manualshive.com logo in svg

Cisco 11500 Series, Administration Manual

The Cisco 11500 Series, a powerful networking solution, offers exceptional performance and reliability. To ensure seamless installation, we provide a comprehensive Hardware Installation Manual. Download this manual for free from our website and start experiencing the full potential of your Cisco 11500 Series device.

Share
Download
background image

 

Corporate Headquarters

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 

526-4000

800 553-NETS (6387)

Fax: 408 

526-4100

Cisco Content Services Switch 
Administration Guide

Software Version 7.50
March 2005

Text Part Number: OL-5647-02

Summary of Contents for 11500 Series

Page 1: ...s Inc 170 West Tasman Drive San Jose CA 95134 1706 USA http www cisco com Tel 408 526 4000 800 553 NETS 6387 Fax 408 526 4100 Cisco Content Services Switch Administration Guide Software Version 7 50 March 2005 Text Part Number OL 5647 02 ...

Page 2: ... OR INCIDENTAL DAMAGES INCLUDING WITHOUT LIMITATION LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES Cisco Content Services Switch Administration Guide Copyright 2005 Cisco Systems Inc All rights reserved CCSP CCVP the Cisco Square Bridge logo Follow Me Browsing and Stac...

Page 3: ...tation xxx Documentation Feedback xxxi Cisco Product Security Overview xxxi Reporting Security Problems in Cisco Products xxxii Obtaining Technical Assistance xxxii Cisco Technical Support Website xxxiii Submitting a Service Request xxxiii Definitions of Service Request Severity xxxiv Obtaining Additional Publications and Information xxxv C H A P T E R 1 Managing the CSS Software 1 1 CSS Software ...

Page 4: ...a Disk for Booting Logging and Core Dumps 1 18 Selecting a Disk for the Primary Boot Record 1 18 Selecting a Disk for the Secondary Boot Record 1 19 Selecting a Disk for Core Dumps 1 19 Selecting a Disk for Logging 1 20 Copying Files Between Disks 1 21 Showing the Disk Mapping Configurations 1 22 Showing Files from a Disk 1 23 Clearing Files from a Disk 1 23 Unpacking and Removing an ADI 1 24 Arch...

Page 5: ...1 44 Showing Disk Information 1 45 Showing User Information 1 46 Showing Current Logins 1 48 Where to Go Next 1 49 C H A P T E R 2 Specifying the CSS Boot Configuration 2 1 Boot Setup Quick Start 2 2 Accessing Boot Mode 2 3 Specifying the Primary Boot Configuration 2 3 Specifying the Primary Boot File 2 3 Specifying the Primary Boot Type 2 4 Primary Boot Configuration Considerations 2 5 Specifying...

Page 6: ...figuration Path 2 15 Configuring the Passive SCM Subnet Mask 2 15 Copying Configuration Information from the Active SCM to the Passive SCM 2 16 Showing the Boot Configuration 2 17 Booting the CSS from a Network Drive 2 17 Configuring Network Boot for a Primary SCM 2 18 Configuring Network Boot for a Passive SCM 2 19 Showing Network Boot Configurations 2 20 Where to Go Next 2 20 C H A P T E R 3 Con...

Page 7: ...rofile to a TFTP Server 3 15 Where to Go Next 3 15 C H A P T E R 4 Using the CSS Logging Features 4 1 Logging Overview 4 2 CSS Logging Quick Start Table 4 4 Specifying Logging Buffer Size 4 6 Configuring Logging for a Subsystem 4 7 Enabling and Disabling Logging for a Subsystem 4 7 Configuring a Log Message for a Subsystem at a Logging Level 4 10 Logging ACL Activity 4 11 Sending Log Messages to a...

Page 8: ...sages 4 34 Where to Go Next 4 61 C H A P T E R 5 Configuring Simple Network Management Protocol SNMP 5 1 SNMP Overview 5 2 Managers and Agents 5 2 SNMP Manager and Agent Communication 5 3 Management Information Base MIB Overview 5 5 MIB Variables 5 7 MIB Extensions Enterprise MIBs 5 7 Updating MIB Files 5 8 Loading the Standard MIBs 5 8 Loading the CSS MIBs 5 9 SNMP Communities 5 9 Preparing to Co...

Page 9: ...l of Service DoS 5 22 DoS Quick Start 5 23 Defining a DoS SNMP Trap Type 5 24 Displaying DoS Configurations 5 25 Resetting DoS Statistics 5 28 Displaying the SNMP Configuration 5 29 Managing SNMP on the CSS 5 29 Enabling SNMP Manager Access to the CSS 5 29 Using the CSS to Look Up MIB Objects 5 30 Useful MIB Information 5 31 Reading Logs 5 32 Setting RMON Alarms 5 33 CSS SNMP Traps 5 33 CSS MIBs 5...

Page 10: ...vating an RMON Event 6 9 Suspending an RMON Event 6 10 Configuring an RMON Alarm 6 10 RMON Alarm Configuration Quick Start 6 12 Creating an Index for an RMON Alarm 6 14 Modifying the Attributes for an Existing RMON Alarm Index 6 14 Deleting an RMON Alarm Index 6 15 Setting the RMON Alarm Attributes 6 15 Assigning an Owner 6 15 Finding and Defining a Sample Variable 6 16 Defining the Absolute or De...

Page 11: ... 6 25 Defining the Bucket Count 6 26 Defining the Bucket Interval 6 26 Activating an RMON History Entry 6 26 Viewing RMON Information 6 27 Viewing Statistics 6 27 Clearing RMON Statistics 6 31 Viewing History 6 31 Viewing Events in a Log File 6 33 Viewing a Traplog File 6 34 Viewing a CSS Disk Log File 6 34 C H A P T E R 7 Using an XML Document to Configure the CSS 7 1 Creating XML Code 7 2 XML Do...

Page 12: ...ting Variables 8 8 Variable Types 8 9 Removing Variables 8 10 Modifying Integer Variables 8 10 Using the No Set and Set Commands 8 10 Using Arithmetic Operators 8 11 Using the Increment and Decrement Operators 8 12 Using Logical and Relational Operators and Branch Commands 8 13 Boolean Logic and Relational Operators 8 13 Using the if Branch Command 8 14 Using the while Branch Command 8 15 Special ...

Page 13: ... 30 Syntax Errors and Script Termination 8 31 Syntax Errors 8 31 Script Exit Codes 8 32 Exiting a Script Within Another Script 8 34 Using the grep Command 8 34 Specifying Line Numbers for Search Results 8 35 STATUS Results from the grep Command 8 35 Using socket Commands 8 36 socket connect 8 36 socket send 8 37 socket receive 8 38 socket waitfor 8 39 socket inspect 8 40 socket disconnect 8 40 Soc...

Page 14: ...8 55 Time Keepalive 8 56 Setcookie Keepalive 8 57 HTTP Authentication Keepalive 8 58 DNS Keepalive 8 59 Echo Keepalive 8 60 HTTP Host Tag Keepalive 8 61 Mailhost Keepalive 8 62 LDAP Keepalive 8 64 A P P E N D I X A Upgrading Your CSS Software A 1 Before You Begin A 2 Copying the New CSS Software A 2 Configuring an FTP Server Record on the CSS A 2 Upgrading Your CSS Software A 4 Using the Upgrade S...

Page 15: ...nfiguration Menu B 4 Setting Primary Boot Configuration B 6 Setting Secondary Boot Configuration B 11 Setting IP Address Subnet Mask and Default Gateway B 16 Displaying the Boot Configuration B 17 Using the Advanced Options B 17 Deleting a Software Version B 18 Using the Security Options B 18 Using the Disk Options B 21 Configuring Disks in a Two Disk CSS B 26 Rebooting the CSS B 27 I N D E X ...

Page 16: ...Contents xvi Cisco Content Services Switch Administration Guide OL 5647 02 ...

Page 17: ...4 2 Logging Header in a Log Message 4 26 Figure 4 3 Logging Message 4 27 Figure 4 4 Logging Message Fields 4 28 Figure 5 1 SNMP Manager and Agent Interaction 5 4 Figure 5 2 Top of the MIB Tree 5 6 Figure 6 1 Supported RMON Functions on the CSS 6 2 Figure 6 2 Example of Absolute Sampling 6 11 Figure 6 3 Example of Delta Sampling 6 11 Figure B 1 Boot Configuration Flowchart B 4 ...

Page 18: ...Figures xx Cisco Content Services Switch Administration Guide OL 5647 02 ...

Page 19: ... resources cpu_summary Command 1 44 Table 1 9 Field Descriptions for the show disk Command 1 45 Table 1 10 Field Descriptions for the show user database Command 1 46 Table 1 11 Field Descriptions for the show lines Command 1 49 Table 2 1 Boot Setup Quick Start 2 2 Table 3 1 User Profile Configuration Quick Start 3 3 Table 4 1 CSS Log File Descriptions 4 3 Table 4 2 Configuring and Enabling Logging...

Page 20: ...RMON Event Configuration Quick Start 6 5 Table 6 2 RMON Alarm Configuration Quick Start 6 12 Table 6 3 RMON History Configuration Quick Start 6 22 Table 6 4 Field Descriptions for the show rmon Command 6 28 Table 6 5 Field Descriptions for the show rmon history Command 6 32 Table 8 1 Field Descriptions for the show cmd sched Command 8 5 Table 8 2 Field Descriptions for the show sockets Command 8 4...

Page 21: ... set contains all of the Standard feature set and also includes Network Address Translation NAT Peering Domain Name Service DNS Demand Based Content Replication Dynamic Hot Content Overflow Content Staging and Replication and Network Proximity DNS Proximity Database and Secure Management which includes Secure Shell Host and SSL strong encryption for the Device Management software are optional feat...

Page 22: ...nd remove an ArrowPoint Distribution Image ADI This chapter also includes an overview of the CSS system software Chapter 2 Specifying the CSS Boot Configuration Set the primary and secondary boot configuration for the CSS Chapter 3 Configuring User Profiles Configure user profiles in the default profile file Chapter 4 Using the CSS Logging Features Configure logging for the CSS This chapter also p...

Page 23: ...oftware Upgrade your CSS software manually or use the upgrade script Appendix B Using the Offline Diagnostic Monitor Menu Use the Offline Diagnostic Monitor Offline DM menu Chapter Description Document Title Description Release Note for the Cisco 11500 Series Content Services Switch This release note provides information on operating considerations caveats and command line interface CLI commands f...

Page 24: ... resolution Configuring sticky cookies with a sticky overview and advanced load balancing method using cookies Finding information in the CSS documentation with a task list Troubleshooting the boot process Cisco Content Services Switch Routing and Bridging Configuration Guide This guide describes how to perform routing and bridging configuration tasks on the CSS including Management ports interfac...

Page 25: ... DFP Owners Content rules Sticky parameters HTTP header load balancing Content caching Content replication Cisco Content Services Switch Global Server Load Balancing Configuration Guide This guide describes how to perform CSS global load balancing configuration tasks including Domain Name System DNS DNS Sticky Content Routing Agent Client Side Accelerator Network proximity Cisco Content Services S...

Page 26: ...trolling access to the CSS Secure Shell Daemon protocol Radius TACACS Firewall load balancing Cisco Content Services Switch SSL Configuration Guide This guide describes how to perform CSS SSL configuration tasks including SSL certificate and keys SSL termination Back end SSL SSL initiation Cisco Content Services Switch Command Reference This reference provides an alphabetical list of all CLI comma...

Page 27: ...icates the first occurrence of a new term book title emphasized text and variables for which you supply values 1 A numbered list indicates that the order of the list items is important a An alphabetical list indicates that the order of the secondary list items is important A bulleted list indicates that the order of the list topics is unimportant An indented list indicates that the order of the li...

Page 28: ...on DVD is updated regularly and may be more current than printed documentation The Documentation DVD package is available as a single unit Registered Cisco com users Cisco direct customers can order a Cisco Documentation DVD product number DOC DOCDVD from the Ordering tool or Cisco Marketplace Cisco Ordering tool http www cisco com en US partner ordering Cisco Marketplace http www cisco com go mar...

Page 29: ...rive San Jose CA 95134 9883 We appreciate your comments Cisco Product Security Overview Cisco provides a free online Security Vulnerability Policy portal at this URL http www cisco com en US products products_security_vulnerability_policy ht ml From this site you can perform these tasks Report security vulnerabilities in Cisco products Obtain assistance with security incidents that involve Cisco p...

Page 30: ... compatible with PGP versions 2 x through 8 x Never use a revoked or an expired encryption key The correct public key to use in your correspondence with PSIRT is the one that has the most recent creation date in this public key server list http pgp mit edu 11371 pks lookup search psirt 40cisco com op index ex act on In an emergency you can also reach PSIRT by telephone 1 877 228 7302 1 408 525 653...

Page 31: ... under Documentation Tools Choose Cisco Product Identification Tool from the Alphabetical Index drop down list or click the Cisco Product Identification Tool link under Alerts RMAs The CPI tool offers three search options by product ID or model name by tree view or for certain products by copying and pasting show command output Search results show an illustration of your product with the serial nu...

Page 32: ...l service requests are reported in a standard format Cisco has established severity definitions Severity 1 S1 Your network is down or there is a critical impact to your business operations You and Cisco will commit all necessary resources around the clock to resolve the situation Severity 2 S2 Operation of an existing network is severely degraded or significant aspects of your business operation a...

Page 33: ...latest industry trends technology breakthroughs and Cisco products and solutions as well as network deployment and troubleshooting tips configuration examples customer case studies certification and training information and links to scores of in depth online resources You can access Packet magazine at this URL http www cisco com packet iQ Magazine is the quarterly publication from Cisco Systems de...

Page 34: ...cations and Information xxxvi Cisco Content Services Switch Administration Guide OL 5647 02 World class networking training is available from Cisco You can view current offerings at this URL http www cisco com en US learning index html ...

Page 35: ...ter applies to all CSS models except where noted This chapter contains the following major sections CSS Software Overview Creating an FTP Record Using the Running Config and Startup Config Files Configuring Disks in a Two Disk CSS Unpacking and Removing an ADI Archiving Files to the Archive Directory Restoring Files from the Archive Directory Enabling and Copying Core Dumps Showing CSS Configurati...

Page 36: ...P The CSS accesses the ADI or GZIP file containing the CSS software from an FTP server copies the file to the CSS disk and unpacks it The CSS then boots from the disk You can also install the CSS software on a network mounted drive on a remote system which the CSS accesses through FTP Network boot uses a special ZIP version of WebNS that ends with a zip extension Instead of the CSS disk the networ...

Page 37: ...re applications Caution When you view the CSS software directories installed on a network drive more directories are listed than those you can view on the hard disk or Flash disk The additional directories are reserved for internal use Do not manipulate the files in these directories The software directory also contains the startup config file The startup config is an ASCII file containing command...

Page 38: ...es of uses for an FTP record with the CSS include Copy an ADI script file or startup configuration file from an FTP server to the CSS Copy a running configuration file startup configuration file log file script or a core dump file from the CSS to an FTP or TFTP server Define a keepalive method in which the CSS logs in to an FTP server Import or export certificates and private keys from or to a Cis...

Page 39: ... the FTP server Enter a case sensitive quoted text string with no spaces and a maximum of 16 characters des_password The Data Encryption Standard DES encrypted password for the valid login username on the FTP server Enter a case sensitive unquoted text string with no spaces and a maximum of 64 characters base_directory An optional base directory for this record Enter the base directory name as a c...

Page 40: ...e full path to the file Enter an unquoted text string with no spaces and a maximum length of 32 characters If you are using the boot image keyword to copy an ADI file from an FTP server to the CSS include the full path to the file including the file extension Enter an unquoted text string with no spaces and a maximum length of 32 characters You can also copy a GZIP compressed version of the ADI fi...

Page 41: ...uration Creating a Running Config or Startup Config File Using a Text Editor Finding an IP Address in the Running Config File Saving the Running Config to the Startup Config File To save the running config file to the startup config file on the CSS disk use one of the following commands copy running config startup config Copies the contents of the running config file to the startup config file The...

Page 42: ...variables for this command are as follows ftp ftp_record filename Copies the running config file to an FTP server The name of the FTP record file contains the FTP server IP address username and password Enter an unquoted text string with no spaces To create an FTP record use the ftp record global configuration mode command tftp ip_or_host Copies the running config file to a TFTP server Enter an IP...

Page 43: ...or example myhost mydomain com filename Name you want to assign to the file on the server Include the full path to the file Enter an unquoted text string with no spaces and a maximum length of 32 characters running config Copies the startup configuration and merges with the running configuration file on the CSS disk Clearing the Running Config and Startup Config Files To reset the CSS running conf...

Page 44: ...circuit components of one or all circuits in the running config file show running config dql dql name Displays domain qualifier list DQL information of the running config file For information about a specific DQL enter the DQL name as a case sensitive unquoted text string show running config eql eql name Displays extension qualifier list EQL information of the running config file For information a...

Page 45: ... the running config file For information about a specific NQL enter the NQL name as a case sensitive unquoted text string show running config owner owner name Displays the valid existing owner components of the running config file For information about a specific owner enter the owner name as a case sensitive unquoted text string show running config rmon alarm Displays RMON alarm information of th...

Page 46: ...g file Comments are preceded by an exclamation point Note that the CSS does not display default values in the CSS running configuration or startup configuration even if you manually enter the values show running config GLOBAL ip route 0 0 0 0 0 158 3 7 2 INTERFACE interface e1 bridge vlan 2 interface e2 bridge vlan 2 CIRCUIT circuit VLAN1 ip address 10 3 6 58 255 255 255 0 circuit VLAN2 ip address...

Page 47: ...nfig line numbers command to display the startup config file with line numbers The following example shows a CSS startup configuration with line numbers Comments are preceded by an exclamation point show startup config line numbers 1 Generated MAR 6 18 56 11 2 configure 3 CIRCUIT 4 circuit VLAN1 5 ip address 192 168 2 170 255 255 255 0 6 ip address 192 168 1 108 255 255 255 0 7 SERVICE 8 service s...

Page 48: ...VLAN associations Circuit Circuit VLAN IP addresses and subnet masks SSL Proxy List The ssl proxy list configuration Keepalive The global keepalive configuration Service Service names IP addresses and all service configuration information EQL Extension Qualifier List EQL configuration Owner Owner name content rule name and content rules Group Source group configurations RMON Event RMON event confi...

Page 49: ... number The options and variables for this command are as follows ip_or_host IP address in dotted decimal notation for example 192 168 11 1 or enter the host name in mnemonic host name format for example host domain com subnet mask The IP subnet mask Enter the subnet mask as either A prefix length in CIDR bit count notation for example 24 Enter a prefix length of 16 or greater Do not include a spa...

Page 50: ...on to specifying the file storage locations you can also Format the disks Copy information such as the scripts archives or startup configuration from one disk to the other disk Display the mapping configuration of the two disks in slot 0 and slot 1 Display the specified archive log script or startup configuration file stored on a specific disk Delete a specific file startup configuration logs scri...

Page 51: ... Formats the specified disk The slot number designates which disk you want to format Valid disk_slot selections are 0 for the disk in slot 0 or 1 for the disk in slot 1 format disk_slot quick Formats the specified disk 0 or 1 The quick option reformats the disk without performing cluster verification Note Use the quick disk format only when you are certain of the disk integrity For example to form...

Page 52: ...logs and core dumps to disk 1 The syntax for this global configuration mode command is map core log primary boot secondary boot disk_slot The options for the map command are as follows core Specifies the disk that contains the core dumps log Specifies the disk that contains the logging output primary boot Specifies the disk that contains the primary boot record secondary boot Specifies the disk th...

Page 53: ...perUser mode For example to select the disk in slot 1 as the storage location for the secondary boot record enter map secondary boot 1 To return the storage location of the secondary boot record back to the disk in slot 0 enter no map secondary boot or map secondary boot 0 Selecting a Disk for Core Dumps The default storage location for core dump files is the disk from which the CSS boots disk 0 o...

Page 54: ... select the disk on which you want to store log files Valid selections are 0 disk in slot 0 and 1 disk in slot 1 This command is available only in SuperUser mode Note Logging to a CSS disk can cause the performance of the CSS to degrade If logging requires frequent writes to disk that is several hundred log messages per day we recommend that you log to a hard disk and store all other system files ...

Page 55: ... want to perform a complete copy of all contents from the source disk to the second disk enter only the disk_slot value Do not enter values for the additional copy command variables log filename Copies the specified log file from the source disk to the second disk log filename destination filename Copies the specified log file from the source disk to the second disk using a different destination f...

Page 56: ...nd when copying information between two disks in the CSS The source file must exist An equivalent release of CSS software must be present on the destination disk before you copy information to the disk such as a startup config file a log file or a script If necessary copy the boot image to the second disk before copying a startup config file log file or script Showing the Disk Mapping Configuratio...

Page 57: ...chive filename Displays the contents of the archive filename from the specified disk startup config Displays the contents of the CSS startup configuration file from the specified disk Clearing Files from a Disk Use the clear command to delete the specified file startup configuration logs scripts archive file stored on a specific disk in the CSS This command is available only in SuperUser mode The ...

Page 58: ...bution Image ADI that is not currently running on the CSS For a dual disk CSS you need to identify the specified disk Warning Ensure you do not delete the software version that you are currently running in the CSS To remove a software version installed on the CSS use the following commands remove software version Enter the ADI filename as an unquoted text string with a maximum of 32 characters rem...

Page 59: ...he startup config file archive running config Archives the running config file archive log Archives a log file archive script Archives a script or user profile file To display the contents of the archive directory enter show archive Archive files include running config and startup config files scripts and user profiles You must archive your startup config file custom scripts and user profile files...

Page 60: ...Enter the archive filename as the name you want to assign to the archive file The archive filename is an unquoted text string with a maximum of 32 characters The syntax for this command is archive running config archive_filename Note You can also use the save_config alias command to automatically copy the running config to the startup config and then archive the startup config Archiving a Log File...

Page 61: ...e archive file Enter an unquoted text string with a maximum of 32 characters Clearing the Archive Directory Use the clear archive command to clear a file in the archive directory Enter the archive filename as the name of the archive file to clear To list the archive files enter clear archive The syntax for this command is clear archive archive_filename Restoring Files from the Archive Directory Th...

Page 62: ...toring an Archived Startup Config File Note If you booted your CSS from a network mounted system and your hard drive does not work the CSS suspends all restore related functions Restoring an Archived Log File Use the restore log command to restore an archived log file to the log subdirectory The syntax for this command is restore archive_filename log log_filename The variables are as follows archi...

Page 63: ...tional The name you want to assign to the file Enter an unquoted text string with a maximum of 32 characters For example to restore the script arrowscript to the script subdirectory enter restore arrowscript script Restoring an Archived Startup Config File Use the restore archive_filename startup config command to restore an archived file to the startup configuration Caution The restored file over...

Page 64: ... or hard disk is full Files can be 10 to 20 MB in size Reboots automatically Note Core dump information is for Cisco Technical Assistance Center TAC use only When the CSS experiences a fatal error and core dumps are disabled the CSS reboots automatically The CSS does not write information to the hard disk or the Flash disk For a Flash disk based system if the core dump file is older than 15 minute...

Page 65: ...in the Core directory of the volume root of a specific disk in the CSS 11501 CSS 11503 or CSS 11506 Valid selections are 0 for the disk in slot 0 or 1 for the disk in slot 1 For example show core SCP0101_4 80_115 OCT 31 15 06 26 16708412 SCP0101_4 80_109 OCT 29 16 56 16 37806459 SCP0101_4 80_116 NOV 1 15 54 28 38403870 Copying Core Dumps to an FTP or TFTP Server Use the copy core command to copy c...

Page 66: ...eating an FTP Record section The syntax for this command is copy core coredump_filename ftp ftp_record filename The variables are as follows coredump_filename The name of the core dump on the CSS Enter an unquoted text string with no spaces and a maximum of 32 characters ftp_record The name of the FTP record file that contains the FTP server IP address username and password Enter an unquoted text ...

Page 67: ...r in mnemonic host name format for example myhost mydomain com If you wish to use a host name you must first set up a host table using the host command filename The name you want to assign to the file on the TFTP server Include the full path to the file Enter an unquoted text string with no spaces and a maximum of 32 characters Showing CSS Configurations The CSS CLI provides a comprehensive set of...

Page 68: ... on your CSS show installed software Displays a list of currently installed software on the CSS show installed software disk_slot Displays a list of currently installed software on a specific disk in a dual disk CSS Valid selections are 0 for the disk in slot 0 or 1 for the disk in slot 1 Note Use the version command in SuperUser mode to display the version of software currently running on the CSS...

Page 69: ...n integer value for the chassis slot number show chassis verbose Displays detailed information about the chassis configuration show chassis flash Displays the operational and locked Flash software code on the CSS 11501 and the CSS 11503 or CSS 11506 SCM and I O modules An asterisk character before a Flash version of code and build number indicates that it is active show chassis inventory Displays ...

Page 70: ...or the chassis Slot Module Number The number of the CSS 11501 CSS 11503 or CSS 11506 chassis slot in which the module resides Module Name The name of the module installed in the CSS Status The operational status of the module The possible states are as follows primary backup powered off powered on bad unknown empty slot Slot Port The slot and port number on the CSS 11503 or CSS 11506 for example 2...

Page 71: ...running on the CSS Serial Number The serial number of the chassis Flash memory device Base MAC Address The MAC address for the chassis Slot Number The number of the CSS 11503 or CSS 11506 chassis slot in which the module resides Type The name and product number of the installed module Serial Number The serial number of the module Number of Ports The total number of ports in an I O module Status Th...

Page 72: ...5647 02 Port Name The port name Operational Status The status of the port The possible states are as follows online offline ok offline bad bad going online going offline inserted post post ok post fail post bad comm any unknown state Table 1 2 Field Descriptions for the show chassis slot Command continued Field Description ...

Page 73: ...stalled in the chassis Power Supplies Found The number of power supplies installed in the chassis Fan s Found The number of fans installed in the chassis Slot Subslot The number of the CSS 11503 or CSS 11506 chassis slot in which the module resides Module Name The name of the module installed in the CSS 11501 Operational The active Flash code on the CSS Locked The inactive Flash code available on ...

Page 74: ...mary backup powered off powered on bad unknown empty slot Port Number The Ethernet port number Port Name The port name Operational Status The status of the port The possible states are as follows online offline ok offline bad bad going online going offline inserted post post ok post fail post bad comm any unknown state Table 1 3 Field Descriptions for the show chassis verbose Command continued Fie...

Page 75: ... chassis slot in which the module resides Module Name The name of the module installed in the CSS 11501 Operational The active Flash code on the CSS Locked The inactive Flash code available on the CSS Table 1 5 Field Descriptions for the show chassis inventory Command Field Description Product Name The model number of the CSS SW Version The software version currently running on the CSS Serial Numb...

Page 76: ...ule installed in the CSS Slot The number of the CSS 11503 or CSS 11506 chassis slot in which the module resides Module The number of the CSS 11501 chassis slot in which the module resides Slot For a CSS 11503 or CSS 11506 the number of the chassis slot in which the session processor resides Sub For a CSS 11503 or CSS 11506 the number of the chassis module subslot in which the session processor res...

Page 77: ...s installed using this command increases CPU usage accordingly The increased CPU usage is a direct result of the computational overhead that occurs when the CSS polls the modules and calculates CPU usage Table 1 7 describes the fields in the show system resources command output Table 1 7 Field Descriptions for the show system resources Command Field Description Installed Memory The total memory si...

Page 78: ... is displayed in hour minute second format For the CSS 11503 or CSS 11506 this command shows the length of time each module has been running To display how long the CSS has been running enter show uptime Uptime 10 days 03 25 22 Table 1 8 Field Descriptions for the show system resources cpu_summary Command Field Description Name Module The name of the module installed in the CSS Slot For a CSS 1150...

Page 79: ...SS Valid selections are 0 for the disk in slot 0 or 1 for the disk in slot 1 The default is the disk from which the CSS booted For example to display the CSS disk information for the disk in slot 1 enter show disk 1 Table 1 9 describes the fields in the show disk command output for the CSS Table 1 9 Field Descriptions for the show disk Command Field Description Total of Clusters The total number o...

Page 80: ...r database picard Table 1 10 describes the fields in the show user database command output Lost Chains The total number of lost chains found on the disk Total Bytes in Lost Chains The total number of bytes in all of the lost chains found on the disk Table 1 9 Field Descriptions for the show disk Command continued Field Description Table 1 10 Field Descriptions for the show user database Command Fi...

Page 81: ...the username offdm command Technician technician username created using the username technician command If the field is blank the user is neither an administrator nor a technician Note The username offdm command is for use by system administrative personnel only The username technician command is for use by technical personnel only Table 1 10 Field Descriptions for the show user database Command c...

Page 82: ...directories in the following order Script Log Root installed CSS software Archive Release Root configuration files Core and MIBs directories By default users have both read and write access privileges B to all seven directories The levels for each of the CSS directories can be one of the following access privilege codes R Read only access to the CSS directory W Write only access to the CSS directo...

Page 83: ...configuration for the CSS including configuring an FTP record and specifying the primary and secondary location from which the CSS accesses the boot image Table 1 11 Field Descriptions for the show lines Command Field Description Line The type of session The indicates your current session User The login name of the user Login The amount of time that the user has been logged in on the CSS Idle The ...

Page 84: ...Chapter 1 Managing the CSS Software Where to Go Next 1 50 Cisco Content Services Switch Administration Guide OL 5647 02 ...

Page 85: ... noted This chapter contains the following major sections Boot Setup Quick Start Accessing Boot Mode Specifying the Primary Boot Configuration Specifying the Secondary Boot Configuration Configuring a Boot Configuration Record for the Passive SCM Showing the Boot Configuration Booting the CSS from a Network Drive As an alternate procedure for managing the CSS boot configuration from the CLI you ca...

Page 86: ...Protocol FTP record file to use when accessing an FTP server from the CSS This step is optional ftp record arrowrecord 192 168 19 21 bobo secret outgoing Note Refer to Chapter 1 Managing the CSS Software for details on creating an FTP record 2 Access boot mode config boot 3 Specify the primary boot configuration config boot primary boot file ap0720002 config boot primary boot type boot via ftp arr...

Page 87: ...specify the primary boot configuration The options for this boot mode command are as follows primary boot file Specifies the primary boot file primary boot type Specifies the primary boot method local disk using FTP or a network mounted file system using FTP primary config path Specifies the path to a network CSS configuration This section includes the following topics Specifying the Primary Boot ...

Page 88: ...oftware version that resides on the CSS disk boot via ftp ftp_record Downloads an ADI file containing CSS software that you want to install on the CSS disk The CSS accesses the ADI or GZIP file containing the CSS software from an FTP server copies the file to the disk and unpacks it The CSS then boots from the disk boot via network ftp_record Uses FTP to boot the CSS from software located on a net...

Page 89: ...SS 11501 Front Panel 10 Mbps Ethernet Management port When you select primary boot type boot via network make sure you Locate the remote system on the network where you will copy the CSS software Make sure the CSS can access the system via FTP Copy the CSS software Zip file from www cisco com onto the designated network server Create a directory and unzip the file in to the directory This director...

Page 90: ...e corresponding subdirectories of the unzipped boot image First create these subdirectories on the FTP server then copy the files from the boot image to the subdirectories Enter the configuration pathname as an unquoted text string with no spaces and a maximum of 64 characters To configure the primary configuration path enter config boot primary config path f bootdir To remove the primary network ...

Page 91: ...ndary boot file ap0720001 To display a list of secondary boot filenames enter config boot secondary boot file To remove the secondary boot file enter config boot no secondary boot file Specifying the Secondary Boot Type Use the secondary boot type command to specify the secondary boot configuration The syntax for this boot mode command is secondary boot type boot via disk boot via ftp ftp_record b...

Page 92: ...the secondary boot type as boot via disk enter config boot secondary boot type boot via disk To remove the secondary boot type enter config boot no secondary boot type Secondary Boot Configuration Considerations When you select secondary boot type boot via ftp or secondary boot type boot via network make sure you properly connect the Ethernet Management port on the CSS to the network Note the loca...

Page 93: ... path command to specify the alternate path to a network configuration for the network boot method Note that the CSS must be able to access the configuration path through an FTP server as defined through the FTP record for the network boot method When using an alternate configuration path make sure the path leads to a directory containing the script log and information subdirectories and to the st...

Page 94: ...oot record on the passive SCM that has a software version that differs from the active SCM The boot configuration record allows you to run a new software version on the active SCM and have an older software version on the passive SCM You can also configure a different IP address on the passive SCM to track an active to passive state transition between the SCMs You can track active to passive state...

Page 95: ...ess For example config boot passive gateway address 172 16 3 6 To change the passive SCM boot gateway address reenter the passive gateway address command Configuring the Passive SCM IP Address Use the passive ip address command to configure the boot IP address for the passive SCM Enter the IP address for the passive SCM to be used upon CSS boot up Do not enter an all zero IP address For example co...

Page 96: ...type boot via disk Boots the CSS from a software version that currently resides on the CSS disk boot type boot via ftp ftp_record Downloads an ADI file containing CSS software that you want to install on the CSS disk The CSS accesses the ADI or GZIP file containing the CSS software from an FTP server copies the file to the disk and unpacks it The CSS then boots from the disk boot type boot via net...

Page 97: ...nfiguration path make sure the path leads to a directory containing the script log and information subdirectories and the startup config file These subdirectories must contain the files in the corresponding subdirectories in the unzipped boot image First create these subdirectories on the FTP server then copy the files from the boot image to the subdirectories Enter the configuration path for netw...

Page 98: ...rsion that resides on the CSS disk boot type boot via ftp ftp_record Downloads an ADI file containing CSS software that you want to install on the CSS disk The CSS accesses the ADI or GZIP file containing the CSS software from an FTP server copies the file to the disk and unpacks it The CSS then boots from the disk boot type boot via network ftp_record Uses FTP to boot the CSS from software locate...

Page 99: ...a network configuration for a passive SCM network boot method When using an alternate configuration path make sure that the path leads to a directory containing the script log and information subdirectories and the startup config file These subdirectories must contain the files in the corresponding subdirectories of the unzipped boot image First create these subdirectories on the FTP server then c...

Page 100: ...oot configuration startup configuration or clock time information between the active SCM and the passive SCM in a CSS 11506 use the following commands passive sync boot config Copies the boot configuration record from the active SCM to the passive SCM passive sync startup config Copies the startup config file from the active SCM to the passive SCM passive sync image Copies the ADI of the boot imag...

Page 101: ...ess the page listing the network boot zip file versions of CSS software Click an image to download the software Note Be aware of the following network boot restrictions a network boot is not supported on UNIX workstations and the War FTP daemon is not supported for network booting the system software In addition network booting does not support the use of core dumps from the CSS Perform a network ...

Page 102: ...CSS 3 Unzip the file You must use the zip distribution format for network loading 4 Configure the FTP record Refer to Chapter 1 Managing the CSS Software for details on creating an FTP record Note that the config path and the base directory path in the FTP record associated with the network boot must contain a pathname that is distinct from a non network drive name for example c or host For exampl...

Page 103: ...assive SCM connects to the remote disk and loads the software configuration 3 Configure the CSS to boot from a network drive For example config boot passive primary boot type boot via network bootrecord To display a list of configured FTP records reenter the command and specify the character For example config boot passive primary boot type boot via network bootrecord 4 Optionally configure a prim...

Page 104: ...md Set s Standard Feature Set Enhanced Feature Set Secure Management Note Use the version command in SuperUser mode to display the network boot configuration To display network boot configuration information use the show boot config command For example config show boot config BOOT CONFIG secondary config path e adi_directory secondary boot type boot via network Secondary Boot primary boot file sg0...

Page 105: ...ion in this chapter applies to all models of the CSS except where noted This chapter contains the following major sections User Profiles Overview User Profile Configuration Quick Start Configuring Idle Timeout Using Expert Mode Changing the CLI Prompt Modifying the History Buffer Configuring a Pre Login Banner Configuring a Login Banner Copying and Saving User Profiles ...

Page 106: ...cripts directory of the current ADI use the copy profile command If you do not save this setting the CSS stores the setting temporarily in a running profile If you attempt to log out of the CSS without saving profile changes the CSS prompts you that profile changes have been made and allows you to save or discard the changes You can also use the save_profile alias command to save your user profile...

Page 107: ...upgrade script play upgrade alias super monitor script play monitor alias super save_profile copy profile user profile archive script admin profile set CHECK_STARTUP_ERRORS 1 session User Profile Configuration Quick Start Table 3 1 provides a quick overview of the steps required to configure a user profile Each step includes the CLI command required to complete the task For a complete description ...

Page 108: ...console or Telnet session config idle timeout 15 7 Optional Enable expert mode to disable the CSS from prompting you for confirmation when you make changes Expert mode is available in SuperUser mode and is off by default expert 8 Optional Change the default CLI prompt CSS product model number followed by the symbol CSS11506 prompt CSS1 lab CSS1 lab 9 Optional Modify the CLI history buffer length h...

Page 109: ...me you log in Otherwise you must reenter the commands for the parameters to take effect each time you log in This section includes the following topics Configuring Terminal Idle Configuring Terminal Length Configuring the More Terminal Prompt Configuring Terminal Netmask Format Configuring Terminal Timeout Configuring Terminal Idle By default the terminal idle time is disabled Use the terminal idl...

Page 110: ...e More Terminal Prompt When you enter the question mark character at the command line to get help about a command the CSS displays 24 lines on the terminal The More prompt indicates that additional CLI commands are to follow By default the CSS disables the display of the More prompt To display the More prompt at the bottom of the terminal screen use the terminal more command Press the Space bar to...

Page 111: ...efault format terminal netmask format hexadecimal Displays masks in hexadecimal format for example OXFFFFFFOO For example to display subnet masks in bit count format enter terminal netmask format bitcount To restore the default display format decimal enter no terminal netmask format Configuring Terminal Timeout By default the CSS does not have a time limit for a console or Telnet session Use the t...

Page 112: ...t to 0 Note To override the idle timeout value for a specific Telnet console SSH or FTP session configure the terminal timeout command Terminal commands are user specific that is they apply uniquely to each CSS user To set an idle timeout value for Telnet console SSH or FTP sessions enter config idle timeout 15 We recommend that you configure the Telnet idle timeout for at least 30 minutes Setting...

Page 113: ...tartup configuration Create services owners and content rules Caution Turning expert mode on disables the CSS from prompting you for confirmation when you make changes When you exit from the CSS all configuration changes are automatically saved to the profile and to the running config file You are not prompted for confirmation to save the changes To enable expert mode enter expert To allow the CSS...

Page 114: ...it to your user or default profile file To restore the prompt to the default use the no form of the prompt command For example CSS11506 no prompt Modifying the History Buffer The history buffer stores 20 lines of the most recent CLI commands that you enter Use the history command to modify the CLI history buffer length Enter the number of lines you want in the history buffer as an integer from 0 t...

Page 115: ...onfigure a custom banner that displays before you log in when you connect to a CSS The banner is an ASCII text file that you provide and it must reside in the CSS script directory This banner is a general banner that is the same for all users For example you could create a banner that includes the name of your company or a department within your company To configure a pre login banner use the prel...

Page 116: ...e the configuration enter the following command at the CSS CLI config prelogin banner newBanner The next time you connect to the CSS the custom banner appears To reset the default behavior of the CSS to no pre login banner enter config no prelogin banner Configuring a Login Banner The CSS banner is an ASCII text file that you provide and it must reside in the CSS script directory Because this feat...

Page 117: ...ofile Copying and Saving User Profiles To copy the running profile from the CSS to the default profile file an FTP server a TFTP server or your user profile file use the copy profile command This command is available only in SuperUser mode If you exit the CSS without copying changes in the running profile to your username profile or default profile file the CSS prompts you that the profile has cha...

Page 118: ...mand creates a file username profile if one does not exist where username is the current username For example copy profile user profile Copying the Running Profile to an FTP Server To copy the running profile to an FTP server use the copy profile ftp command This command is available only in SuperUser mode The syntax is copy profile ftp ftp_record filename The variables for this command are as fol...

Page 119: ...le Enter an IP address in dotted decimal notation for example 192 168 11 1 or in mnemonic host name format for example myhost mydomain com filename The name you want to assign to the file on the server Include the full path to the file Enter an unquoted text string with no spaces and a maximum of 32 characters For example copy profile tftp 192 168 3 6 home bobo bobo profile Where to Go Next Chapte...

Page 120: ...Chapter 3 Configuring User Profiles Where to Go Next 3 16 Cisco Content Services Switch Administration Guide OL 5647 02 ...

Page 121: ...nterpret log messages Information in this chapter applies to all CSS models except where noted This chapter contains the following major sections Logging Overview Specifying Logging Buffer Size Configuring Logging for a Subsystem Specifying a Log File Destination Logging CLI Commands Showing Log Files Copying Log Files to an FTP or TFTP Server Interpreting sys log Log Messages Interpreting Undeliv...

Page 122: ...ves these messages in the sys log file created when the first loggable subsystem event occurs The CSS determines which subsystem messages to log by its configured logging level By default the CSS logs events on all subsystems with a level of warning The warning level designates that the CSS logs fatal alert critical error and warning messages for the subsystem You have the option to log subsystem ...

Page 123: ...Flash disk and console None Results of the boot process boot bak Hard disk and console or Flash disk and console None Backup of a boot log file Each time you reboot the CSS the software renames the current boot log file to boot log prev and starts a new boot log file The CSS overwrites an existing backup boot log file when a boot log file is renamed sys log Hard disk or Flash disk Console syslogd ...

Page 124: ...ode at the root prompt sys log prev Hard disk or Flash disk Console syslogd VTY1 VTY2 Backup of a system log file When a system log file reaches its maximum size 50 MB for a hard disk based CSS 10 MB for a Flash disk based CSS the software renames the system log file to sys log prev and starts a new system log file The CSS overwrites an existing backup system log file when a system log file is ren...

Page 125: ...l fac flowagent flowmgr fp driver hfg ipv4 keepalive natmgr netman netmgr nql ospf pcm portmapper proximity publish radius redundancy reporter replicate rip security ssl accel slr sntp sshd syssoft urql vlanmgr vpm vrrp wcc level Valid levels fatal 0 alert 1 critical 2 error 3 warning 4 notice 5 info 6 debug 7 logging subsystem rip level alert 1 3 Specify the destination disk host line where you w...

Page 126: ...ecifying a buffer size is required only if you specify logging to disk as the log file destination To set the disk buffering size use the logging buffer command Specify the buffer size from 0 to 64000 bytes The default is 0 where the CSS sends the logging output directly to the log file To set the buffer size to 1000 bytes enter config logging buffer 1000 4 Optionally enable the CSS to send log me...

Page 127: ...fault the logging levels for all CSS subsystems is set at warning 4 The level you specify instructs the CSS to log subsystem activity that occurs at that level and the activity greater than that level For example if you wish to log informational messages info 6 the CSS also logs notice warning error critical alert and fatal error levels Use the logging subsystem command to select a CSS subsystem a...

Page 128: ...er Buffer manager cdp Cisco Discovery Protocol CDP chassis Chassis manager circuit Circuit manager csdpeer Content Server Database CSD peer dhcp Dynamic Host Configuration Protocol DHCP dql Domain Qualifier List DQL fac Flow Admission Control FAC flowagent Flow agent flowmgr Flow manager subsystem fp driver Fathpath driver hfg Header Field Group HFG ipv4 Internet Protocol version 4 IPv4 keepalive ...

Page 129: ... RADIUS redundancy CSS redundancy reporter Reporter replicate Content replication rip Routing Information Protocol RIP security Security manager slr Session Level Redundancy sntp Simple Network Time Protocol SNTP sshd SSHD ssl accel Secure Socket Layer SSL Acceleration syssoft System software urql Uniform Resource Locator Qualifier List URQL vlanmgr VLAN manager vpm Virtual pipe manager vrrp Virtu...

Page 130: ... at the critical level link down cold start warm start service down service suspended error 3 General errors including critical alert and fatal errors warning 4 default Warning messages including all lower levels error critical alert and fatal notice 5 Notice messages including all trap events except for events logged at critical and all lower levels except for info and debug info 6 Informational ...

Page 131: ...e you configure logging for a specific ACL clause ensure global ACL logging is enabled To globally enable ACL logging use the logging subsystem acl level debug 7 command in configuration mode To configure logging for an ACL clause 1 Enter the ACL mode for which you want to enable logging config acl 7 config acl 7 2 Enable logging for A new clause by entering the log option at the end of the clause...

Page 132: ...address for the recipient Enter the e mail address as an unquoted text string with a length of 1 to 30 characters IP_address The IP address for the SMTP host Enter the IP address in dotted decimal notation for example 192 168 11 1 level The type of information to log The valid levels are defined in Table 4 4 domain Optional The domain name for the SMTP host Enter an unquoted text string with a max...

Page 133: ...lash disks generally provide the most reliable way to store information over time hard disks endure frequent writes to disk better than the Flash disks currently available To prevent excessive writes to the CSS disk consider disabling logging to the sys log file on disk see the Disabling Logging to the sys log File on the Disk section You can continue sending CSS log information to the sys log fil...

Page 134: ...ends subsystem and level information to the log file specified You can have only one active log file on the disk at a time If you wish to send subsystem information to a different log file on the disk reenter the logging disk command with a different filename Caution Logging to a CSS disk causes the performance of the CSS to degrade To stop logging to the specified file and reenable logging to the...

Page 135: ...le You must specify the logging to disk enable command to reactivate the sys log file logging to disk enable Resets logging back to disk and resumes writing default log information to the CSS sys log file You are prompted to reboot the CSS after issuing the logging to disk disable or logging to disk enable commands for the command to take effect Note You can continue sending CSS log information to...

Page 136: ...evel number Specifies the level of the CSS subsystem log messages to be sent to the syslog daemon on the host The valid log levels for the CSS include fatal 0 alert 1 critical 2 error 3 warning 4 default notice 5 info 6 debug 7 The logging levels are listed in order of severity with a fatal 0 level being the most severe error and an info 6 level being the least severe error Refer to Table 4 4 for ...

Page 137: ...nter the line as a case sensitive text string with a maximum of 32 characters The CSS continues to send log information to the sys log file on the CSS disk hard or Flash disk even when the logging line command is entered To disable logging to the sys log file on the CSS disk use the logging to disk disable command see the Disabling Logging to the sys log File on the Disk section To display a list ...

Page 138: ...og Files Use the show log command to display the contents in a log or trap log file a list of all log files or the state of logging for CSS facilities You can use the show log command in all modes including User mode When you use the show log command to send the log activity to your current session and you want to stop sending log activity press any key on the terminal or workstation The show log ...

Page 139: ...ges When a traplog file reaches its maximum size 50 MB for a hard disk based CSS 10 MB for a flash disk based CSS the CSS renames the traplog file to traplog prev as a backup file and starts a new traplog file The CSS overwrites the backup traplog file when it renames the traplog file Each time the CSS reboots it continues to use the existing traplog file until it reaches its maximum size Note Whe...

Page 140: ...nter the show log command with a valid log filename For example show log stubs SEP 22 09 59 18 5 1 918 NETMAN 7 SNMP SET RSP 3803 SEP 22 09 59 53 5 1 919 NETMAN 7 SNMP SET 3804 SEP 22 09 59 53 5 1 920 NETMAN 7 SNMP 1 apLogHostIpAddress 1 2 3 4 VT_IPADDRESS 1 2 3 4 SEP 22 09 59 53 5 1 921 NETMAN 7 SNMP 2 apLogHostIpAddress 1 2 3 4 VT_IPADDRESS 1 2 3 4 To view the content of the sys log file enter c...

Page 141: ...tions for the show log state Command Field Description Subsystems acl Access Control List ACL app Application Peering Protocol APP boomerang DNS Content Routing Agent CRA buffer Buffer manager cdp Cisco Discovery Protocol CDP chassis Chassis manager circuit Circuit manager csdpeer Content Server Database CSD peer dhcp Dynamic Host Configuration Protocol DHCP dql Domain Qualifier List DQL fac Flow ...

Page 142: ...tent replication rip Router Information Protocol RIP security Security manager slr Session Level Redundancy sntp Simple Network Time Protocol SNTP sshd SSHD ssl accel Secure Sockets Layer SSL Acceleration syssoft System software urql Uniform Resource Locator Qualifier List URQL vlanmgr VLAN manager vpm Virtual pipe manager vrrp Virtual Router Redundancy Protocol wcc Web conversation control Levels...

Page 143: ...g file from the CSS to an FTP server create an FTP record file containing the FTP server IP address username and password Refer to Chapter 1 Managing the CSS Software for information on configuring an FTP record notice Log notice messages including errors at the warning level warning Log warning errors default including errors at the error level error Log errors including errors at the critical le...

Page 144: ...no spaces and a maximum of 16 characters To create an FTP record see Chapter 1 Managing the CSS Software filename Specifies the name you want to assign to the file on the FTP server Include the full path to the file Enter an unquoted text string with no spaces and a maximum of 32 characters For example to copy the starlog log file to an FTP server copy log starlog ftp ftpserv1 starlogthurs Copying...

Page 145: ...P BPDU on bPort 1 egressLp 0x1f00 VlanLpSend ret 0 A log message consists of the following components The time stamp indicates when the log message event occurred In this example the time stamp is FEB 16 14 01 13 The physical interface indicates the slot subslot for example 5 1 where the event occurred in the CSS The counter records the incremental occurrence of each message The count of this mess...

Page 146: ...in Figure 4 1 Figure 4 1 Undeliverable Message Format The logging header contains A time stamp with the date and time The CSS slot and subslot number A logging sequence counter indicating that log messages were dropped due to excessive logging or CSS processor load The subsystem and its log level Figure 4 2 shows an example of a logging header Figure 4 2 Logging Header in a Log Message Logging Hea...

Page 147: ...destination indicates one of the following String decoded name of the destination message queue Hexadecimal value if the error type is QUEUE DELETED QUEUE INVALID or QUEUE UNKNOWN INTERNAL which indicates a LOCAL message passed between the tasks on the same processor The Message section in the logging message provides additional information concerning the problem The log level for the undeliverabl...

Page 148: ...liverable message appears in the log each time the message occurs and an identifier appears in the body of the message The logging message displays a message similar to the following Message IMM Base Class IPV4_ARP Identifier 1 from 1 1 the other CSS failed to reach destination Ipv4Arp on 1 1 this CSS Note The Debug 7 log level displays debug messages and all other error levels Be aware that selec...

Page 149: ...ut the entire CSS Message Detail For a LOCAL message type there is no detail For an EVENT message type the details can be one of the following String decoded name of the event when the event is known For example Event Ipv4ArpChangeEvent Hexadecimal encoded name of the event when the event is out of range For example Event unknown type 0x00a00005 For an IMM message type the details include the Base...

Page 150: ... 1 other CSS A LOCAL message type also includes information for the local processor context in string format For example from 1 1 EventAgent this CSS Destination Information The destination as displayed at the beginning of the logging message The destination information identifies where the message is going This information includes the slot and subslot numbers as they appear in the logging header...

Page 151: ...bsystems The master SCM should be the only destination The Identifiers for each assigned message type are 0 Occurs during the boot process to indicate that boards are present for processing 1 Occurs only once for each module during the boot process to indicate that the boards are ready for processing 2 Module state change notifications from the Chassis Manager and Online Diagnostic Monitor subsyst...

Page 152: ...tiated by the Session Processor IPv4ARP Task IPV4_RDNMGR_TID IMM message undeliverables or queue drops on the IP Redundancy Manager queue residing on the SCM The Identifiers for each assigned message type are 0 VRRP software callback 1 VRRP one second timer 2 Remove service from the virtual routers 3 Redundancy VIP from the virtual routers IP Redundancy Manager IPV4_SLAVE_RX IMM message undelivera...

Page 153: ...the ImmRxQ queue for pings and on the SysImmPing queue for ping acknowledgements The SysImmPing queue is not permanent and is created and deleted dynamically as SysImmPing commands are issued The Identifiers for each assigned message type are 0 Pings 1 Ping acknowledgements Syssoft IMM Table 4 7 IMM Message Identifiers continued Base Class Decoded Name Description and Message Identifier Subsystem ...

Page 154: ...tch 2 254 Discarding ACL 7 TCP SrcPort 1043 DestPort 21 ACL 7 Source 172 20 57 2 ACL 7 Dest 172 20 48 35 Incoming traffic matches an ACL statement The CSS examines and then drops the packet The log message appears for a packet that has an ACL statement applied by the flow manager This log message indicates that load balancing can take place ACL 7 ACL rule match 2 254 Discarding packet Log Enabled ...

Page 155: ...tioning power supplies to guarantee service If the following message appears first then you can assume that the problem is with the AC power source not the power supply CHMGR Cannot locate power supply PSnumber The PSnumber variable indicates which power supply cannot be found or has failed To determine whether the Cisco 11500 series CSS power supplies are working properly both LEDs on the front o...

Page 156: ... two functioning power supplies to guarantee service The PSnumber variable indicates which power supply cannot be found or has failed If you know that the power source is supplied to the chassis and correctly flowing to it then the problem may be the power supply To determine whether the Cisco 11500 series CSS power supplies are working properly make sure that both LEDs on the front of each power ...

Page 157: ...ED 4 CM_LP_STATE_CHG 5 CM_CIRCUIT_REMOVED 6 CM_LP_ADDED 7 CM_LP_REMOVED 8 CM_LP_MODIFIED 9 CM_LP_FAILOVER 10 CM_CIRCUIT_DOWN 11 This log message indicates that a port has been added to a VLAN This log message can occur when the association to a VLAN changes as the port transitions from an up to a down state Use the show circuit command to list the VLANs refer to the Cisco Content Services Switch R...

Page 158: ... of the Ethernet ports received a high number of malformed packets resulting in an overflow of the fastpath In this case the flow manager received a badly formatted control message from the fastpath This problem may be due to intermittent hardware which results in the fastpath corrupting the packets or the problem is related to the fastpath receiving streams of malformed packets and leaking some o...

Page 159: ...CP flow Re Transmit ERROR FLOWMGR 6 FM_ReTransTimeout Re Transmit timeout ERROR FLOWMGR 6 FM_Tcp Handling generic FMTCP flow Re Transmit ERROR FLOWMGR 6 FM_ReTransTimeout Re Transmit timeout ERROR FLOWMGR 6 FM_Tcp Handling generic FMTCP flow Re Transmit ERROR If the CSS handles a content request for a Layer 5 rule that spans more than three TCP packets after the CSS decides on the server to use it...

Page 160: ...yed ACK is sent to the client and the client responds back with a TCP SYN FIN RST handshake sequence The client side closes down unexpectedly When this log message occurs as a result of the server side connection the issue could be due to the CSS sending the spanned content request to the server and did not get an acknowledgement from the server or received an unexpected response for example due t...

Page 161: ... connection with the backend server the CSS must receive the following TCP IP handshake SYN SYN ACK ACK GET After receiving the GET message the CSS opens the backend connection At that point the log message is generated When several of these log messages occur there might be a malfunctioning server The server problem could be from keepalives or from regular TCP HTTP traffic Make sure the port 80 s...

Page 162: ...e reference count on a buffer when the CSS sends a packet to multiple locations The fast path uses an MCID to reference count the buffer with a contained packet that is being flooded to all ports in a VLAN For MCIDs to be depleted in the CSS there must be 1024 reference counted packets queued up in some combination of hardware queues and software queues To fill up hardware queues the CSS must rece...

Page 163: ...ge queue the queue could fill up before running the recipient task processing the messages and freeing the buffers Of the two potential causes the most likely causes is the CSS receiving a large number of packets which it must flood out all ports This log message typically occurs when the CSS loses a specific route and forwards the flow out the default gateway The default gateway then forwards the...

Page 164: ...d for buffering This log message indicates the CSS received a packet that was addressed to a CSS IP address and when attempting to send the packet up the VxWorks IP stack the CSS had no remaining buffers These buffers are separate from those used for flow setup and forwarding purposes They are used only when traffic is sent to the CSS itself for example during a Telnet session The CSS logs only on...

Page 165: ...p and down or a configuration change occurred on the VLAN at the time of the message IPV4 4 Ipv4SfmForwRx bad IP version received 0 The IPV4 receive task received a packet and the IP version is displayed in parentheses The CSS discards any packet that is not Ipv4 version 4 In this example the IP version is 0 If you see many of these messages the problem could be an improperly configured device or ...

Page 166: ...al message No further action is required IPV4 4 Ipv4ApIoctl unknown command 1074031872 This is an informational message No further action is required IPV4 4 Ipv4SfmForwRx buffer length 872 less than IP length 1004 IP packets have been corrupted and the IP header Total Length value does not match with the actual length of the packet In this case the SFP receives less total bytes than expected from ...

Page 167: ...s RIP with the VIP address and the range To ensure the proper advertisement of the VIPs RIP verifies the VIP address and range This log message occurs when RIP is unable to find the VIP address received in the callback message from the redundancy manager Check the IP address specified in the rip advertise command and verify that the VIPs are configured properly for VIP and virtual interface redund...

Page 168: ... VccRemoveVc egress 0x09c01f00 A CSS Ethernet port became unavailable As a result the IPV4 module was unable to delete a Virtual Circuit established through the switch fabric to the fastpath This is an informational message No further action is required Table 4 8 Cisco 11500 Series CSS Log Messages continued Log Message sys log Subsystem Name Level and Message Cause and Resolution ...

Page 169: ...P 0 0 0 0 IPV4 4 Target HA 000000000000 IPV4 4 Target IP 0 0 0 0 The first line in the log message identifies the destination MAC address of the packet the source address of the packet and the type of IP packet In the example above the destination MAC address is ff ff 53 ff 01 ff and the source MAC address is ff 00 77 e7 65 03 In addition 0806 equals ETHERTYPE_ARP The second line in the message id...

Page 170: ...ss as an aid to locate the device with the duplicate IP address The second message is intended to assist you in locating the port on the CSS that has received the duplicate IP address Use the flow statistics command to locate the interface on the CSS The flow statistics command should correspond the CE value listed in the log message with a port keepalive Subsystem KAL 7 kal_ServiceNotify kalIndex...

Page 171: ...ing In this example the CSS sends a trap to the configured SNMP trap receiver stating that a client with IP address 192 168 36 252 is trying to access the CSS with an incorrect community string This log message also appears when a user attempts to access the CSS using SNMP and SNMP is not configured on the CSS Refer to Chapter 5 Configuring Simple Network Management Protocol SNMP for configuration...

Page 172: ...ssion terminates The security manager can reject the log in when The maximum number of concurrent security manager users had been exceeded 128 concurrent users The CSS could not re register if you had a session that just ended and the flow cleanup was not performed and you attempted to re register too soon The CSS ran out of memory and could not allocate a control block Table 4 8 Cisco 11500 Serie...

Page 173: ...ere is a communications problem between the SFP 9 2 and the FEM JAN 5 00 31 43 arrowpoint1 com 9 2 385390 SYSSOFT 3 ONDM Timeout downloading image to EPIF 0 from the switch JAN 5 00 31 45 arrowpoint1 com 9 2 385407 SYSSOFT 3 ONDM Timeout downloading image to EPIF 0 from the switch Reseat the SFM in slot 9 then reseat the FEM in slot 13 that is controlled by the SFM Cycle power to the CSS NETMAN 2 ...

Page 174: ...nity string Refer to Chapter 5 Configuring Simple Network Management Protocol SNMP for details on specifying a community string NETMAN 5 Enterprise Service Transition nexthop00001 down The next hop IP address can not be reached by the CSS When you configure a static route an internal service is automatically created by the CSS When the service is up the static route is included in the routing tabl...

Page 175: ...nd NETMAN 7 CLM ERROR from clm_DispatchActionRoutine An invalid CLI command was entered In this example a user entered the dir command in debug mode and specified an invalid directory For example debug dir d NETMAN 7 SNMP UNKNOWN RSP 493512 NETMAN 7 SNMP 493512 Index 1 NO_SUCH_NAME A valid SNMP agent community string matched is attempting to set an invalid object and the CSS does not recognize the...

Page 176: ...lock of memory In some cases this message may be caused by a replication misconfiguration Review the configuration and verify that it reflects what was intended Verify that files are being replicated properly If this message is seen with significantly smaller memory requests the system memory may not sufficient in size to meet the requirements of the configuration To isolate the issue monitor the ...

Page 177: ...tication failed with reason code 2 In this message the different codes include define PW_ACCESS_REQUEST 1 define PW_ACCESS_ACCEPT 2 define PW_ACCESS_REJECT 3 define PW_ACCOUNTING_REQUEST 4 define PW_ACCOUNTING_RESPONSE 5 define PW_ACCOUNTING_STATUS 6 define PW_ACCESS_CHALLENGE 11 In the example above code 2 indicates that the CSS received the Accept response from the RADIUS server but may have rej...

Page 178: ...dware SYSSOFT 3 ONDM Could not open file wsscm sys SYSSOFT 3 ONDM Could not download Sub module 8 1 SYSSOFT 3 ONDM Could not open file wssfm sys SYSSOFT 3 ONDM Could not download Sub module 6 2 SYSSOFT 3 ONDM Could not download Sub module 6 1 SYSSOFT 3 ONDM Could not download Sub module 5 2 SYSSOFT 3 ONDM Could not download Sub module 5 1 SYSSOFT 3 ONDM No Sfm proxy for Slot 2 SYSSOFT 3 ONDM No Sf...

Page 179: ...CSS 11503 No corrective action is required SYSSOFT 4 Event not deliverable msgq id 0x8cc48980 event id 29 event name BridgeMacAddrEvent The CSS was unable to deliver a certain process because a queue was full Every message signifies that a event has been dropped because the queue full condition This message appears when the fastpath network processor performs a source MAC address lookup and cannot...

Page 180: ...SPF process the caretaker processes one for each SFM which try to keep the SFM and SCM route tables in sync the static route process and the ARP process register for this event Look for any routes transitioning state locally attached stations or servers going up and down or a large number of ARP requests being performed SYSSOFT 7 MPOOL mpoolAutoAlloc WARN Overr un on MPOOL 3 321 This message typic...

Page 181: ...ystem VPM removed Vc 8000b00 based on failure of port 3401f00 010 The CSS is reclaiming the resources used by a specific Ethernet port because the port is unavailable The CSS reclaims resources when a port is unresponsive to an internal check or when a circuit is unavailable No addressing information is available for that Ethernet port Use the show interface command to display information for the ...

Page 182: ...Chapter 4 Using the CSS Logging Features Where to Go Next 4 62 Cisco Content Services Switch Administration Guide OL 5647 02 ...

Page 183: ...ief overview of SNMP an Application Layer protocol used extensively in the communications industry Information in this chapter applies to all CSS models except where noted This chapter contains the following major sections SNMP Overview Management Information Base MIB Overview Preparing to Configure SNMP on the CSS Defining the CSS as an SNMP Agent Configuring Denial of Service DoS Displaying the ...

Page 184: ...cts MIBs are discussed in the Management Information Base MIB Overview section This section includes the following topics Managers and Agents SNMP Manager and Agent Communication Note By default SNMP access to the CSS is enabled through the no restrict snmp command For details see the Preparing to Configure SNMP on the CSS section Managers and Agents SNMP uses software entities called managers and...

Page 185: ...of users logged on to the agent device or the status of a critical process on that device The agent gets the value of the requested MIB object and sends the value back to the manager Retrieve the value immediately after the variable you name a GET NEXT action The SNMP manager retrieves values from within a MIB Using the get next function you do not need to know the exact MIB object instance you ar...

Page 186: ... traps and associated MIB objects supported by the CSS software see the CSS SNMP Traps section When a trap condition occurs the SNMP agent sends an SNMP trap message to the device specified as the trap receiver or trap host The SNMP Administrator configures the trap host usually the SNMP management station to perform the action needed when a trap is detected Figure 5 1 illustrates SNMP manager and...

Page 187: ...ured hierarchically The MIB hierarchy is referred to as the MIB tree The MIB tree is defined by the International Standards Organization ISO The MIB is installed on the SNMP manager and is present within each agent in the SNMP network At the top of the tree is the broadest information about a network Each branch and sub branch of the tree gets progressively more specific and the lowest branches of...

Page 188: ...Figure 5 2 Top of the MIB Tree This section includes the following topics MIB Variables MIB Extensions Enterprise MIBs Updating MIB Files standard 0 registration authority 1 member body 2 organization 3 dod 6 internet 1 directory 1 management 2 experimental 3 private 4 enterprises 1 cisco 9 ccitt 0 iso 1 iso ccitt 2 additional branches 114852 arrowpoint 368 ciscoMgmt 9 ...

Page 189: ...er is called the object identifier OID and it uniquely identifies the MIB object in the MIB tree The dotted lines represent other branches not relevant to this discussion For example note in Figure 5 2 that the MIB object labeled arrowpoint 368 which contains the MIB objects specific to the CSS can be labeled iso organization dod internet private enterprises cisco ciscoMgmt arrowpoint or 1 3 6 1 4...

Page 190: ...efore you can load the CSS MIBs on your management station you must load the following standard MIBs SNMP v1 Standard MIBs RFC 1212 RFC 1215 INET ADDRESS MIB SNMP FRAMEWORK MIB SNMPv2 TC v1 RFC1155 SMI SNMPv2 SMI v1 RFC 1493 SNMP v2 Standard MIBs SNMPv2 SMI SNMPv2 TC SNMP FRAMEWORK MIB SNMPv2 CONF INET ADDRESS MIB BRIDGE MIB To update the standard MIBs on your management station after you upgrade ...

Page 191: ... mget command which is used for multiple file transfers 2 Load the CSS MIBs into the management application Note The v2 directory contains the full set of CSS v2 MIBs The v1 directory contains only those CSS v1 MIBs that will compile using a v1 compiler If you do not find a MIB that you need in the v1 directory use the corresponding MIB in the v2 directory SNMP Communities Each SNMP device or memb...

Page 192: ... CSS default setting restrict snmp Disables SNMP access to the CSS Before you set up SNMP on your network consider the following items when planning your SNMP configuration Decide which types of information the SNMP manager needs if your application is using an SNMP manager Choose the particular MIB objects that you want through the management software Decide how many trap hosts you need In some n...

Page 193: ...NMP Trap Host Configuring SNMP Trap Source SNMP Agent Configuration Quick Start Table 5 1 provides a quick overview of the steps required to configure the CSS as an SNMP agent Each step includes the CLI command required to complete the task For a complete description of each feature and all the options associated with the CLI command see the sections following Table 5 1 Table 5 1 Quick Start for D...

Page 194: ...generic traps This step is required if you plan to use authentication failure traps config snmp trap type generic 7 Optional Turn on authentication failure traps This step requires that you turn on generic traps See step 6 An authentication failure occurs if an unauthorized SNMP manager sends an invalid or incorrect community name to an SNMP agent If an authentication failure occurs the agent send...

Page 195: ...nterprise login failure snmp reload enable 100 snmp trap type enterprise dos illegal attack trap threshold 1 9 Optional Configure the trap host for reload enable ability Reload enable allows a management station with the proper WRITE community privilege to reboot the CSS config snmp reload enable 100 10 Optional Configure special enterprise trap thresholds to notify the trap host of Denial of Serv...

Page 196: ...or read write before you use SNMP on the CSS The CSS is inaccessible until you specify a read community string The syntax for this global configuration mode command is snmp community community_name read only read write The variables and options for this command are community_name The SNMP community name for this system Enter an unquoted text string with no space and a maximum of 12 characters read...

Page 197: ...ct the person for example a phone number or e mail address For example config snmp contact Fred N Mandy To remove the specified SNMP contact name and reset it to the default of Cisco Systems Content Network Systems enter config no snmp contact Configuring an SNMP Location To set or modify the SNMP system location use the snmp location command You can specify only one location The syntax for this g...

Page 198: ... remove the SNMP name for a system and reset it to the default of Support enter config no snmp name Configuring an SNMP Trap Host To set or modify the SNMP host to receive traps from a CSS use the snmp trap host command You can specify a maximum of five hosts The syntax for this global configuration mode command is snmp trap host ip_or_host community_name snmpv2 The variables and option for this c...

Page 199: ...pecified source_ip_address The options and variable for this command are egress port Uses the VLAN circuit IP address configured on the egress port to set the Agent Address field of the trap You do not need to enter an IP address because the address is determined dynamically by the CSS management Uses the Ethernet management port IP address to set the Agent Address field of the trap This option is...

Page 200: ... example config snmp trap type generic To disable a generic trap enter config no snmp trap type generic Note Note that the CSS sends only SNMP v1 trap types Configuring SNMP Auth Traps By default reception of SNMP authentication traps is disabled on the CSS Use the snmp auth traps command to enable reception of SNMP authentication traps The CSS generates these traps when an SNMP management station...

Page 201: ...reporter transitions state A module is inserted into a powered on CSS chassis An Inter Switch Communications ISC LifeTick failure message occurs Use the no form of the snmp trap type enterprise command to prevent the CSS from generating a trap when a specific condition occurs Note Note that the CSS sends only SNMP v1 trap types For details on SNMP traps and associated MIB objects loaded as part of...

Page 202: ...n Generates SNMP enterprise traps when the CSS 11503 or CSS 11506 power supply changes state powered off or on or removed from the CSS isc lifetick failure Generates SNMP enterprise traps when an ISC LifeTick failure message occurs on a Cisco 11500 series CSS A LifeTick message occurs four times a second between ports in an Adaptive Session Redundancy ASR configuration If a port does not receive a...

Page 203: ...prise traps enter config no snmp trap type enterprise To disable a specific enabled enterprise trap use the no form of the snmp trap type enterprise command For example to prevent the CSS from generating traps when a power supply fails enter config no snmp trap type enterprise chmgr ps transition Configuring SNMP Reload Enable To reboot the CSS using SNMP use the snmp reload enable command The syn...

Page 204: ...e or to verify that you want to reboot Before you enter this command be sure that you have saved any changes to your running config file and that you want to reboot the CSS For example config snmp reload enable To prevent users from rebooting the CSS using SNMP default behavior enter config no snmp reload enable Configuring Denial of Service DoS You can configure special enterprise traps to notify...

Page 205: ...rise traps if not already enabled config snmp trap type enterprise 2 Set the trap threshold to notify the trap host of DoS attacks with illegal addresses either source or destination config snmp trap type enterprise dos illegal attack trap threshold 1 3 Set the trap threshold to notify the trap host of DoS LAND attacks config snmp trap type enterprise dos land attack trap threshold 1 4 Set the tra...

Page 206: ...ack trap threshold 1 snmp trap type enterprise dos syn attack trap threshold 10 snmp trap type enterprise dos illegal attack trap threshold 1 Defining a DoS SNMP Trap Type To enable the CSS to generate SNMP enterprise traps when a DoS attack event occurs use the snmp trap type enterprise command One trap is generated each second when the number of attacks during that second exceeds the threshold f...

Page 207: ...ttack is 1 per second dos syn attack Generates traps when the number of TCP connections that are initiated by a source but not followed with an acknowledgment ACK frame to complete the 3 way TCP handshake exceeds the threshold value The default trap threshold for this type of attack is 10 per second Use the trap threshold option to override a default trap threshold For the threshold_value enter a ...

Page 208: ...11503 with a maximum of three SPs can display a maximum of 150 events A CSS 11506 with a maximum of six SPs can display a maximum of 300 events If multiple attacks occur with the same DoS type and source and destination address an attempt is made to merge them as one event This merging of events reduces the number of displayed events Use the show dos summary command to display a summary of informa...

Page 209: ...t followed with an ACK frame to complete the three way TCP handshake LAND Attacks Packets that have identical source and destination addresses Zero Port Attacks Frames that contain source or destination TCP or UDP ports equal to zero Note Older SmartBits software may send frames containing source or destination ports equal to zero The CSS logs them as DoS attacks and drops these frames Illegal Src...

Page 210: ...reshold values The maximum number of events per second is the maximum for each SP For a CSS 11506 which may have up to six SPs the maximum rate per second may be as high as six times the value appearing in this field For a CSS 11503 which may have up to three SPs the maximum rate per second may be as high as three times the value appearing in this field DoS Attack Event Details for each detected a...

Page 211: ... the CSS This section describes the activities that you need to perform to manage SNMP on the CSS This section includes the following topics Enabling SNMP Manager Access to the CSS Using the CSS to Look Up MIB Objects Reading Logs Setting RMON Alarms Enabling SNMP Manager Access to the CSS By default the CSS enables SNMP access to its command base You must first create community strings using the ...

Page 212: ...of the MIB object You can look up a specific object or you can use the question mark character as a wildcard to help you complete your request For example suppose you want to look up a MIB object but you are not sure of its exact name You already know that the MIB you want is part of the apFlowMgrExt group of objects In this case specify the lookup command with the question mark character as shown...

Page 213: ...EventCount ASN Name apFlowMgrExtDOSAttackEventCount MIB flowmgrext Object Identifier 1 3 6 1 4 1 9 9 368 1 36 27 1 6 Argument Type Integer Range 0 4294967295 Description This is the number of times this DoS attack had occurred You can also display a list of all the Enterprise MIBs by using the lookup command without any MIB object names as shown in the following example config rmonalarm 1 lookup T...

Page 214: ...plog file when it renames the traplog file Each time the CSS reboots it continues to use the existing traplog file until it reaches its maximum size Use the show log command to show the trap log since the last CSS reboot For example show log traplog By default the following events generate level critical 2 messages Link Up Link Down Cold Start Warm Start Service Down Service Suspended All other SN...

Page 215: ...mode CSS SNMP Traps Table 5 5 and Table 5 6 list the SNMP v1 and SNMP v2C traps respectively supported by the CSS Table 5 5 SNMP v1 Traps Name MIB Enterprise Object ID OID Generic Specific Parameters coldStart sysObjectID 0 0 warmStart sysObjectID 1 0 linkDown sysObjectID 2 0 ifIndex 1 3 6 1 2 1 2 2 1 1 ifOperStatus 1 3 6 1 2 1 2 2 1 8 ifAdminStatus 1 3 6 1 2 1 2 2 1 7 linkUp sysObjectID 3 0 ifInd...

Page 216: ...ExtDosIllegalTrap flowMgrExt mib 1 3 6 1 4 1 9 9 368 1 36 1 6 3 apFlowMgrExtDOSAttackEventString 1 3 6 1 4 1 9 9 368 1 36 28 1 8 apFlowMgrExtDOSAttackEventInterval Count 1 3 6 1 4 1 9 9 368 1 36 28 1 9 apFlowMgrExtDOSAttackEventCount 1 3 6 1 4 1 9 9 368 1 36 28 1 6 apFlowMgrExtDosSmurfTrap flowMgrExt mib 1 3 6 1 4 1 9 9 368 1 36 1 6 5 apFlowMgrExtDOSAttackEventString 1 3 6 1 4 1 9 9 368 1 36 28 1 ...

Page 217: ... 0 apSvcTransitionTrap svcExt mib 1 3 6 1 4 1 9 9 368 1 15 1 6 1 apSvcTrapEventText 1 3 6 1 4 1 9 9 368 1 15 10 0 apTermSessLoginFailureTrap terminalMgmt mib 1 3 6 1 4 1 9 9 368 1 11 1 6 1 apTermSessLoginFailureInfo 1 3 6 1 4 1 9 9 368 1 11 3 0 apChassisMgrExtPsTrap chassisMgrExt mib 1 3 6 1 4 1 9 9 368 1 34 1 6 1 apChassisMgrExtTrapPsEventText 1 3 6 1 4 1 9 9 368 1 34 24 0 apChassisMgrModuleTrap ...

Page 218: ... 6 1 2 1 2 2 1 8 ifAdminStatus 1 3 6 1 2 1 2 2 1 7 authenticationFailure 1 3 6 1 6 3 1 1 5 5 egpNeighborLoss 1 3 6 1 6 3 1 1 5 6 apFlowMgrExtDosSynTrap flowMgrExt mib 1 3 6 1 4 1 9 9 368 1 36 1 0 1 apFlowMgrExtDOSAttackEventString 1 3 6 1 4 1 9 9 368 1 36 28 1 8 apFlowMgrExtDOSAttackEventInterval Count 1 3 6 1 4 1 9 9 368 1 36 28 1 9 apFlowMgrExtDOSAttackEventCount 1 3 6 1 4 1 9 9 368 1 36 28 1 6 ...

Page 219: ...apIpv4RedundancyTrap apIpv4 mib 1 3 6 1 4 1 9 9 368 1 9 1 1 0 1 apIpv4TrapEventText 1 3 6 1 4 1 9 9 368 1 9 34 0 apIpv4RedundancyState 1 3 6 1 4 1 9 9 368 1 9 19 0 apIpv4RedundancyIf 1 3 6 1 4 1 9 9 368 1 9 20 0 apIpv4RedundancyMaster 1 3 6 1 4 1 9 9 368 1 9 21 0 apIpv4RedundancyState Transition apIpv4Redundancy mib 1 3 6 1 4 1 9 9 368 1 9 8 1 0 1 apIpv4RedundancyEventText 1 3 6 1 4 1 9 9 368 1 9 ...

Page 220: ...0 0 apTermSessLoginFailureTrap terminalMgmt mib 1 3 6 1 4 1 9 9 368 1 11 1 0 1 apTermSessLoginFailureInfo 1 3 6 1 4 1 9 9 368 1 11 3 0 apChassisMgrExtPsTrap chassisMgrExt mib 1 3 6 1 4 1 9 9 368 1 34 1 0 1 apChassisMgrExtTrapPsEventText 1 3 6 1 4 1 9 9 368 1 34 24 0 apChassisMgrModuleTrap chassisMgrExt mib 1 3 6 1 4 1 9 9 368 1 34 1 0 2 apChassisMgrExtTrapModuleEventText 1 3 6 1 4 1 9 9 368 1 34 2...

Page 221: ... 6 1 4 1 9 9 368 1 9 1 MIB support for IPv4 global information box to box redundancy config ip apIpv4Arp mib OID 1 3 6 1 4 1 9 9 368 1 9 4 MIB support for IPv4 ARP config arp apIpv4Dns mib OID 1 3 6 1 4 1 9 9 368 1 9 7 MIB support for IPv4 DNS resolver configuration config dns apIpv4Host mib OID 1 3 6 1 4 1 9 9 368 1 9 6 MIB support for IPv4 host table config host apIpv4Interface mib OID 1 3 6 1 4...

Page 222: ...g boot bridgeExt mib OID 1 3 6 1 4 1 9 9 368 1 14 Configuration and monitoring of bridge related parameters config bridge cappUdpExt mib OID 1 3 6 1 4 1 9 9 368 1 52 Application Peering Protocol User Datagram Protocol APP UDP global statistical information and security configuration settings config app udp cctExt mib OID 1 3 6 1 4 1 9 9 368 1 29 CSS circuit information box to box redundancy config...

Page 223: ...nfiguration config dfp dnshotExt mib OID 1 3 6 1 4 1 9 9 368 1 48 DNS hot list config domain hotlist dnsServerExt mib OID 1 3 6 1 4 1 9 9 368 1 40 MIB support for DNS server config dns server domainCacheExt mib OID 1 3 6 1 4 1 9 9 368 1 60 Configuration management for the domain cache on the CSA in the CSS config dns server domain cache dqlExt mib OID 1 3 6 1 4 1 9 9 368 1 51 Domain Qualifier List...

Page 224: ...guration of keepalive mode config keepalive logExt mib OID 1 3 6 1 4 1 9 9 368 1 20 CSS logging functionality config logging nqlExt mib OID 1 3 6 1 4 1 9 9 368 1 50 Describes the CSS network qualifier lists NQLs config nql name ownExt mib OID 1 3 6 1 4 1 9 9 368 1 25 Web host owner information config owner plucExt mib OID 1 3 6 1 4 1 9 9 368 1 56 Proximity Lookup Client functionality config proxim...

Page 225: ...for CLI command scheduler records config cmd scheduler securityMgrExt mib OID 1 3 6 1 4 1 9 9 368 1 13 CSS MIB objects for the network security manager config username snmpExt mib OID 1 3 6 1 4 1 9 9 368 1 22 SNMP traps and communities config snmp sshdExt mib OID 1 3 6 1 4 1 9 9 368 1 43 MIB support for the Secure Shell Daemon server SSHD config sshd sslExt mib OID 1 3 6 1 4 1 9 9 368 1 63 MIB sup...

Page 226: ...tacacsExt mib OID 1 3 6 1 4 1 9 9 368 1 66 CSS extensions to the client side of the Terminal Access Controller Access Control System TACACS authentication protocol config tacacs server tagExt mib OID 1 3 6 1 4 1 9 9 368 1 53 Content tag lists config header field group terminalMgmt mib OID 1 3 6 1 4 1 9 9 368 1 11 MIB support for terminal options terminal restrict urqlExt mib OID 1 3 6 1 4 1 9 9 36...

Page 227: ...mation on configuring the Remote Monitoring RMON features of your CSS Information in this chapter applies to all CSS models except where noted This chapter contains the following major sections RMON Overview RMON Configuration Considerations Configuring an RMON Event Configuring an RMON Alarm Configuring an RMON History Viewing RMON Information ...

Page 228: ...oup 1 Statistics Provides data about all Ethernet ports on a CSS You cannot configure RMON statistics You can only view them Group 2 History Provides data about the Ethernet ports over an historical period Histories are preconfigured for each port You can configure additional port histories Group 3 Alarm Allows you to create an alarm and configure the conditions based on a MIB object to trigger an...

Page 229: ...ter you activate it If you need to change the RMON history configuration after activation you must delete it first and then recreate the RMON history with the necessary changes You can change your RMON history configuration at any time before you activate it You must assign an RMON event to an RMON alarm before the alarm can be activated The event must exist and must be activated before it can be ...

Page 230: ...ormation on configuring SNMP on your CSS The following sections describe how to configure an RMON event RMON Event Configuration Quick Start Creating an Index for an RMON Event Deleting an RMON Event Index Setting the RMON Event Attributes Activating an RMON Event Suspending an RMON Alarm RMON Event Configuration Quick Start Table 6 1 provides a quick overview of the steps required to configure th...

Page 231: ...t The specified community_name is the name of an SNMP community configured using the snmp trap host command This step is required only if the traps are sent to an SNMP network management station config rmonevent 1 community moonbase_alpha 3 Provide a description for the event Enter a quoted text string with a maximum of 127 characters including spaces config rmonevent 1 description This event occu...

Page 232: ...er a message similar to the following appears Index internally used Administrative control not allowed For example to create an RMON event with an identifier of 1 access global configuration mode and enter config rmon event 1 To view a list of existing RMON event configuration identifiers enter config rmon event After you create the index for the event the prompt changes to config rmonevent 1 Defi...

Page 233: ...ction Ensure the RMON event is not assigned to an RMON alarm Defining an Event Community When an alarm event occurs and the event is configured to send an SNMP trap the CSS sends the trap to the trap host with the specified community If no community is specified the CSS automatically uses the default event community of public Use the community community_name command to define a community for an un...

Page 234: ...t define the entity who configured this RMON event and is using the resources assigned to it Use the owner owner_name command to define the owner The owner_name variable is a quoted text string with a maximum of 127 characters The owner for the event must be the same as the owner for the alarm To define the owner named Boston Tech Lab enter config rmonevent 1 owner Boston Tech Lab To remove the ow...

Page 235: ...ate that the event type is both log and trap To define the event as both log and trap types enter config rmonevent 1 type log and trap To reset the RMON event type back to log enter config rmonevent 1 no type Activating an RMON Event After you configure the event attributes activate the event However before you can activate an event you must specify the owner of the event as described in the Assig...

Page 236: ...ng compares the sample value directly to the threshold This sampling is similar to a gauge recording values that go up or down Delta sampling subtracts the current sample value from the last sample taken and then compares the difference to the threshold This sampling is similar to a counter recording a value that is constantly increasing When a sample value crosses an alarm threshold an associated...

Page 237: ...ncludes the following topics RMON Alarm Configuration Quick Start Creating an Index for an RMON Alarm Deleting an RMON Alarm Index Setting the RMON Alarm Attributes Rising Threshold Falling Threshold Sample Value Sample Interval Alarm triggered Rising event generated Alarm triggered Falling event generated 49652 20 20 30 40 50 60 Rising Threshold 20 or more Falling Threshold 10 or less Sample Valu...

Page 238: ...m 1 y n y 2 Assign the owner who defined and is using the resources of the alarm Enter a quoted string with a maximum of 127 characters including spaces The owner must be the same as the owner for the event config rmonalarm 1 owner Boston Tech Lab 3 Define the MIB object for the sample variable For example for the current number of connections for this service enter apSvcConnections To see a list ...

Page 239: ... an existing RMON event Enter an integer from 0 to 65534 If you enter 0 no event is generated config rmonalarm 1 rising event 1 8 Define the falling threshold Enter an integer from 0 default to 4294967295 config rmonalarm 1 falling threshold 90 9 Associate the falling event with an existing RMON event Enter a number from 0 to 65534 If you enter 0 no event is generated config rmonalarm 1 falling ev...

Page 240: ...arm index 65535 is administratively predefined and cannot be modified If you enter this index number a message similar to the following appears Index internally used Administrative control not allowed To create an RMON alarm with an identifier of 1 access global configuration mode and enter config rmon alarm 1 To see a list of existing RMON alarm configuration identifiers enter rmon alarm After yo...

Page 241: ... and set its attributes This section includes the following topics Assigning an Owner Finding and Defining a Sample Variable Defining the Absolute or Delta Sampling Method Defining a Rising Threshold and Rising Event Defining a Falling Threshold and Index Defining a Startup Alarm Defining the Sampling Interval After you set all of the attributes activate the alarm as described in the Activating an...

Page 242: ...tions to this service cntExt mib Contains content rule objects for example apCntHits is the MIB object for the total number of hits on this service for this content rule Refer to Chapter 5 Configuring Simple Network Management Protocol SNMP for information on CSS Enterprise MIBs Use the lookup command to look up a MIB object and view its description For example to view the description for the apSv...

Page 243: ...e previous sampling and then their difference is compared to the configured threshold This sampling is similar to a counter recording the value that constantly increases see Figure 6 3 Absolute sampling compares the sample value to the configured threshold For example if you want to know when 30 000 service connections occur on the CSS during a sample interval configure the apSvcConnections MIB ob...

Page 244: ...ng threshold rising_value command to set the threshold for the alarm The rising_value variable is the threshold for the rising sample type Enter an integer from 0 default to 4294967295 To set the rising threshold value of 100 enter config rmonalarm 1 rising threshold 100 To reset the rising threshold to 0 enter config rmonalarm 1 no rising threshold Use the rising event rising_index command to ass...

Page 245: ...lling_value variable is the threshold for the falling sample type Enter an integer from 0 default to 4294967295 To set the falling threshold value of 90 enter config rmonalarm 1 falling threshold 90 To reset the falling threshold to 0 enter config rmonalarm 1 no falling threshold Use the falling event falling_index command to associate a configured event to the RMON alarm when the sampled value ex...

Page 246: ...sing threshold is triggered enter config rmonalarm 1 startup type rising and falling To reset the startup alarm to a rising threshold alarm enter config rmonalarm 1 no startup type Defining the Sampling Interval The sampling interval is the time interval in seconds over which the data is sampled and compared with the rising and falling thresholds Use the sample interval interval command to specify...

Page 247: ...vates it allowing you to make changes to its configuration settings To suspend an alarm use the suspend command For example config rmonalarm 1 suspend Configuring an RMON History You can configure the operation of the RMON history that periodically samples any CSS Ethernet port for statistical data All ports are preconfigured with histories for 30 second and 30 minute intervals and 50 buckets with...

Page 248: ...complete description of each feature and all the options associated with the CLI command see the sections following Table 6 3 Table 6 3 RMON History Configuration Quick Start Steps and Possible Settings 1 Create an RMON history from global configuration mode Enter an integer from 1 to 65535 config rmon history 5 Create History 5 y n y 2 Assign the owner who defined and is using the history resourc...

Page 249: ...configuration mode for that history automatically To create a history index use the rmon history index command from any configuration mode except boot configuration mode The index is an integer from 1 to 65534 Note The RMON history index 65535 is administratively predefined and cannot be modified If you enter this index number a message similar to the following appears Index internally used Admini...

Page 250: ... activated you cannot modify its attributes You must delete the history index see the Deleting an RMON History Index section recreate it and respecify the alarm index attributes Deleting an RMON History Index If you have an active RMON history index that requires changes to its attributes or you no longer need it delete the RMON history index Before you delete a history index that requires changes...

Page 251: ... CSS Fast Ethernet or Gigabit Ethernet port To define the data object use the data source port command The port is identified by an ifIndex data object identifier For example if your CSS has 12 Ethernet ports they have data object IDs of ifIndex 1 through ifIndex 12 The Ethernet management port has an ID of ifIndex 14 To define Ethernet port 4 enter config rmonhistory 5 data source ifIndex 4 To se...

Page 252: ...an RMON history operation Use the interval value command to set this interval Enter an integer from 1 to 3600 seconds The default is 1800 30 minutes To define a time interval of 60 seconds enter config rmonhistory 5 interval 60 Activating an RMON History Entry After you configure the history attributes you can activate the history for the port Use the active command to activate an RMON history ent...

Page 253: ...ed over the Fast Ethernet or Gigabit Ethernet ports You can view RMON statistics either in a CSS CLI session through the show rmon command the show ether errors command refer to the Cisco Content Services Switch Routing and Bridging Configuration Guide or directly through an SNMP network management station by using ether stats MIB objects refer to RFC 1398 The CSS show rmon command allows you to d...

Page 254: ... received packets including bad packets broadcast packets and multicast packets Broadcast Packets The total number of good received packets that were directed to the broadcast address The number of broadcast packets does not include multicast packets Multicast Packets The total number of good received packets that were directed to a multicast address The number of multicast packets does not includ...

Page 255: ...ns and noise hits Drop Events The total number of events in which packets were dropped by the probe due to lack of resources This number is not necessarily the number of packets dropped it is the number of times this condition has been detected Slobbers An internal counter This field is always zero Jabbers The total number of packets received that were longer than 1518 octets excluding framing bit...

Page 256: ...IEEE standard 802 3 14 2 1 4 10BASE T defines a collision as the simultaneous presence of signals on the DO and RD circuits transmitting and receiving at the same time A 10BASE T station can detect collisions only when it is transmitting Probes placed on a station and a repeater should report the same number of collisions Ideally an RMON probe inside a repeater should report collisions between the...

Page 257: ...ort to zero the Ethernet errors and MIB II statistics for the port are also reset to zero Viewing History You can display the default and configured RMON history information for a specific Ethernet port or all Ethernet ports in the CSS For information on configuring an RMON history see the Configuring an RMON History section By default the CSS maintains two tables of history statistics for each po...

Page 258: ...port_name To see a list of histories for the Ethernet 4 port enter show rmon history ethernet 4 Table 6 5 lists and describes the fields in the show rmon history command output Table 6 5 Field Descriptions for the show rmon history Command Field Description Owner The owner who configured the entry and is using the resources assigned to it Start Time The time when the bucket sampling started Interv...

Page 259: ...estimate of Ethernet utilization If greater precision is desired sample the Ethernet statistic packet and octet objects before and after a common interval The differences in the sampled values are packets Pkts and Octets respectively and the number of seconds in the Interval These values are used to calculate the utilization of a 10 Mbps Ethernet port as follows Pkts 9 6 6 4 Octets 8 Utilization _...

Page 260: ...raplog file to traplog prev as a backup file and starts a new traplog file The CSS overwrites the backup traplog file when it renames the traplog file Each time the CSS reboots it continues to use the existing traplog file until it reaches its maximum size The traps sent to the traplog file are the same traps sent to an SNMP network management station Refer to Chapter 5 Configuring Simple Network ...

Page 261: ...f servers or to configure content rules to restrict access to a group of directories or files on the servers XML code loads a series of CLI commands into the CSS without the need to respond to the prompts similar to operating in expert mode As the CSS administrator plan which type of changes you want to implement and the consequences of these changes as they are performed After you create the XML ...

Page 262: ...iction is enforced because the actual execution of the XML tag set is performed within a script play command 3 If special characters are required in an XML configuration be aware of the following considerations The CSS supports the inclusion of the and characters in XML content All other special characters such as and are not supported in an XML configuration Special characters can be included in ...

Page 263: ...cl 98 action action clause 10 permit any any dest any action action apply circuit VLAN3 action config In another example the following commands configure a CSS Ethernet interface xml version 1 0 standalone yes config action interface ethernet 6 action action bridge vlan 3 action action circuit VLAN3 action action ip address 10 10 104 1 16 action config 5 Pay attention to the allowable CLI command ...

Page 264: ...one yes config service name router ip_address 10 0 3 1 ip_address action active action service service name sname2 ip_address 10 0 3 2 ip_address weight 4 weight action active action service service name sname3 ip_address 10 0 3 3 ip_address weight 5 weight protocol udp protocol action suspend action service service name nick ip_address 10 0 3 93 ip_address action active action service owner name ...

Page 265: ...u cannot configure access for both secure and unsecure connections Note Because the CSS can process large configurations the CSS processes only two concurrent XML configuration uploads over secure connections If a third upload is attempted it may not succeed The CSS closes the connection and sends the following message to the client status 503 Service Unavailable To allow the transfer of XML confi...

Page 266: ...ure xml command For example enter config restrict secure xml Parsing the XML Code After you complete the XML file parse the code to ensure that it is syntactically correct One easy way to parse XML code is to open the XML file directly from Microsoft Internet Explorer Syntax errors are flagged automatically when the file is loaded If an error occurs review your XML code and correct all syntax erro...

Page 267: ...SS closes the connection and sends the following message to the client status 503 Service Unavailable Software is available to simplify the process of publishing XML files to the CSS HTTP server These software packages offer a simple method to publish files to a web server This software uses the unsecure HTTP or secure HTTPS protocol to publish files and requires no special software on the web ser...

Page 268: ...Chapter 7 Using an XML Document to Configure the CSS Testing the Output of the XML Code 7 8 Cisco Content Services Switch Administration Guide OL 5647 02 ...

Page 269: ...ervices Switch Content Load Balancing Configuration Guide Note Commands shown in the script examples are bolded for clarity You can write scripts that use any command in the command line interface CLI Scripts can also take advantage of logical blocks that run specific commands based upon a set of conditionals and expressions This chapter contains the following major sections Script Considerations ...

Page 270: ...he new software directory see Script Upgrade Considerations later in this chapter The CSS Scripting Language allows you to pass 128 characters in a quoted argument Assuming an average of seven characters per argument plus a space delimiter you can potentially use a maximum of 16 arguments in one script Playing a Script A script executes from within the script directory on your local hard disk or f...

Page 271: ... Use the show lines command to display information about active pseudo shells Note To terminate the execution of a command string use the disconnect command The syntax and options for this global configuration mode command are cmd sched Enable command scheduling cmd sched record name minute hour day month weekday commands logfile_name Create a configuration record for the scheduled execution of an...

Page 272: ...ing with a maximum of 32 characters Any of the time variables can contain one or some combination of the following values A single number to define a single or exact value for the specified time variable A wildcard character matching any valid number for the specified time variable A list of numbers separated by commas with a maximum of 40 characters to define multiple values for a time variable T...

Page 273: ...ble 8 1 describes the fields in the show cmd sched command output Table 8 1 Field Descriptions for the show cmd sched Command Field Description Cmd Scheduler State of the command scheduler enabled or disabled and the number of configured records Sched Rec The name of the configuration record Id The ID for the record Next exec The date and time the record will be executed Executions How many times ...

Page 274: ... see Using the no echo Comment later in this chapter Note All of the examples and their outputs shown in the remainder of this chapter assume that the echo command is disabled unless otherwise stated Using Commented Lines To write scripts that other users can understand and maintain it is important to document your script with comments Comments are particularly important when other users begin usi...

Page 275: ...t A script actually executes the commented command no echo If you are familiar with MS DOS batch files this command is similar to the echo off DOS command For example enter no echo echo Hello The output is Hello If you enter Print Echo echo Hello The output is echo Hello Hello This happens because the script tells the script engine to print the echo command to the screen The result is that the scr...

Page 276: ...ally if you save a session variable to a user s profile the variable will be recreated in the CLI session environment upon login For details on saving a session variable to a user profile refer to Chapter 3 Configuring User Profiles A variable name can contain 1 to 32 characters Its value is quoted text that normally contains alphanumeric characters Spaces within the quoted text delineate array el...

Page 277: ...mines a variable s type by the alphanumeric characters in its value If any non numeric characters are present the variable s type is character If all the characters are numeric the variable s type is integer Arithmetic operations on quoted numbers such as 100 are possible but are not possible on variables like CSS11506 because the CLI knows that CSS11506 is not a numeric value You can retrieve the...

Page 278: ... you must also remove it from the user s profile Modifying Integer Variables This section includes the following topics Using the No Set and Set Commands Using Arithmetic Operators Using the Increment and Decrement Operators Using the No Set and Set Commands To modify a variable use the no set command to remove a variable from memory then use the set command with the same variable name to reset th...

Page 279: ...r modify MyVar MOD 10 echo Variable modulus value now is MyVar The output is Variable value is 102 Variable value now is 90 Variable value now is 540 Variable value now is 90 Variable modulus value now is 0 For simple arithmetic operations the modify command takes an operator in quotes for example or MOD and a new value in quotes This value does not have to be a constant for example 5 or 10 but ca...

Page 280: ...se operators with the modify command For example enter set MyVar 1 echo Variable is set to MyVar modify MyVar echo Variable is set to MyVar modify MyVar echo Variable is set to MyVar The output is Variable is set to 1 Variable is set to 2 Variable is set to 1 These two operators make it possible to add or subtract a value without having to type an addition modification command So you can replace m...

Page 281: ...ndbranch command which indicates to the CLI the end of a logical block of commands Any branches created without a terminating endbranch command produce a script logic error and possibly a script syntax error For information on script errors see Syntax Errors and Script Termination later in this chapter Note You can nest a maximum of 32 levels of branch commands Boolean Logic and Relational Operato...

Page 282: ...equal to this value the echo command between the if command and the endbranch command is executed Note that the variable MyVar does not have the typical variable indicator symbol in front of it This is because the if command requires that a constant value or a variable name immediately follow the command An exception to this rule applies when the if command references an array element In this case...

Page 283: ...e Counter NEQ 5 echo Counter is set to Counter modify Counter endbranch echo We re done The output of this logical block is Counter is set to 0 Counter is set to 1 Counter is set to 2 Counter is set to 3 Counter is set to 4 We re done Until the expression is not satisfied notice that the script jumps to the beginning of the loop and evaluates the expression each time it reaches the endbranch comma...

Page 284: ...E Current mode of command for example configure boot service USER The currently logged in user for example admin bob janet ARGS A list of arguments passed to a script from the CLI See Using Command Line Arguments later in this chapter UGREP A line of text obtained using the grep u command CHECK_STARTUP_ERRORS A session variable that determines whether or not a user is informed of startup errors up...

Page 285: ...the variable is set You should set and then unset this variable in scripts where you expect a command to fail For example enter set CONTINUE_ON_ERROR 1 Spell echo incorrectly eco This will not print echo This will print no set CONTINUE_ON_ERROR The output is This will print Notice in the above example that the script does not print Script Playback cancelled and then terminate This is because the C...

Page 286: ...ill terminate if a command does not execute properly However if you set the CONTINUE_ON_ERROR variable you can use the STATUS variable to test the results of a command For example enter set CONTINUE_ON_ERROR 1 eco Hello world if STATUS NEQ 0 echo Failure to execute command correctly endbranch In the above example the STATUS variable is set to a non zero value This value is specific to the type of ...

Page 287: ...inates Set this variable to prepare for potential errors and unset it using the no set command before the script exits cleanly This variable allows you to take advantage of the CLI s exit upon error behavior while permitting the flexibility of customizing the error message For example enter set EXIT_MSG Failure to connect to host socket connect host 1 1 1 1 port 9 no set EXIT_MSG The example above...

Page 288: ...nds save the SOCKET variable to another variable or it will be overwritten For example enter set EXIT_MSG Failure to connect to host socket connect host 1 1 1 1 port 80 no set EXIT_MSG set EXIT_MSG Send Failure socket send SOCKET GET index html n n no set EXIT_MSG Save current socket ID set OLD_SOCKET SOCKET The new socket connect command will overwrite the old SOCKET variable set EXIT_MSG Failure...

Page 289: ...of the previously executed CLI command In most cases with the exception of the grep command an exit status of 0 indicates a command was successful and a non zero value indicates failure The CHECK_STARTUP_ERRORS variable if set within a profile script indicates the user should be informed of startup errors upon login If the startup errors file is found in the log directory the screen displays the S...

Page 290: ... parameter that represents the variable name you want to see For example enter show variable LINE The output is LINE console Using Arrays A variable can hold subvalues elements within its memory space Such a variable is commonly called a variable array or just an array An array can hold numeric values strings or both To create an array simply create a variable using the set command and separate al...

Page 291: ...o the end of the variable name including variable indicator and braces Note The CSS Scripting Language numbers elements starting at 1 not at 0 Some scripting programming languages zero index their arrays this scripting system does not If you reference an element beyond the boundary of the array you receive a syntax error For example enter echo The last day of the week is WeekDays 8 Error variable ...

Page 292: ...is set to 7 Using var shift to Obtain Array Elements You may need to print out all the days of the week to the screen While it is possible to print out each array element by hardcoding the element values it is not always practical or possible to do this In this case it is obvious that there are seven days in the week but there may be cases where the number of elements in a variable are unknown unt...

Page 293: ...t 1 var shift Pet echo Second Pet is Pet 1 Notice in the second Pet example that there is one less variable needed you do not need the Index variable and the first element index Pet 1 is the only one used The var shift command deletes the original data within the variable The variable Pet from the example above now contains only the element Cat To solve this problem save the contents of the origin...

Page 294: ... input is terminated by a carriage return A user can enter any alphanumeric characters If a user presses only the Enter key and does not type any characters then the script creates the variable with a NULL value This allows you to test the user input to verify that the user typed something In the following example the script continues to ask the user the same question until the user types y echo n...

Page 295: ...ur first argument passed is ARGS 1 The script below called NameScript prints a user s first and last names The script requires that the user pass his her first and last name in that order in quoted text to the script For example enter no echo if ARGS NEQ 2 echo Usage NameScript First_Name Last_Name exit script 1 endbranch echo First Name ARGS 1 echo Last Name ARGS 2 exit script 0 This script first...

Page 296: ... My Name is John Doe function PrintName end The output is Calling the PrintName function My Name is John Doe End Notice that the command issued between the commands function PrintName begin and function PrintName end executes before the last echo statement in the script Also note that the script automatically terminates after the last valid line before the function definition Passing Arguments to ...

Page 297: ...or example suppose you pass two arguments Billy Bob to a script using the script play command and the script calls a function called PrintName with different arguments enter echo I was passed the arguments ARGS function PrintName call John Doe echo The original arguments are ARGS Function PrintName Prints the name John Doe function PrintName begin echo My Name is ARGS function PrintName end The ou...

Page 298: ...ripting Language provides two operations for bit manipulation that apply only to numeric values The bitwise logical operators are BAND Bitwise AND operation BOR Bitwise OR operation You can manipulate the bits of a numeric variable using the modify command For example if you have a numeric value of 13 and want to find out if the second and fourth bits of the number are turned on value of 1 you can...

Page 299: ...n zero using the exit script command This lets you know exactly why a script failed You can then use this information to initiate a decision process to handle the error condition Syntax Errors When you play a script that contains a misspelled command an unknown command or a failed command the script displays a syntax error on the screen The error message contains the number and the text of the lin...

Page 300: ...of its failure to connect The next command socket disconnect never executes because of the failure of the first command The CLI considers this type of error a syntax error To discover what went wrong issue the questionable command directly on the CLI For example enter socket connect host 192 168 1 1 port 84 tcp Failed to connect to remote host The CLI displays the reason why the command failed Not...

Page 301: ...ame exit script 1 endbranch If this script fails to find exactly two arguments on the command line it exits with status code 1 failure If you were to check the STATUS variable at this point it would be set to a value of 1 Note All commands in the CLI write an exit code to the STATUS variable after they execute If you want to use the STATUS value you must save it in another variable or use it right...

Page 302: ...makes other arrangements to handle this behavior Using the grep Command To search for specified data and place the last line of the search results in a variable called UGREP use the grep command with the u option For example to create a script to search for the Keepalive field in the show service command on a service called S1 enter no echo show service S1 grep u Keepalive echo The line is UGREP T...

Page 303: ... this is the last line in the show service screen that satisfies the search criteria but it is not the only line that qualifies To search for a specific line for example the first line that satisfies the search criteria use the n option For example enter no echo show service S1 grep u1 echo The line is UGREP The output is The line is Name S1 Index 1 This is the first line that satisfies the search...

Page 304: ...nds To assist you in building a structured protocol use socket commands in a script keepalive The socket commands allow ASCII or hexadecimal send and receive functionality Each command that has an optional raw keyword converts the data from standard ASCII to hexadecimal For example abcd is 61626364 in ASCII In hex it is 0x61 0x62 0x63 0x64 socket connect To performs either a TCP connection handsha...

Page 305: ... the attempt fails This applies only to a TCP connection because UDP is connectionless Enter an integer from 1 to 60000 ms 1 to 60 seconds The default is 5000 ms 5 seconds session Keyword that tells the socket to remain open until the session ends If a script opens sockets in the session and does not close them the sockets remain open until you log out nowait Keyword that tells the socket to send ...

Page 306: ... You can use the socket inspect command to send all data residing in this 10 KB buffer to standard output Note The software removes all previous data from the 10 KB internal buffer before it stores new data The syntax for this command is socket receive socket_number timeout raw The options and variables are socket_number Socket file descriptor integer form This descriptor is returned by the socket...

Page 307: ...f any data is found the command returns immediately and does not wait the entire timeout period timeout The optional timeout value that specifies the number of milliseconds the CSS waits to find the string argument Enter an integer from 1 to 15000 ms The default is 100 ms string The specific string that the CSS must find to result in a STATUS value of 0 Once the CSS finds the string the command re...

Page 308: ...ys the string values as hexadecimal bytes instead of a simple string For example instead of printing ABCD to standard output it prints 41424344 1 byte hexadecimal equivalent pretty Prints each line with both the hexadecimal and the ASCII equivalent for each byte of data The software prints up to 16 bytes on each line For example enter 0x41 0x42 0x43 0x44 0x10 0x05 ABCD Note If you use the socket i...

Page 309: ...ed the session argument in the socket connect command If you open sockets within a session the sockets close when the session ends user logs out Use the show sockets command to list all the socket file descriptors that are currently in use Table 8 2 describes the fields in the show sockets output Note If a remote host times out or closes a socket the socket architecture cleans up the socket and re...

Page 310: ...cket send section Displaying Scripts To display a list of the scripts that reside in the CSS script directory or the contents of a specific script with or without line numbers use the show script command This command is available in SuperUser mode and all configuration modes The syntax of this command is show script filename line numbers The variables and option of this command are filename Name o...

Page 311: ...S Software 3 Use the restore script command in SuperUser mode to restore the scripts to the script subdirectory of the new software version For details for restoring a script refer to Chapter 1 Managing the CSS Software Using the showtech Script To gather information designed to assist the Cisco Technical Assistance Center TAC in analyzing your CSS use the showtech script The output of the script ...

Page 312: ... service internal show service summary show service show system resources show dump status show core show circuit all show arp show ip route show phy show summary show rule show group show ether errors show keepalive show ip stat show rmon show bridge status show bridge forwarding show interface show virtual routers show critical services show redundancy show chassis inventory show chassis verbose...

Page 313: ...transition File system access is allowed in scripts executed from the CLI or from the command scheduler The following sections provide examples of script keepalives You can use them as is or modify them for your applications Example of a Custom TCP Script Keepalive with Graceful Socket Close FIN Use the following script keepalive to open and gracefully close using a FIN rather than a RST a socket ...

Page 314: ...ERVICE ARGS 1 echo SERVICE ARGS 1 var shift ARGS while ARGS GT 0 set TCP PORT ARGS 1 var shift ARGS function SOCKET_CONNECT call If we re out of sockets exit and look for sockets on the next KAL interval if RETURN OUT OF SOCKETS set EXIT_MSG Exceeded number of available sockets skipping until next interval exit script 0 endbranch Valid connection look to see if it was good if RETURN NO CONNECT set...

Page 315: ... SOCKET_CONNECT end Default Script Keepalives The script keepalives listed below are included in the script directory of your CSS and defined in the sections following the list SMTP KEEPALIVE NetBIOS Name Query Microsoft Networking HTTP List Keepalive POP3 Keepalive IMAP4 Keepalive Pinglist Keepalive Finger Keepalive Time Keepalive Setcookie Keepalive HTTP Authentication Keepalive DNS Keepalive Ec...

Page 316: ...ber of arguments if ARGS NEQ 1 echo Usage ap kal smtp Hostname exit script 1 endbranch Defines set HostName ARGS 1 set EXIT_MSG Connection Failed Connect to the remote host use default timeout socket connect host HostName port 25 tcp set EXIT_MSG Waitfor Failed Receive the incoming status code 220 welcome message socket waitfor SOCKET 220 200 set EXIT_MSG Send Failed Send the helo to the server so...

Page 317: ...This script will send an encoded message for Session Request 0x81 and will invent a CALLER and a CALLED machine name Caller this script and CALLED Server Failure Upon 1 Not establishing a connection with the host 2 Not receiving a status code 0x83 negative response if ARGS NEQ 1 echo Usage ap kal pop3 Hostname exit script 1 endbranch Defines set HostName ARGS 1 Connect to the remote host default t...

Page 318: ...mpt to do an HTTP HEAD on that page Failure Upon 1 Not establishing a connection with the host 2 Not receiving a status code 200 on the HEAD request on any one site If one fails the script fails Make sure the user has a qualified number of arguments if ARGS LT 2 echo Usage ap kal httplist WebSite1 WebPage1 WebSite2 WebPage2 exit script 1 endbranch while ARGS GT 0 set Site ARGS 1 var shift ARGS if ...

Page 319: ...r SOCKET 200 no set EXIT_MSG socket disconnect SOCKET function HeadUrl end POP3 Keepalive no echo Filename ap kal pop3 Parameters HostName UserName Password Description This script will connect to a POP3 server and login with the username password pair specified as argument 2 and 3 After which it will log out and return Failure Upon 1 Not establishing a connection with the host 2 Not being able to...

Page 320: ...ssword n set EXIT_MSG Waitfor Failed Wait for confirmation socket waitfor SOCKET OK 200 We ve successfully logged in the server is up and going The job was done successfully socket disconnect SOCKET no set EXIT_MSG exit script 0 IMAP4 Keepalive no echo Filename ap kal imap4 Parameters HostName UserName Password Description This script will connect to a IMAP4 server and login with the username pass...

Page 321: ...ailed Wait for the OK welcome message for 600ms socket waitfor SOCKET OK 600 set EXIT_MSG Send Failed Send the username to the host socket send SOCKET a1 LOGIN UserName Password n set EXIT_MSG Waitfor Failed Wait for confirmation socket waitfor SOCKET a1 OK 200 set EXIT_MSG Send Failed Send the password socket send SOCKET a2 LOGOUT n set EXIT_MSG Waitfor Failed Wait for confirmation socket waitfor...

Page 322: ...the command line Failure Upon 1 Not being able to ping any one of the hosts in the list if ARGS LT 1 echo Usage ap kal pinglist HostName1 HostName2 HostName3 exit script 1 endbranch while ARGS GT 0 set Host ARGS 1 var shift ARGS function PingHost call Host endbranch no set EXIT_MSG exit script 0 function PingHost begin Ping the first host ping ARGS 1 grep u Success if STATUS NEQ 0 show variable UG...

Page 323: ...with the host 2 Not being able to send receive data to the host if ARGS NEQ 2 echo Usage ap kal finger Hostname UserName exit script 1 endbranch Defines set HostName ARGS 1 set UserName ARGS 2 set EXIT_MSG Connection Failed Connect to the remote host use default timeout socket connect host HostName port 79 tcp set EXIT_MSG Send Failed Send the username to finger socket send SOCKET UserName n set E...

Page 324: ...lure Upon 1 Not establishing a connection with the host 2 Not being able to receive incoming data Make sure the user has a qualified number of arguments if ARGS NEQ 1 echo Usage ap kal time Hostname exit script 1 endbranch Defines set HostName ARGS 1 set EXIT_MSG Connection Failed Connect to the remote host use default timeout socket connect host HostName port 37 tcp 2000 set EXIT_MSG Receive Fail...

Page 325: ...at we can compare the incoming Set Cookie request Failure Upon 1 Not establishing a connection with the host 2 Not being able to receive the cookie if ARGS NEQ 3 echo Usage ap kal setcookie Hostname WebPage cookieString echo Where cookieString is a name value pair like mycookie myvalue exit script 1 endbranch Defines set HostName ARGS 1 set WebPage ARGS 2 set CookieData ARGS 3 Connect to the remot...

Page 326: ...e authentication base64 hash work correctly Note This script authentication is based on HTTP AUTHENTICATION RFC 2617 Currently only supported option is Basic authentication using base64 encoding Digest Access is not supported at this time Failure Upon 1 Not establishing a connection with the host 2 Not being able authenticated with the Username Password not being given a status code of 200 OK if A...

Page 327: ...OCKET UserPass base64 socket send SOCKET n n Wait for a good status code set EXIT_MSG Waitfor Failed socket waitfor SOCKET 200 OK no set EXIT_MSG socket disconnect SOCKET exit script 0 DNS Keepalive no echo Filename ap kal dns Parameters Server DomainName Description This script will resolve a domain name from a specific DNS server This builds a UDP packet based on RFC 1035 Failure Upon 1 Not reso...

Page 328: ...f6d0000010001 raw Receive some unexplained response We don t care what it is because an unstable DNS server or a non existent one would probably not send us any data back at all set EXIT_MSG Receive Failed to receive data socket receive SOCKET no set EXIT_MSG socket disconnect SOCKET exit script 0 Echo Keepalive no echo Filename ap kal echo Parameters HostName udp tcp Description This script will ...

Page 329: ...text to echo socket send SOCKET Hello Cisco n set EXIT_MSG Waitfor Failed Wait for the reply from the echo should be the same socket waitfor SOCKET Hello Cisco 200 We ve successfully logged in the server is up and going The job was done successfully socket disconnect SOCKET no set EXIT_MSG exit script 0 HTTP Host Tag Keepalive no echo Filename ap kal httptag Parameters HostName WebPage HostTag Des...

Page 330: ...nHost HostTag n n Wait for a good status code set EXIT_MSG Waitfor Failed socket waitfor SOCKET 200 OK no set EXIT_MSG socket disconnect SOCKET exit script 0 Mailhost Keepalive no echo Filename ap kal mailhost Parameters HostName UserName Password Description This script will check the status on a mailhost The mailhost should be running a POP3 and SMTP service We will attempt to keepalive both ser...

Page 331: ...eive the incoming status code 220 welcome message socket waitfor SOCKET 220 200 set EXIT_MSG Send Failed Send the hello to the server socket send SOCKET helo HostName n set EXIT_MSG Waitfor Failed Wait for status code 250 to be returned socket waitfor SOCKET 250 200 We ve successfully logged in the server is up and going The job was done successfully socket disconnect SOCKET POP3 set EXIT_MSG Conn...

Page 332: ...t disconnect SOCKET no set EXIT_MSG exit script 0 LDAP Keepalive no echo Filename ap kal ldap Parameters HostName Description Lightweight Directory Access Protocol v3 This script will connect to an LDAP server and attempt to bind request to the server Once the server gives a positive response we will disconnect RFC 2251 Bind Response Code we will search for is 0x0a 0x01 0x00 Failure Upon 1 Not est...

Page 333: ...andard capture of a bind request in hex This should work for all standard version 3 LDAP servers socket send SOCKET 300c020102600702010204008000 raw set EXIT_MSG Receive Failure Expect to receive a standard response from the host This should be equal to a SUCCESS response code socket waitfor SOCKET 0a0100 2000 raw set EXIT_MSG Send Failure Send an exit Unbind Request to the remote host so that the...

Page 334: ...Chapter 8 Using the CSS Scripting Language Script Keepalive Examples 8 66 Cisco Content Services Switch Administration Guide OL 5647 02 ...

Page 335: ...e Updating MIBs Note When syntax changes are made to existing CLI commands the CSS updates your startup config file automatically with most command syntax changes For example the CSS automatically updates the dnsflow disable command in the startup config file to the flow state command If the CSS does not update a command syntax change in a startup config file automatically a startup error is displ...

Page 336: ...ge From this location access the page listing the versions of GZIP compressed software then click an image to download it Once the image is downloaded place it on an FTP server that the CSS can access Note You do not need to uncompress the GZIP compressed software When you copy the software or if the upgrade script copies the software to the CSS the CSS automatically uncompresses it Configuring an...

Page 337: ...onic host name for example myhost mydomain com username Valid login username on the FTP server Enter a case sensitive unquoted text string with no spaces and a maximum of 16 characters password Password for the valid login username on the FTP server Enter a case sensitive quoted text string with no spaces and a maximum of 16 characters The CSS allows all special characters in a password except for...

Page 338: ... the upgrade script or manually enter CLI commands The upgrade script allows you to upgrade the CSS either automatically or interactively by responding to script prompts Either way the tasks that the script performs include Checking to see how many installed software versions are installed on the CSS and if the CSS contains the maximum number of installed software versions then deleting an older s...

Page 339: ...lly that is use FTP to transfer the adi to the CSS and perform a manual unpack Automatically Running the Upgrade Script You can run the upgrade script to perform the software upgrade without having to enter any information The script automatically Checks to see how many installed software versions are installed on the CSS You can install a maximum of two software versions on the CSS If the CSS con...

Page 340: ... use the save_profile alias command For example enter save_profile 3 Rename any Cisco supplied scripts that you changed The upgrade script does not overwrite the Cisco supplied scripts in the script directory of the new software image with the changed versions of the scripts except the default profile script If the upgrade script detects differences between the old version of the default profile s...

Page 341: ...delete sg0720003 archive running config startup config Attempting ftp of sg0740002 adi copy ftp DEFAULT_FTP new_version_adi boot image Copying 57 241 012 Completed successfully config boot unpack new_version_adi Unpacking 99 config boot The script copies the scripts and user profiles from the old script directory to the script directory of the new software image Note that script_name is the name o...

Page 342: ...the ADI as the primary boot file and reboots the CSS setting primary boot file sg0740002 rebooting The CSS automatically performs a Flash upgrade if necessary and then boots the new image 5 After you upgrade and reboot a CSS 11506 that contains a passive SCM use the passive sync command in boot config mode or the passive sync macro command immediately after upgrading your CSS software to synchroni...

Page 343: ...To use the interactive version of the script 1 Log in to the CSS 2 Copy any changes in your current user profile to the scripts directory During the upgrade the upgrade script copies the contents of this directory including user profiles into the script directory of the new software image To copy any changes to your current user profile to the scripts directory use the save_profile alias command F...

Page 344: ... where you copied the upgrade ADI The script displays the current version of the ADI Current Version sg0730002 Official If the script detects the maximum number of ADIs a message informs you to remove an ADI Then the script prompts you to remove an older ADI For example You must remove an installed version to upgrade remove sg0720003 y n q The script does not prompt you to delete a version of soft...

Page 345: ... file configuration Set primary boot file to Version sg0740002 y n q y 9 Determine whether to have the CSS reboot with the ADI Enter y to reboot the CSS with this ADI after the upgrade is done Enter n to not reboot the CSS with the ADI after the upgrade is done Reboot with Version sg0740002 y n q y 10 Determine whether to have the CSS archive the contents of the running config file to the startup ...

Page 346: ...de aborted If an old script has the same name as a Cisco supplied script but its contents differ the following message appears script_name differs between images The upgrade script does not overwrite the Cisco supplied scripts in the script directory of the new software image with the older versions of the scripts except the default profile script If the upgrade process detects an older version of...

Page 347: ...ot configurations on the redundant SCMs For details on configuring a boot configuration record for a passive SCM see Chapter 2 Specifying the CSS Boot Configuration 13 If the CSS does not have a startup config file it uses the file in the archive directory To restore the startup config file use the restore filename startup config command For example to restore the startup config file in the archiv...

Page 348: ...tom scripts and user profile files from the CSS scripts directory to the archive directory Since the upgrade process installs the Cisco supplied scripts with the new software but does not overwrite the files in the archive directory archiving your custom script and user profile files allows you to save them for use with the new software After the upgrade you can restore these files to the scripts ...

Page 349: ...age If you are copying an uncompressed version of the ADI from the FTP server include the adi file extension for example sg0740002 adi config boot Ctl z copy ftp DEFAULT_FTP sg0740002 adi gz boot image DEFAULT_FTP is the FTP record file defined in the Configuring an FTP Server Record on the CSS section Note When you copy a GZIP compressed ADI onto the CSS the CSS automatically uncompresses it 6 Un...

Page 350: ...lename startup config command For example to restore the startup config file in the archive directory as the startup config file on the CSS enter restore startup config startup config To restore each custom script and user profile file to the script directory use the restore filename script command For example to restore the admin profile filename to the CSS script directory enter restore admin pr...

Page 351: ...owing functions Set the boot configuration Configure a primary and secondary location from which the CSS accesses the boot image Configure an IP address for the CSS Configure a subnet mask Configure a default gateway Show the boot configuration Select Advanced Options to Delete a software version from the disk Set a password for the Offline DM Main menu Set an administrative username and password ...

Page 352: ...terminal server configure the client application to display 24 lines to enable the Offline DM Main menu to display properly 3 Power on the CSS After the CSS begins to boot approximately 15 seconds it displays the following message for approximately 5 seconds Would you like to access the Offline Diagnostic Monitor menu y cr At this point in the boot sequence you may either Take no action or press n...

Page 353: ...ot Configuration 1 Set Primary Boot Configuration 2 Set Secondary Boot Configuration 3 Set IP Address and Subnet Mask r Return to previous menu 2 Show Boot Configuration Display boot configurations including primary and secondary boot configurations records and IP information 3 Advanced Options 1 Delete a software version 2 Security Options 3 Disk Options 4 Set MSD Mapping r Return to previous men...

Page 354: ...es how the CSS uses the boot configuration information to complete the boot process Figure B 1 Boot Configuration Flowchart No No No No CSS Begins Boot Process Is Primary Boot Record Configured Is Secondary Boot Record Configured Primary Boot Succeed Secondary Boot Succeed Boot Failed Attempt Primary Boot Record Attempt Secondary Boot Record Yes Yes Yes Yes No configuration Done Done 67953 ...

Page 355: ...m the tasks described in Table B 2 Table B 2 Boot Configuration Options Menu Option Function 1 Set Primary Boot Configuration Specifies the primary location Network FTP Disk or Clear from which the CSS accesses the boot image The default location is Disk 2 Set Secondary Boot Configuration Specifies the secondary location Network FTP Disk or Clear from which the CSS accesses the boot image The defa...

Page 356: ... brackets Configuring PRIMARY Boot Record Boot via N etwork F TP D isk or C lear D Press Enter to continue Boot via Network Allows you to boot the CSS using FTP from CSS software on a network mounted file system on a remote system Boot via FTP Allows you to download an ADI file containing CSS software that you want to install on the CSS disk hard or Flash disk Boot via Disk Allows you to boot the ...

Page 357: ...ot image Note When using an alternate configuration path make sure the path leads to a directory containing the script log and info subdirectories These subdirectories must contain the files in the corresponding subdirectories in the boot image First create these subdirectories on the FTP server then copy the files from the boot image to the subdirectories The CSS has a disk failure A network boot...

Page 358: ...mation This path is the FTP daemon addressable location where the boot image has been unpacked You must also include the FTP server IP address and the username and password to access the boot image For example Enter the FTP Kernel path k sg0730002 hdd Enter FTP Server IP address 10 3 6 58 Enter FTP Server authentication username mandy Enter FTP Server authentication password fred 2 Enter an altern...

Page 359: ...o the network Note the locations of the Ethernet management port on the CSS as listed below CSS 11503 and CSS 11506 SCM 10 Mbps Ethernet management port CSS 11501 Front panel 10 Mbps Ethernet management port When you select FTP the CSS prompts you for the boot image filename and FTP information Note The CSS FTP server supports only the active normal FTP mode of operation The FTP server does not su...

Page 360: ...server and unpacks uncompresses the file Boots the CSS using the boot image you specified Specifying Disk as the Primary Boot Record When you select Disk as the primary boot record the CSS displays all boot image versions that reside on the disk For example sg0730002 sg0720104 1 Enter the boot image filename you wish to use at the prompt Enter the boot image filename sg0730002 2 Press Enter to dis...

Page 361: ...ously entered information the CSS displays the existing information and default values in square brackets Configuring SECONDARY Boot Record Boot via N etwork F TP D isk or C lear D Press Enter to continue Boot via Network Allows you to boot the CSS using FTP from CSS software on a network mounted file system on a remote system Boot via FTP Allows you to download an ADI file containing CSS software...

Page 362: ...he boot image Note When using an alternate configuration path make sure the path leads to a directory containing the script log and info subdirectories These subdirectories must contain the files in the corresponding subdirectories in the boot image First create these subdirectories on the FTP server then copy the files from the boot image to the subdirectories The CSS has a disk failure A network...

Page 363: ...on where the boot image has been unpacked You must also include the FTP server IP address and the username and password to access the boot image For example Enter the FTP Kernel path k sg0720104 hdd Enter FTP Server IP address 10 3 6 58 Enter FTP Server authentication username mandy Enter FTP Server authentication password fred 2 Enter an alternate path to the configuration files including the sta...

Page 364: ...0 Mbps Ethernet management port When you select FTP the CSS prompts you for the boot image filename and FTP information 1 Enter a valid FTP pathname if required For example Enter the boot image filename ftpimages sg0720104 Enter FTP Server IP address 10 3 6 58 Enter FTP Server authentication user name mandy Enter FTP Server authentication password fred The CSS queries if you want to access the boo...

Page 365: ...s you to enter a boot image 1 Enter a boot image filename Boot via N etwork F TP D isk or C lear D ap0730002 ap0720104 Enter the boot image filename sg0720104 2 Press Enter to display the Boot Configuration menu Press Enter to continue 3 Enter r to display the Offline DM Main menu 4 Select option 4 to reboot the CSS Upon reboot the CSS boots up using the boot image you specified Specifying Clear a...

Page 366: ...enter an IP address for the management port The Ethernet management port IP address must be a different subnet from any other CSS VLAN circuit IP subnet If you do not make the Ethernet management port IP address unique you cannot access the port The first time that you configure an IP address for the Ethernet management port the CSS automatically assigns a default subnet mask of 255 255 255 0 If n...

Page 367: ... sg0730002 SECONDARY Boot Type DISK Boot File sg0720104 1 Press Enter to display the Offline DM Main menu Press Enter to continue 2 Press r to display the Offline DM Main menu Using the Advanced Options The CSS hard disk or Flash disk enables you to store two versions of software including the version you are currently running If you are storing the maximum number of software versions on the CSS a...

Page 368: ...Advanced Options menu Press Enter to continue 3 Enter r to display the Offline DM main menu 4 Select option 4 to reboot the CSS Using the Security Options The Security Options menu enables you to Set password protection on the Offline DM menu Change the administrative username and password The Security Options menu is as follows S E C U R I T Y O P T I O N S Enter the number of a menu selection 1 ...

Page 369: ...d password when you access the Offline DM Main menu If you enter no the CSS does not prompt you for a username and password when you access the Offline DM Main menu 2 Press Enter to display the Security Options menu Press Enter to continue 3 Enter r to return to the Advanced Options menu 4 Enter r to return to the Offline DM Main menu 5 Enter 4 to reboot the CSS or select another option to continu...

Page 370: ...running config file but restores the username from NVRAM when you reboot the CSS To change the administrative username and password through the Offline DM Main menu 1 Select option 2 from the Security Options menu 2 Enter a username The CSS prompts you for this username when you log in The CSS also prompts you for this username and password if you set password protection on the Offline DM Main men...

Page 371: ... Disable Disables running a check of the disk at boot time or enable it again By default check disk is enabled Note We do not recommend running a Flash disk with the Check Disk Disable option selected The Disk Options menu is as follows D I S K O P T I O N S Enter the number of a menu selection 1 Format Disk 2 Check Disk 3 Check Disk Disable r Return to previous menu Reformatting the Disk If the C...

Page 372: ...using the quick format does not perform cluster verification Use the quick format only when you are certain of the disk integrity no to reformat the disk including cluster verification After the CSS reformats the disk it displays Operation completed successfully 6 Enter r to return to the Advanced Options menu 7 Enter r to return to the Offline DM Main menu Because the disk is empty you must confi...

Page 373: ...of lost clusters The amount of time the CSS requires to perform a disk check is proportional to the number of installed files and directories on the disk The greater the number of installed files and directories the longer the CSS takes to complete the disk check Note The CSS cannot recover from sector failures located within the first 754 sectors on the disk for example boot primary secondary FAT...

Page 374: ...d run the disk check The CSS prompts you to perform a quick check of the disk Quick check disk yes no 3 Choose whether you want the CSS to perform a quick disk check or a complete disk check Enter either yes to instruct the CSS to perform a quick disk check does not include cluster verification Use quick disk check only when you are certain of the disk integrity no to instruct the CSS to perform a...

Page 375: ...led to disable it 1 Select option 3 from the Disk Options menu 2 Enter r to return to the Advanced Options menu 3 Enter r to return to the Offline DM Main menu 4 Select option 2 to display the boot configuration When check disk is disabled the CSS displays the following Miscellaneous Check Disk is disabled IP MAC Information IP Address 10 3 6 58 Subnet Mask 255 0 0 0 Gateway Address 172 16 11 1 MA...

Page 376: ...gging and storing offline system files The two disks are identified by the PCMCIA slots slot 0 and slot 1 in which they are installed Disk 0 is the default storage location for the primary and secondary boot records in the CSS The default storage location for log files and core dumps in the CSS is the specified disk from which the CSS boots disk 0 or disk 1 To specify the CSS disk that is to be th...

Page 377: ...rompts you to specify the disk for writing information to log files Set Log to which PCMCIA slot 0 1 5 Enter either 0 for the disk in slot 0 or 1 for the disk in slot 1 6 Enter r to return to the Advanced Options menu 7 Enter r to return to the Offline DM Main menu 8 Select option 4 to reboot the CSS Rebooting the CSS To reboot the CSS from the Offline DM Main menu 1 Select option 4 to reboot the ...

Page 378: ...Appendix B Using the Offline Diagnostic Monitor Menu Rebooting the CSS B 28 Cisco Content Services Switch Administration Guide OL 5647 02 ...

Page 379: ...ing B 19 administrative username setting B 19 advanced options for Offline Diagnostic Monitor menu B 17 agent CSS as SNMP agent defining 5 11 MIB 5 5 overview 5 2 SNMP 5 2 alternate configuration path B 7 Application Program Interface API configuring 7 1 archive directory archiving files to 1 25 clearing 1 27 restoring files from 1 27 archiving files viewing 1 4 files to the archive directory 1 15...

Page 380: ...ics 5 31 C caution ADI removing A 13 clearing the running configuration 1 9 community strings for SNMP 5 14 Ethernet Management port IP address configuring B 16 symbol overview xxviii changing CLI prompt 3 10 chassis information displaying 1 35 check disk disabling or enabling on the disk B 25 performing on the disk B 23 clearing archive directory 1 27 disk files 1 23 RMON statistics 6 31 running ...

Page 381: ...ng 1 33 HTTP server controlling access 7 5 idle timeout configuring 3 8 logging functions 4 4 MIBs 5 38 SNMP controlling access 5 10 system resources displaying 1 43 system uptime displaying 1 44 user terminal parameters configuring 3 5 copying boot configuration record 2 16 core dumps to FTP or TFTP server 1 31 core dumps to TFTP server 1 30 files between disks 1 21 log files to FTP or TFTP serve...

Page 382: ...ilure network boot B 7 disabling logging to 4 14 disabling or enabling check disk B 25 files displaying 1 23 formatting from CLI 1 17 general information showing 1 45 mapping displaying 1 22 module restoring files from archive directory 1 27 options Offline Diagnostic Monitor menu B 21 performing a check disk B 23 reformatting the disk Disk Option menu B 21 reformatting the disk from CLI 1 17 runn...

Page 383: ...r 1 32 4 23 record configuring 1 4 FTP server copying core dumps to 1 32 copying files from 1 6 copying log files to 4 23 record configuring A 2 G gateway default for Management port B 16 GZIP compressed software A 2 H hard disk configuring 1 16 directory structure 1 2 installed software versions A 5 logging to 4 3 reformatting 1 17 hardware displaying chassis information 1 35 history buffer displ...

Page 384: ...estoring archived files 1 28 showing 4 18 sys log 1 3 logging ACL activity 4 11 boot bak 4 3 boot log 4 3 CLI commands 4 18 commands 4 2 configuring from config mode 4 4 CSS line destination specifying 4 17 disabling 4 17 disabling to sys log file 4 14 enabling for a subsystem 4 7 enabling to sys log file 4 14 file destination 4 13 host destination specifying 4 16 interpreting sys log messages 4 2...

Page 385: ...S 5 38 defining object as a sample variable 6 16 directory 1 3 enterprise 5 7 looking up objects 5 30 6 16 object identifiers 5 7 objects 5 5 upgrading A 16 useful statistics 5 31 variables 5 7 N netmask format configuring for user 3 7 network boot configuration showing 2 20 primary boot record B 7 restrictions B 7 B 12 secondary boot record B 12 specifying primary config path 2 6 network drive bo...

Page 386: ...agnostic Monitor menu B 18 B 21 prefix notation configuring for subnet mask display 3 7 pre login banner configuring 3 11 primary boot configuration 2 3 2 4 2 11 2 12 B 6 file specifying 1 17 1 18 1 19 1 20 2 3 type configuring 2 4 primary boot record destination configuring from CLI 1 18 destination configuring from Offline DM B 26 disk boot 2 3 B 10 FTP boot B 9 network boot B 7 secondary boot B...

Page 387: ... defining 6 16 sampling example 6 10 sampling type defining 6 17 setting attributes 6 15 startup alarm defining 6 20 RMON event activating 6 9 community defining 6 7 configuring 6 4 describing 6 8 group 6 2 index deleting 6 6 notification type defining 6 8 owner defining 6 8 quick configuration 6 5 running config example 6 5 setting attributes 6 7 suspending 6 10 viewing 6 33 viewing a traplog fil...

Page 388: ...larm 6 20 RMON alarm example 6 10 SCM boot record for passive SCM configuring 2 10 configuring network boot for primary 2 18 disks configuring from CLI 1 16 disks formatting from CLI 1 17 IP address for passive SCM configuring 2 11 network boot for passive configuring 2 19 scripting language no echo command 8 7 arithmetic operators 8 11 arrays 8 22 bitwise logical operators 8 30 Boolean logic oper...

Page 389: ...fline Diagnostic Monitor menu B 18 setting password protection on Offline Diagnostic Monitor menu B 18 session specifying as log file destination 4 17 showing boot information B 17 core dumps 1 31 disk files 1 23 disk mapping 1 22 DoS attacks 5 26 general disk information 1 45 log files 4 18 SNMP configuration 5 29 software versions 1 2 1 34 system resources 1 43 system uptime 1 44 user informatio...

Page 390: ...27 subnet mask configuring using Offline Diagnostic Monitor menu B 16 prefix notation configuring for user 3 7 subsystem disabling logging 4 7 enabling for logging 4 7 log messages 4 2 log messages defining 4 10 sys log 1 3 4 2 4 3 4 14 4 18 sys log prev 4 4 syslogd logging to 4 3 4 4 system configuration information script 8 43 system resources showing 1 43 T terminal parameters terminal idle con...

Page 391: ...iles configuring 3 2 copying and saving 3 13 user terminal parameters configuring 7 1 terminal domain lookup configuring 3 5 terminal idle configuring 3 5 terminal length configuring 3 6 terminal more configuring 3 6 terminal timeout configuring 3 7 V VTY log files 4 3 4 4 W warning level warning 4 3 4 5 4 10 4 11 symbol overview xxix X XML enabling access to the CSS 5 10 enabling secure access to...

Page 392: ...o Content Services Switch Administration Guide OL 5647 02 publishing 7 6 special characters 7 2 testing 7 7 using on the CSS 7 1 XML document example 7 4 Z zip file included on Cisco com A 2 using for network boot 2 17 ...

Reviews:

No comments

Related manuals for 11500 Series

ABB EDS500 Series Operating Instruction preview
EDS500 Series
Brand: ABB Pages: 7
ABB Sense7 Series Original Instructions Manual preview
Sense7 Series
Brand: ABB Pages: 15
ABB NAL Series Mounting And Operation Manual preview
NAL Series
Brand: ABB Pages: 32
ABB VUBB User Manual preview
VUBB
Brand: ABB Pages: 44
N-Tron 100 Series User Manual & Installation Manual preview
100 Series
Brand: N-Tron Pages: 20
Barksdale 9000 Series Operating Instructions preview
9000 Series
Brand: Barksdale Pages: 5
Barksdale 8000 Series Operating Instructions Manual preview
8000 Series
Brand: Barksdale Pages: 6
S&C 2000 series Instructions For Field Assembly And Installation preview
2000 series
Brand: S&C Pages: 26
S&C 2000 series Installation Manual preview
2000 series
Brand: S&C Pages: 28
S&C 2000 series Installation And Operation Manual preview
2000 series
Brand: S&C Pages: 37
D-Link DKVM-IP1 Manual preview
DKVM-IP1
Brand: D-Link Pages: 73
La Toulousaine 1400 Installation Manual preview
1400
Brand: La Toulousaine Pages: 6
JDS Uniphase SB Series User Manual preview
SB Series
Brand: JDS Uniphase Pages: 40
Magnetrol T20 Series Instruction Manual And Replacement Parts List preview
T20 Series
Brand: Magnetrol Pages: 12
Magnetrol T20 Series Installation And Operating Manual preview
T20 Series
Brand: Magnetrol Pages: 24
ABLE 6 Series Installation & Maintenance Instructions preview
6 Series
Brand: ABLE Pages: 5
TAMS 1800 Series Installation & Operation Manual preview
1800 Series
Brand: TAMS Pages: 28
D-Link DFE-550TX Datasheet preview
DFE-550TX
Brand: D-Link Pages: 2

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

ABB AEG Acer Asus Beko Black & Decker Bosch Brother Candy Canon Cisco Craftsman D-Link DeWalt Dell Electrolux Emerson Epson Frigidaire Fujitsu GE HP Haier Hitachi Honeywell Huawei Husqvarna JVC Kenmore Kenwood KitchenAid LG Lenovo Makita Miele Mitsubishi Electric Motorola NEC Nikon Nokia Panasonic Philips Pioneer Samsung Sanyo Sharp Siemens Sony TP-Link Toshiba Whirlpool Xiaomi Yamaha Zanussi Load more brands