Cisco SN 5428-2 Storage Router Software Configuration Guide, Release�3.2
Chapter 10 - Maintaining and Managing the SN 5428-2 Storage Router
Downloads: This chapterpdf (PDF - 496.0KB) The complete bookPDF (PDF - 7.29MB) | Feedback

Maintaining and Managing the SN 5428-2 Storage Router

Table Of Contents

Maintaining and Managing the SN 5428-2 Storage Router

Prerequisite Tasks

Installing Updated Software

Specifying the Location to Retrieve Updated Software

Downloading Updated Software

Downloading from a Special Location

Setting Updated Software as Boot Version

Precautions for Cluster Environments

Backing Up System Configuration

Restoring from Backups

Powering Down the SN 5428-2 Storage Router

Resetting the System

Recovering Passwords

Controlling SCSI Routing Instances in a Cluster

Making Changes to Instance Configurations

Enabling and Disabling Connections

Stopping & Starting Instances

Viewing Operational Statistics

Handling Failover

Manual Failover

Managing CDP on the SN 5428-2 Storage Router

Using Scripts to Automate Tasks

Running Command Scripts

Using the SN 5428-2 Logging Facilities

Filtering and Routing Event Messages

Enabling and Disabling Logging

Managing the Log File

Gathering Troubleshooting Information

Using the Crash Log

Using FTP with the SN 5428-2 Storage Router

Understanding Diagnostics

Capturing System Messages at Bootup

Capturing the Storage Router Configuration

Using Debug Facilities


Maintaining and Managing the SN 5428-2 Storage Router


This chapter explains how to perform normal maintenance and management tasks associated with the Cisco SN 5428-2 Storage Router. The following tasks are covered:

Prerequisite Tasks

Installing Updated Software

Backing Up System Configuration

Restoring from Backups

Powering Down the SN 5428-2 Storage Router

Resetting the System

Recovering Passwords

Controlling SCSI Routing Instances in a Cluster

Managing CDP on the SN 5428-2 Storage Router

Using Scripts to Automate Tasks

Using the SN 5428-2 Logging Facilities

Gathering Troubleshooting Information

SN 5428-2 Storage Router maintenance and management tasks can be performed using CLI commands, as described in this chapter, or via the web-based GUI. To access the web-based GUI, point your browser to the storage router's management interface IP address. After logging on, click the Help link to access online help for the GUI.


Note Not all maintenance and management tasks are appropriate for all storage routers. For example, tasks related to high availability clusters (such as failover of SCSI routing instances) are not necessary for storage routers configured as standalone systems or deployed for transparent SCSI routing.


Prerequisite Tasks

Before performing any of the storage router maintenance tasks, make sure you have configured system parameters as described in "First-Time Configuration," or "Configuring System Parameters."


Note Certain configuration tasks, such as identifying a location from which to download software, are optional and may not have been performed during initial configuration. You may perform these tasks at any time, via the CLI or the GUI. Where necessary, this chapter will identify the relevant tasks and commands.


Installing Updated Software

The SN 5428-2 Storage Router is designed to run on a continual basis without significant maintenance. However, from time to time, you may need to install updated software.

The SN 5428-2 stores software images (along with configuration files, log files, and other information) on a local file system. This file system is stored on an internal, non-volatile Flash disk. The show software version all command displays a list of all software versions stored on the SN 5428-2 and the amount of disk space available for additional software.

Cisco.com provides registered users access to SN 5428-2 Storage Router software updates. You can download updated software directly to the SN 5428-2 from Cisco.com via standard HTTP, or via HTTP using a proxy server. See the "Obtaining Technical Assistance" section for details on using Cisco.com.

You can also use a standard browser to download software updates and associated readme files from Cisco.com to a location of your choosing. Using the CLI or the web-based GUI, you can then make the software available from this location (known as the "download location") to the storage router via HTTP, HTTP using a proxy server, or Trivial File Transport Protocol (TFTP).

If you plan to use the CLI download software http or download software proxy commands to make the updated software available to the storage router, the machine hosting the download location must be running a web server.

If you plan to use the CLI download software tftp command, the machine must be accessible using the Trivial File Transport Protocol.

If the machine is not running a web server or accessible via TFTP, use the web-based GUI to make the updated software available to the storage router. (See the online Help for details.)

The download location used for retrieving updated SN 5428-2 software is set using the software http url, software proxy url, or the software tftp commands. To view the download location currently specified, use the show software version all command. The resulting display (Example 10-1) identifies the HTTP URL, Proxy URL, and TFTP host name and other information used to identify the download location, the current version of software running on the storage router, and the version that will be used at system restart. In the example, all default locations and related user names and passwords are set.


Note If you are a registered Cisco.com user, you can download a TFTP server tool for Microsoft Windows 95, Microsoft Windows 98, and Microsoft Windows NT. You can reach the TFTP server tool on Cisco.com at the Software Center under Service & Support: http://www.cisco.com/cgi-bin/tablebuild.pl/tftp.


Example 10-1 Results of "show software version all" Command

[SN5428-2_A01]# show software version all
 
Version               Boot  Hash  Sign  Crash       Size   Date                 
--------------------  ----  ----  ----  -----  ----------  ---------------------
3.2.0.23-K9           OK    OK    N/A       0  10101.0 KB  Jan 25 11:38 CDT 2003
3.2.1-K9              OK    OK    N/A       0  11102.0 KB  Jan 29 15:44 CDT 2003
 
              Http Url: http://www.cisco.com
           Http Username: SWAdmin01
           Http Password: *********
 
           Proxy Address: 10.1.12.32
              Proxy Port: 3122
               Proxy Url: http://www.cisco.com
          Proxy Username: SWAdmin01
          Proxy Password: *********
 
           Tftp Hostname: 10.1.1.122
          Tftp Directory: 
 
Software Space Available: 33264.0 KB
         Current Version: 3.2.1-K9
            Boot Version: 3.2.1-K9
 

To install updated SN 5428-2 software, perform the following steps:


Step 1 (Optional) Identify the location from which to retrieve the updated SN 5428-2 software. (This is either Cisco.com or another download location of your choosing, as previously described.)

Step 2 Make the selected version of software available on the SN 5428-2 local file system.

Step 3 (Optional) Set the new version as the version to be booted during the next system restart, and reboot the SN 5428-2.



Note Always review the README file before making updated software available to the SN 5428-2.


Specifying the Location to Retrieve Updated Software

You must specify the location from which to retrieve updated software. If the current download location is not appropriate, you can reset it.

Use the following procedures to specify the desired download location:

Using HTTP

Using Proxy Services

Using TFTP

When you are finished, verify the new settings using the show software version all command, then save them using the save system bootconfig or save all bootconfig command.


Note If you use the URL, http://www.cisco.com, as the default download location, the username and password must be the same as your Cisco.com login ID and password.


Using HTTP

Use the following procedure to specify the HTTP download location.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

software http url http://10.1.11.32/software/sn5428-2

Configure the default download location. For example, set the download location to http://10.1.11.32/software/sn5428-2.

Step 3 

software http username webadmin password webword

(Optional) Define the user name and password needed to access the selected location. For example, specify user name webadmin and password webword. If no user name and password are required, use the keyword none (for example, software http username none).

Using Proxy Services

Use the following procedure to specify a download location via proxy services.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

software proxy url http://www.mystoragenet.com

Configure the default download location. For example, set the download location to http://www.mystoragenet.com.

Step 3 

software proxy address http://10.1.10.126 port 32

(Optional) Identify the address and port number of the proxy server that will be used to access the URL specified in Step 3 (for example, http://10.1.10.126, port 32).

Step 4 

software proxy username Ciscouser password Ciscopswd

(Optional) Define the user name and password needed to access the selected download location. For example, specify user name Ciscouser and password Ciscopswd. If no user name and password are required, use the keyword none (for example, software proxy username none).

Using TFTP

Use the following procedure to specify the TFTP download location.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

software tftp hostname TFTPHost1 directory /myTFTP

Configure the default download host and optional base directory. For example, set the host name to TFTPHost1 and the base directory to /myTFTP.

Note If the storage router is not configured to use the services of a DNS, enter the IP address of the TFTP host. If the base directory is tftpboot, omit the directory keyword.

Downloading Updated Software

The download software command makes a new version of software available to the storage router for boot purposes. You can store two versions of software on the SN 5428-2. Before attempting to download updated software, verify that only a single version of software exists on the storage router. If two versions exist, use the delete software version command to delete the old version of software to make room for the new version.

Use the following procedures to make a new version of software available to the storage router:

Using HTTP

Using Proxy Services

Using TFTP


Note Before downloading software, issue the show system command and verify that there is sufficient free space available. The software space available is shown in kilobytes; the size of the typical download is about 25 MB.


Using HTTP

Use the following procedure to make a new version of software available to the SN 5428-2 via HTTP.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

download software http version 3.2.1-K9

Download a new software version to the storage router (for example, 3.2.1-K9).

Using Proxy Services

Use the following procedure to make a new version of software available to the SN 5428-2 via proxy services.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

download software proxy version 3.2.1-K9

Make a new software version available to the storage router (for example, 3.2.1-K9).

Using TFTP

Use the following procedure to make a new version of software available to the SN 5428-2 via TFTP.


Note While the size of the software file may vary, it will exceed 16MB. Some older TFTP implementations have a 16MB download limitation.


 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

download software tftp version 3.2.1-K9

Make a new software version available to the storage router (for example, 3.2.1-K9).

Downloading from a Special Location

There may be times when you need to make special software available to the storage router, for example, under the guidance of a Cisco Technical Support professional.

If you isolate this software from standard updates by placing it in another location (not the default download location), you could change the default download location, download the software, and then reset the default download location.

An easier way, however, is to specify the download location as a parameter on the appropriate download software command.

To download a file named 321-K9.tar from http://your.website.com/sn5428-2 via HTTP, issue this command:

download software http url http://your.website.com/sn5428-2/321-K9.tar

To download a file named 321-K9.tar from http://your.website.com/sn5428-2 using the services of a proxy server, issue this command:

download software proxy url http://your.website.com/sn5428-2/321-K9.tar

To download a file named 321-K9.tar from my_tftpHost using TFTP, issue this command. The 321-K9.tar file must reside in the default base directory defined for the TFTP host.

download software tftp hostname my_tftpHost filename 321-K9.tar

Setting Updated Software as Boot Version

Downloading updated software to the storage router does not change the currently running version of the software, nor does it automatically set the new version to be booted at next system restart. You must take specific action to make the new software version bootable.

Setting software as the bootable version consists of verifying the software integrity and performing internal checks to ensure that the storage router can boot the specified version of software.

Use the following procedure to set the new software as the version to be booted.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

software version 3.2.1-K9

Select the software to be booted when the system next starts (for example, boot 3.2.1-K9 when the system restarts). The system checks the integrity of the specified software version to be sure that it is bootable.

Step 3 

show software version boot

Verify that the correct version is shown as the bootable version (identified as Boot Version).

Step 4 

reboot

When you are ready to run the new software version, restart the storage router.

Precautions for Cluster Environments

In a cluster environment, the software version command may temporarily suspend normal HA communications, while internal checks are made to ensure that the new software can be run. A suspension will cause a failover of any SCSI routing instances active on the storage router.

Any instances with the primary attribute set to the name of the SN 5428-2 will resume running on the storage router after it is rebooted or after normal HA communications are restored.

If the storage router is running in a cluster environment, issuing the reboot command will attempt failover for all SCSI routing instances to another storage router in the cluster. The iSCSI drivers handle reconnection of users to the appropriate storage resources, minimizing the effects of the reboot sequence on those users.

Backing Up System Configuration

Backing up the system configuration consists of saving selected storage router configuration information to XML files that can be stored both locally and remotely. Should problems occur, AAA authentication information, access lists, Fibre Channel (FC) interface and switch configuration, SCSI routing instances, VLANs and other storage router system configuration information can be restored from these files. See "Command Line Interface Reference," for more information about what configuration data is saved.

While you can issue a save command at any time during a CLI command session, best practices suggest that you should back up the storage router system configuration to a file on a regular basis.

Configuration files are maintained in the savedconfig directory on the SN 5428-2. You can use the copy command to copy the configuration file to a server running TFTP, allowing you to integrate the storage router backups with other software archives.

By accessing the web-based GUI from a remote server, you can create storage router backup files directly on that server. See the GUI online help for details.


Note See "Command Line Interface Reference," for more information about using the save and copy commands.


Creating Local Backups

Local backups allow you to store the resulting XML configuration file in the savedconfig directory on the SN 5428-2.

Use the following procedure to perform a local backup that saves the configuration of all the current SCSI routing instances to a file named backup1 in the savedconfig directory.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

save scsirouter all backup1

Save all defined SCSI routing instances to a file named backup1.

Storing Backups to a Remote TFTP Server

Use the following procedure to create a backup configuration file named backup2 and to copy that backup file to another file named back2.temp, located on the TFTP host, tftpserver1, in the default directory, /tftpboot.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

save all backup2

Save the current running configuration to a file called backup2 in the savedconfig directory.

Step 3 

copy savedconfig:backup2 tftp://tserver1/back2.temp

Copy the saved configuration file, backup2, to a file called back2.temp, located on the TFTP server, tserver1, in the default directory.

Note The back2.temp file must already exist in the default directory with the appropriate permissions that allow it to be overwritten. You cannot create a new file using TFTP.

Restoring from Backups

AAA authentication information, access lists, FC interface and switch configuration, SCSI routing instances, VLANs, and selected system configuration data can be restored from previously saved configuration files. You may choose to restore selected data such as a specific SCSI routing instance, or all data, using the restore command with the from keyword.

The file from which configuration is restored must reside in the savedconfig directory (/ata3/savedconfig). If you need to restore configuration data from a backup file existing elsewhere in the network, use the copy command to make the desired file available in the savedconfig directory.

Restoring configuration data copies all or part of the contents of the specified file into persistent memory; it does not always change the storage router's running configuration. For example, the configuration of a restored SCSI routing instance may only be completely visible via the show scsirouter command using the from bootconfig keywords until the instance has been restarted.

Restoring a Deleted SCSI Routing Instance

For example, suppose the SCSI routing instance, scsi1, was inadvertently deleted. Use the following procedure to restore scsi1 from a configuration file that was saved to a URL.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

copy http://10.1.1.44/~s1/back1 savedconfig:scsi1_restore

Copy the specified configuration file from the designated URL and place it in the savedconfig directory, using the file name, scsi1_restore.

Step 3 

show savedconfig

Verify that the imported file now exists in the savedconfig directory.

Step 4 

show scsirouter all from scsi1_restore

Verify that the SCSI routing instance exists in this configuration file.

Step 5 

restore scsirouter scsi1 from scsi1_restore

Restore the SCSI routing instance from the specified file.

Step 6 

show scsirouter scsi1 from
bootconfig

Display the restored SCSI routing instance to verify that the configuration is as expected.

Step 7 

scsirouter scsi1 enable

Start the restored SCSI routing instance, updating the running configuration of the storage router. Once the instance has been restored and restarted, modifications to its configuration can also be made.

Step 8 

save scsirouter scsi1 bootconfig

(Optional) If changes are made to the SCSI routing instance configuration, save the SCSI routing instance to the storage router bootable configuration.

Restoring an Existing SCSI Routing Instance

If you need to restore the configuration of a SCSI routing instance that is still active in the storage router, you must stop the instance, restore the configuration from the selected file, then restart the instance. For example, use the following procedure to restore the SCSI routing instance, scsi2, from the file, scsi2_backup.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

show scsirouter scsi2 brief

Display current status of the SCSCI routing instance. If the status is active, proceed with Step 3 to stop the instance. Otherwise, continue with Step 4.

Step 3 

no scsirouter scsi2 enable

(Optional) Disable an active SCSI routing instance. You cannot restore an active instance.

Step 4 

show scsirouter all from scsi2_backup

(Optional) Verify that the instance saved in the configuration file is the one you want to restore. The configuration file must exist in the savedconfig directory.

Step 5 

restore scsirouter scsi2 from scsi2_backup

Restore the SCSI routing instance.

Step 6 

show scsirouter scsi2 from
bootconfig

Confirm that the configuration of the SCSI routing instance is now correct.

Step 7 

scsirouter scsi2 enable

Restart the SCSI routing instance.

Step 8 

show scsirouter scsi2

(Optional) Verify the configuration of the restored and restarted SCSI routing instance. The running configuration should now match the restored permanent configuration. Once the instance has been restored and restarted, modifications to its configuration can also be made.

Step 9 

save scsirouter scsi2 bootconfig

(Optional) If changes are made to the SCSI routing instance configuration, save the restored SCSI routing instance to the storage router bootable configuration.

Restoring AAA Authentication Information

When you restore AAA authentication information, the following configuration settings are updated:

AAA authentication lists

The user names and passwords in the local username database

Radius servers, server groups, and associated server, group and global authentication port, retransmit, time-out, deadtime and key values

TACACS+ servers, server groups, and associated server and global authentication port, time-out, and key values.

Use the following procedure to restore the AAA authentication configuration that exists in the saved configuration file aaa_backup.


Note In a cluster environment, AAA configuration functions are handled by a single node in the cluster. If you issue an AAA command from a storage router that is not performing AAA configuration functions, the CLI displays an informational message with the name of the storage router that is currently handling those functions.


 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

show savedconfig aaa_backup

Display the contents of the backup file, and verify that this is the AAA authentication configuration that you want to restore. The file must exist in the savedconfig directory.

Step 3 

restore aaa from aaa_backup

Restore the AAA authentication from the saved configuration file.

Step 4 

show aaa

Display the AAA authentication information and verify that it is now correct.

Step 5 

save aaa bootconfig

(Optional) If you make any changes to the restored AAA authentication configuration, save the changed configuration to the storage router bootable configuration.

Restoring an Access List

When you restore an access list, existing entries are never deleted. The restore will add missing entries and overwrite entries of the same name, but will never purge or delete existing entries. If necessary, you can delete an entire access list and then restore if from a saved configuration file.

Use the following procedure to restore the access list named mylist from the file named accesslist_backup.

In this example, the access list named mylist in the running configuration contains the following entries:

10.1.1.30/32

172.16.255.220/32

chap-username 12h7b.lab2.webservices

chap-username 12784.lab1.webservices

The saved access list in the configuration file named accesslist_backup, contains these entries:

209.165.200.225/32

10.1.1.30/32

chap-username 12h7b.lab2.webservices

chap-username test2.sys3


Note In a cluster environment, access lists management functions are handled by a single node in the cluster. If you issue an access list command from a storage router that is not performing access list management functions, the CLI displays an informational message with the name of the storage router that is currently handling those functions.


 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

show accesslist mylist

Display the current entries associated with the access list.

Step 3 

show accesslist mylist from 
accesslist_backup

Display the entries associated with the access list saved in the configuration file. The configuration file must exist in the savedconfig directory.

Step 4 

restore accesslist mylist from
accesslist backup

Restore the access list entries from the saved configuration file.

Step 5 

show accesslist mylist

Display the entries for the restored access list. The entries are:

10.1.1.30/32

172.16.255.220/32

209.165.200.225/32

chap-username 12h7b.lab2.webservices

chap-username 12784.lab1.webservices

chap-username test2.sys3

Step 6 

save accesslist mylist 
bootconfig

(Optional) If any entries prior to the restore were not saved, issue the save command to save the current access list configuration to the storage router bootable configuration.

Restoring Fibre Channel Interface and Switch Configuration

You can restore zoning information and both global and interface-specific FC configuration information. You can restore the following settings:

Global FC settings, including time out values and domain ID

FC interface configuration, including link speed and port type settings, for all FC interfaces

All alias, zone and zone set configuration

Use the following procedure to restore all saved global and FC interface configuration information. In this example, the global and interface-specific FC configuration information will be restored from the saved configuration file named fcswitch_backup.


Note Restoring global FC settings, such as the domain ID, in an operational fabric may cause traffic disruptions.


 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

no interface fc1 enable

no interface fc4 enable

(Optional) Remove the storage router from the switched fabric by disabling all FC interfaces operating as E_Ports. For example, disable the FC interfaces fc1 and fc4.

Step 3 

show savedconfig fcswitch_backup

Display the contents of the saved configuration file and verify that this is the FC configuration information that you want to restore (Example 10-2). The file must exist in the savedconfig directory.

Step 4 

restore fcswitch all from fcswitch_backup

Restore all FC configuration information from the saved configuration file.

Note Zoning information is not restored with a restore fcswitch all command. You must explicitly enter a restore fcswitch zones command to restore the zoning database. See "Command Line Interface Reference," for more information about restoring zones.

Step 5 

show fcswitch

show interface all

Display all FC configuration information and verify that it is correct.

Step 6 

interface fc1 enable

interface fc4 enable

(Optional) Rejoin the switched fabric by enabling the FC interfaces operating as E_Ports. Any relevant changes to the FC configuration, such as the domain ID, will be propagated to the fabric. For example, enable the FC interfaces fc1 and fc4.

Step 7 

save fcswitch bootconfig

(Optional) If you make any changes to the restored FC configuration, save the changed configuration to the storage router bootable configuration.

Example 10-2 Show FC Configuration from Saved Configuration File

!
! FC SWITCH
!
fcswitch ratov 10000
fcswitch edtov 2000
fcswitch dstov 5000
fcswitch fstov 1000
fcswitch zoning default all
fcswitch zoning autosave enable
fcswitch zoning merge SW2
fcswitch domainid 1 force
no fcswitch domainid lock enable
fcswitch interop-credit 12
!
...
! FC PORTS
!
interface fc1 enable
interface fc1 ms-enable enable
no interface fc1 al-fairness enable
interface fc1 fan-enable enable
interface fc1 ext-credit 0
interface fc1 mfs-bundle enable timeout 10
interface fc1 linkspeed auto
interface fc1 type gl-port
!
...
!
interface fc8 enable
interface fc8 ms-enable enable
no interface fc8 al-fairness enable
interface fc8 fan-enable enable
interface fc8 ext-credit 0
interface fc8 mfs-bundle enable timeout 10
interface fc8 linkspeed auto
interface fc8 type gl-port
 

Restoring VLANs

You can restore specific VLANs or all VLANs. When you restore a VLAN, the VTP mode is also restored.

Use the following procedure to restore a VLAN. In this example, VLAN 10 (named TestLab) will be restored from the saved configuration file named VLAN_backup.


Note In a cluster environment, VLAN management functions are handled by a single node in the cluster. If you issue a VLAN command from another storage router in the cluster, the CLI displays an informational message with the name of the storage router that is currently handling those functions.


 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

show vlan 10 from VLAN_backup

Verify that the saved configuration file contains the VLAN configuration information that you want to restore.

Step 3 

restore vlan 10 from VLAN_backup

Restore VLAN 10 from the saved configuration file.

Step 4 

show vlan

Verify that the VLAN is restored and the configuration is correct.

Step 5 

show vtp

Verify that the VTP configuration is correct.

Step 6 

save vlan 10 bootconfig

(Optional) If you make any configuration changes to the VLAN after restoration, save the changes to the storage router bootable configuration.

Restoring System Configuration

You can restore selected system information using the restore system command. You can restore the following information:

Administrator contact settings

CDP configuration

DNS configuration

IP address of remote syslog host

NTP server and date, time, and time zone settings

Restrict service setting for all interfaces

Session timeout value for management sessions

Event message logging table

Routing table and RIP settings

SNMP network management configuration

Software default download locations and associated user names and passwords

Secure Shell (SSH) configuration settings and session timeout value

Use the following procedure to restore system configuration information. In this example, SNMP network management configuration and administrator contact settings will be restored from the saved configuration file named system_backup.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

show savedconfig system_backup

Display the contents of the saved configuration file and verify that the file contains the information that you want to restore.

Step 3 

restore system snmp from system_backup

Restore SNMP network management configuration.

Step 4 

show snmp

Verify that the SNMP network management information is restored and that the configuration is correct (Example 10-3).

Step 5 

restore system contactinfo from system_backup

Restore administrator contact settings.

Step 6 

show admin

Verify that the administrator contact information is restored and that the configuration is correct (Example 10-4).

Step 7 

save system bootconfig

(Optional) If you make any changes to the SNMP configuration or administrator contact information after the restoration, save the changes to the storage router bootable configuration.

Example 10-3 Verify SNMP Configuration

[SN5428-2_PR1]# show snmp
First Trap Host: 10.1.32.200
Second Trap Host: 10.2.12.242
Get Community String: public
Set Community String: private
Send Authentication Traps: enabled
Send Entity FRU Traps: enabled
Link Up/Down Enable for mgmt: enabled
Link Up/Down Enable for ha: enable
Link Up/Down Enable for fc1: enabled
Link Up/Down Enable for fc2: enabled
Link Up/Down Enable for fc3: enabled
Link Up/Down Enable for fc4: enabled
Link Up/Down Enable for fc5: enabled
Link Up/Down Enable for fc6: enabled
Link Up/Down Enable for fc7: enabled
Link Up/Down Enable for fc8: enabled
Link Up/Down Enable for ge1: enabled
Link Up/Down Enable for ge2: enabled
System location is: Test lab
 

Example 10-4 Verify Administrator Contact Information

[SN5428-2_PR1]# show admin
Administrator Contact Information
         Name: Pat Hurley
        Email: phurley@abc123z.com
        Phone: 123.456.7890
        Pager: 123.456.3444 pin 2234
 

Powering Down the SN 5428-2 Storage Router

If you need to make changes to the physical location or cabling of the storage router, you may need to schedule a time to power down the unit.

Use the following procedure to properly power down a storage router. These steps assure that the file system is in the appropriate state prior to shutdown.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

halt

Respond to any prompts to save information as desired. The SN 5428-2 can be safely powered down when the [HALTED]# command prompt appears.

Resetting the System

There may be times when you need to return some or all of the storage router configuration to factory defaults, for example, when moving a system between environments (such as test and production) or for troubleshooting purposes.

To reset the SN 5428-2 Storage Router, perform the following steps:


Step 1 (Optional) Save existing configuration information to a file.

Step 2 Clear the current configuration and restore some or all factory defaults, using the clear conf command.


Note If the SN 5428-2 is operating in a cluster environment, any SCSI routing instances running on this storage router fail over to another storage router in the cluster. If you are operating in a cluster environment but do not want SCSI routing instances to fail over, issue the no scsirouter enable command for all instances (or selected instances that should not fail over) before you issue the clear conf command. (This will permanently delete the SCSI routing instances from the cluster.) See "Controlling SCSI Routing Instances in a Cluster" for more information about operating the SN 5428-2 in a cluster environment.


Step 3 (Optional) Run the initial configuration script to configure the management interface and other required parameters via an EIA/TIA-232 console connection.

Step 4 Restore specific configuration information or reconfigure the storage router using CLI commands or the web-based GUI.


Reset All to Factory Defaults

The following procedure clears the storage router and returns most settings to factory defaults. For example, use this procedure if an existing storage router is to be physically moved to another environment, and it is not necessary to retain any current configuration information, because the system setup will be completely different.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

clear conf

or

clear conf all cisco

Clear the current system configuration, including network management information.

If the storage router is deployed for SCSI routing, you can use the clear conf wizard. At the prompt, enter the Administrator password. Enter all to erase system configuration and management port settings, and all saved configurations and SCSI routing instances (Example 10-5).

If the storage router is deployed for transparent SCSI routing, enter the clear conf all command, followed by the Administrator password (for example, cisco). This command is also available in storage routers deployed for SCSI routing.

After either command completes, the storage router automatically reboots.

After the move, use the EIA/TIA-232 console connection to configure the management interface IP address and other required system information. Then continue configuration of the storage router via the setup configuration wizards or other CLI commands, or via the web-based GUI.

See "First-Time Configuration," for more information about initial system configuration.

Example 10-5 Reset SN 5428-2 Storage Router Configuration

Enter admin password: *****
This process can restore factory default settings for the SN5428-2.
* Select "apps" to remove active applications and retain system
  configuration settings.
* Select "system" to remove active applications and system
  configuration settings.
* Select "saved" to remove all backup configurations from disk.
* Select "all" to remove active applications, system configuration,
  and saved configurations.
The system configuration includes the management port, dns, admin and
monitor login, ntp, and snmp. You will need to use the console
to reconfigure the management port if you erase the system configuration.
 
The system will reboot if you select "apps", "system", or "all".
Erase what? [apps/system/saved/all/cancel (cancel)]
 

Reset and Retain System Settings

The following procedure retains the system configuration and saved configuration files over the system reset. For example, use this procedure if you need to use an existing storage router for testing purposes and then restore its current configuration.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

save all myfile

Save all configuration information in a file called myfile. This file is stored in the savedconfig directory.

Step 3 

clear conf

Clear the current configuration but retain system information (such as management and HA interfaces, logging table, DNS, Administrator and Monitor passwords, NTP server, and SNMP information) and saved configuration files.

At the prompt, enter the Administrator password. Enter apps to retain system configuration settings. After the command completes, the storage router automatically reboots.

Perform the required user testing. When finished, continue with Step 4 to restore the original configuration.

Step 4 

restore all from myfile

Restore original configuration, which was retained over the clear conf command.

Step 5 

reboot

Reboot to restore the original application configuration into running memory.

Reset to Remove Saved Configuration Files

The following procedure removes previously saved configuration files from the storage router. The system configuration, management information, and SCSI routing instances remain unchanged. For example, use this procedure if a stand-alone storage router has joined a cluster and adopted the new cluster's configuration.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

clear conf

Remove all saved configuration files from the savedconfig directory.

At the prompt, enter the Administrator password. Enter saved to retain system configuration settings.

All files are removed from the savedconfig directory. After the command completes, the system prompt displays. (The storage router does not reboot.)

Step 3 

show savedconfig

Verify that all files have been removed from the savedconfig directory.


Note You can also use the delete savedconfig command to delete selected saved configuration files from the savedconfig directory.


Recovering Passwords

The storage router management interface is password protected. You must enter passwords when accessing the storage router for management purposes via Telnet, SSH or the web-based GUI. Password protection can also be enabled for the console interface, thereby requiring that the same Administrator and Monitor mode passwords that are configured for the management interface be applied to the console interface.

If the passwords have been enabled for the console interface and are lost, you can recover management access to the storage router using the password recovery procedure. The password recovery procedure requires physical access to the storage router console and can be found at the following URL:

http://www.cisco.com/warp/public/474/

Controlling SCSI Routing Instances in a Cluster

It is important to know where SCSI routing instances are running. While automatic failover capabilities keep the high availability cluster operational in times of system difficulties, manual HA controls provide the ability to distribute SCSI routing instances between the storage routers in a cluster to meet your specific network requirements.

The following are typical activities involved with controlling SCSI routing instances in a cluster environment. While most of these activities are performed infrequently, some (such as viewing operational statistics) may be performed on a regular basis.

Making Changes to Instance Configurations

Enabling and Disabling Connections

Stopping & Starting Instances

Viewing Operational Statistics

Handling Failover

Making Changes to Instance Configurations


Note To assure that changes are correctly propagated to all storage routers within a cluster, always modify the configuration of a SCSI routing instance from the node where the instance is currently active.


From time to time, you will make changes to the SCSI routing instance configurations. Changes include such actions as adding or deleting a target, adding or deleting a LUN, remapping a target, or modifying access. It is important to understand the ramifications of these changes on the IP hosts accessing the associated storage resources.

For example, changing the instance configuration may change the device presentation to the IP host, effectively changing the name or number assigned to the device by the host operating system. Certain instance configuration changes, such as adding or deleting targets, adding or deleting LUNs within a particular target, or adding or deleting entire instances may change the order of the devices presented to the host. Even if the host is only associated with one SCSI routing instance, the device order could make a difference.

Typically, the IP host operating system assigns drive identifications in the order they are received based on certain criteria. For example, a Linux system assigns drive identifications in the order they are received based on host, bus, target, and LUN information. Changing the order of the storage discovery may result in a changed drive identification. Applications running on the host may require modification to appropriately access the current drives.

Other actions, such as deleting a named target and subsequently remapping that target using the same target name, result in a change to the iSCSI Name associated with the device. This also causes device presentation difficulties for the IP host.

If an entire SCSI routing instance is removed, or there are no targets available for the host, the host's iSCSI driver configuration file must be updated to remove the appropriate reference before restarting the iSCSI driver. If a host's iSCSI configuration file contains a reference to an instance which does not exist or has no targets available for the host, the iSCSI driver will not complete a login and will not discover targets associated with any SCSI routing instance.

For additional information and recommended procedures for changing iSCSI driver configuration, see the iSCSI driver readme and example configuration files. You can access the latest iSCSI drivers and readme and example configuration files from Cisco.com.

Enabling and Disabling Connections

A SCSI routing instance becomes active, by default, once it is associated with a Gigabit Ethernet interface to IP hosts. Each target that is added to an instance is also, by default, enabled. However, no IP hosts can connect or log in to that target because the target has no access list associations. Once you associate an access list with a target, it is automatically enabled; the IP hosts specified by access list entries are allowed to connect or log in to the target.

Use the no scsirouter target enable command to control access to the target without changing the access list associations or stopping the entire SCSI routing instance. Existing connections and logins are not affected, but future connections and logins are prohibited. Use the scsirouter target enable command when you are ready to allow connections and logins again.

For example, suppose you have a problem with an entry in the access list, webserver2. This access list is associated with the target, webstorage2, which is, in turn, associated with the SCSI routing instance foo.

Use the following procedure to temporarily disable access to the target associated with a problem access list.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

show scsirouter foo stats

Display status to confirm the SCSI routing instance, foo, is active on this storage router.

Step 3 

show scsirouter foo

Verify the name and current status of the target and access list. The target, webstorage2, should be associated with the webserver2 access list and the target should be enabled. (Example 10-6.)

Step 4 

no scsirouter foo 
target webstorage2 enable

Disable access to the target, webstorage2. (Example 10-7.)

Example 10-6 Verify Target, Access List, and Target Status

[SN5428-2_PR1]# show scsirouter foo
SCSI Router Information
Status Codes: A=active, I=inactive, C=create failed, D=not enabled, S=slave
                          CDB   Reserve  Pass Lun
Router               Stat Retry Proxy    Thru Reset Description
-------------------- ---- ----- -------- ---- ----- -----------
foo                  A    6     disabled no   no    test iSCSI
 
SCSI Router Authentication Information
Router               Authentication  Username        Password
-------------------- --------------- --------------- --------
foo                  none            none            none
 
Router     ServerIf   Vlan Vid IP/Netmask                       Secondary  TCP Port SLP
---------- ---------- -------- -------------------------------- ---------- -------- ---
foo        ge2                 10.1.0.45/24                     none       3260     ON
 
Target Attribute Information
                                     Accesslist Accesslist
Router     Target           Status   Read-Write Read-Only  Profile CRC        Description
---------- ---------------- -------- ---------- ---------- ------- ---------- -----------
foo        webstorage2      enabled  webserver2 none       High    prefer-off Web Storage
Target Attribute Information
 

Example 10-7 Verify New Target Status

[SN5428-2_PR1]# show scsirouter foo
SCSI Router Information
Status Codes: A=active, I=inactive, C=create failed, D=not enabled, S=slave
                          CDB   Reserve  Pass Lun
Router               Stat Retry Proxy    Thru Reset Description
-------------------- ---- ----- -------- ---- ----- -----------
foo                  A    6     disabled no   no    test iSCSI
 
SCSI Router Authentication Information
Router               Authentication  Username        Password
-------------------- --------------- --------------- --------
foo                  none            none            none
 
Router     ServerIf   Vlan Vid IP/Netmask                       Secondary  TCP Port SLP
---------- ---------- -------- -------------------------------- ---------- -------- ---
foo        ge2                 10.1.0.45/24                     none       3260     ON
 
Target Attribute Information
                                     Accesslist Accesslist
Router     Target           Status   Read-Write Read-Only  Profile CRC        Description
---------- ---------------- -------- ---------- ---------- ------- ---------- -----------
foo        webstorage2      disabled webserver2 none       High    prefer-off Web Storage
 

Stopping & Starting Instances

If the storage router is experiencing a problem with a specific set of IP hosts or storage resources, you may wish to stop the associated SCSI routing instance from running anywhere in the cluster. The no scsirouter enable command causes the specified SCSI routing instance to cease running on the SN 5428-2, but does not cause a failover to another storage router in the cluster. This command effectively stops an instance from running anywhere in the cluster.

Once a SCSI routing instance has been stopped, it can be re-activated by issuing the scsirouter enable command. The scsirouter enable command must be issued from the same storage router as the no scsirouter enable command.

When a SCSI routing instance is stopped, its configuration information is removed from the bootable configuration of all cluster nodes, except for the storage router from which the command was issued. See "Command Line Interface Reference," for more information about the no scsirouter enable command.

Viewing Operational Statistics

Use the show scsirouter stats command to see access and connection information, such as the number of active connections and the number of logins that have occurred since the storage router was last restarted (or since statistics were last cleared).

For example, the show scsirouter stats command in Example 10-8 shows that SCSI routing instance, foo, is currently active.

Example 10-8 Results of "show scsirouter stats" Command

[SN5428-2_PR1]# show scsirouter foo stats
                           Logins   Logins Target Access  Authentication
Router     Started         Accepted Active Failures       Failures      
---------- --------------- -------- ------ -------------- --------------
foo        Aug 01 16:01:49 10       7      0              0             
 

Handling Failover

In a cluster, storage routers continually exchange information as heartbeats to detect changes or failures in the cluster. HA messages are sent using UDP over IP and, depending on the message type or situation, may be sent as unicast or multicast messages. To make sure that HA information is exchanged reliably between cluster nodes, the storage routers alternate transmission of heartbeats between the management and the HA interfaces.

Each storage router in the cluster maintains and exchanges information about available resources. Failover by eligibility is enabled by default; HA bases the decision to automatically fail over a SCSI routing instance to another storage router in a cluster based on the Fibre Channel and other resources available to that SCSI routing instance.

Failover occurs when:

All mapped targets are unavailable or a critical resource for the SCSI routing instance is unavailable, and some or all mapped targets would be available from another storage router in the cluster. A critical resource can be a configured Gigabit Ethernet interface, a required Fibre Channel interface, or an internal resource needed to run the SCSI routing instance.

Some mapped targets are unavailable and all mapped targets are available on another storage router in the cluster.

All mapped targets are available, but another storage router in the cluster also has all targets available and is designated at the primary for the SCSI routing instance.

The storage router stops receiving heartbeats from another storage router within the cluster.


Note If you need more manual control over where a SCSI routing instance runs, you can turn off failover by eligibility on a storage router. If a SCSI routing instance fails over to a storage router that is configured with failover by eligibility turned off, it will continue running on that storage router unless there are no mapped targets available or a critical resource is unavailable. Normal failover resumes when failover by eligibility is turned back on for the storage router where the SCSI routing instance is running.


The show scsirouter all failover command (Example 10-9) displays target and resource availability associated with each storage router in the cluster. The show ha all command (Example 10-10) displays the status of the failover by eligibility feature.

Each cluster supports up to 12 active SCSI routing instances. Since each storage router can also support up to 12 SCSI routing instances, high availability is ensured for each instance in the cluster (regardless of the division of those instances between storage routers).

Example 10-9 Results of "show scsirouter all failover" Command

[SN5428-2A]# show scsirouter all failover
    Each [   ] contains node operating characteristics for a scsirouter.
    [Instance status, Failover Priority, Eligibility]
    Instance Status('M' = Master, ' ' = Slave)
    Failover Priority('  ' = none, 'fp' = primary, 'fs' = secondary)
    Eligiblity(U = Eligibility has not been initialized
               N = None of the configured devices are available or
                   a configured interface is unavailable
               S = Some of the configured devices are available
               A = All of the configured devices are available
               P = Primary and all of the configured devices are available)
 
                      Configured Configured
           Configured Failover   Failover   This     Failover        
Scsirouter Primary    Primary    Secondary  Node     Node List       
---------- ---------- ---------- ---------- -------- ----------------
jb1        SN5428-2B   none        none     [   N]  [M  A]SN5428-2B
jb2        none        none        none     [   A]  [M  A]SN5428-2B
pad1a      none        none        none     [M  A]  [   S]SN5428-2B
pad1b      SN5428-2A   none        none     [M  A]  [   S]SN5428-2B
pad2a      SN5428-2B   none        none     [   S]  [M  A]SN5428-2B
pad2d      SN5428-2B   none        none     [   S]  [M  A]SN5428-2B
pad3a      SN5428-2A   none        none     [M  A]  [   N]SN5428-2B
 

Example 10-10 Results of "show ha all" Command

[SN5428-2A]# show ha all
System Name       Configuration  Status  MGMT  HA    Failover By Eligibility
SN5428-2A         CLUSTERED      up      up    up    on 
 

Manual Failover

While failover of SCSI routing instances is automatic, there may be times when you wish to manually move a SCSI routing instance from one storage router to another. The move may be temporary, after which the instance will be moved back to its original location. At other times, you may want to move a SCSI routing instance permanently to another storage router, ensuring that the instance will continue running on the specified node whenever possible. The primary attribute allows you to specify a "preferred" storage router for the specified SCSI routing instance.

As an example cluster scenario, a cluster is composed of two storage routers, Sys1 and Sys2. Sys1 is currently running instances, scsi1 and scsi2, and is the primary storage router for both instances. Sys2 is currently running instances, scsi3 and scsi4. The primary attribute for scsi3 and scsi4 is set to the default setting of none, indicating no preferred storage router for failover for either instance. Both storage routers have the same resources available for the configured SCSI routing instances and both storage routers have failover by eligibility enabled (the default configuration).

Failover as Temporary Move

Referring to the example cluster scenario just described, the following procedure moves the SCSI routing instances, scsi1 and scsi2, from their primary, or preferred, storage router, Sys1, to the other storage router on a temporary basis. The first two commands in this procedure are issued from a CLI session from Sys2; the remaining commands are issued from Sys1.

 
Command
Description

Step 1 

enable

Enter Administrator mode on Sys2.

Step 2 

no failover eligibility on

Disable failover by eligibility for Sys2.

Note This will prevent the SCSI routing instances from automatically failing back over to Sys1 due to their primary attribute setting.

Step 3 

enable

Enter Administrator mode on Sys1.

Step 4 

failover scsirouter all

Failover all SCSI routing instances running on Sys1.

Note Because there are only two storage routers in the cluster, you do not need to specify the failover destination.

Step 5 

show  cluster

or

show scsirouter  all brief

Verify that the SCSI routing instances are no longer running on the storage router, Sys1.

Once the failover is complete, return to your management session with Sys2 and verify—using CLI commands described in Step 5 above—that the SCSI routing instances, scsi1 and scsi2, are now running on that storage router.

This is considered a temporary move because Sys1 is still designated as the primary storage router for the SCSI routing instances. If, for example, failover eligibility is manually re-enabled on Sys2 or if Sys2 is rebooted, scsi1 and scsi2 will stop running on Sys2 and will start up and run on Sys1.


Note Use caution if you change the configuration of a SCSI routing instance while it is running on the storage router that is not the instance's configured primary. If the instance's configuration changes while the designated primary for that instance is down (or otherwise removed from the cluster), the changes will not be propagated to that node. When the primary reboots (or otherwise returns to the cluster), it will reassert itself as the primary and will start to run the instance using the last configuration it had before leaving the cluster.


Failover as Permanent Move

Referring to the example cluster scenario previously described, the following procedure moves the SCSI routing instance, scsi2, from its primary, or preferred, storage router, Sys1, to the other storage router on a permanent basis. The commands in this procedure are issued from a CLI session from Sys1.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

show cluster

or

show scsirouter scsi2 brief

Verify that the instance to be moved, scsi2, is indeed running on Sys1.

Step 3 

scsirouter scsi2 primary Sys2

Set Sys2 as the primary for the desired SCSI routing instance, scsi2.

Step 4 

save scsirouter scsi2 bootconfig

Save the current SCSI routing instance configuration, including the primary setting, and circulate the changed configuration around the cluster.

Step 5 

failover scsirouter scsi2

(Optional) Manually failover the desired SCSI routing instance, scsi2.

Note Because the storage routers are both enabled for failover by eligibility and have access to the same resources for the SCSI routing instances, scsi2 will automatically failover to Sys2 because it is now configured as the primary for that instance.

Once the failover is complete, establish a management session to Sys2 and verify—using the show scsirouter scsi2 command—that the SCSI routing instance, scsi2, is now running on Sys2 and that Sys2 is designated as the primary for that instance.

Failover for Distribution Purposes

In the example cluster scenario previously described, there is a significant increase in traffic for SCSI routing instance, scsi4, and as a result, you decide to distribute all of the other instances (scsi1, scsi2, and scsi3) to Sys1. Sys1 is already running scsi1 and scsi2.

The following procedure moves the SCSI routing instance, scsi3, to Sys1. The commands in this procedure are issued from a CLI session from Sys2.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

show cluster

or

show scsirouter scsi3 brief

Verify that the SCSI routing instance to be moved is indeed running on Sys2.

Step 3 

failover scsirouter scsi3 to Sys1

Failover the desired SCSI routing instance, scsi3, to Sys1.

Once the failover is complete, establish a management session to Sys1 and verify—using the show scsirouter command—that instances, scsi1, scsi2, and scsi3, are now running there.


Note Because scsi3 has no primary setting, it will remain running on Sys1 until it is explicitly stopped or failed over, or until it is automatically failed over by HA because of an interface failure or an unfavorable target resource comparison.


Managing CDP on the SN 5428-2 Storage Router

Cisco Discovery Protocol (CDP) is primarily used to obtain protocol addresses of neighboring devices and to discover the platform of those devices. CDP is media- and protocol-independent and runs on all Cisco-manufactured equipment including routers, bridges, access servers, and switches.

Each device configured for CDP sends periodic messages, known as advertisements, to a multicast address. Each device advertises at least one address at which it can receive SNMP messages. The advertisements contain time-to-live, or holdtime, information, which indicates the length of time a receiving device should hold CDP information before discarding it. Each device also listens to the periodic CDP messages sent by others in order to learn about neighboring devices and determine when their interfaces to the media go up or down.

The storage router is enabled, by default, to exchange CDP information with other CDP-enabled devices in the network. CDP can be enabled or disabled for individual interfaces on the storage router, and the holdtime for receiving devices and the frequency of CDP transmissions from the storage router can be modified.

Disable CDP for Selected Interfaces

CDP can be enabled or disabled for the storage router management, HA, and Gigabit Ethernet interfaces. By default, all interfaces are enabled for CDP. Use the following procedure to disable CDP for an interface.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

no cdp interface ge2 enable

Disable CDP on the desired interface (ge2).

Step 3 

show cdp interface

Confirm that CDP is disabled for the interface.

Step 4 

save system bootconfig

(Optional) Save the CDP change to the storage router bootable configuration.

Modify the CDP Holdtime and Timeout Values

Holdtime is the amount of time the receiving device should hold a CDP packet from the storage router before discarding it. The CDP holdtime value must be set to a higher number of seconds than the CDP timer value (the time between CDP transmissions from the storage router). For example, the default CDP holdtime value is 180 seconds. The default CDP timer value is 60 seconds.

Use the following procedure to change the CDP holdtime value and the CDP timer value.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

show cdp

Verify the current CDP configuration.

Step 3 

cdp holdtime 300

Set the number of seconds (300) that a receiving device should hold the storage router CDP packet.

Step 4 

cdp timer 120

Set the number of seconds (120) between transmissions of CDP packets from the storage router.

Step 5 

show cdp

(Optional) Verify the new CDP configuration.

Step 6 

save system bootconfig

(Optional) Save the CDP changes to the storage router bootable configuration.

Using Scripts to Automate Tasks

If you frequently issue a series of CLI commands, you can save time by entering those commands into a script for execution purposes. Command scripts are stored in the script directory and are simply ASCII text files containing CLI commands.

When scripts run, the commands and any responses are echoed on the storage router console.

Scripts can be created on any system using any text editor and placed in the script directory (/ata3/script) of the target SN 5428-2 using the copy command to copy the script file to the storage router using HTTP or TFTP. You can also use FTP to make the file available to the storage router. See "Using FTP with the SN 5428-2 Storage Router" for more information about using FTP to transfer files.

Follow these rules when creating a command script:

Commands can start anywhere on a line. The first word on any line that is not preceded by a comment character is considered to be the start of a command string.

Comments can be added by placing an exclamation point (!) or number sign (#) character at the beginning of the line or as the first character at any position in the line. Comments are useful for documenting the contents of the file and the expected results. Comments can also be used to prevent a command from executing without removing it from the file by inserting a comment character before the command string.

You can extend commands across line boundaries by ending a line with a backslash ( \ ) as the continuation character. Use the continuation character to make long commands more readable. The line sequence is continued until a command line without a continuation character is encountered. If a comment line is used to end a line continuation sequence, you must add a blank line after the comment.

For example:

radius-server host 10.5.0.53 \
auth-port 1644 \
timeout 60 \
retransmit 5
! Configure 1st RADIUS server

radius-server host 10.6.0.61
. . .
 

Scripts can be invoked from other scripts.

You can pass parameters to scripts. Within the script, the key character is the "@" which instructs the script execution function to substitute the value of the specified parameter. Whenever the execution function encounters @1, it substitutes the value of the first passed parameter. The value of the second parameter is substituted for @2, and so forth. You must use the force keyword to pass parameters to the script.

Running Command Scripts

Use the following procedure to execute the CLI commands stored in a script file. In this example, the script file is named CreateSc and must exist in the script directory.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

show script CreateSc

Verify that the script, CreateSc, exists in the script directory and that it contains the configuration that you want to recreate.

Step 3 

read script CreateSc

or

read script CreateSc force

Read and execute the CLI commands in the script file. When prompted, confirm that you want to continue and execute the script commands.

(Optional) Use the force keyword to execute the script immediately without asking for confirmation. The force keyword is also required if you are passing parameters to the script.

After the script completes, issue the appropriate show commands to verify that the script executed as expected.

Using the SN 5428-2 Logging Facilities

The SN 5428-2 Storage Router generates a variety of system event messages. All storage router event and debug messages are issued in the following format:

Example 10-11 Event Message

Mar 18 11:48:05: %SNMP-5-SASAS: SnmpApp starting...
<timestamp>: %<facility>-<level_number>-<mnemonic>: <message text>
 

All messages are assigned a notification level, which reflects the priority of the message in the system. Messages with the highest priority are assigned a notification level of emergency. Messages at this level indicate that the system is unusable. Messages with the lowest priority are assigned a notification level of debug. Messages at this level are for troubleshooting purposes. In Example 10-11, the message level number is 5, indicating a notification level of notice.

Table 10-1 lists the notification levels, their level number, and their description.

Table 10-1 Event Message Notification Levels 

Notification Level
Level Number
Description

emergency

0

System unusable

alert

1

Immediate action needed

critical

2

Critical conditions

error

3

Error conditions

warning

4

Non-fatal warning conditions

notice

5

Normal but significant conditions

info

6

Informational messages only

debug

7

Information for troubleshooting purposes


Event, trace and debug messages can be routed to various destinations, based on the notification level of the message and the application area (facility) that generated the message. Table 10-2 lists the logging destinations and their descriptions; Table 10-3 lists the logging facilities and their descriptions.

Table 10-2 Event Message Logging Destinations 

Destination
Description

all

Logs the message to all destinations.

none

The message is not logged; it is discarded.

console

The message is logged to a serial console CLI session.

logfile

The message is logged to the storage router logfile.

rslog

The message is logged to a remote syslog server. Use the logging syslog command to specify the IP address of the remote syslog server.

vty

The message is logged to all Telnet, SSH, or other virtual terminal CLI sessions.


Table 10-3 Event Message Facilities 

Facility
Description

ALL

All facilities.

AUTH

AAA authentication.

CDP

Cisco Discovery Protocol.

CONF

Configuration functions.

FC

Fibre Channel interfaces.

GE

Gigabit Ethernet interfaces.

HA

High availability cluster functions.

IF

Interface manager.

INVALID

Generic functions.

IP

IP functions.

ISCSI

iSCSI functions.

MON

Hardware monitor.

SLP

Service Location Protocol service functions.

SNMP

Simple Network Management Protocol.

SYSLOG

Syslog functions.

UI

User interface functions.

VTP

VTP and VLAN functions.


Messages are routed by creating a list of routing rules that is searched for a facility and notification level match whenever an event or debug message is received. This list of routing rules is known as the storage router logging table.

By default, the logging table includes rules to log all messages at notification level notice (or numerically lower levels) to all destinations, and to log all messages at notification level info to the storage router log file. Any message that does not find a matching rule is not logged to any destination.

Use the show logging command to display the current logging table routing rules and other logging information.

Filtering and Routing Event Messages

The logging table allows messages to be filtered by their facility and notification level and routed to the specified destination(s). When an event message arrives, the logging table rules are searched by facility name and by level until the first match is found. The message is sent to all the destinations specified by the matching rule. If no match is found, the event message is discarded.

When a new routing rule is added, it is appended to the existing table. Use the logging level command to add a new routing rule to the logging table; use the logging #? command to insert a routing rule into the logging table before the specified entry.

Each facility can have eight notification levels. Each facility and notification level pair can have up to seven destinations.

In Example 10-11, the facility is SNMP, and the notification level is 5 (notice). If the logging table included the entries in Example 10-12, the event message in Example 10-11 would match on the first routing rule, and would be sent to all valid destinations. Any message from the SNMP facility at notification level info, and any message from another facility at notification level info (or lower) would match on the second rule and be sent to the storage router console and log file. All messages from any facility at notification level debug would be discarded.

Example 10-12 Example Log Route Entries List

Index Level     Priority Facility   Route                         
1     notice    5        SNMP       all               
2     info      6        all        console logfile 
 
Syslog host is enabled, ipaddress is 10.1.70.6
 

The logging table can be saved and retained across a storage router restart. The order of the rules in the logging table is preserved when entries are deleted.

Enabling and Disabling Logging

Logging is enabled by default. By default, the SN 5428-2 Storage Router includes the following routing rules in the logging table:

All messages at notification level notice or lower are logged to all valid destinations.

All messages at notification level info are logged to the storage router log file.

All debug messages are discarded.

Use the no logging on command to quickly disable logging for all destinations without modifying the logging table. No logging will take place until logging is re-enabled by the logging on command.

If you clear the logging table without returning to the factory defaults, all rules are removed from the logging table. This causes all messages to be discarded because there are no matching rules in the logging table. To resume logging, you can add new routing rules, restore a previously saved logging table, or clear the logging table back to the factory defaults.

Managing the Log File

You can view the entire storage router log file or selected portions of the log file using the show logging command. You can also view the log file using the web-based GUI. If you want to analyze or search the log file in more detail, you can use FTP to retrieve a copy of the log file. See "Using FTP with the SN 5428-2 Storage Router" for more information about using FTP to transfer files.

Log files are created in the SN 5428-2 log directory (/ata4/log). They can occupy up to 4 MB of memory. Once this limit has been reached, the oldest file is removed and a new one is created. The show logging size command can be used to display the size of the existing log files. The show system command can be used to display the amount of space allocated to log files, and the amount of log file space currently available.

The name of the log file is messages, followed by a number (for example, messages3 or messages12). The first log file is named messages0, the next log file is named messages1, etc.

Depending on the needs of your enterprise, you can archive log files to a remote server, or you can clear log files on a periodic basis. You can use FTP to transfer files from the storage router to a remote server, or you can use the web-based GUI to display the contents of the log file and use cut-and-paste techniques to save the information to a local file. You can also issue the show logging all command and redirect the output of your console using the logging facilities for your specific console interface.

Clearing the Log Files

Use the following procedure to periodically clear the log files.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

show logging size

(Optional) Check the current size of the log files (Example 10-13).

Step 3 

show logging all

or

show logging last 50

(Optional) Display all the current log file entries (first command), or display a selected number of entries, such as 50, from the end of the file (second command).

Step 4 

clear log

Clear the existing log file. The system clears the existing log file and starts a new log file.

Example 10-13 Results of "show logging size" Command

[SN5428-2_PRA]# show logging size
5120 messages (342797 bytes) logged
 

Gathering Troubleshooting Information

If you experience problems with the storage router, you may need to obtain troubleshooting information for Cisco technical support personnel. The SN 5428-2 Storage Router provides several features that can help you assemble the necessary information.

The following are typical activities involved with troubleshooting the SN 5428-2:

Using the Crash Log

Using FTP with the SN 5428-2 Storage Router

Understanding Diagnostics

Capturing System Messages at Bootup

Capturing the Storage Router Configuration

Using Debug Facilities

Using the Crash Log

If the storage router experiences an unexpected problem that forces it to automatically reboot, a special log file is generated. The file is named crash-cpp.txt and it is stored in the log directory (/ata4/log). You can display the contents of this file to the console using the show crash command.

To save the show crash command output, redirect the output of your console using the logging facilities for your specific console interface. Depending on your console interface and scroll buffer size, you may also be able to copy and paste the contents from your console into an ASCII text file.

The crash log provides the following information:

System information, including software version

Exception information

Boot information, including the kernel version and creation date

A list of all tasks, including entry point, task ID and priority for each task

Task registers and stack trace for each task in the task list

Net job ring

A list of all modules, including module ID, data start addresses, etc.

A list of all devices

A list of all drivers, including the number of create, delete, open, close, read, write, and I/O control actions performed

A list of free memory addresses and a summary of memory usage information

A list of open file descriptors

Network interface information, including flags, interface type, addresses, and MTU information for all storage router interfaces

The route table

The ARP table

The host table

Active Internet connection information, including PCB, connection type (TCP or UDP), receive and send queues, local and foreign addresses, and state for each connection

Routing statistics

IP statistics

ICMP statistics

TCP statistics

UDP statistics

Network stack data pool (MBufs) and cluster pool table information

NFS authorization

Mounted NFS filesystem information

Boot filesystem information

Registered crash dump functions

CPC710 registers at time of exception

Information used to create the crash-cpp.txt file is periodically written to the tmpcrash.txt file in the log directory. If a crash occurred at the current time, use the show crash current command to display the information as it would be written to the crash log.

Using FTP with the SN 5428-2 Storage Router

In certain cases, you may want to copy log files from the storage router to another server in your network for analysis purposes, or you may want to copy configuration or script files to another server prior to making them available to another SN 5428-2. The storage router includes an FTP daemon; however, the FTP port (port 21) is, by default, restricted.

Use the following procedure to enable FTP and to copy the current message log file from the storage router to another server in the network.

 
Command
Description

Step 1 

enable

Enter Administrator mode.

Step 2 

show restrict

Display interface restrictions. If port 21 on the management interface (mgmt) is closed, use the command in Step 3 to open it.

Step 3 

no restrict mgmt ftp

(Optional) Allow FTP functions on the management interface.

Once the function is enabled, open the FTP session to the storage router from the server. You will be prompted for a user name and password. The user name is admin and the password is the storage router Administrator password (or, if you are using Enable authentication, the password that you would enter in response to the CLI enable command). The default Administrator password is cisco.


Note The user name and the password are both case sensitive.


The log files and crash trace files are stored in the /ata4/log directory. Saved configuration files are stored in the /ata3/savedconfig directory. Script files are stored in the /ata3/script directory.

To use FTP to retrieve the log file, change to the /ata4/log directory using the FTP cd command. List the files to determine what log file you want to retrieve. (In our example, the log file is messages0.) If necessary, specify the binary flag using the FTP binary command. Issue the FTP get command to retrieve the log file and to copy it to the specified file on your server. When the process completes, close the FTP connection using the FTP bye command.

Example 10-14 illustrates the FTP session just described. In this example, the storage router management interface IP address is 10.1.11.210.

Example 10-14 FTP Session

Server1> ftp 10.1.11.210
Connected to 10.1.11.210.
220 VxWorks (5.4.1) FTP server ready
Name: admin
331 Password required
Password:********
230 User logged in
ftp> cd /ata4/log
250 Changed directory to "/ata4/log"
ftp> dir
200 Port set okay
150 Opening ASCII mode data connection
  size         date      time      name
--------       ------    ------    --------
     512    Apr-09-2002  20:46:18   .                 <DIR>
     512    Apr-09-2002  20:46:18   ..                <DIR>
   13803    May-16-2002  15:13:56   messages0
   92167    Apr-10-2002  19:14:06   tmpcrash.txt
 
226 Transfer complete
ftp: 374 bytes received in 0.02Seconds 23.38Kbytes/sec.
ftp> binary
200 Type set to I, binary mode
ftp> get
(remote-file) messages0
(local-file) SN5428-2Sys1_Messages
200 Port set okay
150 Opening BINARY mode data connection
226 Transfer complete
40863 bytes received in 0.049 seconds (8.1e+02 Kbytes/s)
ftp> bye
221 Bye...see you later
 

If you had to remove the restriction on the management interface before proceeding with the FTP session, return to the CLI session and re-enable the restriction, using the following procedure.

 
Command
Description

Step 1 

show restrict

Verify that port 21 on the management interface is currently open.

Step 2 

restrict mgmt ftp

Close the management interface to FTP functions. No FTP functions will be allowed.

Understanding Diagnostics

The SN 5428-2 Storage Router normally performs hardware diagnostics when the unit is powered up. A message displays during the power up process, indicating that hardware diagnostics can be skipped if the Escape key is pressed within five seconds. If the Escape key is pressed, all hardware diagnostics are bypassed for this reboot only. If no key is pressed, diagnostics will begin after the five second wait period expired.

If a hardware diagnostic fails, the storage router halts. The boot process cannot be reinitiated. If you experience a hardware diagnostic failure, contact Cisco technical support personnel as described in the "Obtaining Technical Assistance" section for further instructions.

The SN 5428-2 performs additional "soft" diagnostics after the hardware diagnostics complete on power up and after every system reboot. If necessary, the soft diagnostics can be bypassed, using the reboot command with the fast keyword.

If you experience problems with soft diagnostics, contact Cisco technical support personnel for assistance.

Capturing System Messages at Bootup

The SN 5428-2 Storage Router logs a variety of messages to the console during the system boot process. If you are experiencing problems with the storage router, it may be helpful to capture these messages. Use the console interface to perform the boot process and capture the console log using typical external methods.

Capturing the Storage Router Configuration

You can use the show runningconfig or show bootconfig command to display the storage router current running configuration or the bootable configuration. You can then redirect this display to create a script file in the SN 5428-2 script directory. The resulting file can be used as a basis to create command scripts to automate common tasks. See "Using Scripts to Automate Tasks" for more information about using scripts on the storage router.

Using Debug Facilities

The storage router includes debug facilities for SCSI routing instances, RIP, and packet tracing for Gigabit Ethernet interfaces. Running debug traces can impact the operation of the storage router. If you experience problems with a SCSI routing instance that cannot be resolved, Cisco technical support personnel may ask you to capture some debug traces. They will assist you to properly configure the storage router to accomplish this task.

See "Command Line Interface Reference," for more information about the debug commands and using the storage router debug facilities.