3.4 Configuration and Backup
Configuration backup of devices are done via a set of commands corresponding to the model of the device. IOS devices, for example, can
be backed up via the following sequence of commands:
copy running-config tftp copy startup-config tftp show access-lists
show diag...
What netLD does is to automates these command-line sequences. Since these commands vary among the vendors, maintenance of large
number of devices by hand is quite inefficient, and there are many reinventions of wheels in each developer’s personal shell scripts.
.
To take the backups of all the devices in Inventory, simply click on Device
→ Backup without selecting any device. If you want to backup certain devices
only, select the devices prior to clicking the button. Alternatively, you can run the
backup via the right-click menu which shows up when you select the devices and
right-click the selected entries on the Device View.
Figure 3.4.1: Via the menu button
Once the backup is successfully performed, the information in Device View/Inventory is updated.
3.4.1 Status Summary
Status icons in status pane show the status of the last backup performed. Each icon means the following:
Status |
Description |
Available Action in Status Summary |
|
Successes w/ Changes |
The backup was successful and |
|
|
more than one change was found |
|
|
in the configuration. |
|
Success w/o Changes |
The backup was successful but |
|
|
there is no change in the config- |
|
|
uration from the last backup. |
|
Invalid Credentials |
The icon indicates that the |
|
|
backup was inhibited during the |
|
|
authentication, which means the |
|
|
registered credential set was in- |
|
|
correct. If you click on the row, |
|
|
the error log shows up in the bot- |
|
|
tom. If you double-click on the |
|
|
icon then the Credentials dialog |
|
|
shows up, which is identical to |
|
|
what you find in Inventory → Credentials, and you can check |
|
|
the current credential informa- |
|
|
tion. |
|
Failures |
The icon indicates that netLD |
|
|
has failed to backup the config- |
|
|
uration due to the other causes. |
|
|
If you click on the row, the er- |
|
|
ror log shows up in the bottom. |
|
|
See Section 10-4 Status after Per- |
|
|
forming Backup for clearing each |
|
|
error. |
3.4.2 Status after Performing Backup
Status icons in the leftmost column in the device list show the backup status. You can see the detail by double-clicking on the icon.
Status Description |
Reason |
Backup Failed |
The configuration is backed up success-
fully. The running-config and startup-config were different. (Sec. 3.4.6) The credential set for the device was in- correct. If you double-click on the icon, Backup Error Detail dialog shows up. Review credential settings in Inventory → Credentials menu for the device. |
Compliance |
netLD could not access devices with certain protocols. Review the configuration or check the hardware, and also the Ethernet connection. The unintended answers are returned from the device. If you still have any troubles accessing the devices even after checking Credentials and Protocols, please contact to our support. . The startup-config is missing on the device |
|
The configuration contains a violation of compliance, which signaled a severity level Warning. Details are described in the later sections. (see Sec. 3.10) The configuration contains a violation of compliance, which signaled a severity level Error. |
3.4.3 Restoring the Configuration
netLD allows you to restore the past configuration of a device. double-clicking on a device in Inventory shows its backup history in the status pane. Select a configuration to restore and click on Restore the configuration button .
Once you click on the OK button in the confirmation dialog, it starts restoring the configuration.
Details of device hardware information and configuration backup are available by double-clicking on the device row. Information included in device property contains information that netLD has collected from the device in the backup and neighbor information. Latest information can be obtained explicitly, by performing the backup or correcting the neighbor information.
Uploading a configuration again relies on the protocol settings.Therefore you must specify the correct protocol to upload the configuration prior to the restoration.
(SeeSec. 2.3.2 (Protocols) for details.) For example, you need to enable TFTP in Inventory → Protocols menu for Cisco IOS configuration.
However, if you did not change the protocol from the default settings you do not have to care much about that because all protocols are enabled in the default Protocol settings.
Figure 3.4.2: Via the right click
Figure 3.4.3: Opening a device property in the status pane.
General tab displays the configurations or specifications of the devices. Note that information shown in this tab is based on the last backup netLD performed.
Compliance Tab
Compliance tab shows the violation contents if the device has violation against enabled policy. For more details, please refer to the compliance section Sec. 3.10, p. 116.
Hardware Tab
Hardware tab shows the hardware information of the device based on the last backup information.
Interfaces Tab
Interfaces tab shows the interface status of the devices based on the last backup information.
ARP/MAC/VLAN Tab
ARP/MAC/VLAN tab shows ARP table, MAC table and VLAN member ports information of the device. Note that information shown in this tab is based on
the last collect neighbor job netLD performed.
Before collecting the neighbor information, nothing is shown in left sub pane. Click on the Run Neighbor Collection Now to run the neighbor search.
And the result information is shown here.
3.4.5 Comparing the configurations
There are two style of comparison available: comparison among devices or along the history (the timeline). If you compare the configurations of two devices
(in the different or the same timestamp), then you should initially select two devices. Otherwise, you compare the configurations of single device at the
different timestamps and you should select one device in this case.
While selecting the device/s to compare, click on the Device → Compare con- figurations or in the right-click menu.
Access this feature via the tools menu.
Alternatively, access the feature using the right-click menu.
Select the configurations to compare and click on the Compare Configuration button. When you compare the historical configurations, check on Show Historical Configurations and the old configurations would appear in the list.
More conveniently, we can also compare the configurations on the Device Information. Select two of them in the list and click on the upper-left icon.
Currently we do not provides right-clicks on the device information.
The configuration diffis displayed in colors; red = removed, yellow = modified, and green = added.
3.4.6 Checking the Mismatch in startup-config and running- config
Configuration Mismatch is signaled when you have a device that has two configurations called running-config and startup-config, and the two configurations
differ to each other. startup-config is a configuration that is used when a device is rebooted, and it is supposed to be used in the regular operations, while
the running-config is a temporary configuration. If someone made changes to the startup-config but forgot to restart the device, it is highly likely that your
net- work is handled incorrectly. Also, If someone made changes to the running-config though they think the changes should be permanent, then the
changes will be reset upon startup, and again the network is configured incorrectly.
If the device status indicates the configuration mismatch, double-click on the icon to display configuration comparison in the status pane. Click
on the buttons at the upper right corner of the screen to overwrite the startup configuration with the running configuration, to revert the running
configuration to the startup configuration, or revert the running configuration to the startup configuration using the change adviser.
Figure 3.4.4: Comparison pane of a startup-config and running-config.
This feature is not available for all devices because some devices do not have running-config and startup-config. netLD does not show this icon for some devices even if there is a compliance violation.