We recently installed new routers and voice gateways, and I was torn between enabling telnet or figuring out a better way to perform my config backups. I’m still a big believer in security and free solutions, so I went on the hunt and dug into using SNMP. As it turns out, the hardest part about using SNMP to back up a Cisco config is getting the MIBs installed on your particular distro. Using Debian this time, I had a pretty simple go of it. Once you get net-snmp figured and get your MIBs installed into the right path, you just have to add CISCO-CONFIG-COPY-MIB to your snmp.conf and you’re ready to roll.
Here’s the bash script I wrote to automate a config backup of my entire organization. The only prerequisite to the script is a simple text file of all of your hosts. Maintaining the text file is the only hard part.
#!/bin/bash
budir=/tftpboot/cfg-`date +%Y-%m-%d-%H%M` #Backup directory
snmpcom=private #SNMP Community goes here (Must be RW)
s=10.1.1.10 #IP of your TFTPD
rslist=/root/bin/backup/rslist #Path to Router/Switch list, one per line
r=$(($RANDOM%1000)) #Random number to be used for snmpset
#################################################
mkdir $budir #Create backup directory
for a in `cat $rslist`
do
touch $budir/$a #These two lines are only required if your
chmod 777 $budir/$a #tftpd doesn't support the -c (create) option
#This line is the actual snmpset command to set all of the variables.
snmpset -v2c -c $snmpcom $a ccCopyProtocol.$r i tftp \
ccCopySourceFileType.$r i runningConfig \
ccCopyDestFileType.$r i networkFile \
ccCopyServerAddress.$r a $s \
ccCopyFileName.$r s $budir/$a
#This line is the one that actually triggers the backup.
snmpset -v2c -c $snmpcom $a ccCopyEntryRowStatus.$r i active
done
Save this script and create a cron job and you’re all set.