In the hopes of avoiding the same pitfalls again in the future I’m going to document the gotchas so that I might remember to read this post and plan accordingly in the future. I’m always happy to share so I hope this can help others out there so that their 30 minute change doesn’t end up taking all night long.

This first tip will apply regardless of the number of switches you already have running, be it 1 or 7. The remaining items will only really have a bearing if you are making a standalone switch a stack for the first time.

1. The software and firmware code must match before you do anything. You should either upgrade or downgrade the switch(s) such that the software (agent) and firmware (boot or diagnostics) code is identical on all the switches you are going to stack together. Performing this task prior to stacking the switches will save you a lot of time and headaches. You can temporarily connect the new switch to your network with a temporary IP address and either upgrade or downgrade it as necessary. When you are finished make sure to factory reset the switch before trying to connect it to an existing switch or stack.

1. Make sure that only 1 switch has the base selector set near the cascade/stack ports. The top switch in the physical stack will traditionally be set to base but you should verify that the selector below the cascade/stack ports is set to base on what I’ll call the “master” switch.
2. Performing the actual stacking is pretty straight forward. If there is a stack already in place just break the stack (usually at the bottom) and connect the new switch to the last switch in the stack and to the top most switch in the stack. You need to be careful of the stack cable lengths, the default provided cable is 1.5m but you can order cables up to 5m in length if necessary. If this is a new stack you’ll need to retrieve the stacking cable that came with the original switch (I’m sure you still have it somewhere right?) and you’ll need to use both cables to complete the stacking ring. You can find some additional information and notes in this post regarding the physical changes.
3. Stack IP Address / Switch IP Address. If you are making a standalone switch a stack for the first time you’ll notice that the switch will stop pinging once it successfully stacks. You’ll need to use the serial console interface to change the switch IP address and stack IP address. You need to essentially move the switch IP address to the stack IP address field. You can blank out (0.0.0.0) the switch IP address. If the switch had the IP address of 1.1.1.1 here are the commands I would use to move that IP address to the stack interface;

   4548GT-PWR(config)#switch ip address 0.0.0.0
   4548GT-PWR(config)#stack ip address 1.1.1.1

4. Username / Password. When you stack a pair of switches for the first time you’ll notice that the username and password reverts to the factory default settings. If you haven’t changed the stack username it defaults to “RW” with no password. If you having configured a special username or password you need to reconfigure that once the switches are stacked.

   4548GT-PWR(config)#cli password ?
   read-only   Modify read-only password
   read-write  Modify read-write password
   serial      Enable/disable serial port password.
   stack       Modify stack passwords.
   switch      Modify switch (stand-alone) passwords.
   telnet      Enable/disable telnet and web password.

Those are a few of the gotchas that can turn a quick and relatively easy change into a fiasco.

Cheers!

Apparently the auto-save feature may be exhausting the number of writes that the physical flash memory is capable of. If the switch is configured with MAC address security, a feature that could possibility be causing the auto-save feature to write the configuration hundreds if not thousands of times, the flash memory may surfer from extreme “memory wear” and cease functioning properly.

Thankfully there is a “second” NVRAM flash block available.

I would highly suggest that everyone review the bulletin for themselves.

It might be wise to disable the auto-save feature and have the technicians/engineers manually save any configuration changes when necessary (similar to how Cisco switches/routers work).

Cheers!

Background:
A memory leak condition that in some cases has been shown to impact the functionality of the switch has been identified in software release 3.7.3 for the Ethernet Switch 470. This memory leak condition can result in a loss of CLI access and may result in degradation of network operation. This issue has been observed at 2 customer sites and as a result Nortel
has taken the proactive measure to remove the image from the Nortel support portal. The issue is tracked under CRQ02014086

Analysis:
The issue is due to memory leak. Nortel is currently investigating the issue, but no root cause has yet been determined. Investigations are on going and a replacement code will be posted as soon as a resolution is available. The symptom of the issue may include the following: Unable to access CLI from the Menu Interface or very slow CLI response. Additionally the switch may exhibit connectivity problems from Device Manager (JDM). As the condition progresses the switch may become unmanageable which could result in stack instability. This stack instability could then lead to reduced functionality and disruption to network traffic. To recover the switch from the memory leak condition a reboot needs to be perfomed. To determine if your switch is impacted, if you monitor the memory usage of the switch you will notice that the available free memory continues to decrease. Memory usage can be monitored from the CLI using the ‘mem-show’ command. On affected networks the free-blocks displayed by the ‘show-mem’ command will continue to decrease the longer the switch
is up.

ES470#mem-show
status bytes blocks avg block max block
——- ——— ——– ———- ———-
current
  free 4786688 147 32562 4743452 <<< number will keep decreasing
  alloc 3086928 7348 420 –
cumulative
  alloc 9979152 30147 331 –

You may also observce the following repeated messages on the local console (serial port) as additional indicators of the issue:

0x1e65734 (tLLDP): memPartAlloc: block too big – 1522 in partition 0x177e510.
0x1e65734 (tLLDP): memPartAlloc: block too big – 1522 in partition 0x177e510.
0x1e65734 (tLLDP): memPartAlloc: block too big – 1522 in partition 0x177e510.

You can find the entire bulletin here.

Cheers!

I really like the fact that you can launch either a telnet or SSH session straight from Device Manager. Over the years I’ve found PuTTY to be the best terminal application so I configured Device Manager to call PuTTY for telnet and SSH connections.

After opening Device Manager select Device -> Properties -> Current. Select “User-Defined” for both Telnet and SSH and then place “C:\Program Files\PuTTY\putty.exe” (or wherever you have PuTTY installed) into option box and then use “-telnet <ip>” for telnet sessions and “-ssh <ip>” for SSH sessions (see figure above).

Another problem you can sometimes run into with Device Manager is the relative easy with which you can mistakenly delete a row (interface, VLAN, ACL, etc). Thankfully there is an option within JDM that you can enable called “Confirm row deletion” (see figure above).

Cheers!

Cheers!

These are very small business offices, doctor’s offices and senior executives homes where we don’t need the features that an Ethernet Routing Switch 4500 or 5500 series switch would provide. There are really fours variables to keep in mind; price, size, noise and features. One of the features we were looking for was Power over Ethernet (PoE) ports for an IP phone and/or a wireless access port.

We evaluated the BES50FE-24T PWR and the BES50GE-24T PWR and they both performed nicely in bandwidth tests. We did observe some odd behavior with some different end devices that all seemed to be resolved when we upgraded the switches to that latest software release (v1.0.5.0 for the BES50GE-24TPWR and v1.0.3.0 for the BES50FE-24TPWR).

Quick Install Guide

Default Username: nnadmin
Default Password: PlsChgMe!

Default Read Only SNMP String: PlsChgMe!RO
Default Read-Write SNMP String: PlsChgMe!RW

I’ve generally found that the BES50 will default to an IP address of 192.168.1.128 although Nortel advises the use of the Nortel Business Element Manager to search for the device (please refer to the Quick Install Guide above).

Cheers!

Update: January 12, 2009

How do you factory reset the BES50?

When pressed for 5 seconds, the reset button reinitializes the switch. This returns the switch to the factory default settings if, for example, you forget the default IP address, your user name, or your password.

The reset button is found on the front of the BES50 as depicted in the graphic above. The actual button is approximately 1 inch inside the faceplate and Nortel advises that you use a non-metallic object to depress the button.

Cheers!

I’m currently using two CentOS Linux servers to provide time services to over 10,000 devices in the network. My two servers are themselves syncing up with pool.ntp.org over the Internet. With CentOS I didn’t need to build the software, I only needed to install the NTP package through YUM and then configure it appropriately. It was really easy, much easier than it was say 10 years ago when you had to compile the NTP software (University of Delaware) by hand hoping you didn’t run into some missing library of version mismatch with the compiler.

We would first need to install the NTP software using YUM;
[root@hostname ]# yum install ntp

We would need to start the NTP daemons;
[root@hostname ]# service ntpd start

We would need to configure the server so the NTP software would start after every reboot;
[root@hostname ]# chkconfig ntpd on

With that step done we’d have ourselves and internal NTP server which would sync itself to the Internet (default configuration file in /etc/ntp.conf) and then our internal devices would sync to it.

Here are the CLI commands for configuring the ERS 8600 switch properly;

config bootconfig tz dst-name "EDT"
config bootconfig tz name "EST"
config bootconfig tz offset-from-utc 300
config bootconfig tz dst-end M11.1.0/0200
config bootconfig tz dst-start M3.2.0/0200

config ntp server create a.b.c.d
config ntp server create a.b.c.d
config ntp server create a.b.c.d
config ntp enable true

I’ve add the two configuration statements for the new Daylight Saving Time changes that were enacted in 2007. Please also note that I’m in the Eastern timezone (EDT/EST) so if you’re not in the Eastern timezone you would need to supplement your timezone abbreviation appropriately.

Here are the commands for an ES460,ES470,ERS4500 or ERS5500 series switch

5520-48T-PWR# config terminal
5520-48T-PWR (config)# sntp server primary a.b.c.d
5520-48T-PWR (config)# sntp server secondary a.b.c.d
5520-48T-PWR (config)# sntp enable
5520-48T-PWR (config)# exit5520-48T-PWR#

The ERS 4500/5500 Series now supports Daylight Saving Time. This feature is NOT supported on the ES460 and ES470 switches. –-CORRECTION: this feature is support on the ES460/470 as of v3.7.x software, please see update at the bottom of this post for additional information. If you wanted to configure the timezone on the ERS4500/ERS5500 switch you would use the following commands;

5520-48T-PWR>enable
5520-48T-PWR# config terminal
5520-48T-PWR (config)# clock time-zone EST -5
5520-48T-PWR (config)# clock summer-time EDT date 9 Mar 2008 2:00 2 Nov 2008 2:00 +60
5520-48T-PWR (config)# exit
5520-48T-PWR#

You can use “show sntp” and “show clock” the ERS 5500 Series switch to check out your changes;

5530-24TFD#show sntp
SNTP Status:                      Enabled
Primary server address:         10.1.20.1
Secondary server address:     10.1.20.1
Sync interval:                      24 hours
Last sync source:                 10.1.20.1
Primary server sync failures:    0
Secondary server sync failures: 0
Last sync time:                  2008-06-14 14:47:31 GMT-04:00
Next sync time:                  2008-06-15 14:47:31 GMT-04:00
Current time:                     2008-06-15 13:52:24 GMT-04:00

5530-24TFD#show clock
Current SNTP time  :    2008-06-15 13:52:29 GMT-04:00
Summer time is set to:
start: 28 March 2007 at 02:00
end: 30 August 2008 at 15:00
Offset: 60 minutes. Timezone will be 'EDT'Time Zone is set to 'EST', offset from UTC is -05:00

Hopefully this will provide a brief look into NTP,SNTP and you’ll agree that it really isn’t that hard to setup and configure properly.

Cheers!

Update: June 17, 2008

After posting the article above I decided I would confirm that the Daylight Saving Time feature was not available on the Nortel Ethernet Switch 460/470. I found that as of v3.7.x software the feature is supported on the switches. The configuration commands are identical to the ERS4500/ERS5500 switches. Here’s an example specifically for the Eastern timezone.

470-48T>enable470-48T#config term
Enter configuration commands, one per line.  End with CNTL/Z.
470-48T(config)#clock time-zone EST -5 00
470-48T(config)#clock summer-time EDT date 9 Mar 2008 02:00 2 Nov 2008 2:00 +60
470-48T(config)#show clock summer-time
Summer time is set to:start: 9 March 2008 at 02:00end: 2 November 2008 at 02:00
Offset: 60 minutes. Timezone will be 'EDT'
470-48T(config)#exit

Cheers!

Background:

An Ethernet port can operate either in Full or Half Duplex mode. A duplex mismatch is created when using inconsistent settings for duplex mode, i.e. full duplex on the port and half duplex on the connected device (or vise versa). This situation is most likely created when using inconsistent and inappropriate settings for auto-negotiation, i.e. auto-negotiation enabled on the port and disabled on the device connected to the port (or vise versa). The duplex mismatch problem can be corrected by setting consistent duplex mode on both the port and the connected device when hard setting the duplex mode or by enabling auto-negotiation on both the port and the connected device, when using auto-negotiation.

Ethernet ports of most devices today have auto-negotiation enabled as the default setting. When a device with auto-negotiation disabled is connected to a port that has auto-negotiation enabled, the port is not able to detect the duplex setting of the connected device and falls back to half duplex thus potentially causing a duplex mismatch. A duplex mismatch will cause physical layer errors and performance degradation of the connection. Any mixture of auto-negotiation enabled on one-side and auto-negotiation disabled on the other side is an “unsupported” configuration. The setting on both sides of any connection must match for proper operation. A problem has been identified when there is a duplex mismatch on one or more ports of an 8648 GTR module. For an 8648 GTR module, a duplex mismatch may cause complete communication issues on the port with the mis-matched duplex or occasionally on the entire lane (Port 1-24 or Port 25-48) that contains the port with mismatched duplex. The module can be recovered from the situation when physically reseated, but for complete recovery the mis-configuration must also be corrected. Correcting the duplex setting configuration alone will not recover the communication loss until the module is reseated as well.

Analysis:

A duplex mismatch may cause communication loss on a port or an entire lane of an 8648 GTR module. When there is such a communication loss, the debugging commands show that the ingress stats look normal with all traffic ingressing the impacted port(s) and the MAC addresses learned in the Forwarding Database Table for the devices connected to the port(s), but no traffic egressing the port(s).

Recommendations:

Nortel recommends proper configuration of auto-negotiation whenever possible to prevent a duplex mismatch situation. To avoid a duplex mismatch, auto-negotiation must be enabled on the port as well as the device connected to that port.

You can find a copy of the bulletin in PDF format right here. Interestingly there are quite a few restrictions and issues with the 8648GTR that I should probably discuss them here when the time allows.

Nortel is also in the process of releasing v5.0 software for the Ethernet Routing Switch 8600 along with four new IO modules (cards); 8612XLRS, 8634XGRS, 8648GBRS and 8648GTRS. I hope to talk about those in the very near future.

Cheers!

There are multiple models to choose from in both the 24port and 48port form factors, there are PoE (Power over Ethernet) models as well.

A full list of the models and there feature sets can be found here.

There are some re-occuring questions from folks that I thought I would post on;

What is the default username and password?

Username: nnadmin
Password: PlsChgMe!

How can I factory reset the switch or recover the password?

There is a reset button in the front of the switch depicted in the figure below as (2);

What is the default IP address of the switch?

The default IP address is 192.168.1.132 with a subnet mask of 255.255.255.0.

How can I login to the switch?

Just give your desktop or laptop a static IP address in the 192.168.1.0/24 network, connect your desktop or laptop to any of the RJ45 ports and open a web browser to http://192.168.1.132.

While I’m happy to post this information here let me just point out that all this information is in the documentation if you chose to RTFM.

Cheers!