Image Files on the Switch
- BIOS and loader images combined in one file
- Kickstart image
- System image that includes a BIOS image that can be upgraded
- A 2 MB flash part holds two BIOS and loader images.
- A 1 GB flash part holds configuration files, kickstart images, systems images, and other files.
The upgradeable BIOS and the golden BIOS are programmed onto the 2 MB flash part. You cannot upgrade the golden BIOS.
When you download a new pair of kickstart and system images, you also get a new BIOS image because it is included in the system image. You can use the install all command to upgrade the kickstart, system, and upgradeable BIOS images.
Starting the Switch
Boot Sequence
When the switch boots, the golden BIOS validates the checksum of the upgradeable BIOS. If the checksum is valid, then control is transferred to the upgradeable BIOS image. The upgradeable BIOS launches the kickstart image, which then launches the system image. If the checksum of the upgradeable BIOS is not valid, then the golden BIOS launches the kickstart image, which then launches the system image.
You can force the switch to bypass the upgradeable BIOS and use the golden BIOS instead. If you press Ctrl-Shift-6within two seconds of when power is supplied to the switch, the golden BIOS will be used to launch the kickstart image, even if the checksum of the upgradeable BIOS is valid.
Note
When you press Ctrl-Shift-6, the console settings must be set to their defaults: 9600 baud, 8 data bits, no parity, and 1 stop bit.
When you press Ctrl-Shift-6, the console settings must be set to their defaults: 9600 baud, 8 data bits, no parity, and 1 stop bit.
Before the boot sequence starts, the BIOS performs internal tests on the switch. If the tests fail, then the loader does not gain control. Instead, the BIOS image retains control and prints a message to the console at 9600 baud every 30 seconds that indicates a failure.
Figure 1-1 shows the normal and recovery boot sequence.
For information about recovery procedures, see Chapter1, “Troubleshooting”
Console Settings
To change a console setting, use the line console command in configuration mode. The following example configures a line console and sets the options for that terminal line:
Upgrading the Switch
Upgrade Procedure Summary
Detailed Upgrade Procedure
Upgrading a Cisco Nexus 5000 Series switch disrupts all traffic flow through the switch.
Step 2 Log in to Cisco.com to access the Software Download Center. To log in to Cisco.com, go to the URL http://www.cisco.com/ and click Log In at the top of the page. Enter your Cisco username and password.
Log in to Cisco.com to access the Software Download Center. To log in to Cisco.com, go to the URL http://www.cisco.com/ and click Log In at the top of the page. Enter your Cisco username and password.
Step 7 Ensure that the required space is available in the bootflash: directory for the image file(s) to be copied.
Ensure that the required space is available in the bootflash: directory for the image file(s) to be copied.
Tip We recommend that you keep the kickstart and system image files for at least one previous software release to use if the new image files do not load successfully.
Step 8 If you need more space on the active supervisor module bootflash, delete unnecessary files to make space available.
If you need more space on the active supervisor module bootflash, delete unnecessary files to make space available.
Step 9 Copy the kickstart and system images to the supervisor module bootflash using a transfer protocol. You can useftp:, tftp:, scp:, or sftp:. The examples in this procedure use scp:.
Copy the kickstart and system images to the supervisor module bootflash using a transfer protocol. You can useftp:, tftp:, scp:, or sftp:. The examples in this procedure use scp:.- performs compatibility checks (equivalent to the show incompatibility command) for the images that you have specified. If there are compatibility issues, an error message is displayed and the installation does not proceed.
- Displays the compatibility check results and displays whether the installation is disruptive.
- Provides a prompt to allow you to continue or abort the installation.
- Updates the boot variables to reference the specified images and saves the configuration to the startup configuration file.
Step 11 After the switch completes the installation, log in and verify that the switch is running the required software version.
After the switch completes the installation, log in and verify that the switch is running the required software version.Downgrading from a Higher Release
The procedure to downgrade the switch is identical to a switch upgrade, except that the image files to be loaded are for an earlier release than the image currently running on the switch.
Note Prior to downgrading to a specific release, check the release notes for the current release installed on the switch, to ensure that your hardware is compatible with the specific release.
Prior to downgrading to a specific release, check the release notes for the current release installed on the switch, to ensure that your hardware is compatible with the specific release.
Step 1 Locate the image files you will use for the downgrade by entering the dir bootflash: command.
Locate the image files you will use for the downgrade by entering the dir bootflash: command.
If the image files are not stored on the bootflash memory, download the files from Cisco.com (using steps 1 through 9 of the software upgrade procedure).
- performs compatibility checks (equivalent to the show incompatibility command) for the images that you have specified. If there are compatibility issues, an error message is displayed and the installation does not proceed.
- Displays the compatibility check results and displays whether the installation is disruptive.
- Provides a prompt to allow you to continue or abort the installation.
- updates the boot variables to reference the specified images and saves the configuration to the startup configuration file.
Step 3 After the switch completes the installation, log in and verify that the switch is running the required software version.
After the switch completes the installation, log in and verify that the switch is running the required software version.Initial Configuration
- Configuration Prerequisites
- Initial Setup
- Preparing to Configure the Switch
- Default Login
- Configuring the Switch
- Changing the Initial Configuration
Configuration Prerequisites
The following procedure is a review of the tasks you should have completed during hardware installation. These tasks must be completed before you can configure the switch.
- The console port is physically connected to a computer terminal (or terminal server).
- The management Ethernet port (mgmt0) is connected to an external hub, switch, or router.
Refer to the Cisco Nexus 5000 Series Hardware Installation Guide (for the required product) for more information.
Tip Save the host ID information for future use (for example, to enable licensed features). The host ID information is provided in the Proof of Purchase document that accompanies the switch.
Step 2 Verify that the default console port parameters are identical to those of the computer terminal (or terminal server) attached to the switch console port:
Verify that the default console port parameters are identical to those of the computer terminal (or terminal server) attached to the switch console port:Initial Setup
The first time that you access a switch in the Cisco Nexus 5000 Series, it runs a setup program that prompts you for the IP address and other configuration information necessary for the switch to communicate over the Ethernet interface. This information is required to configure and manage the switch.
Note The IP address can only be configured from the CLI. When the switch powers up for the first time, you should assign the IP address. After you perform this step, the Cisco MDS 9000 Family Fabric Manager can reach the switch through the console port.
The IP address can only be configured from the CLI. When the switch powers up for the first time, you should assign the IP address. After you perform this step, the Cisco MDS 9000 Family Fabric Manager can reach the switch through the console port.Preparing to Configure the Switch
Before you configure Cisco Nexus 5000 Series switch for the first time, you need the following information:
Note If a password is weak (short, easy-to-decipher), your password configuration is rejected. Be sure to configure a strong password.
If a password is weak (short, easy-to-decipher), your password configuration is rejected. Be sure to configure a strong password.
To enable this service, select the type of SSH key (dsa/rsa/rsa1) and number of SSH key bits (768 to 2048).
Note If you are using IPv4, be sure to configure the IPv4 route, the IPv4 default network address, and the IPv4 default gateway address to enable SNMP access.
If you are using IPv4, be sure to configure the IPv4 route, the IPv4 default network address, and the IPv4 default gateway address to enable SNMP access.Default Login
The switch has the network administrator as a default user (admin). You cannot change the default user at any time.
There is no default password so you must explicitly configure a strong password. If a password is trivial (short, easy-to-decipher), your password configuration is rejected. Be sure to configure a strong password. If you configure and subsequently forget this new password, you have the option to recover this password.
Note If you enter a write erase command and reload the switch, you must reconfigure the default user (admin) password using the setup procedure.
If you enter a write erase command and reload the switch, you must reconfigure the default user (admin) password using the setup procedure.Configuring the Switch
Note Press Ctrl-C at any prompt to skip the remaining configuration options and proceed with what you have configured up to that point. Entering the new password for the administrator is a requirement and cannot be skipped.
Press Ctrl-C at any prompt to skip the remaining configuration options and proceed with what you have configured up to that point. Entering the new password for the administrator is a requirement and cannot be skipped.
Tip If you do not want to answer a previously configured question, or if you want to skip answers to any questions, press Enter. If a default answer is not available (for example, switch name), the switch uses what was previously configured and skips to the next question.
If you do not want to answer a previously configured question, or if you want to skip answers to any questions, press Enter. If a default answer is not available (for example, switch name), the switch uses what was previously configured and skips to the next question.
Tip If a password is weak (short, easy-to-decipher), your password configuration is rejected. Be sure to configure a strong password. Passwords are case-sensitive.
The setup utility guides you through the basic configuration process. Press Ctrl-C at any prompt to end the configuration process.
While configuring your initial setup, you can create an additional user account (in the network-admin role) besides the administrator’s account. See the “Configuring RBAC” section for information on default roles and permissions.
Configure read-only SNMP community string (yes/no) [n]: yes
Step 16 Enter shut (shut is the default) to configure the default Fibre Channel switch port interface to the shut (disabled) state.
Enter shut (shut is the default) to configure the default Fibre Channel switch port interface to the shut (disabled) state.
Note If you are executing the setup script after entering a write erase command, you explicitly must change the default zone policy to permit for VSAN 1 after finishing the script using the following command:
If you are executing the setup script after entering a write erase command, you explicitly must change the default zone policy to permit for VSAN 1 after finishing the script using the following command:switch(config)# zone default-zone permit vsan 1Changing the Initial Configuration
Accessing the Switch
Additional Switch Configuration
- Assigning a Switch Name
- Configuring Date, Time, and Time Zone
- Adjusting for Daylight Saving Time or Summer Time
Assigning a Switch Name
Each switch in the network requires a unique name. You can assign names to easily identify the switch by its physical location, its network association, or the organization to which it is deployed. The assigned name is displayed in the command-line prompt. The switch name is limited to 20 alphanumeric characters.
Note This guide refers to a switch in the Cisco Nexus 5000 Series switch as switch, and it uses the switch# prompt.
This guide refers to a switch in the Cisco Nexus 5000 Series switch as switch, and it uses the switch# prompt.Configuring Date, Time, and Time Zone
The Cisco Nexus 5000 Series switches use Universal Coordinated Time (UTC), which is the same as Greenwich Mean Time (GMT). To change the default time on the switch, perform this task:
You can specify a time zone for the switch. To specify the local time without the daylight saving time feature, perform this task:
The following example sets the time zone to Pacific Standard Time (PST) and offsets the UTC time by negative eight hours and 0 minutes:
Adjusting for Daylight Saving Time or Summer Time
You can configure your switch to adjust for daylight saving time (or summer time). By default, Cisco NX-OS does not automatically adjust for daylight saving time. You must manually configure the switch to adjust to the daylight saving time.
For example, following U.S. standards (defined by the Energy Policy Act of 2005), you can have the switch advance the clock one hour at 2:00 a.m. on the second Sunday in March and move back the clock one hour at 2:00 a.m. on the first Sunday in November. You can also explicitly specify the start and end dates and times and whether or not the time adjustment recurs every year.
The following example adjusts the daylight savings time for the U.S. Pacific daylight time by 60 minutes starting the second Sunday in March at 2 a.m. and ending the first Sunday in November at 2 a.m:
NTP Configuration
A Network Time Protocol (NTP) server provides a precise time source (radio clock or atomic clock) to synchronize the system clocks of network devices. NTP is transported over User Datagram Protocol UDP/IP. All NTP communications use Universal Time Coordinated (UTC). An NTP server receives its time from a reference time source, such as a radio clock or atomic clock, attached to the time. NTP distributes this time across the network.
About NTP
In a large enterprise network, having one time standard for all network devices is critical for management reporting and event logging functions when trying to correlate interacting events logged across multiple devices. Many enterprise customers with extremely mission-critical networks maintain their own stratum-1 NTP source.
Time synchronization happens when several frames are exchanged between clients and servers. The switches in client mode know the address of one or more NTP servers. The servers act as the time source and receive client synchronization requests.
By configuring an IP address as a peer, the switch will obtain and provide time as required. The peer is capable of providing time on its own and is capable of having a server configured. If both these instances point to different time servers, your NTP service is more reliable. Even if the active server link is lost, you can still maintain the right time due to the presence of the peer.
Tip If an active server fails, a configured peer helps in providing the NTP time. Provide a direct NTP server association and configure a peer to ensure backup support if the active server fails.
If an active server fails, a configured peer helps in providing the NTP time. Provide a direct NTP server association and configure a peer to ensure backup support if the active server fails.NTP Configuration Guidelines
- You should have a peer association with another switch only when you are sure that your clock is reliable (which means that you are a client of a reliable NTP server).
- A peer configured alone takes on the role of a server and should be used as backup. If you have two servers, then you can have several switches point to one server, and the remaining switches to the other server. You would configure peer association between these two sets, which forces the clock to be more reliable.
- If you only have one server, it is better for all the switches to have a client association with that server.
Not even a server down time will affect well-configured switches in the network. Figure 1-2 displays a network with two NTP stratum 2 servers and two switches.
Configuring NTP
You can configure NTP using either IPv4 addresses, IPv6 addresses, or Domain Name Services (DNS) names. To configure NTP associations, perform this task:
|
| ||
NTP CFS Distribution
You can enable NTP fabric distribution for all Cisco Nexus 5000 Series switches in a fabric using the Cisco Fabric Services (CFS). When you perform NTP configurations, and distribution is enabled, the entire server or peer configuration is distributed to all the switches in the fabric.
You automatically acquire a fabric-wide lock when you enter the first configuration command after you enabled distribution in a switch.The NTP application uses an effective and pending database model to store or commit the commands based on your configuration. You changes are stored in the pending database and committed to the effective database.
See the “Information About CFS” section for more information on the CFS application.
Enabling NTP Distribution
Committing NTP Configuration Changes
When you commit the NTP configuration changes, the effective database is overwritten by the configuration changes in the pending database and all the switches in the fabric receive the same configuration. When you commit the NTP configuration changes without implementing the session feature, the NTP configurations are distributed to all the switches in the fabric.
Discarding NTP Configuration Changes
After making the configuration changes, you can choose to discard the changes or to commit them. In either case, the lock is released.
Releasing Fabric Session Lock
If you have performed an NTP fabric task and have forgotten to release the lock by either committing or discarding the changes, an administrator can release the lock from any switch in the fabric. If the administrator performs this task, your changes to the pending database are discarded and the fabric lock is released.
Tip The changes are only available in the volatile directory and are subject to being discarded if the switch is restarted.
The changes are only available in the volatile directory and are subject to being discarded if the switch is restarted.
To use administrative privileges and release a locked NTP session, use the clear ntp session command.
Database Merge Guidelines
- Be aware that the merge is a union of the existing and the received database in each switch in the fabric.
- Do not configure an IP address as a server on one switch and as a peer on another switch. The merge can fail if this configuration exists.
- Verify that the union of the databases does not exceed the maximum limit of 64.
NTP Session Status Verification
Management Interface Configuration
The management interface on the switch allows multiple simultaneous Telnet or SNMP sessions. You can remotely configure the switch through the management interface (mgmt0), but first you must configure some IP parameters so that the switch is reachable. You can manually configure the management interface from the CLI.
- About the mgmt0 Interface
- Configuring the Management Interface
- Displaying Management Interface Configuration
- Shutting Down the Management Interface
About the mgmt0 Interface
The mgmt0 interface on Cisco NX-OS devices provides out-of-band management, which enables you to manage the device by its IPv4 or IPv6 address. The mgmt0 interface uses 10/100/1000 Ethernet.
Note Before you begin to configure the management interface manually, obtain the switch’s IP address and subnet mask. Also make sure that the console cable is connected to the console port.
Before you begin to configure the management interface manually, obtain the switch’s IP address and subnet mask. Also make sure that the console cable is connected to the console port.Configuring the Management Interface
Displaying Management Interface Configuration
Shutting Down the Management Interface
To shut down the management interface (mgmt0), you use the shutdown command. A system prompt requests you confirm your action before it executes the command. You can use the force option to bypass this confirmation. The following example shuts down the interface without using the force option:
Managing the Switch Configuration
Displaying the Switch Configuration
You can view the ASCII form of the configuration file when required. To view the current configuration tree from the EXEC prompt, enter the show running-config command. If the running configuration is different from the startup configuration, enter the show startup-config command to view the ASCII version of the current startup configuration that was used to boot the switch if a copy running-config startup-config command was not entered after the reboot. Use the show startup-config command to view the contents of the current startup configuration.
You can also gather specific information on the entire switch configuration by entering the relevant show commands. Configurations are displayed based on a specified feature, interface, module, or VSAN. Available show commands for each feature are briefly described in this section and listed at the end of each chapter.
Saving a Configuration
Clearing a Configuration
Use the write erase command to clear a startup configuration. Once this command is executed, the switch’s startup configuration reverts to factory defaults. The running configuration is not affected.
The write erase command erases the entire startup configuration with the exception of any configuration that affects the loader functionality.Using Switch File Systems
- Setting the Current Directory
- Displaying the Current Directory
- Listing the Files in a Directory
- Creating a Directory
- Deleting an Existing Directory
- Moving Files
- Copying Files
- Deleting Files
- Displaying File Contents
- Saving Command Output to a File
- Compressing and Uncompressing Files
Setting the Current Directory
The cd command changes the current directory level to a specified directory level. The CLI defaults to the volatile: file system. This command expects a directory name input.
This example changes the current directory to the mystorage directory that resides in the current directory:
Displaying the Current Directory
The pwd command displays the current directory location. This example changes the directory and displays the current directory:
Listing the Files in a Directory
The dir command displays the contents of the current directory or the specified directory. The syntax for this command is dir directory or dir filename.
Creating a Directory
The mkdir command creates a directory at the current directory level or at a specified directory level.
Deleting an Existing Directory
The rmdir command deletes an existing directory at the current directory level or at a specified directory level. The directory must be empty to be deleted.
The delete command can also delete empty and non empty directories. When you enter this command, a warning is displayed to confirm your intention to delete the directory.
Moving Files
The move command removes a file from the source directory and places it in the destination directory
If a file with the same name already exists in the destination directory, that file is overwritten by the moved file.Copying Files
Note Use the dir command to ensure that enough space is available in the target file system. If enough space is not available, use the delete command to remove unneeded files.
Use the dir command to ensure that enough space is available in the target file system. If enough space is not available, use the delete command to remove unneeded files.Deleting Files
If you specify a directory, the delete command deletes the entire directory and all its contents.Displaying File Contents
Saving Command Output to a File
You can force all screen output to go to a file by appending > filename to any command. For example, enter show interface > samplefile at the EXEC mode switch prompt to save the interface configuration to samplefile which is a file created at the same directory level. At the EXEC mode switch prompt, enter a dir command to view all files in this directory, including the recently saved samplefile.
Compressing and Uncompressing Files
This example directs the output of the show tech-support command to a file (Samplefile), and then zips the file and displays the difference in the space used up in the volatile: directory:
Feedback
No comments:
Post a Comment