cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
328
Views
3
Helpful
6
Replies

2950 strange behavior?

Hi all,

I cannot figure out why a new Cat2950-24 suddenly switches to rommon mode a few minutes after boot and renames all the three config files (config.text, private-config.text and vlan.dat) in config.text.renamed and so on.

Bug toolkit doesn't help.

It has to be some undocumented security feature beacuse swapping the unit doesn't fix the problem, after a few minutes it happens again.

Someone can point me to a link or something like that?

Tnx,

Max.

6 Replies 6

Edison Ortiz
Hall of Fame
Hall of Fame

What's the configuration register set to ?

You can find out by issuing a SH VER.

It should be set to 0x2102

Please rate helpful posts.

Thanks

Hi Edison,

maybe you need the exact cronology of the events:

the switch is a very new one, after a few days from the installation the customer called me "please run, the switch is showing all the leds orange and no host connected to it is working!", when I was there i saw the switch was in rommon mode, I then reloaded the unit which started to ask me for the initial config, after reloaded the original config the switch worked for a few minutes then it came out again with all the orange leds and the rommon issue.

"ok, this unit is broken, let's swap it with a brand new one", but the story repeated exactly the same way.

After an accurate check I saw that both the switches had in their flashes the config files renamed with a .renamed added at the end of the original name.

I saw also that a host, that was added immediatly before the first crash, was accidentaly connected to a port belonging to a wrong vlan, fixed that, the switch started to work again.

Now, providing that i'm not sure i faced the real issue or it was just fate, I'd like to know why a host connected to a wrong port can trigger a behavior like that.

The switch in object is part of a vtp domain, where the server is a cat3750, it has some trunk ports in desirable mode and has no other special configs.

However the logging system was down at that moment and i have no logging info to share.

Tnx,

Max.

gpulos
Level 8
Level 8

not sure of a bug on this or a security feature.

perhaps an IOS upgrade/downgrade could help allieviate the issue.

does the switch boot up to full operation and then a few minutes after operating normally, it goes into rommon? if so, the device needs to perform a reboot to get to rommon if it is already operating normally.

For sure it performs a reboot, maybe you agree that a bug that changes the names of the config files into the flash memory and then reboots the switch is a very strange one.

Bye,

Max.

Very strange, indeed. Never seen that happening. I bet with logging enabled, we should be able to determine what took place.

I agree, it simply sound crazy!!!

It seems that someone was playing with the configs, but there are dozen of switches at the same site, all of them with the same passwords, why this one only, and why no more jokes since then?

More, it had to be a cisco expert, in fact there is a cisco document that suggest to backup and rename the file config.txt in config.txt.renamed prior to upgrade a switch using the archive command.

Last, after the renaming of the config files at the next boot the switch should boot regularly from ios, not rommon.

I'll let you know if i have any new hints.

Tnx,

Max.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco