|
This chapter gives instructions for installing Release 3.0 of the VCLI with the Cisco MGX 8240 Private Line Service Gateway (MGX 8240 switch), and describes some common uses of the VCLI.
The Virtual Command Line Interface (VCLI) allows operators to configure, control, and monitor MGX 8240 switches. Through the VCLI, operators can configure the switch, provision circuits, monitor network status and statistics, and test DS1 ports and connections. As well as controlling the MGX 8240 switch, the VCLI can provision ATM circuits across a network by interfacing with the provisioning client software.
The VCLI is a character-based program run from a UNIX shell. Many instances of the VCLI program can run simultaneously on the same or different UNIX workstation(s).
The VCLI is one of three means of managing the MGX 8240. The other two are the Cisco WAN Manager (CWM) and the card-level Craft Interface. For information on the Cisco WAN Manager, see documentation for CWM .
The VCLI works separately from the Craft Interface, but performs many of the same functions. One difference in function is that the VCLI controls a whole network of switches, while the Craft Interface controls only one card in a switch.
Because the VCLI manages more than the Craft Interface does, the VCLI commands have some differences, including the following:
The additional VCLI commands make it possible to provision
This release
It is possible to install the VCLI before installing the MGX 8240. However, if the VCLI is installed before the MGX 8240, the administrator will only be able to assign users and look at Help screens. Before using the VCLI to manage the switch, you must install the switch.
To use the VCLI, operators need a Sun Solaris 2.5.1 or 2.6 workstation. The workstation must have the Provisioning Server Application Toolkit (Provisioning Client) CLI software installed and working.
There is no login and no password for the VCLI. The UNIX operating system handles security and user ID for the VCLI. After the initial logon, the network administrator can define users and assign privilege levels.
To get online Help with commands, press ? at any time. Help then displays the top-level hierarchy (root level) commands (such as show and add) and defines each one. If you enter one of the root level commands and press ?, you see the next level of commands. You may enter one of the displayed second-level commands (such as system or switch) and press ? again. If that command hierarchy has another level of commands, those commands will appear (the hierarchy goes up to four levels for some commands). At the bottom level, Help displays all options in that hierarchy and provides definitions of each. Table 1-1 shows the hierarchy.
For information on arguments (extensions of commands beyond the root level), see "Command Reference."
Security for Version 3.0 of the VCLI ensures that the files vpasswd, switch.db and all files ending in bldb can only be read or edited by root (if the VCLI is installed by root). All users will have to be added by the operator running as root. Users should be given one of three privileges:
The VCLI comes with a new vpasswd file that includes only user root as admin. The first operation of root should be adding new users.
For security, the VCLI changes the file protection of all .bldb files, switch.db and vpasswd files. During the installation process, the switch.db and .bldb files are left intact and unchanged. To guarantee security, modify these files so that only root has read/modify access.
The command set for the VCLI is hierarchical, with four levels of hierarchy. First-level commands require only one word; for example, one single-word command is save. At the second level, commands have two words, as in show environment. A third-level, three-word command is show cescard config, and a fourth-level, four-word command is show cescard refclock status. The table below shows examples of commands at all four levels.
Level No. 1 | Level No. 2 | Level No. 3 | Level No.4 |
---|---|---|---|
| |||
|
| ||
|
|
| |
|
|
|
|
You may also enter the first letter of each command instead of the entire word. For example, to enter the following command:
show cescard configyou need enter only the following letters:
sh ce cHowever, if one of the commands has the same letters as another command in its hierarchy level, you must enter as many letters as needed to make it unique. For example, to enter the following command:
change cescard redundancyyou need to enter the following letters:
c c redYou enter red because this hierarchy level contains two commands beginning with 're' (redundancy and refclock). To enter the command change cescard refclock, you need to enter only the following:
ch c refFor a complete set of command abbreviations, see Table 2-1.
Except for show commands (which can display many different objects within the VCLI), each command acts upon a specific object within the network. Network objects are hierarchically contained within other objects; their identification is defined by the containing object.
To identify a switch named tulsa1, enter the following identifier:
-sname tulsa1To identify the card in slot 4 of switch tulsa1,enter the following identifier:
-sname tulsa1 -card 4To identify the second channelized DS3 port of the card in slot 4 of switch tulsa1, enter the following identifier:
-sname tulsa1 -card 4 -ds3 2To identify the tenth DS1 port within the second channelized DS3 port of the card in slot 4 of switch tulsa1, enter the following identifier:
-sname tulsa1 -card 4 -ds3 2 -ds1 10To add CES connections DS0s 1, 3, 4, 8, 9, and 10 within the tenth DS1 port within the second channelized DS3 port of the card in slot 4 of switch tulsa1, enter the following identifier:
-sname tulsa1 -card 4 -ds3 2 -ds1 10 -ds0 (1,3,4,8-10)OC3 ports are numbered 1-4. OC3 ports 1 and 2 refer to unchannelized OC3 ports carrying ATM traffic connected to an ATM switch. OC3 ports 3 and 4 refer to channelized OC3 ports containing 3 DS3s worth of traffic.
OC3 ports 1 and 2 exist on all CPE cards. OC3 ports 3 and 4 are optional and may not be present on a CES card.
Note OC3 ports 1 and 2 map to Network 1 and 2 on the switch, and OC3 ports 3 and 4 map to Access 1 and 2 on the switch. |
To identify a connection, you use an Endpoint ID (EPID) that is unique within each card. This feature relieves you from having to identify the DS0s within a DS1 to identify connections that terminate on fractions of a DS1.
The EPID is shown when a connection is created, or when the connections are listed using a show command.
For example, to identify a connection on the card located in slot 4 of switch tulsa1 (which has Endpoint ID 283), enter the following identifier:
-sname tulsa1 -card 4 -epid 283The show command allows a list of objects to be shown. For example, the following identifier determines the DS1 port:
-sname tulsa1 -card 4 -ds3 2 -ds1 10To see all the connections on a DS3 port, use the following identifier:
-sname tulsa1 -card 4 -ds3 2To see all connections on a switch, use the following identifier:
-sname tulsa1To see the entire network, use the following identifier:
-networkThe network option applies to show, reboot, and download commands.
When you enter a command, the identifier is remembered. You do not need to specify the identifier for following commands because the VCLI remembers the identifier from the last command.
For example, if you are doing all your commands from a single switch and you enter the command show system switch -sname tulsa1, you may leave the switch name off on subsequent commands. For example, the command show cescard info -card 3 displays the card information for card 3 in switch tulsa1. You do not have to specify the card name.
The command show physicalport ds3 config -ds3 2 shows the DS3 configuration. You could create the EPID using the following command:
add connection segpl -sname boston2 -card 3 -ds3 1 -ds1 8 -ds0 (1-24)The above command returns an EPID, which can be used to change connection parameters or to delete the connection.
You may display the configuration you have created using the following command:
show connection segplTo view all of the segpls on DS1 port 5, enter the following:
show connection segpl -ds3 1 -ds1 5When you identify a new containing object, the identifiers of the objects contained within are cleared. For example, to change the same DS1 port number on a different DS3, enter the following:
change physicalport ds1 -ds3 2 -ds1 5 -as upThe VCLI for a new installation consists of the following files:
The VCLI for an upgrade installation consists of the following files:
You must perform the following before installation:
The VCLI comes in a compressed tar file, which must be uncompressed before use.
Perform the following commands as root.
Step 1 Place the VCLI file(s) in the target VCLI directory.
Step 2 Expand the tar file with the following command:
tar -xvf vcli-new-VERSION#.tarThis command expands all of the directories and files included in the tar file. An image directory will be created below the VCLI directory. This contains two subdirectories, fw and sw. These are the default locations for switch software upgrade.
If you installed the VCLI in the directory /opt/sentient/vcli and the provisioning server was installed on a machine with the IP address 1.2.3.4, the following commands would be placed in a .cshrc file to allow the use of the VCLI:
setenv VCLI_DIR /opt/sentient/vcliIf these commands are placed in the setup file /opt/sentient/vcli/vcliSetup, which can be sourced from the .cshrc file using the following command:
source /opt/sentient/vcli/vcliSetupAfter installation, the system is initially configured for root user name. Perform the following steps to set up the VCLI system:
Step 1 Log in to the account where the VCLI resides.
Step 2 Enter the following command:
vcliYou will see
[ . . ] - VCLI>>
The brackets are empty because this is the initial use of the VCLI system. In each subsequent use of the system, the prompt will list the switch name and the brackets will contain the last specified card, ds3, and ds1 numbers. For example:
prod [2.1.5] - VCLI>>
In this example, the switch last accessed is the prod switch, 2 is the card number, 1 is the ds3 number, and 5 is the ds1 number.
The VCLI can still run from a script; however, this process has changed. To invoke the VCLI to run from a script instead of user input, specify the argID -file followed by the filename. You may not supply the filename as the sole argument on the VCLI command line. For example, enter the following command to run from a script:
vcli -file NameOfScriptFile
Before creating a new system operator, you must create a UNIX account. The system operator name must match the UNIX account name. Create the account by entering the command to add a UNIX account associated with an operator. User authenticity is handled by UNIX account password protection.
The add system operator command adds an operator to the VCLI system. This command requires admin privilege level.
Operators have one of three privilege levels, as follow:
1. Show Operators with show privileges may view network configuration, status, and statistics only.
2. Change Operators with change privileges have show privileges and may modify the network elements such as CES cards, ports, and connections.
3. Admin Operators with admin privileges have show and change privileges and may modify aspects of the VCLI system such as modifying, adding or deleting operators, and adding or deleting switches and cards.
Note The VCLI uses the UNIX O/S to identify users. The O/S communicates the login name being used to run the application to the VCLI. Therefore, operators do not need additional usernames or passwords. The VCLI ascertains the username and verifies that the name is registered. If registered, the user may run the application. If not, the user is rejected and the application exits. |
Step 1 To add a new user to the VCLI system, enter the following command:
add system operator -name smith -priv adminYou have added an operator to the system named Smith with admin privileges. You will see
[ . . ] - VCLI>>
Step 2 To verify that the user was added, use the show sys operator command.
The add system switch command adds a switch to the VCLI system, associating a switch name with its out-of-band IP address. You must specify the out-of-band management IP address associated with the IMC (or, in older chassis, the Xyplex Common Interface Module). For more information, refer to the Cisco MGX 8240 Hardware Installation Guide.
When entering options for this command, note the following:
Perform the following steps to add a switch to the VCLI system:
Step 1 Enter the following command:
add system switch -sname chicago -ipaddr 205.13.222.36 -community public -chassisid 35 -ftppass (password)You added a switch named chicago to the system, the out-of-band IP address is 205.12.222.36, the community is public, the chassis ID is 35, and the FTP password for downloading software is <password>.
You will see
chicago[ . . ] - VCLI>>
Step 2 To verify that the switch was added, enter show sys sw.
After you use this command, the switch will have no cards. For each card to be added to the switch, use the add system cescard command (below).
The add system cescard command adds a CES card within a switch to the VCLI system. It associates an in-band (or ATM PVC) IP address with a card. Specify the switch name you used in the command add system switch above. For the card number, use the number of the slot in which the card resides.
The IP address is optional; Cisco recommends not entering the IP address because it will be autogenerated based on the chassis ID of the switch entered above.
The uplink logical port identifier is used to automatically provision ATM PVCs across the ATM network.
The CES card configuration may be modified using the change system cescard command (below).
Perform the following steps to add a card to the system:
Step 1 Enter the following command:
add system cescard -sname chicago -card 2 -uplinklp switch.100.101.102.103.card.6.pport.4.lport.2 -uplinknum 2You added a card in slot number 2 with an uplink logical port address of 100.101.102.103.card.6.pport.4.lport.2.
You will see
chicago[2] - VCLI>>
Step 2 To verify that the CES card was added, enter show sys sw.
The change cescard refclock command modifies the CES card reference clock control attributes for a CES Processing Engine card. Use it to configure the sources the card uses for reference clocking (primary and secondary). The reference clock must be physically installed to the switch prior to configuration. For more information, refer to the Cisco MGX 8240 Hardware User's Guide, chapter 1.
Perform the following steps to modify reference clock attributes:
Step 1 Enter the following command:
change cescard refclock -prim bitsa -second bitsb -revert enable -card 2Set the primary timing source to BITSA, the secondary timing source to BITSB, and enabled revertive switching.
You will see
chicago[2] - VCLI>>
Step 2 To view current status of the reference clock, enter the show cescard refclock status or show cescard refclock config command.
The change phys ds3 command changes the attributes of a DS3 physical port. This command sets the port administrative status to up and configures DS3 line type to match the connected equipment. It also controls the control loopback command for testing purposes.
Perform the following steps to modify a DS3 physical port:
Step 1 Enter the following command:
change phys ds3 -ds3 1 -as up -lt m23Set the first DS3 adminstratively up, and set the line type to M23 mode.
You will see
chicago[2.1] - VCLI>>
Step 2 To verify the changes, enter show phys ds3 conf -ds3 1.
The change phys ds1 command changes the attributes of a DS1 physical port. This command sets the port administrative status to up, and configures DS1 framing type to match the connected equipment. It also controls the control loopback command for testing purposes.
Perform the following steps to modify a DS1 physical port:
Step 1 Enter the following command:
change phys ds1 -ds3 1 -ds1 1 -as up -chanmode chan -timing int -frm esfYou have set DS1 1 on DS3 1 administratively up, the channelization mode to channelized, the timing mode to internal, and the framing to ESF (extended super frame).
You will see
chicago[2.1.1] - VCLI>>
Step 2 To verify the changes, enter show phys ds1 conf -ds3 1 -ds1 1.
To run a DS1 BERT test, enter the following command:
change phys ds1 -ds3 1 -ds1 1 -bertframe esf -bert onYou have enabled BERT testing with ESF.
You will see
chicago[2.1.1] - VCLI>>
The show phys ds1 bertconfig command shows the physical port DS1 BERT configuration to verify DS1 is operating properly before adding user connections.
To view a DS1 BERT configuration, enter the following command:
show phys ds1 bertconfig -ds3 1 -ds1 1You will see
Switch Name: chicago, Card: 2
DS3: 1 DS1: 1 Testing State: Running Testers Available: 2
Framing:ESF ErrorInsert: None
Pattern: QRSS UserPattern: 0xAA55AA55 UserPatternLen: 32
TxPatternInvert: Off RxPatternInvert: Off
chicago[2.1.1] - VCLI>>
The show phys ds1 bertstatus command shows the physical port DS1 BERT status . Use it to verify that a DS1 is operating properly before adding user connections.
Perform the following step to view the DS1 BERT status:
Step 1 Enter the following command:
show phys ds1 bertstatus -ds3 1 -ds1 1You will see
Switch Name: chicago, Card: 2
DS3: 1 DS1: 1 Testing State: Running ElapsedTime: 0:1:1 BER: 0.00e+00
PatternSync: LossOfSync RxedPattern: 0xFBFBFBFB BitErrors: 0
ErrorFreeSecs: 00:01:01 ErroredSecs: 00:00:00 SevErroredSecs: 00:00:00
PercentErrorFreeSecs: 100.0000% PatternLossSecs: 00:01:01
chicago[2.1.1] - VCLI>>
The add connection pl command adds a Private Line connection. The connection may be either local (within the same card) or remote (on different cards). Before you begin,
For more information on CES connection, refer to the Cisco MGX 8240 Hardware User's Guide, Chapter 2, in the section "CES modules."
To add a private line connection, enter the following command:
add connection pl -sname chicago -card 6 -ds3 1 -ds1 1 -ds0 (1-24) -e2sname chicago -e2card 6 -e2ds3 1 -e2ds1 2 -e2ds0 (1-24) -cktid ckt_oneYou created a channelized connection between ds1 1 and ds1 2 on ds3 1 using all 24 ds0s.
You will see
Connection with Endpoint 1 EPID = 261, endpoint 2 EPID = 262 created.
chicago[6.1.1] - VCLI>>
To see status and error statistics for Private Line connections, enter the show connection all summary and show connection all statistics commands.
For example, to view the status of first endpoint of the connection previously established, you would enter the command:
show connection pl summary -epid 261You will see
DS3 DS1 EPID CktId Type AdminSts OamLoopSts OperStatus
1 1 261 ckt_one local-PL Up None PhysDown
chicago[6.1.1] - VCLI>>
The show log atm statistics command shows the following ATM logical port statistics:
To view logical port ATM statistics, enter the following command:
show log atm statisticsYou will see
Switch Name: chicago, Card: 6
OC3: 1 Current Interval Elapsed Time (min:sec) 13:29
Valid Cells Ingress: 0 Cells w/HEC Errors: 0
Cells Egress: 0
chicago[6.1.1] - VCLI>>
The show log atm suumary command shows ATM logical port status, including the following:
To view ATM logical port summary, enter the following command:
show log atm summaryYou will see
AdminSts ConfigVCCs AvailIBW AvailEBW OperStatus
Up 1 47097 347097 PhysDown
'
chicago[6.1.1] - VCLI>>
To view the system status, enter the following command:
sh sys stYou will see
Phys Slot 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
In-Band NA NA U U U U U U NA U U U NA NA NA NA
Out-of-Band U NA U U U U U U NA U U U U NA NA NA
Current Xface 0 NA I I I I I I NA I I I I NA NA NA
chicago[6.1.1] - VCLI>>
The download command takes software from the directory pointed to by ImageDir and downloads it to the cards specified in the command. The files (including subdirectories) in each directory are downloaded to the card indicated.
Perform the following steps to download new software to the primary IMC card:
Step 1 To specify the source for download files, enter the following command:
ch env -imagedir /(directory name)Step 2 Enter the following command to download files:
download -sname chicago -swcmd 3You will see
SwitchName: Chicago, Card: 1
Are you sure [NO]?
Step 3 Enter Y for Yes or N for No and press Enter. If you enter Y, you will see
Downloading to software SW2, firmware FW1After you download new files, you may change the CES and IMC image to access the new software using the change ces image command.
You must change the CES image to access the software downloaded in the previous section. Perform the following steps to change CES image:
Step 1 Enter the following command:
ch ces imageYou will see
SwitchName: Chicago, Card: 6
Are you sure [No]?
Step 2 Enter Y for Yes or N for No and press Enter. You will see
chicago[6.1.1] - VCLI>>
You must change the CES image to access the software downloaded in the previous section. Perform the following steps to change the CES image:
Step 1 Enter the following command:
ch imc imageYou will see:
SwitchName: Chicago, Card:1
Are you sure [No]?
Step 2 Enter Y for Yes or N for No and press Enter. You will see
chicago[1. . ]- VCLI>>
Posted: Sun Sep 29 05:19:08 PDT 2002
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.