■SRT100のバックアップ、初期化、復元
「grep」が使えるモデル。
シリアル接続に使うのはクロスケーブル(リバースケーブル)。
IP設定(初期IPなし)をして、Web管理コンソールに接続が出来るまで。
初期パスワードは「doremi」
Password:
> show status boot
Running EXEC: SRT100 Rev.10.00.46 (Mon Jun 29 15:06:23 2009)
Previous EXEC: (unknown)
Power-on boot
> show environment | grep -i rev
SRT100 Rev.10.00.46 (Mon Jun 29 15:06:23 2009)
YAMAHA Policy Filtering module Rev.1.05(48)
> administrator
Password:
Saving ... CONFIG0 Done .
> show config list
No. Date Time Size Sects Comment
----- ---------- -------- ------- ------- ------------------------------------
* 0 1980/01/01 09:02:35 283 133/133
----- ---------- -------- ------- ------- ------------------------------------
■SRT100自身がtftpサーバになるので、debian側ではtftp clientを用意する。
$ dpkg -l tftp | tail -1 | sed s/" *"/","/g
ii,tftp,0.17-18,amd64,Trivial file transfer protocol client
$ sudo /sbin/ifconfig eth2 172.31.31.254/24 up
$ sudo route add -net 172.31.31.0/24 gw 172.31.31.200 eth2
■RTX1000側のtftpサーバの有効化とIP設定
LANケーブルはLAN1のポート1に接続
> administrator
Password:
Saving ... CONFIG0 Done .
received from 172.31.31.254: icmp_seq=0 ttl=63 time=0.554ms
received from 172.31.31.254: icmp_seq=1 ttl=63 time=0.507ms
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max = 0.507/0.530/0.554 ms
Saving ... CONFIG0 Done .
ss=00:XX:XX:XX:XX:XX
login password *
administrator password *
console character ascii
ip lan1 address 172.31.31.200/24
tftp host any
dhcp server rfc2131 compliant except remain-silent
dhcp scope 1 192.168.100.2-192.168.100.191/24
> show status lan1
LAN1
Description:
IP Address: 172.31.31.200/24
Ethernet Address: XX:XX:XX:XX:XX:XX
Operation mode setting: Type (Link status)
PORT1: Auto Negotiation (100BASE-TX Full Duplex)
PORT2: Auto Negotiation (Link Down)
PORT3: Auto Negotiation (Link Down)
PORT4: Auto Negotiation (Link Down)
Maximum Transmission Unit(MTU): 1500 octets
Promiscuous mode: OFF
Transmitted: 15 packets (1260 octets)
IPv4(all/fastpath): 9 packets / 0 packet
IPv6(all/fastpath): 1 packet / 0 packet
Received: 11 packets (920 octets)
IPv4: 9 packets
IPv6: 0 packet
■ルータなので、GWやルーティングはRTX1000側にも設定出来る
バックアップ、リストア時のパスワードは平文保存となる為、ここでは設定しない。
> administrator
Password:
■configのバックアップ(自動/初期パスワード)
$ (sleep 1; echo "get config/doremi SRX100_config.`env LANG=C date '+%Y%m%d'`"; \
sleep 1; echo "quit";) | tftp 172.31.31.200;echo
tftp> Received 2110 bytes in 0.1 seconds
tftp>
■debian側に転送されたconfigの確認
$ ls SRX100_config*
SRX100_config.20140517
$ grep Reporting SRX100_config.20140517
$ grep -v "^\$\|^#" SRX100_config.20140517
login password doremi
administrator password doremi
timezone +09:00
console character ascii
ip lan1 address 172.31.31.200/24
pp disable all
no tunnel enable all
tftp host any
dhcp server rfc2131 compliant except remain-silent
dhcp scope 1 192.168.100.2-192.168.100.191/24
■初期化
Password:
Restarting ...
ss=00:XX:XX:XX:XX:XX
login password *
administrator password *
ip lan1 address 192.168.100.1/24
dhcp service server
dhcp server rfc2131 compliant except remain-silent
dhcp scope 1 192.168.100.2-192.168.100.191/24
■復元
tftpの設定は必要なので、debian側に保存している最小構成をシリアルコンソールに流し込む方が早い。
パスワード設定は別途行うものとする。tftpサーバはリストア時に含めない(停止のまま)。
$ echo -n "date ";date "+%Y-%m-%d";\
echo -n "time ";date '+%H:%M:%S';\
grep -v "^#\|^\$\|^login\|^administrator\|^tftp" SRX100_config.20140517; \
echo "save"
date 2014-05-17
time 21:09:49
timezone +09:00
console character ascii
ip lan1 address 172.31.31.200/24
pp disable all
no tunnel enable all
dhcp server rfc2131 compliant except remain-silent
dhcp scope 1 192.168.100.2-192.168.100.191/24
save
> administrator
Password:
Saving ... CONFIG0 Done .