Undoing running configuration

Answered Question
Jan 14th, 2009
User Badges:


What is the safest way to undo running configuration in cisco switches and routers.

Correct Answer by massimiliano.se... about 8 years 2 months ago

Hi,

without reloading you can use:

copy startup-config running-config

In this way you copy the content of the startup config in the running config


In order to view the content of the startup config you can use the command:

show startup-config

I hope this helps.

Best regards.

Massimiliano,

Cisco Endorsed by gmicek
Richard Burts about 8 years 2 months ago

copy startup-config running-config is not a reliable (or sometimes effective) way to remove changes made in the running config. The copy to running config does a merge of the two config files. Where the same command exists in both configs the command from startup will replace the command in running. But if a command exists in running and not in startup then it will still exist after doing the copy from startup to running.


Perhaps an example will help to clarify the issue. Lets assume that the startup config has interface fastethernet0/0 with an IP address configured and with no ip access-group on the interface and that access list 101 does not exist in the startup config. Then assume that you make changes in the running config by configuring:

access-list 101 deny ip any any

interface fastethernet0/0

ip access-group 101 in

end

Then you realize that this is having a bad effect :(

so you do copy startup-config running-config. IOS does the copy but it will not remove access list 101 and it will not remove the ip access-group command. So you still have a bad thing.


In my experience the only effective way to be sure that changes are removed is to reload. I do not have experience with configure replace config but it sounds interesting.


HTH


Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (5 ratings)
Loading.
fjcardenas-1 Wed, 01/14/2009 - 06:59
User Badges:

If you don't want to save the running configuration and want to go back to the startup configuration just make a reload (#reload).

Correct Answer
massimiliano.se... Wed, 01/14/2009 - 07:07
User Badges:
  • Silver, 250 points or more

Hi,

without reloading you can use:

copy startup-config running-config

In this way you copy the content of the startup config in the running config


In order to view the content of the startup config you can use the command:

show startup-config

I hope this helps.

Best regards.

Massimiliano,

mike_guy29 Wed, 01/14/2009 - 07:59
User Badges:

Hi,


I would be careful doing copy startup-config running-config. As far as I understand (correct me if I am wrong somebody) is that this does not replace the running with the startup config, but instead it merges the two and can produce some unexpected results if you are not careful.


I've always heard comments against doing this for this reason.


Thanks

cisco_lite Wed, 01/14/2009 - 08:42
User Badges:


So what would be the safest and easiest way to revert the running config changes. I am sure this is a common need due to unexpected results because of running config changes.

mike_guy29 Wed, 01/14/2009 - 08:49
User Badges:

I suppose it depends on what you are doing. If it is just a single or few commands then usually I would just undo it by reverting what I did using the "no..." commands


If you are talking about a lot of configuration, then potentially saving and taking a copy of the configuration before and as someone else said reloading if things go wrong to revert back to the original.


As I said in my last post I am happy for someone to correct me if I am wrong about the copy start run command. But as I understand it its not always a good idea (I guess it would depend on what is in the configuration). I for one only use it if having to recover passwords etc where the running configuration is already blank (well default factory anyway)


Thanks

zartar911 Wed, 01/14/2009 - 11:44
User Badges:

One other option without reloading is to use #configure replace



fjcardenas-1 Wed, 01/14/2009 - 09:07
User Badges:

Hey mike_guy29


That's what I've heard and read... that's why I recommended the reload instead of the copy.

Richard Burts Thu, 01/15/2009 - 05:51
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

copy startup-config running-config is not a reliable (or sometimes effective) way to remove changes made in the running config. The copy to running config does a merge of the two config files. Where the same command exists in both configs the command from startup will replace the command in running. But if a command exists in running and not in startup then it will still exist after doing the copy from startup to running.


Perhaps an example will help to clarify the issue. Lets assume that the startup config has interface fastethernet0/0 with an IP address configured and with no ip access-group on the interface and that access list 101 does not exist in the startup config. Then assume that you make changes in the running config by configuring:

access-list 101 deny ip any any

interface fastethernet0/0

ip access-group 101 in

end

Then you realize that this is having a bad effect :(

so you do copy startup-config running-config. IOS does the copy but it will not remove access list 101 and it will not remove the ip access-group command. So you still have a bad thing.


In my experience the only effective way to be sure that changes are removed is to reload. I do not have experience with configure replace config but it sounds interesting.


HTH


Rick

mike_guy29 Thu, 01/15/2009 - 06:12
User Badges:

Glad to hear I am not just making things up! Thanks for the extra clarification

cisco_lite Thu, 01/15/2009 - 10:44
User Badges:

Rick,


But reload is not always the possible choice in Production. A reload may mean downtime or unwanted failover event.


Wouldn't it be better to undo the new running-config changes until it looks just like startup-config and then do a copy run start to have all in sync.


Do you know of any reliable Cisco configuration comparision tool.

mike_guy29 Thu, 01/15/2009 - 11:46
User Badges:

Hi,


Agreed. Reloads are not always possible. And unless the brown stuff had really hit the fan there is no real need for a reload. I would just negate what I have done using the "no..." command. However if you need to revert back everythings gone wrong and your startup config was prior to the changes then yes a reload would revert back.


So if possible undo what you have done manually with the "no..." command. If it all goes really wrong and you must roll back and cannot remember config you have put in etc then a reload would revert back (make sure you save config prior to working though!!)


However copy start run is not a good idea though. So avoid that if you can!


Hope that helps

Richard Burts Thu, 01/15/2009 - 12:47
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

The original question was what is the most safe way to undo config changes. I would interpret safe as meaning doing a complete removal and minimizing the opportunity for errors in the removal (not removing ALL of the changes, or removing something that was not changed). In that interpretation I still maintain that reload is the safest alternative. If you interpret the question differently then other answers may fit.


I agree that sometimes a reload will not be chosen because of the impact of the reload. And therefore different methods of recovery may be used. But the other methods, such as manually backing out config changes, or using the copy startup-config to running-config, are more subject to error and are inherently less safe than a reload.


HTH


Rick

mlund Fri, 01/16/2009 - 00:53
User Badges:
  • Silver, 250 points or more

Hi

I think there has been another thread about this, but I can't find it. However I copied a bit of it, and it is using the "config replace" and "archive" commands.

example

! this is better than "reload in 2"

r#show archive

There ara currently 4 archive configurations saved.

The next archive file will be named disk0:/config-archive-4

Archive # Name

0

1 disk0:/config-archive-1

2 disk0:/config-archive-2

3 disk0:/config-archive-3 <- Most recent


r#config replace disk00:/config-archive-3 time 120

:

... config changes are made

:

... your config change work OK

:

r#no config replace disk0:config-archive-3


here is a link describing it.

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gtrollbk.html


/Mikael

cisco_lite Fri, 01/16/2009 - 02:58
User Badges:


In the given link, it is mentioned


'When using the configure replace command, you must specify a saved Cisco IOS configuration as the replacement configuration file for the current running configuration'


Should a configure replace be followed by copy run start.

mlund Fri, 01/16/2009 - 03:42
User Badges:
  • Silver, 250 points or more

That depends of what you are trying to achive.

If the replaced config is not the same as in the startup-config, if a reload then occurs (by reload or by power-outage) then the stratup-config will be in place, and the replaced config will be lost.

If the replaced config is the one You want to be active even after a reboot, then a copy run start will be the right thing to do.


/Mikael

Actions

This Discussion