Data Center (VDX)

Expand all | Collapse all

vdx-6740 firmware/nos update via ftp, scp, sftp does work.

  • 1.  vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 06:49
    hi everyone,

    I have a switch from which I can ssh into ftp server, that is on a vlan. Other nodes on that vlan can ftp into that server okey.
    The same switch I can ssh into its management interface cannot ping back that node from which I ssh. (that's is weird right?)

    Now, when I try "firmware download" (on the vlan, obviously) via ftp, sftp, scp it all fails, example:

    sw0# firmware download ftp host 10.5.4.97 directory nos7.2.0a1 user anonymous
    Password: *********
    Performing system sanity check...
    The server is inaccessible or firmware path is invalid. Please make sure the server name or IP address, the user/password and the
    firmware path are valid.

    I can see that the switch does not even get to the ftp server, again, I can ssh from the switch to that IP address. SPC does not work neither.

    sw0# firmware download scp host 10.5.4.97 directory /home.sysops/appmgr/nos7.2.0a1 user appmgr
    Password: ************
    Performing system sanity check...
    The server is inaccessible or firmware path is invalid. Please make sure the server name or IP address, the user/password and the
    firmware path are valid and the server supports SSH password authentication.

    Because it's just my first foray into Brocade I hope, expect, I'm missing something and it's not some bad fault, malfunction on switch's part.

    What is it that I am missing, doing wrong?

    many thanks, L.


  • 2.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 10:55
    Hi L,

    For upgrade from FTP server:
    1. please try create user/password (sometimes anonymous doesn't work)
    2. please try to map nos7.2.0a1 folder as User directory (then use "/" as directory)

    Example:
    # firmware download ftp host 10.5.4.97 directory / user admin password admin123 [/code]You can try ping ftp server from switch
    #ping 10.5.4.97 vrf mgmt-vrf[/code]


  • 3.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 12:11
    hi Yulia,

    okey, now, why would I want to ping an IP on a vlan from management interface?
    Are you saying that firmware updates can only be done via this interface?

    And why switch be unsuccessful pinging the client from which I'm sshing into the switch? (and that is direct attach link, no other switches in between, but also the same with other switches in between)



  • 4.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 14:44
    Okey, I think I might be getting somewhere, this seems new:

    sw0# firmware download ftp directory / host 10.214.234.97 user anonymous password anonymous Performing system sanity check... Firmware download not supported. Please change the vcs mode to Logical Chassis and try again. The preinstall script failed.
    [/code]


  • 5.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 14:49
    check your vcs mode with show vcs command:
    show vcs[/code]On NOS 7.x only logical-chassis supported, so you need to change mode before upgrade
    Example:
    # vcs vcsid 1 rbridge 1 logical-chassis enable[/code]


  • 6.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 14:51
    but I'm on 6.x
    Here:

    sw0# show vcs Config Mode : Local-Only VCS Mode : Fabric Cluster VCS ID : 10 Total Number of Nodes : 1 Rbridge-Id WWN Management IP VCS Status Fabric Status HostName -------------------------------------------------------------------------------------------------------------- 1 >10:00:C4:F5:7C:93:70:57* 10.214.234.95 Online Online sw0 [/code]Do I still need to change?


  • 7.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 12:37
    That above led me to that one quick question - must firmware updates be done ONLY via management interface? I'd expect the answer to be NO - right?


  • 8.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-20-2018 06:48
    now this...

    Performing system sanity check... Firmware download to the target firmware version cannot preserve the configuration. Please specify the default-config option in the command-line for download. [/code]is it necessary and why?


  • 9.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-20-2018 10:58
    You are going from NOS6.0 to 7.2, if you want to keep your config you can upgrade from 6.0 to 7.0 then to 7.1 and then to 7.2.


  • 10.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-20-2018 11:01
    please review release notes for NOS7.2.0a "SOFTWARE UPGRADE AND DOWNGRADE" section for more details


  • 11.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 12:11
    Because you didn't provide a lot of information about the network e.g. a network diagram or a full switch config we assume things that are not mentioned.

    Use the right vrf if it isn't the mgmt one.

    If the works use also the vrf option in the download cmd.

    https://documentation.extremenetworks.com/networkos/SW/73x/nos-730-command-reference.pdf


  • 12.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 12:11
    Here is my switch:

    sw0# show version Network Operating System Software Network Operating System Version: 6.0.2 Copyright (c) 1995-2015 Brocade Communications Systems, Inc. Firmware name: 6.0.2e Build Time: 10:42:08 Apr 10, 2017 Install Time: 12:25:22 May 30, 2017 Kernel: 2.6.34.6 BootProm: 1.0.1 Control Processor: e500mc with 4096 MB of memory Slot Name Primary/Secondary Versions Status --------------------------------------------------------------------------- SW/0 NOS 6.0.2e ACTIVE* 6.0.2e SW/1 NOS 6.0.2e STANDBY 6.0.2e [/code]And there is just one vlan with interface and IP 10.5.4.253.
    Mgmt iface is 10.214.234.95.

    It really should be simple, right?
    Because switch cannot even ping anything on mgmt interface that disqualifies it to use for network firmware updates, I assumed, no?

    So I use switch's vlan interface with ftp, etc. Not that I use, I assume that switch does it for it's not stupid and since I can ping and ssh from the switch to that 10.5.4.97 server.

    It does not seem to be an option for vrf in switch current NOS version.

    Again, when I try "firmware download" whether ftp, sftp, scp I'm watching server's end and it does not even look like switch gets to the server !?
    Other nodes which are connected to switch on that one single vlan do scp, ftp and sftp to that 10.5.4.97 just fine.



  • 13.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 12:37
    Yes, on NOS6.x upgrade should be via mgmt vrf, on NOS7.x you can choose which vrf to use.



  • 14.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 12:37
    Any chance this could be clarified ultimately?

    You see, mgmt iface does not want to get anywhere, no ping no ssh via mgmt iface - would you have suggestions as to why?

    And vlan iface does ssh out but "firmware update" via ftp, sfp, sftp on vlan fails with errors as above.

    If your "should" means "must" then at least I know I should stop trying with updates via vlan iface - which would probably be worst as, again, mgmt iface does not want to ping anything and I have no! idea why that is.


  • 15.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 12:37
    You can use Inband (any port) or Out Of Band (mgmt interface) connectivity for the upgrade, but this interface MUST be in mgmt-vrf (on NOS6.x)
    Hard to tell why you can not ping your mgmt interface (different subnet may be), could be any network issue (wrong default gateway or routing problem)


  • 16.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 12:37
    okey,
    Switch's config is pretty vanilla default, I think after a config clearing.

    sw0# show ip route Total number of IP routes: 2 Type Codes - B:BGP D:Connected O:OSPF S:Static +:Leaked route; Cost - Dist/Metric BGP Codes - i:iBGP e:eBGP OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2 s:Sham Link Destination Gateway Port Cost Type Uptime 10.5.4.0/24 DIRECT Ve 4 0/0 D 5d4h 10.5.4.253/32 DIRECT Ve 4 0/0 D 5d4h [/code]So, nodes on that vlan, the switch can ping okey.

    But mgmt iface I did nothing about in terms of config. If I can ssh to switch via mgmt iface then assume it should work the other way back, no?
    No extra configuration, like routing, should be needed to do manually, if at all, no?
    And again, to stress, the connection between the node from I ssh to switch's mgmt inface and switch is direct, meaning no other devices in between.

    And, how to put an interface into mgmt-vrf ?


  • 17.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 12:37
    please try:
    sh ip route vrf mgmt-vrf[/code]


  • 18.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 12:37
    here:
    sw0# sh ip route vrf mgmt-vrf Total number of IP routes: 3 Type Codes - B:BGP D:Connected O:OSPF S:Static +:Leaked route; Cost - Dist/Metric BGP Codes - i:iBGP e:eBGP OSPF Codes - i:Inter Area 1:External Type 1 2:External Type 2 s:Sham Link Destination Gateway Port Cost Type Uptime 0.0.0.0/0 10.214.234.1 mgmt 1 1/1 S 6d23h 10.214.234.0/24 DIRECT mgmt 1 0/0 D 6d23h 10.214.234.95/32 DIRECT mgmt 1 0/0 D 6d23h[/code]
    from rs232 terminal session, ping to switch's own mgmt iface:

    sw0# ping 10.214.234.95 Type Control-c to abort PING 10.214.234.95 (10.214.234.95): 56 data bytes ping: sendto: Network is unreachable [/code]but can ping from outside, can ssh to it from outside, and...

    sw0# show interface Management interface Management 1/0 ip address "static 10.214.234.95/24" ip gateway-address 10.214.234.1 ipv6 ipv6-address [ ] ipv6 ipv6-gateways [ ] line-speed actual "1000baseT, Duplex: Full" line-speed configured Auto oper-status up[/code]


  • 19.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 12:37
    When you try to ping 10.214.234.95 you should specify mgmt-vrf
    sw0# ping 10.214.234.95 vrf mgmt-vrf[/code]


  • 20.  RE: vdx-6740 firmware/nos update via ftp, scp, sftp does work.

    Posted 09-19-2018 14:51
    Yes, you are going to upgrade to NOS7.x where only logical-chassis is supported