•
|
/flash - A CompactFlash card, located on the circuit board of the SPC/SMC, is the default storage media for the operating system software image, CLI configuration, and crash log files used by the system.
|
•
|
/pcmcia1 - This device is available when an ATA Type I or Type II PCMCIA card is inserted into PC-Card Slot 1 (upper slot) on the front panel of the SPC/SMC.
|
•
|
/pcmcia2 - This device is available when an ATA Type I or Type II PCMCIA card is inserted into PC-Card Slot 2 (lower slot) on the SPC’s front panel. Note that this option is not available for use with the SMC.
|
Important: For this release, local filesystem access is to master SMC only.
•
|
Operating System Software Image File: This binary file type is identified by its .bin extension. The file is the operating system that is loaded by the system upon startup or reloading. This is an executable, read-only file that cannot be modified by end users.
|
•
|
CLI Configuration File: This file type is identified by its .cfg extension. These are text files that contain CLI commands that work in conjunction with the operating system software image. These files determine services to be provided, hardware and software configurations, and other functions performed by the system. The files are typically created by the end user. You can modify the files both on and off-line and use descriptive long filenames.
|
•
|
System File: Only one file identified by a .sys extension is used by the system. The boot.sys file contains system-specific information, which describes how the system locates, and in what priority it loads, file groups (paired .bin and .cfg files) from its boot stack.
|
•
|
Abridged Crash Log: The abridged crash log, identified by its crashlog filename, contains summary information about software or hardware failures that occur on the system. This file is located in the /flash/crsh2/ directory on the device. You can view the contents of this file through the CLI, but you cannot modify the file.
|
•
|
bootmode: This setting is typically configured to normal, and identifies how the system starts.
|
•
|
network interface configuration: Use these optional boot method settings when you configure the system to obtain its operating system image from an external network server that is using one of the management LAN interfaces on the SPIO card.
|
•
|
terminal-speed configuration: This parameter identifies the data transfer rate at which a serial interface communicates on the console port. The default setting for this parameter is 115200 bps (115.2 Kbps). You can change this and other settings with RS-232 Port Configuration Mode commands.
|
•
|
boot stack information: The boot stack is made up of prioritized file group entries that designate the operating system image file and the CLI configuration file to load.
|
Important: Crash log files are not synchronized when these commands are executed.
card spc synchronize filesystem {
/flash|
/pcmcia1|
/pcmcia2|
all} [
checkonly] [
reverse]} [
-noconfirm]
card smc synchronize filesystem {
/flash|
all} [
checkonly] [
reverse]} [
-noconfirm ]
Use the mkdir command to create a new directory on the specific local device. This directory can then be incorporated as part of the path name for any file located in the local file system.
Use the rename command to change the name of a file from its original name to a different name. Remember to use the same file extension, if applicable, to ensure that the file type remains unchanged.
Use the following command to rename a file named pdsn_test.cfg to pdsn_prod.cfg on the
/flash local device.
Important: Use the
rename command only within the same local device. You cannot rename a file and place it onto another local device at the same time. To move a renamed file, you must use the
copy command.
The copy command copies files from one device to another device or location.
|
|
|
Disables the “Are you sure? [Yes | No]” confirmation prompt asked before executing the command.
|
The following copies a file test.cfg from an external server using FTP to /pcmcia1.
The delete command removes a designated file from its specified location on the local file system. This command can only be issued to a local device on the SPC/SMC. Note that this command does not allow for wildcard entries; each filename must be specified in its entirety.
Caution: Do not delete the boot.sys file. If deleted, the system will not reboot on command and will be rendered inoperable.
delete {
/flash|/pcmcia1|/hd-raid}/<
filename> [
-noconfirm]
|
|
|
|
|
Disables the “Are you sure? [Yes | No]” confirmation prompt asked before executing the command.
|
The rmdir command deletes a current directory on the specific local device. This directory can then be incorporated as part of the path name for any file located in the local file system.
Important: The directory you want to remove (delete) must be empty before executing the
rmdir command. If the directory is not empty, the CLI displays a
Directory not empty message and will not execute.
|
|
|
|
|
Disables the “Are you sure? [Yes | No]” confirmation prompt asked before executing the command.
|
The format command performs a low-level format of a local device. This operation formats the device to use the FAT16 formatting method, which is required for proper read/write functionality with the operating system.
Important: Local devices that have been formatted using other methods such as NTFS or FAT32 may be used to store various operating system, CLI configuration, and crash log files. However, if placing a new local device into the SPC/SMC for regular use, it is recommended that the device be formatted by the system prior to use. This ensures that the FAT16 file allocation table format is used, preventing any possible discrepancies between other formats used with other operating systems.
Caution: Use of the
format command should be carefully monitored and approved by operations management personnel. Formatting a local device removes all files and information stored on the local device.
Caution: If a configuration file is applied to a system currently running another CLI configuration, any like contexts, services, logical interfaces, physical ports, IP address pools, or other configured items will be overwritten if the same command exists in the configuration file being applied. Take caution to ensure that you are knowledgeable of the contents of the file being applied and understand what the service ramifications are if a currently running command is overwritten. Also note that changes will not be saved automatically.
Where filename is the name of the file, including any extension.
Important: Operator and inspector-level users can execute the
show file command but can not execute the
directory command.
•
|
Local-Booting Method: The default boot method that uses software image and configuration files stored locally on the system. Upon system startup or reboot, the system looks on one of its local devices ( /flash, /pcmcia1, /pcmcia2 (SPC only), or /hd-raid (SMC only)) located on the primary SPC/SMC for the specific software image and accompanying configuration text file.
|
•
|
Network-Booting Method: The system can be configured to obtain its software image from a specific external network server while it is paired with a configuration text file that resides on the system. When using network booting, you need to configure the following:
|
Important: Operator and inspector-level users can execute the
show boot command.
Important: Before performing this procedure, verify that there are less than 10 entries in the boot.sys file and that a higher priority entry is available (i.e. that minimally there is no priority 1 entry in the boot stack). Refer to
Viewing the Current Boot Stack for more information.
If priority 1 is in use, then you must renumber the existing entry(ies) to ensure that at least that priority is available. The maximum number of boot stack entries that can be contained in the boot.sys file is 10. If there are already 10 entries in the boot stack, you must delete at least one of these entries (typically, the lowest priority) and, if necessary, renumber some or all of the other entries before proceeding. Refer to
Deleting a Boot Stack Entry for more information.
This procedure details how to add new boot stack entries to the boot.sys file. Make sure you are at the Exec mode prompt and enter the following commands:
boot system priority number image <
image_url>
config <
cfg_url>
The following command creates a new boot stack entry, using a boot priority of 3, an image file named
os_20000.XXX.bin, and a configuration file named
general.cfg.
Important: Boot stack changes saved to the
boot.sys file are not executed until the system is restarted.
|
|
|
spio-eth1 corresponds to either the RJ-45 1 or SFP 1 interface on the SPIO.
spio-eth2 interface that corresponds to either the RJ-45 2 or SFP 2 interface on the SPIO.
Important: Use SPIO port 1 for network booting.
|
|
auto implements auto-negotiation to determine the highest possible speed and duplex mode.
speed specifies the rate to use as either 10 Mbps, 100Mbps, or 1000Mbps. This command keyword must be following by the speed of the Ethernet connection, entered as an integer.
Important: If the speed is manually configured, you must also configure the duplex mode. In addition, you must ensure that the network server configuration supports the speed and duplex configuration.
|
|
|
|
Select either rj45, for copper Ethernet, or the small form factor pluggable sfp optical gigabit Ethernet media type.
|
boot networkconfig {
dhcp|{{
dhcp-static-fallback|static}
ip address spio24 <
ip_address24> [
spio25 <
ip_address25>]
netmask <
subnet_mask> [
gateway <
gw_ip_address>]}}
|
|
|
Important: If this option is selected, you will not have to configure IP address information for the SPIO interfaces, defined using the boot interface command, or any needed gateway.
|
|
Specifies the use of the Dynamic Host Control Protocol (DHCP) to automatically assign an IP address to the SPIO interface, defined using the boot interface command, at startup. However, it allows the configuration of a fallback static IP address that can be used in case the DHCP server is unreachable.
|
|
|
|
If either the dhcp-static-fallback or static options were used as the method by which the SPIO interface obtains an IP address, then these keywords specify the static address.
|
|
|
|
Specifies the IP address to use for the SPIO interface in slot 25. Enter the ip_address25 variable as an IP address. If used, both interfaces will appear in the boot.sys file.
|
|
|
|
If either dhcp-static-fallback or static options were chosen as the method by which the interface will receive an IP address, then this optional parameter specifies the IP address for the next-hop gateway (router, bridge, etc.) to use, if needed.
|
Where time is entered as an integer, ranging from 1 to 300 seconds before attempting to contact the external network server. If your network uses STP, a typical delay time of 30 seconds should suffice.
Important: Save your configuration as described in the
Verifying and Saving Your Configuration chapter.
Where ip_address is the IP address, entered in dotted-decimal notation, of the DNS server.
Important: Save the configuration as described in the
Verifying and Saving Your Configuration chapter.
The operating system software is delivered as a single binary file (.bin file extension) and is loaded as a single instance for the entire system. Each software image can be identified by its release version and its corresponding build number. The software version information can be viewed from the CLI by entering the
show version command.
Important: This method is not supported for the SGSN or for PDIF. Refer to the appropriate Administration Guide for upgrade information.
Caution: To minimize the risk of service outages, the on-line software upgrade should be performed during a planned maintenance window.
Important: This is the only stage that the
abort upgrade command may be used. Once Stage 2 is entered, the on-line software upgrade should not be cancelled unless an emergency exists. After Stage 1, the only way that an on-line software upgrade can be terminated is to issue the
reload command. This causes a system restart that could leave the system in an abnormal state, requiring manual intervention. Issuing the
reload command should be avoided, and only used as a last resort.
Important: Once Stage 2 has begun, no CLI configuration mode commands, except
end and
exit (if this stage is entered while a management user is in a configuration mode) will be accepted by the system. Only non-configuration commands within the Exec mode, such as show commands may be executed. You can monitor the progress of the on-line software upgrade by entering the
show upgrade command.
Important: The system will only migrate as many active PSCs as there are standby PSCs. If this is not a 1:1 correlation, then the system will repeat this procedure of migrating - updating - migrating back until all normally active PSCs have been upgraded.
Caution: Whenever transferring a operating system software image file using the file transfer protocol (FTP), the FTP client must be configured to transfer the file using binary mode. Failure to use binary transfer mode will make the transferred operating system image file unusable.
copy <
from_url> <
to_url> [-
noconfirm]
The following command example creates a backup copy of a file called general.cfg located on the
/flash device to a file called
general_3652.cfg:
[<context_name>]
host_name(config-ctx)#
[<context_name>]
host_name(config-asngw-service)#
Step d
|
Optional. Configure the overload policy for another configured ASN GW service.
|
[<context_name>]
host_name(config-ctx)#
[<context_name>]
host_name(config-<
service_type>-service)#
policy {overload {redirect <
address> [
weight <
weight_num>] [<
address2> [
weight <
weight_num>]...<
address16> [
weight <
weight_num>] ] |
reject [use-reject-code insufficient-resources]} | service-option enforce}
|
|
|
address: The IP address of an alternate PDSN expressed in IP v4. Up to 16 IP addresses can be specified either in one command or by issuing the redirect command multiple times. If you try to add more than 16 IP addresses to the redirect policy the CLI issues an error message. If you specify an IP address and weight that already exists in the redirect policy the new values override the existing values.
|
|
weight_num must be an integer from 1 through 10.
|
|
|
|
Optional: This optional keyword may be used in conjunction with a reject overload policy for either PDSN or HA services. The result of this command is that a result code (82H) indicating “ Registration Denied - Insufficient Resources” is returned to the requestor.
|
|
|
Step d
|
Repeat step c to configure the overload policy for another configured service.
|
Caution: Once the software upgrade process has started, any failure that results in the reboot of the system prior to the upgrading of both SMCs may result in unexpected behavior by the system that requires manual intervention to correct.
|
|
|
Disables the “Are you sure? [Yes | No]” confirmation prompt asked before executing the command.
|
Step 13
|
Optional: To view the status of an on-line software process, enter the following command from the Exec mode prompt:
|
Important: The abort upgrade command can only be used during Stage 1 (busy-out) of an on-line software upgrade.
copy <
from_url> <
to_url> [-
noconfirm]
Caution: Whenever transferring a operating system software image file using the file transfer protocol (FTP), the FTP client must be configured to transfer the file using binary mode. Failure to use binary transfer mode will make the transferred operating system image file unusable.
copy <
from_url> <
to_url> [-
noconfirm]
The following command example creates a backup copy of a file called general.cfg located on the
/flash device to a file called
general_3652.cfg:
boot system priority <
number>
image <
image_url>
config <
cfg_url>
Important: The maximum number of boot stack entries that can be contained in the boot.sys file is 10. If there are already 10 entries in the boot stack, then you must delete at least one of these entries before proceeding. Refer to Configuring the Boot Stack for more information.
For information on using the boot system priority command, refer to the
Adding a New Boot Stack Entry section.
For information on using the boot system priority command, please see the
Adding a New Boot Stack Entry section.
|
|
|
|
|
|
|
Important: Only filesystems on matching local devices will be synchronized. For example, if the active SMC contains two local devices (/flash and /pcmcia1) and the standby SMC contains only one local device (/flash), then synchronization would only occur on the matching local device (i.e. /flash).
|
|
|
|
|
|
This keyword disables the “Are you sure? [Yes | No]” confirmation prompt, asked before executing the command
|
newcall policy {ha-service|pdsn-service} {
all|name <
service_name>} {
redirect <
target_ip_address> [
weight <
weight_num>] [<
target_ipaddress2> [
weight <
weight_num>]...<
target_ip_address16> [
weight <
weight_num>]] |
reject}
|
|
|
service_name is the name of a service that was previously configured. It can consist of up to 63 alphanumeric characters and is case sensitive.
apn_name is the name of an APN that was previously configured. It can consist of up to 63 alphanumeric characters and is case sensitive.
Important: To apply the newcall policy to a subset of all of the configured services of a specific type, re-issue the command for each individual service name desired.
|
|
address: The IP address of an alternate destination expressed in IP v4. Up to 16 IP addresses can be specified either in one command or by issuing the redirect command multiple times. If you try to add more than 16 IP addresses to the redirect policy the CLI issues an error message. If you specify an IP address and weight that already exists in the redirect policy the new values override the existing values
|
|
weight_num must be an integer from 1 through 10.
|
|
|
Step 8
|
Optional: Configure a newcall policy for each additional service type.
|
Step 9
|
Optional: Configure a “Message of the Day” banner informing other management users that the system will be rebooted by entering the following command from the Global Configuration mode prompt.
|
banner_text is the message that you would like to be displayed and can be up to 2048 alpha and/or numeric characters. Note that
banner_text must begin with and end in quotation marks (“ “). For more information in entering CLI banner information, please see the
CLI Command Reference documentation.
Important: After the system reboots, establish a CLI session and enter the command to verify that the active software version is correct.
Step 11
|
Optional for PDSN: If you are using the IP Pool Sharing Protocol during your upgrade, wait until the system is completely rebooted, then go to Configuring IPSP After the Software Upgrade in the IP Pool Sharing Protocol chapter of the System Enhanced Feature Configuration Guide.
|
Important: With no license key installed, the session use licenses for PDSN, HA, GGSN, and L2TP LNS are limited to 10,000 sessions.
Caution: Failure to save the new license key configuration in the current CLI configuration file will result in the loss of any of the new features enabled by the license key once the system is reloaded.
Important: License key information is maintained as part of the CLI configuration. Each time a key is installed or updated, you must re-save the configuration file.
Important: Paste the license key information at the beginning of the configuration file to ensure the system has the expected capacity and features before it configures contexts.
Where slot# is either 8 or 9, depending on the chassis card slot where the SMC is installed.
Important: Failure to provide license key redundancy can result in the loss of session capacity and enhanced features should a failover or manual switchover occur.
•
|
Complexity: Password complexity can be forced to be compliant with ANSI T1.276-2003.
|
•
|
History length: How many previous password versions should be tracked by the system.
|
•
|
Minimum length: The minimum number of characters a valid password must contain.
|
Refer to the local-user password command in the
Global Configuration Mode chapter of the Command
Line Interface Reference for details on each of the above parameters.
•
|
Login failures: The configured maximum login failure threshold has been reached. Refer to the local-user max-failed-logins command in the Global Configuration Mode chapter of the Command Line Interface Reference for details
|
•
|
Password Aging: The configured maximum password age has been reached. Refer to the local-user password command in the Global Configuration Mode chapter of the Command Line Interface Reference for details.
|
Accounts that are locked out are inaccessible to the user until either the configured lockout time is reached (refer to the local-user lockout-time command in the
Global Configuration Mode chapter of the Command
Line Interface Reference) or a security administrator clears the lockout (refer to the
clear local-user command in the
Exec Mode chapter of the Command
Line Interface Reference).
Important: Local-user administrative user accounts could be configured to enforce or reject lockouts. Refer to the
local-user username command in the
Global Configuration Mode chapter of the Command
Line Interface Reference for details.
suspend local-user <
name>
no suspend local-user <
name>
Local-user administrative users can change their passwords using the password change command in the Exec mode. Users are prompted to enter their current and new passwords.
name is the name of the local-user account for which the password is to be changed. When a security administrator resets a local-user’s password, the system prompts the user to change their password the next time they login.