The Problem with Manual Backups
If your backup strategy relies on a human remembering to type copy run tftp, you do not have a backup strategy. You have a hope strategy.
Manual backups are stale the moment they are made. They don't track *who* changed what, or *why*. Modern network engineering treats configuration as code.
The Toolset
We don't need expensive proprietary software (SolarWinds, etc.) to do this well. We can build a robust, version-controlled system for free.
- Python: The glue logic.
- Netmiko: The library to talk SSH to routers (handling prompts, paging, etc.).
- Git: The version control system to track changes over time.
The Script
Here is a simplified Python script that connects to a list of devices, pulls the running config, and saves it to a file.
from netmiko import ConnectHandler
import datetime
# Define device
cisco_device = {
'device_type': 'cisco_ios',
'host': '192.168.1.10',
'username': 'admin',
'password': 'password',
}
# Connect
net_connect = ConnectHandler(**cisco_device)
# Get Hostname
hostname = net_connect.find_prompt()[:-1]
# Get Config
config = net_connect.send_command("show run")
# Save to File
date = datetime.date.today().isoformat()
filename = f"{hostname}_{date}.cfg"
with open(filename, "w") as f:
f.write(config)
print(f"Backup complete for {hostname}")Why Git is Critical
Saving a file named router_backup_final_v2.txt is amateur hour. By initializing a Git repository in your backup folder, you get a time machine.
When a router breaks at 3 AM, you can run git diff and instantly see that Dave added a bad ACL line yesterday at 4 PM. That is Mean Time To Innocence (MTTI).
Automation
Don't run the script manually. Put it in a cron job or a scheduled task. Run it every night at midnight. Push the git repo to a private GitHub or GitLab repository for offsite redundancy.
Conclusion
Automation isn't just about speed. It's about consistency. A robot never forgets to backup the core switch because it was tired.