Fibre Channel (SAN)

Reply
Occasional Contributor
Posts: 13
Registered: ‎06-27-2014
Accepted Solution

Supportsave using SCP (Cygwin)

Hi Experts,

 

Need your advise please...

 

I installed Cygwin and performed the necessary ssh-host-config in my Windows Server 2003.

I tested the SCP connection using WinSCP (SCP protocol), and I'm able to list (ls) my directory without any issue.

 

When I try to perform supportsave from one of my Brocade switch (FOS v6.2.2a), this operation is failed.

 

Is it possible somehow my Brocade switch disable the SCP during initial configuration?

If not, what's the possible root cause here?

 

Thank you!

Frequent Contributor
Posts: 107
Registered: ‎04-05-2011

Re: Supportsave using SCP (Cygwin)

Can you share with us the error message that appeared ?

 

most common errors are invalid path or restricted permissions. on cygwin the directory path starts with /cygdrive/<driveletter>/directory so you on your windows box the target is at c:\supportsave, you should point to /cygdrive/c/supportsave

 

additionally, you may have to log to the ssh with putty and set permission to the target directory with the chmod command.

 

chmod u+w,g+w /cygdrive/c/supportsave may resolve

 

Occasional Contributor
Posts: 13
Registered: ‎06-27-2014

Re: Supportsave using SCP (Cygwin)

Hi Anovelli,

 

I ran chmod u+w,g+w to my test2 folder.

And no error message, it just mention SupportSave failed.

 

http://s12.postimg.org/bb1cjs5t9/screenshot_256.png

 

My path in Windows is F:\cygwin\home\xxxxx\test2

And I tried below in Brocade, all cannot work:

 

  1. /cygdrive/f/cygwin/home/xxxxx/test2
  2. /f/cygwin/home/xxxxx/test2
  3. /cygwin/home/xxxxx/test2
  4. /home/xxxxx/test2
  5. /xxxxx/test2
  6. /test2

I'm out of idea now. :smileyfrustrated:

Any idea...?

 

I tried WinSCP to this SCP server (Cygwin), it's okay, it can reads directory, transfer file without any issue.

 

Actually I just try supportsave to test whether my SCP server (Cygwin) works, so that I can perform firmware upgrade using SCP.

FTP is blocked in our environment due to security concern.

 

Besides, I would like to ask, If this SCP still cannot work, is there any way to perform upgrade by copy the firmware to Brocade switch itself, and then perform upgrade from there? The idea is, when issue firmwaredownload, can we point the requested IP back to switch itself...?

 

Thank you!

 

 

 

Frequent Contributor
Posts: 107
Registered: ‎04-05-2011

Re: Supportsave using SCP (Cygwin)

Hi Swee Chin!

 

Depending on the model, you may do a firmwaredownload using a USB key as the source of the firmware. But your device must have an USB port and you will need phisical access to the equipment.

 

do this simple test:

Log to your switch with root user. the fos have a builtin ssh client so you can try to connect to your server using ssh. if the connection fails, you have a network problem. may be invalid netmask or gateway or even a firewall rule that may be blocking the connection.

 

i can replicate the error you are facing easily. I have set a firewall rule that blocks the connection from one of my bladeswitch to my management server and issued the supportsave command. the message is the same:

 

BLADE_SWITCH_03:root> supportsave
This command collects RASLOG, TRACE, supportShow, core file, FFDC data
and then transfer them to a FTP/SCP server or a USB device.
This operation can take several minutes.
NOTE: supportSave will transfer existing trace dump file first, then
automatically generate and transfer latest one. There will be two trace dump
files transferred after this command.
OK to proceed? (yes, y, no, n): [no] yes
 
Host IP or Host Name: 10.208.40.149
User Name: sadmin
Password:
Protocol (ftp or scp): scp
Remote Directory: /home/sag
 
Saving support information for switch:CTI_CORP_BL10_114, module:RAS...
SupportSave failed.

 

look how my ssh connection fails when trying to connect to it:

 

BLADE_SWITCH_03:root> ssh 10.208.40.149
ssh: connect to host 10.208.40.149 port 22: Connection timed out

 

Compare with another switch wich dont have the rule set on the network firewall:

 

SAN_SWITCH_2:FID128:sag> supportsave
This command collects RASLOG, TRACE, supportShow, core file, FFDC data
and other support information from both active and standby CPs
and then transfer them to a FTP/SCP/SFTP server or a USB device.
Local CP, remote CP and BPs' information will be saved,
but supportShow information is available only on the Active CP.
This operation can take several minutes.
NOTE: supportSave will transfer existing trace dump file first, then
automatically generate and transfer latest one. There will be two trace dump
files transferred after this command.
OK to proceed? (yes, y, no, n): [no] yes
 
Host IP or Host Name: 10.208.40.149
User Name: sadmin
Password:
Protocol (ftp | scp | sftp): scp
Remote Directory: /home/sag/
 
Saving support information for switch:CTI_CORP_B85_57, module:RAS...
.................................
Saving support information for switch:CTI_CORP_B85_57, module:CTRACE_OLD...
Saving support information for switch:CTI_CORP_B85_57, module:CTRACE_OLD_MNT...
Saving support information for switch:CTI_CORP_B85_57, module:CTRACE_NEW...
Saving support information for switch:CTI_CORP_B85_57, module:FABRIC...
.......

 

Look how my ssh test connection success:

 

SAN_SWITCH_2:FID128:root> ssh 10.208.40.149 -l sag
sadmin@10.208.40.149's password:
Last login: Fri Mar 13 07:08:14 2015 from 10.244.32.217
sadmin@MGR-SRV-01 ~ >

 

Please let me know the results of your tests.

 

good luck!

Occasional Contributor
Posts: 13
Registered: ‎06-27-2014

Re: Supportsave using SCP (Cygwin)

Hi Anovelli,

 

Thanks for your reply, I will let you know at the coming Monday, people who holds the root password is only available at next Monday. :smileyhappy:

 

But, I have a question regarding the firewall point you mentioned:

If, I can access (SSH) the switch from my management server (server -> switch), isn't the switch is allows to connect back to my management server using SSH as well? Yes, I do agree I should test it first.

 

Are you setup SCP server using Cygwin as well? If yes, any additional step you performed besides ssh-host-config? What is the version of SSH that you using now? Mine is openssh-6.7p1-1.

 

And yes, last but not least, is it possible, I upload the firmware to switch root/firmwaredir; then when I issue firmwaredownload, I point the host IP to switch itself, and directory to root/firmwaredir? I love to try if I have test switch, but too bad, reality is always cruel, haha...

 

Sorry for my questions, but you are indeed very helpful!

 

Thank you!!!

 

 

Regards,

Swee Chin

Frequent Contributor
Posts: 107
Registered: ‎04-05-2011

Re: Supportsave using SCP (Cygwin)

[ Edited ]

Hello Sww Chin,

 

About the firewall configuration, I'm not a network guy, but I had played with linux and unix based firewalls and learnt that it is possible to stabilish a direction (incoming and outgoing) for the firewall rule.

 

About the SSH server, I have both cygwin and linux. On the cyg, only the basic configuration task works.

 

About the firmware upgrade strategy you mentioned, I have never tested it. Probably you may experience a filesystem space issue, because the firmware download uncompress the firmware on the fly, so  you will need to have enought space for the compressed, uncompressed and the "hot" firmware. I dont think you have this space left on the internal flash.

 

What model is your Brocade ? Does it has an USB port ?

 

I would recommend you to first determine if you have a network firewall rule and try to ask the network administrator to correct the rules for you. So you will end with a nice management server to work on your environment. ;)

 

good luck!

 

 

Occasional Contributor
Posts: 13
Registered: ‎06-27-2014

Re: Supportsave using SCP (Cygwin)

Hi Anovelli,

 

http://www.brocade.com/downloads/documents/html_product_manuals/FOS_CMDREF_701/commands_a_z.4.139.html

Upgrade switch "locally" looks like possible, but not sure whether it needs special requirement on model, FOS and internal flash space.

 

My switch already EOL, that's why headache coming in; but interesting too. :smileyvery-happy:

 

Oh yes, I tried SSH from switch yesterday, and the result is, connection lost. You get it right. :smileywink:

May be it's time to ask network guy now.

 

To your experience, are firmwaredownload and supportsave working fine on Cygwin?

 

Thank you for your help and advise given so far! :smileylol:

 

 

Best Regards,

Swee Chin

Frequent Contributor
Posts: 107
Registered: ‎04-05-2011

Re: Supportsave using SCP (Cygwin)

Hello Swee Chin,

 

Yes, the firmwaredownload and supportsave works like a charm on the cygwin. You will not have any problem to perform that after the firewall rule adjustement.

 

By the way, I can't see any alternative to firmware dowload locally without the use of a USB Key.

 

What is your switch model ? If this model is EOL, probably it may not have so much free flash resources.

 

 

Occasional Contributor
Posts: 13
Registered: ‎06-27-2014

Re: Supportsave using SCP (Cygwin)

Hi Anovelli,

 

Brocade 4100. :smileyfrustrated:

 

Not sure if I get correctly, this is what mentioned at OPERANDS > host:

"Specify a valid FTP or SSH server name or IP address. IPV4 and IPv6 addresses are supported. The firmware is downloaded from the specified host. If a host is not specified, the firmware is considered accessible on a local directory."

 

And yes, I won't surprise if those 4100 switches may not have so much free flash resources.

Love to try but too bad no test switch here. :smileymad:

 

 

Regards,

Swee Chin

Frequent Contributor
Posts: 107
Registered: ‎04-05-2011

Re: Supportsave using SCP (Cygwin)

Hi Swee Chin,

 

Reading again, it may be possible, but never tested. The next time we remove a 4GB switch I'll give it a try. ;)

 

Please let me know how you ended with the network issue.

 

Good luck!

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook