如何通过SNMP协议保存思科路由器配置文件

Everyone knows there are software to get the configuration using SNMP; but how can you copy the configuration if you don’t have any tool?

Let me explain what is SNMP before show you how to implement it.

Simple Network Management Protocol (SNMP) is an “Internet-standard protocol for managing devices on IP networks”. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more. It is used mostly innetwork management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP uses an extensible design, where the available information is defined by management information bases (MIBs). MIBs describe the structure of the management data of a device subsystem; they use a hierarchical namespace containing object identifiers (OID). Each OID identifies a variable that can be read or set via SNMP.

In this tutorial, I will use the

OK, let’s start :)

First of all, check if your PC has the SNMP suite; if not, install the net-snmp software (http://net-snmp.sourceforge.net/).

So, to retrieve the configuration, run these commands:

snmpset -c [snmp-community-string] -v 2c [ip-device] 1.3.6.1.4.1.9.9.96.1.1.1.1.2.336 i 1snmpset -c [snmp-community-string] -v 2c [ip-device] 1.3.6.1.4.1.9.9.96.1.1.1.1.3.336 i 4snmpset -c [snmp-community-string] -v 2c [ip-device] 1.3.6.1.4.1.9.9.96.1.1.1.1.4.336 i 1snmpset -c [snmp-community-string] -v 2c [ip-device] 1.3.6.1.4.1.9.9.96.1.1.1.1.5.336 a [ip-tftp-server]snmpset -c [snmp-community-string] -v 2c [ip-device] 1.3.6.1.4.1.9.9.96.1.1.1.1.6.336 s [file-name]snmpset -c [snmp-community-string] -v 2c [ip-device] 1.3.6.1.4.1.9.9.96.1.1.1.1.14.336 i 1

where:

• snmp-community-string is the community key of your cisco router.
• ip-device is the ip address of your Cisco device.
• ip-tftp-server is the ip address of your tftp server.
• file-name is the name where the running configuration will be saved.

Remember: The command syntax are the same on linux or windows devices.

Example #1:
Suppose you have a Cisco Router (192.168.1.1) with the “c1sc0zine” community string, a tftp server with 192.168.1.100 ip address and you want to save the running configuration to the tftp-server (in the ciscozine.txt file).

 

The client sends the “snmp set” commands to the router, then the router sends the running configuration to the tftp server using the tftp protocol.

Below the command list:

snmpset -c c1sc0zine -v 2c 192.168.1.1 1.3.6.1.4.1.9.9.96.1.1.1.1.2.336 i 1snmpset -c c1sc0zine -v 2c 192.168.1.1 1.3.6.1.4.1.9.9.96.1.1.1.1.3.336 i 4snmpset -c c1sc0zine -v 2c 192.168.1.1 1.3.6.1.4.1.9.9.96.1.1.1.1.4.336 i 1snmpset -c c1sc0zine -v 2c 192.168.1.1 1.3.6.1.4.1.9.9.96.1.1.1.1.5.336 a 192.168.1.100snmpset -c c1sc0zine -v 2c 192.168.1.1 1.3.6.1.4.1.9.9.96.1.1.1.1.6.336 s ciscozine.txtsnmpset -c c1sc0zine -v 2c 192.168.1.1 1.3.6.1.4.1.9.9.96.1.1.1.1.14.336 i 1

But what is the meaning of the last part of each command? See you below an explanation:

1.3.6.1.4.1.9.9.96.1.1.1.1.2.336 i 1

ccCopyProtocol: The protocol file transfer protocol that should be used to copy the configuration file over the network. If the config file transfer is to occur locally on the SNMP agent, the method of transfer is left up to the implementation, and is not restricted to the protocols below. The object can be:

1. tftp
2. ftp
3. rcp
4. scp
5. sftp

 

1.3.6.1.4.1.9.9.96.1.1.1.1.3.336 i 4

ccCopySourceFileType: Specifies the type of file to copy from. The object can be:

1. networkFile
2. iosFile
3. startupConfig
4. runningConfig
5. terminal
6. fabricStartupConfig

 

1.3.6.1.4.1.9.9.96.1.1.1.1.4.336 i 1

ccCopyDestFileType: specifies the type of file to copy to. The object can be:

1. networkFile
2. iosFile
3. startupConfig
4. runningConfig
5. terminal
6. fabricStartupConfig

 

1.3.6.1.4.1.9.9.96.1.1.1.1.5.336 a 192.168.1.100

ccCopyServerAddress: The IP address of the TFTP server to copy the configuration file. In this case the tftp server is 192.168.1.100.

 

snmpset -c c1sc0zine -v 2c 192.168.1.1 1.3.6.1.4.1.9.9.96.1.1.1.1.6.336 s ciscozine.txt

ccCopyFileName: The file name (including the path, if applicable) of the file.

 

1.3.6.1.4.1.9.9.96.1.1.1.1.14.336 i 1

ccCopyEntryRowStatus: The status of this table entry. Once the entry status is set to active, the associated entry cannot be modified until the request completes (ccCopyState transitions to ‘successful’ or ‘failed’ state). The object can be:

1. active
2. notInService
3. notReady
4. createAndGo
5. createAndWait
6. destroy

Note: When you run this command, the router will send the running configuration to the ftp-server!

 

Remember: The object types can be:

• i: INTEGER
• u: unsigned INTEGER
• t: TIMETICKS
• a: IPADDRESS
• o: OBJID
• s: STRING
• x: HEX STRING
• d: DECIMAL STRING
• b: BITS
• U: unsigned int64
• I: signed int64
• F: float
• D: double

 

Example #2:
What can you do if you are not able to install/use the net-snmp suite on your pc? It’s simple! Use your router!

 

Not everyone knows that the IOS has an embedded hidden commands for snmp operation. In fact, if you want to save the startup configuration to the tftp server, run these commands on your router:

snmp set v2c 192.168.1.1 c1sc0zine oid 1.3.6.1.4.1.9.9.96.1.1.1.1.2.333 integer 1snmp set v2c 192.168.1.1 c1sc0zine oid 1.3.6.1.4.1.9.9.96.1.1.1.1.3.333 integer 3snmp set v2c 192.168.1.1 c1sc0zine oid 1.3.6.1.4.1.9.9.96.1.1.1.1.4.333 integer 1snmp set v2c 192.168.1.1 c1sc0zine oid 1.3.6.1.4.1.9.9.96.1.1.1.1.5.333 ip-address 192.168.1.100snmp set v2c 192.168.1.1 c1sc0zine oid 1.3.6.1.4.1.9.9.96.1.1.1.1.6.333 string ciscozine.txtsnmp set v2c 192.168.1.1 c1sc0zine oid 1.3.6.1.4.1.9.9.96.1.1.1.1.14.333 integer 1

as you notice, the last value of the second line is “3” and not “4”; this because I want save the startup configuration, not the running configuration!

The output will be:

Ciscozine-test#snmp set v2c 192.168.1.1 c1sc0zine oid 1.3.6.1.4.1.9.9.96.1.1.1.1.2.333 integer 1SNMP Response: reqid 8, errstat 0, erridx 0  ccCopyTable.1.2.333 = 1Ciscozine-test#Ciscozine-test#snmp set v2c 192.168.1.1 c1sc0zine oid 1.3.6.1.4.1.9.9.96.1.1.1.1.3.333 integer 3SNMP Response: reqid 9, errstat 0, erridx 0  ccCopyTable.1.3.333 = 3Ciscozine-test#Ciscozine-test#snmp set v2c 192.168.1.1 c1sc0zine oid 1.3.6.1.4.1.9.9.96.1.1.1.1.4.333 integer 1SNMP Response: reqid 10, errstat 0, erridx 0  ccCopyTable.1.4.333 = 1Ciscozine-test#Ciscozine-test#snmp set v2c 192.168.1.1 c1sc0zine oid 1.3.6.1.4.1.9.9.96.1.1.1.1.5.333 ip-address 192.168.1.100SNMP Response: reqid 11, errstat 0, erridx 0  ccCopyTable.1.5.333 = 192.168.1.100Ciscozine-test#Ciscozine-test#snmp set v2c 192.168.1.1 c1sc0zine oid 1.3.6.1.4.1.9.9.96.1.1.1.1.6.333 string ciscozine.txtSNMP Response: reqid 12, errstat 0, erridx 0  ccCopyTable.1.6.333 = ciscozine.txtCiscozine-test#Ciscozine-test#snmp set v2c 192.168.1.1 c1sc0zine oid 1.3.6.1.4.1.9.9.96.1.1.1.1.14.333 integer 1SNMP Response: reqid 13, errstat 0, erridx 0  ccCopyTable.1.14.333 = 1Ciscozine-test#

… and your tftp server will receive the startup configuration!

Note: What is the last OID element (in these two examples the number “333”)? It’s arandom number! Each time you copy to or from a device using SNMP, choose a random number. This number creates a row instance. It must be the same everywhere in your command. Once you use a specific number, it can not be used again before it times out.The timeout is five minutes. If you use the same number within the five minutes, you get an error (SNMP: Inconsistent value.)

References:

• http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol
• http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en

Summary

Article Name

How to save configurations using SNMP

Description

Generally, the SNMP protocol is used to receive bandwith/error interface values, but not everyone know that it is possibile to save Cisco configuration using the ciscoConfigCopyMIB MIB.

Author

Fabio Semperboni

• salman

  what if i don’t have dedicated tftp server in my LAN and i have installed cisco tftp server software on my personal laptop
  so it’ll work????
  and if i put all these commands then will i get configuration automatically whenever there’ll be a change in configuration of that router????
  kindly help me to clear my confusion!!!

• Fabio Semperboni

  Hi,
  it is not mandatory that the tftp server is in the same vlan.
  For the second question, no the command save the configuration only one time; if you change the configuration you need run again the command.

• Gian Matteo Esposito

  Simple and great. You are one of my “numbers one” !

  Last example (self snmp set) is very cute… and certainly the best way to complicate your life instead of using the trivial “copy start tftp” ;)

• Fabio Semperboni

  Thanks for the congrats :)

• roseliopi

  wonderful, help me a lot, for a newer.

• pughaz

  Can we schedule this every day or weekly …
  As a auto backup

• Pingback: Send Cisco commands via SNMP | CiscoZine()

• DEDE

  Thank you so much Fabio Semperboni it works perfectly

• unixrab

  Fabio… how would I reverse this and send the running config TO the router after I’ve made some changes FROM the tftpserver? Thanks!

• Fabio Semperboni

  Check this article
  http://www.ciscozine.com/send-cisco-commands-via-snmp/

• Mijk Eielts

  copy tftp: run ?

• Fabio Semperboni

  It depends by the protocol you would use to change configuration.