October 11, 2017 at 13:51Cisco IOS Archive Functionality
- Tutorial
I will not write a large introduction, I will only say that Archive is a convenient tool that was introduced in IOS 12.3 (4) and can serve to solve several problems:
You can specify the storage path for archive configurations as follows:
Of course, you can store it on the local store (flash :, disk0 :, sup-bootflash :, nvram :), but how then to restore the configuration in case of device death?
Now try to create the archive manually:
ATTENTION: the “archive config” command archives exactly the current device configuration (running-config), and does not save running-config in startup-config.
It turned out a file with this name:
Why with this? Because the default name of the configuration archive file is “ [string] --№ ”:
If you decide to use local storage to archive configuration files, it makes sense to limit the number of files. You can specify a maximum of 14. In my example, I use unix storage: due to the fact that I use IOU / IOL in UnetLAB:
In this case, after changing the archiving path to the local one and setting the limit to 5 files, when trying to create the 6th archive, the oldest archive file will be deleted.
But if I tried to limit the number of stored archive configurations on a remote TFTP server:
If the archiving path is network, then the restriction cannot be set - it should be limited by the means of the server where the files are being poured.
Everything is clear with the path, but you need to make archives automatically. The “write-memory” command in the context of “archive” will enable automatic archiving when saving running-config to startup-config:
It doesn’t matter what to use: “wr mem” or “copy run start” - the archive will be created. In this example, after using the commands, 2 files were created.
Archiving when copying running-config to startup-config is good, but if we need regular copying? You can use the “time period” command indicating the interval of minutes through which archiving will be performed. For example, you can use the value 10080 to archive every week. Here is the result of auto-archiving every minute:
What if you need to archive not at a specific time interval, but at a specific time? The answer is kron . Kron is determined by politics and sheduler. The syntax is intuitive, so it’s easier to show with an example.
Let's set the policy:
^ this is the command that will be executed
It is worth considering an important point: kron does not support interactive commands in the cli command, which require some dialogue. For example, “copy run start” will ask for the file name to save, so it will not work in kron. Therefore, you need to use “wr mem”.
Let's set the sheduler:
Where:
CONFIG_BACKUP_SCHED - the name of the sheduler;
at and in - obviously, execution at a certain time or at a certain interval, respectively. In the case of at, the time is indicated as follows: {hh: mm [month] [day of the month] [day of the week]}. In my example, the execution is daily;
oneshot , recurring - perform once or regularly respectively. The documentation seems to have seen that in some versions of IOS the system-startup option is also available, i.e. execution at startup
policy-list CONFIG_BACKUP - indicates the policy with which to work.
Thus, in my example, the “wr mem” command will be executed daily at 10:00, and this will entail archiving the configuration (according to the archive setting).
This will be approximately the configuration of kron:
The name of the archive file does not seem very telling. I mentioned above that the file name is formed like this: “-“No.” If you make out:
Not a very readable name, but a millisecond is so clearly not needed. This is a consequence of:
To set up a readable file display, you need to fix the timestamp format (we also specify the time zone):
Now the file looks like this:
i.e. “Month-day-year-hour-minute-second-hour-zone-belt-file-number”.
From the format of the “service timestamps” command, it’s quite clear how to remove, for example, a year or time zone.
What is the host name? For clarity, you can use this form:
Then, as you can see, the file name will consist of the text “SW1” and a temporary stamp. It will become clear from which device the configuration. But if the hostname changes, you will have to manually change this setting in archive. You can use the $ h variable , which stores the host name. By the way, the variable $ t stores timestamp, but now it does not make sense to use it, in iOS 15automatically substituted in the file name. In IOS 12, I would have to use the entry “path tftp: //10.0.5.1/$h-$t”, now this is enough:
And the result:
The “Archive” function allows not only to archive configuration files, but also to archive entered configuration commands, i.e. those commands that changed the configuration of the device and also the “enable” command (that is, if someone enters privileged mode, this will also go to the log).
The difference from “show history” is obvious (history list only my personal commands). But it is better to show with an example:
logging enable - enables logging of configuration commands;
logging size - the maximum number of stored commands;
hidekeys - hide passwords when viewing logged commands.
How it all looks:
Those. we see the username (in my case mark and greg), the line with which the actions were performed, we even see the “enable” command, but DO NOT see the password of the created greg (as it was intended).
It will also notify the syslog server (if it is configured, well, or it will pour into the console and monitor) with approximately the following messages:
You can also view information for each user by session:
But here it is worth considering that the session in this context is the login session to configure terminal. Those. 3 sessions does not mean at all that mark was logged out, it only means that it exited the configuration mode.
And a couple more examples:
Along with the Archive feature in iOS, a useful feature for comparing configurations has appeared. For example, compare startup-config with the config on the tftp server:
+ means that the line is in the second specified configuration file (i.e., in SW1-Jan-13-2017-10-00-00-Golf-3), but it is not in the first (i.e. in startup-config );
- means that the line is in the first configuration file (in startup-config), but it is not in the second (in SW1-Jan-13-2017-10-00-00-Golf-3).
To compare running-config with the same configuration file on a remote tftp server, the command will be used:
To compare running-config with startup-config, just use a short entry:
In fact, this is the command “ show archive config differences system: running-config nvram: startup-config ”.
Well, in this case, it is clear that run differs from start only in that the eth0 / 3 interface is administratively disabled in the current configuration.
The “show archive config incremental-diffs” command with the configuration file will show which lines will be added to running-config during the copy operation from this file to run:
But it is worth remembering that copy for running-config is not at all the same as configure replace .
If you look, for example, startup-config:
Those. “Differences” indicates that eth0 / 3 is disabled in run, but “incremental-diffs” says that when copying “start start run” to the current configuration nothing will be added. Those. with this command we will not roll back running-config to startup-config.
When working through vty, some use the “reload in [min]” command so that if errors are made in the current configuration and access to the device is lost, the device automatically reboots after a certain time interval and the changes are rolled back to startup-config.
Archive allows you to solve such problems without rebooting the device - delayed rollback running-config.
ATTENTION: to use rollbacks, configuration archiving must be configured. For example, this:
a. Rollback after a certain period of time We
proceed to the configuration of the equipment. Pre-set the rollback timer with the “configure terminal revert timer” command:
As you can see, running-config was archived at 10.0.5.1/SW1-Jan-13-2017-16-16-30-Golf-1 and rollback to this file was postponed for 20 minutes.
Now, for example, make changes (disable eth0 / 3):
Time passes when 1 minute remains before the rollback, iOS warns me:
The minute expires and a rollback occurs (in fact, “configure replace”):
We check:
Eth0 / 3 is not disabled, i.e. rollback successful.
b. How much time is left. Instant rollback
Information on how much time is left before the rollback can be found using the “show archive config rollback timer” command:
How much time is left is not shown, but the time when the interval was configured and the length of the interval itself, i.e. can be counted.
How to change the interval - reduce or increase? The “configure revert timer” command:
In fact, this command does not add or remove anything, but simply sets a new interval from the current moment.
How to make an instant rollback? The “configure revert now” command:
Well, I had no changes in this case. This is the same as “configure replace”, only the config you need to roll back to cannot be specified.
c. How to cancel a rollback
Suppose we set a rollback interval, make changes, and we are satisfied with the current configuration. How to cancel rollback running-config? The “configure confirm” command:
It should be clearly understood that “configure confirm” is not saving run to start, it is just canceling the rollback.
ATTENTION: after confirming the configuration, i.e. cancellation of rollback MUST check “show archive config rollback timer”. The answer should be like this:
PS Throughout the article, I mentioned this more than once, but finally I’ll repeat it: rollback, like configure replace, is the rollback of running-config and no other file.
- Auto save configuration
- Logging of each entered command in configuration mode
- Compare and rollback configurations
Auto save configuration
1. The storage path of the configuration. Rotation
You can specify the storage path for archive configurations as follows:
SW1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#archive
SW1(config-archive)#path tftp://10.0.5.1/
SW1(config-archive)#end
SW1#
Of course, you can store it on the local store (flash :, disk0 :, sup-bootflash :, nvram :), but how then to restore the configuration in case of device death?
Now try to create the archive manually:
SW1#archive config
!
SW1#ATTENTION: the “archive config” command archives exactly the current device configuration (running-config), and does not save running-config in startup-config.
It turned out a file with this name:
Why with this? Because the default name of the configuration archive file is “ [string] -
SW1#show archive
The maximum archive configurations allowed is 10.
The next archive file will be named tftp://10.0.5.1/--1
Archive # Name
1 tftp://10.0.5.1/-Jan-11-15-44-33.695-0 <- Most Recent
2
......
10
If you decide to use local storage to archive configuration files, it makes sense to limit the number of files. You can specify a maximum of 14. In my example, I use unix storage: due to the fact that I use IOU / IOL in UnetLAB:
SW1(config-archive)#path unix:
SW1(config-archive)#maximum 5
In this case, after changing the archiving path to the local one and setting the limit to 5 files, when trying to create the 6th archive, the oldest archive file will be deleted.
But if I tried to limit the number of stored archive configurations on a remote TFTP server:
SW1(config-archive)#maximum 3
Cannot set maximum when backing up to network path
If the archiving path is network, then the restriction cannot be set - it should be limited by the means of the server where the files are being poured.
2. Automatic archiving. Kron
Everything is clear with the path, but you need to make archives automatically. The “write-memory” command in the context of “archive” will enable automatic archiving when saving running-config to startup-config:
SW1(config-archive)#write-memory
SW1(config-archive)#end
SW1#write mem
Building configuration...
Compressed configuration from 1177 bytes to 843 bytes[OK]!
SW1#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
Compressed configuration from 1177 bytes to 843 bytes[OK]!
SW1#
It doesn’t matter what to use: “wr mem” or “copy run start” - the archive will be created. In this example, after using the commands, 2 files were created.
Archiving when copying running-config to startup-config is good, but if we need regular copying? You can use the “time period” command indicating the interval of minutes through which archiving will be performed. For example, you can use the value 10080 to archive every week. Here is the result of auto-archiving every minute:
SW1(config)#archive
SW1(config-archive)#time-period 1
SW1(config-archive)#!
SW1(config-archive)#end
SW1#
What if you need to archive not at a specific time interval, but at a specific time? The answer is kron . Kron is determined by politics and sheduler. The syntax is intuitive, so it’s easier to show with an example.
Let's set the policy:
SW1(config)#kron policy-list CONFIG_BACKUP
SW1(config-kron-policy)#cli wr mem
SW1(config-kron-policy)#exit
^ this is the command that will be executed
It is worth considering an important point: kron does not support interactive commands in the cli command, which require some dialogue. For example, “copy run start” will ask for the file name to save, so it will not work in kron. Therefore, you need to use “wr mem”.
Let's set the sheduler:
SW1(config)#kron occurrence CONFIG_BACKUP_SCHED ?
at Date of kron occurrence eg. 14:30 Feb 13
in Delta time to kron occurrence
SW1(config)#kron occurrence CONFIG_BACKUP_SCHED at ?
hh:mm Time of day for occurrence (hh:min eg. 14:30)
SW1(config)#kron occurrence CONFIG_BACKUP_SCHED at 10:00 ?
<1-31> Day of month
DAY Day of Week eg mon, tue, etc
MONTH Month of year eg jan, feb, etc
oneshot Schedule kron occurrence exactly once
recurring Schedule kron occurrence repeatedly
SW1(config)#kron occurrence CONFIG_BACKUP_SCHED at 10:00 recurring
Clock currently not set it reads 16:25:44 UTC Wed Jan 11 2017
SW1(config-kron-occurrence)#policy-list CONFIG_BACKUP
SW1(config-kron-occurrence)#end
SW1#
Where:
CONFIG_BACKUP_SCHED - the name of the sheduler;
at and in - obviously, execution at a certain time or at a certain interval, respectively. In the case of at, the time is indicated as follows: {hh: mm [month] [day of the month] [day of the week]}. In my example, the execution is daily;
oneshot , recurring - perform once or regularly respectively. The documentation seems to have seen that in some versions of IOS the system-startup option is also available, i.e. execution at startup
policy-list CONFIG_BACKUP - indicates the policy with which to work.
Thus, in my example, the “wr mem” command will be executed daily at 10:00, and this will entail archiving the configuration (according to the archive setting).
This will be approximately the configuration of kron:
SW1#show running-config | section kron
kron occurrence CONFIG_BACKUP_SCHED at 10:00 recurring
policy-list CONFIG_BACKUP
kron policy-list CONFIG_BACKUP
cli wr mem
3. Variables in the name of the configuration archive. Timestamp
The name of the archive file does not seem very telling. I mentioned above that the file name is formed like this: “-
Not a very readable name, but a millisecond is so clearly not needed. This is a consequence of:
SW1#show running-config | section timestamp
service timestamps debug datetime msec
service timestamps log datetime msec
To set up a readable file display, you need to fix the timestamp format (we also specify the time zone):
SW1(config)#clock timezone Golf +7
SW1(config)#service timestamps log datetime year localtime show-timezone
Now the file looks like this:
i.e. “Month-day-year-hour-minute-second-hour-zone-belt-file-number”.
From the format of the “service timestamps” command, it’s quite clear how to remove, for example, a year or time zone.
What is the host name? For clarity, you can use this form:
SW1(config)#archive
SW1(config-archive)#path tftp://10.0.5.1/SW1
SW1(config-archive)#end
SW1#show archive
The maximum archive configurations allowed is 10.
The next archive file will be named tftp://10.0.5.1/SW1--0
.....
Then, as you can see, the file name will consist of the text “SW1” and a temporary stamp. It will become clear from which device the configuration. But if the hostname changes, you will have to manually change this setting in archive. You can use the $ h variable , which stores the host name. By the way, the variable $ t stores timestamp, but now it does not make sense to use it, in iOS 15
SW1(config)#archive
SW1(config-archive)#path tftp://10.0.5.1/$h
SW1(config-archive)#end
SW1#
And the result:
Logging entered commands
The “Archive” function allows not only to archive configuration files, but also to archive entered configuration commands, i.e. those commands that changed the configuration of the device and also the “enable” command (that is, if someone enters privileged mode, this will also go to the log).
The difference from “show history” is obvious (history list only my personal commands). But it is better to show with an example:
SW1(config)#archive
SW1(config-archive)#log config
SW1(config-archive-log-cfg)#logging enable
SW1(config-archive-log-cfg)#logging size 200
SW1(config-archive-log-cfg)#hidekeys
logging enable - enables logging of configuration commands;
logging size - the maximum number of stored commands;
hidekeys - hide passwords when viewing logged commands.
How it all looks:
SW1#show archive log config all
idx sess user@line Logged command
1 1 mark@console | logging enable
2 1 mark@console | logging size 200
3 1 mark@console | hidekeys
4 2 mark@console |username greg privilege 1 secret *****
5 2 mark@console |!config: USER TABLE MODIFIED
6 0 greg@vty0 |!exec: enable
Those. we see the username (in my case mark and greg), the line with which the actions were performed, we even see the “enable” command, but DO NOT see the password of the created greg (as it was intended).
SW1(config-archive-log-cfg)#notify syslog
It will also notify the syslog server (if it is configured, well, or it will pour into the console and monitor) with approximately the following messages:
*Jan 12 2017 17:12:30 Golf: %PARSER-5-CFGLOG_LOGGEDCMD: User:mark logged command:interface Ethernet0/3
*Jan 12 2017 17:12:32 Golf: %PARSER-5-CFGLOG_LOGGEDCMD: User:mark logged command:no shutdown
You can also view information for each user by session:
But here it is worth considering that the session in this context is the login session to configure terminal. Those. 3 sessions does not mean at all that mark was logged out, it only means that it exited the configuration mode.
And a couple more examples:
Comparison of configurations. Rollback configuration
1. Comparison of configurations
Along with the Archive feature in iOS, a useful feature for comparing configurations has appeared. For example, compare startup-config with the config on the tftp server:
SW1#$show archive config differences nvram:startup-config tftp://10.0.5.1/SW1-Jan-13-2017-10-00-00-Golf-3
Loading SW1-Jan-13-2017-10-00-00-Golf-3 from 10.0.5.1 (via Vlan1): !
[OK - 1483 bytes]
!Contextual Config Diffs:
+service timestamps log datetime localtime show-timezone year
+username greg secret 4 WGWXTgqyMqk91MhF3Gz5CQdMnLHU4clSthRczGfB2dY
+clock timezone Golf 7 0
+archive
+log config
+logging enable
+logging size 200
+hidekeys
+path tftp://10.0.5.1/$h
+write-memory
+kron occurrence CONFIG_BACKUP_SCHED at 10:00 recurring
+policy-list CONFIG_BACKUP
+kron policy-list CONFIG_BACKUP
+cli wr mem
-service timestamps log datetime msec
+ means that the line is in the second specified configuration file (i.e., in SW1-Jan-13-2017-10-00-00-Golf-3), but it is not in the first (i.e. in startup-config );
- means that the line is in the first configuration file (in startup-config), but it is not in the second (in SW1-Jan-13-2017-10-00-00-Golf-3).
To compare running-config with the same configuration file on a remote tftp server, the command will be used:
SW1#show archive config differences system:running-config tftp://10.0.5.1/SW1-Jan-13-2017-10-00-00-Golf-3
To compare running-config with startup-config, just use a short entry:
SW1#show archive config differences
!Contextual Config Diffs:
interface Ethernet0/3
-shutdown
In fact, this is the command “ show archive config differences system: running-config nvram: startup-config ”.
Well, in this case, it is clear that run differs from start only in that the eth0 / 3 interface is administratively disabled in the current configuration.
The “show archive config incremental-diffs” command with the configuration file will show which lines will be added to running-config during the copy operation from this file to run:
SW1#$ show archive config incremental-diffs tftp://10.0.5.1/SW1-Jan-13-2017-10-00-00-Golf-3
Loading SW1-Jan-13-2017-10-00-00-Golf-3 from 10.0.5.1 (via Vlan1): !
[OK - 1483 bytes]
!List of Commands:
service timestamps log datetime localtime show-timezone year
username greg secret 4 WGWXTgqyMqk91MhF3Gz5CQdMnLHU4clSthRczGfB2dY
clock timezone Golf 7 0
archive
log config
logging enable
logging size 200
hidekeys
path tftp://10.0.5.1/$h
write-memory
kron occurrence CONFIG_BACKUP_SCHED at 10:00 recurring
policy-list CONFIG_BACKUP
kron policy-list CONFIG_BACKUP
cli wr mem
end
But it is worth remembering that copy for running-config is not at all the same as configure replace .
If you look, for example, startup-config:
SW1#show archive config differences
!Contextual Config Diffs:
interface Ethernet0/3
-shutdown
SW1#show archive config incremental-diffs nvram:startup-config
!List of Commands:
end
!No changes were found
Those. “Differences” indicates that eth0 / 3 is disabled in run, but “incremental-diffs” says that when copying “start start run” to the current configuration nothing will be added. Those. with this command we will not roll back running-config to startup-config.
2. Rollback configuration
When working through vty, some use the “reload in [min]” command so that if errors are made in the current configuration and access to the device is lost, the device automatically reboots after a certain time interval and the changes are rolled back to startup-config.
Archive allows you to solve such problems without rebooting the device - delayed rollback running-config.
ATTENTION: to use rollbacks, configuration archiving must be configured. For example, this:
SW1#show running-config | section archive
archive
log config
logging enable
logging size 200
hidekeys
path tftp://10.0.5.1/$h
write-memory
a. Rollback after a certain period of time We
proceed to the configuration of the equipment. Pre-set the rollback timer with the “configure terminal revert timer” command:
SW1#configure terminal revert timer 20
!Rollback Confirmed Change: Backing up current running config to tftp://10.0.5.1/SW1-Jan-13-2017-16-16-30-Golf-1
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#
*Jan 13 2017 16:16:30 Golf: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_BACKUP: Backing up current running config to tftp://10.0.5.1/SW1-Jan-13-2017-16-16-30-Golf-1
*Jan 13 2017 16:16:30 Golf: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_START_ABSTIMER: User: mark: Scheduled to rollback to config tftp://10.0.5.1/SW1-Jan-13-2017-16-16-30-Golf-1 in 20 minutes
As you can see, running-config was archived at 10.0.5.1/SW1-Jan-13-2017-16-16-30-Golf-1 and rollback to this file was postponed for 20 minutes.
Now, for example, make changes (disable eth0 / 3):
SW1(config)#interface ethernet 0/3
SW1(config-if)#shutdown
SW1(config-if)#end
SW1#show running-config | section interface
.....
interface Ethernet0/3
shutdown
duplex auto
.....
Time passes when 1 minute remains before the rollback, iOS warns me:
SW1#Rollback Confirmed Change: Rollback will begin in one minute.
Enter "configure confirm" if you wish to keep what you've configured
*Jan 13 2017 16:26:38 Golf: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_WARNING_ABSTIMER: System will rollback to config tftp://10.0.5.1/SW1-Jan-13-2017-16-16-30-Golf-1 in one minute. Enter "configure confirm" if you wish to keep what you've configured
The minute expires and a rollback occurs (in fact, “configure replace”):
Минута истекает и происходит откат (по факту configure replace):
SW1#Rollback Confirmed Change: rolling to:tftp://10.0.5.1/SW1-Jan-13-2017-16-16-30-Golf-1
Loading SW1-Jan-13-2017-16-16-30-Golf-1 from 10.0.5.1 (via Vlan1): !
[OK - 1483 bytes]
Loading SW1-Jan-13-2017-16-16-30-Golf-1 from 10.0.5.1 (via Vlan1): !
[OK - 1483 bytes]
!Pass 1
!List of Rollback Commands:
interface Ethernet0/3
no shutdown
end
Total number of passes: 1
Rollback Done
We check:
SW1#sh run | section interface
.....
interface Ethernet0/3
duplex auto
.....
Eth0 / 3 is not disabled, i.e. rollback successful.
b. How much time is left. Instant rollback
Information on how much time is left before the rollback can be found using the “show archive config rollback timer” command:
SW1#configure terminal revert timer 10
!Rollback Confirmed Change: Backing up current running config to tftp://10.0.5.1/SW1-Jan-13-2017-16-40-36-Golf-2
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#end
SW1#show archive config rollback timer
Time configured(or reconfigured): 16:40:36 Golf Fri Jan 13 2017
Timer type: absolute timer
Timer value: 10 min
User: mark
How much time is left is not shown, but the time when the interval was configured and the length of the interval itself, i.e. can be counted.
How to change the interval - reduce or increase? The “configure revert timer” command:
SW1#configure revert timer 5
SW1#
*Jan 13 2017 16:43:50 Golf: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_RESET_ABSTIMER: User: mark: Reset Rollback Confirmed Change timer(absolute) to 5 minute
SW1#show archive config rollback timer
Time configured(or reconfigured): 16:43:50 Golf Fri Jan 13 2017
Timer type: absolute timer
Timer value: 5 min
User: mark
In fact, this command does not add or remove anything, but simply sets a new interval from the current moment.
How to make an instant rollback? The “configure revert now” command:
SW1#configure revert now
Rollback Confirmed Change: rolling to:tftp://10.0.5.1/SW1-Jan-13-2017-16-40-36-Golf-2
Loading SW1-Jan-13-2017-16-40-36-Golf-2 from 10.0.5.1 (via Vlan1): !
[OK - 1483 bytes]
Loading SW1-Jan-13-2017-16-40-36-Golf-2 from 10.0.5.1 (via Vlan1): !
[OK - 1483 bytes]
Total number of passes: 0
Rollback Done
Well, I had no changes in this case. This is the same as “configure replace”, only the config you need to roll back to cannot be specified.
c. How to cancel a rollback
Suppose we set a rollback interval, make changes, and we are satisfied with the current configuration. How to cancel rollback running-config? The “configure confirm” command:
SW1#configure confirm
SW1#
*Jan 13 2017 16:48:42 Golf: %ARCHIVE_DIFF-5-ROLLBK_CNFMD_CHG_CONFIRM: User: mark: Confirm the configuration change
It should be clearly understood that “configure confirm” is not saving run to start, it is just canceling the rollback.
ATTENTION: after confirming the configuration, i.e. cancellation of rollback MUST check “show archive config rollback timer”. The answer should be like this:
SW1#show archive config rollback timer
%No Rollback Confirmed Change pending
PS Throughout the article, I mentioned this more than once, but finally I’ll repeat it: rollback, like configure replace, is the rollback of running-config and no other file.