Working with the Cisco IOS File System, Configuration Files, and Software Images

Working with the Flash File System

Information About the Flash File System

The flash file system is a single flash device on which you can store files. It also provides several commands to help you manage software bundles and configuration files. The default flash file system on the switch is named flash:.

As viewed from the active switch, or any stack member, flash: refers to the local flash device, which is the device attached to the same switch on which the file system is being viewed. In a switch stack, each of the flash devices from the various stack members can be viewed from the active switch. The names of these flash file systems include the corresponding switch member numbers. For example, flash-3:, as viewed from the active switch, refers to the same file system as does flash: on stack member 3. Use the show file systems privileged EXEC command to list all file systems, including the flash file systems in the switch stack.

Only one user at a time can manage the software images bundles and configuration files for a switch stack .

Displaying Available File Systems

To display the available file systems on your switch, use the show file systems privileged EXEC command as shown in this example for a standalone switch:


Switch# show file systems
File Systems:
     Size(b)     Free(b)       Type    Flags   Prefixes
*   15998976     5135872      flash     rw     flash:
           -           -     opaque     rw     bs:
           -           -     opaque     rw     vb:
      524288      520138      nvram     rw     nvram:
           -           -    network     rw     tftp:
           -           -     opaque     rw     null:
           -           -     opaque     rw     system:
           -           -     opaque     ro     xmodem:
           -           -     opaque     ro     ymodem:

This example shows a switch stack. In this example, the active switch is stack member 1; the file system on stack member 2 is displayed as flash-2:, the file system on stack member 3 is displayed as flash-3: and so on up to stack member 9, displayed as flash-9: for a 9-member stack. The example also shows the crashinfo directories and a USB flash drive plugged into the active switch:


Switch# show file systems
File Systems:
      Size(b)        Free(b)      Type   Flags   Prefixes
     145898496      5479424       disk     rw    crashinfo:crashinfo-1:
     248512512      85983232      disk     rw    crashinfo-2:stby-crashinfo:
     146014208      17301504      disk     rw    crashinfo-3:
     146014208             0      disk     rw    crashinfo-4:
     146014208       1572864      disk     rw    crashinfo-5:
     248512512      30932992      disk     rw    crashinfo-6:
     146014208       6291456      disk     rw    crashinfo-7:
     146276352      15728640      disk     rw    crashinfo-8:
     146276352      73400320      disk     rw    crashinfo-9:
*    741621760     481730560      disk     rw    flash:flash-1:
    1622147072    1360527360      disk     rw    flash-2:stby-flash:
     729546752     469762048      disk     rw    flash-3:
     729546752     469762048      disk     rw    flash-4:
     729546752     469762048      disk     rw    flash-5:
    1622147072    1340604416      disk     rw    flash-6:
     729546752     469762048      disk     rw    flash-7:
    1749549056    1487929344      disk     rw    flash-8:
    1749549056    1487929344      disk     rw    flash-9:
             0             0      disk     rw    unix:
             -             -      disk     rw    usbflash0:usbflash0-1:
             -             -      disk     rw    usbflash0-2: stby-usbflash0:
             -             -      disk     rw    usbflash0-3:
             -             -      disk     rw    usbflash0-4:
             -             -      disk     rw    usbflash0-5:
             -             -      disk     rw    usbflash0-6:
             -             -      disk     rw    usbflash0-7:
             -             -      disk     rw    usbflash0-8:
             -             -      disk     rw    usbflash0-9:
             0             0      disk     ro    webui:
             -             -    opaque     rw    system:
             -             -    opaque     rw    tmpsys:
       2097152       2055643     nvram     rw    stby-nvram:
             -             -     nvram     rw    stby-rcsf:
             -             -    opaque     rw    null:
             -             -    opaque     ro    tar:
             -             -   network     rw    tftp:
       2097152       2055643     nvram     rw    nvram:
             -             -    opaque     wo    syslog:
             -             -   network     rw    rcp:
             -             -   network     rw    http:
             -             -   network     rw    ftp:
             -             -   network     rw    scp:
             -             -   network     rw    https:
             -             -    opaque     ro    cns:
             -             -    opaque     rw    revrcsf:

Table 1. show file systems Field Descriptions

Field

Value

Size(b)

Amount of memory in the file system in bytes.

Free(b)

Amount of free memory in the file system in bytes.

Type

Type of file system.

disk—The file system is for a flash memory device, USB flash, and crashinfo file.

network—The file system for network devices; for example, an FTP server or and HTTP server.

nvram—The file system is for a NVRAM device.

opaque—The file system is a locally generated pseudo file system (for example, the system) or a download interface, such as brimux.

unknown—The file system is an unknown type.

Flags

Permission for file system.

ro—read-only.

rw—read/write.

wo—write-only.

Prefixes

Alias for file system.

crashinfo:—Crashinfo file.

flash:—Flash file system.

ftp:—FTP server.

http:—HTTP server.

https:—Secure HTTP server.

nvram:—NVRAM.

null:—Null destination for copies. You can copy a remote file to null to find its size.

rcp:—Remote Copy Protocol (RCP) server.

scp:—Session Control Protocol (SCP) server.

system:—Contains the system memory, including the running configuration.

tftp:—TFTP network server.

usbflash0:—USB flash memory.

xmodem:—Obtain the file from a network machine by using the Xmodem protocol.

ymodem:—Obtain the file from a network machine by using the Ymodem protocol.

Setting the Default File System

You can specify the file system or directory that the system uses as the default file system by using the cd filesystem: privileged EXEC command. You can set the default file system to omit the filesystem: argument from related commands. For example, for all privileged EXEC commands that have the optional filesystem: argument, the system uses the file system specified by the cd command.

By default, the default file system is flash:.

You can display the current default file system as specified by the cd command by using the pwd privileged EXEC command.

Displaying Information About Files on a File System

You can view a list of the contents of a file system before manipulating its contents. For example, before copying a new configuration file to flash memory, you might want to verify that the file system does not already contain a configuration file with the same name. Similarly, before copying a flash configuration file to another location, you might want to verify its filename for use in another command. To display information about files on a file system, use one of the privileged EXEC commands listed in the following table.

Table 2. Commands for Displaying Information About Files

Command

Description

dir [/all] [filesystem:filename]

Displays a list of files on a file system.

show file systems

Displays more information about each of the files on a file system.

show file information file-url

Displays information about a specific file.

show file descriptors

Displays a list of open file descriptors. File descriptors are the internal representations of open files. You can use this command to see if another user has a file open.

Changing Directories and Displaying the Working Directory

Follow these steps to change directories and to display the working directory:

SUMMARY STEPS

  1. enable
  2. dir filesystem:
  3. cd directory_name
  4. pwd
  5. cd

DETAILED STEPS

  Command or Action Purpose

Step 1

enable

Example:


Switch> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

dir filesystem:

Example:


Switch# dir flash:

Displays the directories on the specified file system.

For filesystem:, use flash: for the system board flash device.

To access flash partitions of switch members in a stack, use flash-n where n is the stack member number. For example, flash-4.

Step 3

cd directory_name

Example:


Switch# cd new_configs

Navigates to the specified directory.

The command example shows how to navigate to the directory named new_configs.

Step 4

pwd

Example:


Switch# pwd

Displays the working directory.

Step 5

cd

Example:


Switch# cd

Navigates to the default directory.

Creating Directories

Beginning in privileged EXEC mode, follow these steps to create a directory:

SUMMARY STEPS

  1. dir filesystem:
  2. mkdir directory_name
  3. dir filesystem:

DETAILED STEPS

  Command or Action Purpose

Step 1

dir filesystem:

Example:


Switch# dir flash:

Displays the directories on the specified file system.

For filesystem:, use flash: for the system board flash device.

Step 2

mkdir directory_name

Example:


Switch# mkdir new_configs

Creates a new directory. Directory names are case sensitive and are limited to 45 characters between the slashes (/); the name cannot contain control characters, spaces, slashes, quotes, semicolons, or colons.

Step 3

dir filesystem:

Example:


Switch# dir flash:

Verifies your entry.

Removing Directories

To remove a directory with all its files and subdirectories, use the delete /force /recursive filesystem:/file-url privileged EXEC command.

Use the /recursive keyword to delete the named directory and all subdirectories and the files contained in it. Use the /force keyword to suppress the prompting that confirms a deletion of each file in the directory. You are prompted only once at the beginning of this deletion process.

For filesystem , use flash: for the system board flash device. For file-url , enter the name of the directory to be deleted. All of the files in the directory and the directory are removed.


Caution


When directories are deleted, their contents cannot be recovered.

Copying Files

To copy a file from a source to a destination, use the copy source-url destination-url privileged EXEC command. For the source and destination URLs, you can use running-config and startup-config keyword shortcuts. For example, the copy running-config startup-config command saves the currently running configuration file to the NVRAM section of flash memory to be used as the configuration during system initialization.

You can also copy from special file systems (xmodem:, ymodem:) as the source for the file from a network machine that uses the Xmodem or Ymodem protocol.

Network file system URLs include ftp:, rcp:, and tftp: and have these syntaxes:

  • FTP—ftp:[[//username [:password]@location]/directory]/filename

  • RCP—rcp:[[//username@location]/directory]/filename

  • TFTP—tftp:[[//location]/directory]/filename

Local writable file systems include flash:.

Some invalid combinations of source and destination exist. Specifically, you cannot copy these combinations:

  • From a running configuration to a running configuration

  • From a startup configuration to a startup configuration

  • From a device to the same device (for example, the copy flash: flash: command is invalid)

Copying Files from One Switch in a Stack to Another Switch in the Same Stack

To copy a file from one switch in a stack to another switch in the same stack, use the flash-X: notation, where X is the switch number.

To view all switches in a stack, use the show switch command in privileged EXEC mode, as in the following example of a 9-member switch stack:


Switch# show switch
Switch/Stack Mac Address : 0006.f6b9.b580 - Local Mac Address Mac persistency wait time: Indefinite
                                             H/W   Current
Switch#   Role    Mac Address     Priority Version  State 
------------------------------------------------------------
*1       Active   0006.f6b9.b580     15     P3B     Ready               
 2       Standby  0006.f6ba.0c80     14     P3B     Ready               
 3       Member   0006.f6ba.3300     7      P3B     Ready               
 4       Member   0006.f6b9.df80     6      P3B     Ready               
 5       Member   0006.f6ba.3880     13     P1A     Ready               
 6       Member   1ce6.c7b6.ef00     4      PP      Ready               
 7       Member   2037.06ce.2580     3      P2A     Ready               
 8       Member   2037.0653.7e00     2      P5A     Ready               
 9       Member   2037.0653.9280     1      P5B     Ready               

To view all file systems available to copy on a specific switch, use the copy command as in the following example of a 5-member stack:


Switch# copy flash: ?
  crashinfo-1:     Copy to crashinfo-1: file system
  crashinfo-2:     Copy to crashinfo-2: file system
  crashinfo-3:     Copy to crashinfo-3: file system
  crashinfo-4:     Copy to crashinfo-4: file system
  crashinfo-5:     Copy to crashinfo-5: file system
  crashinfo:       Copy to crashinfo: file system
  flash-1:         Copy to flash-1: file system
  flash-2:         Copy to flash-2: file system
  flash-3:         Copy to flash-3: file system
  flash-4:         Copy to flash-4: file system
  flash-5:         Copy to flash-5: file system
  flash:           Copy to flash: file system
  ftp:             Copy to ftp: file system
  http:            Copy to http: file system
  https:           Copy to https: file system
  null:            Copy to null: file system
  nvram:           Copy to nvram: file system
  rcp:             Copy to rcp: file system
  revrcsf:         Copy to revrcsf: file system
  running-config   Update (merge with) current system configuration
  scp:             Copy to scp: file system
  startup-config   Copy to startup configuration
  stby-crashinfo:  Copy to stby-crashinfo: file system
  stby-flash:      Copy to stby-flash: file system
  stby-nvram:      Copy to stby-nvram: file system
  stby-rcsf:       Copy to stby-rcsf: file system
  stby-usbflash0:  Copy to stby-usbflash0: file system
  syslog:          Copy to syslog: file system
  system:          Copy to system: file system
  tftp:            Copy to tftp: file system
  tmpsys:          Copy to tmpsys: file system
  usbflash0-1:     Copy to usbflash0-1: file system
  usbflash0-2:     Copy to usbflash0-2: file system
  usbflash0-3:     Copy to usbflash0-3: file system
  usbflash0-4:     Copy to usbflash0-4: file system
  usbflash0-5:     Copy to usbflash0-5: file system
  usbflash0:       Copy to usbflash0: file system

Switch#

This example shows how to copy a config file stored in the flash partition of switch 2 to the flash partition of switch 4. It assumes that switch 2 and switch 4 are in the same stack.


Switch# copy flash-2:config.txt flash-4:config.txt

Deleting Files

When you no longer need a file on a flash memory device, you can permanently delete it. To delete a file or directory from a specified flash device, use the delete [/force] [/recursive] [filesystem:]/file-url privileged EXEC command.

Use the /recursive keyword for deleting a directory and all subdirectories and the files contained in it. Use the /force keyword to suppress the prompting that confirms a deletion of each file in the directory. You are prompted only once at the beginning of this deletion process. Use the /force and /recursive keywords for deleting old software images that were installed by using the archive download-sw command but are no longer needed.

If you omit the filesystem: option, the switch uses the default device specified by the cd command. For file-url , you specify the path (directory) and the name of the file to be deleted.

When you attempt to delete any files, the system prompts you to confirm the deletion.


Caution


When files are deleted, their contents cannot be recovered.
This example shows how to delete the file myconfig from the default flash memory device:

Switch# delete myconfig

Creating, Displaying and Extracting Files

You can create a file and write files into it, list the files in a file, and extract the files from a file as described in the next sections.

Beginning in privileged EXEC mode, follow these steps to create a file, display the contents, and extract it:

SUMMARY STEPS

  1. archive tar /create destination-url flash: /file-url
  2. archive tar /table source-url
  3. archive tar /xtract source-url flash:/file-url [dir/file...]
  4. more [ /ascii | /binary | /ebcdic] /file-url

DETAILED STEPS

  Command or Action Purpose

Step 1

archive tar /create destination-url flash: /file-url

Example:


switch# archive tar /create 
tftp:172.20.10.30/saved. 
flash:/new-configs 

Creates a file and adds files to it.

For destination-url, specify the destination URL alias for the local or network file system and the name of the file to create:

  • Local flash file system syntax:

    flash:
  • FTP syntax:

    ftp:[[//username[:password]@location]/directory]/-filename.
  • RCP syntax:

    rcp:[[//username@location]/directory]/-filename.
  • TFTP syntax:

    tftp:[[//location]/directory]/-filename.

For flash:/file-url , specify the location on the local flash file system in which the new file is created. You can also specify an optional list of files or directories within the source directory to add to the new file. If none are specified, all files and directories at this level are written to the newly created file.

Step 2

archive tar /table source-url

Example:


switch# archive tar /table
flash: /new_configs

Displays the contents of a file.

For source-url , specify the source URL alias for the local or network file system. The -filename. is the file to display. These options are supported:

  • Local flash file system syntax:

    flash:
  • FTP syntax:

    ftp:[[//username[:password]@location]/directory]/-filename.
  • RCP syntax:

    rcp:[[//username@location]/directory]/-filename.
  • TFTP syntax:

    tftp:[[//location]/directory]/-filename.

You can also limit the file displays by specifying a list of files or directories after the file. Only those files appear. If none are specified, all files and directories appear.

Step 3

archive tar /xtract source-url flash:/file-url [dir/file...]

Example:


switch# archive tar /xtract
tftp:/172.20.10.30/saved. 
flash:/new-configs

Extracts a file into a directory on the flash file system.

For source-url , specify the source URL alias for the local file system. The -filename. is the file from which to extract files. These options are supported:

  • Local flash file system syntax:

    flash:
  • FTP syntax:

    ftp:[[//username[:password]@location]/directory]/-filename.
  • RCP syntax:

    rcp:[[//username@location]/directory]/-filename.
  • TFTP syntax:

    tftp:[[//location]/directory]/-filename.

For flash:/file-url [dir/file...] , specify the location on the local flash file system from which the file is extracted. Use the dir/file... option to specify a list of files or directories within the file to be extracted. If none are specified, all files and directories are extracted.

Step 4

more [ /ascii | /binary | /ebcdic] /file-url

Example:


switch# more
flash:/new-configs

Displays the contents of any readable file, including a file on a remote file system.

Working with Configuration Files

Information on Configuration Files

Configuration files contain commands entered to customize the function of the Cisco IOS software. A way to create a basic configuration file is to use the setup program or to enter the setup privileged EXEC command.

You can copy (download) configuration files from a TFTP, FTP, or RCP server to the running configuration or startup configuration of the switch. You might want to perform this for one of these reasons:

  • To restore a backed-up configuration file.

  • To use the configuration file for another switch. For example, you might add another switch to your network and want it to have a configuration similar to the original switch. By copying the file to the new switch, you can change the relevant parts rather than recreating the whole file.

  • To load the same configuration commands on all the switches in your network so that all the switches have similar configurations.

You can copy (upload) configuration files from the switch to a file server by using TFTP, FTP, or RCP. You might perform this task to back up a current configuration file to a server before changing its contents so that you can later restore the original configuration file from the server.

The protocol you use depends on which type of server you are using. The FTP and RCP transport mechanisms provide faster performance and more reliable delivery of data than TFTP. These improvements are possible because FTP and RCP are built on and use the TCP/IP stack, which is connection-oriented.

Guidelines for Creating and Using Configuration Files

Creating configuration files can aid in your switch configuration. Configuration files can contain some or all of the commands needed to configure one or more switches. For example, you might want to download the same configuration file to several switches that have the same hardware configuration.

Use these guidelines when creating a configuration file:

  • We recommend that you connect through the console port or Ethernet management port for the initial configuration of the switch. If you are accessing the switch through a network connection instead of through a direct connection to the console port or Ethernet management port, keep in mind that some configuration changes (such as changing the switch IP address or disabling ports) can cause a loss of connectivity to the switch.

  • If no password has been set on the switch, we recommend that you set one by using the enable secret secret-password global configuration command.


Note


The copy { ftp: | rcp: | tftp:} system:running-config privileged EXEC command loads the configuration files on the switch as if you were entering the commands at the command line. The switch does not erase the existing running configuration before adding the commands. If a command in the copied configuration file replaces a command in the existing configuration file, the existing command is erased. For example, if the copied configuration file contains a different IP address in a particular command than the existing configuration, the IP address in the copied configuration is used. However, some commands in the existing configuration might not be replaced or negated. In this case, the resulting configuration file is a mixture of the existing configuration file and the copied configuration file, with the copied configuration file having precedence.

To restore a configuration file to an exact copy of a file stored on a server, copy the configuration file directly to the startup configuration (by using the copy { ftp: | rcp: | tftp:} nvram:startup-config privileged EXEC command), and reload the switch.


Configuration File Types and Location

Startup configuration files are used during system startup to configure the software. Running configuration files contain the current configuration of the software. The two configuration files can be different. For example, you might want to change the configuration for a short time period rather than permanently. In this case, you would change the running configuration but not save the configuration byusing the copy running-config startup-config privileged EXEC command.

The running configuration is saved in DRAM; the startup configuration is stored in the NVRAM section of flash memory.

Creating a Configuration File By Using a Text Editor

When creating a configuration file, you must list commands logically so that the system can respond appropriately. This is one method of creating a configuration file:

SUMMARY STEPS

  1. Copy an existing configuration from a switch to a server.
  2. Open the configuration file in a text editor, such as vi or emacs on UNIX or Notepad on a PC.
  3. Extract the portion of the configuration file with the desired commands, and save it in a new file.
  4. Copy the configuration file to the appropriate server location. For example, copy the file to the TFTP directory on the workstation (usually /tftpboot on a UNIX workstation).
  5. Make sure the permissions on the file are set to world-read.

DETAILED STEPS


Step 1

Copy an existing configuration from a switch to a server.

Step 2

Open the configuration file in a text editor, such as vi or emacs on UNIX or Notepad on a PC.

Step 3

Extract the portion of the configuration file with the desired commands, and save it in a new file.

Step 4

Copy the configuration file to the appropriate server location. For example, copy the file to the TFTP directory on the workstation (usually /tftpboot on a UNIX workstation).

Step 5

Make sure the permissions on the file are set to world-read.


Copying Configuration Files By Using TFTP

You can configure the switch by using configuration files you create, download from another switch, ordownload from a TFTP server. You can copy (upload) configuration files to a TFTP server for storage.

Preparing to Download or Upload a Configuration File By Using TFTP

Before you begin downloading or uploading a configuration file by using TFTP, do these tasks:

  • Ensure that the workstation acting as the TFTP server is properly configured. On a Sun workstation, make sure that the /etc/inetd.conf file contains this line:

    tftp dgram udp wait root /usr/etc/in.tftpd in.tftpd -p -s /tftpboot

    Make sure that the /etc/services file contains this line:

    tftp 69/udp

    Note


    You must restart the inetd daemon after modifying the /etc/inetd.conf and /etc/services files. To restart the daemon, either stop the inetd process and restart it, or enter a fastboot command (on the SunOS 4.x) or a reboot command (on Solaris 2.x or SunOS 5.x). For more information on the TFTP daemon, see the documentation for your workstation.


  • Ensure that the switch has a route to the TFTP server. The switch and the TFTP server must be in the same subnetwork if you do not have a router to route traffic between subnets. Check connectivity to the TFTP server by using the ping command.

  • Ensure that the configuration file to be downloaded is in the correct directory on the TFTP server (usually /tftpboot on a UNIX workstation).

  • For download operations, ensure that the permissions on the file are set correctly. The permissionon the file should be world-read.

  • Before uploading the configuration file, you might need to create an empty file on the TFTP server. To create an empty file, enter the touch filename command, where filename is the name of the file you will use when uploading it to the server.

  • During upload operations, if you are overwriting an existing file (including an empty file, if you had to create one) on the server, ensure that the permissions on the file are set correctly. Permissions on the file should be world-write.

Downloading the Configuration File By Using TFTP

To configure the switch by using a configuration file downloaded from a TFTP server, follow these steps:

SUMMARY STEPS

  1. Copy the configuration file to the appropriate TFTP directory on the workstation.
  2. Verify that the TFTP server is properly configured.
  3. Log into the switch through the console port, the Ethernet management port, or a Telnet session.
  4. Download the configuration file from the TFTP server to configure the switch.

DETAILED STEPS


Step 1

Copy the configuration file to the appropriate TFTP directory on the workstation.

Step 2

Verify that the TFTP server is properly configured.

Step 3

Log into the switch through the console port, the Ethernet management port, or a Telnet session.

Step 4

Download the configuration file from the TFTP server to configure the switch.

Specify the IP address or hostname of the TFTP server and the name of the file to download.

Use one of these privileged EXEC commands:

copy tftp:[[[//location]/directory]/filename] system:running-config
copy tftp:[[[//location]/directory]/filename] nvram:startup-config
copy tftp:[[[//location]/directory]/filename] flash[n]:/directory/startup-config

The configuration file downloads, and the commands are executed as the file is parsed line-by-line.


Example

This example shows how to configure the software from the file tokyo-confg at IP address 172.16.2.155:

Switch# copy tftp://172.16.2.155/tokyo-confg system:running-config 
Configure using tokyo-confg from 172.16.2.155? [confirm] y
Booting tokyo-confg from 172.16.2.155:!!! [OK - 874/16000 bytes]

Uploading the Configuration File By Using TFTP

To upload a configuration file from a switch to a TFTP server for storage, follow these steps:

SUMMARY STEPS

  1. Verify that the TFTP server is properly configured.
  2. Log into the switch through the console port, the Ethernet management port, or a Telnet session
  3. Upload the switch configuration to the TFTP server. Specify the IP address or hostname of the TFTP server and the destination filename.

DETAILED STEPS


Step 1

Verify that the TFTP server is properly configured.

Step 2

Log into the switch through the console port, the Ethernet management port, or a Telnet session

Step 3

Upload the switch configuration to the TFTP server. Specify the IP address or hostname of the TFTP server and the destination filename.

Use one of these privileged EXEC commands:

  • copy system:running-config tftp:[[[//location]/directory]/filename]

  • copy nvram:startup-config tftp:[[[//location]/directory]/filename]

  • copy flash[n]:/directory/startup-config tftp:[[[//location]/directory]/filename]

    The file is uploaded to the TFTP server.


Example

This example shows how to upload a configuration file from a switch to a TFTP server:

Switch# copy system:running-config tftp://172.16.2.155/tokyo-confg 
Write file tokyo-confg on host 172.16.2.155? [confirm] y
#
Writing tokyo-confg!!! [OK]

Copying a Configuration File from the Switch to an FTP Server

You can copy a configuration file from the switch to an FTP server.

Understanding the FTP Username and Password

The FTP protocol requires a client to send a remote username and password on each FTP request to a server. When you copy a configuration file from the switch to a server using FTP, the Cisco IOS software sends the first valid username it encounters in the following sequence:

  1. The username specified in the copy EXEC command, if a username is specified.

  2. The username set by the ip ftp username global configuration command, if the command is configured.

  3. Anonymous.

The switch sends the first valid password it encounters in the following sequence:

  1. The password specified in the copy command, if a password is specified.

  2. The password set by the ip ftp password command, if the command is configured.

  3. The switch forms a password username @switchname.domain . The variable username is the username associated with the current session, switchname is the configured host name, and domain is the domain of the switch.

The username and password must be associated with an account on the FTP server. If you are writing to the server, the FTP server must be properly configured to accept the FTP write request from the user on the switch.

If the server has a directory structure, the configuration file or image is written to or copied from the directory associated with the username on the server. For example, if the system image resides in the home directory of a user on the server, specify that user name as the remote username.

Refer to the documentation for your FTP server for more information.

Use the ip ftp username and ip ftp password global configuration commands to specify a username and password for all copies. Include the username in the copy EXEC command if you want to specify a username for that copy operation only.

Preparing to Download or Upload a Configuration File By Using FTP

Before you begin downloading or uploading a configuration file by using FTP, do these tasks:

  • Ensure that the switch has a route to the FTP server. The switch and the FTP server must be in the same subnetwork if you do not have a router to route traffic between subnets. Check connectivity to the FTP server by using the ping command.

  • If you are accessing the switch through the console or a Telnet session and you do not have a valid username, make sure that the current FTP username is the one that you want to use for the FTP download. You can enter the show users privileged EXEC command to view the valid username. If you do not want to use this username, create a new FTP username by using the ip ftp username username global configuration command during all copy operations. The new username is stored in NVRAM. If you are accessing the switch through a Telnet session and you have a valid username, this username is used, and you do not need to set the FTP username. Include the username in the copy command if you want to specify a username for only that copy operation.

  • When you upload a configuration file to the FTP server, it must be properly configured to accept the write request from the user on the switch.

For more information, see the documentation for your FTP server.

Downloading a Configuration File By Using FTP

Beginning in privileged EXEC mode, follow these steps to download a configuration file by using FTP:

SUMMARY STEPS

  1. configure terminal
  2. ip ftp username username
  3. ip ftp password password
  4. end
  5. Do one of the following:
    • copy system:running-config ftp: [[[//[username [:password ]@]location]/directory ]/filename ]
    • copy nvram:startup-config ftp: [[[//[username [:password ]@]location]/directory ]/filename]

DETAILED STEPS

  Command or Action Purpose

Step 1

configure terminal

Enter global configuration mode on the switch.

This step is required only if you override the default remote username or password (see Steps 2, 3, and 4).

Step 2

ip ftp username username

(Optional) Change the default remote username.

Step 3

ip ftp password password

(Optional) Change the default password.

Step 4

end

Return to privileged EXEC mode.

Step 5

Do one of the following:

  • copy system:running-config ftp: [[[//[username [:password ]@]location]/directory ]/filename ]
  • copy nvram:startup-config ftp: [[[//[username [:password ]@]location]/directory ]/filename]

Using FTP, copy the configuration file from a network server to the running configuration or to the startup configuration file.

Example

This example shows how to copy a configuration file named host1-confg from the netadmin1 directory on the remote server with an IP address of 172.16.101.101 and to load and run those commands on the switch:

Switch# copy ftp://netadmin1:mypass@172.16.101.101/host1-confg system:running-config 
Configure using host1-confg from 172.16.101.101? [confirm]
Connected to 172.16.101.101
Loading 1112 byte file host1-confg:![OK]
Switch#
%SYS-5-CONFIG: Configured from host1-config by ftp from 172.16.101.101

This example shows how to specify a remote username of netadmin1. The software copies the configuration file host2-confg from the netadmin1 directory on the remote server with an IP address of 172.16.101.101 to the switch startup configuration.

Switch# configure terminal 
Switch(config)# ip ftp username netadmin1 
Switch(config)# ip ftp password mypass 
Switch(config)# end 
Switch# copy ftp: nvram:startup-config 
Address of remote host [255.255.255.255]? 172.16.101.101 
Name of configuration file[rtr2-confg]? host2-confg 
Configure using host2-confg from 172.16.101.101?[confirm]
Connected to 172.16.101.101
Loading 1112 byte file host2-confg:![OK]
[OK]
Switch#
%SYS-5-CONFIG_NV:Non-volatile store configured from host2-config by ftp from 172.16.101.101

Uploading a Configuration File By Using FTP

Beginning in privileged EXEC mode, follow these steps to upload a configuration file by using FTP:

SUMMARY STEPS

  1. configure terminal
  2. ip ftp username username
  3. ip ftp password password
  4. end
  5. Do one of the following:
    • copy system:running-config ftp: [[[// [username [: password ]@ ]location]/ directory ]/ filename ] or
    • copy nvram:startup-config ftp: [[[// [username [: password ]@ ]location]/ directory ]/ filename ]

DETAILED STEPS

  Command or Action Purpose

Step 1

configure terminal

Enter global configuration mode on the switch.

This step is required only if you override the default remote username or password (see Steps 2, 3, and 4).

Step 2

ip ftp username username

(Optional) Change the default remote username.

Step 3

ip ftp password password

(Optional) Change the default password.

Step 4

end

Return to privileged EXEC mode.

Step 5

Do one of the following:

  • copy system:running-config ftp: [[[// [username [: password ]@ ]location]/ directory ]/ filename ] or
  • copy nvram:startup-config ftp: [[[// [username [: password ]@ ]location]/ directory ]/ filename ]

Using FTP, store the switch running or startup configuration file to the specified location.

Example

This example shows how to copy the running configuration file named switch2-confg to the netadmin1 directory on the remote host with an IP address of 172.16.101.101:

Switch# copy system:running-config ftp://netadmin1:mypass@172.16.101.101/switch2-confg 
Write file switch2-confg on host 172.16.101.101?[confirm]
Building configuration...[OK]
Connected to 172.16.101.101
Switch#

This example shows how to store a startup configuration file on a server by using FTP to copy the file:

Switch# configure terminal 
Switch(config)# ip ftp username netadmin2 
Switch(config)# ip ftp password mypass 
Switch(config)# end 
Switch# copy nvram:startup-config ftp: 
Remote host[]? 172.16.101.101 
Name of configuration file to write [switch2-confg]?
Write file switch2-confg on host 172.16.101.101?[confirm]
![OK]

Copying Configuration Files By Using RCP

The RCP provides another method of downloading, uploading, and copying configuration files between remote hosts and the switch. Unlike TFTP, which uses User Datagram Protocol (UDP), a connectionless protocol, RCP uses TCP, which is connection-oriented.

To use RCP to copy files, the server from or to which you will be copying files must support RCP. The RCP copy commands rely on the rsh server (or daemon) on the remote system. To copy files by using RCP, you do not need to create a server for file distribution as you do with TFTP. You only need to have access to a server that supports the remote shell (rsh). (Most UNIX systems support rsh.) Because you are copying a file from one place to another, you must have read permission on the source file and write permission on the destination file. If the destination file does not exist, RCP creates it for you.

The RCP requires a client to send a remote username with each RCP request to a server. When you copy a configuration file from the switch to a server, the Cisco IOS software sends the first valid username inthis list:

  • The username specified in the copy command if a username is specified.

  • The username set by the ip rcmd remote-username username global configuration command if the command is configured.

  • The remote username associated with the current TTY (terminal) process. For example, if the user is connected to the router through Telnet and was authenticated through the username command, the switch software sends the Telnet username as the remote username.

  • The switch hostname.

For a successful RCP copy request, you must define an account on the network server for the remote username. If the server has a directory structure, the configuration file is written to or copied from the directory associated with the remote username on the server. For example, if the configuration file is in the home directory of a user on the server, specify that user's name as the remote username.

Preparing to Download or Upload a Configuration File By Using RCP

Before you begin downloading or uploading a configuration file by using RCP, do these tasks:

  • Ensure that the workstation acting as the RCP server supports the remote shell (rsh).

  • Ensure that the switch has a route to the RCP server. The switch and the server must be in the same subnetwork if you do not have a router to route traffic between subnets. Check connectivity to the RCP server by using the ping command.

  • If you are accessing the switch through the console or a Telnet session and you do not have a valid username, make sure that the current RCP username is the one that you want to use for the RCP download. You can enter the show users privileged EXEC command to view the valid username. If you do not want to use this username, create a new RCP username by using the ip rcmd remote-username username global configuration command to be used during all copy operations. The new username is stored in NVRAM. If you are accessing the switch through a Telnet session and you have a valid username, this username is used, and you do not need to set the RCP username. Include the username in the copy command if you want to specify a username for only that copy operation.

  • When you upload a file to the RCP server, it must be properly configured to accept the RCP write request from the user on the switch. For UNIX systems, you must add an entry to the .rhosts file for the remote user on the RCP server. For example, suppose that the switch contains these configuration lines:

    hostname Switch1
    ip rcmd remote-username User0

If the switch IP address translates to Switch1.company.com, the .rhosts file for User0 on the RCPserver should contain this line:

Switch1.company.com Switch1

For more information, see the documentation for your RCP server.

Downloading a Configuration File By Using RCP

Beginning in privileged EXEC mode, follow these steps to download a configuration file by using RCP:

SUMMARY STEPS

  1. configure terminal
  2. ip rcmd remote-username username
  3. end
  4. Do one of the following:
    • copy rcp: [[[//username@ ]location ]/directory ]/filename] system:running-config
    • copy rcp: [[[//username@ ]location ]/directory ]/filename] nvram:startup-config

DETAILED STEPS

  Command or Action Purpose

Step 1

configure terminal

Enter global configuration mode on the switch.

This step is required only if you override the default remote username (see Steps 2 and 3).

Step 2

ip rcmd remote-username username

(Optional) Change the default remote username.

Step 3

end

Return to privileged EXEC mode.

Step 4

Do one of the following:

  • copy rcp: [[[//username@ ]location ]/directory ]/filename] system:running-config
  • copy rcp: [[[//username@ ]location ]/directory ]/filename] nvram:startup-config

Using RCP, copy the configuration file from a network server to the running configuration or to the startup configuration file.

Example

This example shows how to copy a configuration file named host1-confg from the netadmin1 directory on the remote server with an IP address of 172.16.101.101 and load and run those commands on the switch:

Switch# copy rcp://netadmin1@172.16.101.101/host1-confg system:running-config 
Configure using host1-confg from 172.16.101.101? [confirm]
Connected to 172.16.101.101
Loading 1112 byte file host1-confg:![OK]
Switch#
%SYS-5-CONFIG: Configured from host1-config by rcp from 172.16.101.101

This example shows how to specify a remote username of netadmin1. Then it copies the configuration file host2-confg from the netadmin1 directory on the remote server with an IP address of 172.16.101.101to the startup configuration:

Switch# configure terminal 
Switch(config)# ip rcmd remote-username netadmin1 
Switch(config)# end 
Switch# copy rcp: nvram:startup-config 
Address of remote host [255.255.255.255]? 172.16.101.101 
Name of configuration file[rtr2-confg]? host2-confg 
Configure using host2-confg from 172.16.101.101?[confirm]
Connected to 172.16.101.101
Loading 1112 byte file host2-confg:![OK]
[OK]
Switch#
%SYS-5-CONFIG_NV:Non-volatile store configured from host2-config by rcp from 172.16.101.101

Uploading a Configuration File By Using RCP

Beginning in privileged EXEC mode, follow these steps to upload a configuration file by using RCP

SUMMARY STEPS

  1. configure terminal
  2. ip rcmd remote-username username
  3. end
  4. Do one of the following:
    • copy system:running-config rcp: [[[//username@ ]location ]/directory ]/filename]
    • copy nvram:startup-config rcp: [[[//username@ ]location ]/directory ]/filename]

DETAILED STEPS

  Command or Action Purpose

Step 1

configure terminal

Enter global configuration mode on the switch.

This step is required only if you override the default remote username (see Steps 2 and 3).

Step 2

ip rcmd remote-username username

(Optional) Specify the remote username.

Step 3

end

Return to privileged EXEC mode.

Step 4

Do one of the following:

  • copy system:running-config rcp: [[[//username@ ]location ]/directory ]/filename]
  • copy nvram:startup-config rcp: [[[//username@ ]location ]/directory ]/filename]

Using RCP, copy the configuration file from a switch running configuration or startup configuration file to a network server.

Example

This example shows how to copy the running configuration file named switch2-confg to the netadmin1 directory on the remote host with an IP address of 172.16.101.101:

Switch# copy system:running-config rcp://netadmin1@172.16.101.101/switch2-confg 
Write file switch-confg on host 172.16.101.101?[confirm]
Building configuration...[OK]
Connected to 172.16.101.101
Switch#

This example shows how to store a startup configuration file on a server:

Switch# configure terminal 
Switch(config)# ip rcmd remote-username netadmin2 
Switch(config)# end 
Switch# copy nvram:startup-config rcp: 
Remote host[]? 172.16.101.101 
Name of configuration file to write [switch2-confg]?
Write file switch2-confg on host 172.16.101.101?[confirm]
![OK]

Clearing Configuration Information

You can clear the configuration information from the startup configuration. If you reboot the switch with no startup configuration, the switch enters the setup program so that you can reconfigure the switch with all new settings.

Clearing the Startup Configuration File

To clear the contents of your startup configuration, use the erase nvram: or the erase startup-config privileged EXEC command.

Note


You cannot restore the startup configuration file after it has been deleted.

Deleting a Stored Configuration File

To delete a saved configuration from flash memory, use the delete flash:filename privileged EXEC command. Depending on the setting of the file prompt global configuration command, you might be prompted for confirmation before you delete a file. By default, the switch prompts for confirmation on destructive file operations. For more information about the file prompt command, see the Cisco IOS Command Reference for Release 12.4.


Note


You cannot restore a file after it has been deleted.

Replacing and Rolling Back Configurations

The configuration replacement and rollback feature replaces the running configuration with any saved Cisco IOS configuration file. You can use the rollback function to roll back to a previous configuration.

Information on Configuration Replacement and Rollback

Configuration Archive

The Cisco IOS configuration archive is intended to provide a mechanism to store, organize, and manage an archive of Cisco IOS configuration files to enhance the configuration rollback capability provided by the configure replace command. Before this feature was introduced, you could save copies of the running configuration using the copy running-config destination-url command, storing the replacement file either locally or remotely. However, this method lacked any automated file management. On the other hand, the Configuration Replace and Configuration Rollback feature provides the capability to automatically save copies of the running configuration to the Cisco IOS configuration archive. These archived files serve as checkpoint configuration references and can be used by the configure replace command to revert to previous configuration states.

The archive config command allows you to save Cisco IOS configurations in the configuration archive using a standard location and filename prefix that is automatically appended with an incremental version number (and optional timestamp) as each consecutive file is saved. This functionality provides a means for consistent identification of saved Cisco IOS configuration files. You can specify how many versions of the running configuration are kept in the archive. After the maximum number of files are saved in the archive, the oldest file is automatically deleted when the next, most recent file is saved. The show archive command displays information for all configuration files saved in the Cisco IOS configuration archive.

The Cisco IOS configuration archive, in which the configuration files are stored and available for use with the configure replace command, can be located on the following file systems: FTP, HTTP, RCP, TFTP.

Configuration Replace

The configure replace privileged EXEC command replaces the running configuration with any saved configuration file. When you enter the configure replace command, the running configuration is compared with the specified replacement configuration, and a set of configuration differences is generated. The resulting differences are used to replace the configuration. The configuration replacement operation is usually completed in no more than three passes. To prevent looping behavior no more than five passes are performed.

You can use the copy source-url running-config privileged EXEC command to copy a stored configuration file to the running configuration. When using this command as an alternative to the configure replace target-url privileged EXEC command, note these major differences:

  • The copysource-urlrunning-config command is a merge operation and preserves all the commands from both the source file and the running configuration. This command does not remove commands from the running configuration that are not present in the source file. In contrast, the configure replacetarget-url command removes commands from the running configuration that are not present in the replacement file and adds commands to the running configuration that are not present.

  • You can use a partial configuration file as the source file for the copysource-urlrunning-config command. You must use a complete configuration file as the replacement file for the configure replacetarget-url command.

Configuration Rollback

You can also use the configure replace command to roll back changes that were made since the previous configuration was saved. Instead of basing the rollback operation on a specific set of changes that were applied, the configuration rollback capability reverts to a specific configuration based on a saved configuration file.

If you want the configuration rollback capability, you must first save the running configuration before making any configuration changes. Then, after entering configuration changes, you can use that saved configuration file to roll back the changes by using the configure replacetarget-url command.

You can specify any saved configuration file as the rollback configuration. You are not limited to a fixed number of rollbacks, as is the case in some rollback models.

Configuration Guidelines

Follow these guidelines when configuring and performing configuration replacement and rollback:

  • Make sure that the switch has free memory larger than the combined size of the two configuration files (the running configuration and the saved replacement configuration). Otherwise, the configuration replacement operation fails.

  • Make sure that the switch also has sufficient free memory to execute the configuration replacement or rollback configuration commands.
  • Certain configuration commands, such as those pertaining to physical components of a networking device (for example, physical interfaces), cannot be added or removed from the running configuration.
    • A configuration replacement operation cannot remove the interfaceinterface-id command line from the running configuration if that interface is physically present on the device.
    • The interfaceinterface-id command line cannot be added to the running configuration if no such interface is physically present on the device.
  • When using the configure replace command, you must specify a saved configuration as the replacement configuration file for the running configuration. The replacement file must be a complete configuration generated by a Cisco IOS device (for example, a configuration generated by the copy running-configdestination-url command).

Note


If you generate the replacement configuration file externally, it must comply with the format of files generated by Cisco IOS devices.

Configuring the Configuration Archive

Using the configure replace command with the configuration archive and with the archive config command is optional but offers significant benefit for configuration rollback scenarios. Before using the archive config command, you must first configure the configuration archive. Starting in privileged EXEC mode, follow these steps to configure the configuration archive:

SUMMARY STEPS

  1. configure terminal
  2. archive
  3. pathurl
  4. maximumnumber
  5. time-period minutes
  6. end
  7. show running-config
  8. copy running-config startup-config

DETAILED STEPS

  Command or Action Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

archive

Enter archive configuration mode.

Step 3

pathurl

Specify the location and filename prefix for the files in the configuration archive

Step 4

maximumnumber

(Optional) Set the maximum number of archive files of the running configuration to be saved in the configuration archive .

number -Maximum files of the running configuration file in the configuration archive. Valid values are from 1 to 14. The default is 10.

Note

 
Before using this command, you must first enter the path archive configuration command to specify the location and filename prefix for the files in the configuration archive.

Step 5

time-period minutes

(Optional) Set the time increment for automatically saving an archive file of the running configuration in the configuration archive.

minutes -Specify how often, in minutes, to automatically save an archive file of the running configuration in the configuration archive

Step 6

end

Return to privileged EXEC mode.

Step 7

show running-config

Verify the configuration.

Step 8

copy running-config startup-config

(Optional) Save your entries in the configuration file.

Performing a Configuration Replacement or Rollback Operation

Starting in privileged EXEC mode, follow these steps to replace the running configuration file with a saved configuration file:

SUMMARY STEPS

  1. archive config
  2. configure terminal
  3. Make necessary changes to the running configuration.
  4. exit
  5. configure replace target-url [list] [force] [time seconds] [nolock]
  6. configure confirm
  7. copy running-config startup-config

DETAILED STEPS


Step 1

archive config

(Optional) Save the running configuration file to the configuration archive.

Note

 
Enter the path archive configuration command before using this command.

Step 2

configure terminal

Enter global configuration mode.

Step 3

Make necessary changes to the running configuration.

Step 4

exit

Return to privileged EXEC mode.

Step 5

configure replace target-url [list] [force] [time seconds] [nolock]

Replace the running configuration file with a saved configuration file.

target-url—URL (accessible by the file system) of the saved configuration file that is to replace the running configuration, such as the configuration file created in Step 2 by using the archive config privileged EXEC command

list —Display a list of the command entries applied by the software parser during each pass of the configuration replacement operation. The total number of passes also appears.

force —Replace the running configuration file with the specified saved configuration file without prompting you for confirmation.

timeseconds—Specify the time (in seconds) within which you must enter the configure confirm command to confirm replacement of the running configuration file. If you do not enter the configure confirm command within the specified time limit, the configuration replacement operation is automatically stopped. (In other words, the running configuration file is restored to the configuration that existed before you entered the configure replace command).

Note

 

You must first enable the configuration archive before you can use the time seconds command line option.

nolock— Disable the locking of the running configuration file that prevents other users from changing the running configuration during a configuration replacement operation.

Step 6

configure confirm

(Optional) Confirm replacement of the running configuration with a saved configuration file.

Note

 
Use this command only if the time seconds keyword and argument of the configure replace command are specified.

Step 7

copy running-config startup-config

(Optional) Save your entries in the configuration file.

Working with Software Images

Information on Working with Software Images

This section describes how to archive (download and upload) software image files, which contain the system software, the Cisco IOS code, and the embedded device manager software.


Note


Instead of using the copy privileged EXEC command or the archive tar privileged EXEC command, we recommend using the archive download-sw and archive upload-sw privileged EXEC commands to download and upload software image files. For switch stacks, the archive download-sw and archive upload-sw privileged EXEC commands can only be used through the stack's active switch. Software images downloaded to the stack's active switch are automatically downloaded to the rest of the stack members.

To upgrade a switch in the stack that has an incompatible software image, use the archive copy-sw privileged EXEC command to copy the software image from an existing stack member to the incompatible switch. That switch automatically reloads and joins the stack as a fully functioning member.


You can download a switch image file from a TFTP, FTP, or RCP server to upgrade the switch software. If you do not have access to a TFTP server, you can download a software image file directly to your PC or workstation by using a web browser (HTTP) and then by using the device manager or Cisco Network Assistant to upgrade your switch. For information about upgrading your switch by using a TFTP server or a web browser (HTTP), see the release notes.

You can replace the current image with the new one or keep the current image in flash memory after a download.

You upload a switch image file to a TFTP, FTP, or RCP server for backup purposes. You can use this uploaded image for future downloads to the same switch or to another of the same type.

The protocol that you use depends on which type of server you are using. The FTP and RCP transport mechanisms provide faster performance and more reliable delivery of data than TFTP. These improvements are possible because FTP and RCP are built on and use the TCP/IP stack, which is connection-oriented.


Note


For a list of software images and the supported upgrade paths, see the release notes.

Image Location on the Switch

The Cisco IOS image is stored as a .bin file in a directory that shows the version number. A subdirectory contains the files needed for web management. The image is stored on the system board flash memory (flash:).

You can use the show version privileged EXEC command to see the software version that is currently running on your switch. In the display, check the line that begins with System image file is... . It shows the directory name in flash memory where the image is stored.

You can also use the dir filesystem : privileged EXEC command to see the directory names of other software images that might be stored in flash memory.

File Format of Images on a Server or Cisco.com

Software images located on a server or downloaded from Cisco.com are provided in a tar file format, which contains these files:

  • An info file, which serves as a table of contents for the tar file

  • One or more subdirectories containing other images and files, such as Cisco IOS images and web management files

This example shows some of the information contained in the info file. The table provides additional details about this information:
system_type:0x00000000:image-name 
    image_family:xxxx 
    stacking_number:x 
    info_end:

version_suffix:xxxx
    version_directory:image-name 
    image_system_type_id:0x00000000
    image_name:image-nameB.bin
    ios_image_file_size:6398464
    total_image_file_size:8133632
    image_feature:IP|LAYER_3|PLUS|MIN_DRAM_MEG=128
    image_family:xxxx 
    stacking_number:x 
    board_ids:0x401100c4 0x00000000 0x00000001 0x00000003 0x00000002 0x00008000 0x00008002 
0x40110000
    info_end
Table 3. info File Description
Field Description

version_suffix

Specifies the Cisco IOS image version string suffix

version_directory

Specifies the directory where the Cisco IOS image and the HTML subdirectory are installed

image_name

Specifies the name of the Cisco IOS image within the tar file

ios_image_file_size

Specifies the Cisco IOS image size in the tar file, which is an approximate measure of how much flash memory is required to hold just the Cisco IOS image

total_image_file_size

Specifies the size of all the images (the Cisco IOS image and the web management files) in the tar file, which is an approximate measure of how much flash memory is required to hold them

image_feature

Describes the core functionality of the image

image_min_dram

Specifies the minimum amount of DRAM needed to run this image

image_family

Describes the family of products on which the software can be installed

Copying Image Files Using TFTP

You can download a switch image from a TFTP server or upload the image from the switch to a TFTP server.

You download a switch image file from a server to upgrade the switch software. You can overwrite the current image with the new one or keep the current image after a download.

You upload a switch image file to a server for backup purposes; this uploaded image can be used for future downloads to the same or another switch of the same type .


Note


Instead of using the copy privileged EXEC command or the archive tar privileged EXEC command, we recommend using the archive download-sw and archive upload-sw privileged EXEC commands to download and upload software image files. For switch stacks, the archive download-sw and archive upload-sw privileged EXEC commands can only be used through the stack's active switch. Software images downloaded to the stack's active switch are automatically downloaded to the rest of the stack members.

To upgrade a switch with an incompatible software image, use the archive copy-sw privileged EXEC command to copy the software image from an existing stack member to the incompatible switch. That switch automatically reloads and joins the stack as a fully functioning member.


Preparing to Download or Upload an Image File By Using TFTP

Before you begin downloading or uploading an image file by using TFTP, do these tasks:

  • Ensure that the workstation acting as the TFTP server is properly configured. On a Sun workstation, make sure that the /etc/inetd.conf file contains this line:

    tftp dgram udp wait root /usr/etc/in.tftpd in.tftpd -p -s /tftpboot

    Make sure that the /etc/services file contains this line:

    tftp 69/udp

    Note


    You must restart the inetd daemon after modifying the /etc/inetd.conf and /etc/services files. To restart the daemon, either stop the inetd process and restart it, or enter a fastboot command (on the SunOS 4.x) or a reboot command (on Solaris 2.x or SunOS 5.x). For more information on the TFTP daemon, see the documentation for your workstation.


  • Ensure that the switch has a route to the TFTP server. The switch and the TFTP server must be in the same subnetwork if you do not have a router to route traffic between subnets. Check connectivity to the TFTP server by using the ping command.

  • Ensure that the image to be downloaded is in the correct directory on the TFTP server (usually /tftpboot on a UNIX workstation).

  • For download operations, ensure that the permissions on the file are set correctly. The permission on the file should be world-read.

  • Before uploading the image file, you might need to create an empty file on the TFTP server. To create an empty file, enter the touch filename command, where filename is the name of the file you will use when uploading the image to the server.

  • During upload operations, if you are overwriting an existing file (including an empty file, if you had to create one) on the server, ensure that the permissions on the file are set correctly. Permissions on the file should be world-write.

Downloading an Image File By Using TFTP

You can download a new image file and replace the current image or keep the current image.

Beginning in privileged EXEC mode, follow Steps 1 through 3 to download a new image from a TFTP server and overwrite the existing image. To keep the current image, go to Step 3.

SUMMARY STEPS

  1. Copy the image to the appropriate TFTP directory on the workstation. Make sure that the TFTP server is properly configured.
  2. Log into the switch through the console port or a Telnet session.
  3. archive download-sw/ overwrite/ reload tftp:[[// location]/ directory]/ image-name.tar
  4. archive download-sw/ leave-old-sw/ reload tftp:[[// location]/ directory]/ image-name.tar

DETAILED STEPS


Step 1

Copy the image to the appropriate TFTP directory on the workstation. Make sure that the TFTP server is properly configured.

Step 2

Log into the switch through the console port or a Telnet session.

Step 3

archive download-sw/ overwrite/ reload tftp:[[// location]/ directory]/ image-name.tar

Download the image file from the TFTP server to the switch, and overwrite the current image.
  • The /overwrite option overwrites the software image in flash memory with the downloaded image.
  • The /reload option reloads the system after downloading the image unless the configuration has been changed and not been saved.

  • For // location , specify the IP address of the TFTP server.

  • For /directory/image-name.tar specify the directory (optional) and the image to download. Directory and image names are case sensitive.

Step 4

archive download-sw/ leave-old-sw/ reload tftp:[[// location]/ directory]/ image-name.tar

Download the image file from the TFTP server to the switch, and keep the current image.

  • The /leave-old-sw option keeps the old software version after a download.

  • The /reload option reloads the system after downloading the image unless the configuration has been changed and not been saved.

  • For //location, specify the IP address of the TFTP server.

  • For /directory/image-name.tar specify the directory (optional) and the image to download. Directory and image names are case sensitive.

The download algorithm verifies that the image is appropriate for the switch model and that enough DRAM is present, or it cancels the process and reports an error. If you specify the /overwrite option, the download algorithm removes the existing image on the flash device whether or not it is the same as the new one, downloads the new image, and then reloads the software.

Note

 
If the flash device has sufficient space to hold two images and you want to overwrite one of these images with the same version, you must specify the /overwrite option.

If you specify the /leave-old-sw, the existing files are not removed. If there is not enough space to install the new image and keep the running image, the download process stops, and an error message is displayed.

The algorithm installs the downloaded image on the system board flash device (flash:). The image is placed into a new directory named with the software version string, and the BOOT environment variable is updated to point to the newly installed image.

If you keep the old image during the download process (you specified the /leave-old-sw keyword), you can remove it by entering the delete /force /recursive filesystem :/ file-url privileged EXEC command. For filesystem, use flash: for the system board flash device. For file-url, enter the directory name of the old image. All the files in the directory and the directory are removed.

Note

 
For the download and upload algorithms to operate properly, do not rename image names

Uploading an Image File Using TFTP

You can upload an image from the switch to a TFTP server. You can later download this image to the switch or to another switch of the same type.

Use the upload feature only if the web management pages associated with the embedded device manager have been installed with the existing image.

Beginning in privileged EXEC mode, follow these steps to upload an image to a TFTP server:

SUMMARY STEPS

  1. Make sure the TFTP server is properly configured
  2. Log into the switch through the console port or a Telnet session.
  3. archive upload-sw tftp:[[// location ]/directory ]/image-name .tar

DETAILED STEPS


Step 1

Make sure the TFTP server is properly configured

Step 2

Log into the switch through the console port or a Telnet session.

Step 3

archive upload-sw tftp:[[// location ]/directory ]/image-name .tar

Upload the currently running switch image to the TFTP server.

  • For // location , specify the IP address of the TFTP server.

  • For /directory/image-name.tar specify the directory (optional) and the name of the software image to be uploaded. Directory and image names are case sensitive. The image-name.tar is the name of the software image to be stored on the server.

    The archive upload-sw privileged EXEC command builds an image file on the server by uploading these files in order: info, the Cisco IOS image, and the web management files. After these files are uploaded, the upload algorithm creates the tar file format.

Note

 

For the download and upload algorithms to operate properly, do not rename image names.


Copying Image Files Using FTP

You can download a switch image from an FTP server or upload the image from the switch to an FTP server.

You download a switch image file from a server to upgrade the switch software. You can overwrite the current image with the new one or keep the current image after a download.

You upload a switch image file to a server for backup purposes. You can use this uploaded image for future downloads to the switch or another switch of the same type.


Note


Instead of using the copy privileged EXEC command or the archive tar privileged EXEC command, we recommend using the archive download-sw and archive upload-sw privileged EXEC commands to download and upload software image files. For switch stacks, the archive download-sw and archive upload-sw privileged EXEC commands can only be used through the stack's active switch. Software images downloaded to the stack's active switch are automatically downloaded to the rest of the stack members.


To upgrade a switch with an incompatible software image, use the archive copy-sw privileged EXEC command to copy the software image from an existing stack member to the incompatible switch. That switch automatically reloads and joins the stack as a fully functioning member.

Preparing to Download or Upload an Image File By Using FTP

You can copy images files to or from an FTP server.

The FTP protocol requires a client to send a remote username and password on each FTP request to a server. When you copy an image file from the switch to a server by using FTP, the Cisco IOS software sends the first valid username in this list:

  • The username specified in the archive download-sw or archive upload-sw privileged EXEC command if a username is specified.

  • The username set by the ip ftp username username global configuration command if the command is configured.

  • Anonymous.

The switch sends the first valid password in this list:

  • The password specified in the archive download-sw or archive upload-sw privileged EXEC command if a password is specified.

  • The password set by the ip ftp password password global configuration command if the command is configured.

  • The switch forms a password named username@switchname.domain. The variable username is the username associated with the current session, switchname is the configured hostname, and domain is the domain of the switch.

The username and password must be associated with an account on the FTP server. If you are writing to the server, the FTP server must be properly configured to accept the FTP write request from you.

Use the ip ftp username and ip ftp password commands to specify a username and password for all copies. Include the username in the archive download-sw or archive upload-sw privileged EXEC command if you want to specify a username only for that operation.

If the server has a directory structure, the image file is written to or copied from the directory associated with the username on the server. For example, if the image file resides in the home directory of a user on the server, specify that user's name as the remote username.

Before you begin downloading or uploading an image file by using FTP, do these tasks:

  • Ensure that the switch has a route to the FTP server. The switch and the FTP server must be in the same subnetwork if you do not have a router to route traffic between subnets. Check connectivity to the FTP server by using the ping command.
  • If you are accessing the switch through the console or a Telnet session and you do not have a valid username, make sure that the current FTP username is the one that you want to use for the FTP download. You can enter the show users privileged EXEC command to view the valid username. If you do not want to use this username, create a new FTP username by using the ip ftp username username global configuration command. This new name will be used during all archive operations. The new username is stored in NVRAM. If you are accessing the switch through a Telnet session and you have a valid username, this username is used, and you do not need to set the FTP username. Include the username in the archive download-sw or archive upload-sw privileged EXEC command if you want to specify a username for that operation only.
  • When you upload an image file to the FTP server, it must be properly configured to accept the write request from the user on the switch.

For more information, see the documentation for your FTP server.

Downloading an Image File By Using FTP

You can download a new image file and overwrite the current image or keep the current image.

Beginning in privileged EXEC mode, follow Steps 1 through 7 to download a new image from an FTP server and overwrite the existing image. To keep the current image, go to Step 7.

SUMMARY STEPS

  1. Verify that the FTP server is properly configured.
  2. Log into the switch through the console port or a Telnet session.
  3. configure terminal
  4. ip ftp username username
  5. ip ftp passwordpassword
  6. end
  7. archive download-sw / overwrite/ reload ftp:[[// username[ :password] @location]/ directory]/ image-name.tar
  8. archive download-sw / leave-old-sw/ reload ftp:[[// username[ :password] @location]/ directory]/ image-name.tar

DETAILED STEPS


Step 1

Verify that the FTP server is properly configured.

Step 2

Log into the switch through the console port or a Telnet session.

Step 3

configure terminal

Enter global configuration mode.

This step is required only if you override the default remote username or password (see Steps 4, 5, and 6).

Step 4

ip ftp username username

(Optional) Change the default remote username.

Step 5

ip ftp passwordpassword

(Optional) Change the default password.

Step 6

end

Return to privileged EXEC mode.

Step 7

archive download-sw / overwrite/ reload ftp:[[// username[ :password] @location]/ directory]/ image-name.tar

Download the image file from the FTP server to the switch, and overwrite the current image.
  • The /overwrite option overwrites the software image in flash memory with the downloaded image.
  • The /reload option reloads the system after downloading the image unless the configuration has been changed and not been saved.
  • For //username [:password] specify the username and password; these must be associated with an account on the FTP server.
  • For @ location, specify the IP address of the FTP server.
  • For directory/image-name.tar , specify the directory (optional) and the image to download. Directory and image names are case sensitive.

Step 8

archive download-sw / leave-old-sw/ reload ftp:[[// username[ :password] @location]/ directory]/ image-name.tar

Download the image file from the FTP server to the switch, and keep the current image.
  • The /leave-old-sw option keeps the old software version after a download.
  • The /reload option reloads the system after downloading the image unless the configuration has been changed and not been saved.
  • For //username [:password] specify the username and password; these must be associated with an account on the FTP server.
  • For @ location, specify the IP address of the FTP server.
  • For directory/image-name.tar , specify the directory (optional) and the image to download. Directory and image names are case sensitive.

The download algorithm verifies that the image is appropriate for the switch model and that enough DRAM is present, or it cancels the process and reports an error. If you specify the /overwrite option, the download algorithm removes the existing image on the flash device, whether or not it is the same as the new one, downloads the new image, and then reloads the software.

Note

 
If the flash device has sufficient space to hold two images and you want to overwrite one of these images with the same version, you must specify the /overwrite option.

If you specify the /leave-old-sw, the existing files are not removed. If there is not enough space to install the new image and keep the running image, the download process stops, and an error message is displayed.

The algorithm installs the downloaded image onto the system board flash device (flash:). The image is placed into a new directory named with the software version string, and the BOOT environment variable is updated to point to the newly installed image.

If you kept the old image during the download process (you specified the /leave-old-sw keyword), you can remove it by entering the delete/force/recursive filesystem :/ file-url privileged EXEC command. For filesystem, use flash: for the system board flash device. For file-url, enter the directory name of the old software image. All the files in the directory and the directory are removed.

Note

 

For the download and upload algorithms to operate properly, do not rename image names.


Uploading an Image File By Using FTP

You can upload an image from the switch to an FTP server. You can later download this image to the same switch or to another switch of the same type.

Use the upload feature only if the web management pages associated with the embedded device manager have been installed with the existing image.

Beginning in privileged EXEC mode, follow these steps to upload an image to an FTP server:

SUMMARY STEPS

  1. configure terminal
  2. ip ftp usernameusername
  3. ip ftp passwordpassword
  4. end
  5. archive upload-sw ftp:[[//[ username[: password] @] location]/ directory]/ image-name.tar

DETAILED STEPS


Step 1

configure terminal

Enter global configuration mode.

This step is required only if you override the default remote username or password (see Steps 2, 3,and 4.)

Step 2

ip ftp usernameusername

Optional) Change the default remote username.

Step 3

ip ftp passwordpassword

(Optional) Change the default password.

Step 4

end

Return to privileged EXEC mode.

Step 5

archive upload-sw ftp:[[//[ username[: password] @] location]/ directory]/ image-name.tar

Upload the currently running switch image to the FTP server.
  • For //username:password, specify the username and password. These must be associated with an account on the FTP server.
  • For @location, specify the IP address of the FTP server.
  • For /directory/image-name.tar, specify the directory (optional) and the name of the software image to be uploaded. Directory and image names are case sensitive. The image-name .tar is the name of the software image to be stored on the server.

The archive upload-sw command builds an image file on the server by uploading these files in order: info, the Cisco IOS image, and the web management files. After these files are uploaded, the upload algorithm creates the tar file format.

Note

 
For the download and upload algorithms to operate properly, do not rename image names.

Copying Image Files Using RCP

You can download a switch image from an RCP server or upload the image from the switch to an RCP server.

You download a switch image file from a server to upgrade the switch software. You can overwrite the current image with the new one or keep the current image after a download. You upload a switch image file to a server for backup purposes. You can use this uploaded image for future downloads to the same switch or another of the same type.


Note


Instead of using the copy privileged EXEC command or the archive tar privileged EXEC command, we recommend using the archive download-sw and archive upload-sw privileged EXEC commands to download and upload software image files. For switch stacks, the archive download-sw and archive upload-sw privileged EXEC commands can only be used through the stack's active switch. Software images downloaded to the stack's active switch are automatically downloaded to the rest of the stack members. To upgrade a switch with an incompatible software image, use the archive copy-sw privileged EXEC command to copy the software image from an existing stack member to the incompatible switch. That switch automatically reloads and joins the stack as a fully functioning member.

Preparing to Download or Upload an Image File Using RCP

RCP provides another method of downloading and uploading image files between remote hosts and the switch. Unlike TFTP, which uses User Datagram Protocol (UDP), a connectionless protocol, RCP uses TCP, which is connection-oriented.

To use RCP to copy files, the server from or to which you will be copying files must support RCP. The RCP copy commands rely on the rsh server (or daemon) on the remote system. To copy files by using RCP, you do not need to create a server for file distribution as you do with TFTP. You only need to have access to a server that supports the remote shell (rsh). (Most UNIX systems support rsh.) Because you are copying a file from one place to another, you must have read permission on the source file and write permission on the destination file. If the destination file does not exist, RCP creates it for you.

RCP requires a client to send a remote username on each RCP request to a server. When you copy an image from the switch to a server by using RCP, the Cisco IOS software sends the first valid username in this list:

  • The username specified in the archive download-sw or archive upload-sw privileged EXEC command if a username is specified.

  • The username set by the ip rcmd remote-usernameusername global configuration command if the command is entered.

  • The remote username associated with the current TTY (terminal) process. For example, if the user is connected to the router through Telnet and was authenticated through the username command, the switch software sends the Telnet username as the remote username.

  • The switch hostname.

For the RCP copy request to execute successfully, an account must be defined on the network server for the remote username. If the server has a directory structure, the image file is written to or copied from the directory associated with the remote username on the server. For example, if the image file resides in the home directory of a user on the server, specify that user's name as the remote username.

Before you begin downloading or uploading an image file by using RCP, do these tasks:

  • Ensure that the workstation acting as the RCP server supports the remote shell (rsh).
  • Ensure that the switch has a route to the RCP server. The switch and the server must be in the same subnetwork if you do not have a router to route traffic between subnets. Check connectivity to the RCP server by using the ping command.
  • If you are accessing the switch through the console or a Telnet session and you do not have a valid username, make sure that the current RCP username is the one that you want to use for the RCP download. You can enter the show users privileged EXEC command to view the valid username. If you do not want to use this username, create a new RCP username by using the ip rcmd remote-usernameusername global configuration command to be used during all archive operations. The new username is stored in NVRAM. If you are accessing the switch through a Telnet session and you have a valid username, this username is used, and there is no need to set the RCP username. Include the username in the archive download-sw or archive upload-sw privileged EXEC command if you want to specify a username only for that operation.
  • When you upload an image to the RCP to the server, it must be properly configured to accept the RCP write request from the user on the switch. For UNIX systems, you must add an entry to the .rhosts file for the remote user on the RCP server.

For example, suppose the switch contains these configuration lines:

hostname Switch1
ip rcmd remote-username User0

If the switch IP address translates to Switch1.company.com, the .rhosts file for User0 on the RCP server should contain this line:

Switch1.company.com Switch1

For more information, see the documentation for your RCP server.

Downloading an Image File using RCP

You can download a new image file and replace or keep the current image.

Beginning in privileged EXEC mode, follow Steps 1 through 6 to download a new image from an RCP server and overwrite the existing image. To keep the current image, go to Step 6.

SUMMARY STEPS

  1. Verify that the RCP server is properly configured.
  2. Log into the switch through the console port or a Telnet session.
  3. configure terminal
  4. ip rcmd remote-username username
  5. end
  6. archive download-sw / overwrite/ reload rcp:[[[// username@]/ location]/ directory]/ image-name.tar
  7. archive download-sw / leave-old-sw/ reload rcp:[[[//[ username@] location]/ directory]/ image-name.tar

DETAILED STEPS


Step 1

Verify that the RCP server is properly configured.

Step 2

Log into the switch through the console port or a Telnet session.

Step 3

configure terminal

Enter global configuration mode.

This step is required only if you override the default remote username or password (see Steps 4, 5, and 6).

Step 4

ip rcmd remote-username username

(Optional) Specify the remote username.

Step 5

end

Return to privileged EXEC mode.

Step 6

archive download-sw / overwrite/ reload rcp:[[[// username@]/ location]/ directory]/ image-name.tar

Download the image file from the RCP server to the switch, and overwrite the current image.
  • The /overwrite option overwrites the software image in flash memory with the downloaded image.
  • The /reload option reloads the system after downloading the image unless the configuration has been changed and not been saved.
  • For //username specify the username. For the RCP copy request to execute successfully, an account must be defined on the network server for the remote username.
  • For @ location, specify the IP address of theRCP server.
  • For /directory/image-name.tar , specify the directory (optional) and the image to download. Directory and image names are case sensitive.

Step 7

archive download-sw / leave-old-sw/ reload rcp:[[[//[ username@] location]/ directory]/ image-name.tar

Download the image file from the FTP server to the switch, and keep the current image.
  • The /leave-old-sw option keeps the old software version after a download.
  • The /reload option reloads the system after downloading the image unless the configuration has been changed and not been saved.
  • For //username specify the username. For the RCP copy request to execute, an account must be defined on the network server for the remote username.
  • For @ location, specify the IP address of the RCP server.
  • For /directory]/image-name.tar , specify the directory (optional) and the image to download. Directory and image names are case sensitive.

The download algorithm verifies that the image is appropriate for the switch model and that enough DRAM is present, or it cancels the process and reports an error. If you specify the /overwrite option, the download algorithm removes the existing image on the flash device, whether or not it is the same as the new one, downloads the new image, and then reloads the software.

Note

 
If the flash device has sufficient space to hold two images and you want to overwrite one of these images with the same version, you must specify the /overwrite option.

If you specify the /leave-old-sw, the existing files are not removed. If there is not enough space to install the new image and keep the running image, the download process stops, and an error message is displayed.

The algorithm installs the downloaded image onto the system board flash device (flash:). The image is placed into a new directory named with the software version string, and the BOOT environment variable is updated to point to the newly installed image.

If you kept the old image during the download process (you specified the /leave-old-sw keyword), you can remove it by entering the delete/force/recursive filesystem :/ file-url privileged EXEC command. For filesystem, use flash: for the system board flash device. For file-url, enter the directory name of the old software image. All the files in the directory and the directory are removed.

Note

 

For the download and upload algorithms to operate properly, do not rename image names.


Uploading an Image File using RCP

You can upload an image from the switch to an RCP server. You can later download this image to the same switch or to another switch of the same type.

The upload feature should be used only if the web management pages associated with the embedded device manager have been installed with the existing image.

Beginning in privileged EXEC mode, follow these steps to upload an image to an RCP server:

SUMMARY STEPS

  1. configure terminal
  2. ip rcmd remote-usernameusername
  3. end
  4. archive upload-sw rcp:[[[//[ username@] location]/ directory]/ image-name.tar

DETAILED STEPS

  Command or Action Purpose

Step 1

configure terminal

Enter global configuration mode.

This step is required only if you override the default remote username or password (see Steps 2 and 3.)

Step 2

ip rcmd remote-usernameusername

Optional) Specify the remote username.

Step 3

end

Return to privileged EXEC mode.

Step 4

archive upload-sw rcp:[[[//[ username@] location]/ directory]/ image-name.tar

Upload the currently running switch image to the RCP server.
  • For //username, specify the username; for the RCP copy request to execute, an account must be defined on the network server for the remote username.
  • For @location, specify the IP address of the RCP server.
  • For /directory/image-name.tar, specify the directory (optional) and the name of the software image to be uploaded. Directory and image names are case sensitive.
  • The image-name.tar is the name of software image to be stored on the server.

The archive upload-sw command builds an image file on the server by uploading these files in order: info, the Cisco IOS image, and the web management files. After these files are uploaded, the upload algorithm creates the tar file format.

Note

 
For the download and upload algorithms to operate properly, do not rename image names.

Copying an Image File from One Stack Member to Another

For switch stacks, the archive download-sw and archive upload-sw privileged EXEC commands can be used only through the stack's active switch. Software images downloaded to the stack's active switch are automatically downloaded to the rest of the stack members.

To upgrade a switch that has an incompatible software image, use the archive copy-sw privileged EXEC command to copy the software image from an existing stack member to the one that has incompatible software. That switch automatically reloads and joins the stack as a fully functioning member.


Note


To successfully use the archive copy-sw privileged EXEC command, you must have downloaded from a TFTP server the images for both the stack member switch being added and the stack's active switch. You use the archive download-sw privileged EXEC command to perform the download.

Beginning in privileged EXEC mode from the stack member that you want to upgrade, follow these steps to copy the running image file from the flash memory of a different stack member:

SUMMARY STEPS

  1. archive copy-sw/ destination-system destination-stack-member-number / force-reloadsource-stack-member-number
  2. reload slotstack-member-number

DETAILED STEPS

  Command or Action Purpose

Step 1

archive copy-sw/ destination-system destination-stack-member-number / force-reloadsource-stack-member-number

Copy the running image file from a stack member, and then unconditionally reload the updated stack member.

Note

 
At least one stack member must be running the image that is to be copied to the switch that is running the incompatible software

For / destination-systemdestination-stack-member-number, specify the number of the stack member (the destination) to which to copy the source running image file. If you do not specify this stack member number, the default is to copy the running image file to all stack members.

Specify /force-reload to unconditionally force a system reload after successfully downloading the software image.

For source-stack-member-number, specify the number of the stack member (the source) from which to copy the running image file. The stack member number range is 1 to 9.

Step 2

reload slotstack-member-number

Reset the updated stack member, and put this configuration change into effect.