The Ultimate Guide to Choosing WordPress Pros and Cons
At8000 s configuracao de gerenciamento
1. Management &
Configuration
AT – 8000S
Marvell Confidential
2. Agenda
• AT - 8000S CLI
– CLI structure
– Displaying System Information
– File Management
• AT - 8000S Telnet
• AT - 8000S Web Server (EWS)
• AT - 8000S SNMP
• AT - 8000S Secure Management
Marvell Confidential
3. Configuration and Management
Tools
• There are several option to connect and manage
the AT - 8000S devices:
– CLI
– Telnet
– EWS
– SNMP
• Device can be managed:
– Either using a local terminal via the serial port of the
device
– Or remotely via a management station on the network
(using telnet; EWS or SNMP)
Marvell Confidential
5. AT - 8000S CLI
• The Command-Line Interface (CLI or LCLI) on the AT -
8000S device is used to control and define the device’s
parameters and configuration.
• The CLI is hierarchically and modularly structured. This
way the user has better control and insight into the various
commands and levels of configuration
• The CLI module is “Pyramid” shaped in which command
interfaces start from the more general configuration/
commands and go down to the more specific ones.
• To achieve this, the commands are divided into several
“command blocks” (or command modes).
• Each command mode has its own set of specific
commands. The available commands depend on the mode.
Marvell Confidential
6. Command Modes
• Example of command modes: EXEC; Global Configuration;
Ethernet interface; Port channel interface; VLAN database
etc…
• Example of the mode access sequence:
– User EXEC Mode;
– Privileged EXEC Mode,
– Global Configuration Mode,
– Interface Configuration Mode.
Marvell Confidential
7. Command Modes access
• To enter a certain Command Mode user must use a specific
command or command line.
• To exit a certain command mode user can either type “exit”
or press the CTRL+Z.
• To exit the configuration mode completely type “end”.
Marvell Confidential
8. Command Modes – Command View
• Each mode will allow user to enter only commands relevant
for that mode.
• Typing “?” in each mode will list all the commands relevant
for that mode.
• Due to the pyramid structure of the CLI, user may have to
“move up” the pyramid and then “down again” to navigate
from one context to another unrelated context.
• AT - 8000S devices support the “do” command which
enables user to enter EXEC mode commands from any
configuration mode
– Relevant mostly for “show” commands to check configuration
“on the fly”.
Marvell Confidential
11. CLI - Command Help
• At any stage of the command, user can type the “?’ key and
device will display the list of parameters or keywords the
user can enter next.
• If error message is received – this is an indication that user
console(config)# interface or parameter
entered an invalid keyword
ethernet IEEE 802.3 Ethernet port
port-channel IEEE 802.3 Link Aggregation interface
range Select range of interfaces to configure
vlan Configure an IEEE 802.1 VLAN
console(config)# interface lala
% Unrecognized command
Marvell Confidential
12. CLI - Command Completion
• User can use the “tab” key to complete keywords.
• If a keyword is unique – it is enough to type in the first
letters of the keyword instead of typing in the full word.
console(config)# inter [tab]
console(config)# interface
Marvell Confidential
13. CLI – “do” Command
• The “do” command Allows the user to use User EXEC
mode from any configuration mode context
• Useful to check device setting while performing
configuration
Marvell Confidential
14. CLI – “do” Command
console# show vlan tag 2
Vlan Name Ports Type Authorization
---- ----------------- --------------------------- ------------ -------------
2 2 permanent Required
console# con
console(config)# interface ethernet 1/e1
console(config-if)# switchport access vlan 2
console(config-if)# show vlan tag 2
% Unrecognized command
console(config-if)# do show vlan tag 2
Vlan Name Ports Type Authorization
---- ----------------- --------------------------- ------------ -------------
2 2 1/e1 permanent Required
console(config-if)#
Marvell Confidential
15. CLI – Cut & Paste
• AT - 8000S devices Support copy / paste of text files.
• The number of lines, which can be copied into the CLI, is
1000.
• The feature is implemented as support for “fast data entry”.
• Commands in the configuration file are entered in
“configuration mode”.
Marvell Confidential
16. AT - 8000S
Displaying System
Information
Marvell Confidential
17. Display the system information
• Use the following EXEC Mode command to display system
information:
show system
console# show system
System Description: Ethernet Switch
System Up Time (days,hour:min:sec): 0,00:03:30
System Contact:
System Name:
System Location:
System MAC Address: 00:00:b0:00:00:00
System Object ID: 1.3.6.1.4.1.89.1.1.3955…..
Main Power Supply Status: OK
Sensor Temperature (Celsius) Status
------------------------ ------------------------ ------------------------
Marvell Confidential
19. The Flash
• The file system supports dynamic creation and deletion of
files.
• All the files are stored in the device flash memory
• All access to the flash will be done through the file system
interface
• The flash is divided to two major sections: static and dynamic
Marvell Confidential
20. Software images
• There are two images that stored in the flash memory, the
files are called image-1 and image-2.
• Only one image is used during boot, the user can choose
the image that will be used by the command:
Boot system image {number}
• To check what is the active image use the command:
Show bootvar
console# show bootvar
Images currently available on the FLASH
image-1 active (selected for next boot)
image-2 not active
Marvell Confidential
21. The Flash
• The static section includes the booton & boot sectors. This
sections is “invisible” to the file system. However, the boot
code will allow the file system to use its resources when
decompressing the application image file
• The dynamic section will include the rest of the flash:
– 2 image files
– all other files defined by core module. This section is fully controlled by the
file system (syslog, configuration files etc)
Marvell Confidential
22. Configuration Files
• AT - 8000S supports 3 types of configuration files.
• Running configuration file – the active configuration, stored
in the RAM.
• Startup configuration file – kept in the flash. Used whenever
the system reboots.
• Backup configuration file.
• Factory default configuration - if no configuration file is
available upon the system boot, this is the default settings
of the system
– These default setting will not appear when using the
Marvell Confidential
“show running” or “show startup” commands
23. Copying a File – Basic Command
• Use the following EXEC mode command format to copy a file
from a source to a destination:
copy source-url destination-url
• The source and destination url parameter can be a valid url
or reserved keyword (like boot, image, unit, startup-config,
running config etc)
Marvell Confidential
24. Copy Command - Source Options (1)
Keyword Source
Running-config Copy from the current running configuration file - Only to another
configuration file, or to a TFTP server.
Example: #copy running-config startup-config
Startup-config Copy from the startup configuration file – only to another
configuration file, or to a TFTP server.
Example: #copy startup-config tftp://10.0.0.2/saved_cfg
Image Copy from the active software image file – to a TFTP server.
Examples: #copy image tftp://10.0.0.6/saved-image
Boot Copy from the device’s BOOT file - Only to a TFTP server
Examples: #copy boot tftp://10.0.0.6/saved-boot-image
Marvell Confidential
25. Copy Command - Source Options (2)
Keyword Source
Tftp:// Source URL (tftp://ip address/filename) for a file on a
TFTP network server from which to download (configuration,
image or boot file)
Examples:
#copy tftp://10.1.2.3/saved-config startup-config
#copy tftp://10.4.5.6/file.dos image
#copy tftp://10.7.8.9/boot.rfb boot
Xmodem Copy a software image or boot-image file from a serial
connection that uses the Xmodem protocol
Example: #copy xmodem: image
WORD URL prefixes
Marvell Confidential
26. Copy Command - Destination Options (1)
Keyword Source
Running-config Copy into (merge with) the current running configuration
file from a TFTP server
Example: #copy tftp://10.0.0.9/commands-file running-
config
Note: when copying to running-config, existing running config
remains and copied configuration is added. The new running
config is a combination of both In case of contradiction in
configuration – error will appear.
Startup-config Copy to the startup configuration file - Only from another
configuration file, or a TFTP server.
Example: #copy running-config startup-config
Note: When copying to startup-config The previous startup-
config is erased completely and only the new file is the
startup -config
Marvell Confidential
27. Copy Command - Destination Options (2)
Keyword Source
Image Copy to the non-active software image file – from xmodem or
a TFTP server.
#copy tftp://10.1.2.3/file.ros image
Note when copying to device image – in order to run the new
image, active image has to be changed (“show bootvar”
and then “boot system image-x” command) and then
system rebooted
Boot Copy to the device’s BOOT file - Only from TFTP server or
xmodem
Examples: #copy tftp://10.1.2.3/boot.rfb boot
Null: Copy to null destination (do the copy, discard any result)
Example: #copy tftp://10.0.1.1 null:
Tftp:// Destination URL (tftp://ip address/filename) to upload to a
file (config, image or boot) to a TFTP network server
Example: #copy image tftp://10.1.2.3/saved-image-file
WORD URL prefixes
Marvell Confidential
28. Invalid Combinations
• The source file and destination file cannot be the same
file.
• xmodem: can’t be a destination.
• tftp: can’t be both source and destination.
Marvell Confidential
29. Flash File – Additional CLI Commands
• Use the following Privileged EXEC mode command to copy
from a backup file on flash to destination file:
Copy flash://filename destination-file
• Use the following Privileged EXEC mode command to copy
from a source file to backup file on flash:
Copy source-file flash://filename
Marvell Confidential
31. Copy character description
• ! For transfers, an exclamation mark indicates that the copy process
is taking place. Each exclamation mark indicates the successful
transfer of ten packets (512 bytes each).
• . For network transfers, a period indicates that the copy process is
timed out. Many periods in a row typically mean that the copy process
may fail.
• E An uppercase E indicates an error. The copy process may fail.
Marvell Confidential
32. Examples
• Copying an Image from a Server to Device
• The following example copies a system image named image-10022.ros
from the TFTP server with an IP address of 172.16.101.101 to non active
image file.
console# copy tftp://172.16.101.101/image-10022.ros image
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!
Copy: XXXXX bytes copied in XX:XX:XX [hh:mm:ss]
Marvell Confidential
33. Running Device with New Image
• Note!!! To run a device (or unit) using the new downloaded image -
select the non-active image (the one to which the image was
downloaded) as the image for next boot – and then reboot.
• To view which image is currently inactive use command:
show bootvar
Console# show bootvar
Images currently available on the FLASH
image-1 active (selected for next boot)
image-2 not active
Marvell Confidential
34. Running Device with New Image
• To specify the system image for the device to load at next
startup, use the boot system Privileged EXEC command:
boot system { image-1 | image-2 }
Console# boot system image-2
Marvell Confidential
35. Other Commands
• To delete the startup-config file, use the following privileged EXEC
command:
delete startup-config
• Show commands
– show running-config
– show startup-config
Marvell Confidential
37. Telnet
• The user can connect to the device via telnet and work as if
working via the terminal.
• The user must configure a user name and password in order to be
able to connect via telnet
• To allow full configuration capabilities, level must be set to 15.
• Level 1 allows only limited device view and configuration.
console> enable
console# configure
console(config)# username myuser password mypassword level 15
console(config)#
Marvell Confidential
39. Embedded Web Server (EWS)
• The user can connect and mange the device via the
Embedded Web Server.
• The EWS allows the user to control and monitor the device
using a GUI interface.
• To allow EWS management an IP has to be configured on
one of the devices interfaces (Ethernet port or VLAN).
• User must verify that HTTP server is enabled on the device
(default is enabled)
• In addition, a username and password must be created with
access level of 15
Marvell Confidential
40. EWS Configuration Example
console(config)# ip http server
console(config)# username George password Washington level 15
console(config)# interface vlan 1
console(config-if)# ip address 10.8.7.9 /24
console(config-if)# exit
console(config)# ip default-gateway 10.8.7.10
console(config)#
Default gateway is needed if management station is located in
a remote network
Marvell Confidential
42. Defining SNMP Settings
• Simple Network Management Protocol (SNMP) provides a
method for managing network devices. Devices supporting
SNMP run a local agent.
• The SNMP agents maintain a list of variables, which are
used to manage the device. The variables are defined in the
Management Information Base (MIB).
• The MIB presents the variables controlled by the agent. The
SNMP agent defines the MIB specification format, as well as
the format used to access the information over the network.
Marvell Confidential
43. AT - 8000S
Secure Management
Marvell Confidential
44. Secure Management Options
• The Secure Shell (SSH) protocol provides encrypted and
strongly authenticated remote login sessions, similar to the
Telnet protocol, between a device running a Secure Shell
server and a host (PC) with a Secure Shell client.
• The Secure Socket Layer (SSL) has been universally
accepted on the World Wide Web for authenticated and
encrypted communication between clients and servers
applications. Therefore, SSL allows secure management of
the networking devices via the standard WEB browser.
Marvell Confidential
45. How does SSH Tunneling work?
Insecure
App 23
Telnet Telnetd
Loopback I/F
Loopback I/F
Network I/F
Network I/F
Client Router
This telnet connection is transmitted in the clear – data and passwords
are insecure! 23
Loopback I/F
Loopback I/F
Network I/F
Network I/F
Client Router
Secure SSHd
2023 SSH App 22 App
Set up SSH port forwarding from the client to the server
App Telnet Telnetd 23
Loopback I/F
Loopback I/F
Network I/F
Network I/F
Trnamitted!
Trnamitted!
Never
Never
Client Router
Secure SSHd
2023 SSH App 22 App
The result – a secure connection!
Marvell Confidential
46. SSL/TLS
Not Secure
secure
HTTP
HTTP TLS
TCP TCP
IP IP
Marvell Confidential