We recently installed new routers and voice gateways, and I was torn between enabling telnet or figuring out a better way to perform my config backups. I’m still a big believer in security and free solutions, so I went on the hunt and dug into using SNMP. As it turns out, the hardest part about using SNMP to back up a Cisco config is getting the MIBs installed on your particular distro. Using Debian this time, I had a pretty simple go of it. Once you get net-snmp figured and get your MIBs installed into the right path, you just have to add CISCO-CONFIG-COPY-MIB to your snmp.conf and you’re ready to roll.
Here’s the bash script I wrote to automate a config backup of my entire organization. The only prerequisite to the script is a simple text file of all of your hosts. Maintaining the text file is the only hard part.
#!/bin/bash budir=/tftpboot/cfg-`date +%Y-%m-%d-%H%M` #Backup directory snmpcom=private #SNMP Community goes here (Must be RW) s=10.1.1.10 #IP of your TFTPD rslist=/root/bin/backup/rslist #Path to Router/Switch list, one per line r=$(($RANDOM%1000)) #Random number to be used for snmpset ################################################# mkdir $budir #Create backup directory for a in `cat $rslist` do touch $budir/$a #These two lines are only required if your chmod 777 $budir/$a #tftpd doesn't support the -c (create) option #This line is the actual snmpset command to set all of the variables. snmpset -v2c -c $snmpcom $a ccCopyProtocol.$r i tftp \ ccCopySourceFileType.$r i runningConfig \ ccCopyDestFileType.$r i networkFile \ ccCopyServerAddress.$r a $s \ ccCopyFileName.$r s $budir/$a #This line is the one that actually triggers the backup. snmpset -v2c -c $snmpcom $a ccCopyEntryRowStatus.$r i active done
Save this script and create a cron job and you’re all set.