Professional Documents
Culture Documents
November 15, 2005 – Reorganized all chapters and renumbered. Set version to 3.0.
November 14, 2005 – Added section for cediag, (1.4.2), psradm (1.4.17). Renumbered 1.4.x sections accordingly.
November 8, 2005 – Added example of replacing a bad disk w/lvm (4.3.4)
November 2, 2005 - Added Sunfire 2900 section (7.7). Added fmthard section (1.4.10).
October 20, 2005 - Fixed typo's.
September 20, 2005 - Added dhcp troubleshooting section (3.2.5). Updated minnow boxid's (8.3.3).
August 10, 2005 - Finally added an index!
August 9, 2005 – Reordered chapters for servers (old 6.0, new 7.0), disk arrays (old 7.0, new 8.0), and security (old 8.0,
new 6.0).
August 8, 2005 – Divided Chapter 6 into: Servers (6.0) and Disk Array's (7.0). Renumbered Security (8.0). Added section
for Sun Rays (6.6).
July 25, 2005 – Added section for d240 (6.15). Added section for S1 (6.16). Added sections for Disk Array LED's (6.7.1,
6.8.2, 6.10.2,). Added pictures for LED's in all disk array sections.
July 11, 2005 - Added section for T3 Battery (6.7.7). Added section for Hitachi Batteries (6.11.11). Added section for
Minnow batteries (6.8.7). Added sections for D1000 (6.12), A1000 (6.13), A3x00 (6.14) Renumbered SAN Switches
section (6.15). Moved T3/6x20 "dot" commands to Appendix A.
June 21, 2005 – Added section on SMF (1.9).
June 16, 2005 - Added target info for minnow arrays (6.8.5). Modified Live Upgrade section (1.2.4)
June 15, 2005 – Added sections for nis ( 2.6) and nfs (2.8). Restructured chapter 2.
June 9, 2005 – Updated LVM section (4.3)
June 1, 2005 – Added section on zones (1.8). Added section on Live Upgrade (1.2.4). Added sections for additional solaris
commands, dumpadm (1.4.6), eeprom (1.4.7), fsck, (1.4.10), modinfo (1.4.13), volcheck (1.4.22), Added section on
StorADE (4.4). Added sections for Sun Cluster (5.2.3, - 5.2.8). Updated section on Indy (6.9). Updated section on Maserati
(6.10).
May 26, 2005 – Added section for accessing svp on 9990 (6.11.10)
May 24, 2005 – Added section on printing (1.7)
May 18,2005 – Added section for accessing dot commands on T3 and 6x20 arrays (6.7.6, 6.10.2). Added section for script
command (1.4.18).
May2, 2005 – Added troubleshooting section for Brocade and McData switches (6.12.4)
April 19, 2005 – Added sections for flashupdate (6.3.2, 6.4.4) and setchs (6.3.3, 6.4.7).
March 23, 2005 – Added sections for DR (1.6), Hitachi Microcode Update (6.11.9), Minnow Disk Replacement (6.8.5),
boot(1.4.1), svcadm (1.4.16), & svcs (1.4.17). Trimmed down PCAnywhere and HiTrack sections.
November 30, 2004 – Added procedure to replace cp2140 board on sc (6.4.5) , Added chs section (6.4.6).
October 26, 2004 – Added section for SunCluster (5.0).
October 21, 2004 – Added scsi-initiator-id procedure, minor corrections to Hitachi section
October 11,2004 – Added section for SMS Upgrade procedure.
August 17,2004 – Added section fo sccli command reference
August 11, 2004 – Added section for power cycling Hitachi Disk Array, removed softrware section.
August 9, 2004 – Added section for configuring HiTrack
August 1, 2004 – Added section for initial configuration of HDS 9970/9980 Array
July 10, 2004 – Added Security Chapter.
SSE Field Reference Guide
Table of Contents
1.0 Lights Out Management Software..................................................................................................11
1.1 Lights Out Management (LOM)................................................................................................11
1.1.1 Command Reference:.......................................................................................................11
1.2. Advanced Lights Out Management (ALOM)............................................................................12
1.2.1 Command Reference:.......................................................................................................12
1.2.2. ALOM Notifications..........................................................................................................12
1.2.3. Configuring the Network Management Port:....................................................................14
1.2.4. Resetting the ALOM Password........................................................................................15
1.3. Remote Server Console (RSC)................................................................................................17
1.3.1. OBP Commands .............................................................................................................17
1.3.2. RSC Commands..............................................................................................................17
1.3.3. How To Configure RSC...................................................................................................18
1.3.4. Forgotten Password.........................................................................................................21
1.4. Integrated Lights Out Management (ILOM).............................................................................22
1.4.1. Command Reference.......................................................................................................22
2.0 Open Boot Prom (OBP).................................................................................................................27
2.1. Command Reference...............................................................................................................27
2.1.1. Version 3.x ......................................................................................................................27
2.1.2. Version 4.17 additions for the boot command:................................................................27
2.2. Working with nvram.................................................................................................................27
2.2.1 Selected nvram Parameters.............................................................................................27
2.2.2. nvramrc Commands........................................................................................................28
2.2.3. nvedit Editor Keystroke Commands.................................................................................28
2.3. Common obp Procedures........................................................................................................29
2.3.1. Setting cpu speed............................................................................................................29
2.3.2. Setting hostid...................................................................................................................29
2.3.3. Setting the Monitor Frequency.........................................................................................29
2.3.4. Setting network transfer speed........................................................................................29
2.3.5. Setting scsi-initiator-id......................................................................................................29
2.3.6. Booting a System............................................................................................................31
3.0 Solaris OS......................................................................................................................................33
3.1. Installation/Configuration.........................................................................................................33
3.1.1. Jumpstart.........................................................................................................................33
3.1.2. Flash Archive...................................................................................................................34
3.1.3. WANBoot.........................................................................................................................34
3.1.4. Live Upgrade...................................................................................................................39
3.2. Patch Management..................................................................................................................49
3.2.1. patchadd Error Codes (Solaris 2.6, 7, 8,9)......................................................................49
3.2.2. patchrm Error Codes.......................................................................................................49
3.2.3. patchdiag.........................................................................................................................50
3.3. Solaris Selected Command Reference....................................................................................51
3.3.1. cdrw.................................................................................................................................51
3.3.2. cediag..............................................................................................................................51
3.3.3. cfgadm.............................................................................................................................53
3.3.4. cpio..................................................................................................................................54
3.3.5. cron.................................................................................................................................54
3.3.6. dd....................................................................................................................................54
3.3.7. dumpadm.........................................................................................................................55
3.3.8. eeprom............................................................................................................................55
3.3.9. explorer............................................................................................................................56
3.3.10. find.................................................................................................................................57
3.3.11. fmthard..........................................................................................................................57
3.3.12. fsck................................................................................................................................57
3.3.13. installboot......................................................................................................................57
3.3.14. kbd.................................................................................................................................58
3.3.15. modinfo..........................................................................................................................58
3.3.16. mount.............................................................................................................................59
parameter value
--------- -----
if_network true
if_modem false
if_snmp false
if_emailalerts false
sys_autorestart xir
netsc_tpelinktest false
netsc_dhcp false
netsc_ipaddr 129.148.173.27
netsc_ipnetmask 255.255.255.0
netsc_ipgateway 129.148.173.253
mgt_mailhost
mgt_mailalert
sc_customerinfo
sc_escapechars #.
sc_powerondelay false
sc_clipasswdecho true
sc_cliprompt sc
sc_clitimeout 0
sc_clieventlevel 2
sys_eventlevel 2
ser_baudrate 9600
ser_parity none
ser_stopbits 1
ser_data 8
netsc_enetaddr 00:03:ba:29:5e:34
sys_hostname abcd
sys_enetaddr 00:03:ba:29:5e:2b
sc> setsc if_emailalerts true - this command enables the mail alerts to be sent
sc> setsc mgt_mailhost 129.148.9.16 - this command sets the IP address of the mail server to which
ALOM delivers the mail alerts, if two addresses are specified they must be seperated by a single space
sc> setsc mgt_mailalert john.doe@sun.com 1 - this command sets who will be sent the email with the
alerts and what level alerts will be sent. The possible settings are:
1 (critical),
2 (critical and major) and
3 (critical, major and minor)
if_network="true"
if_modem="false"
if_snmp="false"
if_emailalerts="true"
sys_autorestart="xir"
netsc_tpelinktest="true"
netsc_dhcp="false"
netsc_ipaddr="129.148.173.27"
netsc_ipnetmask="255.255.255.0"
netsc_ipgateway="129.148.173.253"
mgt_mailhost="129.148.9.16"
mgt_mailalert="john.doe@sun.com 1"
sc_customerinfo=""
sc_escapechars="#."
sc_powerondelay="false"
sc_servicemode="false"
sc_clipasswdecho="true"
sc_cliprompt="sc"
sc_clitimeout="0"
sc_clieventlevel="2"
sc_ssqamode="false"
sys_eventlevel="2"
if_network true
netsc_tpelinktest true
netsc_dhcp false
netsc_ipaddr 0.0.0.0
netsc_ipnetmask 255.255.255.0
netsc_ipgateway 0.0.0.0
sc> setsc netsc_tpelinktest false - this command enable/disables the link integrity test, please check with
your network admin to see if the network hardware(hubs etc.) support this functionality.
sc> setsc netsc_dhcp false - this command should be set to false unless you want DHCP to obtain your
network configuration, which is not part of this example
sc> setsc netsc_ipaddr 129.148.173.27 - this command sets the the unique IP address for the NET MGT
port, please see your network admin to get this address
sc> setsc netsc_ipnetmask 255.255.255.0 - this command sets the netmask and will depend on the class
of network.
sc> setsc netsc_ipgateway 129.148.173.253 - this command sets the IP address of the gateway or
router.
If you have made a change to the "netsc_tpelinktest" variable, it will not change until after the next ALOM
reset but is otherwise not needed.
sc> resetsc -y
You can now verify the settings with the "shownetwork" command
sc> shownetwork
The next steps will show how to do the same configuration but with the Solaris based "scadm" command.
# /usr/platform/SUNW,Sun-Fire-V240/sbin/scadm help
COMMAND DETAILS
# scadm help => this message
# scadm date [-s] | [[mmdd]HHMM | mmddHHMM[cc]yy][.SS] => print or set date
# scadm set <variable> <value> => set variable to value
# scadm show [variable] => show variable(s)
# scadm resetrsc [-s] => reset SC (-s soft reset)
# scadm download [boot] <file> => program firmware or [boot] monitor
# scadm send_event [-c] "message" => send message as event (-c CRITICAL)
# scadm modem_setup => connect to modem port
# scadm useradd <username> => add SC user account
# scadm userdel <username> => delete SC user account
# scadm usershow [username] => show user details
# scadm userpassword <username> => set user password
# scadm userperm <username> [cuar] => set user permissions
# scadm shownetwork => show network configuration
# scadm loghistory => show SC event log
# scadm version [-v] => show SC version (-v verbose)
Use the "scadm set" command to set the same variables as described above
IP Address: 129.148.173.27
Gateway address: 129.148.173.253
Netmask: 255.255.255.0
Ethernet address: 00:03:ba:29:5e:34
Note - There is also an interactive configuration process possible through the use of the "setupsc" command,
which is beyond the scope of this document.
2) Power on the server via the front power button. Once POST has completed,you will need to wait 1 to 2 minutes
for a timeout to occur and the system to drop to the "ok>" prompt.
If you do not get the "Please login:" prompt (you will likely see the SC prompt) then you must power the system off
remove the battery from the LOM board, wait a minute, and re-install everything).
Below is an example of what you might see on the console:
Please login:
SC Alert: Host System has Reset
[wait one two minutes]
Serial line login timeout, returns to console stream.
ok>
3) Boot the system to the OS level. If Solaris is not currently installed on the server, you will need to install it at this
point.
4) Use the scadm command to reset the admin password:
server# cd /usr/platform/`uname -i`/sbin
server# ./scadm userpassword admin
5) Use the escape sequence "#." to get system back to the ALOM login prompt.
6) You can now log into the admin account using the password “admin” that you just set.
*Available for Sun Enterprise 250 servers only. For other supported workgroup servers, you must set input-device
and output-device to rsc-console, not rsc.
**For Sun Enterprise 250 servers, you must set input-device and output-device to rsc, not rsc-console.
showsc (The showsc command is not available on Sun Enterprise 250 servers.)
logout Ends your current RSC shell session
setlocator Turn the system locator LED on or off (Sun Fire[TM] V480 servers only).
showlocator Show the state of the system locator LED (Sun Fire V480 servers only).
showdate Same as the date command without arguments. (Not available for Sun Enterprise 250 servers.)
setdate Same as the date command with arguments. (Not available for Sun Enterprise 250 servers.)
rscadm subcommands
help Displays a list of rscadm commands and brief descriptions for each
date Displays or sets the current time and date
set Sets a configuration variable
show Displays one or more configuration variables
shownetwork Shows current RSC card network configuration (RSC 2.0 and above)
loghistory Returns the most recent log entries (RSC 2.0 and above)
resetrsc Resets RSC immediately
download Downloads firmware to the RSC flash PROM
send_event Logs an event; can also send an alert message
modem_setup Changes configuration of the modem connected to the RSC serial port
useradd Adds an RSC user account
userdel Deletes an RSC user account
usershow Shows characteristics of an RSC user account
userpassword Sets or changes a user's password
userperm Sets the authorization for a user
version Reports the RSC version on the host (RSC 2.0 and above)
status Same as the version -v command. (RSC 2.0 and above)
These commands will take effect after the next server reset.
If you want to redirect the console server back to TTYA , you can do the following:
ok> setenv diag-out-console false
ok> setenv input-device keyboard
ok> setenv output-device screen
If the RSC console is the console and RSC has not been fully configured, the RSC card can be pulled from the
machine in order to temporarily reset the output to the TTYA port. Once OBP has been started, the parameters will
need to be reset appropriately to go to another device until the RSC card has been configured.
The RSC software download for Solaris contains the following packages:
· SUNWrsc
· SUNWrscj
· SUNWrscd
Step 1: Checking to see if RSC is already installed.
Any previous version of RSC installed on a supported Solaris platform should be removed. Do the following to
determine if RSC is already installed.
1. Make sure you are logged in as superuser.
2. Perform the pkginfo command to check for RSC. Type the following command at the superuser prompt and
3. If the output of this command lists any RSC packages, you need to remove them. Before you do this, save the
current configuration information. First, you need to know the platform name for your system. Type the following
command:
# uname -i
SUNW,Sun-Fire-V490
Save this file. If desired, you can also use the rscadm usershow command to display information on the users,
and then save that information to a file. This information can be used to reconfigure RSC if the need arises at
some time in the future.
5. Remove the RSC packages. Using the output from Step 2, type the following command to specify the installed
packages you want to remove:
# /usr/bin/unzip rsc_packages*.zip
4. Type the following command to install the Solaris packages using the pkgadd command:
# /usr/sbin/pkgadd -d .
is 111416-05. If the patch is already included in the packages you have installed you do not need to re-
install it, but see the note below about checking for other or later patches.
2. Point your Web browser to http://sunsolve.sun.com and click the Patches link in the left column.
3. Type the ID number for the patch you want in the Enter a Patch ID field and click Find Patch.
4. Follow the instructions on the page to download the patch.
NOTE: Other patches or later patch versions may also exist; search http://sunsolve.sun.com for more
information.
To add the patch, follow these steps:
1. Log in as superuser, if you have not already done so.
2. At the system prompt, type the following command:
# patchadd patch-ID
where patch-ID is the ID number of the patch you downloaded (for example, patchadd 111416-05).
# patchadd 111416-05
Checking installed patches...
Verifying sufficient filesystem capacity (dry run method)...
Installing patch packages...
Patch number 111416-05 has been successfully installed.
See /var/sadm/patch/111416-05/log for details
This step installs the following packages:
· SUNWrsc
· SUNWrscj
Step 4: What To Do Next
If you are upgrading from a previous version of RSC, you need to flash the new firmware and reconfigure RSC. If
you are installing RSC for the first time, you need to run the rsc-config script on the server.
Flashing the New Firmware
1. Before you flash the firmware, you need to know the platform name for your system. Type the following
command:
# uname -i
The system returns a message similar to the following:
SUNW,Sun-Fire-280R
2. Type the following command to flash the firmware and update the GUI files:
# /usr/platform/platform-name/rsc/rsc-config
Note: You may need to delete an RSC user if there are 4 existing users defined. If you did not remove the RSC
card, please proceed to step 3.
3. Reinstall RSC card. For information on How to install the RSC card please refer to your Server's Owner's Guide.
4. Reboot the RSC card.
5. Log into RSC using the login and password created in Step 2.
Display the version of the ILOM firmware running on the service processor. version
Update the service processor and BIOS firmware. load -source tftp://newSPimage
User Commands
Description Command
Alert Commands
Description Command
SNMP Commands
Description Command
create /SP/services/snmp/users/snmpusername
authenticationpassword=password
Add an SNMP user.
authenticationprotocol=MD5|SHA permissions=rw|ro
privacypassword=password privacyprotocol=none|DES
Description Command
(read-write) communities.
Clock Settings
Description Command
Activating nvram:
ok> nvedit
<enter commands>
Type Control-C to get out of the editor and back to the ok prompt.
ok> nvstore
ok> setenv use-nvramrc? true
ok> reset
Note: cpu speed should be changed in 10% increments. Otherwise, the system may hang.
e.g., /iommu@f,e0000000/sbus@f,e0001000/SUNW,hme@3,8c00000)
ok> nvedit
0: probe-all install-console banner
1: apply transfer-speed=10
/iommu@f,e0000000/sbus@f,e0001000/SUNW,hme@3,8c00000
Ctrl-C (to exit the nvedit utility).
ok> nvstore
ok> setenv use-nvramrc? true
ok> boot
Note that the example above sets the speed to 10Mbps. To set the speed to 100Mbps, the value 10 should be
replaced with 100.
/pci@6,4000/scsi@3
Target 2
Unit 0 Disk SEAGATE ST32171W SUN2.1G7462
Target 3
Unit 0 Disk SEAGATE ST32171W SUN2.1G7462
/pci@6,4000/scsi@2,1
Target 2
Unit 0 Disk SEAGATE ST32171W SUN2.1G7462
Target 3
Unit 0 Disk SEAGATE ST32171W SUN2.1G7462
Note you may have to first do the following before this command will work.
ok> setenv auto-boot? false
ok> reset-all
Identify which disks are the dual-hosted disk and note the
SCSI adaptors they are attached to. Using the above example, one
connection would be "/pci@6,4000/scsi@3" and the other
"/pci@6,4000/scsi@2,1"
2) Update the nvramrc to set the scsi-initiator-id to 6 for these device.
From the boot prom type:
ok> nvedit
0: probe-all install-console banner
1: cd /pci@6,4000/scsi@3
2: 6 " scsi-initiator-id" integer-property (note: there is a space between the " and scsi)
3: device-end
4: cd /pci@6,4000/scsi@2,1
5: 6 " scsi-initiator-id" integer-property
6: device-end <cntrl-c>
ok>nvstore
ok>nvramrc evaluate
ok>setenv use-nvramrc? true
ok>reset-all
3) Edit the /etc/system file (on both nodes) to set fast/wide SCSI (disable Ultra SCSI):
set scsi_options=0x3f8
4) Boot both systems and verify that you can see the multi-hosted disks from both nodes.
Sbus based
# init 0
ok> nvedit
0: " /sbus@1f, 0/SUNW, fas@0, 8800000" select-dev
1: 6 encode-int "scsi-initiator-id" property
2: " /sbus@1f, 0/SUNW, fas@1, 880000" select-dev
3: 6 encode-int "scsi-initiator-id" property
4: device-end
5: ^c
ok> nvstore
ok> setenv use-nvramrc? true
ok> reset-all
This behavior is found on most OpenBoot [TM] 2.x and 3.x based systems. Note that differences may occur on
some platforms.
B. Common Boot [device-specifier]
disk - Boots from the alias named "disk". You can view the physical device path for the disk alias by typing
"devalias disk" at the ok prompt, or, to view all aliases, type "devalias".
cdrom - Specifies to boot from a CD or a DVD. For a system with an older EEPROM (typically OBP
versions below 2.x), replace cdrom with sd(0,6,2) to boot from the system's CD-ROM. Systems with proms
this old do not support Solaris [TM] versions that are contained on DVD media.
url - Specifies the location of the custom JumpStart [TM] configuration files in compressed format. See
section F below for the URLs that can be specified, syntax, and examples.
Effective with Solaris 9 (12/03 release) a wide area network boot option is now available. This option introduces a
new command line syntax and new option flags.
E. Network boot syntax
ok> boot cdrom|net - install [[url|ask]] [[dhcp]] [[nowin]]
Below is a list of the most commonly used network boot command flags along with a brief explanation. Each
command must be entered at the system "OK" prompt level. Note: This is NOT intended to be a complete listing of
all the boot argument options.
ask Specifies that the installation program prompt you to type the location of the compressed configuration
file after the system boots and connects to the network.
dhcp Specifies to use a DHCP server to obtain network installation information that is needed to boot the
system. If you do not specify to use a DHCP server, the system uses the /etc/bootparams file or the name
service bootparams database.
nowin Specifies not to begin the X program. You do not need to use the X program to perform a custom
JumpStart installation, so you can reduce the installation time by using the nowin option.
"noauto" and "noautons" Will not automatically retrieve the system identification information from the
network or configure the nameservice information. This is useful for performing interactive installations
when you want to be prompted for the system identification information.
For example:
ok> boot cdrom – noauto
Will not take the system identification information from the network.
OR
ok> boot cdrom – noautons
3.0 Solaris OS
3.1. Installation/Configuration
3.1.1. Jumpstart
3.1.1.1 Creating a Jumpstart Server
If the install server will be on the same net as the client machines, do the following:
# cd /cdrom/sol_9_1203_sparc/s0/Solaris_9/Tools
# setup_install_server /export/install
# add_to_install_server /export/install
3.1.1.2 Creating a Boot Server
If the install server is on a different subnet, set up a boot server. This will copy required kernel architecture
information from the Solaris CD image to the boot server's local disk.
You must have a name service so that you can setup automatic system configuration such as geographic region,
time zone, netmask value.
# cd /cdrom/sol_9_1203_sparc/s0/Solaris_9/Tools
# setup_install_server -b /export/install
# add_to_install_server -b /export/install
3.1.1.3 Configuring the Jumpstart Server
Adding clients:
1. Edit /etc/hosts (or the nis host map) - add jumpstart client ip addresses
2. Edit /etc/ethers (or the nis ethers map) - add jumpstart client ethernet addresses
3. Add the clients:
# cd /export/install
# add_install_client <client> sun4u
Removing clients:
# rm_install_client <machine-name>
Note: run dfshares to see if the file system is shared.. If not shared, edit /etc/dfs/dfstab, enter the share
statement and run:
# /etc/init.d/nfs.server start
Example:
# flarcreate -n u60_03-04-2004 -c /export/home/flash/u60.flar
# share -F nfs /export/home/flash
# dfshares
3.1.3. WANBoot
Task 1 - Creating the Flash Archive:
Perform the following steps:
1. Create the directory for the flash archive under what will be he web server's documents directory.
# mkdir -p /var/apache/htdocs/flashdir
#Servername new.host.name
Remove the pound sign (#) and change it to the correct server name for your environment:
Servername WANBootserv
NOTE: WanBoot support started in Solaris 9 12/03. If using Solaris 9 4/04, the WanBoot client must have
256mb memory or higher. If you are using Solaris 10 WanBoot, WanBoot client must have 512mb memory or
higher. This is because Wanboot actually loads a "miniroot" to memory, and Solaris 10 miniroot is much larger than
Solaris 9.
Task 3 - Configuring the WANBoot and JumpStart files
Perform the following steps to configure the WANBoot and Jumpstart server files.
1. Insert the Solaris[TM] 10 Software CD-ROM in the CD-ROM drive.
2. Create the Jumpstart configuration directory under the webserver's documents directory.
# mkdir /var/apache/htdocs/config
5. Copy the wanboot binary to a directory under the webserver's documents directory.
# cp /cdrom/cdrom0/s0/Solaris_10/Tools/Boot/platform/sun4u/wanboot \
/var/apache/htdocs/wanboot
6. Copy the WAN Boot CGI programs to the webserver's cgi-bin directory.
# cp /usr/lib/inet/wanboot/*-cgi /var/apache/cgi-bin
7. Edit the configuration file specifying the clients sysidcfg file and custom jumpstart files.
# mkdir /etc/netboot
# vi /etc/netboot/system.conf
Insert the following two lines. Use the correct server name for your environment.
SsysidCF=http://WANBootserv/config
SjumpsCF=http://WANBootserv/config
8. Copy and edit the configuration file containing the WANBoot specific parameters.
# cp /etc/inet/wanboot.conf.sample /etc/netboot/wanboot.conf
# vi /etc/netboot/wanboot.conf
Edit the file to contain following lines. Use the correct server name for your environment.
bootfile=/wanboot10/wanboot
root-file=/wanboot10/wpath/miniroot
encryption_type=
signature_type=
server_authentication=no
client_authentication=no
resolve_hosts=
root_server=
bootlogger=http://WANBootserv/cgi-bin/bootlog-cgi
system_conf=system.conf
#cp /var/apache/htdocs/wanboot10/wpath/miniroot
/var/apache/htdocs/wanboot10/miniroot
Edit the file to contain following lines. Use the correct server name for your environment.
NOTE: Please use this same order. We found some oddities if we changed the order, errors like: Invalid
entry on line x.
install_type flash_install
archive_location
partitioning explicit
filesys c0t0d0s1 512 swap
filesys c0t0d0s0 free /
# cd /var/apache/htdocs
# vi rules
# cd /cdrom/sol_8_1001_sparc/s0/Solaris_8/Tools
# ./setup_install_server /Yourimagedirname
Once this is complete, eject Solaris 8 10/01 cd 1 of 2, and insert Solaris 8 10/01 cd 2 of 2
# cd /cdrom/sol_8_1001_sparc_2/Solaris_8/Tools
# ./add_to_install_server /Yourimagedirname
Once this is complete, edit the /etc/dfs/dfstab and share out your newly created image:
# vi /etc/dfs/dfstab
# shareall
Apply required patches. Please check SunSolve infodoc 72099 for patches to be installed on the system to
be upgraded. If you do not, the Live Upgrade packages may not install, and you may also have problems
completing the Live Upgrade.
# pkgadd -d /cdrom/sol_8_1001_sparc_2/Solaris_8/EA/products/Live_Upgrade_2.0/sparc/Packages
SUNWlur SUNWluu
NOTE: The Live Upgrade packages reside in a different directory starting with Solaris 8 2/02. This path also
holds true in the Solaris 9 OS. The path is Solaris 8 2/02 cd 2 of 2:
Solaris 9 cd 2 of 2:
NOTE: At this point, you must choose one of the following sections to determine the type of partitioning you will
use:
Section D - Creating an ABE, flat file system to flat file system
Section E - Creating an ABE, flat file system to multi partitioned file system
Section F - Creating an ABE, multi partitions merged into one.
SECTION D - Creating an Alternate Boot Environment (ABE), flat file system to flat file system:
NOTE: You can also use this procedure if you have multi partitions and would like your new drive (ABE) to look
the same. You would just need to define every partition individually in your lucreate command. Example command
syntax for lucreate when you have multiple partitions. This example uses /, swap, /usr and /var:
# lucreate -c be.orig -m /:/dev/dsk/c0t2d0s0:ufs -m -:/dev/dsk/c0t2d0s1:swap -m /usr:/dev/dsk/c0t2d0s3:ufs
-m /var:/dev/dsk/c0t2d0s4:ufs -n be.new
NOTE: If you want a swap partition on your Alternate Boot Environment, you must also create a swap slice on the
new ABE. Add -m -:/dev/dsk/c0t2d0s1:swap to your lucreate syntax.
NOTE: Whatever is in your Primary Boot Environment (PBE's) /etc/vfstab, and is "NOT" defined in the lucreate
command, will still be mounted or used when you boot off your Alternate Boot Environment (ABE).
Example:
Original /etc/vfstab on my Primary Boot Environment (PBE):
# more /etc/vfstab
#device device mount FS fsck mount mount
#to mount to fsck point type pass at boot options
#
#/dev/dsk/c1d0s2 /dev/rdsk/c1d0s2 /usr ufs 1 yes -
fd - /dev/fd fd - no -
/proc - /proc proc - no -
/dev/dsk/c0t0d0s1 - - swap - no -
/dev/dsk/c0t0d0s0 /dev/rdsk/c0t0d0s0 / ufs 1 no -
#/dev/dsk/c0t0d0s3 /dev/rdsk/c0t0d0s3 /export ufs 2 yes -
/dev/dsk/c0t0d0s5 /dev/rdsk/c0t0d0s5 /part1 ufs 2 yes -
/dev/dsk/c0t0d0s6 /dev/rdsk/c0t0d0s6 /part2 ufs 2 yes -
swap - /tmp tmpfs - yes -
# more vfstab
/dev/dsk/c0t0d0s1 - - swap 1 no -
/dev/dsk/c0t2d0s0 /dev/rdsk/c0t2d0s0 / ufs 1 no -
/dev/dsk/c0t0d0s5 /dev/rdsk/c0t0d0s5 /part1 ufs 2 yes -
/dev/dsk/c0t0d0s6 /dev/rdsk/c0t0d0s6 /part2 ufs 2 yes -
#device device mount FS fsck mount mount
#to mount to fsck point type pass at boot options
#
fd - /dev/fd fd - no -
/proc - /proc proc - no -
swap - /tmp tmpfs - yes -
As you can see, the Alternate Boot Environment (ABE) is using partitions swap, /part1 and /part2 from the Primary
Boot Environment (PBE) If you do not want partitions shared between the PBE and the ABE, comment them out of
the PBE's /etc/vfstab prior to running your lucreate command.
**IMPORTANT** You alternate drive (ABE) must be partitioned properly before you run the lucreate command. In
my example, you are copying your root drive (which is a flat file system) to c0t2d0s0. Your c0t2d0s0 drive must be
partitioned with s0 being large enough to accommodate the copy. In later examples when you are going from a flat
file system to a multi partitioned file system, the ABE must be formatted/partitioned with the appropriate slices and
sizes defined.
# lucreate -c be.orig -m /:/dev/dsk/c0t2d0s0:ufs -n be.new
SECTION E - Creating an ABE, flat file system to multi partitioned file system:
Started with only /, breaking that out on my new drive to have separate /, /var and /usr
# lucreate -c be.orig -m /:/dev/dsk/c0t2d0s0:ufs -m /var:/dev/dsk/c0t2d0s3:ufs \
-m /usr:/dev/dsk/c0t2d0s4:ufs -n be.new
SECTION G - Upgrading your newly created ABE from a shared image on the network:
# luupgrade -u -n be.new -s /net/modern3/part1/sol8.10.01
# eject -f cd
Installation details:
2. Done
SECTION H1- Upgrading your newly created ABE from a cdrom drive, Solaris 8 2/02, Solaris 9, 10:
NOTE: Starting with Solaris 8 2/02 and above, installing cd 2 of 2 will install not only the packages required to
complete the upgrade it will also install the new LU packages from that specific revision of the operating system.
Insert Solaris 8 2/02 cd 1 of 2 into your cdrom drive, then run:
# eject -f cd
Solaris Web Start will assist you in installing software for Solaris 8
Software 2.
******************************************************************************
**
The target boot environment has been activated. It will be used when you
reboot. NOTE: You must use either init or shutdown when you reboot. If
you do not use one of these commands, the system will not boot using the
target BE.
******************************************************************************
**
In case of a failure while booting to the target BE, the following process
needs to be followed to fallback to the currently working boot environment:
# init 0
2. Change the boot device back to the original boot environment by typing:
ok> boot
******************************************************************************
**
Activation of boot environment <be.new> successful.
NOTE: If you want to test that the create/copy worked, you can do an init 6 at this point and the system should boot
off your ABE. Or you can actually do the Live-upgrade at this point.
SECTION J - Booting from your ABE:
After you have run the upgrade, if you would like to boot off the just upgraded Alternate Boot Environment(ABE),
just type init 6. This will automatically change your boot-device at the prom level, and if need be it will also create a
new disk alias.
SECTION K - Veritas
If you are using Solaris Live Upgrade on a system that has a Solstice DiskSuite metadevice or Veritas vxvm
volume, the source boot environment can be a metadevice or volume, but the target boot environment cannot be a
metadevice or volume. The inactive boot environment must be a regular slice.
Problem: System Panics When Upgrading On Veritas VxVm
When using Solaris Live Upgrade while upgrading and running Veritas VxVM, the system panics on reboot unless
you upgrade by using the following procedure. The problem occurs if packages do not conform to Solaris
advanced packaging guidelines.
1.Create an inactive boot environment (See sections B thru H).
2.Before upgrading the inactive boot environment, you must disable the existing Veritas software on the
inactive boot environment.
# cd /.alt.12345/etc
# cp vfstab vfstab.vxfs
d. In the copied vfstab, comment out all Veritas file system entries and redirect vfstab.vxfs to
vfstab. This command will leave the original copy as vfstab.vxfs.
The first character of each line is changed to #, which makes the line a comment line. Note that
this comment line is different than the system file comment lines.
# cd /.alt.12345/etc
# cp system system.vxfs
g. Comment out all "forceload:" entries that include drv/vx and redirect system.vxfs to system. This
command will leave the original copy as system.vxfs
The first character of each line is changed to *, which makes the line a comment line. Note this is
different than the vfstab file comment lines.
# cd /.alt.12345/etc/vx/reconfig.d/state.d
# touch install-db
j. If the original boot environment was encapsulated, remove the root-done file:
# rm root-done
# luumount inactive_boot_environment_name
# init 0
ok> boot -s
Several error messages containing "vxvm" or "VXVM" are displayed that can be ignored. The inactive boot
environment becomes active.
7. Upgrade Veritas.
a. Remove any Veritas patches from the system (see infodoc 43212).
# cd /location_of_Veritas_software
e. Install any required Veritas patches in single user mode (see infodoc 43212).
f. Reboot.
# init 6
# cp /etc/vfstab.vxfs /etc/vfstab
# cp /etc/system.vxfs /etc/system
Note: None of the operating system filesystems in the vfstab should be veritas volumes, as these must be
re-encapsulated.
9. Remove install-db:
# rm /etc/vx/reconfig.d/state.d/install-db
# vxiod set 10
# vxconfigd -m disable
# vxdctl init
# vxdctl enable
# init 6
SECTION L - Miscellaneous:
Netmasks: The live upgrade scripts use the inherited umask value. If the umask value inherited is set to say 000,
files created by these scripts might have write permissions when they should not. Be. Be Aware of your umask
value.
Logfile: /etc/lutab is a file you can read to see what be's you have created.
# more /etc/lutab
1:be.orig:C:0
1:/:/dev/dsk/c0t0d0s0:1
2:be.new:C:0
2:/:/dev/dsk/c0t2d0s0:1
# more /etc/lutab
1:be.orig:C:0
1:/:/dev/dsk/c0t0d0s
Command Reference:
luactivate - activate a boot environment
lucancel - cancel a scheduled Live Upgrade copy/create procedure
lucreate - create a new boot environment
lucompare - compare boot environments
lucurr - display the name of the active boot environment
ludelete - delete a boot environment
ludesc - display or set boot environment description
lufslist - list configuration of a boot environment
lumake - populate a boot environment
lumount - mount all file systems in a boot environment
lurename - change the name of a boot environment
lustatus - display status of boot environments
luumount - unmount all file systems in a boot environment
luupgrade - installs, upgrades, and performs other functions on software on a boot environment
3.3.2. cediag
# cediag -v
cediag: Revision: 1.74 @ 2005/02/04 07:15:53 UTC
cediag: info: cediag directory: /opt/SUNWcest/bin
cediag: info: UltraSPARC Version: 2 (2e)
cediag: info: OS Type: SunOS
cediag: info: OS Version: 5.9
cediag: info: Hostname: mysys
cediag: info: Memory size: 131008 (8KB pages)
cediag: info: MPR PRL pages: 124 (8KB pages)
cediag: info: MPR-capable OS: true
cediag: info: KJP: 117171-05
cediag: info: MPR-aware kernel in-use: true
cediag: info: MPR enabled: true
In this example, a DIMM has been recommended for replacement based on its error pattern matching
rule 4 of the DIMM Replacement Policy. Rule 5 was also applied to the messages files while rule 6 was not.
3.3.3. cfgadm
3.3.3.1 Using cfgadm for Dynamic Reconfiguration:
CPU/Memory Boards
1. Power on a cpu/memory board:
# cfgadm -x poweron N0.SB2
I/O Boards
1. Configuring an I/O Board into the domain:
# cfgadm -c configure N0.IB6
Notes: All cfgadm commands user the number "0", not the letter "O" when identifying the board, i.e. N0.
3.3.3.2 Using cfgadm in a SAN environment:
Sun HBA's with leadville stack (qlc) - If the switch(SUN) is configured in SL-mode there should be no
issues ,format should see the luns/drives. Make sure that the arrays have unique targets values. Use
luxadm -e port to check connection status. If switch-port is configured as TL,FL,F use cfgadm to configure
the array.
# cfgadm -al
Ap_Id Type Receptacle Occupant Condition
c4 fc-fabric connected unconfigured unknown
c4::210000e08b07da2c unknown connected unconfigured unknown
c4::50020f2300008f6b disk connected unconfigured unknown
Notice the type (fc-fabric),Occupant status. Format will not show the luns as Occupant is still
unconfigured.
# cfgadm -c configure c4
Ap_Id Type Receptacle Occupant Condition
c4 fc-fabric connected unconfigured unknown
c4::210000e08b07da2c unknown connected unconfigured unknown
c4::50020f2300008f6b disk connected configured unknown
Now notice the Occupant status. Format will see the luns now.
3.3.4. cpio
3.3.4.1 Copying across the network:
In combination with rsh and find, can be used to copy files across the network while retaining the permissions of
each file and directory. This method is effective for copying file systems from one disk to another. Note: because
of the recursive property of this utility, it can not be used to copy within the same fs.
# rsh oops 'cd /export/home; find . -print | cpio -o ' | cpio -idm
Note: In order for this command to work, the .rhosts or the hosts.equiv must be setup accordingly.
3.3.4.2 . Copying on the same workstation:
To copy files and retain permissions, while on the same workstation, use this form of the command:
# find . -depth -print | cpio -pmudv <target>
3.3.5. cron
3.3.5.1 crontab -e syntax
# M
# I M
# N H O
# U O D N
# T U A T
# E R Y H Weekday Command
#-- -- -- -- ------- ------------------
0 2 * * 0 /usr/bin/ping oops
minute (0-60)
hour (0-23)
day of the month (1-31)
month (1=jan, etc.)
day of the week (0=sun, 1-mon, etc.)
3.3.6. dd
Used to copy block by block from 1 device to another.
# dd if=/dev/dsk/c0t0d0s0 of=/dev/dsk/c1t0d0s0 bs=4096k
3.3.7. dumpadm
Syntax:
# dumpadm [-nuy] [-c content-type] [-d dump-device] [-m mink | minm | min%] [-s savecore-dir] [-r root-dir]
To list dump device(s);
# dumpadm
oops:/home/rfox:>dumpadm
Dump content: kernel pages
Dump device: /dev/dsk/c3t0d0s3 (swap)
Savecore directory: /var/crash/oops
Savecore enabled: yes
3.3.8. eeprom
Purpose: Used to display or set selected obp parameters.
Syntax:
/usr/platform/platform-name/sbin/eeprom [-] [-f device] [parameter [=value]]
3.3.9. explorer
3.3.9.1 How to ftp explorer files to Sun:
1) setup /.netrc (permissions of 600):
0 2 * * 0 /opt/SUNWexplo/bin/explorer -transport
ftp://supportfiles.sun.com/explorer
3.3.9.2 Location of “default values” file:
/etc/opt/SUNWexplo/default/explorer
3.3.9.3 Resetting the defaults file:
# cd /opt/SUNWexplo/bin
# ./explorer -g
SAN Switches:
# ./explorer -w sanextended
Serengeti Controllers:
# ./explorer -w scextended
T3 Disk Arrays:
# ./explorer -w t3extended
3.3.10. find
3.3.10.1. Find ufs files only, no nfs mounted fs's:
# find / -name <files> ! -local -prune -print
Note: Because the default /etc/dfs/fstypes only contains "nfs" this is functionally equivilant to:
# find / -fstype nfs -prune -o -print
3.3.10.2. Find & Remove files:
# find . -name *.msf -exec rm {} \;
3.3.10.3 Recursive grep
# /usr/bin/find . -exec /usr/bin/grep PATTERN {} /dev/null \;
3.3.11. fmthard
# prtvtoc -h /dev/rdsk/c0t0d0s0 >/tmp/vtoc
# fmthard -s /tmp/vtoc /dev/rdsk/c1t0d0s0
3.3.12. fsck
Syntax:
fsck [-F FSType] [-n | N | y | Y] [-V] [-o FSType-specific-options] [special...]
Note: unmount the file system before running fsck!!!
Using an alternate superblock (assumes superblock=32):
# fsck -o b=32 /dev/rdsk/c0t0d0s7
3.3.13. installboot
Installs the boot block onto a disk to make it bootable.
# installboot /usr/platform/`uname -i`/lib/fs/ufs/bootblk /dev/rdsk/c0t0d0s0
3.3.14. kbd
3.3.14.1 Syntax
kbd [-r] [-t ] [-a enable | disable | alternate ] [-c on | off ] [-d keyboard device ]
By default, the Alternate Break sequence is three characters, carriage return, tilde and control-B ([CR] ~ [CTRL]-
B), but may be changed by the driver.
Permanent Setting
# vi /etc/default/kbd
# kbd -i
On the Fly:
# kbd -a alternate
3.3.15. modinfo
Purpose: Used to display information about loaded kernel modules.
Syntax:
# /usr/sbin/modinfo [-c] [-w] [-i module-id]
Common usage:
1. Determine whether module is loaded:
# modinfo -c
Id Loadcnt Module Name State
0 1 unix LOADED/INSTALLED
1 1 krtld LOADED/INSTALLED
2 1 genunix LOADED/INSTALLED
3 1 platmod LOADED/INSTALLED
4 1 SUNW,UltraSPARC-IIe LOADED/INSTALLED
5 0 cl_bootstrap UNLOADED/UNINSTALLED
6 1 specfs LOADED/INSTALLED
7 0 dtrace UNLOADED/UNINSTALLED
8 1 devfs LOADED/INSTALLED
9 1 swapgeneric UNLOADED/UNINSTALLED
10 1 TS LOADED/INSTALLED
--------- cut for brevity -----------------------
2. List modules:
# modinfo -w
Id Loadaddr Size Info Rev Module Name
0 1000000 b9f58 - 0 unix ()
1 10704c8 1d202 - 0 krtld ()
3.3.16. mount
3.3.16.1. Remounting a Read-only File System
# mount -o remount,rw /dev/dsk/c0t0d0s0
3.3.16.2 How to mount an ISO image:
# lofiadm -a /<path-to-iso-file-image>
Note: lofiadm will return the device name:
/dev/lofi/1
Mount the iso image/device name just returned to your favorite mount point.
# mount -F hsfs -o ro /dev/lofi/1 /mnt
Afterward, unmount the device and delete the iso device
# umount /mnt
# lofiadm -d /dev/lofi
The output data can also be sorted by resident-set (real memory) size, virtual memory size, execute time,
and so on.
(thanks to Peter Baer Galvin (http://www.petergalvin.org) for this section.
3.3.18. psradm
The following example sets processors 2 and 3 off-line.
# psradm -f 2 3
The following example sets processors 1 and 2 no-intr.
# psradm -i 1 2
The following example sets all processors on-line.
# psradm -a -n
3.3.19. script
Used to record keystrokes and output to a file.
Start Recording:
Stop recording:
oops:/> ctl-d
3.3.20. svcadm
3.3.20.1 Enabling and disabling services
Old method SMF method (Solaris 10)
mv /etc/rc2.d/S75cron /etc/rc2.d/x.S75cron svcadm disable system/
cron:default
edit /etc/inet/inetd.conf, uncomment the finger line svcadm enable
network/finger:default
The last argument to svcadm in these examples is the FMRI of the service. Note: svcadm should only be used for
SMF services. Legacy rc script-controlled services work the same as in past releases.
3.3.20.2 Stopping, starting, and restarting services
Traditionally, services have been started by an rc script run at boot, run with the argument start. Some rc scripts
provide a stop option, and a few also allow restart. In SMF, these tasks are all accomplished with the
svcadm(1M) command:
Old method SMF method
/etc/init.d/sshd stop svcadm disable -t network/
ssh:default
/etc/init.d/sshd start svcadm enable -t network/
ssh:default
/etc/init.d/sshd stop; /etc/init.d/sshd start svcadm restart network/
ssh:default
kill -HUP `cat /var/run/sshd.pid` svcadm refresh network/
ssh:default
Notes; The "-t" option to svcadm enable and svcadm disable indicates that the requested action should be
temporary -- it will not affect whether the service is started the next time that the system boots. This is in contrast to
the example above.
3.3.21. svcs
3.3.21.1 list all services and the current state:
% svcs -a
legacy_run 9:10:15 lrc:/etc/rc3_d/S90samba
legacy_run 9:10:18 lrc:/etc/rc3_d/S99reboot_config_pvr_runner
legacy_run 9:10:18 lrc:/etc/rc3_d/S99reboot_runner
disabled 9:09:38 svc:/system/metainit:default
disabled 9:09:39 svc:/platform/sun4u/mpxio-upgrade:default
disabled 9:09:40 svc:/network/rpc/keyserv:default
online 10:53:33 svc:/network/nfs/status:default
online 10:53:33 svc:/network/nfs/nlockmgr:default
offline 9:09:42 svc:/application/print/ipp-listener:default
offline 9:09:59 svc:/application/print/rfc1179:default
% svcs -x
svc:/network/ntp:default (Network Time Protocol (NTP).)
State: maintenance since Mon Oct 18 13:58:42 2004
Reason: Start method exited with $SMF_EXIT_ERR_CONFIG.
See: http://sun.com/msg/SMF-8000-KS
See: ntpq(1M)
See: ntpdate(1M)
See: xntpd(1M)
Impact: 0 services are not running.
3.3.22. swap
3.3.22.1 Creating Swap Space:
a. Create the swap file:
3.3.23. uadmin
The uadmin command takes 2 arguments, the command to run followed by the function:
# uadmin <cmd> <function>
The most common commands are:
1 - immediate reboot, no syncing of file systems
2 - reboot and sync file systems
3.3.24. ufsdump
3.3.24.1 Dumping / to a tape:
# ufsdump 0uf /dev/rmt/0 /dev/rdsk/c0t0d0s0
3.3.24.2 Using a pipe to dump and restore on the fly:
# ufsdump 0uf - /dev/rdsk/c0t0d0s0 | (cd <target-directory>; ufsrestore xf -)
3.3.24.3 ufsrestore interactively:
# ufsrestore -i /dev/rmt/0
Interactive Commands:
3.3.25. volcheck
Purpose: checks for media in a drive and by default checks all floppy media
# volcheck -v /dev/diskette0
1. Insert a blank diskette or a diskette that can be overwritten in the diskette drive.
2. Notify Volume Manager to check for new media:
# volcheck
# fdformat -d -U
# eject -f cd
volcancel - cancel user's request for removable media that is not currently in drive
# volcancel vol/rdsk/unnamed_cdrom
- A pair of simple quotes '...' turns off the significance of ALL enclosed chars
- A pair of double quotes "..." : idem except for $ ` " \
- A '\' shuts off the special meaning of the char immediately to its right. Thus, \$ is equivalent to '$'.
- In a script shell :
# : all text that follow it up the newline is a comment
\ : if it is the last char on a line, signals a continuation line
+-------------------+---------------------------+-------------------+
| Operation | if str is unset or null | else |
+-------------------+---------------------------+-------------------+
| var=${str:-expr} | var= expr | var= ${string} |
| var=${str:=expr} | str= expr ; var= expr | var= ${string} |
| var=${str:+expr} | var becomes null | var= expr |
| var=${str:?expr} | expr is printed on stderr | var= ${string} |
+-------------------+---------------------------+-------------------+
if test
then
commands (if condition is true)
else
commands (if condition is false)
fi
if ...
then ...
else if ...
...
fi
fi
[[string = pattern]]
[[string != pattern]]
[[string1 string2]]
[[string1 > string2]]
[[ -z string]] true if length is zero
[[ -n string]] true if length is not zero
Warning : 3 different possible syntaxes :
if [[ $str1 = $str2 ]]
if [ "$str1" = "$str2" ]
if test "$str1" = "$str2"
examples :
[[ -f $myfile ]] # is $myfile a regular file?
[[ -x /usr/users/judyt ]] # is this file executable?
+---------------+---------------------------------------------------+
| Test | Returns true if object... |
+---------------+---------------------------------------------------+
| -a object | exist; any type of object |
| -f object | is a regular file or a symbolic link |
| -d object | is a directory |
| -c object | is a character special file |
| -b object | is a block special file |
| -p object | is a named pipe |
| -S object | is a socket |
| -L object | is a symbolic (soft) link with another object |
| -k object | object's "sticky bit" is set |
| -s object | object isn't empty |
| -r object | I may read this object |
| -w object | I may write to (modify) this object |
| -x object | object is an executable file |
| | or a directory I can search |
| -O object | I own this object |
| -G object | the group to which I belong owns object |
| -u object | object's set-user-id bit is set |
| -g object | object's set-group-id bit is set |
| obj1 -nt obj2 | obj1 is newer than obj2 |
| obj1 -ot obj2 | obj1 is older than obj2 |
| obj1 -ef obj2 | obj1 is another name for obj2 (equivalent) |
+---------------+---------------------------------------------------+
You can use the && operator to execute a command and, if it is successful, execute the next command in
the list. For example:
cmd1 is executed and its exit status examined. Only if cmd1 succeeds is cmd2 executed.
You can use the || operator to execute a command and, if it fails, execute the next command in the
command list.
cmd1 || cmd2
You have to enclose the entire mathematical operation within a DOUBLE pair of parentheses. A single pair
has a completely different meaning to the Korn-Shell.
+-----------+-----------+-------------------------+
| operator | operation | example |
+-----------+-----------+-------------------------+
| + | add. | ((y = 7 + 10)) |
| - | sub. | ((y = 7 - 10)) |
| * | mult. | ((y = 7 * 4)) |
| / | div. | ((y = 37 / 5)) |
| % | modulo | ((y = 37 + 5)) |
| | shift | ((y = 2#1011 2)) |
| >> | shift | ((y = 2#1011 >> 2)) |
| & | AND | ((y = 2#1011 & 2#1100)) |
| ^ | excl OR | ((y = 2#1011 ^ 2#1100)) |
| | | OR | ((y = 2#1011 | 2#1100)) |
+-----------+-----------+-------------------------+
goto my_label
......
my_label:
-----
case value in
pattern1) command1 ; ... ; commandN;;
pattern2) command1 ; ... ; commandN;;
........
patternN) command1 ; ... ; commandN;;
esac
where : value value of a variable
pattern any constant, pattern or group of pattern
command name of any program, shell script or ksh statement
example 1 :
case $advice in
[Yy][Ee][Ss]) print "A yes answer";;
[Mm]*) print "M followed by anything";;
+([0-9)) print "Any integer...";;
"oui" | "bof") print "one or the other";;
*) print "Default";;
example 2 : Creating nice menus
PS3="Enter your choice :"
select menu_list in English francais
do
case $menu_list in
English) print "Thank you";;
francais) print "Merci";;
*) print "???"; break;;
esac
done
-----
while( logical expression)
do
....
done
Examples
Example 1 : loops, cases ...
#!/bin/ksh
USAGE="usage : fmr [dir_name]" # how to invoke this script
print "
+------------------------+
| Start fmr shell script |
+------------------------+
"
function fonc
{
echo "Loop over params, with shift function"
for i do
print "parameter $1" # print is equivalent to echo
shift
done # Beware that $# in now = 0 !!!
}
fi
if [ -x $name ]
then echo "This file is executable"
fi
#------
echo "--------------- Menu select ----------"
PS3="Enter your choice: "
select menu_list in English francais quit
do
case $menu_list in
English) print "Thank you";;
francais) print "Merci.";;
quit) break;;
*) print " ????";;
esac
done
print "So long!"
Example 2 : switches
#!/bin/ksh
USAGE="usage: gopt.ksh [+-d] [ +-q]" # + and - switches
while getopts :dq arguments # note the leading colon
do
case $arguments in
d) compile=on;; # don't precede d with a minus sign
+d) compile=off;;
q) verbose=on;;
+q) verbose=off;;
\?) print "$OPTARG is not a valid option"
print "$USAGE";;
esac
done
print "compile=$compile - verbose= $verbose"
Example 3 : functions
###############################################################
# This is a function named 'sqrt'
function sqrt # square the input argument
{
((s = $1 * $1 ))
}
# In fact, all KornShell variables are, by default, global
# (execpt when defined with typeset, integer or readonly)
# So, you don't have to use 'return $s'
###############################################################
# The shell script begins execution at the next line
print -n "Enter an integer : "
read an_integer
sqrt $an_integer
print "The square of $an_integer is $s"
Example 4
#!/bin/ksh
For 12-25K:
# flashupdate -f /opt/SUNWSMS/hostobjs/sgcpu.flash SBX (view and modify)
3. Add board to domain ACL list if necessary (new installs only, not remedials)
For 3800-6900:
SC> setupplatform -p acls
For 12-25K
# setupplatform -p available -d domain -a SBX
4. Establish separate console session to view POST messages and run cfgadm from a telnet session
5. Determine Ap_Id from cfgadm ,
# cfgadm -av
6. Configure board into domain
# cfgadm -c configure N0.SBX (using Ap_Id)
Note: for 12/25K place desired level in domain's .postrc file (-H level 96)
3. Confirm that free memory and/or swap will support memory drain operation. It should at least equal memory
being removed.
To correct, run:
SC:A> setkeyswitch on
5. Check for CPU Bound processes on board being removed and move to different CPU if necessary.
# pbind Reports PID and CPU
# pbind -b CPU# PID(bind to different CPU) or
# pbind -u PID (unbind)
3.6. Printing
3.6.1. cups
1) Install the CUPS packages (from the Solaris Companion CD):
SFWcprnt
SFWcups
# ln -s /opt/sfw/cups/etc/init.d/cups /etc/init.d/cups
# ln -s /opt/sfw/cups/etc/init.d/cups /etc/rc0.d/K00cups
# ln -s /opt/sfw/cups/etc/init.d/cups /etc/rc2.d/K00cups
# ln -s /opt/sfw/cups/etc/init.d/cups /etc/rc3.d/K00cups
# ln -s /opt/sfw/cups/etc/init.d/cups /etc/rc3.d/S99cups
3.7. Zones
3.7.1. Creating a zone
1) Where will the Container reside? (I decided to install my Zone into /export/zones)
# mkdir -p /export/zones
Now, respond to some basic questions of a Solaris [TM] installation, such as:
o Define the Locale
o Define the Term
o Define the TZ
o Define the root password
o Define the Name Service
Once this is done, the Container will perform a final reboot:
# ifconfig -a
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
hme0:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 10.16.10.254 netmask ff000000 broadcast 10.255.255.255
# uname -a
SunOS sol10zone 5.10 Generic sun4u sparc SUNW,Ultra-5_10
3.7.2. Administering Zones
3.7.3. Removing a Zone
1) Be sure no one is logged into the zone to be removed. No warnings are given to users logged into a zone when
it is halted.
It is a good idea to log into the zone and run the 'who' command to see if anyone is logged in. Then be sure to log
out of the zone yourself.
sol10zone:/> who
rfox console May 31 09:29 (:0)
sol10zone:/> exit
6) Delete the zone to be removed. Note the zonecfg command is used here.
3.8. SMF
UNIX operating systems have a set of services which are usually software programs started at boot time. These
software programs are most commonly called daemons. Cron is an example These services are started by a set
of rc scripts serially./etc/rc2.d/S75cron for instance
SMF obsoletes the notion "rc" directories and the traditional linear ordering of boot processes parallelizing its
activity wherever possible in order to improve performance.
FMRI - Fault Management Resource Identifier. Every service must have an FMRI. In fact, all smf admin
commands require you to use the FMRI of a service you are administrating. The FMRI includes the service name
and the instance name For example the FMRI for the rlogin service is
svc:/network/login:rlogin
Lets break the FMRI down and study the ":" seperated parts.
svc - It's a service (But you already knew that !! )
network/login - Identifies the login service, It's in the network catagory.
rlogin - Identifies the service instance.
In addition some SMF command can use the following format and will infer what instance to use provided there is
no ambiguity.
system/system-log
So what's the different between a service and an instance of a service? A web server is a service. But a specific
web server that is configured to listen on port80 is an instance.
The first instance of a service is normally tagged as the default instance.
svc:/network/rpc/bind:default
In this case "default" is the default instance of: svc:/network/rpc/bind The running daemon is: /usr/sbin/rpcbind
So exactly what parts make up a service ? Most services have these 4 parts.
1. XML file /var/svc/manifest/system/cron.xml
2. Daemon /usr/sbin/cron
3. FMRI system/cron (short form)
svc:/system/cron (longer form)
svc:/system/cron:default (include the instance)
4. Log file: /var/svc/log/system-cron:default.log
svccfg - import, export, services. and modify service property's. svccfg has 3 different formats
Interactive mode
From a file that contains a series of subcommands
Command line mode
# svccfg
svc:>
svc:> select system/console-login
svc:/system/console-login> setprop ttymon/terminal_type = astring: vt100
svc:/system/console-login> quit
Also if the service was broke to begin with, it will be in maintenance state and you must also clear it
# svcadm clear system/console-login
inetadm encompasses functionality to achieve a set of tasks that together would require all of svccfg, svcadm and
svcs. Essentially, the property modifications that inetadm supplies can be achieved using svccfg, although inetadm
provides a simpler more abstract interface. /etc/inetd.conf is no longer used. See man inetconv for more info.
# inetadm -d network/ftp
List/display/t-shoot
svcs (list)
svcs -x (troubleshoot)
svcs -d FMRI (I depend on it.)
svcs -D FMRI (it depends on me)
FMRI
system/cron
svc:/system/cron
svc:/system/cron:default
Recovery/daemons/files/directory
svc.startd -- master restarter
svc.configd - repository, auth.
/etc/svc/repository.db
/var/svc ; /etc/svc ; /lib/svc
/lib/svc/bin/restore_repository
/lib/svc/method/fs-root (fs-usr)
mount -o remount,rw /
boot/debug
boot -m milestone=single
boot -m debug
Network
inetadm - admin/propeties
inetconv convert legacy inetd.conf
Enable/disable/refresh/clear
svcadm enable FMRI
Display/Change properties
svcprop system/cron (Lists all properties )
svcprop -p start/exec system/cron (lists a specific property )
svccfg (no options = interactive mode ; help)
svccfg import /var/svc/manifest/network/slp.xml
NOTE: After change ; svcadm (refresh,restart,maybe clear)
4.0 Networking
4.1. Network Hardware
4.1.1. Ethernet Category 5 Wiring Diagram
COLOR-CODE STANDARDS
Let's start with simple pin-out diagrams of the two types of UTP Ethernet cables m. Here are the diagrams:
Note that the TX (transmitter) pins are connected to corresponding RX (receiver) pins, plus to plus and minus to
minus. And that you must use a cossover cable to connect units with identical interfaces. If you use a straight-
through cable, one of the two units must, in effect, perform the cross-over function. Two wire color-code standards
apply: EIA/TIA 568A and EIA/TIA 568B. The codes are commonly depicted with RJ-45 jacks as follows:
If we apply the 586A color code and show all eight wires, our pin-out looks like this:
Note that pins 4, 5, 7, and 8 and the blue and brown pairs are not used in either standard.
An RJ45 connector wired to the 568A standard: (this is known as the top view with pin 1 on the left):
annex# boot
After the NTS comes back up and you log back. You will see the following menu:
Rotaries Defined:
lzic01 2
lzic02 3
cli -
Enter Annex port name or number:
Note: ndd will not work for all types of nic's. In this case, you can use the netstat command as follows:
Parameter Values:
# ndd -set /dev/hme instance 0 # hme instance, i.e hme0
# ndd -set /dev/hme adv_100T4_cap 0 # 4 twisted pairs
# ndd -set /dev/hme adv_100fdx_cap 1 # 100 MB, full duplex
# ndd -set /dev/hme adv_100hdx_cap 0 # 100 MB, half duplex
# ndd -set /dev/hme adv_10fdx_cap 0 # 10 MB full duplex
# ndd -set /dev/hme adv_10hdx_cap 0 # 10 MB, half duplex
# ndd -set /dev/hme adv_autoneg_cap 0 # auto-negotiation
Using ndd command:
These changes will only survive until the until the next reboot. To make them permanent they must be set either in
/etc/system or via an rc script (see below).
The following commands set hme0 interface to 100Mbps half-duplex mode:
# ndd -set /dev/hme instance 0
# ndd -set /dev/hme adv_100T4_cap 0
# ndd -set /dev/hme adv_100fdx_cap 0
# ndd -set /dev/hme adv_100hdx_cap 1
# ndd -set /dev/hme adv_10fdx_cap 0
# ndd -set /dev/hme adv_10hdx_cap 0
# ndd -set /dev/hme adv_autoneg_cap 0
The following commands set hme1 interface to 10Mbps full-duplex mode:
# ndd -set /dev/hme instance 1
# ndd -set /dev/hme adv_100T4_cap 0
# ndd -set /dev/hme adv_100fdx_cap 0
# ndd -set /dev/hme adv_100hdx_cap 0
# ndd -set /dev/hme adv_10fdx_cap 1
# ndd -set /dev/hme adv_10hdx_cap 0
# ndd -set /dev/hme adv_autoneg_cap 0
For permanent entries you can create a script in the /etc/rc2.d directory if each hme interface has a different
configuration. If that is the case, then just use ndd commands as specified in above. Name the script S68net-tune
to indicate that this particular script is specific to tuning network parameters on that specific host. Example:
#!/sbin/sh
echo "Setting QFE port 1 to be 100 MB Full Duplex"
4.2.2. ssh
ssh - This program is used to log into another machine or to execute commands on the other machine.
# ssh 10.0.0.1
# ssh rfox@10.0.0.1
scp - Securely copies files from one machine to another.
# scp root@oops:/var/tmp/*.gz /home/rfox
ssh-keygen Used to create RSA keys (host keys and user authentication keys).
# ssh-keygen -N <new-passphrase>
ssh-agent Authentication agent. This can be used to hold RSA keys for authentication.
ssh-add - Used to register new keys with the agent.
make-ssh-known-hosts - Used to create the /etc/ssh_known_hosts file.
4.2.3. ftp
This procedure setup up an anonymous ftp server:
1. Create a user account "ftp"
This account must not have a real shell login and the home directory must use the correct syntax for "chroot".
ftp:x:30000:30000:Anonymous FTP:/home/ftp/./:/bin/false
2. Create the /etc/shells file to have the following entries plus whatever you used above:
/usr/bin/sh
/usr/bin/csh
/usr/bin/ksh
/usr/bin/jsh
/bin/sh
/bin/csh
/bin/ksh
/bin/jsh
/sbin/sh
/sbin/jsh
/usr/local/bin/bash
/bin/false
4.2.4. dhcp
4.2.4.1. Configure the dhcp server:
Create the dhcp resource file:
# vi /etc/default/dhcp
RUN_MODE=server
RESOURCE=files
PATH=/var/dhcp
Update the hosts file with dhcp client ip addresses and names:
# vi /etc/hosts
128.50.1.50 dhcpclient-1
# pntadm -C 128.50.1.0
Add clients
# dhtadm -C
# /etc/init.d/dhcp start
# touch /etc/dhcp.hme0
c. Reboot
# init 6
4.2.5. dns
4.2.5.1. Configuring the Master DNS Server
A. Edit /etc/named.boot
# named.boot 2/22/2002 rfox
DIRECTORY /var/named # location of dns files
CACHE cache.db # where to pass the request if unresolved
PRIMARY veggie.edu veggie.zone # IP-host resolution file
PRIMARY 1.50.128.in-addr.arpa veggie.rzone # host-IP resolution file
PRIMARY 0.0.127.in-addr.arpa loopback # localhost resolution
B. If Solaris 2.7 or greater, run the conversion utility to create /etc/named.conf file:
# /usr/sbin/named-bootconf < /etc/named.boot > /etc/named.conf
C. Create the dns directory
# mkdir /var/named
D. Edit the cache.db file
# cache.db 2/22/2002 rfox
in ns parks.edu # domain to pass unresolved request
parks.edu. in a 128.50.1.99 # ip address of server
B. If Solaris 2.7 or greater, run the conversion utility to create /etc/named.conf file:
# /usr/sbin/named-bootconf < /etc/named.boot > /etc/named.conf
C. Edit the cache.db file
# cache.db 2/22/2002 rfox
. in ns parks.edu # domain to pass unresolved request
parks.edu. in a 128.50.1.99 # ip address of server
B. If Solaris 2.7 or greater, run the conversion utility to create /etc/named.conf file:
# /usr/sbin/named-bootconf < /etc/named.boot > /etc/named.conf
C. Edit the cache.db file
# cache.db 2/22/2002 rfox
. in ns parks.edu # domain to pass unresolved request
parks.edu. in a 128.50.1.99 # ip address of server
4.2.6. nis
4.2.6.1 HOW TO CONFIGURE NIS MASTER
1. Define the NIS domainname.
# domainname <example-domain>
3. Edit the /etc/hosts file to ensure that the NIS master and all NIS slave servers have been defined and that a fully
qualified name exists for this server.
4. Optionally, create an alternate directory and copy the source files there.
# mkdir /var/yp/src
# cd /etc
# cp auto_home auto_master bootparams ethers group hosts netgroup netmasks networks \
passwd protocols publickey rpc services shadow timezone user_attr /var/yp/src
Modify “DIR=” and “PWDIR=” entries to reflect the location of the alternate directory used in step 4.
Example: DIR=/var/yp/src
Example: PWDIR=/var/yp/src
If you wish NIS to resolve hosts through DNS comment out "B=" and uncomment "B=-b".
Locate the target labeled “all:” and remove any map from the definition that does not have a corresponding file and
will not be used as part of this service.
For example, bootparams, ethers, and timezone files do not exist by default, and may be removed. This will avert
errors during the make process (IE. make: Fatal error: Command failed for target 'k').
Note: If the netgroup map is to be used later, but does not yet exist, create a placeholder for this in the target
directory.
# touch /var/yp/src/netgroup
Note: To relocate RBAC related files or /etc/inet/ipnodes consult the comments in /var/yp/Makefile.
6. Ensure files are selected as the naming service, if not previously defined.
# cp /etc/nsswitch.files /etc/nsswitch.conf
It will ask you for the other yp server's name. Type the name of the server you are working on, along with the name
of your NIS slave servers, and then press CTRL-D.
It will ask the question "Do you want this procedure to quit on non-fatalerrors [y/n:n]n. choose n.
8. Start the NIS daemons.
# /usr/lib/netsvc/yp/ypstart
This will start all NIS server daemons (ypbind ypserv ypxfrd rpc.yppasswdd rpc.ypupdated).
# ps -ef |grep yp
/usr/lib/netsvc/yp/ypbind
/usr/lib/netsvc/yp/ypserv -d
/usr/lib/netsvc/yp/ypxfrd
/usr/lib/netsvc/yp/rpc.yppasswdd -D /var/yp/src -m
/usr/lib/netsvc/yp/rpc.ypupdated
Note: For Solaris 10, ypstart is automatically invoked from ypinit -m. Use the svcs utility to view the state of the
services.
# /usr/bin/svcs \*nis\*
STATE STIME FMRI
disabled 13:14:59 svc:/network/rpc/nisplus:default
online 13:28:34 svc:/network/nis/server:default
online 13:28:34 svc:/network/nis/xfr:default
online 13:28:34 svc:/network/nis/update:default
online 13:28:34 svc:/network/nis/passwd:default
online 13:28:35 svc:/network/nis/client:default
NOTE: All the resulting NIS maps will be stored under /var/yp/example-domain directory.
10. To enable this host as a NIS client.
# cp /etc/nsswitch.nis /etc/nsswitch.conf
Edit /etc/nsswitch.conf as necessary (ie. add dns entry).
3. Edit the /etc/hosts file to ensure that the NIS master and all NIS slave servers have been defined and that a fully
qualified name exists for this server.
4. Edit /etc/nsswitch.conf as necessary (ie. add dns entry).
# cp /etc/nsswitch.nis /etc/nsswitch.conf
5. Initialize the slave server as a client first.
# /usr/sbin/ypinit -c
The "ypinit" command prompts you for a list of NIS servers. Enter the name of the local slave you are working on
first, then the master server, followed by the other NIS servers in your domain in order from the physically closest
to the furthermost (in network team), then press CTRL-D.
6. Make sure "ypbind" is not running.
# ps -ef | grep ypbind
7. Start ypbind.
# /usr/lib/netsvc/yp/ypstart
9. Stop ypbind.
# /usr/lib/netsvc/yp/ypstop
3. Edit the /etc/hosts file to ensure that the NIS master and all NIS slave servers have been defined and that a fully
qualified name exists for this server.
4. Edit /etc/nsswitch.conf as necessary (ie. add dns entry).
# cp /etc/nsswitch.nis /etc/nsswitch.conf
5. Initialize the slave server as a client first.
# /usr/sbin/ypinit -c
You will be asked to name NIS servers from which the client may obtain name service information. You may list as
many master or slave servers as you want. Then press CTRL-D.
6. Start ypbind.
# /usr/lib/netsvc/yp/ypstart
7. On the newly configured NIS client, test the NIS functionality with the following command:
# ypwhich -m
4.2.7. ntp
4.2.7.1 . Configure the server:
1. update the config file:
# ntp.conf file
server 127.127.1.0 # refers to local system clock
fudge 127.127.1.0 stratum 0
broadcast 224.0.1.1 # multicast address to use to broadcast to clients
driftfile /var/ntp/ntpdrift
statsdir /var/ntp/nptstats
# end of ntp.conf
# /etc/init.d/xntpd start
# A simple NTP clilent would specify one or more network servers in your
# organization:
#
# server ntp.example.com
#
# Public NTP Server list: http://www.eecis.udel.edu/~mills/ntp/clock1.htm
#
server 128.118.46.3 # Penn State's ntp server
server 192.5.41.40 # tick.usno.navy.mil
server 192.5.5.250 # clock.isc.org
server 128.9.176.30 # timekeeper.isi.edu
server 127.127.1.0 # internal clock
fudge 127.127.1.0 stratum 10
# end of ntp.conf
4.2.8. nfs
4.2.8.1 How to NFS share/mount a CD-ROM:
1) Share the resource on the NFS server (the system with the CD-ROM locally).
# share -F nfs -o ro /cdrom/cdrom0/s0
Note: If this is the first time that the NFS server has shared out a resource then do the following to start the
nfs server daemons:
# /etc/init.d/nfs.server start
4.2.9. tip
The hardware set up involves connecting a system running Solaris[TM] to the SERIAL port via the running
system's serial port A or B. The /etc/remote file on the running system will have to be checked for the correct
settings.
# more /etc/remote
# The next 17 lines are for the PCMCIA serial/modem cards.
#
pc0:\
:dv=/dev/cua/pc0:br#38400:el=^C^S^Q^U^D:ie=%$:oe=^D:nt:hf:
pc1:\
:dv=/dev/cua/pc1:br#38400:el=^C^S^Q^U^D:ie=%$:oe=^D:nt:hf:
pc2:\
:dv=/dev/cua/pc2:br#38400:el=^C^S^Q^U^D:ie=%$:oe=^D:nt:hf:
cuab:dv=/dev/cua/b:br#2400
dialup1|Dial-up system:\
:pn=2015551212:tc=UNIX-2400:
hardwire-a:\
:dv=/dev/term/a:br#9600:el=^C^S^Q^U^D:ie=%$:oe=^D:
hardwire:\ is
:dv=/dev/term/b:br#9600:el=^C^S^Q^U^D:ie=%$:oe=^D
tip300:tc=UNIX-300: is
being used
tip1200:tc=UNIX-1200:
tip0|tip2400:tc=UNIX-2400:
tip9600:tc=UNIX-9600:
tip19200:tc=UNIX-19200:
UNIX-300:\
:el=^D^U^C^S^Q^O@:du:at=hayes:ie=#$%:oe=^D:br#300:tc=dialers:
UNIX-1200:\
:el=^D^U^C^S^Q^O@:du:at=hayes:ie=#$%:oe=^D:br#1200:tc=dialers:
UNIX-2400:\
:el=^D^U^C^S^Q^O@:du:at=hayes:ie=#$%:oe=^D:br#2400:tc=dialers:
UNIX-9600:\
:el=^D^U^C^S^Q^O@:du:at=hayes:ie=#$%:oe=^D:br#9600:tc=dialers:
UNIX-19200:\
:el=^D^U^C^S^Q^O@:du:at=hayes:ie=#$%:oe=^D:br#19200:tc=dialers:
VMS-300|TOPS20-300:\
:el=^Z^U^C^S^Q^O:du:at=hayes:ie=$@:oe=^Z:br#300:tc=dialers:
VMS-1200|TOPS20-1200:\
:el=^Z^U^C^S^Q^O:du:at=hayes:ie=$@:oe=^Z:br#1200:tc=dialers:
dialers:\
:dv=/dev/cua/b:
--------------------------------------------------------------------
The attributes are:
on receive operations
tc to continue a capability
#
Once you connect the cabling and determine the /etc/remote file is properly configured, you can tip into the system.
# tip hardwire - to tip through serial port B
# tip hardwire-a - to tip through serial port A
connected
4.2.10. ipmp
Configuration assumptions:
hme0 = 10.0.0.1
hme1 – 10.0.0.3
both interfaces are up
will create logical interfaces
# eeprom local-mac-address?=true
# ifconfig hme0 group public
# ifconfig hme0 addif 10.0.0.2 deprecated -failover netmask + broadcast + up <- test
# ifconfig hme1 group public
# ifconfig hme1 addif 10.0.0.4 deprecated -failover standby netmask + broadcast + up
# ifconfig -a
4.2.11. tftp
How to setup TFTP - To enable TFTP, uncomment the following line from /etc/inetd.conf:
tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot
The /etc/inetd.conf references a file for /tftpboot and this can be changed.
tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd -s /test/tftp
Next, create the tftp user home directory:
# mkdir /tftpboot
# chown root /tftpboot
# chmod 777 /tftpboot
To put a file to the TFTP server, you must first touch a file with the same name as the file you will be putting and
then change the permission of the file to 666. At this point you will be able to use the put command within TFTP to
put a file in the /tftpboot directory as follows:
On the TFTP server:
# touch <filename>
# chmod 666 <filename>
On another system which contains the actual file called <filename> that you would like to put to the TFTP server:
% tftp <tftp-server>
tftp> put <filename>
Sent 28 bytes in 0.2 seconds
tftp> quit
This will put the file <filename> into the /tftpboot directory on the TFTP server.
Note: TFTP does not work the same as FTP. You won't see the same messages, and can't use 'cd', 'ls' or most
other FTP commands.
Here is an example of /etc/gateways file for someone who has an le0 interface and a le1, the le1 interface is a
connection to the outside world and you do not want to broadcast rip to the outside world.
# Basic gateways file setup
# Gateway file 05/01/2005
net 0.0.0.0 gateway <ip of le1> metric 1 passive norip le1
Another example:
% cat /etc/gateways
net 150.101.17.0 gateway 150.101.16.1 metric 1 passive
net 0.0.0.0 gateway 150.101.16.2 metric 1 passive
The first line is identical to the 'route add' command. It createsa route for the network 150.101.17.0 through the
gateway machine 150.101.16.1.
The second entry creates a default route through gateway machine 150.101.16.2.
You can also add routes to specific hosts in the gateways file by using the keyword 'host' rather than 'net' and
specifying a host address rather than a network address.
For example:
# /etc/netmasks
#
150.201.0.0 255.255.255.0
192.168.1.0 255.255.255.0
will permit you to configure as many as your addressing structure will permit (up to 8191 virtual hosts.)
1. Create an entry in the /etc/hosts file ( or nis host map) for each of the virtual interfaces with the hostname and
IP address you want to use. Don't forget to add the hostname to /etc/hosts NIS, NIS+, and/or DNS database.
2. Create a /etc/hostname.<interface:#> file for each of the interfaces (/etc/hostname.le0:1, hostname.le0:2,
hostname.le0:3...le0:255.) Note: the file can contain a single line with either the ip number or hostname reference.
For example, if you are using the le0 interfaces, you would create the following files:
/etc/hostname.le0:1 (do NOT use a le0:0 - same as le0 )
/etc/hostname.le0:2
and so on
This can also be done for an hme interface. You can have up to 1024 virtual interfaces under 2.5.1. This file
should include the hostname or IP address for the corresponding interface.
3. If subnetting is being used, there should be an entry in the /etc/netmasks file in the following format:
network_address netmask
The network_address should be the network address before subnetting. For example, a class B network that is
subnetted to a Class C would have an entry such as:
157.145.0.0 255.255.255.0
If duplicate additional local routes are added (by ifconfig) when the virtual interfaces are on same subnet, then you
may need to "route delete net" on these. An /etc/rc2.d/S99vif file can be added to ifconfig and add/delete routes,
etc.
4.2.16. Routing
The route command allows you to add, get, delete, flush, entries in the routing table
# route add default 128.50.1.0 128.50.1.1 1
# route add net 128.50.0.0 128.50.1.6 1
# route change 128.50.1.6 128.50.1.5
# route delete net 128.50.0.0 128.50.1.6
# route flush
PATH=/usr/bin:/usr/sbin
case "$1" in
'start')
echo "setting LAA."
# the plumb / unplumb is necessary in Solaris 9 and greater (Not needed in
# Solaris[TM] 8).
# nafo0 uses OpenBoot PROM address (default)
# nafo1 uses hme0 card's address :
#ifconfig hme0 plumb
#ifconfig hme0 ether 08:00:20:01:02:03
#ifconfig hme0 unplumb
#
#ifconfig qfe0 plumb
#ifconfig qfe0 ether 08:00:20:01:02:04
#ifconfig qfe0 unplumb
;;
'stop')
echo "No changes."
;;
*)
echo "Usage: $0 {start|stop}"
;;
esac
exit 0
# /etc/nologin file
# created on 5/4/2003
#
“The system is unavailble due to system maintenance activities.”
oops:/home/rfox:>arp -a
4.3.1.6 netstat
oops:/home/rfox:>netstat -i
Name Mtu Net/Dest Address Ipkts Ierrs Opkts Oerrs Collis Queue
lo0 8232 loopback localhost 39259 0 39259 0 0 0
hme0 1500 somerset oops 522862 74 359240 0 0 0
4.3.1.7 ping <host> command contacts and reports status of host specified
oops:/home/rfox:>ping -s scoobydoo
PING scoobydoo: 56 data bytes
64 bytes from scoobydoo (129.154.57.77): icmp_seq=0. time=0. ms
64 bytes from scoobydoo (129.154.57.77): icmp_seq=1. time=0. ms
64 bytes from scoobydoo (129.154.57.77): icmp_seq=2. time=0. ms
64 bytes from scoobydoo (129.154.57.77): icmp_seq=3. time=0. ms
64 bytes from scoobydoo (129.154.57.77): icmp_seq=4. time=0. ms
4.3.1.8 rup <host> contacts and reports up time for host specified
oops:/home/rfox:>rup scoobydoo
scoobydoo up 49 days, 19:23, load average: 0.00, 0.01, 0.02
4.3.1.9 snoop monitors network traffic use -v ,-d ,interface, ipaddress to filter view
Level of output:
# snoop Terse mode
# snoop -V Summary Mode
# snoop -v Verbose, full packets
What to capture:
# snoop -d <interface> specifys the interface to listen to (i.e qfe2)
# snoop <host> specify a host to listen to (i.e. oops)
# snoop <host1> <host2> specify multiple hosts
# snoop port <port-number> specify a port to listen to (i.e. 25)
# snoop rpc <program> specify an rpc program name or number to listen to
# snoop <ip-address> specify an ip address
# snoop <ethernet-address> specify an ethernet address
How to capture and view:
# snoop -o <output-file-name> Note: -o flag produces binary output. Need -i flag to read.
# snoop -i <output-file-name> args
Examples:
1. capture packets between oomph and oops and puts it in a file named /tmp/snoop.out.
# snoop -v -o /tmp/snoop.out oomph oops
4. gather nfs packets in verbose mode and put in new file named /tmp/nfs.out
# snoop -v -i /tmp/snoop.out pkts nfs -o /tmp/nfs.out
5. To capture packets between funky and pinky of type tcp or udp on port 80:
Since the primitive port cannot be handled by the kernel filter, and there is also an OR
in the expression, a more efficeint way to filter is to move the OR to the end of the expression
and to use parenthesis to enforce the OR between tcp and udp:
4.3.1.10 spray <host> - will report on transfer rate and number received
oops:/home/rfox:>spray scoobydoo
sending 1162 packets of length 86 to scoobydoo ...
156 packets (13.425%) dropped by scoobydoo
66 packets/sec, 5745 bytes/sec
oops:/home/rfox:>
4.3.1.11 rpcinfo
will show all of the RPC services registered with rpcbind on the machine named klaxon use. Use the -s
option to display a more concise list:
4.3.1.12 traceroute <host> maps and times route from your server to the specified host
oops:/home/rfox:>traceroute has.central
traceroute to mcst.central.Sun.COM (29.147.45.157), 30 hops max, 40 byte packets
1 head (29.154.57.254) 1.262 ms 0.344 ms 0.344 ms
2 smt01-1-2600 (9.154.55.215) 0.715 ms 0.631 ms 0.726 ms
3 bur02r04-smt01r01.East.Sun.COM (9.154.252.121) 12.843 ms 12.785 ms 21.233 ms
4 brl-co-1.East.Sun.COM (9.148.1.37) 18.122 ms 13.157 ms 13.110 ms
5 brm03-bur03-oc3.East.Sun.COM (29.148.0.10) 61.308 ms 61.300 ms 61.571 ms
6 smuscobrm03s07-m01.Central.Sun.COM (29.147.2.253) 62.548 ms 63.261 ms 61.265 ms
7 mcst.Central.Sun.COM (29.147.45.157) 61.650 ms 63.029 ms 61.266 ms
oops:/home/rfox:>
If you run rpcinfo, and determine that certain rpc services are not responding, check those daemons on the master.
If none of the above works, you can verify if RPC services are working at all on the server, by running:
# rpcinfo <remote-machine-name>
[Note: the above rpcinfo commands will vary slightly under Solaris OS prior to 2.5, as those OSes did not offer
NFS version 3, nor the TCPtransport for NFS.]
oops:/home/rfox/:>dfshares
RESOURCE SERVER ACCESS TRANSPORT
oops:/usr/local oops - -
oops:/gca/share oops - -
To view file systems currently mounted:
# dfmounts [-F FSType] [-h] [-o specific_options] [restriction...]
oops:/home/rfox:>dfmounts
RESOURCE SERVER PATHNAME CLIENTS
- oops /boot/Solaris_9/Tools/Boot memnock
- oops /gca/share 129.152.141.12,129.152.224.197,
dhcp-smt01-192-93,pauly.East.Sun.COM,vitalsigns.East.Sun.COM,vpn-129-150-33-
135.Central.Sun.COM,vpn-129-150-35-134.Central.Sun.COM,
4.3.5. DHCP
DHCP client hostname is "Unknown" when using DHCP
Solaris 9:
1.Edit the file /etc/init.d/inetsvc and change the line that reads the following:
hostname='/sbin/dhcpinfo Hostname'
to
#hostname='/sbin/dhcpinfo Hostname'
hostname='/usr/bin/cat /etc/nodename'
2.Create a executable script in /etc/rcS.d directory for example S31myhost and add the following line :
hostname dhcpclient1
Note: dhcpclient1 is example of a hostname.
3. Next, Follow the same procedure as for Solaris 10 which is listed below.
1.Edit the /etc/default/dhcpagent file and change the line that reads the following:
#REQUEST_HOSTNAME=no
to
REQUEST_HOSTNAME=no
2.Edit the /etc/hostname.interface(example of dhcp interface is hostname.hme0) file and add the hostname to that
file.
3.Edit the /etc/nodename file and add the hostname to that file as well.
4.Edit the /etc/hosts file and add the loghost and hostname. See example below:
#
# Internet host table
#
127.0.0.1 localhost loghost
dhcp ip dhcpclient1 # Added by DHCP
5.1.2. truss
5.1,2.1. Syntax
# truss -aef -o /tmp/truss.out <command>
# truss -aef -o /tmp/truss.out -p PID
5.1.2.2. Options
-p PID: This option attaches truss to a currently running process using the the process ID (PID) obtained
typically from the ps command. If you interrupt a truss attached to a process with the -p option, only the
truss will be stopped. Whereas, if you interrupt a proccess started with truss, as in the first example above,
the process will be stopped.
-o <file>: Saves the output to a given file (/tmp/truss.out in the above example). By default truss sends its
output to stderr and that is why you can not pipe the output to the grep command (for example) as you
might with stdout messages to the console device.
-f: This option is used to follow all child processes created by the fork or vfork system calls. By default
truss only follows the process ID of the initial process. Child processes started before the truss will not be
followed.
-e: This option shows the environment strings passed in on every "exec" call. It shows the environment
that the process is running under.
-a: This option shows all the arguments to each "exec" system call.
-c: This truss command, "% truss -c ls", is useful because it counts the number system calls, signals, and
faults and displays it in a report summary. This is useful for seeing which system calls a program is
spending most of its time in. The number of errors is really not helpful and can usually be ignored.
For example:
% truss -c ls
syscall seconds calls errors
_exit .00 1
open .02 19 13
close .00 6
time .00 1
brk .00 4
lseek .00 1
fstat .00 5
ioctl .00 2
execve .00 1
fcntl .00 1
getdents .00 2
lstat .01 1
mmap .00 12
munmap .00 3
---- --- ---
sys totals: .03 59 13
usr time: .01
elapsed: .15
if [ ! -d $OUTPUTDIR ] ; then
mkdir -p $OUTPUTDIR
fi
This script has recently been updated to separate data by days; the customer can still modify OUTPUTDIR if
desired.
There is no direct way to check for an overloaded SCSI bus, but if the %w column (percentage of time transactions
are waiting for service) is greater then 5%, then the SCSI bus may be overloaded.
Information about what levels to check for the various performance statistics is taken from "Sun Performance and
Tuning" by Adrian Cockroft, ISBN 0-13-149642-5.
Tools:
This will build the path_to_inst file for disk drives. However, third party disks may need to be reinstalled.
# cp /a/etc/system /a/etc/system.vxvm
rootdev:/pseudo/vxio@0:0
set vxio:vol_rootdev_is_volume=1
# cp /a/etc/vfstab /a/etc/vfstab.vxvm
# cp /a/etc/vfstab.prevm /a/etc/vfstab
(Note: If the vfstab.prevm file does not exist, modify the current vfstab file to boot the the phyical devices
and comment out all vm volumes).
# cp /a/etc/vx/reconfig.d/disk.d/cXtXdX/vtoc
/a/etc/vx/reconfig.d/disk.d/cXtXdX/vtoc.orig
# vi a/etc/vx/reconfig.d/disk.d/cXtXdX/vtoc
c. Run the following command to rebuild the vtoc on the boot device:
11. Bring up vxva & remove root volumes recursively from rootdg.
AdvancedOpts | DiskGroup | RemoveVolumes.
12. Remove the disk (which has no subdisks on it anymore) from the rootdg disk group:
For the VM 2.6 GUI (vxva), AdvancedOpts | DiskGroup | RemoveDisks
For the VM 3.x GUI (vmsa), Remove | Return the disk to the free-space pool,
or run the following command:
13. Edit the vfstab file and add back the Volume Manager volumes:
Add in the entries for the "other" volume manager volumes in the /etc/vfstab file.
Do not add in the vm bootdisk file system.
14. Reboot the system to insure it can boot properly with Volume Manager enabled.
15. Use format to "zero out" the private (slice 3) and public (slice 4) regions.
The boot disk is now Unencapsulated...
If SystemB is running VxVM already, you'll not be able to "merge" the two rootdg disk groups.
Instead, you can import SystemA's rootdg with another name. Use:
# vxdg -n newdg import 900032351.2609.lucky-sw
3. This step will change depending on the number of partitions on the boot disk. The 'vxdiskadm'
command will put back partition 0 (for /) automatically, and may also do this for swap. However, if you
have any additional volumes on that disk (i.e., /usr or /var), you will have to run a command to put the
partition on the new disk in the correct location.
Examine the partitions on the replaced disk by running 'format' or 'prtvtoc' on it. At the very least, you
will see a partition for root and one for the public and one for the private partitions for VxVM.
Determine if any partitions are missing. If so, these "missing" partitions can be recreated easily using
the steps below.
The command to use is the 'vxmksdpart' command. You give this command the name of a particular
subdisk, and it creates a partition on the disk in the correct location. The syntax is:
For example, if you have a subdisk named "disk01-02" and wanted to create partition 7 on the disk to
map this subdisk, you can run
where <subdisk> is the name of the subdisk used in the swapvol volume on the primary boot disk (for
example, "rootdisk-01"), and <partition> is the unused partition to use for swap (for example, "1").
The "0x03" tag specifies this partition is for 'swap'.
USR. To create a partiton for /usr (if this disk contains /usr), run:
VAR. To create a partiton for /var (if this disk contains /var), run:
Note: There is no reason to create any other partitions on the boot disk.
2. Create at least 2 state databases (replicas) on unused slices (must allocate space via format) using the
metadb command:
# metadb -a -f -c 2 c0t0d0s5 c1t0d0s5
It is assumed that you have formatted the second disk exactly like the original root disk. Each corresponding
slice on each disk must be the same size. If not, you can run the following commands on the disk that you
are designating as your rmirror “to be”:
# prtvtoc -h /dev/rdsk/c0t0d0s0 >/tmp/vtoc
# fmthard -s /tmp/vtoc /dev/rdsk/c1t0d0s0
For this example, we will be mirroring all the slices on the root disk (c0t0d0) to another equally sized disk
(c1t0d0).
3. Run the metainit command to create all the metadevices you have just defined in the md.tab file. If you
use the -a option, all the metadevices defined in the md.tab will be created.
# metainit -a -f
Note: The -f is required because the slices on the root disk are currently mounted.
4. Modify the entries in the /etc/vfstab file to reflect metadevices instead of slices. Start off by making a
backup copy of the file:
# cp /etc/vfstab /etc/vfstab.prelvm
Then, edit the /etc/vfstab file to change each slice to the appropriate metadevice. Do not update the entry
for the root filesystem, it will be changed by the metaroot command. Edit the swap, /usr, /var, and any
other slices in the same manner. For example,
/dev/dsk/c0t0d0s1 - - swap - no -
becomes
/dev/md/dsk/d1 - - swap - no -
Make sure that you change the slice to the main mirror (in this case, d1) and not to the simple submirror (in
this case, d11).
5. Run the metaroot command for the metadevice you designated for the root mirror. In the example
above, we created d0 to be the mirror device for the root partition, so we would run
# metaroot d0
6. For Solstice DiskSuite versions 4.1 or greater and Solaris 9 LVM it is necessary to lock filesystems
before rebooting, so run
# lockfs -fa
7. Reboot the system. Do not proceed without rebooting your system, or data corruption will occur.
8. After the system has rebooted, you can verify that root and other slices are under DiskSuite's control by
running the following commands (The outputs of these commands should reflect the metadevice names,
not the slice names):
# df -k
# swap -l
9. Set the dump device to the correct device, using the command
# dumpadm -d swap
Verify that the dump device is set correctly to swap by running the command
# dumpadm
10. Lastly, attach the second submirror to the metamirror device. This attachment, using the metattach
command, must be done for each partition on the disk, and will start the syncing of data from the current
root disk to the other. To continue our example, to add the mirror for root, enter the command:
# metattach d0 d20
Even though this command returns to the shell prompt immediately, the syncing process has begun. To
follow the progress of this syncing for this mirror, enter the command
# metastat d0
Although you can run all the metattach commands one right after another, it is a good idea to run the next
metattach command only after the first syncing has completed. This reduces the amount of head
movement on the disk and can speed up the total time it takes to mirror all the slices on the disk.
Once you have attached all the submirrors to the metamirrors, and all the syncing has completed, your
root disk is mirrored.
Note : this procedure mirrors only /, if you want to mirror the whole system disk, remember to mirror the swap slice
and all other slices where a file system is installed.
In this case, remember that metaroot command only modifies / in vfstab, so you have to manually edit other
system disk entries in /etc/vfstab to put metadevice paths before rebooting.
This command shows the condition and location of DiskSuite's state database replicas. It is useful to have this
information in case their recreation is necessary.
# metastat -p > /etc/opt/SUNWmd/md.tab.<date>
You will redirect this output to a file for safekeeping. Check the md.tab file prior to overwriting it, though. If a valid
one exists, redirect the metastat -p to another filename and run a 'diff' on it to check for inconsistencies. The
metastat -p, however, will reflect the most current, known, configuration.
Of course, you will need to create a new root disk and restore the last full backup to that new disk. It is expected
that you will partition the disk in much the same manner as you had it before. Remember that if there was a small
partition on your original disk for a state replica that you do the same thing for this disk.
Once the disk has been created, restore your root filesystems from backups. However, before attempting to boot
the system after the restore, we must make some necessary changes to let Solaris know that the root disk is no
longer mirrored. To do this, the /etc/system and the /etc/vfstab files must be modified.
1) Boot cdrom, and mount the root filesystem to /a.
ok> boot cdrom -s
# mount /dev/dsk/c#t#d#s# /a
2) Restore the root filesystem from backup tape into /a and initialize the boot block using
# installboot /usr/platform/<arch>/lib/fs/ufs/bootblk /dev/rdsk/c#t#d#s#
3) Mount and restore any other critical filesystems such as /usr /var /opt etc.
4) If the replacement machine does not have it disks connected via the same paths as the original then you may
have to follow the procedure documented in SRDB 15010 to rebuild the /devices and /dev structures.
5) vi /a/etc/system
Remove ALL lines between the "MDD root info" lines as well as those between the "MDD database info" lines. In
the following example file, all these lines would be removed from the file:
-------------------------------------------------------------
* Begin MDD root info (do not edit)
forceload: misc/md_trans
forceload: misc/md_raid
forceload: misc/md_hotspares
forceload: misc/md_stripe
forceload: misc/md_mirror
forceload: drv/sd
forceload: drv/esp
forceload: drv/espdma
forceload: drv/sbus
forceload: drv/iommu
rootdev:/pseudo/md@0:0,3,blk
* End MDD root info (do not edit)
* Begin MDD database info (do not edit)
set md:mddb_bootlist1="sd:14:16 sd:15:16"
* End MDD database info (do not edit)
-------------------------------------------------------------
6) vi /a/etc/vfstab
Change all metadevices for the root filesystems (root, usr, var, and opt) back to regular slices (/dev/dsk/c#t#d#s#).
Comment out all the other metadevices for the time being. For example:
** EXAMPLE FILE BEFORE:
---------------------------------------------------------------------------------
#device device mount FS fsck mount mount
#to mount to fsck point type pass at boot options
/proc - /proc proc - no -
fd - /dev/fd fd - no -
swap - /tmp tmpfs - yes -
/dev/md/dsk/d1 - - swap - no -
/dev/md/dsk/d0 /dev/md/rdsk/d0 / ufs 1 no -
/dev/md/dsk/d2 /dev/md/rdsk/d2 /usr ufs 1 no -
/dev/md/dsk/d3 /dev/md/rdsk/d3 /var ufs 2 yes -
/dev/md/dsk/d4 /dev/md/rdsk/d4 /opt ufs 2 yes -
/dev/md/dsk/d5 /dev/md/rdsk/d5 /export/home ufs 3 yes quota
/dev/md/dsk/d6 /dev/md/rdsk/d6 /export/home1 ufs 3 yes quota
---------------------------------------------------------------------------
7) Remove all lines (except for the 2 comment lines at the top) from the "mddb.cf" file. This file exists either in the
/etc/opt/SUNWmd or /etc/lvm directory, depending on the version of DiskSuite you are running.
8) Boot the system from the newly restored boot disk. When the system comes up, only root (and /usr, /var, and
/opt, if they exist) will be mounted using the slices on the new root disk.
9) Re-add the state databases with the 'metadb' command. Use the output of the 'metadb' command you saved to
get the locations.
# metadb -a -f <location1>
# metadb -a -f <location2>
# metadb -a -f <location3>
10) Recreate the "md.tab" file from the 'metastat' output you saved, Make sure that all mirrors are one-way mirrors
and all RAID5 devices contain the "-k" option. For the boot disk, ensure that the one-way mirrors refer to the side
which has been restored. Make sure the order is correct so that mirrors aren't created until the submirrors already
exist. See below the necessary changes that must be made to ensure one-way mirrors are used.
The "md.tab" file exists either in the /etc/opt/SUNWmd or /etc/lvm directory, depending on the version of DiskSuite
you are running. For example:
-------------------------------------------------
11) Run the 'metainit' command to create all the metadevices that are listed in the "md.tab" file.
# metainit -f -a
12) Run the 'metaroot' command to set the metadevice as a root device.
# metaroot d0
13) Add in the other metadevices into the /etc/vfstab file for the other filesystems. that you created in step 7.
14 Reboot.
# init 6
15) Attach all the “second mirrors” to all the mirrored metadevices. For example:
# metattach d0 d20
Here is the output of the 'metadb' command, showing the locations of the SVM database replicas. There is one on
each disk.
# metadb
flags first blk block count
a u 16 8192 /dev/dsk/c0t0d0s7
a u 16 8192 /dev/dsk/c0t1d0s7
a u 16 8192 /dev/dsk/c0t2d0s7
a u 16 8192 /dev/dsk/c0t3d0s7
Here is the SVM configuration before the submirror disk replacement. Note: The DevID information is at the
bottom.
# metastat
d0: Mirror
Submirror 0: d10
State: Okay
Submirror 1: d20
State: Needs maintenance
Pass: 1
Read option: roundrobin (default)
Write option: parallel (default)
Size: 6295232 blocks (3.0 GB)
d10: Submirror of d0
State: Okay
Size: 6295232 blocks (3.0 GB)
Stripe 0:
Device Start Block Dbase State Reloc Hot Spare
c0t0d0s0 0 No Okay Yes
d20: Submirror of d0
State: Needs maintenance
Since c0t2d0 is the drive that needs to be replaced, use 'metadetach' and 'metaclear' to detach and remove the
bad submirrors from that disk.
# metadetach -f d0 d20
d0: submirror d20 is detached
# metadetach -f d1 d21
d1: submirror d21 is detached
# metaclear d20
d20: Concat/Stripe is cleared
# metaclear d21
d21: Concat/Stripe is cleared
Here is the 'metastat' output after detaching and removing d20 and d21:
# metastat
d0: Mirror
Submirror 0: d10
State: Okay
Pass: 1
Read option: roundrobin (default)
Write option: parallel (default)
Size: 6295232 blocks (3.0 GB)
d10: Submirror of d0
State: Okay
Size: 6295232 blocks (3.0 GB)
Stripe 0:
Device Start Block Dbase State Reloc Hot Spare
c0t0d0s0 0 No Okay Yes
d1: Mirror
Submirror 0: d11
State: Okay
Pass: 1
Read option: roundrobin (default)
Write option: parallel (default)
Size: 2101552 blocks (1.0 GB)
d11: Submirror of d1
State: Okay
Size: 2101552 blocks (1.0 GB)
Stripe 0:
Device Start Block Dbase State Reloc Hot Spare
c0t0d0s1 0 No Okay Yes
Device Relocation Information:
Device Reloc Device ID
c0t2d0 Yes id1,sd@SFUJITSU_MAG3182L_SUN18G_00526202____
c0t0d0 Yes id1,sd@SSEAGATE_ST318203LSUN18G_LR795377000010210UN3
Since there is a replica on the disk to be removed, remove it using:
# metadb -d c0t2d0s7
and then confirm that the new disk has been configured:
# cfgadm -al
Ap_Id Type Receptacle Occupant Condition
c0 scsi-bus connected configured unknown
c0::dsk/c0t0d0 disk connected configured unknown
c0::dsk/c0t1d0 disk connected configured unknown
c0::dsk/c0t2d0 disk connected configured unknown
c0::dsk/c0t3d0 disk connected configured unknown
Then run 'format' to put the appropriate partition table onto the disk.
# format
Note: the steps to create a valid partition table have been left out for brevity.
Run 'metadevadm' to update the SVM database with the new DevID information. Here can be seen, the old DevID
and the new DevID.
# metadevadm -u c0t2d0
Updating Solaris Volume Manager device relocation information for c0t2d0
Old device reloc information:
id1,sd@SFUJITSU_MAG3182L_SUN18G_00526202____
Run 'metadb' to recreate the replica that we removed from the disk:
# metadb -a c0t2d0s7
and run 'metainit' to recreate the metadevices that were previously removed, and 'metattach' to reattach them to
their respective mirrors.
# metainit d20 1 1 c0t2d0s0
d20: Concat/Stripe is setup
# metattach d0 d20
d0: submirror d20 is attached
# metattach d1 d21
d1: submirror d21 is attached
Running a 'metastat' command now will show the NEW DeviceID for disk c0t2d0:
# metastat
d0: Mirror
Submirror 0: d10
State: Okay
Submirror 1: d20
State: Okay
Pass: 1
Read option: roundrobin (default)
Write option: parallel (default)
Size: 6295232 blocks (3.0 GB)
d10: Submirror of d0
State: Okay
Size: 6295232 blocks (3.0 GB)
Stripe 0:
Device Start Block Dbase State Reloc Hot Spare
c0t0d0s0 0 No Okay Yes
d20: Submirror of d0
State: Okay
Size: 6295232 blocks (3.0 GB)
Stripe 0:
Device Start Block Dbase State Reloc Hot Spare
c0t2d0s0 0 No Okay Yes
d1: Mirror
Submirror 0: d11
State: Okay
Submirror 1: d21
State: Okay
Pass: 1
Read option: roundrobin (default)
Write option: parallel (default)
Size: 2101552 blocks (1.0 GB)
d11: Submirror of d1
State: Okay
Size: 2101552 blocks (1.0 GB)
Stripe 0:
Device Start Block Dbase State Reloc Hot Spare
c0t0d0s1 0 No Okay Yes
d21: Submirror of d1
State: Okay
Size: 2101552 blocks (1.0 GB)
Stripe 0:
Device Start Block Dbase State Reloc Hot Spare
c0t2d0s1 0 No Okay Yes
Device Relocation Information:
Device Reloc Device ID
c0t0d0 Yes id1,sd@SFUJITSU_MAG3182L_SUN18G_00526873____
c0t2d0 Yes id1,sd@SSEAGATE_ST318203LSUN18G_LR7943000000W70708e0
After the new disk is attached to the mirror disk, it will be resynchronized. Once the resynchronization process is
completed, the mirror disk will be back to fully redundant mode.
# metattach -a d0 c4t1d0s0
# growfs -M /directory /dev/md/rdsk/d0
NOTE: If the filesystem already exists, only the last 2 steps are needed.
6.3.5.3 md.tab ENTRY EXAMPLES:
a) Concatenation:
d0 2 1 c0t0d0s2 1 c0t1d0s2 (up to 6 disks)
b) Stripe:
d0 1 3 c0t0d0s0 c1t0d0s0 c2t0d0s0 (up to 6 disks)
c) Mirror:
d0 -m d1 d2 (up to 3 disks)
d) Hotspares:
hsp001 c3t0d0s0 c3t1d0s0 c3t2d0s0 (up to 999 hsp's allowed)
e) Raid5:
d20 -r c0t1d0s0 c1t1d0s0 c2t1d0s0 (up to 6 disks)
f) Trans Device:
d21 -t c1t1d0s0 c2t0d0s0 (assigned as master log)
G) Assign a hotspare:
d1 1 1 c0t0d0s2 -h hsp001
6.3.6. Command Reference
· metaclear - delete active metadevices and hot spare pools
· metahs - manage hot spares and hot spare pools
· metaonline - place submirrors online
· metareplace - enable or replace components of submirrors or RAID5 metadevices
· metastat - display status for metadevice or hot spare pool
· metadb - create and delete replicas of the metadevice state database
· metainit - configure metadevices
· metaparam - modify parameters of metadevices
· metaroot - setup system files for root (/) metadevice
· metasync - handle metadevice resync during reboot
· metadetach - detach metadevice to or from a mirror or trans
· metaoffline - place submirrors offline
· metarename - rename metadevice or switch layered metadevice names
· metaset - configure shared disksets
· metattach - attach metadevice to or from a mirror or trans
6.4. StorADE
6.4.1 Installation
1) Install the package and patch. The StorADE package and patch are available on the EIS CD or they can be
downloaded, (http://sunsolve.sun.com):
# unzip the binaries
# cd <install-dir>
# ./install
3) Edit the /etc/deviceIP.conf file and add the array (including the array type:
<ip-address> <array-name> <array-type>
Example:
10.0.0.10 myarray 3511
4) Note the "ras" user does not exist anymore. A new role and user must be created. Create sa_admin user role:
# roleadd -c "SA Role" -s /bin/pfcsh -A "solaris.*" -P "All" sa_admin
5) Assign password to this role:
# passwd sa_admin
New Password:******
Re-enter new Password: ******
passwd: password successfully changed for sa_admin
6) Create new user with the new role. In this example, we will create a user named admin
# useradd -c "SA Admin" -s /bin/csh -R sa_admin -A "solaris.*" admin
7) Assign password to this new user:
# passwd admin
New Password:******
Re-enter new Password:******
passwd: password successfully changed for admin
7.0. SunCluster
7.1. SunCluster 2.x
7.1.1. Command Reference
abort partition Same as scadmin stopnode... Use scadmin stopnode command
ccdadm <clustname>
-p ccd.database.ssa - creates a ccd.database.pure file for recovery use
-r ccd.database.pure - restores to ccd.database file
-v verify consistancy of the dynamic copy of ccd.database
-x convert the candidate file to a CCD database. Or verifies the CCD file.
ccp Command used to run the cluster control panel software on the admin workstation
# ccp clustername &
cconsole Command used to start up the cluster console on the admin W/S # cconsole
get_node_status Command used to get the status of a node (also can use hastat and scconf clustername - p
commands)
# get_node_status
haswitch Switch logical host to another node (will start the reconfiguration)
# haswitch nodename
hastat Will give you the status of the cluster, will lie if private network is down. You can run it in the common
window to get all views
# hastat (- m 0 skip messages)
hareg registers data service with HA and associate the given logical host.
# hareg - s - r dataservice - h logicalhost
# hareg - y dataservicename (to turn on a dataservice)
# hareg (to verify a service is turned on)
pnmset Command to create PNM NAFO groups (on each node) for the public network interfaces to be used for
the NFS data service.
# opt/SUNWpnm/bin/pnmset (follow interactive install)
pnmstat - l Command lists the /etc/pnmconfig file (to set up NAFO groups)
scadmin startcluster The first node into the cluster must enter with the 'cluster ' switch.
# scadmin startcluster nodename clustername
scadmin startnode All remaining nodes can join the cluster with the startnode switch
# scadmin startnode
scadmin stopnode To remove your node from the cluster use the stopnode switch. (do this before init or
shutdown commands)
# scadmin stopnode
scadmin switch Switch logical host to another node (will start the reconfiguration) same as haswitch command
# scadmin switch nodename
scconf Command used to configure cluster parameters (many, use MAN)
# scconf - F (creates admin filesystem, each node)
# scconf - L (for logical hosts) (one node, diskset)
# scconf - q (for quoram device)
# scconf -N (to change a node ethernet address )
scdidadmn Command to initialize the Disk ID psudo driver (SDS install only) builds a file with paths from each
node to disks
# scdidadm - r (on node 0 to initialize)
# scdidadm - l (L) (verify DID configuration)
scinstall Installation command for Sun Cluster from CD
scmgr Command to start Sun Cluster manager (cluster monitor) (set DISPLAY)
# /opt/SUNWcluster/bin/scmgr nodename & xhost
Command on admin W/S to allow all xhost connections from cluster nodes (graphics)
# /usr/openwin/xhost +
pnmset - Set up and update the configuration for PNM (Public Network Management)
pnmstat - Report status for NAFO (Network Adapter Failover) backup groups being monitored by PNM
pnmrtop - Map real adapter name to pseudo adapter name in NAFO backup group
pnmptor - Map pseudo adapter name to real adapter name in NAFO backup group
ccp - the Sun Cluster System Cluster Control Panel GUI
cconsole - multi window, multi machine remote console
crlogin - multi window, multi machine remote login
ctelnet - multi window, multi machine remote telnet
# cd <cd-image>/SunCluster_HA_NFS_3.1/Packages
# pkgadd -d .
# mkdir /global/nfsvol01
B. Prework ON ONE PHYS-NODE (since those steps affect the Global FS)
1. Mount the global FS
# mount -g /global/nfsvol01
2. Create /global/nfsvol01/SUNW.nfs
# mkdir -p /global/nfsvol01/SUNW.nfs
# mkdir -p /global/nfsvol01/data
4. Register the NfS resource type only if it is the first time you will use SUNW.nfs
Run on ONE phys. cluster-node ONLY
# scrgadm -a -t SUNW.nfs
Note: Make sure that the logical hostname is in every client's /etc/hosts
# scswitch -Z -g nfs-rg
# scrgadm -a -t SUNW.HAStorage
# scrgadm -a -g nfs-rg -j HAStorage-res1 -t SUNW.HAStorage -x AffinityOn=True -x
ServicePaths=/global/nfsvol01
# scswitch -e -j HAStorage-res1
# scrgadm -c -j nfsvol01-res -y Resource_dependencies=HAStorage-res1
# scswitch -n -j nfs-res
# scrgadm -r -j nfs-res
# scswitch -n -j sc??-nfs-log
# scrgadm -r -j sc??-nfs-log
# scrgadm -r -g nfs-rg
7.2.2.2 HA-Oracle
Prework ON ALL PHYS-NODEs
1. Make sure that listener.ora and tnsnames.ora exist in /var/opt/oracle
oracle$ ls
listener.ora tnsnames.ora
2. If they do not exist, copy the the listener.ora and tnsnames.ora to /var/opt/oracle
oracle$ cd $ORACLE_HOME/network/admin
oracle$ ls
listener.ora samples shrept.lst sqlnet.ora tnsnames.ora
oracle$ cp listener.ora /var/opt/oracle/
oracle$ cp tnsnames.ora /var/opt/oracle/
3. Modify the listener.ora and tnsnames.ora as described on page 6-59 and 6-60 of the Suncluster
particant Guide
5. install Patches
6. Enable all resourece in the Oracle-RG and put them into a managed state
# scswitch -Z -g oracle-rg
7.2.2.3 HA-Apache
Prework
· verify that the Apache packages are installed on all phys. nodes
# pkginfo |grep SUNWap
system SUNWapchd Apache Web Server Documentation
system SUNWapchr Apache Web Server (root)
system SUNWapchu Apache Web Server (usr)
· Set up a global FS to hold the apache httdocs - the binaries are installed locally on all phys. node
# vi /etc/vfstab
/dev/vx/dsk/ha-ap/vol01 /dev/vx/rdsk/ha-ap/vol01 /global/haapvol01 ufs 2 yes global,logging
# mkdir /global/haapvol01
# mount /global/haapvol01
# mkdir /global/haapvol01/htdocs
# cp -r /usr/apache/htdocs/manual/* /global/haapvol01/htdocs/.
· Edit /global/haapvol01/conf/apache/httpd.conf
# mkdir /global/haapvol01/conf
# cp /etc/apache/httpd.conf-example /global/haapvol01/conf/httpd.conf
# vi /global/haapvol01/conf/httpd.conf
# ports < 1023, you will need httpd to be run as root initially.
#
Port 80
[ ... ]
ServerName sc??-apache-log !! has to be the IP adress of the logial host
or shared IP-address
[ ... ]
DocumentRoot "/global/haapvol01/htdocs"
[ ... ]
# PidFile: The file in which the server should record its process
# identification number when it starts.
#
PidFile /var/run/httpd.pid-sc
[ ... ]
<Directory /global/haapvol01/htdocs >
</Directory>
Registring HA-Apache
1. Register the Apache resource type
Run on ONE phys. cluster-node ONLY - this has to done only once for the first Apache service
# scrgadm -a -t SUNW.apache
2. Create a failover resource-group to hold the HA-Apache resource
Run on ONE phys. cluster-node ONLY
# scrgadm -a -g ha-apache-rg
3. Add a Logical Hostname resource to the resource group ha-apache-rg
Run on ONE phys. cluster-node ONLY
# scrgadm -a -L -g ha-apache-rg -l sc??-apache-log
Make sure that the shared address is in every cluster node's and client's /etc/hosts
4. Add an Apache resource to the failover resource group
Run on ONE phys. cluster-node ONLY
# scrgadm -a -j ha-apache-res -g ha-apache-rg -t SUNW.apache -y Network_resources_used=sc??-
apache-log -y Scalable=False -y Port_list=80/tcp -x Bin_dir=/usr/apache/bin -x
Confdir_list=/global/haapvol01/conf
Port_list= Port of the Apache Webserver
Bin_dir= Path to the Apache binaries
Confdir_list= Path to the httpd.conf Config-file
7. Enable the resource and the resource monitor for the HA-Apache resource group
Run on ONE phys. cluster-node ONLY
# scswitch -Z -g ha-apache-rg
Testing HA-Apache
Take a browser and test the URL
http://sc??-apache-log:80
Step 3: Run scinstall and try to join the existing cluster. Note that scinstall will install all Sun cluster software
packages on the node, but the node will not be able to join the cluster. This is because this node name already
exist in the cluster configuration, and the cluster will not let it join as a new node again.
Step 4: Install all necessary dataservices through the pkgadd command. For example, SUNWnfs for HANFS
service.
Step 5: Install the patches for cluster framework, as well as for data services.
Step 6: Edit the /etc/vfstab file and change the entry for 100MB filesystem mount point entry from /globaldevices to
/global/.devices/node@X (X is the node for this cluster node). Create the mount point because it will not exist.
Step 7: Copy /etc/inet/ntp.conf.cluster from the running node.
Step 8: Copy /etc/nsswitch.conf from the running node.
Step 9: Make sure that the /etc/hosts file has entries for all cluster nodes, logical hosts, and other hosts needed for
application.
Step 10: touch /etc/norouter
Step 11: Make sure that /etc/system has all the necessary parameters for database and other applications.
Step 12: Make sure that all the shared disks/luns are appearing in the format output on this node.
Step 13: Insert DID entry in /etc/name_to_major as it appears in the running node (if it is not there). Make sure
that DID has the same major number on both nodes.
Step 14: Copy over the /etc/cluster directory from the running node. Change the /etc/cluster/nodeid entry from 2 to
1, or 1 to 2.
Step 15: Configure Nafo Group/ IPMP as it was before.
Step 16: Reboot the system with boot -r. The system will come up and should be able to join the cluster. However,
it is going to complain about the DID devices. The following Step will take care of it.
Step 17: Execute the following commands to take care of DID errors: This will create globaldevices node names
for Veritas disks and volumes, and take care of all DID devices as well.
#devfsadm -C
#scdidadm -C
#devfsadm
#scdidadm -r
#scgdevs -g
#/usr/cluster/lib/dcs/scvxvmlg
Step 18: Encapsulate the root disk as per the EIS Installation procedure,and mirror the root disk.
Step 19: Verify resource group failover between cluster node.
....
node2# format
Searching for disks...done
....
3) If all the luns (or disks) are fine, run 'scdidadm -r' on all the nodes to reconfigure DID database.
node1# scdidadm -r
did instance 2 created.
did subpath sp:/dev/rdsk/c0t22d0 created for instance 2.
node2# scdidadm -r
did subpath /dev/rdsk/c0t22d0s2 created for instance 2.
node1# scgdevs
node2# scgdevs
5) Check for the new disk in the DID devices with the 'scdidadm -L' command. The output must be the same on
both nodes.
# scdidadm -L
1 node1:/dev/rdsk/c0t19d0 /dev/did/rdsk/d1
1 node2:/dev/rdsk/c0t19d0 /dev/did/rdsk/d1
2 node1:/dev/rdsk/c0t22d0 /dev/did/rdsk/d2
2 node2:/dev/rdsk/c0t22d0 /dev/did/rdsk/d2
4 node1:/dev/rdsk/c0t6d0 /dev/did/rdsk/d4
4 node2:/dev/rdsk/c0t6d0 /dev/did/rdsk/d4
5 node1:/dev/rdsk/c0t0d0 /dev/did/rdsk/d5
5 node2:/dev/rdsk/c0t0d0 /dev/did/rdsk/d5
----- Cut for brevity -----
6) On all nodes, run 'vxdctl enable' for the Volume Manager database to recognize the new disk.
# vxdctl enable
8) Add the disk to the diskgroup. Run the following command on the node that has the disk group directly imported:
node1# vxdiskadm -> option 1
11) Prior to creating the filesystem, run the 'scsetup' to synchronize the new volume to all the nodes:
node1# scsetup
1) Quorum
2) Resource groups
3) Cluster interconnect
4) Device groups and volumes
5) Private hostnames
6) New nodes
7) Other cluster properties
?) Help
q) Return to the Main Menu
VERITAS Volume Manager disk groups are always managed by the cluster
as cluster device groups. This option is used to synchronize volume
information for a VxVM device group between the VxVM software and the
clustering software. It should be selected anytime a volume is either
added to or removed from a VxVM disk group. Otherwise, the cluster
will be unaware of the changes.
Name of the VxVM device group you want to synchronize? butodg <-- DG
scconf -c -D name=butodg,sync
12) Create the mount point on all the nodes, with the same pathname.
For example:
node1# mkdir /new
node2# mkdir /new
14) Add to /etc/vfstab file on both nodes the new global filesystem : For example:
/dev/vx/dsk/butodg/newvol /dev/vx/rdsk/butodg/newvol /new ufs 2
yes global,logging
15) After editing the /etc/vfstab, mount the filesystem on the node that has the diskgroup directly imported:
node1# mount /new
16) Now you have a global filesystem created that is seen through all the nodes.
You need to disable RAC/OPS service autostart before rebooting the node in single-user mode.
# mv /etc/rc3.d/S30initucmm /etc/rc3.d/s30initucmm
After the system is completely recovered (for example, scdidadm -R and vxinstall are done), move the script back
to where it was:
# mv /etc/rc3.d/s30initucmm /etc/rc3.d/S30initucmm
node1# # scstat -W
2) Run scsetup utility to remove the old interface. This only needs to be done on one node and can be done from
either node:
node1# scsetup
1) Quorum
2) Resource groups
3) Cluster interconnect
4) Device groups and volumes
5) Private hostnames
6) New nodes
7) Other cluster properties
?) Help
q) Return to the Main Menu
This option is used to remove an existing cluster transport cable from the cluster configuration. However, the two
endpoints of the cable will remain configured.
It is very important that you not disable or remove the last remaining healthy connection to an active cluster node.
Please check the status of other cables before you proceed.
Is it okay to continue (yes/no) [yes]?
Each existing cluster transport cable can be identified by naming one of the cable endpoints. Since one of the two
endpoints is always attached to a node, you will be asked to supply the node and adapter names of one of the
endpoints of the cable you are trying to identify.
To which node is the cable attached? node1 <---- Type the name of the node
Name of the adapter on "node1"? qfe5 <---- Type the interface to be removed
Is it okay to proceed with the update (yes/no) [yes]? <---- Type yes
3) Removed the interface, check if the interface is still configured. You can check it on both nodes:
node1# scstat -W
4) Now configure the new interface, using scsetup. Again this only needs to be done on one node and can be done
from either node:
*** Cluster Interconnect Menu ***
?) Help
q) Return to the Main Menu
Each cluster transport cable either directly connects two cluster nodes or connects a cluster node to a port on a
transport junction. Only two-node clusters may use directly-connected cables; all cables on clusters with more than
two nodes must be cabled to junctions.
This option is used to add a new cluster transport cable to the cluster configuration. If either of the two endpoints of
the cable do not already exist, they will also be added to the configuration.
Is it okay to continue (yes/no) [yes]?
Since this is a two-node cluster, direct-connect cabling of the transport cables may be supported. Refer to the
documentation for your cluster transport adapters for more information on whether or not your hardware supports
direct-connect cabling. Some adapter types may require the use of junctions even on two-node clusters.
Note that direct-connect cabling can complicate the later addition of a third node to the cluster.
Are you adding a directly-connected cable (yes/no) [no]? y <----
Select y for direct connect.
Since the cable you are adding is a direct-connect cable, each cable endpoint must be attached directly to an
adapter on each of the two nodes in the cluster. You will be asked to supply the names of both adapters.
Name of the adapter to use on "node1"? qfe2 <---- Type the new interface for
node1
Name of the adapter to use on "node2"? qfe2 <---- Type the new interface for
node2
Is it okay to proceed with the update (yes/no) [yes]?
5) Check if the new configuration is ok. You can run the following command on any node:
node1# scstat -W
3. This command will use new oracle user and password to act as fault monitor user.
node0# scrgadm -c -j test_oracle_resource -x Connect_string=newuser/newpassword
1. reboot -- -sx
2. copy '/var/sadm/install/admin/default' file and change instance=unique to instance=overwrite
sed 's/unique/overwrite/g' /var/sadm/install/admin/default > /var/tmp/default (This file used later in
procedure)
3. vxdctl stop
4. vxiod -f set 0
5. remove vxvm patches
pkginfo|grep VRTS|awk '{print $2}'|xargs -i pkgparam -v {}|grep PATCHLIST
patchrm <patch>
(in lab testing patch 112392-07 failed to back out. This does not adversely affect the rest of the procedure)
(This will overwrite the existing packages. It will ask you twice if you are sure. Answer yes both times.)
mv /var/sadm/pkg/VRTSvxvm/install/space \
/var/sadm/pkg/VRTSvxvm/install/space.org
then
rm /etc/rc2.d/S96vradmind
rm /etc/rc2.d/S96vxrsyncd
To prevent this message you should use a dedicated dump device. Please refer to SRDB 76392 & Infodoc
50084.
13. Continue - upgrade the remaining cluster nodes following the above described procedure.
Disk groups are available to each node post-upgrade. Therefore it is possible to do this upgrade (3.5 - 4.0) as a
rolling upgrade.
In Lab testing the veritas disks got renamed from fabric_xx to Disk_xx by this upgrade.
8.0. Security
8.1. Securing Network Services
8.1.1. inetd
The first place to start is to edit the inetd configuration file, /etc/inet/inetd.conf. To prevent inetd from starting a
service, the line in the configuration file for that service can either be commented out or deleted entirely. To provide
a measure of logging, inetd's startup line in /etc/init.d/inetsvc should have the -t flag added as shown below:
/usr/sbin/inetd -s -t &
The -t flag causes inetd to trace incoming connections for TCP services. Note that UDP services cannot be traced.
The information is logging using the syslog facility level of daemon.notice. By default, this information would be
logged to /var/adm/messages.
If the system is running ssh (Secure Shell), then the r-* programs (e.g., rsh, rlogin, rexec, etc.) should be
disabled. Below, is a list of services in inetd that should be turned off (excluding telnet and ftp)
shell - Remote Shell
login - Remote Login
exec - Remote Execution
comsat - notification of mail on local host
talk - permits users to talk to one another using the talk program
name - support for the obsolete DARPA name server protocol
uucp - Unix to Unix Copy
tftp - Trivial File Transfer program
finger - provides information about users on a system
systat - provides system information to remote clients
netstat - provides network information to remote systems
time - proivides the date and time
echo - prints the incoming data stream
discard discards the incoming data stream
daytime - support for returning the time of day
chargen - character generator
sadmind - used by Soltice AdminSuite
rquotad - needed only to show quotas for a user of an NFS filesystem
rusersd - provides information on system users
sprayd - used only for network testing.
rstatd - needed by perfmeter - use xload.
rwalld - allows non-local individuals to post messages to users
rexd - RPC server for remote program execution
ufsd - only needed if Solstice DiskSuite is installed and used
kcms_server - Kodak Color Management Suite
cachefsd - needed only if cachefs is being used with NFS
kerbd - needed if Kerberos is being used for system security
in.lpd - needed if your machine is running a local BSD print spool
dtspcd - used by the desktop to launch remote applications
xaudio - X based audio
rpc.cmsd - maintains the information for the Calendar Manager Service
rpc.ttdbserverd - ToolTalk Database Server Daemon
Unless an application is installed that requires the services of one of these inetd clients, it is best to disable them
completely by either commenting them out of inetd.conf or deleting them and then sending the SIGNUP signal to
the inetd process so that it will re-read its configuration file.
8.1.2. rpc
Services that use RPC invoke the rpcbind program. When a client makes an RPC call to a server, the client first
contacts the rpcbind program to find out the address on which the server software is listening. Solaris has many
daemons and services that utilize RPC. These include:
· sadmind
· rquotad
· rusersd
· rsprayd
· rwalld
· rstatd
· rexd
· ufsd
· kcms_server
· rpc.cmsd
· gssd
· rpc.ttdbserverd
· rpc.bootparamd
· cachefsd
All of the above services, except for rpc.bootparamd, are started from inetd.conf. rpc.bootparamd is started
from /etc/rc3.d/S15nfs.server and is only necessary if the system is also a boot server. Unless specifically
required, the above services can all be commented out of inetd.conf to disable them.
It is not necessary to turn off the path MTU discovery. RFC 1191 recommends that the path MTU discovery occur
approximately every 10 minutes. Solaris, however, does so every 30 seconds. To change this behavior:
# ndd -set /dev/ip ip_ire_pathmtu_interval <time>
where <time> is the number of milliseconds desired between path MTU discovery attempts. 300000 milliseconds
is 5 minutes.
In this example, <time> is the interval specified in milliseconds. Although this will not eliminate these types of
attacks, it may slow the attacker down.
8.1.5. Securing IP
IP is the protocol that provides connectionless and unreliable delivery of data from one machine to another. Solaris
provides many kernel parameters that can be adjusted to provide a more secure system. The default Solaris
installation permits IP forwarding whether the system has two or more interfaces or not. The following command
can be used to disable this feature while the system is running:
# ndd -set /dev/ip ip_forwarding 0
To ensure that forwarding upon subsequent reboot is disabled, this command may be used in a initialization script,
or the file /etc/notrouter must exist.
Another problem with multihomed systems is that an attacker may try to spoof packets coming in from one
interface so that they appear to have originated from a different interface. If the system is multihomed and non-
forwarding, the attacker may try to send packets to an interface with a destination address in a network attached to
a different interface. The following command prevents this problem by requiring all packets entering an interface to
have originated from a network attached to that interface:
# ndd -set /dev/ip ip_strict_dst_multihoming 1
Solaris has many more TCP/IP stack parameters that can be configured to provide more security.
8.1.6. ipfilter
Although reducing the possibility that an attacker can use a TCP stack fingerprint to identify the operating system is
a step in the right direction, another option to use is the freely available packer filter program ipfilter. ipfilter runs
on Solaris 2.5.1, 2.6, 7, 8, 9 and 10. T
A sample ipfilter configuration file is provided in below:
pass in quick on le0 proto icmp from any to 10.100.100.65/32 icmp-type 0
pass in quick on le0 proto icmp from any to 10.100.100.65/32 icmp-type 3
In this configuration, the machine is providing inbound secure shell services as well as a secure Web server.
Allowed UDP traffic includes syslog messages as well as SNMP traps, and SNMP information from external
devices. The only ICMP traffic permitted is echo-reply, destination-unreachable, and ttl-exceeded. This
configuration provides a simple starting framework when using ipfilter to protect a Solaris host.
8.1.7. PortSentry
Another useful tool to use with ipfilter (or on its own) is PortSentry. This program monitors probes to a defined
subset of ports on a system. If enough probes occur to trigger a response, PortSentry blocks the source of the
portscan by installing a static route into the system routing table, which sends all future packets from that source to
a routing "dead end".
If used in conjunction with ipfilter, PortSentry can add a blocking rule to the ipfilter ruleset. PortSentry is
configurable to the extent that it can be made to work with various firewall systems including Gauntlet and
Checkpoint. For PortSentry to work with ipfilter, a shell program is needed to add the new deny rule to the ruleset
in the proper place. PortSentry can be downloaded from: http://www.psionic.com/abncus/portsentry
By default, the Solaris Network File System (NFS) server system accepts client NFS server requests from any port
number. These requests should come from a privileged system port. The NFS server can be adjusted to process
requests only from these privileged ports. If a system serves as an NFS server, add the following line to the
/etc/system file to any Solaris OE version 2.5.1 or newer.
set nfssrv:nfs_portmon = 1
Note, this change might prevent some NFS clients from operating correctly. There are reported problems with older
versions of Linux and SCO UNIX. Also, some PC-based NFS client software applications are affected by this port
restriction.
8.1.9. TCP Wrappers
TCP wrappers restrict access to your computer from the network. You can restrict such things as telnet
access, ftp access, etc. In general you can restrict any access which is managed by the inetd daemon.
Note that some services are typically not controlled by the inetd daemon, http and ssh for instance.
To install TCP wrappers
1. Obtain a copy of the tcp wrapper binary.
2. Login as root to the system console. Use the console, not a telnet session, otherwise you might
lock yourself out of your system if something goes wrong.
3. In the /etc directory make two copies of the file /etc/inetd.conf and write-protect one of them.
cd /etc
cp inetd.conf
inetd.conf.orig
cp inetd.conf
inetd.conf.new
chmod ugo-w
inetd.conf.orig
These two lines control the ftp and telnet services. Change these lines to
ftp stream tcp nowait root /usr/etc/tcpd
ftpd -l
telnet stream tcp nowait root /usr/etc/tcpd
telnetd
Note that the strings ftp and telnet have both been changed to tcpd. Do this for all services in
the inetd.conf.new file that you would like to change. NOTE: Some services are labeled as rpc,
such as
mountd/1 stream rpc/tcp wait/lc root /usr/etc/rpc.mountd
mountd
If something goes wrong later, you can alway revert to your original setup by copying /etc/
inetd.conf.orig to /etc/inetd.conf and restarting the inetd daemon as described in the next step.
7. Restart the inetd daemon. You can do this by finding the PID (process id) for the inetd daemon
with one of the two following commands, depending on your variety of Unix,
ps -ef | grep
inetd
or
ps aux | grep
inetd
In this example the PID (process id) is 209. You can then restart inetd with the command
kill -HUP
209
If that doesn't work you can try the stronger remedy of rebooting the server.
8. To configure tcp wrappers to only allow users access to your machine through inetd, create the
two files /etc/hosts.allow and /etc/hosts.deny with the following content,
all:
137.99.
and
all: all
to
all: 137.99. except
137.99.???.???
8.1.10. sudo
Use sudo to permit limited root access. Of course, no root access for all users is desired, but there may be
instances where such access is granted. Below are example sudoers entries. First, we define our aliases:
User_Alias FULLTIMERS = millert, mikef, dowdy
User_Alias PARTTIMERS = bostley, jwfox, crawl
User_Alias WEBMASTERS = will, wendy, wim
Runas_Alias OP = root, operator
Runas_Alias DB = oracle, sybase
Host_Alias SPARC = bigtime, eclipse, moet, anchor :\
SGI = grolsch, dandelion, black :\
ALPHA = widget, thalamus, foobar :\
HPPA = boa, nag, python
Host_Alias CUNETS = 128.138.0.0/255.255.0.0
Host_Alias CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0
Host_Alias SERVERS = master, mail, www, ns
Host_Alias CDROM = orion, perseus, hercules
Cmnd_Alias DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\
/usr/sbin/restore, /usr/sbin/rrestore
Cmnd_Alias KILL = /usr/bin/kill
Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm
Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown
Cmnd_Alias HALT = /usr/sbin/halt, /usr/sbin/fasthalt
Cmnd_Alias REBOOT = /usr/sbin/reboot, /usr/sbin/fastboot
Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \
/usr/local/bin/tcsh, /usr/bin/rsh, \
/usr/local/bin/zsh
Cmnd_Alias SU = /usr/bin/su
Here we override some of the compiled in default values. We want sudo to log via syslog(3) using the auth facility
in all cases. We don't want to subject the full time staff to the sudo lecture, and user millert need not give a
password.
In addition, on the machines in the SERVERS Host_Alias, we keep an additional local log file and make sure we
log the year in each log line since the log entries will be kept around for several years.
Defaults syslog=auth
Defaults:FULLTIMERS !lecture
Defaults:millert !authenticate
Defaults@SERVERS log_year, logfile=/var/log/sudo.log
The User specification is the part that actually determines who may run what. The format is:
<user> HOSTS = COMMANDS
root ALL = (ALL) ALL
%wheel ALL = (ALL) ALL
We let root and any user in group wheel run any command on any host as any user.
FULLTIMERS ALL = NOPASSWD: ALL
Full time sysadmins (millert, mikef, and dowdy) may run any command on any host without authenticating
themselves.
PARTTIMERS ALL = ALL
Part time sysadmins (bostley, jwfox, and crawl) may run any command on any host but they must authenticate
themselves first (since the entry lacks the NOPASSWD tag).
On the host www, any user in the WEBMASTERS User_Alias (will, wendy, and wim), may run any command as
user www (which owns the web pages) or simply su(1) to www.
ALL CDROM = NOPASSWD: /sbin/umount /CDROM,\
/sbin/mount -o nosuid\,nodev /dev/cd0a /CDROM
Any user may mount or unmount a CD-ROM on the machines in the CDROM Host_Alias (orion, perseus, hercules)
without entering a password. This is a bit tedious for users to type, so it is a prime candiate for encapsulating in a
shell script.
An alias must be defined before it can appear in the sudoers file. For that reason, aliases generally appear at the
top of the file. Each alias entry has a label saying what sort of alias it is, a label for the alias, and a list of the
members of that alias.
User aliases are groups of users, and are labeled with the stringUser_Alias. They contain a list of users in that
alias.
User_Alias DNSADMINS = chris,mwlucas
The user alias DNSADMINS contains two users, mwlucas and chris.
A Runas alias is a special type of user alias. This lists users that other users can run commands as. Many
nameservers can be run as the user "named." The DNS administrator might need to be able to run commands as
that user, and you might have a Runas alias for that. Many database applications run as their own special user. In
many cases, a system administrator responsible for an application would also want to be able to run system
backups as the user "operator." Or, you could just create a single Runas alias to group these commands. Runas
aliases are labeled with Runas_Alias.
Runas_Alias APPADMIN = named,dbuser,operator
A host alias is just a list of hosts. They're labeled with the stringHost_Alias. A host alias can be defined in terms
of hostnames, IP addresses, or network blocks. (Remember, if you're using hostnames your sudo configuration
could be vulnerable to DNS problems!) Here are examples of all three.
Host_Alias DNSSERVERS = dns1,dns2,dns3
Host_Alias SECURITYSERVERS = 192.168.1.254,192.168.113.254
Host_Alias COMPANYNETWORK = 192.168.1.0/16
A command alias is a list of commands. They're labeled with the string Cmnd_Alias. Here, we have an alias that
includes all the commands necessary to back up to tape, or restore the system from backup.
Cmnd_Alias BACKUPS = /bin/mt,/sbin/restore,/sbin/dump
You might have a command alias that includes all the commands in a particular directory. Suppose we have a
custom application that runs as a particular user, and places all of its commands in the app users' home directory.
Rather than list all the commands, can just list directory and use a wildcard to include everything in the directory.
Cmnd_Alias DBCOMMANDS = /usr/home/dbuser/bin/*
To use an alias, just put the alias name in the rule where you would normally list the user, command, or hostname.
We've previously defined a user alias DNSADMINS. The users listed in the DNSADMINS alias get to run any
commands at all on all of our servers.
DNSADMINS ALL = ALL
Let's suppose that our user Phil has to manage an application that runs as a particular user. He can run any
command on the system as this application user. We defined a Runas alias in the last section for the user alias
APPADMIN, and an alias for commands needed to run the application, DBCOMMANDS.
phil ALL = (APPADMIN)DBCOMMANDS
As the application administrator, Phil might also have to run backups. We have already given the APPOWNER
Runas alias operator privileges, and we have a separate command alias for backup commands. We can combine
them all like this.
phil ALL = (APPOWNER) DBCOMMANDS, (APPOWNER)BACKUPS
This is much simpler to read than what this rule expands to.
phil ALL = (dbuser,operator)/usr/home/dbuser/bin/*,\
(dbuser,operator)/bin/mt, (dbuser,operator)/sbin/restore,\
(dbuser,operator)/sbin/dump
Some of the permissions granted by sudo in this case are unnecessary -- having the database user Runas alias is
not necessary for running backups. Still, it's far tighter than just giving Phil the root password! You can also define
rules to restrict your users as tightly as you desire.
This is a simple, quick, and effective way to find out what OS is running on that system. To close this information
leak, the file /etc/default/telnetd should be created with the following line in it:
BANNER=""
Similarly, in the file /etc/default/ftpd, the BANNER="" command removes the SunOS ttag from the ftpd prompt:
$ ftp -i 10.16.16.205
Connected to 10.16.16.205.
220 nostromo FTP server () ready.
Name (10.16.16.205:ido):
If the system needs to have Sendmail running in daemon mode and if it is not configured properly, then it is
providing a potential attacker with vital information. By telneting to port 25, the attacker is greeted with the
following information:
$ telnet 10.16.16.205 25
Trying 10.16.16.205...
Connected to 10.16.16.205.
Escape character is '^]'.
220 nostromo.dubrawsky.org ESMTP Sendmail 8.9.1b+Sun/8.9.1;
Fri, 18 Feb 2000 06:13:09 -0600 (CST)
Not good. Not only does the attacker now know the name of the machine, but he or she also knows that it is
running the stock Sendmail provided by Sun. To eliminate this greeting, change the value of
SmtpGreetingMessage in the sendmail.cf file (found in /etc under Solaris 2.6 and in /etc/mail in Solaris 7 and
Solaris 8):
# SMTP initial login message (old $e macro)
#O SmtpGreetingMessage=$j Sendmail $v/$Z; $b
O SmtpGreetingMessage=
8.2.2. Logs
An aspect to consider when securing a system is the logs produced by syslog. Unfortunately, by default Solaris
tends to lump many things into /var/adm/messages and /var/log/syslog -- so much so that it becomes difficult, if
not impossible, to easily determine what is going on in a system. The first step is to separate much of the
information that is logged through syslog. One way to achieve this goal is to reconfigure syslog to log messages
to separate files based on syslog facility. All kernel messages would be written to a logfile called
/var/log/kernel.log; all daemon messages would be written to a file called /var/log/daemon.log, etc. Furthermore,
when installing sudo or tcpd, the LOCAL[0-7] facilities can be used to categorize the logs from those programs as
well. A simple, improved syslog.conf might look something like this:
#ident "@(#)syslog.conf 1.4 96/10/11 SMI" /* SunOS 5.0 */
#
# Copyright (c) 1991-1993, by Sun Microsystems, Inc.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`') names
# that match m4 reserved words. Also, within ifdef's, arguments
# containing commas must be quoted.
#
# Kernel messages
kern.* /var/log/kernel.log
#
# mail system logs
mail.* /var/log/maillog
#
# cron logs
cron.* /var/log/cron.log
#
# Any messages from syslog
syslog.* /var/log/syslog
#
# All authentication messages
auth.* /var/log/secure
#
# tcp wrappers are using LOCAL0.NOTICE
local0.notice /var/log/tcpd.log
#
# Cisco Router logs at facility 20, level informational
local4.info /var/log/router.log
By breaking up the logging information as much as possible, it becomes easier to discover potential problems
sooner.
References (The info for this section taken from articles by the following authors)
Noordergraaf, Alex and Keith Watson, "Solaris Operating Environment Security", Sun Blueprints.
Noordergraaf, Alex and Keith Watson, "Solaris Operating Environment Network Settings for Security
Security", Sun Blueprints On-Line, December 1999.
Noordergraaf, Alex and Keith Watson, "Solaris Operating Environment Minimization for Security: A Simple,
Reproducible and Secure Applicable Installation", Sun Blueprints.
"Creating Login Banners", CIAC Information Bulletin J-043f, June 19, 1999.
Spoon, Kelly, "What You Can do with tcpd", Linux Gazette, Issue 15, March 1997.
Ido Dubrawsky
# eeprom security-mode=full
Changing PROM password:
New password: password
Retype new password: password
# eeprom security-password=
Changing PROM password:
New password: password
Retype new password: password
Store the output to a file on another system. Compare it against the current file system from time to time and after
applying patches to find any unwanted additions.
Different system partitions support different mount options. The /usr partition can be mounted read-only. It should
not be mounted nosuid, because there are some commands in this partition that have the set-user-ID bit set. The
/var partition cannot be set to read-only, but can be set to nosuid. Mount all other partitions read-only and with
nosuid whenever possible.
Use the userdel command to delete accounts in /etc/passwd and /etc/ shadow. Here is an example of the userdel
command.
# userdel smtp
This command removes the /etc/passwd and /etc/shadow entries for smtp. The remaining system accounts (except
the root account) should be modified for added security. System accounts listed in /etc/passwd have no shell listed.
Those accounts have an NP string (meaning "no password") listed in the /etc/shadow file. By default, this string is
sufficient. Unused accounts, which are not locked by default, should be locked with the passwd -1 option.
Use the following command to lock the uucp account.
# passwd -l uucp
Use the -e option to the passwd command or edit the /etc/passwd file manually to change the default shell for
those accounts to /usr/bin/true. For example
# passwd -e uucp
Old shell: /sbin/sh
New shell: /usr/bin/true
Administrators should monitor these system accounts for abuse. The Solaris Security Toolkit includes a shell
replacement called noshell. When the noshell executable is executed (as a login shell in /etc/passwd) a log entry is
generated and the shell exits. Administrators can track unauthorized use of system accounts.
The cron.deny and cron.allow files manage access to the cron system.
The at.deny and at.allow files manage the access to the at and batch system.
To Convert the Root Account to a Role The first example illustrates how to convert the root account to a role. By
doing this, additional controls can be implemented to control which accounts can have superuser privileges to root.
root::::auths=solaris.*,solaris.grant;profiles=All
Add a line containing user accounts that should be able to have superuser privileges to root. For users Alice and
Betty, you would add the following:
alice::::type=normal;roles=root
betty::::type=normal;roles=root
Now both Alice and Betty have privileges to assume the root role after it is created in the next step. Because Alice
and Betty are both local users on this system, it is possible to use the following commands to make this change,
which is not necessary if the previous entries are added to the /etc/user_attr file:
root::::type=role;auths=solaris.*,solaris.grant;profiles=All
When the changes are made, only users Alice and Betty are able to have superuser access to the root account. In
addition, the root account cannot log directly into the system regardless of the CONSOLE settings in
/etc/default/login. If someone attempts to log directly into the system, the following is displayed after the login
command:
Compare this result with the following when authorized user Alice logs in to assume the root role.
#!/bin/sh
echo "umask 022" > /etc/init.d/umask.sh
chmod 744 /etc/init.d/umask.sh
chgrp sys /etc/init.d/umask.sh
for d in /etc/rc?.d;
do ln /etc/init.d/umask.sh $d/S00umask.sh
done
In Solaris 2.6 OE and later, some of these exploits can be avoided by making the system stack nonexecutable.
Add the following lines to the /etc/system file:
set noexec_user_stack = 1
set noexec_user_stack_log = 1
With noexec_user_stack_log enabled, the system logs programmatic attempts to execute code on the stack. This
feature allows you to track unsuccessful exploit programs and the account which made the attempt. Here is an
example of a log message from a recent Solaris OE exploitation program that was stopped by enabling this
feature:
Nov 28 11:59:54 landreth unix: sdtcm_convert[308] attempt to execute code on stack by uid 38918
This system is for the use of authorized users only. Individuals using this computer system without
authority, or in excess of their authority, are subject to having all of their activities on this system monitored
and recorded by system personnel. In the course of monitoring individuals improperly using this system, or
in the course of system maintenance, the activities of authorized users may also be monitored. Anyone
using this system expressly consents to such monitoring and is advised that if such monitoring reveals
possible evidence of criminal activity, system personnel may provide the evidence of such monitoring to
law enforcement officials.
8.2.12. Restricting Console Access
The login command is part of the authentication process to access a local Solaris account. By default, the root user
can only log into a Solaris system from the console device. The console device is defined by the following entry in
the /etc/default/login file:
CONSOLE=/dev/console
When this line is commented out, the root account can log directly into the system over the network via Telnet, in
addition to the console. This access is not secure and should be avoided. Do not alter the default configuration.
There are two other potential settings for CONSOLE entry in /etc/default/login.
To Permit Root Logins Only Through the ttya Serial Device, change the CONSOLE entry to:
CONSOLE=/dev/ttya
To Restrict Direct Root Logins entirely, change the CONSOLE entry to:
CONSOLE=-
Set default password changing parameters In the /etc/default/passwd file, set the MAXWEEKS variable to the
maximum number of weeks that can pass, before a user must change their password. If MAXWEEKS is too
short, users will have a tendency to cycle through a list of passwords. This value is normally not set to less
than 13 (3 months).
Set the MINWEEKS variable to the minimum number of weeks that must pass before a user is allowed to
change their password. The purpose of this variable is to lessen the likelihood that a user will cycle through
a password list, or change their password, then change it right back. For this reason, the MINWEEKS
variable should not be set too small. On the other hand, if it is set too large, a user might not be able to
change their own password, if it were to become compromised. A value between 2 and 4 is appropriate for
this variable.
Set the WARNWEEKS variable to the number of weeks that must pass since the last password change,
before a user will receive password change warnings. This number should be slightly shorter than the value
the MAXWEEKS variable was set to. If the difference between MAXWEEKS and WARNWEEKS is too
small, users might return from a vacation, and find that they can't log in. The difference should be at least
three weeks.
Here's an example of an ifconfig -a from a system controller (showing only the C network interface):
# ifconfig -a
hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 172.20.66.148
netmask ffffff00 broadcast 172.20.66.255 ether 8:0:20:da:7e:f6
I1 network- Consists of 18 separate RIO-based Ethernet controllers (eri) between the system controller and
each I/O board on the platform. These 18 interfaces provide a highly available, secure network console
interface to facilitate communication between a possible 18 domains and the system controller. This
network is an internally connected network. It is also referred to as the dman network.
Here's an example of an ifconfig -a from a system controller (showing only the I1 interface):
# ifconfig -a
scman0: flags=1008843<UP,BROADCAST,RUNNING,MULTICAST,PRIVATE,IPv4> mtu 1500 index 3 inet
10.1.1.1 netmask ffffffe0 broadcast 10.1.1.31 ether 8:0:20:da:7e:f6
I2 network- Consists of two Ethernet interfaces to the other system controller to provide a heartbeat and
synchronizes system controller configuration data between the main and spare system controller. This
network is an internally connected network. This network is also referred to as the scman network.
Here's an example of an ifconfig -a from a system controller (showing only the I2 interface):
# ifconfig -a
scman1: flags=1008842<BROADCAST,RUNNING,MULTICAST,PRIVATE,IPv4> mtu 1500 index 4 inet
10.2.1.1 netmask fffffffc broadcast 10.2.1.3 ether 8:0:20:da:7e:f6
9.1.4. Firmware
Checking the version of the firmware:
To display the current version of firmware runnning on a system board, run the following command and answer “N”
when asked to proceed.
SC0: sms-svc> flashupdate -d <domain> -f /opt/SUNWSMS/hostobjs/sgcpu.flash <sb>
Updating the firmware:
SC0: sms-svc> setkeyswitch standby
SC0: sms-svc> flashupdate -d <domain> -f /opt/SUNWSMS/hostobjs/sgcpu.flash <sb>
==================
Upgrade Spare (SC1) SC first
==================
3) Patch the Main and Spare SCs. You can download a compressed tar ball of the relevant patches at
"http://has.central.sun.com/starcat/"
4) Patch the Domains. You can download a compressed tar ball of the relevant patches at
"http://has.central.sun.com/starcat/"
5) Upgrade SMS Software on the Spare SC. You can download the software at
"http://www.sun.com/servers/highend/sms.html"
6) Patch SMS on the Spare SC. You can download a compressed tar ball of the relevant patches at
"http://has.central.sun.com/starcat/"
b) Reboot the Spare SC, after the reboot the Spare will become the Main since there are no sms processes
running on SC0
SC1# touch /reconfigure; init 6
9) Reboot SC1
SC1# init 0
OK reset-all
==============
Upgrade Former Main(SC0) SC
==============
11) Upgrade SMS Software on the former main SC. You can download the software at
"http://www.sun.com/servers/highend/sms.html"
12) Patch SMS on the former Main SC. You can download a compressed tar ball of the relevant patches at
"http://has.central.sun.com/starcat/"
16) As the user "sms-svc", Verify and Assign Chassis Serial Number On the Main SC
SC1> showplatform -p csn
-if you do not see the chasis serial number in the output assign it with the "set-csn" command.
SC1> set-csn -c <serial_number>
-the serial number is located on a white sticker on the bottom front of the machine.
SC0> showboards -v
Note: We will need to confirm that the SC is configured to use the eri devices. Otherwise, it will hinder the system
to boot completely. If the eri devices are configured then skip to step 7.
6.) Since we are replacing the Othello+ with another Othello+, the network setting should not change. However,
when replacing the Othello+ with another Othello+, the aliases had changed for the boot device and we needed to
take the appropriate actions for the correct boot device.
7.) Verify the date on the new Othello+ with the date command.
# date
If the date is incorrect, then correct it with the SMS date command:
# /opt/SUNWSMS/bin/setdate
Also, the status of failed components, detected by POST, is stored in Safari Port Descriptor(SPD), which is
consulted the next time POST is run. A big drawback is that when the domain is setkeyswitched off this
information is lost.
9.1.7.2 Definition of Safari Port Descriptor(SPD)
A data structure is created and initialized by SPOST for each safari port. The structure is located in each SBBC's
Boot Bus SRAM. Typically, There are 2 SPDs per SBBC. For a Serengeti CPU system board, there would be 4
SPDs. For an I/O board, there would be 2 SPDs. SPDs contain the following information:
1. Port Status Summary {pass|fail|unknown|blacklisted}
2. Port Type {cpu|pci|pcic|sbus}
3. Port Attributes {rated frequency,actual frequency,cache size, version}
4. Bank Status {pass|fail|unknown|unpopulated|config-error|spare|blacklisted}
5. DIMM JDEC code for each of the 16 DIMMs
6. Port Component Status (for each component) {pass|fail|unknown|blacklisted}
7. I/O Bus Status {pass|fail|unknown|blacklisted}
8. IO Card(s) Status {pass|fail|unknown|blacklisted}
9. Checksum
Seeprom has 3 records in the Dynamic FRUID section (DFRUID) to support CHS:
StatusCurrent - This record is used to provide the current state of the FRU component.
StatusEvents - This record is used to maintain the history of the status changes.
StatusProxy - These records are used to represent the state of components that do not contain their own
seeprom (do not contain FRUID)
9.1.7.3 New CLI commands (service mode only, not available to the customer):
showchs - display CHS info
setchs- change CHS info
9.1.7.4 Tunables:
ad-chs-enabled - If true, the AD (autodiagnosis engine) will record the CHS info, if an error occurs.
error-policy - Can be set to either display or diagnose. If set to diagnose(default) the AD will diagnose the
error.
post-chs-read - If true, POST will consult CHS, otherwise it will ignore it.
post-chs-write - If true, POST will update CHS if it finds an error, else it will not commit the CHS changes.
very rare, but if it does happen, the reason for the change will not be captured.
9.1.7.6 CHS States
There are 3 states for CHS:
OK
SUSPECT - part of a suspect list of components that caused a fault
FAULTY - the component has been identified as the sole culprit of a fault
ScApp and POST can only degrade the CHS of a component. A service engineer can manually upgrade the CHS if
necessary. There is no relationship between seeprom-based CHS and ScApp-based blacklisting (
enablecomponent/disablecomponent). A change in CHS will not modify the ScApp based blacklists. A change in
the ScApp blacklist will not modify CHS.
9.1.7.7 CHS locations:
Remember CHS records are in the seeprom chips.
System Boards
I/O Boards
DIMMS
L2 SRAM DIMMS
RP
PSU
Fan Trays
CPU chips do not have their own seeprom and hence do not have their own CHS. Rather a "proxy record" is on
the seeprom of the system board.
Fan Trays and PSU's only provide CHS records for the SSE to manually tag it as bad for a note to the repair depot
or other service people. The system ignores the CHS status of PSU's and Fan Trays'
The CHS for RP's will only get set to "suspect" automatically by the system. It will never get set to "Faulty"
9.1.7.8 Examples
Here we manually set sb2 to faulty and then display its status
v4u-6800c-sc0:SC[service]> setchs -s faulty -r "FOO" -c sb2
v4u-6800c-sc0:SC[service]> showchs -b
Component Status
--------------- --------
/N0/SB2 Faulty
Displayed here is the CHS history. Notice that "FOO" is the most recent entry. The message field contains the
reason via -r flag in setchs CLI. Notice the AD engine message. You can look up this code in a table in the Sun
System Handbook
Component : /N0/SB2
Component : /N0/SB2
Time Stamp : Tue May 27 15:20:35 PDT 2003
New Status : Suspect
Old Status : Suspect
Event Code : None
Initiator : ScApp
Message :
1.SF6800.FAULT.ASIC.AR.CMDV_SYNC_ERR.102410bf.16-0.5.50149
53000619.5014404012558.5014404028276.5014362004314
v4u-6800c-sc0:A> setkeyswitch on
Powering boards on ...
Jan 30 16:09:51 v4u-6800c-sc0 Domain-A.POST: Agent {/N0/SB2/P2} is CHS
disabled
.
Jan 30 16:09:52 v4u-6800c-sc0 Domain-A.POST: Agent {/N0/SB2/P3} is CHS
disabled
.
Jan 30 16:09:54 v4u-6800c-sc0 Domain-A.SC: Excluded unusable, unlicensed,
failed
or disabled board: /N0/SB2
Testing CPU Boards ...
{/N0/SB0/P0} Running CPU POR and Set Clocks
{/N0/SB0/P1} Running CPU POR and Set Clocks
{/N0/SB0/P0} @(#) lpost 5.15.2 2003/08/04 10:27
{/N0/SB0/P1} @(#) lpost 5.15.2 2003/08/04 10:27
For example: set CHS for SB5/P0/E0 to OK after HW replacement of the defective FRU:
Note 1: Once the CHS of a component has been changed, a 'setkeyswitch off/on' (full hpost) sequence must be
ran or DR ('hpost -H') used to take this change into account. Reboot ('hpost -Q') is not enough.
Note 2 : Providing the reason for the health status change is mandatory (component health history).
36GB DRIVES
-==========
Part Tag Flag Cylinders Size Blocks
0 root wm 0 - 5739 7.91GB (5740/0/0) 16582860 /
1 swap wu 5740 - 7191 2.00GB (1452/0/0) 4194828
2 backup wm 0 - 24619 33.92GB (24620/0/0) 71127180
3 unassigned wm 0 0 (0/0/0) 0
4 unassigned wm 7192 - 7200 12.70MB (9/0/0) 26001 SLVM DB
5 unassigned wm 7201 - 7209 12.70MB (9/0/0) 26001 SLVM DB
6 unassigned wm 0 0 (0/0/0) 0
7 unassigned wm 7210 - 24619 23.98GB (17410/0/0) 50297490
/export/install
72GB DRIVES
============
Part Tag Flag Cylinders Size Blocks
0 root wm 0 - 1648 8.00GB (1649/0/0) 16780224 /
1 swap wu 1649 - 2061 2.00GB (413/0/0) 4202688
2 backup wm 0 – 14086 68.35GB (14087/0/0) 143349312
3 unassigned wm 0 0 (0/0/0) 0
4 unassigned wm 2062 - 2068 34.78MB (7/0/0) 71232 SLVM DB
5 unassigned wm 2069 - 2075 34.78MB (7/0/0) 71232 SLVM DB
6 unassigned wm 0 0 (0/0/0) 0
7 unassigned wm 2076 – 14086 58.28GB (12011/0/0) 122223936
/export/install
2. After the Solaris installation is complete, make sure the partition map on c0t3d0 is the same as c0t2d0.
# prtvtoc /dev/rdsk/c0t2d0s2 | fmthard -s - /dev/rdsk/c0t3d0s2
mddb1 -c 3 c0t2d0s4
mddb2 -c 3 c0t2d0s5
mddb3 -c 3 c0t3d0s4
mddb4 -c 3 c0t3d0s5
d10 -m d11
d11 1 1 /dev/dsk/c0t2d0s0
d12 1 1 /dev/dsk/c0t3d0s0
d20 -m d21
d21 1 1 /dev/dsk/c0t2d0s1
d22 1 1 /dev/dsk/c0t3d0s1
d30 -m d31
d31 1 1 /dev/dsk/c0t2d0s7
d32 1 1 /dev/dsk/c0t3d0s7
# metadb -a -f /dev/dsk/c0t2d0s4
# metadb -a /dev/dsk/c0t2d0s5
# metadb -a /dev/dsk/c0t3d0s4
# metadb -a /dev/dsk/c0t3d0s5
# swap -d /dev/dsk/c0t2d0s1
# metainit d21
# metainit d20
8. Add the new swap device and modify the /etc/vfstab file.
# swap -a /dev/md/dsk/d20
# umount /export/install
# metainit d31
# metainit d30
# metainit d11
# metainit d10
# metaroot d10
# metainit d12
# metattach d10 d12
# metainit d22
# metattach d20 d22
# metainit d32
# metattach d30 d32
https://sfservicepass.sfbay/
sc1:SC> service
Enter Password: *****
sc1:SC[service]> showchs -b
Component Status
--------------- --------
SB3/p0 Faulty
Component : /N0/SB3/p0
Time Stamp : Fri Jan 16 14:32:14 PST 2004
1. Reboot the System Controller (SC). You won't be able to do this by logging into the platform shell. You'll need
to hit the reset button on the SC to do this.
2. 2. The normal sequence of a System Controller rebooting is for SCPOST to run, then ScApp. You'll need to
wait for ScApp to start loading, then hit Control-A to spawn a vxWorks shell. SCPOST is done running when
you see the message 'POST Complete'. At this point, ScApp will begin to load. When you see the copyright
message 'Copyright 2001 Sun Microsystems, Inc. All rights reserved.', Hit CONTROL-A. You should see the
following:
This last line is the vxWorks prompt. Keep in mind, that ScApp will still continue to load all the way to the point of
giving you the menu to enter the platform/domain shells. To make it less confusing, wait for the ScApp menu to
display on your screen, then hit return. You should see the vxWorks prompt -> again.
3. Make a note of the current boot flags settings. This will be used to restore the boot flags to the original value.
-> getBootFlags() value = 48 = 0xC = '0' (Save the 0x number for # 7 below.)
4. 4. Change the boot flags to disable autoboot.
-> setBootFlags (0x10)
5. 5. Reboot the System Controller (CONTROL-X or reboot ). Once reset, it will stop at the -> prompt.
-> reboot
6. 6. Enter the following commands at the -> prompt.
-> kernelTimeSlice 5
-> javaConfig
-> javaClassPathSet "/sc/flash/lib/scapp.jar:/sc/flash/lib/jdmkrt.jar"
-> javaLoadLibraryPathSet "/sc/flash"
-> java "-Djava.compiler=NONE -Dline.separator=\r\n sun.serengeti.cli.Password"
Wait for the following System Controller messages to display. Your prompt will come back right away, but it'll take
about 10 seconds for these messages to show up:
7. After the above messages are displayed, restore the bootflags to the original value using the setBootFlags()
command.
-> setBootFlags (0xC) (Use the value returned from #3 above. )
8. Reboot the System Controller using CONTROL-X or the reboot command. Once rebooted, the platform
administrator's password will be cleared.
10.2.2. flashupdate
To install new firmware run one of the following command from the lom prompt:
flashupdate [-y|-n] -f <URL> all
flashupdate [-y|-n] -f <URL> systemboards|scapp|rtos|<board> ...
flashupdate [-y|-n] -u
flashupdate [-y|-n] -c <source_board> <destination_board>
Invalid password.
Enter Password:
Invalid password.
Enter Password:
Invalid password.
HostID: 8318256e
ScApp version: 5.18.0
RTOS version: 41
The HostID, ScApp and the RTOS are needed to generate a service mode password. Go to the service mode
password site. https://sfservicepass.sfbay/
This will allow you to gernerate a service mode password. Enter this when the LOM asks for a password. (If you
can not access the site contact PTS-ESG or a TSE-APLE.)
Connected to Hostname-sc.
Escape character is '^]'.
Enter Password:
This will get you to either the lom prompt or the console login prompt. If you are at the console login enter #. to get
to the lom.
lom>
At this point you will need to enter the new password for the LOM. Use the password command to change it. When
asked for the current password use the service mode password. Then enter the new password you want twice.
lom>
lom>password
Enter current password:
You should then logout of the system and then log back in to test your new password.
Example:
Software Reset...
Invalid password.
HostID: 83198b92 <-----HostID info from nvram - last known domain HostID
ScApp version: 5.19.0
RTOS version: 42
Enter password:
Invalid password.
Please remove SCC from machine and record the follow on card
MAC ADDRESS : 00:03:ba:19:8b:89
HOSTID : 83198b89
Re-insert card when done and Press RETURN to continue <-- NOTE that the machine will not reboot at this
point as a function of removing the card
Software Reset...
Please remove SCC from machine and record the follow on card
MAC ADDRESS : 99:88:77:66:55:44
HOSTID : 80123456
lom[engineering]>resetsc
power-reset (default): Runs firmware diagnostics only on power-on resets, including RSC-
initiated power on resets.
error-reset: Runs firmware diagnostics only on resets triggered by hardware errors, including
watchdog reset events. This DOES NOT include software resets.
soft-reset (recommended): Runs firmware diagnostics on all reset events, including OS system
panics (including software resets).
none: Disables the automatic triggering of firmware diagnostics by any reset event. You can still
invoke firmware diagnostics manually by turning the front panel keyswitch to the Diagnostics
position prior to powering on the system.
ok> reset-all
11.2. 280r
11.2.1 nvalias issues
Sun Fire 280R, Sun Blade 1000, or Netra T4 platforms may have problems with the devalias for the boot disk.
The install program might be unable to determine the boot device on SCSI and FC-AL. As a result, the installation
fails. The workaround is to manually set the boot device in the OpenBoot PROM (OBP). Follow these steps:
1. Bring your system to the ok prompt, and type the following command:
ok probe-scsi-all
2. Write down the Port WWN number for the disk that will be the boot device.
Example: 2100002037e4317d
3. Execute the devalias disk at the ok prompt by typing the following command:
ok devalias disk
The device name that the devalias disk command points to is returned by the system.
If the Port WWN is included in the device name, your system is not affected by this bug. Do not continue.
If the Port WWN is not included in the device name, you must manually set the Port WWN.
4. Type the following command: substituting the Port WWN for <port>.
ok nvalias disk/pci@8,600000/SUNW,qlc@4/fp@0,0/disk@w<port>,0
5. Now Verify that the Port WWN is now listed in the device name. Type the following command:
ok devalias disk
6. Ensure that boot-device is set to disk. Type the command:
ok setenv boot-device disk
11.3. SunRay
11.3.1. Command Reference
Command Definition
utaction The utaction program provides a way to execute commands when a Sun Ray DTU session is
connected or disconnected.
utadm The utadm command manages the private network, shared network, and DHCP (Dynamic Host
Configuration Protocol) configuration for the Sun Ray interconnect.
utcapture The utcapture command connects to the Authentication Manager and monitors packets sent and
packets dropped between the Sun Ray server and the Sun Ray DTUs.
utcard The utcard command allows configuration of different types of smart cards in the Sun Ray
administration database
utconfig The utconfig command performs the initial configuration of the Sun Ray server and supporting
administration framework software.
utcrypto The utcrypto command is a utility for security configuration.
utdesktop The utdesktop command allows the user to manage Sun Ray DTUs connected to the Sun Ray
server that the command is run on.
utdetach The utdetach command disconnects the current non-smart card mobile session or authenticated
smart card session from its respective Sun Ray DTU. The session is not destroyed but put into a
detached state. The session can be accessed if the same user token (user name) is presented to
the Sun Ray server.
utdiskadm The utdiskadm utility is a tool for Sun Ray mass storage administration.
utdssync The utdssync command converts the port number for the Sun Ray Data Store service to the new
default port on servers in a failover group, then forces all servers in the group to restart Sun Ray
services.
uteject The uteject command is used to eject media from a removable storage media device.
utfwadm The utfwadm command manages firmware versions on the Sun Ray DTUs.
utfwload The utfwload command is used primarily to force the download of new firmware to a DTU running
lder firmware than its server.
utfwsync The utfwsync command refreshes the firmware level on the Sun Ray DTUs to what is available on
the Sun Ray servers in a failover group. It then forces all the Sun Ray DTUs within the group to
estart.
utgroupsig The utgroupsig command sets the failover group signature for a group of Sun Ray servers. The
utgroupsig command also sets the Sun Data Store rootpw used by Sun Ray to a value based on
the group signature. Although utgroupsig sets the rootpw in the utdsd.conf file, it does not set the
admin password, which is a separate entity, in the Admin database.
utgstatus The utgstatus command allows the user to view the failover status information for the local server
or for the named server. The information that the command displays is specific to that server at the
time the command is run.
utinstall The utinstall utility installs, upgrades, and removes Sun Ray Server Software. All software required
to support the Sun Ray server is installed, including the administration framework, Solaris
operating environment patches, and any patches required by the framework.
utkiosk The utkiosk script is used to import/export kiosk configuration information into the LDAP database
utmhadm The utmhadm command provides a way to administer Sun Ray server multihead terminal groups.
The information that utmhadm displays and is editable is stored in the Sun Ray admin database.
utmhconfig The utmhconfig tool allows an administrator to list, add, or delete multiheaded groups easily.
utmhscreen The utmhscreen tool draws a window displaying the current session on each screen, with the
current screen highlighted for easy identification. This tool is automatically launched for users
during the X server startup process (session creation).
utmount The utmount command is used to mount a file system on a Sun Ray mass storage device.
utmountd The utmountd command is used to perform mount and umount operations on Sun Ray mass
storage devices managed by utstoraged.
utpolicy The utpolicy command sets and reports the policy configuration of the Sun Ray Authentication
Manager, utauthd(1M). This command s -i and -t options were deprecated as of the 2.0 release.
Please continue to use the utpolicy command for policy changes, but use the utrestart command
instead of utpolicy -i, and use utreader instead of utpolicy -t.
utpreserve The utpreserve command saves existing Sun Ray Server Software configuration data to the
/var/tmp/SUNWut.upgrade directory.
utpw The utpw command changes the Sun Ray administrator password (also known as the UT admin
password) used by the Web-based and command-line administration applications.
utquery The utquery command collects DHCP information from the Sun Ray DTUs.
utrcmd The utrcmd program provides a way to run Sun Ray administrative commands remotely. The
utrcmd
program contacts the in.utrcmdd daemon on the remote hostname and executes the specified
command with the specified arguments, args (if any).
utreader The utreader command is used to add, remove, and configure token readers.
utreplica The utreplica command configures the Sun Ray Data Store server to enable replication of
administered data from a designated primary server to each secondary server in a failover group.
The -z option is useful for updating the port number.
utresadm The utresadm command allows an administrator to control the resolution and refresh rate of the
video monitor signal (persistent monitor settings) produced by the Sun Ray unit.
utresdef The utresdef command lists the monitor resolutions and refresh rates that can be applied to Sun
Ray units through the utresadm command.
utrestart The utrestart command is used to start Sun Ray services. It is highly recommended as a substitute
for the old utglpolicy and utpolicy -i commands.
utselect The utselect command presents the output of utswitch -l in a window and allows mouse-based
selection of a Sun Ray server to which the Sun Ray DTU in use is reconnected.
utsession The utsession command lists and manages Sun Ray sessions on the local Sun Ray server.
utset Use utset to view and change Sun Ray DTU settings.
utsettings The utsettings command opens a Sun Ray Settings dialog box that allows the user to view or
change audio, visual, and tactile settings for the Sun Ray DTU.
utsunmc The utsunmc command adds the Sun Ray Server Software 3 module to the Sun Management
Center (SunMC) and loads it to permit monitoring of Sun Ray Server Software. The utsunmc
command can also remove the Sun Ray Server Software 3 module from SunMC.
utsunmcinstall Use utsunmcinstall to install and uninstall the Sun Ray module for SunMC on a SunMC server
where Sun Ray Server Software is not installed.
utswitch The utswitch command allows switching a Sun Ray DTU among Sun Ray servers in a failover
group. It can also list the existing sessions for the current token.
utsvc The utsvc script restarts the Sun Ray Server Software and, due to its location in /etc/init.d, is
executed upon startup of the actual server. Use utrestart instead of utsvc.
utusbadm The utusbadm command is used to enable or disable access to USB devices.
utumount The utumount command is used to unmount a file system from a Sun Ray mass storage device.
utuser The utuser command allows the administrator to manage Sun Ray users registered on the Sun
Ray
server that this command is run on. It also provides information on the currently inserted token
(smart card) for a specified DTU that is configured as a token reader.
utwall The utwall utility sends a message or an audio file to users having an Xsun (X server unique to
Sun
Ray) process. The messages can be sent in email and displayed in a pop-up window.
utwho The utwho script assembles information about display number, token, logged-in user, etc., in a
compact format.
utxconfig The utxconfig program provides X server configuration parameters for users of Sun Ray DTU
sessions.
11.4. x4100/x4200
11.4.1. Navigation
To start a serial console from ilom:
Login to the Service Processor:
login: root
password: changeme
->
-> cd /SP/console
-> start
To return to ilom:
Press [Esc]-[Shift]-9
11.5. v40z
11.5.1. Resetting the SP Password:
If you are prompted for a password, this indicates that the SP has already been secured with an account. If you do
not know the management user name and password, you can reset the SP from the operator panel by navigating
to the SP menu and selecting the Use defaults option. Note that all current settings for users and networks will be
lost and the SP will reboot.
12.1.4. Daemons
I. SSP Server
ssp_startup
machine_server
cbs
fad
straps
1 f
___|___ ___|___
| | | |
0 0 0 1 1 1 1 1
--- ------------ ---
_____| | |____________
1 = I/O system proc number
0 = proc board 0-3
number
(0-F)
4 1
_____|_____ ______|_____
| || |
0 1 0 0 0 0 0 1
- -------- -
_____| | |____________
1 = I/O system sysio number
0 = proc board 0 = top 2 slots
number 1 = bottom 2 slots
System
sysio 0 sysio 1
Board
0 /sbus@40 /sbus@41
1 /sbus@44 /sbus@45
2 /sbus@48 /sbus@49
3 /sbus@4c /sbus@4d
4 /sbus@50 /sbus@51
5 /sbus@54 /sbus@55
6 /sbus@58 /sbus@59
7 /sbus@5c /sbus@5d
8 /sbus@60 /sbus@61
9 /sbus@64 /sbus@65
10 /sbus@68 /sbus@69
11 /sbus@6c /sbus@6d
12 /sbus@70 /sbus@71
13 /sbus@74 /sbus@75
14 /sbus@78 /sbus@79
15 /sbus@7c /sbus@7d
12.1.8. hpost
The amount of testing done by POST is controlled by the level, which is set with the -l<level> command line
argument or the "level" .postrc command. The higher the level, the more tests are run, and the more thoroughly
some tests are run.
level description
7 The minimum level. Hardware probing and configuration, no testing.
16 Default level. Basic testing of processor, memory, and I/O.
More DTAG, memory and I/O tests, proc and I/O vs. memory, xcall, JTAG interrupt test, JTAG
24 chain_length tests.
64 The highest "normal" diag level. More DTAG & memory, cache coherency. Error detection tests.
12.1.12. Blacklisting
# cd /var/opt/SUNWssp/etc/<platform-name>
# vi blacklist
For a cpu, the entry is:
proc <system-board>.<proc-number>
i.e. proc 1.2
For a system board, the entry is:
sysbd <system-bd number>
i.e. sysbd 0
For an sbus card, the entry is:
scard <sb>.<ioctl>.<slot>
i.e. scard 4.1.0
To disable all memory on a sb, the entry is:
mem <sb>
i.e. mem 0
To disable a memory bank, the entry is:
mgroup <sb.bank>
i.e. mgroup 2.1
To disable hlf of the centerplane, the entry is:
cplane <half-centerplane>
i.e. cplane 1
To disable a port controller, the entry is
pc <sb>.<pc>
i.e. pc 0.1
To disable an xdb, the entry is:
xdb <sb>.<xdb>
i.e. xdb 0.2
To disable a cic, the entry is:
cic <sb>.<cic>
i.e. cic 0.1
Note: for the blacklist entry to take effect, the domain must be restarted via a bringup command.
This should bring your domain(s) to the OBP (Open boot PROM) level also known as the "ok prompt". Perform
this on all configured domains on your Sun Enterprise 10000 Server(s).
[2.] Power off the entire Sun Enterprise 10000 host cabinet and remotely controlled I/O cabinets via the "power -B
-off" command.
Example:
Enter 'domain_switch {platform_name}' to be able to control the entire platform from the ssp.
sspname:domain_name% domain_switch {platform_name}
sspname:platform_name%
sspname:platform_name% power -B -off
[3.] After issuing the "power -B -off" command from the SSP's platform prompt, wait until all of the black power
supply breakers (AC Input Modules) have flipped off, the fans have stopped spinning, and the control boards
power down. You can check this by either physically inspecting the LEDs for the said boards (all LEDs should be
turned off) or by issuing the "power" command from the SSP's platform prompt.
Example:
sspname:platform_name% power
If you have an AC sequencer for RSM/A3000/A3500 arrays or any external peripheral cabinet, make sure this is
turned to the "off" position. If using remote power commands for peripheral cabinets, make sure the A/C sequencer
is in "remote" mode. Turn off power to all peripheral cabinets/arrays if they are still turned on.
[4.] Power off the spare SSP first. Log in to the spare SSP as "root" and issue the "shutdown" command to
gracefully and properly shutdown and power off this host.
Example:
spare_ssp# sync; sync; shutdown -y -g0 -i5
[5.] Power off the main SSP. Log in to the main SSP as "root" and issue the "shutdown" command to gracefully
and properly shutdown and power off this host.
Example:
main_ssp# sync; sync; shutdown -y -g0 -i5
Congratulations! This completes the safest and recommended way of completely powering down your Sun
Enterprise 10000/E10K Server(s).
Powering Up The E10K:
Note: Insure that all network cables are connected, including the public network!
[1.] Power on the main SSP first.
Once the main SSP is fully booted, it starts the SSP and the SSP daemons. Check your SSP platform message file
for completion of the SSP daemon startup process.
Example:
Login: ssp
Password: (Provide the ssp password)
Please enter SUNW_HOSTNAME: (Provide the platform_name)
sspname:platform_name%
sspname:platform_name% tail -f $SSPVAR/adm/messages
[2.] Once the main SSP is fully booted, power on the spare SSP next. After the spare fully boots up, go back to the
main SSP and verify that failover is okay and that there are no known problems.
Example:
sspname:platform_name% showfailover
sspname:platform_name% power
NOTE: At this point, the SSP is still not communicating with the Control Boards, since the E10K is still completely
powered off and no housekeeping voltage/power is running.
[3.] Power on the Sun Enterprise 10000 host cabinet and remotely controlled I/O cabinets by flipping and turning
on the switches on the black power supply breakers (AC Input Modules) as well as turning on the AC sequencer to
power any peripheral cabinets/arrays.
After the CBs (Control Boards) have been powered up, they will attempt to communicate with the SSP. You must
wait for the LEDs to display a walking "1s" pattern (green LEDs) indicative of the Control Board Executive (CB
daemon) operating normally.
The fans will also spin down from a "high" rate to a "normal" rate indicative of the CB operating normally.
NOTE: This hardware transition may take anywhere up to 3 minutes or so, and you must wait until this phase is
complete before executing "power" commands on the SSP from a software standpoint.
[4.] Once the initial housekeeping voltage is up and running based on the LED status on the control boards and
normal fan speed, you can then execute the "power -on -all" command from the main SSP's platform prompt.
Example:
# telnet {mainsspname}
Login: ssp
Password: (Provide the ssp password)
Please enter SUNW_HOSTNAME: (Provide the platform_name)
sspname:platform_name%
sspname:platform_name% power -on -all
This will turn on, and validate power to all system boards, including centerplane support boards. The Sun
Enterprise 10000 platform does not automatically boot any domains when powered on. The domains must be
initialized by the "bringup" command individually from the SSP.
[5.] The Sun Enterprise 10000 host cabinet is now completely powered up. Be sure that before booting each
individually configured domains that all external devices (peripheral/storage) connected to this E10K is powered
up, assuming that the AC sequencer was either not turned on or the devices are not being controlled by the AC
sequencer in step [3.].
[6.] Login to the main SSP and individually perform a "bringup -A on" command for each configured domain.
Example:
# telnet {mainsspname} or login directly to the main SSP:
Login: ssp
Password: (Provide the ssp password)
Enter 'domain_switch {domain_name}' (Provide the domain_name for the domain you want to access)
sspname:platform_name% domain_switch {domain_name}
sspname:domain_name% bringup -A on
NOTE: As of SSP 3.3 or higher, when the "bringup" command prompts for a response, it will time out after 10
minutes if none is provided. The default taken after the timeout is always "safe", such as terminating the bringup
operation or not configuring the centerplane.
Repeat these steps for all the other remaining domains
Congratulations! This completes the safest and recommended way of completely powering up your Sun Enterprise
10000/E10K Server(s).
System
Power Unlit The enclosure is powered off. No action is necessary.
Note: The shaded rows of the table represent SCSI ID sequences that cannot be used because SCSI ID 7 is
assigned to the SCSI controller. Some servers reserve SCSI ID 6 for use by CD drives and IDs 0 and 1 for internal
drives.
4. Use the ssmadmin utility with the -view option for viewing status messages for a storage device from a directly
connected host server or from a remote client system.
# /opt/SUNWssmu/bin/ssmadmin –view (directly connected system)
# /opt/SUNWssmu/bin/ssmadmin –view hostname (remote client)
5.To view status change messages, start the ssmadmin utility with the -b option
# /opt/SUNWssmu/bin/ssmadmin -b &
# /opt/SUNWssmu/bin/ssmadmin -b hostname &
*****************************************************************
unknown::S1-D130-1: Online
DISK0[c0t0d0s0]: <----------------------- Ultra 60
Serial Number: 0028T0QA2X
Vendor: SEAGATE
Model: SUN18G
Status: Online
Current Temperature: 29 Degrees Celsius
DISK1[c0t1d0s0]: <----------------------- Ultra 60
Serial Number: 0027T0QAYM
Vendor: SEAGATE
Model: SUN18G
Status: Online
Current Temperature: 29 Degrees Celsius
unknown::S1-D130-2: Online
DISK3[c1t3d0s0]: <---------------------- S1
Serial Number: 0302A0R9W3
Vendor: SEAGATE
Model: SUN36G
Status: Online
Current Temperature: 25 Degrees Celsius
DISK4[c1t4d0s0]: <----------------------- S1
Serial Number: 0302A0NRMS
Vendor: SEAGATE
Model: SUN36G
Status: Online
Current Temperature: 27 Degrees Celsius
DISK5[c1t5d0s0]: <------------------------ S1
Serial Number: 0302A0R0AJ
Vendor: SEAGATE
Model: SUN36G
Status: Online
Current Temperature: 26 Degrees Celsius
# ./ssmadmin -view
Number of S1-D130 Units: 2
Critical Temperature Threshold: 60 Degrees Celsius
Warning Temperature Threshold: 50 Degrees Celsius
TIME: Tue 12 Apr 2005 02:16:57 PM EDT
*****************************************************************
unknown::S1-D130-1: Online
-------------------
DISK0[c0t0d0s0]:
Serial Number: 0028T0QA2X
Vendor: SEAGATE
Model: SUN18G
Status: Online
Current Temperature: 30 Degrees Celsius
DISK1[c0t1d0s0]:
Serial Number: 0027T0QAYM
Vendor: SEAGATE
Model: SUN18G
Status: Online
Current Temperature: 31 Degrees Celsius
unknown::S1-D130-2: Online
-------------------
DISK3[c1t3d0s0]:
Serial Number: 0302A0R9W3
Vendor: SEAGATE
Model: SUN36G
Status: Online
Current Temperature: 26 Degrees Celsius
DISK4[c1t4d0s0]:
Serial Number: 0302A0NRMS
Vendor: SEAGATE
Model: SUN36G
Status: Offline <-------------------- Status change
DISK5[c1t5d0s0]:
Serial Number: 0302A0R0AJ
Vendor: SEAGATE
Model: SUN36G
Status: Online
Current Temperature: 27 Degrees Celsius
#./ssmadmin –view
Number of S1-D130 Units: 2
Critical Temperature Threshold: 60 Degrees Celsius
Warning Temperature Threshold: 50 Degrees Celsius
TIME: Tue 12 Apr 2005 02:14:56 PM EDT
*****************************************************************
unknown::S1-D130-1: Online
-------------------
DISK0[c0t0d0s0]:
Serial Number: 0028T0QA2X
Vendor: SEAGATE
Model: SUN18G
Status: Online
Current Temperature: 29 Degrees Celsius
DISK1[c0t1d0s0]:
Serial Number: 0027T0QAYM
Vendor: SEAGATE
Model: SUN18G
Status: Online
Current Temperature: 29 Degrees Celsius
unknown::S1-D130-2: Online
-------------------
DISK3[c1t3d0s0]:
Serial Number: 0302A0R9W3
Vendor: SEAGATE
Model: SUN36G
Status: Online
Current Temperature: 25 Degrees Celsius
DISK4[c1t4d0s0]:
Serial Number: 0302A0NRMS
Vendor: SEAGATE
Model: SUN36G
Status: Online <------------------ Status change
Current Temperature: 27 Degrees Celsius
DISK5[c1t5d0s0]:
Serial Number: 0302A0R0AJ
Vendor: SEAGATE
Model: SUN36G
Status: Online
Current Temperature: 26 Degrees Celsius
5. If necessary, refer to the documentation that came with your VERITAS Volume Manager or Solstice DiskSuite"
software for any procedures that you might have to perform after you replace the disk drive.
Drives
Each unit has 12 drives max.
SCSI channels
With a controller(s):
0(SB) 3 SB
1 2(DB) DB
SB: Single bus; put all 12 drives(0-5, 8-13) on one bus; cable SBs together
DB: Dual/split bus, put 6 drives(0-5) Channel 0 and (8-13) Channel 2; cable DBs together
Hosts are connected to Channels 1 or 3 (default-can be changed from the menu)
Cabling:
To place 12 drives on a single bus, cable A-in to B-out.
If you want drives under raid controller control,.cable A-out to drive channel Channel 2,
Otherwise ,connection for JBOD, cable A-out to host.
Raid support
0 - striping
n - concatenation
1
5: default stripe size: random-32K; sequential-128k - only two choices
1+0 : build 2 raid1s, then create Logical Volume pairing them
5+0 : build 2 raid5s, then create Logical Volume pairing them
Spare Drives
2 types of sparing (automatic):local per logical device or global
Cache
Write Back Cache on controller 512MB-1GB; to increase or replace - replace controller FRU
Faster than T3 (160Mb vs 100Mb)
Can have 2 active controllers for load balancing and failover.
13.3.2. LED's
13.3.2.1 Front Panel LED's
Note An SFP link status (L) LED is off if there is no connection or a failed connection to this SFP.
To setup IP address:
"view/edit config paramters"
"communication parameters"
"IP"
To enable or disable write-back cache:
"view/edit config paramters"
"caching parameters'
Set rebuild priority:
"view/edit config paramters"
"disk array parameters'
To enable rescan for new drives automatically:
"view/edit config paramters"
"drive-side paramters"
"periodic auto-detect failure drive swap check time" - disabled parameter
Mute the beeper:
"controller parameters"
"mute beeper"
Note: this does not mute it forever - it will start beeping the next time it has a problem
Drive/LUN Setup
1. Confirm all drives seen correctly
if wired as single bus, then you should see Channel 0 (0-5 and 8-13). Note that Channel 14 is used for
environmental SAFTE chip.
If you can see it, label it, and it's ready to be deployed.
Notes:
lun can be expanded
luns can be partitioned and then host mapped
luns can be combined by logical volumes then host mapped
If you have problems with a raid 5, there is no "revive" or ".vol init fast" equivalent.
delete and recreate and restore
Caveat: when restoring facory defaults on unit with two controllers and 12 drives
Either fail one controller, then the do restore factory (only in tip session, do crtl-ACBD password:oemmaint)
Then after done, unfail the controller, then the defaults will get written to this controller.
Otherwise the second controller retains info and after controller reset, does not restore factory defaults
Vxdmp can manage the 2 paths to the minnow if you publish a lun to both paths Channel 1 and Channel3
Growing a Logical drive:
Note: this will not destroy the existing filesystem, if done right
A. On the minnow:
logical drives | expand logical drive | add how much more space | yes
Now that the logical drive is expanded, confirm this. Verify logical drive size.
Select new partition, make size 0, then the new space will be collapsed into the partition above it
The logical device partition 0 will be the larger space
B. On the server:
This procedure will grow the fs
1. Unmount fs:
# umount <fs>
# format
select disk, | type, | autoconfigure, see cylinders in slice 2 larger, add cylinders to slice
# remount <fs>
4. Make the fs
5. Verify fs size:
# df- k
Note: now you can see in "df -k" the new space and you still have have all your files!
How to configure and unconfigure global spares using the sccli command.
How to unconfigure the global spare disk :
sccli> show disks
Ch Id Size Speed LD Status IDs
---------------------------------------------------------------------------------------------
2 6 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTL4UM
2 7 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTKH6M
2 8 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CT8GWM
2 9 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CT9T5M
2 10 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTEHZM
2 11 232.88GB 200MB GLOBAL STAND-BY HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTH1DM
sccli> unconfigure global-spare 2.11
sccli> show disks
Ch Id Size Speed LD Status IDs
---------------------------------------------------------------------------------------------
2 6 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTL4UM
2 7 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTKH6M
2 8 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CT8GWM
2 9 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CT9T5M
2 10 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTEHZM
2 11 232.88GB 200MB NONE FRMT HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTH1DM
At this point we have unconfigured the Global Spare Disk.
How to Configure a Global Spare:
# /etc/init.d/ssagent start
5. Start the ssconsole GUI. ssconsole is a script which resides in /usr/sbin. It calls sscs which resides in
/opt/SUNWsscs/sscsconsole.
6. ssconsole is empty when it comes up. The first thing you need to do is ADD the servers which the arrays are
attached to. In this example, I am adding mas-host1 which has our 3510FC attached. There must be a WORKING
"in-band" connection to the array. Basically, "sccli" must open up a device when executed from "mas-host1".
File ->
Server List Setup -> Add -> Server name -> mas-host1
(The IP for mas-host1 will automatically populate)
OK
Add this server as on of the managed servers.
OK
8. Assign a Server to Manage a Raid Controller. This tells ssconsole that mas-host1 will be the server which
manages this 3510FC.
Array Administration -> Controller Assignment
Change the "Server to manage this controller" from none to "mas-host1"
8. No you can login as ssconfig
File -> Login -> ssconfig Passwd: ssconfig
The custom configure buttom provides most setup functions.
The Main View provides status information.
# /opt/SUNWsccli/bin/sccli
Example:
# sccli -X ses
Available devices:
1. /dev/rdsk/c3t40d0s2 [SUN StorEdge 3510 SN#002E2F] (Primary)
# sccli -X pkt
Available devices:
1. /dev/rdsk/c16t600C0FF0000000000000073FD2F50902d0s2 [SUN StorEdge 3510
SN#000007] (Secondary)
Or, if your SAN level is at least 4.4.1 (see Bug 4921470) you can also use:
Note: If the 3510 JBOD disk is under SDS or SVM, this procedure will fail with the error:
To summarize, If the box id is modified, just subtract (16*box id) from the target to get the position in the chart:
box id = 0 targets are assigned from 0 to 11
box id = 1 targets are assigned from 16 to 27
box id = 2 targets are assigned from 32 to 43
box id = 3 targets are assigned from 48 to 59
box id = 4 targets are assigned from 64 to 75
box id = 5 targets are assigned from 80 to 91
Note: Remember that the box id can be set by the hidden switch under the front left plastic cover.
After disk replacement, devfsadmd daemon should automatically recognize the new disk, create the device and
link so that the disk is available by format. If not, the following commands should be used to diagnose the issue:
# luxadm -e port devices/pci@1f,0/pci@1/SUNW,qlc@2/fp@0,0:devctl
CONNECTED
Note: If you get a "NOT CONNECTED" error on the path used by 3500, check the fiber connection on box and
server using cfgadm:
# /usr/sbin/cfgadm -al
Ap_Id Type Receptacle Occupant Condition
c1 scsi-bus connected configured unknown
c1::/dev/lus unknown connected configured unknown
c1::rmt/0 tape connected configured unknown
c2 scsi-bus connected configured unknown
c2::lus1 unknown connected configured unknown
c3 fc-private connected configured unknown
c3::2100000c5020555d disk connected configured unknown
c3::2100000c50205653 disk connected configured unknown
c3::2100000c50205a3f disk connected configured unknown
c3::2100000c50205aad disk connected configured unknown
c3::2100000c50205d18 disk connected configured unknown
c3::215000c0ff002f2a ESI connected configured unknown
c4 fc connected unconfigured unknown
If cfgadm(1) doesn't show the above result, more work will be required. When the controller isn't seen or seen
unconfigured run the following:
# /usr/sbin/cfgadm -c configure cx
When drives appear with a tag condition set to "unusable" do the following:
# /usr/sbin/luxadm -e forcelip devices/pci@1f,0/pci@1/SUNW,qlc@2/fp@0,0:devct
# /usr/sbin/luxadm -e port gives the pathname
b. Locate the disk drive that has a status of BAD or FAILED in the status column and make note of the
Channel Number, SCIS target ID and the associatged Logical Drive number.
2. Physically locate the defective disk using the channel and ID numbers. Additional information on ID locations
can be found in the "Sun StorEdge Array Installation, Operation and Service Manual"
3. If you are uncertain about drive location, you can flash the LED(s) to help in identifying the disk using this
procedure.
a. From the main menu, select "view and edit Scsi Drives"
b. Highlight the selected drive in question and hit return
c. Choose "Identifying scsi drive"
d. Select "flash all But selected drive" to flash the activity LEDs of all the drives on this channel except the
problem drive.
3. Check to see if the replaced drive was automatically scanned onto the bus
a. From the main menu, select "view and edit scsi Drives"
b. Check the drive status of the replaced disk
Note: The status field will specify NEW_DRV or USED_DRV until it is assigned as a LOCAL or GLOBAL
spare with STAND_BY status.
4. If the replaced drive wasn not automatically scanned onto the bus, you must Scan the replacement disk into the
configuration:
a. From the Main Menu of the Firmware Application select "view and edit scsi Drives".
b. Select any disk in the list, then select "Scan scsi drive".
c. Select the SCSI Channel Number, then the SCSI Target ID of the replaced disk drive, and confirm "Yes"
when prompted.
At this point a decision must be made regarding how the replaced disk will be reconfigured:
1. The replaced disk may be configured as a new local or global spare.
2. The replaced disk may re-integrated into the RAID5 logical drive.
This decision is required due to the way that the SE3310/SE3510 handles a failed drive. When a spare takes the
place of a failed drive, The spare will no longer be concidered a spare. It is concidered to be part of the Logical
Disk.
If it does not matter how this disk is treated, option 1 should be chosen. To set the replaced drive as a local or
global spare, do the following:
TO ASSIGN THE REPLACEMENT DISK AS A NEW GLOBAL SPARE
1. From the Main of the Firmware Application select "view and edit scsi Drives".
2. Select the replacement disk drive and then select "add Global spare drive", or "add Local spare drive" and
confirm yes when prompted.
TO RE-INTEGRATE THE REPLACED DISK IN THE RAID5 LOGICAL DRIVE
If it is important that the Logical Disk always consists of the same physical disks as when created, You will need to
perform a 'copy and replace' function from the original spare to the newly inserted disk.
1. Identify the previous spare disk which is now part of the Logical Drive which is going to be removed in favour of
the replacement disk.
2. From the Main of the Firmware Application select "view and edit Logical drives".
3. Select the target Logical Drive, then copy and replace drive.
4. Select the previous spare drive, then select the replaced disk drive, confirm "yes" when prompted.
5. Wait for the copy and replace to complete.
6. Reconfigure the original spare disk to a be the local or global spare again using the above procedure "To
assign the replacement disk as a new local or global spare".
sccli> set password “” (note that is is double quotes without any spaces)
sccli> q
Note: There is no prompting the root user for the old password. It is assumed that the solaris host is secure for
root, thereby allowing for this functionality to set the new password for the controller in-band, via sccli.
Method # 2 – Resetting NVRAM
NOTE: The procedures below involves resetting NVRAM to factory defaults or changing NVRAM to match that of a
spare controller. All information stored in NVRAM will be lost. Host LUN access will be lost. Before proceeding
insure all LUNs presented from the SE3x1x are un-mounted and not in use and also ensure you have console
access to the array. This can be accomplished with a null-modem cable connected to a Solaris[TM] host or laptop.
The following procedure involves resetting NVRAM to factory defaults.
Warning: Do the following procedure during a maintenance window with all host LUNs un-mounted and not in use.
Resetting NVRAM using sccli utility
For this procedure to work the SUNWsccli package must be installed on a host that has a LUN mapped from the
SE3x1x array which has the lost password. After insuring all LUNs are not in use, as root issue the following
commands:
# sccli
sccli: selected device /dev/rdsk/c1t216000C0FF8015C6d0s2 [SUN StorEdge 3510 SN#00XXX6]
sccli> reset nvram
WARNING: The configuration of the array controller will be erased.
Factory default parameters will take effect at next controller reset.
Logical devices may not be accessible until mappings are reconfigured.
Are you sure? Y
When the above completes you should now be able to tip into the array and not be prompted for a password. At
this point you can set the password to something you desire. You will also want to double check your controller
settings to include LUN mappings and SCSI channels and communication parameters such as IP, sub-netmask,
gateway and any array global settings to include drive side parameters & I/O optimization. Once complete you will
want to save settings in NVRAM to disk.
Note: Using out of band with “sccli se3000://<IP>:58632” command won't work, because when you issue the reset
nvram command you will be prompted for the current password which you don't have.
Changing NVRAM using a spare controller
If you do not have a host with a lun mapped to it from the array with the lost password you will need a spare
controller either one from another SE3x1x who's password is not set or who's password is known. Additionally you
want this extra controller to have the same firmware or higher as the array with the lost password. If not you will
need to upgrade your firmware once you complete the below steps.
Warning: Do the following procedure during a maintenance window with all host LUNs un-mounted and not in use.
The spare controller should contain the same firmware or higher as is currently on the controllers in the array.
Follow the steps outlined below:
1. Un-mount all LUNs from the raid insuring none are in use.
2. Power down the SE3x1x leaving any JBODs powered up and remove both controllers.
3. Insert the extra controller and power up the array head.
4. Insert one of the password protected controllers into the array. Wait for it to become secondary. This will
be indicated by the wrench/status light going solid green and the spare controller's light blinking green. On
the 3310 both controllers wrench/status light will be solid green wait till spare begins blinking this indicates
primary controller, which in this case should be our spare controller.
5. Remove the spare controller and wait 30 seconds to insure the secondary is now primary, indicated by a
blinking green wrench/status light.
6. Insert the other password protected controller wait for the wrench/status light on it to go solid green.
7. You should now be able to tip into the array and not be prompted for a password. At this point you should
set a password, if desired, and change any NVRAM setting that were lost to include host lun mappings and
scsi channel Ids & communication parameters such as IP, sub-netmask, gateway and any array global
settings to include drive side parameters & I/O optimization.
8. Save your NVRAM settings back to disk.
9. Reset the controller through the main menu system functions. The controllers will reboot and the controller
with the higher serial number should become primary indicated by a blinking wrench/status light.
10.If the spare controller that was used had an older firmware version you will now need to upgrade the
firmware back to what it was following the patch readme.
Only battery modules with a date code revision of 050, or later, support battery expiration monitoring information. If
you use this command with an older battery module, you will see error messages such as "not supported" or "not
available."
The battery manufacture date, the in-service date, and the battery shelf life are used to determine the expiration
date.
Only the manufacturing date is set for a battery FRU during the manufacturing process. The in-service date will be
set when the Battery Module is installed in a system or by the automated test software.
Note: If you have a SE3960, power up the ethernet hub and T3s in the second cabinet first.
http://futureworld.central/WSTL/PROJECTS/SPImage/web/Downloads.shtml
Instructions:
1. Jumpstart standard OS onto X1:
2. Customization required.
Check that the vtoc is correct - unless the jumpstart server has had the correct profile installed, the vtoc may be
wrong. The vtoc for an INDY up to at least version 2.1.3 should be:
The startup of the INDY Service Processor may hang if the incorrect IP address is on the Service Processor. You
may need to STOP-A sync and boot single user and perform the above (step 4) actions.
5. Reboot the system
# init 6
sw1b:
-> found Switch (192.168.0.31 / 100000c0dd00d323)
sw2a:
-> found Switch (192.168.0.32 / 100000c0dd00d449)
sw2b:
-> found Switch (192.168.0.33 / 100000c0dd00d46d)
t3b0:
-> found T3 (192.168.0.40 / 50020f230000afeb/50020f230000b176/
slr-mi.370-3990-02-e-f2.045035)
-------------------------------------
Configuration Summary
-------------------------------------
| Model : 6910, Requested = 6910
| Switch: 4 * 8 ports
| : sw1a, sw1b, sw2a, sw2b,
| T3s : 1
| : t3b0,
| VEs : 2
| : v1a, v1b,
-------------------------------------
NO ERRORS FOUND!
Snapshot /var/opt/SUNWstade/DATA/Solution.golden saved!
Done.
13.4.3. Configuration
The 3910 storage array consists of T3 partner pairs, a Service Processor (SP) and multiple Qlogic switches.
Customers are required to use the SP to configure volumes, volslices and to setup zoning on the switches.
The SP must be used to ensure that the configurations of the T3 volumes conform to supported and tested storage
options. You must always run the latest version of the SP software. To determine your SP software, check the
/etc/motd file.
root# more /etc/motd
Sun Microsystems Inc. NWS Service Processor Image Revision 2.3.1 Mar.18,
2003
root#
6) Exit
Select option above:>
Menus will walk you through configuring new volumes, enabling and adding volslices and switch zones for your
customer application. When configuration is complete the SP software will save the current configuration in
directory under the /opt install of the SP packages.
/opt
|
/opt/SUNWsecfg
|
/opt/SUNWsecfg/etc
|
/opt/SUNWsecfg/etc/t3b1
root# pwd
/opt/SUNWsecfg/etc/t3b1
root# ls -la
total 36
drwxr-xr-x 2 root other 512 Dec 18 05:46 .
drwxr-x--- 6 root sys 512 Dec 18 05:46 ..
-rw-r--r-- 1 root other 26 Dec 18 05:45 .date
-rw-r--r-- 1 root other 21 Dec 18 05:45 hwwn_list
-rw-r--r-- 1 root other 98 Dec 18 05:45 lun_map_list
-rw-r--r-- 1 root other 288 Dec 18 05:45 lun_perm_list
-rw-r--r-- 1 root other 67 Dec 18 05:45 lun_wwn_list
-rw-r--r-- 1 root other 180 Dec 18 05:45 port_list
-rw-r--r-- 1 root other 67 Dec 18 05:45 port_listmap
-rw-r--r-- 1 root other 78 Dec 18 05:45 restore
-rw-r--r-- 1 root other 373 Dec 18 05:45 restore_sys
-rw-r--r-- 1 root other 299 Dec 18 05:46 savemap
-rw-r--r-- 1 root other 303 Dec 18 05:45 sys_list
-rw-r--r-- 1 root other 998 Dec 18 05:46 t3map
-rw-r--r-- 1 root other 131 Dec 18 05:45 ver
-rw-r--r-- 1 root other 154 Dec 18 05:45 vol_list
-rw-r--r-- 1 root other 319 Dec 18 05:45 vol_stat
-rw-r--r-- 1 root other 245 Dec 18 05:45 volslice_list
When the configuration has been completed, these T3 commands are run and the output stored in the directory
named for the T3 partner pair affected.These are text files that can be viewed. If these files are deleted, they will be
recreated the next time the admin performs a save operation from the menus or runs the 'savet3config' command.
Default Configurations
There are a set of default configurations which are the only supported configurations for the 3910. They are stored
in:
root# pwd
/opt/SUNWsecfg/etc
root# ls -la
total 392
drwxr-x--- 6 root sys 512 Dec 18 05:46 .
drwxr-xr-x 8 root sys 512 May 19 2003 ..
-rwxr-x--- 1 root sys 2064 Mar 10 2003 initlocale
-rwxr-x--- 1 root sys 460 Mar 10 2003 rd1.cfg
-rwxr-x--- 1 root sys 455 Mar 10 2003 rd2.cfg
-rwxr-x--- 1 root sys 497 Dec 16 04:59 rd3.cfg
The volume configurations are stored in the "rd*.cfg" files. These are text files and can be viewed.
13.4.4. Troubleshooting
1. What to collect from the service proccessor:
a) Obtain model number ( returns value 3910,3960,6910,6960)
msp0: root# /opt/SUNWsecfg/bin/getconfig
b) showlogs [-v|-e <n>] -v (shows entire log in more) -e (shows only the requested number of lines)
msp0: root# /opt/SUNWsecfg/bin/showlogs -e 1
Tue May 28 14:01:30 MDT 2002 checkt3mount: t3b0 EXIT : .
3. Quick checks:
a) show mounted luns
msp0: root# /opt/SUNWsecfg/bin/checkt3mount [ -n |-l ] all
CHA - Channel Host Adapter – host bus adapter boards that connect the DKC to a host or switch (4 or 8 ports per
board)
*NOTE: Always make sure the array is in good health and rectify any outstanding issues before powering
down
13.5.3. Licenses
3 kinds of keys/licenses:
permanent (feature,serial, and capacity based)
temporary 120 days; can't be renewed or reinstalled
emergency re-enable software when temp keys expired
13.5.4. Passwords
SVP Passwords:
raid-login
Site ID: Enter the HDS site ID. This is the 7 digit value starting with an “X”
Line Identifier: Select “1”
Account Name: Enter the Name of the Account
Account Phone Number:Enter the POTS number
Central Phone Number 1: For US & Cananda, use 1-800-331-6395
Central Phone Number 2: For US & Cananda, use 1-800-331-6395
Modem Set String 1:Leave the default values
Modem Set String 2:Leave the default values
Weekly Day:Select appropriate day to send system configuration info to Call Center
Run Time Hour: Set at least 1.5 hours before/after 03:00 am.
Run Time Minute: Leave at 00
DCE Speed:Set to “57600”
Call Out:Set to “Enable”
Redial Attempt: Set to “10”
HT Converter Board: Leave at “Not Installed”
pcAW dialing:Set to “9”
Note: "top red LED on PCB is for top drive, and bottom LED on PCB is for bottom drive."
At this point you should remove the bad disk and insert the new one
These two databases needs to be in sync to get full functionality of HiCommand Gui. The sync option is in the
server.properties file:
server.base.initialsynchro
This property allows you to specify whether to synchronize the management information database and the
displayed information (HiCommand" Suite Common Repository) when you start Device Manager. A setting of true
will synchronize the information. A setting of false will not synchronize the information.
Default: false
13.5.7.2 How To Restore HiCommand Database from Manual Backup:
1) Stop the Single Sign-On Service and the Common Web Service
# /opt/HiCommand/Base/bin/hcmdssrv -stop
2) Stop the Device ManagerServer
# /opt/HiCommand/hicommand.sh stop
3) Copy the backup to the installation directory of the Device Manager Server
#/opt/HiCommand/database.sh restore
4) Change /opt/HiCommand/HiCommandServer/config/server.properties to:
server.base.initialsynchro=true
5) Enter the following command to start HiCommand Suite Single Sign-On service and HiCommand Suite
Common Web Service:
# /opt/Hicommand/Base/bin/hcmdssrv -start
6) Enter the following command to start HiCommand Server:
# /etc/init.d/hicommand start
7) Change /opt/HiCommand/HiCommandServer/config/server.properties to:
server.base.initialsynchro=false
>>>>> No need to do anything with this DB!!!!
13.5.7.3 How To Backing Up the Common Component Database ( HBASE.GDB )
1) Stop the Single Sign-On Service:
# /opt/HiCommand/Base/bin/hcmdssrv -stop -server HiCommand
2) Specify the following command:
# /opt/HiCommand/Base/bin/hcmdsdb -backup /var/buckup/HBASE_BACKUP.gbk
3) If you do not specify a backup file in the hcmdsdb command, the absolute path for a backup file is as follows:
# /var/opt/HiCommand/Base/database/HBASE_BACKUP.gbk
13.5.7.4 Restoring the Common Component Database
B. Update DKCMAIN, MAINDIFF, LCP, HTP, RAMBOOT, PCDG, LCDG & FCDG
Note: If any host is using Veritas' vxdmp, you must wait five (5) minutes after cluster-1 is
updated before moving on to cluster-2. Otherwise, the host(s) will lose connectivity.
C. Update DKU
E. Config Backup
E. Set Modes
Note: make sure that numlocks is OFF, otherwise the “m” key is assumed to be the “1” key.
2. Password is mode
3. Click on INSTALL
4. Click on CHANGE CONFIG
5. Click on SYSTEM OPTION
6. Select/deselect mode numbers as necessary.
5. Once all three packages are installed create a executable file (chmod 755 <filename>) with the following
parameters:
/opt/csw/bin/rdesktop -u Administrator -p raid-login -g 1024x768 -a 16 <ip
address of SVP>
6. Once the the file is created run it and connect to the SVP from your Solaris box.
13.5.9.2 Installing Remote Desktop for Java Desktop System (JDS):
1. Go to the following URL: http://pts-storage.west/products/T99x0/software.html
2. Select the Remote Desktop for JDS [jds-rdesktop.tar.gz] file and download to /opt
3. The following files are included in this tarfile:
README_JDS_009
rdesktop-1.3.1.tar.gz
do_JDS_009
openssl-devel-0.9.6g-99.i586.rpm
4. Run the do_JDS_009 executable to install:
# do_JDS_009
5. Once the install has completed create a executable file (chmod 755 <filename>) with the following parameters:
# vi /var/tmp/svp_access
6. Once the the file is created, run it and connect to the SVP from your JDS laptop.
· Power Supply Status, one two color LED on each power module:
· Lights green when the power supply is operating properly.
· Lights amber when the power supply has failed but the other power supply is operating
normally, or when the power cord is unplugged.
· Off if both power supplies are not plugged in or have failed.
· Cooling Status, 2 two color LEDs on each cooling canister (one for each blower):
· Lights green when the individual blower is operating properly.
· Lights amber when the individual blower has failed.
· Off when the cooling canister is not inserted.
· Controller Interface Board, 2 single color LEDs:
· Temperature Fault LED:
1. Lights amber when the board has detected a thermal fault.
2. Off when the temperature is normal.
· Power LED:
1. Lights green when the controller interface board is powered on.
2. Off when the controller interface board is receiving no power.
The D1000 is available in 2 models; an 8 drive or 12 drive system. It has the capability of using all 8 or 12 drives
on one host, or it can be divided into 2 backplanes, each using 4 or 6 drives, depending on which model you have
on each host. You can now dual host the D1000 with Sun[TM] Cluster software 2.1, 2.2 or 3.0.
On the rear of the D1000 there are (4) 68 pin scsi connectors. If connecting all 8 or 12 drives to one system,
connect the SCSI cable from the host, to the far left or the far right connector. On the other far right or left 68-pin
connection, connect a differential terminator(Part Number 150-1890). The 2 inside connections, will need to be
connected to each other, using the small SCSI cable that came with the D1000(Part number 530-1883).
If you will be using the D1000 as 2 backplanes of 4 or 6 drives each, you will need to connect HOST-A to the far
left 68 pin connector. Then connect HOST-B to the far right 68-pin connector. Then, the 2 inside 68-pin connectors
each need to have a differential terminator(part number 150-1890) connected.
The D1000 can now be dual hosted, but ONLY with Sun Cluster 2.1, 2.2 & 3.0 software installed. To install the
hardware you will need to connect HOST-A to the far left 68-pin connector. Then connect HOST-B to the far right
68-pin connector. The 2 inside connections, should be connected to each other, using the small SCSI cable that
came with the D1000 (Part number 530-1883).
INQUIRY:
Physical Path:
/devices/pci@1f,0/pci@5/scsi@1,1/ses@e,0:0
Vendor: SYMBIOS
Product: D1000
Revision: 2
Serial Number 1
Device ty pe: 0x3 (Processor device)
Removable media: no
ISO version: 0
ECMA version: 0
ANSI version: 2 (Device complies to ANSI X3.131-1994 (SCSI-
2))
Response data format: 2
Additional length: 0x31
VENDOR-SPECIFIC PARAMETERS
Byte# Hex Value ASCII
36 4e 76 e9 20 31 00 20 20 53 41 46 2d 54 45 31 2e Nv. 1. SAF-TE1.
30 30
00
Front LEDs
System Power LED: lights green when the system is powered on
·
System Summary Fault LED: lights amber when a system component, such as a disk, cooling
·
canister, or a power supply, needs service.
· Each disk drive slot has a two color LED above the disk drive. The LED:
· Remains unlit when no drive is in the slot.
· Lights green when the drive is present but not active.
· Flashes green when the drive in the slot is active
· Lights amber when the drive has been marked as failed by the A1000 controller.
Rear LEDs
· Power Supply Status, one two color LED on each power module:
· Lights green when the power supply is operating properly.
· Lights amber when the power supply has failed but the other power supply is operating
normally, or when the power cord is unplugged.
· Off if both power supplies are not plugged in or have failed.
· Cooling Status, 2 two color LEDs on each cooling canister (one for each blower):
· Lights green when the individual blower is operating properly.
· Lights amber when the individual blower has failed.
· Off when the cooling canister is not inserted.
· A1000 Controller has 6 single color LEDs:
· Controller Fault LED:
· Lights amber when a controller fault is detected.
· Off when the controller functions normally.
· Controller Activity LED:
· Lights green when the controller is active.
· Off when the controller is inactive
· Temperature Fault LED:
· Lights amber when the controller board is over normal operating temperature.
· Off when the controller temperature is normal.
· Controller Power LED:
· Lights green when the controller board is powered on.
Drives:
Capacity
LUN Controller (MB) RAID Level
0 c1t5d0 1024 5
1 c2t4d1 1024 5
2 c1t5d2 1024 5
3 c2t4d3 1024 5
4 c1t5d4 1024 1
In the above example, write-cache status of all LUNs are shown. The asterisk (*) in front of LUN 1 indicates that
the write cache for this LUN is disabled.
So by this way, we can come to know the memory size of the controller(s),segment size of the LUNs and and the
write-cache status of the LUNs from the module profile.
E) What version of RM6 is used.
This determines whether the replacement controller needs Firmware level 02xxxxxx or 03xxxxxx preloaded:
Service Logistics now stocks four different A1000 controller FRU's. A1000 controller FRU's for RM6.1.1 and
RM6.22 are not interchangeable. See the table below:
-----------------------------------------------------------------------
| | A1000 | | | |
| RAID Manager|Controller | Mem. SIMMs | | |
| Version | FRU P/N | CPU/Cache | Appdware | Bootware |
|=============|==============|============|==============|==============|
| RM6.1.1 | F375-0016-03 | 8/16 | 02050211.apd | 02050100.bwd |
| | | | | |
| RM6.1.1 | F375-0015-03 | 16/64 | 02050211.apd | 02050100.bwd |
| | | | | |
| RM6.22 | F375-0135-01 | 8/16 | 03010235.apd | 03010233.bwd |
| | | | | |
| RM6.22 | F375-0136-01 | 16/64 | 03010235.apd | 03010233.bwd |
-----------------------------------------------------------------------
As can be seen from the table above, RM6.1.1 is compatible with firmware version 02xxxxxx and RM6.22 is
compatible with firmware version 03xxxxxx. Two FRU's with different memory sizes are available for each version
of RAID Manager.
14.2.3.2 Replacement
1) Rename the file /etc/osa/mnf (for instance to /etc/osa/mnf-disabled). This is done to make sure the serial
number of the bad controller doesn't show up anymore, otherwise you might see two instead of one controller in
RM6 after the replacement. (This file will automatically be recreated when the RM6 GUI is started).
2) Temporarly set auto-boot? to false:
# eeprom 'auto-boot?'=false
3) Make sure all A1000 LUNs are umounted on host or shut down host (recommended).
4) Shutdown host, then power off A1000.
5) Note down target ID of the A1000 controller (the white, round SCSI ID switch).
6) Replace the controller.
7) Make sure to set the ID switch to the same SCSI ID as the bad controller. This is very important, otherwise
RM6 will not be able to talk to the controller anymore (without device name change).
8) Re-cable, power on A1000 and wait a couple of minutes, then power on host.
9) ok > probe-scsi-all -> is the A1000 visible?
10) ok > boot -s
11) Important ugrade the NVSRAM and the controller FW (bootware / appware). Unlike an A3x00, an A1000
controller can not be replaced online (only one controller). Therefore the NVSRAM must be updated manually.
The steps are:
11.1) Verify the correct FW versions are installed on the host. The correct files are already available on the
host if the system had a correct patch state according to the following Matrix. (See InfoDoc 43483)
11.2) If Veritas Volume Manager or Solaris Volume Manager are used to manage A1000 LUNs, some
preparation steps are required before the NVSRAM / FW can be updated. (See SRDB 24828).
11.3) Update NVSRAM. You can do this with the RM6 GUI in a similar way as you update the normal FW.
For procedure and revision levels see FIN I07090-1.
Maintenance & Tuning -> select the module -> Firmware Upgrade -> offline (directory should be
/usr/lib/osa/fw/)-> ok
Notes:
· Downgrad controller is not recommended.
· Upgrade the rdriver patch if needed to the latest release.
· The latest FW will be put into /usr/lib/osa/fw/
#/usr/lib/osa/bin/lad
c1t0d0 1T93803809 LUNS: 0 1
2. Determine the battery age, use the device name listed in lad command, /usr/lib/osa/bin/raidutil -c <device> -B
#/usr/lib/osa/bin/raidutil -c c1t0d0 -B
LUNs found on c1t0d0.
LUN 0 RAID 0 10 MB
LUN 1 RAID 5 1000 MB
Battery age is between 720 days and 810 days.
raidutil succeeded!
battery age between 630 and 720 days - near expiration
battery age greater than 720 days - expired
#/usr/lib/osa/bin/rm6 &
3. Disabling cache
If you want disable the Write Caching option, follow the steps below by using the RM6's GUI or command line
commands. Note that when the battery has already expired,cache function for write operations has been switched
off automatically.
a. Using RM6 GUI, open the Maintenance and Tuning application.
b. Select the RAID module for the Sun StorEdge A1000 array.
c. Click the Cache Parameters button, or select Option -> Cache Parameters from the drop-down menu.
d. Disable the Write Caching option.
4. Stop the host machine that is connected to the Sun StorEdge A1000 array.
# init 0
5. Before turning off the StorEdge A1000 array, wait approximately two minutes to make sure that remaining data
in the cache are flushed to the disks. Turn off the Sun StorEdge A1000 array and follow the battery replacement
procedure in the Sun StorEdge A1000 and D1000 array Installation, Operations, and Service Manual, When
turning on the StorEdge A1000 array, wait until all the disks has spun up!
6. Boot the host machine, without the -r option.
7. After the battery replacement, run the following RM6 command to reset the battery age: raidutil -c <device> -R
#/usr/lib/osa/bin/raidutil -c c1t0d0 -R
LUNs found on c1t0d0.
LUN 0 RAID 0 10 MB
LUN 1 RAID 5 1000 MB
raidutil succeeded!
9. Re-enable the Write Caching option by using the RM6 GUI or by using the RM6 command line commands:
10. After 12 hours, check to see if the battery is working, for example running RM6 GUI's healt check or running
command "/usr/lib/osa/bin/healthck -a ".
Note: The 0 and 1 next to each controller, indicates that the A1000 sees two LUNs, and the first controller of the
3500FC has one. After creating another LUN, you would see the following:
# ./lad
c1t5d0 1T03701713 LUNS: 0
c2t4d0 1T03701636 LUNS:
c3t5d0 1T81006267 LUNS: 0 1 2 <- notice that a new lun appears here now
4. To display information about a specific RAID module, such as how many controllers:
# ./rdacutil -i ultra60_A1000
ultra60_A1000: single-controller
Active controller a (c3t5d0) units: 0 1
./rdacutil succeeded!
5. To display a list of LUNs and their status in a specific RAID module:
# ./drivutil -l ultra60_A1000
Logical Unit Information for ultra60_A1000
drivutil succeeded!
# ./drivutil -p 31 c3t5d0
ultra60_A1000 unit 31: does not exist
drivutil succeeded!
Vendor ID Symbios
ProductID StorEDGE A1000
Product Revision 0003
Boot Level 03.01.04.00
Boot Level Date 04/05/01
Firmware Level 03.01.04.75
Firmware Date 04/11/02
raidutil succeeded!
10. To verify that the controllers have the proper nvsram settings:
# ./nvutil -v
# ./drivutil -i c3t5d0
Drive Information for ultra60_A1000
LG551591
[1,4] 4094 Optimal SEAGATE ST34501WCSUN4.2G 0558
LG548929
[2,4] 4094 Optimal SEAGATE ST34501WCSUN4.2G 0558
LG548750
[1,5] 4094 Optimal SEAGATE ST34501WCSUN4.2G 0558
LG552389
[2,5] 4094 Optimal SEAGATE ST34501WCSUN4.2G 0558
LG551966
drivutil succeeded!
Note During normal operation, you will see green LEDs glowing or blinking on the controller module. The
number and pattern of green status LEDs lit on the controllers depends on how your system is configured.
An active controller does not have the same status LEDs lit as a passive controller.
14.3.1.4 Power Supply and Power Supply Fan LEDs Under Normal Operating Conditions
2) Determine the battery age by running the following RM6 CLI command, raidutil -c <device> -B. For example:
#/usr/lib/osa/bin/raidutil -c c4t5d0 -B
LUNs found on c4t5d0.
LUN 0 RAID 0 10 MB
LUN 1 RAID 0 51582 MB
Battery age is between 360 days and 450 days.
raidutil succeeded!
NOTE: You will need to run this on both controllers. From the lad(1M) output in step 1, the second device is
what you will need to run the reset against.
10) Check the new battery age on BOTH controllers. For example:
#/usr/lib/osa/bin/raidutil -c c4t5d0 -B
LUNs found on c4t5d0.
LUN 0 RAID 0 60180 MB
LUN 2 RAID 5 60180 MB
Battery age is between 0 days and 90 days.
raidutil succeeded!
#/usr/lib/osa/bin/raidutil -c c3t4d0 -B
LUNs found on c4t5d0.
Battery age is between 0 days and 90 days.
GBIC LEDs
Ready Fault Indication Corrective Action
on off Okay None
on on Fault in link to GBIC Verify link is installed and unbroken.
off on Fault in source to link Verify link source is operating.
n/a on Fault in GBIC Replace GBIC.
off off GBIC not installed Install GBIC if required
off off No power to GBIC Verify system power is on
off off GBIC is incompletely inserted Reinsert GBIC
Enclosure LEDs
Power Fault Ready Indication Corrective Action
on off off Power is on None
on off on System is ready None
on off flash System is active None
n/a on n/a A FRU has failed Use the FPM
off off off No power to system Make sure the system is connected. Verify that the system power
is on.
Power Supply LEDs
Ready Fault Indication Corrective Action
on off Okay None
off on Fault condition Replace the power supply.
off off The power supply is not installed Install the power supply if required.
off off The power supply is improperly inserted. Reinsert the power supply
off off There is no power to the fan tray. . Verify that the system power is on.
luxadm inq Use the inquiry subcommand to display inquiry info for the enclosure or specific disk enclosure info
ex: # luxadm inq mars-0 device info
luxadm led_blink Use the led_blink subcommand to start flashing the yellow led associated with a specific disk.
ex:
# luxadm led_blink mars-0,f2 (f2=front disk slot 2)
luxadm led_off Use the led_off subcommand to turn off the yellow LED associated with a specific disk.
ex: # luxadm led_off mars-0,r3 (r3= rear disk slot#3)
luxadm power_off Use the power_off subcommand to set an enclosure or disk to power save mode enclosure
ex: # luxadm power_off mars-0 disk
ex: # luxadm power_off mars-0,f5 (f5=front disk slot#5)
luxadm power_on Use the power_on subcommand to set a drive or enclosure to its normal power on state.
enclosure
ex: # luxadm power_on mars-0 disk
ex: # luxadm power_on mars-0,f1 (f1=front disk slot#1)
luxadm remove_device Use this subcommand to 'hot remove' a device or enclosure, when removing failed disk
units for replacement. Verbose output will walk you thru the proceedure enclosure
ex: # luxadm remove_device mars-0 disk only
ex: # luxadm remove_device mars-0,f6
luxadm insert_device Use the insert_device subcommand for 'hot' insertion of a new disk or enclosure. Use after
the remove_device command to replace a failed drive with a new one. Verbose output will walk you thru the
proceedure.
ex: # luxadm insert_device mars-0,f5
luxadm reserve Use the reserve subcommand to reserve the specified disk(s) for exclusive use by the host from
which the subcommand was issued.
ex: # luxadm reserve mars-0,f6
luxadm release The release command releases the drive from the reserve state
ex: # luxadm release mars-0,f6
luxadm enclosure_name Use the enclosure_name subcommand to change the enclosure name of one or more
A5000s
ex: # luxadm enclosure_name mars1 pluto2 (change from pluto2 to mars1)
luxadm download Use the download command to download a prom image to the FEPROMs on an A5000
interface board. Stop all activity on this connection before downloading firmware, the array will recycle
automatically after the download.
ex: # luxadm download -s mars-0 (will download firmware from default file
/usr/lib/locale/C/LC_MESSAGES/ibfirmware)
ex: # luxadm download -s -f /special/upgrade/ibfirmware.latest mars-0 -f you can specify the file name and
do not use the default
luxadm fcal_s_download Use the fcal_s_download command to download new fcode into ALL the FC100-HA
sbus cards or display the current versions of the fcode in each FC100-HA Sbus card. display:
ex: # luxadm fcal_s_download download:
ex: # luxadm fcal_s_download -f /usr/lib/firmware/fc_s/fcal_s_fcode
14.4.3. Addressing
“sf" = Host Adapter (socal) has 2 ports sf@0,0 and sf@1,0
"ses" = Interface Boards (IB) in the A5000, 2 IBs/array, 2 ports/IB
ses 0 and 1 = IB-A
ses 2 and 3 = IB-B
vol init,
vol mount,
vol unmount,
vol mode,
vol verify,
vol stat.
(Warning: if base firmware was below 1.17a, use serial port to reset)
3. Upgrade EEprom:
t3-a:/:> ep download ep2_09.bin
4. Upgrade UIC:
t3-a:/:> lpc download u#l# lpc_04.11
(3minutes/card, will take card off line)
5. Upgrade Disks:
t3-a :/:> disk download u1d1-9 D44a.lod
(unmount volumes, 20min for 9 disks, led goes amber during download)
On Array:
· if rarp is working, array should get IP from server, If IP is assigned thru "set" command than array will go to the
'who is tftphost' phase of tftpboot.
Each of the 9 disks in the T3 has a 200MB region reserved for the boot code and configuration data. The
configuration data includes the bootcode, volume configuration and logging data. The system area has 2 partitions.
Bootcode is located on the first and psos+ and a filesystem make up the second. In this case we assume that the
bootcode is good but the filesystem is damaged. The only way to repair the filesystem in this case is to wipe out
and rebuild the system area..
Warning: Collect the required information to recover the luns in stage 3 before continuing.
14.5.6.1 Data Collection:
Use output from a saved copy of extractor or explorer to identify the lun configuration raid level and block size. If
any of these things are not rebuilt exactly as they were, the data is lost.
Note: For T3+ arrays, if vol slicing is enabled we will need the output of:
volslice list
lun map list
lun perm list.
brm04-storage-lab4:/:<1>sys list
blocksize : 64k
mp_support : rw
Lun No Slice No
----------------
0 0
1 1
2 2
3 3
14.5.6.2 Procedure
Stage 1 - Wipe out the corrupt sysarea
In order to wipe out the sysarea on a disk we interrupt the boot process by hitting ctrl t as soon as the message
initializing QLCF component...
initializing loop 1 ISP2100 ... firmware status = 3
Detected 10 FC-AL ports on loop 1
Initializing loop 2 ISP2100 ... firmware status = 3
The boot will continue in a normal fashion until it finally enters offline diagnostics.
Once the Diagnostic menu appears Select the QC: to quit but go into Label Control Menu
DIAGNOSTICS MENU
CO: Configure options for Diagnosis
MM: Memory Diagnostic Menu
DM: Data Path Diagnostic Menu
XM: Xor Diagnostic Menu
IM: QLOGIC ISP2100 Chip Diagnostic Menu
RS: Reset System
QC: Quit but go into Label Control Menu
QT: Quit Diagnostic Menu
Enter command [HE]: qc
Once again select the QC: option to quit and enter the label control menu.
DIAGNOSTICS MENU
CO: Configure options for Diagnosis
MM: Memory Diagnostic Menu
DM: Data Path Diagnostic Menu
XM: Xor Diagnostic Menu
IM: QLOGIC ISP2100 Chip Diagnostic Menu
RS: Reset System
QC: Quit but go into Label Control Menu
QT: Quit Diagnostic Menu
Enter command [HE]: qc
Select the W1 option. This will wipe out unit 1 sys area and LFS
LABEL CONTROL MENU
W1: Wipe out unit 1 Sysarea and LFS
QQ: Quit Label Menu for this UNIT
QA: Quit All
Enter command [HE]: w1
Once the boot completes the system is ready to be rebuilt. Use the t3.sh script (available in the 109115 patch) to
reload psos. Follow the patch readme included with 109115-xx.
Stage 3 - Lun recovery
Use the data collected earlier for this part of the procedure.
1. After the layout is determined, reset the block size to the correct value.
brm04-storage-lab4:/: <3>sys blocksize 64k
Notice that the luns are now missing after the rebuild of the boot and sysareas.
brm04-storage-lab4:/:<4>vol list
volume capacity raid data standby
4. Now we can re-initialize the lun. This is done with the .vol command so that the volume data is not actually
initialized. In our case:
brm04-storage-lab4:/:<7>.vol init vol01 fast
WARNING - Existing volume data won't be changed.
Continue ? [N]: y
5. If volume slices existed, we must use the output from the volslice list command to recreate the slices. It is critical
if multiple slices existed to start the volume slices on the exact start block.
brm04-storage-lab4:/:<2> volslice list
Slice Slice Num Start Blk Size Blks Capacity Volume
s0 0 0 209740800 100.011 GB vol01
s1 1 209740800 2097408 1.000 GB vol01
s3 3 211838208 52435200 25.002 GB vol01
- - 264273408 164617728 78.495 GB vol01
s2 2 0 209740800 100.011 GB vol02
- - 209740800 219150336 104.499 GB vol02
6. Then map the slices to the lun numbers as retrieved from the lun map list command.
brm04-storage-lab4:/:<9> lun map add lun 0 slice 0
Now the volume(s) can be remounted and data can be brought back online. Stage 3 is particularly critical. All data
will be lost if any incorrect information is used in the lun rebuild stage.
t3b:/:<1>ver
4. If the version is 3.x.x or greater, use the "sun" command to gain access to the dot commands.
t3b:/:<2>sun
Password: arrayservice
sun: commands enabled
PCU1 PCU2
-----------------------------------------------------------------
U1 Recharging Pending
U2 Recharging Pending
From the 'id read' output in the last question, the Battery Life Span is 730 days or 2 years. After that it must be
replaced, by replacing the PCU.
14.6.2. LED's
Array Unit SIS LEDs
14.6.3. Terminology
The terms "pool", "volume", "LUN", "vdisk" and "slice" are often used to describes structures within the 6120, 6320
and 6920 products. However, depending on the context that the term is being used, they can have very different
meanings. The following lays out the terms and their meaning relative to each product.
A 6120 Volume = a 6320 pool = 6920 vdisk
Each on of these is exactly the same structure on the array.
6120 Volume: A RAID grouping of physical disk drives, restricted to a single array tray. Slices are then carved
from the Volume and presented to the upstream host as a LUN.
6320 Pool: A RAID grouping of physical disk drives, restricted to a single array tray. Volumes are then carved
from the Pool and presented to the upstream host as a LUN.
6920 vdisk: A RAID grouping of physical disk drives, restricted to a single array tray. vdisks then become
members of a 6920 Storage Pool (see below for 6920 Storage Pool definition). Virtual Volumes are then carved
from the 6920 Pool and presented to the upstream host as a LUN.
A 6120 Slice = a 6320 Volume
Each on of these is exactly the same structure on the array.
6120 Slice: Is the smallest logical unit carved from a 6120 Volume and presented to the upstream host as a
LUN.
6320 Volume: Is the logical unit that is carved from the 6320 Pool and presented to the upstream host as a LUN.
A 6320 Pool is NOT EQUAL to a 6920 Pool
6320 Pool: A RAID grouping of physical disk drives, restricted to a single array tray. Volumes are then carved
from the Pool and presented to the upstream host as a LUN.
6920 Pool: Is a collection of vdisks (up to 32) with a common configuration, availability and performance. The
Pool can be carved into Virtual Volumes and presented to the upstream host a LUN.
The 6120, 6320 and 6920 all have the concept of a volume. In all cases it is the logical unit presented to the
upstream host as a LUN. However, the underlying structures that make up the "volume" are different for each
product.
6120 Volume: A RAID grouping of physical disk drives, restricted to a single array tray. Slices are then carved
from the Volume and presented to the upstream host as a LUN.
6320 Volume: Is the logical unit that is carved from the 6320 Pool and presented to the upstream host as a LUN.
6920 Volume: A: Virtual Volume. Is the logical unit carved from the 6920 Pool and is presented to the upstream
host as a LUN.
Tray id: 0
[sp0]#
Pool: t2pool0
Size: 10 GB
Default permissions: None
Tray id: 2
LUN: 5
[sp0]#
Modify Timezone
[sp0]# ./sscs modify timezone US/Eastern
[sp0]# ./sscs list timezone
Eastern Standard Time
6120-2
Starting POST
........
POST end
Starting...
=> boot
3. Once the unit has booted you can now log in using the password you set at L2; i.e.
Login: root
Password: letmein
===============================================
CHECKING LIVE SYSTEM, HOSTNAME = "fade"...
===============================================
! 116375 N/F! -01 ESM common patch [O] ESM 2.0 CONFIGS ONLY
! 116251 N/F! -01 Capacity Rpt Components [O] ESM 2.0/CAPACITY RPT
! 116252 N/F! -01 Capacity Rpt Mgmt Station [O] ESM 2.0/CAPACITY RPT
! 116253 N/F! -01 Capacity Rpt Agent [O] ESM 2.0/CAPACITY RPT
- Help/Usage output
root# sfkcheck -h
sfkcheck Version 1.3.5 (03/31/04)
Examples:
sw12ka0:admin> switchShow
switchName: sw12ka0
switchType: 10.0
switchState: Online
:
:
sw3900a:admin> switchShow
switchName: sw3900a
switchType: 12.4
switchState: Online
:
:
sw2400a:admin> switchShow
switchName: sw2400a
switchType: 3.4
switchState: Online
Fabric OS (cp0)
cp0 login: admin
Password:
sw5:admin>
syslog.IP.address.1: 192.168.1.60
syslog.IP.address.2: 192.168.1.88
syslog.IP.address.3: 192.168.2.77
You can administer up to 15 user accounts. User accounts can be specified as either admin or user level. You can
have a maximum of 15 simultaneous sessions on the switch at any given time.
You can add new users with the command:
NOTE: Using this way, you need to be cautious. If you disable a user via CLI and the user is logged in they will be
logged off. If you disable a user through Web Tools the user will not be logged off even though the GUI tells they
will be.
User the command:
userconfig --show -a
If the upload is done this way then it will try and rsh into the Host-ip-address. The host will have to have an entry in
the .rhosts file of the "user"
The second way of uploading the configuration is by doing the following:
This example used the ftp method to upload the config. Then to download the config you will need to disable the
switch. To disable the switch you use the switchdisable command
broke28:admin> switchdisable
This will change the status of the switch from ok to Marginal/Warning. You can then download the config using
either rsh method or ftp method The following method will download the config using the rsh method.
broke28:admin>configdownload ""Host-ip-address", "host-user-name", "file-name"
The following method will download the config using the ftp method.
Example:
broke28:admin>configdownload "129.148.190.148", "tape", "config1.txt","tape"
cfgEnable successfully completed
Committing configuration...done.
download complete
10 9 8 7 6 5 4 3 2 1
15.1.4. Troubleshooting
15.1.4.1. Brocade Switches
Things to check.. Note: commands below are for sun/qlogic switches except where noted.
· Did the port in question login to the fabric correctly? ( switchshow(brocade) or show port or show
donor )
· Is zoning and issue? (zoneshow(brocade) or zone list and zone members <zone name> or zoning list)
· What config is active on switch? (cfgshow(brocade) or zoneset active and zoneset list)
· To capture all support information on the brocade switch – use the supportshow command. In order to
capture this large amount of output you must do the following:
1) start a script from the commandlin (#script /tmp/supportshow)
2) telnet to the switch (#telnet brocade2g)
3) execute supportshow command on the switch (brocade2g:user> supportshow)
4) logout of the switch (brocade2g:user> logout)
5) break the script session (# [ctrl-d])
6) Script done, file is /tmp/supportshow
· Below is a sample of some of the swtich commands mentioned above.
NOTE: Each command example below is on a different switch so, check the prompt to see switch
type ie brocade2g or sun2g.
brocade2g:admin> switchshow
switchName: brocade2g162
switchType: 9.2
switchState: Online
switchMode: Native
switchRole: Principal
switchDomain: 2
switchId: fffc02
switchWwn: 10:00:00:60:69:51:2e:35
switchBeacon: OFF
Zoning: ON (active)
port 0: id N2 No_Light
port 1: id N2 Online E-Port 10:00:00:60:69:51:2e:61 "brocade2g164"
(downstream)
port 2: id N2 Online F-Port 21:00:00:e0:8b:07:ea:a6
port 3: id N2 No_Light
port 4: id N2 Online E-Port 10:00:00:60:69:51:2e:b8 "brocade2g163"
(downstream)
port 5: -- N2 No_Module
Note: The N2 above indicates port logins of 2GBs. We also see the switch is cascaded with 2 others E-Port and
list them as downstream meaning this is the domain principal and has a domain ID of 2.
Above you can see we have a 16 port switch with no active ports. Before making any decision to change port
types using the above commands, refer to the WWWW matrix, release notes and appropriate storage or SAN
documentation on what port types should be used.
Use 'portcfgshow' to identify any ports set from the above commands.
sun2g #> portcfgshow
Ports of Slot 1 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
-----------------+--+--+--+--+----+--+--+--+----+--+--+--+----+--+--+--
Speed AN AN AN AN AN AN AN AN AN AN AN AN AN AN AN AN
Trunk Port ON ON ON ON ON ON ON .. ON ON ON ON ON ON ON ON
Long Distance .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ..
VC Link Init .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ..
Locked L_Port .. .. .. .. .. .. .. .. ON .. .. .. .. .. .. ..
Locked G_Port .. .. .. .. .. .. .. .. .. ON .. .. .. .. .. ..
Disabled E_Port .. .. .. .. .. .. .. .. .. .. ON .. .. .. .. ..
ISL R_RDY Mode .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ..
Persistent Disable.. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ..
Brocade use the following port types as shown in 'switchshow' output (1)
U - universal port (can become G,E, L or F port )
G - global port (can become F or E port only)
E - expansion port (for Interswich link)
L - loop port (public or private loop nodes)
F - fabric port
Some HBAs or storage devices may require a particular port setting, commands that affect the eventual port type
outcome are:-
'portcfgeport' - enable or disable a port from becoming E-port
'portcfggport' - set the port as a G-port, so can only become E or F-port
'portcfglport ' - only >attempt< to initialise as loop (2)
Credit Pool:
From above you can see no ports are donors so this wont prevent a device from loging in.
brocade2g:admin> zoneshow
Defined configuration:
cfg: active priv_zone; shared_zone
zone: priv_zone
private
zone: shared_zone
shared
alias: private 1,6; 1,2; 2,2; 2,6; 3,3; 4,3
alias: shared 1,6; 1,2; 1,8; 2,6; 2,2; 2,8; 3,5; 4,5
Effective configuration:
cfg: active
zone: priv_zone
1,6
1,2
2,2
2,6
3,3
4,3
zone: shared_zone
1,6
1,2
1,8
2,6
2,2
2,8
3,5
4,5
You can see the active zones above and the ports in each. This switch is zoned by ports (hard zoned).
sun2g #> zone list
Zone ZoneSet
-------------------
jz2
(no zonesets found)
frank2
Frank
frank
jz1
(no zonesets found)
frank1
Frank
frank
bob1_8-15
frank
bob_0-7
frank
sun2g16-1 #> zone members bob_0-7
Current list of members for Zone: bob_0-7
---------------------------------
21:00:00:e0:8b:07:ea:a6
50:02:0f:23:00:00:30:44
Note: Zone bob_0-7 is soft zoned which contains the WWNs listed above.
A quick way to list all zone members is with the below command
sun2g #> zoning list
Active ZoneSet Information
ZoneSet Zone ZoneMember
--------------------------------
bob
bob1_8-15
21:01:00:e0:8b:27:05:a7
21:01:00:e0:8b:27:ea:a6
50:02:0f:23:00:00:0c:ab
50:02:0f:23:00:00:2a:57
50:02:0f:23:00:00:2f:58
bob_0-7
21:00:00:e0:8b:07:ea:a6
50:02:0f:23:00:00:30:44
frank1
21:00:00:e0:8b:07:06:a7
50:02:0f:23:00:00:2a:7b
frank2
21:00:00:e0:8b:07:e9:a6
21:01:00:e0:8b:27:06:a7
50:02:0f:23:00:00:0c:aa
50:02:0f:23:00:00:30:96
50:02:0f:23:00:00:2d:44
Configured Zoning Information
ZoneSet Zone ZoneMember
--------------------------------
bob
bob1_8-15
21:01:00:e0:8b:27:05:a7
21:01:00:e0:8b:27:ea:a6
50:02:0f:23:00:00:0c:ab
50:02:0f:23:00:00:2a:57
50:02:0f:23:00:00:2f:58
bob_0-7
21:00:00:e0:8b:07:ea:a6
50:02:0f:23:00:00:30:44
frank1
21:00:00:e0:8b:07:06:a7
50:02:0f:23:00:00:2a:7b
frank2
21:00:00:e0:8b:07:e9:a6
21:01:00:e0:8b:27:06:a7
50:02:0f:23:00:00:0c:aa
50:02:0f:23:00:00:30:96
50:02:0f:23:00:00:2d:44
The above lists all configuration zoninig information as well as the active zonesets, zones and there perspective
members. You can see this switch is soft zoned by WWNs.
brocade2g:admin> cfgshow
Defined configuration:
cfg: active priv_zone; shared_zone
zone: priv_zone
private
zone: shared_zone
shared
alias: private 1,6; 1,2; 2,2; 2,6; 3,3; 4,3
alias: shared 1,6; 1,2; 1,8; 2,6; 2,2; 2,8; 3,5; 4,5
Effective configuration:
cfg: active
zone: priv_zone
1,6
1,2
2,2
2,6
3,3
4,3
zone: shared_zone
1,6
1,2
1,8
2,6
2,2
2,8
3,5
4,5
The active config is called active and contains zones priv_zone and shared_zone.
Note: For crossPortTest, spinSilk and loopPortTest, the cables and the SFPs connected should be of the same
technology. That is, a short wavelength SFP port is connected to another short wavelength SFP port through a
short-wavelength cable, a long wavelength port is connected to a long wavelength port, and a copper port is
connected to a copper port.
portLoopbackTest – used to verify bad port when other tests fail
a) Functionally tests the switch by sending frames from the port N’s transmitter and back to the same port
N’s receiver via the serial loopback of the ASIC.
b) To run this test, an external fiber cable is not required.
c) To run this test, the switch must be disabled.
d) The test path does not include the SFP and the fiber cable.
e) The results from this test combined with the results of crossPortTest and spinSilk can be used to
determine which components of the switch are faulty.
crossPortTest – used online or offline to test cables, SFPs and switch ports
a) Similar to the portLoopbackTest except that the loopback is done via an external fiber cable.
b) Functionally tests the switch by sending frames from port M’s transmitter and looping them back through
an external fiber cable into port N’s receiver.
c) This test exercises all the switch components, from the main board, to the media, to the fiber cable, to the
media, and back to the main board.
d) To run this test, external fiber cables are required.
e) For best coverage, connected ports should be from different ASICs.
f) This test can be run in SwitchEnable or SwitchDisable Mode. In online mode, only ports that are cable
loopbacked to ports in the same switch are tested. Ports connected outside of the switch is ignored. In
offline mode, all ports are assumed to be cable loopbacked to different ports in the same switch. If one or
more ports are not connected, the test aborts.
g) The results from this test combined with the results of portLoopbackTest and spinSilk can be used to
determine which components of the switch are faulty.
spinSilk – used like a burn-in test to force a suspected problem to occur with switch offline (tests cables, SFPs
and switch ports)
a) Functionally tests the switch such that frames received by port M are retransmitted through port N.
Likewise frames received by port N are retransmitted through port M.
b) To run this test, an external fiber cable is required.
c) To run this test, the switch must be disabled.
d) The results from this test in conjunction with the results from crossPortTest and portLoopbackTest can be
used to determine which components of the switch are not functioning properly.
spinFab – used to test ISLs and SFPs between switches
a) Set the routing hardware such that test frames received by each E_Port retransmit on the same E_Port.
Next, send several frames to the neighbor port attached to each active E_Port specified.
b) This test is best combined with the online crossPortTest for ISL link-failure isolation. If this test fails,
replace the cable with a loop-back plug and run crossPortTest to verify the local switch and media. If these
pass, the fault lies in the cable or remote switch and media.
loopPortTest – used online or offline to test loop devices and SFPs/GBICs and switch ports that are part of a loop
a) Functionally tests the switch by sending frames from port M’s transmitter and looping the frames back
through an external fiber cable, including all devices on the loop, into port M’s receiver.
b) This test exercises all the switch components, from the main board, to the SFP, to the fiber cable, to the
SFPs (of the devices and the switch), and back to the main board.
15.1.4.2. McData Switches
Below are a few commands you can run on the McData switches to get information or you can have the customer
run the McDataxtr perl script that will gather the data needed to trouble shoot most McData problems:
SHOW SYSTEM
===========
System Information
Name: md6064-2g
Description: Fibre Channel Director
Contact: Tom Gray
Location: Sun Microsystems
Date/Time: 08/18/2003 20:22:24
Serial Number: FJ04086
Type Number: 006064
Model Number: 001
EC Level: -
Firmware Version: 04.01.00 12
Beaconing: Disabled
SHOW SWITCH
===========
Switch Information
State: Online
BB Credit: 16
R_A_TOV: 100
E_D_TOV: 20
Preferred Domain ID: 29
Switch Priority: Default
Speed: 2 Gb/sec
Rerouting Delay: Disabled
Operating Mode: Open Systems
Interop Mode: Open Fabric 1.0
Active Domain ID: 29
World Wide Name: 10:00:08:00:88:A0:CC:4C
Insistent Domain ID: Disabled
Domain RSCN: Disabled
SHOW NAMESERVER
===============
Type Port Id Port Name Node Name COS FC4
Types
---- ------- ----------------------- ----------------------- ---
----------
fPort 7D0413 20:00:00:00:C9:27:28:5D 10:00:00:00:C9:27:28:5D 2-3 2
fPort 7D0513 20:00:00:00:C9:2B:8E:EF 10:00:00:00:C9:2B:8E:EF 2-3 2
fPort 7D0613 50:06:0E:80:03:27:7A:10 50:06:0E:80:03:27:7A:10 3 2
fPort 7D0713 50:06:0E:80:03:27:7A:00 50:06:0E:80:03:27:7A:00 3 2
fPort 7D0813 21:00:00:01:5D:00:93:00 21:35:00:01:5D:00:93:00 3 2
fPort 7D0913 20:01:00:E0:8B:24:29:C7 21:01:00:E0:8B:24:29:C7 3 2
fPort 7D0D13 20:00:00:E0:8B:09:E7:8D 21:00:00:E0:8B:09:E7:8D 3 2
fPort 7D1013 20:00:00:E0:8B:07:54:B7 21:00:00:E0:8B:07:54:B7 3 2
fPort 7D1113 20:01:00:E0:8B:27:54:B7 21:01:00:E0:8B:27:54:B7 3 2
fPort 7D1213 20:00:00:E0:8B:04:D5:B2 21:00:00:E0:8B:04:D5:B2 3 2
fPort 7D1313 20:01:00:E0:8B:24:D5:B2 21:01:00:E0:8B:24:D5:B2 3 2
fPort 7D1813 20:00:00:E0:8B:04:29:C7 21:00:00:E0:8B:04:29:C7 3 2
fPort 7D1913 21:00:00:01:5D:00:93:00 21:45:00:01:5D:00:93:00 3 2
fPort 7D1B13 20:60:00:C0:FF:00:00:32 21:60:00:C0:FF:00:00:32 3 N/A
0. ISO/IEC 8802-2 LLC
1. ISO/IEC 8802-2 LLC/SNAP
2. SCSI-FCP
3. SCSI-GPP
4. IPI-3 Master
5. IPI-3 Slave
6. IPI-3 Peer
7. CP IPI-3 Master
8. CP IPI-3 Slave
9. CP IPI-3 Peer
10. SBCCS-Channel
11. SBCCS-Cntrl Unit
12. FC Srvcs
13. FC-FG
14. FC-XS
15. FC-AL
16. SNMP
17. HIPPI-FP
18. Vendor Unique
SHOW ZONING
===========
Active Zone Set
Default Zone Enabled: False
Zone Set: md6064-1g
Zone: ESM1
Zone Member: 21:01:00:E0:8B:2A:73:E3
Zone Member: 50:06:0E:80:03:9C:80:00
Zone: ESM2
Zone Member: 21:00:00:E0:8B:0A:73:E3
Zone Member: 50:06:0E:80:03:9C:80:10
Zone: fc_minnow
2. luxadm -e port (Here you would be looking for a connected status for your device in question. If not connected
check hardware and Switch ZONING)
/devices/pci@1f,4000/SUNW,qlc@4/fp@0,0:devctl CONNECTED
/devices/pci@1f,4000/SUNW,qlc@4,1/fp@0,0:devctl CONNECTED
/devices/pci@1f,4000/pci@5/SUNW,qlc@4/fp@0,0:devctl NOT CONNECTED
/devices/pci@1f,4000/pci@5/SUNW,qlc@5/fp@0,0:devctl NOT CONNECTED
Devices using the Leadville driver stack have to be configure here for the OS to see them.
To configure a device run cfgadm -c configure c# or for a specific device cfgadm -c configure
c5::50020f2300000cab
To list out luns under each device run:
5. cfgadm -o show_FCP_dev -al (very handy when troubleshooting lun issues).
Ap_Id Type Receptacle Occupant
Condition
c5 fc-fabric connected unconfigured unknown
c5::210000e08b07eaa6 unknown connected unconfigured unknown
c5::210100e08b2705a7 unknown connected unconfigured unknown
c5::50020f2300000caa,1 disk connected configured unknown
c5::50020f2300000caa,3 disk connected configured unknown
c5::50020f2300000caa,5 disk connected configured unknown
c5::50020f2300000caa,7 disk connected configured unknown
c5::50020f2300000caa,9 disk connected configured unknown
15.1.4.4. Storage Side Troubleshooting
· Are the luns mapped properly? (lun map list(T3))
· Are you using lun masking? (lun perm list (T3))
· Are the luns available? (vol stat (T3))
· What is the WWN of the ports? (port list (T3))
· Is there persistant binding? (check sd.conf, jnic.conf, qlc.conf & ssd.conf to name a few.)
· If using JNI card what does EZFibre GUI show? (/opt/jni/ezfibre/standalone/ezf Must be installed).
t4b:/:<1>ver
6120 Release 3.1.2 Fri Dec 19 14:49:54 PST 2003 (192.168.0.42)
Copyright (C) 1997-2003 Sun Microsystems, Inc.
All Rights Reserved.
4. If the version is 3.x.x or greater, use the "sun" command to gain access to the dot commands.
t4b:/:<2>sun
Password: arrayservice
sun: commands enabled
.bat
.bat -i u[12]pcu[12]
.bat -n u[12]pcu[12]
The -i option will clear the battery warrenty date. The -n option sets up the install week and year using
todays date.
.disp
.disp pos
.disp ts
.disp type
The 'pos' command will show the physical slots and the systems view of those drives. A perfect match
should be seen otherwise the system believes a drive is in location that it's not.
array00:/:<10>.disp pos
U1 U2 U3 U4
---------- ------- ------- --------
s01: u1d01 u2d01 u3d01 u4d01
s02: u1d02 u2d02 u3d02 u4d02
s03: u1d03 u2d03 u3d03 u4d03
s04: u1d04 u2d04 u3d04 u4d04
s05: u1d05 u2d05 u3d05 u4d05
s06: u1d06 u2d06 u3d06 u4d06
s07: dummy dummy dummy dummy
s08: dummy dummy dummy dummy
s09: dummy dummy dummy dummy
'ts' will show the timestamps that are stored in the label area of each drive.
'type' indicates if the drive has a valid label with 'Labeled'. If the sysarea is valid, it must also have a valid
label, then 'Sysarea' will be display.
array00:/:<16>.disp type
U1 U2 U3 U4
--------------------- ---------------- ------------------------
d01: Sysarea Sysarea Sysarea Sysarea
d02: Sysarea Sysarea Sysarea Sysarea
d03: Sysarea Sysarea Sysarea Sysarea
d04: Sysarea Sysarea Sysarea Sysarea
d05: Sysarea Sysarea Sysarea Sysarea
d06: Sysarea Sysarea Sysarea Sysarea
d07: dummy dummy dummy dummy
d08: dummy dummy dummy dummy
d09: dummy dummy dummy dummy
d10: dummy dummy dummy dummy
d11: dummy dummy dummy dummy
d12: dummy dummy dummy dummy
d13: dummy dummy dummy dummy
d14: Sysarea Sysarea Sysarea Sysarea
.ondg
.ondg [-y] test u{12}l{12} [count n]
.ondg [-y] find u{12}l{12}
Performance tracing. Level 1 traces Command Control Blocks, level 2 adds Stripe Control Blocks to the mix,
and level 3 adds Command Sets. There must be at least twice as many nset as nscb's. That also applies to
the ratio between nscb and nccb's. The Performance tracing commands are not enabled by default and
require a special engineering build to actually do anything.
.pfstop
Stop PF tracing.
.pffree
Displays the tracing information. At this time the arguments are noops.
.probe
Calls low level pPROBE entry point in pSOS kernel.
.loc
.loc list
.loc rm dev 0|[1-14]
The 'list' option will dump some internal state information about the mirrored configuration block. The 'rm'
command removes the label by writing zero across the information present.
auggie:/:<6>.loc list
Local Volume
-------------------------------
Enclosure Id : 1
Slice : 2
Raid Level : 1
Stripe Unit Size: 512
Block Size : 512
Mounted : Yes
Start Block : 16493
End Block : 57453
Partition Size : 40960
.sim
.sim -f|-s num 0|1|2 pause
.sim -f|-s num 0|1|2 resume
.sim -f|-s num 0|1|2 rd
.sim -f|-s num 0|1|2 wt [data ]
.sim -f|-s num 0|1|2 mb <#0 [#1 #2 #3]>
.sim -f|-s num 0|1|2 mbx <#0 [#1 #2 #3 #4 #5 #6 #7]>
.sim -f|-s num 0|1|2 getmode
.sim -f num 0|1|2 getmap
.sim -f num 0|1|2 linkstat
.sim -f num 0|1|2 getrniddata
.sim -f num 0|1|2 dump
.sim -f num 0|1|2 offline
.sim -f num 0|1|2 online
.sim -f num 0|1|2 reset
.sim -f num 0|1|2 simstat
.sim -f num 0|1|2 alpa2id
.sim -f num 0|1|2 getpdg
.cfg
.cfg use buff|dram
.cfg log 0|1|2|3|4
.cfg bypass 0|1
The 'use' subcommand causes disk read and writes to the cache when 'buff' is used as an argument. The
I/O occurs to the CPU memory if 'dram' is given. There are internal checks which will panic the system if the
wrong value is given. Under most conditions 'buff' is the desired result. log allows someone to control the
level of messages which are added to the syslog. The higher the value the more verbose the messages
become. Here's what the values mean.
0 = no messages
1 = only error messages
2 = add warning messages
3 = plus notice messages
4 = debug messages
The 'bypass' command can be used to prevent any disk drive reads or writes.
fhs' is Fast Host Sim. Used to pick the correct configuration table when issuing commands. 1 while enable
the FHS functions otherwise the default is used.
Normal on a fatal error the system will reset itself. If fatalreset is set to 0 the pSOS probe entry point will be
called. Normally 20 stripes can be flushed from the cache in between commands.
The 'flushes' subcommand can change this value. No bounds checking is done.
The open and close commands allow modification of the access to either channel on one of the three qlogic
ports.
perf' starts (1) the testing of the ISP2100 target mode using fake I/O. 'perf' with 0 stops the testing.
.id
.id read [options]
.id write [options]
.id range has one of the following patterns:
u{1-8}c1
u{1-8}l{1|2}
u{1-8}pcu{1|2}
u{1-8}b{1|2}
static
dynamic
all
config
-g : get, no arguments
-s : set, no arguments
-a : alternate prom, local only,
-f : same as above
-o : 0x1800, strtol(..base=0) format
-l : 0x200, strtol(..base=0) format
-v : l0x1234abcd for long, or
: w0x1234 for word, or
: b0xab for byte
examples:
auggie:/:<14>.id range -sfg u1c1 -o 0x200 -l 0x40 -v l0x1234abcd
auggie:/:<14>.id range -gaf u1c1 -o 0x0 -l 0x40
This command either reads or writes the FRUID information from the SEEPROM. Here's a typical display of the
information provided.
auggie:/:<14>.id read u1c1
Description: ASSY, PURPLE2, CONTROLLER BD
Short Name: T3B-Cntlr
Serial Number: 110457
Part Number: 5015710
Dash Level: 02
Rev Level: 51
Vendor Name: 0x301
Manufacture Loc: SOLECTRON,MILPITAS,CA
Timestamp: Tue Mar 05 03:47:56 GMT 2002
Note: The options of static, dynamic, all, and config dump the information in in ascii hex.
.size
.size recon
Set the reconstruction size of any volumes created. By using a small size commands like 'vol init' complete
in a much shorter time. This command is dangerous to use in anything but a test environment.
.stat
.stat cache
.stat xfer
.stat port
.stat sys
.stat prog
Display statistics about the cache and transfers based on the FAC. The FAC value is comprised of two
groups of 10 for the T3B or two groups of 16 for the T4. In either case the group number is encoded in the
upper nibble with group 1 being encoded as 0x10 not 0x00 as you might think.
The 'port' option gives statistics on just what you would expect. The incomming requests from the FC.
The option 'sys' while enabled doesn't do anything.
The 'prog' option returns the number of commands in progress on port 0.
.disk
.disk spindown
.disk spinup
.disk -f format
.disk version
.disk download
.disk mkhard lba
.disk mksoft lba
.disk reassign lba
.disk glist
.disk plist
.disk softerr
.disk harderr
.disk gettune
.disk settune stack {num}
.disk setpath 0|1
.disk setfail 0|1
.disk pathstat
.disk failover
.disk failback
.disk loopdown path
.disk loopup path
DISK PLIST
------------
u1d01 836
softerr' and 'harderr' show two different error lists in the following format:
auggie:/:<9>.disk harderr u1d1
DISK HARDERR
--------------
u1d01 0x0
'gettune' displays the tunable SCSI disk parameters such as queue depth (stack) and path policy.
auggie:/:<25>.disk gettune u1d1
'settune' allows you to change the depth of the queue of commands which can be fired at one time.
'setpath' controls which path is used to the disk. The primary (0) or alternate (1).
'setfail' controls if a failover can occur. If set to 1 normal failover is used. If 0 no failover will occur.
'pathstat' displays information about the current path policy to the disk drive.
'failover' cause a fail over from primary to alternate path.
'failback' return to primary path.
'loopdown' causes the loop for the drive to drop which uses the given path.
'loopup' enables the loop which was previously down.
'linkstat' provides information about the link to a given disk.
auggie:/:<27>.disk linkstat u1d1 path 0
'tmon_list' gives information about the temperature monitoring for the drives.
auggie:/:<28>.disk tmon_list u1d1-2
This command is the same as the port command with the exception of the 'map' and 'unmap' options. The
'map' option changes the mode of a lun to be either the primary or failover path.
.vol
.vol list []
.vol stat []
.vol mode []
.vol add data raid 0|1|5 [standby]
.vol init data|sysarea|fast [rate <1-16>]
.vol mount
.vol unmount
.vol [-y] remove
.vol verify [fix] [rate <1-8>]
.vol recon [to_standby | from_standby]
.vol disable [to_standby]
The options are the same with the .vol command as they are with the normal vol command. The difference
is that when using the 'init' option 'fast' can be specified on all raid levels, not just RAID 0.
.ep
.ep netload1
.ep netload2
.ep netload3
.ep netloadp
.ep invalidate l 2|3|p s 1|2
.ep info
The netload options read a file from the network using TFTP and directly program the flash rom of the
particular level that's specified by the option name. There are two images of each level stored in the flash.
The 'invalidate' options sets the code signature to so that the system will not use that copy to boot from.
Auggie:/:<28>.ep info
P2L1 section 1:
Code size=000008ec chksum=fb920489 base=fff00000
start=fff00100
Code version=0200 subrevision= date=20010420
time=16184000
Header counter=fffffffb chksum=7e425f44
.sys
.sys stat
.sys blocksize 16k|32k|64k
.sys cache auto|writebehind|writethrough|off
.sys mirror auto|off
.sys naca on|off
.sys mp_support none|rw|mpxio|std
.sys rd_ahead on|off
.sys recon_rate high|med|low
.sys enable_volslice
.sys fc_topology auto|loop|fabric_p2p
.sys autodisable on|off
.sys autorecon on|off
.sys loop1_split auto|off
.sys idle_disk_timeout <0-24>
.sys tmon_over <0-80>
.sys tmon_warn <0-80>
.sys tmon_ref <0-80>
.sys tmon_poll_interval <0-10>
.sys tmon_warn_interval <0-24>
.sys offline
.sys online
.sys list
The following have the same usage as the normal sys command.stat, blocksize, cache, mirror, naca,
mp_support, rd_ahead, recon_rate, enable_volslice, fc_topology
'autodisable' is used with the online diagnostics to automatically fail a drives if certain failure thresholds have
been exceeded. It is also used to disable the software if a disable event has been seen.
'autorecon' controls the automatic reconstruction of a drive when it's been inserted into the system.
'loop1_split' controls the systems ability to split the loop.
'idle_disk_timeout' is set to some number of hours. If the drive hasn't been used within that time period a
read and seek operation are done to see if the drive is still healthy.
'tmon_over' is the over temperature setting used for all disks if there's not a specific one set for an individual
disk.
'tmon_warn' is the warn threshold at the general level for disks.
'tmon_ref' is the reference temperature.
'tmon_poll_interval' is used by the ondg subsystem when polling for temperatures. The value is in minutes.
'tmon_warn_interval' indicates how often the system should print a warning message about temperature
thresholds being exceeded.
'offline' turns off the heartbeat checking.
'online' turns on the heartbeat checking.
array00:/:<140>.sys list
controller : 2.5
blocksize : 64k
cache : auto
mirror : auto
mp_support : mpxio
naca : off
rd_ahead : 2
recon_rate : 8
sys memsize : 128 MBytes
cache memsize : 1024 MBytes
fc_topology : fabric_p2p
fc_speed : 2Gb
autodisable : on
autorecon : on
loop1_split : auto
idle_disk_timeout : 8
ondg : off
ondg_tm_slice : 5
tmon_over_temp : 60
tmon_warn_temp : 55
tmon_ref_temp : 50
tmon_poll_interval : 1
tmon_warn_interval : 8
.set
.set bootmode auto|tftp|none
.set bootdelay
.set tip
.set netmask
.set gateway
.set tftphost
.set tftpfile
.set hostname
.set timezone
.set spindelay <0..>
.set logto 1|*|filename
.set loglevel 0|1|2|3|4
.set logmask
.set rarp on|off
The only difference between the dot command and the normal version are the spindelay and logmask
options.
spindelay is the number of seconds for the driver to wait during initialization for the drive to come online.
It's possible to use the logmask to only enable certain messages to be sent to the syslog daemon.
Knowledge of the code is required to understand what bits will indicate which messages are displayed.
margin
margin -e encid -l low|off|high
Adjusts the power supply margining on the T4. This command may not be part of the 3.0 release because
hardware engineering is still deciding if the feature should continue to be manufacturered into the hardware.
rnid
rnid [-i ip_addr] [-p port] [-n host] [-l]
The -l option will list the ip, port, and hostname stored in NVRAM which make up a RNID packet. The other
options set the corresponding fields.
.lpcrd
.lpcrd [ [ []]]
Issues a low level loopcard register read. This command is a debugging aid for the loopcard engineers.
.lpcwr
.lpcwr []
Command currently is a noop on T4 arrays. Issues a memory read operation to the loopcard.
.lpc
.lpc version
.lpc start
.lpc stop
.lpc download u{1-8}l{1|2}
.lpc reboot u{1-8}l{1|2}
.lpc rsterr u{1-8}l{1|2}
.lpc fread u{1-8}l{1|2}
.lpc fwrite u{1-8}l{1|2}
.lpc finvalid u{1-8}l{1|2} 0x8000|0xc000
.lpc ferase u{1-8}l{1|2}
.lpc property u{1-8}l{1|2}
.lpc rtemp u{1-8}l{1|2}
.lpc ledtest u{1-8}l{1|2}
.lpc preset u{1-8}l{1|2}
.lpc test l{1|2}
auggie:/:<31>.lpc version
LOOP A LOOP B
Enclosure 1 5.2 5.2
Enclosure 2 5.2 5.2
Current test is a noop on T4 arrays. Runs a set of simple diagnostic commands on loopcard. The array must
be configured as a single brick because a loopback cable must be attached to run the tests.
.lpcstat
Noop on T4 arrays.
.loop
.loop stat
.loop set
.peek
.philechk
pSOS file system checking utility.
.poke
.poke [ []]
Poke the hex pattern into cache memory. The pattern is a 32bit value and the size is in bytes. size defaults
to four bytes. If a pattern is not given then the location address is stored in the location.
.mcdk
There are four commands which can be sent to a slot (aka disk) in each enclosure.
1 = bypass the drive
2 = enable drive
3 = set busy LED
4 = set OK LED
.mclp
The valid command numbers are the following:
6 = Set the MUX which uses the forth argument in the following manner.
0 = Isolated
1 = Bottom
2 = Top
3 = Middle
7 = Force bypass of a controller.
8 = Disable bypass of a controller.
14 = Set a controller as master
15 = Execute a poll of loopcard to check status.
.mcps
Executes PCU commands to LPC. The following are valid commands:
1 = Start a battery refresh cycle
2 = Stop a battery refresh cycle
3 = Enable PCU
4 = Disable PCU
The ps_id is the PCU number with valid values being 1 and 2.
.mclc
Executes loop card commands to LPC. Commands available are:
1 = Start loopcard communication
2 = Disable loopcard
3 = Enable loopcard
.mcct
Executes controller commands to LPC. Commands available are:
3 = Assert Watchdog Timer
4 = Disable Watchdog Timer
5 = Set SCSI address using
.wwn
.sysdiag
Runs the following tests in a loop until a Cntrl-T is pressed on the keyboard: DRAM, Data Path, ans
ISP2100.
.tdl
.tdl list
.tdl remove
.tdl trap
Transaction Data Log commands are used to view and modify the systems command transaction data which
may not have completed before a reset or error condition. The 'list unction shows what's currently in the log:
The 'remove' function is used to completely reset the log to its default state which is empty.
'trap' will call the pSOS probe function when anyone of 256 possible TDL's occur. See
src/common/msc/ri_util.h for a valid list of traps.
.ecc
.ecc s
.ecc v {value}
.ecc i {value}
Battery threshold information. The 'r' option gets the minimum battery hold time in seconds. The 'v' option
sets the threshold of of minimum battery hold time in seconds.
.devtree
.devtree {encid} [{encid}...]
Prints out the data from the internal device tree in a raw ascii format.
array00:/:<179>.devtree 1
ENCLOSURE[1]:
Present: true
Id: 1
DRIVE[1]:
Present: true
Bypass[0]: false
Bypass[1]: false
Detect[0]: true
Detect[1]: true
Sensor[1]:
Temperature: 23
State: ok
Age: 759
Warning threshold: 60
Shutdown threshold: 65
Manufacture Record:
Timestamp: unknown
Description: unknown
Manufacture Loc: unknown
Part Number: ST373405FSUN72G
Serial Number: 3EK1QYDR
Vendor Name: SEAGATE
Dash Level: unknown
Rev Level: A538
Short Name: unknown
CONTROLLER[1]:
Present: true
Is dummy: false
L3 Version: 3.0.5
L2 Version: 3.0.5
L1 Version: 3.0.5
LP Version: 3.0.5
Detect[0]: false
Detect[1]: false
alt_loop: true
Bypass[0]: false
Bypass[1]: false
Sensor[1]:
Temperature: 22
State: ok
Age: 760
Warning threshold: 55
Shutdown threshold: 60
Manufacture Record:
Timestamp: Thu Dec 26 10:04:00 PST 2002
Description: ASSY, T4 CONTROLLER, 14 SLOT
Manufacture Loc: Milpitas,CA,USA
Part Number: 5405559
Wipes out labels which looses all configuration information and sets the system to be like new.
.lun
.lun map add lun slice
.lun map rm lun [slice ]
.lun map rm all
.lun map list [lun | slice ]
.lun perm {all_lun|lun } {rw|ro|none}{all_wwn|wwn |grp }
.lun perm list [lun |wwn |grp]
.lun map default
This command is almost the same as the normal admistrator command 'lun'. There are two differences. First
is the 'map default' which is only available when using the dot version. The second being the information
displayed when using the 'list' option. The volume number which this lun is associated with is also displayed.
Alphabetical Index
A
adb.........................................................................................................................................................................113
add_install_client......................................................................................................................................................29
add_to_install_server.........................................................................................................................................29, 36
addboard........................................................................................................................................................181, 195
arp..................................................................................................................23, 28, 91, 92, 105, 106, 164, 291, 333
ARP........................................................................................................................................................105, 161, 164
autoconfig.......................................................................................................................................105, 213, 214, 242
B
blacklist...........................................................................................................181, 182, 188, 189, 195, 214, 217, 222
Blacklist..................................................................................................................................................................222
board_id.................................................................................................................................................................213
bootmode...........................................................................................................................12, 17, 287, 291, 293, 333
Bootmode...............................................................................................................................................................291
break..................................................................................................................................................................12, 17
bringup...................................................................................................................181, 213, 214, 218, 222, 224, 225
BringUp..................................................................................................................................................................336
C
cancelcmdsync...............................................................................................................................................181, 213
cb_prom.................................................................................................................................................................213
cb_reset.................................................................................................................................................................213
cbs ........................................................................................................................................................................215
ccd.database..................................................................................................................................................143, 144
ccdadm..................................................................................................................................................................143
cconsole.........................................................................................................................................................143, 145
ccp.................................................................................................................................................................143, 145
ccradm...................................................................................................................................................................145
cdrw.........................................................................................................................................................................47
cfgadm..................................................................................49, 71, 72, 181, 228, 236, 247, 248, 266, 310, 311, 324
check_host.............................................................................................................................................................213
chkinfr....................................................................................................................................................................145
clinfo.......................................................................................................................................................................145
cmdsync.........................................................................................................................................................181, 213
cmm_ct .................................................................................................................................................................145
connections......................................................................................................................54, 143, 161, 178, 195, 266
console.......................................................................................................................................................12, 17, 195
console ..................................................................................................................................................................181
copy-clock-tod-to-io-boards....................................................................................................................................226
cpio..................................................................................................................................................................50, 119
CPIO........................................................................................................................................................................45
crlogin....................................................................................................................................................................145
cron.......................................................................................................50, 52, 57, 77, 78, 79, 80, 116, 140, 174, 176
Cron...................................................................................................................................................................50, 77
ctelnet....................................................................................................................................................................145
cups.........................................................................................................................................................................73
CUPS.......................................................................................................................................................................73
D
dcs_config..............................................................................................................................................................145
dd..........................................................................................3, 23, 45, 51, 54, 58, 59, 65, 71, 72, 74, 77, 82, 85, 146
ddb.........................................................................................................................................131, 132, 145, 181, 192
deleteboard....................................................................................................................................................181, 195
devfsadm........................................................................................................................................125, 152, 241, 247
dfmounts................................................................................................................................................................110
dfshares...........................................................................................................................................................30, 110
dhcp............................................................................................................................13, 14, 15, 23, 28, 89, 105, 110
ipfilter.............................................................................................................................................................164, 165
ipmp.......................................................................................................................................................................100
IPMP......................................................................................................................................................................151
K
kbd...........................................................................................................................................................................54
ksh...........................................................................................................................................................................61
kstat..................................................................................................50, 103, 106, 115, 143, 167, 168, 170, 327, 330
L
lockfs......................................................................................................................................................................130
lpc download..................................................................................................................................................290, 334
luactivate............................................................................................................................................................40, 44
lucancel....................................................................................................................................................................44
lucompare................................................................................................................................................................44
lucreate............................................................................................................................................36, 37, 38, 39, 44
lucurr........................................................................................................................................................................44
ludelete....................................................................................................................................................................44
ludesc.......................................................................................................................................................................44
lufslist.......................................................................................................................................................................44
lumake.....................................................................................................................................................................44
lumount..............................................................................................................................................................41, 44
lurename..................................................................................................................................................................44
lustatus.....................................................................................................................................................................44
luumount............................................................................................................................................................42, 44
luupgrade.....................................................................................................................................................39, 40, 44
luxadm..............................................................................................49, 140, 247, 248, 266, 284, 285, 310, 311, 323
M
machine_server .....................................................................................................................................................215
MAXWEEKS..........................................................................................................................................................179
metaclear...............................................................................................................................................................139
metadb...........................................................................................................................129, 131, 132, 138, 139, 192
metadetach............................................................................................................................................................139
metahs...................................................................................................................................................................139
metainit.............................................................................................................57, 129, 130, 133, 138, 139, 192, 193
metaoffline.............................................................................................................................................................139
metaonline.............................................................................................................................................................139
metaparam.............................................................................................................................................................139
metarename...........................................................................................................................................................139
metareplace...........................................................................................................................................................139
metaroot.................................................................................................................................129, 130, 133, 139, 193
metaset..................................................................................................................................................................139
metastat.........................................................................................................................................130, 131, 132, 139
metasync................................................................................................................................................................139
metattach................................................................................................................................130, 133, 138, 139, 193
MINWEEKS...........................................................................................................................................................179
mkisofs.....................................................................................................................................................................47
modinfo................................................................................................................................................................3, 54
modload...................................................................................................................................................................55
mount.....27, 37, 38, 40, 41, 42, 44, 53, 55, 58, 80, 98, 109, 119, 120, 131, 138, 146, 147, 149, 151, 155, 166, 171,
175, 193, 218, 291
Mount..........................................................................................................38, 39, 40, 41, 55, 98, 120, 131, 146, 175
moveboard.............................................................................................................................................................181
mpstat............................................................................................................................................................115, 116
N
ndd.............................................................................................................................85, 86, 103, 106, 118, 163, 164
netcon..................................................................................................................................79, 80, 87, 213, 214, 215
netcon_server................................................................................................................................................213, 215
netstat......................................................................................................................................85, 106, 115, 116, 161
RBAC...............................................................................................................................................................94, 176
redx................................................................................................................................................................213, 217
removefru.................................................................................................................................................................12
renice.....................................................................................................................................................................115
replctl.....................................................................................................................................................................145
reset.................................................................................................................................................................12, 181
resetrsc..............................................................................................................................................................17, 18
resetsc.......................................................................................................................................................12, 15, 181
rgmd_debug...........................................................................................................................................................145
rm_install_client.......................................................................................................................................................29
route add........................................................................................................................................................102, 104
route change..........................................................................................................................................................104
route delete....................................................................................................................................................103, 104
route flush..............................................................................................................................................................104
rpcinfo....................................................................................................................................................108, 109, 110
rscadm.............................................................................................................................................17, 18, 19, 20, 21
rup...............................................................................39, 45, 107, 114, 119, 130, 151, 213, 218, 264, 291, 292, 293
RUP.......................................................................................................................................................................206
S
sar....71, 72, 87, 95, 96, 104, 115, 123, 130, 131, 132, 151, 162, 163, 171, 172, 175, 176, 177, 189, 230, 236, 250,
253, 263, 291, 292, 293, 294, 326, 331
scadm.......................................................................................................13, 14, 15, 16, 17, 18, 19, 20, 21, 143, 144
scadmin..........................................................................................................................................................143, 144
sccheck..................................................................................................................................................................145
scconf.............................................................................................................................................143, 144, 145, 154
scdidadm................................................................................................................................143, 145, 152, 153, 155
scdidadmn..............................................................................................................................................................143
scdsbuilder.............................................................................................................................................................145
scdsconfig..............................................................................................................................................................145
scdscreate..............................................................................................................................................................145
scgdevs..................................................................................................................................................145, 152, 153
scinstall..................................................................................................................................................143, 145, 151
scmgr.....................................................................................................................................................................143
scp...........................................................................................................................................................................86
SCP........................................................................................................................................................184, 185, 197
scrgadm..........................................................................................................................145, 146, 147, 148, 150, 158
script.......3, 20, 23, 43, 44, 45, 50, 56, 57, 61, 65, 66, 68, 69, 70, 73, 77, 78, 79, 104, 116, 118, 155, 164, 171, 177,
181, 208, 244, 254, 293, 310, 315, 321
Script........................................................................................................................................................21, 117, 315
scsetup...........................................................................................................................................145, 154, 156, 157
scshutdown............................................................................................................................................................145
scsi-initiator-id....................................................................................................................................3, 23, 25, 26, 51
scstat......................................................................................................................................145, 155, 156, 157, 158
scswitch..................................................................................................................145, 146, 147, 148, 150, 158, 159
scvxinstall...............................................................................................................................................................145
scvxvmlg................................................................................................................................................................152
service............................................................................................................................................................195, 196
setchs.........................................................................................................................................3, 188, 189, 191, 196
setdate.......................................................................................................................................12, 18, 181, 186, 195
setdefaults................................................................................................................................................12, 181, 195
setfailover...............................................................................................................................181, 184, 185, 195, 213
setkeyswitch.....................................................................................................72, 181, 183, 188, 190, 191, 195, 196
setsc...............................................................................................................................................12, 13, 14, 15, 181
setup_install_server.....................................................................................................................................29, 32, 36
setupplatform...........................................................................................................................................71, 181, 195
setupsc...............................................................................................................................................................12, 15
sftp...........................................................................................................................................................................86
share........................................................................................................................................................................98
showboards..............................................................................................................................71, 181, 185, 186, 195
showchs.................................................................................................................................................188, 189, 196
showcomp..............................................................................................................................................181, 190, 195
showcomponent.............................................................................................................................................181, 195
showdate............................................................................................................................................12, 18, 181, 195
showenvironment.......................................................................................................................12, 17, 181, 186, 195
showerrorbuffer......................................................................................................................................................195
showescape...........................................................................................................................................................195
showfailover...................................................................................................................................181, 195, 213, 224
showfru............................................................................................................................................................12, 195
showkeyswitch.........................................................................................................................................72, 181, 195
showlogs..........................................................................................................................................12, 181, 195, 257
showmount...............................................................................................................................................................98
shownetwork..........................................................................................................................................12, 15, 17, 18
showplatform....................................................................................................................................12, 181, 185, 195
showsc.................................................................................................................................................12, 13, 18, 195
shscan....................................................................................................................................................................217
sigbcmd..................................................................................................................................................................213
smsbackup.....................................................................................................................................................181, 184
smsconfig...............................................................................................................................................................181
smsrestore.............................................................................................................................................................181
smsversion.............................................................................................................................................................181
snmpd....................................................................................................................................................................215
snoop.............................................................................................................................................................107, 108
spray......................................................................................................................................................108, 161, 162
ssh..............................................................................................................................57, 86, 161, 162, 165, 195, 297
ssp_backup............................................................................................................................................................213
ssp_config..............................................................................................................................................................213
ssp_downgrade......................................................................................................................................................213
ssp_restore............................................................................................................................................................213
ssp_startup............................................................................................................................................................215
straps.....................................................................................................................................................................215
sudo................................................................................................................................143, 169, 170, 171, 172, 174
svcadm.............................................................................................................................3, 57, 77, 78, 79, 80, 95, 96
svccfg.....................................................................................................................................................77, 78, 79, 80
svcprop........................................................................................................................................................77, 78, 80
svcs..................................................................................................................................3, 57, 58, 77, 78, 79, 80, 95
swap..........................................................29, 32, 35, 36, 37, 51, 54, 58, 72, 115, 117, 123, 124, 129, 130, 191, 192
Swap........................................................................................................................................................................58
SWAP....................................................................................................................................................................124
sys_clock...............................................................................................................................................................213
sys_id.....................................................................................................................................................................213
syslog.............................................................................................161, 165, 169, 174, 182, 257, 313, 328, 333, 336
T
tcp wrappers...................................................................................................................................................167, 174
TCP wrappers................................................................................................................................................165, 167
TCP Wrappers.......................................................................................................................................................165
testboard................................................................................................................................................................195
tftp..........................................................................................................................101, 105, 161, 290, 291, 293, 333
TFTP......................................................................................................................................................101, 290, 331
thermcal_config......................................................................................................................................................213
tip.............................................................................................................................................................................99
top..........................................................................................................................................................................115
traceroute...............................................................................................................................................................108
truss...............................................................................................................................................................114, 115
U
uadmin...............................................................................................................................................................58, 59
ufsdump...................................................................................................................................................................59
ufsrestore.................................................................................................................................................................59
umask..............................................................................................................................................................43, 177
umount............................................................................................41, 42, 44, 55, 119, 171, 192, 208, 209, 242, 273
V
vmstat...............................................................................................................................................56, 115, 116, 117
volcancel..................................................................................................................................................................60
volcheck...............................................................................................................................................................3, 59
volmgt................................................................................................................................................................60, 77
vxassist..................................................................................................................................................121, 126, 127
vxconfigd..........................................................................................................................................43, 121, 122, 125
vxdctl........................................................................................................................................43, 122, 125, 153, 159
vxdg................................................................................................................................................121, 122, 125, 126
vxdisk.............................................................................................................................................123, 125, 153, 273
vxdisksetup............................................................................................................................................................125
vxedit......................................................................................................................................................................126
vxiod.................................................................................................................................................43, 121, 125, 159
vxlicinst..................................................................................................................................................................159
vxmend..................................................................................................................................................................126
vxmksdpart.....................................................................................................................................................123, 124
vxplex.............................................................................................................................................................126, 127
vxrelayout...............................................................................................................................................................127
vxsd........................................................................................................................................................................126
vxtask.....................................................................................................................................................................125
vxunroot.................................................................................................................................................................125
vxvol...............................................................................................................................................................126, 273
W
WARNWEEKS.......................................................................................................................................................179
wfail........................................................................................................................................181, 195, 213, 217, 224
X
xir.............................................................................................................................................................................17
xntpd..................................................................................................................................................................58, 97
Y
ypbind........................................................................................................................................................95, 96, 108
ypcat........................................................................................................................................................................95
ypinit.............................................................................................................................................................94, 95, 96
ypstart..........................................................................................................................................................94, 95, 96
ypstop................................................................................................................................................................95, 96
ypwhich..............................................................................................................................................................95, 97
Z
zlogin..................................................................................................................................................................74, 75
zoneadm......................................................................................................................................................74, 75, 76
zonecfg..............................................................................................................................................................74, 76
/
/dev/console.....................................................................................................................................................75, 178
/etc/gateways.........................................................................................................................................................102
/etc/issue................................................................................................................................................................178
/etc/lvm/md.tab...............................................................................................................................................129, 192
/etc/netmasks.................................................................................................................................................102, 103
/etc/path_to_inst.....................................................................................................................................................119
/etc/system........................................................................26, 27, 43, 85, 86, 117, 118, 120, 130, 131, 151, 165, 177