ALE OmniSwitch mit OmniVista Cirrus

Einbindung OmniSwitch 6450 inkl. Upgrade des AOS in OmniVista Cirrus

Der Switch kam ohne Konfiguration mit einer zu aktualisierenden AOS Version (Build 113 vs. Build 114) online. Der Vorgang musste erneut angestoßen werden, da der Switch die Zeit mit dem NTP-Server nicht schnell genug abgeglichen hat. Das wäre innerhalb von 30 Minuten auch automatisch passiert, aber so lange wollte ich nicht warten. Der OmniSwitch lädt jeweils auch signature Dateien herunter damit

MON JAN 01 01:36:53 : CSM-CHASSIS (103) info message:
+++ == CSM == CMM startup completed 
+++ == CSM == ---------------------------------------------------------------- 
+++ == CSM == SW Activation In Progress, CERTIFY & FLASH SYNCHRO may be needed 
+++ == CSM == ---------------------------------------------------------------- 

MON JAN 01 01:36:53 : REMOTE_CONFIG (125) info message:
+++ Automatic Remote configuartion Initiated 

MON JAN 01 01:36:53 : CLI (67) info message:
+++ Starting new CLI console session
Successfully sent the I2C read message to NISUP!!

MON JAN 01 01:37:06 : INTERFACE (6) info message:
+++  NIs are ready 

MON JAN 01 01:37:27 : IP-HELPER (22) error message:
+++ relayRecvAck: TFTP Server Name Option is NULL or greater than 64
+++ relayRecvAck: TFTP Boot File Name Option is NULL or greater than 64

MON JAN 01 01:37:56 : IP-HELPER (22) error message:
+++ relayRecvAck: TFTP Server Name Option is NULL or greater than 64
+++ relayRecvAck: TFTP Boot File Name Option is NULL or greater than 64

MON JAN 01 01:37:56 : REMOTE_CONFIG (125) info message:
+++  DHCP Response message received for remote config 

MON JAN 01 01:37:56 : CLOUD-AGENT (167) info message:
+++ DHCP client message arrived

MON JAN 01 01:37:57 : CLOUD-AGENT (167) warning message:
+++  Running Config updated by Cloud-Agent!
+++  Save and Sync Config for Takeover Readiness (Do 'write memory flash-synchro')!

MON JAN 01 01:37:58 : SYSTEM (75) alert message:
+++ Resolver enabled!

MON JAN 01 01:37:58 : CLOUD-AGENT (167) info message:
+++ Switch will now contact Activation Server by doing Call-Home!

MON JAN 01 01:38:00 : CLOUD-AGENT (167) error message:
+++ SSL certificate problem: certificate is not yet valid
+++ continue_multi_perform: Peer certificate cannot be authenticated with given CA c
+++ [Count.]ertificates(60)
+++ HTTP POST request on Activation Server failed
+++ CallHome Request returned failure

login : admin
password : 
  
Welcome to the Alcatel-Lucent Enterprise OmniSwitch 6450
Software Version 6.7.2.113.R05 GA, December 06, 2018. 

Copyright(c), ALE USA Inc., 2017. All Rights reserved.

OmniSwitch(TM) is a trademark of Alcatel-Lucent Enterprise registered
in the United States Patent and Trademark Office.
  
-> 
-> 
-> show system
System:
  Description:  Alcatel-Lucent Enterprise OS6450-24 6.7.2.113.R05 GA, December 06, 2018.,
  Object ID:    1.3.6.1.4.1.6486.800.1.1.2.1.12.1.5,
  Up Time:      0 days 0 hours 3 minutes and 29 seconds,
  Contact:      Alcatel-Lucent Enterprise, https://www.al-enterprise.com,
  Name:         vxTarget,
  Location:     Unknown,
  Services:     72,
  Date & Time:  MON JAN 01 2001  01:38:31 (UTC)

Flash Space:
    Primary CMM:
      Available (bytes):  54441984,
      Comments         :  None

-> show configuration snapshot ntp 
! NTP :
ntp server unsynchronized
ntp server clock0.ovcirrus.com key 0 version 4 minpoll 4  iburst
ntp server clock1.ovcirrus.com key 0 version 4 minpoll 4  iburst
ntp server clock3.ovcirrus.com key 0 version 4 minpoll 4  iburst
ntp server clock2.ovcirrus.com key 0 version 4 minpoll 4  iburst
ntp client enable
-> ping heise.de
PING heise.de (193.99.144.80): 56 data bytes
64 bytes from heise.de (193.99.144.80): icmp_seq=0. time=28. ms
64 bytes from heise.de (193.99.144.80): icmp_seq=1. time=15. ms
----heise.de PING Statistics----
2 packets transmitted, 2 packets received, 0% packet loss
round-trip (ms)  min/avg/max = 15/21/28

-> show system                    
System:
  Description:  Alcatel-Lucent Enterprise OS6450-24 6.7.2.113.R05 GA, December 06, 2018.,
  Object ID:    1.3.6.1.4.1.6486.800.1.1.2.1.12.1.5,
  Up Time:      0 days 0 hours 4 minutes and 13 seconds,
  Contact:      Alcatel-Lucent Enterprise, https://www.al-enterprise.com,
  Name:         vxTarget,
  Location:     Unknown,
  Services:     72,
  Date & Time:  MON APR 29 2019  17:40:18 (UTC)

Flash Space:
    Primary CMM:
      Available (bytes):  54441984,
      Comments         :  None

-> show cloud-agent 
                  ^
ERROR: Incomplete command
-> show cloud-agent status 
Admin State                  : Enabled, 
Activation Server State      : Unknown,
Device State                 : Error,
Error State                  : ActivationServerUnreachable,
Cloud Group                  : unknown,
DHCP Address                 : 192.168.2.158,
DHCP IP Address Mask         : 255.255.255.0,
Gateway                      : 192.168.2.10,
Activation Server            : activation.myovcloud.com:443,
Network ID                   : -,
NTP Server                   : clock0.ovcirrus.com,clock1.ovcirrus.com,clock3.ovcirrus.com,clock2.ovcirrus.com,
DNS Server                   : 192.168.2.1,
DNS Domain                   : home,
Proxy Server                 : -,
VPN Server                   : -,
Pre-provision Server         : -,
OV Tenant                    : -,
VPN DPD Time (sec)           : -,
Image Server                 : -,
Image Download Retry count   : -,
Discovery Interval (min)     : 30,
Time to Next Call Home (sec) : 1708, 
Call-home Timer Status       : RUNNING,
Discovery Retry Count        : 0
Certificate Status           : CONSISTENT

-> cloud-agent ?
              ^
              REMOVE-INCONSISTENT-CERTIFICATE DISCOVERY-INTERVAL ADMIN-STATE 
 (Cloud Agent Command Set)


-> cloud-agent admin-state ?
                          ^
                          RESTART ENABLE DISABLE 
 (Cloud Agent Command Set)


-> cloud-agent admin-state res
MON APR 29 17:40:55 : NTP (29) info message:
+++  NTP Active server is 138.201.16.225 
tart
-> show cloud-agent 
                  ^
ERROR: Incomplete command
-> show cloud-agent status
Admin State                  : Enabled, 
Activation Server State      : Unknown,
Device State                 : Error,
Error State                  : ActivationServerUnreachable,
Cloud Group                  : unknown,
DHCP Address                 : 192.168.2.158,
DHCP IP Address Mask         : 255.255.255.0,
Gateway                      : 192.168.2.10,
Activation Server            : activation.myovcloud.com:443,
Network ID                   : -,
NTP Server                   : clock0.ovcirrus.com,clock1.ovcirrus.com,clock3.ovcirrus.com,clock2.ovcirrus.com,
DNS Server                   : 192.168.2.1,
DNS Domain                   : home,
Proxy Server                 : -,
VPN Server                   : -,
Pre-provision Server         : -,
OV Tenant                    : -,
VPN DPD Time (sec)           : -,
Image Server                 : -,
Image Download Retry count   : -,
Discovery Interval (min)     : 30,
Time to Next Call Home (sec) : 1669, 
Call-home Timer Status       : RUNNING,
Discovery Retry Count        : 0
Certificate Status           : CONSISTENT

-> show configuration snapshot 
! Stack Manager :
! Chassis :
system daylight savings time disable
mac-retention status enable
! Configuration:
! VLAN :
vlan 1 enable name "VLAN 1"
vlan 127 enable name "VLAN 127"
! VLAN SL:
! IP :
ip service all
ip interface dhcp-client vlan 1 ifindex 1
! IPMS :
! AAA :
aaa authentication ssh "local" 
! PARTM :
! 802.1x :
! QOS :
! Policy manager :
! Session manager :
! SNMP :
! RIP :
! IPv6 :
! IP multicast :
! IPRM :
! RIPng :
! Health monitor :
health threshold temperature 78
! Interface :
! Udld :
! Port Mapping :
! Link Aggregate :
! VLAN AGG:
! 802.1Q :
vlan 127 802.1q 1/25 "TAG PORT 1/25 VLAN 127"
vlan 127 802.1q 1/26 "TAG PORT 1/26 VLAN 127"
! Spanning tree :
bridge mode 1x1 
! Bridging :
! Bridging :
! Port mirroring :
! UDP Relay :
! System service :
ip name-server 192.168.2.1
ip domain-name home
ip domain-lookup
swlog console level info
! SSH :
! VRRP :
! Web :
! AMAP :
! Lan  Power :
! NTP :
ntp server unsynchronized
ntp server clock0.ovcirrus.com key 0 version 4 minpoll 4  iburst
ntp server clock1.ovcirrus.com key 0 version 4 minpoll 4  iburst
ntp server clock3.ovcirrus.com key 0 version 4 minpoll 4  iburst
ntp server clock2.ovcirrus.com key 0 version 4 minpoll 4  iburst
ntp client enable
! RDP :
! VLAN STACKING:
! Ethernet-OAM :
! EFM-OAM :
! SAA :
! Loopback-detection :
! ERP :
! TEST-OAM :
! PPPOE-IA :
! Link-fault-propagation :
! DHL :
! LLDP :
! DHCP Server :
! Stack Split-Protection Helper :
! Openflow :
! DHCPv6 :
! TWAMP :
! CLOUD-AGENT :
cloud-agent admin-state enable 
-> show vlan 
                              stree                 mble   src        
 vlan  type  admin   oper   1x1   flat   auth   ip   tag   lrn   name
-----+-----+------+------+------+------+----+-----+-----+------+----------
   1    std   on     on     on    on     off    on   off     on   VLAN 1                          
 127    std   on    off     on    on     off   off   off     on   VLAN 127                        

-> show cloud-agent status    
Admin State                  : Enabled, 
Activation Server State      : Unknown,
Device State                 : Error,
Error State                  : ActivationServerUnreachable,
Cloud Group                  : unknown,
DHCP Address                 : 192.168.2.158,
DHCP IP Address Mask         : 255.255.255.0,
Gateway                      : 192.168.2.10,
Activation Server            : activation.myovcloud.com:443,
Network ID                   : -,
NTP Server                   : clock0.ovcirrus.com,clock1.ovcirrus.com,clock3.ovcirrus.com,clock2.ovcirrus.com,
DNS Server                   : 192.168.2.1,
DNS Domain                   : home,
Proxy Server                 : -,
VPN Server                   : -,
Pre-provision Server         : -,
OV Tenant                    : -,
VPN DPD Time (sec)           : -,
Image Server                 : -,
Image Download Retry count   : -,
Discovery Interval (min)     : 30,
Time to Next Call Home (sec) : 1611, 
Call-home Timer Status       : RUNNING,
Discovery Retry Count        : 0
Certificate Status           : CONSISTENT

-> cloud-agent admin-state restart
-> 
MON APR 29 17:42:26 : CLOUD-AGENT (167) info message:
+++ Switch will now contact Activation Server by doing Call-Home!

MON APR 29 17:42:28 : CLOUD-AGENT (167) info message:
+++ cloudProcessStatus : gotCertificate(3)

MON APR 29 17:42:29 : CLOUD-AGENT (167) info message:
+++ Please check the status of debug file 'libcurl_log' 
+++ Switch will now contact Activation Server by doing Call-Home!

MON APR 29 17:42:32 : CLOUD-AGENT (167) info message:
+++ cloudProcessStatus : upgradeSw(10)
+++ Starting Download: '/flash/working/KFbase.img'
login : 
MON APR 29 17:48:09 : CSM-CHASSIS (103) info message:
+++ == CSM == Stack topology changes have been updated to persistant file 

MON APR 29 17:48:35 : CLOUD-AGENT (167) info message:
+++ Finished Download of Image: '/flash/working/KFbase.img'

MON APR 29 17:48:37 : CLOUD-AGENT (167) info message:
+++ Starting Download: '/flash/working/KFbase.img.sig'

MON APR 29 17:48:38 : CLOUD-AGENT (167) info message:
+++ Finished Download of Image Signature: '/flash/working/KFbase.img.sig'

MON APR 29 17:48:49 : CLOUD-AGENT (167) info message:
+++ Signature Verified OK : /flash/working/KFbase.img
+++ Starting Download: '/flash/working/KFeni.img'

MON APR 29 17:50:39 : CLOUD-AGENT (167) info message:
+++ Finished Download of Image: '/flash/working/KFeni.img'

MON APR 29 17:50:40 : CLOUD-AGENT (167) info message:
+++ Starting Download: '/flash/working/KFeni.img.sig'

MON APR 29 17:50:41 : CLOUD-AGENT (167) info message:
+++ Finished Download of Image Signature: '/flash/working/KFeni.img.sig'

MON APR 29 17:50:45 : CLOUD-AGENT (167) info message:
+++ Signature Verified OK : /flash/working/KFeni.img
+++ Starting Download: '/flash/working/KFos.img'

MON APR 29 17:51:48 : CLOUD-AGENT (167) info message:
+++ Finished Download of Image: '/flash/working/KFos.img'
+++ Starting Download: '/flash/working/KFos.img.sig'

MON APR 29 17:51:49 : CLOUD-AGENT (167) info message:
+++ Finished Download of Image Signature: '/flash/working/KFos.img.sig'

MON APR 29 17:51:52 : CLOUD-AGENT (167) info message:
+++ Signature Verified OK : /flash/working/KFos.img
+++ Starting Download: '/flash/working/KFsecu.img'

MON APR 29 17:52:05 : CLOUD-AGENT (167) info message:
+++ Finished Download of Image: '/flash/working/KFsecu.img'
+++ Starting Download: '/flash/working/KFsecu.img.sig'

MON APR 29 17:52:06 : CLOUD-AGENT (167) info message:
+++ Finished Download of Image Signature: '/flash/working/KFsecu.img.sig'
+++ Signature Verified OK : /flash/working/KFsecu.img
+++ setup_next_multi_perform: All image and signature files downloaded and verified 
+++ [Count.]successfully!
+++ All images downloaded and verified OK!
+++ upgradeImageState : fileDownloadedOK(1)

MON APR 29 17:52:09 : CLOUD-AGENT (167) info message:
+++ All set for Reload
CLOUD_AGENT: Doing a Reload working

MON APR 29 17:52:09 : CSM-CHASSIS (103) info message:
+++ == CSM == !!! ACTIVATING !!! 

MON APR 29 17:52:09 : CLOUD-AGENT (167) info message:
+++ Doing a Reload working 

nach dem neustart (wg. Software Update)

MON APR 29 17:54:32 : CSM-CHASSIS (103) info message:
+++ == CSM == CMM startup completed 
+++ == CSM == ---------------------------------------------------------------- 
+++ == CSM == SW Activation In Progress, CERTIFY & FLASH SYNCHRO may be needed 
+++ == CSM == ---------------------------------------------------------------- 

MON APR 29 17:54:32 : REMOTE_CONFIG (125) info message:
+++ Automatic Remote configuartion Initiated 

MON APR 29 17:54:32 : CLI (67) info message:
+++ Starting new CLI console session
Successfully sent the I2C read message to NISUP!!

MON APR 29 17:54:45 : INTERFACE (6) info message:
+++  NIs are ready 

MON APR 29 17:55:06 : IP-HELPER (22) error message:
+++ relayRecvAck: TFTP Server Name Option is NULL or greater than 64
+++ relayRecvAck: TFTP Boot File Name Option is NULL or greater than 64

MON APR 29 17:55:35 : IP-HELPER (22) error message:
+++ relayRecvAck: TFTP Server Name Option is NULL or greater than 64
+++ relayRecvAck: TFTP Boot File Name Option is NULL or greater than 64

MON APR 29 17:55:35 : REMOTE_CONFIG (125) info message:
+++  DHCP Response message received for remote config 

MON APR 29 17:55:35 : CLOUD-AGENT (167) info message:
+++ DHCP client message arrived

MON APR 29 17:55:36 : CLOUD-AGENT (167) warning message:
+++  Running Config updated by Cloud-Agent!
+++  Save and Sync Config for Takeover Readiness (Do 'write memory flash-synchro')!

MON APR 29 17:55:37 : SYSTEM (75) alert message:
+++ Resolver enabled!

MON APR 29 17:55:37 : CLOUD-AGENT (167) info message:
+++ Switch will now contact Activation Server by doing Call-Home!

MON APR 29 17:55:40 : CLOUD-AGENT (167) info message:
+++ cloud_agent_decode_call_home :cloudProcessStatus : deviceCloudManaged(4)

MON APR 29 17:55:45 : CLOUD-AGENT (167) info message:
+++ OpenVPN Initiated 

MON APR 29 17:55:49 : CLOUD-AGENT (167) info message:
+++ Got a task status update from OpenVPN, tun addr = 0x80fb002a, status = SUCCESS

MON APR 29 17:56:18 : CLOUD-AGENT (167) info message:
+++ cloudProcessStatus : completeOK(1)

MON APR 29 17:56:49 : CLOUD-AGENT (167) info message:
+++ boot.cfg written to /flash/working directory!

MON APR 29 17:56:50 : CSM-CHASSIS (103) info message:
+++ == CSM == CERTIFYing software process started 
+++ == CSM == Setting CERTIFY Timeout for 800 seconds
 
from /flash/working to /flash/certified
Copying KFbase.img                           ....................          completed
from /flash/working to /flash/certified
Copying KFeni.img                            .....
MON APR 29 17:57:14 : NTP (29) info message:
+++  NTP Active server is 178.63.9.110 
...............          completed
from /flash/working to /flash/certified
Copying KFos.img                             ....................          completed
from /flash/working to /flash/certified
Copying KFsecu.img                           ....................          completed
from /flash/working to /flash/certified
Copying KFbase.img.sig                       ....................          completed
from /flash/working to /flash/certified
Copying KFeni.img.sig                        ....................          completed
from /flash/working to /flash/certified
Copying KFos.img.sig                         ....................          completed
from /flash/working to /flash/certified
Copying KFsecu.img.sig                       ....................          completed
from /flash/working to /flash/certified
Copying boot.cfg                             ....................          completed

+++ == CSM == Stack 1 Certify process Completed

MON APR 29 17:57:22 : CSM-CHASSIS (103) info message:
+++ == CSM == CERTIFY process completed successfully 

MON APR 29 17:57:23 : CLOUD-AGENT (167) info message:
+++ Activation state: ACTIVN_STATE_COMPLETED

login : admin
password : 
  
Welcome to the Alcatel-Lucent Enterprise OmniSwitch 6450
Software Version 6.7.2.114.R05 GA, January 31, 2019. 

Copyright(c), ALE USA Inc., 2017. All Rights reserved.

OmniSwitch(TM) is a trademark of Alcatel-Lucent Enterprise registered
in the United States Patent and Trademark Office.
  
-> 
-> 
-> show user
User name = admin,
  Password expiration     = None,
  Password allow to be modified date     = None,
  Account lockout     = None,
  Password bad attempts     = 0,
  Read Only for domains   = None,
  Read/Write for domains  = All ,
  Read Only for view    = None,
  Read/Write for view    = None,
  Snmp allowed     = NO,
  Console-Only    = Disabled
User name = default (*),
  Password expiration     = None,
  Password allow to be modified date     = None,
  Account lockout     = None,
  Password bad attempts     = 0,
  Read Only for domains   = None,
  Read/Write for domains  = None,
  Read Only for view    = None,
  Read/Write for view    = None,
  Snmp allowed     = NO,
  Console-Only    = Disabled,
(*)Note:
  The default user is not an active user account.
  It contains the default user account settings,
  for new user accounts.

User name = ov-cirrus,
  Password expiration     = None,
  Password allow to be modified date     = None,
  Account lockout     = None,
  Password bad attempts     = 0,
  Read Only for domains   = None,
  Read/Write for domains  = All ,
  Read Only for view    = None,
  Read/Write for view    = None,
  Snmp allowed     = YES,
  Snmp authentication     = SHA,
  Snmp encryption     = NONE,
  Console-Only    = Disabled

-> show running-directory 

CONFIGURATION STATUS
   Running CMM              : PRIMARY,
   CMM Mode                 : MONO CMM,
   Current CMM Slot         : 1,
   Running configuration    : WORKING,
   Certify/Restore Status   : CERTIFIED
SYNCHRONIZATION STATUS
   Running Configuration    : NOT SYNCHRONIZED,

-> 
MON APR 29 18:02:26 : CLOUD-AGENT (167) info message:
+++ Switch will now contact Activation Server by doing Call-Home!

MON APR 29 18:02:26 : NTP (29) info message:
+++  NTP Active server is 217.144.138.234 

MON APR 29 18:02:29 : CLOUD-AGENT (167) info message:
+++ cloud_agent_decode_call_home :cloudProcessStatus : deviceCloudManaged(4)

MON APR 29 18:03:02 : CLOUD-AGENT (167) info message:
+++ cloudProcessStatus : completeOK(1)

MON APR 29 18:03:04 : CLOUD-AGENT (167) info message:
+++ Activation state: ACTIVN_STATE_COMPLETED

-> show system 
System:
  Description:  Alcatel-Lucent Enterprise OS6450-24 6.7.2.114.R05 GA, January 31, 2019.,
  Object ID:    1.3.6.1.4.1.6486.800.1.1.2.1.12.1.5,
  Up Time:      0 days 0 hours 11 minutes and 23 seconds,
  Contact:      Alcatel-Lucent Enterprise, https://www.al-enterprise.com,
  Name:         OS6450-C24,
  Location:     Unknown,
  Services:     72,
  Date & Time:  MON APR 29 2019  18:04:06 (UTC)

Flash Space:
    Primary CMM:
      Available (bytes):  54280192,
      Comments         :  None

-> show system
System:
  Description:  Alcatel-Lucent Enterprise OS6450-24 6.7.2.114.R05 GA, January 31, 2019.,
  Object ID:    1.3.6.1.4.1.6486.800.1.1.2.1.12.1.5,
  Up Time:      0 days 0 hours 12 minutes and 11 seconds,
  Contact:      Alcatel-Lucent Enterprise, https://www.al-enterprise.com,
  Name:         OS6450-C24,
  Location:     ORT,
  Services:     72,
  Date & Time:  MON APR 29 2019  18:04:53 (UTC)

Flash Space:
    Primary CMM:
      Available (bytes):  54280192,
      Comments         :  None

-> 
-> 
-> 
-> 
-> 
MON APR 29 18:05:37 : CSM-CHASSIS (103) info message:
+++ == CSM == CERTIFYing software process started 
+++ == CSM == Setting CERTIFY Timeout for 800 seconds
 
from /flash/working to /flash/certified
Copying boot.cfg                             ....................          completed

+++ == CSM == Stack 1 Certify process Completed

MON APR 29 18:05:38 : CSM-CHASSIS (103) info message:
+++ == CSM == CERTIFY process completed successfully 

-> 
-> show cloud-agent status
Admin State                  : Enabled, 
Activation Server State      : completeOK,
Device State                 : DeviceManaged,
Error State                  : None,
Cloud Group                  : XXXXXXXXXXabc,
DHCP Address                 : 192.168.2.158,
DHCP IP Address Mask         : 255.255.255.0,
Gateway                      : 192.168.2.10,
Activation Server            : activation.myovcloud.com:443,
Network ID                   : -,
NTP Server                   : clock3.ovcirrus.com,clock2.ovcirrus.com,clock0.ovcirrus.com,clock1.ovcirrus.com,
DNS Server                   : 192.168.2.1,
DNS Domain                   : home,
Proxy Server                 : -,
VPN Server                   : XXXXXXXXXXabc.tenant.vpn.myovcloud.com:443,
Pre-provision Server         : XXXXXXXXXXxyz.tenant.ovd.myovcloud.com:80,
OV Tenant                    : XXXXXXXXX.ov.ovcirrus.com:443,
VPN DPD Time (sec)           : -,
Image Server                 : -,
Image Download Retry count   : -,
Discovery Interval (min)     : 5,
Time to Next Call Home (sec) : 48, 
Call-home Timer Status       : RUNNING,
Discovery Retry Count        : 1
Certificate Status           : CONSISTENT