Saving Router Configuration to Server

VoIP protocols functionalityIf you want to store a backup copy of your router’s configuration on a TFTP server we have a simple solution for you. This article will explain all the commands needed to save backup configuration of a device to TFTP server. All this for Cisco and also for Juniper device.


You need to make regular backups of your router configuration files and keep copies in a safe place. If you have a serious failure that damages a router’s hardware or software, the configuration will be destroyed. And anybody who has had to reconstruct a complex router configuration file from memory will tell you how difficult and stressful this task is. But if you have a backup of the last working configuration file, you can usually get a router working again within minutes of fixing any hardware problems.

Typical Mean Time Between Failure (MTBF) estimates for Cisco routers tend to be about 16 years. This sounds like a long time, but in a large network it means that you can expect to see a few failures every year. Unfortunately, human error is far more common than a device failure, and these human errors can result in complete or partial loss of the configuration file.

In the example, we created an empty backup configuration file on the TFTP server and then instructed the router to send its running configuration to this server. It is important to adjust the file permissions with the Unix chmodcommand. The transfer will fail if the configuration file is not world writable. Move the configuration files out of the TFTP directory to ensure that the file isn’t read by unauthorized people or accidentally overwritten.

Reading files located in the TFTP directory is trivial because the TFTP program needs this directory to be both world readable and world writable. In this example, we are able to access the TFTP server and read a router configuration file from another router:

As you can see, any files left in the TFTP directory can be easily viewed or even deliberately corrupted.


Use the first command from operational mode to copy the currently running version of the configuration to a server. The next two commands are configuration mode commands that save the candidate configuration either to a server or to your home directory on the router. If you use the save command after committing the configuration, you are effectively backing up the running configuration. The save command saves the configuration starting at your current hierarchy level. In this recipe, the commands are issued from the top hierarchy level (the [edit] level), so the entire configuration is saved. If you issue the command from a lower level, only that portion of the configuration is saved. The following command saves only the BGP configuration:

Verify the contents using show command:

Notice that the CLI inserts the replace: tag into the file. If you later load this file into the configuration with the load replace config-bgp-march11 command, the CLI replaces the entire [edit protocols bgp] portion of the configuration with the contents of the file you are loading.

The last command in this recipe automatically transfers the configuration file each time you commit the configuration, in this case saving all files in the server’s directory m11-config-archives. The file is saved in a compressed ( .gz) format with a name that includes the router name and the date and time of the commit operation, as in this example:


The numbers at the end of the filename are the date (22 Jan 2011) and the time (1905 hours, or 7:05 p.m., and 38 seconds). Time is always in UTC, even if your router is set to run local time. A variation is to use the set archival command to save the configuration at specific time intervalshere, every 1,440 minutes (24 hours):

One disadvantage of the set archival command is that the password is not encrypted in the configuration file but is shown in ASCII (clear text).

The JUNOS software also saves a copy of a configuration each time you activate it with any version of the commit command. The JUNOS software saves the last 50 versions of the configuration: the currently active configuration and the last 49 committed ones. The active (currently running) configuration (juniper.conf.gz) and the three most recent previous configurations (juniper.conf.1.gz, juniper.conf.2.gz, and juniper.conf.3.gz) are in the /config directory, which is on the router’s flash disk. Because space is limited on the flash disk, the files are stored in a compressed format (.gz).

The remaining configurations named juniper.conf.4.gz through juniper.conf.49.gz are in the /var/db/config directory on the router’s hard disk.

These files are also compressed.

Each time you commit a configuration, that configuration is named juniper.conf.gz, the existing juniper.conf.gz file is renamed juniper.conf.1.gz, and all the remaining numbered configurations from before are renumbered. This means that the JUNOS backup configuration files are continually renamed. This behavior points out one advantage of using the save command: it allows you to store the configuration in a file with a fixed name.

A publicly available software tool for archiving and monitoring router hardware and software configuration is RANCID ( You can also use this tool to track configuration changes.


This example shows how to use TFTP to upload a copy of the router’s active configuration to a remote server:


You can use the following command to copy the active configuration file to a server:

From configuration mode, use the save command to copy the candidate configuration to your home directory on a server:

You can also save it to a file in your home directory on the router:

Another way to back up configuration files is to automatically transfer the file each time you commit the configuration: