Configuration rollback considerations and limitations

General

In a rollback operation, configuration diffs are generated between the running config and the checkpoint config. These can be seen by means of the show rollback diff checkpoint command. Configuration parameters that are changed are first removed, and then previous configuration parameters are reapplied.

The show rollback patch checkpoint command displays the patch file, which lists the sequence of CLI commands to be executed as part of a rollback.

Configurations from all other CLI/NETCONF/REST/RestConf and SNMP sessions are blocked when the rollback operation is in progress, with an error message as in the following CLI example.

device(conf-if-eth-0/1)# switchport 
Rollback configuration is in progress. Please try again later.
device(conf-if-eth-0/1)#

Rollback and checkpoint operations are not permitted when the file/configuration replay operation is in process. An example error message is shown below.

device# rollback running-config checkpoint default
This operation will modify the running configuration of the system. Do you want to continue? [Y/N]Y
%ERROR: Configuration rollback not allowed when file replay is in progress, try again later

Only one rollback session is allowed. Subsequent attempts to roll back when there is an active rollback session are blocked, as in the following example.

device# rollback running-config checkpoint default
This operation will modify the running configuration of the system. Do you want to continue? [Y/N]Y
%ERROR: There is another configuration rollback session in progress, try again later

A rollback operation is not permitted when cluster formation is in progress, as in the following example.

device# rollback running-config checkpoint default
This operation will modify the running configuration of the system. Do you want to continue? [Y/N]Y
%ERROR: Cluster formation is  in progress, try again later
All checkpoints and related artifacts (such as logs, history, and so on) are deleted from the system for the following conditions:
  • When write-erase is issued
  • When upgrade/downgrade is issued
  • When no rollback enable is executed from global configuration mode.

When a firmware download is done with a full install, rollback will be disabled. When the device comes up with the new image, all the checkpoints will be lost.

Issues with specific configurations

In very rare cases, certain configuration commands cannot be removed from the running configuration without the device having to be reloaded. A configuration rollback operation that attempts to remove such a command could result in error messages indicating that these specific command lines have failed.

RAS considerations

The following table lists conditions and messages for Reliability, Availability, and Serviceability (RAS).

Table 1. RAS conditions and messages
Condition Message
Rollback operation Configuration Rollback to checkpoint <checkpoint-name> has started.
Rollback completion Configuration Rollback to checkpoint <checkpoint-name> has been completed successfully.
Configuration Rollback to checkpoint <checkpoint-name> has been aborted.
Configuration Rollback to checkpoint <checkpoint-name> has failed. Please use
show rollback log [errors]
to see the reasons for the failure.
Checkpoint creation Checkpoint <checkpoint-name> is created by <user>.
Checkpoint deletion Checkpoint <checkpoint-name> is deleted by <user>.

Intrusive scenarios

The following are among the intrusive scenarios that can occur in moves from a running configuration to a checkpoint configuration.

Performance considerations

A rollback operation involves retrieving an existing running configuration, computing the differences between that and a checkpoint configuration, and replaying the file of the diff that is generated. Where network scales are such that there are huge differences between the running configuration and checkpoint configuration, it can take several minutes to complete the rollback.