Summary of Contents for Alcatel-Lucent OmniSwitch AOS Release 6
Page 1
Part No. 060215-10, Rev. N July 2010 OmniSwitch AOS Release 6 Switch Management Guide www.alcatel-lucent.com OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Copy an Existing File ..................1-14 Secure Copy an Existing File .................1-15 Move an Existing File or Directory ..............1-15 Change File Attribute and Permissions ............1-16 Delete an Existing File ..................1-16 Managing Files on Switches ................1-17 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 4
User Accounts ......................2-6 Using Telnet ........................2-7 Logging Into the Switch Via Telnet .................2-7 Starting a Telnet Session from the Switch ...............2-7 Using FTP ........................2-9 Using FTP to Log Into the Switch ................2-9 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 5
SNMP Traps Table ....................3-10 Using SNMP For Switch Security ................3-47 Community Strings (SNMPv1 and SNMPv2) ............3-47 Configuring Community Strings ..............3-47 Encryption and Authentication (SNMPv3) ............3-48 Configuring Encryption and Authentication ...........3-48 Setting SNMP Security ...................3-49 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 6
Where is the Switch Running From? ..............5-5 Software Rollback Feature ..................5-5 Software Rollback Configuration Scenarios for a Single Switch .....5-6 Redundancy ......................5-10 Redundancy Scenarios ..................5-10 Managing the Directory Structure (Non-Redundant) ...........5-14 Rebooting the Switch .....................5-14 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 7
Command Line Editing ....................6-9 Deleting Characters ...................6-9 Recalling the Previous Command Line ............6-10 Inserting Characters ..................6-10 Syntax Checking ....................6-11 Prefix Recognition ....................6-11 Example for Using Prefix Recognition ............6-12 Prefix Prompt ....................6-13 Command History ....................6-13 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 8
User-Defined Naming Options ................7-11 Editing Snapshot Files ..................7-11 Verifying File Configuration ..................7-14 Chapter 8 Managing Automatic Remote Configuration Download ......... 8-1 In This Chapter ........................8-1 Automatic Remote Configuration Specifications ............8-2 viii OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 9
Detecting a Duplicate MAC Address ...............9-6 Configuring MAC Release ..................9-6 MAC Retention Applications ..................9-7 Software Failure .......................9-7 Link Failure ......................9-8 Chapter 10 Managing Switch User Accounts ................10-1 In This Chapter ......................10-1 User Database Specifications ..................10-2 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 10
Verifying the User Configuration ................10-23 Chapter 11 Managing Switch Security ..................11-1 In This Chapter ......................11-1 Switch Security Specifications ..................11-2 Switch Security Defaults ....................11-2 Switch Security Overview .....................11-3 Authenticated Switch Access ..................11-4 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 11
Adjacencies ......................12-19 WebView Help ......................12-21 General WebView Help ..................12-21 Specific-page Help ....................12-21 Appendix A Software License and Copyright Statements ............. A-1 Alcatel-Lucent License Agreement ................A-1 ALCATEL-LUCENT SOFTWARE LICENSE AGREEMENT ......A-1 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 12
U. CURSES ......................A-15 V. ZModem ......................A-15 W. Boost Software License ................... A-15 X. OpenLDAP ...................... A-15 Y. BITMAP.C ....................... A-16 Z. University of Toronto ..................A-16 AA.Free/OpenBSD ....................A-16 Index ........................Index-1 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
About This Guide This OmniSwitch AOS Release 6 Switch Management Guide describes basic attributes of your switch and basic switch administration tasks. The software features described in this manual are shipped standard with your OmniSwitch 6400 Series, OmniSwitch 6850 Series, OmniSwitch 6855 Series, and OmniSwitch 9000 Series switches.
The CLI, including on-line configuration, command-building help, syntax error checking, and line edit- ing. • Basic security features, such as switch access control and customized user accounts. • SNMP • Web-based management (WebView) page xiv OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Many chapters include tutorials or application examples that help convey how CLI commands can be used together to set up a particular feature. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page xv...
OmniSwitch. The Advanced Routing Configuration Guide includes configuration information for networks using advanced routing technologies (OSPF and BGP) and multicast routing protocols (DVMRP and PIM-SM). page xvi OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 17
CLI-to-MIB variable mapping information for all CLI commands supported by the switch. This guide can be consulted anytime during the configuration process to find detailed and specific information on each CLI command. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page xvii...
Related Documentation About This Guide Related Documentation The following are the titles and descriptions of all the related OmniSwitch AOS Release 6 user manuals: • OmniSwitch 6400 Series Getting Started Guide Describes the hardware and software procedures for getting an OmniSwitch 6400 Series switch up and running.
Page 19
(authenticated VLANs), Quality of Service (QoS), and link aggregation. • OmniSwitch AOS Release 6 Advanced Routing Configuration Guide Includes network configuration procedures and descriptive information on all the software features and protocols included in the advanced routing software package. Chapters cover multicast routing (DVMRP and PIM-SM), and OSPF.
Support web page, you’ll be able to view and update any case (open or closed) that you have reported to Alcatel-Lucent’s technical support, open a new case or access helpful release notes, technical bulletins, and manuals. For more information on Alcatel-Lucent’s Service Programs, see our web page at service.esd.alcatel-lucent.com, call us at 1-800-995-2696, or email us at esd.support@alcatel-lucent.com.
“Setting the System Clock” on page 1-37 For related information about connecting a terminal to the switch, see your Getting Started Guide. For information about switch command privileges, see Chapter 11, “Managing Switch Security.” OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-1...
System Clock Set local date, time and time zone, Universal Time Coordinate (UTC), Daylight Savings (DST or summertime). System Date Default Value THU JAN 01 1970 (Thursday, January 1, 1970) page 1-2 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Over the life of the switch, it is very likely that your configuration and feature set will change because the needs of your network are likely to expand. Also, software updates become available from Alcatel-Lucent. If you change your configuration to upgrade your network, you must understand how to install switch files and to manage switch directories.
Page 26
• The value shown at the bottom of the display indicates the amount of flash memory remaining for use in this directory (9.47 megabytes in the above example). page 1-6 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
The single and multiple character wildcards can be used in combination. The following command lists all entries containing the letter i followed by any two single characters. -> ls *i?? Listing Directory /flash: 2048 Aug 12 18:51 working/ OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-7...
The display shows the name of the current directory and its path. If your current directory is the certified directory and you enter the command, the following will be displayed: -> pwd /flash/certified -> The display shows the path to your current directory. page 1-8 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
In other words, if you use while your current directory is /flash, your current directory will remain /flash after you execute the command. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-9...
The following command makes a new directory in the working directory on an OmniSwitch: -> mkdir /flash/working/newdir1 Flash Directory Working Directory (Files) newdir1 Directory Ksecu.img Kbase.img boot.cfg This drawing represents the content of the /flash/working directory after the new directory is added. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-11...
1-8, the working directory would be removed from the certified directory. ->rm -r /flash/certified/working Note. Your login account must have write privileges to execute the rmdir command. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-13...
In each case, the file being copied will remain in its original location. Note. You must have write privileges in order to execute the command. page 1-14 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Note. Your login account must have write privileges to use the move command. Flash Directory Certified Directory Testfiles Directory (Files) (File) testfile2 Working Directory Network Directory (Files) (File) policy.cfg OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-15...
If you are in another directory, you must specify the path and name for the file being deleted. The user of this command must have write privileges for any file being deleted. -> delete /flash/config.txt page 1-16 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
While performing the repair operation, the switch will display the errors found and specify those errors that have been repaired. If there are no errors found, then just the file system information is displayed. page 1-18 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Caution. This command will delete all of the switch’s system files. All configurations programmed into the switch will be lost. Do not use this command unless you are prepared to reload all files. OmniSwitch AOS Release 6 Switch Management Guide July 2010...
1-21. • USB Flash Drive—You can copy files to and from an Alcatel-Lucent certified USB flash drive connected to the CMM. The switch can also boot from the image files stored on the USB drive using the disaster recovery feature. For details see “Using the USB Flash Drive”...
OmniSwitch to retrieve File Server a file from a file server OmniSwitch FTP Client FTP Server OmniSwitch FTP Client Use the switch command to start its FTP client. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-21...
Page 42
Set transfer type to ASCII (7-bit). binary Set transfer type to binary (8-bit). Close session gracefully. Change to a new directory on the remote machine. delete Delete a file on the remote machine. page 1-22 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
You can use the sftp6 command followed by the IPv6 address or hostname of the SFTPv6 server to start an SFTPv6 session over an IPv6 environment. For example: -> sftp6 fe80::a00:20ff:fea8:8961 int1 OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-23...
This display indicates the Secure Shell FTP session with IP address 11.333.20.135 is closed. The user is now logged into the OmniSwitch as a local device with no active remote connection. page 1-24 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
A TFTP server does not prompt for a user to login and only one active TFTP session is allowed at any point of time. Note. When downloading a file to the switch, the file size must not exceed the available flash space. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-25...
Note. Files transferred via Zmodem are loaded into the flash directory. Before the new files can be used by the switch, you must transfer them to the switch’s /flash/working directory and reboot the switch. page 1-26 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Other files can be put into this directory if desired. The path to this directory is /flash/network. For more information on switch directories refer to Chapter 5, “Managing CMM Directory Content.” OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-27...
Base Software NI image for all Ethernet-type NIs Jos.img Base Software CMM Operating System Jqos.img Base Software CMM Quality of Service Jrout.img Base Software CMM Routing (IP and IPX) page 1-28 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 49
Managing System Files Registering Software Image Files Archive File Name Base or Optional Software Description Jsecu.img Optional Security CMM Security (AVLANS) OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-29...
727663 Aug 4 10:33 Keni.img 5519 Aug 4 10:34 Keni.img 880 Sep 31 13:05 boot.cfg This list verifies that the file is located on the switch in the /flash/working directory. page 1-30 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
6 Aug 5 17:03 test3.txt Use the command to move the test files from /flash/working to /flash/resources. -> mv test1.txt /flash/resources -> mv test2.txt /flash/resources -> mv test3.txt /flash/resources OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-31...
/flash/working. Use the command to verify. -> cd working -> ls Listing Directory /flash/working: 2048 Aug 3 12:32 ./ 2048 Aug 14 10:58 ../ 450 Aug 13 10:02 rrtest1.txt page 1-32 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 53
/flash/working, which is the location from which you initiated the FTP client session. Use the CLI command to verify your current directory. ftp> quit 221 Bye -> pwd /flash/working OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-33...
Use the ls command again to list the contents of the current (flash) directory. Note that the “newssdir” directory appears toward the bottom of the following list. sftp> ls page 1-34 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
This display indicates the Secure Shell FTP session with IP address 11.333.20.135 is closed. The user is now logged into the OmniSwitch as a local device with no active remote connection. OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Displays the contents of a specified directory or the current working directory. Displays the content of a non primary switch in a stack. For more information about these commands, see the OmniSwitch CLI Reference Guide. page 1-36 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
“Enabling DST” on page 1-40 for time zone abbrevia- tions. The following command sets the system clock to run on Pacific standard time: -> system timezone pst PST: (Coordinated Universal Time) UTC-8 hours OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-37...
The following command will set the switch’s system time to 10:45:00 a.m: -> system time 10:45:00 The following command will set the switch’s system time to 3:14:00 p.m: -> system time 15:41:00 page 1-38 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
(?) character in the command syntax to invoke the CLI’s help feature as described in the “Using the CLI” chapter of this manual. Note. By default, Daylight Savings Time is disabled. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-39...
Last Sunday in Oct. 1:00 at 2:00 a.m. at 3:00 a.m. Eastern Europe +02:00 Last Sunday in Mar. Last Sunday in Oct. 1:00 at 2:00 a.m. at 3:00 a.m. page 1-40 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 61
Last Sunday in Oct. 1:00 2:00 a.m. at 2:00 a.m. Hawaii -10:00 No default No default No default zm11 No standard name -11:00 No default No default No default OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 1-41...
Page 62
Setting the System Clock Managing System Files page 1-42 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
HTTP client (browser) on a remote workstation; and SNMP, which requires an SNMP manager (such as Alcatel-Lucent’s OmniVista or HP OpenView) on the remote workstation. Secure sessions are available using the Secure Shell interface; file transfers are done via FTP or Secure Shell FTP.
The following table describes the maximum number of sessions allowed on an OmniSwitch: page 2-2 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 65
Logging Into the Switch Login Defaults OS6400/OS6850/ Session OS9000/9000E OS6855 Telnet (v4 or v6) FTP (v4 or v6) SSH + SFTP (v4 or v6 secure sessions) HTTP Total Sessions SNMP OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 2-3...
For information about changing the login prompt, see Chapter 6, “Using the CLI.” For information about setting up additional user accounts locally on the switch, see Chapter 10, “Manag- ing Switch User Accounts.” page 2-4 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
FTP—Any standard FTP client may be used for remote login to the switch. This method is not secure. “Using FTP” on page 2-9. • Secure Shell—Any standard Secure Shell client may be used for remote login to the switch. See “Using Secure Shell” on page 2-11. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 2-5...
The user information includes usernames and passwords; it may also include privilege information or reference an end-user profile name. For information about setting up the switch to communicate with external authentication servers, see the OmniSwitch AOS Release 6 Network Configuration Guide. page 2-6 OmniSwitch AOS Release 6 Switch Management Guide...
Escape character is '^]'. login : Note. It is mandatory to specify the name of the particular IPv6 interface, if the target has been specified using the link-local address. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 2-7...
Page 70
Welcome to the Alcatel-Lucent OmniSwitch 6000 Software Version 6.3.1.733.R01 Development, October 05, 2007. Copyright(c), 1994-2007 Alcatel-Lucent. All Rights reserved. OmniSwitch(TM) is a trademark of Alcatel-Lucent registered in the United States Patent and Trademark Office. page 2-8 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
The following is an example of how to start an FTPv6 session to an OmniSwitch with an IPv6 address of fe80::a00:20ff:fea8:8961 -> ftp6 fe80::a00:20ff:fea8:8961 intf1 Connecting to [fe80::a00:20ff:fea8:8961]...connected 220 cosmo FTP server (UNIX(r) System V Release 4.1) ready Name: OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 2-9...
Page 72
After logging in, you will receive the ftp-> prompt, where you can execute the FTP commands that are supported on the switch. For further information refer to the OmniSwitch CLI Reference Guide. Note You must use the binary mode (bin) to transfer image files via FTP. page 2-10 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Shell FTP subsystem runs. Secure Shell FTP connects and logs into the specified host, then enters an interactive command mode. Refer to “Starting a Secure Shell Session” on page 2-14 for detailed information. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 2-11...
Secure Shell is used on the switches or servers being managed. Secure Shell Access Protocol Secure Shell Network OmniSwitch Secure Secure Shell Terminal Shell Client Server OmniSwitch as a Secure Shell Client page 2-12 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
The server will disconnect itself from the client if a certain number of failed authentications are attempted or if a time-out period expires. Authentication is performed independent of whether the Secure Shell interface or the SFTP file transfer protocol will be implemented. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 2-13...
You can use the ssh6 command to start an SSHv6 session followed by the relevant IPv6 address or the hostname, over an IPv6 environment. page 2-14 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 77
OmniSwitch OmniSwitch 11.233.10.145 11.133.30.135 Console Secure Shell Session between Two OmniSwitches To view the parameters of the Secure Shell session, issue the command. The following will display: -> who OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 2-15...
IP address or hostname for the device you are connecting to. You can use the sftp6 command to start an Secure Shell FTPv6 session followed by the relevant IPv6 address or hostname, over an IPv6 environment. page 2-16 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 79
Rename remote file rmdir path Remove remote directory rm path Delete remote file symlink oldpath newpath Symlink remote file version Show SFTP version Synonym for help OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 2-17...
OmniSwitch as a local device with no active remote connection. Note. Establishing and closing the Secure Shell FTPv6 connection is similar to that of the Secure Shell FTP connection. page 2-18 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
If you want the login banner in the text file to apply to CLI switch sessions, execute the following CLI command where the text filename is secondbanner.txt. -> session banner cli /flash/switch/secondbanner.txt OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 2-19...
To remove a text display before the login prompt, delete the pre_banner.txt file (it will be recreated at the next bootup and will be empty), or modify the pre_banner.txt file. page 2-20 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
In this example, any new WebView session will have a time-out of 10 minutes. Current WebView sessions are not affected. For more information about WebView sessions, see Chapter 12, “Using WebView.” OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 2-21...
IPv6 servers will be queried when a host lookup is requested. -> ipv6 name-server fe2d::2c f302::3de1:1 f1bc::202:fd40:f3 Note. You cannot use multicast, loopback, link-local and unspecified IPv6 addresses for specifying IPv6 DNS servers. page 2-22 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Displays the current DNS resolver configuration and status. For more information about these commands, refer to the OmniSwitch CLI Reference Guide. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 2-23...
Page 86
Verifying Login Settings Logging Into the Switch page 2-24 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
“SNMP Traps Table” on page 3-10 • “Working with SNMP Traps” on page 3-50 This chapter also includes lists of Industry Standard and Enterprise (Proprietary) MIBs used to manage the OmniSwitch. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-1...
---------------------------------------------------+---------+--------+------ 172.21.160.32/4000 enable 172.21.160.12/5000 enable user1 0300:0000:0000:0000:0211:d8ff:fe47:470b/4001 enable user2 0300:0000:0000:0000:0211:d8ff:fe47:470c/5001 enable For more information about this display, see the “SNMP Commands” chapter in the OmniSwitch CLI Reference Guide. page 3-4 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
-> show snmp station ipAddress/udpPort status protocol user ---------------------------+---------+--------+------------------------------- 210.1.2.1/162 enable usermark2 The usermark2 account is established on the SNMP station at IP address 210.1.2.1. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-5...
For trap numbers refer to the “SNMP Traps Table” on page 3-10. For more information on the CLI commands and the displays in these examples, refer to the OmniSwitch CLI Reference Guide. page 3-6 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
In an unsolicited notification, the SNMP agent in the switch sends a trap PDU to the SNMP manager to inform it that an event has occurred. The SNMP manager normally does not send confirmation to the agent acknowledging receipt of a trap. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-7...
Although MIB browsers vary depending on which software package is used, they all have a few things in common. The browser must compile the Alcatel-Lucent switch MIBs before it can be used to manage the switch by issuing requests and reading statistics. Each MIB must be checked for dependencies and the MIBs must be compiled in the proper order.
Encryption—Scrambling the contents of a packet to prevent it from being learned by an unauthorized source. • Authentication—Determining that the message is from a valid source holding the correct privileges. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-9...
(1) state; it should remain in the notPresent (6) state if the interface has missing (typically, hardware) components. authenticationFailure none snmp The SNMP agent in the switch has received a protocol message that is not properly authenticated. page 3-10 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 97
The switch notifies the NMS ventDetail- when a significant event happens String that involves the policy manager. policyTrapE- ventCode policyTrapEventDetailString—Details about the event that took place. policyTrapEventCode—The code of the event. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-11...
Page 98
The contained and the significant portion are varying in accordance with chassisTrapsStrErrorNb. The length of this field is expressed in bytes. page 3-12 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 99
A packet was received from the etSrc network whose authentication vrrpTrapAuth- key conflicts with the switch’s ErrorType authentication key or type. vrrpTrapPacketSrc—The IP address of an inbound VRRP packet. vrrpTrapAuthErrorType—Potential types of configuration conflicts. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-13...
Page 100
3-14 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 101
IP address than itself. pimNeighborIfIndex—The value of ifIndex for the interface used to reach this PIM neighbor. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-15...
Page 102
The prune bit indicates that the neighbor supports pruning. The generationID bit indicates that the neighbor sends its generationID in Probe messages. The mtrace bit indicates that the neighbor can handle mtrace requests. page 3-16 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 103
(2) or risingOr- FallingAlarm (3). stpNewRoot vStpNumber Sent by a bridge that became the new root of the spanning tree. vStpNumber—The Spanning Tree number identifying this instance. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-17...
Page 104
Coronado switching/routing ASIC. slPCAMSliceNumber—The slice number of this Coronado switching/routing ASIC. slPCAMStatus—The Layer 2 pesudoCAM status of this Coronado switching/routing ASIC. unused unused page 3-18 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 105
Two or more slots claim to have MgrSlotNI- the same slot number. Number alaStackMgrSlotNINumber—The numbers allocated for the stack NIs are from 1 to 8. Note: This trap is not supported on OmniSwitch 9000 switches. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-19...
Page 106
Denial of Service (DoS) attack. alaDoSType—Index field for the alaDoSTable. Integer indicating the DoS Type: 0=portscan, 1=tcpsyn, 2=pingofdeath, 3=smurf, 3=pepsi, 5=land and 6=teardropBonkBoink. alaDoSDetected—Number of attacks detected page 3-20 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 107
Note: This trap is not supported on OmniSwitch 6400, 6800, 6850, and 6855 switches. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-21...
Page 108
IP interface addresses. ospfVirtNbrArea—The Transit Area Identifier. ospfVirtNbrRtrId—A 32-bit integer uniquely identifying the neighboring router in the Autonomous System. ospfVirtNbrState—The state of the Virtual Neighbor Relationship. page 3-22 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 109
Note: This trap is not supported on OmniSwitch 9000 switches. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-23...
Page 110
This trap is sent when any tIfIndex one port of the link aggregate group goes into the attached state. traplnkaggId— Index value of the Link Aggregate group. traplnkaggIfIndex —Port of the Link Aggregate group. page 3-24 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 111
The number of bytes in 16K (16384) increments allowed for the file (default 16384 bytes). The file contains only the last monitorFileName bytes of the current port monitoring instance. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-25...
Page 112
LPS port on which the violation occured systemServicesDate—The current System Date in the following format: MM/DD/YYYY. systemServicesTime—The current System Time in the following format: HH:MM:SS. page 3-26 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 113
Level-1 routing. Routing between two or more areas is referred to as Level 2 routing. Each area runs a sep- arate copy of the basic link-state routing algorithm. vRtrIsisTrapLSPID—An Octet String that uniquely identifies a Link State PDU. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-27...
Page 114
Level-1 routing. Routing between two or more areas is referred to as Level 2 routing. Each area runs a sep- arate copy of the basic link-state routing algorithm. page 3-28 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 115
Level received. vRtrIsisIfIndex vRtrIsisPDUF- This notification includes ragment the header of the packet, which may help a network manager identify the source of the confusion. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-29...
Page 116
Level-1 routing. Routing between two or more areas is referred to as Level 2 routing. Each area runs a sep- arate copy of the basic link-state routing algorithm. vRtrIsisTrapLSPID—An Octet String that uniquely identifies a Link State PDU. vRtrIsisIfIndex—The ISIS interface on which the LSP was received. page 3-30 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 117
When an operationally up inter- face is deleted, the Circuit ID can be reused by any interface wait- ing to receive a unique Circuit vRtrIsisIfIndex—The ISIS interface. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-31...
Page 118
This trap is sent when there is a baseMacAd- possiblity of duplicate a MAC dress address in the network. physicalIndex—The Physical index of the involved object. baseMacAddress—The base MAC Address. page 3-32 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 119
IP multicast group address to which the last unexpected Register message received by this device was addressed. alaPimInvalidRegisterRp—The RP address to which the last unexpected Register message received by this device was delivered. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-33...
Page 120
PIM Interface Election Notification Period. alaPimInterfaceAddressType—The address type of the PIM interface. alaPimInterfaceAddress—The primary IP address of this router on this PIM interface. page 3-34 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 121
106 healthMonIpcTrap health- health This trap is sent when IPC Pools MonIpcPool- exceed usage. Status healthMonIpcPoolStatus—The IPC Pools usage status. 107 bcmHashCollisionTrap This trap is sent when ? bcmHashCollisionTrap—The ? OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-35...
Page 122
This trap is sent when multiple RPLs are detected in the Ring. alaErpRingId—The unique Ring identifier. 116 alaErpRingRemoved alaErpRingId This trap is sent when the Ring is removed dynamically. alaErpRingId—The unique Ring identifier. page 3-36 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 123
Ethernet OAM Event Notifica- LogLocation tion OAMPDU that indicates a dot3OamEvent threshold event. LogWin- dowHi dot3OamEvent LogWin- dowLo dot3OamEvent LogThreshol- dot3OamEvent LogThresh- oldLo dot3OamEvent LogValue dot3OamEvent LogRunning- Total dot3OamEvent LogEvent- Total OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-37...
Page 124
(local(1)), or was received from the OAM peer via Ethernet OAM (remote(2)). dot3OamEventLogEventTotal—The total number of times this event has resulted in a notification. page 3-38 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 125
OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-39...
Page 126
LDP instance. vRtrLdpGenOperState—The current operational state of the LDP instance. vRtrLdpInstanceNotifyReasonCode—The reason for the LDP instance state change (Admin Up/Down, Operationally Up/Down). page 3-40 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 127
(up(1), down(2), testing(3), unknown(4), dormant(5), notPresent(6), lowerLayerDown(7). 129 vRtrMplsStateChange vRtrID, mpls This trap is sent when the MPLS vRtrMplsGen- module changes state. eralAdmin- State vRtrMplsGen- eralOperState OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-41...
Page 128
LSP went down. 133 svcStatusChanged custId serv This trap is sent when there is a svcId change in the administrative or svcVpnId operating status of a service. svcAdminStatus svcOperStatus page 3-42 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 129
SAP's has been updated accordingly. sapNotifyPortId—The ID of the port that experienced the state change. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-43...
Page 130
It also provides the current real- time value of SFP/XFP/SFP+ Tx bias current. page 3-44 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 131
This trap is sent when a user port esmViolation- is re-enabled after an esm viola- Recovery tion recovery timeout. Notification- Type ifIndex—The interface index. esmViolationRecoveryNotificationType—The trap type for monitored violation-recovery parameters. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-45...
Page 132
IP address and a new IP ClientNew address is assigned to the DHCP Address client. alaDhcpClientAddress—The current IP address of the DHCP client. ala DhcpClientNew Address—The new IP address assigned for the DHCP client. page 3-46 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
The display is similar to the one shown here: ->show snmp community map Community mode : enabled status community string user name --------+--------------------------------+-------------------------------- enabled comstring2 community_user1 This display also verifies that the community map mode is enabled. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-47...
Write for domains = None , Snmp authentication = MD5, Snmp encryption = DES The user’s SNMP authentication is shown as MD5 and SNMP encryption is shown as DES. page 3-48 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Encrypted v3 Sets, Gets, and Get-Nexts privacy set Authenticated v3 Gets and Get-Nexts Encrypted v3 Sets, Gets, and Get-Nexts privacy all Encrypted v3 Sets, Gets, and Get-Nexts traps only All SNMP requests are rejected. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-49...
Procedures for filtering individual traps can be found in the Quick Steps for “Filtering by Individual Traps” on page 3-6. For a list of trap names, ID numbers, and their descriptions refer to the table “SNMP Traps Table” on page 3-10. page 3-50 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
When WebView forwarding is enabled, all traps sent by switch applications are also forwarded to WebView. The following command allows a WebView session to retrieve the trap history log: -> snmp trap to webview enable OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-51...
For MIB Id number 87042, the MIB table name is vacmContextTable. This table is found in the SNMP-VIEW-BASED-ACM MIB, which serves as the view-based access control model (VACM) for the SNMP. page 3-52 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 139
MIB-II Table. IANA-RTPROTO-MIB This MIB module defines the IANAipRouteProtocol SNMPv2-SMI, and IANAipMRouteProtocol textual conventions for SNMPv2-TC use in MIBs which need to identify unicast or multi- cast routing mechanisms. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-53...
Page 140
SNMPv2-TC, SNMPv2-CONF IPv6-UDP-MIB, Management Information Base for User Datagram SNMPv2-SMI, RFC 2454 Protocol SNMPv2-CONF, IPv6-TC MAU-MIB, Management Information for IEEE 802.3 Medium SNMPv2-SMI, RFC 2668 Attachment Units. SNMPv2-TC, SNMPv2-CONF page 3-54 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 141
Hardware Devices by using SMIv2. SNMPv2-CONF, IF-MIB SNMP-COMMUNITY This MIB module defines objects to help support coex- SNMPv2-SMI, MIB, RFC 2576 istence between SNMPv1, SNMPv2c, and SNMPv3. SNMP-FRAME- WORK-MIB, SNMP-TARGET- MIB, SNMPv2-CONF OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-55...
Page 142
ACM-MIB, RFC 2575 Simple Network Management Protocol (SNMP). SNMPv2-TC, SNMPv2-CONF, SNMP- FRAMEWORK- TCP-MIB, RFC 2012 SNMPv2 Management Information Base for the SNMPv2-SMI, Transmission Control Protocol by using SMIv2. SNMPv2-CONF page 3-56 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 143
SNMPv2 Management Information Base for the User SNMPv2-SMI, Datagram Protocol by using SMIv2. SNMPv2-CONF VRRP-MIB, RFC 2787 Definitions of Managed Objects for the Virtual Router SNMPv2-SMI, Redundancy Protocol (VRRP). SNMPv2-TC, SNMPv2-CONF, IF-MIB OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-57...
SNMP MIB Information Using SNMP Enterprise (Proprietary) MIBs The following table lists the supported enterprise proprietary MIBs. Note. The ALCATEL-IND1-BASE* MIB is required for all MIBs listed in this table. MIB Name Description Dependencies* ALCATEL-IND1- Definitions of managed objects for the Authentication,...
Page 145
Link Aggregation (LAG) subsystem. SNMPv2-TC, SNMPv2-CONF, IEEE8023-LAG- MIB, IF-MIB Q-BRIDGE-MIB ALCATEL-IND1- Definitions of the MIB module for the address learning SNMPv2-SMI, LPS-MIB MIB addresses entity. SNMPv2-TC, IF-MIB, Q-BRIDGE-MIB, ALCATEL-IND1- SYSTEM-MIB, SNMPv2-CONF OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-59...
Page 146
BASE ALCATEL-IND1- Definitions of managed objects for the Policy Manager SNMPv2-SMI, POLICY-MIB subsystem. SNMPv2-TC, SNMPv2-CONF ALCATEL-IND1- Definitions of managed objects for the Port Manager SNMPv2-SMI, PORT-MIB subsystem. SNMPv2-CONF, IF-MIB page 3-60 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 147
Definitions of managed objects for the VLAN Man- SNMPv2-SMI, VLAN-MGR-MIB ager subsystem. SNMPv2-TC, SNMPv2-CONF ALCATEL-IND1- Definitions of managed objects for the VLAN Span- SNMPv2-SMI, VLAN-STP-MIB ning Tree Protocol (STP) subsystem. SNMPv2-CONF, BRIDGE-MIB OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-61...
Page 148
Definitions of managed objects for the Virtual Router SNMPv2-SMI, VRRP3-MIB Redundancy Protocol 3 (VRRP3) subsystem. SNMPv2-TC, SNMPv2-CONF, INET-ADDRESS- MIB, IF-MIB ALCATEL-IND1-WEB- Definitions of managed objects for the Web Based SNMPv2-SMI, MGT-MIB Management subsystem. SNMPv2-TC, SNMPv2-CONF, INET-ADDRESS- page 3-62 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Enabled/Disabled status of SNMP absorption and the Traps to WebView service. For more information about the resulting displays from these commands, see the OmniSwitch CLI Refer- ence Guide. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 3-63...
Page 150
Verifying the SNMP Configuration Using SNMP page 3-64 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Configuring the NTP server on the OmniSwitch. See “Configuring the OmniSwitch as an NTP Server” on page 4-11. • Enabling authentication in NTP negotiations. See “Using Authentication” on page 4-12. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 4-1...
Used to activate client ntp client disabled Used to activate NTP client ntp client disabled broadcast mode Used to set the advertised broadcast ntp broadcast-delay 4000 microseconds delay, in microseconds page 4-2 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
You can check the list of servers associated with this client using the show ntp client server-list command, as shown: -> show ntp client server-list IP Address Delay Offset Disp ================+===+=======+====+==========+=================+========== 1.2.5.6 0.06 -0.673 0.017 OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 4-3...
By default the NTP Server functionality is enabled on the OmniSwitch and will respond to NTP client requests. See the “Configuring the OmniSwitch as an NTP Server” on page 4-11 for additional informa- tion. page 4-4 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Omniswitch to establish an active peering relationship with another server, enable broadcast server functionality, disable a given IP for NTP and employ MD5 authentication for clients and active peers. page 4-6 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 157
This minimizes common points of failure. OmniSwitch AOS Release 6 Switch Management Guide July 2010...
MD5 key written as a 1 to 31 character ASCII string with each character standing for a key octet. The key file (with identical MD5 keys) must be located on both the local NTP client and the client’s server. page 4-8 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
NTP hosts. The correct time is determined from an NTP message based on a pre-config- ured latency or broadcast delay in the order of a few milliseconds. To set the broadcast delay, enter the ntp broadcast-delay command as shown: -> ntp broadcast-delay 1000 OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 4-9...
For example, to set the minimum poll time to 128 seconds, enter the following: -> ntp server 1.1.1.1 minpoll 7 This would set the minimum poll time to 2 = 128 seconds. page 4-10 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
By default the OmniSwitch will respond to NTP requests received on any IP interfaces. To disable the NTP capability on an interface use the ntp interface as shown: -> ntp interface 198.206.182.100 disable OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 4-11...
In the Omniswitch directory /flash is a file named random-seed. Transfer this file using FTP into the Unix environment and rename it to .rnd. Issue command, ntp-keygen with option -M, that refers generating a new MD5 key file, as shown: -> ntp keygen -M page 4-12 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 163
Transfer the ntp.keys file using FTP, to the /flash/network/ directory on the OmniSwitch. To load the file into the switch memory issue the command ntp key load or reboot the Omniswitch. -> ntp key load OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 4-13...
Examples of the show ntp client, show ntp server status, and show ntp client server-list command outputs are given in the section “NTP Client Quick Steps” on page 4-3. page 4-14 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
CMM software is described in “Managing Redundancy in a Stack and CMM” on page 5-25. • Upgrading switch code using ISSU described in “In-Service Software Upgrade” on page 5-31. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-1...
Page 166
In This Chapter Managing CMM Directory Content • Managing, upgrading and restoring files using a USB flash drive described in “Using the USB Flash Drive” on page 5-33. page 5-2 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
The management of a stack or single switch is controlled by three types of files: • Image files, which are proprietary code developed by Alcatel-Lucent to run the hardware. These files are not configurable by the user, but may be upgraded from one release to the next. These files are also known as archive files as they are really the repository of several smaller files grouped together under a common heading.
Once the contents of the working directory are established as good files, then these files can be saved to the certified directory and used as the most reliable software to which the switch can be rolled back in an emergency situation. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-5...
Running Configuration is Overwritten by the Certified Directory on Boot page 5-6 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 171
The changes made and saved to the working directory are not in effect. The switch can be booted from the working directory by using the reload working command. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-7...
Page 172
Running Configuration is Saved to Working, then to the Certified Directory page 5-8 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 173
Scenario 4: Rollback to Previous Version of Switch Software Later that year, an upgraded image file is released from Alcatel-Lucent. The network administrator loads the new file via FTP to the working directory of the switch and reboots the switch from the working direc- tory.
The working direc- The working tory is then copied directory is then to the certified copied to the certi- directory. fied directory. Powering Up a Stack page 5-10 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 175
“Copying the Working Directory to the Certified Directory” on page 5-21, while synchronizing the switch is described in “Synchronizing the Primary and Secondary CMMs” on page 5-27. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-11...
Page 176
“Copying the Working Directory to the Certified Directory” on page 5-21, while synchronizing the switch is described in “Synchronizing the Primary and Secondary CMMs” on page 5-27. page 5-12 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 177
The working primary CMM is then copied to directory is then switch. the certified direc- copied to the certi- tory. fied directory. Synchronizing a Stack with Three More Switches OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-13...
If the switch is running from the certified directory, you cannot save any changes to the running configuration, or copy files between the directories. page 5-14 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 179
You can check the status of a reboot set for a later time by entering the following command: -> show reload -> show reload status reload command is described in detail in the OmniSwitch CLI Reference Guide. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-15...
To save these changes, it is necessary to save the contents of the running configuration to the working directory. page 5-16 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 181
Certifying the working directory is described in “Copying the Working Directory to the Certified Directory” on page 5-21, while synchronizing the switch is described in “Synchronizing the Primary and Secondary CMMs” on page 5-27. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-17...
“Copying the Certified Directory to the Working Directory” on page 5-22, or by using the reload command as described in “Rebooting the Switch” on page 5-14. page 5-18 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 183
To schedule a working directory reboot of the CMM at 8:00pm with a rollback time-out of 10 minutes, you would enter: -> reload working rollback-timeout 10 at 20:00 Note. Scheduled reboot times should be entered in military format (i.e., a twenty-four hour clock). OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-19...
Page 184
To cancel a rollback time-out, enter the reload cancel command as shown: -> reload primary cancel -> reload cancel reload working command is described in detail in the OmniSwitch CLI Reference Guide. page 5-20 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Note. Only software that has been thoroughly validated as viable and reliant software should be copied to the certified directory. Once you copy software to the certified directory, you will not be able to recover a previous version of the image or configuration files. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-21...
If there isn’t enough free space, the copy attempt will fail and an error message will be generated. Only image files, the boot.cfg file, and the certs.pem file should be kept in the certified direc- tory. page 5-22 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
CMM. show running-directory command is described in detail in the OmniSwitch CLI Reference Guide. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-23...
To display the date when the archive was last updated, enter the show microcode command with the history keyword, as shown: -> show microcode history Archive Created 10/1/04 6:49:34 page 5-24 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Users Guide. However, with OmniSwitch Chassis-based switches, if the versions of the software on the primary and secondary CMM are not synchronized, the NI modules on the switch will restart, causing packet loss. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-25...
Getting Started Guide for information on the boot.params file, and Chapter 1, “Managing System Files,” for information on setting the switch date and time. The date and time are synchronized using the system time-and-date synchro command. page 5-26 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
CMM. This prevents the secondary CMM from rebooting using incorrect or out-of-date soft- ware should the primary CMM go down. On a stack, this command will synchronize all switches in a stack. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-27...
CMM system, but there is no “secondary” CMM. Hardware or software failures in the CMM will result in a system reboot. The System fabric capacity is on half of the fabric capacity of a dual CMM system. page 5-28 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Hardware Users Guide. Note. The saved boot.cfg file will be overwritten if the takeover command is executed after the write memory command on a switch set up with redundant CMMs. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-29...
NONE, ALL, or a list of specific modules. Refer to the following section for additional information on NI module behavior during a redundant CMM takeover. show running-directory command is described in detail in the OmniSwitch CLI Reference Guide. page 5-30 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
As a result of this process, the system is patched with minimal disruption to data traffic. Also, the primary and secondary will have the same images in their flash/working directory and will have changed roles (for example, primary will act as secondary and the secondary as primary). OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-31...
Using the USB Flash Drive An Alcatel-Lucent certified USB flash drive can be connected the CMM and used to transfer images to and from the flash memory on the switch. This can be used for upgrading switch code or backing up files.
Note: If a backup boot.cfg file is on the USB flash drive it will be copied along with the image files and can be used to recover the switch configuration. page 5-34 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Once the boot.cfg file is confirmed to be good, it needs to be saved to the certified directory by using the procedure described in “Copying the Working Directory to the Certified Directory” on page 5-21. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 5-35...
For more information on the resulting displays from these commands, see the OmniSwitch CLI Reference Guide. An example of the output for the show microcode command is given in “Show Switch Files” on page 5-24. page 5-36 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
6 Using the CLI Alcatel-Lucent’s Command Line Interface (CLI) is a text-based configuration interface that allows you to configure switch applications and to view switch statistics. Each CLI command applicable to the switch is defined in the OmniSwitch CLI Reference Guide. All command descriptions listed in the Reference Guide include command syntax definitions, defaults, usage guidelines, example screen output, and release history.
Once you enter a command mode, you must step your way back to the top of the hierarchy before you can enter a command in a different mode. The Alcatel-Lucent switch will answer any CLI command at any time because there is no hierarchy.
Indicates basic command and keyword syntax. Example: show snmp station “ ” (Quotation Marks) Used to enclose text strings that contain spaces Example: vlan 2 name “new test vlan” OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 6-3...
To display aliases, use the show alias command. To set all alias values back to their factory defaults, use user profile reset command. page 6-4 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
(Additional output not shown) Note that the command keywords are shown in all capital letters. The name of the command set is listed parenthetically below the keywords in initial caps. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 6-5...
Page 206
TRAP, SHOW, NO, INTERFACES, FLOW, DEBUG, 10GIG IP Routing & Multicast DEBUG, VRRP3, VRRP, TRACEROUTE6, SHOW, PING6, NO, IPV6, IP, CLEAR SHOW, QOS, POLICY, NO, DEBUG Debug UPDATE, SHOW, NO, DEBUG page 6-6 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Because you are setting up a new VLAN, and want to give the VLAN a name, you can presume the proper syntax for this task will be NAME as shown in the VLAN Manager Command Set. OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 208
-----+-------+------+-------+------+----+-----+--------------------------------- VLAN 1 test vlan 2 The second entry verifies that a VLAN was created, the VLAN ID is 33 and the name is test vlan 2. page 6-8 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
“m” and the “a”. -> show m acrocode Use the Delete key to remove the “a” and type “i”. -> show microcode Press Enter to execute the command. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 6-9...
Then, use the Left Arrow key to position the cursor between the “r” and the “c” characters. To insert the missing character, type “o”. -> !! -> show microcode To execute the corrected command, press Enter. page 6-10 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Then, if a valid related command is entered next, the CLI will assume the stored prefix is part of the next command. In this case, you are only required to enter the suffix information for the next command. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 6-11...
-> show prefix Current prefix: vlan 501 If you issue the show prefix command when there is no prefix stored by the CLI, a “no prefix” message will display. page 6-12 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
10 ip bgp pn 11 show ip bgp 12 show history In the example above, the show history command is listed last because it is the command that was executed most recently. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 6-13...
Page 214
Note. The Partial Keyword Completion feature described on page 6-5 works within the CLI history buffer. page 6-14 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
All commands logged before the command-log disable syntax was entered remains available for viewing. For information on viewing logged commands, along with the command entry results, refer to “Viewing Logged CLI Commands and Command Entry Results” on page 6-16. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 6-15...
SUCCESS displays in the Result field. If a syntax or configuration error occurred at the time a command was entered, details of the error display. For example: Result : ERROR: Ip Address must not belong to IP VLAN 67 subnet page 6-16 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
For an example of using a stored prefix as part of the prompt, refer to “Prefix Prompt” on page 6-13. For more general information on the session prompt command, refer to the OmniSwitch CLI Reference Guide. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 6-17...
Note. The value set with the more size command applies to the screen display when the CLI is in the more mode or when you are using the switch’s Vi text editor. page 6-18 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
The filter command is case sensitive. When using the slash (/) command, you must type the text exactly as it would appear in the CLI table. For additional information about filtering, refer to “Using a Wildcard to Filter Table Information” on page 6-23. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 6-19...
The other sessions are identified by session number, user name, the type of access, port type, IP address, and user privileges. The output definitions are defined in the table on page 6-21. page 6-20 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Read-Write families The command families available with the user’s read-write access. See the table beginning on page 6-22 for a listing of valid families. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 6-21...
The command syntax requires you to specify the number of the session you want to kill. You can use the who command for a list of all current user sessions and their numbers. The kill command takes effect immediately. page 6-22 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
CLI table and to type the asterisk (*) character before and after the text. The More? mode prompt will automatically re-appear. Enter filter pattern: *vlan* More? [next screen <sp>*, next line <cr>*, filter pattern </>*, quit <q>] OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 6-23...
More? [next screen <sp>*, next line <cr>*, filter pattern </>*, quit <q>] The screen displays 10 table rows, each of which contain the text pattern “vlan” Alcatel-Lucent’s CLI uses a single level command hierarchy. (The screen rows shown above and below the table are not counted as part of the 10 rows.) If you want to display the rows one line at a time, press Enter instead of the space bar...
“Applying Configuration Files to the Switch” on page 7-6 • “Configuration File Error Reporting” on page 7-7 • “Text Editing on the Switch” on page 7-9 • “Creating Snapshot Configuration Files” on page 7-10 OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 7-1...
Chapter 1, “Managing System Files.” Apply the configuration file to the switch by using the configuration apply command as shown here: -> configuration apply dhcp_relay.txt File configuration <dhcp_relay.txt>: completed with no errors page 7-2 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 227
Max number of hops Forwarding option = standard Forwarding Address: 128.251.16.52 These results confirm that the commands specified in the file dhcp_relay.txt configuration file were successfully applied to the switch. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 7-3...
File configuration: none scheduled Apply the file by executing the configuration apply using the at keyword with the relevant date and time. -> configuration apply bncom_cfg.txt at 09:00 04 july page 7-4 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
The “scheduled at” date and time show when the file will be applied. This value is 6 hours and 15 minutes from the date and time the command was issued. For more information about this display see “Configuration File Manager Commands” in the OmniSwitch CLI Reference Guide. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 7-5...
The following displays where the timed session was set on March 10, 2002 at 01:00 using the configuration apply group_config in 6:10 syntax. -> show configuration status File configuration <group_config>: scheduled at 03/10/02 07:10 page 7-6 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
.err extension. This does not mean that a config- uration apply error has occurred; it is merely the switch’s standard method for displaying debug set or debug show command output. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 7-7...
For error details, you can view the contents of a generated error file. To view the contents of an error file, use the more command. For example: -> more asc.1.snap.1.err For more information, refer to “Displaying a Text File” on page 7-9. page 7-8 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
-> vi /flash/working switchlog.txt You can invoke the Vi editor in read-only mode by using the following syntax. -> view To exit the Vi editor, use the Cap ZZ key sequence. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 7-9...
-> configuration snapshot vlan qos snmp You can verify that a new snapshot file is created by using the command to list all files in the /flash directory. page 7-10 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Comment lines are located at the beginning of the snapshot file to form a sort of header. They also appear intermittently throughout the file to identify switch features or applications that apply to the commands that follow them. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 7-11...
Page 236
! Port mirroring : ! UDP Relay : ! Server load balance : ! System service : ! VRRP : ! Web : ! AMAP : ! GMAP : ! Module : page 7-12 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 237
Bridging services. Each of these services have configuration commands listed under their heading. All other switch services and applications are either not being using or are using default settings. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 7-13...
A snapshot is a sin- gle text file that can be viewed, edited, and reused as a configuration file. write terminal Displays the switch’s current running configuration for all features. page 7-14 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
'write memory' command. The CMM OK1 LED will then turn solid green as in previous releases. To ensure the Auto-Configuration process is able run properly, please ensure at least one NI is inserted in the chassis-based switches. OmniSwitch AOS Release 6 Network Configuration Guide July 2010 page 8-1...
(* represents image filename ) Location: FTP/SFTP/TFTP Server Download location: /flash/working directory File download server Primary FTP/SFTP/TFTP Server Backup server for file download Secondary FTP/SFTP/TFTP Server Password for FTP/SFTP Server Same as username OmniSwitch AOS Release 6 Network Configuration Guide July 2010 page 8-3...
Stores the instruction file. Can also store the config file and firmware FTP/SFTP Server Stores the firmware and configuration for secure access Basic Network Components for Automatic Remote Configuration Download page 8-4 OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
Secondary FTP/SFTP file server address / type / username. For more details on all the component files downloaded during the automatic remote configuration download process, see - “Download Component Files” on page -10. OmniSwitch AOS Release 6 Network Configuration Guide July 2010 page 8-5...
If the download is successful, the OK1 LED turns green. If the download process is unsuccessful, the OK1 LED continues to blink, and remains amber in color. page 8-6 OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
Get instruction file Found instruction file? Download Download firmware and/or Script boot.cfg only Reload Switch Run Script Switch is available remotely Illustration of Automatic Remote Configuration Process OmniSwitch AOS Release 6 Network Configuration Guide July 2010 page 8-7...
3. After the successful download of the script file, the DHCP IP interface is automatically deleted. However, SSH access remains enabled. Use the ‘no aaa authentication ssh’ command to disable SSH connectivity if desired. page 8-8 OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
For detailed information on how the Automatic Remote Configuration feature works under different scenarios, see - “Automatic Remote Configuration Download Process” on page -14 OmniSwitch AOS Release 6 Network Configuration Guide July 2010 page 8-9...
SSH. • All contents of the instruction file are stored in the switch log (swlog.log) file as evidence of the last Automatic Remote Configuration download. page 8-10 OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
The specified protocol and username is used for the download. Example The instruction file has the Keyword:Value format as shown below: ! Alcatel-Lucent OmniSwitch OS6850 – Instruction file version 1.2.1 ! Firmware version Firmware version:OS_6_4_3_355_R01 Firmware location:/home/ftpboot/firmware ! Configuration file Config filename:boot_OS6850.cfg...
The switch boots up normally according to the configurations specified in the boot.cfg file when the automatic remote configuration download process is completed if no script file is downloaded. page 8-12 OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
• If the script file name mentioned in the instruction file is incorrect, then an error is logged in the switch log or swlog.log file. ‘ OmniSwitch AOS Release 6 Network Configuration Guide July 2010 page 8-13...
(a reboot occurs only if no script file is downloaded). If available, commands in the script file are run and the DHCP client configuration is automatically removed on the default VLAN 1. page 8-14 OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
File locations or names listed in the instruction file are incorrect. Error Description Table The following table provides information on the common server connection failures and file download errors that can occur during Automatic Remote Configuration: OmniSwitch AOS Release 6 Network Configuration Guide July 2010 page 8-15...
FTP/SFTP servers and implemented onto the OmniSwitch. Error Description Table The following error description table provides information about some of the common script file errors that occur during Automatic Remote Configuration: page 8-16 OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
Page 255
<File name and pathname> due to error in running the script file Failure commands. Error in executing the downloaded The downloaded script file cannot be run. script file OmniSwitch AOS Release 6 Network Configuration Guide July 2010 page 8-17...
Page 256
Troubleshooting Managing Automatic Remote Configuration Download page 8-18 OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
Configuration procedures described in this chapter include: • Enabling MAC Retention on page 9-6. • Detecting a Duplicate MAC Address on page 9-6. • Configuring MAC Release on page 9-6. OmniSwitch AOS Release 6 Network Configuration Guide July 2010 page 9-1...
The following table lists the defaults for MAC Retention configuration: Parameter Description Command Default MAC Address Retention status mac-retention status disabled Status of duplicate MAC mac-retention dup-mac-trap disabled Address trap page 9-2 OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
M2, the new primary element’s MAC address. Stack 1 advertises its new stack address M2. Switch 1, which OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
• Failure of non-adjacent elements • Failure of non-adjacent primary and secondary elements • Failure of non-adjacent primary and idle elements • Failure of non-adjacent secondary and idle elements page 9-4 OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
If you enable the MAC Retention feature again, the old MAC address released earlier will not be retained. Thereafter, the stack will retain the MAC address of the current primary element during future takeovers. OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
Configuring MAC Retention Configuring MAC Retention Configuring MAC Retention This section describes how to use Alcatel-Lucent’s Command Line Interface (CLI) commands to configure MAC Retention. Enabling MAC Retention MAC Retention is disabled on the switch by default. If necessary, use the...
MAC address is acceptable. This feature also works well during the following failures: • Power failure of the primary element • Hardware failure of the primary element OmniSwitch AOS Release 6 Network Configuration Guide July 2010 page 9-7...
MAC address from the stack consisting of the new primary and secondary elements. This stack will use the base MAC address from the EEPROM of the new primary element of the stack. page 9-8 OmniSwitch AOS Release 6 Network Configuration Guide July 2010...
Page 265
(except end-user profiles, which may only be configured on the switch). For information about setting up external servers that are configured with user information, see the “Managing Authentication Servers” chapter in the OmniSwitch AOS Release 6 Network Configuration Guide.
Maximum number of old passwords user password-history to retain in the password history. Minimum number of days user is user password-min-age 0 (disabled) blocked from changing password. page 10-2 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 267
Maximum number of failed login user lockout-threshold 0—no limit to the num- attempts allowed during the lockout ber of failed login window time period. attempts Allow ‘admin’ user console-only user Disabled access. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 10-3...
Note. For information about setting up user information on an authentication (AAA) server, see the “Managing Authentication Servers” chapter of the OmniSwitch AOS Release 6 Network Configuration Guide.
An example of creating a user and setting access privileges for the account is given here: -> user thomas techpubs read-write domain-policy md5+des For more details about command syntax, see the OmniSwitch CLI Reference Guide. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 10-5...
User name = default Read Only for domains = None, Read/Write for domains = None, Snmp not allowed For more information about the show user command, see the OmniSwitch CLI Reference Guide. page 10-6 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
= NONE, Snmp encryption = NONE User name = default END user profile Profile5 Snmp not allowed For more information about the show user command, see the OmniSwitch CLI Reference Guide. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 10-7...
RADIUS or LDAP server on which privileges are not configured. For more information about these servers, see the “Managing Authentication Servers” chapter of the OmniSwitch AOS Release 6 Network Configuration Guide.
For information about using the write memory, copy running-config working, and configuration snapshot commands, see Chapter 5, “Managing CMM Directory Content,” Chapter 7, “Working With Configuration Files,” and the OmniSwitch CLI Reference Guide. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 10-9...
-> password enter old password: Enter the old password. (The password is concealed with asterisks.) A prompt displays for the new password. -> password enter old password:******** enter new password: page 10-10 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 275
(*) as one or more characters in a password is allowed as long as every character is not an asterisk. For example, password **123456** is allowed; password ******** is not allowed. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 10-11...
For example, the password for the account username of public can not contain the word public in any part of the password. However, the username of another account is still allowed. page 10-12 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
20 days, that user’s password will expire in 10 days. To disable the default password expiration, use the user password-expiration command with the disable option: -> user password-expiration disable OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 10-13...
For example: -> user password-min-age 7 This command specifies that the user is prevented from changing their password for seven days from the time the password was created or modified. page 10-14 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
30 minutes and the threshold number is set for 3 failed login attempts, then the user is locked out when 3 failed login attempts occur within a 30 minute time frame. OmniSwitch AOS Release 6 Switch Management Guide July 2010...
10-16) is not configured for the switch, then it is only possible to manually unlock a user account with the user lockout command or by changing the user password. page 10-16 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Note. When modifying an existing user, the user password is not required. If you are configuring a new user with privileges, the password is required. The default user privileges may also be modified. See “Default User Settings” on page 10-8. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 10-17...
To give a user SNMP access without SNMP authentication required, enter the user command with the no auth option. For example, to give existing user thomas SNMP access without SNMP authentication, enter the following: -> user thomas password techpubs no auth page 10-18 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
The Admin user account can be configured to have access to the switch limited to the console port only as shown below: -> user admin console-only enable This results in the Admin account not having any remote access such as Telnet. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 10-19...
To remove a VLAN range from a profile, use the no form of the command and the VLAN ID of the start of the range to be removed. For example: -> end-user profile Profile3 no vlan-range 7 This command removes VLANs 7 and 8 from Profile3. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 10-21...
Profile3 is deleted from the configuration. Note. If the profile name is associated with a user, and the profile is deleted from the configuration, the user will not have access to the switch. page 10-22 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
For more information about the resulting displays from these commands, see the OmniSwitch CLI Refer- ence Guide. An example of the output for the show user command is also given in “Quick Steps for Network Administrator User Accounts” on page 10-6. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 10-23...
Page 288
Verifying the User Configuration Managing Switch User Accounts page 10-24 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
For information about setting up external servers that are configured with user information, see the “Managing Authentication Servers” chapter in the OmniSwitch AOS Release 6 Network Configuration Guide. This chapter describes how to enable/disable access for management interfaces. For information about basic login on the switch, see Chapter 2, “Logging Into the Switch.”...
Access to managing the switch is always available for the admin user through the console port, even if management access to the console port is disabled for other users. page 11-2 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
“Configuring Accounting for ASA” on page 11-12. For complete details about local logging, see the “Using Switch Logging” chapter in the OmniSwitch AOS Release 6 Network Configuration Guide. OmniSwitch AOS Release 6 Switch Management Guide...
The authentication-only server supported by the switch is ACE/Server, which is a part of RSA Security’s SecurID product suite. RSA Security’s ACE/Agent is embedded in the switch. page 11-4 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
For more information about Authenticated VLANs, see “Configuring Authenticated VLANs” in the OmniSwitch AOS Release 6 Network Configuration Guide. For more information about authentication servers, see “Configuring Authentication Servers” in the OmniSwitch AOS Release 6 Network Configura- tion Guide. OmniSwitch AOS Release 6 Switch Management Guide...
This configuration is briefly mentioned in this chapter and described in detail in the “Manag- ing Authentication Servers” chapter of the OmniSwitch AOS Release 6 Network Configuration Guide. If you are using the local switch database to authenticate users, user accounts must be set up on the switch.
Specify an accounting server if a RADIUS or LDAP server will be used for accounting. Specify local if accounting may be done on the switch through the Switch Logging feature. Multiple servers may be specified as backups. -> aaa accounting session ldap2 local OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 11-7...
Page 296
The order of the server names is important here as well. In this example, the switch will use ldap2 for logging switch access sessions. If ldap2 becomes unavailable, the switch will use the local Switch Logging facility. For more information about Switch Logging, see the OmniSwitch AOS Release 6 Network Configuration Guide.
For more information about configur- ing the switch to communicate with these servers, see the “Managing Authentication Servers” chapter of the OmniSwitch AOS Release 6 Network Configuration Guide. Note. RADIUS or LDAP servers used for authenticated switch access may also be used with authenti- cated VLANs.
SNMP management access. If the default interface setting includes only RADIUS and/or ACE server, the default setting will not be used for SNMP. For example: -> no aaa authentication ftp -> aaa authentication default rad1 rad2 page 11-10 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
DSA key, use the Secure Shell tools available on your Unix or Windows system and copy the files to the /flash/network directory. For more information about Secure Shell, see Chapter 2, “Logging Into the Switch.” Note. Secure Shell cannot be used for Authenticated VLANs. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 11-11...
Switch Logging feature. (For more information about Switch Logging, see the OmniSwitch AOS Release 6 Network Configuration Guide.) To remove an individual server from the list of servers, enter the aaa accounting session command with the relevant server name(s), removing the desired server from the list.
For more information about the resulting displays from these commands, see the OmniSwitch CLI Refer- ence Guide. An example of the output for the show aaa authentication command is also given in “Quick Steps for Setting Up ASA” on page 11-7. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 11-13...
Page 302
Verifying the ASA Configuration Managing Switch Security page 11-14 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
12-13) Note. For detailed configuration information on each feature, see other chapters in this guide, the OmniSwitch AOS Release 6 Network Configuration Guide, or the OmniSwitch AOS Release 6 Advanced Routing Configuration Guide. OmniSwitch AOS Release 6 Switch Management Guide...
Typically many of these settings are configured as the default. Different browsers (and different versions of the same browser) may have different dialogs for these settings. Check your browser help pages if you need help. page 12-2 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Force SSL on the switch. For exam- ple: -> http ssl Use the no http ssl command to disable Force SSL on the switch. Use the show http command to view WebView status. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 12-3...
This command changes the secure HTTP port to 2500. To restore an HTTPS port to its default value, use the default keyword as shown below: -> https port default page 12-4 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
• Feature Options—Used to access specific configuration options for each feature (displayed in drop- down menus at the top of the page). • View/Configuration Area—Used to view/configure a feature. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 12-5...
Under each configuration group are switch features, identified by a name and an icon. For detailed configuration information on each feature, see other chapters in this guide, the OmniSwitch AOS Release 6 Network Configuration Guide, or the OmniSwitch AOS Release 6 Advanced Routing Configuration Guide. Help pages are also available in WebView.
Page 309
After logging into WebView, a real-time graphical representation of the switch displays all of the switch’s current components. The feature configuration options on this page are used to config- ure the switch. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 12-7...
Configuring the Switch With WebView The following sections provide an overview of WebView functionality. For detailed configuration proce- dures, see other chapters in this guide, the OmniSwitch AOS Release 6 Network Configuration Guide, or the OmniSwitch AOS Release 6 Advanced Routing Configuration Guide.
WebView browser window; or, • Follow the steps below to install the Alcatel-Lucent self-signed certificate in the Trusted Root Certifi- cation Authorities store. Doing so will clear the certificate error message.
These are the same configuration options available in the drop-down menus at the top of the page. Click to dis- play feature Displays Home Site Map Page. Feature Overview IP Home Page page 12-10 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 313
Configuring the Switch With WebView Click on a configura- tion option to display the configura- tion page. Click on the browser Back button to return to the Home Page. IP Site Map OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 12-11...
Enter a Applies new value. configura- tion. Select item from drop- down menu. Restores original field values. Global IP Configuration Page page 12-12 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Table Configuration Page Adding a New Entry To add a new entry to the table: Click Add on the Configuration page. The Add window appears (e.g., Add IP Static Route). OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 12-13...
Page 316
If there is an error, the window will remain and an error message is displayed. Repeat the procedure to modify additional entries. Modify Window page 12-14 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
(e.g., Expanded View). For example, if the table is in summary view, click on “Expanded View” to change to the expanded view. From the expanded view, click on “Summary View” to return to the summary view. Click to expand table. Table Views OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 12-15...
Page 318
Note. You can also click on the “Flip” icon at the upper-right corner of the table to toggle between the ascending and the descending order. Click to tog- gle between ascending and descend- ing order. “Flip” icon Table Sort Feature - Initial Sort page 12-16 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 319
Click again on the “Sort” icon to sort the table. Click on the “Clear” icon to clear the sort settings. You can sort up to four columns at one time. OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 320
50 or 100 entries. If the table reaches this threshold, the first group of entries is displayed and a “Next” button appears at the bottom of the page. Click Next to view the next group of entries. Click Previous to view the previous group of entries. page 12-18 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Table Paging Adjacencies WebView provides a graphical representation of all AMAP-supported Alcatel-Lucent switches and IP phones adjacent to the switch. The following information for each device is also listed: • IP address • MAC address •...
Page 322
Configuring the Switch With WebView Using WebView Mouse- over a Click to dis- switch to play display Adjacen- switch. cies Page. informa- tion. Adjacencies page 12-20 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Help page.) Click Close or click the Close Window icon at the top-right corner to close the Help page and return to the configuration or table page. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page 12-21...
Page 324
WebView Help Using WebView page 12-22 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Licensee further acknowledges and agrees that all rights, title, and interest in and to the Licensed Materials are and shall remain with Alcatel-Lucent and its licen- sors and that no such right, license, or interest shall be asserted with respect to such copyrights and trade- marks.
Page 326
Period, a defect in the Licensed Files appears, Licensee may return the Licensed Files to Alcatel-Lucent for either replacement or, if so elected by Alcatel-Lucent, refund of amounts paid by Licensee under this License Agreement. EXCEPT FOR THE WARRANTIES SET FORTH ABOVE, THE LICENSED MATERIALS ARE LICENSED “AS IS”...
Page 327
14.Third Party Materials. Licensee is notified that the Licensed Files contain third party software and materials licensed to Alcatel-Lucent by certain third party licensors. Some third party licensors (e.g., Wind River and their licensors with respect to the Run-Time Module) are third part beneficiaries to this License Agreement with full rights of enforcement.
Alcatel-Lucent for a limited period of time. Alcatel-Lucent will provide a machine-readable copy of the applicable non-proprietary software to any requester for a cost of copying, shipping and handling.
“work based on the Program” means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 330
Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software inter- change; or, page A-6 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 331
Many people have made generous contributions to the wide range of software distributed through that system in reliance on OmniSwitch AOS Release 6 Switch Management Guide July 2010 page A-7...
Page 332
SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS. page A-8 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 333
License. URLWatch: For notice when this page changes, fill in your email address. Maintained by: Webmaster, Linux Online Inc. Last modified: 09-Aug-2000 02:03AM. Views since 16-Aug-2000: 177203. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page A-9...
ALTERNATIVELY, this product may be distributed under the terms of the GNU Public License, in which case the provisions of the GPL are required INSTEAD OF the page A-10 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Licensee, Licensee shall immediately return the EMWEB Product and any back-up copy to Alcatel- Lucent, and will certify to Alcatel-Lucent in writing that all EMWEB Product components and any copies of the software have been returned or erased by the memory of Licensee’s computer or made non-read- able.
Time Module other than in connection with operation of the product. In addition, please be advised that: (i) the Run-Time Module is licensed, not sold and that Alcatel-Lucent and its licensors retain ownership of all copies of the Run-Time Module; (ii) WIND RIVER DISCLAIMS ALL IMPLIED WARRANTIES,...
PANYING WRITTEN MATERIALS.To the maximum extent permitted by applicable law, IN NO EVENT SHALL MOTOROLA BE LIABLE FOR ANY DAMAGES WHATSOEVER. Copyright (C) Motorola, Inc. 1989-2001 All rights reserved. Version 13.1 OmniSwitch AOS Release 6 Switch Management Guide July 2010 page A-13...
3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by the University of California, Berkeley and its contributors. page A-14 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Provided with this software is an open source implementation of the Lightweight Directory Access Proto- col (LDAP). Version 3 Copyright (C) 1990, 1998, 1999, Regents of the University of Michigan, A. Hartgers, Juan C. Gomez. All rights reserved. OmniSwitch AOS Release 6 Switch Management Guide July 2010 page A-15...
Copyright (C) 1986 by University of Toronto and written by Henry Spencer. AA.Free/OpenBSD Copyright (c) 1982, 1986, 1990, 1991, 1993 The Regents of University of California. All Rights Reserved. page A-16 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 341
Troubleshooting 8-15 running configuration saved to working directory Automatic Remote Configuration network components working directory saved to certified directory TFTP File Server Command Line Interface see CLI OmniSwitch AOS Release 6 Switch Management Guide July 2010 Index-1...
Page 342
11-11 keywords 1-39 LDAP accounting servers editor Authenticated Switch Access 11-12 LDAP servers Emergency Restore for switch security 11-4 application examples 5-31 logging into the switch encryption application examples 3-48 Index-2 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 343
4-11 Secure Shell 2-5, 2-11, 11-9 Synchronization Tests 4-10 algorithms 2-13 version number 4-11 DSA key 11-11 ntp server command 4-3, 4-10 key exchange 2-13 managing the switch 11-11 OmniSwitch AOS Release 6 Switch Management Guide July 2010 Index-3...
Page 344
10-23 user database configuration file specifications 10-2 file management switch management 11-5 login 2-2, 8-2 user password-expiration command 10-13 user password-size min command 10-12 SNMP users Index-4 OmniSwitch AOS Release 6 Switch Management Guide July 2010...
Page 345
Secure Socket Layer 12-3 Webview Configuring the Switch 12-8 who command 2-15, 6-20 whoami command 6-21 wildcards 6-23 working directory copying to certified directory 5-21, 5-26 write memory command 5-17 Zmodem 1-26 OmniSwitch AOS Release 6 Switch Management Guide July 2010 Index-5...