Configuration Rollback Confirmed Change

The Configuration Rollback Confirmed Change feature allows configuration changes to be performed with an optional requirement that they be confirmed. If this confirmation is not received, the configuration is returned to the state prior to the changes being applied. The mechanism provides a safeguard against inadvertent loss of connectivity between a network device and the user or management application due to configuration changes.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to https://cfnng.cisco.com/. An account on Cisco.com is not required.

Information About Configuration Rollback Confirmed Change

Configuration Rollback Confirmed Change Operation

The Configuration Rollback Confirmed Change feature enables an added criterion of a confirmation to configuration changes. This functionality enables a rollback to occur if a confirmation of the requested changes is not received in a configured time frame. Command failures can also be configured to trigger a configuration rollback.

The following steps outline how this process is achieved:

  1. A new option allows you to request confirmation (a confirmation time limit must be supplied) of the configuration changes.

  2. You must enter the confirmation command. If no confirmation is entered within the requested time limit, the configuration reverts to its previous state.

How to Configure Configuration Rollback Confirmed Change

Performing a Configuration Replace or Configuration Rollback Operation with Confirmation

Perform this task to replace the current running configuration file with a saved Cisco configuration file.


Note


You must configure a configuration archive before performing this procedure. For detailed steps, see the “Configuring the Characteristics of the Configuration Archive” module in the Managing Configuration Files Configuration Guide. The following procedure details how to return to that archived configuration in the event of a problem with the current running configuration.


SUMMARY STEPS

  1. enable
  2. configure replace target-url [nolock] [list] [force] [ignorecase] [revert trigger [error] [timer minutes] | time minutes]
  3. configure revert {now | timer {minutes | idle minutes}}
  4. configure confirm
  5. exit

DETAILED STEPS

  Command or Action Purpose

Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure replace target-url [nolock] [list] [force] [ignorecase] [revert trigger [error] [timer minutes] | time minutes]

Example:


Device# configure replace bootflash:myconfig-1 list time 30

Replaces the current running configuration file with a saved configuration file.

  • target-url —Specifies a URL (accessible by the Cisco file system) of the saved configuration file that is to replace the current running configuration, such as the configuration file created by using the archive config command. Depending on your hardware platform, the name of your file system might be different than shown in the example.

  • nolock —Disables the locking of the running configuration file that prevents other users from changing the running configuration during a configuration replace operation.

  • list —Displays a list of the command lines applied by the Cisco software parser during each pass of the configuration replace operation. The total number of passes performed is also displayed.

  • force —Replaces the current running configuration file with the specified saved configuration file without prompting you for confirmation.

  • ignorecase —Allows the configuration to ignore the case of the confirmation command.

  • time minutes —Specifies the time (in minutes) within which you must enter the configure confirm command to confirm replacement of the current running configuration file. If the configure confirm command is not entered within the specified time limit, the configuration replace operation is automatically reversed (in other words, the current running configuration file is restored to the configuration state that existed prior to entering the configure replace command).

  • revert trigger —Sets the following triggers for reverting to the original configuration:
    • error —Reverts to the original configuration upon error.
    • timer minutes —Reverts to the original configuration if the specified time elapses.

Step 3

configure revert {now | timer {minutes | idle minutes}}

Example:


Device# configure revert now

(Optional) Cancels the timed rollback and triggers the rollback immediately or resets parameters for the timed rollback.

  • now —Triggers the rollback immediately.

  • timer —Resets the configuration revert timer.
    • Use the minutes argument with the timer keyword to specify a new revert time in minutes.
    • Use the idle keyword along with a time in minutes to set the maximum allowable time period of no activity before reverting to the saved configuration.

Step 4

configure confirm

Example:


Device# configure confirm

(Optional) Confirms replacement of the current running configuration file with a saved configuration file.

Note

 

Use this command only if the time minutes keyword and argument of the configure replace command are specified.

Step 5

exit

Example:


Device# exit

Exits to user EXEC mode.

Configuration Examples for Configuration Rollback Confirmed Change

Example: Performing a Configuration Replace Operation with the configure confirm Command

The following example shows the use of the configure replace command with the time minutes keyword and argument. You must enter the configure confirm command within the specified time limit to confirm replacement of the current running configuration file. If the configure confirm command is not entered within the specified time limit, the configuration replace operation is automatically reversed (in other words, the current running configuration file is restored to the configuration state that existed prior to entering the configure replace command).


Device# configure replace nvram:startup-config time 120
This will apply all necessary additions and deletions
to replace the current running configuration with the
contents of the specified configuration file, which is
assumed to be a complete configuration, not a partial
configuration. Enter Y if you are sure you want to proceed. ? [no]: Y
Total number of passes: 1
Rollback Done
Device# configure confirm

The following example shows the use of the configure revert command with the timer keyword. You must enter the configure revert command to cancel the timed rollback and trigger the rollback immediately, or to reset parameters for the timed rollback.

Device# configure revert timer 100

Additional References

Related Documents

Related Topic

Document Title

Information about managing configuration files

“Managing Configuration Files” module in the Managing Configuration Files Configuration Guide

Commands for managing configuration files

Cisco IOS Configuration Fundamentals Command Reference

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

https://www.cisco.com/c/en/us/support/index.html

Feature Information for Configuration Rollback Confirmed Change

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1. Feature Information for Configuration Rollback Confirmed Change

Feature Name

Releases

Feature Information

Configuration Rollback Confirmed Change

12.2(33)SB

12.2(33)SRC

12.2(33)SXI

12.4(20)T

Cisco IOS XE Release 2.1

The Configuration Rollback Confirmed Change feature allows configuration changes to be performed with an optional requirement that they be confirmed.

This mechanism provides a safeguard against inadvertent loss of connectivity between a network device and the user or management application due to configuration changes.

The following commands were introduced or modified: configure confirm , configure replace , configure revert , configure terminal .