As an experienced Cisco network engineer, you have often saved yourself from being locked out of a router when you make a change with a “reload in x” command. This handy command reboots most Cisco devices (routers, switches, firewalls) in the x number of minutes that you had specified. Thus, if you made a change that killed your connection to it, then you just have to wait until the time expires and the device reboots back up with the last saved configuration, allowing you to reconnect and remove your palm from your forehead.
All is well…. except for that fact that your device had been down for at least 5 minutes if it boots fast… and maybe 30 minutes if it’s a large stack of switches. And with your luck, of course it will be on a core switch or edge router that takes down the entire site. When you hear multiple furious feet pounding towards your desk, you start to contemplate your career choices.
It’s time to ditch the old trusty reload command in favor of the not quite so new. The archive config feature was introduced way back in IOS 12.3(4)T and then integrated into the mainline release 12.2(25)S. With this feature, you can enter into a config mode that will automatically reverse itself if you don’t confirm in the time you specified. This happens without a reboot so no service interruptions.
What you’ll need to do is first activate the feature, then add a few keywords to the beginning of your session. That’s it! And after you’re done configuring, then just confirm the change so that it will not revert.
Activating Archive config
You don’t have to create a directory on your bootflash, but I like to so that the archives don’t clutter up the root.
Green = command on CLI
Orange = CLI output
! confirm the creation of the directory
! save the config to the archive to make sure the path is good
! check to make sure that there is a copy of the config there
When you are ready to make changes, instead of typing “configuration terminal”, add the keywords “revert timer x” to the end. you’ll see something like this.
configure terminal revert timer 5
Rollback Confirmed Change: Backing up current running config to bootflash:/arch/R1-conf-Sep--5-23-30-33.172-3
Enter configuration commands, one per line. End with CNTL/Z.
If you don’t do anything else, once 5 minutes has past, the configuration will revert back. The system will warn you when there is 1 minute left. If you’re watching via terminal monitor mode, you’ll see this.
.Sep 5 23:34:33.251: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_WARNING_ABSTIMER: System will rollback to config bootflash:/arch/R1-conf-Sep--5-23-30-33.172-3 in one minute. Enter "configure confirm" if you wish to keep what you've configured
followed by this
.Sep 5 23:35:33.250: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_ROLLBACK_START: Start rolling to: bootflash:/arch/R1-conf-Sep--5-23-30-33.172-3
.Sep 5 23:35:33.262: %SYS-5-CONFIG_R: Config Replace is Done
If your changes went well, and you don’t want it to automatically revert, just type this in exec mode.
On the flip side, even if you didn’t loose connection but decided to ditch all of your changes… maybe the changes didn’t accomplish what you intended, there is a way to do that quickly. Instead of a roll back script, you can just manually revert the config with this command.
configure revert now
There is a lot more things that this feature can do like copying or loading configs to network locations (e.g. tftp), combined with automatically backing up the config (time-period command above).