Tag: Cisco 6500

Cisco 6500 Cosmetic bugs

Ever had this error before on a Cisco 6500 catalyst?

6500#  sh module
Mod Ports Card Type                              Model              Serial No.
--- ----- -------------------------------------- ------------------ -----------
  1    5  Supervisor Engine 720 10GE (Active)    VS-S720-10G        SAL-------
  2   48  48-port 10/100/1000 RJ45 EtherModule   WS-X6148A-GE-TX    SAL---------
  3   48  CEF720 48 port 1000mb SFP              WS-X6748-SFP       SAL----------

Mod MAC addresses                       Hw    Fw           Sw           Status
--- ---------------------------------- ------ ------------ ------------ -------
  1  001d.45e1.ed48 to 001d.45e1.ed4f   2.0   8.5(2)       12.2(33)SXH1 Ok
  2  001f.9ec6.7d70 to 001f.9ec6.7d9f   1.6   8.4(1)       8.7(0.22)BUB Ok
  3  001b.d4ec.ab60 to 001b.d4ec.ab8f   1.12  12.2(14r)S5  12.2(33)SXH1 Ok

Mod  Sub-Module                  Model              Serial       Hw     Status
---- --------------------------- ------------------ ----------- ------- -------
  1  Policy Feature Card 3       VS-F6K-PFC3C       SAL----------  1.0    Ok
  1  MSFC3 Daughterboard         VS-F6K-MSFC3       SAL----------  1.0    Ok
  3  Centralized Forwarding Card WS-F6700-CFC        SAL----------  3.1    Ok

Mod  Online Diag Status
---- -------------------
  1  Minor Error
  2  Pass
  3  Pass

Continue reading “Cisco 6500 Cosmetic bugs”

Advertisement

Upgrading a Cisco 6500

Upgrading a 6500 is pretty straight forward, provided the necessary is done in the right order. I’ve listed the steps I would typically take to fully upgrade a single Cisco-6509-E (single Route-Processor) with a IPSEC VPN SPA blade.

Please lab this if possible BEFORE trying it in a production network. I have illustrated the steps to be taken if some of the known funnies occur during an upgrade. Feel free to use this as a guideline.

Firstly download the IOS and image versions, you need. Obviously do a little homework and check the specific IOS for known bugs using the Bug Toolkit. Don’t just pick any IOS. Make sure all the required features are relatively bug free.

Copy the downloaded files to the following locations:

  • ROMMON firmware to sup-bootflash
  • BOOTLDR to bootflash
  • IOS to flash disk

I always use FTP if possible, due to the higher transfer rates. 10.3.29.239 is connected to the switch and is running a FTP server, expecting a username:password of cisco:pass.

copy ftp://cisco:pass@10.3.29.239/c6msfc3-rm2.srec.122-17r.SX5 sup-bootflash:
copy ftp://cisco:pass@10.3.29.239/s72033-boot-mz.122-33.SXI2.bin bootflash:
copy ftp://cisco:pass@10.3.29.239/s72033-adventerprisek9_wan-mz.122-33.SXI2.bin disk0:
dir sup-bootflash:
dir bootflash:
dir disk0:

Continue reading “Upgrading a Cisco 6500”

Troubleshooting a Cisco 6500 crash

I was asked recently to share some knowledge about the support of the Cisco 6500 switches as the information available on the DOC-CD could be fairly overwhelming.

As it happens a clients Cisco-6509 switch fell over yesterday. I was called out to address the issue of the Cisco-6509 that decided it was tired of life by rebooting itself.  I’ll go through some of the steps I did to find the root cause. Obviously note the steps listed here will not find the cause of every possible issue with a 6500 switch, but can be used as a guideline.

Usually the first thing I would do is to see the reason for the reboot with a “sh version”. Look at the highlighted lines.

ndcbbnpendc0103#sh ver
Cisco Internetwork Operating System Software
IOS (tm) s72033_rp Software (s72033_rp-ADVENTERPRISEK9_WAN-M), Version 12.2(18)SXF6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by cisco Systems, Inc.
Compiled Mon 18-Sep-06 23:32 by tinhuang
Image text-base: 0x40101040, data-base: 0x42D90000

ROM: System Bootstrap, Version 12.2(17r)SX5, RELEASE SOFTWARE (fc1)
BOOTLDR: s72033_rp Software (s72033_rp-ADVENTERPRISEK9_WAN-M), Version 12.2(18)SXF6, RELEASE SOFTWARE (fc1)

ndcbbnpendc0103 uptime is 3 hours, 23 minutes
Time since ndcbbnpendc0103 switched to active is 3 hours, 22 minutes
System returned to ROM by s/w reset at 00:14:27 PDT Wed Sep 20 2006 (SP by bus error at PC 0x402DC89C, address 0x0)
System restarted at 09:13:44 ZA Wed Mar 10 2010
System image file is "disk0:s72033-adventerprisek9_wan-mz.122-18.SXF6.bin"

Obviously it is clear that the switch did a software reset caused by ‘bus error at PC 0x402DC89C, address 0x0‘.

Continue reading “Troubleshooting a Cisco 6500 crash”

FWSM IOS upgrade

If you need to upgrade the IOS on a FWSM (Firewall Switch Module), you will soon find out, that the upgrade works slightly different to routers. You don’t have the option of using multiple ‘boot system’ commands, nor can you copy more than one IOS image to the FWSM flash. But then what about failback, if you don’t have the old/current IOS version? (and no you can’t just tftp/ftp the current image from a FWSM when in-use). So now what?

A really neat yet fairly undocumented feature is how the FWSM  addresses the space allocation of the Flash memory. Refer to the application partitions (cf:4 and cf:5), see a previous post that listed the partition break down.

Application Partition cf:4 is used by default,  but cf:5 not.  Because cf:5 provides a secondary partition to boot from,  it allows you to test config on a new IOS version. If you boot of cf:5 appose to cf:4, you have a clean and fresh ‘dir flash:‘ to load a new IOS image on, while leaving the working ‘dir flash:‘ intact .

Just change the default boot partition to cf:5 from the switch, with
boot device module {MOD-NUMBER} cf:5

Then reload the module, and load the ‘test’ IOS image to flash (now cf:5) and do any tests necessary. Once happy remove the above command and upgrade to the new IOS on the default partition cf:4.

FWSM – Reset passwords and AAA

Password recovery on a router is easy, and it is even easier to find the steps if you dont know.

What if you forget the login and enable passwords, or you created a lockout situation because of AAA settings on a FWSM (Firewall Switch Module) blade inside a Cisco 6500 or Cisco 7600?

You have two options.

  1. The Cisco way
  2. The Alternative way (as always)

The Cisco way is not hard but needs understanding of the hardware. The FWSM has a 128-MB Flash memory card that stores the operating system, configurations, and other data. The Flash memory includes six partitions, referenced as ‘cf:n‘.

  • Maintenance partition (cf:1) — Contains the maintenance software.
  • Network configuration partition (cf:2) — Contains the network configuration of the maintenance software.
  • Crash dump partition (cf:3) — Stores the crash dump information.
  • Application partitions (cf:4 and cf:5)—Stores the application software image, system configuration, and ASDM. By default, the FWSM boots off and installs the IOS images on cf:4. You can use cf:5 as a test/backup partition. The contents of this partition (cf:4) is seen with the command ‘dir flash:’
  • Security context partition (cf:6)—64 MB are dedicated to this partition, which stores security context configurations (if desired) and RSA keys in a navigable file system. The contents of this partition is seen with the command ‘dir disk:’

Continue reading “FWSM – Reset passwords and AAA”