|
|
Table Of Contents
Starting Up the Cisco ONS 15530
Using the Console Ports, NME Ports, and Auxiliary Ports
Configuring IP Access on the NME Interface
Displaying the NME Interface Configuration
Displaying the Operating Configurations
Displaying the NTP Configuration
Testing the System Management Functions
Configuring Traffic Filters and Firewalls
Configuring Passwords and Privileges
About CPU Switch Module Redundancy
Configuring CPU Switch Module Redundancy
Forcing a Switchover from Privileged EXEC Mode
Forcing a Switchover from ROM Monitor Mode
Synchronizing the Configurations
Displaying the CPU Switch Module Redundancy Configuration and Status
Reloading the CPU Switch Modules
Configuring Privileged EXEC Mode Access on the Standby CPU Switch Module
About Preserving Counters on a CPU Switch Module Switchover
Configuring Counter Preservation
About the Software Configuration Register
Software Configuration Register Settings
Changing the Software Configuration Register
Verify the Configuration Register Value
Configuring Fan Failure Shutdown
Displaying the Fan Tray Failure Shutdown Configuration
About Critical Temperature Shutdown
Configuring Critical Temperature Shutdown
Displaying the Threshold Temperatures
Initial Configuration
This chapter describes how to configure the Cisco ONS 15530 so it can be accessed by other devices.
•
Starting Up the Cisco ONS 15530
•
•
•
•
•
•
•
•
•
•
About the CPU Switch Module
The CPU switch module provides intelligence to the Cisco ONS 15530. The CPU switch module supports SNMP (Simple Network Management Protocol) and many MIBs (Management Information Bases).
The Cisco ONS 15530 uses a QED RM7000 RISC processor. It runs at 78 MHz externally and at 234 MHz internally. It has a 64-bit multiplexed address and data bus with byte parity running at 78 MHz. It has separate internal Layer 1 instruction and data caches of 16 KB each and internal Layer 2 combined instruction/data cache of 256 KB.
The CPU switch modules also contains a 32 by 32 switch fabric that directs traffic from client cards to trunk cards. The switch fabric supports 2.5 Gbps data signals with 2R transparency.
The CPU switch module provides a slot on the front panel that accommodates a CompactFlash card. You can use the CompactFlash card for system image upgrades, functional image upgrades, statistics gathering, and other file system applications.
The Cisco ONS 15530 supports redundant operation with dual CPU switch modules. The CPU switch modules reside in slots 5 and 6, the sixth and seventh slots from the left as you face the chassis. For more information about redundancy, see the "About CPU Switch Module Redundancy" section.
For more information on the CPU switch module, refer to the Cisco ONS 15530 ESP Hardware Installation Guide.
Starting Up the Cisco ONS 15530
Before starting up the Cisco ONS 15530, you should verify the following:
•
Refer to the Cisco ONS 15530 Hardware Installation Guide for correct power voltages.
•
•
Refer to the Cisco ONS 15530 Hardware Installation Guide for instructions.
When you start up the Cisco ONS 15530, the CLI (command-line interface) prompts you to enter the initial configuration dialog. Answer no to this prompt:
Would you like to enter the initial dialog? [yes]: noYou see the following user EXEC prompt:
Switch>You can now begin configuring the CPU switch module.
Using the Console Ports, NME Ports, and Auxiliary Ports
You can configure the Cisco ONS 15530 from a direct console connection to the console port or remotely through its NME (network management Ethernet) port.
•
•
For interface configuration instructions, see the "Configuring IP Access on the NME Interface" section.
For further details on configuring ports and lines for management access, refer to the
Cisco IOS Configuration Fundamentals Configuration Guide.Modem Support
The auxiliary port of the Cisco ONS 15530 provides modem connection support. The following settings on the modem are required:
•
•
•
You can configure your modem by setting the DIP switches on the modem itself or by setting them through terminal equipment connected to the modem. Refer to the user manual provided with your modem for the correct configuration information.
For further details on configuring ports and modems for management access, refer to the Cisco IOS Configuration Fundamentals Configuration Guide and the Cisco IOS Dial Services Configuration Guide: Terminal Services.
About Passwords
You can configure both an enable password and an enable secret password. For maximum security, the enable password should be different from the enable secret password.
Enable Password
The enable password is a nonencrypted password that controls access to various commands and configuration modes. It contains from 1 to 25 uppercase and lowercase alphanumeric characters. Give the enable password only to users permitted to make configuration changes to the Cisco ONS 15530.
Enable Secret Password
The enable secret password is a secure, encrypted password. On systems running Cisco IOS, you must type in the enable secret password before you can access global configuration mode.You must type in the enable secret password to access boot ROM software.
Caution
An enable secret password contains from 1 to 25 uppercase and lowercase alphanumeric characters. The first character cannot be a number. Spaces are valid password characters. Leading spaces are ignored; trailing spaces are recognized.
You will configure passwords in the "Configuring IP Access on the NME Interface" section.
Configuring IP Access on the NME Interface
The Fast Ethernet interface, or NME, on the active CPU switch module, named fastethernet 0, is the management interface that allows multiple, simultaneous Telnet or SNMP network management sessions.
You can remotely configure the Cisco ONS 15530 through the Fast Ethernet interface, but first you must configure an IP address so that the active CPU switch module is reachable. You can configure the NME interface two ways: manually from the CLI or by copying the configuration from the BOOTP server into NVRAM.
Note
To configure IP access on the NME port fastethernet 0 from the CLI, perform these steps from the console interface:
The Cisco ONS 15530 NME interface should now be operating correctly.
Note
Note
Displaying the NME Interface Configuration
To display the configuration of the NME interface, use the following EXEC command:
Example
Switch# show interfaces fastethernet 0FastEthernet0 is up, line protocol is upHardware is AmdFE, address is 0000.1644.28ea (bia 0000.1644.28ea)Internet address is 172.20.54.152/24
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,reliability 255/255, txload 1/255, rxload 1/255Encapsulation ARPA, loopback not setKeepalive set (10 sec)ARP type: ARPA, ARP Timeout 04:00:00Last input 00:00:00, output 00:00:00, output hang neverLast clearing of "show interface" counters neverInput queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0Queueing strategy: fifoOutput queue :0/40 (size/max)5 minute input rate 3000 bits/sec, 6 packets/sec5 minute output rate 1000 bits/sec, 3 packets/sec36263 packets input, 3428728 bytesReceived 17979 broadcasts, 0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored0 watchdog0 input packets with dribble condition detected20363 packets output, 4279598 bytes, 0 underruns0 output errors, 8 collisions, 0 interface resets0 babbles, 0 late collision, 72 deferred0 lost carrier, 0 no carrier0 output buffer failures, 0 output buffers swapped outDisplaying the Operating Configurations
You can display the configuration file when you are in privileged EXEC (enable) mode.
•
Switch#more system:running-config•
Switch#more nvram:startup-configIf you made changes to the configuration, but did not yet write the changes to NVRAM, the contents of the running-config file will differ from the contents of the startup-config file.
Configuring the Host Name
In addition to passwords and an IP address, your initial configuration should include the host name to make it easier to configure and troubleshoot the Cisco ONS 15530. To configure the host name, perform the following steps:
Note
Example
The following example shows how to configure a new host name, beginning in privileged EXEC mode:
Switch#configure terminalSwitch(config)#hostname ONS15530ONS15530(config)#endONS15530#copy system:running-config nvram:startup-configAbout NTP
The NTP (Network Time Protocol) is a utility for synchronizing system clocks over the network, providing a precise time base for networked workstations and servers. In the NTP model, a hierarchy of primary and secondary servers pass timekeeping information by way of the Internet to cross-check clocks and correct errors arising from equipment or propagation failures.
An NTP server must be accessible by the client switch. NTP runs over UDP (User Datagram Protocol), which in turn runs over IP. NTP is documented in RFC 1305. All NTP communication uses UTC (Coordinated Universal Time), which is the same as Greenwich Mean Time. An NTP network usually gets its time from an authoritative time source, such as a radio clock or an atomic clock attached to a time server. NTP distributes this time across the network. NTP is extremely efficient; no more than one packet per minute is necessary to synchronize two machines to within a millisecond of one another.
NTP uses a stratum to describe how many NTP hops away a machine is from an authoritative time source. A stratum 1 time server has a radio or atomic clock directly attached, a stratum 2 time server receives its time from a stratum 1 time server, and so on. A machine running NTP automatically chooses as its time source the machine with the lowest stratum number that it is configured to communicate with through NTP. This strategy effectively builds a self-organizing tree of NTP speakers.
NTP has two ways to avoid synchronizing to a machine whose time might be ambiguous:
•
•
The communications between machines running NTP, known as associations, are usually statically configured; each machine is given the IP address of all machines with which it should form associations. Accurate timekeeping is possible by exchanging NTP messages between each pair of machines with an association.
The Cisco implementation of NTP does not support stratum 1 service; it is not possible to connect to a radio or atomic clock. We recommend that you obtain the time service for your network from the public NTP servers available in the IP Internet. If the network is isolated from the Internet, the Cisco NTP implementation allows a machine to be configured so that it acts as though it is synchronized using NTP, when in fact it has determined the time using other means. Other machines then synchronize to that machine using NTP.
A number of manufacturers include NTP software for their host systems, and a version for systems running UNIX and its various derivatives is also publicly available. This software allows host systems to be time-synchronized as well.
Configuring NTP
NTP services are enabled on all interfaces by default. You can configure your Cisco ONS 15530 in either of the following NTP associations:
•
•
From global configuration mode, use the following procedure to configure NTP in a server association that transmits broadcast packets and periodically updates the calendar:
For information on other optional NTP configurations, see the Cisco IOS Configuration Fundamentals Configuration Guide.
Displaying the NTP Configuration
To view the current NTP configuration and status, use the following EXEC command:
Example
The following example shows the NTP configuration and status:
Switch# show ntp statusClock is synchronized, stratum 4, reference is 198.92.30.32nominal freq is 250.0000 Hz, actual freq is 249.9999 Hz, precision is 2**24reference time is B6C04F19.41018C62 (18:21:13.253 UTC Thu Feb 27 1997)clock offset is 7.7674 msec, root delay is 113.39 msecroot dispersion is 386.72 msec, peer dispersion is 1.57 msecConfiguring Security Features
The Cisco ONS 15530 supports the following Cisco IOS software security features:
•
•
•
•
•
•
Configuring AAA
This section describes the AAA features supported by the Cisco ONS 15530.
Configuring Authentication
To configure AAA authentication, perform the following tasks:
Step 1
Step 2
Step 3
Step 4
Configuring Authorization
The AAA authorization feature enables you to limit the services available to a user. When AAA authorization is enabled, the network access server uses information retrieved from the user's profile, which is located either in the local user database or on the security server, to configure the user's session. Once this is done, the user is granted access to a requested service only if the information in the user profile allows it.
Refer to the Cisco IOS Security Configuration Guide.
Configuring Accounting
The AAA accounting feature enables you to track the services that users are accessing and the amount of network resources that they are consuming. When AAA accounting is enabled, the network access server reports user activity to the TACACS+ or RADIUS security server (depending on which security method you have implemented) in the form of accounting records. Each accounting record contains accounting attribute-value (AV) pairs and is stored on the security server. This data can then be analyzed for network management, client billing, and auditing.
Refer to the Cisco IOS Security Configuration Guide.
Configuring Kerberos
For hosts and the KDC in your Kerberos realm to communicate and mutually authenticate, you must identify them to each other. To do this, you add entries for the hosts to the Kerberos database on the KDC and add SRVTAB files generated by the KDC to all hosts in the Kerberos realm. You also make entries for users in the KDC database.
Refer to the Cisco IOS Security Configuration Guide.
Configuring RADIUS
RADIUS is a distributed client/server system that secures networks against unauthorized access. RADIUS clients run on Cisco ONS 15530 systems and send authentication requests to a central RADIUS server that contains all user authentication and network service access information. RADIUS is a fully open protocol, distributed in source code format, that can be modified to work with any security system currently available.
To configure RADIUS on your Cisco router or access server, perform the following tasks:
Step 1
Step 2
Step 3
The following configuration tasks are optional:
•
•
•
•
•
Refer to the Cisco IOS Security Configuration Guide.
Configuring TACACS+
To configure your system to support TACACS+, perform the following tasks:
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Refer to the Cisco IOS Security Configuration Guide.
Configuring Secure Shell
The preferred method of administering the system is through a Telnet session. However, using Telnet can cause security issues that include session hijacking, sniffing, and man-in-the-middle attacks. These attacks can be stopped using the Secure Shell (SSH) protocol and application, which the system supports. SSH is an application and protocol that secures the sessions using standard cryptographic mechanisms. Two versions of SSH are currently available, SSHv1 and SSHv2.
SSH runs on top of a reliable transport layer, such as TCP/IP, and provides strong authentication and encryption capabilities. SSH allows you to log in to a host over a network, execute commands remotely, and move files from one host to another. The requirements are:
•
•
The Cisco IOS implementation of the SSH server on the system provides the following:
•
•
•
•
•
For additional information about SSH, refer to the Cisco IOS Security Configuration Guide. For a complete description of the SSH commands (in this chapter) refer to the Cisco IOS Security Command Reference.
To configure SSH on the system, perform the following steps in global EXEC mode:
Example
The following example shows how to configure the SSH client and start the SSH server:
Switch(config)# hostnameSwitch(config)# ip domain-name cisco.comSwitch(config)# crypto key generate rsaTo start SSH client functionality on the system, use the following command:
Note
Displaying and Disconnecting SSH
To display the SSH utilization, use the following privileged EXEC commands:
show ssh
Displays SSH connection information.
disconnect ssh session-id
Disconnects an SSH session.
show ip ssh
Displays the SSH configuration.
Examples
The following example shows how to display the SSH connection information:
Switch# show sshConnection Version Encryption State Username0 1.5 3DES Session started sriramConnection Version Mode Encryption Hmac State Username1 2.0 IN aes128-cbc hmac-md5 Session started aarun1 2.0 OUT aes128-cbc hmac-md5 Session started aarunThe following example shows how to clear the outgoing SSH connection 0:
Switch# disconnect ssh 0[Connection to 10.13.1.98 closed by foreign host]Switch#The following example shows how to display the SSH configuration:
Switch# show ip sshSSH Enabled - version 1.5Authentication timeout: 120 secs; Authentication retries: 3Testing the System Management Functions
This section describes the commands used to monitor and display the system management functions.
Displaying Active Processes
To display information about the active processes, use the following privileged EXEC commands:
show processes
Displays active process statistics.
show processes cpu
Displays active process CPU utilization.
show processes memory
Displays active process memory utilization.
Displaying Protocols
To display the configured protocols, use the following privileged EXEC command:
show protocols type card/subcard/port
Displays the global and interface-specific status of any configured Level 3 protocol.
Displaying Stacks
To monitor the stack utilization of processes and interrupt routines, use the following privileged EXEC command:
The show stacks command output includes the reason for the last system reboot. If the system was reloaded because of a system failure, a saved system stack trace is displayed. This information is useful only to Cisco engineers analyzing crashes in the field.
Switch# show stacksMinimum process stacks:Free/Size Name5544/6000 IPC Zone Manager4864/6000 IPC delayed init5712/6000 CDP BLOB8672/9000 IP IRDP8544/9000 IP Background10984/12000 RFSS_server_actionInterrupt level stacks:Level Called Unused/Size Name1 575422 6656/9000 NME/Serial/Compact Flash interrupts2 0 9000/9000 DMA/Timer Interrupt3 677 8400/9000 Console Uart4 0 9000/9000 GT/IOFPGA Error interrupts5 0 9000/9000 OIR Intr6 0 9000/9000 ARB Intr7 0 9000/9000 APS Intr9 3096752 8552/9000 NMI Interrupt HandlerSwitch#Displaying Environment
To display temperature and voltage information on the system console, use the following EXEC command:
Checking Basic Connectivity
To diagnose basic network connectivity on the system, use the following privileged EXEC commands
:
Configuring Traffic Filters and Firewalls
The Cisco ONS 15530 supports the traffic filter and firewall features provided by Cisco IOS software.
Traffic filters provide basic traffic filtering capabilities with access control lists (also referred to as access lists). Access lists can be configured for all routed network protocols (IP, AppleTalk, and so on) to filter the packets of those protocols as the packets pass through a system. You can configure access lists on your Cisco ONS 15530 to control access to a network, preventing certain traffic from entering or exiting a network.
Firewalls are networking devices that control access to your organization's network assets. You can position firewalls to control access at the entrance points into your network. or to control access to a specific part of your network
Refer to the Cisco IOS Security Configuration Guide.
Configuring Passwords and Privileges
Using passwords and assigning privilege levels is a simple way of providing terminal access control in your network. You can configure up to 16 different privilege levels and assign each level to a password. For each privilege level you define a subset of Cisco IOS commands that can be executed. You can use these different levels to allow some users the ability to execute all Cisco IOS commands, and to restrict other users to a defined subset of commands.
Refer to the Cisco IOS Security Configuration Guide.
About CPU Switch Module Redundancy
The Cisco ONS 15530 supports fault tolerance by allowing the standby CPU switch module to take over if the active CPU switch module fails. This standby, or redundant, CPU switch module runs in hot-standby state. In hot-standby state, the standby CPU switch module is partially booted with Cisco IOS software, but no configuration is loaded.
At the time of a switchover from the active CPU switch module, the standby CPU switch module becomes active and loads the configuration as follows:
•
•
The former active CPU switch module then reloads and becomes the standby CPU switch module.
Note
When the Cisco ONS 15530 is powered on, the two CPU switch modules arbitrate to determine which is the active CPU switch module and which is the standby CPU switch module. The following rules apply during arbitration:
•
•
•
•
During normal operation, the active CPU switch module boots completely. The standby CPU switch module partially boots, stopping short of parsing the configuration. From this point, the active and standby CPU switch modules communicate periodically to synchronize any system configuration changes.
Table 3-1 describes the five CPU switch module hardware states.
Figure 3-1 shows the valid hardware transition states for a system with redundant CPU switch modules.
Figure 3-1 CPU Switch Module State Transition Diagram
In response to redundancy events, such as switchovers and reboots of the active CPU switch module, the software transitions through a series of software redundancy states. Table 3-2 lists some of the significant software states.
Redundant Operation Requirements
For fully redundant operation, the following requirements must be met:
•
•
•
•
•
•
If these requirements are met, the Cisco ONS 15530 runs in redundant mode by default. If they are not met, the system is conditionally redundant.
Conditions Causing a Switchover from the Active CPU Switch Module
The following conditions can cause a switchover from the active CPU switch module to the standby CPU switch module:
•
•
•
•
Configuring CPU Switch Module Redundancy
This section describes how to configure CPU switch module redundancy for your Cisco ONS 15530.
Note
Forcing a Switchover from Privileged EXEC Mode
You can manually force the standby CPU switch module to take over as the active CPU switch module from privileged EXEC mode. To force a switchover from privileged EXEC mode, enter the following command on the active CPU switch module CLI:
redundancy switch-activity [force]
Causes a CPU switch module switchover. If the standby CPU switch module has not reached the hot-standby software state, use the force option.
As long as you have not changed the default configuration register setting from autoboot, the standby CPU switch module (formerly the active CPU switch module) automatically boots until it reaches the hot-standby state.
Note
Example
The following example shows how to manually cause a CPU switch module switchover from privileged EXEC mode:
Switch# redundancy switch-activityThis will reload the active unit and force a switch of activity [confirm] yPreparing to switch activity00:12:05: %SYS-5-RELOAD: Reload requested<Information deleted>Forcing a Switchover from ROM Monitor Mode
You can manually force the standby CPU switch module to take over as the active CPU switch module ROM monitor mode. To force a switchover from ROM monitor mode, enter the following commands on the active CPU switch module CLI:
switchover
Causes a CPU switch module reset and switchover. The CPU switch module stays in ROM monitor mode.
Note
Example
The following example shows how to manually cause a CPU switch module switchover from ROM monitor mode:
<Information deleted>MANHATTAN_OPTICAL platform with 131072 Kbytes of main memoryrommon 1 > switchoverSystem Bootstrap, Version 12.1(20010726:234219) [ffrazer-lh4 102], DEVELOPMENT SOFTWARECopyright (c) 1994-1999 by cisco Systems, Inc.Flash size is 16777216Reset Reason Register = RESET_REASON_SW_NMI (0x4)Reset type 0x2Reading monitor variables from NVRAMRunning reset I/O devicesEnabling interruptsInitializing TLBInitializing cacheInitializing required TLB entriesInitializing main memorySDRAM DIMM size 67108864Sizing NVRAMInitializing PCMCIA controllerInitializing SRC FPGACPU arbitrationMANHATTAN_OPTICAL platform with 131072 Kbytes of main memoryrommon 1 >Configuring Autoboot
If you have changed the default configuration register value from autoboot, you can change it back by performing the following steps, beginning in global configuration mode:
Step 1
Switch(config)# config-register 0x2102
Sets the configuration register for autoboot.1
Step 2
Switch(config)# boot system bootflash:filename
Sets the BOOT environment variable. This variable specifies the location and name of the system image file to use when automatically booting the system.
Step 3
Switch(config)# end
Switch#
Returns to privileged EXEC mode.
Step 4
Switch# copy system:running-config nvram:startup-config
Saves the configuration to NVRAM. The new configuration register value takes effect after the next system reload.
1 This is the default configuration register setting. For details on using the configuration register to set boot parameters, refer to the Cisco IOS Configuration Fundamentals Configuration Guide.
Note
Example
The following example shows how to configure the Cisco ONS 15530 to autoboot using the first valid file on the Flash PC Card in slot 0:
Switch(config)# config-register 0x2102Switch(config)# boot system flash slot0:Switch(config)# endSwitch# copy system:running-config nvram:startup-configDisplaying the Autoboot Configuration
To display the configuration register value, use the following EXEC commands:
show version
Displays the configuration register value.
show bootvar
Displays the configuration register value.
Example
The following example shows the contents of the configuration register:
Switch# show versionCisco Internetwork Operating System SoftwareIOS (tm) ONS-15530 Software (manopt-M0-M), Experimental Version 12.1(20010221:0]Copyright (c) 1986-2001 by cisco Systems, Inc.Compiled Tue 20-Feb-01 18:40 by lthanvanImage text-base: 0x60010968, data-base: 0x604D8000ROM: System Bootstrap, Version 12.1(20010204:232442) [vsankar-alarm_fix 106], DEBOOTFLASH: M1540-ODS Software (manopt-M0-M), Experimental Version 12.1(20001229]M1 uptime is 1 minuteSystem returned to ROM by power-onSystem image file is "tftp://171.69.1.129//tftpboot/lthanvan/manopt-m0-mz"cisco (QUEENS-CPU) processor with 98304K/32768KB of memory.R7000 CPU at 234Mhz, Implementation 39, Rev 2.1, 256KB L2, 2048KB L3 CacheLast reset from unexpected value2 Ethernet/IEEE 802.3 interface(s)509K bytes of non-volatile configuration memory.16384K bytes of Flash internal SIMM (Sector size 64K).The following example shows the contents of the boot variable:
BOOT variable = bootflash:ons15530-i-mz.1;CONFIG_FILE variable =BOOTLDR variable =Configuration register is 0x2Standby auto-sync startup config mode is onStandby auto-sync running config mode is onSynchronizing the Configurations
During normal operation, the startup and running configurations are synchronized by default between the two CPU switch modules. In the event of a switchover, the new active CPU switch module uses the current running configuration. Configurations are synchronized either manually from the CLI using the redundancy manual-sync command or automatically following configuration changes input from the CLI or from SNMP if automatic synchronization is enabled.
Synchronizing Configurations Manually
To immediately synchronize the configurations used by the two CPU switch modules, use the following privileged EXEC command on the active CPU switch module:
redundancy manual-sync {startup-config | running-config | both}
Immediately synchronizes the configuration.
Example
The following example shows how to manually synchronize the running configuration:
Switch# redundancy manual-sync running-configEnabling and Disabling Automatic Synchronization
You can enable and disable automatic synchronization of the running configuration and the startup configuration between the two CPU switch modules. Automatic synchronization ensures that, when a switchover occurs, the standby CPU switch module has the most recent configuration information.
Note
Table 3-3 lists the events that cause the automatic synchronization of the configuration files.
To enable or disable the system to automatically synchronize the configurations on both CPU switch modules, perform the following steps on the active CPU switch module, beginning in global configuration mode
Example
The following example shows how to disable automatic synchronization of the running configuration:
Switch(config)# redundancySwitch(config-red)# no auto-sync running-configSwitch(config-red)# endSwitch# copy system:running-config nvram:startup-configConfiguring Maintenance Mode
You can configure the Cisco ONS 15530 to enter the redundancy maintenance mode. Configuration synchronizations and standby CPU switch module fault reporting are suppressed in maintenance mode. Upon exiting maintenance mode and reverting to redundant mode, the standby switch CPU switch module reboots to the hot-standby state.
Note
To configure maintenance mode, perform the following steps, beginning in global configuration mode:
Step 1
Switch(config)# redundancy
Switch(config-red)#
Enters redundancy configuration mode.
Step 2
Switch(config-red)# maintenance-mode
Configures the system in maintenance mode.
Example
The following example shows how to configure redundancy maintenance mode:
Switch(config)# redundancySwitch(config-red)# maintenance-modeThis command will place the system in SIMPLEX mode [confirm] yDisplaying the CPU Switch Module Redundancy Configuration and Status
To display the CPU switch module redundancy configuration and status, use the following privileged EXEC commands:
Examples
The following example shows the CPU switch module redundancy configuration and status:
Switch# show redundancy summaryRedundant system information----------------------------Available Uptime: 3 days, 4 hours, 35 minutesTime since last switchover: 10 hours, 30 minutesSwitchover Count: 1Inter-CPU Communication State:UPLast Restart Reason: Switch overSoftware state at switchover: ACTIVELast Running Config sync: 2 hours, 18 minutesRunning Config sync status: In SyncLast Startup Config sync: 6 hours, 4 minutesStartup Config sync status: In SyncThis CPU is the Active CPU.-------------------------------Slot: 7Time since CPU Initialized: 22 hours, 33 minutesImage Version: ONS-15530 Software(ONS15530-I-M),...Image File: bootflash:ons15530-i-mz.010727Software Redundancy State: ACTIVEHardware State: ACTIVEHardware Severity: 0Peer CPU is the Standby CPU.-------------------------------Slot: 6Time since CPU Initialized: 10 hours, 29 minutesImage Version: ONS-15530 Software(ONS15530-I-M),...Image File (on sby-CPU): bootflash:ons15530-i-mz.010727Software Redundancy State: STANDBY HOTHardware State: STANDBYHardware Severity: 0The following example shows the CPU switch module capabilities:
Switch# show redundancy capabilityCPU capability supportActive CPU Sby CPU Sby Compat CPU capability description---------- ---------- ----------- ----------------------------------------48 MB 48 MB OK CPU DRAM size16 MB 16 MB OK CPU PMEM size512 KB 512 KB OK CPU NVRAM size16 MB 16 MB OK CPU Bootflash size4.6 4.6 OK CPU hardware major.minor version1.43 1.43 OK CPU functional major.minor versionLinecard driver major.minor versions, (counts: Active=13, Standby=13)Active CPU Sby CPU Sby Compat Drv/Ch/F ID Driver description---------- ---------- ----------- ----------- ------------------------------1.3 1.3 OK 0x1100/0/0 CPU with Switch Fabric2.3 2.3 OK 0x1101/0/0 10 Port ESCON line card2.1 2.1 OK 0x110A/0/0 8 Port GE-FC line card3.1 3.1 OK 0x1105/0/0 2.5G Transparent line card1.9 1.9 OK 0x1105/1/0 2.5G Transparent line card3.1 3.1 OK 0x1109/0/0 2.5G Transparent line card1.9 1.9 OK 0x1109/1/0 2.5G Transparent line cardActive CPU Sby CPU Sby Compat Drv/Ch/F ID Driver description---------- ---------- ----------- ----------- ------------------------------1.3 1.3 OK 0x1103/0/0 OSC line card0.1 0.1 OK 0x1107/1/0 OSC daughter card2.1 2.1 OK 0x1102/0/0 10G trunk card1.0 1.0 OK 0x110B/0/0 2.5G trunk card2.1 2.1 OK 0x1110/0/0 PSM wdm splitter1.1 1.1 OK 0x1100/0/1 ONS15530 RommonSoftware sync client versions, listed as version range X-Y.X indicates the oldest peer version it can communicate with.Y indicates the current sync client version.Sync client counts: Active=6, Standby=6Active CPU Sby CPU Sby Compat Cl ID Redundancy Client description---------- ---------- ----------- ----- ------------------------------------ver 1-2 ver 1-2 OK 17 CPU Redundancyver 1-1 ver 1-1 OK 19 Interface Syncver 1-1 ver 1-1 OK 36 MetOpt Password Syncver 1-2 ver 1-2 OK 18 Online Diagnosticsver 1-2 ver 1-2 OK 6 OIR Clientver 1-1 ver 1-1 OK 27 metopt cm db syncackplane IDPROM comparisonBackplane IDPROM field Match Local CPU Peer CPU--------------------------- ----- -------------------- --------------------idversion YES 1 1magic YES 153 153card_type YES 4358 4358order_part_num_str YES PROTO-HAMPTON-CHASSISPROTO-HAMPTON-CHASSISdescription_str YES Prototype Hampton BackplanePrototype Hampton Backplaneboard_part_num_str YES 73-6573-03 73-6573-03board_revision_str YES 02 02serial_number_str YES TBC055089 TBC055089date_of_manufacture_str YES 10/21/2001 10/21/2001deviation_numbers_str YES N/A N/Amanufacturing_use YES 0 0rma_number_str YESrma_failure_code_str YESoem_str YES Cisco Ciscoclei_str YES TBD TBDsnmp_oid_substr YES TBD TBDschematic_num_str YES 92-4568-03 92-4568-03Backplane IDPROM field Match Local CPU Peer CPU--------------------------- ----- -------------------- --------------------hardware_major_version YES 3 3hardware_minor_version YES 1 1engineering_use_str YES LAB Prototype LAB Prototypecrc16 OK 52960 10284user_track_string NO hello PhyAlias test AssetTag123labdiagst YES ^A ^Aboard_specific_revision YES 1 1board_specific_magic_number YES 153 153board_specific_length YES 56 56mac_address_block_size YES 16 16mac_address_base_str YES 00016447a240 00016447a240cpu_number OK 0 1optical_backplane_type YES 255 255The following example shows how to display the running configuration file on the standby CPU switch module:
sby-Switch# show redundancy running-config-file!version 12.1no service padservice timestamps debug uptimeservice timestamps log uptimeno service password-encryptionno service dhcp!hostname Switch<Information deleted>Reloading the CPU Switch Modules
To reload one or both of the CPU switch modules, use the following privileged EXEC commands on the active CPU switch module CLI:
redundancy reload peer
Reloads the standby CPU switch module.
redundancy reload shelf
Reloads both CPU switch modules in the shelf.
Example
The following example shows how to reload the standby CPU switch module:
Switch# redundancy reload peerReload peer [confirm] yPreparing to reload peerConfiguring Privileged EXEC Mode Access on the Standby CPU Switch Module
Access to privileged EXEC mode from the standby CPU switch module CLI can be enabled from the active CPU switch module CLI. This feature provides extra security for the Cisco ONS 15530 system.
To configure access to privileged EXEC mode on the standby CPU switch module, perform the following steps on the active CPU switch module CLI, beginning in global configuration mode:
Example
The following example shows how to configure redundancy maintenance mode:
Switch(config)# redundancySwitch(config-red)# standby privilege-mode enableDisplaying the Standby CPU Switch Module Privileged EXEC Mode Status
To display the privileged EXEC mode access status on the standby CPU switch module, use the following privileged EXEC command:
Example
The following example shows the privileged EXEC mode access status on the standby CPU switch module:
Switch# show redundancy summaryRedundant system information----------------------------Available Uptime: 15 hours, 27 minutessysUpTime (switchover clears): 15 hours, 27 minutesSwitchover Count: 0Inter-CPU Communication State: DOWNLast Restart Reason: Normal bootLast Running Config sync: neverRunning Config sync status: DisabledLast Startup Config sync: neverStartup Config sync status: DisabledThis CPU is the Active CPU.-------------------------------Slot: 5Time since CPU Initialized: 15 hours, 27 minutesImage Version: ONS-15530 Software (ONS15530-I-M), Release 12.1(10)EVImage File: ons15530-i-mz.evtSoftware Redundancy State: ACTIVEHardware State: ACTIVEHardware Severity: 0Peer CPU is the Standby CPU.-------------------------------Slot: 6Time since CPU Initialized: Unknown, peer CPU not respondingImage Version: Unknown, peer CPU not respondingImage File (on sby-CPU): Unknown, peer CPU not respondingSoftware Redundancy State: DISABLEDHardware State: NOT PLUGGED INHardware Severity: 0About Preserving Counters on a CPU Switch Module Switchover
The Cisco ONS 15530 supports line card module traffic statistics and performance monitoring counters. The counters synchronize periodically from the primary CPU switch module to the standby CPU switch module enabling the system to preserve the statistics information across a CPU switch module switchover.
Performance monitoring counters for various encapsulations are preserved on the 2.5-Gbps transponder line cards.
Traffic statistics and performance monitoring counters are preserved on the following cards:
•
•
•
•
•
•
•
Table 3-4 lists the counters preserved over a CPU switch module switchover.
Configuring Counter Preservation
To configure counter preservation on the CPU switch module, perform the following steps from the active CPU switch module CLI, beginning in global configuration mode:
Example
The following example shows how to enable the preserving counters feature:
Switch (config)# redundancy
Switch (config-red)# auto-sync counters interface
Displaying the Counter Preservation Configuration
To display the counter preservation configuration on the CPU switch module, use the following command:
Example
The following example shows the counter preservation configuration on the CPU switch module:
Switch# show redundancy capabilityStandby CPU capability support (not all fields shown)Sby CPU CPU capability descriptio--------------------------------- --------------------------------48 MB CPU DRAM size16 MB CPU PMEM size512 KB CPU NVRAM size16 MB CPU Bootflash sizeStandby linecard driver major.minor versions, (driver count=14)Sby CPU Drv/Ch/F ID Driver description--------------------------- ----------- --------------------------1.3 0x1100/0/0 CPU with Switch Fabric2.3 0x1101/0/0 10 Port ESCON line card2.1 0x110A/0/0 8 Port GE-FC line card1.1 0x1111/0/0 4 Port 2x FC line card3.1 0x1105/0/0 2.5G Transparent line car1.9 0x1105/1/0 2.5G Transparent line car3.1 0x1109/0/0 2.5G Transparent line car1.9 0x1109/1/0 2.5G Transparent line car1.3 0x1103/0/0 OSC line cardSby CPU Drv/Ch/F ID Driver description--------------------------- ----------- --------------------------0.1 0x1107/1/0 OSC daughter card2.1 0x1102/0/0 10G trunk card1.0 0x110B/0/0 2.5G trunk card2.1 0x1110/0/0 PSM wdm splitter1.1 0x1100/0/1 ONS15530 RommonSoftware sync client versions, listed as version range X-Y.X indicates the oldest peer version it can communicate with.Y indicates the current sync client version.Sby sync client count=9)Sby CPU Cl ID Redundancy Client descrip--------------------------------- ----- --------------------------ver 1-2 17 CPU Redundancyver 1-1 19 Interface Syncver 1-1 36 MetOpt Password Syncver 1-1 109 MetOpt Counter Syncver 1-1 108 MetOpt Optical Cfgver 1-1 110 Metopt Crypto Syncver 1-2 18 Online Diagnosticsver 1-2 6 OIR Clientver 1-1 27 metopt cm db syncLocal backplane IDPROMBackplane IDPROM field Local CPU--------------------------------- --------------------------------idversion 1magic 153card_type 4358order_part_num_str PROTO-HAMPTON-CHASSISdescription_str Prototype Hampton Backplaneboard_part_num_str 73-6573-03board_revision_str 02serial_number_str TBC055089date_of_manufacture_str 10/21/2001deviation_numbers_str N/Amanufacturing_use 0rma_number_strrma_failure_code_stroem_str Ciscoclei_str TBDsnmp_oid_substr TBDschematic_num_str 92-4568-03hardware_major_version 3Backplane IDPROM field Local CPU--------------------------------- --------------------------------hardware_minor_version 1engineering_use_str LAB Prototypecrc16 52960user_track_string hello PhyAlias test AssetTag123diagst ^Aboard_specific_revision 1board_specific_magic_number 153board_specific_length 56mac_address_block_size 16mac_address_base_str 00016447a240cpu_number 0optical_backplane_type 255List of Configurable features and their current status:Redundancy Client Feature Enabled/Disabled----------------- ------- -----------------MetOpt Counter Sync Counter Sync EnabledSwitch#About the Software Configuration Register
The Cisco ONS 15530 uses a 16-bit software configuration register to set specific system parameters. Settings for the software configuration register are written into NVRAM (nonvolatile random access memory).
You can change the software configuration register settings for the following reasons:
•
•
•
•
•
•
•
•
•
•
Software Configuration Register Settings
Table 3-5 describes each of the software configuration register bits.
Caution
Bit 8 controls the console break function. Setting bit 8 (the factory default) causes the system to ignore the console break key. Clearing bit 8 causes the system to use the break key or break signal as a command to force the system into the bootstrap monitor (ROMMON), thereby halting normal operation. Regardless of the setting of the break enable bit, a break causes a return to the ROMMON during the first few seconds (approximately five seconds) of booting.
Bit 9 controls the secondary bootstrap program function. Setting bit 9 causes the system to use the secondary bootstrap. Clearing bit 9 (the factory default) causes the system to ignore the secondary bootstrap. The secondary bootstrap program is used for system debugging and diagnostics.
Bit 10 controls the host portion of the IP broadcast address. Setting bit 10 causes the system to use all zeros. Clearing bit 10 (the factory default) causes the system to use all ones. Bit 10 interacts with bit 14, which controls the network and subnet portions of the IP broadcast address.
Table 3-6 shows the combined effect of bits 14 and 10.
Table 3-6 Register Settings for Broadcast Address
0
0
<ones><ones>
0
1
<ones><zeros>
1
0
<net><ones>
1
1
<net><zeros>
Bit 12 and bit 11 in the configuration register determine the data transmission rate of the console terminal. Table 3-7 shows the bit settings for the four available rates. The factory-set default data transmission rate is 9600.
Table 3-7 Settings for Console Terminal Transmission Rate
0
0
9600
0
1
4800
1
0
1200
1
1
2400
Bit 13 determines the system response to a bootload failure. Setting bit 13 (the factory default) causes the system to load operating software from bootflash memory after five unsuccessful attempts to load a boot file from the Flash memory device in slot 0. Clearing bit 13 causes the server to continue attempting to load a boot file from bootflash indefinitely.
Boot Field Values
The lowest four bits of the configuration register (bits 3, 2, 1, and 0) form the boot field. The order in which the system looks for system bootstrap information depends on the boot field setting in the configuration register.
Table 3-8 describes the values for the boot field.
Default System Boot Behavior
The factory default value for the configuration register on the Cisco ONS 15530 is 0x2102. When the system boots, the following occurs:
•
•
Note
•
Boot Command
You can enter only the boot command, or you can include additional boot instructions, such as the name of a file stored in Flash memory or a file that you specify for booting from a network server.
If you use the boot command without specifying a file or any other boot instructions, the system boots using the default system image (the first system image in onboard Flash memory). Otherwise, you can instruct the system to boot from a specific system image in Flash memory (using the boot filename command) or by sending a direct TFTP request to a specific server (using the boot filename ip-address command).
Changing the Software Configuration Register
To change the configuration register, perform the following steps:
Step 1
Switch#
configure terminalSwitch(config)#
Enters global configuration mode.
Step 2
Switch(config)# config-register value
Sets the contents of the configuration register. The value is a hexadecimal number preceded by 0x. See Table 3-5 for the list of values.
Note
Step 3
Switch(config)#
endSwitch#
Returns to privileged EXEC mode.
Step 4
Switch# reload
(Optional) Reloads the system using the new configuration register value.
Note
Example
The following example shows how to configure the system to manually boot from the ROMMON prompt:
Switch# configuration terminalSwitch(config)# config-register 0x100Switch(config)# endSwitch# reloadVerify the Configuration Register Value
To verify the configuration register value, use the following EXEC command:
Switch# show version
Displays the current configuration register value. This value is used at the next system reload.
Example
The following example shows how to configure the system to examine the startup configuration file for boot system options:
Switch# show version<Information deleted>Configuration register is 0x2102 (will be 0x100 at next reload)About Fan Failure Shutdown
The Cisco ONS 15530 fan assembly is located at the bottom of the chassis and contains six individual fans and a fan controller board. The controller board monitors the status of each fan and reports the status to the CPU switch modules.
If a single fan fails, a minor alarm is reported to the CPU switch module. However, the chassis never reaches a critical high temperature when only one fan fails.
If two or more fans fail, a major alarm is reported to the CPU switch module.
If all six fans in the fan tray fail, the chassis reaches critical temperature after 4 minutes.
To prevent damage to the cards and modules in the shelf when two or more fans fail, you can configure the system to automatically reset the following cards:
•
•
•
•
•
In addition, the ITU lasers on the transponder line cards are powered off.
To recover from fan failure shutdown, you must power-cycle the shelf.
Caution
Caution
Configuring Fan Failure Shutdown
To configure the system to automatically shut down when two or more fans fail, use the following global configuration command:
Note
Example
The following example shows how to enable fan tray failure shutdown:
Switch(config)#environment-monitor shutdown fanDisplaying the Fan Tray Failure Shutdown Configuration
To display the fan tray failure shutdown configuration, use the following EXEC command:
Example
The following example shows how to display the fan tray failure shutdown feature configuration:
Switch# show environmentFan---Status: Total FailureSensor Temperature Thresholds(degree C) Minor Major Critcal Low-------------------- ----------- ------------------------------------Inlet Sensor 28 65 75 80 -15Outlet Sensor 28 75 85 90 -15Sensor AlarmsMinCritical-------------------- ------------------------Inlet Sensor 0 0 0Outlet Sensor 0 0 0Power Entry Module 0 type DC status: OKAbout Critical Temperature Shutdown
Cisco ONS 15530 utilizes the temperature sensor on its CPU switch module to detect abnormal temperature conditions during system operation. Thermal monitoring of chassis components provides early warning indications of possible component failure to ensure safe and reliable system operation and avoid network interruptions. The temperature sensor might trip in response to elevated ambient air temperature, a clogged air filter or other airflow blockage, or a combination of these causes.
The Cisco ONS 15530 system generates four types of alarms: critical, major, minor, and low. The following table provides the default threshold temperatures for these alarms:
Note
The Cisco ONS 15530 system automatically resets the following cards if the operating temperature exceeds the critical threshold:
•
•
•
•
•
•
All the other cards will be shutdown if the operating temperature exceeds the critical threshold. In addition, the ITU lasers on the trunk cards will be powered off. Though possible, Cisco does not recommend that you disable this feature.
To recover from a shutdown, you must power-cycle the shelf.
Caution
Caution
Configuring Critical Temperature Shutdown
To configure the system to automatically shut down when a critical alarm is generated, use the following global configuration command:
environment-monitor shutdown temperature slot/subslot/module
Enables system shutdown if the operating temperature exceeds the critical threshold temperature.
To change the default threshold temperatures, use the following global configuration command:
environment-monitor temperature-threshold {critical | major | minor | low} slot/subslot/module <threshold value>
Sets new1 threshold temperatures for the specified temperature sensor module.
1 If you do not specify the threshold temperature for an alarm (critical, major, minor, or low), the threshold will be reset to the default value. If you do not specify the temperature sensor module as well, the threshold temperature will be reset for all the temperature sensor modules.
To reset all thresholds for all temperature sensor modules, use the following global configuration command:
no environment-monitor temperature-threshold
Resets all thresholds to the default temperatures for all temperature sensor modules.
Example
The following example shows how to configure the critical threshold temperature:
Switch(config)#environment-monitor temperature-threshold critical 6/0/0 65Displaying the Threshold Temperatures
To display the configured threshold temperatures, use the following EXEC command:
Example
The following example shows how to display the configured threshold temperatures:
Switch# show environmentFan: OKLine card shutdown on fan failure: disabledSensor Module Temperature Thresholds(degree C) Minor Major Critcal Low-------------------- ------ ----------- ------------------------------------Sensor Module Version Alarms ShutdownMinor Major Critical Mode-------------------- ------ ------- ------------------------ --------Sensor 6/0/0 A 0 0 0 ChassisPower Supply 1 status: OK
Posted: Tue Feb 28 04:18:08 PST 2006
All contents are Copyright © 1992--2006 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.
