■Cisco Switch(2940)のバックアップ、初期化、復元、アップデート
今回は1Gx1ポート、100Mx8ポートのスイッチ。
Switch> enable
Switch#show version | include ^cisco
cisco WS-C2940-8TT-S (RC32300) processor (revision D0) with 20681K bytes of memory.
Switch#show interfaces status
Port Name Status Vlan Duplex Speed Type
Fa0/1 connected 1 a-full a-100 10/100BaseTX
Fa0/2 notconnect 1 auto auto 10/100BaseTX
Fa0/3 notconnect 1 auto auto 10/100BaseTX
Fa0/4 notconnect 1 auto auto 10/100BaseTX
Fa0/5 notconnect 1 auto auto 10/100BaseTX
Fa0/6 notconnect 1 auto auto 10/100BaseTX
Fa0/7 notconnect 1 auto auto 10/100BaseTX
Fa0/8 notconnect 1 auto auto 10/100BaseTX
Gi0/1 notconnect 1 auto auto 10/100/1000BaseTX
■対象の確認
Switch#dir flash:
Directory of flash:/
2 -rwx 274 Mar 1 1993 00:01:40 +00:00 info
4 -rwx 5 Apr 24 1993 13:51:46 +00:00 private-config.text.renamed
6 drwx 192 Mar 1 1993 00:04:59 +00:00 c2940-i6q4l2-mz.121-20.EA1a
91 -rwx 274 Mar 1 1993 00:04:59 +00:00 info.ver
7612416 bytes total (1451520 bytes free)
Switch#dir flash:c2940-i6q4l2-mz.121-20.EA1a
Directory of flash:/c2940-i6q4l2-mz.121-20.EA1a/
7 drwx 2688 Mar 1 1993 00:03:15 +00:00 html
89 -rwx 3064857 Mar 1 1993 00:04:59 +00:00 c2940-i6q4l2-mz.121-20.EA1a.bin
90 -rwx 274 Mar 1 1993 00:04:59 +00:00 info
7612416 bytes total (1449984 bytes free)
■debian側
$ sudo /sbin/ifconfig eth2 172.31.31.254/24 up
$ sudo route add -net 172.31.31.0/24 gw 172.31.31.253 eth2
$ ls /srv/tftp/
$ netstat -an | grep :69
udp 0 0 0.0.0.0:69 0.0.0.0:*
■VLAN 1にIPを設定
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#interface vlan 1
Switch(config)#no shutdown
Switch(config-if)#ip address 172.31.31.253 255.255.255.0
Switch(config-if)#exit
Switch(config)#ip default-gateway 172.31.31.254
Switch(config)#interface fastEthernet 0/1
Switch(config-if)#no shutdown
Switch(config-if)#exit
Switch(config)#exit
Switch#write memory
Building configuration...
[OK]
Switch#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
Switch#show interfaces fastEthernet 0/1 | include connect
FastEthernet0/1 is up, line protocol is up (connected)
Switch#show interfaces status | include full
Fa0/1 connected 1 a-full a-100 10/100BaseTX
Switch#show running-config interface vlan 1
Building configuration...
Current configuration : 92 bytes
!
interface Vlan1
ip address 172.31.31.253 255.255.255.0
no ip route-cache
no shutdown
end
Switch#show vlan id 1
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Gi0/1
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
Remote SPAN VLAN
----------------
Disabled
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Switch#
■tftpサーバにバックアップ
「private-config.text*」以外は成功
Switch#copy running-config flash:/backup.config
Destination filename [backup.config]?
687 bytes copied in 0.920 secs (747 bytes/sec)
Switch#copy flash:backup.config tftp:
Address or name of remote host []? 172.31.31.254
Destination filename [backup.config]?
!!
687 bytes copied in 0.016 secs (42938 bytes/sec)
Switch#copy flash:info tftp:
Address or name of remote host []? 172.31.31.254
Destination filename [info]?
!!
274 bytes copied in 0.064 secs (4281 bytes/sec)
Switch#copy flash:info.ver tftp:
Address or name of remote host []? 172.31.31.254
Destination filename [info.ver]?
!!
274 bytes copied in 0.016 secs (17125 bytes/sec)
Switch#copy flash:private-config.text tftp:
Address or name of remote host []? 172.31.31.254
Destination filename [private-config.text]?
%Error opening flash:private-config.text (Permission denied)
Switch#copy flash:private-config.text.renamed tftp:
Address or name of remote host []? 172.31.31.254
Destination filename [private-config.text.renamed]?
%Error opening flash:private-config.text.renamed (Permission denied)
Switch#copy flash:config.text tftp:
Address or name of remote host []? 172.31.31.254
Destination filename [config.text]?
!!
687 bytes copied in 0.016 secs (42938 bytes/sec)
Switch#archive upload-sw /version c2940-i6q4l2-mz.121-20.EA1a tftp://172.31.31.254/c2940-i6q4l2-mz.121-20.EA1a.tar
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
...
archiving c2940-i6q4l2-mz.121-20.EA1a/info (274 bytes)
archiving info.ver (274 bytes)
Switch#
■debian側から確認
$ env LANG=C ls -l /srv/tftp/
total 6084
-rw-r--r-- 1 nobody nogroup 687 May 13 20:27 backup.config
-rw-r--r-- 1 nobody nogroup 6198272 May 13 20:23 c2940-i6q4l2-mz.121-20.EA1a.tar
-rw-r--r-- 1 nobody nogroup 687 May 13 20:13 config.text
-rw-r--r-- 1 nobody nogroup 274 May 13 20:11 info
-rw-r--r-- 1 nobody nogroup 274 May 13 20:12 info.ver
■private-config.textについて
起動時のコンフィグファイルなので削除のみ行える。
つまり「startup-config」=「private-config.text」
Switch#show boot
BOOT path-list:
Config file: flash:/config.text
Private Config file: flash:/private-config.text
Enable Break: no
Manual Boot: no
HELPER path-list:
NVRAM/Config file
buffer size: 32768
Switch#delete flash:private-config.text.old
Delete filename [private-config.text.old]?
Delete flash:private-config.text.old? [confirm]
■「startup-config」=「private-config.text」の確認方法
サイズが同じでMD5SUM値が同じ。
Switch#dir nvram:/startup-config
Directory of nvram:/startup-config
30 -rw- 687 <no date> startup-config
32768 bytes total (32024 bytes free)
Directory of flash:/backup.config
2 -rwx 687 Mar 1 1993 00:56:29 +00:00 backup.config
7612416 bytes total (1450496 bytes free)
Switch#verify /md5 flash:/backup.config
.Done!
verify /md5 (flash:/backup.config) = 3da123aa635141a7bfab317881f66aba
Switch#verify /md5 nvram:startup-config
.Done!
verify /md5 (nvram:startup-config) = 3da123aa635141a7bfab317881f66aba
■初期化
「vlan.dat」があるなら削除
「vlan.dat」の削除と「startup-config」の削除の順番はどちらからでも良い。
Switch#delete flash:vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
witch#erase startup-config
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
Erase of nvram: complete
Switch#reload
...
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]:no
Press RETURN to get started!
Switch>enable
Switch#dir system:
Directory of system:/
2 dr-x 0 <no date> memory
1 -rw- 639 <no date> running-config
No space information available
■「flash:backup.config」からの復元
最小限のバックアップはflashに置いておくべき。
Switch#show running-config | include 172
Switch#
Switch#more flash:backup.config | include 172
ip address 172.31.31.253 255.255.255.0
ip default-gateway 172.31.31.254
Switch#copy flash:backup.config system:running-config
Destination filename [running-config]?
687 bytes copied in 0.544 secs (1263 bytes/sec)
Switch#verify /md5 system:running-config
.Done!
verify /md5 (system:running-config) = 6811f91449343b1447e3b19336fd9613
Switch#verify /md5 system:running-config
.Done!
verify /md5 (system:running-config) = 719112622987cbd65a29b8b11a424a4f
Switch#show running-config | include 172
ip address 172.31.31.253 255.255.255.0
ip default-gateway 172.31.31.254
■アップデートモジュールをdebian側に配置
$ tar tvf /srv/tftp/c2940-i6q4l2-tar.121-22.EA14.tar | grep bin\$ | awk '{print $NF}'
c2940-i6q4l2-mz.121-22.EA14/c2940-i6q4l2-mz.121-22.EA14.bin
$ sudo chown -R nobody:nogroup /srv/tftp/c2940-i6q4l2-tar.121-22.EA14.tar
■既存のIOS削除、tftp経由でアップデート。
Switch#show version | include bin
System image file is "flash:/c2940-i6q4l2-mz.121-20.EA1a/c2940-i6q4l2-mz.121-20.EA1a.bin"
Switch#cd flash:c2940-i6q4l2-mz.121-20.EA1a
Switch#delete /recursive flash:/c2940-i6q4l2-mz.121-20.EA1a
Delete filename [c2940-i6q4l2-mz.121-20.EA1a]?
Examine files in directory flash:/c2940-i6q4l2-mz.121-20.EA1a? [confirm]
Examine files in directory flash:/c2940-i6q4l2-mz.121-20.EA1a/html? [confirm]
Delete flash:/c2940-i6q4l2-mz.121-20.EA1a/html/cms_boot.jar? [confirm]
Delete flash:/c2940-i6q4l2-mz.121-20.EA1a/html/cms_13.html? [confirm]
Delete flash:/c2940-i6q4l2-mz.121-20.EA1a/html/custom_cms.html? [confirm]
Delete flash:/c2940-i6q4l2-mz.121-20.EA1a/html/start.html? [confirm]
...
Switch#archive download-sw tftp://172.31.31.254/c2940-i6q4l2-tar.121-22.EA14.tar
examining image...
Loading c2940-i6q4l2-tar.121-22.EA14.tar from 172.31.31.254 (via Vlan1): !
extracting info (274 bytes)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
...
[OK - 5109760 bytes]
New software image installed in flash:/c2940-i6q4l2-mz.121-22.EA14
Configuring system to use new image...done.
Switch#reload
System configuration has been modified. Save? [yes/no]: no
Proceed with reload? [confirm]
...
Would you like to enter the initial configuration dialog? [yes/no]:no
Press RETURN to get started!
Switch>
■アップデート後の確認
Switch>enable
Switch#show boot
BOOT path-list: flash:/c2940-i6q4l2-mz.121-22.EA14/c2940-i6q4l2-mz.121-22.EA14.bin
Config file: flash:/config.text
Private Config file: flash:/private-config.text
Enable Break: no
Manual Boot: no
HELPER path-list:
NVRAM/Config file
buffer size: 32768
Timeout for Config
Download: 0 seconds
Config Download
via DHCP: disabled (next boot: disabled)
Switch#show version | include ^cisco|bin
System image file is "flash:/c2940-i6q4l2-mz.121-22.EA14/c2940-i6q4l2-mz.121-22.EA14.bin"
cisco WS-C2940-8TT-S (RC32300) processor (revision D0) with 20912K bytes of memory.
■旧バージョンの最小限のコンフィグから復元
Switch#dir flash:
Directory of flash:/
2 -rwx 687 Mar 01 1993 00:56:29 +00:00 backup.config
5 drwx 192 Mar 01 1993 00:40:36 +00:00 c2940-i6q4l2-mz.121-22.EA14
7612416 bytes total (2650624 bytes free)
Switch#copy flash:backup.config system:running-config
Destination filename [running-config]?
687 bytes copied in 0.516 secs (1331 bytes/sec)
Switch#ping 172.31.31.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.31.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/202/1000 ms
Switch#ping 172.31.31.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.31.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Switch#
■最小限のバックアップということで、「small.conf」として再保存した。
Switch#write memory
Building configuration...
[OK]
Switch#copy running-config flash:small.config
Destination filename [small.config]?
714 bytes copied in 1.148 secs (622 bytes/sec)
Switch#delete flash:backup.config
Delete filename [backup.config]?
Delete flash:backup.config? [confirm]
Switch#dir flash:
Directory of flash:/
3 -rwx 714 Mar 01 1993 00:06:41 +00:00 config.text
5 drwx 192 Mar 01 1993 00:40:36 +00:00 c2940-i6q4l2-mz.121-22.EA14
4 -rwx 5 Mar 01 1993 00:06:41 +00:00 private-config.text
325 -rwx 714 Mar 01 1993 00:07:14 +00:00 small.config
7612416 bytes total (2649088 bytes free)
Switch#verify /md5 system:running-config
.Done!
verify /md5 (system:running-config) = e660003c1b56e78f2f4216840197dcb4
Switch#verify /md5 flash:small.config
.Done!
verify /md5 (flash:small.config) = e660003c1b56e78f2f4216840197dcb4
Switch#copy flash:small.config tftp://172.31.31.254
Address or name of remote host [172.31.31.254]?
Destination filename [small.config]?
!!
714 bytes copied in 0.020 secs (35700 bytes/sec)