Tip

This is the documentation for the 20.08 version. Looking for the documentation of the latest version? Have a look here.

Configuration Backups

The candidate and running databases can be saved to or loaded from files in the host OS. This can be used to make backups, copy configurations to other routers, or similar purposes.

Warning

This procedure only backs up the configuration database. It does not back up other important files such as PKI entries (Certificate Authorities, Certificates, Keys) from /etc/pki/tls/tnsr/. Copy those files, and any other modified files such as custom scripts and shell configuration files, outside of TNSR as described in Backups Outside of TNSR.

The filenames can take an absolute path and filename, or the path may be omitted to save the file in the directory from which the TNSR CLI was invoked by the administrator. When saving, this file must be writable by the TNSR backend daemon. When loading, this file must be readable by the TNSR backend daemon.

Tip

The best practice is to store backup configuration files in a secure location to prevent unauthorized access to sensitive information.

Saving the running configuration as a backup:

tnsr# config
tnsr(config)# configuration save running backup.xml

Loading a configuration file from a backup:

tnsr# config
tnsr(config)# configuration candidate load backup.xml
tnsr(config)# configuration candidate commit

Backups Outside of TNSR

The previous procedure creates and restores the configuration from within the TNSR CLI. In certain cases that method may not be viable, such as when the configuration from an older version of TNSR must be updated (Updating the Configuration Database).

In these cases, the TNSR configuration database files in /var/tnsr may be accessed directly.

Warning

Unlike operations performed within TNSR, these actions must be performed with elevated privileges, either by the root account or using sudo.

Warning

This procedure only backs up the configuration database. It does not back up other important files such as PKI entries (Certificate Authorities, Certificates, Keys) from /etc/pki/tls/tnsr/. Copy those files, and any other modified files such as custom scripts and shell configuration files, using the same method described here.

To make a configuration backup of the running database:

$ sudo cp -p /var/tnsr/running_db ~/backup.xml

Warning

The configuration database files may be read while TNSR is running, but TNSR must be stopped when making changes.

To restore a backup to the running and startup databases:

$ sudo tnsrctl stop
$ sudo cp -p ~/backup.xml /var/tnsr/running_db
$ sudo cp -p /var/tnsr/running_db /var/tnsr/startup_db
$ sudo tnsrctl start