Copying a Router/Switch config to another device

What command is best to run if I am copying and pasting the config from one device to another?

I have read "show startup-config" is better than "show running-config" or "show run".

What is the advantage of using tftp with the command "copy running-config tftp"?

Is "show config" still supported and is it the same as "show startup-config"?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

What devices are you using?

Linksys has an option to save all settings to a .cfg file which, more or less, can import to any other Linksys. I sincerely doubt it'll import to a DLink or Netgear, though.
Show start will show you the config that is saved to NVRAM on your router.  This is the config the router will use when you power it on or after reloading the router.

Show run will show you the config that is currently running in ram.  If you make changes to your running config and do not write the changes then it will differ from the startup config.  Once you write changes the running config and startup config are the same until you make another change.

I don't like copy/pasting configs because more often than not you will encounter some minor issues.  If you want to do that I would recommend using tftp or ftp to copy the config out and then load that config to the other device.

You can use copy running-config tftp or copy running-config ftp which will copy the config that is running ram.

To place that config back onto your new device you can do copy tftp running-config.

Just remember you its your choice on using running-config or startup-config.  If no changes have been made then they are both the same.

Hope this helps.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Dragon0x40Author Commented:
thanks music2myear1 and alewis9777,

I am asking about Cisco.

I have not seen any difference between " show running-config" and "show startup-config" if you have entered a "wr mem" but I remember reading that "show run" will include the ssh certificate whereas "sh start" will not.

I believe copying the ssh certificate and all the related config lines from another device will do the same thing as typing the "crypto key generate rsa" command but I don't know how to verify that.
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Yes Dragon0x40 you are correct.

show running-config and show startup-config will be the same if you have not made any changes or you have saved the running-config.

The show running-config does show the certificates whereas the show startup-config does not.

You are also correct in that if you excecute the crypto key generate rsa key on the new device it will generate the certificates again for that router.
Dragon0x40Author Commented:
So other than the certificates everything else is the same between "sh run" and "sh start"?
Yes as long as no changes have been made and not saved.

I did both on a router I have here then put both configs on a linux box and run the diff command which shows you all the differences between the two files.

this was my differences:

[xxxx@xxxxx ~]$ diff ff-xxxx-fd-confg ff-xxx-fd-startup-config
<  certificate self-signed 01
<   XXXXXXX 308201B6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
<   31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
<   69666963 6174652D 32393731 37343430 3637301E 170D3038 31313036 32303235
<   32335A17 0D323030 31303130 XXXXXXX0 305A3031 312F302D 06035504 03132649
<   4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39373137
<   34343036 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
<   8100DDA3 FA742F9A XXXXXXX BCE65A6E 303C9CAF 6A032E39 73C8B748 224417F7
<   C7388560 CA2BB3EA 709681A9 4805A7E1 3D6FB768 94B7B262 7A6AF49F D613C98F
<   1FFFDB7C 80835852 52B478F6 3DC87898 CEDC83C8 236BBA9A 2381391C F5B7A784
<   0DD61527 FFD43830 1C7B60CD 16419428 76514F78 1865462C 325979BF 7B7D00E9
<   A0A50203 010001A3 75307330 0F060355 1D130101 FF040530 030101FF 30200603
<   551D1104 19301782 1546462D 4D455253 2D46442E 4D455253 46442E63 6F6D301F
<   0603551D 23041830 1680147B 9F6C1CD7 FE715565 F591F7CA 18584ECB 77560030
<   1D060355 1D0E0416 04147B9F 6C1CD7FE 715565F5 91F7CA18 584ECB77 5600300D
<   06092A86 4886F70D 01010405 00038181 00BAC643 F73DABE9 A0342421 783059ED
<   8228FC0E 62F4A14B AD8E0C67 4AA65573 48EB1B17 050439E2 EB6EB57A B26E81E2
<   EDD03B39 A4ACA743 091D7F7C 83DDEED3 A9FD9B98 D3FCD3CF FE69CC4E 6CFA1951
<   3B62D1B4 C023F7DD 376D0C5A XXXXXXX 42E489D4 CD74F47D 70BEDC93 9C104B52
<   312F8227 AAE1F4D9 955D32EE 2E4B4532 A0
<   quit

>  certificate self-signed 01 nvram:IOS-Self-Sig#3701.cer

Notice the top part that list the certificate is in the running-config.  The bottom part is a line in the startup-config that list the .cer file that the certificate is stored in.

Notice if you do a dir nvram: you will see that certificate file stored in your nvram.
Dragon0x40Author Commented:
So in startup-config the config just has a pointer but the running-config has the whole certificate.

You then have 2 options?

Copy and paste running-config and the certificate will be built and put into nvram
copy and paste startup-config and you have to run the "crypto key generate rsa" command to build the certifcate and put in nvram?

On my switch:

 certificate self-signed 01 nvram:Cert-Indentifier.cer

#dir nvram:
Directory of nvram:/

  497  -rw-       11111                    <no date>  startup-config
  498  ----        3851                    <no date>  private-config
    1  -rw-           0                    <no date>  ifIndex-table
    2  -rw-         600                    <no date>  IOS-Self-Sig#3001.cer
    3  ----          12                    <no date>  persistent-data

524288 bytes total (506202 bytes free)
Personnaly I prefer through tftp! If you do everything through tftp you avoid mistakes during copy-paste, but both devices must be EXACTLY the same! (otherwise some config will not match interfaces and will be removed automatically)

Also is much faster than copy paste!

"show config" was a CatOS command and is still supported in IOS (12.4.25 IOS has it)

Dragon0x40Author Commented:
thanks ampranti,

So is "show config" equivalent to "show running-config" or "show startup-config"?
Dragon0x40Author Commented:
I think that "show config" is equivalent to "show startup-config".

I created a loopback 3 interface and did not do a "wr mem" and loopback3 shows up only when I run "show running-config" not when I run "show startup-config" or "show config".
The show configuration command has been replaced by the show startup-config and more nvram:startup-config commands.

cisco reference:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Switches / Hubs

From novice to tech pro — start learning today.