| Sun Netra CP3240 Switch Installation Guide |    
|
| C H A P T E R 4 |
|
Configuring Switch Software |
This chapter describes how to configure the switch software.
The switch incorporates four main software components:
The IPMI firmware, uBoot, and OS are covered in this chapter. FASTPATH is described, however, for detailed information and command syntax, refer to the Netra CP3240 Switch Command Reference Manual (820-3253).
This chapter contains the following topics:
This section describes the IPMI firmware sensors.
The following tables lists the logic that drives these sensors.
uBoot is the boot loader. Much like a BIOS, it brings the system to a usable state for the operating system (OS) to boot. It also performs a POST of the CPU subsystem. It can be used as a recovery console if the firmware image becomes corrupt or a firmware update fails. Several important environment variables are stored in uBoot, only some of which should ever be changed, namely noekey and baudrate.
To get to a uBoot console, you must prevent the switch from booting into the OS. Shown here is an example of the start of a boot sequence.
Press any key before ### JFFS2 loading 'image1' to 0x400000 appears.
There is only a one-second delay to press a key.
When the uBoot prompt is displayed, you can then enter any of the following commands.
See the Section 4.3.1, e-Keying for a description of e-Keying, and how it is supported.
To disable e-Keying, use the noekey environment variable.
List the ports to be disabled separated by only commas.
Or use the word all to disable e-Keying completely.
To re-enable e-Keying clear the variable.
After changing the environment variables you must always save if you would like the change to persist though a reset.
You can change the serial baud rate from within FASTPATH, the boot menu, or in uBoot. Changing it in uBoot is the only method that allows it to persist through a reset. Only standard baud rates are accepted.
To change the baud rate in uBoot, enter the command as in the following example.
After changing the rate, you must save if you would like the change to persist though a reset.
The switch uses Linux as an operating system. The Monta Vista 3.1 Pro 2.4.20 kernel is used. There are no settings to change, and the OS is completely transparent to the user.
e-Keying is implemented as a Linux driver. The CPUs for both Base and Fabric have a direct connection to the IPMI controller, which is used to communicate e-Keying messages. The CPU is interrupted when an e-Keying event occurs. The driver handles these interrupts and disables ports based on the information it receives. This disables the port at the PHY level. e-Keying can be ignored by creating a uBoot environment variable as described in the Section 4.2.2, E-Keying Control in uBoot.
e-Keying can be ignored by creating a uBoot environment variable as described in Section 4.2.2, E-Keying Control in uBoot. When e-Keying is bypassed, ports are no longer enabled or disabled based on the e-Keying state. The e-Keying information is still shared with the shelf manager as usual, but now ports are enabled regardless if the shelf manager enables them or not.
The ATCA LEDs can be turned on from several sources, one of which is a Linux driver. Both the Base and Fabric drive these LEDs. The red OOS LED is driven until FASTPATH has loaded, at which point the green Healthy LED is driven. The OOS LED signals are “OR” so that if one or more are active, the LED is on. The Healthy LED signals are “AND.” The Base and Fabric must be booted into FASTPATH as well as several hardware conditions must be met for this LED to be on.
A single-serial port is provided to control both CPUs. The ` key, usually in the upper left key on the keyboard and the same key as ~, can be used to switch between controlling the Base (3.0) and the Fabric (3.1). The ` key works in uBoot, Linux, the BCM debug shell, and FASTPATH.
When you switch between Base and Fabric [Base] or [Fabric] is printed to the console so that you know which one you are currently controlling.
(switch Base) # (and then ENTER is pressed here) (switch Base) #[Fabric] (and then ENTER is pressed here) (switch Fabric) #[ Base ] (switch Base) # User: |
The switch supports running its serial port to both the front panel and the RTM. It does not support both the front panel and RTM at the same time. You must configure the port to go to the location needed. By default, the port is routed to the front panel.
In this example, the serial port direction is to the RTM.
In this example, the serial port direction is changed to the RTM. Note that the change is instantaneous and lasts though a reboot.
configure lineconfig serial location rtm [set location to front for the front panel] |
The following is an example of a boot sequence.
The switch takes approximately 50 seconds to boot to a console and be fully functional.
There is a utility menu that can be used before FASTPATH boots. During boot there is a two-option menu displayed for five seconds. This menu allows access to the utility menu if you press number 2 and Enter.
Most of the options are self explanatory based on their names. The following sections describe some of the options more fully.
FASTPATH can be updated from within FASTPATH itself, but it can also be updated from this menu.
| Note - DHCP can be used to obtain an IP for the switch during this update. Enter dhcp as the IP address. This entry begins the update and provides status information as it is updating. |
This is the same as clear config from within FASTPATH. This option can be used if the switch is in an unknown state, and restoring the default settings is desired.
This command completely erases FASTPATH, any log files, and any configurations. It does not erase uBoot or Linux. Use of this command is never recommended. Updates can safely be installed without running this option, and configurations and log files are preserved.
The switch supports three boot methods:
The default option is booting from the flash. See Section 4.9, Network Boot for more information.
This option boots the Broadcom diag shell, currently SDK version 5.4.1. This environment is provided as is, with no support. Several commands provided in this shell are not supported and will not work. This shell is provided mainly for debug, testing, and diagnostics purposes. This shell has many low-level tests, and low-level register access. It can be used to check the integrity of particular boards. Help is provided in the shell with ?? and commands followed by a single question mark. Some commands of interest are TestList and TestRun.
The switch features hardware flash redundancy. If the switch fails to boot from the primary flash for any reason, the onboard IPMC will reset the board and attempt to boot out of the backup flash. No user interaction is required.
The switch backup flash comes preprogrammed with default settings. You can change what is loaded on the backup flash by using the Copy Primary Flash to Backup Flash command from the utility menu.
The switch supports dual firmware images of the Base and Fabric software. While this feature does not provide high availability (the hardware redundant flash provides that), it does provide a way to store two copies of the firmware on the switch. This allows you to switch between firmware, as needed.
Which image is active can be changed several ways.
From the boot menu, the Activate Backup Image option can be used.
From within FASTPATH the boot system command in combination with the update bootcode commands can be used.
All of the update methods supported by the active image (image1 by default) are also supported for the non-active image (image2).
The Fabric networks support both 1Gigabyte and 10Gigabyte operation. No configuration is required to put the switch into either a 1Gigabyte or 10Gigabyte mode. The switch will dynamically connect at the appropriate speed.
The switch supports network booting. This feature can be used to test updates to FASTPATH without installing them. Updates containing changes to uBoot, Linux, or the IPMC must be installed to the flash before they can be used.
1. Setup a TFTP server on the update network.
Tftpd is the standard TFTP server for Linux and Solaris.
For Windows, Solarwinds (http://www.solarwinds.net) offers a free TFTP server.
2. Place the update image on the TFTP server.
It will have a .tgz file extension.
3. Connect to the serial management port of the network to be updated, and connect the MGMT port to the update network.
4. Reboot the switch using the reboot button, hotswap handle, or reload command.
5. As the switch boots, press number 2 to enter the Utility Menu.
6. Press number 8 to change the boot method.
7. Press number 3 to select network as the boot method.
8. Enter the information for your TFTP server.
For host IP, you can enter dhcp if you would like to use DHCP to obtain a valid IP address.
9. Press number 1 to boot the system.
10. Use option 8 of the Utility Menu to change the boot method back to flash, when desired.
The switch features LVL7 Systems’ FASTPATH 2340 software, version 4.4. FASTPATH is a software package providing the robust management needed to control a modern switch-router. This section serves as a quick primer on using FASTPATH on the switch. FASTPATH is not covered in detail in this guide, but is covered in the Netra CP3240 Switch Command Reference Manual (820-3253).
The switch can be controlled by a CLI, a web interface, and through SNMP. All management interfaces, other than serial, can be enabled or disabled, provided over both the out-of-band management port and/or any in-band ports, and be limited to certain in-band ports.
The switch provides an industry standard CLI. The CLI is provided over the serial port, telnet and SSH. This section only describes some basic commands. For detailed command syntax, refer to the Netra CP3240 Switch Command Reference Manual (820-3253).
The CLI is mode based. It works similarly to a console in Linux or Windows. Commands are grouped under modes, and those commands only work when the user is in the current mode. There are very few global commands.
To return to one mode higher than the current mode, use exit.
For example to shutdown port 17, switch to enable mode, configure mode, interface 17 mode, then issue the shutdown command. Use exit to return to configure mode, and exit again to return to enable mode.
Many commands have a no form. The no form is used to disable the command. With the previous example, to re-enable port 17, once you are in the interface 17 mode, you would issue the no shutdown command.
FASTPATH supports multiple users with different security levels. By default, there is one admin user with no password. In the CLI, privilege mode is password-protected separately from the default mode, but also has a default of no password.
A CLI is provided on the serial console, telnet console, and SSH console. The serial console is always enabled. The telnet console is enabled by default. SSH is disabled by default.
The prompts always show the current mode. Here are a few examples.
The username and password are the same as the CLI. The web interface is enabled by default. Java is enabled by default. HTTPS is disabled by default.
SNMP is enabled by default. The default read-only community string is public. The default read-write community string is private.
The switch supports SSH for a secure CLI console as well as SSL/TLS for secure HTTP. By default, SSH and SSL are disabled. The switch cannot generate its own keys. Keys must be generated on an external PC, and uploaded to the switch via TFTP. Once the keys are on the switch, SSH and HTTPS must be enabled to be used.
First, the certifications and keys must be uploaded to the switch using a command such as the following:
Upload the following files to the switch:.
Enable secure access (SSH/Telnet) and disable non-secure access (SSL/HTTP).
The switch comes configured with a default configuration. This configuration boots the board to Layer 2 switching. This configuration is very basic and should be updated for your environment. The default settings are as follows:
The settings of the switch can be checked with the show running-config command. This command shows how the current configuration is different than the default configuration. This command can be very useful because the output is in script format. This output can be backed up or copied to another switch.
The ports are ordered the same way as the ATCA channels. The ATCA specification allows for backplanes to be routed differently. This means that logical slots and physical slots often do not match.
The switch supports an abstraction layer that allows the port order to be changed. This allows vendors to match logical slots and physical slots independent of routing. Contact Sun if you would like a non-standard port order. Sun’s port ordering is shown in the following table for shelves with middle hub slots, that is, slots 7 and 8.
| Note - If ports are ordered the same as the ATCA channels, Base and Fabric are always one number off. So, if a board is in slot 6, it is connected to Base channel 3 and Fabric channel 2. |
All of the firmware listed in this section is field upgradeable. There is a single update image that supports the Base firmware, Fabric firmware, and IPMC firmware. This update image must be installed twice though, once on the Base and once on the Fabric. The IPMC update happens during a Base update. Each firmware can be updated independently without affecting other firmware, for example, FASTPATH can be updated without touching uBoot and Linux.
For up-to-date instructions on upgrading the firmware packages, refer to the following documentation:
For the fiber optic RTM (XCP3240H-RTM-OP-Z) to work correctly, switch firmware 1.2.1.0 or newer is required. The following sections describe support and requirements for configuring the RTM.
The Fiber Optic RTM was designed to work with any standard compliant SFP or SFP+ module.
The Sun Netra CP3240 switch’s backplane ports are capable of auto-negotiating between 1G and 10G speeds without any user input. However, the RTM optical ports must be explicitly configured without auto-negotiation for 1G operation. This requirement is due to the underlying technology used in 10G interfaces.
For 10G operation, an SFP+ module must be used and the port must be set to no auto-negotiate. For all 10G RTM ports, no auto-negotiate is the default setting.
configure interface <0/xx> no auto-negotiate exit exit |
where <0/xx> is the port number of the RTM on Fabric. Valid entries are 0/17, 0/18, 0/19, and 0/20.
For each port on the RTM, enter the command.
For 1G operation, an SFP module must be used and the port (17-20) must be set to auto-negotiate. When you enable auto-negotiation, 1G operation is automatically enabled and 10G operation is automatically disabled.
For all 10G RTM optical ports no auto-negotiate is the default setting. Therefore, 1G operation must be explicitly enabled. Note that Base 10G port, 0/25 and 0/27 do not support 1G operation. The Fabric 10G RTM optical ports support both 1G and 10G operation.
configure interface <port numbers/range in 0/20 format> auto-negotiate exit exit |
where <0/xx> is the port number of the RTM on Fabric. Valid entries are 0/17, 0/18, 0/19, and 0/20.
For each port on the RTM, enter the command.
| Sun Netra CP3240 Switch Installation Guide | 820-3251-13 |
|
Copyright © 2009 Sun Microsystems, Inc. All rights reserved.