Cisco DCNM Installation and Licensing Guide, Release 5.x
Maintaining Cisco DCNM-SAN
Downloads: This chapterpdf (PDF - 146.0KB) The complete bookPDF (PDF - 3.69MB) | Feedback

Maintaining Cisco DCNM-SAN

Table Of Contents

Maintaining Cisco DCNM-SAN

Upgrading Cisco DCNM-SAN

Upgrading Fabric Manager in Cisco SAN-OS Releases Prior to 3.1(2b)

Upgrading Fabric Manager in Cisco SAN-OS Releases 3.1(2b) and Later to 3.2(1)

Upgrading the Management Software

Upgrading DCNM-SAN Federated Server

Upgrading Fabric Manager Server and Fabric Manager Standalone Version Using the Fabric Manager Update Installer

Integrating Cisco DCNM-SAN with Other Management Tools

Running DCNM-SAN Behind a Firewall

DCNM-SAN Server Proxy Services


Maintaining Cisco DCNM-SAN


This chapter describes about installing DCNM-SAN components and contains the following sections:

Upgrading Cisco DCNM-SAN

Integrating Cisco DCNM-SAN with Other Management Tools

Running DCNM-SAN Behind a Firewall

Upgrading Cisco DCNM-SAN

This section includes the following topics:

Upgrading Fabric Manager in Cisco SAN-OS Releases Prior to 3.1(2b)

Upgrading Fabric Manager in Cisco SAN-OS Releases 3.1(2b) and Later to 3.2(1)

Upgrading Fabric Manager Server and Fabric Manager Standalone Version Using the Fabric Manager Update Installer

Upgrading Fabric Manager in Cisco SAN-OS Releases Prior to 3.1(2b)

When you install Cisco Fabric Manager 3.2(1), data is migrated from the Hypersonic HSQL database to either the PostgreSQL database or Oracle Database 10g Express during the installation. To install the PostgreSQL database on Windows, click the FM Installer link on the CD. To install Oracle Database 10g Express, follow the instructions in the "Installing Oracle" section.


Note If you are upgrading a previous installation of DCNM-SAN Server, be sure the previous installation of the database is running. Do not uninstall the previous version. If the previous version is uninstalled, the database will not be migrated and your server settings will not be preserved. After you ensure that the previous installation is running, follow the steps listed in the "Installing the Management Software" section. Before beginning the upgrade, you must close DCNM-SAN, Device Manager, and DCNM-LAN. For more information on DCNM-LAN, see Upgrading Cisco DCNM-LAN Servers.


Upgrading Fabric Manager in Cisco SAN-OS Releases 3.1(2b) and Later to 3.2(1)

When you install Cisco SAN-OS 3.2(1), data is migrated from the Hypersonic HSQL database to either the PostgreSQL database or Oracle Database 10g Express during the installation. Data is also migrated from Oracle to Oracle.


Note If you migrate the database from Oracle to Oracle, the schema is updated as required by Cisco SAN-OS 3.2(1).


To install the PostgreSQL database on Windows, click the FM Installer link on the CD. To install Oracle Database 10g Express, follow the instructions in the "Installing Oracle" section.

Upgrading the Management Software

If you log into a switch running Cisco MDS SAN-OS with Device Manager and that switch has a later version of the management software, you are prompted to install the later version. To upgrade the Cisco MDS DCNM-SAN software, follow the instructions described in the "Upgrading Cisco DCNM-SAN" section. You can also upgrade Device Manager at any time by entering the IP address or host name of the supervisor module with the later version of software in the Address field of your browser. You will need a new CD to upgrade DCNM-SAN.


Note As of Cisco MDS SAN-OS Release 3.x, downgrades are not supported through the installer. To downgrade DCNM-SAN or Device Manager to an earlier release, you need to manually uninstall first and then reinstall the previous version of DCNM-SAN or Device Manager.


Upgrading DCNM-SAN Federated Server

To upgrade DCNM-SAN federated server on Linux and Solaris machines, follow these steps:


Step 1 Log on to the server node in the federation.

Step 2 Run $INSTALLDIR/FMServer.sh stop to stop the server node.

Step 3 Run the dcnm-installer-k9.5.2.0.252.S2.jar (java -Xmx512m -jar dcnm-installer-k9.5.2.0.252.S2.jar) on the first server node to upgrade the first server in the federation.

Step 4 Repeat steps 1 through step 3 on all the other servers nodes.


To upgrade DCNM-SAN federated server on a Windows machine, follow these steps:


Step 1 Log on to the server node in the federation.

Step 2 Stop the DCNM-SAN Server service. To stop the DCNM-SAN Server service, click Start > Control Panel > Administrative Tools > Services.

Step 3 Right-click Cisco DCNM-SAN Server services in the services window, and then click Stop to stop the services.

Step 4 Repeat step 1 through step 3 on all the server nodes.

Step 5 Run the dcnm-installer-k9.5.2.0.252.S2.jar (java -Xmx512m -jar dcnm-installer-k9.5.2.0.252.S2.jar) on the first server node to upgrade the first server.

Step 6 Repeat step 5 on all the other server nodes.


Upgrading Fabric Manager Server and Fabric Manager Standalone Version Using the Fabric Manager Update Installer

As of Release 3.3(1a), you can use the Cisco MDS 9000 Fabric Manager Update Installer to upgrade:

Fabric Manager Server

Fabric Manager Standalone

The Fabric Manager Update Installer is smaller in size than the Fabric Manager installer which makes it easier to download. The update Installer has limited capability to upgrade Fabric Manager Server or the Fabric Manager Standalone version and it does not have the capability to install a database or the Fabric Manager Server infrastructure (JBoss). Table 4-1 shows the recommended Fabric Manager upgrade paths.

Table 4-1 Fabric Manager Upgrade Path Using Update Installer

Current Version
Upgrading To
Upgrade Path

3.0(x)1

3.3(1a) or above

1. Upgrade to 3.1(x).

2. Upgrade to 3.2(x).

3. Upgrade to 3.3(x) or above by launching the update installer {java -Xmx512m -jar jar_file_name} and then follow the steps to upgrade Fabric Manager.


Note Change the server port to 9099 if you are not upgrading from Release 3.2(2c) in Step 2.


3.1(x)1

3.3(1a) or above

1. Upgrade to 3.2(x).

2. Upgrade to 3.3(x) or above by launching the update installer {java -Xmx512m -jar jar_file_name} and then follow the steps to upgrade Fabric Manager.


Note Change the server port to 9099 if you are not upgrading from Release 3.2(2c) in Step 1.


3.2(x)

3.3(1a) or above

1. Upgrade to 3.3(x) or above by launching the update installer{java -Xmx512m -jar jar_file_name} and then follow the steps to upgrade Fabric Manager.


Note Change the server port to 9099 if you are not upgrading from Release 3.2(2c).


3.3(x)

NX-OS 4.1(1b)

1. Upgrade to 4.1(x) or above by launching the update installer {java -Xmx512m -jar jar_file_name} and then follow the steps to upgrade Fabric Manager.


Note Change the server port to 9099 if you are not upgrading from Release 3.4(x).


1 The gateway upgrade needs to be performed as the HSQL database data cannot be migrated to the new database.


1 You should not discover another fabric, re-discover the upgraded fabric or close the fabric when the upgrade is running.


Integrating Cisco DCNM-SAN with Other Management Tools

You can use DCNM-SAN, Device Manager, and Performance Manager with these management tools:

Cisco Traffic Analyzer—Allows you to break down traffic by VSANs and protocols and to examine SCSI traffic at a logical unit number (LUN) level.

Cisco Protocol Analyzer—Enables you to examine actual sequences of Fibre Channel frames easily using the Fibre Channel and SCSI decoders Cisco developed for Ethereal.

Cisco Port Analyzer Adapter 2—Encapsulates SPAN traffic (both Fibre Channel control and data plane traffic) in an Ethernet header for transport to a Windows PC or workstation for analysis. Both the Cisco Traffic Analyzer and Cisco Protocol Analyzer require the PAA to transport MDS SPAN traffic to a Windows PC or workstation.

For more information on these tools and how they work together with the Cisco DCNM-SAN management applications, see Cisco MDS 9000 Family NX-OS Troubleshooting Guide.

Running DCNM-SAN Behind a Firewall

For Windows PCs running DCNM-SAN, Device Manager, and Performance Manager behind a firewall, certain ports need to be available.

By default, DCNM-SAN Client and Device Manager use the first available UDP port for sending and receiving SNMP responses. The UDP SNMP trap local ports are 1162 for DCNM-SAN, and 1163 or 1164 for Device Manager. DCNM-SAN Server also opens TCP RMI port 9099.

In Fabric Manager Release 2.1(2) or later, you can select the UDP port that Fabric Manager Client or Device Manager uses for SNMP responses by uncommenting the following statement:

On a Windows desktop, uncomment the following in the FabricManager.bat or DeviceManager.bat file in the C:\Program Files\Cisco Systems\MDS9000\bin directory:

rem JVMARGS=%JVMARGS% -Dsnmp.localport=9001
 
   

On a UNIX desktop, uncomment the following in the FabricManager.sh or DeviceManager.sh file in the $HOME/.cisco_mds9000/bin directory:

# JVMARGS=$JVMARGS -Dsnmp.localport=9001
 
   

In Fabric Manager Release 3.2(1) or later, Fabric Manager Client initiates communication with Fabric Manager Server on the port 9099 for Java Naming Directory and Interface (JNDI) lookup. Fabric Manager Server redirects the client to 1098 and JBoss directs the request to the appropriate service.

Fabric Manager Server proxy services uses a configurable TCP port (9198 by default) for SNMP communications between the Fabric Manager Client or Device Manager and Fabric Manager Server.

The Fabric Manager Server component requires two predictable TCP ports to be opened on the firewall for an incoming connection:

server.port = 9099

server.data.port = 9100

As long as these two ports are open, Fabric Manager Client can connect to the server. Other TCP ports connected to Fabric Manager Client are initiated by the server, which is behind the firewall.

The following table lists all ports used by DCNM-SAN applications:

Communication Type
Port(s) Used
Used by All Applications

SSH

Port 22 (TCP)

Telnet

Port 23 (TCP)

HTTP

Port 80 (TCP)

TFTP

Port 69 (UDP)

SNMP

Port 161 (UDP)

Syslog

Port 514 (UDP)

Used by DCNM-SAN Server and Performance Manager

SNMP_TRAP

Port 2162 (UDP)

SNMP

Picks a random free local port (UDP) or 9198 (TCP) if SNMP proxy is enabled. Can be changed in server.properties.

Java RMI

Ports 9099, 9100 (TCP)

Used by DCNM-SAN Client

SNMP

Picks a random free local port (UDP) if SNMP proxy is enabled. Can be changed with the client -Dsnmp.localport option.

Java RMI

Picks a free local port between 19199 and 19399 (TCP). Can be changed with the client -Dclient.portStart and -Dclient.portEnd options. For example, -Dclient.portStart = 19199 -Dclient.portEnd = 19399.

Used by Device Manager

SNMP_TRAP

Picks a free local port between 1163 and 1170 (UDP).

SNMP

Picks a random free local port (UDP) or 9198 (TCP) if SNMP proxy is enabled. Can be changed in server.properties.


Port(s) Used/Type
Service Descriptor
Service Name
Attribute Name
Description

1098 (TCP)

conf/jboss-service.xml

jboss:service=Naming

RMI Naming Service Port

This port is for JNDI based naming services. The client look up this port for JNDI binding objects and resources.

9099 (TCP)

conf/jboss-service.xml

jboss:service=Naming

Bootstrap JNP Port ( FM changed 1099 to 9099)

This port is for JNDI based naming services. The client look up this port for JNDI binding objects and resources.

4444 (TCP)

conf/jboss-service.xml

jboss:service=invoker,type=jrmp

RMI /JRMP ObjectPort

The org.jboss.invocation.jrmp. server.JRMPInvoker class is an MBean service that provides the RMI/JRMP implementation of the Invoker interface. The JRMPInvoker exports itself as an RMI server so that when it is used as the Invoker in a remote client, the JRMPInvoker stub is sent to the client instead.

4445 (TCP)

conf/jboss-service.xml

jboss:service=invoker,type=pooled

Pooled Invoker

The org.jboss.invocation. pooled.server.PooledInvoker is an MBean service that provides RMI over a custom socket transport implementation of the Invoker interface. The PooledInvoker exports itself as an RMI server so that when it is used as the Invoker in a remote client, the PooledInvoker stub is sent to the client instead and invocations use the a custom socket protocol.

8009 (TCP)

deploy/jbossweb-tomcat41.sar/META-INF/jboss-service.xml

jboss.web:service=WebServer?

AJP Connector

The AJP Connector element represents a Connector component that communicates with a web connector via the AJP protocol. This is used for invisibly integrating JBoss Web into an existing or a new Apache server.

8083 (TCP)

conf/jboss-service.xml

jboss:service=WebService

RMI dynamic class loader port

The WebService MBean provides dynamic class loading for RMI access to the server EJBs. Used for web service

8092 (TCP)

deploy/jms/oil2-service.xml

jboss.mq:service=InvocationLayer?,type=OIL2

Optimized Invocation Layer for JMS

This port is used for JBossMQ services. JBossMQ is composed of several services working together to provide JMS API level services to client applications. Optimized Invocation Layer is a service used by JMS client.

8093 (TCP)

deploy/jms/uil2-service.xml

jboss.mq:service=InvocationLayer?,type=UIL2

Unified Invocation Layer for JMS

This port is used for JBossMQ services. JBossMQ is composed of several services working together to provide JMS API level services to client applications. Unified Invocation Layer is a service used by JMS client.

3873 (TCP)

Service end point for EJB3 aspect service

JBoss EJB3 Aspect Service Deployer

JBoss EJB3 Invoker

This port used by the client to communicate with EJB3(Enterprise JavaBean 3.0) services on JBoss Server.


DCNM-SAN Server Proxy Services

The DCNM-SAN Client and Device Manager use SNMP to communicate with the DCNM-SAN Server. In typical configurations, the DCNM-SAN Server may be installed behind a firewall. The SNMP proxy service available in Cisco Fabric Manager Release 2.1(1a) or later provides a TCP-based transport proxy for these SNMP requests. The SNMP proxy service allows you to block all UDP traffic at the firewall and configure DCNM-SAN Client to communicate over a configured TCP port.

DCNM-SAN uses the CLI for managing some features on the switches. These management tasks are used by DCNM-SAN and do not use the proxy services. Your firewall must remain open for CLI access for the following features:

External and internal loopback test

Flash files

Create CLI user

Security - ISCSI users

Show image version

Show tech

Switch resident reports (syslog, accounting)

Zone migration

Show cores

If you are using the SNMP proxy service and another application on your server is using port 9198, you need to modify your workstation settings.


Note The MDS switch always checks the local SNMP users before the remote AAA users, unlike the CLI.


To modify a Windows workstation, follow these steps:


Step 1 Open Internet Explorer and select Tools > Internet Options.

You see the Internet Options dialog box.

Step 2 Select the Connections tab and click LAN Settings.

You see the LAN Settings dialog box.

Step 3 Check the Use a Proxy Server for your LAN check box and click Advanced.

Step 4 Add your server IP Address or local host under the Exceptions section.

Step 5 Click OK to save your changes.