====== ALE OmniSwitch mit OmniVista Cirrus ====== ===== Einbindung OmniSwitch 6450 inkl. Upgrade des AOS in OmniVista Cirrus ===== Der Switch kam ohne Konfiguration mit einer zu aktualisierenden AOS Version (Build 113 vs. Build 114) online. Der Vorgang musste erneut angestoßen werden, da der Switch die Zeit mit dem NTP-Server nicht schnell genug abgeglichen hat. Das wäre innerhalb von 30 Minuten auch automatisch passiert, aber so lange wollte ich nicht warten. Der OmniSwitch lädt jeweils auch signature Dateien herunter damit MON JAN 01 01:36:53 : CSM-CHASSIS (103) info message: +++ == CSM == CMM startup completed +++ == CSM == ---------------------------------------------------------------- +++ == CSM == SW Activation In Progress, CERTIFY & FLASH SYNCHRO may be needed +++ == CSM == ---------------------------------------------------------------- MON JAN 01 01:36:53 : REMOTE_CONFIG (125) info message: +++ Automatic Remote configuartion Initiated MON JAN 01 01:36:53 : CLI (67) info message: +++ Starting new CLI console session Successfully sent the I2C read message to NISUP!! MON JAN 01 01:37:06 : INTERFACE (6) info message: +++ NIs are ready MON JAN 01 01:37:27 : IP-HELPER (22) error message: +++ relayRecvAck: TFTP Server Name Option is NULL or greater than 64 +++ relayRecvAck: TFTP Boot File Name Option is NULL or greater than 64 MON JAN 01 01:37:56 : IP-HELPER (22) error message: +++ relayRecvAck: TFTP Server Name Option is NULL or greater than 64 +++ relayRecvAck: TFTP Boot File Name Option is NULL or greater than 64 MON JAN 01 01:37:56 : REMOTE_CONFIG (125) info message: +++ DHCP Response message received for remote config MON JAN 01 01:37:56 : CLOUD-AGENT (167) info message: +++ DHCP client message arrived MON JAN 01 01:37:57 : CLOUD-AGENT (167) warning message: +++ Running Config updated by Cloud-Agent! +++ Save and Sync Config for Takeover Readiness (Do 'write memory flash-synchro')! MON JAN 01 01:37:58 : SYSTEM (75) alert message: +++ Resolver enabled! MON JAN 01 01:37:58 : CLOUD-AGENT (167) info message: +++ Switch will now contact Activation Server by doing Call-Home! MON JAN 01 01:38:00 : CLOUD-AGENT (167) error message: +++ SSL certificate problem: certificate is not yet valid +++ continue_multi_perform: Peer certificate cannot be authenticated with given CA c +++ [Count.]ertificates(60) +++ HTTP POST request on Activation Server failed +++ CallHome Request returned failure login : admin password : Welcome to the Alcatel-Lucent Enterprise OmniSwitch 6450 Software Version 6.7.2.113.R05 GA, December 06, 2018. Copyright(c), ALE USA Inc., 2017. All Rights reserved. OmniSwitch(TM) is a trademark of Alcatel-Lucent Enterprise registered in the United States Patent and Trademark Office. -> -> -> show system System: Description: Alcatel-Lucent Enterprise OS6450-24 6.7.2.113.R05 GA, December 06, 2018., Object ID: 1.3.6.1.4.1.6486.800.1.1.2.1.12.1.5, Up Time: 0 days 0 hours 3 minutes and 29 seconds, Contact: Alcatel-Lucent Enterprise, https://www.al-enterprise.com, Name: vxTarget, Location: Unknown, Services: 72, Date & Time: MON JAN 01 2001 01:38:31 (UTC) Flash Space: Primary CMM: Available (bytes): 54441984, Comments : None -> show configuration snapshot ntp ! NTP : ntp server unsynchronized ntp server clock0.ovcirrus.com key 0 version 4 minpoll 4 iburst ntp server clock1.ovcirrus.com key 0 version 4 minpoll 4 iburst ntp server clock3.ovcirrus.com key 0 version 4 minpoll 4 iburst ntp server clock2.ovcirrus.com key 0 version 4 minpoll 4 iburst ntp client enable -> ping heise.de PING heise.de (193.99.144.80): 56 data bytes 64 bytes from heise.de (193.99.144.80): icmp_seq=0. time=28. ms 64 bytes from heise.de (193.99.144.80): icmp_seq=1. time=15. ms ----heise.de PING Statistics---- 2 packets transmitted, 2 packets received, 0% packet loss round-trip (ms) min/avg/max = 15/21/28 -> show system System: Description: Alcatel-Lucent Enterprise OS6450-24 6.7.2.113.R05 GA, December 06, 2018., Object ID: 1.3.6.1.4.1.6486.800.1.1.2.1.12.1.5, Up Time: 0 days 0 hours 4 minutes and 13 seconds, Contact: Alcatel-Lucent Enterprise, https://www.al-enterprise.com, Name: vxTarget, Location: Unknown, Services: 72, Date & Time: MON APR 29 2019 17:40:18 (UTC) Flash Space: Primary CMM: Available (bytes): 54441984, Comments : None -> show cloud-agent ^ ERROR: Incomplete command -> show cloud-agent status Admin State : Enabled, Activation Server State : Unknown, Device State : Error, Error State : ActivationServerUnreachable, Cloud Group : unknown, DHCP Address : 192.168.2.158, DHCP IP Address Mask : 255.255.255.0, Gateway : 192.168.2.10, Activation Server : activation.myovcloud.com:443, Network ID : -, NTP Server : clock0.ovcirrus.com,clock1.ovcirrus.com,clock3.ovcirrus.com,clock2.ovcirrus.com, DNS Server : 192.168.2.1, DNS Domain : home, Proxy Server : -, VPN Server : -, Pre-provision Server : -, OV Tenant : -, VPN DPD Time (sec) : -, Image Server : -, Image Download Retry count : -, Discovery Interval (min) : 30, Time to Next Call Home (sec) : 1708, Call-home Timer Status : RUNNING, Discovery Retry Count : 0 Certificate Status : CONSISTENT -> cloud-agent ? ^ REMOVE-INCONSISTENT-CERTIFICATE DISCOVERY-INTERVAL ADMIN-STATE (Cloud Agent Command Set) -> cloud-agent admin-state ? ^ RESTART ENABLE DISABLE (Cloud Agent Command Set) -> cloud-agent admin-state res MON APR 29 17:40:55 : NTP (29) info message: +++ NTP Active server is 138.201.16.225 tart -> show cloud-agent ^ ERROR: Incomplete command -> show cloud-agent status Admin State : Enabled, Activation Server State : Unknown, Device State : Error, Error State : ActivationServerUnreachable, Cloud Group : unknown, DHCP Address : 192.168.2.158, DHCP IP Address Mask : 255.255.255.0, Gateway : 192.168.2.10, Activation Server : activation.myovcloud.com:443, Network ID : -, NTP Server : clock0.ovcirrus.com,clock1.ovcirrus.com,clock3.ovcirrus.com,clock2.ovcirrus.com, DNS Server : 192.168.2.1, DNS Domain : home, Proxy Server : -, VPN Server : -, Pre-provision Server : -, OV Tenant : -, VPN DPD Time (sec) : -, Image Server : -, Image Download Retry count : -, Discovery Interval (min) : 30, Time to Next Call Home (sec) : 1669, Call-home Timer Status : RUNNING, Discovery Retry Count : 0 Certificate Status : CONSISTENT -> show configuration snapshot ! Stack Manager : ! Chassis : system daylight savings time disable mac-retention status enable ! Configuration: ! VLAN : vlan 1 enable name "VLAN 1" vlan 127 enable name "VLAN 127" ! VLAN SL: ! IP : ip service all ip interface dhcp-client vlan 1 ifindex 1 ! IPMS : ! AAA : aaa authentication ssh "local" ! PARTM : ! 802.1x : ! QOS : ! Policy manager : ! Session manager : ! SNMP : ! RIP : ! IPv6 : ! IP multicast : ! IPRM : ! RIPng : ! Health monitor : health threshold temperature 78 ! Interface : ! Udld : ! Port Mapping : ! Link Aggregate : ! VLAN AGG: ! 802.1Q : vlan 127 802.1q 1/25 "TAG PORT 1/25 VLAN 127" vlan 127 802.1q 1/26 "TAG PORT 1/26 VLAN 127" ! Spanning tree : bridge mode 1x1 ! Bridging : ! Bridging : ! Port mirroring : ! UDP Relay : ! System service : ip name-server 192.168.2.1 ip domain-name home ip domain-lookup swlog console level info ! SSH : ! VRRP : ! Web : ! AMAP : ! Lan Power : ! NTP : ntp server unsynchronized ntp server clock0.ovcirrus.com key 0 version 4 minpoll 4 iburst ntp server clock1.ovcirrus.com key 0 version 4 minpoll 4 iburst ntp server clock3.ovcirrus.com key 0 version 4 minpoll 4 iburst ntp server clock2.ovcirrus.com key 0 version 4 minpoll 4 iburst ntp client enable ! RDP : ! VLAN STACKING: ! Ethernet-OAM : ! EFM-OAM : ! SAA : ! Loopback-detection : ! ERP : ! TEST-OAM : ! PPPOE-IA : ! Link-fault-propagation : ! DHL : ! LLDP : ! DHCP Server : ! Stack Split-Protection Helper : ! Openflow : ! DHCPv6 : ! TWAMP : ! CLOUD-AGENT : cloud-agent admin-state enable -> show vlan stree mble src vlan type admin oper 1x1 flat auth ip tag lrn name -----+-----+------+------+------+------+----+-----+-----+------+---------- 1 std on on on on off on off on VLAN 1 127 std on off on on off off off on VLAN 127 -> show cloud-agent status Admin State : Enabled, Activation Server State : Unknown, Device State : Error, Error State : ActivationServerUnreachable, Cloud Group : unknown, DHCP Address : 192.168.2.158, DHCP IP Address Mask : 255.255.255.0, Gateway : 192.168.2.10, Activation Server : activation.myovcloud.com:443, Network ID : -, NTP Server : clock0.ovcirrus.com,clock1.ovcirrus.com,clock3.ovcirrus.com,clock2.ovcirrus.com, DNS Server : 192.168.2.1, DNS Domain : home, Proxy Server : -, VPN Server : -, Pre-provision Server : -, OV Tenant : -, VPN DPD Time (sec) : -, Image Server : -, Image Download Retry count : -, Discovery Interval (min) : 30, Time to Next Call Home (sec) : 1611, Call-home Timer Status : RUNNING, Discovery Retry Count : 0 Certificate Status : CONSISTENT -> cloud-agent admin-state restart -> MON APR 29 17:42:26 : CLOUD-AGENT (167) info message: +++ Switch will now contact Activation Server by doing Call-Home! MON APR 29 17:42:28 : CLOUD-AGENT (167) info message: +++ cloudProcessStatus : gotCertificate(3) MON APR 29 17:42:29 : CLOUD-AGENT (167) info message: +++ Please check the status of debug file 'libcurl_log' +++ Switch will now contact Activation Server by doing Call-Home! MON APR 29 17:42:32 : CLOUD-AGENT (167) info message: +++ cloudProcessStatus : upgradeSw(10) +++ Starting Download: '/flash/working/KFbase.img' login : MON APR 29 17:48:09 : CSM-CHASSIS (103) info message: +++ == CSM == Stack topology changes have been updated to persistant file MON APR 29 17:48:35 : CLOUD-AGENT (167) info message: +++ Finished Download of Image: '/flash/working/KFbase.img' MON APR 29 17:48:37 : CLOUD-AGENT (167) info message: +++ Starting Download: '/flash/working/KFbase.img.sig' MON APR 29 17:48:38 : CLOUD-AGENT (167) info message: +++ Finished Download of Image Signature: '/flash/working/KFbase.img.sig' MON APR 29 17:48:49 : CLOUD-AGENT (167) info message: +++ Signature Verified OK : /flash/working/KFbase.img +++ Starting Download: '/flash/working/KFeni.img' MON APR 29 17:50:39 : CLOUD-AGENT (167) info message: +++ Finished Download of Image: '/flash/working/KFeni.img' MON APR 29 17:50:40 : CLOUD-AGENT (167) info message: +++ Starting Download: '/flash/working/KFeni.img.sig' MON APR 29 17:50:41 : CLOUD-AGENT (167) info message: +++ Finished Download of Image Signature: '/flash/working/KFeni.img.sig' MON APR 29 17:50:45 : CLOUD-AGENT (167) info message: +++ Signature Verified OK : /flash/working/KFeni.img +++ Starting Download: '/flash/working/KFos.img' MON APR 29 17:51:48 : CLOUD-AGENT (167) info message: +++ Finished Download of Image: '/flash/working/KFos.img' +++ Starting Download: '/flash/working/KFos.img.sig' MON APR 29 17:51:49 : CLOUD-AGENT (167) info message: +++ Finished Download of Image Signature: '/flash/working/KFos.img.sig' MON APR 29 17:51:52 : CLOUD-AGENT (167) info message: +++ Signature Verified OK : /flash/working/KFos.img +++ Starting Download: '/flash/working/KFsecu.img' MON APR 29 17:52:05 : CLOUD-AGENT (167) info message: +++ Finished Download of Image: '/flash/working/KFsecu.img' +++ Starting Download: '/flash/working/KFsecu.img.sig' MON APR 29 17:52:06 : CLOUD-AGENT (167) info message: +++ Finished Download of Image Signature: '/flash/working/KFsecu.img.sig' +++ Signature Verified OK : /flash/working/KFsecu.img +++ setup_next_multi_perform: All image and signature files downloaded and verified +++ [Count.]successfully! +++ All images downloaded and verified OK! +++ upgradeImageState : fileDownloadedOK(1) MON APR 29 17:52:09 : CLOUD-AGENT (167) info message: +++ All set for Reload CLOUD_AGENT: Doing a Reload working MON APR 29 17:52:09 : CSM-CHASSIS (103) info message: +++ == CSM == !!! ACTIVATING !!! MON APR 29 17:52:09 : CLOUD-AGENT (167) info message: +++ Doing a Reload working nach dem neustart (wg. Software Update) MON APR 29 17:54:32 : CSM-CHASSIS (103) info message: +++ == CSM == CMM startup completed +++ == CSM == ---------------------------------------------------------------- +++ == CSM == SW Activation In Progress, CERTIFY & FLASH SYNCHRO may be needed +++ == CSM == ---------------------------------------------------------------- MON APR 29 17:54:32 : REMOTE_CONFIG (125) info message: +++ Automatic Remote configuartion Initiated MON APR 29 17:54:32 : CLI (67) info message: +++ Starting new CLI console session Successfully sent the I2C read message to NISUP!! MON APR 29 17:54:45 : INTERFACE (6) info message: +++ NIs are ready MON APR 29 17:55:06 : IP-HELPER (22) error message: +++ relayRecvAck: TFTP Server Name Option is NULL or greater than 64 +++ relayRecvAck: TFTP Boot File Name Option is NULL or greater than 64 MON APR 29 17:55:35 : IP-HELPER (22) error message: +++ relayRecvAck: TFTP Server Name Option is NULL or greater than 64 +++ relayRecvAck: TFTP Boot File Name Option is NULL or greater than 64 MON APR 29 17:55:35 : REMOTE_CONFIG (125) info message: +++ DHCP Response message received for remote config MON APR 29 17:55:35 : CLOUD-AGENT (167) info message: +++ DHCP client message arrived MON APR 29 17:55:36 : CLOUD-AGENT (167) warning message: +++ Running Config updated by Cloud-Agent! +++ Save and Sync Config for Takeover Readiness (Do 'write memory flash-synchro')! MON APR 29 17:55:37 : SYSTEM (75) alert message: +++ Resolver enabled! MON APR 29 17:55:37 : CLOUD-AGENT (167) info message: +++ Switch will now contact Activation Server by doing Call-Home! MON APR 29 17:55:40 : CLOUD-AGENT (167) info message: +++ cloud_agent_decode_call_home :cloudProcessStatus : deviceCloudManaged(4) MON APR 29 17:55:45 : CLOUD-AGENT (167) info message: +++ OpenVPN Initiated MON APR 29 17:55:49 : CLOUD-AGENT (167) info message: +++ Got a task status update from OpenVPN, tun addr = 0x80fb002a, status = SUCCESS MON APR 29 17:56:18 : CLOUD-AGENT (167) info message: +++ cloudProcessStatus : completeOK(1) MON APR 29 17:56:49 : CLOUD-AGENT (167) info message: +++ boot.cfg written to /flash/working directory! MON APR 29 17:56:50 : CSM-CHASSIS (103) info message: +++ == CSM == CERTIFYing software process started +++ == CSM == Setting CERTIFY Timeout for 800 seconds from /flash/working to /flash/certified Copying KFbase.img .................... completed from /flash/working to /flash/certified Copying KFeni.img ..... MON APR 29 17:57:14 : NTP (29) info message: +++ NTP Active server is 178.63.9.110 ............... completed from /flash/working to /flash/certified Copying KFos.img .................... completed from /flash/working to /flash/certified Copying KFsecu.img .................... completed from /flash/working to /flash/certified Copying KFbase.img.sig .................... completed from /flash/working to /flash/certified Copying KFeni.img.sig .................... completed from /flash/working to /flash/certified Copying KFos.img.sig .................... completed from /flash/working to /flash/certified Copying KFsecu.img.sig .................... completed from /flash/working to /flash/certified Copying boot.cfg .................... completed +++ == CSM == Stack 1 Certify process Completed MON APR 29 17:57:22 : CSM-CHASSIS (103) info message: +++ == CSM == CERTIFY process completed successfully MON APR 29 17:57:23 : CLOUD-AGENT (167) info message: +++ Activation state: ACTIVN_STATE_COMPLETED login : admin password : Welcome to the Alcatel-Lucent Enterprise OmniSwitch 6450 Software Version 6.7.2.114.R05 GA, January 31, 2019. Copyright(c), ALE USA Inc., 2017. All Rights reserved. OmniSwitch(TM) is a trademark of Alcatel-Lucent Enterprise registered in the United States Patent and Trademark Office. -> -> -> show user User name = admin, Password expiration = None, Password allow to be modified date = None, Account lockout = None, Password bad attempts = 0, Read Only for domains = None, Read/Write for domains = All , Read Only for view = None, Read/Write for view = None, Snmp allowed = NO, Console-Only = Disabled User name = default (*), Password expiration = None, Password allow to be modified date = None, Account lockout = None, Password bad attempts = 0, Read Only for domains = None, Read/Write for domains = None, Read Only for view = None, Read/Write for view = None, Snmp allowed = NO, Console-Only = Disabled, (*)Note: The default user is not an active user account. It contains the default user account settings, for new user accounts. User name = ov-cirrus, Password expiration = None, Password allow to be modified date = None, Account lockout = None, Password bad attempts = 0, Read Only for domains = None, Read/Write for domains = All , Read Only for view = None, Read/Write for view = None, Snmp allowed = YES, Snmp authentication = SHA, Snmp encryption = NONE, Console-Only = Disabled -> show running-directory CONFIGURATION STATUS Running CMM : PRIMARY, CMM Mode : MONO CMM, Current CMM Slot : 1, Running configuration : WORKING, Certify/Restore Status : CERTIFIED SYNCHRONIZATION STATUS Running Configuration : NOT SYNCHRONIZED, -> MON APR 29 18:02:26 : CLOUD-AGENT (167) info message: +++ Switch will now contact Activation Server by doing Call-Home! MON APR 29 18:02:26 : NTP (29) info message: +++ NTP Active server is 217.144.138.234 MON APR 29 18:02:29 : CLOUD-AGENT (167) info message: +++ cloud_agent_decode_call_home :cloudProcessStatus : deviceCloudManaged(4) MON APR 29 18:03:02 : CLOUD-AGENT (167) info message: +++ cloudProcessStatus : completeOK(1) MON APR 29 18:03:04 : CLOUD-AGENT (167) info message: +++ Activation state: ACTIVN_STATE_COMPLETED -> show system System: Description: Alcatel-Lucent Enterprise OS6450-24 6.7.2.114.R05 GA, January 31, 2019., Object ID: 1.3.6.1.4.1.6486.800.1.1.2.1.12.1.5, Up Time: 0 days 0 hours 11 minutes and 23 seconds, Contact: Alcatel-Lucent Enterprise, https://www.al-enterprise.com, Name: OS6450-C24, Location: Unknown, Services: 72, Date & Time: MON APR 29 2019 18:04:06 (UTC) Flash Space: Primary CMM: Available (bytes): 54280192, Comments : None -> show system System: Description: Alcatel-Lucent Enterprise OS6450-24 6.7.2.114.R05 GA, January 31, 2019., Object ID: 1.3.6.1.4.1.6486.800.1.1.2.1.12.1.5, Up Time: 0 days 0 hours 12 minutes and 11 seconds, Contact: Alcatel-Lucent Enterprise, https://www.al-enterprise.com, Name: OS6450-C24, Location: ORT, Services: 72, Date & Time: MON APR 29 2019 18:04:53 (UTC) Flash Space: Primary CMM: Available (bytes): 54280192, Comments : None -> -> -> -> -> MON APR 29 18:05:37 : CSM-CHASSIS (103) info message: +++ == CSM == CERTIFYing software process started +++ == CSM == Setting CERTIFY Timeout for 800 seconds from /flash/working to /flash/certified Copying boot.cfg .................... completed +++ == CSM == Stack 1 Certify process Completed MON APR 29 18:05:38 : CSM-CHASSIS (103) info message: +++ == CSM == CERTIFY process completed successfully -> -> show cloud-agent status Admin State : Enabled, Activation Server State : completeOK, Device State : DeviceManaged, Error State : None, Cloud Group : XXXXXXXXXXabc, DHCP Address : 192.168.2.158, DHCP IP Address Mask : 255.255.255.0, Gateway : 192.168.2.10, Activation Server : activation.myovcloud.com:443, Network ID : -, NTP Server : clock3.ovcirrus.com,clock2.ovcirrus.com,clock0.ovcirrus.com,clock1.ovcirrus.com, DNS Server : 192.168.2.1, DNS Domain : home, Proxy Server : -, VPN Server : XXXXXXXXXXabc.tenant.vpn.myovcloud.com:443, Pre-provision Server : XXXXXXXXXXxyz.tenant.ovd.myovcloud.com:80, OV Tenant : XXXXXXXXX.ov.ovcirrus.com:443, VPN DPD Time (sec) : -, Image Server : -, Image Download Retry count : -, Discovery Interval (min) : 5, Time to Next Call Home (sec) : 48, Call-home Timer Status : RUNNING, Discovery Retry Count : 1 Certificate Status : CONSISTENT