Extreme X770 Configuration
Cloud Execution Environment

Contents

1Introduction
1.1Prerequisites

2
Prepare to Configure Extreme X770 Switches

3
Configuration of Extreme X770 Switches
3.1Configuration of Traffic Switch
3.2Configuration of Storage Switch

Reference List

1   Introduction

This document describes procedures for how to install Extreme X770 switches to be used as Traffic and Storage Switches, as part of the CEE Installation.

1.1   Prerequisites

This section describes the prerequisites which must be fulfilled before the Extreme switch can be configured.

1.1.1   Installation Data

Required site-specific data:

A customer-specific IP and VLAN plan, based on the document IP and VLAN plan, Reference [1]
The CEE region name
A password for the Extreme admin user. The default setting is blank for a new switch.

The address variables are summarized in the table below. For more information, refer to the IP and VLAN plan, Reference [1]. The IP address <tftp_server_address> is that of the kickstart or LCT server, obtained during the preparation process described in the Preparation of Kickstart Server.

Network/VLAN

IPv4 Address Variable

fuel_ctrl_sp (admin)

<tftp_server_address>

cee_ctrl_sp

<traffic_switch_a_static_ip>

cee_ctrl_sp

<traffic_switch_b_static_ip>

cee_ctrl_sp

<storage_switch_a_static_ip>

cee_ctrl_sp

<storage_switch_b_static_ip>

1.1.2   Hardware and Software Required

Required hardware:

Two pairs of Extreme X770 switches

Required software:

EXOS firmware

1.1.3   Tools

The following tools are required:

A kickstart server or LCT (kickstart vs LCT table), prepared with:

Software to enable console port access
TFTP server accessible, with EXOS firmware

Required cables:

Cable

Use

adapter USB-to-RS-232

Console connection

adapter RJ45-to-RS-232

Console connection

Two cat6 Ethernet cables

One cable is connected directly to the management port during installation to download SW to switch if needed. The other cable is connected to USB-to-RS-232 and RJ45-to-RS-232 for connection to console port

Note:  
The switches have one native management port (Ethernet) and one console port on the front panel. Both use RJ45.

Figure 1   Extreme X770 Switch, Front

1.1.4   Conditions

Before the installation can be performed, the following conditions must apply:

Software packages, see the download instructions in Section 2:

Upgrade package for the Extreme firmware.
Installation package for the Extreme firmware SSH module.

Other equipment:

Serial number for at least one of the Extreme switches. This is used when downloading software, if the firmware is not already available.

2   Prepare to Configure Extreme X770 Switches

This section describes the preparations needed before Extreme switches are configured.

To prepare for the installation, perform the following:

  1. Download the needed software packages from http://www.extremenetworks.com/partners/partners-hub.aspx.
    Note:  
    The serial number of the Extreme switch is required to download the software.

  2. Create a folder for the Extreme software on for the TFTP server:

    The folder for Extreme software used in this document is <tftp_boot_server_directory>/Extreme/

  3. Copy the extracted software to the folder created. Make sure that the software is accessible.

3   Configuration of Extreme X770 Switches

The Extreme switch configuration covered in this section is a manual procedure, taking each switch in turn:

  1. Follow Step 1 in Section 3.1 to Step 32 in Section 3.1 in Section 3.1, for Traffic Switch A.
  2. Follow Step 2 in Section 3.1 to Step 33 in Section 3.1 in Section 3.1, for Traffic Switch B.
  3. Follow Step 1 in Section 3.2 to Step 31 in Section 3.2 in Section 3.2, for Storage Switch A.
  4. Follow Step 2 in Section 3.2 to Step 30 in Section 3.2 in Section 3.2, for Storage Switch B.
Note:  
Configuration must be done as described in this document in steps, to avoid a loop in the network.

3.1   Configuration of Traffic Switch

Configure the switch:

  1. Identify the switch having a tag name attached to it (one of the alternatives below):

    Switch

    Tag Name

    A

    <cee_region_name>_TRAFFIC_SWA_X770

    B

    <cee_region_name>_TRAFFIC_SWB_X770

  2. Connect USB-to-RS-232 and RJ45-to-RS-232 to the console port.
    Note:  
    See Figure 1 for the location of the port.

  3. Remove the cable from the management port if the cable was already connected. Connect the kickstart server to the Extreme switch using the Ethernet cable.
    Note:  
    See Figure 1 for the location of the port.

  4. Access the switch from the console port.
  5. If username and password are requested, continue with Step 6, otherwise go to Step 8.
  6. Check if the file default.xsf exists:

    ls default.xsf

    If output contains ls: default.xsf: No such file or directory, continue with Step 7.

    Rename default.xsf.

    mv default.xsf default.xsf.old

    Rename file default.xsf to file default.xsf.old on switch? (y/N)

    Enter Yes.

  7. Unconfigure switch:

    unconfigure switch all

    Restore all factory defaults and reboot? (y/N)

    Enter Yes

    The reboot can take about five minutes.

    After reboot, the following authentication service text is displayed:

    Authentication Service (AAA) on the master node is now available for login.

    Enter admin as user.

    Enter no password.

  8. Set default configuration:

    This switch currently has all management methods enabled for convenience reasons.
    Please answer these questions about the security settings you would like to use.

    Telnet is enabled by default.
    Telnet is unencrypted and has been the target of security exploits in the past.

    Would you like to disable Telnet? [y/N]:

    Enter Yes

    SNMP access is enabled by default.
    SNMP uses no encryption, SNMPv3 can be configured to eliminate this problem.

    Would you like to disable SNMP? [y/N]:

    Enter No

    All ports are enabled by default.
    In some secure applications, it maybe more desirable for the ports to be turned off.

    Would you like unconfigured ports to be turned off by default? [y/N]:

    Enter Yes

    Changing the default failsafe account username and password is highly recommended.
    If you choose to do so, please remember the username and password as this information cannot be recovered.
    Would you like to change the failsafe account username and password now? [y/N]:

    Enter No

    Would you like to permit failsafe account access via the management port? [y/N]:

    Enter No

    The following text will be shown for firmware later than EXOS version 15.4.2.8:

    The switch can proactively attempt to send basic configuration and operational switch information for the purpose of assisting technical support to resolve customer-reported issues.
    Uploaded data is encrypted if the ssh.xmod is installed.
    Otherwise, a reduced switch data set is sent in clear text that contains no customer-specific information.

    Would you like to disable the automatic switch reporting service? [Y/n]:

    Enter Yes

    Since you have chosen less secure management methods, please remember to increase the security of your network by taking the following actions:

    * change your admin password
    * change your failsafe account username and password
    * change your SNMP public and private strings
    * consider using SNMPv3 to secure network management traffic

    Note:  
    Do not change the admin password, because later steps expect an empty password.

  9. List the installed versions.

    The following printout is an example that shows the OS version and modules installed. If the version is correct, go to Step 20.

    show version images

    Card Partition Installation Date Version Name Branch
    ------------------------------------------------------------------------------
    Switch primary Fri Jan 23 14:04:50 UTC 2015 15.6.1.4 summitX-15.6.1.4.xos v1561b4
    Switch primary Fri Jan 23 14:06:05 UTC 2015 15.6.1.4 summitX-15.6.1.4-ssh.xmod v1561b4
    Switch secondary Fri Jan 23 14:09:42 UTC 2015 15.6.1.4 summitX-15.6.1.4.xos v1561b4
    Switch secondary Fri Jan 23 14:10:56 UTC 2015 15.6.1.4 summitX-15.6.1.4-ssh.xmod v1561b4

  10. Configure temporary management IP address. Perform one of the following commands, depending on which switch is being configured:

    Switch

    Command

    A

    		 

    configure vlan mgmt ipaddress <traffic_switch_a_static_ip> <netmask-for-fuel_ctrl_sp>

    configure vlan mgmt ipaddress ⇒
<traffic_switch_a_static_ip> <netmask-for-fuel_ctrl_sp>

    B

    		 

    configure vlan mgmt ipaddress <traffic_switch_b_static_ip> <netmask-for-fuel_ctrl_sp>

    configure vlan mgmt ipaddress ⇒
<traffic_switch_b_static_ip> <netmask-for-fuel_ctrl_sp>

    For example, type the following:

    configure vlan mgmt ipaddress 192.168.2.2 255.255.255.0

  11. Install OS.

    Transfer the image from TFTP server to Extreme X770 switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>.xos VR-mgmt
    download image <tftp_server_address>⇒
 Extreme/summitX-<version_name>.xos VR-mgmt

    Do you want to install image after downloading?

    Enter Yes.

  12. Install SSH module.

    Transfer the image from kickstart server to the Extreme X770 switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>-ssh.xmod VR-mgmt
    download image <tftp_server_address> ⇒
Extreme/summitX-<version_name>-ssh.xmod VR-mgmt

    Do you want to install image after downloading?

    Enter Yes.

  13. Save the configuration:

    save configuration primary

    No default configuration database has been selected to boot up the system.
    Save configuration will set the new configuration as the default database.
    The configuration file primary.cfg already exists.
    Do you want to save configuration to primary.cfg and overwrite it? (y/N)

    Enter Yes.

  14. Reboot the switch to use the new OS:

    reboot

    Are you sure you want to reboot the switch? (Y/N)

    Enter Yes.

    Reboot can take about five minutes.

  15. Log on by console.

    After reboot, the following authentication service text is displayed:

    Authentication Service (AAA) on the master node is now available for login.

    Enter admin as user.

    Enter no password.

  16. Install the OS on the second partition.

    Transfer the image from the TFTP server to the Extreme X770 switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>.xos VR-mgmt secondary
    download image <tftp_server_address> ⇒
Extreme/summitX-<version_name>.xos VR-mgmt secondary

    Do you want to install image after downloading?

    Enter Yes.

  17. Install the SSH module on the second partition.

    Transfer the image from the kickstart server to the Extreme X770 switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>-ssh.xmod VR-mgmt secondary
    download image <tftp_server_address> ⇒
Extreme/summitX-<version_name>-ssh.xmod ⇒
VR-mgmt secondary

    Do you want to install image after downloading?

    Enter Yes.

  18. Change the used partition:

    use image primary

  19. Remove the temporary management IP address configured in Step 10.

    unconfigure vlan mgmt ipaddress

  20. Partition ports:

    configure ports 52 partition 1x10G

    Warning: Configuration will be lost on ports 52
    No configuration changes should be made on these ports until after the next reboot.
    This command will only take effect after save configuration and reboot.

    Are you sure you want to continue? (y/N)

    Enter Yes

  21. Configure the default VLAN:

    configure vlan default delete ports all

  22. Create the CEE administration VLAN:

    create vlan cee_ctrl_sp tag 2

    Perform one of the following commands, depending on which switch is being configured:

    Switch

    Command

    A

    		 

    configure vlan cee_ctrl_sp ipaddress <traffic_switch_a_static_ip> <netmask-for-cee_ctrl_sp>

    configure vlan cee_ctrl_sp ipaddress ⇒
<traffic_switch_a_static_ip> <netmask-for-cee_ctrl_sp>

    B

    		 

    configure vlan cee_ctrl_sp ipaddress <traffic_switch_b_static_ip> <netmask-for-cee_ctrl_sp>

    configure vlan cee_ctrl_sp ipaddress ⇒
<traffic_switch_b_static_ip> <netmask-for-cee_ctrl_sp>

    configure vlan cee_ctrl_sp add ports 52 tagged

  23. Enable the port:

    enable ports 52

  24. Enable SSH:

    enable ssh2 vr VR-Default

    An example of the printout is the following:

    enable ssh2 vr VR-Default
WARNING: Generating new server host key
This could take approximately 15 minutes and cannot be canceled.  Continue? (y/N) Yes
    enable ssh2 vr VR-Default
WARNING: Generating new server host key
This could take approximately 15 minutes and cannot be ⇒
canceled.  Continue? (y/N) Yes

  25. Set the system name. Perform one of the following commands, depending on which switch is being configured:

    Switch

    Command

    A

    configure snmp sysName <cee_region_name>_TRAFFIC_SWA_X770

    B

    configure snmp sysName <cee_region_name>_TRAFFIC_SWB_X770

  26. Enable HTTP:

    enable web http

  27. Save the configuration:

    save configuration primary

    Do you want to save configuration to primary.cfg and overwrite it? (y/N)

    Enter Yes.

    save configuration secondary

    The configuration file secondary.cfg already exists.
    Do you want to save configuration to secondary.cfg and overwrite it? (y/N)

    Enter Yes.

    Saving configuration on master ...... done!
    Configuration saved to secondary.cfg successfully.

    The current selected default configuration database to boot up the system (primary.cfg) is different than the one just saved (secondary.cfg).
    Do you want to make secondary.cfg the default database? (y/N)

    Enter No.

  28. Reboot the switch:

    reboot

    Are you sure you want to reboot the switch? (Y/N)

    Enter Yes.

    The reboot can take about five minutes.

  29. End the console port session.
  30. Remove the console port cable inserted in Step 2.
  31. Remove the Ethernet cable and reinsert the cable that was removed in Step 3.
  32. If you have followed the steps for Switch A, go to Step 2 for Switch B.
  33. Go to Section 3.2.

3.2   Configuration of Storage Switch

Configure the switch:

  1. Identify the switch having a tag name (one of the alternatives below):

    Switch

    Tag Name

    A

    <cee_region_name>_STORAGE_SWA_X770

    B

    <cee_region_name>_STORAGE_SWB_X770

  2. Connect USB-to-RS-232 and RJ45-to-RS-232 to the console port.
    Note:  
    See Figure 1 for the location of the port.

  3. Remove the cable from the management port (if already connected) and connect the Ethernet cable.
    Note:  
    See Figure 1 for the location of the port.

  4. Access the switch from the console port.
  5. If username and password are requested, continue with Step 6, otherwise continue with Step 8.
  6. Check if the file default.xsf exists:

    ls default.xsf

    If the output contains ls: default.xsf: No such file or directory, continue with Step 6.

    Rename default.xsf:

    mv default.xsf default.xsf.old

    Rename file default.xsf to file default.xsf.old on switch? (y/N)

    Enter Yes.

  7. Unconfigure the switch:

    unconfigure switch all

    Restore all factory defaults and reboot? (y/N)

    Enter Yes

    The reboot can take about five minutes.

    After the reboot, the following authentication service text is displayed:

    Authentication Service (AAA) on the master node is now available for login.

    Enter admin as user.

    Enter no password.

  8. Set default configuration:

    This switch currently has all management methods enabled for convenience reasons.
    Please answer these questions about the security settings you would like to use.

    Telnet is enabled by default.
    Telnet is unencrypted and has been the target of security exploits in the past.

    Would you like to disable Telnet? [y/N]:

    Enter Yes.

    SNMP access is enabled by default.
    SNMP uses no encryption, SNMPv3 can be configured to eliminate this problem.

    Would you like to disable SNMP? [y/N]:

    Enter No.

    All ports are enabled by default.
    In some secure applications, it maybe more desirable for the ports to be turned off.

    Would you like unconfigured ports to be turned off by default? [y/N]:

    Enter Yes.

    Changing the default failsafe account username and password is highly recommended.
    If you choose to do so, please remember the username and password as this information cannot be recovered.
    Would you like to change the failsafe account username and password now? [y/N]:

    Enter No.

    Would you like to permit failsafe account access via the management port? [y/N]:

    Enter No.

    The following text will be shown for firmware later than EXOS version 15.4.2.8:

    The switch can proactively attempt to send basic configuration and operational switch information for the purpose of assisting technical support to resolve customer-reported issues.
    Uploaded data is encrypted if the ssh.xmod is installed.
    Otherwise, a reduced switch data set is sent in clear text that contains no customer-specific information.

    Would you like to disable the automatic switch reporting service? [Y/n]:

    Enter Yes.

    Since you have chosen less secure management methods, please remember to increase the security of your network by taking the following actions:

    * change your admin password
    * change your failsafe account username and password
    * change your SNMP public and private strings
    * consider using SNMPv3 to secure network management traffic

    Note:  
    Do not change the admin password, because later steps expect an empty password.

  9. List the installed versions.

    The following example printout shows the OS version and modules installed with. If the version is correct, go to Step 20.

    show version images

    Card Partition Installation Date Version Name Branch
    ------------------------------------------------------------------------------
    Switch primary Fri Jan 23 14:04:50 UTC 2015 15.6.1.4 summitX-15.6.1.4.xos v1561b4
    Switch primary Fri Jan 23 14:06:05 UTC 2015 15.6.1.4 summitX-15.6.1.4-ssh.xmod v1561b4
    Switch secondary Fri Jan 23 14:09:42 UTC 2015 15.6.1.4 summitX-15.6.1.4.xos v1561b4
    Switch secondary Fri Jan 23 14:10:56 UTC 2015 15.6.1.4 summitX-15.6.1.4-ssh.xmod v1561b4

  10. Configure temporary management IP address:

    Switch

    Command

    A

    		 

    configure vlan mgmt ipaddress <storage_switch_a_static_ip> <netmask-for-fuel_ctrl_sp

    configure vlan mgmt ipaddress ⇒
<storage_switch_a_static_ip> <netmask-for-fuel_ctrl_sp

    B

    		 

    configure vlan mgmt ipaddress <storage_switch_b_static_ip> <netmask-for-fuel_ctrl_sp

    configure vlan mgmt ipaddress ⇒
<storage_switch_b_static_ip> <netmask-for-fuel_ctrl_sp

  11. Install the OS.

    Transfer the image from the TFTP server to the Extreme X770 switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>.xos VR-mgmt
    download image <tftp_server_address>⇒
 Extreme/summitX-<version_name>.xos VR-mgmt

    Do you want to install image after downloading?

    Enter Yes.

  12. Install the SSH module.

    Transfer the image from the kickstart server to the Extreme X770 switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>-ssh.xmod VR-mgmt
    download image <tftp_server_address>⇒
 Extreme/summitX-<version_name>-ssh.xmod VR-mgmt

    Do you want to install image after downloading?

    Enter Yes.

  13. Save the configuration:

    save configuration primary

    No default configuration database has been selected to boot up the system.
    Save configuration will set the new configuration as the default database.
    The configuration file primary.cfg already exists.
    Do you want to save configuration to primary.cfg and overwrite it? (y/N)

    Enter Yes.

  14. Reboot the switch to use the new OS:

    reboot

    Are you sure you want to reboot the switch? (Y/N)

    Enter Yes.

    The reboot can take about five minutes.

  15. Log on by console.

    Wait for the following text to be displayed:

    Authentication Service (AAA) on the master node is now available for login.

    Enter admin as user.

    Enter no password.

  16. Install the OS on the second partition.

    Transfer the image from TFTP server to Extreme X770 switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>.xos VR-mgmt secondary
    download image <tftp_server_address> ⇒
Extreme/summitX-<version_name>.xos VR-mgmt secondary

    Do you want to install image after downloading?

    Enter Yes.

  17. Install the SSH module on the second partition.

    Transfer the image from the kickstart server to the Extreme X770 switch:

    download image <tftp_server_address> Extreme/summitX-<version_name>-ssh.xmod VR-mgmt secondary
    download image <tftp_server_address> ⇒
Extreme/summitX-<version_name>-ssh.xmod ⇒
VR-mgmt secondary

    Do you want to install image after downloading?

    Enter Yes.

  18. Change the used partition:

    use image primary

  19. Remove the temporary management IP address configured in Step 10:

    unconfigure vlan mgmt ipaddress

  20. Partition ports:

    configure ports 52 partition 1x10G

    Warning: Configuration will be lost on ports 52
    No configuration changes should be made on these ports until after the next reboot.
    This command will only take effect after save configuration and reboot.

    Are you sure you want to continue? (y/N)

    Enter Yes.

  21. Configure the Virtual Router:

    configure vlan default delete ports all

  22. Create CEE administration VLAN:

    create vlan cee_ctrl_sp tag 2

    Switch

    Command

    A

    		 

    configure vlan cee_ctrl_sp ipaddress <storage_switch_a_static_ip> <netmask-for-cee_ctrl_sp

    configure vlan cee_ctrl_sp ipaddress ⇒
<storage_switch_a_static_ip> <netmask-for-cee_ctrl_sp

    B

    		 

    configure vlan cee_ctrl_sp ipaddress <storage_switch_b_static_ip> <netmask-for-cee_ctrl_sp

    configure vlan cee_ctrl_sp ipaddress ⇒
<storage_switch_b_static_ip> <netmask-for-cee_ctrl_sp

    configure vlan cee_ctrl_sp add ports 52 tagged

  23. Enable the port:

    enable ports 52

  24. Set the system name:

    Switch

    Command

    A

    configure snmp sysName <cee_region_name>_STORAGE_SWA_X770

    B

    configure snmp sysName <cee_region_name>_STORAGE_SWB_X770

  25. Enable HTTP:

    enable web http

  26. Save the configuration:

    save configuration primary

    Do you want to save configuration to primary.cfg and overwrite it? (y/N)

    Enter Yes.

    save configuration secondary

    The configuration file secondary.cfg already exists.
    Do you want to save configuration to secondary.cfg and overwrite it? (y/N)

    Enter Yes.

    Saving configuration on master ...... done!
    Configuration saved to secondary.cfg successfully.

    The current selected default configuration database to boot up the system (primary.cfg) is different than the one just saved (secondary.cfg).
    Do you want to make secondary.cfg the default database? (y/N)

    Enter No.

  27. Reboot the switch:

    reboot

    Are you sure you want to reboot the switch? (Y/N)

    Enter Yes.

    The reboot can take about five minutes.

  28. End the console port session.
  29. Remove the console port cable inserted in Step 2.
  30. Remove the Ethernet cable and reinsert the cable that was removed in Step 3.
  31. If you have followed the steps for Switch A, go to Step 2 for Switch B.

Reference List

[1] IP and VLAN plan, 2/102 62-CRA 119 1862/5 Uen
Legal | © Ericsson AB 2016, 2017