Fiber Cable

LC-FC
2018-05-17 10_54_38-Fiber Cable - Evernote

LC-LC
2.png

LC-SC
3

LC-ST
4

LSH
5.png

MTRJ
6

MU
7.png

SC-SC
8.png

ST-ST

9

OM1,OM2,OM3 and OM4 Multimode Fibers
OM1
* Color – Orange
* Core Size – 62.5um
* Data Rate – 1GB @ 850nm
* Distance – Up to 300 meters
* Applications – Short-Haul Networks, Local Area Networks (LANs) & Private Networks
* 62.5/125 Multimode Duplex Fiber Cable
OM2
* Color – Orange
* Core Size – 50um
* Data Rate – 1GB @ 850nm
* Distance – Up to 600 meters
* Generally used for shorter distances • 2x Distance Capacity of OM1
* Applications – Short-Haul Networks, Local Area Networks (LANs) & Private Networks
* OM2 Fiber Optic Multimode Cable

OM3 – Laser-Optimized Multimode
* Color – Aqua
* Core Size – 50um
* Date Rate – 10GB @ 850nm
* Distance – Up to 300 meters
* Uses fewer modes of light, enabling increased speeds
* Able to run 40GB or 100GB up to 100 meters utilizing a MPO connector
* Applications – Larger Private Networks
* 10 Gigabit Laser Optimized Aqua OM3 Fiber Optic Cables

OM4 – Laser-Optimized Multimode
* Color – Aqua
* Core Size – 50um
* Data Rate – 10GB @ 850nm
* Distance – Up to 550 meters
* Able to run 100GB up to 150 meters utilizing a MPO connector
* Applications – High-Speed Networks – Data Centers, Financial Centers & Corporate Campuses
* OM4 50µ – Multimode 10Giga/550m optimized Cables

What Is OM5 Fiber?
According to the ISO/IEC 11801, OM5 fiber specifies a wider range of wavelengths between 850nm and 953nm. It was created to support short wavelength division multiplexing (SWDM), which is one of the many new technologies being developed for transmitting 40Gb/s and 100Gb/s. In June 2016, ANSI/TIA-492AAAE, the new wideband multimode fiber standard, was approved for publication. And in October of 2016, OM5 fiber was announced as the official designation for cabling containing WBMMF (Wide Band Multimode Fiber) by ISO/IEC 11801. From then on, OM5 may be a potential new option for data centers that require greater link distances and higher speeds.

SC to Ethernet Converter
10.png

SFP to Ethernet Converter
11.png
Simplex
A simplex fiber cable consists of a single strand of glass of plastic fiber. Simplex fiber is most often used where only a single transmit and/or receive line is required between devices or when a multiplex data signal is used (bi-directional communication over a single fiber).

Duplex
A duplex fiber cable consists of two strands of glass or plastic fiber. Typically found in a “zipcord” construction format, this cable is most often used for duplex communication between devices where a separate transmit and receive are required.

APC (Angled Physical Contact)
APC connectors feature a fiber end face that is polished at an 8-degree angle
APC connectors are green
APC can only be connected to APC
APC has better performance than UPC
12.png
UPC (Ultra Physical Contact)
UPC connectors are polished with no angle
UPC connectors are blue
13.png
Single Mode
Single Mode fiber optic cable has a small diametral core that allows only one mode of light to propagate. Because of this, the number of light reflections created as the light passes through the core decreases, lowering attenuation and creating the ability for the signal to travel further. This application is typically used in long distance, higher bandwidth runs by Telcos, CATV companies, and Colleges and Universities.
14
Multimode
Multimode fiber optic cable has a large diametral core that allows multiple modes of light to propagate. Because of this, the number of light reflections created as the light passes through the core increases, creating the ability for more data to pass through at a given time. Because of the high dispersion and attenuation rate with this type of fiber, the quality of the signal is reduced over long distances. This application is typically used for short distance, data and audio/video applications in LANs. RF broadband signals, such as what cable companies commonly use, cannot be transmitted over multimode fiber.
15.jpg
Advertisements

Upgrade Brocade or Qlogic BR-1020 in ESXi

SOURCE:
-Download from
ESXi55-BCD-bna-3.2.6.0-00000-3204985.zip
BCD-ESXi5.5-bfa-3.2.6.0-00000-3000040.zip
brocade_adapter_boot_fw_v3-2-7-0.zip

Upgrade firmware
OPTION1
-download “Multi-Boot Code for BR- Series Adapters LiveCD” from
and boot from it
# bcu boot –update brocade_adapter_boot_fw_v3-2-7-0 -a

OPTION2
# unzip brocade_adapter_boot_fw_v3-2-7-0.zip
# esxcli brocade bcu –command=”boot –update brocade_adapter_boot_fw_v3-2-7-0 -a”

to install network driver
# unzip ESXi55-BCD-bna-3.2.6.0-00000-3204985.zip
# esxcli software vib install -d /tmp/ESXi55-BCD-bna-3.2.6.0-00000-offline_bundle-3204985.zip
# reboot

to install fc driver
# unzip BCD-ESXi5.5-bfa-3.2.6.0-00000-3000040.zip
# esxcli software vib install -d /tmp/BCD-ESXi5.5-bfa-3.2.6.0-00000-offline_bundle-3000040.zip
-Geting WWN’s for all storage adapters with ESXCLI
# esxcli storage core adapter list | grep -i fc | awk ‘{print $4}’
fc.20000005334856b6:10000005334856b6
fc.20000005334856b7:10000005334856b7

-to uninstall fc driver
# esxcli software vib remove -n scsi-bfa
# reboot
NOTE:
-to connect BR-1020 twinax, we need Brocade, Cisco or EMC active twinax

Brocade Basic Configuration

-to skip pagination on every show command
> skip-page-display

-to set hostname
> switchname SAN1

-to set ip address
> ipaddrset

-to set dns
> dnsconfig

-to show current date
> date

-to set ntp server
> tsclockserver 10.10.10.1

-to show current timezone
> tstimezone
Time Zone : US/Pacific

-to change timezone
> tsTimeZone –interactive
Please identify a location so that time zone rules can be set correctly.
Please select a continent or ocean.
1) Africa
2) Americas
3) Antarctica
4) Arctic Ocean
5) Asia
6) Atlantic Ocean
7) Australia
8) Europe
9) Indian Ocean
10) Pacific Ocean
11) none – I want to specify the time zone using the POSIX TZ format.
Enter number or control-D to quit ?1
Please select a country.
1) Algeria 18) Gabon 35) Rwanda
2) Angola 19) Gambia 36) Sao Tome & Principe
3) Benin 20) Ghana 37) Senegal
4) Botswana 21) Guinea 38) Sierra Leone
5) Burkina Faso 22) Guinea-Bissau 39) Somalia
6) Burundi 23) Kenya 40) South Africa
7) Cameroon 24) Lesotho 41) Spain
8) Central African Rep. 25) Liberia 42) Sudan
9) Chad 26) Libya 43) Swaziland
10) Congo (Dem. Rep.) 27) Malawi 44) Tanzania
11) Congo (Rep.) 28) Mali 45) Togo
12) Cote d’Ivoire 29) Mauritania 46) Tunisia
13) Djibouti 30) Morocco 47) Uganda
14) Egypt 31) Mozambique 48) Western Sahara
15) Equatorial Guinea 32) Namibia 49) Zambia
16) Eritrea 33) Niger 50) Zimbabwe
17) Ethiopia 34) Nigeria
Enter number or control-D to quit ?1
The following information has been given:
Algeria
Therefore TZ=’Africa/Algiers’ will be used.
Local time is now: Wed Oct 28 15:01:38 CET 2015.
Universal Time is now: Wed Oct 28 14:01:38 UTC 2015

-to show domain ID
> fabricshow
Switch ID Worldwide Name Enet IP Addr FC IP Addr Name
————————————————————————-
2: fffc02 10:00:00:60:69:e0:01:46 10.3.220.1 0.0.0.0 “ras001”

-to set domain ID
1. Connect to the switch and log in on an account assigned to the admin role.
2. Enter the switchDisable command to disable the switch.
3. Enter the configure command.
4. Enter y after the Fabric parameters prompt.
Fabric parameters (yes, y, no, n): [no] y
5. Enter a unique domain ID at the Domain prompt. Use a domain ID value from 1 to 239 for normal operating mode (FCSWcompatible).
Domain: (1..239) [1] 3
6. Respond to the remaining prompts, or press Ctrl-D to accept the other settings and exit.
7. Enter the switchEnable command to re-enable the switch.

-to change hostname
> switchname SAN1
The prompt does not change to the new switch name until after you log in again

-to save config
> cfgSave

-to upload config
> configUpload

-to restore config
> configDownload

-to upgrade both secondary and primary firmware
> firmwaredownload
At a high level the upgrade process goes as follows:
The Fabric OS downloads the firmware to the secondary partition.
The system performs a high availability reboot (haReboot). After the haReboot, the former secondary partition is the primary partition.
The system replicates the firmware from the primary to the secondary partition.

-to show current firmware
> firmwareshow

-If you may want to test the firmware first and have an option to roll-back.
To accomplish that you can use -s key and disable auto-commit
> firmwaredownload -s
Switch will upload the firmware to the secondary partition, switch secondary and primary partitions after a reboot, but won’t replicate the firmware to the secondary partition.

-You can use the following command to restore firmware back to the previous version
> firmwareRestore
-Or if you’re happy with the firmware, commit it to the secondary partition:
>  firmwareCommit

Important Notes
When downloading firmware for your switch, make sure to use switch’s vendor web-site. EMC Connectrix DS-300B, Brocade 300 and IBM SAN24B-4 are essentially the same switch, but firmware and supported versions for each OEM vendor may slightly vary. Here are the links where you can get FC switch firmware for some of the vendors:
-EMC: sign in to http://support.emc.com > find your switch model under the product section and go to downloads
-Brocade: sign in to http://www.brocade.com > go to Downloads section > enter FOS in the search field
-Dell: http://www.brocadeassist.com/dellsoftware/public/DELLAssistincludes a subset of Fabric OS versions, which are tested and approved by Dell
-IBM: http://ibm.brocadeassist.com/public/FabricOSv6xRelease and http://ibm.brocadeassist.com/public/FabricOSv7xRelease are the links where you can download FOS for IBM switches. You can also go to http://support.ibm.com, search for the switch in the Product Finder and find FOS under the “Downloads (drivers, firmware, PTFs)” section

-to reboot
> reboot

-to shutdown
> sysshutdown

-to show CLI history
> clihistory
CLI history
Date & Time Message
Thu Sep 27 04:58:00 2012 root, 10.70.12.101, firmwareshow -v

-to Downloading a configuration from one switch to another switch of the same model
1. Configure one switch.
2. Use the configUpload command to save the configuration information. Refer to Configuration file backup on page 137 for more information.
3. Run configDefault on each of the target switches, and then use the configDownload command to download the configuration file to each of the target switches. Refer to Configuration file restoration on page 139 for more information

-to view the changes, use cfgshow
> zonecreate sloth, “b*; 10:00:00:00:01:1e:20:20”
> cfgsave
> cfgenable
> cfgshow
Defined configuration:
zone: matt 30:06:00:07:1e:a2:10:20; 3,2
zone: sloth bawn; bolt; bond; brain; 10:00:00:00:01:1e:20:20 alias: bawn 3,5; 4,8

-to show license
> licenseshow
S9bddb9SQbTAceeCbzbzRcbcSc0c0SYRyeSzRScycazfT0G:
Integrated Routing Ports on Demand license
Capacity 128

> version
Kernel: 2.6.14.2
Made on: Mon Feb 11 20:36:38 2008
Flash: Wed Jan 7 15:33:34 2009
BootProm: 4.6.6

> diagshow
Diagnostics Status: Tue Sep 07 23:41:38 2010
Slot: 0 UPORTS
Port BPort Diag Active Speed FrTX FrRX LLI Errs Loopback
0/0 1 OK DN 4G Auto — — —
0/1 2 OK DN 4G Auto — — —
0/2 5 OK DN 4G Auto — — —
0/3 7 OK DN 4G Auto — — —
0/4 0 OK DN 4G Auto — — —
0/5 3 OK DN 4G Auto — — —
0/6 6 OK DN 4G Auto — — —

> switchshow
switchName: DS_5000B
switchType: 58.2
switchState: Online
switchMode: Native
switchRole: Principal
switchDomain: 1
switchId: fffc01
switchWwn: 10:00:00:05:1e:90:91:dc
zoning: OFF
switchBeacon: OFF
Area Port Media Speed State Proto
=====================================
0 0 — N4 No_Module
1 1 — N4 No_Module
2 2 — N4 No_Module
3 3 — N4 No_Module
4 4 — N4 No_Module
5 5 — N4 No_Module
6 6 — N4 No_Module
7 7 — N4 No_Module

> switchshow -portname
switchName: sw0
switchType: 66.1
switchState: Online
switchMode: Native
switchRole: Principal
switchDomain: 1
switchId: fffc01
switchWwn: 10:00:00:05:1e:82:3c:2a
zoning: OFF
switchBeacon: OFF
FC Router: OFF
Fabric Name: switch_test
Allow XISL Use: OFF
LS Attributes: [FID: 128, Base Switch: No, Default Switch: Yes, Address Mode 0]
Index Port PortWWN Name
==================================================
0 0 20:00:00:05:1e:82:3c:2a port0
1 1 20:01:00:05:1e:82:3c:2a port1
2 2 20:02:00:05:1e:82:3c:2a port2
3 3 20:03:00:05:1e:82:3c:2a port3
4 4 20:04:00:05:1e:82:3c:2a port4
5 5 20:05:00:05:1e:82:3c:2a port5
6 6 20:06:00:05:1e:82:3c:2a port6
7 7 20:07:00:05:1e:82:3c:2a port7

-to show the portshow output
> portshow 28
portIndex: 28
portName: sw78.E_PORT.28
portHealth: HEALTHY
Authentication: None
portDisableReason: None
portCFlags: 0x1
portFlags: 0x1000090b PRESENT ACTIVE E_PORT T_PORT T_MASTER G_PORT U_PORT LOGICAL_ONLINE LOGIN
LocalSwcFlags: 0x0
portType: 18.0
POD Port: Port is licensed
portState: 1 Online
Protocol: FC
portPhys: 6 In_Sync portScn: 16 E_Port Trunk master port Flow control mode 4
port generation number: 0
state transition count: 1

-use secCryptoCfg CLI to disable TLS – example below is from FOS 7.4 but you should be able to work it out for 8.0 or 8.1, too (this is adapted from a KB article)
FOS 7.4 (admin) supports display and modification of the default //selected// cipher suite (a subset of the above //supported// list) as follows:
admin> seccryptocfg –show
HTTPS Cipher List        : !ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM
SSH Cipher List          : aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
SSH Kex Algorithms List  : ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
SSH MACs List            : hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha2-512

If you were interested only in SSL (especially with respect to TLSv1.2) as part of the HTTPS cipher list, you would be concerned with the top line, as follows, as the other ciphers are SSH related (which do not use SSL/TLS):
HTTPS Cipher List        : !ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM
We can query for more details about //selected// ciphers using the openssl command, but with the FOS selection string:
root> openssl ciphers -v ‘!ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM’
AES256-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA256
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
DES-CBC3-SHA            SSLv3 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=SHA1
AES128-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA256
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1
We can see that FOS limits its selection of the support ciphers to these five above, which include TLSv1.2, so a client that might support many cipher suites would only successfully negotiate one of these five with the switch.

If you wish to reduce the FOS cipher selection even further you could, for example, remove the SSLv3 suites, by using the ‘!SSLv3’ added at the end of this selection string, which we are using to display a further subset of ciphers:
root> openssl ciphers -v ‘!ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM:!SSLv3’
AES256-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA256
AES128-SHA256           TLSv1.2 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA256
This gives you the selection string that you would need to supply to the folowing FOS (admin) command “seccryptocfg”, to reduce the selection to the TLSv1.2 suites from the selection already done in FOS (note that http is restarted to adapt to the change):
admin> seccryptocfg –replace -type https -cipher ‘!ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM:!SSLv3’
This command requires the daemon(s) HTTP to be restarted.
Existing sessions will be terminated.
Please confirm and provide the preferred option
Press Yes(Y,y), No(N,n) [N]:y
HTTP cipher list configured successfully.

Finally, we check the new list of FOS selected ciphers as follows:
admin> seccryptocfg –show
HTTPS Cipher List        : !ECDH:!DH:HIGH:-MD5:!CAMELLIA:!SRP:!PSK:!AESGCM:!SSLv3
SSH Cipher List          : aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
SSH Kex Algorithms List  : ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
SSH MACs List            : hmac-md5,hmac-sha1,hmac-sha2-256,hmac-sha2-512

IOS Tips

-Reset port gi1/0/1 to default:
# conf t
(config) # default interface gi1/0/1

-Reset ports 1-48 to default:
# conf t
(config)# default int range gi1/0/1-48

-Edit ports 1-48 at the same time
# conf t
(config)# int range gi1/0/1-48
(config-if)# <enter config change>

-Apply a config change to a non-contiguous range of ports
# conf t
(config) # int range gi1/0/1 – 5 , gi1/0/10 – 15
(config-if)# <enter config change>

-Do multiple steps in a single command when provisioning a port for an end-device
# conf t
(config)# int gi1/0/1
(config-if)# switchport host
   sets switch port mode to access + enables spanning tree Port Fast + disables channel grouping.

-Use macros to run a script by entering a single command AND use variables
 Create the macro
# conf t
(config)# macro name SetTrunk
shut
description TRUNK PORT
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan $NATIVE
switchport trunk allowed vlan $ALLOWED
mls qos trust dscp
no shut
@
 Now apply the macro to a port you want to create as a trunk, set the native VLAN to 123 and define all VLANs as being allowed
# conf t
(config)# int gi1/0/1
(config-if)# macro apply SetTrunk $NATIVE 123 $ALLOWED all

-Show all interfaces and the CRC count for each
# show interface | i protocol|CRC
GigabitEthernet1/0/5 is up, line protocol is up (connected)
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored

-Find what ports are not currently connected
# sh int status | i notconnect

-Show what ports are down due to BPDUguard
# sh int status | i err
or
# show log | i BPDU|bpdu
%SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port GigabitEthernet1/0/16 with BPDU Guard enabled. Disabling port.
%PM-4-ERR_DISABLE: bpduguard error detected on Gi1/0/16, putting Gi1/0/16 in err-disable state

-Delete a directory
# del /force /recursive directory_name

-For all switches in a stack, define both a primary AND a secondary boot image
# all flash:c3750-ipbasek9-mz.122-55.SE8.bin;flash:c3750-ipbasek9-mz.122-55.SE7.bin

-Get extended details about the packets crossing an interface
#show interfaces f2/0/17 controller
     Transmit FastEthernet2/0/17              Receive
     18971276 Bytes                         33189871 Bytes
        14754 Unicast frames                   59339 Unicast frames
        43389 Multicast frames                  3440 Multicast frames
        99892 Broadcast frames                 43925 Broadcast frames
            0 Too old frames                29986661 Unicast bytes
            0 Deferred frames                 346082 Multicast bytes
            0 MTU exceeded frames            2855260 Broadcast bytes
            0 1 collision frames                   0 Alignment errors
            0 2 collision frames                   0 FCS errors
            0 3 collision frames                   0 Oversize frames
            0 4 collision frames                  17 Undersize frames
            0 5 collision frames                   0 Collision fragments
            0 6 collision frames
            0 7 collision frames               46501 Minimum size frames
            0 8 collision frames                7813 65 to 127 byte frames
            0 9 collision frames                1613 128 to 255 byte frames
            0 10 collision frames               2114 256 to 511 byte frames
            0 11 collision frames              47218 512 to 1023 byte frames
            0 12 collision frames               1462 1024 to 1518 byte frames
            0 13 collision frames                  0 Overrun frames
            0 14 collision frames                  0 Pause frames
            0 15 collision frames
            0 Excessive collisions                 0 Symbol error frames
            0 Late collisions                      0 Invalid frames, too large
            0 VLAN discard frames                  0 Valid frames, too large
            0 Excess defer frames                  0 Invalid frames, too small
       112850 64 byte frames                       0 Valid frames, too small
         6718 127 byte frames
        20771 255 byte frames                      0 Too old frames
        16109 511 byte frames                      0 Valid oversize frames
         1445 1023 byte frames                     0 System FCS error frames
          142 1518 byte frames                     0 RxPortFifoFull drop frame
            0 Too large frames
            0 Good (1 coll) frames
            0 Good (>1 coll) frames

-Show receive and transmit utilization for all ports
0# sh controllers utilization
Port       Receive Utilization  Transmit Utilization
Fa2/0/1            0                    0
Fa2/0/2            0                    0
Fa2/0/3            0                    0
Fa2/0/4            0                    0
Fa2/0/5            0                    0

-Modify an access-list that is referenced with a class-map and policy-map (basically, you need to delete from the top down and rebuild from the bottom up):
Steps explained
# conf t
   remove the policy within the policy map that references the class-map that references the access-list (access-group)
   Remove the class-map that references the access-list (access-group)
   do a no access-list to remove the ACL
   Enter in the ACL statements
   Enter in the class-map statements
   change to policy-map
   Enter in the policy-map statements
Steps performed
   For this setup we’ll use this configuration
# conf t
(config)# policy-map MARK-LAN-DSCP
(config-pmap)# class EF-105-CLASS
(config-pmap-c)# set dscp ef
(config-pmap-c)# class-map match-any EF-105-CLASS
(config-cmap)# match access-group 105
(config-cmap)# exit
(config)# access-list 105 permit ip host 192.168.2.1 any
GOAL: To edit access-list 105 and change one of the source IP’s without the switch choking on itself
# conf t
(config)# policy-map MARK-LAN-DSCP
(config-pmap)# no class EF-105-CLASS
(config-pmap) # exit
(config)# no class-map match-any EF-105-CLASS
(config)# no access-list 105
(config)# access-list 105 permit ip host 10.0.0.1 any
(config)# access-list 105 permit ip host 192.168.2.1 any
(config)# class-map match-any EF-105-CLASS
(config-cmap)# match access-group 105
(config-cmap)# exit
(config)# policy-map MARK-LAN-DSCP
(config-pmap)# class EF-105-CLASS
(config-pmap-c)# set dscp ef
(config-pmap-c)# exit
(config-pmap)# exit
(config)# exit
# wr

kron backup config

NOTE: make sure all devices has the same clock or point to the same NTP server

(config)# clock timezone GMT +7
(config)# archive
(config-archive)# path tftp://IP_of_TFTP_SERVER/$h$t
(config-archive)# write-memory
-kron will run 12AM
(config)# kron occurrence backup-config at 0:0 recurring
or
-kron will run 1 min later
(config)# kron occurrence backup-config in 1 oneshot

(config-kron-occurrence)# policy-list backup-config
(config)# kron policy-list backup-config
(config-kron-policy)# cli wr me
(config-kron-policy)# end
# wr me
#show kron schedule
backup-config inactive, will run once in 0 days 11:43:14

-to backup to local flash directory
#dir
Directory of flash0:/
    1  drw-           0  Jan 30 2013 07:00:00 +07:00  boot
  264  drw-           0  Oct 14 2013 07:00:00 +07:00  config
  267  -rw-   139942304  Mar 25 2015 07:00:00 +07:00  vios-adventerprisek9-m
  270  -rw-      524288  Feb 15 2018 21:55:44 +07:00  nvram
  271  -rw-          79  Feb 19 2018 11:35:08 +07:00  e1000_bia.txt
#cd backup
R1#dir
Directory of flash0:/backup/
No files in directory
2142715904 bytes total (1997635584 bytes free)
(config)# archive
(config-archive)#path flash:/backup/$h$t