Michael McNamara

If you've ever tried to connect to the web interface of a Nortel Ethernet Switch 460/470 or Ethernet Routing Switch 5510/5520/5530 you might have found that you need to provide a username.

In software release v3.7.x for the Nortel Ethernet Switch 460/470 you'll also find that you now need to provide a username when you telnet into the switch (in previous releases you were only prompted for a password, now you are prompted for a username and password).

Interestingly enough you cannot change the default usernames (at least I don't believe you can).

For the above mentioned switches there are only two levels of access, read-write and read-only.

The default username for the read-write user level is RW.
The default username for the read-only user level is RO.

Updated 1/16/08: I should have included the default passwords for those two accounts.
The default password for the read-write user level is "secure".
The default password for the read-only user level is "user".

Cheers!

Here's a question that I've been asked over and over again.

How can I upgrade the software of a Nortel ERS 8600 Switch?

It's actually very easy and only takes a few minutes (along with a reboot). If you have dual CPUs (8690SF, 8691SF, 8692SF) your going to need to upgrade both CPUs. If your running in a HA (High Availability) configuration you probably shouldn't be reading this. I'll assume that anyone with dual CPUs is running them in a standby configuration. I generally like to upgrade the standby CPU first and then upgrade the primary CPU, the switch will fail over to the standby CPU once the primary CPU starts to reboot.

You'll need a TFTP server to host the software files. I generally use the TFTP server that comes with Linux (CentOS), however, you can use TFTPD32 by Philippe Jounin on Windows XP/2003. Just drop the TFTPD32 files in the same directory with the Nortel ERS 8600 software release and run the executable.

For this example let's assume that the primary (active) CPU is in slot 5 and the standby CPU is in slot 6. Once you have the TFTP server setup we can telnet into the switch. If you don't have telnet enabled in the boot.cfg file you'll need to console up to the switch. You may also need to clean up the /flash/ filesystem depending on which switch fabric you have installed in the chassis. I believe the 8692SF comes with 64Mb of flash memory and a 64Mb PCMCIA card.

Trying 10.1.1.10...
Connected to 10.1.1.10 (10.1.1.10).
Escape character is '^]'.

**************************************************
* Copyright (c) 2007 Nortel, Inc. *
* All Rights Reserved *
* Ethernet Routing Switch 8010 *
* Software Release 4.1.5.4 *
**************************************************

Login: rwa
Password: ***

ERS-8610:5#

If your not sure which files you need you should consult the Nortel documentation. You will definitely need the boot (p80b4154.img) and agent (p80a5145.img) files at a minimum. I have daughter processors (SuperMezz cards) in my 8692SFs so I also need that software (p80m4154.img). I also have R cards in my chassis so I need the image for those (p80j4154.dld). I don't have any ATM cards so I don't have that software included below. The TFTP server I'm using has the IP address of 10.101.20.1.

Copy software to primary CPU

ERS-8610:5# copy 10.101.20.1:p80a4154.img /flash/p80a4154.img
ERS-8610:5# copy 10.101.20.1:p80b4154.img /flash/p80b4154.img
ERS-8610:5# copy 10.101.20.1:p80c4154.img /flash/p80c4154.img
ERS-8610:5# copy 10.101.20.1:p80c4154.aes /flash/p80c4154.aes
ERS-8610:5# copy 10.101.20.1:p80j4154.dld /flash/p80j4154.dld
ERS-8610:5# copy 10.101.20.1:p80m4154.img /flash/p80m4154.img

We make the configuration changes to the boot.cfg file;

ERS-8610:5# config bootconfig choice primary image-file "/flash/p80a4154.img"
ERS-8610:5# config bootconfig choice secondary image-file "/flash/p80a4150.img"
ERS-8610:5# save config
Save config to file /flash/config.cfg successful.
Save to standby file /flash/config.cfg successful.
ERS-8610:5# save bootconfig
Save bootconfig to file /flash/boot.cfg successful.
Save to standby file /flash/boot.cfg successful.

Copy software to standby CPU and upgrade

With the software now on the primary CPU in the /flash directory we can transfer the software to the standby CPU and upgrade that component. We'll telnet from the primary CPU to the standby CPU so we can issue our commands. Alternately we could also console up to the standby CPU.

ERS-8610:5# peer telnet
Trying 127.0.0.6 ...
Connected to 127.0.0.6
Escape character is '^]'
**************************************************
* Copyright (c) 2007 Nortel, Inc. *
* All Rights Reserved *
* Ethernet Routing Switch 8010 *
* Software Release 4.1.5.4 * **************************************************
Login: rwa
Password: ***
@ERS-8610:6#

Now that we're connected to the standby CPU let's copy the files from the primary CPU. It's important to note tftpd must be enabled on the primary CPU in the boot.cfg file; "flags tftpd true".

@ERS-8610:6# copy 127.0.0.5:p80a4154.img /flash/p80a4154.img
@ERS-8610:6# copy 127.0.0.5:p80b4154.img /flash/p80b4154.img
@ERS-8610:6# copy 127.0.0.5:p80c4154.img /flash/p80c4154.img
@ERS-8610:6# copy 127.0.0.5:p80c4154.aes /flash/p80c4154.aes
@ERS-8610:6# copy 127.0.0.5:p80j4154.dld /flash/p80j4154.dld
@ERS-8610:6# copy 127.0.0.5:p80m4154.img /flash/p80m4154.img

Now that we have the files let's perform the actual upgrade and reset the CPU.

@ERS-8610:6# boot /flash/p80b4154.img
Are you sure you want to re-boot the switch (y/n) ? y
@ERS-8610:6#

You should wait until the standby CPU upgraded the boot code and then loads the new agent code before doing anything with the primary CPU. It's also a great idea to confirm that the standby is up and operational before you do anything with the primary CPU.

Now all you need to-do is upgrade the primary CPU

ERS-8610:5# boot /flash/p80b4154.img
Are you sure you want to re-boot the switch (y/n) ? y
ERS-8610:5#

The switch will boot the boot image and upgrade the boot PROM afterwhich it will reboot again and load the new agent code we specified in the boot.cfg file. If you have a standby CPU the standby CPU will become the active CPU. If you don't have a standby CPU in the switch you'll just need to wait for the switch to come back online. This should only able about 3 minutes.

Cheers!

I've received a few inquires about how to reset the password and configuration on a Nortel Ethernet Routing Switch 8600. In a previous article I showed everyone how to reset the configuration (and password) of a Nortel Ethernet Switch (including the ERS 5500 series) but not a Nortel Ethernet Routing Switch.

As with the previous procedure you'll need access to the console port on the switch. Specifically you'll need to cable up (9600,8,N,1) to the CPU (8690SF, 8691SF, 8692SF) you wish to reset.

If you've lost the password... cold boot the chassis while connected to the console port. When the switch starts to boot you should see something similar to the following (depending on the version of software installed);

Copyright (c) 2007 Nortel, Inc.
CPU Slot 5: PPC 745 Map B
Version: 4.1.5.4
Creation Time: Dec 17 2007, 15:31:21
Hardware Time: DEC 26 2007, 16:19:24 UTC
Memory Size: 0x10000000
Start Type: cold
SMI ZOOMCF
can't open "/pcmcia/pcmboot.cfg" 0x380003
S_dosFsLib_FILE_NOT_FOUND
/flash/ - Volume is OK
Change volume Id from 0x0 to 0x1a5

Loaded boot configuration from file /flash/boot.cfg
Attaching network interface lo0... done.

Press to stop auto-boot...
1

You'll need to interrupt the boot process by hitting the "Return" key . You should be greeted with a monitor prompt;

monitor#

From here you'll be able to issue a command to clear the passwords stored in NV RAM;

monitor# reset-passwd
monitor#

Now just go ahead and reset the CPU and you should be able to login with the default username (rwa) and password (rwa).

monitor# reset

CPU Slot 5: PPC 745 Map B
Version: 4.1.5.4
Creation Time: Dec 17 2007, 15:31:21
Hardware Time: DEC 26 2007, 16:25:09 UTC
Memory Size: 0x10000000
Start Type: cold
SMI ZOOMCF
can't open "/pcmcia/pcmboot.cfg" 0x380003
S_dosFsLib_FILE_NOT_FOUND
/flash/ - Volume is OK
Change volume Id from 0x0 to 0x1a5

Loaded boot configuration from file /flash/boot.cfg
Attaching network interface lo0... done.

Press to stop auto-boot...
Loading /flash/p80a4154.img ... 8761414 to 25459172 (25459172)
Starting at 0x10000...

SMI ZOOMCF
Booting PMC280 Mezz HW please wait
. The BootCode address is 0x2b00100 3303
.
Mezz taking over console and modem......
Mezz CPU Booted successfully


Initializing backplane net with anchor at 0x4100... done.
Backplane anchor at 0x4100... ..
Mounting /flash: .done.


Ethernet Routing Switch 8600 System Software Release 4.1.5.4
Copyright (c) 1996-2007 Nortel, Inc.

CPU5 [10/26/99 11:26:25] SW INFO System boot
CPU5 [10/26/99 11:26:25] SW INFO ERS System Software Release 4.1.5.4
CPU5 [10/26/99 11:26:26] SW INFO CPU card entering warm-standby mode...
CPU5 [10/26/99 11:26:27] SW INFO Loading configuration from /flash/config.cfg

CPU5 [10/26/99 11:26:27] SW INFO PCMCIA card detected in Stand-by CPU "ERS-8610"
slot 5, Chassis S/N SSPND*****

**************************************************
* Copyright (c) 2007 Nortel, Inc. *
* All Rights Reserved *
* Ethernet Routing Switch 8010 *
* Software Release 4.1.5.4 *
**************************************************

Login:

You should now be able to login with the default RWA username of "rwa" and the default password for "rwa".

If you wish to reset the configuration... you only need to delete the config.cfg file from the flash and reset the switch.

You should NOT delete the boot.cfg file unless you have a copy of the software on the PCMCIA card and know how to start the software using the boot command from monitor mode.

I believe the same monitor command is available for the Ethernet Routing Switch 1600 Series.

Cheers!

While writing the previous article I recalled all the problems I had trying to decode the Motorola (formerly Symbol) WISP, WISPe, CAPWAP protcool used between the Wireless LAN Switch and their Access Ports.

As of WireShark version 0.99.7 there is decode support for the Lightweight Access Point Protocol (LWAPP) protocol used by Airspace (Cisco) and a few other wireless vendors.

The legacy Motorola Wireless LAN WS5000, WS5100 switches (version 1.x and 2.x) utilize the WIreless Switch Protocol (WISP) while the Motorola Wireless LAN WS5100, RFS7000 (version 3.x and 1.x respectively) utilize the WIreless Switch Protocol Enhanced (WISPe). The WISPe protocol from Motorola very closely mimics the Control and Provisioning of Wireless Access Points (CAPWAP) that is currently being developed by the IETF.

Now that I've got that history lesson out of the way. Have you every needed to decode the protocol running between the Wireless Switch and the Access Ports?

As you know by now I have a large number of Motorola Wireless LAN switches and Access Ports deployed throughout my organization. Unfortunatley the latest version of WireShark does not support the decoding of WISP, WISPe, or CAPWAP.

Thankfully Ethereal v0.10.14 has decoders for the WISP and CAPWAP protocols. I will say this warning though. I have downloaded multiple copies of Ethereal v0.10.14 and some seem to support WISP and CAPWAP while others don't appear to support it. If I find a link for a working version I'll update this article.

Here's an example of the WISP protocol between a Motorola Wireless LAN Switch (WS5000 v2.x) and an Access Port 300 (AP300). (click on the image to enlarge it)

In the above trace you can see that the AP300 has just been reset and is in the process of booting. It starts by issuing EAPOL and LLDP packets before sending it's first WISP "Hello". You can see that the WS5000 responds to the "Hello" with a "Parent" command after which the Ap300 starts to download its runtime software with the "LoadMe" command.

Here's an example of the CAPWAP protocol between a Motorola Wireless LAN Switch (WS5100 v3.x) and an Access Port 300 (AP300). (click on the image to enlarge it)

Note: this trace was not performed at the port level so we don't see the EAPOL or LLDP traffic. We can see the AP300 making "Discovery", "Join" and "Cfg" requests of the WS5100 switch.

Cheers!

UPDATE: March 29, 2008

Here's a link for Ethereal v0.10.14 that I believe should decode both WISP and CAPWAP;

ftp://192.104.254.176//files/wisp-ethereal-setup-0.10.14.exe

The folks behind WireShark have released version 0.99.7 for Windows. WireShark (formerly Ethereal) is the de facto standard network protocol analyzer today. I personally use WireShark and WildPacket's OmniPeek depending on the situation or scenario.

Why the excitement behind the new release?

Well for those of us that have tried in vein for many years to decode the UNISTIM protocol the latest release of WireShark promises to deliver us from our purgatory. The complete release notes can be found here. I'll include just the pertinent part here;

New Protocol Support

ANSI TCAP, application/xcap-error (MIME type), CFM, DPNSS, EtherCAT, ETSI e2/e4, H.282, H.460, H.501, IEEE 802.1ad and 802.1ah, IMF (RFC 2822), RSL, SABP, T.125, TNEF, TPNCP, UNISTIM, Wake on LAN, WiMAX ASN Control Plane, X.224,

You can find a entry for UNISTIM on WireShark's Wiki here along with an entry on Wikipedia here.

In summary UNIStim is Nortel's proprietary VoIP signaling protocol between their Internet Telephones (i2002,i2004,i2007,1120e,1140e,1150e) and the Nortel Call Server (PBX) switch. The Internet Telephones and Call Server still utilize the Real-time Transport Protocol (RTP) for the actual voice path between two Internet phones or from a Voice Gateway Media Card (VGMC) to an Internet phone.

Let me provide an example of the new decode; (click on the image to see it blown up)

This trace was taken by mirroring the port connecting to an i2004 Internet Telephone. In the trace you will see that the top frames are a RTP stream between the i2004 (10.101.245.132) and a VGMC (10.117.240.43). The frame I've highlighted shows the Signaling Server (10.101.240.20) sending a UNIStim signal to the i2004 to close the audio channel. You can see that in the next packet the far end (10.117.240.43) has already closed the TCP socket generating an ICMP unreachable message back to the i2004 phone.

Many thanks to Gerald Combs and all the contributors over at WireShark!

Cheers!

When I last spoke about my home desktop computer I mentioned that I was waiting for the release of the new Logitech G15 keyboard. I'm happy to report that the new G15 has been released and I'm happily typing this article on it right now.

I found a wealth of plug-ins for the built-in LCD display and I've found some very interesting uses for the macro keys. Overall I'm very happy with the new Logitech G15 keyboard. It complements the new Logitech G5 mouse I've had on my desktop for the past six months. The version of the G5 I have includes two thumb buttons on the mouse, great for those of us that game.

I had the opportunity to upgrade my headset a few weeks ago. I had been using the Plantronics GameCom 1 3.5mm headset with the on-board audio from my Nforce4 Ultra motherboard. Unfortunately the cable got wrapped around my three year olds foot just before she ran out of the room. All the kings horses and all the kings men weren't going to put it back together so I decided to order the Plantronics GameComPro 1 USB headset.

The Plantronics GameCom 3.5mm headset is definitely hands down the best value and product in the price range ($19.99). I've used this headset for about two years now (replacing them as they get broken) and it's very comfortable. I use this headset in conjunction with the on-board audio from my Nforce4 Ultra motherboard. It works very well and provides good sound both as an output and input (microphone). Just remember that you'll need either a dedicated sound card or on-board audio built into your motherboard. I know the audiophiles would argue that the on-board audio isn't anywhere near the quality of a dedicated sound card but for those of us that just need basic audio, this should work fine.

The Plantronics GameComPro1 USB headset is also a very nice product. It is a USB solution that houses it's own DSP (essentially it's own soundcard). It has the same basic design as the GameCom headset above and I would rate it in line with the sound from my on-board audio. Unfortunately the DSP doesn't have a Mixer so you might have issues trying to use a USB headset with FRAPS to record voice/sounds with various applications/games. For those that don't have either a sound card or on-board audio from their motherboard this is a great option.

Cheers!

The Nortel Ethernet Routing Switch 8600 by default has six user accounts each with different levels of access. The "super-user" account is the rwa account and has access to the entire switch.

Default User ID: rwa
Default Password: rwa

Default User ID: rw
Default Password: rw

Default User ID: l3
Default Password: l3

Default User ID: l2
Default Password: l2

Default User ID: l1
Default Password: l1

Default User ID: ro
Default Password: ro

With the release of Nortel's Application Switch Blade for the ERS 8600 there are actually six additional access levels. If you the network administrator of an ERS 8600 is probably best to reset the passwords and/or disable the various access-levels that you are not using. You can accomplish this with the following commands. To change the passwords use the following commands;

ERS-8600:5# config cli password rwa rwa
ERS-8600:5# config cli password rw rw
ERS-8600:5# config cli password l3 l3
ERS-8600:5# config cli password l2 l2
ERS-8600:5# config cli password l1 l1
ERS-8600:5# config cli password ro ro

In software release v4.x and higher the passwords will automatically be synced across both CPUs if there is more than one in the switch. In previous releases you would need to issue the commands above on both CPUs.

You can also disable the different access-levels with the following commands;

ERS-8600:5# config cli password access-level rw disable
ERS-8600:5# config cli password access-level l3 disable
ERS-8600:5# config cli password access-level l2 disable
ERS-8600:5# config cli password access-level l1 disable
ERS-8600:5# config cli password access-level l4admin disable
ERS-8600:5# config cli password access-level slbadmin disable
ERS-8600:5# config cli password access-level oper disable
ERS-8600:5# config cli password access-level l4oper disable
ERS-8600:5# config cli password access-level slboper disable
ERS-8600:5# config cli password access-level ssladmin disable

And don't forget to save your configuration and boot configuration with the following commands;

ERS-8600:5# save config
ERS-8600:5# save bootconfig

You should always change the default passwords in order to secure the network.

Cheers!