What is the purpose of the startup-config?

You want to clear an old configuration out of your router and return it to a factory default configuration.

You can delete the current startup configuration files and return the router to its factory default settings with the erase nvram: command:

You can achieve the same result with the erase startup-config command:

Before you redeploy an old router that you have previously used for some other purpose, it is a good idea to completely erase the old configuration. This ensures that the router starts with a clean configuration. However, if you did this on a production router, it would wipe out the configuration and leave it with all of its interfaces down. Fortunately, completely deleting your configuration requires two steps: erasing the startup configuration file, followed by a reload.

After you erase your startup configuration file and reload the router, it will enter its configuration dialog mode. Most experienced Cisco engineers prefer to skip this mode:

At this point, the router’s configuration has been returned to the factory defaults:

You can now safely reconfigure the router for its new function. We note in passing that the factory defaults are slightly different, depending on the level of IOS you are running and the hardware installed in the router.

If you accidentally erase the startup configuration file, you can still recover if the router has not yet been reloaded. Simply copy the running configuration back to the startup configuration, and the router will be returned to normal:

But, if the router’s configuration is erased and the router is reloaded, it will either need to be reconfigured manually from memory, or preferably, from a backup copy, as in Recipe 1.2.

Page 2

You want to store a backup copy of your router’s configuration on a TFTP server.

This example shows how to use TFTP to upload a copy of the router’s active configuration to a remote server:

We cannot overstress the importance of making regular backups of your router configuration files and keeping copies in a safe place. If you have a serious failure that damages a router’s hardware or software, the configuration will be destroyed. And anybody who has had to reconstruct a complex router configuration file from memory will tell you how difficult and stressful this task is. But if you have a backup of the last working configuration file, you can usually get a router working again within minutes of fixing any hardware problems.

Typical Mean Time Between Failure (MTBF) estimates for Cisco routers tend to be about 16 years. This sounds like a long time, but in a large network it means that you can expect to see a few failures every year. Unfortunately, human error is far more common than a device failure, and these human errors can result in complete or partial loss of the configuration file.

In the example, we created an empty backup configuration file on the TFTP server and then instructed the router to send its running configuration to this server. It is important to adjust the file permissions with the Unix chmod command. The transfer will fail if the configuration file is not world writable. We highly recommend moving the configuration files out of the TFTP directory to ensure that the file isn’t read by unauthorized people or accidentally overwritten.

Reading files located in the TFTP directory is trivial because the TFTP program needs this directory to be both world readable and world writeable. Since router configuration files contain passwords and IP addresses, you should take steps to protect these files as much as possible. In fact, you don’t even need to be logged into the TFTP server to read these files. In the following example, we are able to access the TFTP server and read a router configuration file from another router:

As you can see, any files left in the TFTP directory can be easily viewed or even deliberately corrupted. TFTP is notoriously insecure, so we recommend using care whenever you work with this protocol.

Recipe 1.18 provides an automated script that gathers the configuration files for a list of routers on a nightly basis and stores these files for 30 days, by default.

Page 3

You want to use FTP directly from your router to download configuration or IOS files.

The copy ftp: command lets the router exchange files using FTP:

Notice that we explicitly defined a username and password in this example. If you don’t specify a username, the router will try to connect to the server’s anonymous FTP service.

Several recipes in this chapter have shown how to transfer files between your router and server by using TFTP. However, Cisco routers also support FTP. We find that FTP is better suited for transferring files over busy and congested links. While TFTP file transfers tend to abort if they encounter persistent congestion, FTP appears to be more resilient.

FTP is also somewhat more secure than TFTP because it uses usernames and passwords. TFTP has no user-level security features. However, FTP sends its passwords across the network in unencrypted cleartext, so it is still not highly secure.

In the example, we explicitly configured a FTP username and password on the router. Once this information is defined, using FTP is as easy as using TFTP. You can also override the username and password settings defined in the configuration file by including them on the command line:

Notice that we used URL format to specify the username and password as well as the server address and the filename that we wanted to download. The format of the FTP URL looks like this:

A colon separates the username, ijbrown, from the password, ianpassword. An @ sign then separates the user information from the server information, which can be either an IP address or a DNS name. Then a forward slash, /, separates the filename from the directory and filename.

If you don’t include an FTP username in the configuration or the command line, the router will default to using anonymous FTP. And, if no password is specified in either the router’s configuration or on the command line, the router will send a default password of .

It is important to remember that if you specify a username and password on the command line, it will override whatever values you have configured. If you don’t specify a username or password on the command line, the router will use the configured FTP username and password. If you don’t specify a username and password in either place, the router will resort to anonymous FTP.

Page 4

You want to load an IOS image into your router through a serial connection to the console or AUX ports.

You can use the following set of commands to copy an IOS image onto a router through either the console or the AUX port:

Cisco highly recommends using the AUX port for this procedure rather than the console port because the AUX port supports hardware flow control.

It can be quite useful to be able to load an IOS image through a serial connection, particularly if you don’t have access to a TFTP server, or if the router doesn’t have any accessible LAN interfaces. Although this feature is rarely used, Cisco does support xmodem and ymodem file transfers through a serial connection.

We also recommend enabling the CRC checksum feature when you use xmodem to download an IOS image through a serial connection. This will help ensure the integrity of the file transfer.

We should stress that this process can be extremely slow. Don’t even attempt to download an IOS image at the default speed of 9,600 bps unless you have an entire day to kill. We highly recommend increasing the speed to the highest value that your terminal emulation package will support. We have found that 115,200 bps provides the maximum throughput with the most reliability. The speed command allows you to change the speed of an asynchronous serial port:

In this example, we used Hyperterminal because it is included with the Windows operating system. However, almost any terminal emulation program that supports xmodem or ymodem protocols will work. In fact, we have found significant differences in download times between the various emulation packages, and Hyperterminal tends to be one of the slowest. Other packages such as ProComm tend to be somewhat faster. But they all work.

Even after we increased the speed of the Aux port to 115,200 bps, the file transfer took nearly 25 minutes to complete. By comparison, loading the same IOS version via TFTP through an Ethernet connection took less than four minutes. So, in general, we don’t recommend using this method unless you can’t use TFTP for some reason.

The first step, once you have a copy of the IOS image on your computer, is to connect to the router’s AUX port. Set the line speed to 115,200 bps on both the console port and the terminal emulator, and issue the copy command. The router will prompt you to begin the file transfer with the text “Ready to receive file.”

At this point, you should begin your file transfer protocol. If you are using Hyperterminal, select the “Transfer” drop-down menu, and then click on “Send-file.” It will prompt you for the file name and location, and protocol type. Enter the name of the IOS image, and then select “Xmodem” to start the file transfer.

During the file transfer, the connection is busy transferring the file, so the router can’t display any messages. This is normal. However, most terminal emulator programs provide a status window to let you keep track of the file transfer.

When the transfer is complete, the terminal emulator will drop out of the file transfer mode and the router will put up its normal prompt again. At this point, we highly recommend checking the new IOS image to make sure that it copied successfully. You can verify the file size as follows:

In this case, we loaded the image into the PCMCIA device in slot 1. If you put the image somewhere else, such as the internal flash memory, you would use the command show flash: instead.

If the file size is correct, check the image’s checksum by using the verify command: