LMS 3.2 on Solaris 10 - Cannot tftp vlan.dat to server

Unanswered Question
Sep 2nd, 2010

Hi All,

I've read several posts and could not find one that would resolve my issue.

I get the partially successful on several switches. I understand that is because of LMS not being able to tftp vlan.dat back to server.

I tried it directly on a switch and the transfer only works if the filename is already created in the tftp directory. Is there a way to change that?

Thanks

Jose Ribeiro

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joe Clarke Thu, 09/02/2010 - 22:46

No, that is how most TFTP servers work.  LMS will take care of doing this for you.  If the archive fails there must be some other problem.  Enable ArchiveMgmt Service debugging under RME > Admin > System Preferences > Application Level Settings, reproduce the problem, then post the dcmaservice.log.

josefribeiro Fri, 09/03/2010 - 09:58

Hi Joseph,

Thanks for your reply. Please find attached the compressed dcmaservice.log file.


Some reference information: I created job 1159 to archive sync one switch - ip address 10.86.194.67. The device is fully accessible to LMS both via SNMP and SSH.

I also upgraded RME from 4.3.0 to 4.3.1.

Thanks,

Jose

Joe Clarke Sun, 09/05/2010 - 00:29

RME is trying to copy the vlan.dat to 10.86.195.31.  Is this the correct IP of the RME server?  The copy appears to timeout (i.e. it's not a permissions problem).

josefribeiro Tue, 09/07/2010 - 05:57

Hi Joseph,

Thanks for your reply.

Reading other posts I found out about the Natted IP option and configured it on the server. The number of "Partially Successful" devices decreased but did not clear.

Here's a message I get from one of them:

*** Device Details for ctspotdcemsw302 ***
Protocol ==> Unknown / Not Applicable
Selected Protocols with order ==> SSH,Telnet,TFTP
Execution Result:
CM0062 Polling ctspotdcemsw302 for changes to  configuration.
CM0065 No change in PRIMARY STARTUP config, config  fetch not required
CM0065 No change in PRIMARY RUNNING config, config  fetch not required
CM00 Polling not supported on VLAN RUNNING config,  defaulting to fetch.
VLAN
CM0151 VLAN RUNNING Config fetch failed for  ctspotdcemsw302 Cause: Command failedTELNET: Failed to establish TELNET  connection to 10.86.109.3 - Cause: Connection refused.
VLAN Config fetch is not supported using TFTP.
Action: Check if protocol is supported by device and  required device package is installed. Check device credentials. Increase timeout  value, if required.

The device above is a 6509-E running s72033-entservicesk9_wan-mz.122-18.SXF1.bin in full IOS mode.

I noticed the device doesn't have a vlan.dat file saved on its flash.

Thanks,

Jose

josefribeiro Tue, 09/07/2010 - 06:10

An update Joseph,

I found a vlan.dat file on the following filesystem:

Directory of const_nvram:/

    1  -rw-        2184                      vlan.dat

129004 bytes total (126820 bytes free)

Thanks,

Jose

Joe Clarke Tue, 09/07/2010 - 21:35

The problem here is that RME is unable to telnet to this switch.  RME needs to be able to login to the switch via either telnet or SSH to fetch the vlan.dat.  Make sure that telnet or SSH is allowed, and verify the credentials in DCR for this switch.

josefribeiro Wed, 09/08/2010 - 07:14

Hi Joseph,

The ciscoworks server has full access to the switch as per below. Neither access nor credentials seem to be the issue here.

I've read a few posts where it was stated the need to create a 'dummy' vlan.dat file so that the device would not show as partially successful on the RME job. Is this the case here? If so this is a very strange solution.

Thanks,

Jose

-bash-3.00$ ssh ciscoworks@10.86.109.3
ciscoworks@10.86.109.3's password:
CC
WARNING: This system is for authorized use only. Any or all access to or
uses of this system may be monitored and recorded and subject to audit.
Use of this system is expressed consent to such monitoring and recording.
Unauthorized or improper use of this system is prohibited and is subject
to criminal and civil penalties.

ctspotdcemsw302>ena
Password:
ctspotdcemsw302#
ctspotdcemsw302#sh ver
Cisco Internetwork Operating System Software
IOS (tm) s72033_rp Software (s72033_rp-ENTSERVICESK9_WAN-M), Version 12.2(18)SXF1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Tue 20-Dec-05 19:11 by kellmill
Image text-base: 0x40101040, data-base: 0x42D60000

ROM: System Bootstrap, Version 12.2(17r)S2, RELEASE SOFTWARE (fc1)
BOOTLDR: s72033_rp Software (s72033_rp-ENTSERVICESK9_WAN-M), Version 12.2(18)SXF1, RELEASE SOFTWARE (fc1)

ctspotdcemsw302 uptime is 3 years, 28 weeks, 3 hours, 16 minutes
Time since ctspotdcemsw302 switched to active is 3 years, 28 weeks, 3 hours, 35 minutes
System returned to ROM by  power cycle at 17:32:48 UTC Wed Jan 11 2006 (SP by power on)
System restarted at 05:35:07 EST Sun Feb 25 2007
System image file is "disk0:/s72033-entservicesk9_wan-mz.122-18.SXF1.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco WS-C6509-E (R7000) processor (revision 1.1) with 458720K/65536K bytes of memory.
Processor board ID SMG0832N2ZV
SR71000 CPU at 600Mhz, Implementation 0x504, Rev 1.2, 512KB L2 Cache
Last reset from power-on
SuperLAT software (copyright 1990 by Meridian Technology Corp).
X.25 software, Version 3.0.0.
Bridging software.
TN3270 Emulation software.
15 Virtual Ethernet/IEEE 802.3 interfaces
266 Gigabit Ethernet/IEEE 802.3 interfaces
1917K bytes of non-volatile configuration memory.
8192K bytes of packet buffer memory.

65536K bytes of Flash internal SIMM (Sector size 512K).
Configuration register is 0x2102

ctspotdcemsw302#exit
Connection to 10.86.109.3 closed by remote host.
Connection to 10.86.109.3 closed.
-bash-3.00$

Joe Clarke Sat, 09/11/2010 - 17:48

The error is very clear: RME cannot telnet to this switch.  It's trying to connect on tcp/23, and the switch is refusing the connection.  You should be able to see that in a sniffer trace.  If SSH is supposed to be used to connect to this switch, make sure SSH is present in the Config Fetch protocol order at RME > Admin > Config Mgmt > Transport Settings.

Actions

This Discussion