MDS 9124 -- Limited Command Set?

Similar Messages

• Best Practices for multi-switch MDS 9124 Impelementations

  Hi,
  I was wondering if anyone had any links to best-practices guides, or any experience, building mutli-swtich fabrics with the Cisco MDS 9124 or similar (small) switches? I've read most of the FibreChannel books out there and they all seem pretty heavy on theory and FibreChannel protocol operations but lack when it comes to real-world deployment scenarios. Something akin to the Case Studies sections a lot of the CCIE literature has, but anything would be appreciated.
  Regards,
  Meredith Shaebanyan

  Hi Meridith
  www.Whitepapers.zdnet.com has links to good reading. It has links to items like:
  http://www.vmware.com/pdf/esx_san_cfg_technote.pdf is probably a typical SAN environment these days. It's basic and just put your 9124's in where the switches are.
  http://www.sun.com/bigadmin/features/hub_articles/san_fundamentals.pdf is for bigger SANs such as DR, etc.
  Things to consider with 9124's are:
  They can break so keep a good current backup on a tftp/ftp/scp server.
  Consider that if you have all the ports used, the two 8 port licences are not going to work on a replacement switch as they are bound to your hostid. The vendor that sold the switch should be able to get replacements quickly but you will lose time with them.
  Know exactly what the snmpserver command does as if you have your 9124 replaced and you load your backup config and you use Fabric Manager, it won't be able to manage the 9124 unless you change the admin password with snmpserver.
  9124/9134's don't have enough Buffer Credits to expand beyond about 10 km.
  Any ISL's used between switches should always be at least two and use Port Channels where possible.
  The 9124 or 9124e or 9134 are great value based switches. I keep a spare for training and emergencies. We use them in a core/edge solution and I am very satisfied with them. I have only had one failure with Cisco switches in the last 5 years and it was a 9140 that sat around for far too long doing nothing. The spare meant we were up and running in 30 minutes from the time we noticed the failure and got to the data centre. As there were two paths, no one actually noticed anything. My management system alerted me.
  Remember to make absolutely sure that any servers attached to the SAN have multipathing software. The storage array vendors (HDS, EMC, etc) can sell you the software such as HDLM or Powerpath. You can use an independent solution such as Veritas DMP. Just don't forget to use it.
  Follow the guidelines in the two documents and get some training as the MDS training is very good indeed. 5 days training and you will be confident about what to do in any sized SAN including Brocade and McData.
  A small SAN is just as satisfying as a large one. If in doubt, get a consultant to tell you what to do.
  Is that what you was after? I hope it was not too simple.
  Stephen

• Disable logging of "show running-config" on MDS 9124

  After our MDS 9124 was upgraded from 3.1 to 4.2, it now logs in the config whenever a "show running-config" is done. This has somewhat become an issue because we use Cat Tools to backup our configs so when it logs in, it does a "show running-config" which then triggers the config to be updated which Cat Tools sees as a change and backs up the config everyday because of this. Very annoying.
  Anyway to disable this? Here is what the lines look like in the config:
  !Command: show running-config
  !Time: Mon Jan  4 07:04:03 2010

  I was not able to find a way to disable and I couldn't find anything in CatTools (our version is a couple years old) to exclude checking certain lines. So for now the configs get backed up everyday. I'll probably update CatTools and contact Solarwinds to see if there is a way to customize the backup script.

• SNMP v3 noAuthNoPriv for MDS 9124

  Hi all,
  I am testing against an MDS 9124 at 3.2(3a), and have not been able to communicate to the switch using SNMP v3 noAuthNoPriv. I have configured an SNMP user with noAuthNoPriv as a member of the network-admin group, using the following command:
  snmp-server user test_1 network-admin
  All attempts to query the switch with this user result in an authorization failure.
  Any ideas on what I am missing in the configuration?
  Thank you!
  --andrea

  Andrea,
  The MDS has 2 logins types that should automatically sync with each other. If you create a CLI user (for telnet and SSH), that same user should be generated for SNMP V3 access (Fabric and Device Manager). If you want to generate an SNMP user called test_1 and provide network-admin role, the command is something like this. (I don't have access to MDS at the moment due to a lab move so I can not confirm the exact command.)
  snmp-server user test_1 role network-admin
  You need to provide the password, and specify that role is network-admin. As you enter the command, you can use the ? to see what the next possible parameter might be. IE: 'snmp-server user test_1 ?' should show you that the next entry might be the password.
  Once entered, if you enter the command 'show snmp users' you should see test_1 appear like the admin user and both should show network-admin.
  Also as a result of the snmp-server user being created, a CLI user should be created with the same password and role. This is seen with the 'show user-account' display command.
  Hope this helps,
  Mike

• ACS 5.3 Shell Command Set

  Hi all,
  Currently i deploy a ACS 5.3 at customer site. The issue i face currently is some command sets no able to deny. Example like below:
  i want to deny the AD user with priviledge level 15 to change the enable secret password and delete the enable secret password.
  the command i issue at below:
  deny enable secret -> working
  deny no enable secret  -> no working
  Anyone got idea to make the no working argument become working?

  Hi there,
  I just did a test in my ACS using your requirements and it worked fine, check below my configuration it may help you:
  I am using the following AAA commands:
  Switch(config)#do sh run | i aaa
  aaa new-model
  aaa authentication login default group tacacs+ local
  aaa authorization config-commands
  aaa authorization exec default group tacacs+ local
  aaa authorization commands 0 default group tacacs+ if-authenticated
  aaa authorization commands 1 default group tacacs+ if-authenticated
  aaa authorization commands 15 default group tacacs+ if-authenticated
  aaa session-id common
  Switch(config)#
  Rate if it helps!

• What IOS command similar to catos command 'set port vtp X disable'

  Hi,
  Does anyone know if a similar command of catos command 'set port vtp X disable' exists in native IOS (12.1E or 12.2SX) on cat6500?
  We still can play in native IOS with VTP pruning, transparent mode but it seems that we can no more disable VTP on a particular port/interface.
  Many thanks.
  Regards/Ludovic.

  While one may not be able to disable VTP directly, I would think you could use a MAC ACL against the VTP MAC address of 01-00-0C-CC-CC-CC. (See http://www.cisco.com/en/US/partner/tech/tk389/tk689/technologies_tech_note09186a0080094c52.shtml for details on how that addressing works.)
  See http://www.cisco.com/en/US/partner/products/hw/switches/ps708/products_configuration_guide_chapter09186a00801679f8.html#wp1359352 for details on the command syntax.
  Hope this helps. Please rate helpful posts.

• Is there limitation in setting aging rule?

  Hi.
  In our project(using iMS 5.1),
  Our customer want to setting the aging rule
  about 10,000 aging policy(per user and user folder)
  Is there limitation in setting aging rules?
  How man aging rule is recommanded?
  Regards,
  Heungdeok Yoon.

  By aging rule do you mean expiration rule ?
  If that be carefull, the release notes says:
  Use of expiration rule could cause you to unintentionally delete messages. (400343)
  A problem exists with the attribute store.expirerule.name.foldername.folderpattern.
  Expiration rules that include this attribute will select folders outside the criteria you specify. This could create serious problems, including the unintentional deletion of messages. Therefore, do not use this attribute to limit a folder selection.
  I expect to have been of help

• Custom command set problems

  Hi,
  I am having some problems with my custom Avid based command set.
  I have had the "A" and "S" keys assigned to "Go to prev/next edit" to simulate Avid but want to change it to "Up" and "Down" which does pretty much the same in the timeline but allows me to go to next/previous clip in the list view as well.
  The problem is that every time I try to assign the "Down" command to the "S" key the .commandset file gets corrupt and the next time I start fcpx it freezes at "Restoring the window layout".
  I can assign it if I make a completely new command set.
  Can anyone see if they can recreate this? My commandset file can be downloaded here: http://dl.dropbox.com/u/6196177/Avid.commandset
  I have a norwegian keyboard if that matters...
  Thanks!

  OK, then it has do be something specific with my command set. I've recreated my problem several times: Start fcpx, works fine, quit, take backup of preferences file. Start fcpx again, works fine, switch to custom command set, works fine, quit, restart of app fails... revert to backed up preferences file, works fine...
  What could it be in my command set then? I've tried recreating the setup I use in Avid. The thing is that it works just fine until I quit and restart the app... Really annoying!
  Thanks for your answer though!

• I have an "Command set ID" with value "A" in SPAD tansx with com. to transf

  Hello
  Does anyone knows how a device in "spad" transaction functions (in Unix)
  Under Access method"L:Print Locally Using LP/LPR") I have an Command set ID with value "A" .
  Under mentioned "command set" I have :
  "command to transfer data " set to " /usr/bin/cat &F >/usr/sap/planning/REMINDER&N.txt". What does that means.
  Does it mean any printout is copied to "/usr/sap/planning/REMINDER&N.txt" file? Also corrupted (not finished...) ones?
  what is the name of file under "/usr/bin/cat ". Is it always the same? is it copied in same format (what
  "&F >/" means?)?
  Thx in advance

  Hai,
  Command set id option in SAP helps to override the DEFAULT SAP parameter for the command that a print program should use to have a host spooler perform an output request.
  Default parameter is  rspo/host_spool/print.
  You can specifically give a command to your printer through this option, COMMAND SET ID.
  Here " /usr/bin/cat &F >/usr/sap/planning/REMINDER&N.txt" is the command which helps thr spooler to direct your output.
  /usr/bin -- is the directory under which it has all the commands for UNIX.
  /usr/bin/cat -- where 'cat' is a command, cat command reads one or more files and prints them to standard output. The operator > can be used to combine multiple files into one.
  &F Name of the file to be printed (with path specification).
  /usr/sap/planning/REMINDER&N.txt  -- is where you can find your output.
  You can even use /usr/bin/cp instead of usr/bin/cat here the former command copies to another file after the &F option.
  You can use any type of commands, please check the below link.
  Also you can use this command set option for Null printers were you dont need the printouts but only the spool. Here you can set the command as 'cp &F /dev/null' were the output is redireted to /dev/null path at the OS level.
  http://help.sap.com/saphelp_nw04/helpdata/EN/d9/4a8eb751ea11d189570000e829fbbd/frameset.htm
  Regards,
  Yoganand.V

• Command Sets not working on ACS 5.1

  I'm running ACS 5-1-0-44-3.
  I have everything running properly on ACS 5.1.  I'd like to implement command sets for selected users and groups.  Under Access Policies -> Device Admin-> Authorization I have Command Sets selected.  The cisco provided is DenyAllCommands.  I have this command set running on all groups and every groups is still able to issue any command they wish.  I've also created a "show_only" command set that I've issued one group and they are still able to do conf t or any other command.
  Am I missing something?
  Do you need to reference the command set name under the shell profiles?
  Its my understanding that all you have to do is reference it in "Authorization" in the rules under Device Admin.
  I can understand a custom command set not working because of user error but DenyAllCommands should work.
  Anyone have any ideas?
  I have already re-patched the ACS
  Stopped and started services.
  And it seems like Command Sets is the only not referenced in the logs

  I do it a lot 
  could you paste screnshot of your command set?
  I've recently met another issue,
  with my command set definition as below (as you can see its very simple):
  almost every show is blocked (as suspected) but not "show run" (which is strange for me)

• Create port channel between UCS-FI and MDS 9124 (F Mode)

  Dear Team,
  We were trying to create  port channel between UCS FI and MDS 9124
  But the port channel not getting active in F mode on MDS 9124
  FI is in FC End Host Mode
  We have enabled FC uplink trunking on FI
  We have enabled NPIV on MDS
  We have enabled trunk on MDS
  FI and MDS in default VSAN
  To check we changed the FI mode to FC Switching mode and port channels became active but in E mode
  when we enabled FC uplink trunking on FI and FC Switching mode port channels became active in TE mode
  but in both the above cases showflogi database shows WWPN of SAN alone not showing any from FI.
  How to achive this?
  Have read that no need to change the swicthing mode to FC Switching mode and keep as FC Endhost mode
  SO how to achieve Port channel with F mode in MDS and FI ( Mode showing as NProxy)
  Does it has to do anything with MDS NX-OS version? (https://supportforums.cisco.com/thread/2179129)
  If yes how to upgrade as license for ports came along with Device and we do not have any PAC/PAK or license file as it came
  with license
  Also we have seen 2 files availabe for download (m9100-s2ek9-kickstart-mz.5.2.8b.bin and m9100-s2ek9-mz.5.2.8b.bin) which to use
  Thanks and Regards
  Jose

  Hi Jo Bo,
  what version of software if your MDS running?
  On your UCS do connect nxos and show inteface brieft and look at the mac address.
  it is possible that you might be hitting the bug below. if this is the case you might need to upgrade the firmware on your MDS.
  Add MAC OUI "002a6a", "8c604f", "00defb" for 5k/UCS-FI
  http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCty04686
  Symptom:
  Nexus switch unable to connect any other Nexus or other Cisco Switch in NPV mode with a F port-channel.   Issue might be seen in earlier 5.1 releases like
  5.1.3.N1.1a
  but not the latest
  5.1.3.N2.1c
  release. Issue is also seen in
  5.2(1)N1(1)
  and
  6.0(2)N1(1)
  and later releases.
  Conditions:
  Nexus configured for SAN PortChannels or NPIV trunking mode Nexus connected to UCS via regular F port channel where UCS in NPV mode  NPV edge switch: Port WWN OUI from UCS FI  or other Cisco manufactured switch:  xx:xx:00:2a:6a:xx:xx:xx   OR  xx:xx:8c:60:4f:xx:xx:xx
  Workaround:
  Turn-off trunking mode on Nexus 5k TF-port Issue does not happen with standard  F-PORT Remove SAN Portchannel config
  Further Problem Description:
  To verify the issue please collect  show flogi internal event-history errors  Each time the port is attempted OLS, NOS, LRR counters will increment. This can be determined via the following output,  show port internal info all show port internal event-history errors

• MIDI command sets

  I've been working out a way to remix live with logic, and only two things stand in my way. Every time I make a key command on my controller for a mute button, I always have to push the button twice to go from "mute" to "unmute" and vice versa. I can get it to work properly if I put in the command twice, but is there a way to only put in the command once and have it work properly?
  My second problem: I need separate key command sets for my MIDI controller in each song I do, but every time I make a new one, the commands continue into the next song, so basically it reads the key commands for the whole application instead of one song. Is here a way to create key command sets only for each song instead of a universal set?

  I do it a lot 
  could you paste screnshot of your command set?
  I've recently met another issue,
  with my command set definition as below (as you can see its very simple):
  almost every show is blocked (as suspected) but not "show run" (which is strange for me)

• I can't open some photoshop files it says "The command "Set" is not currently available."

  What does this mean and how can I fix it? A corworker will make a photoshop file (Poster for example) and when i try to open it on my computer it wont open and says "The command “Set” is not currently available." What does this mean and how can I fix it? Thanks!

  You are running some sort of automation when you open files - because that error message comes from automation (actions, scripts or plugins) that are trying to target something that isn't there.
  Event Scripts was the obvious choice.
  Automation plugins, or Flash Panels are the next most obvious -- try disabling all third party plugins and Flash Panels.
  The error might come from Generator, if you have the latest Photoshop CC.

• NI automotive Diagnostic Command Set and LV Real-Time

  Hello world !!
  I'd like to have some informations about the support of NI automotive Diagnostic Command Set under LV-RT.
  Is the API fully supported ?
  Is there a plan in the roadmap to support these tools with cRIO CAN modules ?
  Thanks for your help.
  Best regards,
  Pierre R...
  Certified LabVIEW Developer

  Hello Dirk,
  I just have a new question, I think the response is YES, but I prefer to confirm my mind.
  Could you confirm that the ADCS permits us to fully implement the UDS standard in our LV RT apllication ?
  Best regards,
  Pierre R...
  Certified LabVIEW Developer

• Error when running Actions - Command "set" not currently available.

  I am trying to run an action for creating a 3D paperback book. Every time I run it, whether I make changes or not, it stops part of the way through the second step with the error message 'command "set" not currently available'. If I continue anyway, it completes the action but the end result doesn't look right. What can I do to fix this?

  Yes, it was a free download I found online and yes I was following the steps. However, I ended up fixing the issue by downloading an updated version of the same action that was part of a set of 3D actions. This one was not free but it was well worth it to save me the time and headache of trying to figure out how to fix the other one. Plus it came with tons of other awesome actions that I will use as well.