technology, networking and IP telephony
Posts tagged ERS5500
Expect Script – Daylight Saving Time
Jul 13th
I recently received a message from someone looking for someway to automated the re-configuration of over 100 switches with the correct Daylight Saving Time configuration. I explained to the person that the best long term solution would probably be to use the SNMP MIB but a quick and dirty solution might be to use Expect and call it from a Bash script looping over all the switches that needed to be re-configured. In short Expect is a scripting language that mimics user input at a TTY. The Except script is written to issue a set of commands, as if a human were typing them, and expects various responses.
The script I wrote below only support a limited number of switches. If you have a particular switch you’re welcome to modify the script to support that particular switch. The script will attempt to determine if the switch is running the software that has the features we’re looking to implement. I didn’t have a whole lot of time to test so buyer beware!
Here’s the expect script that I authored;
#!/usr/bin/expect -f
#
##############################################################################
#
# Filename: /usr/local/etc/set-nortel-timezone.exp
#
# Purpose: Expect script designed to telnet into Nortel Ethernet Switches
# and execute the CLI commands to confgure the appropriate timezone
# information, including Day Light Saving time.
#
# Switches: Ethernet Switch 460 v3.7.x
# Ethernet Switch 470 v3.7.x
# Ethernet Switch 4500 v5.2.x
# Ethernet Switch 5500 v5.1.x
#
# Author: Michael McNamara
#
# Date: June 1, 2008
#
# Version: 1.1
#
# Changes:
#
# June 8, 2008 (M.McNamara)
# - added documentation and ARGV command line checks
# June 14, 2008 (M.McNamara)
# - added check for switch version and exit if v3.6 switch software
# - added check for Username introduced in v3.7 switch software
#
#
##############################################################################
#
# This Expect script was generated by autoexpect on Wed Jul 27 17:25:28 2005
# Expect and autoexpect were both written by Don Libes, NIST.
#
set force_conservative 1 ;# set to 1 to force conservative mode even if
;# script wasn't run conservatively originally
if {$force_conservative} {
set send_slow {1 .1}
proc send {ignore arg} {
sleep .1
exp_send -s -- $arg
}
}
if {[llength $argv] != 2} {
puts "usage: set-nortel-timezone.exp < SWITCH > < PASSWORD >>"
exit 1
}
#
set PATH "/usr/local/etc/"
set TELNET "/usr/bin/telnet"
set SWITCH [lindex $argv 0]
set PASSWORD [lindex $argv 1]
set TODAY [timestamp -format %y%m%d ]
set WEEKDAY [timestamp -format %a ]
set DATE [timestamp -format %c ]
set send_human {.1 .3 1 .05 2}
#log_file $PATH/$SWITCH.expect.log
log_file /usr/local/etc/password.expect.log
log_user 0 # Disable logging to STDOUT
#log_user 1 # Enable logging to STDOUT
set timeout 10
spawn $TELNET $SWITCH
match_max 100000
expect "Trying"
expect {
"Connected" {
expect "SW:v3.6" {
send_log "\n\nThis version of software doesn't support the CLI commands!\n"
send_user "\n\nThis version of software doesn't support the CLI commands!\n"
exit 1
}
sleep 1
send -- ""
}
Timeout {
send_log "We're unable to connect to the switch $SWITCH"
send_user "We're unable to connect to the switch $SWITCH"
exit 1;
}
}
expect {
"Username" {
send -- "RW\r"
}
}
expect "Enter Password"
send -- "$PASSWORD\r"
expect {
"Main Menu" {
}
"Incorrect Password" {
send_log "$SWITCH : Incorrect Password"
exit 1
}
"Incorrect Credentials" {
send_log "$SWITCH: Incorrect Credentials"
exit 1
}
}
sleep 1
# Let's get into the CLI interface from the menu prompts
send -- "C"
# Depending on the version of software we sometimes need a CR/LF
send -- "\r"
sleep 1
# Let's wait for the CLI prompt which includes the #
expect "#"
send -- "config term\r"
send -- "clock time-zone EST -5\r"
send -- "clock summer-time EDT date 9 Mar 2008 2:00 2 Nov 2008 2:00 +60\r"
send -- "exit\r"
send -- "logout\r"
expect eof
You can download the entire Expect script from this URL; set-nortel-timezone.exp.
The command line arguments are fairly straight forward;
usage: set-nortel-timezone.exp <SWITCH> <PASSWORD>
Where the SWITCH is the fully qualified domain name (FQDN) or the IP address of the switch in question and the PASSWORD is the Read-Write password for the switch.
If you had hundreds of switches to reconfigure you could wrap this Except script in a Bash shell script similar to the following;
#!/bin/bash # ##################################################################### # # Language: Bash Shell Script # # Filename: /usr/local/etc/set-nortel-timezone.sh # # Purpose: This script will kickoff the Expect script that will # configure the Daylight Saving Time features for each switch # # Author: Michael McNamara # # Date: June 1, 2008 # # Version: 1.0 # # Changes: # # June 10, 2006 (M.McNamara) # - added remote sites into shell script processing # ##################################################################### # # Variables PATH_TO=/usr/local/etc UPGRADE=set-nortel-timezone.exp MAIL_LIST='' PAGER_LIST='' ERROR_FLAG=0 MAILEXE='/usr/bin/mutt' LOCKFILE=/tmp/trace.lck # Check paramaters if [ "$#" != 2 ] then echo "Usage: `basename $0` <password>" exit 1 fi PASSWORD=$1 ##################################################################### ##################################################################### # YOU SHOULD EDIT THE "SWITCHES" VARIABLE BELOW TO INCLUDE ALL THE # SWITCHES THAT YOU WISH TO HAVE THE EXPECT SCRIPT RUN AGAINST ##################################################################### ##################################################################### SWITCHES='sw1-5520.acme.org sw2-5520.acme.org sw3-5520.acme.org' for SWITCH in $SWITCHES do $PATH_TO/$UPGRADE $SWITCH $PASSWORD done exit
You can download the Bash shell script from this URL; set-nortel-timezone.sh.
I’ve only tested this on CentOS v5.2 but it should work on any Linux host with Expect installed although you may need to modify the path locations.
Cheers!
Network Time Protocol (NTP)
Jun 15th
I’m currently using two CentOS Linux servers to provide time services to over 10,000 devices in the network. My two servers are themselves syncing up with pool.ntp.org over the Internet. With CentOS I didn’t need to build the software, I only needed to install the NTP package through YUM and then configure it appropriately. It was really easy, much easier than it was say 10 years ago when you had to compile the NTP software (University of Delaware) by hand hoping you didn’t run into some missing library of version mismatch with the compiler.
We would first need to install the NTP software using YUM;
[root@hostname ]# yum install ntp
We would need to start the NTP daemons;
[root@hostname ]# service ntpd start
We would need to configure the server so the NTP software would start after every reboot;
[root@hostname ]# chkconfig ntpd on
With that step done we’d have ourselves and internal NTP server which would sync itself to the Internet (default configuration file in /etc/ntp.conf) and then our internal devices would sync to it.
Here are the CLI commands for configuring the ERS 8600 switch properly;
config bootconfig tz dst-name "EDT" config bootconfig tz name "EST" config bootconfig tz offset-from-utc 300 config bootconfig tz dst-end M11.1.0/0200 config bootconfig tz dst-start M3.2.0/0200 config ntp server create a.b.c.d config ntp server create a.b.c.d config ntp server create a.b.c.d config ntp enable true
I’ve add the two configuration statements for the new Daylight Saving Time changes that were enacted in 2007. Please also note that I’m in the Eastern timezone (EDT/EST) so if you’re not in the Eastern timezone you would need to supplement your timezone abbreviation appropriately.
Here are the commands for an ES460,ES470,ERS4500 or ERS5500 series switch
5520-48T-PWR# config terminal 5520-48T-PWR (config)# sntp server primary a.b.c.d 5520-48T-PWR (config)# sntp server secondary a.b.c.d 5520-48T-PWR (config)# sntp enable 5520-48T-PWR (config)# exit5520-48T-PWR#
The ERS 4500/5500 Series now supports Daylight Saving Time. This feature is NOT supported on the ES460 and ES470 switches. --CORRECTION: this feature is support on the ES460/470 as of v3.7.x software, please see update at the bottom of this post for additional information. If you wanted to configure the timezone on the ERS4500/ERS5500 switch you would use the following commands;
5520-48T-PWR>enable
5520-48T-PWR# config terminal
5520-48T-PWR (config)# clock time-zone EST -5
5520-48T-PWR (config)# clock summer-time EDT date 9 Mar 2008 2:00 2 Nov 2008 2:00 +60
5520-48T-PWR (config)# exit
5520-48T-PWR#
You can use “show sntp” and “show clock” the ERS 5500 Series switch to check out your changes;
5530-24TFD#show sntp SNTP Status: Enabled Primary server address: 10.1.20.1 Secondary server address: 10.1.20.1 Sync interval: 24 hours Last sync source: 10.1.20.1 Primary server sync failures: 0 Secondary server sync failures: 0 Last sync time: 2008-06-14 14:47:31 GMT-04:00 Next sync time: 2008-06-15 14:47:31 GMT-04:00 Current time: 2008-06-15 13:52:24 GMT-04:00 5530-24TFD#show clock Current SNTP time : 2008-06-15 13:52:29 GMT-04:00 Summer time is set to: start: 28 March 2007 at 02:00 end: 30 August 2008 at 15:00 Offset: 60 minutes. Timezone will be 'EDT'Time Zone is set to 'EST', offset from UTC is -05:00
Hopefully this will provide a brief look into NTP,SNTP and you’ll agree that it really isn’t that hard to setup and configure properly.
Cheers!
Update: June 17, 2008
After posting the article above I decided I would confirm that the Daylight Saving Time feature was not available on the Nortel Ethernet Switch 460/470. I found that as of v3.7.x software the feature is supported on the switches. The configuration commands are identical to the ERS4500/ERS5500 switches. Here’s an example specifically for the Eastern timezone.
470-48T>enable470-48T#config term Enter configuration commands, one per line. End with CNTL/Z. 470-48T(config)#clock time-zone EST -5 00 470-48T(config)#clock summer-time EDT date 9 Mar 2008 02:00 2 Nov 2008 2:00 +60 470-48T(config)#show clock summer-time Summer time is set to:start: 9 March 2008 at 02:00end: 2 November 2008 at 02:00 Offset: 60 minutes. Timezone will be 'EDT' 470-48T(config)#exit
Cheers!
How to set passwords from the CLI?
Mar 11th
Note: I’m still trying to figure out the best way to display the CLI stuff… if I use the PRE HTML tag the font is really too small, if I don’t use the PRE HTML tag the formatting (spacing) gets lost making it difficult to compare the post with the real world output from a CLI interface.
Nortel Ethernet Routing Switch 5500 Series (v5.1)
Here’s how to set the passwords on the Nortel Ethernet Routing Switch 5500 Series (v5.1 software).
5520-48T-PWR>enable 5520-48T-PWR#config term Enter configuration commands, one per line. End with CNTL/Z.
What’s the syntax to set the read-only and read-write passwords?
5520-48T-PWR(config)#cli password ? read-only Modify read-only password read-write Modify read-write password serial Enable/disable serial port password. telnet Enable/disable telnet and web password.
We’ll use the commands below to set the read-only (RO) password to “readonlypassword” and the ready-write (RW) passwords to “readwritepassword”;
5520-48T-PWR(config)#cli password read-only readonlypassword 5520-48T-PWR(config)#cli password read-write readwritepassword
What is the syntax to enable the passwords on the serial and telnet interfaces?
5520-48T-PWR(config)#cli password serial ? local Use local password. none Disable password. radius Use RADIUS password authentication. tacacs Use TACACS+ AAA services 5520-48T-PWR(config)#cli password telnet ? local Use local password. none Disable password. radius Use RADIUS password authentication. tacacs Use TACACS+ AAA services
We’ll use the commands below to set the serial and telnet interface to use the local passwords we’ve just configured above. You could also use RADIUS and TACACS authentication if you set it up.
5520-48T-PWR(config)#cli password serial local 5520-48T-PWR(config)#cli password telnet local
And let’s not forget to save the configuration file (even though the switch should auto-save it).
5520-48T-PWR(config)#copy config nvram 5520-48T-PWR(config)#exit 5520-48T-PWR#disable 5520-48T-PWR>
Nortel Ethernet Routing Switch 4500 Series (v5.0)
The Nortel Ethernet Routing Switch 4500 Series (v5.0 software) is piratically identical to the 5500 series except that it does not yet support TACACS authentication.
4548GT-PWR(config)#cli password ? read-only Modify read-only password read-write Modify read-write password serial Enable/disable serial port password. telnet Enable/disable telnet and web password. 4548GT-PWR(config)#cli password serial ? local Use local password. none Disable password. radius Use RADIUS password authentication. 4548GT-PWR(config)#cli password telnet ? local Use local password. none Disable password. radius Use RADIUS password authentication.
Nortel Ethernet Switch 460/470 (v3.7.2)
The Nortel Ethernet Switch 460/470 (v3.7.2 software) is identical to the ERS 4500 series.
470-48T>enable 470-48T#config term Enter configuration commands, one per line. End with CNTL/Z. 470-48T(config)#cli password ? read-only Modify read-only password read-write Modify read-write password serial Enable/disable serial port password. telnet Enable/disable telnet and web password. 470-48T(config)#cli password serial ? local Use local password. none Disable password. radius Use RADIUS password authentication. 470-48T(config)#cli password telnet ? local Use local password. none Disable password. radius Use RADIUS password authentication.
Hopefully this should help a few folks out.
Cheers!
ERS 5500 Advanced Routing License
Jan 23rd
The Nortel ERS 5500 Series switches support Layer 3 switching (routing) but only with static routes. The Advanced Routing License is required to provide the following features;
- OSPF (Open Shortest Path First) Routing
- VRRP (Virtual Routing Redundancy Protocol)
- ECMP (Equal Cost Multi-Path)
- SMLT (Split Multilink Trunking)
- IPFIX (IP Flow Information Export)
The license is based on a s
witch or stack – a single license will be required for a standalone switch or for a stack of up to eight units. A single license will enable all of the features described above.
I believe Nortel is selling the licenses in counts of 1, 10, 50 or 100. The licenses will be tied to the MAC address of the switch with some amount of flexibility should a switch fail or need to be replaced.
Did you know that there is a 30 day demo license available?
As of software release v5.1 there is a 30 day demo license available which you can load on the switch to evaluate the different features. I’m currently running two ERS 5500 series switches with the 30 day demo license testing the OSPF functionality.
The 30 day demo license can be found on Nortel website just below the v5.1 software release. Once you’ve retrieved the demo license (filename: 30daydemo.lic) you’ll need to place it on a TFTP server (or you could try a USB flash drive if your working with an ERS 5530 switch).
ERS5530>enable ERS5530#copy tftp license 10.101.20.1 30daydemo.lic
You would of course need to substitute your TFTP server IP address with 10.101.20.1 above. Once you’ve downloaded the license you’ll need to restart the switch to activate the license. After the switch has restarted you can use the following command to check the license;
ERS5530# show license all Number of licenses: 1 --------------------------------------------------------- License 1 --------------------------------------------------------- version: 0 md5_key: 9f8d802b 1459576e 7d0b8951 af8e1751 md5_file: 8375fe89 ea7eb5e2 fa155e7a 181410c8 time_base: 2007/06/22 08:19:01 time_modify: 2007/06/22 08:19:01 time_expiration: 28 days, 05:05:00 num_unique_ids: 1 flags: 0x0000000d SINGLE EXPIRE EMERGENCY memo: *** This is a temporary license valid for 30 days. A valid license is *** *** required for uninterrupted operation of the switch. There may be *** *** service impact if this temporary license is not removed in 30 days. ***
You can also delete the existing software licenses with the following command;
ERS5530# clear license all
Cheers!
Loading ...
RECENT COMMENTS