読者です 読者をやめる 読者になる 読者になる

labunix's blog

labunixのラボUnix

SRT100のバックアップ、初期化、復元

■SRT100のバックアップ、初期化、復元
 「grep」が使えるモデル。
 シリアル接続に使うのはクロスケーブル(リバースケーブル)。
 IP設定(初期IPなし)をして、Web管理コンソールに接続が出来るまで。
 初期パスワードは「doremi」

Password:
> show status boot
 Running EXEC: SRT100 Rev.10.00.46 (Mon Jun 29 15:06:23 2009)
Previous EXEC: (unknown)
Power-on boot
> show environment | grep -i rev
SRT100 Rev.10.00.46 (Mon Jun 29 15:06:23 2009)
YAMAHA Policy Filtering module Rev.1.05(48)
> administrator 
Password: 
# console character ascii
# save 
Saving ... CONFIG0 Done .
# exit
> show config list
No.   Date       Time     Size    Sects   Comment
----- ---------- -------- ------- ------- ------------------------------------
* 0   1980/01/01 09:02:35     283 133/133 
----- ---------- -------- ------- ------- ------------------------------------

■SRT100自身がtftpサーバになるので、debian側ではtftp clientを用意する。

$ dpkg -l tftp | tail -1 | sed s/"   *"/","/g
ii,tftp,0.17-18,amd64,Trivial file transfer protocol client
$ sudo /sbin/ifconfig eth2 172.31.31.254/24 up
$ sudo route add -net 172.31.31.0/24 gw 172.31.31.200 eth2

■RTX1000側のtftpサーバの有効化とIP設定
 LANケーブルはLAN1のポート1に接続

> administrator
Password: 
# tftp host any
# ip lan1 address 172.31.31.200/24
# save
Saving ... CONFIG0 Done .
# ping -c 2 172.31.31.254 
received from 172.31.31.254: icmp_seq=0 ttl=63 time=0.554ms
received from 172.31.31.254: icmp_seq=1 ttl=63 time=0.507ms

2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max = 0.507/0.530/0.554 ms
# no dhcp service server
# date 2014-05-17
# time 21:03:00
# timezone JST
# save 
Saving ... CONFIG0 Done .
# show config 
# SRT100 Rev.10.00.46 (Mon Jun 29 15:06:23 2009)
# MAC Address : XX:XX:XX:XX:XX:XX, XX:XX:XX:XX:XX:XX 
# Memory 32Mbytes, 2LAN
# main:  SRT100 ver=c0 serial=XXXXXXXXX MAC-Address=00:XX:XX:XX:XX:XX MAC-Addre
ss=00:XX:XX:XX:XX:XX
# Reporting Date: Jan 1 09:05:20 1980
login password *
administrator password *
console character ascii
ip lan1 address 172.31.31.200/24
tftp host any
dhcp server rfc2131 compliant except remain-silent
dhcp scope 1 192.168.100.2-192.168.100.191/24
# exit
> show status lan1
LAN1
Description:                    
IP Address:                     172.31.31.200/24
Ethernet Address:               XX:XX:XX:XX:XX:XX
Operation mode setting:         Type (Link status)
               PORT1:           Auto Negotiation (100BASE-TX Full Duplex)
               PORT2:           Auto Negotiation (Link Down)
               PORT3:           Auto Negotiation (Link Down)
               PORT4:           Auto Negotiation (Link Down)
Maximum Transmission Unit(MTU): 1500 octets
Promiscuous mode:               OFF
Transmitted:                    15 packets (1260 octets)
  IPv4(all/fastpath):           9 packets / 0 packet
  IPv6(all/fastpath):           1 packet / 0 packet
Received:                       11 packets (920 octets)
  IPv4:                         9 packets
  IPv6:                         0 packet

■ルータなので、GWやルーティングはRTX1000側にも設定出来る
 バックアップ、リストア時のパスワードは平文保存となる為、ここでは設定しない。

> administrator 
Password: 
# ip route default gateway 172.31.31.254
# no ip route default gateway 

■configのバックアップ(自動/初期パスワード)

$ (sleep 1; echo "get config/doremi SRX100_config.`env LANG=C date '+%Y%m%d'`"; \
   sleep 1; echo "quit";) | tftp 172.31.31.200;echo
tftp> Received 2110 bytes in 0.1 seconds
tftp> 

■debian側に転送されたconfigの確認

$ ls SRX100_config*
SRX100_config.20140517
$ grep Reporting SRX100_config.20140517
#	Reporting Date: May 17 21:04:07 2014
$ grep -v "^\$\|^#" SRX100_config.20140517
login password doremi
administrator password doremi
timezone +09:00
console character ascii
ip lan1 address 172.31.31.200/24
pp disable all
no tunnel enable all
tftp host any
dhcp server rfc2131 compliant except remain-silent
dhcp scope 1 192.168.100.2-192.168.100.191/24

■初期化

# cold start 
Password: 
Restarting ...
# show config
# SRT100 Rev.10.00.46 (Mon Jun 29 15:06:23 2009)
# MAC Address : XX:XX:XX:XX:XX:XX, XX:XX:XX:XX:XX:XX
# Memory 32Mbytes, 2LAN
# main:  SRT100 ver=c0 serial=XXXXXXXXX MAC-Address=00:XX:XX:XX:XX:XX MAC-Addre
ss=00:XX:XX:XX:XX:XX
# Reporting Date: May 17 21:06:30 2014
login password *
administrator password *
ip lan1 address 192.168.100.1/24
dhcp service server
dhcp server rfc2131 compliant except remain-silent
dhcp scope 1 192.168.100.2-192.168.100.191/24

■復元
 tftpの設定は必要なので、debian側に保存している最小構成をシリアルコンソールに流し込む方が早い。
 パスワード設定は別途行うものとする。tftpサーバはリストア時に含めない(停止のまま)。

$ echo -n "date ";date "+%Y-%m-%d";\
  echo -n "time ";date '+%H:%M:%S';\
  grep -v "^#\|^\$\|^login\|^administrator\|^tftp" SRX100_config.20140517; \
  echo "save"
date 2014-05-17
time 21:09:49
timezone +09:00
console character ascii
ip lan1 address 172.31.31.200/24
pp disable all
no tunnel enable all
dhcp server rfc2131 compliant except remain-silent
dhcp scope 1 192.168.100.2-192.168.100.191/24
save

> administrator
Password:
# date 2014-05-17
# time 21:09:49
# timezone +09:00
# console character ascii
# ip lan1 address 172.31.31.200/24 
# pp disable all 
# no tunnel enable all
# dhcp server rfc2131 compliant except remain-silent 
# dhcp scope 1 192.168.100.2-192.168.100.191/24 
# save 
Saving ... CONFIG0 Done .