to automatically archive the running configuration. If automatic configuration archiving is disabled, this field is not available.
Maximum number of archive files	Maximum number of configuration archives that can be saved on the device.
Archive history	History configuration archive information.
No.	Number of a configuration archive.
TimeStamp	Time when the configuration archive was created.

Related commands

archive configuration

archive configuration interval

archive configuration location

archive configuration max

archive configuration server

display configuration replace server

Use display configuration replace server to display information about remote configuration rollback.

Syntax

display configuration replace server

Views

Any view

Predefined user roles

network-admin

network-operator

context-admin

context-operator

Usage guidelines

The device stores only the most recent 10 remote rollback records.

Examples

# Display information about remote configuration rollback.

<Sysname> display configuration replace server

Username: test

Location: ftp://192.168.21.21:22/test/

VPN instance: VPN1

Next replacement file: my_archive_20180509_143018.cfg

Next replacement time: 22:00 2018/6/12

Replacement history:

No. Time FileName

! 1 20:21:09 2018/10/18 my_archive_20180509_142018.cfg

! 2 20:25:00 2018/10/18 my_archive_20180509_143018.cfg

#! 3 22:52:23 2018/10/20 my_archive_20180509_144018.cfg

The exclamation mark (!) indicates that the remote replacing attempt failed.

The pound sign (#) indicates the most recent replacement file.

Table 2 Command output

Field	Description
Username	Username for accessing the remote server to download a configuration file for configuration rollback.
Location	Absolute path of the replacement configuration file.
VPN instance	VPN instance to which the remote server belongs.
Next replacement file	Configuration file for the next remote configuration rollback. If no remote configuration rollback schedule is waiting for execution, this field is not available.
Next replacement time	Time and date for the next remote configuration rollback. If no remote configuration rollback schedule is waiting for execution, this field is not available.
Replacement history	Remote configuration rollback history.
No.	Number of a configuration rollback.
Time	Time and date when the configuration rollback was performed.
Filename	Name of the replacement configuration file.

‌

Related commands

configuration replace server

configuration replace server file

configuration replace server password

configuration replace server user

display current-configuration

Use display current-configuration to display the running configuration.

Syntax

display current-configuration [ configuration [ module-name ] | interface [ interface-type [ interface-number ] ] | vpn-instance [ vpn-instance-name ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

context-admin

context-operator

Parameters

configuration [ module-name ]: Displays the feature configuration. The module-name argument specifies a feature module. If you do not specify a feature module, the command displays all feature settings you have made.

interface [ interface-type [ interface-number ] ]: Displays interface configuration, where the interface-type argument represents the interface type and the interface-number argument represents the interface number. If you do not specify the interface-type interface-number arguments, the command displays the running configuration for all interfaces. If you specify only the interface-type argument, the command displays the running configuration for all interfaces of this type.

vpn-instance [ vpn-instance-name ]: Specifies one or all MPLS L3VPN instances. Use the vpn-instance-name argument to specify one MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you specify the vpn-instance keyword without specifying the vpn-instance-name argument, this command displays the running configuration for all VPN instances. If you do not specify VPN instances, this command displays the running configuration for all VPN instances and the public network.

Usage guidelines

Use this command to verify the configuration you have made.

If the system has automatically changed the setting you have made for a parameter, this command displays the effective setting instead of the configured one. An automatic change typically occurs because of system restrictions.

This command does not display parameters that are using the default settings.

Executing this command with the vpn-instance [ vpn-instance-name ] option displays only part of the running configuration for the specified VPN instances. The displayed information includes settings made on the VPN instances, interfaces associated with the VPN instances, and routing protocol settings. To obtain the complete running configuration, execute the display current-configuration command without specifying any parameters. To obtain the desired running configuration related to VPN instances, use the | include regular-expression option. With the include regular-expression option, you can specify a regular expression to identify the configuration you want to display.

Examples

# Display local user configuration.

<Sysname> display current-configuration configuration local-user

local-user ftp class manage

password hash $h$6$D5A6pqcGpnZXxFUO$OJqnqffG7m1wTH3C6v+FBCjZZBzqgJjTZlbATl1dnKNlYwFMJcWDMbDn8HD1j4XzuKggDp2LrP40kGIOvQGYhQ==

service-type ftp

authorization-attribute user-role network-operator

local-user root class manage

password hash $h$6$GcTZyXO04qmom21z$GjeAeDMjP/xtknMLf9NHUNIvebNYR3tkd5aWS6sKbkFh/ECFJZOjh2FVUI0GW7u44fNK6Ke7ANE7dhhAFcytUQ==

service-type ssh telnet terminal

authorization-attribute user-role network-admin

return

# Display Ethernet interface configuration.

<Sysname> display current-configuration interface gigabitethernet

interface GigabitEthernet1/0/1

port link-mode route

return

display current-configuration diff

Use display current-configuration diff to display the differences that the running configuration has as compared with the next-startup configuration.

Syntax

display current-configuration diff

Views

Any view

Predefined user roles

network-admin

network-operator

context-admin

context-operator

Usage guidelines

This command searches for the next-startup configuration in the following order:

1. The .cfg main next-startup configuration file.

2. The .cfg backup next-startup configuration file if the .cfg main next-startup configuration file is unavailable.

If both configuration files are unavailable, the system displays a message indicating that no next-startup configuration files exist.

Examples

# Display the differences that the running configuration has as compared with the next-startup configuration.

<Sysname> display current-configuration diff

--- Startup configuration

+++ Current configuration

@@ -5,7 +5,7 @@

sysname Sysname

-alias dhc display history-command

+alias dh display hotkey

Table 3 Command output

Field	Description
- - - A +++ B	· A represents the source configuration for comparison, which can be Startup configuration, Current configuration, or the name of the source configuration file with its directory information. · B represents the target configuration for comparison, which can be Current configuration, Startup configuration, or the name of the target configuration file with its directory information. In this example, the startup configuration and the current configuration are the source and target, respectively.
@@ -linenumber1,number1 +linenumber2,number2 @@	Location information for identifying the command line differences: · -linenumber1,number1—Source configuration section that contains differences. The linenumber1 argument represents the start line of the section. The number1 argument represents the number of lines between the start line and the end line of the section. · +linenumber2,number2—Target configuration section that contains differences. The linenumber2 argument represents the start line of the section. The number2 argument represents the number of lines between the start line and the end line of the section.
cmd1 - cmd2 + cmd3 cmd4	Displays command differences. · cmd1 and cmd4—Command lines are contained in both source and target configurations if they are not prefixed with a minus (-) or plus (+) sign. They provide a context for locating command line differences. · - cmd2—Command lines are prefixed with a minus sign if they are contained in the source configuration but not in the target configuration. · + cmd3—Command lines are prefixed with a plus sign if they are contained in the target configuration but not in the source configuration. In this example, the sample output shows that the alias dhc display history-command command is contained only in the source configuration, and the alias dh display hotkey command is contained only in the target configuration.

Field

Description

- - - A

+++ B

· A represents the source configuration for comparison, which can be Startup configuration, Current configuration, or the name of the source configuration file with its directory information.

· B represents the target configuration for comparison, which can be Current configuration, Startup configuration, or the name of the target configuration file with its directory information.

In this example, the startup configuration and the current configuration are the source and target, respectively.

@@ -linenumber1,number1 +linenumber2,number2 @@

Location information for identifying the command line differences:

· -linenumber1,number1—Source configuration section that contains differences. The linenumber1 argument represents the start line of the section. The number1 argument represents the number of lines between the start line and the end line of the section.

· +linenumber2,number2—Target configuration section that contains differences. The linenumber2 argument represents the start line of the section. The number2 argument represents the number of lines between the start line and the end line of the section.

cmd1

- cmd2

+ cmd3

cmd4

Displays command differences.

· cmd1 and cmd4—Command lines are contained in both source and target configurations if they are not prefixed with a minus (-) or plus (+) sign. They provide a context for locating command line differences.

· - cmd2—Command lines are prefixed with a minus sign if they are contained in the source configuration but not in the target configuration.

· + cmd3—Command lines are prefixed with a plus sign if they are contained in the target configuration but not in the source configuration.

In this example, the sample output shows that the alias dhc display history-command command is contained only in the source configuration, and the alias dh display hotkey command is contained only in the target configuration.

Related commands

display current-configuration

display diff

display saved-configuration

display default-configuration

Use display default-configuration to display the factory defaults.

Syntax

display default-configuration

Views

Any view

Predefined user roles

network-admin

network-operator

context-admin

context-operator

Usage guidelines

Factory defaults are custom basic settings that came with the device. Factory defaults vary by device models and might differ from the initial default settings for the commands.

The device starts up with the factory defaults if no next-startup configuration files are available.

Examples

# Display the factory defaults.

<Sysname> display default-configuration

display diff

Use display diff to display differences between configurations.

Syntax

display diff configfile file-name-s { configfile file-name-d | current-configuration | startup-configuration }

display diff current-configuration { configfile file-name-d | startup-configuration }

display diff startup-configuration { configfile file-name-d | current-configuration }

Views

Any view

Predefined user roles

network-admin

network-operator

context-admin

context-operator

Parameters

configfile file-name-s: Specifies the source configuration file for comparison.

configfile file-name-d: Specifies the target configuration file for comparison.

current-configuration: Specifies the running configuration. In the display diff current-configuration command, this keyword specifies the source configuration for comparison. In the display diff configfile file-name-s and display diff startup-configuration commands, this keyword specifies the target configuration.

startup-configuration: Specifies the next-startup configuration. In the display diff startup-configuration command, this keyword specifies the source configuration for comparison. In the display diff configfile file-name-s and display diff current-configuration commands, this keyword specifies the target configuration.

Usage guidelines

If you specify the startup-configuration keyword, the system searches for the next-startup configuration in the following order:

1. The .cfg main next-startup configuration file.

2. The .cfg backup next-startup configuration file if the .cfg main next-startup configuration file is unavailable.

If both configuration files are unavailable, the system displays a message indicating that no next-startup configuration files exist.

Examples

# Display the differences between startup.cfg and test.cfg.

<Sysname> display diff configfile startup.cfg configfile test.cfg

--- flash:/startup.cfg

+++ flash:/test.cfg

@@ -5,7 +5,7 @@

sysname Sysname

-alias dhc display history-command

+alias dh display hotkey

The output shows that the alias dhc display history-command command is contained only in startup.cfg, and the alias dh display hotkey command is contained only in test.cfg.

# Display the differences between the running configuration and the next-startup configuration.

<Sysname> display diff current-configuration startup-configuration

--- Current configuration

+++ Startup configuration

@@ -5,7 +5,7 @@

sysname Sysname

-alias dhc display history-command

+alias dh display hotkey

The output shows that the alias dhc display history-command command is contained only in the running configuration, and the alias dh display hotkey command is contained only in the next-startup configuration.

For the command output description, see Table 3.

Related commands

display current-configuration

display current-configuration diff

display saved-configuration

Use display saved-configuration to display the contents of the configuration file for the next system startup.

Syntax

display saved-configuration

Views

Any view

Predefined user roles

network-admin

network-operator

context-admin

context-operator

Usage guidelines

Use this command to verify that important settings have been saved to the configuration file for the next system startup.

This command selects the configuration file to display in the following order:

1. If the main startup configuration file is available, this command displays the contents of the main startup configuration file.

2. If only the backup startup configuration file is available, this command displays the contents of the backup file.

3. If both the main and backup startup configuration files are not available, this command does not display anything.

Examples

# Display the contents of the configuration file for the next system startup.

<Sysname> display saved-configuration

version 7.1.070, Release 1201

sysname Sysname

ftp server enable

telnet server enable

domain default enable system

vlan 1

domain system

---- More ----

Related commands

reset saved-configuration

save

display startup

Use display startup to display the names of the current startup configuration file and the next-startup configuration files.

Syntax

display startup

Views

Any view

Predefined user roles

network-admin

network-operator

context-admin

context-operator

Usage guidelines

All IRF members use the same current startup configuration file as the master.

After a master/subordinate switchover, it is normal that the current startup configuration files on all IRF members are displayed as NULL. This is because the new master continues to run with the running configuration rather than rebooting with a startup configuration file.

Examples

# Display names of the startup configuration files.

<Sysname> display startup

Current startup saved-configuration file: flash:/startup.cfg(*)

Next main startup saved-configuration file: flash:/startup.cfg

Next backup startup saved-configuration file: NULL

Table 4 Command output

Field	Description
Current startup saved-configuration file	Configuration file that the device has started up with.
Next main startup saved-configuration file	Primary configuration file to be used at the next startup.
Next backup startup saved-configuration file	Backup configuration file to be used at the next startup.

Related commands

startup saved-configuration

display this

Use display this to display the running configuration in the current view.

Syntax

display this

Views

Any view

Predefined user roles

network-admin

network-operator

context-admin

context-operator

Usage guidelines

Use this command to verify the configuration you have made in a certain view.

This command does not display parameters that are using the default settings.

Some parameters can be successfully set even if their dependent features are not enabled. For these parameters, this command displays their settings after the dependent features are enabled.

This command can be executed in any user line view to display the running configuration of all user lines.

Examples

# Display the running configuration on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] display this

interface GigabitEthernet1/0/1

return

reset saved-configuration

Use reset saved-configuration to delete a next-startup configuration file.

Syntax

reset saved-configuration [ backup | main ]

Views

User view

Predefined user roles

network-admin

context-admin

Parameters

backup: Specifies the backup next-startup configuration file.

main: Specifies the main next-startup configuration file.

Usage guidelines

CAUTION:

This command permanently deletes the specified next-startup configuration file from all IRF member devices.

You can delete the main file, the backup file, or both.

To delete a file that is set as both main and backup next-startup configuration files, you must execute both the reset saved-configuration backup command and the reset saved-configuration main command. Using only one of the commands sets the target file attribute to NULL instead of deleting the file.

If you do not specify a configuration file attribute, the reset saved-configuration command deletes the main next-startup configuration file.

Examples

# Delete the main next-startup configuration file.

<Sysname> reset saved-configuration

The saved configuration file will be erased. Are you sure? [Y/N]:y

Configuration file in flash: is being cleared.

Please wait ...........

Configuration file is cleared.

Related commands

display saved-configuration

restore startup-configuration

Use restore startup-configuration to download a configuration file from a TFTP server and specify it as the main next-startup configuration file.

Syntax

restore startup-configuration from { ipv4-server | ipv6 ipv6-server } src-filename [ vpn-instance vpn-instance-name ]

Views

User view

Predefined user roles

network-admin

context-admin

Parameters

src-filename: Specifies the name of the configuration file to be downloaded. The file must be a .cfg file. The file name is a case-insensitive string of up to 255 characters.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If the TFTP server is on the public network, do not specify this option.

Usage guidelines

Before restoring the configuration file for the next startup, make sure the following requirements are met:

· The server is reachable.

· The server is enabled with TFTP service.

· You have read and write permissions to the server.

This command downloads the configuration file to the root directory of the default storage medium on each member device and specifies the file as the main next-startup configuration file. If the default storage medium has been partitioned, the configuration file is saved on the first partition. Make sure all IRF members use the same type of default storage media. If a subordinate device uses a different type of default storage medium than the master, the command cannot propagate the configuration file to the subordinate device. For example, the subordinate device uses a USB disk, but the master uses a flash memory. In this situation, you must manually restore the main next-startup configuration file on the subordinate device.

Examples

# Download test.cfg from the IPv4 TFTP server at 2.2.2.2 in the public network, and specify the file as the main next-startup configuration file.

<Sysname> restore startup-configuration from 2.2.2.2 test.cfg

Restoring the next startup-configuration file from 2.2.2.2...

Done.

# Download test.cfg from the IPv4 TFTP server at 2.2.2.2 in MPLS L3VPN instance VPN1, and specify the file as the main next-startup configuration file.

<Sysname> restore startup-configuration from 2.2.2.2 test.cfg vpn-instance VPN1

Restoring the next startup-configuration file from 2.2.2.2...

Done.

# Download test.cfg from the IPv6 TFTP server at 2001::2 in the public network, and specify the file as the main next-startup configuration file.

<Sysname> restore startup-configuration from ipv6 2001::2 test.cfg

Restoring the next startup-configuration file from 2001::2...

Done.

Related commands

backup startup-configuration

save

Use save file-url [ all | slot slot-number ] to save the running configuration to a configuration file, without specifying the file as a next-startup configuration file.

Use save [ safely ] [ backup | main ] [ force ] [ context-all | changed ] to save the running configuration to a file in the root directory of the storage medium. This command automatically saves the file on each IRF member device and specifies the file as a next-startup configuration file.

Syntax

save file-url [ all | slot slot-number ]

save [ safely ] [ backup | main ] [ force ] [ context-all | changed ]

Views

Any view

Predefined user roles

network-admin

context-admin

Parameters

file-url: Specifies a file path, a string of up to 255 characters. The file must be a .cfg file. If you specify the all keyword or the slot slot-number option, the file path cannot include a member ID. If the file path includes a folder name, the folder must already exist on all IRF member devices.

all: Saves the running configuration to all member devices. If you do not specify this keyword or the slot slot-number option, the command saves the running configuration only to the master.

slot slot-number: Specifies a subordinate device by its member ID. If you do not specify a subordinate device or the all keyword, this command saves the running configuration only to the master.

safely: Saves the configuration file in safe mode. If you do not specify this keyword, the device saves the configuration file in fast mode.

backup: Saves the running configuration to a configuration file, and specifies the file as the backup next-startup configuration file. If you do not specify this keyword or the main keyword, the command specifies the saved file as the main next-startup configuration file.

main: Saves the running configuration to a configuration file, and specifies the file as the main next-startup configuration file. If you do not specify this keyword or the backup keyword, the command specifies the saved file as the main next-startup configuration file.

force: Saves the running configuration to the existing next-startup configuration file without prompting for confirmation. If you do not specify this keyword, the system prompts you to confirm the operation. If you do not confirm the operation within 30 seconds, the system automatically aborts the operation. If you enter Y within the time limit, you can continue the save process and change the target file name during the process.

context-all: Saves the running configuration for each context. The running configuration for each context is saved to the storage medium of the firewall module. If you do not specify this keyword, the save command saves the running configuration only for the context where you are logged in.

changed: Overwrites the target configuration file with the running configuration if an inconsistency is detected between the settings in the configuration file and the running configuration. The save command does not take effect if no inconsistency is detected. If you do not specify this keyword, the save command always overwrites the target configuration file with the running configuration.

Usage guidelines

If the file specified for this command does not exist, the system creates the file before saving the configuration. If the file already exists, the system prompts you to confirm whether to overwrite the file. If you choose to not overwrite the file, the system cancels the save operation.

This command saves the running configuration to an .mdb binary file as well as a .cfg text file. The two files use the same file name. An .mdb file takes less time to load than a .cfg file.

When you use the save [ safely ] [ backup | main ] [ force ] [ context-all | changed ] command, follow these guidelines:

· In safe mode, the system saves configuration in a temporary file and starts overwriting the target next-startup configuration file after the save operation is complete. If a reboot, power failure, or out of memory or storage space event occurs during the save operation, the next-startup configuration file is retained.

· In fast mode, the device directly overwrites the target next-startup configuration file. If a reboot, power failure, or out of memory or storage space event occurs during this process, all settings in the next-startup configuration file are lost.

Safe mode is slower than fast mode, but more secure. As a best practice, specify the safely keyword for reliable configuration saving.

Examples

# Save the running configuration to backup.cfg, without specifying the file as a next-startup configuration file.

<Sysname> save backup.cfg

The current configuration will be saved to flash:/backup.cfg. Continue? [Y/N]:y

Now saving current configuration to the device.

Saving configuration flash:/backup.cfg. Please wait...

Configuration is saved to device successfully.

# Save the running configuration to the main next-startup configuration file without any confirmation required.

<Sysname> save force

Validating file. Please wait....

Saved the current configuration to mainboard device successfully.

# Save the running configuration to a file in the root directory of the default storage medium, and specify the file as the main next-startup configuration file.

<Sysname> save

The current configuration will be written to the device. Are you sure? [Y/N]:y

Please input the file name(*.cfg)[flash:/backup.cfg]

(To leave the existing filename unchanged, press the enter key):test.cfg

Validating file. Please wait............

Saved the current configuration to mainboard device successfully.

# Save the running configuration to a file in the root directory of the storage medium for each context, and specify the file as the main next-startup configuration file.

<Sysname> save context-all

Save current configuration in all context? [Y/N]:y

Please input the file name(*.cfg)[flash:/startup.cfg]

(To leave the existing filename unchanged, press the enter key):

flash:/startup.cfg exists, overwrite? [Y/N]:y

Validating file. Please wait...

Saved the current configuration of context Admin to mainboard device successfully.

Related commands

display current-configuration

display saved-configuration

save binary-only

Use save binary-only to save the running configuration only to the binary main next-startup configuration file.

Syntax

save binary-only

The following compatibility matrix shows the support of hardware platforms for this command:

‌

Hardware	Command compatibility
F5010, F5020, F5020-GM, F5030, F5030-6GW, F5040, F5060, F5080, F5000-AI-20, F5000-AI-40, F5000-V30, F5000-C, F5000-S, F5000-M, F5000-A	No
F1000-AI-20, F1000-AI-30, F1000-AI-50, F1000-AI-60, F1000-AI-70, F1000-AI-80, F1000-AI-90	No
F1003-L, F1005-L, F1010-L	No
F1005, F1010	No
F1020, F1020-GM, F1030, F1030-GM, F1050, F1060, F1070, F1070-GM, F1070-GM-L, F1080, F1090, F1000-V70	No
F1000-AK1110, F1000-AK1120, F1000-AK1130, F1000-AK1140	No
F1000-AK1212, F1000-AK1222, F1000-AK1232, F1000-AK1312, F1000-AK1322, F1000-AK1332	No
F1000-AK1414, F1000-AK1424, F1000-AK1434, F1000-AK1514, F1000-AK1524, F1000-AK1534, F1000-AK1614	No
F1000-AK108, F1000-AK109, F1000-AK110, F1000-AK115, F1000-AK120, F1000-AK125, F1000-AK710	No
F1000-AK130, F1000-AK135, F1000-AK140, F1000-AK145, F1000-AK150, F1000-AK155, F1000-AK160, F1000-AK165, F1000-AK170, F1000-AK175, F1000-AK180, F1000-AK185, F1000-GM-AK370, F1000-GM-AK380, F1000-AK711	No
LSU3FWCEA0, LSUM1FWCEAB0, LSX1FWCEA1	No
LSXM1FWDF1, LSUM1FWDEC0, IM-NGFWX-IV, LSQM1FWDSC0, LSWM1FWD0, LSPM6FWD, LSQM2FWDSC0	No
vFW1000, vFW2000	Yes

‌

Views

Any view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

IMPORTANT:

Typically, save the configuration to the .cfg configuration file. Saving the configuration only to the binary file will cause the failure to recover settings that must be read from the .cfg file at startup.

This command is designed to reduce the amount of configuration saving time in special scenarios that have a large amount of configuration. As a best practice, use this command only when you must save a large number of NAT entries, IP static routes, or VPN instances.

To use the save binary-only command, make sure a .cfg main next-startup configuration file exists on the device. If no .cfg main next-startup configuration file exists, the save operation fails.

If the binary main next-startup configuration file is not available at the next startup, the device uses an available .cfg next-startup configuration file. The configuration in the binary startup file will be lost.

To prevent the loss of the next-startup configuration file, make sure no one reboots or power cycles the device while the device is executing the save binary-only command.

You cannot use the display saved-configuration command to display the settings in the binary main next-startup configuration file.

Examples

# Save the running configuration only to the binary main next-startup configuration file.

<Sysname> save binary-only

Validating file. Please wait...

Current configuration saved to the binary main next-startup configuration file

Related commands

save

startup saved-configuration

Use startup saved-configuration to specify a file as a next-startup configuration file.

Use undo startup saved-configuration to configure the system to start up with the factory defaults at the next startup.

Syntax

startup saved-configuration cfgfile [ backup | main ]

undo startup saved-configuration

Default

No next-startup configuration files are specified.

Views

User view

Predefined user roles

network-admin

context-admin

Parameters

cfgfile: Specifies the path of a configuration file, a string of up to 255 characters. The file must be a .cfg file. The file path can include only the file name, or the storage medium information and file name. If the file is not on the default storage medium, you must specify the file name with storage medium information.

backup: Specifies the configuration file as the backup next-startup configuration file.

main: Specifies the configuration file as the main next-startup configuration file. This is the primary configuration file that the device attempts to load at startup. If the loading attempt fails, the device tries the backup next-startup configuration file.

Usage guidelines

CAUTION:

In an IRF fabric, the undo startup saved-configuration command can cause an IRF split after the IRF fabric or an IRF member reboots.

‌

The startup saved-configuration command applies to all IRF members. To successfully execute this command, make sure the specified file has been saved in the root directory of the storage medium on each member.

If you do not specify the backup or main keyword, the startup saved-configuration command specifies the main next-startup configuration file.

As a best practice, specify different files as the main and backup next-startup configuration files.

The undo startup saved-configuration command changes the file attribute of the main and backup next-startup configuration files to NULL. However, the command does not delete the two configuration files.

You can also specify a configuration file as a next startup file when you use the save command to save the running configuration.

Examples

# Specify the main next-startup configuration file.

<Sysname> startup saved-configuration testcfg.cfg

Please wait ....... Done.

Related commands

display startup

01-Fundamentals Command Reference

Configuration file management commands

reset saved-configuration

save

startup saved-configuration

Intelligent Terminal Products

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Become a Partner

Partner Policy & Program

Global Learning

Partner Sales Resources

Service Business

Company Information

News & Events

Contact Us