华为/H3C交换机配置自动备份到FTP/SFTP

瓦力^o
其他运维
2024-06-23
2437热度
0评论

为优化建设内网的网管交换机，实现华为交换机和H3C交换机的配置自动备份，方便回溯以往配置过的CLI命令。此例将备份到FTP/SFTP服务端

注意事项

1、华为交换机的save-configuration的自动备份是以当前配置是否变更为基准，即当前配置没有变化的情况下，不会执行定时备份。此配置与H3C交换机不同
2、H3C交换机的archive configuration的自动备份是强制做定时备份，无论当前配置是否变更都会执行定时备份
3、华为数通智选系列和华为系列的S1730S-A1/A2版本在开机之后不能配置自动备份命令，需提前写好命令并加载到ROM层，使之开机生效

华为交换机配置自动备份

# cpu使用率低于45%, 配置修改时1分钟后自动备份1次, 正确情况下每隔1440分钟自动备份1次（即1天备份1次）
set save-configuration cpu-limit 45 delay 1 interval 1440

# SFTP协议, 备份服务端1.1.1.1, SFTP连接端口12345, SFTP用户是configbackup, SFTP用户密码是abcdefg, SFTP备份路径是/config/Switch
set save-configuration backup-to-server server 1.1.1.1 transport-type sftp port 12345 user configbackup password abcdefg path /config/Switch

### 验证华为交换机的自动备份
<Switch>dis cu | inc save
set save-configuration interval 1440 delay 1 cpu-limit 45
set save-configuration backup-to-server server 1.1.1.1 transport-type sftp port 12345 user configbackup password ######### path /config/Switch

<Switch>dis saved-config config
Auto backup configuration status : Enable
Auto backup configuration interval : 1440 minutes
Backup delay after configuration changed : 1 minutes
The threshold of the CPU usage permitted when backup : 45%

Auto backup configuration server 1 information:
Server IP : 1.1.1.1
Transport-type : SFTP
Server path : /config/Switch
User : configbackup
Password : ******
Port : 12345

<Switch>dis saved-config time
Saved configuration manually:
00:00:00 Beijing,Chongqing,Hongkon,Urumq 20XX/00/00
Time Zone: UTC+08:00
Saved configuration automatically:
00:00:00 Beijing,Chongqing,Hongkon,Urumq 20XX/00/00
Time Zone: UTC+08:00

H3C交换机配置自动备份

# 实验过的部分交换机型号如下
1. H3C S5024PV3-LI-PWR
2. H3C S5024PV3-EI-PWR
3. H3C S5024PV5

# SCP协议, SCP服务端是1.1.1.1 SCP连接端口12345, SCP备份路径是/config/Switch, 文件前缀是xxx
archive configuration server scp 1.1.1.1 port 12345 directory /config/Switch/ filename-prefix xxx

# SCP用户是configbackup
archive configuration server user configbackup

# SCP用户密码是abcdefg
archive configuration server password simple abcdefg

# SCP备份间隔1440分钟（即1天备份1次）
archive configuration interval 1440

### 验证新华三自动备份
<Switch>dis cu | inc archive
archive configuration server scp 1.1.1.1 port 12345 directory /config/Switch/ filename-prefix xxx
archive configuration server user configbackup
archive configuration server password cipher #########
archive configuration interval 1440

<Switch>dis archive config
Username: configbackup
Location: 1.1.1.1
Filename prefix: xxx
Archive interval in minutes: 1440
Archive history:
No. Timestamp Filename
1 XXX XXX 00 00:00:00 20XX xxx_20XX0000_000000.cfg
# 2 XXX XXX 00 00:00:00 20XX xxx_20220000_000000.cfg
The exclamation mark (!) indicate that the remote archiving attempt failed.
The pound sign (#) indicates the most recent archive file.

# 实验过的部分交换机型号如下
1. H3C WX2540H

archive configuration server ftp 1.1.1.1 port 12345 directory /config/Switch/ filename-prefix xxx interval 1440
archive configuration server user configbackup
archive configuration server password simple abcdefg

### 验证新华三自动备份
<Switch>dis cu | inc archive
archive configuration server ftp 1.1.1.1 port 12345 directory /config/Switch/ filename-prefix xxx interval 1440
archive configuration server user configbackup
archive configuration server password cipher ########

<Switch>dis archive config
Username: configbackup
Location: ftp://1.1.1.1:12345/config/Switch/
Filename prefix: xxx
Archive interval in minutes: 1440
Archive history:
No. TimeStamp FileName
1 XXX XXX 00 00:00:00 20XX xxx_20XX0000_000000.cfg
# 2 XXX XXX 00 00:00:00 20XX xxx_20220000_000000.cfg
The exclamation mark (!) indicate that the remote archiving attempt failed.
The pound sign (#) indicates the most recent archive file.