Extreme X670V Configuration
Cloud Execution Environment

Contents

1Introduction
1.1Prerequisites

2
Prepare to Configure Extreme X670V Switches

3
Configuration of Extreme X670V Switches
3.1Configuration of Traffic Switch
3.2Configuration of Storage Switch

Reference List

1   Introduction

This document describes procedures for how to install Extreme X670V switches to be used as traffic and storage switches.

1.1   Prerequisites

This section describes the prerequisites which must be fulfilled before the Extreme switches can be configured.

1.1.1   Installation Data

Required site-specific data:

A customer-specific IP and VLAN plan, based on the document IP and VLAN plan, Reference [1]
The CEE region name
A password for the Extreme admin user. The default setting is blank for a new switch.
Knowledge of the configuration. One pair of X670V switches is used as mixed switches (both traffic and storage functions on the same switch). Two pairs of X670V switches are used as one pair of traffic switches, one pair of storage switches.

The address variables used in the document are summarized in the table below. For more information, refer to the IP and VLAN plan, Reference [1]. The IP address <tftp_server_address> is that of the kickstart or LCT server, obtained during the preparation process, described in the documents SW Installation in Multi-Server Deployment and SW Installation in Single Server Deployment.

Network/VLAN

IPv4 Address Variable

fuel_ctrl_sp (admin)

<tftp_server_address>

cee_ctrl_sp

<traffic_switch_a_static_ip>

cee_ctrl_sp

<traffic_switch_b_static_ip>

cee_ctrl_sp

<storage_switch_a_static_ip>

cee_ctrl_sp

<storage_switch_b_static_ip>

1.1.2   Hardware and Software Required

Required hardware:

One or two pairs of Extreme X670V switches (see Section 1.1.1).

Required software:

EXOS version 15.6.3.1-patch1-5.

1.1.3   Tools

The following tools are required:

A kickstart server or LCT (kickstart vs LCT table), prepared with:

Software to enable console port access
TFTP server accessible, with EXOS firmware

Required cables:

One RJ45-to-RS-232 adapter is needed for console connection.
Note:  
The switches have one native management port (Ethernet) and one console port on the front panel. Both use RJ45.

One USB-to-RS-232 adapter is needed for console connection.
Two cat6 Ethernet cables
Note:  
One cable is connected directly to the management port during installation to download software to the switch if needed.

The other cable is connected to USB-to-RS-232 and RJ45-to-RS-232 for connection to console port.


Figure 1   Extreme X670V Switch, Front

1.1.4   Conditions

Before the installation can be performed, the following conditions must apply:

Software packages, see the download instructions in Section 2:

Upgrade package for Extreme firmware EXOS version 15.6.3.1-patch1-5.
Installation package for Extreme firmware SSH module for EXOS version 15.6.3.1-patch1-5. SSH mod

Other equipment:

The serial number of one of the Extreme switches, to download the software.

2   Prepare to Configure Extreme X670V Switches

This section describes the preparations needed before the Extreme switches are configured.

To prepare for the installation, perform the following:

  1. Download the needed software packages from http://www.extremenetworks.com/partners/partners-hub.aspx.
    Note:  
    The serial number of the Extreme switch is required to download the software.

  2. Create a directory for Extreme software on for the TFTP server:

    The directory for Extreme software used in this document is <tftp_boot_server_directory>/Extreme/

  3. Copy the extracted software to the directory created. Make sure that the software is accessible.

3   Configuration of Extreme X670V Switches

The Extreme switch configuration covered in this section is a manual procedure, taking each switch in turn.

If there is one pair of X670V switches, then:

  1. Follow Step 1 in Section 3.1 to Step 31 in Section 3.1 in Section 3.1 for Switch A.
  2. Follow Step 2 in Section 3.1 to Step 33 in Section 3.1 in Section 3.1 for Switch B.

If there are two pairs of X670V switches, then:

  1. Follow Step 1 in Section 3.1 to Step 31 in Section 3.1 in Section 3.1 for Traffic Switch A.
  2. Follow Step 2 in Section 3.1 to Step 33 in Section 3.1 in Section 3.1 for Traffic Switch B.
  3. Follow Step 1 in Section 3.2 to Step 30 in Section 3.2 in Section 3.2 for Storage Switch A.
  4. Follow Step 2 in Section 3.2 to Step 31 in Section 3.2 in Section 3.2 for Storage Switch B.
Note:  
The configuration must be done in the steps described in this document, to avoid creating a loop in the network.

3.1   Configuration of Traffic Switch

Configure the switch:

  1. Identify the switch having a tag name attached to it (one of the alternatives below):

    Switch

    Tag Name

    A

    <cee_region_name>_TRAFFIC_SWA_X670V

    B

    <cee_region_name>_TRAFFIC_SWB_X670V

  2. Connect USB-to-RS-232 and RJ45-to-RS-232 to the console port.
    Note:  
    See Figure 1 for the location of the port.

  3. Remove the cable from the management port if the cable was already connected. Connect the kickstart server to the Extreme switch using the Ethernet cable.
    Note:  
    See Figure 1 for the location of the port.

  4. Access the switch from the console port.
  5. If username and password are requested, continue with Step 6, otherwise go to Step 8.
  6. Check if the file default.xsf exists:

    ls default.xsf

    If the output contains ls: default.xsf: No such file or directory, continue with Step 7.

    Rename default.xsf:

    mv default.xsf default.xsf.old

    Rename file default.xsf to file default.xsf.old on switch? (y/N)

    Enter Yes.

  7. Unconfigure the switch:

    unconfigure switch all

    Restore all factory defaults and reboot? (y/N)

    Enter Yes

    The reboot can take about five minutes.

    After the reboot, the following authentication service text is displayed:

    Authentication Service (AAA) on the master node is now available for login.

    Enter admin as user.

    Enter no password.

  8. Set default configuration:

    This switch currently has all management methods enabled for convenience reasons.
    Please answer these questions about the security settings you would like to use.

    Telnet is enabled by default.
    Telnet is unencrypted and has been the target of security exploits in the past.

    Would you like to disable Telnet? [y/N]:

    Enter Yes

    SNMP access is enabled by default.
    SNMP uses no encryption, SNMPv3 can be configured to eliminate this problem.

    Would you like to disable SNMP? [y/N]:

    Enter No

    All ports are enabled by default.
    In some secure applications, it maybe more desirable for the ports to be turned off.

    Would you like unconfigured ports to be turned off by default? [y/N]:

    Enter Yes

    Changing the default failsafe account username and password is highly recommended.
    If you choose to do so, please remember the username and password as this information cannot be recovered.
    Would you like to change the failsafe account username and password now? [y/N]:

    Enter No

    Would you like to permit failsafe account access via the management port? [y/N]:

    Enter No

    The following text is shown for firmware later than EXOS version 15.4.2.8:

    The switch can proactively attempt to send basic configuration and operational switch information for the purpose of assisting technical support to resolve customer-reported issues.
    Uploaded data is encrypted if the ssh.xmod is installed.
    Otherwise, a reduced switch data set is sent in clear text that contains no customer-specific information.

    Would you like to disable the automatic switch reporting service? [Y/n]:

    Enter Yes

    Since you have chosen less secure management methods, please remember to increase the security of your network by taking the following actions:

    * change your admin password
    * change your failsafe account username and password
    * change your SNMP public and private strings
    * consider using SNMPv3 to secure network management traffic

    Note:  
    Do not change the admin password, because later steps expect an empty password.

  9. List the installed versions.

    The following printout is an example that shows the OS version and modules installed. If the version is correct, go to Step 20.

    show version images

    Card Partition Installation Date Version Name Branch
    ------------------------------------------------------------------------------
    Switch primary Fri Jan 23 14:04:50 UTC 2015 15.6.1.4 summitX-15.6.1.4.xos v1561b4
    Switch primary Fri Jan 23 14:06:05 UTC 2015 15.6.1.4 summitX-15.6.1.4-ssh.xmod v1561b4
    Switch secondary Fri Jan 23 14:09:42 UTC 2015 15.6.1.4 summitX-15.6.1.4.xos v1561b4
    Switch secondary Fri Jan 23 14:10:56 UTC 2015 15.6.1.4 summitX-15.6.1.4-ssh.xmod v1561b4

  10. Configure the temporary management IP address. Perform one of the following commands, depending on which switch is being configured:

    Switch

    Command

    A

    		 

    configure vlan mgmt ipaddress <traffic_switch_a_static_ip> <netmask-for-fuel_ctrl_sp>

    configure vlan mgmt ipaddress ⇒
<traffic_switch_a_static_ip> <netmask-for-fuel_ctrl_sp>

    B

    		 

    configure vlan mgmt ipaddress <traffic_switch_b_static_ip> <netmask-for-fuel_ctrl_sp>

    configure vlan mgmt ipaddress ⇒
<traffic_switch_b_static_ip> <netmask-for-fuel_ctrl_sp>

    For example:

    configure vlan mgmt ipaddress 192.168.2.2 255.255.255.0

  11. Install the OS.

    Transfer the image from the TFTP server to the Extreme X670V switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>.xos VR-mgmt
    download image <tftp_server_address>⇒
 Extreme/summitX-<version_name>.xos VR-mgmt

    Do you want to install image after downloading?

    Enter Yes.

  12. Install the SSH module.

    Transfer the image from the kickstart server to the Extreme X670V switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>-ssh.xmod VR-mgmt
    download image <tftp_server_address>⇒
 Extreme/summitX-<version_name>-ssh.xmod VR-mgmt

    Do you want to install image after downloading?

    Enter Yes.

  13. Save the configuration:

    save configuration primary

    No default configuration database has been selected to boot up the system.
    Save configuration will set the new configuration as the default database.
    The configuration file primary.cfg already exists.
    Do you want to save configuration to primary.cfg and overwrite it? (y/N)

    Enter Yes.

  14. Reboot the switch to use the new OS:

    reboot

    Are you sure you want to reboot the switch? (Y/N)

    Enter Yes.

    Reboot can take about five minutes.

  15. Log on by console.

    After reboot, when the authentication service is restarted, the following text is displayed:

    Authentication Service (AAA) on the master node is now available for login.

    Enter admin as user.

    Enter no password.

  16. Install the OS on the second partition.

    Transfer the image from the TFTP server to the Extreme X670V switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>.xos VR-mgmt secondary
    download image <tftp_server_address>⇒
 Extreme/summitX-<version_name>.xos VR-mgmt secondary

    Do you want to install image after downloading?

    Enter Yes.

  17. Install the SSH module on the second partition.

    Transfer the image from the kickstart server to the Extreme X670V switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>-ssh.xmod VR-mgmt secondary
    download image <tftp_server_address>⇒
 Extreme/summitX-<version_name>⇒
-ssh.xmod VR-mgmt secondary

    Do you want to install image after downloading?

    Enter Yes.

  18. Change the used partition:

    use image primary

  19. Remove the temporary management IP address configured in Step 10:

    unconfigure vlan mgmt ipaddress

  20. Configure the default VLAN:

    configure vlan default delete ports all

  21. Create the CEE administration VLAN.:

    create vlan cee_ctrl_sp tag 2

    Perform one of the following commands, depending on which switch is being configured:

    Switch

    Command

    A

    		 

    configure vlan cee_ctrl_sp ipaddress <traffic_switch_a_static_ip> <netmask-for-cee_ctrl_sp>

    configure vlan cee_ctrl_sp ipaddress ⇒
<traffic_switch_a_static_ip> <netmask-for-cee_ctrl_sp>

    B

    		 

    configure vlan cee_ctrl_sp ipaddress <traffic_switch_b_static> <netmask-for-cee_ctrl_sp>

    configure vlan cee_ctrl_sp ipaddress ⇒
<traffic_switch_b_static> <netmask-for-cee_ctrl_sp>

    configure vlan cee_ctrl_sp add ports 48 tagged

  22. Enable the port:

    enable ports 48

  23. Enable SSH:

    enable ssh2 vr VR-Default

    An example of the printout is the following:

    enable ssh2 vr VR-Default
WARNING: Generating new server host key
This could take approximately 15 minutes and cannot be canceled.  Continue? (y/N) Yes
    enable ssh2 vr VR-Default
WARNING: Generating new server host key
This could take approximately 15 minutes and cannot be ⇒
canceled.  Continue? (y/N) Yes

  24. Set the system name. Perform one of the following commands, depending on which switch is being configured:

    Switch

    Command

    A

    configure snmp sysName <cee_region_name>_TRAFFIC_SWA_X670V

    B

    configure snmp sysName <cee_region_name>_TRAFFIC_SWB_X670V

  25. Enable HTTP:

    enable web http

  26. Save the configuration:

    save configuration primary

    Do you want to save configuration to primary.cfg and overwrite it? (y/N)

    Enter Yes.

    save configuration secondary

    The configuration file secondary.cfg already exists.
    Do you want to save configuration to secondary.cfg and overwrite it? (y/N)

    Enter Yes.

    Saving configuration on master ...... done!
    Configuration saved to secondary.cfg successfully.

    The current selected default configuration database to boot up the system (primary.cfg) is different than the one just saved (secondary.cfg).
    Do you want to make secondary.cfg the default database? (y/N)

    Enter No.

  27. Reboot the switch:

    reboot

    Are you sure you want to reboot the switch? (Y/N)

    Enter Yes.

    The reboot can take about five minutes.

  28. End the console port session.
  29. Remove the console port cable inserted in Step 2.
  30. Remove the Ethernet cable and reinsert the cable that was removed in Step 3.
  31. If you have followed the steps for Switch A, go to Step 2 for Switch B.
  32. If you have configured Switch B in a one-pair configuration, go to Step 32 in Section 3.2 in Section 3.2. If there are four switches, continue.
  33. Go to Section 3.2.

3.2   Configuration of Storage Switch

Configure the switch:

  1. Identify the switch having a tag name (one of the alternatives below):

    Switch

    Tag Name

    A

    <cee_region_name>_STORAGE_SWA_X670V

    B

    <cee_region_name>_STORAGE_SWB_X670V

  2. Connect USB-to-RS-232 and RJ45-to-RS-232 to the console port.
    Note:  
    See Figure 1 for the location of the port.

  3. Remove the cable from the management port (if already connected) and connect the Ethernet cable.
    Note:  
    See Figure 1 for the location of the port.

  4. Access the switch from the console port.
  5. If username and password are requested, continue with Step 6, otherwise continue with Step 8.
  6. Check if file default.xsf exists.

    ls default.xsf

    If the output contains ls: default.xsf: No such file or directory, continue with Step 6.

    Rename default.xsf.

    mv default.xsf default.xsf.old

    Rename file default.xsf to file default.xsf.old on switch? (y/N)

    Enter Yes.

  7. Unconfigure switch:

    unconfigure switch all

    Restore all factory defaults and reboot? (y/N)

    Enter Yes

    The reboot can take about five minutes.

    After reboot, the following authentication service text is displayed:

    Authentication Service (AAA) on the master node is now available for login.

    Enter admin as user.

    Enter no password.

  8. Set default configuration:

    This switch currently has all management methods enabled for convenience reasons.
    Please answer these questions about the security settings you would like to use.

    Telnet is enabled by default.
    Telnet is unencrypted and has been the target of security exploits in the past.

    Would you like to disable Telnet? [y/N]:

    Enter Yes

    SNMP access is enabled by default. SNMP uses no encryption, SNMPv3 can be configured to eliminate this problem.

    Would you like to disable SNMP? [y/N]:

    Enter No

    All ports are enabled by default. In some secure applications, it maybe more desirable for the ports to be turned off.

    Would you like unconfigured ports to be turned off by default? [y/N]:

    Enter Yes

    Changing the default failsafe account username and password is highly recommended.
    If you choose to do so, please remember the username and password as this information cannot be recovered.
    Would you like to change the failsafe account username and password now? [y/N]:

    Enter No

    Would you like to permit failsafe account access via the management port? [y/N]:

    Enter No

    The following text is shown for firmware later than EXOS version 15.4.2.8 :

    The switch can proactively attempt to send basic configuration and operational switch information for the purpose of assisting technical support to resolve customer-reported issues.
    Uploaded data is encrypted if the ssh.xmod is installed.
    Otherwise, a reduced switch data set is sent in clear text that contains no customer-specific information.

    Would you like to disable the automatic switch reporting service? [Y/n]:

    Enter Yes

    Since you have chosen less secure management methods, please remember to increase the security of your network by taking the following actions:

    * change your admin password
    * change your failsafe account username and password
    * change your SNMP public and private strings
    * consider using SNMPv3 to secure network management traffic

    Enter admin user.

    Enter no password.

    Note:  
    Do not change the admin password, because later steps expect empty password.

  9. List the installed versions.

    The following example printout shows the OS version and modules installed. If the version is correct, go to Step 20.

    show version images

    Card Partition Installation Date Version Name Branch
    ------------------------------------------------------------------------------
    Switch primary Fri Jan 23 14:04:50 UTC 2015 15.6.1.4 summitX-15.6.1.4.xos v1561b4
    Switch primary Fri Jan 23 14:06:05 UTC 2015 15.6.1.4 summitX-15.6.1.4-ssh.xmod v1561b4
    Switch secondary Fri Jan 23 14:09:42 UTC 2015 15.6.1.4 summitX-15.6.1.4.xos v1561b4
    Switch secondary Fri Jan 23 14:10:56 UTC 2015 15.6.1.4 summitX-15.6.1.4-ssh.xmod v1561b4

  10. Configure temporary management IP address

    Switch

    Command

    A

    		 

    configure vlan mgmt ipaddress <storage_switch_a_static_ip> <netmask-for-fuel_ctrl_sp

    configure vlan mgmt ipaddress ⇒
<storage_switch_a_static_ip> <netmask-for-fuel_ctrl_sp

    B

    		 

    configure vlan mgmt ipaddress <storage_switch_b_static_ip> <netmask-for-fuel_ctrl_sp

    configure vlan mgmt ipaddress ⇒
<storage_switch_b_static_ip> <netmask-for-fuel_ctrl_sp

    For example, type the following:

    configure vlan mgmt ipaddress 192.168.2.2 255.255.255.0

  11. Install the OS:

    Transfer the image from TFTP server to Extreme X670V switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>.xos VR-mgmt
    download image <tftp_server_address>⇒
 Extreme/summitX-<version_name>.xos VR-mgmt

    Do you want to install image after downloading?

    Enter Yes.

  12. Install the SSH module:

    Transfer the image from kickstart server to the Extreme X670V switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>-ssh.xmod VR-mgmt
    download image <tftp_server_address>⇒
 Extreme/summitX-<version_name>-ssh.xmod VR-mgmt

    Do you want to install image after downloading?

    Enter Yes.

  13. Save the configuration:

    save configuration primary

    No default configuration database has been selected to boot up the system.
    Save configuration will set the new configuration as the default database.
    The configuration file primary.cfg already exists.
    Do you want to save configuration to primary.cfg and overwrite it? (y/N)

    Enter Yes.

  14. Reboot the switch.

    Reboot the switch to use the new OS:

    reboot

    Are you sure you want to reboot the switch? (Y/N)

    Enter Yes.

    Reboot can take about five minutes.

  15. Log on by console.

    Wait for the following text to be displayed:

    Authentication Service (AAA) on the master node is now available for login.

    Enter admin as user.

    Enter no password.

  16. Install the OS on the second partition.

    Transfer the image from the TFTP server to the Extreme X670V switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>.xos VR-mgmt secondary
    download image <tftp_server_address>⇒
 Extreme/summitX-<version_name>.xos VR-mgmt secondary

    Do you want to install image after downloading?

    Enter Yes.

  17. Install the SSH module on the second partition.

    Transfer the image from the kickstart server to the Extreme X670V switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>-ssh.xmod VR-mgmt secondary
    download image <tftp_server_address>⇒
 Extreme/summitX-<version_name>⇒
-ssh.xmod VR-mgmt secondary

    Do you want to install image after downloading?

    Enter Yes.

  18. Change the used partition:

    use image primary

  19. Remove the temporary management IP address configured in Step 10:

    Switch

    Command

    A

    		 

    unconfigure vlan mgmt ipaddress <storage_switch_a_static_ip>

    unconfigure vlan mgmt ipaddress⇒
 <storage_switch_a_static_ip>

    B

    		 

    unconfigure vlan mgmt ipaddress <storage_switch_b_static_ip>

    unconfigure vlan mgmt ipaddress⇒
 <storage_switch_b_static_ip>

  20. Configure the Virtual Router:

    configure vlan default delete ports all

  21. Create the CEE administration VLAN:

    create vlan cee_ctrl_sp tag 2

    Switch

    Command

    A

    		 

    configure vlan cee_ctrl_sp ipaddress <storage_switch_a_static_ip> <netmask-for-cee_ctrl_sp

    configure vlan cee_ctrl_sp ipaddress⇒
 <storage_switch_a_static_ip> <netmask-for-cee_ctrl_sp

    B

    		 

    configure vlan cee_ctrl_sp ipaddress <storage_switch_b_static_ip> <netmask-for-cee_ctrl_sp

    configure vlan cee_ctrl_sp ipaddress⇒
 <storage_switch_b_static_ip> <netmask-for-cee_ctrl_sp

    configure vlan cee_ctrl_sp add ports 48 tagged

  22. Enable the port:

    enable ports 48

  23. Set system name:

    Switch

    Command

    A

    configure snmp sysName <cee_region_name>_STORAGE_SWA_X670V

    B

    configure snmp sysName <cee_region_name>_STORAGE_SWB_X670V

  24. Enable HTTP:

    enable web http

  25. Save the configuration:

    save configuration primary

    Do you want to save configuration to primary.cfg and overwrite it? (y/N)

    Enter Yes.

    save configuration secondary

    The configuration file secondary.cfg already exists.
    Do you want to save configuration to secondary.cfg and overwrite it? (y/N)

    Enter Yes.

    Saving configuration on master ...... done!
    Configuration saved to secondary.cfg successfully.

    The current selected default configuration database to boot up the system (primary.cfg) is different than the one just saved (secondary.cfg).
    Do you want to make secondary.cfg the default database? (y/N)

    Enter No.

  26. Reboot the switch:

    reboot

    Are you sure you want to reboot the switch? (Y/N)

    Enter Yes.

    The reboot can take about five minutes.

  27. End the console port session.
  28. Remove the console port cable inserted in Step 2.
  29. Remove the Ethernet cable and reinsert the cable that was removed in Step 3.
  30. If you have followed the steps for Switch A, go to Step 2 for Switch B.
  31. If you have now configured two switch pairs, go to Step 32.
  32. The job is completed.

Reference List

[1] IP and VLAN plan, 2/102 62-CRA 119 1862/5 Uen
Legal | © Ericsson AB 2016, 2017