Foundry FastIron FLS-624 & FLS648
!
aaa authentication enable default local tacacs+
aaa authentication login default local tacacs+
aaa authorization exec default tacacs+
aaa accounting commands 0 default start-stop tacacs+
aaa accounting exec default start-stop tacacs+
!
tacacs-server host 192.168.33.44
tacacs-server key xxxxxxxxxxxxxx
!
Cisco 876 – C870-ADVSECURITYK9-M – 12.4
c876#conf t
c876(config)#service sequence-numbers
c876(config)#^Z
c876#sh run | i service
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
c876(config)#ip access-list extended 111
c876(config-ext-nacl)#remark allow NMS
c876(config-ext-nacl)#10 permit ip 192.168.10.0 0.0.0.31 host 192.168.1.1
c876(config-ext-nacl)#20 permit ip 192.168.20.128 0.0.0.31 host 192.168.1.1
c876(config-ext-nacl)#remark allow tacacs
c876(config-ext-nacl)#30 permit ip 192.168.0.0 0.0.127.255 host 192.168.200.200
c876(config-ext-nacl)#40 permit ip 192.168.0.0 0.0.127.255 host 192.168.222.222
c876(config-ext-nacl)#50 deny ip any any log
c876(config-ext-nacl)#^Z
c876#sh ip access-lists 111
Extended IP access list 111
10 permit ip 192.168.10.0 0.0.0.31 host 192.168.1.1
20 permit ip 192.168.20.128 0.0.0.31 host 192.168.1.1
30 permit ip 192.168.0.0 0.0.127.255 host 192.168.200.200
40 permit ip 192.168.0.0 0.0.127.255 host 192.168.222.222
50 deny ip any any log
c876#conf t
c876(config)#ip access-list extended 111
c876(config-ext-nacl)#no 30
c876(config-ext-nacl)#^Z
c876#sh ip access-lists 111
Extended IP access list 111
10 permit ip 192.168.10.0 0.0.0.31 host 192.168.1.1
20 permit ip 192.168.20.128 0.0.0.31 host 192.168.1.1
40 permit ip 192.168.0.0 0.0.127.255 host 192.168.222.222
50 deny ip any any log
c876#conf t
c876(config)#ip access-list extended 111
c876(config-ext-nacl)#30 permit ip 172.20.10.0 0.0.0.0 host 192.168.222.222
c876(config-ext-nacl)#^Z
c876#sh ip access-lists 111
Extended IP access list 111
10 permit ip 192.168.10.0 0.0.0.31 host 192.168.1.1
20 permit ip 192.168.20.128 0.0.0.31 host 192.168.1.1
30 permit ip host 172.20.10.0 host 192.168.222.222
40 permit ip 192.168.0.0 0.0.127.255 host 192.168.222.222
50 deny ip any any log
Hardware :
Software :
CentOS XEN Guest installation (SuSE Linux Enterprise 10 – SP2)
[roo@xen-host-1 ~]# mkdir -p /root/suse_xen_build
[roo@xen-host-1 ~]# cd /root/suse_xen_build
The Kernel from the Suse Linux Enterprise 10 SP2 media (kernel-xen-2.6.16.60-0.21.x86_64.rpm) did not work for setup.
Fetch a newer Kernel from the Novel update Server. (kernel-xen-2.6.16.60-0.39.3.x86_64.rpm) works fine.
From the media you need the install-initrd-1.0-19.2.x86_64.rpm file.
Fetch the suse-prepare-install script from Gerd Hoffmann aka Gerd Knorr : http://et.redhat.com/~kraxel/xen/suse-prepare-install
[roo@xen-host-1 suse_xen_build]# ls -l /root/suse_xen_build
-r–r–r– 1 root root 3369491 1. Jun 11:11 install-initrd-1.0-19.2.x86_64.rpm
-rw-r–r– 1 root root 18224165 1. Jun 11:11 kernel-xen-2.6.16.60-0.39.3.x86_64.rpm
-rwxr-xr-x 1 root root 1653 1. Jun 11:11 suse-prepare-install.sh
[roo@xen-host-1 suse_xen_build]# ./suse-prepare-install.sh
[roo@xen-host-1 suse_xen_build]# ls -l
-r–r–r– 1 root root 3369491 1. Jun 11:11 install-initrd-1.0-19.2.x86_64.rpm
-rw-r–r– 1 root root 1409664 1. Jun 11:11 inst.xen-2.6.16.60-0.39.3-x86_64-kernel
-rw-r–r– 1 root root 8798392 1. Jun 11:11 inst.xen-2.6.16.60-0.39.3-x86_64-ramdisk
-rw-r–r– 1 root root 18224165 1. Jun 11:11 kernel-xen-2.6.16.60-0.39.3.x86_64.rpm
-rwxr-xr-x 1 root root 1653 1. Jun 11:11 suse-prepare-install.sh
[roo@xen-host-1 suse_xen_build]# cd /etc/xen
[roo@xen-host-1 xen]# cat suse1.cfg
name = “suse1″
memory = “4096″
vcpus = 4
vif = [ 'mac=00:16:3e:xx:xx:xx, bridge=xenbr0' ]
disk = [ 'phy:/dev/disk/by-id/scsi-3600a0b8000370e3b000018cdxxxxxxxx,hda,w' ]
on_reboot = “destroy”
on_crash = “destroy”
kernel = “/root/suse_xen_build/inst.xen-2.6.16.60-0.39.3-x86_64-kernel”
ramdisk = “/root/suse_xen_build/inst.xen-2.6.16.60-0.39.3-x86_64-ramdisk”
extra = “xencons=xvc0 console=xvc0″
[roo@xen-host-1 xen]# xm create -c /etc/xen/suse1.cfg
Finish the first stage of the installation process. I have done a installation via network using ftp protocoll.
When the first stage finished and the setup reboot the VM will be destroyed. Take a look at the config file (on_reboot = “destroy”).
Now we must change the kernel and ramdisk option in the config.
name = “suse1″
memory = “4096″
vcpus = 4
vif = [ 'mac=00:16:3e:xx:xx:xx, bridge=xenbr0' ]
disk = [ 'phy:/dev/disk/by-id/scsi-3600a0b8000370e3b000018cdxxxxxxxx,hda,w' ]
on_reboot = “destroy”
on_crash = “destroy”
kernel = “/etc/xen/vm/vmlinuz-2.6.16.60-0.39.3-xen”
ramdisk = “/etc/xen/vm/initrd-2.6.16.60-0.21-xen”
extra = “xencons=xvc0 console=xvc0″
We need a vmlinuz-2.6.16.60-0.39.3-xen and a initrd-xen file to start the second stage.
The vmlinuz-2.6.16.60-0.39.3-xen file ist inside the rpm we fetched.
[roo@xen-host-1 xen]# mkdir -p /etc/vm
[roo@xen-host-1 xen]# mkdir -p /root/temp
[roo@xen-host-1 xen]# cd /root/temp
[roo@xen-host-1 temp]# cp /root/suse_xen_build/kernel-xen-2.6.16.60-0.39.3.x86_64.rpm .
[roo@xen-host-1 temp]# rpm2cpio kernel-xen-2.6.16.60-0.39.3.x86_64.rpm | cpio -ivmud
[roo@xen-host-1 temp]# ls -l
drwx—— 2 root root 4096 10. Jun 13:13 boot
drwx—— 3 root root 4096 10. Jun 13:13 etc
-rw-r–r– 1 root root 18224165 10. Jun 13:13 kernel-xen-2.6.16.60-0.39.3.x86_64.rpm
drwx—— 3 root root 4096 10. Jun 13:13 lib
drwx—— 3 root root 4096 10. Jun 13:13 usr
[roo@xen-host-1 temp]#cp /root/temp/boot/vmlinuz-2.6.16.60-0.39.3-xen /etc/xen/vm
Mount the /boot Partition from the VM.
[roo@xen-host-1 temp]# mount /dev/disk/by-id/scsi-3600a0b8000370e3b000018cdxxxxxxxx-part1 /mnt
[roo@xen-host-1 temp]#cd /mnt/boot
[roo@xen-host-1 boot]# cp initrd-2.6.16.60-0.21-xen /etc/xen/vm
[roo@xen-host-1 temp]#cd /etc/xen/vm
[roo@xen-host-1 vm]#umount /mnt
[roo@xen-host-1 vm]#xm create -c /etc/xen/suse1.cfg
Now finish the installation. Apply all updates an you will find the same kernel in the /boot from suse1 VM.
Copy the new initrd file via scp to your XEN host at /etc/xen/vm/ and change the suse1.cfg file to match the filename.
Thats all folks !
Hardware :
Software :
CentOS XEN Host + Multipath (MPP) LSI RDAC
[roo@xen-host-1 ~]# cat /etc/redhat-release
CentOS release 5.3 (Final)
[roo@xen-host-1 ~]# yum install iscsi-initiator-utils.x86_64
Edit the iscsi.conf
DiscoveryAddress = 192.168.xxx.xxx:3260
HeaderDigest = always
DataDigest = always
Targetname = iqn.1992-01.com.lsi:1535.600a0b8000370e0b00000000xxxxxxxx
[roo@xen-host-1 ~]# service iscsid start
[roo@xen-host-1 ~]# service iscsi start
[roo@xen-host-1 ~]# chkconfig iscsid on
[roo@xen-host-1 ~]# chkconfig iscsi on
[roo@xen-host-1 ~]# iscsiadm -m discovery -t st -p 192.168.xxx.xxx
[roo@xen-host-1 ~]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.1994-05.com.redhat:d0e7f7xxxxx
Download RDAC driver from : http://www.lsi.com/rdac/ds3000.html
Install glibc & kernel headers and devel files
[roo@xen-host-1 ~]# yum install glibc-devel.x86_64 glibc-headers.x86_64 kernel-xen-devel.x86_64 kernel-headers.x86_64 kernel-devel.x86_64 gcc-4.1.2-44.el5
[roo@xen-host-1 ~]# mkdir -p /root/software && cd /root/software
[roo@xen-host-1 ~]# wget http://www.lsi.com/rdac/rdac-LINUX-09.03.0C05.0030-source.tar.gz
[roo@xen-host-1 ~]# tar -xzvf rdac-LINUX-09.03.0C05.0030-source.tar.gz
[roo@xen-host-1 ~]# cd linuxrdac-09.03.0C05.0030
[roo@xen-host-1 ~]# make && make install
Checking Host Adapter Configuration…
iSCSI software initiator found. Do you want MPP to manage an iSCSI storage
array?
Do you want to continue (yes or no) ? y
Wait while we modify the system configuration files.
Your kernel version is 2.6.18-92.el5
Preparing to install MPP driver against this kernel version…
Generating module dependencies…
Creating new MPP initrd image…
Edit your bootlolader config :
title CentOS_XEN_MPP (2.6.18-128.el5xen) with MPP support
root (hd0,0)
kernel /boot/xen.gz-2.6.18-128.el5 dom0_mem=512M
module /boot/vmlinuz-2.6.18-128.el5xen ro root=LABEL=/
module /boot/mpp-2.6.18-128.el5xen.img
[roo@xen-host-1 ~]# chkconfig iscsi on
Have configured a Hostgroup, Hosts, LogicalDrives and Host access ? OK reboot now !
[roo@xen-host-1 ~]# ls -lR /proc/mpp
/proc/mpp/:
insgesamt 0
dr-xr-xr-x 4 root root 0 10. Jul 12:49 DS3300
/proc/mpp/DS3300:
insgesamt 0
dr-xr-xr-x 4 root root 0 10. Jul 12:49 controllerA
dr-xr-xr-x 4 root root 0 10. Jul 12:49 controllerB
-rw-r–r– 1 root root 0 10. Jul 12:49 virtualLun0
-rw-r–r– 1 root root 0 10. Jul 12:49 virtualLun1
/proc/mpp/DS3300/controllerA:
insgesamt 0
dr-xr-xr-x 2 root root 0 10. Jul 12:49 iscsi_tcp_h4c0t0
dr-xr-xr-x 2 root root 0 10. Jul 12:49 iscsi_tcp_h5c0t0
/proc/mpp/DS3300/controllerA/iscsi_tcp_h4c0t0:
insgesamt 0
-rw-r–r– 1 root root 0 10. Jul 12:49 LUN0
-rw-r–r– 1 root root 0 10. Jul 12:49 LUN1
/proc/mpp/DS3300/controllerA/iscsi_tcp_h5c0t0:
insgesamt 0
-rw-r–r– 1 root root 0 10. Jul 12:49 LUN0
-rw-r–r– 1 root root 0 10. Jul 12:49 LUN1
/proc/mpp/DS3300/controllerB:
insgesamt 0
dr-xr-xr-x 2 root root 0 10. Jul 12:49 iscsi_tcp_h3c0t0
dr-xr-xr-x 2 root root 0 10. Jul 12:49 iscsi_tcp_h6c0t0
/proc/mpp/DS3300/controllerB/iscsi_tcp_h3c0t0:
insgesamt 0
-rw-r–r– 1 root root 0 10. Jul 12:49 LUN0
-rw-r–r– 1 root root 0 10. Jul 12:49 LUN1
/proc/mpp/DS3300/controllerB/iscsi_tcp_h6c0t0:
insgesamt 0
-rw-r–r– 1 root root 0 10. Jul 12:49 LUN0
-rw-r–r– 1 root root 0 10. Jul 12:49 LUN1
As you can see i have configured 2 logical drives.
[roo@xen-host-1 ~]# fdisk -l
Disk /dev/sdc: 214.7 GByte, 214748364800 Byte
255 heads, 63 sectors/track, 26108 cylinders
Units = cylinders of 16065 × 512 = 8225280 Bytes
Disk /dev/sdc doesn’t contain a valid partition table
Disk /dev/sdd: 322.1 GByte, 322122547200 Byte
255 heads, 63 sectors/track, 39162 cylinders
Units = cylinders of 16065 × 512 = 8225280 Bytes
Disk /dev/sdd doesn’t contain a valid partition table
In Part 2 we will install the guest OS.
Foundry FastIron FLS-624 & FLS648
!
sflow enable
sflow sample 2048 <– global sample value – used if not specified at interface
sflow polling-interval 0 <– dont poll the interfaces for snmp stats
sflow destination 10.20.30.1 2323
!
interface ethernet 0/1/22
port-name Customer_024415
speed-duplex 100-full
sflow-forwarding
sflow sample 1024
!
interface ethernet 0/1/48
port-name Juniper_M7i_ge-1-0-0
sflow-forwarding
!
telnet@sw-23-lab>show sflow
sFlow services are enabled.
sFlow agent IP address: 10.20.30.22
Collector IP 10.20.30.1, UDP 2323
Polling interval is 0 seconds.
Configured default sampling rate: 1 per 2048 packets.
Actual default sampling rate: 1 per 2048 packets.
106530 UDP packets exported
742341 sFlow samples collected.
sFlow ports: ethe 0/1/22 ethe ethe 0/1/48
Module Sampling Rates
———————
Port Sampling Rates
——————-
Port=0/1/22, configured rate=1024, actual rate=1024
Port=0/1/48, configured rate=2048, actual rate=2048
