Sun Enterprise Services SSE Field Reference Guide

Sun Microsystems, Inc. 400 Atrium Drive Somerset, NJ 08873 USA Part Number: xx-yyy-zzz Revision 3.1 January, 2006 Send comments about this document to: robert.fox@sun.com

Revision History
January 4, 2006 - Updated StorADE section (6.4). Added section for ilom (1.4). Added section for v40z (11.5). November 15, 2005 – Reorganized all chapters and renumbered. Set version to 3.0. November 14, 2005 – Added section for cediag, (1.4.2), psradm (1.4.17). Renumbered 1.4.x sections accordingly. November 8, 2005 – Added example of replacing a bad disk w/lvm (4.3.4) November 2, 2005 - Added Sunfire 2900 section (7.7). Added fmthard section (1.4.10). October 20, 2005 - Fixed typo's. September 20, 2005 - Added dhcp troubleshooting section (3.2.5). Updated minnow boxid's (8.3.3). August 10, 2005 - Finally added an index! August 9, 2005 – Reordered chapters for servers (old 6.0, new 7.0), disk arrays (old 7.0, new 8.0), and security (old 8.0, new 6.0). August 8, 2005 – Divided Chapter 6 into: Servers (6.0) and Disk Array's (7.0). Renumbered Security (8.0). Added section for Sun Rays (6.6). July 25, 2005 – Added section for d240 (6.15). Added section for S1 (6.16). Added sections for Disk Array LED's (6.7.1, 6.8.2, 6.10.2,). Added pictures for LED's in all disk array sections. July 11, 2005 - Added section for T3 Battery (6.7.7). Added section for Hitachi Batteries (6.11.11). Added section for Minnow batteries (6.8.7). Added sections for D1000 (6.12), A1000 (6.13), A3x00 (6.14) Renumbered SAN Switches section (6.15). Moved T3/6x20 "dot" commands to Appendix A. June 21, 2005 – Added section on SMF (1.9). June 16, 2005 - Added target info for minnow arrays (6.8.5). Modified Live Upgrade section (1.2.4) June 15, 2005 – Added sections for nis ( 2.6) and nfs (2.8). Restructured chapter 2. June 9, 2005 – Updated LVM section (4.3) June 1, 2005 – Added section on zones (1.8). Added section on Live Upgrade (1.2.4). Added sections for additional solaris commands, dumpadm (1.4.6), eeprom (1.4.7), fsck, (1.4.10), modinfo (1.4.13), volcheck (1.4.22), Added section on StorADE (4.4). Added sections for Sun Cluster (5.2.3, - 5.2.8). Updated section on Indy (6.9). Updated section on Maserati (6.10). May 26, 2005 – Added section for accessing svp on 9990 (6.11.10) May 24, 2005 – Added section on printing (1.7) May 18,2005 – Added section for accessing dot commands on T3 and 6x20 arrays (6.7.6, 6.10.2). Added section for script command (1.4.18). May2, 2005 – Added troubleshooting section for Brocade and McData switches (6.12.4) April 19, 2005 – Added sections for flashupdate (6.3.2, 6.4.4) and setchs (6.3.3, 6.4.7). March 23, 2005 – Added sections for DR (1.6), Hitachi Microcode Update (6.11.9), Minnow Disk Replacement (6.8.5), boot(1.4.1), svcadm (1.4.16), & svcs (1.4.17). Trimmed down PCAnywhere and HiTrack sections. November 30, 2004 – Added procedure to replace cp2140 board on sc (6.4.5) , Added chs section (6.4.6). October 26, 2004 – Added section for SunCluster (5.0). October 21, 2004 – Added scsi-initiator-id procedure, minor corrections to Hitachi section October 11,2004 – Added section for SMS Upgrade procedure. August 17,2004 – Added section fo sccli command reference August 11, 2004 – Added section for power cycling Hitachi Disk Array, removed softrware section. August 9, 2004 – Added section for configuring HiTrack August 1, 2004 – Added section for initial configuration of HDS 9970/9980 Array July 10, 2004 – Added Security Chapter.

SSE Field Reference Guide

1.0 Lights Out Management Software..................................................................................................11 1.1 Lights Out Management (LOM)................................................................................................11 1.1.1 Command Reference:.......................................................................................................11 1.2. Advanced Lights Out Management (ALOM)............................................................................12 1.2.1 Command Reference:.......................................................................................................12 1.2.2. ALOM Notifications..........................................................................................................12 1.2.3. Configuring the Network Management Port:....................................................................14 1.2.4. Resetting the ALOM Password........................................................................................15 1.3. Remote Server Console (RSC)................................................................................................17 1.3.1. OBP Commands .............................................................................................................17 1.3.2. RSC Commands..............................................................................................................17 1.3.3. How To Configure RSC...................................................................................................18 1.3.4. Forgotten Password.........................................................................................................21 1.4. Integrated Lights Out Management (ILOM).............................................................................22 1.4.1. Command Reference.......................................................................................................22 2.0 Open Boot Prom (OBP).................................................................................................................27 2.1. Command Reference...............................................................................................................27 2.1.1. Version 3.x ......................................................................................................................27 2.1.2. Version 4.17 additions for the boot command:................................................................27 2.2. Working with nvram.................................................................................................................27 2.2.1 Selected nvram Parameters.............................................................................................27 2.2.2. nvramrc Commands........................................................................................................28 2.2.3. nvedit Editor Keystroke Commands.................................................................................28 2.3. Common obp Procedures........................................................................................................29 2.3.1. Setting cpu speed............................................................................................................29 2.3.2. Setting hostid...................................................................................................................29 2.3.3. Setting the Monitor Frequency.........................................................................................29 2.3.4. Setting network transfer speed........................................................................................29 2.3.5. Setting scsi-initiator-id......................................................................................................29 2.3.6. Booting a System............................................................................................................31 3.0 Solaris OS......................................................................................................................................33 3.1. Installation/Configuration.........................................................................................................33 3.1.1. Jumpstart.........................................................................................................................33 3.1.2. Flash Archive...................................................................................................................34 3.1.3. WANBoot.........................................................................................................................34 3.1.4. Live Upgrade...................................................................................................................39 3.2. Patch Management..................................................................................................................49 3.2.1. patchadd Error Codes (Solaris 2.6, 7, 8,9)......................................................................49 3.2.2. patchrm Error Codes.......................................................................................................49 3.2.3. patchdiag.........................................................................................................................50 3.3. Solaris Selected Command Reference....................................................................................51 3.3.1. cdrw.................................................................................................................................51 3.3.2. cediag..............................................................................................................................51 3.3.3. cfgadm.............................................................................................................................53 3.3.4. cpio..................................................................................................................................54 3.3.5. cron.................................................................................................................................54 3.3.6. dd....................................................................................................................................54 3.3.7. dumpadm.........................................................................................................................55 3.3.8. eeprom............................................................................................................................55 3.3.9. explorer............................................................................................................................56 3.3.10. find.................................................................................................................................57 3.3.11. fmthard..........................................................................................................................57 3.3.12. fsck................................................................................................................................57 3.3.13. installboot......................................................................................................................57 3.3.14. kbd.................................................................................................................................58 3.3.15. modinfo..........................................................................................................................58 3.3.16. mount.............................................................................................................................59

Table of Contents

Sun Proprietary & Confidential: Internal Use Only

Page 4

SSE Field Reference Guide
3.3.17. “p” commands................................................................................................................60 3.3.18. psradm...........................................................................................................................60 3.3.19. script..............................................................................................................................60 3.3.20. svcadm..........................................................................................................................61 3.3.21. svcs...............................................................................................................................61 3.3.22. swap..............................................................................................................................62 3.3.23. uadmin...........................................................................................................................62 3.3.24. ufsdump.........................................................................................................................63 3.3.25. volcheck.........................................................................................................................63 3.4. Shell Programming..................................................................................................................65 3.4.1. ksh...................................................................................................................................65 3.5. Dynamic Reconfiguration.........................................................................................................75 3.5.1. Minimum Requirements for DR.......................................................................................75 3.5.2. Install Board Procedure...................................................................................................75 3.5.3. Remove Board Procedure ..............................................................................................75 3.6. Printing....................................................................................................................................77 3.6.1. cups.................................................................................................................................77 3.7. Zones.......................................................................................................................................78 3.7.1. Creating a zone...............................................................................................................78 3.7.2. Administering Zones........................................................................................................79 3.7.3. Removing a Zone............................................................................................................79 3.8. SMF.........................................................................................................................................81 4.0 Networking.....................................................................................................................................85 4.1. Network Hardware...................................................................................................................85 4.1.1. Ethernet Category 5 Wiring Diagram...............................................................................85 4.1.2. Terminal Servers.............................................................................................................86 4.2. Network Configuration.............................................................................................................89 4.2.1. NIC's................................................................................................................................89 4.2.2. ssh...................................................................................................................................90 4.2.3. ftp....................................................................................................................................91 4.2.4. dhcp.................................................................................................................................93 4.2.5. dns...................................................................................................................................95 4.2.6. nis....................................................................................................................................98 4.2.7. ntp...................................................................................................................................101 4.2.8. nfs....................................................................................................................................102 4.2.9. tip.....................................................................................................................................103 4.2.10. ipmp...............................................................................................................................104 4.2.11. tftp.................................................................................................................................105 4.2.12. Configuring Multiple Gateways......................................................................................106 4.2.13. Setting up subnets.........................................................................................................106 4.2.14. Virtual Interfaces............................................................................................................107 4.2.15. Enabling IP Forwarding.................................................................................................107 4.2.16. Routing..........................................................................................................................108 4.2.17. Setting local mac addresses:.........................................................................................108 4.2.18. Preventing Users From Logging in................................................................................109 4.2.19. inetd services.................................................................................................................109 4.3. Network Troubleshooting.........................................................................................................110 4.3.1. Troubleshooting Command Reference............................................................................110 4.3.2. TCP States......................................................................................................................113 4.3.4. NFS.................................................................................................................................113 4.3.5. DHCP..............................................................................................................................114 5.0. Performance Tuning.....................................................................................................................117 5.1. Debugging Tools......................................................................................................................117 5.1.1. adb..................................................................................................................................117 5.1.2. truss.................................................................................................................................118 5.1.3. Other Tools......................................................................................................................119 5.1.4. Data Collection Script......................................................................................................120 5.2. Performance Tuning................................................................................................................121 5.2.1. System Analysis..............................................................................................................121 Sun Proprietary & Confidential: Internal Use Only Page 5

SSE Field Reference Guide
5.2.2. Tuning the system...........................................................................................................122 5.2.3. Cache Scrubber Tuning...................................................................................................122 6.0. Storage Software..........................................................................................................................123 6.1. Solaris General Procedures.....................................................................................................123 6.1.1. Rebuilding Devices..........................................................................................................123 6.1.2. Rebuilding /etc/path_to_inst............................................................................................123 6.2. Veritas Volume Manager.........................................................................................................124 6.2.1. Unencapsulating Root.....................................................................................................124 6.2.2. Moving A Disk Array........................................................................................................126 6.2.3. Replacing Bad Root Disk w/Mirror...................................................................................127 6.2.4. VM Command Line Reference........................................................................................129 6.3. Logical Volume Manager.........................................................................................................133 6.3.1. LVM Volume Creation......................................................................................................133 6.3.2. LVM Mirroring of root.......................................................................................................134 6.3.3. Unencapsulating Root.....................................................................................................135 6.3.4. Replacing a bad disk.......................................................................................................138 6.3.5. Command Line Procedures.............................................................................................142 6.3.6. Command Reference.......................................................................................................143 6.4. StorADE...................................................................................................................................144 6.4.1 Installation........................................................................................................................144 6.4.2 Accessing StorADE..........................................................................................................144 7.0. SunCluster....................................................................................................................................145 7.1. SunCluster 2.x.........................................................................................................................145 7.1.1. Command Reference.......................................................................................................145 7.1.2. Cluster 2.x Files: .............................................................................................................146 7.2. SunCluster 3.x.........................................................................................................................147 7.2.1. Command Reference:......................................................................................................147 7.2.2. Agent Configuration.........................................................................................................148 7.2.3. Recovering a node after OS Crash..................................................................................153 7.2.4. Add a Disk to the Sun Cluster Environment.....................................................................154 7.2.5. Recovering root on RAC/CVM node................................................................................157 7.2.6. Reconfiguring Cluster Interconnects................................................................................157 7.2.7. Changing the Oracle Fault Monitor Password.................................................................160 7.2.8. Veritas Upgrade Proecdure.............................................................................................161 8.0. Security.........................................................................................................................................163 8.1. Securing Network Services......................................................................................................163 8.1.1. inetd.................................................................................................................................163 8.1.2. rpc...................................................................................................................................164 8.1.3. Securing the TCP Stack..................................................................................................164 8.1.4. ARP attacks.....................................................................................................................166 8.1.5. Securing IP......................................................................................................................166 8.1.6. ipfilter...............................................................................................................................166 8.1.7. PortSentry........................................................................................................................167 8.1.8. nfs Services.....................................................................................................................167 8.1.9. TCP Wrappers.................................................................................................................167 8.1.10. sudo...............................................................................................................................170 8.2. Other Security Measures.........................................................................................................174 8.2.1. Solaris Banners...............................................................................................................174 8.2.2. Logs.................................................................................................................................175 8.2.3. Securing the console.......................................................................................................176 8.2.4. Adjusting File Permissions...............................................................................................176 8.2.5. Securing Mount Options..................................................................................................176 8.2.6. Account Management......................................................................................................177 8.2.7. Restricting cron,at and batch...........................................................................................177 8.2.8. Role Based Access Control.............................................................................................177 8.2.9. Using a Restrictive umask...............................................................................................178 8.2.10. Preventing Attempts to Execute Code on Stacks .........................................................178 8.2.11. Access Warning Messages...........................................................................................179 8.2.12. Restricting Console Access...........................................................................................179 Sun Proprietary & Confidential: Internal Use Only Page 6

SSE Field Reference Guide
8.2.13. Hardening Passwords....................................................................................................179 9.0. High End Servers..........................................................................................................................182 9.1. Starcat Servers (F12K/F15K/E20K/E25K)...............................................................................182 9.1.1. Command Reference.......................................................................................................182 9.1.2. SMS File System Layout.................................................................................................183 9.1.3. MAN Network..................................................................................................................184 9.1.4. Firmware..........................................................................................................................184 9.1.5. SMS Upgrade Procedure.................................................................................................185 9.1.6. Replacing a cp2140 on the System Controller.................................................................187 9.1.7. Component Health Status (setchs)..................................................................................189 9.1.8. Rebuilding a System Controller.......................................................................................192 10.0. Midrange Servers........................................................................................................................196 10.1 Serengeti (3x00/4x00/6x00)....................................................................................................196 10.1.1. Command Reference.....................................................................................................196 10.1.2. Updating Firmware........................................................................................................197 10.1.3. Component Health Status..............................................................................................197 10.1.4. Forgotten password.......................................................................................................198 10.2 Sunfire 1280/2900..................................................................................................................199 10.2.1. Powering on a 2900.......................................................................................................199 10.2.2. flashupdate....................................................................................................................199 10.2.3. lom command reference................................................................................................199 10.2.4. Resetting lom pasword..................................................................................................200 10.2.5. Reprogramming the System Configuration Card (SCC)................................................201 11.0. Entry Level Servers.....................................................................................................................206 11.1. v880.......................................................................................................................................206 11.1.1 Automatic System Recovery...........................................................................................206 11.2. 280r.......................................................................................................................................208 11.2.1 nvalias issues.................................................................................................................208 11.3. SunRay..................................................................................................................................209 11.3.1. Command Reference.....................................................................................................209 11.3.2. Managing Sun Ray Services.........................................................................................211 11.4. x4100/x4200..........................................................................................................................212 11.4.1. Navigation......................................................................................................................212 11.5. v40z.......................................................................................................................................212 11.5.1. Resetting the SP Password:..........................................................................................212 12.0. EOL'd Servers.............................................................................................................................214 12.1. Ultra Enterprise 10000 (Starfire)............................................................................................214 12.1.1. Command Reference.....................................................................................................214 12.1.2. Tilde Commands...........................................................................................................215 12.1.3. SSP File System Layout................................................................................................215 12.1.4. Daemons.......................................................................................................................216 12.1.5. cpu decoding table........................................................................................................216 12.1.6. sbus decoding table.......................................................................................................217 12.1.7. redx Dump Analyzer......................................................................................................218 12.1.8. hpost..............................................................................................................................219 12.1.9. DIMM Table...................................................................................................................219 12.1.10. Configuration Rules.....................................................................................................219 12.1.11. Component Numbering Scheme .................................................................................220 12.1.12. Blacklisting...................................................................................................................223 12.1.13. Power up/down platform..............................................................................................224 12.2. Old “Sunfire” Enterprise Servers (3000/3500-6000/6500)......................................................227 12.2.1. Power on self test (POST).............................................................................................227 12.2.2. LED Codes....................................................................................................................227 12.2.3. OBP Commands............................................................................................................227 13.0. Disk Arrays.................................................................................................................................228 13.1. D240 Media Tray...................................................................................................................228 13.1.1. LED's.............................................................................................................................228 13.1.2. Replacing a disk drive....................................................................................................229 13.1.3. SCSI Target ID's............................................................................................................230 Sun Proprietary & Confidential: Internal Use Only Page 7

SSE Field Reference Guide
13.1.4. Configuration Switch......................................................................................................230 13.2. S1 Disk Array.........................................................................................................................231 13.2.1. LED's.............................................................................................................................231 13.2.2. Binary SCSI ID LEDs.....................................................................................................232 13.2.3. Rear Panel LEDs...........................................................................................................233 13.2.4. System Power and System Summary Fault LEDs ........................................................233 13.2.5. Auto-termination Indication LEDs..................................................................................233 13.2.6. Storage Subsystem Manager........................................................................................233 13.2.7. Disk Replacement.........................................................................................................237 13.3. 3x10 (Minnow) Disk Array......................................................................................................238 13.3.1. Hardware Overview.......................................................................................................238 13.3.2. LED's.............................................................................................................................239 13.3.3. Configuration Menu Sub-System...................................................................................242 13.3.4. Installing ssconsole on your system .............................................................................244 13.3.5. sccli Commands............................................................................................................245 13.3.6. Disk Replacement Procedures......................................................................................248 13.3.7. Forgotten Password.......................................................................................................251 13.3.8. Battery Status................................................................................................................252 13.4. 39x0, 69x0 (Indy) Disk Array..................................................................................................254 13.4.1. How to power on an INDY.............................................................................................254 13.4.2. Building the Service Processor......................................................................................254 13.4.3. Configuration.................................................................................................................256 13.4.4. Troubleshooting.............................................................................................................258 13.5. 99xx (Hitachi) Disk Array.......................................................................................................259 13.5.1. Hardware.......................................................................................................................259 13.5.2. Power Cycle Procedures...............................................................................................259 13.5.3. Licenses........................................................................................................................260 13.5.4. Passwords.....................................................................................................................260 13.5.5. Configuring HiTrack.......................................................................................................260 13.5.6. How to replace a failed disk...........................................................................................261 13.5.7. HiCommand Database Recovery..................................................................................261 13.5.8. Microcode Upgrade Procedure......................................................................................263 13.5.9. Accessing SVP on 9990................................................................................................264 13.5.10. Battery Information......................................................................................................265 14.0 EOL'd Disk Arrays........................................................................................................................266 14.1. D1000 (Dilbert) Disk Array.....................................................................................................266 14.1.1. LED's.............................................................................................................................266 14.1.2. Cabling the Sun StorEdge D1000 Array .......................................................................267 14.1.3. Setting the Target Address ...........................................................................................267 14.1.4. Determining Connectivity...............................................................................................267 14.1.5. Disk Replacement.........................................................................................................268 14.2. A1000 (Dilbert w/RAID) Disk Array........................................................................................269 14.2.1. LED's.............................................................................................................................269 14.2.2. Disk Replacement.........................................................................................................270 14.2.3. Controller Replacement.................................................................................................270 14.2.4. Battery Replacement Procedure....................................................................................274 14.2.5. Command Reference.....................................................................................................276 14.3. A3x00 (Sonoma) Disk Array..................................................................................................280 14.3.1. LED's.............................................................................................................................280 14.3.2. Battery Replacement Procedure....................................................................................282 14.3.3 Disk Replacement..........................................................................................................283 14.4. A5x00 (Photon) Disk Array....................................................................................................284 14.4.1 LED's..............................................................................................................................284 14.4.1. luxadm command reference..........................................................................................285 14.4.2. Minimum Configuration..................................................................................................287 14.4.3. Addressing.....................................................................................................................287 14.4.4. A5000 Target ID assignments.......................................................................................287 14.5. T3 (Purple) Disk Array...........................................................................................................288 14.5.1. LED's.............................................................................................................................288 Sun Proprietary & Confidential: Internal Use Only Page 8

SSE Field Reference Guide
14.5.2. Command Reference.....................................................................................................290 14.5.3. Firmware upgrading.......................................................................................................291 14.5.4. TFTP Boot Procedure....................................................................................................292 14.5.5. Forgotten password.......................................................................................................292 14.5.6. Rebuilding the sysarea..................................................................................................292 14.5.7. Accessing “dot” commands...........................................................................................295 14.5.8. Battery Status................................................................................................................296 14.6. 6x20 (Maserati) Disk Array....................................................................................................298 14.6.1. logins, passwords and roles..........................................................................................298 14.6.2. LED's.............................................................................................................................298 14.6.3. Terminology...................................................................................................................303 14.6.4. sscs Commands............................................................................................................304 14.6.5. Forgotten Password.......................................................................................................308 15.0 Storage Area Networks (SAN).....................................................................................................311 15.1. SAN Switches........................................................................................................................311 15.1.1. Default Passwords.........................................................................................................311 15.1.2. SAN Quick Command Reference..................................................................................311 15.1.3. Configuration Procedures..............................................................................................311 15.1.4. Troubleshooting.............................................................................................................316 Appendix A - T3 & 6x20 “dot” Commands...........................................................................................326 Alphabetical Index...............................................................................................................................340

Sun Proprietary & Confidential: Internal Use Only

Page 9

SSE Field Reference Guide

Sun Proprietary & Confidential: Internal Use Only

Page 10

SSE Field Reference Guide

1.0 Lights Out Management Software

1.0 Lights Out Management Software
LOM Sun Fire V100 Sun Fire V120 Sun Fire E2900 Sun Fire V1280 Netra 120 Netra t 1405 Netra t 1400 Netra X1 Netra T1 model 105 Netra T1 model 100 Netra T1 DC200 Netra T1 AC200 Netra 20 ALOM Sun Fire V210 Sun Fire V240 Sun Fire V250 Sun Fire V440 RSC Sun Fire V890 Sun Fire V490 Sun Fire V880 Sun Fire V480 Sun Fire 280R Sun Enterprise 250 ILOM Sun Fire x4100 Sun Fire x4200

1.1 Lights Out Management (LOM)
1.1.1 Command Reference:
alarmon [n] alarmoff [n] check console environment faulton faultoff help poweron poweroff reset [-x] shutdown show [eventlog] [escape] version set break bootmode [-u] [normal|forth|reset_nvram|diag|skip_diag] loghistory [index +/-n] [pause x] [level y] showlogs consolehistory chist date showdate logout userpassword [username] useradd [username] userdel [username] userperm [username] [c] [u] [a] [r] [-] usershow lom>

Sun Proprietary & Confidential: Internal Use Only

Page 11

SSE Field Reference Guide

1.0 Lights Out Management Software

1.2. Advanced Lights Out Management (ALOM)
1.2.1 Command Reference:
poweron {FRU} poweroff [-y] [-f] removefru [-y] {FRU} reset [-y] [-x] break [-y] bootmode [normal|reset_nvram|diag|skip_diag|bootscript="string"] console [-f] consolehistory [-b lines|-e lines] [-g lines] [-v] [boot|run] showlogs [-b lines|-e lines] [-g lines] [-v] setlocator [on|off] showlocator showenvironment showfru showplatform [-v] showsc [-v] [param] shownetwork [-v] setsc [param] [value] setupsc showdate setdate [[mmdd]HHMM | mmddHHMM[cc]yy][.SS] resetsc [-y] flashupdate [-s IPaddr -f pathname] [-v] setdefaults [-y] [-a] useradd <username> userdel [-y] <username> usershow [username] userpassword <username> userperm <username> [c][u][a][r] password showusers [-g lines] logout help [command] sc> Common Navigation Commands are: sc>console - to go to the system console from ALOM #. - to go to ALOM from the system console sc>break - similar to the old L1-A

1.2.2. ALOM Notifications
Configuring the ALOM Notification Variables will allow varying levels of ALOM alerts to be sent automatically to specified email addresses. Setting Alerts sc> showsc Advanced Lights Out Manager v1.0 parameter --------if_network if_modem value ----true false

Sun Proprietary & Confidential: Internal Use Only

Page 12

SSE Field Reference Guide
if_snmp if_emailalerts sys_autorestart netsc_tpelinktest netsc_dhcp netsc_ipaddr netsc_ipnetmask netsc_ipgateway mgt_mailhost mgt_mailalert sc_customerinfo sc_escapechars sc_powerondelay sc_clipasswdecho sc_cliprompt sc_clitimeout sc_clieventlevel sys_eventlevel ser_baudrate ser_parity ser_stopbits ser_data netsc_enetaddr sys_hostname sys_enetaddr false false xir false false 129.148.173.27 255.255.255.0 129.148.173.253

1.0 Lights Out Management Software

#. false true sc 0 2 2 9600 none 1 8 00:03:ba:29:5e:34 abcd 00:03:ba:29:5e:2b

sc> setsc if_emailalerts true - this command enables the mail alerts to be sent sc> setsc mgt_mailhost 129.148.9.16 - this command sets the IP address of the mail server to which ALOM delivers the mail alerts, if two addresses are specified they must be seperated by a single space sc> setsc mgt_mailalert john.doe@sun.com 1 - this command sets who will be sent the email with the alerts and what level alerts will be sent. The possible settings are: 1 (critical), 2 (critical and major) and 3 (critical, major and minor) sc> setsc mgt_mailalert test.alom@nowhwere.com 3 - this command shows the configuration of an additional email address to receive level 3 alerts.

Removing Alerts
To remove an email address from the configuration so that alerts are no longer sent to it we use the same command as when we added it but without the alert level number: sc> setsc mgt_mailalert test.alom@nowhwere.com

ALOM or Solaris
The same configuration can be done through the use of the Solaris based scadm command: # scadm set if_emailalerts true # scadm set mgt_mailhost 129.148.9.16 # scadm set mgt_mailalert john.doe@sun.com 1 # scadm show if_network="true" if_modem="false" if_snmp="false"

Sun Proprietary & Confidential: Internal Use Only

Page 13

SSE Field Reference Guide
if_emailalerts="true" sys_autorestart="xir" netsc_tpelinktest="true" netsc_dhcp="false" netsc_ipaddr="129.148.173.27" netsc_ipnetmask="255.255.255.0" netsc_ipgateway="129.148.173.253" mgt_mailhost="129.148.9.16" mgt_mailalert="john.doe@sun.com 1" sc_customerinfo="" sc_escapechars="#." sc_powerondelay="false" sc_servicemode="false" sc_clipasswdecho="true" sc_cliprompt="sc" sc_clitimeout="0" sc_clieventlevel="2" sc_ssqamode="false" sys_eventlevel="2"

1.0 Lights Out Management Software

1.2.3. Configuring the Network Management Port:
The parameters that need to be configured to make the NET MGT port functional are: if_network netsc_tpelinktest netsc_dhcp netsc_ipaddr netsc_ipnetmask netsc_ipgateway true true false 0.0.0.0 255.255.255.0 0.0.0.0

Use the "setsc"command to set the needed parameters sc> setsc if_network true - this command enables the port sc> setsc netsc_tpelinktest false - this command enable/disables the link integrity test, please check with your network admin to see if the network hardware(hubs etc.) support this functionality. sc> setsc netsc_dhcp false - this command should be set to false unless you want DHCP to obtain your network configuration, which is not part of this example sc> setsc netsc_ipaddr 129.148.173.27 - this command sets the the unique IP address for the NET MGT port, please see your network admin to get this address sc> setsc netsc_ipnetmask 255.255.255.0 - this command sets the netmask and will depend on the class of network. sc> setsc netsc_ipgateway 129.148.173.253 - this command sets the IP address of the gateway or router. If you have made a change to the "netsc_tpelinktest" variable, it will not change until after the next ALOM reset but is otherwise not needed. sc> resetsc -y You can now verify the settings with the "shownetwork" command

Sun Proprietary & Confidential: Internal Use Only

Page 14

SSE Field Reference Guide

1.0 Lights Out Management Software

sc> shownetwork SC network configuration is: IP Address: 129.148.173.27 Gateway address: 129.148.173.253 Netmask: 255.255.255.0 Ethernet address: 00:03:ba:29:5e:34 The ALOM NET MGT port should now be functional!!! The next steps will show how to do the same configuration but with the Solaris based "scadm" command. # /usr/platform/SUNW,Sun-Fire-V240/sbin/scadm help COMMAND DETAILS # scadm help => this message # scadm date [-s] | [[mmdd]HHMM | mmddHHMM[cc]yy][.SS] => print or set date # scadm set <variable> <value> => set variable to value # scadm show [variable] => show variable(s) # scadm resetrsc [-s] => reset SC (-s soft reset) # scadm download [boot] <file> => program firmware or [boot] monitor # scadm send_event [-c] "message" => send message as event (-c CRITICAL) # scadm modem_setup => connect to modem port # scadm useradd <username> => add SC user account # scadm userdel <username> => delete SC user account # scadm usershow [username] => show user details # scadm userpassword <username> => set user password # scadm userperm <username> [cuar] => set user permissions # scadm shownetwork => show network configuration # scadm loghistory => show SC event log # scadm version [-v] => show SC version (-v verbose) Use the "scadm set" command to set the same variables as described above # scadm set if_network true # scadm set netsc_tpelinktest false # scadm set netsc_dhcp false # scadm set netsc_ipaddr 129.148.173.27 # scadm set netsc_ipnetmask 255.255.255.0 # scadm set netsc_ipgateway 129.148.173.253 # scadm shownetwork IP Address: 129.148.173.27 Gateway address: 129.148.173.253 Netmask: 255.255.255.0 Ethernet address: 00:03:ba:29:5e:34 Note - There is also an interactive configuration process possible through the use of the "setupsc" command, which is beyond the scope of this document.

1.2.4. Resetting the ALOM Password
To overide the ALOM password on the system you will need to: 1) Attach console to Serial Management Port

Sun Proprietary & Confidential: Internal Use Only

Page 15

SSE Field Reference Guide

1.0 Lights Out Management Software

2) Power on the server via the front power button. Once POST has completed,you will need to wait 1 to 2 minutes for a timeout to occur and the system to drop to the "ok>" prompt. If you do not get the "Please login:" prompt (you will likely see the SC prompt) then you must power the system off remove the battery from the LOM board, wait a minute, and re-install everything). Below is an example of what you might see on the console: Please login: SC Alert: Host System has Reset [wait one two minutes] Serial line login timeout, returns to console stream. ok> 3) Boot the system to the OS level. If Solaris is not currently installed on the server, you will need to install it at this point. 4) Use the scadm command to reset the admin password: server# cd /usr/platform/`uname -i`/sbin server# ./scadm userpassword admin 5) Use the escape sequence "#." to get system back to the ALOM login prompt. 6) You can now log into the admin account using the password “admin” that you just set.

Sun Proprietary & Confidential: Internal Use Only

Page 16

SSE Field Reference Guide

1.0 Lights Out Management Software

1.3. Remote Server Console (RSC)
1.3.1. OBP Commands
rsc-hard-reset Performs a hard reset of RSC; this is the same as using the command rscadm resetrsc. rsc-soft-reset Performs a soft reset of RSC; this is the same as using the command rscadm resetrsc -s. diag-output-to rsc*|rsc-console**|ttya Directs POST output to either RSC (1) or ttya (0). This command takes effect after the next server reset. (E250 only) diag-console rsc*|rsc-console**|ttya This command directs power-on self-test (POST) output to either RSC (1) or ttya (0). This command takes effect after the next server reset. (Not available for the 250) rsc-mac-update Updates the RSC Ethernet address from the contents of the server ID PROM. Use this command after replacing the server NVRAM module. .rsc Displays RSC information, including the diag-output-to setting and the RSC POST status word. *Available for Sun Enterprise 250 servers only. For other supported workgroup servers, you must set input-device and output-device to rsc-console, not rsc. **For Sun Enterprise 250 servers, you must set input-device and output-device to rsc, not rsc-console.

1.3.2. RSC Commands
environment Displays current environmental information showenvironment (The showenvironment command is not available on Sun Enterprise[TM] 250 servers.) shownetwork Displays the current network configuration console Connects you to the server console break Puts the server in debug mode xir Generates an externally initiated reset to the server bootmode Controls server firmware behavior, if followed by a server reset within 10 minutes (similar to L1key combinations on Sun keyboards) · -u - Force the server to direct the console to RSC; the -u option must precede any boot_mode you specify; requires server reset · normal - Normal boot; server runs low-level diagnostics; requires server reset · forth - Enter Forth interpreter as soon as possible (equivalent to L1-F on keyboard); requires server reset · reset_nvram - Reset all NVRAM variables to default values (equivalent to L1-N on keyboard); requires server reset · diag - Force the server to run full diagnostics (equivalent to L1-D on keyboard); requires server power-off and power-on · skip_diag - Force the server to skip diagnostics (equivalent to L1-S on the keyboard); requires server power-off and power-on reset Resets the server immediately poweroff Powers off the server poweron Powers on the server loghistory Displays the history of all events logged in the RSC event buffer consolehistory Displays the history of all console messages logged in the buffer consolerestart Makes the current boot and run console logs "original" set Sets a configuration variable show Displays one or more configuration variables date Displays or sets the current time and date password Changes your RSC password useradd Adds an RSC user account userdel Deletes an RSC user account usershow Shows characteristics of an RSC user account userpassword Sets or changes a user's password userperm Sets the authorization for a user resetrsc Resets RSC immediately help Displays a list of RSC shell commands and a brief description of each version Displays the RSC firmware version Sun Proprietary & Confidential: Internal Use Only Page 17

SSE Field Reference Guide

1.0 Lights Out Management Software

showsc (The showsc command is not available on Sun Enterprise 250 servers.) logout Ends your current RSC shell session setlocator Turn the system locator LED on or off (Sun Fire[TM] V480 servers only). showlocator Show the state of the system locator LED (Sun Fire V480 servers only). showdate Same as the date command without arguments. (Not available for Sun Enterprise 250 servers.) setdate Same as the date command with arguments. (Not available for Sun Enterprise 250 servers.) rscadm subcommands help Displays a list of rscadm commands and brief descriptions for each date Displays or sets the current time and date set Sets a configuration variable show Displays one or more configuration variables shownetwork Shows current RSC card network configuration (RSC 2.0 and above) loghistory Returns the most recent log entries (RSC 2.0 and above) resetrsc Resets RSC immediately download Downloads firmware to the RSC flash PROM send_event Logs an event; can also send an alert message modem_setup Changes configuration of the modem connected to the RSC serial port useradd Adds an RSC user account userdel Deletes an RSC user account usershow Shows characteristics of an RSC user account userpassword Sets or changes a user's password userperm Sets the authorization for a user version Reports the RSC version on the host (RSC 2.0 and above) status Same as the version -v command. (RSC 2.0 and above)

1.3.3. How To Configure RSC
This document is applicable to the Sun Fire[TM] 280R, V480, and V880 servers. When using RSC, the system administrator has the option to redirect the console to RSC. This allows the RSC user to enter and exit the system console mode from the RSC shell. The following parameters must be set for the redirection to take effect: ok> setenv diag-out-console true ok> setenv input-device rsc-console ok> setenv output-device rsc-console These commands will take effect after the next server reset. If you want to redirect the console server back to TTYA , you can do the following: ok> setenv diag-out-console false ok> setenv input-device keyboard ok> setenv output-device screen If the RSC console is the console and RSC has not been fully configured, the RSC card can be pulled from the machine in order to temporarily reset the output to the TTYA port. Once OBP has been started, the parameters will need to be reset appropriately to go to another device until the RSC card has been configured. The RSC software download for Solaris contains the following packages:
· · ·

SUNWrsc SUNWrscj SUNWrscd

Step 1: Checking to see if RSC is already installed. Any previous version of RSC installed on a supported Solaris platform should be removed. Do the following to determine if RSC is already installed. 1. Make sure you are logged in as superuser. 2. Perform the pkginfo command to check for RSC. Type the following command at the superuser prompt and Sun Proprietary & Confidential: Internal Use Only Page 18

SSE Field Reference Guide
press Return (do not type the #): # /usr/bin/pkginfo | grep SUNWrsc

1.0 Lights Out Management Software

3. If the output of this command lists any RSC packages, you need to remove them. Before you do this, save the current configuration information. First, you need to know the platform name for your system. Type the following command: # uname -i The system returns a message similar to the following: SUNW,Sun-Fire-V490 In this example, the platform name is SUNW,Sun-Fire-V490. 4. Type the following to save the current configuration information : # /usr/platform/platform-name/rsc/rscadm show >/var/tmp/rsc_config_info.txt Save this file. If desired, you can also use the rscadm usershow command to display information on the users, and then save that information to a file. This information can be used to reconfigure RSC if the need arises at some time in the future. 5. Remove the RSC packages. Using the output from Step 2, type the following command to specify the installed packages you want to remove: # /usr/sbin/pkgrm SUNWrsc SUNWrscj SUNWrscd Step 2: Downloading and Installing the RSC Software for Solaris You can find the RSC software in these locations:
· ·

on the Solaris Supplemental CD (RSC_#.#) on the Sun software download site: http://www.sun.com/download

For important information specific to your version of RSC software, refer to the README file that is included in the dowloaded files. Follow these steps to install the RSC software on Solaris: 1. Make sure you are logged in as superuser. 2. Place the compressed file (for example, rsc_packages*.zip) in a temporary directory (for example, /tmp). 3. Use unzip (/usr/bin/unzip) to extract the Sun packages from the zip file. From your temporary directory, type the following command at the superuser prompt and press Return (do not type the #): # /usr/bin/unzip rsc_packages*.zip 4. Type the following command to install the Solaris packages using the pkgadd command: # /usr/sbin/pkgadd -d . Step 3: Downloading and Adding a Patch This section describes how to download and install a patch for your version of Solaris and your hardware platform. To download the patch, perform the following steps: 1. Refer to the table of software versions to determine the correct minimum patch ID number for your Solaris version and RSC version. For example, the patch for Sun Fire V880 hardware running Solaris 8, Update 5 Sun Proprietary & Confidential: Internal Use Only Page 19

SSE Field Reference Guide

1.0 Lights Out Management Software

is 111416-05. If the patch is already included in the packages you have installed you do not need to reinstall it, but see the note below about checking for other or later patches. 2. Point your Web browser to http://sunsolve.sun.com and click the Patches link in the left column. 3. Type the ID number for the patch you want in the Enter a Patch ID field and click Find Patch. 4. Follow the instructions on the page to download the patch. NOTE: Other patches or later patch versions may also exist; search http://sunsolve.sun.com for more information. To add the patch, follow these steps: 1. Log in as superuser, if you have not already done so. 2. At the system prompt, type the following command: # patchadd patch-ID where patch-ID is the ID number of the patch you downloaded (for example, patchadd 111416-05). 3. The system returns messages similar to the following: # patchadd 111416-05 Checking installed patches... Verifying sufficient filesystem capacity (dry run method)... Installing patch packages... Patch number 111416-05 has been successfully installed. See /var/sadm/patch/111416-05/log for details This step installs the following packages:
· ·

SUNWrsc SUNWrscj

Step 4: What To Do Next If you are upgrading from a previous version of RSC, you need to flash the new firmware and reconfigure RSC. If you are installing RSC for the first time, you need to run the rsc-config script on the server. Flashing the New Firmware 1. Before you flash the firmware, you need to know the platform name for your system. Type the following command: # uname -i The system returns a message similar to the following: SUNW,Sun-Fire-280R 2. Type the following command to flash the firmware and update the GUI files: # /usr/platform/platform-name/rsc/rscadm download /usr/platform/platform-name/lib/images/rscfw where platform-name is the name you obtained when you typed uname -i in the previous step. For example, if your system is a Sun Fire 280R, you would type: # /usr/platform/platform-name/rsc/rscadm download /usr/platform/SUNW,Sun-Fire280R/lib/images/rscfw

In this example, the platform name is SUNW, Sun-280R.
Sun Proprietary & Confidential: Internal Use Only Page 20

SSE Field Reference Guide
Running the rsc-config Script on the Server

1.0 Lights Out Management Software

On the server systems only, type the following command to configure the new firmware image: # /usr/platform/platform-name/rsc/rsc-config

1.3.4. Forgotten Password
1. Login to the system as root to create a new RSC user: If successful, then proceed to Step 2 If root can not access system remotely, and RSC is currently the active console, then the only other way to gain access to the system console would be through ttya, but because RSC is configured, we need to change the system's output and input devices back to their default settings. Setting these defaults can be accomplished by using one of the following two methods: Method 1: After turning on the power to your system, watch the front panel wrench LED for rapid flashing during the boot process. Press the front panel Power button twice (with a short, one-second delay in between presses). This sets all nvram parameters to their default settings. These changes are temporary and the original values will be restored after the next hardware or software reset. Method 2: Remove RSC card. By removing the RSC card the output and input devices will forced to ttya. 2. Execute the following 3 commands in order to create a new RSC user with full permissions: # /usr/platform/`uname -i`/rsc/rscadm useradd <username> # /usr/platform/`uname -i`/rsc/rscadm userperm <username> cuar # /usr/platform/`uname -i`/rsc/rscadm userpassword <username> Note: You may need to delete an RSC user if there are 4 existing users defined. If you did not remove the RSC card, please proceed to step 3. 3. Reinstall RSC card. For information on How to install the RSC card please refer to your Server's Owner's Guide. 4. Reboot the RSC card. 5. Log into RSC using the login and password created in Step 2.

Sun Proprietary & Confidential: Internal Use Only

Page 21

SSE Field Reference Guide

1.0 Lights Out Management Software

1.4. Integrated Lights Out Management (ILOM)
1.4.1. Command Reference
General Commands Description Show all valid targets. Log out of the service processor CLI. Command help targets exit

Display the version of the ILOM firmware running on the service processor. version Display service processor clock information. Display all of the CLI commands. Display the active service processor sessions. Display information about commands and targets. Display information about a specific command. Update the service processor and BIOS firmware. Display a list of the service processor event logs. show /SP/clock show /SP/cli/commands show /SP/sessions help help create load -source tftp://newSPimage show /SP/logs/event/list

User Commands Description Add a local user. Delete a local user. Change user's properties. Display information about all local users. Display information about LDAP settings. Command create /SP/users/user1 password=password role=administrator| operator delete /SP/users/user1 set /SP/users/user1 role=operator show -display [targets|properties|all] -level [value|all] /SP/users show /SP/clients/ldap set /SP/clients/ldap binddn=proxyuser bindpw=proxyuserpassword defaultrole=administrator|operator ipaddress=ipaddress

Change LDAP settings.

Sun Proprietary & Confidential: Internal Use Only

Page 22

SSE Field Reference Guide

1.0 Lights Out Management Software

Network and Serial Port Setting Commands Description Display network configuration information. Change network properties for the service processor. Changing certain network properties, like the IP address, will disconnect your active session. Display information about the external serial port. Change the external serial port configuration. Display information about the serial connection to the host. Change the host serial port configuration. Note: This speed setting must match the speed setting for serial port 0, COM1 or /dev/ttyS0 on the host operating system. set /SP/serial/host pendingspeed=integer commitpending=true show /SP/network set /SP/network pendingipaddress=ipaddress pendingipdiscovery=dchp|static pendingipgateway=ipgateway pendingipnetmask=ipnetmask commitpending=true show /SP/serial/external set /SP/serial/external pendingspeed=integer commitpending=true show /SP/serial/host Command

Alert Commands Description Display information about PET alerts. You can configure up to 15 alerts. Change alert configuration. Command show /SP/alert/rules/1...15 set /SP/alert/rules/1...15 destination=ipaddress level=down|critical|major|minor

Sun Proprietary & Confidential: Internal Use Only

Page 23

SSE Field Reference Guide

1.0 Lights Out Management Software

System Management Access Commands Description Display information about HTTP settings. Change HTTP settings, such as enabling automatic redirection to HTTPS. Display information about HTTPS access. Change HTTPS settings. Display SSH DSA key settings. Display SSH RSA key settings. Command show /SP/services/http set /SP/services/http port=portnumber secureredirect enabled|disabled servicestate=enabled|disabled show /SP/services/https set /SP/services/https port=portnumber servicestate=enabled|disabled show /SP/services/ssh/keys/dsa show /SP/services/ssh/keys/rsa

SNMP Commands Description Command

show /SP/services/snmp engineid=snmpengineid Display information about SNMP settings. port=snmpportnumber sets=enabled|disabled v1=enabled|disabled v2c=enabled|disabled By default, the SNMP port is 161 and v3 v3=enabled|disabled is enabled.

Display SNMP users.

show /SP/services/snmp/users create /SP/services/snmp/users/snmpusername authenticationpassword=password authenticationprotocol=MD5|SHA permissions=rw|ro privacypassword=password privacyprotocol=none|DES delete /SP/services/snmp/users/snmpusername show /SP/services/snmp/communities/public

Add an SNMP user.

Delete and SNMP user. Display information about SNMP public (read-only) communities. Add this device to an SNMP public community. Delete this device from an SNMP public community. Display information about SNMP private

create /SP/services/snmp/communities/public/comm1

delete /SP/services/snmp/communities/public/comm1 show /SP/services/snmp/communities/private

Sun Proprietary & Confidential: Internal Use Only

Page 24

SSE Field Reference Guide
Description (read-write) communities. Add this device to an SNMP private community. Delete this device from an SNMP private community.

1.0 Lights Out Management Software
Command

create /SP/services/snmp/communities/private/comm2 delete /SP/services/snmp/communities/private/comm2

Host System Commands Description Start the host system. Stop the host system. Reset the host system. Start a session to connect to the host console. Stop the session connected to the host console. Command start /SYS stop /SYS reset /SYS start /SP/console stop /SP/console

Clock Settings Description Set the service processor clock to synchronize with a primary NTP server. Set the service processor clock to synchronize with a secondary NTP server. Command set /SP/clients/ntp/servers/1 address=ntpIPaddress set /SP/clients/ntp/servers/2 address=ntpIPaddress2

Sun Proprietary & Confidential: Internal Use Only

Page 25

SSE Field Reference Guide

Sun Proprietary & Confidential: Internal Use Only

Page 26

SSE Field Reference Guide

2.0 Open Boot Prom (OBP)

2.0 Open Boot Prom (OBP)
2.1. Command Reference
2.1.1. Version 3.x
.version: display the version of the PROM .speed: display the cpu and bus speed banner: display the power on banner message boot <cdrom | disk | tape | net> -a -h -s -v -x: devalias: identify all current device aliases eject-floppy: eject a floppy diskette firmware-revision: identifies the firmware version password: set PROM password printenv: display all current parameters probe-fcal: identify all fiber devices attached to the i/o bus probe-scsi-all: identify all scsi devices attached to the i/o bus reset-all: recycle the system setenv <parameter> <value>: set a value for a parameter set-default <parameter>: reset the value of a parameter to is mfgr default state set-default: reset all parameters to mfgr default states show-disks: identifys all disk controllers attached to the system show-post-results: display POST results sifting: search obp commands for text string synch: write all file system changes to disk test-all:execute a device's self-test procedure watch-net-all: identify all network devices attached to the system

2.1.2. Version 4.17 additions for the boot command:
boot net:rarp - use rarp to find boot server boot net:dhcp - use dhcp to find boot server boot cdrom -F wanboot – install - install client over WAN boot net:speed=100,duplex=full - set network speed and duplex options

2.2. Working with nvram
2.2.1 Selected nvram Parameters
auto-boot?: if true, boot automatically after POST. (true) boot-command: command to execute if auto-boot? is true. (boot) boot-device: device to use for booting (disk net) boot-file: file to boot (empty string) diag-device: diagnostic boot source (net) diag-file: file from which to boot in diagnostic more (empty string) dial-level: Level of diagnostics to run (min or max) diag-switch?: If true, run in diagnostic mode input-device: input device to use (keyboard) keymap: keyboad map for custom keyboard (no default) nvramrc: NVRAM startup script (empty string) oem-banner: Custom OEM banner (empty string) oem-banner?: If true, use custom OEM banner (false) output-device: Output device to use (screen) sbus-probe-list: Identifies which sbus slots are probed & in what order (01) scsi-initiator-id: SCSI bus address of host adapter (7) security-mode: Firmware security level (none | command | full) security-password: Firmware security password (none)

Sun Proprietary & Confidential: Internal Use Only

Page 27

SSE Field Reference Guide

2.0 Open Boot Prom (OBP)

use-nvramrc?: If true, execute commands in NVRAMRC during startup sequence (false) watchdog-reboot?: If true, reboot after watchdog reset (false)

2.2.2. nvramrc Commands
nvalias alias <device-path> - Store the command "devalias alias device-path" in NVRAMRC. The alias persists until the nvunalias or set-defaults commands are executed. nvedit - Enter the NVRAMRC editor. If data remains in the temporary buffer from a previous nvedit session, resume editing those previous contents. If not, read the contents of NVRAMRC into the temporary buffer and begin editing them. nvquit -Discard the contents of the temporary buffer, without writing it to NVRAMRC. prompt for confirmation. nvrecover - Recover the contents of NVRAMRC if they have been lost as a result of the execution of setdefaults; then enter the editor as with nvedit. nvrecover fails if nvedit is executed between the time that the NVRAMRC contents were lost and the time that nvrecover is executed. nvrun - Execute the contents of the temporary buffer. nvstore - Copy the contents of the temporary buffer to NVRAMRC; discard the contents of the temporary buffer. nvunalias alias - Delete the corresponding alias from NVRAMRC. Must reset system.

2.2.3. nvedit Editor Keystroke Commands
Control-B - Move backward one character. Control-C - Exit the editor and return to the OpenBoot command interpreter. The temporary buffer is preserved but is not written back to NVRAMRC. (Use nvstore afterwards to write back the temporary buffer.) Control-F - Move forward one character. Control-K - If at the end of a line, join the next line to the current line (that is, delete the new line). Control-L - List all lines. Control-N - Move to the next line of the NVRAMRC editing buffer. Control-O - Insert a new line at the cursor position and stay on the current line. Control-P - Move to the previous line of the NVRAMRC editing buffer. [Delete] - Delete the previous character. [Return] - Insert a new line at the cursor position and advance to the next line. Activating nvram: ok> nvedit <enter commands> Type Control-C to get out of the editor and back to the ok prompt. ok> nvstore ok> setenv use-nvramrc? true ok> reset

Sun Proprietary & Confidential: Internal Use Only

Page 28

SSE Field Reference Guide

2.0 Open Boot Prom (OBP)

2.3. Common obp Procedures
2.3.1. Setting cpu speed
This procedure lets you increase or decrease the speed of the cpu and the upa bus: ok> also hidden ok> d# <new-speed> at-speed ok> .speed Note: cpu speed should be changed in 10% increments. Otherwise, the system may hang.

2.3.2. Setting hostid
This procedure will reprogram the MAC address and the hostid: ok> 17 0 mkp (press return key) ok> 8 0 20 xx yy zz 080020xxyyzz mkpl note: cursor will disappear press ctl-d press ctl-r ok> banner (press return)

2.3.3. Setting the Monitor Frequency
This procedure lets you set the monitor frequency from the obp: ok> output-device=screen:r1024x768x75 ok> boot

2.3.4. Setting network transfer speed
The following procedure forces the interface to 10Mbps: ok> show-devs (get the full path name of the hme device, e.g., /iommu@f,e0000000/sbus@f,e0001000/SUNW,hme@3,8c00000) ok> nvedit 0: probe-all install-console banner 1: apply transfer-speed=10 /iommu@f,e0000000/sbus@f,e0001000/SUNW,hme@3,8c00000 Ctrl-C (to exit the nvedit utility). ok> nvstore ok> setenv use-nvramrc? true ok> boot Note that the example above sets the speed to 10Mbps. To set the speed to 100Mbps, the value 10 should be replaced with 100.

2.3.5. Setting scsi-initiator-id
PCI based systems
1) To identify the SCSI adaptors with dual-ported disks enter the following from the boot prom: ok> probe-scsi-all For example: ok> probe-scsi-all /pci@6,4000/scsi@3,1

Sun Proprietary & Confidential: Internal Use Only

Page 29

SSE Field Reference Guide
/pci@6,4000/scsi@3 Target 2 Unit 0 Disk SEAGATE ST32171W SUN2.1G7462 Target 3 Unit 0 Disk SEAGATE ST32171W SUN2.1G7462 /pci@6,4000/scsi@2,1 Target 2 Unit 0 Disk SEAGATE ST32171W SUN2.1G7462 Target 3 Unit 0 Disk SEAGATE ST32171W SUN2.1G7462

2.0 Open Boot Prom (OBP)

Note you may have to first do the following before this command will work. ok> setenv auto-boot? false ok> reset-all Identify which disks are the dual-hosted disk and note the SCSI adaptors they are attached to. Using the above example, one connection would be "/pci@6,4000/scsi@3" and the other "/pci@6,4000/scsi@2,1" 2) Update the nvramrc to set the scsi-initiator-id to 6 for these device. From the boot prom type: ok> nvedit 0: probe-all install-console banner 1: cd /pci@6,4000/scsi@3 2: 6 " scsi-initiator-id" integer-property (note: there is a space between the " and scsi) 3: device-end 4: cd /pci@6,4000/scsi@2,1 5: 6 " scsi-initiator-id" integer-property 6: device-end <cntrl-c> ok>nvstore ok>nvramrc evaluate ok>setenv use-nvramrc? true ok>reset-all 3) Edit the /etc/system file (on both nodes) to set fast/wide SCSI (disable Ultra SCSI): set scsi_options=0x3f8 4) Boot both systems and verify that you can see the multi-hosted disks from both nodes.

Sbus based
# init 0 ok> nvedit 0: " /sbus@1f, 0/SUNW, fas@0, 8800000" select-dev 1: 6 encode-int "scsi-initiator-id" property 2: " /sbus@1f, 0/SUNW, fas@1, 880000" select-dev 3: 6 encode-int "scsi-initiator-id" property 4: device-end 5: ^c ok> nvstore ok> setenv use-nvramrc? true ok> reset-all

Sun Proprietary & Confidential: Internal Use Only

Page 30

SSE Field Reference Guide

2.0 Open Boot Prom (OBP)

2.3.6. Booting a System
A. Common boot Syntax ok> boot [device-specifier] [arguments] This behavior is found on most OpenBoot [TM] 2.x and 3.x based systems. Note that differences may occur on some platforms. B. Common Boot [device-specifier] disk - Boots from the alias named "disk". You can view the physical device path for the disk alias by typing "devalias disk" at the ok prompt, or, to view all aliases, type "devalias". cdrom - Specifies to boot from a CD or a DVD. For a system with an older EEPROM (typically OBP versions below 2.x), replace cdrom with sd(0,6,2) to boot from the system's CD-ROM. Systems with proms this old do not support Solaris [TM] versions that are contained on DVD media. net - Specifies to boot from a network boot image. url - Specifies the location of the custom JumpStart [TM] configuration files in compressed format. See section F below for the URLs that can be specified, syntax, and examples. C. Common Boot [arguments] Below is a list of the most commonly used boot command flags along with a brief explanation. Each command must be entered at the system "OK" prompt level. Note: This is NOT intended to be a complete listing of all the boot argument options. Please see the appropriate man pages for more details. Option : Definition -a Ask the user for configuration information, such as where to find the system file, where to mount root, and even override the name of the kernel itself. Default responses will be contained in square brackets ([]), and the user may simply enter <RETURN> to use the default response. To help repair a damaged /etc/system file, enter /dev/null at the prompt that asks for the pathname of the system configuration file. -v Boot with verbose messages enabled. -s Boot only to init level 's' Single User Mode. All local file systems are mounted. Only a small set of essential kernel processes are left running. This mode is for administrative tasks such as installing optional utility packages. All files are accessible and no users are logged in on the system. -x Do not boot in clustered mode.This option only has an effect when a version of Sun Cluster software that supports this option has been installed. -r Reconfiguration boot. The system will probe all attached hardware devices and assign nodes in the file system to represent only those devices actually found. -f Causes Autoclient systems to flush and reinitialize the client system's local cache and read all files over the network from the client's file server. This flag is ignored for all non-Autoclient systems. -D default-file This option allows the default file to be explicitly set and can be useful when booting kadb(1M) since, by default, kadb loads the default-file as exported by the boot program. -w This option is supposed to mount the root filesystem as read-write during boot process however it is not implemented. The ufs root filesystem is mounted read-only to avoid problems during fsck. After fsck runs, it is remounted read-write. -m smf_options This boot option is new in Solaris [TM] 10 and works in conjunction with the Solaris [TM] 10 service management facility. See kernel(1m) and smf(5) for more information on these Solaris [TM] 10 specific boot options.

Sun Proprietary & Confidential: Internal Use Only

Page 31

SSE Field Reference Guide
D. Network booting background

2.0 Open Boot Prom (OBP)

The boot command syntax for specifying the two methods of network booting are: boot net:rarp boot net:dhcp Effective with Solaris 9 (12/03 release) a wide area network boot option is now available. This option introduces a new command line syntax and new option flags. E. Network boot syntax ok> boot cdrom|net - install [[url|ask]] [[dhcp]] [[nowin]] Below is a list of the most commonly used network boot command flags along with a brief explanation. Each command must be entered at the system "OK" prompt level. Note: This is NOT intended to be a complete listing of all the boot argument options. ask Specifies that the installation program prompt you to type the location of the compressed configuration file after the system boots and connects to the network. dhcp Specifies to use a DHCP server to obtain network installation information that is needed to boot the system. If you do not specify to use a DHCP server, the system uses the /etc/bootparams file or the name service bootparams database. nowin Specifies not to begin the X program. You do not need to use the X program to perform a custom JumpStart installation, so you can reduce the installation time by using the nowin option. "noauto" and "noautons" Will not automatically retrieve the system identification information from the network or configure the nameservice information. This is useful for performing interactive installations when you want to be prompted for the system identification information. For example: ok> boot cdrom – noauto Will not take the system identification information from the network. OR ok> boot cdrom – noautons Will skip only the name service configuration information. Note: The "noauto" and "noautons" options are unsupported and may not work for every release of Solaris 8 or above. F. Example syntax for custom JumpStart [TM] boot commands Local hard disk: file://jumpstart_dir_path/compressed_config_file ok> boot cdrom - install file://jumpstart_dir_path/compressed_config_file NFS server: nfs://IP_address/jumpstart_dir_path/compressed_config_file ok> boot net - install http://131.141.2.32/jumpstart/config.tar HTTP server: http://IP_address/jumpstart_dir_path/compressed_config_file&proxy_info ok> boot net - install nfs://server_name/jumpstart_dir_path/compressed_config_file Note: If you saved the compressed configuration file on an HTTP server that is behind a firewall, you must use a proxy specifier during boot. You do not need to specify an IP address for the server that contains the file. You must specify an IP address for the proxy server, as in the following example: ok> boot net - install http://www.shadow.com/jumpstart/config.tar&proxy=131.141.6.151

Sun Proprietary & Confidential: Internal Use Only

Page 32

SSE Field Reference Guide

3.0 Solaris OS

3.0 Solaris OS
3.1. Installation/Configuration
3.1.1. Jumpstart
3.1.1.1 Creating a Jumpstart Server If the install server will be on the same net as the client machines, do the following: # cd /cdrom/sol_9_1203_sparc/s0/Solaris_9/Tools # setup_install_server /export/install # add_to_install_server /export/install 3.1.1.2 Creating a Boot Server If the install server is on a different subnet, set up a boot server. This will copy required kernel architecture information from the Solaris CD image to the boot server's local disk. You must have a name service so that you can setup automatic system configuration such as geographic region, time zone, netmask value. # cd /cdrom/sol_9_1203_sparc/s0/Solaris_9/Tools # setup_install_server -b /export/install # add_to_install_server -b /export/install 3.1.1.3 Configuring the Jumpstart Server Adding clients: 1. Edit /etc/hosts (or the nis host map) - add jumpstart client ip addresses 2. Edit /etc/ethers (or the nis ethers map) - add jumpstart client ethernet addresses 3. Add the clients: # cd /export/install # add_install_client <client> sun4u Removing clients: # rm_install_client <machine-name> 3.1.1.4 Creating Profiles Profiles are used to identify the characteristices needed to be passed to sysidconfig. Below is an example of a profile: install_type initial_install system_type standalone partitioning default cluster SUNWCuser cluster SUNWCxgl delete package SUNWaudmo add filesys any 40 swap filesys any 50 /opt 3.1.1.5 Creating Rules # cd /export/jumpstart # vi rules # ./check (this creates the rules.ok file) 3.1.1.6 . Jumpstarting the Client # init 0 ok> boot net – install Sun Proprietary & Confidential: Internal Use Only Page 33

SSE Field Reference Guide

3.0 Solaris OS

3.1.2. Flash Archive
3.1.2.1. Model System Setup On the "model" system, create the archive: # flarcreate -n <archive-name> -c <file-system>/<file-name> # share -F nfs <file-system> # dfshares Note: run dfshares to see if the file system is shared.. If not shared, edit /etc/dfs/dfstab, enter the share statement and run: # /etc/init.d/nfs.server start Example: # flarcreate -n u60_03-04-2004 -c /export/home/flash/u60.flar # share -F nfs /export/home/flash # dfshares RESOURCE cardassia:/export/home/flash 3.1.2.2.Target System Setup On the target system, start the installation procedure: ok> boot cdrom - install - select install from flash archive (either http or ftp) SERVER cardassia ACCESS TRANSPORT -

3.1.3. WANBoot
Task 1 - Creating the Flash Archive: Perform the following steps: 1. Create the directory for the flash archive under what will be he web server's documents directory. # mkdir -p /var/apache/htdocs/flashdir 2. Create the flash archive # flarcreate -n <archive_name> -a <archive_author> /var/apache/htdocs/flashdir/solaris.flar Task 2 - Configuring the Apache Webserver Perform the following steps to configure and start the Apache web server: 1. Update the Apache webserver's primary configuration file. Set the Servername option to the correct name for your environment. # vi /etc/apache/httpd.conf Edit the line that reads: #Servername new.host.name Remove the pound sign (#) and change it to the correct server name for your environment: Servername WANBootserv

Sun Proprietary & Confidential: Internal Use Only

Page 34

SSE Field Reference Guide

3.0 Solaris OS

2. Start the webserver # /usr/apache/bin/apachectl start NOTE: WanBoot support started in Solaris 9 12/03. If using Solaris 9 4/04, the WanBoot client must have 256mb memory or higher. If you are using Solaris 10 WanBoot, WanBoot client must have 512mb memory or higher. This is because Wanboot actually loads a "miniroot" to memory, and Solaris 10 miniroot is much larger than Solaris 9. Task 3 - Configuring the WANBoot and JumpStart files Perform the following steps to configure the WANBoot and Jumpstart server files. 1. Insert the Solaris[TM] 10 Software CD-ROM in the CD-ROM drive. 2. Create the Jumpstart configuration directory under the webserver's documents directory. # mkdir /var/apache/htdocs/config 3. Change to the jumpstart sample directory on the CD-ROM # cd /cdrom/cdrom0/s0/Solaris_10/Misc/jumpstart_sample 4. Copy the directory contents to the /var/apache/htdocs/config directory. # cp -r * /var/apache/htdocs/config 5. Copy the wanboot binary to a directory under the webserver's documents directory. # cp /cdrom/cdrom0/s0/Solaris_10/Tools/Boot/platform/sun4u/wanboot \ /var/apache/htdocs/wanboot 6. Copy the WAN Boot CGI programs to the webserver's cgi-bin directory. # cp /usr/lib/inet/wanboot/*-cgi /var/apache/cgi-bin 7. Edit the configuration file specifying the clients sysidcfg file and custom jumpstart files. # mkdir /etc/netboot # vi /etc/netboot/system.conf Insert the following two lines. Use the correct server name for your environment. SsysidCF=http://WANBootserv/config SjumpsCF=http://WANBootserv/config 8. Copy and edit the configuration file containing the WANBoot specific parameters. # cp /etc/inet/wanboot.conf.sample /etc/netboot/wanboot.conf # vi /etc/netboot/wanboot.conf Edit the file to contain following lines. Use the correct server name for your environment. bootfile=/wanboot10/wanboot root-file=/wanboot10/wpath/miniroot encryption_type= signature_type= server_authentication=no client_authentication=no Sun Proprietary & Confidential: Internal Use Only Page 35

SSE Field Reference Guide
resolve_hosts= root_server= bootlogger=http://WANBootserv/cgi-bin/bootlog-cgi system_conf=system.conf 9. Create the miniroot filesytem under the webserver's documents directory. # /cdrom/cdrom0/s0/Solaris_10/Tools/setup_install_server -w \ /var/apache/htdocs/wanboot10/wpath /var/apache/htdocs/wanboot10/ipath #cp /var/apache/htdocs/wanboot10/wpath/miniroot /var/apache/htdocs/wanboot10/miniroot 10. Check the integrity of the wanboot.conf file. # /usr/sbin/bootconfchk /etc/netboot/wanboot.conf 11. Edit the jumpstart configuration files. # cd /var/apache/htdocs/config a. Edit the sysidcfg file # vi /var/apache/htdocs/config/sysidcfg Edit the file to contain following lines. Use the correct server name for your environment. network_interface=eri1 { primary hostname=WANBootclient1 ip_address=a.b.c.d netmask=255.255.255.0 default_route=none protocol_ipv6=no } timezone=US/Central system_locale=C terminal=dtterm timeserver=localhost name_service=none security_policy=none

3.0 Solaris OS

NOTE: Please use this same order. We found some oddities if we changed the order, errors like: Invalid entry on line x. b. Edit the profile file # vi /var/apache/htdocs/config/profile Edit the file to contain following lines. install_type flash_install archive_location partitioning explicit filesys c0t0d0s1 512 swap filesys c0t0d0s0 free / c. Edit the rules file # cd /var/apache/htdocs # vi rules

Sun Proprietary & Confidential: Internal Use Only

Page 36

SSE Field Reference Guide
Run a check on the rules file # ./check Edit the file to contain following line: Hostname WANBootclient1 - profile Task 4 - Configure the WAN Boot Client

3.0 Solaris OS

Perform the following steps on the WAN boot client to boot and install the client. (Verify your eeprom version, if it is at version 4.17 proceed to steps 1 and 2, else proceed with step 2a) NOTE: As of this edit, not all system proms have a patch to upgrade the system prom to 4.17. Until the 4.17 prom is available for your system, you can only utilize Wanboot via cdrom. NOTE: Systems supported for Wanboot (as of 05/2005): . SunBlade 100/150 . SunBlade 1000/2000 . SunFire 280R . Netra 20 . SunFire 880 . SunFire V890 . SunFire V480 . SunFire V490 . SunFire V440 . Netra 440 . SunBlade 2500 . SunBlade 1500 . SunFire V210/V240 . Netra 240 . SunFire V250 . Sun_Fire_B1600 . Sun Java W2500s . Sun Java W1500s . SunFire 15K 1. Set network boot argument variables for WANBootclient1 at the ok prompt. ok> setenv network-boot-arguments host-ip=a.b.c.d, router-ip=a.b.c.1, subnet-mask=255.255.255.0,hostname=WANBootclient1,file= cgi-bin/wanboot-cgi 2. Boot the client. ok> boot net install 2a. If firmware is below 4.17, then Install a Solaris 10 CD into the client and run wanboot. ok> boot cdrom -o prompt -F wanboot - install Resetting ... Sun Blade 100 (UltraSPARC-IIe), No Keyboard Copyright 1998-2003 Sun Microsystems, Inc. All rights reserved. OpenBoot 4.10.1, 256 MB memory installed, Serial #50645368. [pt pt-10usb #1] Ethernet address 0:3:ba:4:c9:78, Host ID: 8304c978. Rebooting with command: boot cdrom -o prompt -F wanboot - install Boot device: /pci@1f,0/ide@d/cdrom@1,0:f File and args: -o prompt -F wanboot - install

Sun Proprietary & Confidential: Internal Use Only

Page 37

SSE Field Reference Guide
<time unavailable> wanboot info: WAN boot messages->console <time unavailable> wanboot info: Default net-config-strategy: manual 3. Follow prompts to set the environment: boot> prompt host-ip? Client_IP subnet-mask? 255.255.255.0 router-ip? router_IP hostname? Name-of-host http-proxy? client-id? aes? 3des? sha1? bootserver? http://Bootserver_IP/cgi-bin/wanboot-cgi Unknown variable '/Bootserver_IP/cgi-bin/wanboot-cgi'; ignored (ignore this) boot> boot> list host-ip: Client_IP subnet-mask: 255.255.255.0 router-ip: UNSET hostname: datacomms http-proxy: UNSET client-id: UNSET aes: *HIDDEN* 3des: *HIDDEN* sha1: *HIDDEN* bootserver: http://Bootserver_IP/cgi-bin/wanboot-cgi boot> go <time unavailable> wanboot progress: wanbootfs: Read 128 of 128 kB (100%) <time unavailable> wanboot info: wanbootfs: Download complete Mon Aug 23 19:45:25 wanboot info: WAN boot messages->129.148.192.83:80 SunOS Release 5.10 Version s10_58 64-bit Copyright 1983-2004 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Configuring devices... ---- Cut short for brevity ----Trouble-shooting tips/log files:

3.0 Solaris OS

If the Wanboot fails to boot/install and it drops you to a shell prompt, you can run the installation in debug mode to aquire more information on the failure. Run the following after it fails and drops you to a shell prompt: # pfinstall -x 10 /tmp/install_config/<profile name> Where <profile name> is the name of your jumpstart profile. Log files to check: /var/apache/logs/access_log /var/apache/logs/error_log

Sun Proprietary & Confidential: Internal Use Only

Page 38

SSE Field Reference Guide

3.0 Solaris OS

3.1.4. Live Upgrade
SECTION A - Overview Disk Space Requirements Typically, each boot environment requires a minimum of 350 to 800 Mbytes of disk space, depending on your system software configuration. Utilities that are used by the Solaris Live Upgrade user interface determine your resource requirements. To estimate the file system size that is needed to create a boot environment, start the creation of a new boot environment. The size is calculated and you can then abort the process. You can create a boot environment only on a disk that can serve as a boot device. Some systems restrict which disks can serve as a boot device. Refer to your system's documentation to determine if any boot restrictions apply. Guidelines for selecting a slice for the root (/) file system Must be a slice from which the system can boot. Must meet the recommended minimum size. Cannot be a Veritas VxVM volume or a Solstice DiskSuite(TM) metadevice. Can be on different physical disks or the same disk as the active root file system. Guidelines for Selecting a Slice for a /swap File System The swap slice cannot be in use by any boot environment except the current boot environment or if the -s option is used, the source boot environment. The boot environment creation fails if the swap slice is being used by any other boot environment whether the slice contains a swap, ufs, or any other file system. Guidelines for Terminal Type Using Live Upgrade From a Remote System When viewing the character interface remotely, such as over a tip line, you might need to set the TERM environment variable to VT220. Also, when using CDE , set the value of the TERM variable to dtterm, rather than xterm. Required Packages Check your current operating environment for the packages in the following table, which are required to use Solaris Live Upgrade. If packages in the column for your release are missing, use the pkgadd command to add these. Solaris 2.6 Release SUNWadmap SUNWadmfw SUNWadmc SUNWmfrun SUNWlocSUNWlibC Solaris 7 Release SUNWadmap SUNWlibC SUNWadmc Solaris 8 Release SUNWadmap SUNWbzip SUNWadmc

Upgrades of Root Mirrors and Metadevices If you are using Solaris Live Upgrade on a system that has a Solstice DiskSuite metadevice or Veritas vxvm volume, the source boot environment can be a metadevice or volume, but the target boot environment cannot be a metadevice or volume. The inactive boot environment must be a regular slice. Please see Section K for issues with Veritas. SECTION B – Source System In my examples, I will be upgrading Solaris 8 7/01 (U5) to Solaris 8 10/01 (u6). in my examples, the hostname is modern3, and my path to my image is /part1/sol8.10.01). NOTE: These steps should be done on the “source” system: # mkdir /imagedirname Insert Solaris 8 10/01 cd 1 of 2

Sun Proprietary & Confidential: Internal Use Only

Page 39

SSE Field Reference Guide
# cd /cdrom/sol_8_1001_sparc/s0/Solaris_8/Tools # ./setup_install_server /Yourimagedirname Once this is complete, eject Solaris 8 10/01 cd 1 of 2, and insert Solaris 8 10/01 cd 2 of 2 # cd /cdrom/sol_8_1001_sparc_2/Solaris_8/Tools # ./add_to_install_server /Yourimagedirname Once this is complete, edit the /etc/dfs/dfstab and share out your newly created image: # vi /etc/dfs/dfstab share -F nfs -o ro,anon=0 /Yourimagedirname (save the file) # shareall

3.0 Solaris OS

Apply required patches. Please check SunSolve infodoc 72099 for patches to be installed on the system to be upgraded. If you do not, the Live Upgrade packages may not install, and you may also have problems completing the Live Upgrade. SECTION C – Target System NOTE: The next steps should be done on the system to be upgraded. You are installing the Live Upgrade packages. Insert Solaris 8 10/01 cd 2 of 2 # pkgadd -d /cdrom/sol_8_1001_sparc_2/Solaris_8/EA/products/Live_Upgrade_2.0/sparc/Packages SUNWlur SUNWluu NOTE: The Live Upgrade packages reside in a different directory starting with Solaris 8 2/02. This path also holds true in the Solaris 9 OS. The path is Solaris 8 2/02 cd 2 of 2: # pkgadd -d /cdrom/cdrom0/Solaris_8/Product SUNWlur SUNWluu Solaris 9 cd 2 of 2: # pkgadd -d /cdrom/cdrom0/Solaris_9/Product SUNWlur SUNWluu NOTE: At this point, you must choose one of the following sections to determine the type of partitioning you will use: Section D - Creating an ABE, flat file system to flat file system Section E - Creating an ABE, flat file system to multi partitioned file system Section F - Creating an ABE, multi partitions merged into one. SECTION D - Creating an Alternate Boot Environment (ABE), flat file system to flat file system: NOTE: You can also use this procedure if you have multi partitions and would like your new drive (ABE) to look the same. You would just need to define every partition individually in your lucreate command. Example command syntax for lucreate when you have multiple partitions. This example uses /, swap, /usr and /var: # lucreate -c be.orig -m /:/dev/dsk/c0t2d0s0:ufs -m -:/dev/dsk/c0t2d0s1:swap -m /usr:/dev/dsk/c0t2d0s3:ufs -m /var:/dev/dsk/c0t2d0s4:ufs -n be.new NOTE: If you want a swap partition on your Alternate Boot Environment, you must also create a swap slice on the new ABE. Add -m -:/dev/dsk/c0t2d0s1:swap to your lucreate syntax.

Sun Proprietary & Confidential: Internal Use Only

Page 40

SSE Field Reference Guide

3.0 Solaris OS

NOTE: Whatever is in your Primary Boot Environment (PBE's) /etc/vfstab, and is "NOT" defined in the lucreate command, will still be mounted or used when you boot off your Alternate Boot Environment (ABE). Example: Original /etc/vfstab on my Primary Boot Environment (PBE): # more /etc/vfstab #device device mount #to mount to fsck point # #/dev/dsk/c1d0s2 /dev/rdsk/c1d0s2 /usr fd /dev/fd fd no /proc /proc proc no /dev/dsk/c0t0d0s1 swap /dev/dsk/c0t0d0s0 /dev/rdsk/c0t0d0s0 #/dev/dsk/c0t0d0s3 /dev/rdsk/c0t0d0s3 /dev/dsk/c0t0d0s5 /dev/rdsk/c0t0d0s5 /dev/dsk/c0t0d0s6 /dev/rdsk/c0t0d0s6 swap /tmp tmpfs yes FS type ufs / /export /part1 /part2 fsck pass 1 no ufs ufs ufs ufs mount mount at boot options yes 1 2 2 2 -

no yes yes yes

-

New /etc/vfstab on our Alternate Boot Environment (ABE) after running: # lucreate -c be.orig -m /:/dev/dsk/c0t2d0s0:ufs -n be.new # more vfstab /dev/dsk/c0t0d0s1 /dev/dsk/c0t2d0s0 /dev/dsk/c0t0d0s5 /dev/dsk/c0t0d0s6 #device device mount FS #to mount to fsck point # fd /dev/fd /proc /proc swap /tmp swap 1 /dev/rdsk/c0t2d0s0 / /dev/rdsk/c0t0d0s5 /part1 /dev/rdsk/c0t0d0s6 /part2 fsck mount mount type pass at boot options fd proc tmpfs no no yes no ufs ufs ufs 1 2 2

no yes yes

-

As you can see, the Alternate Boot Environment (ABE) is using partitions swap, /part1 and /part2 from the Primary Boot Environment (PBE) If you do not want partitions shared between the PBE and the ABE, comment them out of the PBE's /etc/vfstab prior to running your lucreate command. **IMPORTANT** You alternate drive (ABE) must be partitioned properly before you run the lucreate command. In my example, you are copying your root drive (which is a flat file system) to c0t2d0s0. Your c0t2d0s0 drive must be partitioned with s0 being large enough to accommodate the copy. In later examples when you are going from a flat file system to a multi partitioned file system, the ABE must be formatted/partitioned with the appropriate slices and sizes defined. # lucreate -c be.orig -m /:/dev/dsk/c0t2d0s0:ufs -n be.new Please wait while your system configuration is determined. No name for Current BE. Current BE is named <be.orig>. Creating initial configuration for primary BE <be.orig>. PBE configuration successful: PBE name <be.orig> PBE Boot Device </dev/dsk/c0t0d0s0>. Determining what file systems should be in the new BE. Searching /dev for possible BE filesystem devices

Sun Proprietary & Confidential: Internal Use Only

Page 41

SSE Field Reference Guide
Please wait while the configuration files are updated. Please wait. Configuration validation in progress...

3.0 Solaris OS

Beginning process of creating Boot Environment <be.new>. No more user interaction is required until this process is complete. Setting BE <be.new> state to Not Complete. Creating file systems on BE <be.new>. Creating <ufs> file system on </dev/dsk/c0t2d0s0>. /dev/rdsk/c0t2d0s0: 4195296 sectors in 4162 cylinders of 16 tracks, 63 sectors 2048.5MB in 66 cyl groups (64 c/g, 31.50MB/g, 5312 i/g) super-block backups (for fsck -F ufs -o b=#) at: 32, 64608, 129184, 193760, 258336, 322912, 387488, 452064, 516640, 581216, 645792, 710368, 774944, 839520, 904096, 968672, 1032224, 1096800, 1161376, 1225952, 1290528, 1355104, 1419680, 1484256, 1548832, 1613408, 1677984, Mounting file systems for BE <be.new>. Calculating required sizes of file systems for BE <be.new>. Populating file systems on BE <be.new>. Copying file system contents to BE <be.new>. INFORMATION: Setting asynchronous flag on ABE <be.new> mount point </.alt.19493/> file system type <ufs>. Copying of file system / directory </> is in progress... Copying of file system / directory </> completed successfully. Creating compare database for file system </>. Updating compare database on other BEs. Updating compare database on BE <be.new>. Compare databases updated on all BEs. Making Boot Environment <be.new> bootable. Making the ABE bootable. Updating ABE's /etc/vfstab file. The update of the vfstab file on the ABE succeeded. Updating ABE's /etc/mnttab file. The update of the mnttab file on the ABE succeeded. Updating ABE's /etc/dumpadm.conf file. The update of the dumpadm.conf file on the ABE succeeded. Updating partition ID tag on boot environment <be.new> device </dev/rdsk/c0t2d0s2> to be root slice. Updating boot loader for <SUNW,Sun-Blade-100> on boot environment <be.new> device </dev/dsk/c0t2d0s0> to match OS release. Making the ABE <be.new> bootable succeeded. Setting BE <be.new> state to Complete. Creation of Boot Environment <be.new> successful. Creation of Boot Environment <be.new> successful. # SECTION E - Creating an ABE, flat file system to multi partitioned file system: Started with only /, breaking that out on my new drive to have separate /, /var and /usr # lucreate -c be.orig -m /:/dev/dsk/c0t2d0s0:ufs -m /var:/dev/dsk/c0t2d0s3:ufs \ -m /usr:/dev/dsk/c0t2d0s4:ufs -n be.new SECTION F - Creating an ABE, Multi partitions merged into one. I started with / and /export. The following will merge /export into /. You can merge more than 1 partition into root, just use more -m /partition_to_merge:merged:ufs switches. Sun Proprietary & Confidential: Internal Use Only Page 42

SSE Field Reference Guide
# lucreate -m /:/dev/dsk/c0t2d0s0:ufs -m /export:merged:ufs -n be.new SECTION G - Upgrading your newly created ABE from a shared image on the network: # luupgrade -u -n be.new -s /net/modern3/part1/sol8.10.01

3.0 Solaris OS

Validating the contents of the media </net/modern3/part1/sol8.10.01>. The media is a standard Solaris media. Themedia contains an operating system upgrade image. The media contains <Solaris> version <8>. The media contains patches for the product. Locating upgrade profile template to use. Locating the operating system upgrade program. Checking for existence of previously scheduled Live Upgrade requests. Creating upgrade profile for BE <be.new>. Updating ABE's /etc/vfstab file. The update of the vfstab file on the ABE succeeded. Determining packages to install or upgrade for BE <be.new>. Performing the operating system upgrade of the BE <be.new>. CAUTION: Interrupting this process may leave the boot environment unstable or unbootable. The operating system upgrade completed. Adding operating system patches to the BE <be.new>. The operating system patch installation completed. INFORMATION: </var/sadm/system/logs/upgrade_log> contains a log of the upgrade operation. INFORMATION: </var/sadm/system/data/upgrade_cleanup> contains a log of cleanup operations required. INFORMATION: Please review the above listed files on BE <be.new> to determine if any additional cleanup work is required, or installers on additional volumes of the media being upgraded to need to be run, before activating the BE. The Live Upgrade of the BE <be.new> is completed. # SECTION H - Upgrading your newly created ABE from a cdrom drive. NOTE: If upgrading to Solaris 8 2/02 or higher, please see Section H1 below. Insert Solaris 8 10/01 cd 1 of 2 into your cdrom drive, then run: # luupgrade -u -n be.new -s /cdrom/cdrom0/s0 Eject Solaris 8 10/01 cd 1 of 2. # eject -f cd Insert Solaris 8 10/01 cd 2 of 2 into your cdrom drive, then run: # luupgrade -i -n be.new -s /cdrom/cdrom0 Validating the contents of the media </cdrom/cdrom0>. The media is a standard Solaris media. The media contains a standard Solaris installer. The media contains <Solaris_2_of_2> version <8>. Mounting BE <be.new>. Running installer on BE <be.new>. Installing Solaris 8 Software 2 |-1%---------25%------------50%------------75%----------100%|

Sun Proprietary & Confidential: Internal Use Only

Page 43

SSE Field Reference Guide

3.0 Solaris OS

Installation details: 1. 2. Product Solaris 8 Software 2 Done Result Installed More Info Available

Enter the number corresponding to the desired selection for more information, or enter 2 to continue [2]: End of Solaris 8 Software 2 installation. <Press ENTER to continue> Unmounting BE <be.new>. The installer run on BE <be.new> completed. # SECTION H1- Upgrading your newly created ABE from a cdrom drive, Solaris 8 2/02, Solaris 9, 10: NOTE: Starting with Solaris 8 2/02 and above, installing cd 2 of 2 will install not only the packages required to complete the upgrade it will also install the new LU packages from that specific revision of the operating system. Insert Solaris 8 2/02 cd 1 of 2 into your cdrom drive, then run: # luupgrade -u -n be.new -s /cdrom/cdrom0/s0 Eject Solaris 8 2/02 cd 1 of 2. # eject -f cd Insert Solaris 8 2/02 cd 2 of 2 into your cdrom drive, then run: # luupgrade -i -n be.new -s /cdrom/cdrom0 Validating the contents of the media </cdrom/cdrom0>. The media is a standard Solaris media. The media contains a standard Solaris installer. The media contains <Solaris_2_of_2> version <8>. Mounting BE <be.new>. Running installer on BE <be.new>. Solaris Web Start will assist you in installing software for Solaris 8 Software 2. <Press ENTER to continue> SECTION I - Activating your newly updated ABE: # luactivate be.new ****************************************************************************** ** The target boot environment has been activated. It will be used when you reboot. NOTE: You must use either init or shutdown when you reboot. If you do not use one of these commands, the system will not boot using the target BE. ******************************************************************************

Sun Proprietary & Confidential: Internal Use Only

Page 44

SSE Field Reference Guide

3.0 Solaris OS

** In case of a failure while booting to the target BE, the following process needs to be followed to fallback to the currently working boot environment: 1. Enter the PROM monitor (ok prompt). # init 0 2. Change the boot device back to the original boot environment by typing: ok> setenv boot-device disk:a 3. Boot to the original boot environment by typing: ok> boot ****************************************************************************** ** Activation of boot environment <be.new> successful. NOTE: If you want to test that the create/copy worked, you can do an init 6 at this point and the system should boot off your ABE. Or you can actually do the Live-upgrade at this point. SECTION J - Booting from your ABE: After you have run the upgrade, if you would like to boot off the just upgraded Alternate Boot Environment(ABE), just type init 6. This will automatically change your boot-device at the prom level, and if need be it will also create a new disk alias. SECTION K - Veritas If you are using Solaris Live Upgrade on a system that has a Solstice DiskSuite metadevice or Veritas vxvm volume, the source boot environment can be a metadevice or volume, but the target boot environment cannot be a metadevice or volume. The inactive boot environment must be a regular slice. Problem: System Panics When Upgrading On Veritas VxVm When using Solaris Live Upgrade while upgrading and running Veritas VxVM, the system panics on reboot unless you upgrade by using the following procedure. The problem occurs if packages do not conform to Solaris advanced packaging guidelines. 1.Create an inactive boot environment (See sections B thru H). 2.Before upgrading the inactive boot environment, you must disable the existing Veritas software on the inactive boot environment. a. Mount the inactive boot environment. # lumount solaris8 /.alt.12345 b. Change to the directory that contains the vfstab # cd /.alt.12345/etc c. Make a copy of the inactive boot environment's vfstab file # cp vfstab vfstab.vxfs d. In the copied vfstab, comment out all Veritas file system entries and redirect vfstab.vxfs to vfstab. This command will leave the original copy as vfstab.vxfs.

Sun Proprietary & Confidential: Internal Use Only

Page 45

SSE Field Reference Guide

3.0 Solaris OS

# sed '/vx\/dsk/s/^/#/g' vfstab.vxfs > vfstab The first character of each line is changed to #, which makes the line a comment line. Note that this comment line is different than the system file comment lines. e. Change directories to the inactive boot environment's system file # cd /.alt.12345/etc f. Make a copy of the inactive boot environment's system file # cp system system.vxfs g. Comment out all "forceload:" entries that include drv/vx and redirect system.vxfs to system. This command will leave the original copy as system.vxfs # sed '/forceload:.*drv\/vx/s/^/*/' system.vxfs > system The first character of each line is changed to *, which makes the line a comment line. Note this is different than the vfstab file comment lines. h. Change directories to create the install-db file on the inactive boot environment: # cd /.alt.12345/etc/vx/reconfig.d/state.d i. Create the Veritas install-db file: # touch install-db j. If the original boot environment was encapsulated, remove the root-done file: # rm root-done k. Unmount the inactive boot environment. # luumount inactive_boot_environment_name 3. Upgrade the inactive boot environment 4. Activate the inactive boot environment 5. Shut down the system. # init 0 6. Boot the inactive boot environment in single-user mode ok> boot -s Several error messages containing "vxvm" or "VXVM" are displayed that can be ignored. The inactive boot environment becomes active. 7. Upgrade Veritas. a. Remove any Veritas patches from the system (see infodoc 43212).

Sun Proprietary & Confidential: Internal Use Only

Page 46

SSE Field Reference Guide

3.0 Solaris OS

b. Remove the Veritas packages from system # pkgrm VRTSvmsa VRTSvmdoc VRTSvmdev VRTSvxvm VRTSvmman VRTSvrdoc c. Change directories to the Veritas packages. # cd /location_of_Veritas_software d. Add new packages: # pkgadd -d `pwd` VRTSvmsa VRTSvmdoc VRTSvmdev VRTSvxvm VRTSvmman VRTSvrdoc e. Install any required Veritas patches in single user mode (see infodoc 43212). f. Reboot. # init 6 8. Restore the original vfstab and system files: # cp /etc/vfstab.vxfs /etc/vfstab # cp /etc/system.vxfs /etc/system Note: None of the operating system filesystems in the vfstab should be veritas volumes, as these must be re-encapsulated. 9. Remove install-db: # rm /etc/vx/reconfig.d/state.d/install-db 10. Run e-38 procedure to start vol manager: # vxiod set 10 # vxconfigd -m disable # vxdctl init # vxdctl enable 11. Reboot the system # init 6 After rebooting, the operating system filesystems can be re-encapsulated. SECTION L - Miscellaneous: Netmasks: The live upgrade scripts use the inherited umask value. If the umask value inherited is set to say 000, files created by these scripts might have write permissions when they should not. Be. Be Aware of your umask value. Logfile: /etc/lutab is a file you can read to see what be's you have created. # more /etc/lutab 1:be.orig:C:0 1:/:/dev/dsk/c0t0d0s0:1 2:be.new:C:0 2:/:/dev/dsk/c0t2d0s0:1

Sun Proprietary & Confidential: Internal Use Only

Page 47

SSE Field Reference Guide
Removing an existing BE (Boot Environment): # ludelete be.new Determining the devices to be marked free. Updating BE configuration database. Updating compare database. Updating compare database on other BEs. Updating BE configuration database on all BEs. Boot environment <be.new> deleted. Now look at /etc/lutab: # more /etc/lutab 1:be.orig:C:0 1:/:/dev/dsk/c0t0d0s

3.0 Solaris OS

Command Reference: luactivate - activate a boot environment lucancel - cancel a scheduled Live Upgrade copy/create procedure lucreate - create a new boot environment lucompare - compare boot environments lucurr - display the name of the active boot environment ludelete - delete a boot environment ludesc - display or set boot environment description lufslist - list configuration of a boot environment lumake - populate a boot environment lumount - mount all file systems in a boot environment lurename - change the name of a boot environment lustatus - display status of boot environments luumount - unmount all file systems in a boot environment luupgrade - installs, upgrades, and performs other functions on software on a boot environment

Sun Proprietary & Confidential: Internal Use Only

Page 48

SSE Field Reference Guide

3.0 Solaris OS

3.2. Patch Management
3.2.1. patchadd Error Codes (Solaris 2.6, 7, 8,9)
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 No error Usage error Attempt to apply a patch that's already been applied Effective UID is not root Attempt to save original files failed pkgadd failed Patch is obsoleted Invalid package directory Attempting to patch a package that is not installed Cannot access /usr/sbin/pkgadd (client problem) Package validation errors Error adding patch to root template Patch script terminated due to signal Symbolic link included in patch NOT USED The prepatch script had a return code other than 0. The postpatch script had a return code other than 0. Mismatch of the -d option between a previous patch install and current one. Not enough space in the file systems that are targets of the patch. $SOFTINFO/INST_RELEASE file not found A direct instance patch was required but not found The required patches have not been installed on the manager A progressive instance patch was required but not found A restricted patch is already applied to the package An incompatible patch is applied A required patch is not applied The user specified backout data can't be found The relative directory supplied can't be found A pkginfo file is corrupt or missing Bad patch ID format Dryrun failure(s) Path given for -C option is invalid Must be running Solaris 2.6 or greater Bad formatted patch file or patch file not found The appropriate kernel jumbo patch needs to be installed Later revision already installed No error Usage error Attempt to backout a patch that hasn't been applied Effective UID is not root No saved files to restore pkgrm failed Attempt to back out an obsoleted patch Attempt to restore CPIO archived files failed Invalid patch id format Prebackout script failed Postbackout script failed Suspended due to administrative defaults Backoutpatch could not locate the backout data The relative directory supplied can't be found Installpatch has been interrupted, re-invoke installpatch Page 49

3.2.2. patchrm Error Codes

Sun Proprietary & Confidential: Internal Use Only

SSE Field Reference Guide
15 This patch is required by a patch already installed, can't back it out

3.0 Solaris OS

3.2.3. patchdiag
The patchdiag tool can be obtained from the sunsolve.sun.com web site. patchdiag [ -l ] [ -s <sfile> <os_ver> <arch> [remotename] ] [ -p <pfile> <sfile> <os_ver> <arch > [remotename]] [ -x xfile ] [ -h | -? ] where: <arch> is the architecture of the system where the data was obtained. Valid settings for <arch> are: - sparc - i386 If the architecture of the system is not specified, the system assumes 'sparc'. <sfile> is a file containing showrev -p output. <pfile> is a file containing pkginfo -l output. <os_ver> is the OS version; this must be a SunOS number, not Solaris. Use "5.5", not "2.5" for "Solaris 2.5". <remotename> is remote host name if data is being used from a remote host machine. Default is local host. <xfile> is a file containing the patch cross-reference data to be used other than default "patchdiag.xref". Examples: 1. Run patchdiag on showrev -p output only: # patchdiag -s showrev-p.out 5.8 sparc 2. Run patchdiag on showrev -p and pkginfo -l output: # patchdiag -p showrev-p.out pkginfo-l.out 5.8 sparc

Sun Proprietary & Confidential: Internal Use Only

Page 50

SSE Field Reference Guide

3.0 Solaris OS

3.3. Solaris Selected Command Reference
3.3.1. cdrw
3.3.1.1 Syntax: cdrw -i [-vSCO] [-d device] [-p speed] [image-file] 3.3.1.2 Listing cd devices: # cdrw -lv Looking for CD devices... Node Connected Device Device type ---------------------+--------------------------------+----------------/dev/rdsk/c8t5d0s2 | YAMAHA CRW8824S 1.00 | CD Reader/Writer 3.3.1.3 Copying from cd to cd: # cdrw -c -d <target-drive> -s <source-drive> -v # cdrw -c -d /dev/rdsk/c1t5d0s2 -s cdrom0 -v 3.3.1.4 Copying from a directory to a cd: # mkisofs -r <dir-name> 2>/dev/null | cdrw -i -p 4 # mkisofs -r /home/rfox/tmp 2>/dev/null | cdrw -i -p 4 3.3.1.5 Copying an iso image to a cd: # cdrw -i -C -p 4 <iso-image-file-name> 3.3.1.6 Copying a compressed iso image to a cd: # gzip -dc acrobat4.iso.gz | cdrw -i -C -p 4 3.3.1.7 Creating an iso image: # mkisofs -r -o <iso-image-file-name> <path-to-files> Some common mkisofs options: -V volid (names the cd) -relaxed-filenames (allows long file names) -iso-level 3 (relaxes restrictions on file names) 3.3.1.8 Create an audio CD from wav files: % cdrw -a song1.wav song2.wav song3.wav song4.wav

3.3.2. cediag
# cediag -v cediag: Revision: 1.74 @ 2005/02/04 07:15:53 UTC cediag: info: cediag directory: /opt/SUNWcest/bin cediag: info: UltraSPARC Version: 2 (2e) cediag: info: OS Type: SunOS cediag: info: OS Version: 5.9 cediag: info: Hostname: mysys cediag: info: Memory size: 131008 (8KB pages) cediag: info: MPR PRL pages: 124 (8KB pages) cediag: info: MPR-capable OS: true cediag: info: KJP: 117171-05 cediag: info: MPR-aware kernel in-use: true cediag: info: MPR enabled: true Sun Proprietary & Confidential: Internal Use Only Page 51

SSE Field Reference Guide
cediag: info: MPR disabled in /etc/system: n/a cediag: info: MPR force mode: n/a cediag: info: MPR state: active cediag: info: Rule#3 check: true cediag: info: Rule#4 check: true cediag: info: Rule#5 check: false cediag: info: Rule#5 check via cestat: true cediag: info: Rule#6 check: false cediag: Pages Retired: 0 (0.00%) cediag: findings: 0 datapath fault message(s) found cediag: findings: 0 UE(s) found - there is no rule#3 match cediag: findings: 0 DIMMs with a failure pattern matching rule#4 cediag: findings: 0 DIMMs with a failure pattern matching rule#5 Example 3: Analysis of /var/adm/messages file

3.0 Solaris OS

# cediag -c SunOS,mysys,5.9,sparc -k 112233-11 -u 3 messages.1 messages.0 messages cediag: Revision: 1.74 @ 2005/02/04 07:15:53 UTC cediag: Analysed System: SunOS 5.9 with KUP 112233-11 (MPR active) cediag: #### CE Summary prior to reboot at Apr 16 00:40:36 ############### cediag: findings: 0 datapath fault message(s) found cediag: findings: 0 UE(s) found - there is no rule#3 match cediag: findings: 0 DIMMs with a failure pattern matching rule#4 cediag: findings: 0 DIMMs with a failure pattern matching rule#5 cediag: #### CE Summary prior to reboot at Apr 20 12:19:07 ############### cediag: findings: 0 datapath fault message(s) found cediag: findings: 0 UE(s) found - there is no rule#3 match cediag: findings: 1 DIMMs with a failure pattern matching rule#4 cediag: findings: DIMM 'SB12/P0/B0/D3 J13600' matched rule#4 failure pattern cediag: advice:HIGH: replace DIMM 'SB12/P0/B0/D3 J13600' [A]s [S]oon [A]s [P]ossible cediag: findings: 0 DIMMs with a failure pattern matching rule#5 cediag: #### CE Summary since last detected reboot ####################### cediag: #### last detected reboot at Apr 20 12:19:07 ##################### cediag: findings: 0 datapath fault message(s) found cediag: findings: 0 UE(s) found - there is no rule#3 match cediag: findings: 0 DIMMs with a failure pattern matching rule#4 cediag: findings: 0 DIMMs with a failure pattern matching rule#5 In this example, a DIMM has been recommended for replacement based on its error pattern matching rule 4 of the DIMM Replacement Policy. Rule 5 was also applied to the messages files while rule 6 was not.

Sun Proprietary & Confidential: Internal Use Only

Page 52

SSE Field Reference Guide

3.0 Solaris OS

3.3.3. cfgadm
3.3.3.1 Using cfgadm for Dynamic Reconfiguration: CPU/Memory Boards 1. Power on a cpu/memory board: # cfgadm -x poweron N0.SB2 2. Assign a cpu/memory board to a domain: # cfgadm -x assign N0.SB2 3. Run POST on the system board: # cfgadm -t N0.SB2 4. Configure a cpu/memory board into the domain: # cfgadm -o platform=diag=init -c configure N0.SB2 5. Disconnect a cpu/memory board (i.e. for replacement) # cfgadm -c disconnect N0.SB2 I/O Boards 1. Configuring an I/O Board into the domain: # cfgadm -c configure N0.IB6 2. Disconnecting an I/O Board without powering it off: # cfgadm -o nopoweroff -c disconnect N0.IB6 3. Disconnecting an I/O Board: # cfgadm -c disconnect N0.IB6 Notes: All cfgadm commands user the number "0", not the letter "O" when identifying the board, i.e. N0. 3.3.3.2 Using cfgadm in a SAN environment: Sun HBA's with leadville stack (qlc) - If the switch(SUN) is configured in SL-mode there should be no issues ,format should see the luns/drives. Make sure that the arrays have unique targets values. Use luxadm -e port to check connection status. If switch-port is configured as TL,FL,F use cfgadm to configure the array. # cfgadm -al Ap_Id c4 c4::210000e08b07da2c c4::50020f2300008f6b Type fc-fabric unknown disk Receptacle connected connected connected Occupant unconfigured unconfigured unconfigured Condition unknown unknown unknown

Notice the type (fc-fabric),Occupant status. Format will not show the luns as Occupant is still unconfigured. # cfgadm -c configure c4 Ap_Id c4 c4::210000e08b07da2c c4::50020f2300008f6b Type Receptacle fc-fabric connected unknown connected disk connected Occupant unconfigured unconfigured configured Condition unknown unknown unknown

Now notice the Occupant status. Format will see the luns now.

Sun Proprietary & Confidential: Internal Use Only

Page 53

SSE Field Reference Guide

3.0 Solaris OS

3.3.4. cpio
3.3.4.1 Copying across the network: In combination with rsh and find, can be used to copy files across the network while retaining the permissions of each file and directory. This method is effective for copying file systems from one disk to another. Note: because of the recursive property of this utility, it can not be used to copy within the same fs. # rsh oops 'cd /export/home; find . -print | cpio -o ' | cpio -idm Note: In order for this command to work, the .rhosts or the hosts.equiv must be setup accordingly. 3.3.4.2 . Copying on the same workstation: To copy files and retain permissions, while on the same workstation, use this form of the command: # find . -depth -print | cpio -pmudv <target>

3.3.5. cron
3.3.5.1 crontab -e syntax # M # I M # N H O # U O D N # T U A T # E R Y H Weekday Command #-- -- -- -- ------- -----------------0 2 * * 0 /usr/bin/ping oops minute (0-60) hour (0-23) day of the month (1-31) month (1=jan, etc.) day of the week (0=sun, 1-mon, etc.) 3.3.5.2. Restricting Access cron.allow - If /usr/lib/cron/cron.allow exists, only those users listed in the file may run cron jobs. cron.deny - If /usr/lib/cron/cron.deny exists, any user listed in the file is prohibited from running cron jobs. 3.3.5.3 Miscellaneous Notes: Full path name - when specifying a command or script to be executed, use the full path name, e.g /usr/bin/mailx. In the case of scripts this is imperative. cron does not use the PATH variable to locate commands/scripts. Field Delimiters - for all fields, use a space to separate each one, e.g. 0 0 * * 1-5

3.3.6. dd
Used to copy block by block from 1 device to another. # dd if=/dev/dsk/c0t0d0s0 of=/dev/dsk/c1t0d0s0 bs=4096k

Sun Proprietary & Confidential: Internal Use Only

Page 54

SSE Field Reference Guide

3.0 Solaris OS

3.3.7. dumpadm
Syntax: # dumpadm [-nuy] [-c content-type] [-d dump-device] [-m mink | minm | min%] [-s savecore-dir] [-r root-dir] To list dump device(s); # dumpadm oops:/home/rfox:>dumpadm Dump content: kernel pages Dump device: /dev/dsk/c3t0d0s3 (swap) Savecore directory: /var/crash/oops Savecore enabled: yes By default, the dump device is configured to be an appropriate swap partition. To reconfigure the dump device to a dedicated dump device: # dumpadm -d /dev/dsk/c0t2d0s2 Dump content: Dump device: Savecore directory: Savecore enabled: kernel pages /dev/dsk/c0t2d0s2 (dedicated) /var/crash/saturn yes

3.3.8. eeprom
Purpose: Used to display or set selected obp parameters. Syntax: /usr/platform/platform-name/sbin/eeprom [-] [-f device] [parameter [=value]] Listing current values: oops:/home/rfox:>eeprom scsi-initiator-id=7 diag-level=min powerfail-time=1044120761 #power-cycles=7 fcode-debug?=false output-device=screen input-device=keyboard boot-command=boot auto-boot?=true watchdog-reboot?=true diag-file: data not available. diag-device=diskisp:a boot-file: data not available. boot-device=diskisp:a /sbus@2,0/SUNW,socal@d,10000/sf@0,0/ssd@w21000020376c1023,0:a local-mac-address?=false use-nvramrc?=false nvramrc=devalias vx-rootmir /sbus@6,0/SUNW,socal@d,10000/sf@0,0/ssd@w22000020376c03ff,0:a security-mode=none diag-switch?=false ---------- cut short for brevity --------Setting a value: oops:/home/rfox:>eeprom auto-boot?=true

Sun Proprietary & Confidential: Internal Use Only

Page 55

SSE Field Reference Guide

3.0 Solaris OS

3.3.9. explorer
3.3.9.1 How to ftp explorer files to Sun: 1) setup /.netrc (permissions of 600): # .netrc machine login password created by rfox on 02/02/2003 supportfiles.sun.com anonymous rfox@sun.com

2) Run explorer manually or via cron: a) manually oops:> su # cd /opt/SUNWexplo/bin # ./explorer -transport ftp://supportfiles.sun.com/explorer b) via cron (every sunday at 2:00 am) 0 2 * * 0 /opt/SUNWexplo/bin/explorer -transport ftp://supportfiles.sun.com/explorer 3.3.9.2 Location of “default values” file: /etc/opt/SUNWexplo/default/explorer 3.3.9.3 Resetting the defaults file: # cd /opt/SUNWexplo/bin # ./explorer -g Answer questions accordingly... 3.3.9.4 Running selected modules: # cd /opt/SUNWexplo/bin # ./explorer -w <module1, module2, ...moduleN> Examples: SAN Switches: # ./explorer -w sanextended Serengeti Controllers: # ./explorer -w scextended T3 Disk Arrays: # ./explorer -w t3extended 3.3.9.5 Gathering Installation Information: # cd /opt/SUNWexplo/bin # ./explorer -i Answer questions accordingly...

Sun Proprietary & Confidential: Internal Use Only

Page 56

SSE Field Reference Guide

3.0 Solaris OS

3.3.10. find
3.3.10.1. Find ufs files only, no nfs mounted fs's: # find / -name <files> ! -local -prune -print Note: Because the default /etc/dfs/fstypes only contains "nfs" this is functionally equivilant to: # find / -fstype nfs -prune -o -print 3.3.10.2. Find & Remove files: # find . -name *.msf -exec rm {} \; 3.3.10.3 Recursive grep # /usr/bin/find . -exec /usr/bin/grep PATTERN {} /dev/null \;

3.3.11. fmthard
# prtvtoc -h /dev/rdsk/c0t0d0s0 >/tmp/vtoc # fmthard -s /tmp/vtoc /dev/rdsk/c1t0d0s0

3.3.12. fsck
Syntax: fsck [-F FSType] [-n | N | y | Y] [-V] [-o FSType-specific-options] [special...] Note: unmount the file system before running fsck!!! Using an alternate superblock (assumes superblock=32): # fsck -o b=32 /dev/rdsk/c0t0d0s7 Note: to determine other superblocks, run: # newfs -Nv /dev/dsk/c0t0d0s7 Checking if fs is okay to mount: # fsck -m /dev/rdsk/c0t0d0s7 ufs fsck: sanity check: /dev/rdsk/c0t0d0s7 okay

3.3.13. installboot
Installs the boot block onto a disk to make it bootable. # installboot /usr/platform/`uname -i`/lib/fs/ufs/bootblk /dev/rdsk/c0t0d0s0

Sun Proprietary & Confidential: Internal Use Only

Page 57

SSE Field Reference Guide

3.0 Solaris OS

3.3.14. kbd
3.3.14.1 Syntax kbd [-r] [-t ] [-a enable | disable | alternate ] [-c on | off ] [-d keyboard device ] 3.3.14.2 Disabling Stop-A To toggle stop-A: # kbd -a enable # kbd -a disable 3.3.14.3 Alternate Break Sequence (for serial line connections only): By default, the Alternate Break sequence is three characters, carriage return, tilde and control-B ([CR] ~ [CTRL]B), but may be changed by the driver. Permanent Setting # vi /etc/default/kbd KEYBOARD_ABORT=alternate (uncomment this line) # kbd -i On the Fly: # kbd -a alternate

3.3.15. modinfo
Purpose: Used to display information about loaded kernel modules. Syntax: # /usr/sbin/modinfo [-c] [-w] [-i module-id] Common usage: 1. Determine whether module is loaded: # modinfo -c Id Loadcnt Module Name State 0 1 unix LOADED/INSTALLED 1 1 krtld LOADED/INSTALLED 2 1 genunix LOADED/INSTALLED 3 1 platmod LOADED/INSTALLED 4 1 SUNW,UltraSPARC-IIe LOADED/INSTALLED 5 0 cl_bootstrap UNLOADED/UNINSTALLED 6 1 specfs LOADED/INSTALLED 7 0 dtrace UNLOADED/UNINSTALLED 8 1 devfs LOADED/INSTALLED 9 1 swapgeneric UNLOADED/UNINSTALLED 10 1 TS LOADED/INSTALLED --------- cut for brevity ----------------------2. List modules: # modinfo -w Id Loadaddr 0 1000000 1 10704c8 Size Info Rev Module Name b9f58 0 unix () 1d202 0 krtld () Page 58

Sun Proprietary & Confidential: Internal Use Only

SSE Field Reference Guide
2 3 4 6 8 10 11 12 13 14

3.0 Solaris OS

10889e8 195228 0 genunix () 11cd178 298 0 platmod () 11cd400 e000 0 SUNW,UltraSPARC-IIe () 11dc000 4780 1 1 specfs (filesystem for specfs) 11e0598 3ed8 16 1 devfs (devices filesystem 1.13) 11e5598 3880 1 1 TS (time sharing sched class) 11e86b8 8dc 1 TS_DPTBL (Time sharing dispatch table) 11e8748 34da8 2 1 ufs (filesystem for ufs) 121acd0 21c 1 fssnap_if (File System Snapshot Interface) 121ae48 1be8 1 1 rootnex (sun4u root nexus 1.9) ---------- cut for brevity ----------------------

modload - load a module: # modload -p drv/foo modunload – unload a module: # modload -i module_id

3.3.16. mount
3.3.16.1. Remounting a Read-only File System # mount -o remount,rw /dev/dsk/c0t0d0s0 3.3.16.2 How to mount an ISO image: # lofiadm -a /<path-to-iso-file-image> Note: lofiadm will return the device name: /dev/lofi/1 Mount the iso image/device name just returned to your favorite mount point. # mount -F hsfs -o ro /dev/lofi/1 /mnt Afterward, unmount the device and delete the iso device # umount /mnt # lofiadm -d /dev/lofi 3.3.16.3 Mount a PC File System # mount -f pcfs /dev/dsk/c0d0p1 /export/dos 3.3.16.4 Mount a Global File System (SunCluster) # mount -g /dev/vx/dsk/nfsdg/nfs1 /global/nfs

Sun Proprietary & Confidential: Internal Use Only

Page 59

SSE Field Reference Guide

3.0 Solaris OS

3.3.17. “p” commands
pkill This command kill a process. For example, pkill netscape kills the process named netscape. plimit This command displays and sets the per-process limits on a running process. This is handy if a long-running process is running up against a limit (for example, number of open files). Rather than using limit and restarting the command, plimit can modify the running process. pgrep searches through /proc for processes matching the given criteria, and returns their process-ids. A great option is “-n”, which returns the newest process that matches. preap (Solaris >= 9): Reaps zombie processes. Any processes stuck in the “z” state (as shown by ps), can be removed from the system with this command. pargs (Solaris >= 9): Shows the arguments and environment variables of a process. prstat : prstat is top and a lot more. Both commands provide a screen’s worth of process and other information and update it frequently, for a nice window on system performance. prstat has much better accuracy than top. It also has some nice options. “-a” shows process and user information concurrently (sorted by CPU hog, by default). “-c” causes it to act like vmstat (new reports printed below old ones). “-C” shows processes in a processor set. “-j” shows processes in a “project”. “-L” shows per-thread information as well as per-process. “-m” and “-v” shows per-process performance detail (including pages, traps, lock wait, and CPU wait). The output data can also be sorted by resident-set (real memory) size, virtual memory size, execute time, and so on. (thanks to Peter Baer Galvin (http://www.petergalvin.org) for this section.

3.3.18. psradm
The following example sets processors 2 and 3 off-line. # psradm -f 2 3 The following example sets processors 1 and 2 no-intr. # psradm -i 1 2 The following example sets all processors on-line. # psradm -a -n

3.3.19. script
Used to record keystrokes and output to a file. Start Recording: oops:/> script -a <filename> Note: keystrokes and output will be recorded to the file... Stop recording: oops:/> ctl-d Note: After pressing [ctl]-d, no more keystrokes or output will be recorded

Sun Proprietary & Confidential: Internal Use Only

Page 60

SSE Field Reference Guide

3.0 Solaris OS

3.3.20. svcadm
3.3.20.1 Enabling and disabling services Old method mv /etc/rc2.d/S75cron /etc/rc2.d/x.S75cron cron:default edit /etc/inet/inetd.conf, uncomment the finger line network/finger:default SMF method (Solaris 10) svcadm disable system/ svcadm enable

The last argument to svcadm in these examples is the FMRI of the service. Note: svcadm should only be used for SMF services. Legacy rc script-controlled services work the same as in past releases. 3.3.20.2 Stopping, starting, and restarting services Traditionally, services have been started by an rc script run at boot, run with the argument start. Some rc scripts provide a stop option, and a few also allow restart. In SMF, these tasks are all accomplished with the svcadm(1M) command: Old method /etc/init.d/sshd stop ssh:default /etc/init.d/sshd start ssh:default /etc/init.d/sshd stop; /etc/init.d/sshd start ssh:default kill -HUP `cat /var/run/sshd.pid` ssh:default SMF method svcadm disable -t network/ svcadm enable -t network/ svcadm restart network/ svcadm refresh network/

Notes; The "-t" option to svcadm enable and svcadm disable indicates that the requested action should be temporary -- it will not affect whether the service is started the next time that the system boots. This is in contrast to the example above.

3.3.21. svcs
3.3.21.1 list all services and the current state: % svcs -a legacy_run 9:10:15 lrc:/etc/rc3_d/S90samba legacy_run 9:10:18 lrc:/etc/rc3_d/S99reboot_config_pvr_runner legacy_run 9:10:18 lrc:/etc/rc3_d/S99reboot_runner disabled 9:09:38 svc:/system/metainit:default disabled 9:09:39 svc:/platform/sun4u/mpxio-upgrade:default disabled 9:09:40 svc:/network/rpc/keyserv:default online 10:53:33 svc:/network/nfs/status:default online 10:53:33 svc:/network/nfs/nlockmgr:default offline 9:09:42 svc:/application/print/ipp-listener:default offline 9:09:59 svc:/application/print/rfc1179:default 3.3.21.2 list all processes associated with the service: % svcs -p network/smtp:sendmail STATE online STIME 18:20:30 18:20:30 18:20:30 FMRI svc:/network/smtp:sendmail 655 sendmail 657 sendmail

3.3.21.3 prints out detailed, solution-driven messages about the services that are not running

Sun Proprietary & Confidential: Internal Use Only

Page 61

SSE Field Reference Guide
% svcs -x svc:/network/ntp:default (Network Time Protocol (NTP).) State: maintenance since Mon Oct 18 13:58:42 2004 Reason: Start method exited with $SMF_EXIT_ERR_CONFIG. See: http://sun.com/msg/SMF-8000-KS See: ntpq(1M) See: ntpdate(1M) See: xntpd(1M) Impact: 0 services are not running.

3.0 Solaris OS

3.3.22. swap
3.3.22.1 Creating Swap Space: a. Create the swap file: # mkfile -v 10m /export/disk1/myswap (create 10mb swapfile) or # mkfile -nv 10m b. Add the swap space: # swap -a /export/disk1/myswap 3.3.22.2 Managing Swap Space # swap -s List the amount of swap space available # swap -a /export/disk1/swapfile Add a swapfile # swap -d /dev/dsk/c0t0d0s4 Deletes a swap device # swap -l List the current swap devices: swapfile dev swaplo blocks free /dev/dsk/c0t0d0s1 136,9 16 2097104 2097104 (creates an empty 10 Megabyte swapfile)

3.3.23. uadmin
The uadmin command takes 2 arguments, the command to run followed by the function: # uadmin <cmd> <function> The most common commands are: 1 - immediate reboot, no syncing of file systems 2 - reboot and sync file systems The functions available are: HALT BOOT IBOOT SBOOT SIBOOT POWEROFF NOSYNC 0 1 2 3 4 6 7 halt the processor multi-user reboot multi-user reboot, ask for name of file single-user reboot single-user reboot, ask for name of file software poweroff do not sync filesystems on next A_DUMP

Methods to transition the system: # uadmin 2 0 # uadmin 2 1 # uadmin 2 2 sync the filesystems and drops system to ok prompt sync the filesystems and reboots to multi-user mode sync the filesystems and reboots interactively

Sun Proprietary & Confidential: Internal Use Only

Page 62

SSE Field Reference Guide
# uadmin 2 3 # uadmin 2 6 # uadmin 1 0 # uadmin 1 1 # uadmin 1 2 # uadmin 1 3 # uadmin 1 6 sync the filesystems and reboots to single-user mode sync the filesystems and powers off the system do not sync filesystems and drops system to ok prompt do not sync filesystems and reboots to multi-user mode do not sync filesystems and reboots interactively do not sync filesystems and reboots to single-user mode do not sync filesystems and powers off the system

3.0 Solaris OS

3.3.24. ufsdump
3.3.24.1 Dumping / to a tape: # ufsdump 0uf /dev/rmt/0 /dev/rdsk/c0t0d0s0 3.3.24.2 Using a pipe to dump and restore on the fly: # ufsdump 0uf - /dev/rdsk/c0t0d0s0 | (cd <target-directory>; ufsrestore xf -) 3.3.24.3 ufsrestore interactively: # ufsrestore -i /dev/rmt/0 Interactive Commands: add - add filename to list for extraction cd - change directory in the archive delete - delete filename from list of extraction extract - extract all files on the extraction list ls - list files pwd - print working directory name quit - exit ufsrestore setmodes - prompts for owner/mode verbose - display info as extraction occurs what - display dump header

3.3.25. volcheck
Purpose: checks for media in a drive and by default checks all floppy media # volcheck -v /dev/diskette0 Procedure to use a floppy disk: 1. Insert a blank diskette or a diskette that can be overwritten in the diskette drive. 2. Notify Volume Manager to check for new media: # volcheck 3. Format the diskette: # fdformat -d -U 4. Copy the file to the diskette: # dd if=d1_image of=/vol/dev/aliases/floppy0 bs=36k 5. Eject the diskette: # eject -f cd

Sun Proprietary & Confidential: Internal Use Only

Page 63

SSE Field Reference Guide
Other vold commands: volcancel - cancel user's request for removable media that is not currently in drive # volcancel vol/rdsk/unnamed_cdrom volmgt - start/stop vold # /etc/init.d/volmgt [start |stop]

3.0 Solaris OS

Sun Proprietary & Confidential: Internal Use Only

Page 64

SSE Field Reference Guide

3.0 Solaris OS

3.4. Shell Programming
3.4.1. ksh
3.4.1.1 Special shell variables There are some variables which are set internally by the shell and which are available to the user: $1 - $9 $0 $argv[20] $# $? these variables are the positional parameters. the name of the command currently being executed. refers to the 20th command line argument the number of positional arguments given to this invocation of the shell. the exit status of the last command executed is given as a decimal string. When a command completes successfully, it returns the exit status of 0 (zero), otherwise it returns a non-zero exit status. the process number of this shell - useful for including in filenames, to make them unique. the process id of the last command run in the background. the current options supplied to this invocation of the shell. a string containing all the arguments to the shell, starting at $1. same as above, except when quoted : "$*" expanded into ONE long element : "$1 $2 $3" "$@" expanded into THREE elements : "$1" "$2" "$3" : $2 -> $1 ...)

$$ $! $$* $@ shift

3.4.1.2 Special characters The special chars of the Korn shell are : $ \ # ? [ ] * + & | ( ) ; ` " ' - A pair of simple quotes '...' turns off the significance of ALL enclosed chars - A pair of double quotes "..." : idem except for $ ` " \ - A '\' shuts off the special meaning of the char immediately to its right. Thus, \$ is equivalent to '$'. - In a script shell : # : all text that follow it up the newline is a comment \ : if it is the last char on a line, signals a continuation line 3.4.1.3 Evaluating shell variables The following set of rules govern the evaluation of all shell variables. $var signifies the value of var or nothing, if var is undefined. ${var} same as above except the braces enclose the name of the variable to be substituted. +-------------------+---------------------------+-------------------+ | Operation | if str is unset or null | else | +-------------------+---------------------------+-------------------+ | var=${str:-expr} | var= expr | var= ${string} | | var=${str:=expr} | str= expr ; var= expr | var= ${string} | | var=${str:+expr} | var becomes null | var= expr | | var=${str:?expr} | expr is printed on stderr | var= ${string} | Sun Proprietary & Confidential: Internal Use Only Page 65

SSE Field Reference Guide

3.0 Solaris OS

+-------------------+---------------------------+-------------------+ 3.4.1.4 The if statement The if statement uses the exit status of the given command if test then commands else commands fi

(if condition is true) (if condition is false)

if statements may be nested: if ... then ... else if ... ... fi fi 3.4.1.5 Testing Elements Test on numbers : ((number1 == number2)) ((number1 != number2)) ((number1 number2)) ((number1 > number2)) ((number1 = number2)) ((number1 >= number2)) Warning : 5 different possible syntaxes (not absolutely identical) : if ((x == y)) if test $x -eq $y if let "$x == $y" if [ $x -eq $y ] if [[ $x -eq $y ]] Test on strings: (pattern may contain special chars) [[string = pattern]] [[string != pattern]] [[string1 string2]] [[string1 > string2]] [[ -z string]] true if length is zero [[ -n string]] true if length is not zero Warning : 3 different possible syntaxes : if [[ $str1 = $str2 ]] if [ "$str1" = "$str2" ] if test "$str1" = "$str2" Test on objects : (files, directories, links ) examples : [[ -f $myfile ]] # is $myfile a regular file? [[ -x /usr/users/judyt ]] # is this file executable?

Sun Proprietary & Confidential: Internal Use Only

Page 66

SSE Field Reference Guide

3.0 Solaris OS

Sun Proprietary & Confidential: Internal Use Only

Page 67

SSE Field Reference Guide

3.0 Solaris OS

+---------------+---------------------------------------------------+ | Test | Returns true if object... | +---------------+---------------------------------------------------+ | -a object | exist; any type of object | | -f object | is a regular file or a symbolic link | | -d object | is a directory | | -c object | is a character special file | | -b object | is a block special file | | -p object | is a named pipe | | -S object | is a socket | | -L object | is a symbolic (soft) link with another object | | -k object | object's "sticky bit" is set | | -s object | object isn't empty | | -r object | I may read this object | | -w object | I may write to (modify) this object | | -x object | object is an executable file | | | or a directory I can search | | -O object | I own this object | | -G object | the group to which I belong owns object | | -u object | object's set-user-id bit is set | | -g object | object's set-group-id bit is set | | obj1 -nt obj2 | obj1 is newer than obj2 | | obj1 -ot obj2 | obj1 is older than obj2 | | obj1 -ef obj2 | obj1 is another name for obj2 (equivalent) | +---------------+---------------------------------------------------+ 3.4.1.6 The logical operators You can use the && operator to execute a command and, if it is successful, execute the next command in the list. For example: cmd1 && cmd2 cmd1 is executed and its exit status examined. Only if cmd1 succeeds is cmd2 executed. You can use the || operator to execute a command and, if it fails, execute the next command in the command list. cmd1 || cmd2 Of course, ll combinaisons of these 2 operators are possible. Example : cmd1 || cmd2 && cmd3

Sun Proprietary & Confidential: Internal Use Only

Page 68

SSE Field Reference Guide
3.4.1.7 Math operators

3.0 Solaris OS

You have to enclose the entire mathematical operation within a DOUBLE pair of parentheses. A single pair has a completely different meaning to the Korn-Shell. +-----------+-----------+-------------------------+ | operator | operation | example | +-----------+-----------+-------------------------+ | + | add. | ((y = 7 + 10)) | | | sub. | ((y = 7 - 10)) | | * | mult. | ((y = 7 * 4)) | | / | div. | ((y = 37 / 5)) | | % | modulo | ((y = 37 + 5)) | | | shift | ((y = 2#1011 2)) | | >> | shift | ((y = 2#1011 >> 2)) | | & | AND | ((y = 2#1011 & 2#1100)) | | ^ | excl OR | ((y = 2#1011 ^ 2#1100)) | | | | OR | ((y = 2#1011 | 2#1100)) | +-----------+-----------+-------------------------+ 3.4.1.8 Controlling execution goto my_label ...... my_label: ----case value in pattern1) command1 ; ... ; commandN;; pattern2) command1 ; ... ; commandN;; ........ patternN) command1 ; ... ; commandN;; esac where : value value of a variable pattern any constant, pattern or group of pattern command name of any program, shell script or ksh statement example 1 : case $advice in [Yy][Ee][Ss]) print "A yes answer";; [Mm]*) print "M followed by anything";; +([0-9)) print "Any integer...";; "oui" | "bof") print "one or the other";; *) print "Default";; example 2 : Creating nice menus PS3="Enter your choice :" select menu_list in English francais do case $menu_list in English) print "Thank you";; francais) print "Merci";; *) print "???"; break;; esac done ----while( logical expression) do .... done Sun Proprietary & Confidential: Internal Use Only Page 69

SSE Field Reference Guide

3.0 Solaris OS

while : # infinite loop .... done while read line # read until an EOF (or <crtl_d> ) do .... done fname # redirect input within this while loop until( logical expression) do .... done <fin >fout # redirect both input and output ----for name in 1 2 3 4 # a list of elements do .... done for obj in * # list of every object in the current directory do .... done for obj in * */* # $PWD and the next level below it contain do .... done ----break; # to leave a loop (while, until, for) continue; # to skip part of one loop iteration # nested loops are allowed in ksh ---select ident in two # a list of identifiers do case $ident in one) ....... ;; two) ..... ;; *) print "none" ;; esac done Examples Example 1 : loops, cases ... #!/bin/ksh USAGE="usage : fmr [dir_name]" # how to invoke this script print " +------------------------+ | Start fmr shell script | +------------------------+ " function fonc { echo "Loop over params, with shift function" for i do print "parameter $1" # print is equivalent to echo shift done # Beware that $# in now = 0 !!! }

Sun Proprietary & Confidential: Internal Use Only

Page 70

SSE Field Reference Guide

3.0 Solaris OS

echo "Loop over all ($#) parameters : $*" for i do echo "parameter $i" done #---------------------if (( $# > 0 )) # Is the first arg. a directory name ? then dir_name=$1 else print -n "Directory name:" read dir_name fi print "You specified the following directory; $dir_name" if [[ ! -d $dir_name ]] then print "Sorry, but $dir_name isn't the name of a directory" else echo "-------- List of directory $dir_name -----------------" ls -l $dir_name echo "------------------------------------------------------" fi #---------------------echo "switch on #params" case $# in 0) echo "command with no parameter";; 1) echo "there is only one parameter : $1";; 2) echo "there are two parameters";; [3,4]) echo "3 or 4 params";; *) echo "more than 4 params";; esac #---------------------fonc echo "Parameters number (after function fonc) : $#" #------- To read and execute a command echo "==> Enter a name" while read com do case $com in tristram) echo "gerard";; guglielmi) echo "laurent";; dolbeau) echo "Jean";; poutot) echo "Daniel ou Claude ?";; lutz | frenkiel) echo "Pierre";; brunet) echo "You lost !!!"; exit ;; *) echo "Unknown guy !!! ( $com )"; break ;; esac echo "==> another name, please" done #------ The test function : echo "Enter a file name" read name if [ -r $name ] then echo "This file is readable" fi if [ -w $name ] then echo "This file is writable"

Sun Proprietary & Confidential: Internal Use Only

Page 71

SSE Field Reference Guide
fi if [ -x $name ] then echo "This file is executable" fi #-----echo "--------------- Menu select ----------" PS3="Enter your choice: " select menu_list in English francais quit do case $menu_list in English) print "Thank you";; francais) print "Merci.";; quit) break;; *) print " ????";; esac done print "So long!" Example 2 : switches

3.0 Solaris OS

#!/bin/ksh USAGE="usage: gopt.ksh [+-d] [ +-q]" # + and - switches while getopts :dq arguments # note the leading colon do case $arguments in d) compile=on;; # don't precede d with a minus sign +d) compile=off;; q) verbose=on;; +q) verbose=off;; \?) print "$OPTARG is not a valid option" print "$USAGE";; esac done print "compile=$compile - verbose= $verbose" Example 3 : functions ############################################################### # This is a function named 'sqrt' function sqrt # square the input argument { ((s = $1 * $1 )) } # In fact, all KornShell variables are, by default, global # (execpt when defined with typeset, integer or readonly) # So, you don't have to use 'return $s' ############################################################### # The shell script begins execution at the next line print -n "Enter an integer : " read an_integer sqrt $an_integer print "The square of $an_integer is $s" Example 4 #!/bin/ksh

Sun Proprietary & Confidential: Internal Use Only

Page 72

SSE Field Reference Guide
############ Using exec to do I/O on multiple files ############ USAGE="usage : ex4.ksh file1 file2" if (($# != 2)) # this script needs 2 arguments then print "$USAGE" exit 1 fi ############ Both arguments must be if [[ (-f $1) && (-f $2) && (-r $1) then # exec 3 <$1 # exec 4 <$2 # exec 5> match # exec 6> nomatch # else # print "$ USAGE" exit 2 fi while read -u3 lineA # do read -u4 lineB # if [ "$lineA" = "$lineB" ] then # print -u5 "$lineA" else # print -u6 "$lineA; $lineB" fi done print "Done, today : $(date)" date_var=$(date) print " I said $date_var" Example 5 String Manipulation ############ String manipulation examples ################## read str1?"Enter a string: " print "\nYou said : $str1" typeset -u str1 # Convert to uppercase print "UPPERCASE: $str1" typeset -l str1 # Convert to lowercase print "lowercase: $str1" typeset +l str1 # turn off lowercase attribute read str2?"Enter another one: " str="$str1 and $str2" #concatenate 2 strings print "String concatenation : $str" # use '#' to delete from left # '##' to delete all # '%' to delete all # '%%' to delete from right print "\nRemove the first 2 chars -- ${str#??}" print "Remove up to (including) the first 'e' -- ${str#*e}" print "Remove the first 2 words -- ${str#* * }" print "\nRemove the last 2 chars -- ${str%??}" print "Remove from last 'e' -- ${str%e*}"

3.0 Solaris OS

readable regular files && (-r $2) ]] use exec to open 4 files open $1 for input open $2 for input open file "match" for output open file "nomatch" for output if user enters bad arguments

read a line on descriptor 3 read a line on descriptor 4 send matching line to one file send nonmatching lines to another

# $(date) : output of 'date' command # or put it in a variable # and print it...

Sun Proprietary & Confidential: Internal Use Only

Page 73

SSE Field Reference Guide

3.0 Solaris OS

print "Remove the last 2 tokens -- ${str% * *}" print "length of the string= ${#str}" ######################## # Parsing strings into words : typeset -l line # line will be stored in lowercase read finp?"Pathname of the file to analyze: " read fout?"Pathname of the file to store words: " # Set IFS equal to newline, space, tab and common punctuation marks IFS=" ,. ;!?" while read line # read one line of text do # then Parse it : if [[ "$line" != "" ]] # ignore blank lines then set $line # parse the line into words print "$*" # print each word on a separate line fi done < $finp > $fout # define the input & output paths sort $fout | uniq | wc -l # UNIX utilities 3.4.1.9 Debug mode > ksh -x script_name or, in a 'shell script' : set -x set +x # start debug mode # stop debug mode

Sun Proprietary & Confidential: Internal Use Only

Page 74

SSE Field Reference Guide

3.0 Solaris OS

3.5. Dynamic Reconfiguration
3.5.1. Minimum Requirements for DR
· · ·

Solaris 8 02/02 Domain and system controller (12/15K) * SF 3800-6800 SCApp 5.12.6 RTOS 19 12/15K SMS 1.2* and related patches with LPOST 5.13.4 (*see Infodoc 49667 for patch listing)

3.5.2. Install Board Procedure
1. Physically insert board. 2. Power on board and confirm PROM matches rest of domain For 3800-6900(from SC): # poweron SBX # showboards -p proms # flashupdate -c SBY SBX (source – dest). For 12-25K: # flashupdate -f /opt/SUNWSMS/hostobjs/sgcpu.flash SBX (view and modify) 3. Add board to domain ACL list if necessary (new installs only, not remedials) For 3800-6900: SC> setupplatform -p acls For 12-25K # setupplatform -p available -d domain -a SBX 4. Establish separate console session to view POST messages and run cfgadm from a telnet session 5. Determine Ap_Id from cfgadm , # cfgadm -av 6. Configure board into domain # cfgadm -c configure N0.SBX (using Ap_Id) Note: For using a higher diag level (3800-6900) # cfgadm -o platform=diag=default -c configure NO.SBX Note: for 12/25K place desired level in domain's .postrc file (-H level 96) 7. Check board status : # psrinfo -v ; prtdiag -v ;and cfgadm -av (connected and configured)

3.5.3. Remove Board Procedure
1. Determine if board has permanent memory. #cfgadm -av | grep permanent If it does, then perform: # ps -efc | grep RT # priocntl -s -c TS PID (Change to TS if permitted) 2. Verify that 3800-6900 memory is interleaved within board or CPU: SC:A> showdomain

Sun Proprietary & Confidential: Internal Use Only

Page 75

SSE Field Reference Guide

3.0 Solaris OS

3. Confirm that free memory and/or swap will support memory drain operation. It should at least equal memory being removed. # prtdiag -v (show memory on board) # swap -s (show available swap) If more swap needed add with customer assistance: # mkfile size [g|k|b|m] filename # swap -a filename If CPU utilization > 95% do not perform DR. Note: Look at memory and CPU resources very carefully on 2 board domains . 4. Verify keyswitch set to ON (not SECURE) or board will not poweroff: SC:A> showkeyswitch To correct, run: SC:A> setkeyswitch on 5. Check for CPU Bound processes on board being removed and move to different CPU if necessary. # pbind Reports PID and CPU # pbind -b CPU# PID(bind to different CPU) or # pbind -u PID (unbind) 6. Disconnect the board # cfgadm -c disconnect <Ap_Id> 7. Physically remove the board. 8. Perform maintenance and follow Install Board procedure above. 9. Delete any swap previously added # swap -d filename 10. Restore any RT processes changed to TS. # priocntl -s -c RT PID

Sun Proprietary & Confidential: Internal Use Only

Page 76

SSE Field Reference Guide

3.0 Solaris OS

3.6. Printing
3.6.1. cups
1) Install the CUPS packages (from the Solaris Companion CD): SFWcprnt SFWcups 2) link the cups rc scripts int /etc/init.d and /etc/rc*.d directories # # # # # ln ln ln ln ln -s -s -s -s -s /opt/sfw/cups/etc/init.d/cups /opt/sfw/cups/etc/init.d/cups /opt/sfw/cups/etc/init.d/cups /opt/sfw/cups/etc/init.d/cups /opt/sfw/cups/etc/init.d/cups /etc/init.d/cups /etc/rc0.d/K00cups /etc/rc2.d/K00cups /etc/rc3.d/K00cups /etc/rc3.d/S99cups

2) Enable the CUPS service using: oops:/> /etc/init.d/cups start 3) Point your browser to http://hostname:631 to access the web-based configuration agent NOTE: Be sure to edit /etc/profile, /etc/.login, and/or /etc/default/login to ensure users PATHs have /opt/sfw/ cups/bin before /usr/bin so that they get the CUPS versions of the printing commands lp, lpr, lpq, cancel, etc.

Sun Proprietary & Confidential: Internal Use Only

Page 77

SSE Field Reference Guide

3.0 Solaris OS

3.7. Zones
3.7.1. Creating a zone
1) Where will the Container reside? (I decided to install my Zone into /export/zones) # mkdir -p /export/zones 2) Configure the Container (The Zone name will be sol10zone). # zonecfg -z sol10zone sol10zone: No such zone configured (normal message) Use 'create' to begin configuring a new zone. zonecfg:sol10zone> create zonecfg:sol10zone> set zonepath=/export/zones/sol10zone zonecfg:sol10zone> set autoboot=true zonecfg:sol10zone> add net zonecfg:sol10zone:net> set physical=hme0 zonecfg:sol10zone:net> set address=129.148.195.32 (use unique ip address!) zonecfg:sol10zone:net> end zonecfg:sol10zone> verify zonecfg:sol10zone> exit # Note: Your Container is setup but not yet installed with Solaris [TM] 10 OE. 3) Install Solaris into the Container: # zoneadm -z sol10zone install Preparing to install zone <sol10zone>. Creating list of files to copy from the global zone. Copying <94677> files to the zone. Initializing zone product registry. Determining zone package initialization order. Preparing to initialize <1283> packages on the zone. Initialized <1283> packages on zone. Zone <sol10zone> is initialized. Installation of <1> packages was skipped. The file </export/zones/sol10zone/root/var/sadm/system/logs/install_log> contains a log of the zone installation. 4) Boot the Container: # zoneadm -z sol10zone boot 5) Connect to the Console of your Container: # zlogin -C sol10zone [Connected to zone 'sol10zone' console] Press return. (can take several mins) Now, respond to some basic questions of a Solaris [TM] installation, such as: o Define the Locale o Define the Term o Define the TZ o Define the root password o Define the Name Service Once this is done, the Container will perform a final reboot: Sun Proprietary & Confidential: Internal Use Only Page 78

SSE Field Reference Guide
rebooting system due to change(s) in /etc/default/init [NOTICE: Zone rebooting] SunOS Release 5.10 Version Generic 64-bit Copyright 1983-2005 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Hostname: sol10zone sol10zone console login: 6) Log into the Container: # zlogin -C sol10zone [Connected to zone 'sol10zone' console] sol10zone console login: root Password: ******** Last login: Wed Feb 9 12:06:08 on console Feb 9 12:46:23 sol10zone login: ROOT LOGIN /dev/console Sun Microsystems Inc. SunOS 5.10 Generic January 2005

3.0 Solaris OS

# ifconfig -a lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 hme0:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 10.16.10.254 netmask ff000000 broadcast 10.255.255.255 # uname -a SunOS sol10zone 5.10 Generic sun4u sparc SUNW,Ultra-5_10

3.7.2. Administering Zones 3.7.3. Removing a Zone
1) Be sure no one is logged into the zone to be removed. No warnings are given to users logged into a zone when it is halted. It is a good idea to log into the zone and run the 'who' command to see if anyone is logged in. Then be sure to log out of the zone yourself. sol10zone:/> who rfox console May 31 09:29 sol10zone:/> exit 2) Back up any data that is needed from that zone. 3) From the Global Zone, list all zones and their status. # zoneadm list -cv ID NAME 0 global 5 test_zone STATUS running running PATH / /export/test_zone (:0)

4) Halt the zone to be removed and check it's status. # zoneadm -z test_zone halt # zoneadm list -cv

Sun Proprietary & Confidential: Internal Use Only

Page 79

SSE Field Reference Guide
ID NAME 0 global - test_zone STATUS running installed PATH / /export/test_zone

3.0 Solaris OS

5) Uninstall the zone to be removed. # zoneadm -z test_zone uninstall Are you sure you want to uninstall zone test_zone (y/[n])? y # zoneadm list -cv ID NAME STATUS PATH 0 global running / - test_zone configured /export/test_zone 6) Delete the zone to be removed. # zonecfg -z test_zone delete 7) Verify the zone has been removed. # zoneadm list -cv ID NAME 0 global STATUS running PATH / Note the zonecfg command is used here.

Sun Proprietary & Confidential: Internal Use Only

Page 80

SSE Field Reference Guide

3.0 Solaris OS

3.8. SMF
UNIX operating systems have a set of services which are usually software programs started at boot time. These software programs are most commonly called daemons. Cron is an example These services are started by a set of rc scripts serially./etc/rc2.d/S75cron for instance SMF obsoletes the notion "rc" directories and the traditional linear ordering of boot processes parallelizing its activity wherever possible in order to improve performance. FMRI - Fault Management Resource Identifier. Every service must have an FMRI. In fact, all smf admin commands require you to use the FMRI of a service you are administrating. The FMRI includes the service name and the instance name For example the FMRI for the rlogin service is svc:/network/login:rlogin Lets break the FMRI down and study the ":" seperated parts. svc - It's a service (But you already knew that !! ) network/login - Identifies the login service, It's in the network catagory. rlogin - Identifies the service instance. The folllowing FMRI's are equivalent: svc:/system/system-log:default system/system-log:default In addition some SMF command can use the following format and will infer what instance to use provided there is no ambiguity. system/system-log So what's the different between a service and an instance of a service? A web server is a service. But a specific web server that is configured to listen on port80 is an instance. The first instance of a service is normally tagged as the default instance. svc:/network/rpc/bind:default In this case "default" is the default instance of: svc:/network/rpc/bind The running daemon is: /usr/sbin/rpcbind So exactly what parts make up a service ? Most services have these 4 parts. 1. XML file /var/svc/manifest/system/cron.xml 2. Daemon /usr/sbin/cron 3. FMRI system/cron (short form) svc:/system/cron (longer form) svc:/system/cron:default (include the instance) 4. Log file: /var/svc/log/system-cron:default.log There are 4 main commands to control a service: 1. svcs command displays information about service 2. svcadm issues requests for actions on services executing 3. svcprop - retrieve service configuration properties 4. svccfg - import, export, and modify service configurations The svcs command displays information about service # svcs -a ( list all services; enabled or not ) STATE STIME FMRI legacy_run 17:54:51 lrc:/etc/rc3_d/S81volmgt

Sun Proprietary & Confidential: Internal Use Only

Page 81

SSE Field Reference Guide
online online online 13:47:55 svc:/network/telnet:default 13:47:55 svc:/network/nfs/rquota:default 13:47:55 svc:/network/ftp:default

3.0 Solaris OS

# svcs -p (Lists processes associated with each service instance, if any ) online online 13:47:45 svc:/system/sac:default 13:47:45 223 sac 13:47:45 227 ttymon 13:47:45 svc:/system/cron:default 13:47:45 226 cron

# svcs -l system/cron ( Lists details about a service ) fmri svc:/system/cron:default name clock daemon enabled true state online next_state none state_time Thu Dec 30 13:47:45 2004 logfile /var/svc/log/system-cron:default.log restarter svc:/system/svc/restarter:default contract_id 41 dependency require_all/none svc:/system/filesystem/local (online) dependency require_all/none svc:/milestone/name-services (online) # svcs -xv ( Will display broken services, and reason why ) svc:/application/print/server:default (LP print server) State: disabled since Wed Mar 02 10:28:00 2005 Reason: Disabled by an administrator. See: http://sun.com/msg/SMF-8000-05 See: man -M /usr/share/man -s 1M lpsched Impact: 1 dependent service is not running: svc:/application/print/rfc1179:default svcadm - issues requests for actions on services: # svcadm disable -t system/cron This will disable the cron service. The temporary tag means it will only be disabled until the next boot # svcs -l system/cron fmri svc:/system/cron:default name clock daemon enabled false (temporary) <---******************* state disabled next_state none state_time Thu Dec 30 15:17:56 2004 logfile /var/svc/log/system-cron:default.log .................. svcprop - retrieve service configuration properties The following displays the shell script that starts the cron daemon: # svcprop -p start/exec system/cron /lib/svc/method/svc-cron svccfg - import, export, services. and modify service property's. svccfg has 3 different formats

Sun Proprietary & Confidential: Internal Use Only

Page 82

SSE Field Reference Guide
Interactive mode From a file that contains a series of subcommands Command line mode

3.0 Solaris OS

# svccfg svc:> svc:> select system/console-login svc:/system/console-login> setprop ttymon/terminal_type = astring: vt100 svc:/system/console-login> quit # svcadm refresh system/console-login Note: You must run svcadm have after you modify a service Also if the service was broke to begin with, it will be in maintenance state and you must also clear it # svcadm clear system/console-login Every service has a log file. # tail /var/svc/log/application-print-server:default.log [ Feb 6 11:27:52 Method "start" exited with status 1 ] [ Feb 6 11:27:53 Executing start method ("/lib/svc/method/print-svc.1 start") ] /sbin/sh: /lib/svc/method/print-svc.1: not found inetadm encompasses functionality to achieve a set of tasks that together would require all of svccfg, svcadm and svcs. Essentially, the property modifications that inetadm supplies can be achieved using svccfg, although inetadm provides a simpler more abstract interface. /etc/inetd.conf is no longer used. See man inetconv for more info. # inetadm | grep ftp enabled online # inetadm -d network/ftp # inetadm | grep ftp disabled disabled Service dependency relationships # svcs -d system/cron (What services does cron depend on ? ) STATE STIME FMRI online 10:28:24 svc:/system/filesystem/local:default online 10:28:33 svc:/milestone/name-services:default # svcs -D system/cron (What services depend on the cron service ? ) STATE STIME FMRI None in this case !!! Files & Directories: /etc/svc/repository.db (The actual database of SMF) /etc/svc/volatile (Logs for early booting issues ) /lib/svc/bin/svc.startd Master restarter daemon: /lib/svc/bin/svc.configd Repository daemon: /var/svc/manifest/system (Where the XML files go ) /lib/svc/method ( Startup shell script ) /var/svc/log: Most services have their log file here List/display/t-shoot Sun Proprietary & Confidential: Internal Use Only Page 83 svc:/network/ftp:default

svc:/network/ftp:default

SSE Field Reference Guide
svcs (list) svcs -x (troubleshoot) svcs -d FMRI (I depend on it.) svcs -D FMRI (it depends on me) FMRI system/cron svc:/system/cron svc:/system/cron:default Recovery/daemons/files/directory svc.startd -- master restarter svc.configd - repository, auth. /etc/svc/repository.db /var/svc ; /etc/svc ; /lib/svc /lib/svc/bin/restore_repository /lib/svc/method/fs-root (fs-usr) mount -o remount,rw / boot/debug boot -m milestone=single boot -m debug Network inetadm - admin/propeties inetconv convert legacy inetd.conf Enable/disable/refresh/clear svcadm enable FMRI Display/Change properties svcprop system/cron (Lists all properties ) svcprop -p start/exec system/cron (lists a specific property ) svccfg (no options = interactive mode ; help) svccfg import /var/svc/manifest/network/slp.xml NOTE: After change ; svcadm (refresh,restart,maybe clear)

3.0 Solaris OS

Sun Proprietary & Confidential: Internal Use Only

Page 84

SSE Field Reference Guide

4.0 Networking

4.0 Networking
4.1. Network Hardware
4.1.1. Ethernet Category 5 Wiring Diagram
COLOR-CODE STANDARDS Let's start with simple pin-out diagrams of the two types of UTP Ethernet cables m. Here are the diagrams:

Note that the TX (transmitter) pins are connected to corresponding RX (receiver) pins, plus to plus and minus to minus. And that you must use a cossover cable to connect units with identical interfaces. If you use a straightthrough cable, one of the two units must, in effect, perform the cross-over function. Two wire color-code standards apply: EIA/TIA 568A and EIA/TIA 568B. The codes are commonly depicted with RJ-45 jacks as follows: If we apply the 586A color code and show all eight wires, our pin-out looks like this:

Note that pins 4, 5, 7, and 8 and the blue and brown pairs are not used in either standard. An RJ45 connector wired to the 568A standard: (this is known as the top view with pin 1 on the left):

Sun Proprietary & Confidential: Internal Use Only

Page 85

SSE Field Reference Guide

4.0 Networking

4.1.2. Terminal Servers
4.1.2.1 Initial Set-up 1. Enter monitor mode by holding down test button while you power on the TC. When the green light blinks, release the test button and then press it again. 2. Setup Network Addressing monitor:: addr Enter internet address [ un-initialized ]:: 192.0.2.1 Enter subnet mask [255.255.255.0]:: 255.255.255.0 Enter preferred load host address [any host]:: 192.0.2.1 ****Warning: Load host and Internet address are the same**** Preferred load address:: 192.0.2.1 Enter Broadcast address [0.0.0.0]::192.0.2.255 Enter preferred dump address [0.0.0.0]:: 192.0.2.1 Select type of IP encapsulation (ieee802/ethernet) [ethernet]:: ethernet Load Broadcast Y/N [N]:: N 3. Verify boot image is oper.52.enet monitor:: image 4. Set to boot from self monitor:: seq 5. Power cycle the tc 6. Configure serial ports : annex: su passwd: (it's the ip address of the terminal concentrator) annex# admin admin: set port=1-8 type dial_in imask_7bits Y admin: set port=2-8 mode slave admin: quit annex# boot bootfile: <return> warning: <return> 7. Exit your tip session type "~." 4.1.2.2 Configure the gateway For the terminal servers to be able to function across the different subnets, the following 2 activities must occur: annex# edit config.annex %gateway net default gateway 172.20.10.254 metric 1 active Sun Proprietary & Confidential: Internal Use Only Page 86

SSE Field Reference Guide
annex# admin set annex routed n annex# boot

4.0 Networking

Sun Proprietary & Confidential: Internal Use Only

Page 87

SSE Field Reference Guide
4.1.2.3 Configuring Rotary Ports

4.0 Networking

For a terminal server (NTS) to provide a list of what ports connect to which servers, follow the steps below: annex# edit config.annex %rotary lzic01: lzic02: 2@172.16.48.11 3@172.16.48.11

Ctrl-W to save and exit annex# boot After the NTS comes back up and you log back. You will see the following menu: Rotaries Defined: lzic01 lzic02 cli 2 3 -

Enter Annex port name or number:

Sun Proprietary & Confidential: Internal Use Only

Page 88

SSE Field Reference Guide

4.0 Networking

4.2. Network Configuration
4.2.1. NIC's
There are three methods to change a nic driver's speed, duplex mode and autonegotiation values. The first method is to use the ndd command, the second is to specify values in the /etc/system file and the third is to create an hme.conf or qfe.conf file. How to checking current settings: # ndd /dev/hme link_status # ndd /dev/hme link_speed # ndd /dev/hme link_mode # 0=down 1=up # 0=10MB, 1=100MB # 0=half-duplex, 1=full-duplex

Note: ndd will not work for all types of nic's. In this case, you can use the netstat command as follows: # netstat -k ce0 | egrep 'link_speed|link_status|link_duplex' link_up - 0 down, 1 up link_speed - speed in Mbit/s link_duplex - 1 half duplex, 2 full duplex, 0 down Parameter Values: # ndd -set /dev/hme # ndd -set /dev/hme # ndd -set /dev/hme # ndd -set /dev/hme # ndd -set /dev/hme # ndd -set /dev/hme # ndd -set /dev/hme Using ndd command:

instance 0 adv_100T4_cap 0 adv_100fdx_cap 1 adv_100hdx_cap 0 adv_10fdx_cap 0 adv_10hdx_cap 0 adv_autoneg_cap 0

# # # # # # #

hme instance, i.e hme0 4 twisted pairs 100 MB, full duplex 100 MB, half duplex 10 MB full duplex 10 MB, half duplex auto-negotiation

These changes will only survive until the until the next reboot. To make them permanent they must be set either in /etc/system or via an rc script (see below). The following commands set hme0 interface to 100Mbps half-duplex mode: # ndd -set /dev/hme instance 0 # ndd -set /dev/hme adv_100T4_cap 0 # ndd -set /dev/hme adv_100fdx_cap 0 # ndd -set /dev/hme adv_100hdx_cap 1 # ndd -set /dev/hme adv_10fdx_cap 0 # ndd -set /dev/hme adv_10hdx_cap 0 # ndd -set /dev/hme adv_autoneg_cap 0 The following commands set hme1 interface to 10Mbps full-duplex mode: # ndd -set /dev/hme instance 1 # ndd -set /dev/hme adv_100T4_cap 0 # ndd -set /dev/hme adv_100fdx_cap 0 # ndd -set /dev/hme adv_100hdx_cap 0 # ndd -set /dev/hme adv_10fdx_cap 1 # ndd -set /dev/hme adv_10hdx_cap 0 # ndd -set /dev/hme adv_autoneg_cap 0 For permanent entries you can create a script in the /etc/rc2.d directory if each hme interface has a different configuration. If that is the case, then just use ndd commands as specified in above. Name the script S68net-tune to indicate that this particular script is specific to tuning network parameters on that specific host. Example: #!/sbin/sh echo "Setting QFE port 1 to be 100 MB Full Duplex" Sun Proprietary & Confidential: Internal Use Only Page 89

SSE Field Reference Guide
ndd -set /dev/qfe instance 1 ndd -set /dev/qfe adv_100fdx_cap 1 ndd -set /dev/qfe adv_100hdx_cap 0 ndd -set /dev/qfe adv_10fdx_cap 0 ndd -set /dev/qfe adv_10hdx_cap 0 ndd -set /dev/qfe adv_autoneg_cap 0 # set all remaining ports to 100MB/s for PORT in 0 2 3 do echo "Setting QFE port $PORT to 100MB/FD" ndd -set /dev/qfe instance $PORT ndd -set /dev/qfe adv_100fdx_cap 1 ndd -set /dev/qfe adv_100hdx_cap 0 ndd -set /dev/qfe adv_10fdx_cap 0 ndd -set /dev/qfe adv_10hdx_cap 0 ndd -set /dev/qfe adv_autoneg_cap 0 done Set values in /etc/system

4.0 Networking

If all the interfaces are going to have the same configuration then you can add those parameters in /etc/system file, reboot and it will take effect for all the instances of hme. For example, the following lines in /etc/system file will force all the interfaces to 100-Mbps Full-duplex mode: set hme:hme_adv_autoneg_cap=0 set hme:hme_adv_100T4_cap=0 set hme:hme_adv_100fdx_cap=1 set hme:hme_adv_100hdx_cap=0 set hme:hme_adv_10fdx_cap=0 set hme:hme_adv_10hdx_cap=0 Create /kernel/drv/hme.conf Example of /kernel/drv/hme.conf to turn off autonegotiation, turn on 100 Full, force 100BaseTX port, change Interpacket gap. (The reg= entries will be unique for each instance.) name="hme" class="sbus" reg=0xe,0x8c00000,0x00000108,0xe,0x8c02000,0x00002000,0xe, 0x8c04000,0x00002000,0xe,0x8c06000,0x00002000,0xe,0x8c07000, 0x00000020 adv_autoneg_cap=0 adv_100fdx_cap=1 use_int_xcvr=1 ipg1=10 ipg2=8;

4.2.2. ssh
ssh - This program is used to log into another machine or to execute commands on the other machine. # ssh 10.0.0.1 # ssh rfox@10.0.0.1 scp - Securely copies files from one machine to another. # scp root@oops:/var/tmp/*.gz /home/rfox sftp – Securely transfers files from one machine to another. # sftp root@oops ssh-keygen Used to create RSA keys (host keys and user authentication keys). # ssh-keygen -N <new-passphrase> ssh-agent Authentication agent. This can be used to hold RSA keys for authentication.

ssh-add - Used to register new keys with the agent. make-ssh-known-hosts - Used to create the /etc/ssh_known_hosts file. Sun Proprietary & Confidential: Internal Use Only Page 90

SSE Field Reference Guide

4.0 Networking

4.2.3. ftp
This procedure setup up an anonymous ftp server: 1. Create a user account "ftp" This account must not have a real shell login and the home directory must use the correct syntax for "chroot". ftp:x:30000:30000:Anonymous FTP:/home/ftp/./:/bin/false 2. Create the /etc/shells file to have the following entries plus whatever you used above: /usr/bin/sh /usr/bin/csh /usr/bin/ksh /usr/bin/jsh /bin/sh /bin/csh /bin/ksh /bin/jsh /sbin/sh /sbin/jsh /usr/local/bin/bash /bin/false 3. Set up the directories In the root ftp diretory , ~ftp (or /home/ftp in this example): dr-xr-xr-x 7 root drwxr-xr-x 25 root d--x--x--x 2 root d--x--x--x 2 root d--x--x--x 2 root drwx-wx-wt 10 root drwxr-xr-x 10 root d--x--x--x 10 root In the ~ftp/bin directory: system system system system system system system system 512 512 512 512 512 512 512 512 Mar 1 15:17 ./ Jan 4 11:30 ../ Dec 20 15:43 bin/ Dec 20 15:43 dev/ Mar 12 16:23 etc/ Jun 5 10:54 incoming/ Jun 5 10:54 pub/ Jun 5 10:54 usr/

---x--x--x 1 root other 13612 Feb 5 15:26 ls* Note: if you use the dynamically linked version of ls (from /usr/bin/ls) you will need to make sure that ~ftp/usr/lib has all the necessary libraries for "dir" to work correctly. In the ~ftp/etc directory: -r-xr-xr-x 1 root system 462 Feb 5 15:33 TIMEZONE* -r--r--r-- 1 root system 471 Feb 4 16:30 group -r--r--r-- 1 root system 1064 Jan 28 17:14 netconfig -r--r--r-- 1 root system 1748 Feb 10 15:44 passwd Note: the files ~ftp/etc/passwd and ~ftp/etc/group should contain minimal information.The TIMEZONE and netconf files are also necessary for the "dir" command to output the correct date/time stamp of the files. In the ~ftp/dev directory: crw-rw-rw1 root other 13, 2 Jan 29 15:01 null crw-rw-rw1 root other 11, 42 Jan 28 17:17 tcp crw-rw-rw1 root other 105, 1 Jan 28 17:17 ticotsord crw-rw-rw1 root other 11, 41 Jan 28 17:18 udp crw-rw-rw1 root other 13, 12 Jan 28 17:18 zero Note: you can perform an "ls -lL" in /dev to verify the correct major and minor numbers for your system and then use "mknod" to create these files in ~ftp/dev. (It may not be necessary to include /dev/null).

Sun Proprietary & Confidential: Internal Use Only

Page 91

SSE Field Reference Guide
In the ~ftp/usr directory: lrwxrwxrwx 1 root dr-xr-xr-x 4 root dr-xr-xr-x 3 root In the ~ftp/usr/lib directory: system system system 6 Feb 1024 Feb 512 Feb

4.0 Networking

5 15:49 bin -> ../bin/ 5 15:38 lib/ 5 15:38 share/

-r-xr-xr-x 1 root system 24576 Jan 30 13:48 ld.so* -r-xr-xr-x 1 root system 137160 Jan 30 13:48 ld.so.1* -r-xr-xr-x 1 root system 662764 Jan 30 13:48 libc.so* -r-xr-xr-x 1 root system 662764 Jan 30 13:48 libc.so.1* -r-xr-xr-x 1 root system 2564 Jan 30 13:48 libdl.so* -r-xr-xr-x 1 root system 2564 Jan 30 13:48 libdl.so.1* -r-xr-xr-x 1 root system 15720 Jan 30 13:48 libintl.so* -r-xr-xr-x 1 root system 15720 Jan 30 13:48 libintl.so.1* -r-xr-xr-x 1 root system 15720 Jan 31 08:50 libmp.so* -r-xr-xr-x 1 root system 15720 Jan 31 08:50 libmp.so.1* -r-xr-xr-x 1 root system 566700 Jan 30 13:48 libnsl.so* -r-xr-xr-x 1 root system 566700 Jan 30 13:48 libnsl.so.1* -r-xr-xr-x 1 root system 68780 Jan 30 13:48 libsocket.so* -r-xr-xr-x 1 root system 68780 Jan 30 13:48 libsocket.so.1* -r-xr-xr-x 1 root system 39932 Jan 30 13:48 libw.so* -r-xr-xr-x 1 root system 39932 Jan 30 13:48 libw.so.1* -r-xr-xr-x 1 root system 10804 Jan 30 13:49 nss_dns.so.1* -r-xr-xr-x 1 root system 21144 Jan 30 13:49 nss_files.so.1* -r-xr-xr-x 1 root system 24404 Jan 30 13:49 nss_nis.so.1* -r-xr-xr-x 1 root system 28844 Jan 30 13:49 nss_nisplus.so.1* -r-xr-xr-x 1 root system 9312 Jan 30 13:49 straddr.so* -r-xr-xr-x 1 root system 9312 Jan 30 13:49 straddr.so.2* Note: except for ld.so and ld.so.1, the .so version of a library is just a hard link to the .so.1 for Solaris 2.6, libmp.so.2 is used instead of libmp.so.1. In the ~ftp/usr/share/lib/zoneinfo directory: -r--r--r-1 root other dr-xr-xr-x 2 root other and ~ftp/usr/share/lib/zoneinfo/US contains: -r--r--r-1 root In the ~ftp/pub directory: other 57 Feb 512 Feb 817 Feb 5 15:35 GMT-8 5 15:32 US/ 5 15:32 Pacific

drwxr-sr-x 10 dchap system 512 Jun 5 10:54 pub/ and this directory is owned by you and have the same group as ftp with permissions 2755. In the ~ftp/incoming directory: d-wx-wx-wt 5 dchap IV. Some final security touches: # # # # # staff 1536 Feb 11 22:43 incoming/

cd ~ftp touch .rhosts .forward chown root .rhosts .forward chgrp system .rhosts .forward chmod 400 .rhosts .forward

Sun Proprietary & Confidential: Internal Use Only

Page 92

SSE Field Reference Guide

4.0 Networking

4.2.4. dhcp
4.2.4.1. Configure the dhcp server: Create the dhcp resource file: # vi /etc/default/dhcp RUN_MODE=server RESOURCE=files PATH=/var/dhcp Update the hosts file with dhcp client ip addresses and names: # vi /etc/hosts 128.50.1.50 dhcpclient-1 Create the subnet for the clients: # pntadm -C 128.50.1.0 Add clients # pntadm -A 128.50.1.50 128.50.1.0 # pntadm -A 128.50.1.51 128.50.1.0 Create the rules database # dhtadm -C Create the rules # dhtadm -A -m <rule-name> -d ':router= lettuce fluke yak: subnet=255.255.255.0: LeaseNeg=1: DNSdmain=comcast.net: DNSserv=60.8.0.6:' Note: a list of all possible keywords can be found in /etc/dhcp/inittab. Associate rules with dhcp clients: # pntadm -m 128.50.1.50 -m <rule-name> 128.50.1.0 # pntadm -m 128.50.1.51 -m <rule-name> 128.50.1.0 Start dhcp daemon: # /etc/init.d/dhcp start 4.2.4.2. Configure a dhcp client a. Edit /etc/hostname.hme0 and remove all contents b. Create /etc/dhcp.hme0 # touch /etc/dhcp.hme0 c. Reboot # init 6 Sun Proprietary & Confidential: Internal Use Only Page 93

SSE Field Reference Guide

4.0 Networking

Sun Proprietary & Confidential: Internal Use Only

Page 94

SSE Field Reference Guide

4.0 Networking

4.2.5. dns
4.2.5.1. Configuring the Master DNS Server A. Edit /etc/named.boot # named.boot 2/22/2002 rfox DIRECTORY /var/named # location of dns files CACHE cache.db # where to pass the request if unresolved PRIMARY veggie.edu veggie.zone # IP-host resolution file PRIMARY 1.50.128.in-addr.arpa veggie.rzone # host-IP resolution file PRIMARY 0.0.127.in-addr.arpa loopback # localhost resolution B. If Solaris 2.7 or greater, run the conversion utility to create /etc/named.conf file: # /usr/sbin/named-bootconf < /etc/named.boot > /etc/named.conf C. Create the dns directory # mkdir /var/named D. Edit the cache.db file # cache.db 2/22/2002 rfox in ns parks.edu # domain to pass unresolved request parks.edu. in a 128.50.1.99 # ip address of server E. Edit the IP-host resolution file (veggie.zone) # veggie.zone 2/22/2002 rfox $ORIGIN veggie.edu. veggie.edu. in soa lettuce.veggie.edu. 43200 3600 604800 86400 ) veggie.edu. in ns lettuce lettuce in a 128.50.1.3 cabbage in a 128.50.1.2 corn in a 128.50.1.4 localhost in a 127.0.0.1 F. Edit the host-IP resoultion file (veggie.rzone) # veggie.rzone 2/22/2002 rfox $ORIGIN 1.50.128.in-addr.arpa. 1.50.128.in-addr-arpa. in soa lettuce.veggie.edu. root.lettuce.veggie.edu. ( 1 43200 3600 604800 86400 ) 1.50.128.in-addr.arpa. in ns lettuce.veggie.edu. 1 in ptr carrot.veggie.edu. 2 in ptr cabbage.veggie.edu. 3 in ptr lettuce.veggie.edu. 4 in prt corn.veggie.edu. G. Edit loopback file (loopback) # loopback 2/22/2002 rfox $ORIGIN 0.0.127.in-addr.arpa. 0.0.127.in-addr-arpa. in soa lettuce.veggie.edu. root.lettuce.veggie.edu. ( 1 43200 3600 604800 86400 ) 0.0.127.in-addr.arpa. in ns lettuce.veggie.edu. 1 in ptr localhost.veggie.edu.

root.lettuce.veggie.edu.

( 1

Sun Proprietary & Confidential: Internal Use Only

Page 95

SSE Field Reference Guide
H. Start the daemon # /usr/sbin/in.named Notes:

4.0 Networking

Positional parameters and their respective values: In the IP-Host resolution, host-IP resolution, and loopback files, there are a set of parameters that must be set. They are: ( version refresh-value retry expire minimum ) For example: ( 1 43200 3600 604800 86400 ) translates into the following 1 file. 43200 3600 604800 86400 = version number. To update slave servers, the number must be incremented after editing the = time interval, in seconds, used by the slave servers to initiate a zone transfer = retry time, in seconds, to retry a zone transfer = time interval, in seconds, after which a slave server will discard zone information = time to live, in seconds which states how long the query answer is good.

4.2.5.2. Configuring the Slave Server (aka Secondary Server) A. Edit /etc/named.boot # named.boot 2/22/2002 rfox DIRECTORY /var/named # location of dns files CACHE. cache.db # where to pass the request if unresolved SECONDARY veggie.edu. 128.50.1.3 veggie.zone SECONDARY 1.50.128.in-addr.arpa. 128.50.1.3 veggie.rzone B. If Solaris 2.7 or greater, run the conversion utility to create /etc/named.conf file: # /usr/sbin/named-bootconf < /etc/named.boot > /etc/named.conf C. Edit the cache.db file # cache.db 2/22/2002 rfox . in ns parks.edu # domain to pass unresolved request parks.edu. in a 128.50.1.99 # ip address of server D. Start the daemon # /usr/sbin/in.named 4.2.5.3 Configuring a Cache-Only Server A. Edit /etc/named.boot # named.boot 2/22/2002 rfox DIRECTORY /var/named # location of dns files CACHE . cache.db # where to pass the request if unresolved B. If Solaris 2.7 or greater, run the conversion utility to create /etc/named.conf file: # /usr/sbin/named-bootconf < /etc/named.boot > /etc/named.conf C. Edit the cache.db file # cache.db 2/22/2002 rfox . in ns parks.edu # domain to pass unresolved request parks.edu. in a 128.50.1.99 # ip address of server Sun Proprietary & Confidential: Internal Use Only Page 96

SSE Field Reference Guide

4.0 Networking

D. Start the daemon # /usr/sbin/in.named 4.2.5.4 . Configuring the DNS Client A. Create the /etc/resolv.conf file: # resolve.conf 2/22/2002 search veggie.edu nameserver 128.50.1.3 nameserver 128.50.2.1 nameserver 128.50.3.5 B. Edit /etc/nsswitch.conf file's hosts entry: # hosts dns files rfox

Sun Proprietary & Confidential: Internal Use Only

Page 97

SSE Field Reference Guide

4.0 Networking

4.2.6. nis
4.2.6.1 HOW TO CONFIGURE NIS MASTER 1. Define the NIS domainname. # domainname <example-domain> 2. Populate the /etc/defaultdomain file with the domainname. # domainname > /etc/defaultdomain 3. Edit the /etc/hosts file to ensure that the NIS master and all NIS slave servers have been defined and that a fully qualified name exists for this server. 4. Optionally, create an alternate directory and copy the source files there. # mkdir /var/yp/src # cd /etc # cp auto_home auto_master bootparams ethers group hosts netgroup netmasks networks \ passwd protocols publickey rpc services shadow timezone user_attr /var/yp/src 5. Edit the Makefile. # cp /var/yp/Makefile /var/yp/Makefile.orig # vi /var/yp/Makefile Modify “DIR=” and “PWDIR=” entries to reflect the location of the alternate directory used in step 4. Example: DIR=/var/yp/src Example: PWDIR=/var/yp/src If you wish NIS to resolve hosts through DNS comment out "B=" and uncomment "B=-b". Locate the target labeled “all:” and remove any map from the definition that does not have a corresponding file and will not be used as part of this service. For example, bootparams, ethers, and timezone files do not exist by default, and may be removed. This will avert errors during the make process (IE. make: Fatal error: Command failed for target 'k'). Note: If the netgroup map is to be used later, but does not yet exist, create a placeholder for this in the target directory. # touch /var/yp/src/netgroup Note: To relocate RBAC related files or /etc/inet/ipnodes consult the comments in /var/yp/Makefile. 6. Ensure files are selected as the naming service, if not previously defined. # cp /etc/nsswitch.files /etc/nsswitch.conf 7. Initialize the server: # cd /var/yp # /usr/sbin/ypinit -m It will ask you for the other yp server's name. Type the name of the server you are working on, along with the name of your NIS slave servers, and then press CTRL-D. It will ask the question "Do you want this procedure to quit on non-fatalerrors [y/n:n]n. choose n. 8. Start the NIS daemons. # /usr/lib/netsvc/yp/ypstart

Sun Proprietary & Confidential: Internal Use Only

Page 98

SSE Field Reference Guide
This will start all NIS server daemons (ypbind ypserv ypxfrd rpc.yppasswdd rpc.ypupdated). # ps -ef |grep yp /usr/lib/netsvc/yp/ypbind /usr/lib/netsvc/yp/ypserv -d /usr/lib/netsvc/yp/ypxfrd /usr/lib/netsvc/yp/rpc.yppasswdd -D /var/yp/src -m /usr/lib/netsvc/yp/rpc.ypupdated

4.0 Networking

Note: For Solaris 10, ypstart is automatically invoked from ypinit -m. Use the svcs utility to view the state of the services. # /usr/bin/svcs \*nis\* STATE STIME FMRI disabled 13:14:59 svc:/network/rpc/nisplus:default online 13:28:34 svc:/network/nis/server:default online 13:28:34 svc:/network/nis/xfr:default online 13:28:34 svc:/network/nis/update:default online 13:28:34 svc:/network/nis/passwd:default online 13:28:35 svc:/network/nis/client:default 9. Test the configuration. # cd /var/yp # /usr/ccs/bin/make (this should complete without errors) # ypcat -k hosts (to make sure the new maps are there) # ypwhich -m (display the maps that are being served) NOTE: All the resulting NIS maps will be stored under /var/yp/example-domain directory. 10. To enable this host as a NIS client. # cp /etc/nsswitch.nis /etc/nsswitch.conf Edit /etc/nsswitch.conf as necessary (ie. add dns entry). Note: To start NIS services from the command line: # /usr/lib/netsvc/yp/ypstop (to stop NIS services) # /usr/lib/netsvc/yp/ypstart (to start NIS services) For Solaris 10, you can use: # svcadm enable network/nis/server:default # svcadm enable network/nis/client:default 4.2.6.2 HOW TO CONFIGURE NIS SLAVE 1. Define the NIS domainname. # domainname <example-domain> 2. Populate the /etc/defaultdomain file with the domainname. # domainname > /etc/defaultdomain 3. Edit the /etc/hosts file to ensure that the NIS master and all NIS slave servers have been defined and that a fully qualified name exists for this server. 4. Edit /etc/nsswitch.conf as necessary (ie. add dns entry). Sun Proprietary & Confidential: Internal Use Only Page 99

SSE Field Reference Guide
# cp /etc/nsswitch.nis /etc/nsswitch.conf 5. Initialize the slave server as a client first. # /usr/sbin/ypinit -c

4.0 Networking

The "ypinit" command prompts you for a list of NIS servers. Enter the name of the local slave you are working on first, then the master server, followed by the other NIS servers in your domain in order from the physically closest to the furthermost (in network team), then press CTRL-D. 6. Make sure "ypbind" is not running. # ps -ef | grep ypbind 7. Start ypbind. # /usr/lib/netsvc/yp/ypstart 8. Initialize this machine as a slave and transfer the NIS maps. # /usr/sbin/ypinit -s master_machine_name 9. Stop ypbind. # /usr/lib/netsvc/yp/ypstop 10. Start ypbind and ypserv. # /usr/lib/netsvc/yp/ypstart Note for Solaris 10, you can use: # svcadm enable network/nis/server:default # svcadm enable network/nis/client:default 4.2.6.3 HOW TO CONFIGURE NIS CLIENT 1. Define the NIS domainname. # domainname <example-domain> 2. Populate the /etc/defaultdomain file with the domainname. # domainname > /etc/defaultdomain 3. Edit the /etc/hosts file to ensure that the NIS master and all NIS slave servers have been defined and that a fully qualified name exists for this server. 4. Edit /etc/nsswitch.conf as necessary (ie. add dns entry). # cp /etc/nsswitch.nis /etc/nsswitch.conf 5. Initialize the slave server as a client first. # /usr/sbin/ypinit -c You will be asked to name NIS servers from which the client may obtain name service information. You may list as many master or slave servers as you want. Then press CTRL-D. 6. Start ypbind. # /usr/lib/netsvc/yp/ypstart Note for Solaris 10, you can use: # svcadm enable network/nis/client:default

Sun Proprietary & Confidential: Internal Use Only

Page 100

SSE Field Reference Guide
7. On the newly configured NIS client, test the NIS functionality with the following command: # ypwhich -m

4.0 Networking

4.2.7. ntp
4.2.7.1 . Configure the server: 1. update the config file: # ntp.conf file server 127.127.1.0 # refers to local system clock fudge 127.127.1.0 stratum 0 broadcast 224.0.1.1 # multicast address to use to broadcast to clients driftfile /var/ntp/ntpdrift statsdir /var/ntp/nptstats # end of ntp.conf 2. start the daemon # /etc/init.d/xntpd start 4.2.7.2. Configure the ntp client: 1. update the config file: # # # # # # # # ident "@(#)ntp.client 1.3 00/07/17 SMI"

/etc/inet/ntp.client An example file that could be copied over to /etc/inet/ntp.conf; it provides a configuration for a host that passively waits for a server to provide NTP packets on the ntp multicast net.

# A simple NTP clilent would specify one or more network servers in your # organization: # # server ntp.example.com # # Public NTP Server list: http://www.eecis.udel.edu/~mills/ntp/clock1.htm # server 128.118.46.3 # Penn State's ntp server server 192.5.41.40 # tick.usno.navy.mil server 192.5.5.250 # clock.isc.org server 128.9.176.30 # timekeeper.isi.edu server 127.127.1.0 # internal clock fudge 127.127.1.0 stratum 10 # end of ntp.conf 2. Start the daemon # /etc/init.d/xntpd start 4.2.7.3 Testing the config: # /usr/sbin/ntpq -p

Sun Proprietary & Confidential: Internal Use Only

Page 101

SSE Field Reference Guide

4.0 Networking

4.2.8. nfs
4.2.8.1 How to NFS share/mount a CD-ROM: 1) Share the resource on the NFS server (the system with the CD-ROM locally). # share -F nfs -o ro /cdrom/cdrom0/s0 Note: If this is the first time that the NFS server has shared out a resource then do the following to start the nfs server daemons: # /etc/init.d/nfs.server start 2) Now mount the CD-ROM on the remote system. Run showmount to verify that the NFS server is sharing out the CD-ROM: # showmount -e <NFS-server-name> Mount the CD-ROM: # mount -rF nfs <NFS-server-name>:/cdrom/cdrom0 /cdrom 4.2.8.2 nfsd threads Solaris[TM] 8 and prior The script /etc/init.d/nfs.server sets the maximum number of nfsd server threads that can run at once. Solaris[TM] 9 and subsequent release The maximum number of nfsd server threads is configured using the parameter NFSD_SERVERS in the /etc/default/nfs file. Those threads are created and destroyed dynamically. They each consume 16K of kernel stack and most likely handle one NFS filesystem block. They also run at a higher priority than the timeshare class. Since the memory requirement is cheap and dynamic, there are no big drawbacks to setting this value much higher on an NFS server (a conservative nfsd thread value = num_of_cpus*128). For Solaris[TM] 8 and earlier, edit /etc/init.d/nfs.server : /usr/lib/nfs/nfsd -a 1024 For Solaris[TM] 9 and above, edit /etc/default/nfs: NFSD_SERVERS=1024 Then kill and restart the daemon: /etc/init.d/nfs.server stop /etc/init.d/nfs.server start

Sun Proprietary & Confidential: Internal Use Only

Page 102

SSE Field Reference Guide

4.0 Networking

4.2.9. tip
The hardware set up involves connecting a system running Solaris[TM] to the SERIAL port via the running system's serial port A or B. The /etc/remote file on the running system will have to be checked for the correct settings. # more /etc/remote # The next 17 lines are for the PCMCIA serial/modem cards. # pc0:\ :dv=/dev/cua/pc0:br#38400:el=^C^S^Q^U^D:ie=%$:oe=^D:nt:hf: pc1:\ :dv=/dev/cua/pc1:br#38400:el=^C^S^Q^U^D:ie=%$:oe=^D:nt:hf: pc2:\ :dv=/dev/cua/pc2:br#38400:el=^C^S^Q^U^D:ie=%$:oe=^D:nt:hf: cuab:dv=/dev/cua/b:br#2400 dialup1|Dial-up system:\ :pn=2015551212:tc=UNIX-2400: hardwire-a:\ :dv=/dev/term/a:br#9600:el=^C^S^Q^U^D:ie=%$:oe=^D: hardwire:\ is :dv=/dev/term/b:br#9600:el=^C^S^Q^U^D:ie=%$:oe=^D tip300:tc=UNIX-300: is being used tip1200:tc=UNIX-1200: tip0|tip2400:tc=UNIX-2400: tip9600:tc=UNIX-9600: tip19200:tc=UNIX-19200: UNIX-300:\ :el=^D^U^C^S^Q^O@:du:at=hayes:ie=#$%:oe=^D:br#300:tc=dialers: UNIX-1200:\ :el=^D^U^C^S^Q^O@:du:at=hayes:ie=#$%:oe=^D:br#1200:tc=dialers: UNIX-2400:\ :el=^D^U^C^S^Q^O@:du:at=hayes:ie=#$%:oe=^D:br#2400:tc=dialers: UNIX-9600:\ :el=^D^U^C^S^Q^O@:du:at=hayes:ie=#$%:oe=^D:br#9600:tc=dialers: UNIX-19200:\ :el=^D^U^C^S^Q^O@:du:at=hayes:ie=#$%:oe=^D:br#19200:tc=dialers: VMS-300|TOPS20-300:\ :el=^Z^U^C^S^Q^O:du:at=hayes:ie=$@:oe=^Z:br#300:tc=dialers: VMS-1200|TOPS20-1200:\ :el=^Z^U^C^S^Q^O:du:at=hayes:ie=$@:oe=^Z:br#1200:tc=dialers: dialers:\ :dv=/dev/cua/b: -------------------------------------------------------------------The attributes are: dv el du pn at ie oe cu br fs device to use for the tty EOL marks (default is NULL) make a call flag (dial up) phone numbers (@ =>'s search phones file; possibly taken from PHONES environment variable) ACU type input EOF marks (default is NULL) output EOF string (default is NULL) call unit (default is dv) baud rate (defaults to 300) frame size (default is BUFSIZ) -- used in buffering writes Page 103

Sun Proprietary & Confidential: Internal Use Only

SSE Field Reference Guide
on receive operations to continue a capability

4.0 Networking

tc #

Once you connect the cabling and determine the /etc/remote file is properly configured, you can tip into the system. # tip hardwire - to tip through serial port B # tip hardwire-a - to tip through serial port A connected <output from the system's console...> To end the session, type in ~. and press ENTER.

4.2.10. ipmp
Configuration assumptions: hme0 = 10.0.0.1 hme1 – 10.0.0.3 both interfaces are up will create logical interfaces 10.0.0.2 - test interface 10.0.0.4 - failover # eeprom local-mac-address?=true # ifconfig hme0 group public # ifconfig hme0 addif 10.0.0.2 deprecated -failover netmask + broadcast + up <- test # ifconfig hme1 group public # ifconfig hme1 addif 10.0.0.4 deprecated -failover standby netmask + broadcast + up # ifconfig -a lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1400 index 2 inet 10.0.0.1 netmask ffffff00 broadcast 10.0.0.255 groupname public ether 8:0:20:b3:00:0a hme0:1 flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED, Ipv4, NOFAILOVER> mtu 1400 index 2 inet 10.0.0.2 netmask ffffff00 broadcast 10.0.0.255 hme1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1400 index 2 inet 10.0.0.3 netmask ffffff00 broadcast 10.0.0.255 groupname public ether 8:0:20:b3:00:0b hme1:1 flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED, Ipv4, NOFAILOVER> mtu 1400 index 2 inet 10.0.0.4 netmask ffffff00 broadcast 10.0.0.255

Sun Proprietary & Confidential: Internal Use Only

Page 104

SSE Field Reference Guide

4.0 Networking

4.2.11. tftp
How to setup TFTP - To enable TFTP, uncomment the following line from /etc/inetd.conf: tftp dgram udp tftp dgram udp wait wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot root /usr/sbin/in.tftpd in.tftpd -s /test/tftp The /etc/inetd.conf references a file for /tftpboot and this can be changed. Next, create the tftp user home directory: # mkdir /tftpboot # chown root /tftpboot # chmod 777 /tftpboot Finally, restart inetd: # kill -HUP <inetd-pid> You can verify TFTP is working by using TFTP to put or get files to or from the /tftpboot directory. To get a file from the TFTP server, you must first place a file in the /tftpboot directory and then run the following command from another system: % tftp <tftp-server> tftp> get <filename> To put a file to the TFTP server, you must first touch a file with the same name as the file you will be putting and then change the permission of the file to 666. At this point you will be able to use the put command within TFTP to put a file in the /tftpboot directory as follows: On the TFTP server: # touch <filename> # chmod 666 <filename> On another system which contains the actual file called <filename> that you would like to put to the TFTP server: % tftp <tftp-server> tftp> put <filename> Sent 28 bytes in 0.2 seconds tftp> quit This will put the file <filename> into the /tftpboot directory on the TFTP server. Note: TFTP does not work the same as FTP. You won't see the same messages, and can't use 'cd', 'ls' or most other FTP commands.

Sun Proprietary & Confidential: Internal Use Only

Page 105

SSE Field Reference Guide

4.0 Networking

4.2.12. Configuring Multiple Gateways
When you have more than one interface on a system, a Sun system automatically configures itself as a router. The gateways file can be used to set the default route, set static routes for specific interfaces and limit broadcasting of routes. Syntax: net 0.0.0.0 gateway <ip of gateway> metric 1 passive ^ ^ ^ | | | This is equivalent router you use passive makes a to using default to get out of permanent entry your subnet in your host table until reboot To keep a particular interface from broadcasting as a route use the following: norip <interface> Here is an example of /etc/gateways file for someone who has an le0 interface and a le1, the le1 interface is a connection to the outside world and you do not want to broadcast rip to the outside world. # Basic gateways file setup # Gateway file 05/01/2005 net 0.0.0.0 gateway <ip of le1> metric 1 passive norip le1 Another example: % cat /etc/gateways net 150.101.17.0 gateway 150.101.16.1 metric 1 passive net 0.0.0.0 gateway 150.101.16.2 metric 1 passive The first line is identical to the 'route add' command. It createsa route for the network 150.101.17.0 through the gateway machine 150.101.16.1. The second entry creates a default route through gateway machine 150.101.16.2. You can also add routes to specific hosts in the gateways file by using the keyword 'host' rather than 'net' and specifying a host address rather than a network address.

4.2.13. Setting up subnets
On a Solaris machine, you can set a netmask by making an entry in the /etc/netmasks file, with the format: network-number-with-zeroes For example: # /etc/netmasks # 150.201.0.0 255.255.255.0 192.168.1.0 255.255.255.0 After making these additions, reboot the machine. netmask

Sun Proprietary & Confidential: Internal Use Only

Page 106

SSE Field Reference Guide

4.0 Networking

4.2.14. Virtual Interfaces
Solaris[TM] TCP/IP allows multiple logical interfaces to be associated with physical network interface. Up to 255 "logical addresses" for a given network interface can be defined in Solaris 2.x. To enable more than 256 (0-255) logical interfaces, use ndd. The command: # ndd -set /dev/ip ip_addrs_per_if 1-8192 will permit you to configure as many as your addressing structure will permit (up to 8191 virtual hosts.) 1. Create an entry in the /etc/hosts file ( or nis host map) for each of the virtual interfaces with the hostname and IP address you want to use. Don't forget to add the hostname to /etc/hosts NIS, NIS+, and/or DNS database. 2. Create a /etc/hostname.<interface:#> file for each of the interfaces (/etc/hostname.le0:1, hostname.le0:2, hostname.le0:3...le0:255.) Note: the file can contain a single line with either the ip number or hostname reference. For example, if you are using the le0 interfaces, you would create the following files: /etc/hostname.le0:1 (do NOT use a le0:0 - same as le0 ) /etc/hostname.le0:2 and so on This can also be done for an hme interface. You can have up to 1024 virtual interfaces under 2.5.1. This file should include the hostname or IP address for the corresponding interface. 3. If subnetting is being used, there should be an entry in the /etc/netmasks file in the following format: network_address netmask The network_address should be the network address before subnetting. For example, a class B network that is subnetted to a Class C would have an entry such as: 157.145.0.0 255.255.255.0 4. Reboot the system 5. Verify changes with an ifconfig -a Note: For Security and network isolation. you can set ip_forwarding to “off” and ip_strict_dst_multihoming to “on”, if you are trying to prevent access to the other interfaces. # ndd /dev/ip ip_forwarding - Determines if the workstation will route packets. (0 = off 1 = on) # ndd /dev/ip ip_strict_dst_multihoming - Determines whether to use Strict Destination Multihoming. If this variable is set to True, and ip_forwarding is turned off, then the machine will not except packets destined for a different interface. If duplicate additional local routes are added (by ifconfig) when the virtual interfaces are on same subnet, then you may need to "route delete net" on these. An /etc/rc2.d/S99vif file can be added to ifconfig and add/delete routes, etc.

4.2.15. Enabling IP Forwarding
To force ip forwarding to occur, use the command: # ndd /dev/ip ip_forwarding 1

Sun Proprietary & Confidential: Internal Use Only

Page 107

SSE Field Reference Guide

4.0 Networking

4.2.16. Routing
The route command allows you to add, get, delete, flush, entries in the routing table # route add default 128.50.1.0 128.50.1.1 1 # route add net 128.50.0.0 128.50.1.6 1 # route change 128.50.1.6 128.50.1.5 # route delete net 128.50.0.0 128.50.1.6 # route flush

4.2.17. Setting local mac addresses:
The following script can be used in /etc/rcS.d to set mac addresses: #!/sbin/sh # /etc/rcS.d/S20laa # Copyright (c) 2001 by Sun Microsystems, Inc. # All rights reserved. # This boot script sets Locally Administered Adresses (LAA) at boot time. # Examples below can be used in conjunction with SunSluster 3.x # Edit and activate the ifconfig lines you need. See SRDB 28489. # A card's onboard MAC addresses can be obtained via prtconf -pv. PATH=/usr/bin:/usr/sbin case "$1" in 'start') echo "setting LAA." # the plumb / unplumb is necessary in Solaris 9 and greater (Not needed in # Solaris[TM] 8). # nafo0 uses OpenBoot PROM address (default) # nafo1 uses hme0 card's address : #ifconfig hme0 plumb #ifconfig hme0 ether 08:00:20:01:02:03 #ifconfig hme0 unplumb # #ifconfig qfe0 plumb #ifconfig qfe0 ether 08:00:20:01:02:04 #ifconfig qfe0 unplumb # first junction uses OpenBoot PROM address (default) # second junction uses ge0 card's address : #ifconfig ge0 plumb #ifconfig ge0 ether 08:00:20:04:05:06 #ifconfig ge0 unplumb ;; 'stop') echo "No changes." ;; *) echo "Usage: $0 {start|stop}" ;; esac exit 0

Sun Proprietary & Confidential: Internal Use Only

Page 108

SSE Field Reference Guide

4.0 Networking

4.2.18. Preventing Users From Logging in
To prevent users from logging onto the system, # touch /etc/nologin To re-enable user access, # rm /etc/nologin The /etc/nologin file is a text file that can contain a message to inform users, similar to the /etc/motd file. Below is an example: # /etc/nologin file # created on 5/4/2003 # “The system is unavailble due to system maintenance activities.”

4.2.19. inetd services
in.comsat - biff server in.dhcpd - Dynamic Host Configuration Protocol server inetd - Internet services daemon in.fingerd - remote user information server in.ftpd - File Transfer Protocol Server in.iked - daemon for the Internet Key Exchange (IKE) init.wbem - start and stop the CIM Boot Manager in.lpd - BSD print protocol adaptor in.mpathd - daemon for network adapter (NIC) failure detection, recovery, automatic failover and failback in.named - Internet domain name server (DNS) in.ndpd - daemon for IPv6 autoconfiguration in.rarpd - DARPA Reverse Address Resolution Protocol server in.rdisc - network router discovery daemon in.rexecd - remote execution server in.ripngd - network routing daemon for IPv6 in.rlogind - remote login server in.routed - network routing daemon in.rshd - remote shell server in.rwhod - system status server in.talkd - server for talk program in.telnetd - DARPA TELNET protocol server in.tftpd - Internet Trivial File Transfer Protocol server in.tnamed - DARPA trivial name server in.uucpd - UUCP server

Sun Proprietary & Confidential: Internal Use Only

Page 109

SSE Field Reference Guide

4.0 Networking

4.3. Network Troubleshooting
4.3.1. Troubleshooting Command Reference
4.3.1.1 arp - address resolution display and control arp -a display entries in the arp table oops:/home/rfox:>arp -a Net to Device -----hme0 hme0 hme0 hme0 hme0 hme0 hme0 hme0 hme0 hme0 hme0 Media Table: IPv4 IP Address -------------------wow hedley.East.Sun.COM baraddur cassio smt01rfsra193 clnode0 clnode1 archiver lifetime oops 224.0.0.0 Mask --------------255.255.255.255 255.255.255.255 255.255.255.255 255.255.255.255 255.255.255.255 255.255.255.255 255.255.255.255 255.255.255.255 255.255.255.255 255.255.255.255 240.0.0.0 Flags Phys Addr ----- --------------08:00:20:c3:cd:80 08:00:20:b2:72:9b 00:c0:dd:00:6f:62 00:c0:dd:00:57:49 00:00:0c:07:ac:00 08:00:20:d8:d6:c5 08:00:20:b0:35:bc 00:07:e9:04:4a:c4 00:03:47:d5:b9:f6 SP 08:00:20:c9:dc:9d SM 01:00:5e:00:00:00

arp -d <hostname> - remove host entry from arp table 4.3.1.2 dmesg check status of interface at boot time 4.3.1.3 ifconfig allows you to add/modify/delete interface parameters 4.3.1.4 kstat -n <interface> kernal stats for interface 4.3.1.5 ndd (set, get) # ndd -set /dev/eri instance 0 - sets view to eri0 # ndd /dev/eri \? - shows what eri paramaters are modifiable How to checking current settings: # ndd /dev/hme link_status # 0=down 1=up # ndd /dev/hme link_speed # 0=10MB, 1=100MB # ndd /dev/hme link_mode # 0=half-duplex, 1=full-duplex 4.3.1.6 netstat netstat -i gives you interface details # of packets, collisions, errors ect... oops:/home/rfox:>netstat -i Name lo0 hme0 Mtu Net/Dest 8232 loopback 1500 somerset Address localhost oops Ipkts Ierrs Opkts Oerrs Collis Queue 39259 0 39259 0 0 0 522862 74 359240 0 0 0

netstat -rnv routing info, no name resolution, local veiw oops:/home/rfox:>netstat -rn Routing Table: IPv4 Destination Gateway Flags Ref Use Interface -------------------- -------------------- ----- ----- ------ --------129.154.57.0 129.154.57.155 U 1 4587 hme0 Sun Proprietary & Confidential: Internal Use Only Page 110

SSE Field Reference Guide
224.0.0.0 default 127.0.0.1 129.154.57.155 129.154.57.228 127.0.0.1 U UG UH 1 0 1 12426 273386690

4.0 Networking
hme0 lo0

4.3.1.7 ping <host> command contacts and reports status of host specified oops:/home/rfox:>ping -s scoobydoo PING scoobydoo: 56 data bytes 64 bytes from scoobydoo (129.154.57.77): icmp_seq=0. time=0. ms 64 bytes from scoobydoo (129.154.57.77): icmp_seq=1. time=0. ms 64 bytes from scoobydoo (129.154.57.77): icmp_seq=2. time=0. ms 64 bytes from scoobydoo (129.154.57.77): icmp_seq=3. time=0. ms 64 bytes from scoobydoo (129.154.57.77): icmp_seq=4. time=0. ms 4.3.1.8 rup <host> contacts and reports up time for host specified oops:/home/rfox:>rup scoobydoo scoobydoo up 49 days, 19:23, load average: 0.00, 0.01, 0.02

4.3.1.9 snoop monitors network traffic use -v ,-d ,interface, ipaddress to filter view Level of output: # snoop Terse mode # snoop -V Summary Mode # snoop -v Verbose, full packets What to capture: # snoop -d <interface> specifys the interface to listen to (i.e qfe2) # snoop <host> specify a host to listen to (i.e. oops) # snoop <host1> <host2> specify multiple hosts # snoop port <port-number> specify a port to listen to (i.e. 25) # snoop rpc <program> specify an rpc program name or number to listen to # snoop <ip-address> specify an ip address # snoop <ethernet-address> specify an ethernet address How to capture and view: # snoop -o <output-file-name> Note: -o flag produces binary output. Need -i flag to read. # snoop -i <output-file-name> args Examples: 1. capture packets between oomph and oops and puts it in a file named /tmp/snoop.out. # snoop -v -o /tmp/snoop.out oomph oops 2. capture packets for a specific port: # snoop -v -o /tmp/snoop.out port 25 3. display complete nfs packets # snoop -v -i /tmp/snoop.out pkts nfs 4. gather nfs packets in verbose mode and put in new file named /tmp/nfs.out # snoop -v -i /tmp/snoop.out pkts nfs -o /tmp/nfs.out 5. To capture packets between funky and pinky of type tcp or udp on port 80:

Sun Proprietary & Confidential: Internal Use Only

Page 111

SSE Field Reference Guide

4.0 Networking

# snoop funky and pinky and port 80 and tcp or udp Since the primitive port cannot be handled by the kernel filter, and there is also an OR in the expression, a more efficeint way to filter is to move the OR to the end of the expression and to use parenthesis to enforce the OR between tcp and udp: # snoop funky and pinky and (tcp or udp) and port 80 4.3.1.10 spray <host> - will report on transfer rate and number received oops:/home/rfox:>spray scoobydoo sending 1162 packets of length 86 to scoobydoo ... 156 packets (13.425%) dropped by scoobydoo 66 packets/sec, 5745 bytes/sec oops:/home/rfox:> 4.3.1.11 rpcinfo will show all of the RPC services registered with rpcbind on the machine named klaxon use. Use the -s option to display a more concise list: example% rpcinfo -s klaxon program 100000 100008 100002 100001 100012 100007 100029 100078 100024 100021 100020 vrsn 2,3,4 1 2,1 2,3,4 1 3 1 4 1 2,1 1 netid(s) tcp,udp,ticlts,ticots,ticotsord ticotsord,ticots,ticlts,udp,tcp ticotsord,ticots,ticlts,udp,tcp ticotsord,ticots,tcp,ticlts,udp ticotsord,ticots,ticlts,udp,tcp ticotsord,ticots,ticlts,udp,tcp ticotsord,ticots,ticlts ticotsord,ticots,ticlts ticotsord,ticots,ticlts,udp,tcp ticotsord,ticots,ticlts,udp,tcp ticotsord,ticots,ticlts,udp,tcp service rpcbind walld rusersd rstatd sprayd ypbind keyserv status nlockmgr llockmgr owner superuser superuser superuser superuser superuser superuser superuser superuser superuser superuser superuser

4.3.1.12 traceroute <host> maps and times route from your server to the specified host oops:/home/rfox:>traceroute has.central traceroute to mcst.central.Sun.COM (29.147.45.157), 30 hops max, 40 byte packets 1 head (29.154.57.254) 1.262 ms 0.344 ms 0.344 ms 2 smt01-1-2600 (9.154.55.215) 0.715 ms 0.631 ms 0.726 ms 3 bur02r04-smt01r01.East.Sun.COM (9.154.252.121) 12.843 ms 12.785 ms 21.233 ms 4 brl-co-1.East.Sun.COM (9.148.1.37) 18.122 ms 13.157 ms 13.110 ms 5 brm03-bur03-oc3.East.Sun.COM (29.148.0.10) 61.308 ms 61.300 ms 61.571 ms 6 smuscobrm03s07-m01.Central.Sun.COM (29.147.2.253) 62.548 ms 63.261 ms 61.265 ms 7 mcst.Central.Sun.COM (29.147.45.157) 61.650 ms 63.029 ms 61.266 ms oops:/home/rfox:>

Sun Proprietary & Confidential: Internal Use Only

Page 112

SSE Field Reference Guide

4.0 Networking

4.3.2. TCP States
CLOSED (0) - Socket is closed LISTEN (1) - Socket is passive, awaiting a connection request SYN_SENT (2) - Socket is active, has sent a SYN, Session not yet active SYN_RECEIVED (3) - Socket is active, has sent and received SYN, Session not yet active ESTABLISHED (4) - Socket is active,2. Session is active, has completed handshake. CLOSE_WAIT (5) - Socket is closed, received FIN, waiting for close, Session is terminating FIN_WAIT (6) - Socket is closed, sent FIN, waiting for FIN ACK. Session is terminating CLOSING (7) - Socket is closed, exchanged FIN, waiting for FIN ACK, Session is terminating LAST_ACK (8) - Socket is closed, received FIN, waiting for FIN ACK, Session is terminating FIN_WAIT_2 (9) - Socket is closed, received FIN ACK, Session is complete TIME_WAIT (10) - Socket is closed, waits for (2 * max segment life), Session is complete

4.3.4. NFS
To see if nfsd is responding: # rpcinfo -T tcp bigserver nfs program 100003 version 2 ready and waiting program 100003 version 3 ready and waiting To see if “bigserver” supports NFS over the udp transport, use: # rpcinfo -T tcp bigserver nfs program 100003 version 2 ready and waiting program 100003 version 3 ready and waiting To see that mountd is responding: # rpcinfo -T udp bigserver mountd program 100005 version 1 ready and waiting program 100005 version 2 ready and waiting program 100005 version 3 ready and waiting To see that lockd is responding: # rpcinfo -T udp bigserver nlockmgr program 100021 version 1 ready and waiting program 100021 version 2 ready and waiting program 100021 version 3 ready and waiting program 100021 version 4 ready and waiting To verify that statd is responding: # rpcinfo -T udp bigserver status program 100024 version 1 ready and waiting If you run rpcinfo, and determine that certain rpc services are not responding, check those daemons on the master. If none of the above works, you can verify if RPC services are working at all on the server, by running: # rpcinfo <remote-machine-name>

Sun Proprietary & Confidential: Internal Use Only

Page 113

SSE Field Reference Guide
If this gives errors too, there is probably an issue with portmap

4.0 Networking

[Note: the above rpcinfo commands will vary slightly under Solaris OS prior to 2.5, as those OSes did not offer NFS version 3, nor the TCPtransport for NFS.]

To view file systems being shared: # dfshares [-F FSType] [-h] [-o specific_options] [server...] oops:/home/rfox/:>dfshares RESOURCE oops:/usr/local oops:/gca/share To view file systems currently mounted: # dfmounts [-F FSType] [-h] [-o specific_options] [restriction...] oops:/home/rfox:>dfmounts RESOURCE SERVER PATHNAME CLIENTS oops /boot/Solaris_9/Tools/Boot memnock oops /gca/share 129.152.141.12,129.152.224.197, dhcp-smt01-192-93,pauly.East.Sun.COM,vitalsigns.East.Sun.COM,vpn-129-150-33135.Central.Sun.COM,vpn-129-150-35-134.Central.Sun.COM, SERVER ACCESS oops oops TRANSPORT -

4.3.5. DHCP
DHCP client hostname is "Unknown" when using DHCP
Solaris 9: 1.Edit the file /etc/init.d/inetsvc and change the line that reads the following: hostname='/sbin/dhcpinfo Hostname' to #hostname='/sbin/dhcpinfo Hostname' hostname='/usr/bin/cat /etc/nodename' 2.Create a executable script in /etc/rcS.d directory for example S31myhost and add the following line : hostname dhcpclient1 Note: dhcpclient1 is example of a hostname. 3. Next, Follow the same procedure as for Solaris 10 which is listed below. For Solaris 10: 1.Edit the /etc/default/dhcpagent file and change the line that reads the following: #REQUEST_HOSTNAME=no to REQUEST_HOSTNAME=no Sun Proprietary & Confidential: Internal Use Only Page 114

SSE Field Reference Guide

4.0 Networking

2.Edit the /etc/hostname.interface(example of dhcp interface is hostname.hme0) file and add the hostname to that file. 3.Edit the /etc/nodename file and add the hostname to that file as well. 4.Edit the /etc/hosts file and add the loghost and hostname. See example below: # # Internet host table # 127.0.0.1 localhost loghost dhcp ip dhcpclient1 # Added by DHCP 5. Reboot the DHCP Client

Sun Proprietary & Confidential: Internal Use Only

Page 115

SSE Field Reference Guide

Sun Proprietary & Confidential: Internal Use Only

Page 116

SSE Field Reference Guide

5.0. Performance Tuning

5.0. Performance Tuning
5.1. Debugging Tools
5.1.1. adb
5.1.1.1. How to Start adb # adb -k /dev/ksyms /dev/mem 5.1.1.2. How to load a core file # adb -k unix.x vmcore.x 5.1.1.3. Adding a prompt to adb: # adb -kwP "adb>" 5.1.1.4. Commands to analyze a core adb> adb> adb> adb> adb> adb> adb> $<utsname *panicstr/s msgbuf+14/s $<msgbuf $c <sp$<stacktrace $<threadlist get system statistics get panic string print dmesg print dmesg stack back stack back threadlist for hung system

5.1.1.5. How to display a parm adb> maxusers/D 5.1.1.6. How to change a parm adb> maxusers/w 0t300 Notes: The following values are used to specify data types: 0t - decimal value 0x - hexadecimal value 5.1.1.7 Exiting adb adb> [control]-d or adb> $q

Sun Proprietary & Confidential: Internal Use Only

Page 117

SSE Field Reference Guide

5.0. Performance Tuning

5.1.2. truss
5.1,2.1. Syntax # truss -aef -o /tmp/truss.out <command> # truss -aef -o /tmp/truss.out -p PID 5.1.2.2. Options -p PID: This option attaches truss to a currently running process using the the process ID (PID) obtained typically from the ps command. If you interrupt a truss attached to a process with the -p option, only the truss will be stopped. Whereas, if you interrupt a proccess started with truss, as in the first example above, the process will be stopped. -o <file>: Saves the output to a given file (/tmp/truss.out in the above example). By default truss sends its output to stderr and that is why you can not pipe the output to the grep command (for example) as you might with stdout messages to the console device. -f: This option is used to follow all child processes created by the fork or vfork system calls. By default truss only follows the process ID of the initial process. Child processes started before the truss will not be followed. -e: This option shows the environment strings passed in on every "exec" call. It shows the environment that the process is running under. -a: This option shows all the arguments to each "exec" system call. -c: This truss command, "% truss -c ls", is useful because it counts the number system calls, signals, and faults and displays it in a report summary. This is useful for seeing which system calls a program is spending most of its time in. The number of errors is really not helpful and can usually be ignored. For example: % truss -c ls syscall seconds calls errors _exit .00 1 open .02 19 13 close .00 6 time .00 1 brk .00 4 lseek .00 1 fstat .00 5 ioctl .00 2 execve .00 1 fcntl .00 1 getdents .00 2 lstat .01 1 mmap .00 12 munmap .00 3 ---- --- --sys totals: .03 59 13 usr time: .01 elapsed: .15

Sun Proprietary & Confidential: Internal Use Only

Page 118

SSE Field Reference Guide

5.0. Performance Tuning

5.1.3. Other Tools
sar: general purpose analyzer. The following options are good ones: -a: ufs tuning -d: tape drive response time -m: semaphore activiry -p: paging activity, scan rate -q: monitoring cpu and swap queue activity -r: free memory -u: cpu utilization -v: number of processes running vmstat: focuses on memory and cpu activity. (no options - ignore the i/o stuff) iostat: focuses on i/o performance data. The following options are good ones: -npx: reports on reads, writes, wait queue, service time. -e -E: reports on I/O device error rates mpstat: reports on multiple cpus netstat: reports on network utilization. The following options are good ones: -a: shows active sockets -nr: shows the routing table -i: shows the state of all tcp/ip interfaces, look at collisions nfsstat: reports on NFS activity. The following options are good ones: -c: shows nfs client info -n shows nfs read response time -s: shows nfs server info -r: show rpc info lockstat: used to identify locking problems in a specific executable. Run it like truss, i.e. # lockstat lp Note: If the output shows 50+ events, there is a problem. prtdiag - reports on system hardware configuration and associated diagnostic information top - displays cpu and process usage statistics nice - adjust the priority of a new process, # nice -10 admintool (increase the priority) # nice +10 admintool (decrease the priority) renice - adjust the priority of a running process, # renice -10 <pid> psradm - enables/disables cpu's, # psradm -f 0 (disables cpu 0) # psradm -n 0 (enables cpu 0)

Sun Proprietary & Confidential: Internal Use Only

Page 119

SSE Field Reference Guide

5.0. Performance Tuning

5.1.4. Data Collection Script
The following can be placed in a file and then invoked from cron every 15 minutes to help determine if the system is CPU bound, I/O bound, or memory bound. #!/bin/sh # A modification to allow this to run for many days and allow the sysadmin # to delete old data # set -x DATESUFFIX=`date +%m%d` OUTPUTDIR=/var/tmp/$DATESUFFIX if [ ! -d $OUTPUTDIR ] ; then mkdir -p $OUTPUTDIR fi PATH=$PATH:/usr/sbin:/usr/bin ; export PATH

date >> $OUTPUTDIR/vmstat.out vmstat 30 5 >> $OUTPUTDIR/vmstat.out OSREV=`uname -r` case $OSREV in "5.6"* | "5.7"* ) IOARGS="-xnctpE" ;; *) IOARGS="-xct" ;; esac date >> $OUTPUTDIR/iostat.out iostat "$IOARGS" 30 5 >> $OUTPUTDIR/iostat.out date >> $OUTPUTDIR/ps.out /usr/bin/ps -el -o pcpu,pmem,fname,rss,vsz,pid,stime >> $OUTPUTDIR/ps.out date >> $OUTPUTDIR/ucbps.out /usr/ucb/ps -aux >> $OUTPUTDIR/ucbps.out date >> $OUTPUTDIR/kmastat.out echo kmastat | crash >> $OUTPUTDIR/kmastat.out date >> $OUTPUTDIR/kernelmap.out echo "map kernelmap" | crash >> $OUTPUTDIR/kernelmap.out date >> $OUTPUTDIR/uptime.out uptime >> $OUTPUTDIR/uptime.out date >> $OUTPUTDIR/netstat.out netstat -i >> $OUTPUTDIR/netstat.out date >> $OUTPUTDIR/du.out du -s /tmp >> $OUTPUTDIR/du.out date >> $OUTPUTDIR/ls.out ls -lt /tmp >> $OUTPUTDIR/ls.out date >> $OUTPUTDIR/mpstat.out mpstat 30 5 >> $OUTPUTDIR/mpstat.out This script has recently been updated to separate data by days; the customer can still modify OUTPUTDIR if desired.

Sun Proprietary & Confidential: Internal Use Only

Page 120

SSE Field Reference Guide

5.0. Performance Tuning

5.2. Performance Tuning
5.2.1. System Analysis
5.2.1.1 CHECKING FOR A RESOURCE DEPRIVATION HANG The most common cause of a system hang is that the system has run out of resources. The first thing to normally do is to run some performance tools to see whether that is in fact the case. Run the "Data Collection Script" (see section above, 3.1.4) to gather information. 5.2.1.2 CPU Power In the vmstat command output, look to see what the run queue size is (first column). If the run queue is greater than zero for a long period of time (minutes) AND there is no idle time (in the "idl" column) during the same period, then for that period of time the machine consistently had more available work than available CPU power. If this period of time represents normal peak workload then the machine may be undersized for it. Alternatively the spike in runnable work might be bogus. A rogue process fork()ing short-lived child processes can elevate the runqueue, and it only takes one or more "spinning" processes to soak up available idle time. 5.2.1.3 Virtual Memory If over time, the amount of memory specified in the swap column goes down and does not recover, then there is a probability that there is a memory leak on the system. To determine if it is a kernel memory leak, look at the output of the two crash commands (described later). To determine which application has a memory leak, look at the SZ column of the ps output. This column indicates the size of a process's data and stack in kilobytes. If over time, the swap column goes down and recovers, look at the lowest value in the swap column. If this value goes below 4000, then the system is in danger of running out of virtual memory space. More swap space should be added to the system. 5.2.1.4 Physical Memory The sr (scan rate) column of the vmstat output indicates the rate at which pages are being scanned in order to find needed pages for current processes. If this rate is over 200 for prolonged periods of time, the machine is out of physical memory. This machine could benefit by additional physical memory. 5.2.1.5 Kernel Memory The kernel had a limited amount of memory which it uses for kernel data allocations. This memory is commonly referred to as the kernel heap. The maximum size of the kernel heap is fixed depending on machine architecture and the amount of physical memory. If a machine runs out of kernel memory, it will usually hang. To see if this is the case, look at the output of the crash kernelmap command. This command shows how many segments of kernel memory exist and how large each segment is. If there only 1 and 2 page segments left, the kernel has run out of memory (even if there are a hundred of them). Kernel memory is allocated in "buckets" which are associated with kernel memory allocations of various sizes. The crash kmastat command shows how much memory has been allocated to which bucket. Starting with 2.4, kmastat breaks memory allocation down to many different buckets. If one of these buckets has several MB of memory, and there are kernel memory allocation failures, there is probably a memory leak involving the large bucket. If the bucket is kmem_alloc_8192, this is the buffer cache bucket. In systems with very large amounts of memory, the amount allowed in this bucket should be tuned by adding "set bufhwm=8000" in the /etc/system file. In order to diagnose a memory leak problem it is possible to turn on some flags in Solaris 2.4 and above (see InfoDoc 73364). With these flags turned on, once the kmastat command shows significant growth in the offending bucket, STOP-A (or break) should be used to stop the machine and create a core file. If you then log a support call, the Sun engineers can use this core file to help determine the cause of the leak. 5.2.1.6 Disk I/O To check for disks which are overly busy, look at the iostat output. The columns of interest are %b (percentage of time the disk is busy) and svc_t (average service time in milliseconds). If %b is greater than 20% and svc_t is greater than 30ms, this is a busy disk. If there are other disks which are not busy, the load should be balanced. If all disks are this busy, additional disks should be considered. Sun Proprietary & Confidential: Internal Use Only Page 121

SSE Field Reference Guide

5.0. Performance Tuning

There is no direct way to check for an overloaded SCSI bus, but if the %w column (percentage of time transactions are waiting for service) is greater then 5%, then the SCSI bus may be overloaded. Information about what levels to check for the various performance statistics is taken from "Sun Performance and Tuning" by Adrian Cockroft, ISBN 0-13-149642-5.

5.2.2. Tuning the system
This section lists some performance related files and tools used to tune the system: Files to modify: /etc/system - place to add tunable parameters (requires system reboot) /etc/init.d/<script-name> - start-up scripts; can also add tunable parameters here. Tools: adb (or mdb) - adjust kernel parameters immediately on a live kernel ndd - adjust network parameters (TCP, IP, ethernet)

5.2.3. Cache Scrubber Tuning
The cache scrubber utility can be modified by adding/changing/deleting parameters in /etc/system. Here is a description of these parameters and their values: ecache_scrub_enable = 0 or 1 - turns off/on the in-kernel scrubber. Default is 1. ecache_calls_a_sec = number of times/second to call scrubber routine. Default is 100. ecache_scan_rate = amount of cache to scan in a second. A value of 100 equals 10% scanned. Default is 100. ecache_scrub_panic = 0 or 1 - panics when a ecache line has a bad parity. Default is 0 i.e. the system will panic only when the value is set to 1. ecache_scrub_verbose = 0 or 1 - prints addition messages when a ecache line has a bad parity. Default is 1. i.e. the system will print messages in the /var/adm/messages file. ecache_idle_factor = increase the scan rate when idle A value of 10 equals, 10% increase scan in rate when idle. Default is 1. ecache_flush_clean_good_busy = ecache line is in clean_good_busy state. Conditionally flush the clean_good lines when busy. Default is 50, i.e. additional 5% of ecache is scrubbed. Conditonally flushing doesn't not occur for MSRAMS modules. ecache_flush_dirty_good_busy = ecache line is in dirty_good_busy state. Conditionally flush the dirty_good lines when busy. Default is 100, i.e. additional 10% of ecache is scrubbed. Conditionally flushing doesn't not occur for MSRAMS modules. ecache_calls_a_sec_mirrored = 1 (Default) If ecache is mirrored ecache_calls_a_sec and ecache_scan_rate are reduced. ecache_lines_per_call_mirrored = 1 (Default) If ecache is mirrored ecache_calls_a_sec and ecache_scan_rate are reduced.

Sun Proprietary & Confidential: Internal Use Only

Page 122

SSE Field Reference Guide

6.0. Storage Software

6.0. Storage Software
6.1. Solaris General Procedures
6.1.1. Rebuilding Devices
In the case where the /etc/path_to_inst file is corrupted to the point where booting from the disk is impossible, the following procedure can be used to rebuild the device tree. Also, this procedure can be used when the target ID of the boot disk is changed to one which did not previously exist. ok> boot cdrom -sw # mount /dev/dsk/c0t0d0s0 /a (What ever your boot disk is) # cd /a/dev/dsk # rm c* # cd /a/dev/rdsk # rm c* # cd /tmp/dev # find dsk rdsk -depth -print | cpio -pmudv /a/dev # cd /tmp/root/etc # cp path_to_inst /a/etc # umount /a # reboot -- -rs This will build the path_to_inst file for disk drives. However, third party disks may need to be reinstalled.

6.1.2. Rebuilding /etc/path_to_inst
{0} ok> boot -ar Resetting... Software Power ON 8-slot Sun Enterprise 4000/5000, No Keyboard OpenBoot 3.2.27, 320 MB memory installed, Serial #7923805. Copyright 2000 Sun Microsystems, Inc. All rights reserved Ethernet address 8:0:20:78:e8:5d, Host ID: 8078e85d. Rebooting with command: boot -ar Boot device: /sbus@3,0/QLGC,isp@0,10000/sd@8,0:a File and args: -ar Enter filename [kernel/unix]: [ENTER] Enter default directory for modules [/platform/SUNW,Ultra-Enterprise/kernel /platform/sun4u/kernel /kernel /usr/kernel]:[ENTER] Name of system file [etc/system]: [ENTER] SunOS Release 5.8 Version Generic_117350-02 32-bit Copyright 1983-2003 Sun Microsystems, Inc. All rights reserved. / The /etc/path_to_inst on your system does not exist or is empty. Do you want to rebuild this file [n]? y <----- Answer "Y" Here root filesystem type [ufs]: Enter physical name of root device [/sbus@3,0/QLGC,isp@0,10000/sd@8,0:a]: ...

Sun Proprietary & Confidential: Internal Use Only

Page 123

SSE Field Reference Guide

6.0. Storage Software

6.2. Veritas Volume Manager
6.2.1. Unencapsulating Root
1. Boot from cdrom in single user mode: ok> boot cdrom -s 2. Mount the rootdisk. # mount /dev/dsk/c0t0d0s0 /a 3. Edit the /etc/system file back to its original state: a. Make a backup copy of /etc/system: # cp /a/etc/system /a/etc/system.vxvm b. Remove the following 2 lines; do NOT comment them out rootdev:/pseudo/vxio@0:0 set vxio:vol_rootdev_is_volume=1 4. Edit the /etc/vfstab file back to its original state: a. Make a backup copy of the vfstab file: # cp /a/etc/vfstab /a/etc/vfstab.vxvm b. Copy the original vfstab file to /a/etc: # cp /a/etc/vfstab.prevm /a/etc/vfstab (Note: If the vfstab.prevm file does not exist, modify the current vfstab file to boot the the phyical devices and comment out all vm volumes). 5. Disable vm from coming up: # touch /a/etc/vx/reconfig.d/state.d/install-db 6 Setup the vtoc to use hard partitions: a. Make backup copy of vtoc: # cp /a/etc/vx/reconfig.d/disk.d/cXtXdX/vtoc /a/etc/vx/reconfig.d/disk.d/cXtXdX/vtoc.orig b. Edit the vtoc: # vi a/etc/vx/reconfig.d/disk.d/cXtXdX/vtoc Delete the first two lines that are commented out. Remove the symbols listed in RED: (Note: Number may not be the same as below). #THE PARTITIONING OF /dev/rdsk/c0t0d0s2 IS AS FOLLOWS : #SLICE TAG FLAGS START SIZE

Sun Proprietary & Confidential: Internal Use Only

Page 124

SSE Field Reference Guide
0 1 2 3 4 5 6 7 0x2 0x7 0x5 0x3 0x0 0x0 0x4 0x0 0x200 0x200 0x200 0x201 0x000 0x200 0x200 0x000 0 1024480 0 2048960 0 2254160 2915360 0 1024480 1024480 4154160 205200 0 661200 1229680 0

6.0. Storage Software

c. Run the following command to rebuild the vtoc on the boot device: # fmthard -s /a/etc/vx/reconfig.d/disk.d/cXtXdX/vtoc /dev/rdsk/cXtXdXs2 7. Unmount the file system from /a. 8. Reboot the system. 9. Remove the following vm file(s): # rm /etc/vx/reconfig.d/state.d/install-db # rm /etc/vx/reconfig.d/state.d/root-done 10. Start Volume Manager: # vxiod set 10 # vxconfigd 11. Bring up vxva & remove root volumes recursively from rootdg. AdvancedOpts | DiskGroup | RemoveVolumes. or run the following command for each volume: # vxassist remove <volume> 12. Remove the disk (which has no subdisks on it anymore) from the rootdg disk group: For the VM 2.6 GUI (vxva), AdvancedOpts | DiskGroup | RemoveDisks For the VM 3.x GUI (vmsa), Remove | Return the disk to the free-space pool, or run the following command: # vxdg -g dgname rmdisk diskname (Note: There has to be at least one disk in rootdg for vm to work). 13. Edit the vfstab file and add back the Volume Manager volumes: Add in the entries for the "other" volume manager volumes in the /etc/vfstab file. Do not add in the vm bootdisk file system. 14. Reboot the system to insure it can boot properly with Volume Manager enabled. 15. Use format to "zero out" the private (slice 3) and public (slice 4) regions. The boot disk is now Unencapsulated...

Sun Proprietary & Confidential: Internal Use Only

Page 125

SSE Field Reference Guide

6.0. Storage Software

6.2.2. Moving A Disk Array
In general, make sure the firmware on the array or disks is compatable with the machine you are moving it/them to. Make sure the new system has the array drivers and the correct patches. Most times it is easier and best to apply any patches and firmware upgrades, if needed, on the old system BEFORE moving the array. Every single "I-wanna-move-some-disks-to-another-system" is different. However, each one falls into one of the following 'basic' categories: Some basics:
· ·

A machine MUST have at least one drive in rootdg. You cannot have 2 rootdg disk groups. In the cases below: · SystemA is the current machine where everything is running fine. · SystemB is the machine you are moving the array to. Scenerio #1: Array has only xdg If SystemB already has a rootdg and VxVM is running, just physically move the array and 'boot -r'. Then, import xdg. If SystemB already had a disk group called xdg, you could run # vxdg -n newxdg import 854333350.2702.lucky-sw where "854333350.2702.lucky-sw" is the diskgroupid of the xdg from SystemA. Scenerio #2: Array has only rootdg If SystemB is not running VxVM at all, pkgadd the VxVM packages onto SystemB, run thru E38 with one small exception, and reboot. The small exception is: # vxdctl init SystemA If SystemB is running VxVM already, you'll not be able to "merge" the two rootdg disk groups. Instead, you can import SystemA's rootdg with another name. Use: # vxdg -n newdg import 900032351.2609.lucky-sw where 900032351.2609.lucky-sw is the diskgroupid of the rootdg from SystemA. Scenerio #3: Array has PART of the diskgroup You're planning on moving, say, 1/2 of a diskgroup from SystemA to SystemB. Actually, there's nothing different that the previous two scenarios, other than you'll have to use "-f" option on the vxdg command when importing it. This is because you are not allowed to import a diskgroup when vxconfigd cannot access all the disks in the group. Now, once you import the diskgroup on this system, there is going to be some VM logical disks with no physical disks behind them. Just go in to either GUI, remove all volumes, plexes, and subdisks associated with these disks, then remove the disks from the diskgroup entirely.

Sun Proprietary & Confidential: Internal Use Only

Page 126

SSE Field Reference Guide

6.0. Storage Software

6.2.3. Replacing Bad Root Disk w/Mirror
If Volume Manager (VxVM) is running on a system with the root disk encapsulated and mirrored, and the root disk fails, the system stays up and running, due to the fact that it is mirrored, but how can you recover the original root disk? TERMINOLOGY: The 'primary' root disk is the system disk on which the OS was originally installed. This disk was "encapsulated" into VxVM and then mirrored. Since this disk is encapsulated, there is a direct mapping of partitions onto volumes for /, swap, /usr, and /var. The 'secondary' root disk is a disk which was first initialized into VxVM and then used to form a mirror for the primary root disk. Since it was initialized, rather than encapsulated, there is no mapping of partitions onto the volumes /, swap, /usr, and /var. RECOVERING THE 'SECONDARY' BOOT DISK: If the 'secondary' system disk fails, the replacement of the disk is straight-forward. It is handled in the same manner that any other failed drive needs to be replaced. The easiest way to do this is: # vxdiskadm, choose option #4 (Remove a disk for replacement). # init 0 (if necessary) to physically replace the disk. # vxdiskadm, choose option #5 (Replace a failed or removed disk). When asked to 'encapsulate' the disk, reply "no", When asked to initialize the disk, reply "yes". This will begin recovery of the disk and the mirrors will resync automatically. RECOVERING THE 'PRIMARY' BOOT DISK: The recovery of the 'primary' boot disk contains a few additional steps because the procedure must re-establish the direct mapping between the partitions on the disk and the system volumes. This is so that the system can be changed back to use underlying devices, should this become necessary (for example, to perform a system upgrade or boot from cdrom to fsck one of these filesystems). 1. Run 'vxdiskadm' and choose option #4 (Remove a disk for replacement). Then, shut down the system (if necessary) to physically replace the disk, and reboot. 2. Run 'vxdiskadm' and choose option #5 (Replace a failed or removed disk). When asked to 'encapsulate' the disk, reply "no", When asked to initialize the disk, reply "yes". 3. This step will change depending on the number of partitions on the boot disk. The 'vxdiskadm' command will put back partition 0 (for /) automatically, and may also do this for swap. However, if you have any additional volumes on that disk (i.e., /usr or /var), you will have to run a command to put the partition on the new disk in the correct location. Examine the partitions on the replaced disk by running 'format' or 'prtvtoc' on it. At the very least, you will see a partition for root and one for the public and one for the private partitions for VxVM. Determine if any partitions are missing. If so, these "missing" partitions can be recreated easily using the steps below. The command to use is the 'vxmksdpart' command. You give this command the name of a particular subdisk, and it creates a partition on the disk in the correct location. The syntax is: # /etc/vx/bin/vxmksdpart <subdisk> <partition> <tag> <flags>

Sun Proprietary & Confidential: Internal Use Only

Page 127

SSE Field Reference Guide

6.0. Storage Software

For example, if you have a subdisk named "disk01-02" and wanted to create partition 7 on the disk to map this subdisk, you can run # /etc/vx/bin/vxmksdpart disk01-02 7 0x00 0x00 SWAP. To create a partition for the swap volume, run: # /etc/vx/bin/vxmksdpart -g rootdg <subdisk> <partition> 0x03 0x01 where <subdisk> is the name of the subdisk used in the swapvol volume on the primary boot disk (for example, "rootdisk-01"), and <partition> is the unused partition to use for swap (for example, "1"). The "0x03" tag specifies this partition is for 'swap'. USR. To create a partiton for /usr (if this disk contains /usr), run: # /etc/vx/bin/vxmksdpart -g rootdg <subdisk> <partition> 0x04 0x00 VAR. To create a partiton for /var (if this disk contains /var), run: # /etc/vx/bin/vxmksdpart -g rootdg <subdisk> <partition> 0x07 0x00 Note: There is no reason to create any other partitions on the boot disk.

Sun Proprietary & Confidential: Internal Use Only

Page 128

SSE Field Reference Guide

6.0. Storage Software

6.2.4. VM Command Line Reference
6.2.4.1. Configuring Volume Manager
To start volume manager in disabled mode: # vxconfigd -m disable # vxiod set 10 VM Tasks that are running # vxtask list

6.2.4.2. Disk Operations
A. To unencapsulate the root disk: # vxunroot Note: can not use if /opt is a separate partition. B. Initializing a disk: # /etc/vx/bin/vxdisksetup -i c#t#d# # /etc/vx/bin/vxdisksetup -i c1t0d2 C. Remove Disk from Volume Mgr control # vxdisk rm c1t1d0s2 D. Move Disks to New System # drvconfig (or devfsadm) # vxdctl enable # vxdg import grpname # vxrecover -g dgname -sb # vxdg -C import dgname # vxdg -f import dgname (if some disks in group failed)

6.2.4.3 Disk Group Operations
A. Adding (an already initialized) disk to a diskgroup: # vxdg -g <diskgroup> adddisk <dm name>=<device name> # vxdg -g rootdg adddisk disk01=c1t0d1s2 B. Creating a new diskgroup: # vxdg init <diskgroup> <dm name>=<device name> -or# vxdg init <diskgroup> <-- will initialize the diskgroup w/o any disks e.g. # vxdg init newdg newdg01=c1t4d0s2 Note: This will create / initialize diskgroup 'newdg' and put disk 'newdg01' in it # vxdg init rootdg Note: This will create 'rootdg' without any disks. One cannot create a new diskgroup with more than one disk. That is, when you create a new diskgroup, you have to specify one, and only one, disk: this is the <dm name>=<device name> part. C. Remove Disk From DiskGroup # vxdg -g <diskgroup> rmdisk disk01 D. Destroying a diskgroup, you deport it to nothing: # vxdg deport <diskgroup>

Sun Proprietary & Confidential: Internal Use Only

Page 129

SSE Field Reference Guide
# vxdg deport swapdg

6.0. Storage Software

6.2.4.3 Creating Volumes
A. Simple/Concatination # vxassist -g <diskgroup> make <volname> 50m B. Stripe # vxassist -g <diskgroup> make <volname> 200m layout=stripe disk01 disk02 disk03 C. RAID5 # vxassist -g <diskgroup> make <volname> 200m layout=raid5,nolog disk01 disk02 disk03 # vxassist addlog <volname> D. Mirror # vxassist -g <diskgroup> make <volname> 200m layout=mirror disk01 disk02 # vxassist -g <diskgroup> make <volname> 200m layout=mirror,log E. Mirroring an existing volume # vxassist mirror <volname> F. Mirroring all volumes in a diskgroup # /etc/vx/bin/vxmirror -g <diskgroup> -a G. Resizing a volume # vxassist growto <volname> size # vxassist growby <volname> size # vxassist shrinkto <volname> size # vxassist shrinkby <volname> size H. Removing a Volume # vxvol stop <volname> # vxedit -rm <volname> (removes only volume, leaves plex(s)) # vxedit -rf rm <volname> (recursively removes plex(s) and subdisks) # vxassist remove volume <volname> J. Removing a Mirror or Log from a Volume # vxplex -o rm dis <plexname> K. Moving Subdisks # vxsd mv old_subdisk new_subdisk L. Splitting Subdisks # vxsd -s size split subdiskname newsd1 newsd2 M. Joining Subdisks # vxsd join subdisk1 subdisk2 newsubdisk N. Detach and Attach Plex # vxmend off <plexame> (takes plex offline) # vxplex det <plexname> # vxvol start <volname> (if volume is not ENABLED) # vxmend fix clean <plexname> (if it is not startable) # vxplex att <volname> <plexname> (if plex is not ENABLED) # vxplex att <volname> <plexname> (if volume is ENABLED) # vxmend on <plexname> (if volume is not ENABLED) O. Moving Plexes Sun Proprietary & Confidential: Internal Use Only Page 130

SSE Field Reference Guide
# vxplex mv <orig_plex> <new_plex>

6.0. Storage Software

6.2.4.5 Volume Relayout
A. Add column to a volume # vxassist relayout <volname> ncol=+1 B. Remove a column # vxassist relayout <volname> ncol=-1 C. Relayout to defined number of columns # vxassist relayout <volname> ncol=5 D. Changing stripe-width # vxassist relayout <volname> stwidth=new-width E. Changing stripe-width and Column # vxassist relayout <volname> stwidth=new-width ncol=5 F. RAID5 to striped-mirror # vxassist relayout <volname> layout=stripe-mirror G. Any layout to RAID5 # vxassist relayout <volname> layout=raid5 H. Stripe to concatination # vxassist relayout <volname> layout=nostripe J. Reversing a Relayout # vxrelayout reverse <volname> # vxrelayout -f -g <diskgroup> reverse <volname> K. Check status on Relayout Operation # vxrelayout status <volname>

Sun Proprietary & Confidential: Internal Use Only

Page 131

SSE Field Reference Guide
6.2.5. Troubleshooting Flowchart

6.0. Storage Software

Sun Proprietary & Confidential: Internal Use Only

Page 132

SSE Field Reference Guide

6.0. Storage Software

6.3. Logical Volume Manager
6.3.1. LVM Volume Creation
1. Create the appropriate entries in the /etc/lvm/md.tab file For each partition on your root disk (/, /usr, /var, /opt, /export/home, or any other partition you may have), you must create 3 new metadevices: one for the existing slice, one for the slice on the mirrored disk, and one for the mirror. For example, for slice 0, we'll create the following entries: d10 1 1 /dev/dsk/c0t0d0s0 d20 1 1 /dev/dsk/c1t0d0s0 d0 -m d10 For slice 1, we'll create the following entries: d11 1 1 /dev/dsk/c0t0d0s1 d21 1 1 /dev/dsk/c1t0d0s1 d1 -m d11 2. Create at least 2 state databases (replicas) on unused slices (must allocate space via format) using the metadb command: # metadb -a -f -c 2 c0t0d0s5 c1t0d0s5 It is assumed that you have formatted the second disk exactly like the original root disk. Each corresponding slice on each disk must be the same size. If not, you can run the following commands on the disk that you are designating as your rmirror “to be”: # prtvtoc -h /dev/rdsk/c0t0d0s0 >/tmp/vtoc # fmthard -s /tmp/vtoc /dev/rdsk/c1t0d0s0 For this example, we will be mirroring all the slices on the root disk (c0t0d0) to another equally sized disk (c1t0d0). 3. Run the metainit command to create all the metadevices you have just defined in the md.tab file. If you use the -a option, all the metadevices defined in the md.tab will be created. # metainit -a -f Note: The -f is required because the slices on the root disk are currently mounted. 4. Modify the entries in the /etc/vfstab file to reflect metadevices instead of slices. Start off by making a backup copy of the file: # cp /etc/vfstab /etc/vfstab.prelvm Then, edit the /etc/vfstab file to change each slice to the appropriate metadevice. Do not update the entry for the root filesystem, it will be changed by the metaroot command. Edit the swap, /usr, /var, and any other slices in the same manner. For example, /dev/dsk/c0t0d0s1 /dev/md/dsk/d1 becomes swap swap no no -

Make sure that you change the slice to the main mirror (in this case, d1) and not to the simple submirror (in this case, d11). 5. Run the metaroot command for the metadevice you designated for the root mirror. In the example above, we created d0 to be the mirror device for the root partition, so we would run # metaroot d0

Sun Proprietary & Confidential: Internal Use Only

Page 133

SSE Field Reference Guide

6.0. Storage Software

6. For Solstice DiskSuite versions 4.1 or greater and Solaris 9 LVM it is necessary to lock filesystems before rebooting, so run # lockfs -fa 7. Reboot the system. Do not proceed without rebooting your system, or data corruption will occur. 8. After the system has rebooted, you can verify that root and other slices are under DiskSuite's control by running the following commands (The outputs of these commands should reflect the metadevice names, not the slice names): # df -k # swap -l 9. Set the dump device to the correct device, using the command # dumpadm -d swap Verify that the dump device is set correctly to swap by running the command # dumpadm 10. Lastly, attach the second submirror to the metamirror device. This attachment, using the metattach command, must be done for each partition on the disk, and will start the syncing of data from the current root disk to the other. To continue our example, to add the mirror for root, enter the command: # metattach d0 d20 Even though this command returns to the shell prompt immediately, the syncing process has begun. To follow the progress of this syncing for this mirror, enter the command # metastat d0 Although you can run all the metattach commands one right after another, it is a good idea to run the next metattach command only after the first syncing has completed. This reduces the amount of head movement on the disk and can speed up the total time it takes to mirror all the slices on the disk. Once you have attached all the submirrors to the metamirrors, and all the syncing has completed, your root disk is mirrored.

6.3.2. LVM Mirroring of root
You must take a few extra steps to mirror the root partition # metainit -f d1 1 1 c0t3d0s0 <-- the root partition # metainit d0 -m d1 # metaroot d0 Note: the metaroot command updates /etc/system and /etc/vfstab so that the device /dev/md/dsk/d0 is now the root device. # reboot you must reboot with a one-way mirror. : Do not create a 2 way mirror before rebooting otherwise the system will crash because of the round robin manner in which data is read. # metainit d2 1 1 c0t4d0s0 # metattach d0 d2 Now d2 is attached and data is mirrored on d1 and d2. Note : this procedure mirrors only /, if you want to mirror the whole system disk, remember to mirror the swap slice and all other slices where a file system is installed. In this case, remember that metaroot command only modifies / in vfstab, so you have to manually edit other system disk entries in /etc/vfstab to put metadevice paths before rebooting.

Sun Proprietary & Confidential: Internal Use Only

Page 134

SSE Field Reference Guide

6.0. Storage Software

6.3.3. Unencapsulating Root
NOTE: In order to restore the machine exactly the way it was, it is necessary to have a record of the locations of the state databases, and also the configuration of the metadevices. These are *not* held in user-readable form on the root filesystem, so it is useful to get the information BEFORE a crash with the commands: # metadb -i This command shows the condition and location of DiskSuite's state database replicas. It is useful to have this information in case their recreation is necessary. # metastat -p > /etc/opt/SUNWmd/md.tab.<date> You will redirect this output to a file for safekeeping. Check the md.tab file prior to overwriting it, though. If a valid one exists, redirect the metastat -p to another filename and run a 'diff' on it to check for inconsistencies. The metastat -p, however, will reflect the most current, known, configuration. Of course, you will need to create a new root disk and restore the last full backup to that new disk. It is expected that you will partition the disk in much the same manner as you had it before. Remember that if there was a small partition on your original disk for a state replica that you do the same thing for this disk. Once the disk has been created, restore your root filesystems from backups. However, before attempting to boot the system after the restore, we must make some necessary changes to let Solaris know that the root disk is no longer mirrored. To do this, the /etc/system and the /etc/vfstab files must be modified. 1) Boot cdrom, and mount the root filesystem to /a. ok> boot cdrom -s # mount /dev/dsk/c#t#d#s# /a 2) Restore the root filesystem from backup tape into /a and initialize the boot block using # installboot /usr/platform/<arch>/lib/fs/ufs/bootblk /dev/rdsk/c#t#d#s# 3) Mount and restore any other critical filesystems such as /usr /var /opt etc. 4) If the replacement machine does not have it disks connected via the same paths as the original then you may have to follow the procedure documented in SRDB 15010 to rebuild the /devices and /dev structures. 5) vi /a/etc/system Remove ALL lines between the "MDD root info" lines as well as those between the "MDD database info" lines. In the following example file, all these lines would be removed from the file: ------------------------------------------------------------* Begin MDD root info (do not edit) forceload: misc/md_trans forceload: misc/md_raid forceload: misc/md_hotspares forceload: misc/md_stripe forceload: misc/md_mirror forceload: drv/sd forceload: drv/esp forceload: drv/espdma forceload: drv/sbus forceload: drv/iommu rootdev:/pseudo/md@0:0,3,blk * End MDD root info (do not edit) * Begin MDD database info (do not edit) set md:mddb_bootlist1="sd:14:16 sd:15:16" * End MDD database info (do not edit) ------------------------------------------------------------Sun Proprietary & Confidential: Internal Use Only Page 135

SSE Field Reference Guide
6) vi /a/etc/vfstab

6.0. Storage Software

Change all metadevices for the root filesystems (root, usr, var, and opt) back to regular slices (/dev/dsk/c#t#d#s#). Comment out all the other metadevices for the time being. For example: ** EXAMPLE FILE BEFORE: --------------------------------------------------------------------------------#device device mount FS fsck mount mount #to mount to fsck point type pass at boot options /proc /proc proc no fd /dev/fd fd no swap /tmp tmpfs yes /dev/md/dsk/d1 swap no /dev/md/dsk/d0 /dev/md/rdsk/d0 / ufs 1 no /dev/md/dsk/d2 /dev/md/rdsk/d2 /usr ufs 1 no /dev/md/dsk/d3 /dev/md/rdsk/d3 /var ufs 2 yes /dev/md/dsk/d4 /dev/md/rdsk/d4 /opt ufs 2 yes /dev/md/dsk/d5 /dev/md/rdsk/d5 /export/home ufs 3 yes quota /dev/md/dsk/d6 /dev/md/rdsk/d6 /export/home1 ufs 3 yes quota --------------------------------------------------------------------------** EXAMPLE FILE AFTER: --------------------------------------------------------------------------------#device device mount FS fsck mount mount #to mount to fsck point type pass at boot options /proc /proc proc no fd /dev/fd fd no swap /tmp tmpfs yes /dev/dsk/c0t0d0s1 swap no /dev/dsk/c0t0d0s0 /dev/rdsk/c0t0d0s0 / ufs 1 no /dev/dsk/c0t0d0s6 /dev/rdsk/c0t0d0s6 /usr ufs 1 no /dev/dsk/c0t0d0s7 /dev/rdsk/c0t0d0s7 /var ufs 2 yes /dev/dsk/c0t0d0s4 /dev/rdsk/c0t0d0s4 /opt ufs 2 yes #/dev/md/dsk/d5 /dev/md/rdsk/d5 /export/home ufs 3 yes quota #/dev/md/dsk/d6 /dev/md/rdsk/d6 /export/home1 ufs 3 yes quota --------------------------------------------------------------------------------7) Remove all lines (except for the 2 comment lines at the top) from the "mddb.cf" file. This file exists either in the /etc/opt/SUNWmd or /etc/lvm directory, depending on the version of DiskSuite you are running. 8) Boot the system from the newly restored boot disk. When the system comes up, only root (and /usr, /var, and /opt, if they exist) will be mounted using the slices on the new root disk. 9) Re-add the state databases with the 'metadb' command. Use the output of the 'metadb' command you saved to get the locations. # metadb -a -f <location1> # metadb -a -f <location2> # metadb -a -f <location3> 10) Recreate the "md.tab" file from the 'metastat' output you saved, Make sure that all mirrors are one-way mirrors and all RAID5 devices contain the "-k" option. For the boot disk, ensure that the one-way mirrors refer to the side which has been restored. Make sure the order is correct so that mirrors aren't created until the submirrors already exist. See below the necessary changes that must be made to ensure one-way mirrors are used. The "md.tab" file exists either in the /etc/opt/SUNWmd or /etc/lvm directory, depending on the version of DiskSuite you are running. For example:

Sun Proprietary & Confidential: Internal Use Only

Page 136

SSE Field Reference Guide

6.0. Storage Software

** EXAMPLE FILE BEFORE (md.tab): ------------------------------------------------d0 -m d10 d20 <-- see the two-way mirror! d10 1 1 c0t0d0s0 d20 1 1 c1t0d0s0 d1 -m d11 d21 d11 1 1 c0t0d0s1 d21 1 1 c1t0d0s1 d2 -m d12 d22 d12 1 1 c0t0d0s6 d22 1 1 c1t0d0s6 ** EXAMPLE FILE AFTER: ------------------------------------------------d10 1 1 c0t0d0s0 d20 1 1 c1t0d0s0 d0 -m d10 <-- see the one-way mirror! d11 1 1 c0t0d0s1 d21 1 1 c1t0d0s1 d1 -m d11 d12 1 1 c0t0d0s6 d22 1 1 c1t0d0s6 d2 -m d12 ------------------------------------------------11) Run the 'metainit' command to create all the metadevices that are listed in the "md.tab" file. # metainit -f -a 12) Run the 'metaroot' command to set the metadevice as a root device. # metaroot d0 13) Add in the other metadevices into the /etc/vfstab file for the other filesystems. that you created in step 7. 14 Reboot. # init 6 15) Attach all the “second mirrors” to all the mirrored metadevices. For example: # metattach d0 d20

Sun Proprietary & Confidential: Internal Use Only

Page 137

SSE Field Reference Guide

6.0. Storage Software

6.3.4. Replacing a bad disk
In this example, a Netra[TM] t 1400 Server has only one SCSI controller, with 4 disks. SVM is used to mirror both the root and the swap devices between c0t0d0 and c0t2d0. The disk c0t2d0 is failing and needs to be replaced. Here is the 'format' display before the submirror disk replacement: # format AVAILABLE DISK SELECTIONS: 0. c0t0d0 <SUN18G cyl 7506 alt /pci@1f,4000/scsi@3/sd@0,0 1. c0t1d0 <SUN18G cyl 7506 alt /pci@1f,4000/scsi@3/sd@1,0 2. c0t2d0 <SUN18G cyl 7506 alt /pci@1f,4000/scsi@3/sd@2,0 3. c0t3d0 <SUN18G cyl 7506 alt /pci@1f,4000/scsi@3/sd@3,0 Here is the 'cfgadm' display for controller c0: # cfgadm -al Ap_Id c0 c0::dsk/c0t0d0 c0::dsk/c0t1d0 c0::dsk/c0t2d0 c0::dsk/c0t3d0 Type scsi-bus disk disk disk disk Receptacle connected connected connected connected connected Occupant configured configured configured configured configured Condition unknown unknown unknown unknown unknown

2 hd 19 sec 248> 2 hd 19 sec 248> 2 hd 19 sec 248> 2 hd 19 sec 248>

Here is the output of the 'metadb' command, showing the locations of the SVM database replicas. There is one on each disk. # metadb flags a a a a first blk 16 16 16 16 block count 8192 8192 8192 8192

u u u u

/dev/dsk/c0t0d0s7 /dev/dsk/c0t1d0s7 /dev/dsk/c0t2d0s7 /dev/dsk/c0t3d0s7

Here is the SVM configuration before the submirror disk replacement. Note: The DevID information is at the bottom. # metastat d0: Mirror Submirror 0: d10 State: Okay Submirror 1: d20 State: Needs maintenance Pass: 1 Read option: roundrobin (default) Write option: parallel (default) Size: 6295232 blocks (3.0 GB) d10: Submirror of d0 State: Okay Size: 6295232 blocks (3.0 GB) Stripe 0: Device Start Block Dbase c0t0d0s0 0 No d20: Submirror of d0 State: Needs maintenance Sun Proprietary & Confidential: Internal Use Only

State Reloc Hot Spare Okay Yes

Page 138

SSE Field Reference Guide

6.0. Storage Software

Invoke: metareplace d20 c0t2d0s0 <new device> Size: 6295232 blocks (3.0 GB) Stripe 0: Device Start Block Dbase State Reloc Hot Spare c0t2d0s0 0 No Maintenance Yes d1: Mirror Submirror 0: d11 State: Okay Submirror 1: d21 State: Needs maintenance Pass: 1 Read option: roundrobin (default) Write option: parallel (default) Size: 2101552 blocks (1.0 GB) d11: Submirror of d1 State: Okay Size: 2101552 blocks (1.0 GB) Stripe 0: Device Start Block Dbase State Reloc Hot Spare c0t0d0s1 0 No Okay Yes d21: Submirror of d1 State: Needs maintenance Invoke: metareplace d21 c0t2d0s1 <new device> Size: 2101552 blocks (1.0 GB) Stripe 0: Device Start Block Dbase State Reloc Hot Spare c0t2d0s1 0 No Maintenance Yes Device Relocation Information: Device Reloc Device ID c0t2d0 Yes id1,sd@SFUJITSU_MAG3182L_SUN18G_00526202____ c0t0d0 Yes id1,sd@SSEAGATE_ST318203LSUN18G_LR795377000010210UN3 Since c0t2d0 is the drive that needs to be replaced, use 'metadetach' and 'metaclear' to detach and remove the bad submirrors from that disk. # metadetach -f d0 d20 d0: submirror d20 is detached # metadetach -f d1 d21 d1: submirror d21 is detached # metaclear d20 d20: Concat/Stripe is cleared # metaclear d21 d21: Concat/Stripe is cleared Here is the 'metastat' output after detaching and removing d20 and d21: # metastat d0: Mirror Submirror 0: d10 State: Okay Pass: 1 Read option: roundrobin (default) Write option: parallel (default) Size: 6295232 blocks (3.0 GB) Sun Proprietary & Confidential: Internal Use Only Page 139

SSE Field Reference Guide

6.0. Storage Software

d10: Submirror of d0 State: Okay Size: 6295232 blocks (3.0 GB) Stripe 0: Device Start Block Dbase State Reloc Hot Spare c0t0d0s0 0 No Okay Yes d1: Mirror Submirror 0: d11 State: Okay Pass: 1 Read option: roundrobin (default) Write option: parallel (default) Size: 2101552 blocks (1.0 GB) d11: Submirror of d1 State: Okay Size: 2101552 blocks (1.0 GB) Stripe 0: Device Start Block Dbase State Reloc Hot Spare c0t0d0s1 0 No Okay Yes Device Relocation Information: Device Reloc Device ID c0t2d0 Yes id1,sd@SFUJITSU_MAG3182L_SUN18G_00526202____ c0t0d0 Yes id1,sd@SSEAGATE_ST318203LSUN18G_LR795377000010210UN3 Since there is a replica on the disk to be removed, remove it using: # metadb -d c0t2d0s7 Next, remove the failed disk from the system using: # cfgadm -c unconfigure c0::dsk/c0t2d0 Physically replace the disk!!! After the disk has been physically replaced, use the 'cfgadm' command to configure the new disk: # cfgadm -c configure c0::dsk/c0t2d0 and then confirm that the new disk has been configured: # cfgadm -al Ap_Id c0 c0::dsk/c0t0d0 c0::dsk/c0t1d0 c0::dsk/c0t2d0 c0::dsk/c0t3d0 Type scsi-bus disk disk disk disk Receptacle connected connected connected connected connected Occupant configured configured configured configured configured Condition unknown unknown unknown unknown unknown

Then run 'format' to put the appropriate partition table onto the disk. # format Note: the steps to create a valid partition table have been left out for brevity. Run 'metadevadm' to update the SVM database with the new DevID information. Here can be seen, the old DevID and the new DevID. # metadevadm -u c0t2d0 Updating Solaris Volume Manager device relocation information for c0t2d0 Old device reloc information: id1,sd@SFUJITSU_MAG3182L_SUN18G_00526202____ Sun Proprietary & Confidential: Internal Use Only Page 140

SSE Field Reference Guide

6.0. Storage Software

New device reloc information: id1,sd@SSEAGATE_ST318203LSUN18G_LR7943000000W70708e0 Run 'metadb' to recreate the replica that we removed from the disk: # metadb -a c0t2d0s7 and run 'metainit' to recreate the metadevices that were previously removed, and 'metattach' to reattach them to their respective mirrors. # metainit d20 1 1 c0t2d0s0 d20: Concat/Stripe is setup # metainit d21 1 1 c0t2d0s1 d21: Concat/Stripe is setup # metattach d0 d20 d0: submirror d20 is attached # metattach d1 d21 d1: submirror d21 is attached Running a 'metastat' command now will show the NEW DeviceID for disk c0t2d0: # metastat d0: Mirror Submirror 0: d10 State: Okay Submirror 1: d20 State: Okay Pass: 1 Read option: roundrobin (default) Write option: parallel (default) Size: 6295232 blocks (3.0 GB) d10: Submirror of d0 State: Okay Size: 6295232 blocks (3.0 GB) Stripe 0: Device Start Block Dbase c0t0d0s0 0 No d20: Submirror of d0 State: Okay Size: 6295232 blocks (3.0 GB) Stripe 0: Device Start Block Dbase c0t2d0s0 0 No d1: Mirror Submirror 0: d11 State: Okay Submirror 1: d21 State: Okay Pass: 1 Read option: roundrobin (default) Write option: parallel (default) Size: 2101552 blocks (1.0 GB) d11: Submirror of d1

State Reloc Hot Spare Okay Yes

State Reloc Hot Spare Okay Yes

Sun Proprietary & Confidential: Internal Use Only

Page 141

SSE Field Reference Guide

6.0. Storage Software

State: Okay Size: 2101552 blocks (1.0 GB) Stripe 0: Device Start Block Dbase State Reloc Hot Spare c0t0d0s1 0 No Okay Yes d21: Submirror of d1 State: Okay Size: 2101552 blocks (1.0 GB) Stripe 0: Device Start Block Dbase State Reloc Hot Spare c0t2d0s1 0 No Okay Yes Device Relocation Information: Device Reloc Device ID c0t0d0 Yes id1,sd@SFUJITSU_MAG3182L_SUN18G_00526873____ c0t2d0 Yes id1,sd@SSEAGATE_ST318203LSUN18G_LR7943000000W70708e0 After the new disk is attached to the mirror disk, it will be resynchronized. Once the resynchronization process is completed, the mirror disk will be back to fully redundant mode.

6.3.5. Command Line Procedures
6.3.5.1 METADEVICE CREATION SAMPLES Creating State Databases # metadb -a -f -c 2 c1t1d0s0 c2t1d0s0 Note: the -c 2 adds 2 copies on the same slice the -f is for 'force' and is only required if there are currently less than 3 replicas. Creating a Concatenated Volume # metainit d1 3 1 c1t2d0s0 1 c2t2d0s0 1 c3t0d0s0 Creating a Striped Volume # metainit d2 1 3 c1t3d0s0 c2t3d0s0 c3t3d0s0 Creating a Mirrored Volume (other than /) # metainit d3 1 1 c1t4d0s0 # metainit d4 1 1 c2t4d0s0 # metainit d5 -m d3 # metattach d5 d4 Creating a Mirrored, Striped Volume # metainit d10 1 3 c1t3d0s0 c2t3d0s0 c3t3d0s0 # metainit d11 1 3 c4t3d0s0 c5t3d0s0 c6t3d0s0 # metainit d12 -m d10 # metattach d12 d11 Creating a Raid5 Volume # metainit d20 -r c4t5d0s0 c5t5d0s0 c6t5d0s0 6.3.5.2 GROWING A FILESYSTEM # metainit d0 3 1 c1t1d0s0 1 c2t1d0s0 1 c3t1d0s0 (creates 3 disk concat) # newfs /dev/md/rdsk/d0 # mount /dev/md/dsk/d0 /directory

Sun Proprietary & Confidential: Internal Use Only

Page 142

SSE Field Reference Guide
# metattach -a d0 c4t1d0s0 # growfs -M /directory /dev/md/rdsk/d0 NOTE: If the filesystem already exists, only the last 2 steps are needed. 6.3.5.3 md.tab ENTRY EXAMPLES: a) Concatenation: d0 2 1 c0t0d0s2 1 c0t1d0s2 (up to 6 disks) b) Stripe: d0 1 3 c0t0d0s0 c1t0d0s0 c2t0d0s0 (up to 6 disks) c) Mirror: d0 -m d1 d2 (up to 3 disks) d) Hotspares: hsp001 c3t0d0s0 c3t1d0s0 c3t2d0s0 (up to 999 hsp's allowed) e) Raid5: d20 -r c0t1d0s0 c1t1d0s0 c2t1d0s0 (up to 6 disks) f) Trans Device: d21 -t c1t1d0s0 c2t0d0s0 (assigned as master log) G) Assign a hotspare: d1 1 1 c0t0d0s2 -h hsp001

6.0. Storage Software

6.3.6. Command Reference
· · · · · · · · · · · · · · ·

metaclear - delete active metadevices and hot spare pools metahs - manage hot spares and hot spare pools metaonline - place submirrors online metareplace - enable or replace components of submirrors or RAID5 metadevices metastat - display status for metadevice or hot spare pool metadb - create and delete replicas of the metadevice state database metainit - configure metadevices metaparam - modify parameters of metadevices metaroot - setup system files for root (/) metadevice metasync - handle metadevice resync during reboot metadetach - detach metadevice to or from a mirror or trans metaoffline - place submirrors offline metarename - rename metadevice or switch layered metadevice names metaset - configure shared disksets metattach - attach metadevice to or from a mirror or trans

Sun Proprietary & Confidential: Internal Use Only

Page 143

SSE Field Reference Guide

6.0. Storage Software

6.4. StorADE
6.4.1 Installation
1) Install the package and patch. The StorADE package and patch are available on the EIS CD or they can be downloaded, (http://sunsolve.sun.com): # unzip the binaries # cd <install-dir> # ./install Apply patches For StorADE: # patchadd 117650-xx # patchadd 117654-xx 2) Initialize the configuration as master: # /opt/SUNWstade/bin/ras_install 3) Edit the /etc/deviceIP.conf file and add the array (including the array type: <ip-address> <array-name> <array-type> Example: 10.0.0.10 myarray 3511 4) Note the "ras" user does not exist anymore. A new role and user must be created. Create sa_admin user role: # roleadd -c "SA Role" -s /bin/pfcsh -A "solaris.*" -P "All" sa_admin 5) Assign password to this role: # passwd sa_admin New Password:****** Re-enter new Password: ****** passwd: password successfully changed for sa_admin 6) Create new user with the new role. In this example, we will create a user named admin # useradd -c "SA Admin" -s /bin/csh -R sa_admin -A "solaris.*" admin 7) Assign password to this new user: # passwd admin New Password:****** Re-enter new Password:****** passwd: password successfully changed for admin

6.4.2 Accessing StorADE
1) Access StorADE via browser (Mozilla 1.4 or above, Netscape 7, I.E 5.X or I.E. 6.X) https://<IP or hostname of the Mgt Host>:6789 Enter the user name (in this case, admin) Enter the password for user admin Pick the role for the user from the scroll menu (in this case, sa_admin) Enter the password for the role sa_admin 2) After logging in, enter site information and click "Save" 3) Then go to "Inventory" and start discover the device with either "Out-Of-Band" or "In-Band" method.

Sun Proprietary & Confidential: Internal Use Only

Page 144

SSE Field Reference Guide

7.0. SunCluster

7.0. SunCluster
7.1. SunCluster 2.x
7.1.1. Command Reference
abort partition Same as scadmin stopnode... Use scadmin stopnode command ccdadm <clustname> -p ccd.database.ssa - creates a ccd.database.pure file for recovery use -r ccd.database.pure - restores to ccd.database file -v verify consistancy of the dynamic copy of ccd.database -x convert the candidate file to a CCD database. Or verifies the CCD file. ccp Command used to run the cluster control panel software on the admin workstation # ccp clustername & cconsole Command used to start up the cluster console on the admin W/S # cconsole get_node_status Command used to get the status of a node (also can use hastat and scconf clustername - p commands) # get_node_status haswitch Switch logical host to another node (will start the reconfiguration) # haswitch nodename hastat Will give you the status of the cluster, will lie if private network is down. You can run it in the common window to get all views # hastat (- m 0 skip messages) hareg registers data service with HA and associate the given logical host. # hareg - s - r dataservice - h logicalhost # hareg - y dataservicename (to turn on a dataservice) # hareg (to verify a service is turned on) pnmset Command to create PNM NAFO groups (on each node) for the public network interfaces to be used for the NFS data service. # opt/SUNWpnm/bin/pnmset (follow interactive install) pnmstat - l Command lists the /etc/pnmconfig file (to set up NAFO groups) scadmin startcluster The first node into the cluster must enter with the 'cluster ' switch. # scadmin startcluster nodename clustername scadmin startnode All remaining nodes can join the cluster with the startnode switch # scadmin startnode scadmin stopnode To remove your node from the cluster use the stopnode switch. (do this before init or shutdown commands) # scadmin stopnode scadmin switch Switch logical host to another node (will start the reconfiguration) same as haswitch command # scadmin switch nodename scconf Command used to configure cluster parameters (many, use MAN) # scconf - F (creates admin filesystem, each node) # scconf - L (for logical hosts) (one node, diskset) # scconf - q (for quoram device) # scconf -N (to change a node ethernet address ) scdidadmn Command to initialize the Disk ID psudo driver (SDS install only) builds a file with paths from each node to disks # scdidadm - r (on node 0 to initialize) # scdidadm - l (L) (verify DID configuration) scinstall Installation command for Sun Cluster from CD scmgr Command to start Sun Cluster manager (cluster monitor) (set DISPLAY) # /opt/SUNWcluster/bin/scmgr nodename & xhost Command on admin W/S to allow all xhost connections from cluster nodes (graphics) # /usr/openwin/xhost +

Sun Proprietary & Confidential: Internal Use Only

Page 145

SSE Field Reference Guide

7.0. SunCluster

7.1.2. Cluster 2.x Files:
/etc/opt/SUNWcluster/conf/clustername.cdb Contains Install info, flat file use more command to view. /etc/opt/SUNWcluster/conf/ccd.database Contains cluster database, viewed by scconf, scadmin commands. If you have to restore this file to a 'bad' node, you must reboot (file info is kept in memory) /etc/opt/SUNWcluster/conf/hanfs/vfstab.logicalhostname Logical hosts vfstab file /etc/opt/SUNWcluster/conf/hanfs/dfstab.logicalhostname Logical hosts dfstab file (shared filesystems) /etc/clusters Admin W/S file, contains cluster names and node names /etc/serialports Admin W/S file, contains node names and port assignments on the consentrator /etc/pnmconfig Public network file. pnmset command creates, pnmstat - l command will list. /etc/hosts You must enter logical host name and IP. /etc/name_to_major vxio must have the same number on both nodes to switch nfs logical host (unencapsulate first, change number) /opt/SUNWcluster/bin Most SC2.2 commands are located in this directory /var/opt/SUNWcluster Cluster error messages are located in this directory /var/adm/messages

Sun Proprietary & Confidential: Internal Use Only

Page 146

SSE Field Reference Guide

7.0. SunCluster

7.2. SunCluster 3.x
7.2.1. Command Reference:
pgre - PGRe SCSI-3 PGR Emulation keys maintenance utility Syntax: /usr/cluster/lib/sc/pgre -c [option] -z [disk_path] where option is: pgre_scrub - Remove all the keys and reservations stored in the PGRe region of the device. pgre_inkeys - List all the keys stored in the PGRe region of the device. pgre_inresv - List the key that has the PGRe reservation on the device scdidadm - disk ID configuration and administration utility wrapper scrgadm - manage registration of resource types and activation of resources within a resource group scconf - update the Sun Cluster software configuration scswitch - perform ownership/state change of resource groups and disk device groups # scswitch -z -D cluster_dg -h node0 scsetup - interactive cluster configuration tool scinstall - install Sun Cluster software and initialize new cluster nodes sccheck - check and validate Sun Cluster configurations scstat - monitoring the status of Sun Cluster (like hastat) scgdevs - global device namespace administration scshutdown - shutdown entire cluster (run from 1 node, shuts down all nodes). clinfo - reports: on whether node is in cluster, node # or max nodes in cluster scdsbuilder - invokes the SunPlex Agent Builder scdscreate - create a resource type template scdsconfig - configure resource type template scvxinstall - installs Veritas Volume Manager, disables DMP, and optionally encapsulates root pnmset - Set up and update the configuration for PNM (Public Network Management) pnmstat - Report status for NAFO (Network Adapter Failover) backup groups being monitored by PNM pnmrtop - Map real adapter name to pseudo adapter name in NAFO backup group pnmptor - Map pseudo adapter name to real adapter name in NAFO backup group ccp - the Sun Cluster System Cluster Control Panel GUI cconsole - multi window, multi machine remote console crlogin - multi window, multi machine remote login ctelnet - multi window, multi machine remote telnet Diagnostic Tool Kit Commands · /usr/cluster/dtk/bin/cmm_ct -g - cluster membership control · /usr/cluster/lib/sc/ccradm - CCR files administration command · /usr/cluster/lib/sc/chkinfr - validate infrastructure file contents · /usr/cluster/dtk/bin/dcs_config - query DCS · /usr/cluster/dtk/bin/ddb - dump debug buffers · /usr/cluster/dtk/bin/orbadmin - display ORB state · /usr/cluster/dtk/bin/replctl - interface to the replica manager · /usr/cluster/lib/sc/scsi - query and clear SCSI reservations · /usr/cluster/lib/sc/rgmd_debug - RGM daemon debugging · /usr/cluster/dtk/bin/print_net_state - print networking state

Sun Proprietary & Confidential: Internal Use Only

Page 147

SSE Field Reference Guide

7.0. SunCluster

7.2.2. Agent Configuration
7.2.2.1 HA-NFS
A. Prework ON ALL Physical-Nodes 1. Install the HA-NfS Packages for SC3.x # cd <cd-image>/SunCluster_HA_NFS_3.1/Packages # pkgadd -d . 2. Create a global-FS by adding e.g. the following to /etc/vfstab /dev/vx/dsk/nfs-dg/vol01 /dev/vx/rdsk/nfs-dg/vol01 /global/nfsvol01 ufs 2 yes global,logging 3. Create mount point # mkdir /global/nfsvol01 B. Prework ON ONE PHYS-NODE (since those steps affect the Global FS) 1. Mount the global FS # mount -g /global/nfsvol01 2. Create /global/nfsvol01/SUNW.nfs # mkdir -p /global/nfsvol01/SUNW.nfs # mkdir -p /global/nfsvol01/data 3. Update the /global/nfsvol01/SUNW.nfs/dfstab.nfsvol01-res share -F nfs -o rw,anon=0 /global/nfsvol01/data 4. Register the NfS resource type only if it is the first time you will use SUNW.nfs Run on ONE phys. cluster-node ONLY # scrgadm -a -t SUNW.nfs 5. Create a resource-group with a logical hostname resource e.g. nfs-rg and a global mount point /global/nfsvol01 Run on ONE phys. cluster-node ONLY # scrgadm -a -g nfs-rg -y Pathprefix=/global/nfsvol01 6. Add a logical hostname resource nfs-logical to the resource group nfs-rg Run on ONE phys. cluster-node ONLY # scrgadm -a -L -g nfs-rg -l sc??-nfs-log Note: Make sure that the logical hostname is in every client's /etc/hosts 7. Create an NfS-resource in the failover resource group Run on ONE phys. cluster-node ONLY # scrgadm -a -j nfsvol01-res -g nfs-rg -t SUNW.nfs 8. Enable the resource and the resource monitor Run on ONE phys. cluster-node ONLY # scswitch -Z -g nfs-rg

Sun Proprietary & Confidential: Internal Use Only

Page 148

SSE Field Reference Guide
9. Create a HAStorage-resource HAStorage-rg1 Run on ONE phys. cluster-node ONLY

7.0. SunCluster

# scrgadm -a -t SUNW.HAStorage # scrgadm -a -g nfs-rg -j HAStorage-res1 -t SUNW.HAStorage -x AffinityOn=True -x ServicePaths=/global/nfsvol01 # scswitch -e -j HAStorage-res1 # scrgadm -c -j nfsvol01-res -y Resource_dependencies=HAStorage-res1 C. Test HA-NfS on some other client # mount sc??-nfs-log:/global/nfsvol01/data /mnt # cd /mnt # touch me # rm me D. Destroy a HA-NfS by destroying the corresponding RG 1. Put the disk resource into an unmanaged state # scswitch -n -j nfs-res 2. Remove the disk resource # scrgadm -r -j nfs-res 3. Put the Logical Hostname resource into an unmanaged state # scswitch -n -j sc??-nfs-log 4. Remove the Logical Hostname resource # scrgadm -r -j sc??-nfs-log 5. Remove the empty resource group # scrgadm -r -g nfs-rg

Sun Proprietary & Confidential: Internal Use Only

Page 149

SSE Field Reference Guide 7.2.2.2 HA-Oracle
Prework ON ALL PHYS-NODEs 1. Make sure that listener.ora and tnsnames.ora exist in /var/opt/oracle oracle$ ls listener.ora tnsnames.ora

7.0. SunCluster

2. If they do not exist, copy the the listener.ora and tnsnames.ora to /var/opt/oracle oracle$ cd $ORACLE_HOME/network/admin oracle$ ls listener.ora samples shrept.lst sqlnet.ora tnsnames.ora oracle$ cp listener.ora /var/opt/oracle/ oracle$ cp tnsnames.ora /var/opt/oracle/ 3. Modify the listener.ora and tnsnames.ora as described on page 6-59 and 6-60 of the Suncluster particant Guide 4. Install the packages for HA-Oracle # cd <cd-image>/SunCluster_HA_Oracle_3.0/Packages # pkgadd -d . 5. install Patches Prework ON ONE PHYS-NODE 1. Register the Oracle-server RT and Oracle-listener RT # scrgadm -a -t SUNW.oracle_server # scrgadm -a -t SUNW.oracle_listener 2. Create a failover RG for Oracle # scrgadm -a -g oracle-rg 3. Add a Logical Host Resource to the Oracle-RG # scrgadm -a -L -j oracle-LH -g oracle-rg -l scDEV-log1 4. Add the Oracle-server resource to the Oracle-RG # scrgadm -a -j oracle_server-res -g oracle-rg -t SUNW.oracle_server -x Oracle_sid=C11 -x Oracle_home=/oracle/8.1.6.0.0 -x Alert_log_file=/oracle/8.1.6.0.0/admin/C11/bdump/alert_C11.log -x Parameter_file=/oracle/8.1.6.0.0/admin/C11/pfile/initC11.ora -x Connect_string=sc_fm/sc_fm 5. Add the Oracle-listener resource the Oracle-RG # scrgadm -a -j oracle_listener-res -g oracle-rg -t SUNW.oracle_listener -x Oracle_home=/oracle/8.1.6.0.0 -x Listener_name=LISTENER 6. Enable all resourece in the Oracle-RG and put them into a managed state # scswitch -Z -g oracle-rg

Sun Proprietary & Confidential: Internal Use Only

Page 150

SSE Field Reference Guide 7.2.2.3 HA-Apache
Prework · verify that the Apache packages are installed on all phys. nodes # pkginfo |grep SUNWap system SUNWapchd Apache Web Server Documentation system SUNWapchr Apache Web Server (root) system SUNWapchu Apache Web Server (usr)
·

7.0. SunCluster

Install the SC3.x Dataservice-Package for Apache # cd <cd-image>SunCluster_HA_Apache_3.0/Packages # pkgadd -d .

·

Set up a global FS to hold the apache httdocs - the binaries are installed locally on all phys. node # vi /etc/vfstab /dev/vx/dsk/ha-ap/vol01 /dev/vx/rdsk/ha-ap/vol01 /global/haapvol01 ufs 2 yes global,logging # mkdir /global/haapvol01 # mount /global/haapvol01 # mkdir /global/haapvol01/htdocs # cp -r /usr/apache/htdocs/manual/* /global/haapvol01/htdocs/.

·

Edit /global/haapvol01/conf/apache/httpd.conf # mkdir /global/haapvol01/conf # cp /etc/apache/httpd.conf-example /global/haapvol01/conf/httpd.conf # vi /global/haapvol01/conf/httpd.conf # ports < 1023, you will need httpd to be run as root initially. # Port 80 [ ... ] ServerName sc??-apache-log !! has to be the IP adress of the logial host or shared IP-address [ ... ] DocumentRoot "/global/haapvol01/htdocs" [ ... ] # PidFile: The file in which the server should record its process # identification number when it starts. # PidFile /var/run/httpd.pid-sc [ ... ] <Directory /global/haapvol01/htdocs > </Directory>

·

Check apache on all of the phys. nodes # /usr/apache/bin/httpd -f /global/haapvol01/conf/httpd.conf # ps -ef |grep htt From a web browser, http://PHYS-NODE:80 # kill all /usr/apache/bin/httpd

Sun Proprietary & Confidential: Internal Use Only

Page 151

SSE Field Reference Guide

7.0. SunCluster

Registring HA-Apache 1. Register the Apache resource type Run on ONE phys. cluster-node ONLY - this has to done only once for the first Apache service # scrgadm -a -t SUNW.apache 2. Create a failover resource-group to hold the HA-Apache resource Run on ONE phys. cluster-node ONLY # scrgadm -a -g ha-apache-rg 3. Add a Logical Hostname resource to the resource group ha-apache-rg Run on ONE phys. cluster-node ONLY # scrgadm -a -L -g ha-apache-rg -l sc??-apache-log Make sure that the shared address is in every cluster node's and client's /etc/hosts 4. Add an Apache resource to the failover resource group Run on ONE phys. cluster-node ONLY # scrgadm -a -j ha-apache-res -g ha-apache-rg -t SUNW.apache -y Network_resources_used=sc??apache-log -y Scalable=False -y Port_list=80/tcp -x Bin_dir=/usr/apache/bin -x Confdir_list=/global/haapvol01/conf Port_list= Port of the Apache Webserver Bin_dir= Path to the Apache binaries Confdir_list= Path to the httpd.conf Config-file 7. Enable the resource and the resource monitor for the HA-Apache resource group Run on ONE phys. cluster-node ONLY # scswitch -Z -g ha-apache-rg Testing HA-Apache Take a browser and test the URL http://sc??-apache-log:80 Unregistring and deleting HA-Apache Put the HA-Apache resource into an unmanaged state # scswitch -n -j ha-apache-res Remove the HA-Apache resource # scrgadm -r -j ha-apache-res Put the Logical Hostname resource into an unmanaged state # scswitch -n -j sc??-apache-log Remove the Logical Hostname resource # scrgadm -r -j sc??-apache-log Remove the empty resource group # scrgadm -r -g ha-apache-rg

Sun Proprietary & Confidential: Internal Use Only

Page 152

SSE Field Reference Guide

7.0. SunCluster

7.2.3. Recovering a node after OS Crash
Background: a situation occurred where a cluster node crashed and the Operating System was corrupted to a point where a boot in single user mode was not even possible. The system had been backed up with Veritas Netbackup, however restoration of the OS from the backup did not work well. The OS therefore had to be rebuilt from scratch, leaving the node without any cluster related configuration after the new OS was installed. Tested using the following configuration: Systems: 4500 Number of Nodes: 2 OS Release: Solaris 2.8 02/02 kernel patch level 16 Sun Cluster: Cluster 3.0 update 3 Storage: EMC Volume Manager: Veritas Volume Manager 3.2 HA Agent: HA NFS and Oracle OPS NOTE: Have EIS CD's ready for Software and Documentation. Step 1: Install the Operating System as recommended in the EIS installation check list. It is recommended to have the same patch level on both nodes. This may be challenging if the running node is at a very old patch level. Step 2: Install Veritas Volume manager and configure rootdg as it was before. Be sure to reminor the rootdg and keep the disk names as recommended in the EIS check list. Install the Veritas Volume manager specific patches. Do not encapsulate the root disk now - it can be done later. Initialize the root mirror disk and keep the name of the vmdisk unique (i.e. should not be the same as on the running node). Make sure that both nodes have the same major number for vxio and vxspec in /etc/name_to_major file. Step 3: Run scinstall and try to join the existing cluster. Note that scinstall will install all Sun cluster software packages on the node, but the node will not be able to join the cluster. This is because this node name already exist in the cluster configuration, and the cluster will not let it join as a new node again. Step 4: Install all necessary dataservices through the pkgadd command. For example, SUNWnfs for HANFS service. Step 5: Install the patches for cluster framework, as well as for data services. Step 6: Edit the /etc/vfstab file and change the entry for 100MB filesystem mount point entry from /globaldevices to /global/.devices/node@X (X is the node for this cluster node). Create the mount point because it will not exist. Step 7: Copy /etc/inet/ntp.conf.cluster from the running node. Step 8: Copy /etc/nsswitch.conf from the running node. Step 9: Make sure that the /etc/hosts file has entries for all cluster nodes, logical hosts, and other hosts needed for application. Step 10: touch /etc/norouter Step 11: Make sure that /etc/system has all the necessary parameters for database and other applications. Step 12: Make sure that all the shared disks/luns are appearing in the format output on this node. Step 13: Insert DID entry in /etc/name_to_major as it appears in the running node (if it is not there). Make sure that DID has the same major number on both nodes. Step 14: Copy over the /etc/cluster directory from the running node. Change the /etc/cluster/nodeid entry from 2 to 1, or 1 to 2. Step 15: Configure Nafo Group/ IPMP as it was before. Step 16: Reboot the system with boot -r. The system will come up and should be able to join the cluster. However, Sun Proprietary & Confidential: Internal Use Only Page 153

SSE Field Reference Guide
it is going to complain about the DID devices. The following Step will take care of it.

7.0. SunCluster

Step 17: Execute the following commands to take care of DID errors: This will create globaldevices node names for Veritas disks and volumes, and take care of all DID devices as well. #devfsadm -C #scdidadm -C #devfsadm #scdidadm -r #scgdevs -g #/usr/cluster/lib/dcs/scvxvmlg Step 18: Encapsulate the root disk as per the EIS Installation procedure,and mirror the root disk. Step 19: Verify resource group failover between cluster node.

7.2.4. Add a Disk to the Sun Cluster Environment
This procedure shows how to add a disk to the Sun[TM] Cluster 3.x environment and how to create a global filesystem using Veritas Volume Manager. The following procedure is an example of a two node cluster attached to Sun StorEdge[TM] A5x00 array. Depending of the storage there is a different procedure to add the lun or disk to the Solaris[TM]. After adding the disk to Solaris, the procedure is the same for all storage. Procedure: 1) Add the new disk(lun) to the system. To add the disk without rebooting the nodes, run devfsadm on all the nodes. Refer to Infodoc 14818 for additional information on how to add a disk to system without rebooting. 2) Check that the new disk is seen on all nodes by running the format command on each node. node1# format Searching for disks...done AVAILABLE DISK SELECTIONS: .... 13. c0t22d0 <SUN9.0G cyl 4924 alt 2 hd 27 sec 133> /sbus@2,0/SUNW,socal@2,0/sf@1,0/ssd@w22000020372b471a,0 node2# format Searching for disks...done AVAILABLE DISK SELECTIONS: .... 13. c0t22d0 <SUN9.0G cyl 4924 alt 2 hd 27 sec 133> /sbus@2,0/SUNW,socal@d,10000/sf@1,0/ssd@w21000020372b471a,0 3) If all the luns (or disks) are fine, run 'scdidadm -r' on all the nodes to reconfigure DID database. node1# scdidadm -r did instance 2 created. did subpath sp:/dev/rdsk/c0t22d0 created for instance 2. node2# scdidadm -r did subpath /dev/rdsk/c0t22d0s2 created for instance 2.

Sun Proprietary & Confidential: Internal Use Only

Page 154

SSE Field Reference Guide
4) Run 'scgdevs' on all the nodes to add the new devices. node1# scgdevs node2# scgdevs

7.0. SunCluster

5) Check for the new disk in the DID devices with the 'scdidadm -L' command. The output must be the same on both nodes. # scdidadm -L 1 node1:/dev/rdsk/c0t19d0 1 node2:/dev/rdsk/c0t19d0 2 node1:/dev/rdsk/c0t22d0 2 node2:/dev/rdsk/c0t22d0 4 node1:/dev/rdsk/c0t6d0 4 node2:/dev/rdsk/c0t6d0 5 node1:/dev/rdsk/c0t0d0 5 node2:/dev/rdsk/c0t0d0 Cut for brevity ----/dev/did/rdsk/d1 /dev/did/rdsk/d1 /dev/did/rdsk/d2 /dev/did/rdsk/d2 /dev/did/rdsk/d4 /dev/did/rdsk/d4 /dev/did/rdsk/d5 /dev/did/rdsk/d5

-----

6) On all nodes, run 'vxdctl enable' for the Volume Manager database to recognize the new disk. # vxdctl enable 7) Confirm if Volume Manager recognizes the disk. Confirm on both nodes: # vxdisk list DEVICE TYPE c0t0d0s2 sliced c0t1d0s2 sliced c0t2d0s2 sliced c0t4d0s2 sliced c0t17d0s2 sliced c0t18d0s2 sliced c0t20d0s2 sliced c0t22d0s2 sliced c1t1d0s2 sliced DISK disk01 disk02 disk03 disk04 disk05 disk06 disk07 rootdisk_1 GROUP butodg butodg butodg butodg butodg butodg butodg rootdg STATUS online nohotuse online online online online nohotuse online online error online

8) Add the disk to the diskgroup. Run the following command on the node that has the disk group directly imported: node1# vxdiskadm -> option 1 9) Confirm if the disk was added to the diskgroup: # vxdisk list DEVICE TYPE c0t0d0s2 sliced c0t1d0s2 sliced c0t2d0s2 sliced c0t4d0s2 sliced c0t17d0s2 sliced c0t18d0s2 sliced c0t20d0s2 sliced c0t22d0s2 sliced c1t1d0s2 sliced DISK disk01 disk02 disk03 disk04 disk05 disk06 disk07 disk08 rootdisk_1 GROUP butodg butodg butodg butodg butodg butodg butodg butodg rootdg STATUS online nohotuse online online online online nohotuse online online online online

10) Create the volume on the Volume Manager.

Sun Proprietary & Confidential: Internal Use Only

Page 155

SSE Field Reference Guide

7.0. SunCluster

11) Prior to creating the filesystem, run the 'scsetup' to synchronize the new volume to all the nodes: node1# scsetup *** Main Menu *** Please select from one of the following options: 1) 2) 3) 4) 5) 6) 7) Quorum Resource groups Cluster interconnect Device groups and volumes Private hostnames New nodes Other cluster properties

?) Help with menu options q) Quit Option: 4 <---- Select Device groups and volumes option

*** Device Groups Menu *** Please select from one of the following options: 1) 2) 3) 4) 5) 6) Register a VxVM disk group as a device group Synchronize volume information for a VxVM device group Unregister a VxVM device group Add a node to a VxVM device group Remove a node from a VxVM device group Change key properties of a device group

?) Help q) Return to the Main Menu Option: 2 <--- Select Syncronize volume information option

>>> Synchronize Volume Information for a VxVM Device Group <<< VERITAS Volume Manager disk groups are always managed by the cluster as cluster device groups. This option is used to synchronize volume information for a VxVM device group between the VxVM software and the clustering software. It should be selected anytime a volume is either added to or removed from a VxVM disk group. Otherwise, the cluster will be unaware of the changes. Is it okay to continue (yes/no) [yes]? <---- confirm butodg <-- DG

Name of the VxVM device group you want to synchronize? Is it okay to proceed with the update (yes/no) [yes]? scconf -c -D name=butodg,sync

Sun Proprietary & Confidential: Internal Use Only

Page 156

SSE Field Reference Guide
Command completed successfully. Hit ENTER to continue: 11) Create the filesystem. node1# newfs /new 12) Create the mount point on all the nodes, with the same pathname. For example: node1# mkdir /new node2# mkdir /new 14) Add to /etc/vfstab file on both nodes the new global filesystem : For example: /dev/vx/dsk/butodg/newvol yes global,logging /dev/vx/rdsk/butodg/newvol /new ufs 2

7.0. SunCluster

15) After editing the /etc/vfstab, mount the filesystem on the node that has the diskgroup directly imported: node1# mount /new 16) Now you have a global filesystem created that is seen through all the nodes.

7.2.5. Recovering root on RAC/CVM node
In the Sun[TM] Cluster 3.x environment, Real Application Cluster (RAC/Oracle Parallel Server (OPS)) services start automatically at boot unless the RAC framework resource group is registered. When you recover the root (/) filesystem on RAC/OPS and the Cluster Volume Manager (CVM) node, you might have to boot up the system in single-user mode without rootdg. This procedure is described in the "SunCluster 3.x System Administration Guide." However, panic might occur, as in the following example, because CVM cannot run. panic[cpu2]/thread=2a10007dd40: Failfast: Aborting because "ucmmd" died 30 seconds ago. You need to disable RAC/OPS service autostart before rebooting the node in single-user mode. # mv /etc/rc3.d/S30initucmm /etc/rc3.d/s30initucmm After the system is completely recovered (for example, scdidadm -R and vxinstall are done), move the script back to where it was: # mv /etc/rc3.d/s30initucmm /etc/rc3.d/S30initucmm

7.2.6. Reconfiguring Cluster Interconnects
This document is useful when you need to reconfigure the Cluster Transport interfaces, such as when you need to remove an I/O board that has a network interface configured for the Cluster Transport. In this example we are changing the configuration of the interfaces as follows: From: qfe1-qfe5 To: qfe1-qfe2 1) This procedure can be executed with no downtime. But, to do that it requires that there is another active redundant cluster transport interface. To check it run scstat on any node:

Sun Proprietary & Confidential: Internal Use Only

Page 157

SSE Field Reference Guide
node1# # scstat -W -- Cluster Transport Paths -Endpoint -------Transport path: node1:qfe1 Transport path: node1:qfe0

7.0. SunCluster

Endpoint -------node2:qfe5 node2:qfe0

Status -----Path online Path online

2) Run scsetup utility to remove the old interface. This only needs to be done on one node and can be done from either node: node1# scsetup *** Main Menu *** Please select from one of the following options: 1) 2) 3) 4) 5) 6) 7) Quorum Resource groups Cluster interconnect Device groups and volumes Private hostnames New nodes Other cluster properties

?) Help with menu options q) Quit Option: 3 <---- Select option 3

*** Cluster Interconnect Menu *** Please select from one of the following options: 1) 2) 3) 4) 5) 6) 7) 8) Add a transport cable Add a transport adapter to a node Add a transport junction Remove a transport cable Remove a transport adapter from a node Remove a transport junction Enable a transport cable Disable a transport cable

?) Help q) Return to the Main Menu Option: 4 <---- Select option 4

>>> Remove a Cluster Transport Cable <<< This option is used to remove an existing cluster transport cable from the cluster configuration. However, the two endpoints of the cable will remain configured.

Sun Proprietary & Confidential: Internal Use Only

Page 158

SSE Field Reference Guide

7.0. SunCluster

It is very important that you not disable or remove the last remaining healthy connection to an active cluster node. Please check the status of other cables before you proceed. Is it okay to continue (yes/no) [yes]? Each existing cluster transport cable can be identified by naming one of the cable endpoints. Since one of the two endpoints is always attached to a node, you will be asked to supply the node and adapter names of one of the endpoints of the cable you are trying to identify. To which node is the cable attached? node1 <---- Type the name of the node Name of the adapter on "node1"? qfe5 <---- Type the interface to be removed Is it okay to proceed with the update (yes/no) [yes]? <---- Type yes 3) Removed the interface, check if the interface is still configured. You can check it on both nodes: node1# scstat -W -- Cluster Transport Paths -Endpoint -------Transport path: node1:qfe0

Endpoint -------node2:qfe0

Status -----Path online

4) Now configure the new interface, using scsetup. Again this only needs to be done on one node and can be done from either node: *** Cluster Interconnect Menu *** Please select from one of the following options: 1) 2) 3) 4) 5) 6) 7) 8) Add a transport cable Add a transport adapter to a node Add a transport junction Remove a transport cable Remove a transport adapter from a node Remove a transport junction Enable a transport cable Disable a transport cable

?) Help q) Return to the Main Menu Option: 1 <---- Select option 1

>>> Add a Cluster Transport Cable <<< Each cluster transport cable either directly connects two cluster nodes or connects a cluster node to a port on a transport junction. Only two-node clusters may use directly-connected cables; all cables on clusters with more than two nodes must be cabled to junctions. This option is used to add a new cluster transport cable to the cluster configuration. If either of the two endpoints of the cable do not already exist, they will also be added to the configuration. Is it okay to continue (yes/no) [yes]? Since this is a two-node cluster, direct-connect cabling of the transport cables may be supported. Refer to the documentation for your cluster transport adapters for more information on whether or not your hardware supports direct-connect cabling. Some adapter types may require the use of junctions even on two-node clusters. Sun Proprietary & Confidential: Internal Use Only Page 159

SSE Field Reference Guide
Note that direct-connect cabling can complicate the later addition of a third node to the cluster. Are you adding a directly-connected cable (yes/no) [no]? Select y for direct connect. y

7.0. SunCluster

<----

Since the cable you are adding is a direct-connect cable, each cable endpoint must be attached directly to an adapter on each of the two nodes in the cluster. You will be asked to supply the names of both adapters. Name of the adapter to use on "node1"? qfe2 <---- Type the new interface for node1 Name of the adapter to use on "node2"? qfe2 <---- Type the new interface for node2 Is it okay to proceed with the update (yes/no) [yes]? 5) Check if the new configuration is ok. You can run the following command on any node: node1# scstat -W -- Cluster Transport Paths -Endpoint -------Transport path: node1:qfe1 Transport path: node1:qfe0

Endpoint -------node2:qfe2 node2:qfe0

Status -----Path online Path online

6) Now you have properly reconfigured the Cluster Transport Interfaces.

7.2.7. Changing the Oracle Fault Monitor Password
How to modify Oracle fault monitor user password in SunCluster 3.x while not shutting down the Oracle instance Sometimes customers want to change this Oracle user password for security issues in Sun Cluster 3.x environments. When customers change this Oracle user password, then scstat may report that fault monitor can not connect to database which causes the fault monitor to be disabled. Here are the steps to solve this problem: Assume, the Sun Cluster contains two nodes: node0 and node1, the resource group name is test_group, the resource name of Oracle is test_oracle_resource 1. Use scstat to check the cluster states, confirm the cluster status is OK. node0# scstat 2.Use scswitch to stop the fault monitor of oracle server temporary node0# scswitch -n -M -j test_oracle_resource 3. This command will use new oracle user and password to act as fault monitor user. node0# scrgadm -c -j test_oracle_resource -x Connect_string=newuser/newpassword 4. Use scswitch enable the database fault monitor node0# scswitch -e -M -j test_oracle_resource 5. To confirm the modification become effective. node0# scrgadm -pvv | grep Connect_string Note: The above steps do not need shutdown Oracle instance.

Sun Proprietary & Confidential: Internal Use Only

Page 160

SSE Field Reference Guide

7.0. SunCluster

7.2.8. Veritas Upgrade Proecdure
Upgrade of 3.5 to 4.0: Procedure to follow for all cluster nodes, one at a time (rolling upgrade): 0. evacuate the node scswitch -S -h <hostname> 1. reboot -- -sx 2. copy '/var/sadm/install/admin/default' file and change instance=unique to instance=overwrite sed 's/unique/overwrite/g' /var/sadm/install/admin/default > /var/tmp/default (This file used later in procedure) 3. vxdctl stop 4. vxiod -f set 0 5. remove vxvm patches pkginfo|grep VRTS|awk '{print $2}'|xargs -i pkgparam -v {}|grep PATCHLIST patchrm <patch> (in lab testing patch 112392-07 failed to back out. This does not adversely affect the rest of the procedure) 6. remove VRTS packages ( !! EXCEPT VRTSvxvm package !! ) pkginfo | grep VRTS pkgrm <list of packages> 7. add VRTS 4.0 packages pkgadd -d . VRTSvlic pkgadd -a /var/tmp/default -d . VRTSvxvm (This will overwrite the existing packages. It will ask you twice if you are sure. Answer yes both times.) pkgadd -d . VRTSvmdoc VRTSvmman VRTSob VRTSvmpro VRTSfspro VRTSobgui VRTSvmpro 8. add 4.0 license /sbin/vxlicinst 9. install 4.0 patches if install problem due to disk space errors - see Sun Alert 50401 mv /var/sadm/pkg/VRTSvxvm/install/space \ /var/sadm/pkg/VRTSvxvm/install/space.org 10. reboot the node reboot -- -r 11. if error messages on boot: No VVR license installed on the system; vradmind not started. No VVR license installed on the system; in.vxrsyncd not started. then Sun Proprietary & Confidential: Internal Use Only Page 161

SSE Field Reference Guide

7.0. SunCluster

rm /etc/rc2.d/S96vradmind rm /etc/rc2.d/S96vxrsyncd 12. if error message on boot: VOL_SWAP_FLAG_CTL failed: No such device To prevent this message you should use a dedicated dump device. Please refer to SRDB 76392 & Infodoc 50084. 13. Continue - upgrade the remaining cluster nodes following the above described procedure. Disk groups are available to each node post-upgrade. Therefore it is possible to do this upgrade (3.5 - 4.0) as a rolling upgrade. In Lab testing the veritas disks got renamed from fabric_xx to Disk_xx by this upgrade.

Sun Proprietary & Confidential: Internal Use Only

Page 162

SSE Field Reference Guide

8.0. Security

8.0. Security
8.1. Securing Network Services
8.1.1. inetd
The first place to start is to edit the inetd configuration file, /etc/inet/inetd.conf. To prevent inetd from starting a service, the line in the configuration file for that service can either be commented out or deleted entirely. To provide a measure of logging, inetd's startup line in /etc/init.d/inetsvc should have the -t flag added as shown below: /usr/sbin/inetd -s -t & The -t flag causes inetd to trace incoming connections for TCP services. Note that UDP services cannot be traced. The information is logging using the syslog facility level of daemon.notice. By default, this information would be logged to /var/adm/messages. If the system is running ssh (Secure Shell), then the r-* programs (e.g., rsh, rlogin, rexec, etc.) should be disabled. Below, is a list of services in inetd that should be turned off (excluding telnet and ftp) shell login exec comsat talk name uucp tftp finger systat netstat time echo discard daytime chargen sadmind rquotad rusersd sprayd rstatd rwalld rexd ufsd kcms_server cachefsd kerbd in.lpd dtspcd xaudio rpc.cmsd rpc.ttdbserverd Remote Shell Remote Login Remote Execution notification of mail on local host permits users to talk to one another using the talk program support for the obsolete DARPA name server protocol Unix to Unix Copy Trivial File Transfer program provides information about users on a system provides system information to remote clients provides network information to remote systems proivides the date and time prints the incoming data stream discards the incoming data stream support for returning the time of day character generator used by Soltice AdminSuite needed only to show quotas for a user of an NFS filesystem provides information on system users used only for network testing. needed by perfmeter - use xload. allows non-local individuals to post messages to users RPC server for remote program execution only needed if Solstice DiskSuite is installed and used Kodak Color Management Suite needed only if cachefs is being used with NFS needed if Kerberos is being used for system security needed if your machine is running a local BSD print spool used by the desktop to launch remote applications X based audio maintains the information for the Calendar Manager Service ToolTalk Database Server Daemon

Unless an application is installed that requires the services of one of these inetd clients, it is best to disable them completely by either commenting them out of inetd.conf or deleting them and then sending the SIGNUP signal to the inetd process so that it will re-read its configuration file.

Sun Proprietary & Confidential: Internal Use Only

Page 163

SSE Field Reference Guide

8.0. Security

8.1.2. rpc
Services that use RPC invoke the rpcbind program. When a client makes an RPC call to a server, the client first contacts the rpcbind program to find out the address on which the server software is listening. Solaris has many daemons and services that utilize RPC. These include:
· · · · · · · · · · · · · ·

sadmind rquotad rusersd rsprayd rwalld rstatd rexd ufsd kcms_server rpc.cmsd gssd rpc.ttdbserverd rpc.bootparamd cachefsd

All of the above services, except for rpc.bootparamd, are started from inetd.conf. rpc.bootparamd is started from /etc/rc3.d/S15nfs.server and is only necessary if the system is also a boot server. Unless specifically required, the above services can all be commented out of inetd.conf to disable them.

8.1.3. Securing the TCP Stack
Next, is to prevent the use of common scanning tools such as nmap to detect the operating system type. Generally, this is done by tweaking Solaris's TCP/IP stack so that nmap cannot identify it through TCP fingerprinting. Several kernel variables affect the ability of a scan's success. Consider a vanilla Solaris box, that has already been installed, but has had no changes made to the kernel parameters governing the network services. A sample scan of such a system is provided below: # nmap -O 10.1.194.98 Starting nmap V. 2.3BETA12 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/) WARNING: OS didn't match until the 2 try Interesting ports on <hostname_1> (10.1.194.98): Port 7 9 13 19 21 22 23 25 37 111 512 513 514 540 6000 7100 32771 State open open open open open open open open open open open open open open open open open Protocol tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp Service echo discard daytime chargen ftp sshd telnet smtp time sunrpc exec login shell uucp X11 font-service sometimes-rpc5

TCP Sequence Prediction: Class=random positive increments

Sun Proprietary & Confidential: Internal Use Only

Page 164

SSE Field Reference Guide
Difficulty=15402 (Worthy challenge) Remote OS guesses: Solaris 2.6 - 2.7, Solaris 7

8.0. Security

Nmap run completed -- 1 IP address (1 host up) scanned in 14 seconds The services that nmap identifies can be removed either by shutting off the service entirely (as in the case of X11) or removing the service from /etc/inet/inetd.conf. The information to focus on is the "TCP Sequence Prediction" and "Remote OS Guesses" that nmap provides. Nmap classified the TCP Sequence Prediction for the example host as "random positive increments" with a difficulty on the order of 105 (i.e., a worthy challenge). If the attacker knows Solaris well enough, this tells them the host has a setting of TCP_STRONG_ISS=1 (as found in /etc/default/inetinit). This host may be susceptible to a TCP sequence attack, especially since it permits rsh. Fortunately, by tuning TCP/IP kernel parameters, OS fingerprinting can be made much more difficult. 8.1.3.1. TCP/IP Fingerprints nmap and other scanning tools rely on certain unique elements in a TCP/IP stack to identify the operating system. nmap is good enough that it can reliably distinguish between a host running Solaris 2.4 vs. Solaris 2.5-2.51, and Solaris 2.6. The program does this with several techniques: 1. FIN probe -- A FIN packet is sent to an open port, and the response is evaluated. The correct response, defined by RFC 793, is not to respond at all. However, many stack implementations do not adhere to this and return an RST response. 2. TCP Initial Sequence Number (ISN) -- Determining the TCP ISN is crucial if an attacker wants to hijack a session with the target host. ISN generation can be broken down into three categories: 64-K increments, random increments, and truly random increments (RFC 1948 compliant). By default, Solaris installs using "random increments". Given sufficient time, an attacker can collate enough data to guess at the next ISN number that the system will use. 3. Don't Fragment (DF) bit -- Solaris sets this bit by default, regardless of whether it is needed. 4. TCP initial window -- Some operating systems, Solaris included, return a constant window size. 5. TCP Options -- These generally provide the most information. Since they are optional, not all hosts support them, however, if they do, then the host may echo back the options in the response. If the options are echoed back, the values set in the response can be used to identify the operating system. With the above information, it is possible to change some of Solaris's default TCP/IP stack settings, without harming performance and gaining the benefit of hiding the operating system identity from such tools. 8.1.3.2 TCP Maximum Segment Size (MSS) The first of these settings to consider is the TCP Maximum Segment Size (MSS). TCP MSS is used to set the largest amount of data that TCP will send to the receiving side. Whenever a connection is about to be established, the segment size used is set to the MTU of an outgoing interface or to the MSS announced by the peer. Each side announces its MSS and, if one end does not receive the other side's MSS option, it uses a default of 536. Both nmap and queso exploit this fact. The best solution is to change the default MSS value. Generally, the larger the MSS the better, until fragmentation occurs. To change the default MSS on Solaris: # ndd -set /dev/tcp tcp_mss_def 546 8.1.3.3 TCP Path MTU Discovery Another parameter that can leak out information is the path MTU discovery. If path MTU discovery is turned on, then all outgoing IP packets have the "Don't Fragment" bit set in the IP header. To turn this characteristic off: # ndd -set /dev/ip ip_path_mtu_discovery 0 It is not necessary to turn off the path MTU discovery. RFC 1191 recommends that the path MTU discovery occur approximately every 10 minutes. Solaris, however, does so every 30 seconds. To change this behavior: # ndd -set /dev/ip ip_ire_pathmtu_interval <time> where <time> is the number of milliseconds desired between path MTU discovery attempts. 300000 milliseconds is 5 minutes.

Sun Proprietary & Confidential: Internal Use Only

Page 165

SSE Field Reference Guide
8.1.3.4 TCP Strong ISS

8.0. Security

To decrease the possibility of a TCP sequence attack (i.e., TCP hijacking), the kernel value tcp_strong_iss needs to be set to 2. This can be done either through ndd directly or by changing the value of TCP_STRONG_ISS in /etc/default/inetinit to 2. Doing so causes the TCP Initial Sequence Number generation by the kernel to be a random number rather than a predictable value.

8.1.4. ARP attacks
There are two types of attacks possible with ARP: denial of service [DOS] and spoofing. A DOS attack prevents one system from exchanging packets with another on the same network, whereas spoofing allows one system to masquerade as another. Both of these attacks make use of ARP's dynamic nature. ARP information may be inserted by an attacker into the ARP cache either locally, through a root compromise, or by feeding invalid replies to a system making ARP requests. Since there is no authentication at this layer, all information provided to the ARP reply is inserted into the ARP cache. This type of attack is known as ARP cache poisoning. The spoofing attack is similiar to an IP spoofing attack and relies on the "trusted host" model of security. In this case, the attacker disables the peer of the victim host, host B, and uses IP spoofing to insert the attacker's Ethernet address into host A's ARP cache, by having his system masquerade as trusted host B. Countering such an attack requires one of two procedures: 1) disable ARP resolution on host A and use only static ARP entries, or 2) flush the ARP cache as well as the IP address map often. The first option is manageable only in a small environment. Option 2 then becomes the most reasonable way to counter ARP cache poisoning. ndd can be used to change the ARP cache flush interval, as well as the IP routing table flush interval, as follows: # ndd -set /dev/arp arp_cleanup_interval <time> # ndd -set /dev/ip ip_ire_cleanup_interval <time> In this example, <time> is the interval specified in milliseconds. Although this will not eliminate these types of attacks, it may slow the attacker down.

8.1.5. Securing IP
IP is the protocol that provides connectionless and unreliable delivery of data from one machine to another. Solaris provides many kernel parameters that can be adjusted to provide a more secure system. The default Solaris installation permits IP forwarding whether the system has two or more interfaces or not. The following command can be used to disable this feature while the system is running: # ndd -set /dev/ip ip_forwarding 0 To ensure that forwarding upon subsequent reboot is disabled, this command may be used in a initialization script, or the file /etc/notrouter must exist. Another problem with multihomed systems is that an attacker may try to spoof packets coming in from one interface so that they appear to have originated from a different interface. If the system is multihomed and nonforwarding, the attacker may try to send packets to an interface with a destination address in a network attached to a different interface. The following command prevents this problem by requiring all packets entering an interface to have originated from a network attached to that interface: # ndd -set /dev/ip ip_strict_dst_multihoming 1 Solaris has many more TCP/IP stack parameters that can be configured to provide more security.

8.1.6. ipfilter
Although reducing the possibility that an attacker can use a TCP stack fingerprint to identify the operating system is a step in the right direction, another option to use is the freely available packer filter program ipfilter. ipfilter runs on Solaris 2.5.1, 2.6, 7, 8, 9 and 10. T A sample ipfilter configuration file is provided in below: pass in quick on le0 proto icmp from any to 10.100.100.65/32 icmp-type 0 pass in quick on le0 proto icmp from any to 10.100.100.65/32 icmp-type 3 Sun Proprietary & Confidential: Internal Use Only Page 166

SSE Field Reference Guide
pass in quick on le0 proto icmp from any to 10.100.100.65/32 icmp-type 11 block in log level local4.info quick on le0 proto icmp from any to 10.100.100.65/32 pass in quick on le0 proto tcp from any to 10.100.100.65/32 port = 22 flags S keep state pass in quick on le0 proto tcp from any to 10.100.100.65/32 port = 443 flags S keep state pass in quick on le0 proto udp from any port = 161 to 10.100.100.65/32 keep state pass in quick on le0 proto udp from any to 10.100.100.65/32 port = 162 keep state pass in quick on le0 proto udp from any port = 53 to 10.100.100.65/32 keep state pass in quick on le0 proto udp from any to 10.100.100.65/32 port = 514 keep state pass out quick on le0 proto tcp from 10.100.100.65/32 to any keep state pass out quick on lo0 pass in quick on lo0 block in on le0 all

8.0. Security

In this configuration, the machine is providing inbound secure shell services as well as a secure Web server. Allowed UDP traffic includes syslog messages as well as SNMP traps, and SNMP information from external devices. The only ICMP traffic permitted is echo-reply, destination-unreachable, and ttl-exceeded. This configuration provides a simple starting framework when using ipfilter to protect a Solaris host.

8.1.7. PortSentry
Another useful tool to use with ipfilter (or on its own) is PortSentry. This program monitors probes to a defined subset of ports on a system. If enough probes occur to trigger a response, PortSentry blocks the source of the portscan by installing a static route into the system routing table, which sends all future packets from that source to a routing "dead end". If used in conjunction with ipfilter, PortSentry can add a blocking rule to the ipfilter ruleset. PortSentry is configurable to the extent that it can be made to work with various firewall systems including Gauntlet and Checkpoint. For PortSentry to work with ipfilter, a shell program is needed to add the new deny rule to the ruleset in the proper place. PortSentry can be downloaded from: http://www.psionic.com/abncus/portsentry

8.1.8. nfs Services
Restricting NFS Server Requests By default, the Solaris Network File System (NFS) server system accepts client NFS server requests from any port number. These requests should come from a privileged system port. The NFS server can be adjusted to process requests only from these privileged ports. If a system serves as an NFS server, add the following line to the /etc/system file to any Solaris OE version 2.5.1 or newer. set nfssrv:nfs_portmon = 1 Note, this change might prevent some NFS clients from operating correctly. There are reported problems with older versions of Linux and SCO UNIX. Also, some PC-based NFS client software applications are affected by this port restriction.

8.1.9. TCP Wrappers
TCP wrappers restrict access to your computer from the network. You can restrict such things as telnet access, ftp access, etc. In general you can restrict any access which is managed by the inetd daemon. Note that some services are typically not controlled by the inetd daemon, http and ssh for instance. To install TCP wrappers 1. Obtain a copy of the tcp wrapper binary. 2. Login as root to the system console. Use the console, not a telnet session, otherwise you might lock yourself out of your system if something goes wrong. 3. In the /etc directory make two copies of the file /etc/inetd.conf and write-protect one of them.

Sun Proprietary & Confidential: Internal Use Only

Page 167

SSE Field Reference Guide

8.0. Security

cd /etc cp inetd.conf inetd.conf.orig cp inetd.conf inetd.conf.new chmod ugo-w inetd.conf.orig 4. Edit the file inetd.conf.new searching for lines such as ftp -l telnet stream tcp telnetd nowait root /usr/etc/telnet stream tcp nowait root /usr/etc/ftp ftpd

These two lines control the ftp and telnet services. Change these lines to ftp stream tcp ftpd -l telnet stream tcp telnetd nowait root nowait root /usr/etc/tcpd /usr/etc/tcpd

Note that the strings ftp and telnet have both been changed to tcpd. Do this for all services in the inetd.conf.new file that you would like to change. NOTE: Some services are labeled as rpc, such as mountd/1 mountd stream rpc/tcp wait/lc root /usr/etc/rpc.mountd

Do not modify these lines. 5. Copy the tcpd to the directory where the ftp, telnet, and other files are located. This is learned from the inetd.conf file. In the example above, this directory is /usr/etc/. And make sure tcpd is executable, chmod ugo+x tcpd 6. Copy the file /etc/inetd.conf.new to /etc/inetd.conf, cp /etc/inetd.conf.new /etc/ inetd.conf If something goes wrong later, you can alway revert to your original setup by copying /etc/ inetd.conf.orig to /etc/inetd.conf and restarting the inetd daemon as described in the next step. 7. Restart the inetd daemon. You can do this by finding the PID (process id) for the inetd daemon with one of the two following commands, depending on your variety of Unix,

Sun Proprietary & Confidential: Internal Use Only

Page 168

SSE Field Reference Guide

8.0. Security

ps -ef | grep inetd or ps aux | grep inetd

The output will look something like this root inetd -f 209 1 0 10:41:46 ? 0:00 /usr/etc/

In this example the PID (process id) is 209. You can then restart inetd with the command kill -HUP 209 If that doesn't work you can try the stronger remedy of rebooting the server. 8. To configure tcp wrappers to only allow users access to your machine through inetd, create the two files /etc/hosts.allow and /etc/hosts.deny with the following content, all: 137.99. and all: all To Test the TCP Wrapper This procedure will verify that TCP wrappers are working by blocking a single on-campus workstation from your server. First, optain the IP address of the test workstation (the one being blocked). Log onto your server from the console and edit the file /etc/hosts.allow, chaning the line all: 137.99. to all: 137.99. except 137.99.???.??? where 137.99.???.??? is the IP address of your workstation. Now try to telnet or ftp from your workstation, it should fail. Revert to the original /etc/hosts.allow and see if you re-gain access.

Sun Proprietary & Confidential: Internal Use Only

Page 169

SSE Field Reference Guide

8.0. Security

8.1.10. sudo
Use sudo to permit limited root access. Of course, no root access for all users is desired, but there may be instances where such access is granted. Below are example sudoers entries. First, we define our aliases: User_Alias User_Alias User_Alias Runas_Alias Runas_Alias Host_Alias FULLTIMERS = millert, mikef, dowdy PARTTIMERS = bostley, jwfox, crawl WEBMASTERS = will, wendy, wim OP = root, operator DB = oracle, sybase SPARC = bigtime, eclipse, moet, anchor :\ SGI = grolsch, dandelion, black :\ ALPHA = widget, thalamus, foobar :\ HPPA = boa, nag, python CUNETS = 128.138.0.0/255.255.0.0 CSNETS = 128.138.243.0, 128.138.204.0/24, 128.138.242.0 SERVERS = master, mail, www, ns CDROM = orion, perseus, hercules DUMPS = /usr/bin/mt, /usr/sbin/dump, /usr/sbin/rdump,\ /usr/sbin/restore, /usr/sbin/rrestore KILL = /usr/bin/kill PRINTING = /usr/sbin/lpc, /usr/bin/lprm SHUTDOWN = /usr/sbin/shutdown HALT = /usr/sbin/halt, /usr/sbin/fasthalt REBOOT = /usr/sbin/reboot, /usr/sbin/fastboot SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \ /usr/local/bin/tcsh, /usr/bin/rsh, \ /usr/local/bin/zsh SU = /usr/bin/su

Host_Alias Host_Alias Host_Alias Host_Alias Cmnd_Alias Cmnd_Alias Cmnd_Alias Cmnd_Alias Cmnd_Alias Cmnd_Alias Cmnd_Alias Cmnd_Alias

Here we override some of the compiled in default values. We want sudo to log via syslog(3) using the auth facility in all cases. We don't want to subject the full time staff to the sudo lecture, and user millert need not give a password. In addition, on the machines in the SERVERS Host_Alias, we keep an additional local log file and make sure we log the year in each log line since the log entries will be kept around for several years. Defaults Defaults:FULLTIMERS Defaults:millert Defaults@SERVERS syslog=auth !lecture !authenticate log_year, logfile=/var/log/sudo.log

The User specification is the part that actually determines who may run what. The format is: <user> HOSTS = COMMANDS root %wheel FULLTIMERS ALL = (ALL) ALL ALL = (ALL) ALL ALL = NOPASSWD: ALL

We let root and any user in group wheel run any command on any host as any user. Full time sysadmins (millert, mikef, and dowdy) may run any command on any host without authenticating themselves. PARTTIMERS ALL = ALL Part time sysadmins (bostley, jwfox, and crawl) may run any command on any host but they must authenticate themselves first (since the entry lacks the NOPASSWD tag).

Sun Proprietary & Confidential: Internal Use Only

Page 170

SSE Field Reference Guide
jack CSNETS = ALL

8.0. Security

The user jack may run any command on the machines in the CSNETS alias (the networks 128.138.243.0, 128.138.204.0, and 128.138.242.0). Of those networks, only <128.138.204.0> has an explicit netmask (in CIDR notation) indicating it is a class C network. For the other networks in CSNETS, the local machine's netmask will be used during matching. lisa operator CUNETS = ALL ALL = DUMPS, KILL, PRINTING, SHUTDOWN, HALT, REBOOT,\ /usr/oper/bin/ The user lisa may run any command on any host in the CUNETS alias (the class B network 128.138.0.0).

The operator user may run commands limited to simple maintenance. Here, those are commands related to backups, killing processes, the printing system, shutting down the system, and any commands in the directory /usr/oper/bin/. joe pete ALL = /usr/bin/su operator HPPA = /usr/bin/passwd [A-z]*, !/usr/bin/passwd root The user joe may only su(1) to operator. The user pete is allowed to change anyone's password except for root on the HPPA machines. Note that this assumes passwd(1) does not take multiple usernames on the command line. bob SPARC = (OP) ALL : SGI = (OP) ALL The user bob may run anything on the SPARC and SGI machines as any user listed in the OP Runas_Alias (root and operator). jim +biglab = ALL The user jim may run any command on machines in the biglab netgroup. sudo knows that ``biglab'' is a netgroup due to the '+' prefix. +secretaries ALL = PRINTING, /usr/bin/adduser, /usr/bin/rmuser Users in the secretaries netgroup need to help manage the printers as well as add and remove users, so they are allowed to run those commands on all machines. fred ALL = (DB) NOPASSWD: ALL The user fred can run commands as any user in the DB Runas_Alias (oracle or sybase) without giving a password. john jen ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root* ALL, !SERVERS = ALL On the ALPHA machines, user john may su to anyone except root but he is not allowed to give su(1) any flags. The user jen may run any command on any machine except for those in the SERVERS Host_Alias (master, mail, www and ns). jill SERVERS = /usr/bin/, !SU, !SHELLS For any machine in the SERVERS Host_Alias, jill may run any commands in the directory /usr/bin/ except for those commands belonging to the SU and SHELLS Cmnd_Aliases. steve matt WEBMASTERS CSNETS = (operator) /usr/local/op_commands/ valkyrie = KILL www = (www) ALL, (root) /usr/bin/su www Page 171 The user steve may run any command in the directory /usr/local/op_commands/ but only as user operator. On his personal workstation, valkyrie, matt needs to be able to kill hung processes.

Sun Proprietary & Confidential: Internal Use Only

SSE Field Reference Guide

8.0. Security

On the host www, any user in the WEBMASTERS User_Alias (will, wendy, and wim), may run any command as user www (which owns the web pages) or simply su(1) to www. ALL CDROM = NOPASSWD: /sbin/umount /CDROM,\ /sbin/mount -o nosuid\,nodev /dev/cd0a /CDROM

Any user may mount or unmount a CD-ROM on the machines in the CDROM Host_Alias (orion, perseus, hercules) without entering a password. This is a bit tedious for users to type, so it is a prime candiate for encapsulating in a shell script. An alias must be defined before it can appear in the sudoers file. For that reason, aliases generally appear at the top of the file. Each alias entry has a label saying what sort of alias it is, a label for the alias, and a list of the members of that alias. User aliases are groups of users, and are labeled with the stringUser_Alias. They contain a list of users in that alias. User_Alias DNSADMINS = chris,mwlucas

The user alias DNSADMINS contains two users, mwlucas and chris. A Runas alias is a special type of user alias. This lists users that other users can run commands as. Many nameservers can be run as the user "named." The DNS administrator might need to be able to run commands as that user, and you might have a Runas alias for that. Many database applications run as their own special user. In many cases, a system administrator responsible for an application would also want to be able to run system backups as the user "operator." Or, you could just create a single Runas alias to group these commands. Runas aliases are labeled with Runas_Alias. Runas_Alias APPADMIN = named,dbuser,operator

A host alias is just a list of hosts. They're labeled with the stringHost_Alias. A host alias can be defined in terms of hostnames, IP addresses, or network blocks. (Remember, if you're using hostnames your sudo configuration could be vulnerable to DNS problems!) Here are examples of all three. Host_Alias Host_Alias Host_Alias DNSSERVERS = dns1,dns2,dns3 SECURITYSERVERS = 192.168.1.254,192.168.113.254 COMPANYNETWORK = 192.168.1.0/16

A command alias is a list of commands. They're labeled with the string Cmnd_Alias. Here, we have an alias that includes all the commands necessary to back up to tape, or restore the system from backup. Cmnd_Alias BACKUPS = /bin/mt,/sbin/restore,/sbin/dump

You might have a command alias that includes all the commands in a particular directory. Suppose we have a custom application that runs as a particular user, and places all of its commands in the app users' home directory. Rather than list all the commands, can just list directory and use a wildcard to include everything in the directory. Cmnd_Alias DBCOMMANDS = /usr/home/dbuser/bin/*

To use an alias, just put the alias name in the rule where you would normally list the user, command, or hostname. We've previously defined a user alias DNSADMINS. The users listed in the DNSADMINS alias get to run any commands at all on all of our servers. DNSADMINS ALL = ALL

Let's suppose that our user Phil has to manage an application that runs as a particular user. He can run any command on the system as this application user. We defined a Runas alias in the last section for the user alias APPADMIN, and an alias for commands needed to run the application, DBCOMMANDS. phil ALL = (APPADMIN)DBCOMMANDS

Sun Proprietary & Confidential: Internal Use Only

Page 172

SSE Field Reference Guide

8.0. Security

As the application administrator, Phil might also have to run backups. We have already given the APPOWNER Runas alias operator privileges, and we have a separate command alias for backup commands. We can combine them all like this. phil ALL = (APPOWNER) DBCOMMANDS, (APPOWNER)BACKUPS

This is much simpler to read than what this rule expands to. phil ALL = (dbuser,operator)/usr/home/dbuser/bin/*,\ (dbuser,operator)/bin/mt, (dbuser,operator)/sbin/restore,\ (dbuser,operator)/sbin/dump

Some of the permissions granted by sudo in this case are unnecessary -- having the database user Runas alias is not necessary for running backups. Still, it's far tighter than just giving Phil the root password! You can also define rules to restrict your users as tightly as you desire.

Sun Proprietary & Confidential: Internal Use Only

Page 173

SSE Field Reference Guide

8.0. Security

8.2. Other Security Measures
8.2.1. Solaris Banners
The first thing to do when reducing the footprint of a Solaris box is to remove any and all "announcements" sent out to the world. What are these announcements? When someone telnets to a box running Solaris, they are greeted with the response: $ telnet 10.16.16.205 Trying 10.16.16.205... Connected to 10.16.16.205. Escape character is '^]'. SunOS 5.7 login: This is a simple, quick, and effective way to find out what OS is running on that system. To close this information leak, the file /etc/default/telnetd should be created with the following line in it: BANNER="" This effectively eliminates the SunOS 5.7 banner from telnet. $ telnet 10.16.16.205 Trying 10.16.16.205... Connected to 10.16.16.205. Escape character is '^]'. login: Similarly, in the file /etc/default/ftpd, the BANNER="" command removes the SunOS ttag from the ftpd prompt: $ ftp -i 10.16.16.205 Connected to 10.16.16.205. 220 nostromo FTP server () ready. Name (10.16.16.205:ido): If the system needs to have Sendmail running in daemon mode and if it is not configured properly, then it is providing a potential attacker with vital information. By telneting to port 25, the attacker is greeted with the following information: $ telnet 10.16.16.205 25 Trying 10.16.16.205... Connected to 10.16.16.205. Escape character is '^]'. 220 nostromo.dubrawsky.org ESMTP Sendmail 8.9.1b+Sun/8.9.1; Fri, 18 Feb 2000 06:13:09 -0600 (CST) Not good. Not only does the attacker now know the name of the machine, but he or she also knows that it is running the stock Sendmail provided by Sun. To eliminate this greeting, change the value of SmtpGreetingMessage in the sendmail.cf file (found in /etc under Solaris 2.6 and in /etc/mail in Solaris 7 and Solaris 8): # SMTP initial login message (old $e macro) #O SmtpGreetingMessage=$j Sendmail $v/$Z; $b O SmtpGreetingMessage= The Sendmail greeting is now: $ telnet 10.16.16.205 25 Trying 10.16.16.205... Connected to 10.16.16.205. Sun Proprietary & Confidential: Internal Use Only Page 174

SSE Field Reference Guide
Escape character is '^]'. 220 ESMTP

8.0. Security

8.2.2. Logs
An aspect to consider when securing a system is the logs produced by syslog. Unfortunately, by default Solaris tends to lump many things into /var/adm/messages and /var/log/syslog -- so much so that it becomes difficult, if not impossible, to easily determine what is going on in a system. The first step is to separate much of the information that is logged through syslog. One way to achieve this goal is to reconfigure syslog to log messages to separate files based on syslog facility. All kernel messages would be written to a logfile called /var/log/kernel.log; all daemon messages would be written to a file called /var/log/daemon.log, etc. Furthermore, when installing sudo or tcpd, the LOCAL[0-7] facilities can be used to categorize the logs from those programs as well. A simple, improved syslog.conf might look something like this: #ident "@(#)syslog.conf 1.4 96/10/11 SMI" /* SunOS 5.0 */ # # Copyright (c) 1991-1993, by Sun Microsystems, Inc. # # syslog configuration file. # # This file is processed by m4 so be careful to quote (`') names # that match m4 reserved words. Also, within ifdef's, arguments # containing commas must be quoted. # # Kernel messages kern.* /var/log/kernel.log # # mail system logs mail.* /var/log/maillog # # cron logs cron.* /var/log/cron.log # # Any messages from syslog syslog.* /var/log/syslog # # All authentication messages auth.* /var/log/secure # # tcp wrappers are using LOCAL0.NOTICE local0.notice /var/log/tcpd.log # # Cisco Router logs at facility 20, level informational local4.info /var/log/router.log By breaking up the logging information as much as possible, it becomes easier to discover potential problems sooner. References (The info for this section taken from articles by the following authors) Noordergraaf, Alex and Keith Watson, "Solaris Operating Environment Security", Sun Blueprints. Noordergraaf, Alex and Keith Watson, "Solaris Operating Environment Network Settings for Security Security", Sun Blueprints On-Line, December 1999. Noordergraaf, Alex and Keith Watson, "Solaris Operating Environment Minimization for Security: A Simple, Reproducible and Secure Applicable Installation", Sun Blueprints. "Creating Login Banners", CIAC Information Bulletin J-043f, June 19, 1999. Spoon, Kelly, "What You Can do with tcpd", Linux Gazette, Issue 15, March 1997. Ido Dubrawsky

Sun Proprietary & Confidential: Internal Use Only

Page 175

SSE Field Reference Guide

8.0. Security

8.2.3. Securing the console
Use the eeprom command in the Solaris OE to set the security mode. Here is an example of setting the mode to full: # eeprom security-mode=full Changing PROM password: New password: password Retype new password: password Use the following command to set a new EEPROM password. # eeprom security-password= Changing PROM password: New password: password Retype new password: password Note: Be sure to include the trailing equal sign (=).

8.2.4. Adjusting File Permissions
Solaris OE versions prior to Solaris 9 OE ship with file system permissions that need to be adjusted for security reasons. With the release of Solaris 9 OE, this adjustment is no longer necessary for the core Solaris OE packages. In Solaris 8 OE and older versions, many files and directories have the group write bit set. In most instances, this permission is not necessary and should be switched off. Although file permission changes are not required for Solaris 9 OE and newer releases, they may be required of applications installed on top of the OE. Consequently, monitor permissions on all Solaris OE versions. Casper Dik created a tool to adjust these permissions. The tool is called fix-modes and can be downloaded from: http://www.sun.com/blueprints/tools. Install the fix-modes files and execute it to correct file system permissions. This tool has been used in production environments for several years with no reported problems. Use the following command to find all the set-user-ID and set-group-ID files on a server. # find / -type f \( -perm -u+s -o -perm -g+s \) -ls Store the output to a file on another system. Compare it against the current file system from time to time and after applying patches to find any unwanted additions.

8.2.5. Securing Mount Options
Here is a partial /etc/vfstab file containing the appropriate file system options: Although these file system options significantly improve the security of a system, they may cause difficulty with some third-party applications. Thoroughly test these options before deploying them to a production system. /dev/dsk/c0t3d0s0 /dev/rdsk/c0t3d0s0 / ufs 1 no /dev/dsk/c0t3d0s4 /dev/rdsk/c0t3d0s4 /usr ufs 1 no ro /dev/dsk/c0t3d0s5 /dev/rdsk/c0t3d0s5 /var ufs 1 no nosuid /dev/dsk/c0t3d0s6 /dev/rdsk/c0t3d0s6 /opt ufs 2 yes nosuid,ro Different system partitions support different mount options. The /usr partition can be mounted read-only. It should not be mounted nosuid, because there are some commands in this partition that have the set-user-ID bit set. The /var partition cannot be set to read-only, but can be set to nosuid. Mount all other partitions read-only and with nosuid whenever possible.

Sun Proprietary & Confidential: Internal Use Only

Page 176

SSE Field Reference Guide

8.0. Security

8.2.6. Account Management
A default Solaris OE installation contains several accounts that either need to be deleted or modified to strengthen security. Some accounts are not necessary for normal system operation. These accounts include smtp, nuucp, and listen. Some of these accounts exist to support software subsystems that are not used or are for backwards compatibility. Use the userdel command to delete accounts in /etc/passwd and /etc/ shadow. Here is an example of the userdel command. # userdel smtp This command removes the /etc/passwd and /etc/shadow entries for smtp. The remaining system accounts (except the root account) should be modified for added security. System accounts listed in /etc/passwd have no shell listed. Those accounts have an NP string (meaning "no password") listed in the /etc/shadow file. By default, this string is sufficient. Unused accounts, which are not locked by default, should be locked with the passwd -1 option. Use the following command to lock the uucp account. # passwd -l uucp Use the -e option to the passwd command or edit the /etc/passwd file manually to change the default shell for those accounts to /usr/bin/true. For example # passwd -e uucp Old shell: /sbin/sh New shell: /usr/bin/true Administrators should monitor these system accounts for abuse. The Solaris Security Toolkit includes a shell replacement called noshell. When the noshell executable is executed (as a login shell in /etc/passwd) a log entry is generated and the shell exits. Administrators can track unauthorized use of system accounts.

8.2.7. Restricting cron,at and batch
The at, cron, and batch systems execute commands at a specified future time. User submission for the cron system is handled by the crontab command. The at and batch commands are used to submit jobs to the at system. Access to these commands can be restricted. The access control files are stored in the /etc/cron.d directory. The cron.deny and cron.allow files manage access to the cron system. The at.deny and at.allow files manage the access to the at and batch system.

8.2.8. Role Based Access Control
RBAC works through users logging into the system normally, then assuming special identities that permit them to perform additional tasks. Fundamentally, RBAC introduces the following three elements into the Solaris OE: Role - A special identity users can assume Authorization - A permission that can be assigned to a user or role granting access to tasks otherwise not permitted Rights Profile - A grouping of authorizations, commands, and additional rights that can be assigned to a user or role To Convert the Root Account to a Role The first example illustrates how to convert the root account to a role. By doing this, additional controls can be implemented to control which accounts can have superuser privileges to root. Log into the system as superuser. Verify that the following line is in the /etc/user_attr file: root::::auths=solaris.*,solaris.grant;profiles=All

Sun Proprietary & Confidential: Internal Use Only

Page 177

SSE Field Reference Guide

8.0. Security

Add a line containing user accounts that should be able to have superuser privileges to root. For users Alice and Betty, you would add the following: alice::::type=normal;roles=root betty::::type=normal;roles=root Now both Alice and Betty have privileges to assume the root role after it is created in the next step. Because Alice and Betty are both local users on this system, it is possible to use the following commands to make this change, which is not necessary if the previous entries are added to the /etc/user_attr file: # usermod -R root alice # usermod -R root betty Modify the type definition of the root role as follows: root::::type=role;auths=solaris.*,solaris.grant;profiles=All When the changes are made, only users Alice and Betty are able to have superuser access to the root account. In addition, the root account cannot log directly into the system regardless of the CONSOLE settings in /etc/default/login. If someone attempts to log directly into the system, the following is displayed after the login command: arciero console login: root Password: xxxxx Roles can only be assumed by authorized users Login incorrect Oct 27 20:09:14 arciero login: login account failure: Permission denied Compare this result with the following when authorized user Alice logs in to assume the root role. arciero console login: alice Password: xxxxxx Last login: Sun Oct 27 20:07:59 on console Sun Microsystems Inc. SunOS 5.9 Generic May 2002 $ su Password: xxxxxx #

8.2.9. Using a Restrictive umask
For Solaris versions prior to Solaris 8, the following script may be used to set the system umask to a more reasonable value: #!/bin/sh echo "umask 022" > /etc/init.d/umask.sh chmod 744 /etc/init.d/umask.sh chgrp sys /etc/init.d/umask.sh for d in /etc/rc?.d; do ln /etc/init.d/umask.sh $d/S00umask.sh done

8.2.10. Preventing Attempts to Execute Code on Stacks
Some security exploitation programs take advantage of the Solaris OE kernel executable system stack to attack the system. These attack programs attempt to overwrite parts of the program stack of a privileged program in an attempt to control it. In Solaris 2.6 OE and later, some of these exploits can be avoided by making the system stack nonexecutable. Add the following lines to the /etc/system file:

Sun Proprietary & Confidential: Internal Use Only

Page 178

SSE Field Reference Guide
set noexec_user_stack = 1 set noexec_user_stack_log = 1

8.0. Security

With noexec_user_stack_log enabled, the system logs programmatic attempts to execute code on the stack. This feature allows you to track unsuccessful exploit programs and the account which made the attempt. Here is an example of a log message from a recent Solaris OE exploitation program that was stopped by enabling this feature: Nov 28 11:59:54 landreth unix: sdtcm_convert[308] attempt to execute code on stack by uid 38918 Note - All 64-bit Solaris OE processes use nonexecutable stacks by default.

8.2.11. Access Warning Messages
The contents of the /etc/issue file are displayed on the console during login and for incoming telnet connections. This file should contain warnings about inappropriate and unauthorized use of the system. It should warn users that their sessions and accounts may be monitored for illegal or inappropriate use. Consult your legal counsel for more information. Here is a sample legal warning from the Solaris Security Toolkit: This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel. In the course of monitoring individuals improperly using this system, or in the course of system maintenance, the activities of authorized users may also be monitored. Anyone using this system expressly consents to such monitoring and is advised that if such monitoring reveals possible evidence of criminal activity, system personnel may provide the evidence of such monitoring to law enforcement officials.

8.2.12. Restricting Console Access
The login command is part of the authentication process to access a local Solaris account. By default, the root user can only log into a Solaris system from the console device. The console device is defined by the following entry in the /etc/default/login file: CONSOLE=/dev/console When this line is commented out, the root account can log directly into the system over the network via Telnet, in addition to the console. This access is not secure and should be avoided. Do not alter the default configuration. There are two other potential settings for CONSOLE entry in /etc/default/login. To Permit Root Logins Only Through the ttya Serial Device, change the CONSOLE entry to: CONSOLE=/dev/ttya To Restrict Direct Root Logins entirely, change the CONSOLE entry to: CONSOLE=-

8.2.13. Hardening Passwords
8.2.13.1 Set minimum password length
In the /etc/default/passwd file, set the PASSLENGTH variable to 8. This will require that passwords be eight characters long. It should be noted that with the default password methodology, any portion of the password beyond eight characters is ignored.

8.2.13.2 Set Time Values

Sun Proprietary & Confidential: Internal Use Only

Page 179

SSE Field Reference Guide

8.0. Security

Set default password changing parameters In the /etc/default/passwd file, set the MAXWEEKS variable to the maximum number of weeks that can pass, before a user must change their password. If MAXWEEKS is too short, users will have a tendency to cycle through a list of passwords. This value is normally not set to less than 13 (3 months). Set the MINWEEKS variable to the minimum number of weeks that must pass before a user is allowed to change their password. The purpose of this variable is to lessen the likelihood that a user will cycle through a password list, or change their password, then change it right back. For this reason, the MINWEEKS variable should not be set too small. On the other hand, if it is set too large, a user might not be able to change their own password, if it were to become compromised. A value between 2 and 4 is appropriate for this variable. Set the WARNWEEKS variable to the number of weeks that must pass since the last password change, before a user will receive password change warnings. This number should be slightly shorter than the value the MAXWEEKS variable was set to. If the difference between MAXWEEKS and WARNWEEKS is too small, users might return from a vacation, and find that they can't log in. The difference should be at least three weeks.

Sun Proprietary & Confidential: Internal Use Only

Page 180

SSE Field Reference Guide

Sun Proprietary & Confidential: Internal Use Only

Page 181

SSE Field Reference Guide

9.0. High End Servers

9.0. High End Servers
9.1. Starcat Servers (F12K/F15K/E20K/E25K)
9.1.1. Command Reference
addboard - Adds (assigns) a board to a domain. addtag - Assigns a domain name (tag) to a domain. cancelcmdsync - Removes a command synchronization descriptor from the command synchronization list. console - Accesses the domain console. deleteboard - Detaches and unassigns a system board from a domain only if the boards are in the assigned state and not active in a running domain. deletetag - Removes the domain name (tag) associated with the domain. disablecomponent - Adds the specified component to the ASR blacklist file. enablecomponent - Removes the specified component to the ASR blacklist file. flashupdate - Updates system board PROMs. help - Displays help information about SMS commands. initcmdsync - Creates a command synchronization descriptor that identifies the script to be recovered. moveboard - Moves a system board from one domain to another if the board is currently in an assigned state and not active in the domain which it is being removed from. poweroff - Controls power off. poweron - Controls power on. rcfgadm - Performs remote configuration administration only if the boards are in an assigned state and not active in a running domain. reset - Sends reset to all ports (CPU or I/O) of a specified domain. resetsc - Sends a reset signal to the other system controller. If the other system controller is not present, the resetsc command exits with an error. runcmdsync - Prepares a specified script for recovery after a failover. savecmdsync - Adds a marker that identifies a location in the script from which processing can be resumed after failover. setbus - Performs dynamic bus reconfiguration on active expanders in a domain. setdatasync Modifies the data propagation list used in data synchronization. setdate - Sets the date and time for the system controller or the domain. setdefaults - Removes all instances of a previously active domain. setfailover - Modifies the state of the sc failover mechanism to enable or disable sc failover. setkeyswitch - Changes the position of the virtual keyswitch. setobpparams - Sets up the OpenBoot (OBP) parameters. setupplatform - Sets up the slot ACL (Access Control List) for domains. showboards - Shows the status of the system boards. showbus - Displays the bus configuration of expanders in active domains. showcmdsync - Displays the current command synchronization list. showcomponent - Displays ASR (Automatic System Recovery) blacklist status for a component. showdatasync - Displays the status of SMS data synchronization for failover. showdate - Displays the date and time for a system controller or a domain. showdevices - Displays system board devices and resource usage. showenvironment - Displays the environmental data. showfailover - Manages or displays system controller failover status. showkeyswitch - Displays the position of the virtual keyswitch. showlogs - Displays message log files. showobpparams - Displays OBP bringup parameters. showplatform - Displays the board ACL for domains. showxirstate - Display CPU dump info after sending a reset pulse to the processors. smsbackup - system controller backup utility smsconfig - system controller configuration utility smsrestore - system controller restoration utility smsversion - Provides the system controller version utility Sun Proprietary & Confidential: Internal Use Only Page 182

SSE Field Reference Guide

9.0. High End Servers

9.1.2. SMS File System Layout
-$SMSOPT (/opt/SUNWSMS/SMS1.x) |--/man |--/lib |--/bin |--/firmware (sc firmware binaries) |--/hostobjs (system board firmware binaries) -$SMSVAR (/var/opt/SUNWSMS/SMS1.x) |--/.lock |--/.pcd | domain_info | platform_info | sysboard_info |--/adm | |--/<domain_id> | | | console | | | messages | | | syslog | | |--/dump | | |--/post | |--/platform | | messages | |--/dump |--/data | |--/<domain_id> | idprom.image | nvramdata |--/doors |--/pipes -$SMSETC (/etc/opt/SUNWSMS) |--/startup | sms | sms_env | smsstartup |--/config | MAN.cf (network config file) | cod.cf | dsmd_tuning.txt | esmd_tuning.txt | fomd.cf | fomd_sys_datasync.cf | kmd_policy.cf | mld.cf | mld_tuning |--/<domain_id> | blacklist (domain blacklist file) | .postrc (domain post config file) |--/asr | blacklist (asr blacklist file) |--/platform blacklist (platform blacklist file) .postrc (platform post config file)

Sun Proprietary & Confidential: Internal Use Only

Page 183

SSE Field Reference Guide

9.0. High End Servers

9.1.3. MAN Network
The Sun Fire 15K utilizes three ethernet based networks to form the MAN. Each system controller incorporates 20 RIO (eri) and two Cheerio (hme) based ethernet interfaces to comprise the Sun Fire 15K MAN network. This management network consists of three individual ethernet networks: C network- Consists of two network interfaces connected to the system controller front panel providing the external community remote access to the system controller. This network is often referred to as the Community Network (aka the public network). Here's an example of an ifconfig -a from a system controller (showing only the C network interface): # ifconfig -a hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 172.20.66.148 netmask ffffff00 broadcast 172.20.66.255 ether 8:0:20:da:7e:f6 I1 network- Consists of 18 separate RIO-based Ethernet controllers (eri) between the system controller and each I/O board on the platform. These 18 interfaces provide a highly available, secure network console interface to facilitate communication between a possible 18 domains and the system controller. This network is an internally connected network. It is also referred to as the dman network. Here's an example of an ifconfig -a from a system controller (showing only the I1 interface): # ifconfig -a scman0: flags=1008843<UP,BROADCAST,RUNNING,MULTICAST,PRIVATE,IPv4> mtu 1500 index 3 inet 10.1.1.1 netmask ffffffe0 broadcast 10.1.1.31 ether 8:0:20:da:7e:f6 I2 network- Consists of two Ethernet interfaces to the other system controller to provide a heartbeat and synchronizes system controller configuration data between the main and spare system controller. This network is an internally connected network. This network is also referred to as the scman network. Here's an example of an ifconfig -a from a system controller (showing only the I2 interface): # ifconfig -a scman1: flags=1008842<BROADCAST,RUNNING,MULTICAST,PRIVATE,IPv4> mtu 1500 index 4 inet 10.2.1.1 netmask fffffffc broadcast 10.2.1.3 ether 8:0:20:da:7e:f6

9.1.4. Firmware
Checking the version of the firmware: To display the current version of firmware runnning on a system board, run the following command and answer “N” when asked to proceed. SC0: sms-svc> flashupdate -d <domain> -f /opt/SUNWSMS/hostobjs/sgcpu.flash <sb> Updating the firmware: SC0: sms-svc> setkeyswitch standby SC0: sms-svc> flashupdate -d <domain> -f /opt/SUNWSMS/hostobjs/sgcpu.flash <sb>

Sun Proprietary & Confidential: Internal Use Only

Page 184

SSE Field Reference Guide

9.0. High End Servers

9.1.5. SMS Upgrade Procedure
My example assumes SC0=main, SC1=spare, and all hosts running Solaris 9. ================== Upgrade Spare (SC1) SC first ================== 1) Backup SMS software on Main and Spare SC #/opt/SUNWSMS/bin/smsbackup 2) Turn off failover on Main SC SC0> setfailover off 3) Stop SMS on Spare SC SC1# /etc/init.d/sms stop 3) Patch the Main and Spare SCs. You can download a compressed tar ball of the relevant patches at "http://has.central.sun.com/starcat/" # zcat "SunOS-SC5.9-patches.tar.Z" | tar xf # patchadd -M . `cat SunOS-SC5.9-patch-order` 4) Patch the Domains. You can download a compressed tar ball of the relevant patches at "http://has.central.sun.com/starcat/" # zcat "SunOS-Domain5.9-patches.tar.Z" | tar xf # patchadd -M . `cat SunOS-Domain5.9-patch-order` 5) Upgrade SMS Software on the Spare SC. You can download the software at "http://www.sun.com/servers/highend/sms.html" SC1# unzip sms_1_4_1_sparc.zip SC1# cd sms_1_4_1_sparc/System_Management_Services_1.4.1/Tools SC1# ./smsupgrade ../Product 6) Patch SMS on the Spare SC. You can download a compressed tar ball of the relevant patches at "http://has.central.sun.com/starcat/" SC1# zcat "SMS1.4.1-patches.tar.Z" | tar xf SC1# patchadd -M . `cat SMS1.4.1-patch-order` 7) Make SC1 the Main SC a) Stop SMS on Main SC SC0# /etc/init.d/sms stop b) Reboot the Spare SC, after the reboot the Spare will become the Main since there are no sms processes running on SC0 SC1# touch /reconfigure; init 6 8) Flashupdate SC1's proms and the Domains proms SC1# flashupdate -f /opt/SUNWSMS/firmware/SCOBPimg.di sc1/fp0 SC1# flashupdate -f /opt/SUNWSMS/firmware/nSSCPOST.di sc1/fp1 Sun Proprietary & Confidential: Internal Use Only Page 185

SSE Field Reference Guide
SC1# flashupdate -d <domain> -f /opt/SUNWSMS/hostobjs/sgcpu.flash 9) Reboot SC1 SC1# init 0 OK reset-all ============== Upgrade Former Main(SC0) SC ============== 10) Make sure the SMS process are stopped on SC0 # /etc/init.d/sms stop

9.0. High End Servers

11) Upgrade SMS Software on the former main SC. You can download the software at "http://www.sun.com/servers/highend/sms.html" SC0# unzip sms_1_4_1_sparc.zip SC0# cd sms_1_4_1_sparc/System_Management_Services_1.4.1/Tools SC0# ./smsupgrade ../Product 12) Patch SMS on the former Main SC. You can download a compressed tar ball of the relevant patches at "http://has.central.sun.com/starcat/" SC0# zcat "SMS1.4.1-patches.tar.Z" | tar xf SC0# patchadd -M . `cat SMS1.4.1-patch-order` 13) Reboot Former Main SC0# touch /reconfigure; init 6 14) Flashupdate SC0's proms SC0# flashupdate -f /opt/SUNWSMS/firmware/SCOBPimg.di sc0/fp0 SC0# flashupdate -f /opt/SUNWSMS/firmware/nSSCPOST.di sc0/fp1 15) Reboot Former Main SC0# init 0 ok reset-all 16) As the user "sms-svc", Verify and Assign Chassis Serial Number On the Main SC SC1> showplatform -p csn -if you do not see the chasis serial number in the output assign it with the "set-csn" command. SC1> set-csn -c <serial_number> -the serial number is located on a white sticker on the bottom front of the machine. 17) Re-enable failover on the Main SC SC1> setfailover on 18) Verify SC1 can see all boards SC1> showboards -v 19) Test SC failover SC1> setfailover force 20) Re-enable failover on the Main SC0> setfailover on 21) Verify SC0 can see all boards

Sun Proprietary & Confidential: Internal Use Only

Page 186

SSE Field Reference Guide
SC0> showboards -v

9.0. High End Servers

9.1.6. Replacing a cp2140 on the System Controller
When replacing an Othello+ <CP2140> with another Othello+, one will need to activate the Othello+ for use with 12k/15k System. Otherwise, when booting system controller, it will hang at initializing memory. SSE will be able to see the Othello+<CP2140> w/ showenvironment and there will be no error indications to failures, from the main SC <sustaining system controller>. The following resolution is an excerpt from replacing a CP1500 with a CP2140 from Doc: 72037; however, there is no documentation indicating standard practice on replacing a CP2140 with another CP2140 and no special instructions in the 12k/15k Service Manual. Replace the Othello+ <CP2140> with another Othello+ <CP2140>. This procedure is outlined in the SunFire 12k/15k Service Manual, June 2003, 806-3512-12. Chapter 6. Replacement procedure for the System Controller Board. 1.) After replacement of the new Othello+, log into the MAIN SC and execute the following based on the SC you want to poweron: # /opt/SUNWSMS/bin/poweron sc0 # /opt/SUNWSMS/bin/poweron sc1 2.) Press the abort button on sc to drop to obp. 3.) Once the SC has been powered on, execute the following at the OBP prompt, to configure the Othello+ for usage on a Starcat: ok setsmcenv chassis-type aa ok setenv probe-delay 0 ok setenv auto-boot? false ** NOTE ** You can confirm the setting of chassis-type by executing ok printsmcenv. 4.) Reset the board after you have changed the "chassis-type aa". You will need to power cycle the system controller or execute the following commands: ok dev hsc ok 80 80 2 70 execute-smc-cmd 5.) Boot Solaris into single user mode: ok boot -s Note: We will need to confirm that the SC is configured to use the eri devices. Otherwise, it will hinder the system to boot completely. If the eri devices are configured then skip to step 7. 6.) Since we are replacing the Othello+ with another Othello+, the network setting should not change. However, when replacing the Othello+ with another Othello+, the aliases had changed for the boot device and we needed to take the appropriate actions for the correct boot device. 7.) Verify the date on the new Othello+ with the date command. # date If the date is incorrect, then correct it with the SMS date command: # /opt/SUNWSMS/bin/setdate 8.) Reboot the SC into multi-user mode. # init 0 ok> boot Sun Proprietary & Confidential: Internal Use Only Page 187

SSE Field Reference Guide

9.0. High End Servers

Sun Proprietary & Confidential: Internal Use Only

Page 188

SSE Field Reference Guide

9.0. High End Servers

9.1.7. Component Health Status (setchs)
9.1.7.1 Philosophy of CHS POST is not needed to recreate the error. Instead, the CHS of the component is stored on the FRU itself. Even if the FRU is removed from one machine and installed in another, the CHS status is unchanged. CHS is stored in the Dynamic FRUID (DFRUID) of the seeprom. Before CHS, the service engineer had to rely on the following: Logs that are not always available. POST to re-produce the problem. Also, the status of failed components, detected by POST, is stored in Safari Port Descriptor(SPD), which is consulted the next time POST is run. A big drawback is that when the domain is setkeyswitched off this information is lost. 9.1.7.2 Definition of Safari Port Descriptor(SPD) A data structure is created and initialized by SPOST for each safari port. The structure is located in each SBBC's Boot Bus SRAM. Typically, There are 2 SPDs per SBBC. For a Serengeti CPU system board, there would be 4 SPDs. For an I/O board, there would be 2 SPDs. SPDs contain the following information: 1. Port Status Summary {pass|fail|unknown|blacklisted} 2. Port Type {cpu|pci|pcic|sbus} 3. Port Attributes {rated frequency,actual frequency,cache size, version} 4. Bank Status {pass|fail|unknown|unpopulated|config-error|spare|blacklisted} 5. DIMM JDEC code for each of the 16 DIMMs 6. Port Component Status (for each component) {pass|fail|unknown|blacklisted} 7. I/O Bus Status {pass|fail|unknown|blacklisted} 8. IO Card(s) Status {pass|fail|unknown|blacklisted} 9. Checksum Seeprom has 3 records in the Dynamic FRUID section (DFRUID) to support CHS: StatusCurrent - This record is used to provide the current state of the FRU component. StatusEvents - This record is used to maintain the history of the status changes. StatusProxy - These records are used to represent the state of components that do not contain their own seeprom (do not contain FRUID) 9.1.7.3 New CLI commands (service mode only, not available to the customer): showchs - display CHS info setchs- change CHS info There are 3 ways to change the Status records: 1. Manually with the setchs command. 2. Using the AD auto-diagnosis engine on the SC 3. Using POST 9.1.7.4 Tunables: ad-chs-enabled - If true, the AD (autodiagnosis engine) will record the CHS info, if an error occurs. error-policy - Can be set to either display or diagnose. If set to diagnose(default) the AD will diagnose the error. post-chs-read - If true, POST will consult CHS, otherwise it will ignore it. post-chs-write - If true, POST will update CHS if it finds an error, else it will not commit the CHS changes. 9.1.7.5 Performance impact of CHS: When the CHS of a component is changed, two records in different segments of DFRUID have to be updated: StatusCurrentR and StatusEventR. Since these 2 segments are different, it is possible that there will be a power loss or ScApp reboot after the StatusCurrentR record is updated, but before the StatusEventR is updated. This is Sun Proprietary & Confidential: Internal Use Only Page 189

SSE Field Reference Guide
very rare, but if it does happen, the reason for the change will not be captured. 9.1.7.6 CHS States There are 3 states for CHS: OK SUSPECT - part of a suspect list of components that caused a fault FAULTY - the component has been identified as the sole culprit of a fault

9.0. High End Servers

ScApp and POST can only degrade the CHS of a component. A service engineer can manually upgrade the CHS if necessary. There is no relationship between seeprom-based CHS and ScApp-based blacklisting ( enablecomponent/disablecomponent). A change in CHS will not modify the ScApp based blacklists. A change in the ScApp blacklist will not modify CHS. 9.1.7.7 CHS locations: Remember CHS records are in the seeprom chips. System Boards I/O Boards DIMMS L2 SRAM DIMMS RP PSU Fan Trays CPU chips do not have their own seeprom and hence do not have their own CHS. Rather a "proxy record" is on the seeprom of the system board. Fan Trays and PSU's only provide CHS records for the SSE to manually tag it as bad for a note to the repair depot or other service people. The system ignores the CHS status of PSU's and Fan Trays' The CHS for RP's will only get set to "suspect" automatically by the system. It will never get set to "Faulty" 9.1.7.8 Examples Here we manually set sb2 to faulty and then display its status v4u-6800c-sc0:SC[service]> setchs -s faulty -r "FOO" -c sb2 v4u-6800c-sc0:SC[service]> showchs -b Component --------------/N0/SB2 Status -------Faulty

Displayed here is the CHS history. Notice that "FOO" is the most recent entry. The message field contains the reason via -r flag in setchs CLI. Notice the AD engine message. You can look up this code in a table in the Sun System Handbook v4u-6800c-sc0:SC[service]> showchs -v -c sb2 Total # of records: 8 Component : /N0/SB2 Time Stamp : Fri Jan 30 16:01:32 PST 2004 New Status : Faulty Old Status : OK Event Code : Other Initiator : Customer Message : FOO Component : /N0/SB2 Page 190

Sun Proprietary & Confidential: Internal Use Only

SSE Field Reference Guide
Time Stamp : Tue May 27 16:36:40 PDT 2003 New Status : Suspect Old Status : Suspect Event Code : None Initiator : ScApp Message : 1.SF6800.FAULT.ASIC.AR.ADR_PERR.10441008.16-0.2.5014953000 619 Component : /N0/SB2 Time Stamp : Tue May 27 15:20:35 PDT 2003 New Status : Suspect Old Status : Suspect Event Code : None Initiator : ScApp Message : 1.SF6800.FAULT.ASIC.AR.CMDV_SYNC_ERR.102410bf.16-0.5.50149 53000619.5014404012558.5014404028276.5014362004314

9.0. High End Servers

v4u-6800c-sc0:A> setkeyswitch on Powering boards on ... Jan 30 16:09:51 v4u-6800c-sc0 Domain-A.POST: Agent {/N0/SB2/P2} is CHS disabled . Jan 30 16:09:52 v4u-6800c-sc0 Domain-A.POST: Agent {/N0/SB2/P3} is CHS disabled . Jan 30 16:09:54 v4u-6800c-sc0 Domain-A.SC: Excluded unusable, unlicensed, failed or disabled board: /N0/SB2 Testing CPU Boards ... {/N0/SB0/P0} Running CPU POR and Set Clocks {/N0/SB0/P1} Running CPU POR and Set Clocks {/N0/SB0/P0} @(#) lpost 5.15.2 2003/08/04 10:27 {/N0/SB0/P1} @(#) lpost 5.15.2 2003/08/04 10:27 v4u-6800c-sc0:A> showcomp sb2 Component --------/N0/SB2/P0 /N0/SB2/P1 /N0/SB2/P2 ECache /N0/SB2/P3 ECache /N0/SB2/P0/B0/L0 /N0/SB2/P0/B0/L2 /N0/SB2/P0/B1/L1 /N0/SB2/P0/B1/L3 /N0/SB2/P1/B0/L0 /N0/SB2/P1/B0/L2 /N0/SB2/P1/B1/L1 /N0/SB2/P1/B1/L3 /N0/SB2/P2/B0/L0 /N0/SB2/P2/B0/L2 Status -----enabled enabled disabled Pending ------disabled disabled POST ---untest untest chs chs untest untest untest untest untest untest untest untest chs chs Description ----------empty empty UltraSPARC-III, 750MHz, 8M UltraSPARC-III, 750MHz, 8M empty empty empty empty empty empty empty empty empty empty

disabled enabled enabled enabled enabled enabled enabled enabled enabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled -

Sun Proprietary & Confidential: Internal Use Only

Page 191

SSE Field Reference Guide
/N0/SB2/P2/B1/L1 /N0/SB2/P2/B1/L3 /N0/SB2/P3/B0/L0 /N0/SB2/P3/B0/L2 /N0/SB2/P3/B1/L1 /N0/SB2/P3/B1/L3 disabled disabled disabled disabled disabled disabled chs chs chs chs chs chs empty empty empty empty empty empty

9.0. High End Servers

For example: set CHS for SB5/P0/E0 to OK after HW replacement of the defective FRU: sc0:sms-user:> setchs -s ok -r "bad L2SRAM DIMM, board replaced" -c sb5/p0/e0 Note 1: Once the CHS of a component has been changed, a 'setkeyswitch off/on' (full hpost) sequence must be ran or DR ('hpost -H') used to take this change into account. Reboot ('hpost -Q') is not enough. Note 2 : Providing the reason for the health status change is mandatory (component health history).

9.1.8. Rebuilding a System Controller
1. As part of the Solaris installation, partition the disk at c0t2d0 with one of the following partition tables: 18GB DRIVES =========== Part Tag 0 root 1 swap 2 backup 3 unassigned 4 unassigned 5 unassigned 6 unassigned 7 unassigned /export/install 36GB DRIVES -========== Part Tag 0 root 1 swap 2 backup 3 unassigned 4 unassigned 5 unassigned 6 unassigned 7 unassigned /export/install 72GB DRIVES ============ Part Tag 0 root 1 swap 2 backup 3 unassigned 4 unassigned 5 unassigned 6 unassigned 7 unassigned /export/install

Flag wm wu wm wm wm wm wm wm

0 3561 0 0 4452 4457 0 4462

Cylinders - 3560 - 4451 - 7505 - 4456 - 4461 - 7505

Size Blocks 8.00GB (3561/0/0) 16779432 / 2.00GB (891/0/0) 4198392 swap 16.86GB (7506/0/0) 35368272 0 (0/0/0) 0 11.50MB (5/0/0) 23560 SLVM DB 11.50MB (5/0/0) 23560 SLVM DB 0 (0/0/0) 0 6.84GB (3044/0/0) 14343328

Flag wm wu wm wm wm wm wm wm

0 5740 0 0 7192 7201 0 7210

Cylinders - 5739 - 7191 - 24619 7200 7209

- 24619

Size 7.91GB 2.00GB 33.92GB 0 12.70MB 12.70MB 0 23.98GB

Blocks (5740/0/0) 16582860 / (1452/0/0) 4194828 (24620/0/0) 71127180 (0/0/0) 0 (9/0/0) 26001 SLVM DB (9/0/0) 26001 SLVM DB (0/0/0) 0 (17410/0/0) 50297490

Flag wm wu wm wm wm wm wm wm

0 1649 0 0 2062 2069 0 2076

Cylinders - 1648 - 2061 – 14086 2068 2075

– 14086

Size 8.00GB 2.00GB 68.35GB 0 34.78MB 34.78MB 0 58.28GB

Blocks (1649/0/0) 16780224 (413/0/0) 4202688 (14087/0/0) 143349312 (0/0/0) 0 (7/0/0) 71232 (7/0/0) 71232 (0/0/0) 0 (12011/0/0) 122223936

/

SLVM DB SLVM DB

Sun Proprietary & Confidential: Internal Use Only

Page 192

SSE Field Reference Guide

9.0. High End Servers

2. After the Solaris installation is complete, make sure the partition map on c0t3d0 is the same as c0t2d0. # prtvtoc /dev/rdsk/c0t2d0s2 | fmthard -s - /dev/rdsk/c0t3d0s2 3. Install the SDS/SVM packages. 4. Add the following to the end of the /etc/lvm/md.tab file. mddb1 mddb2 mddb3 mddb4 d10 d11 d12 d20 d21 d22 d30 d31 d32 -c -c -c -c -m -m -m 3 3 3 3 c0t2d0s4 c0t2d0s5 c0t3d0s4 c0t3d0s5 1 1 1 1 1 1 1 1 1 1 1 1 d11 /dev/dsk/c0t2d0s0 /dev/dsk/c0t3d0s0 d21 /dev/dsk/c0t2d0s1 /dev/dsk/c0t3d0s1 d31 /dev/dsk/c0t2d0s7 /dev/dsk/c0t3d0s7

5. Initialize the meta-databases with: # # # # metadb metadb metadb metadb -a -a -a -a -f /dev/dsk/c0t2d0s4 /dev/dsk/c0t2d0s5 /dev/dsk/c0t3d0s4 /dev/dsk/c0t3d0s5

6. Remove the swap device. # swap -d /dev/dsk/c0t2d0s1 7. Initialize the disk in the mirror and the mirror itself. # metainit d21 # metainit d20 8. Add the new swap device and modify the /etc/vfstab file. # swap -a /dev/md/dsk/d20 /dev/md/dsk/d20 - - swap - no - <--- /etc/vfstab entry 9. Unmount /export/install and initialize its disk and mirror. # umount /export/install # metainit d31 # metainit d30 10. Change /export/install's entry in /etc/vfstab to: /dev/md/dsk/d30 /dev/md/rdsk/d30 /export/install ufs 2 yes logging Sun Proprietary & Confidential: Internal Use Only Page 193

SSE Field Reference Guide

9.0. High End Servers

11. Perform a newfs on /export/install and mount it. # newfs -i 8192 -m 1 /dev/md/rdsk/d30 # mount /export/install 12. Prepare the disk and mirror for root. # metainit d11 # metainit d10 # metaroot d10 13. REBOOT THE SYSTEM CONTROLLER. # shutdown -y -g0 -i6 14. Finally, synchronize the mirrors. # # # # # # metainit d12 metattach d10 d12 metainit d22 metattach d20 d22 metainit d32 metattach d30 d32

Sun Proprietary & Confidential: Internal Use Only

Page 194

SSE Field Reference Guide

Sun Proprietary & Confidential: Internal Use Only

Page 195

SSE Field Reference Guide

10.0. Midrange Servers

10.0. Midrange Servers
10.1 Serengeti (3x00/4x00/6x00)
10.1.1. Command Reference
addboard -- assign a board to a domain addcodlicense -- add a cod license connections -- show connections to the system controller or a domain console -- connect to a domain shell/console deleteboard -- unassign a board from a domain deletecodlicense -- delete a cod license disablecomponent -- add a component to the blacklist disconnect -- disconnect this connection or a specified connection dumpconfig -- save the system controller configuration to a server enablecomponent -- remove a component from the blacklist flashupdate -- update firmware help -- show help for a command or list of commands history -- show command history password -- set the platform or domain password poweroff -- powers off components poweron -- powers on components reboot -- reboot the system controller restoreconfig -- restore the system controller configuration from a server service - enter service mode (password required) setdate -- set the date and time for the platform setdefaults -- set default configuration values setescape (5.16) ...set escape character setfailover -- set automatic/manual SC failover setkeyswitch -- set the keyswitch position for a domain setls -- set FRU location status setupplatform -- configure the platform showboards -- show board information showcodlicense -- show COD licenses showcodusage -- show COD resource usage showcomponent -- show state of a component showescape (5.16) - show escape sequence showdate -- show the current date and time for the platform or a domain showenvironment -- show environmental information showerrorbuffer -- show the contents of the error buffer showfailover -- show SC Failover information showfru (5.16)..- lists fru's in the system showkeyswitch -- show the keyswitch positions showlogs -- show the logs showplatform -- show platform configuration, information and domain status showsc -- show system controller version and uptime sshrestart (5.16) – restart ssh daemon testboard -- test a CPU/Memory board

Sun Proprietary & Confidential: Internal Use Only

Page 196

SSE Field Reference Guide

10.0. Midrange Servers

10.1.2. Updating Firmware
1. Updating an entire platform (system boards and I/O Boards): A. Must do spare system controller first: # flashupdate -f ftp://root:<password>@<ip-address/var/tmp/115423-01 scapp rtos B. Do main system controller next: # flashupdate -f ftp://root:<password>@<ip-address/var/tmp/115423-01 rtos all C. From a domain shell run: dom a> setkeyswitch off dom a> setkeyswitch on 2. Updating a single system board: It is possible to use one system board as a source to upgrade/downgrade a target board. The following command will execute this type of firmware update: # flashupdate -c <source-sb> <target-sb> Notes: All system boards and I/O boards must be powered on. New firmware does not take effect until domain is power cycled via setkeyswitch off, then setkeyswitch on.

10.1.3. Component Health Status
To clear chs messages, you must utilize “service” mode. Note: Service mode required a unique password that is good for 24 hours. To obtain a service mode password, you will need the following information from the sc: System Controller HostID: ScApp version: RTOS version: i.e. 80a656cd i.e. 5.18.0 i.e. 41

Then, go to the following web site to obtain a password: https://sfservicepass.sfbay/ sc1:SC> service Enter Password: ***** sc1:SC[service]> showchs -b Component Status ---------------------SB3/p0 Faulty sc1:SC[service]> setchs -s OK -r "good"-c SB3/p0 <--- Clears CHS sc1:SC[service]> showchs -v -c SB3 Total # of records: 3 Component : /N0/SB3/p0 Time Stamp : Mon Jan 19 17:09:41 PST 2004 New Status : OK Old Status : Faulty Event Code : None Initiator : Customer Message : enable Component Time Stamp : /N0/SB3/p0 : Fri Jan 16 14:32:14 PST 2004 Page 197

Sun Proprietary & Confidential: Internal Use Only

SSE Field Reference Guide
New Status Old Status Event Code Initiator Message : : : : :

10.0. Midrange Servers
Faulty Faulty None POST 1.SF6800.FAULT.POST.LPOST.61--.15-2.1

10.1.4. Forgotten password
This procedure works with firmware version 5.11.3 and higher. If the platform administrator's password is lost, the following procedure can be used to clear the password. 1. Reboot the System Controller (SC). You won't be able to do this by logging into the platform shell. You'll need to hit the reset button on the SC to do this. 2. 2. The normal sequence of a System Controller rebooting is for SCPOST to run, then ScApp. You'll need to wait for ScApp to start loading, then hit Control-A to spawn a vxWorks shell. SCPOST is done running when you see the message 'POST Complete'. At this point, ScApp will begin to load. When you see the copyright message 'Copyright 2001 Sun Microsystems, Inc. All rights reserved.', Hit CONTROL-A. You should see the following: Task not found spawning new shell. -> This last line is the vxWorks prompt. Keep in mind, that ScApp will still continue to load all the way to the point of giving you the menu to enter the platform/domain shells. To make it less confusing, wait for the ScApp menu to display on your screen, then hit return. You should see the vxWorks prompt -> again. 3. Make a note of the current boot flags settings. This will be used to restore the boot flags to the original value. -> getBootFlags() value = 48 = 0xC = '0' (Save the 0x number for # 7 below.) 4. 4. Change the boot flags to disable autoboot. -> setBootFlags (0x10) 5. 5. Reboot the System Controller (CONTROL-X or reboot ). Once reset, it will stop at the -> prompt. -> reboot 6. 6. Enter the following commands at the -> prompt. -> kernelTimeSlice 5 -> javaConfig -> javaClassPathSet "/sc/flash/lib/scapp.jar:/sc/flash/lib/jdmkrt.jar" -> javaLoadLibraryPathSet "/sc/flash" -> java "-Djava.compiler=NONE -Dline.separator=\r\n sun.serengeti.cli.Password" Wait for the following System Controller messages to display. Your prompt will come back right away, but it'll take about 10 seconds for these messages to show up: Clearing SC Platform password... Done. Reboot System Controller. 7. After the above messages are displayed, restore the bootflags to the original value using the setBootFlags() command. -> setBootFlags (0xC) (Use the value returned from #3 above. ) 8. Reboot the System Controller using CONTROL-X or the reboot command. Once rebooted, the platform administrator's password will be cleared.

Sun Proprietary & Confidential: Internal Use Only

Page 198

SSE Field Reference Guide

10.0. Midrange Servers

10.2 Sunfire 1280/2900
10.2.1. Powering on a 2900
To get to obp, do the following: 1. lom> poweron all 2. lom> testboard 3. ok> boot

10.2.2. flashupdate
To install new firmware run one of the following command from the lom prompt: flashupdate [-y|-n] -f <URL> all flashupdate [-y|-n] -f <URL> systemboards|scapp|rtos|<board> ... flashupdate [-y|-n] -u flashupdate [-y|-n] -c <source_board> <destination_board>

10.2.3. lom command reference
bootmode - Configure the way Solaris boots at the next reboot. break - Send a break signal to the Solaris console. console - Connect to the Solaris/OpenBoot PROM console. disablecomponent - Add a component to the blacklist. enablecomponent - Remove a component from the blacklist. flashupdate - Update the flash PROMs in the System Controller, all the system boards, or a specified board number. help - Without arguments, list all available LOM commands. When an argument is supplied, display basic usage of the specified command and a short description. history - Display the command history along with date and time stamps. inventory - Display SEPROM contents of a FRU. logout - Log out from this connection. password - Set the password for the LOM. poweroff - Forcibly power off the whole system to standby, or a FRU, or a list of FRUs. poweron - Power on the entire system, or a FRU, or a list of FRUs. reset Reset the Solaris system. resetsc - Reset the System Controller. setalarm - Set the system alarm relays and associated LEDS. setdate - Set the date and time for the system. setescape - Set the sequence of characters used to switch from the Solaris or OpenBoot PROM console to the LOM prompt. seteventreporting - The seteventreporting command controls which messages are printed at the LOM prompt and the level of logged messages sent to Solaris. setlocator - Set the state of the system Locator LED. setupnetwork - Set up System Controller network attributes. setupsc - Configure optional System Controller features. showalarm - Display state of system alarm relays and LEDs. showboards - Display the status for all boards in the system showcomponent - Display a component or a list of components. showdate - Display the current date and time for the system. showenvironment - Display the current environmental status, temperatures, voltages, fan status, and so on, for the system.. showescape - Display the current escape sequence. showeventreporting - Display the settings applied to the LOM software event reporting and messages. showfault - Display the state of the system Fault LED. showhostname - Display the system hostname. showlocator - Display the state of the system Locator LED. showlogs - Display the message event log. Sun Proprietary & Confidential: Internal Use Only Page 199

SSE Field Reference Guide

10.0. Midrange Servers

showmodel - Display the platform model. shownetwork - Display System Controller (LOM) network settings and MAC addresses. showresetstate - Display the CPU registers after an abnormal Solaris reset. showsc - Display version and uptime information about the System Controller. shutdown - Shut down Solaris and enter standby mode. testboard - Test the specified CPU/Memory board.

10.2.4. Resetting lom pasword
If you need to reset the password for the LOM you need to do the following. When connecting to the SSC the system will ask for a password. Hit return 3 times till the HostID, ScApp and the RTOS are displayed. It will look like this: Connected to Hostname-sc. Escape character is '^]'. Enter Password: Invalid password. Enter Password: Invalid password. Enter Password: Invalid password. HostID: 8318256e ScApp version: 5.18.0 RTOS version: 41 The HostID, ScApp and the RTOS are needed to generate a service mode password. Go to the service mode password site. https://sfservicepass.sfbay/ This will allow you to gernerate a service mode password. Enter this when the LOM asks for a password. (If you can not access the site contact PTS-ESG or a TSE-APLE.) Connected to Hostname-sc. Escape character is '^]'. Enter Password: This will get you to either the lom prompt or the console login prompt. If you are at the console login enter #. to get to the lom. lom> At this point you will need to enter the new password for the LOM. Use the password command to change it. When asked for the current password use the service mode password. Then enter the new password you want twice. lom> lom>password Enter current password: Enter new password: Enter new password again: You should then logout of the system and then log back in to test your new password.

Sun Proprietary & Confidential: Internal Use Only

Page 200

SSE Field Reference Guide

10.0. Midrange Servers

10.2.5. Reprogramming the System Configuration Card (SCC)
5.19.0 firmware now allows for the reprogramming of the SCC (System Configuration Card) used to maintain the identity of a LW8-class system. The goal is to allow rapid replacement of a physically damaged card if the standard SCC duplicate turnaround time is not sufficient to meet a customer's needs, and a customer has specific software licenses tied to a HostID. This procedure is not to be used except in the case of a physically damaged SCC. PTS has accepted the responsibility to verify this is the case through the issuance of an engineering mode password required to execute the reprogramming sequence. Misuse would compromise the infrastructure used to control ISV software licensing schemes. Call Flow: If a V1280/E2900/Netra1280 system experiences a physical failure of an SCC card, the anticipated call flow is as described below. Important: Do not insert a new replacement SCC until after the engineering mode password has been entered and you are in the reprogramming routine. If you replace the card before this, you will wipe out the previous information stored in NVRAM and you will have to discover the previous values by other means.
• • • • • • • •

Customer logs call with Sun Sun engineer will be dispatched for on-site response Sun engineer will verify issue, and verify that the customer requires a replacement SCC with the same information. Sun engineer will order one replacement SCC - for example, 370-5155. Sun engineer will open an escalation to PTS Engineer will type "engineering" from the lom> command prompt and get the information required for PTS to generate an engineering mode password PTS will generate password and provide engineer with the attached procedures and examples. Sun engineer should execute procedure 1 first and attempt to program the faulty card by hitting <RETURN> when prompted to insert a new card. Engineer should then verify the proper programming remains after the SC reboot. If this does not work, then the Sun engineer should re-execute procedure 1, except, when prompted to insert a new card, actually insert a new card, reprogram it, and verify its proper programming. Then, mark on the new SCC card the HostID and MAC address information of the customer machine. Sun engineer should then return the faulty SCC via CPAS so the reason for failure can be analyzed. Boot system System will stop requesting a valid SCC or engineering password Enter <return> to get parameters to generate an engineering mode password Enter engineering mode password, which will invoke the SCC reprogramming procedure Enter the new MAC and HostID information, or, accept the values listed if they are correct. Confirm ok to program Verify programming by rebooting SC Record new information on SCC

Procedure 1 - attempt to recover a card which has "forgotten" its information or is blank.
• • • • • • • •

Example: Software Reset...

Sun Proprietary & Confidential: Internal Use Only

Page 201

SSE Field Reference Guide
@(#) SYSTEM CONTROLLER(SC) POST 42 2004/12/13 11:03 PSR = 0x044010e5 PCR = 0x04004000 Memory size = 128MB

10.0. Midrange Servers

Basic sanity checks done. Skipping POST ... ERI Device Present Getting MAC address for SSC1 SCC MAC Address not available. Ethernet not configured. MAC address is 0:0:0:0:0:0 <---------- NOTE: with bad card, no MAC address on boot Attaching interface lo0...done -> interrupt: 100 Mbps full duplex link up boot Copyright 2001-2004 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Sun Fire System Firmware RTOS version: 42 ScApp version: 5.19.0 Development_Build_5.19.0 SC POST diag level: off The date is Wednesday, January 5, 2005, 1:51:00 PM PST. Wed Jan 05 13:51:02 foobar lom: Boot: ScApp 5.19.0, RTOS 42 Wed Jan 05 13:51:07 foobar lom: invalid System Config Card Wed Jan 05 13:51:07 foobar lom: SCC contents are invalid Wed Jan 05 13:51:07 foobar lom: Please insert valid SCC -OR- Enter Password for SCC maintenance junk Invalid password. HostID: 83198b92 <-----HostID info from nvram - last known domain HostID ScApp version: 5.19.0 RTOS version: 42 Enter password: Invalid password. Enter password: <----engineering mode password here

Insert new SCC to be initialized, then Press RETURN to continue Please enter the requested data or accept the default value MAC ADDRESS: [00:03:ba:19:8b:89] Press ENTER HOSTID: [83198b89] Press Enter ******* WARNING WARNING WARNING ******* System Configuration Card (SCC) about to be overwritten Proceed? yes/no [no] : yes -- UPDATING SCC --

Sun Proprietary & Confidential: Internal Use Only

Page 202

SSE Field Reference Guide
Please remove SCC from machine and record the follow on card MAC ADDRESS : 00:03:ba:19:8b:89 HOSTID : 83198b89

10.0. Midrange Servers

Re-insert card when done and Press RETURN to continue <-- NOTE that the machine will not reboot at this point as a function of removing the card Wed Jan 05 13:52:36 foobar lom: SCC inserted - resetting... Software Reset... @(#) SYSTEM CONTROLLER(SC) POST 42 2004/12/13 11:03 PSR = 0x044010e5 PCR = 0x04004000 Memory size = 128MB Basic sanity checks done. Skipping POST ... ERI Device Present Getting MAC address for SSC1 Using SCC MAC address MAC address is 0:3:ba:19:8b:92 <---------- NOTE GOOD MAC ADRESS with working card Hostname: foobar Address: 10.8.28.116 Netmask: 255.255.252.0 Attached TCP/IP interface to eri unit 0 Attaching interface lo0...done Gateway: 10.8.31.248 interrupt: 100 Mbps full duplex link up Procedure 2 - Reprogramming a pre-programmed card:
• • • • • • • • • • •

Install new card Boot system Type engineering to get parameters to generate an engineering mode password Enter engineering mode password, switching to engineering mode Issue the following command: seprom SCC -create_scc Enter the new MAC and HostID information Confirm ok to program Verify programming by rebooting SC Record new information on SCC Exit engineering mode Reboot the SC

Example 2: lom[engineering]>seprom SCC -create_scc Insert new SCC to be initialized, then Press RETURN to continue Please enter the requested data or accept the default value MAC ADDRESS: [00:03:ba:19:8b:89] 99:88:77:66:55:44 HOSTID: [83198b89] 80123456 ******* WARNING WARNING WARNING *******

Sun Proprietary & Confidential: Internal Use Only

Page 203

SSE Field Reference Guide
System Configuration Card (SCC) about to be overwritten Proceed? yes/no [no] : yes -- UPDATING SCC -Please remove SCC from machine and record the follow on card MAC ADDRESS : 99:88:77:66:55:44 HOSTID : 80123456 Re-insert card when done and Press RETURN to continue lom[engineering]>resetsc

10.0. Midrange Servers

Sun Proprietary & Confidential: Internal Use Only

Page 204

SSE Field Reference Guide

Sun Proprietary & Confidential: Internal Use Only

Page 205

SSE Field Reference Guide

11.0. Entry Level Servers

11.0. Entry Level Servers
11.1. v880
11.1.1 Automatic System Recovery
The automatic system recovery feature for the Sun Fire v880 enables the system to resume operation in the event a NON-Fatal Error has occurred. When ASR is enabled, the system's firmware diagnostics automatically detect failed hardware components. The OpenBoot firmware will deconfigure the failed components and restore system operation as long as the system is capable of operating without the failed component. The ASR feature enables the system to reboot automatically, without operator intervention. ASR - OBP Versions 4.6.x and Above ok> setenv auto-boot? true ok> setenv auto-boot-on-error? true ok> setenv diag-switch? true ok> setenv diag-level max ok> setenv diag-device (a value = to boot-device) disk ok> setenv post-trigger all-resets Note: 'post-trigger' options: power-on-reset: Execute POST during system power-cycle on error-reset: Execute POST on Red State Exception, Watchdog, or Fatal Reset events user-reset: Execute POST on panic or user-initiated events (ie: reboot, reset-all). none: Disable POST execution, excluding keyswitch & service processor. ok> setenv obdiag-trigger all-resets Note: 'obdiag-trigger' options: power-on-reset: Execute OBDIAG during system power-cycle on error-reset: Execute OBDIAG on Red State Exception, Watchdog, of Fatal Reset events user-reset: Execute OBDIAG on panic or user-initiated events (ie: reboot, reset-all) none: Disable OBDIAG execution, excluding keyswitch & service processor. ASR - OBP Versions 4.5.x and Below ok> setenv auto-boot? true ok> setenv auto-boot-on-error? true ok> setenv diag-switch? true ok> setenv diag-level max ok> setenv diag-device (a value = to boot-device) disk ok> setenv diag-trigger soft-reset Note: diag-trigger variable settings that can be used: power-reset (default): Runs firmware diagnostics only on power-on resets, including RSCinitiated power on resets. error-reset: Runs firmware diagnostics only on resets triggered by hardware errors, including watchdog reset events. This DOES NOT include software resets. soft-reset (recommended): Runs firmware diagnostics on all reset events, including OS system panics (including software resets). none: Disables the automatic triggering of firmware diagnostics by any reset event. You can still invoke firmware diagnostics manually by turning the front panel keyswitch to the Diagnostics position prior to powering on the system.

Sun Proprietary & Confidential: Internal Use Only

Page 206

SSE Field Reference Guide

11.0. Entry Level Servers

ok> reset-all Non-fatal (recoverable by ASR) errors includes the following: · SCSI/GLM Failure · FCAL Subsystem Failure (In this case, a working alternate path to the boot disk is required.) · Gigabit Ethernet or Fast Ethernet interface Failure · RSC Failure · USB Interface Failure · Serial Interface Failure · Any PCI Card Failure · CPU Failure (Renders the entire module "failed", Requires another "passed" module present in the system, otherwise this is a Fatal Error) · Memory DIMM Failure (Renders the memory bank "failed", NOT the entire GROUP. If the entire GROUP failed it would require another passed bank at a minimum.) Note: If POST or OpenBoot Diagnostics detects a non-fatal error associated with the normal boot device, the OpenBoot firmware automatically deconfigures the failed device and tries the next-in-line boot device, as specified by the 'boot-device' configuration variable. Fatal (non-recoverable by ASR) errors includes the following: Switch ASIC Failure (DAR, DCDS, MDR, BBC) PCI Bridge Failure (Schizo) RIO Failure CPU Failure (All CPU modules present failed.) Memory Failure (All memory banks present failed.) Flash RAM cyclical redundancy check (CRC) Failure Critical FRUPROM configuration data (CRC, consistency) Failure For a list of components that can be manually enabled or disabled by ASR, type the following at the ok prompt:
· · · · · · ·

ok> .asr NOTE: 'obdiag-trigger' and 'post-trigger' will be replaced by 'diag-trigger' in OBP 4.14.x Estimated time-frame for release is April 2004.

Sun Proprietary & Confidential: Internal Use Only

Page 207

SSE Field Reference Guide

11.0. Entry Level Servers

11.2. 280r
11.2.1 nvalias issues
Sun Fire 280R, Sun Blade 1000, or Netra T4 platforms may have problems with the devalias for the boot disk. The install program might be unable to determine the boot device on SCSI and FC-AL. As a result, the installation fails. The workaround is to manually set the boot device in the OpenBoot PROM (OBP). Follow these steps: 1. Bring your system to the ok prompt, and type the following command: ok probe-scsi-all 2. Write down the Port WWN number for the disk that will be the boot device. Example: 2100002037e4317d 3. Execute the devalias disk at the ok prompt by typing the following command: ok devalias disk The device name that the devalias disk command points to is returned by the system. If the Port WWN is included in the device name, your system is not affected by this bug. Do not continue. If the Port WWN is not included in the device name, you must manually set the Port WWN. 4. Type the following command: substituting the Port WWN for <port>. ok nvalias disk/pci@8,600000/SUNW,qlc@4/fp@0,0/disk@w<port>,0 5. Now Verify that the Port WWN is now listed in the device name. Type the following command: ok devalias disk 6. Ensure that boot-device is set to disk. Type the command: ok setenv boot-device disk

Sun Proprietary & Confidential: Internal Use Only

Page 208

SSE Field Reference Guide

11.0. Entry Level Servers

11.3. SunRay
11.3.1. Command Reference
Command utaction utadm utcapture utcard utconfig utcrypto utdesktop utdetach Definition The utaction program provides a way to execute commands when a Sun Ray DTU session is connected or disconnected. The utadm command manages the private network, shared network, and DHCP (Dynamic Host Configuration Protocol) configuration for the Sun Ray interconnect. The utcapture command connects to the Authentication Manager and monitors packets sent and packets dropped between the Sun Ray server and the Sun Ray DTUs. The utcard command allows configuration of different types of smart cards in the Sun Ray administration database The utconfig command performs the initial configuration of the Sun Ray server and supporting administration framework software. The utcrypto command is a utility for security configuration. The utdesktop command allows the user to manage Sun Ray DTUs connected to the Sun Ray server that the command is run on. The utdetach command disconnects the current non-smart card mobile session or authenticated smart card session from its respective Sun Ray DTU. The session is not destroyed but put into a detached state. The session can be accessed if the same user token (user name) is presented to the Sun Ray server. The utdiskadm utility is a tool for Sun Ray mass storage administration. The utdssync command converts the port number for the Sun Ray Data Store service to the new default port on servers in a failover group, then forces all servers in the group to restart Sun Ray services. The uteject command is used to eject media from a removable storage media device. The utfwadm command manages firmware versions on the Sun Ray DTUs. The utfwload command is used primarily to force the download of new firmware to a DTU running lder firmware than its server. The utfwsync command refreshes the firmware level on the Sun Ray DTUs to what is available on the Sun Ray servers in a failover group. It then forces all the Sun Ray DTUs within the group to estart. The utgroupsig command sets the failover group signature for a group of Sun Ray servers. The utgroupsig command also sets the Sun Data Store rootpw used by Sun Ray to a value based on the group signature. Although utgroupsig sets the rootpw in the utdsd.conf file, it does not set the admin password, which is a separate entity, in the Admin database. The utgstatus command allows the user to view the failover status information for the local server or for the named server. The information that the command displays is specific to that server at the time the command is run. The utinstall utility installs, upgrades, and removes Sun Ray Server Software. All software required to support the Sun Ray server is installed, including the administration framework, Solaris operating environment patches, and any patches required by the framework. The utkiosk script is used to import/export kiosk configuration information into the LDAP database The utmhadm command provides a way to administer Sun Ray server multihead terminal groups. The information that utmhadm displays and is editable is stored in the Sun Ray admin database. The utmhconfig tool allows an administrator to list, add, or delete multiheaded groups easily. The utmhscreen tool draws a window displaying the current session on each screen, with the current screen highlighted for easy identification. This tool is automatically launched for users during the X server startup process (session creation). The utmount command is used to mount a file system on a Sun Ray mass storage device. The utmountd command is used to perform mount and umount operations on Sun Ray mass storage devices managed by utstoraged. The utpolicy command sets and reports the policy configuration of the Sun Ray Authentication Manager, utauthd(1M). This command s -i and -t options were deprecated as of the 2.0 release. Please continue to use the utpolicy command for policy changes, but use the utrestart command instead of utpolicy -i, and use utreader instead of utpolicy -t. Page 209

utdiskadm utdssync uteject utfwadm utfwload utfwsync utgroupsig

utgstatus utinstall utkiosk utmhadm utmhconfig utmhscreen utmount utmountd utpolicy

Sun Proprietary & Confidential: Internal Use Only

SSE Field Reference Guide
utpreserve utpw utquery utrcmd utrcmd

11.0. Entry Level Servers

The utpreserve command saves existing Sun Ray Server Software configuration data to the /var/tmp/SUNWut.upgrade directory. The utpw command changes the Sun Ray administrator password (also known as the UT admin password) used by the Web-based and command-line administration applications. The utquery command collects DHCP information from the Sun Ray DTUs. The utrcmd program provides a way to run Sun Ray administrative commands remotely. The

program contacts the in.utrcmdd daemon on the remote hostname and executes the specified command with the specified arguments, args (if any). utreader The utreader command is used to add, remove, and configure token readers. utreplica The utreplica command configures the Sun Ray Data Store server to enable replication of administered data from a designated primary server to each secondary server in a failover group. The -z option is useful for updating the port number. utresadm The utresadm command allows an administrator to control the resolution and refresh rate of the video monitor signal (persistent monitor settings) produced by the Sun Ray unit. utresdef The utresdef command lists the monitor resolutions and refresh rates that can be applied to Sun Ray units through the utresadm command. utrestart The utrestart command is used to start Sun Ray services. It is highly recommended as a substitute for the old utglpolicy and utpolicy -i commands. utselect The utselect command presents the output of utswitch -l in a window and allows mouse-based selection of a Sun Ray server to which the Sun Ray DTU in use is reconnected. utsession The utsession command lists and manages Sun Ray sessions on the local Sun Ray server. utset Use utset to view and change Sun Ray DTU settings. utsettings The utsettings command opens a Sun Ray Settings dialog box that allows the user to view or change audio, visual, and tactile settings for the Sun Ray DTU. utsunmc The utsunmc command adds the Sun Ray Server Software 3 module to the Sun Management Center (SunMC) and loads it to permit monitoring of Sun Ray Server Software. The utsunmc command can also remove the Sun Ray Server Software 3 module from SunMC. utsunmcinstall Use utsunmcinstall to install and uninstall the Sun Ray module for SunMC on a SunMC server where Sun Ray Server Software is not installed. utswitch The utswitch command allows switching a Sun Ray DTU among Sun Ray servers in a failover group. It can also list the existing sessions for the current token. utsvc The utsvc script restarts the Sun Ray Server Software and, due to its location in /etc/init.d, is executed upon startup of the actual server. Use utrestart instead of utsvc. utusbadm The utusbadm command is used to enable or disable access to USB devices. utumount The utumount command is used to unmount a file system from a Sun Ray mass storage device. utuser The utuser command allows the administrator to manage Sun Ray users registered on the Sun Ray server that this command is run on. It also provides information on the currently inserted token (smart card) for a specified DTU that is configured as a token reader. utwall The utwall utility sends a message or an audio file to users having an Xsun (X server unique to Sun Ray) process. The messages can be sent in email and displayed in a pop-up window. utwho The utwho script assembles information about display number, token, logged-in user, etc., in a compact format. utxconfig The utxconfig program provides X server configuration parameters for users of Sun Ray DTU sessions.

Sun Proprietary & Confidential: Internal Use Only

Page 210

SSE Field Reference Guide

11.0. Entry Level Servers

11.3.2. Managing Sun Ray Services
To Stop Sun Ray Services: # /etc/init.d/utsvc stop To Start Sun Ray Services # /opt/SUNWut/sbin/utrestart # /opt/SUNWut/sbin/utrestart -c

Sun Proprietary & Confidential: Internal Use Only

Page 211

SSE Field Reference Guide

11.0. Entry Level Servers

11.4. x4100/x4200
11.4.1. Navigation
To start a serial console from ilom: Login to the Service Processor: login: root password: changeme -> -> cd /SP/console -> start To return to ilom: Press [Esc]-[Shift]-9

11.5. v40z
11.5.1. Resetting the SP Password:
If you are prompted for a password, this indicates that the SP has already been secured with an account. If you do not know the management user name and password, you can reset the SP from the operator panel by navigating to the SP menu and selecting the Use defaults option. Note that all current settings for users and networks will be lost and the SP will reboot.

Sun Proprietary & Confidential: Internal Use Only

Page 212

SSE Field Reference Guide

Sun Proprietary & Confidential: Internal Use Only

Page 213

SSE Field Reference Guide

12.0. EOL'd Servers

12.0. EOL'd Servers
12.1. Ultra Enterprise 10000 (Starfire)
12.1.1. Command Reference
autoconfig - scantool/interconnect auto config board_id - read or write board ID values bringup - configure and boot the domain cancelcmdsync - remove a command synchronization descriptor used in automatic failover cb_prom - upgrade PROM cb_reset - reset and reboot hung control board check_host - determine whether the domain is up cmdsync - command synchronization commands domain_create - create new domain or recreate old one domain_history - display domain history domain_link - link domains to form or expand an InterDomain Network domain_remove - remove an existing domain domain_rename - rename an existing domain domain_status - display domain status domain_switch - change domain name in SUNW_HOSTNAME domain_unlink - unlink domain(s) from an InterDomain Network edd_cmd - send a command to edd(1M) fan - display or control fan power and speed hostint - interrupt processor, dump kernel core hostreset - reset a hung domain hostview - system monitor GUI hpost - control and sequence POST through JTAG initcmdsync - create a command synchronization descriptor used in automatic failover netcon - network console netcon_server - network console server daemon netcontool - network console tool obp_helper - download OpenBoot to system memory power - control power redx - remote emulation debugger runcmdsync - prepare a specified script for recovery after a failover savecmdsync - marks a point in a script from which the script can be recovered after a failover setdatasync - modify the data propagation list used in data synchronization setfailover - modify the automatic failover state for the SSP or control board showcmdsync - display the current command synchronization list showdatasync - display the status of SSP data synchronization for failover showdevices - display system board devices and resource usage information showfailover - display the failover status of the SSP and control board showusage - display DR and board resource information sigbcmd - send commands from SSP to domain ssp_backup - back up the SSP environment ssp_config - configure SSP control boards ssp_downgrade - prepare the SSP and Sun Enterprise 10000 system for downgrading to a previous SSP release ssp_restore - restore the SSP environment ssp_startup(1M) invoke SSP daemons ssp_unconfig(1M) deconfigure the SSP sys_clock - display/change/set system clock frequencies sys_id - display or change machine ID in SSP IDPROM thermcal_config - create SSP thermistor calibration data file

Sun Proprietary & Confidential: Internal Use Only

Page 214

SSE Field Reference Guide

12.0. EOL'd Servers

12.1.2. Tilde Commands
In a Domain Console Window, a tilde (~) that appears as the first character of a line is interpreted as an escape signal that directs netcon to perform some special action, as follows: ~# Break to OBP or kadb. ~. Disconnect and exit the netcon session. ~@ Acquire Unlocked Write permission. ~^ Release write permission. ~? Show status of all open console sessions and the comm path currently in use. ~= Toggle the comm path between the network and JTAG interfaces. ~& Acquire Locked Write permission. Issue this signal during a read-only or Unlocked Write session. ~* Acquire Locked Write permission, terminate all other open sessions, and prevent new sessions from being opened. To restore multiple-session mode, either release the lock or terminate this session.

12.1.3. SSP File System Layout
$SSPVAR (/var/opt/SUNWssp) - .ssp_private | cb_config (output from ssp_config) | cb_port | domain_config (output from domain_create) | domain_history | ssp_resources | ssp_to_domain_hosts (output from ssp_config) | fad_files |__eeprom_save | eeprom.image.<domain-name> | eeprom_image_1 - adm | messages |__ domain_name | | messages | | xfstate-files | | Edd-Arbstop-Dump-files | | Edd-Record-Stop-Dump-files | |__ post | post1024.0908.log (log files for hpost) - etc |__ platform_name | blacklist (used to disable components on next bringup) | edd.erc | edd.emc | |__ domain_name bootproc ( contains the bootproc number) edd.erc eeprom.image (working copy) eeprom.backup.1 (bu's; not archives) eeprom.backup.2 (bu's; not archives) .postrc

pids (process id's of server apps) - data (scantool files updated by autoconfig) - ict (interconnect test results)

Sun Proprietary & Confidential: Internal Use Only

Page 215

SSE Field Reference Guide

12.0. EOL'd Servers

12.1.4. Daemons
I. SSP Server ssp_startup machine_server cbs fad straps II. Platform Server edd snmpd III. Domain Server obp_helper netcon_server

12.1.5. cpu decoding table
/SUNWUltraSPARC@1f = system board 7, proc 3 1 ___|___ | 0 0 --_____| 1 = I/O 0 = proc f ___|___ | 1 1 --|____________ proc number 0-3

| | 0 1 1 1 -----------| system board number (0-F)

Sun Proprietary & Confidential: Internal Use Only

Page 216

SSE Field Reference Guide

12.0. EOL'd Servers

12.1.6. sbus decoding table
sbus@41 = system board 0, sysio 1 4 _____|_____ | 0 1 _____| 1 = I/O 0 = proc 1 ______|_____ | 0 1 |____________ sysio number 0 = top 2 slots 1 = bottom 2 slots

|| 0 0 0 0 -------| system board number

System sysio 0 Board 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

sysio 1

/sbus@40 /sbus@41 /sbus@44 /sbus@45 /sbus@48 /sbus@49 /sbus@4c /sbus@4d /sbus@50 /sbus@51 /sbus@54 /sbus@55 /sbus@58 /sbus@59 /sbus@5c /sbus@5d /sbus@60 /sbus@61 /sbus@64 /sbus@65 /sbus@68 /sbus@69 /sbus@6c /sbus@6d /sbus@70 /sbus@71 /sbus@74 /sbus@75 /sbus@78 /sbus@79 /sbus@7c /sbus@7d

Sun Proprietary & Confidential: Internal Use Only

Page 217

SSE Field Reference Guide

12.0. EOL'd Servers

12.1.7. redx Dump Analyzer
How to start redx % redx -lc
·

Common redx commands dumpf load <file-name> - loads a specific Arbstop, Record-Stop or xfstate shscan all - displaysall ASICS within the domain wfail - displays contents of register wfail -s - displays failing components wfail -B - displays entries to use in blacklist exit - quit redx

·

Boardmasks redx> dumpf load file01 Created Tue Apr 14 09:10:04 1998 By hpost v. 3.1 Feb 19 1998 13:55:08 executing as pid=5552 On ssp name = snax-ssp.SD_Eng.West.Sun.COM HOSTNAME = pizza platform_name = snax Boardmask = 312AF -D option Edd-Record-Stop-Dump There were 0 errors encountered while creating this dump. The boardmask displays how many, and which system boards make up the domain. It is translated as follows: 312AF The first character idetifys the mode of operation. A "3" signifys that the domain is operating in full mode. The next 4 characters represent hex numbers that identify which system boards are part of the domain. In the example above, the translation is; 1 0001 2 A F <-- hex number 0010 1010 1111 <-- binary translation

15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 <-- System Board Number So, this domain is comprised of system boards 0 1 2 3 5 7 9 & 12.

Sun Proprietary & Confidential: Internal Use Only

Page 218

SSE Field Reference Guide

12.0. EOL'd Servers

12.1.8. hpost
The amount of testing done by POST is controlled by the level, which is set with the -l<level> command line argument or the "level" .postrc command. The higher the level, the more tests are run, and the more thoroughly some tests are run. level 7 16 17 24 32 64 description The minimum level. Hardware probing and configuration, no testing. Default level. Basic testing of processor, memory, and I/O. Processor-based bbsram tests. More DTAG, memory and I/O tests, proc and I/O vs. memory, xcall, JTAG interrupt test, JTAG chain_length tests. Yet more DTAG & memory tests, I/O ecc tests. The highest "normal" diag level. More DTAG & memory, cache coherency. Error detection tests.

100 Verify bbsram downloads. 127 The maximum level. Example: # bringup -A off -l7 hpost error codes To obtain a n explanation about an hpost error code, run the following command: ssp-31 % hpost -e71 "error in ssp software execution"

12.1.9. DIMM Table
DIMM0: lo half bits [17:0] DIMM1: lo half bits [35:18] DIMM2: lo half bits [53:36] DIMM3: lo half bits [71:54] DIMM4: hi half bits [17:0] DIMM5: hi half bits [35:18] DIMM6: hi half bits [53:36] DIMM7: hi half bits [71:54]

12.1.10. Configuration Rules
The following rules apply when configuring components on the system board: All processor modules in the system must be the same speed. All processor modules on a system board must have the same cache size. For increased processor performance, avoid populating processors 0 and 1 together and processors 2 and 3 together. · For increased I/O performance, avoid populating SBus 00 and 01 together and SBus 10 and 11 together. · When configuring memory on a system board: n All sockets within a bank must be fully populated. · All DIMM sizes must be equal. n For increased performance on partially populated memory boards, do not use banks 0 and 2 together or banks 1 and 3 together.
· · ·

Sun Proprietary & Confidential: Internal Use Only

Page 219

SSE Field Reference Guide

12.0. EOL'd Servers

12.1.11. Component Numbering Scheme

Illustration 1System Board Numbering

Sun Proprietary & Confidential: Internal Use Only

Page 220

SSE Field Reference Guide

12.0. EOL'd Servers

Sun Proprietary & Confidential: Internal Use Only

Page 221

SSE Field Reference Guide

12.0. EOL'd Servers

Sun Proprietary & Confidential: Internal Use Only

Page 222

SSE Field Reference Guide

12.0. EOL'd Servers

12.1.12. Blacklisting
# cd /var/opt/SUNWssp/etc/<platform-name> # vi blacklist For a cpu, the entry is: proc <system-board>.<proc-number> i.e. proc 1.2 For a system board, the entry is: sysbd <system-bd number> i.e. sysbd 0 For an sbus card, the entry is: scard <sb>.<ioctl>.<slot> i.e. scard 4.1.0 To disable all memory on a sb, the entry is: mem <sb> i.e. mem 0 To disable a memory bank, the entry is: mgroup <sb.bank> i.e. mgroup 2.1 To disable hlf of the centerplane, the entry is: cplane <half-centerplane> i.e. cplane 1 To disable a port controller, the entry is pc <sb>.<pc> i.e. pc 0.1 To disable an xdb, the entry is: xdb <sb>.<xdb> i.e. xdb 0.2 To disable a cic, the entry is: cic <sb>.<cic> i.e. cic 0.1 Note: for the blacklist entry to take effect, the domain must be restarted via a bringup command.

Sun Proprietary & Confidential: Internal Use Only

Page 223

SSE Field Reference Guide

12.0. EOL'd Servers

12.1.13. Power up/down platform
Powering Down The E10K:
[1.] Properly and gracefully shutdown the Solaris Operating Environment on the configured domains on your Sun Enterprise 10000 Server(s). Example: # telnet {domain_name} # shutdown -y -g0 -i0 This should bring your domain(s) to the OBP (Open boot PROM) level also known as the "ok prompt". Perform this on all configured domains on your Sun Enterprise 10000 Server(s). [2.] Power off the entire Sun Enterprise 10000 host cabinet and remotely controlled I/O cabinets via the "power -B -off" command. Example: Enter 'domain_switch {platform_name}' to be able to control the entire platform from the ssp. sspname:domain_name% domain_switch {platform_name} sspname:platform_name% sspname:platform_name% power -B -off [3.] After issuing the "power -B -off" command from the SSP's platform prompt, wait until all of the black power supply breakers (AC Input Modules) have flipped off, the fans have stopped spinning, and the control boards power down. You can check this by either physically inspecting the LEDs for the said boards (all LEDs should be turned off) or by issuing the "power" command from the SSP's platform prompt. Example: sspname:platform_name% power If you have an AC sequencer for RSM/A3000/A3500 arrays or any external peripheral cabinet, make sure this is turned to the "off" position. If using remote power commands for peripheral cabinets, make sure the A/C sequencer is in "remote" mode. Turn off power to all peripheral cabinets/arrays if they are still turned on. [4.] Power off the spare SSP first. Log in to the spare SSP as "root" and issue the "shutdown" command to gracefully and properly shutdown and power off this host. Example: spare_ssp# sync; sync; shutdown -y -g0 -i5 [5.] Power off the main SSP. Log in to the main SSP as "root" and issue the "shutdown" command to gracefully and properly shutdown and power off this host. Example: main_ssp# sync; sync; shutdown -y -g0 -i5 Congratulations! This completes the safest and recommended way of completely powering down your Sun Enterprise 10000/E10K Server(s).

Powering Up The E10K:
Note: Insure that all network cables are connected, including the public network! [1.] Power on the main SSP first. Once the main SSP is fully booted, it starts the SSP and the SSP daemons. Check your SSP platform message file for completion of the SSP daemon startup process. Example:

Sun Proprietary & Confidential: Internal Use Only

Page 224

SSE Field Reference Guide
# telnet {mainsspname} or login directly to the main SSP: Login: ssp Password: (Provide the ssp password) Please enter SUNW_HOSTNAME: (Provide the platform_name) sspname:platform_name% sspname:platform_name% tail -f $SSPVAR/adm/messages

12.0. EOL'd Servers

[2.] Once the main SSP is fully booted, power on the spare SSP next. After the spare fully boots up, go back to the main SSP and verify that failover is okay and that there are no known problems. Example: sspname:platform_name% showfailover sspname:platform_name% power NOTE: At this point, the SSP is still not communicating with the Control Boards, since the E10K is still completely powered off and no housekeeping voltage/power is running. [3.] Power on the Sun Enterprise 10000 host cabinet and remotely controlled I/O cabinets by flipping and turning on the switches on the black power supply breakers (AC Input Modules) as well as turning on the AC sequencer to power any peripheral cabinets/arrays. After the CBs (Control Boards) have been powered up, they will attempt to communicate with the SSP. You must wait for the LEDs to display a walking "1s" pattern (green LEDs) indicative of the Control Board Executive (CB daemon) operating normally. The fans will also spin down from a "high" rate to a "normal" rate indicative of the CB operating normally. NOTE: This hardware transition may take anywhere up to 3 minutes or so, and you must wait until this phase is complete before executing "power" commands on the SSP from a software standpoint. [4.] Once the initial housekeeping voltage is up and running based on the LED status on the control boards and normal fan speed, you can then execute the "power -on -all" command from the main SSP's platform prompt. Example: # telnet {mainsspname} Login: ssp Password: (Provide the ssp password) Please enter SUNW_HOSTNAME: (Provide the platform_name) sspname:platform_name% sspname:platform_name% power -on -all This will turn on, and validate power to all system boards, including centerplane support boards. The Sun Enterprise 10000 platform does not automatically boot any domains when powered on. The domains must be initialized by the "bringup" command individually from the SSP. [5.] The Sun Enterprise 10000 host cabinet is now completely powered up. Be sure that before booting each individually configured domains that all external devices (peripheral/storage) connected to this E10K is powered up, assuming that the AC sequencer was either not turned on or the devices are not being controlled by the AC sequencer in step [3.]. [6.] Login to the main SSP and individually perform a "bringup -A on" command for each configured domain. Example: # telnet {mainsspname} or login directly to the main SSP: Login: ssp Password: (Provide the ssp password)

Sun Proprietary & Confidential: Internal Use Only

Page 225

SSE Field Reference Guide
Please enter SUNW_HOSTNAME: (Provide the platform_name) sspname:platform_name% Enter 'domain_status' to verify what domains have what system boards. sspname:platform_name% domain_status

12.0. EOL'd Servers

Enter 'domain_switch {domain_name}' (Provide the domain_name for the domain you want to access) sspname:platform_name% domain_switch {domain_name} sspname:domain_name% bringup -A on NOTE: As of SSP 3.3 or higher, when the "bringup" command prompts for a response, it will time out after 10 minutes if none is provided. The default taken after the timeout is always "safe", such as terminating the bringup operation or not configuring the centerplane. Repeat these steps for all the other remaining domains Congratulations! This completes the safest and recommended way of completely powering up your Sun Enterprise 10000/E10K Server(s).

Sun Proprietary & Confidential: Internal Use Only

Page 226

SSE Field Reference Guide

12.0. EOL'd Servers

12.2. Old “Sunfire” Enterprise Servers (3000/3500-6000/6500)
12.2.1. Power on self test (POST)
o o o o Runs on each Board Sets LED status on each board, if yellow, board has problems Outputs only to a terminal (TTY) Boot Prom Controls o ok show-post-results --> to view output o ok setenv diag-switch? --> enable/disable verbose output o ok setenv diag-level --> min or max o ok setenv mfg-env --> enable/disable temperature sensing o Press 's' during post to get to a POST-MENU after POST is run

12.2.2. LED Codes
o Clock Board POWER off off off off on on on on on on on on o SYSTEM BOARD POWER off off off off on on on on on on on on o POWER SUPPLY GREEN off on on off SERVICE off on off on off off on on off on flashing flashing SERVICE off on off on off off on on off on flashing flashing YELLOW off off on on CYCLING off off on on off on off on flashing flashing off on CYCLING off off on on off on off on flashing flashing off on CONDITION no power failure failure failure hung in POST or OS hung in OS hung in OBP hung in OS/OBP OS running normally Os running w/failure POST or OBP OS or OBP error CONDITION board has no power low power mode - unpluggable failure failure hung in POST or OS hung in OS hung in OBP hung in OS/OBP OS running normally Os running w/failure POST or OBP OS or OBP error

CONDITION no AC input or keyswitch turned off normal operation fan failure DC output failed, or low power mode

12.2.3. OBP Commands
ok> copy-clock-tod-to-io-boards --> clears time of day message ok> setenv disabled-board-list --> sets board to be disabled on reboot ok> prom-copy board# board# --> copies prom from board to board

Sun Proprietary & Confidential: Internal Use Only

Page 227

SSE Field Reference Guide

13.0. Disk Arrays

13.0. Disk Arrays
13.1. D240 Media Tray
13.1.1. LED's

Hard Drive Status LED Descriptions (Front of System) Indication Green Green Off Status steady Drive present, inactive flashing Drive present, active Drive absent

System Status LED Descriptions (Front of System) Indication Status Green Power supply is inserted and cabled on, normal. Off Power supply is absent or power cords are not connected. Amber Power supplies or fan has failed, or the system is running from a single power supply.

Power Supply Status LEDs Indication Status Green DC outputs Amber Fault Blue Able to remove unit On, normal* Green AC input *The second power supply assembly must be functioning normally.

Sun Proprietary & Confidential: Internal Use Only

Page 228

SSE Field Reference Guide

13.0. Disk Arrays

13.1.2. Replacing a disk drive
The d240 disk drives are considered Hot-Pluggable. Hot-plugging allows hard drives to be removed and replaced without turning power off to the media tray. Caution - You must halt all SCSI bus activity by unconfiguring the logical volumes or by halting the application on the booted host. 1. Check status of disk(c1t0d0) oops:/>cfgadm -al Ap_Id c0 c0::dsk/c0t0d0 c0::dsk/c0t6d0 c1 c1::dsk/c1t0d0 c1::rmt/0 c2 c3 oops:/> 2. Unconfigure c1t0d0 Type scsi-bus disk CD-ROM scsi-bus disk tape scsi-bus scsi-bus Receptacle connected connected connected connected connected connected connected connected Occupant configured configured configured configured configured configured unconfigured unconfigured Condition unknown unknown unknown unknown unknown unknown unknown unknown

oops:/>cfgadm -c unconfigure c1::dsk/c1t0d0 oops:/>cfgadm -al Ap_Id Type Receptacle c0 scsi-bus connected c0::dsk/c0t0d0 disk connected c0::dsk/c0t6d0 CD-ROM connected c1 scsi-bus connected c1::dsk/c1t0d0 unavailable connected c1::rmt/0 tape connected c2 scsi-bus connected c3 scsi-bus connected oops:/> 3. Physically remove bad disk 4. Physically insert new disk 5. Configure c1t0d0 oops:/>cfgadm -c configure c1::dsk/c1t0d0 6. Verify status of c1t0d0 oops:/>cfgadm -al Ap_Id c0 c0::dsk/c0t0d0 c0::dsk/c0t6d0 c1 c1::dsk/c1t0d0 c1::rmt/0 c2 c3 oops:/> Type scsi-bus disk CD-ROM scsi-bus disk tape scsi-bus scsi-bus Receptacle connected connected connected connected connected connected connected connected

Occupant configured configured configured configured unconfigured configured unconfigured unconfigured

Condition unknown unknown unknown unknown unknown unknown unknown unknown

Occupant configured configured configured configured configured configured unconfigured unconfigured

Condition unknown unknown unknown unknown unknown unknown unknown unknown

Sun Proprietary & Confidential: Internal Use Only

Page 229

SSE Field Reference Guide

13.0. Disk Arrays

13.1.3. SCSI Target ID's
Full Bus SCSI Target Address IDs Device Upper hard drive Lower hard drive Left drive Right drive ID 1 0 6 4

Split Bus SCSI Target Address IDs Device Upper hard drive Lower hard drive Left drive Right drive ID 0 0 6 6

13.1.4. Configuration Switch
The media tray has a two-position configuration switch on its back panel. In In the left position, the switch is set for split bus configuration and the LED to the left of the switch will be lit. In In the right position, the switch is set for full bus configuration and the LED to the right of the switch will be lit.

Sun Proprietary & Confidential: Internal Use Only

Page 230

SSE Field Reference Guide

13.0. Disk Arrays

13.2. S1 Disk Array
13.2.1. LED's

LED System Power

Color Unlit

Meaning The enclosure is powered off.

Action No action is necessary. Follow these steps: First, check to see if the power is in Standby mode. If so, turn on the power. If the power is on, it is a component failure. You must replace the entire StorEdge S1 storage enclosure. Remove all disk drives before returning the enclosure. If the power is on, a hard drive is present in that slot, and the hard drive LED is unlit, then you must replace the hard drive.

There are two possible causes: System Summary Fault The power is in standby mode or Amber A component other than a hard drive has failed, such as the power supply or a fan. The System Summary Fault LED does not indicate if a hard drive has failed. The hard drive LEDs provide some diagnostic information on the disk drives.

Disk Drive Unlit

No hard drive is present in that slot, or the disk drive has failed.

The position of the binary display indicates the Solid green Binary base number (first number) of the three drive (in various No action is necessary. SCSI LEDs sequence. See the pull-out card or the Binary SCSI combinations) ID LEDs section. Note: If a disk drive is under an unusually heavy load (for example, if the drive is being reformatted), the Disk Drive LED might be unlit for a long period of time, even though the drive has not failed. You should see a message in your console window telling you that the disk drive is offline if the disk drive has truly failed.

Sun Proprietary & Confidential: Internal Use Only

Page 231

SSE Field Reference Guide

13.0. Disk Arrays

13.2.2. Binary SCSI ID LEDs
The disk drive SCSI ID numbers are assigned in sequences of three numbers in a row. The first number in the sequence is the base address. The base address is the number used to set the SCSI toggle switch on the back of the storage enclosure and is represented in binary format on the top row of disk drive LEDs on the front of the storage enclosure.

Note: The shaded rows of the table represent SCSI ID sequences that cannot be used because SCSI ID 7 is assigned to the SCSI controller. Some servers reserve SCSI ID 6 for use by CD drives and IDs 0 and 1 for internal drives.

Sun Proprietary & Confidential: Internal Use Only

Page 232

SSE Field Reference Guide

13.0. Disk Arrays

13.2.3. Rear Panel LEDs

13.2.4. System Power and System Summary Fault LEDs
The System Power and System Summary Fault LEDs give the same diagnostic information as the System Power and System Summary Fault LEDs at the front of the enclosure.

13.2.5. Auto-termination Indication LEDs
The Auto-termination Indication LEDs indicate if the StorEdge S1 storage enclosure is part of an UltraSCSI, wide SCSI, or narrow SCSI daisy-chain. They also indicate the enclosure's position in the daisy-chain. Auto-termination Indication LEDs and Their Meanings High Low Meaning Off Off The StorEdge S1 enclosure is the first device in the UltraSCSI or wide SCSI daisy-chain; another device follows the StorEdge S1 enclosure. On On The StorEdge S1 storage enclosure is the last or only device in the UltraSCSI or wide SCSI daisychain. On Off A narrow SCSI device follows the StorEdge S1 storage enclosure in the daisy-chain. Off On N/A

13.2.6. Storage Subsystem Manager
When multiple S1's or D130 arrays are installed in a Sun Storage rack it can be difficult to identify which array is attached to a particular host or domain. Pulling the wrong drive can cause loss of data. Using the format command does not always clearly identify the right disk. Customers and field personell aren't always aware that StorEdge S1 Storage Subsystem Manager (SSM) 2.0 software has been installed on the host or domain. Many are unaware that the program is even available. 1. Before removing a drive check to see if SSM is installed. # pkginfo -l SUNWssmu PKGINST: SUNWssmu NAME: Storage Subsystem Manager utilities CATEGORY: system ARCH: sparc VERSION: 2.0,REV=2001.09.24.14.12.53 # 2. If you get an error message that "SUNWssmu" was not found. It must be installed. 3. Once SSM has been installed, you can easily identify scsi disks attached to the system. Sun Proprietary & Confidential: Internal Use Only Page 233

SSE Field Reference Guide

13.0. Disk Arrays

4. Use the ssmadmin utility with the -view option for viewing status messages for a storage device from a directly connected host server or from a remote client system. # /opt/SUNWssmu/bin/ssmadmin –view (directly connected system) # /opt/SUNWssmu/bin/ssmadmin –view hostname (remote client) Here is the output from a S1 attached to an Ultra 60: Number of S1-D130 Units: 2 Critical Temperature Threshold: 60 Degrees Celsius Warning Temperature Threshold: 50 Degrees Celsius TIME: Tue 12 Apr 2005 02:14:56 PM EDT ***************************************************************** unknown::S1-D130-1: Online ------------------DISK0[c0t0d0s0]: <-------------------- Ultra 60 Serial Number: 0028T0QA2X <------ Serial # on disk handle Vendor: SEAGATE Model: SUN18G Status: Online Current Temperature: 29 Degrees Celsius DISK1[c0t1d0s0]: <--------------------- Ultra 60 Serial Number: 0027T0QAYM Vendor: SEAGATE Model: SUN18G Status: Online Current Temperature: 29 Degrees Celsius unknown::S1-D130-2: Online ------------------DISK3[c1t3d0s0]: <--------------------- S1 Serial Number: 0302A0R9W3 Vendor: SEAGATE Model: SUN36G Status: Online Current Temperature: 25 Degrees Celsius DISK4[c1t4d0s0]: <--------------------- S1 Serial Number: 0302A0NRMS Vendor: SEAGATE Model: SUN36G Status: Online Current Temperature: 27 Degrees Celsius DISK5[c1t5d0s0]: <---------------------- S1 Serial Number: 0302A0R0AJ Vendor: SEAGATE Model: SUN36G Status: Online Current Temperature: 26 Degrees Celsius 5.To view status change messages, start the ssmadmin utility with the -b option # /opt/SUNWssmu/bin/ssmadmin -b & # /opt/SUNWssmu/bin/ssmadmin -b hostname & Number of S1-D130 Units: 2 Critical Temperature Threshold: 60 Degrees Celsius Warning Temperature Threshold: 50 Degrees Celsius TIME: Tue 12 Apr 2005 02:14:56 PM EDT Sun Proprietary & Confidential: Internal Use Only Page 234

SSE Field Reference Guide

13.0. Disk Arrays

***************************************************************** unknown::S1-D130-1: Online DISK0[c0t0d0s0]: <----------------------- Ultra 60 Serial Number: 0028T0QA2X Vendor: SEAGATE Model: SUN18G Status: Online Current Temperature: 29 Degrees Celsius DISK1[c0t1d0s0]: <----------------------- Ultra 60 Serial Number: 0027T0QAYM Vendor: SEAGATE Model: SUN18G Status: Online Current Temperature: 29 Degrees Celsius unknown::S1-D130-2: Online DISK3[c1t3d0s0]: <---------------------- S1 Serial Number: 0302A0R9W3 Vendor: SEAGATE Model: SUN36G Status: Online Current Temperature: 25 Degrees Celsius DISK4[c1t4d0s0]: <----------------------- S1 Serial Number: 0302A0NRMS Vendor: SEAGATE Model: SUN36G Status: Online Current Temperature: 27 Degrees Celsius DISK5[c1t5d0s0]: <------------------------ S1 Serial Number: 0302A0R0AJ Vendor: SEAGATE Model: SUN36G Status: Online Current Temperature: 26 Degrees Celsius Console messages after removing a disk. Tue 12 Apr 2005 02:32:15 PM EDT: DISK OFFLINE: unknown::S1-D1302==>c1t4d0s0[sn=0302A0NRMS, model=SUN36G, vendor=SEAGATE] # ./ssmadmin -view Number of S1-D130 Units: 2 Critical Temperature Threshold: 60 Degrees Celsius Warning Temperature Threshold: 50 Degrees Celsius TIME: Tue 12 Apr 2005 02:16:57 PM EDT ***************************************************************** unknown::S1-D130-1: Online ------------------DISK0[c0t0d0s0]: Serial Number: 0028T0QA2X Vendor: SEAGATE Model: SUN18G Status: Online Current Temperature: 30 Degrees Celsius DISK1[c0t1d0s0]: Serial Number: 0027T0QAYM Vendor: SEAGATE Model: SUN18G Sun Proprietary & Confidential: Internal Use Only Page 235

SSE Field Reference Guide

13.0. Disk Arrays

Status: Online Current Temperature: 31 Degrees Celsius unknown::S1-D130-2: Online ------------------DISK3[c1t3d0s0]: Serial Number: 0302A0R9W3 Vendor: SEAGATE Model: SUN36G Status: Online Current Temperature: 26 Degrees Celsius DISK4[c1t4d0s0]: Serial Number: 0302A0NRMS Vendor: SEAGATE Model: SUN36G Status: Offline <-------------------- Status change DISK5[c1t5d0s0]: Serial Number: 0302A0R0AJ Vendor: SEAGATE Model: SUN36G Status: Online Current Temperature: 27 Degrees Celsius Console messages after inserting a disk. Tue 12 Apr 2005 02:30:48 PM EDT: Disk Online: unknown::S1-D1302==>c1t4d0s0[sn=0302A0NRMS, model=SUN36G,vendor=SEAGATE] #./ssmadmin –view Number of S1-D130 Units: 2 Critical Temperature Threshold: 60 Degrees Celsius Warning Temperature Threshold: 50 Degrees Celsius TIME: Tue 12 Apr 2005 02:14:56 PM EDT ***************************************************************** unknown::S1-D130-1: Online ------------------DISK0[c0t0d0s0]: Serial Number: 0028T0QA2X Vendor: SEAGATE Model: SUN18G Status: Online Current Temperature: 29 Degrees Celsius DISK1[c0t1d0s0]: Serial Number: 0027T0QAYM Vendor: SEAGATE Model: SUN18G Status: Online Current Temperature: 29 Degrees Celsius unknown::S1-D130-2: Online ------------------DISK3[c1t3d0s0]: Serial Number: 0302A0R9W3 Vendor: SEAGATE Model: SUN36G Status: Online Current Temperature: 25 Degrees Celsius DISK4[c1t4d0s0]: Serial Number: 0302A0NRMS Sun Proprietary & Confidential: Internal Use Only Page 236

SSE Field Reference Guide

13.0. Disk Arrays

Vendor: SEAGATE Model: SUN36G Status: Online <------------------ Status change Current Temperature: 27 Degrees Celsius DISK5[c1t5d0s0]: Serial Number: 0302A0R0AJ Vendor: SEAGATE Model: SUN36G Status: Online Current Temperature: 26 Degrees Celsius

13.2.7. Disk Replacement
1. If necessary, refer to the documentation that came with your VERITAS Volume Manager or Solstice DiskSuite" software for any procedures that you might have to perform before you can replace the disk drive. 2. Remove the device from Solaris: oops:/>: cfgadm -x remove_device c7::dsk/c7t13d0 Removing SCSI device: /devices/ssm@0,0/pci@1d,600000/pci@1/scsi@2/sd@d,0 This operation will suspend activity on SCSI bus: c7 Continue (yes/no)? y SCSI bus quiesced successfully. It is now safe to proceed with hotplug operation. Enter y if operation is complete or n to abort (yes/no)? y ** physically removed c7t13 ** oops:/>: oops:/>: cfgadm -al c7 Ap_Id Type Receptacle Occupant Condition c7 scsi-bus connected configured unknown c7::dsk/c7t10d0 disk connected configured unknown c7::dsk/c7t11d0 disk connected configured unknown c7::dsk/c7t12d0 disk connected configured unknown c7::dsk/c7t14d0 disk connected configured unknown c7::dsk/c7t1d0 disk connected configured unknown c7::dsk/c7t2d0 disk connected configured unknown c7::dsk/c7t3d0 disk connected configured unknown c7::dsk/c7t4d0 disk connected configured unknown c7::dsk/c7t5d0 disk connected configured unknown c7::dsk/c7t6d0 disk connected configured unknown c7::dsk/c7t9d0 disk connected configured unknown 3. Physically remove the drive.: oops:/>: cfgadm -x insert_device c7 Adding device to SCSI HBA: /devices/ssm@0,0/pci@1d,600000/pci@1/scsi@2 This operation will suspend activity on SCSI bus: c7 Continue (yes/no)? y SCSI bus quiesced successfully. It is now safe to proceed with hotplug operation. 4. Physically insert the drive Enter y if operation is complete or n to abort (yes/no)? y oops:/> 5. If necessary, refer to the documentation that came with your VERITAS Volume Manager or Solstice DiskSuite" software for any procedures that you might have to perform after you replace the disk drive.

Sun Proprietary & Confidential: Internal Use Only

Page 237

SSE Field Reference Guide

13.0. Disk Arrays

13.3. 3x10 (Minnow) Disk Array
13.3.1. Hardware Overview
Ultra SCSI 3 Support UltraSCSI 3 packages are required. It works only with PCI dual port SCSI3 HBAs need the 4 qus packages (http://wwws.sun.com/software/download/allproducts.html) Sun StorEdge PCI Dual Ultra3 SCSI Host Adapter v1.0 install all 4 drivers via pkgadd, reboot Controllers
· · · · ·

Two types of systems:
· ·

with controller(s) aka raid unit aka controller head without controller(s), aka JBOD aka expansion unit; Note: if configured this way, a controller can never be added.

Drives Each unit has 12 drives max. SCSI channels With a controller(s): 0(SB) 3 SB 1 2(DB) DB SB: Single bus; put all 12 drives(0-5, 8-13) on one bus; cable SBs together DB: Dual/split bus, put 6 drives(0-5) Channel 0 and (8-13) Channel 2; cable DBs together Hosts are connected to Channels 1 or 3 (default-can be changed from the menu) Without controller(s)/expansion unit (JBOD): A-out B-out A-in B-in Cabling: To place 12 drives on a single bus, cable A-in to B-out. If you want drives under raid controller control,.cable A-out to drive channel Channel 2, Otherwise ,connection for JBOD, cable A-out to host. Raid support 0 - striping n - concatenation 1 5: default stripe size: random-32K; sequential-128k - only two choices 1+0 : build 2 raid1s, then create Logical Volume pairing them 5+0 : build 2 raid5s, then create Logical Volume pairing them Spare Drives 2 types of sparing (automatic):local per logical device or global Cache Write Back Cache on controller 512MB-1GB; to increase or replace - replace controller FRU Faster than T3 (160Mb vs 100Mb) Can have 2 active controllers for load balancing and failover.

Sun Proprietary & Confidential: Internal Use Only

Page 238

SSE Field Reference Guide

13.0. Disk Arrays

13.3.2. LED's
13.3.2.1 Front Panel LED's

LED Name Disk Drive Power (light bulb) Fan Temperature Event

LED State Solid Green Blinking Green Solid Amber Solid Green Solid Amber Solid Green Solid Amber Solid Green Solid Amber Blinking Amber Solid Green Solid Amber Blinking Amber

Status Good Good Failed Good Failed Good Faulty/Failed Good Failed Failed Good Faulty/Failed Faulty/Failed

Description Driver power up and spin up OK Drive activity Drive failure Power supply good One or more output voltages out-of-range Fan operating at over 3150 RPM Fan operating at under 3150 RPM Under temperature threshold of 55 C Temperature threshold equal to or over 55 C Temperature threshold equal to or over 60 C Normal operation of RAID controller and I/O Board Failed RAID controller or I/O Board Indicates that the version of SES firmware or associated hardware PLD code on one controller does not match that on the other controller (firmware version mis-match)

Sun Proprietary & Confidential: Internal Use Only

Page 239

SSE Field Reference Guide 13.3.2.1 Rear Panel LED's

13.0. Disk Arrays

LED Name Battery

State Solid Green Blinking Green Solid Amber Activity Off Blinking Green Cache Off Blinking Green Ethernet Link (active) Off Solid Amber Ethernet Link (inactive) Off Ethernet Active Flashing Green RAID Controller Solid Green Blinking Green Solid Amber SFP Link (L) Off Solid Green SFP Speed (S) Off Solid Green

Description Battery charged Battery charging Battery failed Not busy, no I/O activity Busy, I/O activity Clean cache Dirty cache, data is in memory and is not written to disk yet Inactive connection Active link Active connection on inactive controller or on active connection Busy Good (secondary controller) Good (primary controller) Failed RAID controller or I/O module Empty or failed FC connection Active good FC connection 1 Gbit 2 Gbit

Sun Proprietary & Confidential: Internal Use Only

Page 240

SSE Field Reference Guide
Power Supply LED's

13.0. Disk Arrays

LED Name Power Supply/Fan

State Solid Green Solid Amber

Description Power supply good and fas are good 3510: Failed, one or more output voltages out-of-range* or fan speed under 3150 RPM 3511: Failed, one or more output voltages out-of-range* or fan speed under 4000 RPM Voltage Thresholds: +5 VDC +/- .25VDC, +12VDC +/- .6 VDC Current Thresholds: +5 VDC 35A, +12 VDC 25 A

I/O Expansion Module

Note An SFP link status (L) LED is off if there is no connection or a failed connection to this SFP. I/O Expansion Module LEDs LED Purpose Activity I/O activity of host and disk ports I/O module Status of I/O module LED Color Off Blinking green Solid green Amber SFP link (L) SFP link status Off Solid green Off Solid green Off Definition Not busy (no I/O activity) Busy (active I/O) Power-up successful and SES chip has successfully read on-board temperature and voltage sensors Expansion unit powering up, or failed voltage or temperature sensor Expansion unit is not powered up Active good FC Connection Empty or failed FC connection 2 Gbit 1 Gbit

SFP speed (S) SFP speed status

Sun Proprietary & Confidential: Internal Use Only

Page 241

SSE Field Reference Guide

13.0. Disk Arrays

13.3.3. Configuration Menu Sub-System
Configuration of disk array is done via the array's built in menu sub-system. To access these menu's, use the serial-port and a console session (i.e. tip) or use telnet. Note that the first time accessing the array, you must use a serial port console session! Navigation crtl-l crtl-w refresh screen switch between primary and secondary controllers

Initial Setup (all done on primary controller) # tip -38400 /dev/ttya # note the baud rate of 38400 Note: you can not break out of tip if you are at the main menu. You must be in a sub-menu. Use ~. You must configure the IP address first from a tip session. To setup IP address: "view/edit config paramters" "communication parameters" "IP" To enable or disable write-back cache: "view/edit config paramters" "caching parameters' Set rebuild priority: "view/edit config paramters" "disk array parameters' To enable rescan for new drives automatically: "view/edit config paramters" "drive-side paramters" "periodic auto-detect failure drive swap check time" - disabled parameter Mute the beeper: "controller parameters" "mute beeper" Note: this does not mute it forever - it will start beeping the next time it has a problem Drive/LUN Setup 1. Confirm all drives seen correctly if wired as single bus, then you should see Channel 0 (0-5 and 8-13). Note that Channel 14 is used for environmental SAFTE chip. If not, then reboot minnow 2. Create the raid groups using logical drives if 2 controllers - determine which controller will handle this raid group - primary or secondary 3. Map logical drive to scsi host channels; defaults are channel 1 and channel 3 Can see info and modify scsi - View and edit scsi channels from menu defaults: channel 1 - primary target=1; channel 3 secondary target=0 Note: there are no targets for channel 1 secondary; channel 3 primary, can be set in menu 4. From the server, run: # devfsadm # format

Sun Proprietary & Confidential: Internal Use Only

Page 242

SSE Field Reference Guide
If you can see it, label it, and it's ready to be deployed. Notes: lun can be expanded luns can be partitioned and then host mapped luns can be combined by logical volumes then host mapped If you have problems with a raid 5, there is no "revive" or ".vol init fast" equivalent. delete and recreate and restore Caveat: when restoring facory defaults on unit with two controllers and 12 drives

13.0. Disk Arrays

Either fail one controller, then the do restore factory (only in tip session, do crtl-ACBD password:oemmaint) Then after done, unfail the controller, then the defaults will get written to this controller. Otherwise the second controller retains info and after controller reset, does not restore factory defaults Spares kick in automatically Controller failover automatically Vxdmp can manage the 2 paths to the minnow if you publish a lun to both paths Channel 1 and Channel3 Growing a Logical drive: Note: this will not destroy the existing filesystem, if done right A. On the minnow: logical drives | expand logical drive | add how much more space | yes Now that the logical drive is expanded, confirm this. Verify logical drive size. Select new partition, make size 0, then the new space will be collapsed into the partition above it The logical device partition 0 will be the larger space B. On the server: This procedure will grow the fs 1. Unmount fs: # umount <fs> 2. Change partition size: # format select disk, | type, | autoconfigure, see cylinders in slice 2 larger, add cylinders to slice 3. Remount the file system: # remount <fs> 4. Make the fs # /usr/lib/fs/ufs/mkfs -F ufs -M /farida /dev/rdsk/c3t0d0s0 1024000 where 1024000 is value seen from format Blocks for s0:

Sun Proprietary & Confidential: Internal Use Only

Page 243

SSE Field Reference Guide

13.0. Disk Arrays

Part 0 1024000 5. Verify fs size: # df- k

Tag root

Flag wm

Cylinders 0 - 499

Size 500.00MB

Blocks (500/0/0)

Note: now you can see in "df -k" the new space and you still have have all your files! How to configure and unconfigure global spares using the sccli command. How to unconfigure the global spare disk : sccli> show disks
Ch Id Size Speed LD Status IDs --------------------------------------------------------------------------------------------2 6 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTL4UM 2 7 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTKH6M 2 8 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CT8GWM 2 9 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CT9T5M 2 10 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTEHZM 2 11 232.88GB 200MB GLOBAL STAND-BY HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTH1DM

sccli> unconfigure global-spare 2.11 sccli> show disks
Ch Id Size Speed LD Status IDs --------------------------------------------------------------------------------------------2 6 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTL4UM 2 7 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTKH6M 2 8 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CT8GWM 2 9 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CT9T5M 2 10 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTEHZM 2 11 232.88GB 200MB NONE FRMT HITACHI HDS7225SASUN250G A6DA S/N VNRJ9HC6CTH1DM

At this point we have unconfigured the Global Spare Disk. How to Configure a Global Spare: sccli> configure global-spare 2.11 sccli> show disks

Ch Id Size Speed LD Status IDs ----------------------------------------------------------------------2 6 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA 2 7 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA 2 8 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA 2 9 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA 2 10 232.88GB 200MB ld1 ONLINE HITACHI HDS7225SASUN250G A6DA 2 11 232.88GB 200MB GLOBAL STAND-BY HITACHI HDS7225SASUN250G A6DA

S/N S/N S/N S/N S/N S/N

VNRJ9HC6CTL4UM VNRJ9HC6CTKH6M VNRJ9HC6CT8GWM VNRJ9HC6CT9T5M VNRJ9HC6CTEHZM VNRJ9HC6CTH1DM

13.3.4. Installing ssconsole on your system
1. Go to http://www.sun.com/storage/workgroup/3000/3300/3310scsi/index.xml Select Sun StorEdge 3300 Family Software Download 2. Unzip the bundle and load all the packages on YOUR system! SUNWscsa Sun StorEdge(tm) Diagnostic Reporter daemon SUNWscsd Sun StorEdge(tm) Configuration Service Agent SUNWscsu Sun StorEdge(tm) Configuration Service Console SUNWsccli Sun StorEdge(tm) 3000 Family CLI SUNWscui Sun StorEdge(tm) Diagnostic Reporter console 3. Start the daemons on YOUR system.

Sun Proprietary & Confidential: Internal Use Only

Page 244

SSE Field Reference Guide
# /etc/init.d/ssagent start Configuring and starting Sun StorEdge(tm) Configuration Service Agent daemons The configuration is complete. Sun StorEdge(tm) Configuration Service Agent server daemon has started. Sun StorEdge(tm) Configuration Service Agent monitor daemon has started. The daemons which need to be running are ssmon and ssserver # ps -ef | grep ss root 7543 1 0 09:55:36 ? 0:00 /usr/sbin/ssserver root 7547 1 0 09:55:36 ? 0:00 /usr/sbin/ssmon 4. Set up the passwords for each ssconsole user on YOUR system. passwd ssmon -> New Pssword : ssmon (monitoring provledges only) passwd ssadmin -> New Pssword : ssadmin (basic admin privledges) passwd ssconfig -> New Pssword : ssconfig (full access to enclosure)

13.0. Disk Arrays

5. Start the ssconsole GUI. ssconsole is a script which resides in /usr/sbin. It calls sscs which resides in /opt/SUNWsscs/sscsconsole. 6. ssconsole is empty when it comes up. The first thing you need to do is ADD the servers which the arrays are attached to. In this example, I am adding mas-host1 which has our 3510FC attached. There must be a WORKING "in-band" connection to the array. Basically, "sccli" must open up a device when executed from "mas-host1". File -> Server List Setup -> Add -> Server name -> mas-host1 (The IP for mas-host1 will automatically populate) OK Add this server as on of the managed servers. OK 8. Assign a Server to Manage a Raid Controller. This tells ssconsole that mas-host1 will be the server which manages this 3510FC. Array Administration -> Controller Assignment Change the "Server to manage this controller" from none to "mas-host1" 8. No you can login as ssconfig File -> Login -> ssconfig Passwd: ssconfig The custom configure buttom provides most setup functions. The Main View provides status information.

13.3.5. sccli Commands
Starting sccli sccli can be started two ways, in-band or out-of-band. In-Band is used to communicate w/arrays through the server it is directly attached, Out-of-band is used to talk to an array over the network. In-band (Direct Attached to server): # /opt/SUNWsccli/bin/sccli Out-Of-Band (Over the network): # /opt/SUNWsccli/bin/sccli -oo <ip-address-of-array>

Sun Proprietary & Confidential: Internal Use Only

Page 245

SSE Field Reference Guide
sccli “show” commands

13.0. Disk Arrays

sccli> show configuration – detailed listing of minnow configuration sccli> show disks – display status of disks, note: faulted disks do not appear in the listing. sccli> show events – display system log sccli> show FRUs – list fru's; contains part numbers and serial numbers. sccli> show logical-drives – display LUN's and LUN status; shows if spare is configured and any failed disks. sccli> show redundancy-mode – displays controller status sccli “set” commands: sccli> set led <drive> - turn on/off disk drive led sccli Expert Mode Here are undocumented commands to extract debug information from the Sun StorEdge 3000 Family Command Line Interface (CLI) Software. Debug mode, also known as expert mode will allow you to diagnose array and CLI issues when troubleshooting Minnow problems. Use the -X option to invoke expert mode when starting up the sccli: # sccli -X (Running in expert mode)

Options to use with debug/expert mode: "all", "hba", "disks", "ses", "files", "scsi", "ift", "pages", "maps", "retries", "internal", "auth", "oob", "pkt", Example: # sccli -X ses Available devices: 1. /dev/rdsk/c3t40d0s2 [SUN StorEdge 3510 SN#002E2F] (Primary) Please enter selection: 1 Selection = 1 [SUN StorEdge 3510 SN#002E2F] sccli> show battery *result = 2 return unit type result = 2 unit_type = 2 Upper Battery : battery board type not supported for expiration monitoring Lower Battery : battery board type not supported for expiration monitoring # sccli -X pkt Available devices: 1. /dev/rdsk/c16t600C0FF0000000000000073FD2F50902d0s2 [SUN StorEdge 3510 SN#000007] (Secondary) Sun Proprietary & Confidential: Internal Use Only Page 246 debug everything debug hba-related stuff (unused?) debug disk discovery, inquiry data, etc debug ses/saf-te stuff debug configuration files debug scsi commands debug ift-specific protocol debug mode/inquiry pages debug map entries debug scsi command retries debug internal debug authorization debug authorization debug packets

SSE Field Reference Guide

13.0. Disk Arrays

2. /dev/es/ses2 [SUN StorEdge 3510F A SN#/dev/es/ses2] (Enclosure) 3. /dev/es/ses3 [SUN StorEdge 3510F D SN#001C79] (Enclosure) Please enter selection: 2 Selection = 2 [SUN StorEdge 3510F A SN#/dev/es/ses2] sccli> show frus getDeviceInquiryData status=0 0 1 2 3 4 5 6 7 8 9 A B C D E F <buf> (256) 00000000 0D CA 00 3C 31 30 30 30 20 20 20 20 20 20 00 00 ...<1000 .. 00000010 20 40 00 C0 FF 00 00 01 21 40 00 C0 FF 00 00 01 @......!@...... 00000020 00 01 D3 01 41 30 30 30 41 30 30 30 31 30 34 30 ....A000A0001040 GetPosOfJBODSesTarget sespos=0 0 1 2 3 4 5 6 7 8 9 A B C D E F <scsi cdb> (10) 00000000 3C 02 83 00 00 00 00 00 70 00 <.......p. 0 1 2 3 4 5 6 7 8 9 A B C D E F <recv data> (112) 0 1 2 3 4 5 6 7 8 9 A B C D E F <scsi cdb> (10) 00000000 3C 02 83 00 00 00 00 00 70 00 <.......p. 0 1 2 3 4 5 6 7 8 9 A B C D E F <recv data> (112) 0 1 2 3 4 5 6 7 8 9 A B C D E F <scsi cdb> (10) 00000000 3C 02 83 00 00 00 00 00 70 00 <.......p. 0 1 2 3 4 5 6 7 8 9 A B C D E F <recv data> (112) FRU FC_CHASSIS_BKPLN: read_fru_data 0th retry 0 1 2 3 4 5 6 7 8 9 A B C D E F <scsi cdb> (10) 00000000 3C 02 B0 00 18 00 00 08 00 00 <.........

Sun Proprietary & Confidential: Internal Use Only

Page 247

SSE Field Reference Guide

13.0. Disk Arrays

13.3.6. Disk Replacement Procedures
13.3.6.1 JBOD
A. Remove the disk configuration from the system. Place the disk offline using luxadm: # /usr/sbin/luxadm -e offline /dev/rdsk/cxtyd0s2 Or, if your SAN level is at least 4.4.1 (see Bug 4921470) you can also use: # /usr/sbin/luxadm remove -F /dev/rdsk/cxtyd0s2 Remove entries from /dev using devfsadm: # /usr/sbin/devfsadm -Cv Note: If the 3510 JBOD disk is under SDS or SVM, this procedure will fail with the error: # /usr/sbin/luxadm -e offline /dev/rdsk/cxtyd0s2 devctl: I/O error Refer to Bug ID 5075852 for a workaround. B. Now replace the failed disk For the physical replacement, there is no way to identify the failed disk in the box through a Solaris utility. The chart below identifies target assignments based upon the box id assigned to the array:. box id=0 0 3 6 9 1 4 7 10 2 5 8 11 box id=3 48 51 54 49 52 55 50 53 56 57 58 59 box id=1 16 19 22 17 20 23 18 21 24 box id=4 64 67 70 65 68 71 66 69 72 25 26 27 73 74 75 box id=2 32 35 38 33 36 39 34 37 40 box id=5 80 83 86 81 84 87 82 85 88 41 42 43 89 90 91

To summarize, If the box id is modified, just subtract (16*box id) from the target to get the position in the chart: box id = 0 targets are assigned from 0 to 11 box id = 1 targets are assigned from 16 to 27 box id = 2 targets are assigned from 32 to 43 box id = 3 targets are assigned from 48 to 59 box id = 4 targets are assigned from 64 to 75 box id = 5 targets are assigned from 80 to 91 Note: Remember that the box id can be set by the hidden switch under the front left plastic cover. After disk replacement, devfsadmd daemon should automatically recognize the new disk, create the device and link so that the disk is available by format. If not, the following commands should be used to diagnose the issue: # luxadm -e port CONNECTED devices/pci@1f,0/pci@1/SUNW,qlc@2/fp@0,0:devctl

Note: If you get a "NOT CONNECTED" error on the path used by 3500, check the fiber connection on box and server using cfgadm:

Sun Proprietary & Confidential: Internal Use Only

Page 248

SSE Field Reference Guide
# /usr/sbin/cfgadm -al Ap_Id c1 c1::/dev/lus c1::rmt/0 c2 c2::lus1 c3 c3::2100000c5020555d c3::2100000c50205653 c3::2100000c50205a3f c3::2100000c50205aad c3::2100000c50205d18 c3::215000c0ff002f2a c4

13.0. Disk Arrays

Type scsi-bus unknown tape scsi-bus unknown fc-private disk disk disk disk disk ESI fc

Receptacle connected connected connected connected connected connected connected connected connected connected connected connected connected

Occupant Condition configured unknown configured unknown configured unknown configured unknown configured unknown configured unknown configured unknown configured unknown configured unknown configured unknown configured unknown configured unknown unconfigured unknown

If cfgadm(1) doesn't show the above result, more work will be required. When the controller isn't seen or seen unconfigured run the following: # /usr/sbin/cfgadm -c configure cx When drives appear with a tag condition set to "unusable" do the following: # /usr/sbin/luxadm -e forcelip devices/pci@1f,0/pci@1/SUNW,qlc@2/fp@0,0:devct # /usr/sbin/luxadm -e port gives the pathname

13.3.6.2 RAID Disk Replacement Procedure
NOTE: Before performing any FRU replacement it is recommended that you save the NVRAM configuration to disk. SAVE NVRAM SETTINGS 1. From the Firmware Application Main Menu, choose "system Functions." 2. Then using the arrow keys to scroll down, select "Controller maintenance". 3. Select "save NVRAM to disks", 4. Choose "Yes" to confirm when prompted. An "NVRAM Saved" message will be displayed indicating success. 5. After "NVRAM Saved" message has been displayed, hit escape to exit back to the main menu.then press the You are now ready to continue on with the disk replacement. IDENTIFYING THE DEFECTIVE DISK DRIVE 1. Find the SCSI Channel Number and SCSI Target ID of the disk to be replaced. a. From the Main Menu, select "view and edit scsi Drives" b. Locate the disk drive that has a status of BAD or FAILED in the status column and make note of the Channel Number, SCIS target ID and the associatged Logical Drive number. 2. Physically locate the defective disk using the channel and ID numbers. Additional information on ID locations can be found in the "Sun StorEdge Array Installation, Operation and Service Manual" 3. If you are uncertain about drive location, you can flash the LED(s) to help in identifying the disk using this procedure. a. From the main menu, select "view and edit Scsi Drives" b. Highlight the selected drive in question and hit return c. Choose "Identifying scsi drive" d. Select "flash all But selected drive" to flash the activity LEDs of all the drives on this channel except the Sun Proprietary & Confidential: Internal Use Only Page 249

SSE Field Reference Guide
problem drive. DISK REMOVAL AND REPLACEMENT Note: This procedure will only work if there is no array I/O activity.

13.0. Disk Arrays

1. Unseat the failed disk identified above, let it spin down for 20 seconds and remove it from the array. Complete drive removal instructions can be found in the "Sun StorEdge Array Installation, Operation and Service Manual" 2. Install the replacement disk. Complete drive installation instructions can be found in the "Sun StorEdge Array Installation, Operation and Service Manual" 3. Check to see if the replaced drive was automatically scanned onto the bus a. From the main menu, select "view and edit scsi Drives" b. Check the drive status of the replaced disk Note: The status field will specify NEW_DRV or USED_DRV until it is assigned as a LOCAL or GLOBAL spare with STAND_BY status. 4. If the replaced drive wasn not automatically scanned onto the bus, you must Scan the replacement disk into the configuration: a. From the Main Menu of the Firmware Application select "view and edit scsi Drives". b. Select any disk in the list, then select "Scan scsi drive". c. Select the SCSI Channel Number, then the SCSI Target ID of the replaced disk drive, and confirm "Yes" when prompted. At this point a decision must be made regarding how the replaced disk will be reconfigured: 1. The replaced disk may be configured as a new local or global spare. 2. The replaced disk may re-integrated into the RAID5 logical drive. This decision is required due to the way that the SE3310/SE3510 handles a failed drive. When a spare takes the place of a failed drive, The spare will no longer be concidered a spare. It is concidered to be part of the Logical Disk. If it does not matter how this disk is treated, option 1 should be chosen. To set the replaced drive as a local or global spare, do the following: TO ASSIGN THE REPLACEMENT DISK AS A NEW GLOBAL SPARE 1. From the Main of the Firmware Application select "view and edit scsi Drives". 2. Select the replacement disk drive and then select "add Global spare drive", or "add Local spare drive" and confirm yes when prompted. TO RE-INTEGRATE THE REPLACED DISK IN THE RAID5 LOGICAL DRIVE If it is important that the Logical Disk always consists of the same physical disks as when created, You will need to perform a 'copy and replace' function from the original spare to the newly inserted disk. 1. Identify the previous spare disk which is now part of the Logical Drive which is going to be removed in favour of the replacement disk. 2. From the Main of the Firmware Application select "view and edit Logical drives". 3. Select the target Logical Drive, then copy and replace drive. 4. Select the previous spare drive, then select the replaced disk drive, confirm "yes" when prompted. 5. Wait for the copy and replace to complete.

Sun Proprietary & Confidential: Internal Use Only

Page 250

SSE Field Reference Guide

13.0. Disk Arrays

6. Reconfigure the original spare disk to a be the local or global spare again using the above procedure "To assign the replacement disk as a new local or global spare".

13.3.7. Forgotten Password
We have an option to set a password to access the SE3310/3510/3511 arrays ( hence referred to as SE3x1x array). When a password has been set on a SE3x1x array, and we forget the password or if the password becomes unknown, there are 2 ways of clearing the password. This document will show both the ways. It would be recommended to use the first method and only if it fails, use the second method which will reset the NVRAM to factory defaults. NOTE: Use Method #2 only if there is no viable way to reset the password using Method #1 Method # 1 – Using the sccli command (preferred method) In the event that an SE3x1x controller is password protected, and someone has forgotten the password, there is no way to gain privileged access to the controller in out-of-band mode (ie. telnet or tip). This is the proper functionality of password protecting the array. However, there is a method of changing the password on the controller(s) without having to perform a reset of the nvram, which can cause unnecessary downtime for the storage. This procedure involves the utilization of the sccli command given that the following criteria be met. As root, run the sccli command to get the prompt: # sccli sccli> set password <type_new_password> sccli> q To set the password so that no password is required: sccli> set password “” (note that is is double quotes without any spaces) sccli> q Note: There is no prompting the root user for the old password. It is assumed that the solaris host is secure for root, thereby allowing for this functionality to set the new password for the controller in-band, via sccli. Method # 2 – Resetting NVRAM NOTE: The procedures below involves resetting NVRAM to factory defaults or changing NVRAM to match that of a spare controller. All information stored in NVRAM will be lost. Host LUN access will be lost. Before proceeding insure all LUNs presented from the SE3x1x are un-mounted and not in use and also ensure you have console access to the array. This can be accomplished with a null-modem cable connected to a Solaris[TM] host or laptop. The following procedure involves resetting NVRAM to factory defaults. Warning: Do the following procedure during a maintenance window with all host LUNs un-mounted and not in use. Resetting NVRAM using sccli utility For this procedure to work the SUNWsccli package must be installed on a host that has a LUN mapped from the SE3x1x array which has the lost password. After insuring all LUNs are not in use, as root issue the following commands: # sccli sccli: selected device /dev/rdsk/c1t216000C0FF8015C6d0s2 [SUN StorEdge 3510 SN#00XXX6] sccli> reset nvram WARNING: The configuration of the array controller will be erased. Factory default parameters will take effect at next controller reset. Logical devices may not be accessible until mappings are reconfigured. Are you sure? Y When the above completes you should now be able to tip into the array and not be prompted for a password. At this point you can set the password to something you desire. You will also want to double check your controller Sun Proprietary & Confidential: Internal Use Only Page 251

SSE Field Reference Guide

13.0. Disk Arrays

settings to include LUN mappings and SCSI channels and communication parameters such as IP, sub-netmask, gateway and any array global settings to include drive side parameters & I/O optimization. Once complete you will want to save settings in NVRAM to disk. Note: Using out of band with “sccli se3000://<IP>:58632” command won't work, because when you issue the reset nvram command you will be prompted for the current password which you don't have. Changing NVRAM using a spare controller If you do not have a host with a lun mapped to it from the array with the lost password you will need a spare controller either one from another SE3x1x who's password is not set or who's password is known. Additionally you want this extra controller to have the same firmware or higher as the array with the lost password. If not you will need to upgrade your firmware once you complete the below steps. Warning: Do the following procedure during a maintenance window with all host LUNs un-mounted and not in use. The spare controller should contain the same firmware or higher as is currently on the controllers in the array. Follow the steps outlined below: 1. Un-mount all LUNs from the raid insuring none are in use. 2. Power down the SE3x1x leaving any JBODs powered up and remove both controllers. 3. Insert the extra controller and power up the array head. 4. Insert one of the password protected controllers into the array. Wait for it to become secondary. This will be indicated by the wrench/status light going solid green and the spare controller's light blinking green. On the 3310 both controllers wrench/status light will be solid green wait till spare begins blinking this indicates primary controller, which in this case should be our spare controller. 5. Remove the spare controller and wait 30 seconds to insure the secondary is now primary, indicated by a blinking green wrench/status light. 6. Insert the other password protected controller wait for the wrench/status light on it to go solid green. 7. You should now be able to tip into the array and not be prompted for a password. At this point you should set a password, if desired, and change any NVRAM setting that were lost to include host lun mappings and scsi channel Ids & communication parameters such as IP, sub-netmask, gateway and any array global settings to include drive side parameters & I/O optimization. 8. Save your NVRAM settings back to disk. 9. Reset the controller through the main menu system functions. The controllers will reboot and the controller with the higher serial number should become primary indicated by a blinking wrench/status light. 10.If the spare controller that was used had an older firmware version you will now need to upgrade the firmware back to what it was following the patch readme.

13.3.8. Battery Status
As of April 5, 2004, a battery expiration monitoring feature is available for the Sun StoreEdge[TM] 3510 FC Array. This feature, which reports the expiration date and status of battery modules, is available with:
· · ·

sccli software version 1.5 Battery modules, part number 370-5545-02, with date code revision of 050, or later FC Array controller with the field replaceable unit (FRU) installed, part number 370-5537-06, Revision 50 or later

Only battery modules with a date code revision of 050, or later, support battery expiration monitoring information. If you use this command with an older battery module, you will see error messages such as "not supported" or "not available." The battery manufacture date, the in-service date, and the battery shelf life are used to determine the expiration date. Only the manufacturing date is set for a battery FRU during the manufacturing process. The in-service date will be Sun Proprietary & Confidential: Internal Use Only Page 252

SSE Field Reference Guide
set when the Battery Module is installed in a system or by the automated test software. sccli> show battery-status Upper Battery Type: 1 Upper Battery Manufacturing Date: Sat Jan 04 00:00:00 2003 Upper Battery Placed In Service: Thu Jan 22 10:59:58 2004 Upper Battery Expiration Date: Tue Jan 03 06:00:00 2006 Upper Battery Status: good Lower Battery Type: 1 Lower Battery Manufacturing Date: Thu Jan Lower Battery Placed In Service: Mon Feb Lower Battery Expiration Date: Wed Feb Lower Battery Status: good

13.0. Disk Arrays

1 01:00:00 2004 2 01:00:00 2004 1 01:00:00 2006

Sun Proprietary & Confidential: Internal Use Only

Page 253

SSE Field Reference Guide

13.0. Disk Arrays

13.4. 39x0, 69x0 (Indy) Disk Array
13.4.1. How to power on an INDY
Rack power up: 1) Verify that the key switch located at the bottom front of the storage system is in the Standby position. 2) Push the AC power sequencer circuit breakers at the bottom front and bottom back of the storage system to Off. 3) Verify that the AC power cord of the storage system is connected to an AC outlet. 4) Push the Local/ Remote switch on the storage system to Local. 5) Press the AC power sequencer circuit breakers on the storage system to On. 6) Turn the key switch at the front of the storage system to the On position. The storage system will power on approximately 20 seconds after you turn the key switch to On. This delay minimizes power surges. Sun StorEdge 3900 7) Power on the FRUs in this order: a) Power on the Service Processor b) Power on the Ethernet hub c) Allow time for the Service Processor to boot. d) Power on the Sun StorEdge Fibre Channel switches e) Turn on the power to the Sun StorEdge T3+ Arrays. Note: If you have a SE3960, power up the ethernet hub and T3s in the second cabinet first. Sun StorEdge 6900 7) Power on the FRUs in this order: a) Power on the Service Processor b) Power on the Ethernet hub c) Allow time for the Service Processor to boot. d) Power on the Sun StorEdge Fibre Channel switches e) Power on the virtulaization engines f) Turn on the power to the Sun StorEdge T3+ Arrays. Note: If you have a SE3960, power up the ethernet hub and T3s in the second cabinet first. 8) Power on the host system( s)

13.4.2. Building the Service Processor
This section describes how to install the necessary software onto a standard Netra[TM] X1 or Sun Fire[TM] V100 to enable it to become a Service Processor for the StorEdge[TM] 3900/6900 (INDY) range of storage. Requirements 1. A Jumpstart server capable of serving Solaris 8 2/02. 2. A Netra[TM] X1 or Sun Fire[TM] V100 (To become the Service Processor). 3. A Flash Archive (FLAR) of a msp0 image on a server accessible from the target Service Processor (Netra[TM] X1 or Sun Fire[TM]). Currently Flash Archive (FLAR) images are available for msp0 2.1.1 through 2.3.1 at the following URL: http://futureworld.central/WSTL/PROJECTS/SPImage/web/Downloads.shtml Instructions: 1. Jumpstart standard OS onto X1:

Sun Proprietary & Confidential: Internal Use Only

Page 254

SSE Field Reference Guide
ok> boot net Answer any questions with a standard default response, Choose a Initial Install. Choose Flash as the Install method Choose suitable Flash Archive Retrieval Method, the scenario here uses NFS. NFS Location : - Supply nfs path to msp0 FLAR down loaded onto server 2. Customization required.

13.0. Disk Arrays

Check that the vtoc is correct - unless the jumpstart server has had the correct profile installed, the vtoc may be wrong. The vtoc for an INDY up to at least version 2.1.3 should be: Slice 0 1 2 3 4 5 6 7 Mount Point / swap overlap /altroot Size (MB) 5000 2000 38162 5000 0 0 0 26161

/jumpstart

3. Let the jumpstart complete but do not choose an automatic reboot. 4. The hostname of the Service Processor needs to be msp0, if some other hostname is inherited due to the jumpstart environment, then it needs to be changed in the normal way.(edit /etc/nodename /etc/hostname.dmfe0 /etc/net/*/hosts) Make sure that the name services is set to"files" - Note that NIS, NIS+ or any other name service is not supported. # cp /etc/nsswitch.files to /etc/nsswitch.conf) The startup of the INDY Service Processor may hang if the incorrect IP address is on the Service Processor. You may need to STOP-A sync and boot single user and perform the above (step 4) actions. 5. Reboot the system # init 6 That completes the Service Processor build process. The Service Processor will need to be attached to a standard 3900/6900 internal LAN with the usual rack components (T3B, switches, vicom units) powered on and up and running (IP addresses etc) to be able to run the 'config_solution' script to configure the Service Processor further. 6. The config_solution script utilizes http requests to the T3+ arrays to obtain serial number and WWNs information by browsing the T3+ /web/elemprop.htm file. The elemprop.htm passes http tokens containing T3+ serial numbers and WWNs to config_solution script to generate the snapshot file. root# /opt/SUNWstade/bin/config_solution -m 6910 sp0: v1a: -> found VE (v1a / 192.168.0.20 / 29000060220041c9) v1b: -> found VE (v1b / 192.168.0.21 / 2900006022004229) v2a: v2b: sw1a: -> found Switch (192.168.0.30 / 100000c0dd00d3f7)

Sun Proprietary & Confidential: Internal Use Only

Page 255

SSE Field Reference Guide

13.0. Disk Arrays

sw1b: -> found Switch (192.168.0.31 / 100000c0dd00d323) sw2a: -> found Switch (192.168.0.32 / 100000c0dd00d449) sw2b: -> found Switch (192.168.0.33 / 100000c0dd00d46d) t3b0: -> found T3 (192.168.0.40 / 50020f230000afeb/50020f230000b176/ slr-mi.370-3990-02-e-f2.045035) ------------------------------------Configuration Summary ------------------------------------| Model : 6910, Requested = 6910 | Switch: 4 * 8 ports | : sw1a, sw1b, sw2a, sw2b, | T3s : 1 | : t3b0, | VEs : 2 | : v1a, v1b, ------------------------------------NO ERRORS FOUND! Snapshot /var/opt/SUNWstade/DATA/Solution.golden saved! Done.

13.4.3. Configuration
The 3910 storage array consists of T3 partner pairs, a Service Processor (SP) and multiple Qlogic switches. Customers are required to use the SP to configure volumes, volslices and to setup zoning on the switches. The SP must be used to ensure that the configurations of the T3 volumes conform to supported and tested storage options. You must always run the latest version of the SP software. To determine your SP software, check the /etc/motd file. root# more /etc/motd Sun Microsystems Inc. 2003 root# This server is running verion 2.3.1 To configure storage you can run the interactive menu system by running the command: root# runsecfg Determining cabinet type... MAIN MENU - SUN StorEdge 3910 SYSTEM CONFIGURATION TOOL SUNWsecfg VERSION: 1) 2) 3) 4) 5) RELEASE 1.6.16 NWS Service Processor Image Revision 2.3.1 Mar.18,

T3+ Configuration Utility Switch Configuration Utility Display Configuration of All Components View Logs View Errors Page 256

Sun Proprietary & Confidential: Internal Use Only

SSE Field Reference Guide
6) Exit Select option above:>

13.0. Disk Arrays

Menus will walk you through configuring new volumes, enabling and adding volslices and switch zones for your customer application. When configuration is complete the SP software will save the current configuration in directory under the /opt install of the SP packages. /opt | /opt/SUNWsecfg | /opt/SUNWsecfg/etc | /opt/SUNWsecfg/etc/t3b1 root# pwd /opt/SUNWsecfg/etc/t3b1 root# ls -la total 36 drwxr-xr-x drwxr-x---rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--rw-r--r--

2 6 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1

root root root root root root root root root root root root root root root root root root

other sys other other other other other other other other other other other other other other other other

512 512 26 21 98 288 67 180 67 78 373 299 303 998 131 154 319 245

Dec Dec Dec Dec Dec Dec Dec Dec Dec Dec Dec Dec Dec Dec Dec Dec Dec Dec

18 18 18 18 18 18 18 18 18 18 18 18 18 18 18 18 18 18

05:46 05:46 05:45 05:45 05:45 05:45 05:45 05:45 05:45 05:45 05:45 05:46 05:45 05:46 05:45 05:45 05:45 05:45

. .. .date hwwn_list lun_map_list lun_perm_list lun_wwn_list port_list port_listmap restore restore_sys savemap sys_list t3map ver vol_list vol_stat volslice_list

When the configuration has been completed, these T3 commands are run and the output stored in the directory named for the T3 partner pair affected.These are text files that can be viewed. If these files are deleted, they will be recreated the next time the admin performs a save operation from the menus or runs the 'savet3config' command. Default Configurations There are a set of default configurations which are the only supported configurations for the 3910. They are stored in: root# pwd /opt/SUNWsecfg/etc root# ls -la total 392 drwxr-x--drwxr-xr-x -rwxr-x---rwxr-x---rwxr-x---rwxr-x---

6 8 1 1 1 1

root root root root root root

sys sys sys sys sys sys

512 512 2064 460 455 497

Dec May Mar Mar Mar Dec

18 05:46 . 19 2003 .. 10 2003 initlocale 10 2003 rd1.cfg 10 2003 rd2.cfg 16 04:59 rd3.cfg Page 257

Sun Proprietary & Confidential: Internal Use Only

SSE Field Reference Guide
-rwxr-x---rwxr-x---rwxr-x---rwxr-x---rwxr-x---rw-r--r--rw-r--r--rw-r--r--rw-r--r--rwxr-x---rwxr-x---r--r----drwxr-xr-x drwxr-xr-x drwxr-xr-x drwxr-xr-x -rwxr-x---rw-r--r--rw-r--r--rwxr-x--1 1 1 1 1 1 1 1 1 1 1 1 2 2 2 2 1 1 1 1 root root root root root root root root root root root root root root root root root root root root other sys sys sys sys other other other other sys sys sys other other other other sys other other sys 497 497 497 454 454 177 177 167 167 20 102 229 512 512 512 512 50 1652 156936 16 Dec Mar Mar Mar Mar Dec May Jun Jun Mar Mar Mar May Dec Dec Dec Mar Aug Aug Mar 16 10 10 10 10 15 30 10 10 10 10 10 19 18 15 16 10 1 1 10 04:40 2003 2003 2003 2003 02:40 2003 2002 2002 2003 2003 2003 2003 05:46 07:22 11:06 2003 2002 2002 2003 rd3.cfg.orig rd4.cfg rd5.cfg rd6.cfg rd7.cfg sw1a.map sw1b.map sw2a.map sw2b.map swhosts switchrev syslog.conf t3b0 t3b1 t3b1.sav t3be4 t3hosts v1.map v1.san vehosts

13.0. Disk Arrays

The volume configurations are stored in the "rd*.cfg" files. These are text files and can be viewed.

13.4.4. Troubleshooting
1. What to collect from the service proccessor: a) Obtain model number ( returns value 3910,3960,6910,6960) msp0: root# /opt/SUNWsecfg/bin/getconfig b) Check for any problems in the configuration msp0: root# /opt/SUNWsecfg/bin/checkdefaultconfig (The output is pass/fail for each device) 2. Check errors from Service Proccessor a) showerrors [-a|-t|-m <month> -d <day> -y <year>] msp0: root# /opt/SUNWsecfg/bin/showerrors -t Tue May 28 12:50:17 MDT 2002 showt3: ERROR : t3b00 is not in /etc/hosts file, can not be displayed . b) showlogs [-v|-e <n>] -v (shows entire log in more) -e (shows only the requested number of lines) msp0: root# /opt/SUNWsecfg/bin/showlogs -e 1 Tue May 28 14:01:30 MDT 2002 checkt3mount: t3b0 EXIT : . 3. Quick checks: a) show mounted luns msp0: root# /opt/SUNWsecfg/bin/checkt3mount [ -n |-l ] all b) shows fru and lun status msp0: root# /opt/SUNWsecfg/bin/showt3 -n all c) Get output from all switches msp0: root# /opt/SUNWsecfg/bin/showswitch -s switchname d) get maps from all ve pairs (6900 only ) msp0: root# /opt/SUNWsecfg/bin/showvemap -n vepair -l

Sun Proprietary & Confidential: Internal Use Only

Page 258

SSE Field Reference Guide

13.0. Disk Arrays

13.5. 99xx (Hitachi) Disk Array
13.5.1. Hardware
DKC - DisK Controller – cabinet that contains the boards that handle disk I/O and cache. On 9980, CHA boards are located in the front and the DKA boards are in the back. DKU - DisK Unit - cabinet that contains the actual disk drives and cards to talk to DKC DKA - DisK Adapter - adapter boards located in the DKC that connect to the HDU's (4 ports per board) HDU - Hard Disk Unit 32 disks in 9900V, 12 disks in 9900 8 HDU's in a DKU, 4 HDU's in a 9970 4 HDU's = one B4 CHA - Channel Host Adapter – host bus adapter boards that connect the DKC to a host or switch (4 or 8 ports per board) FSW - Fibre Switch CSW - Cache Switch Parity/Array Group MPS - Multi P/S JMP - Jumper board - 2 FSW's in an HDU - 2 CSW's in 9910/9970, 4 in 9960/9980 - 4 disks in a B4 with same target ID. -Power supplies in the HDU's - Board with right/left switch and Disk LED's in HDU

13.5.2. Power Cycle Procedures
13.5.3.1 Power Off Sequence 1. Turn the “REMOTE/LOCAL” switch to “LOCAL”. 2. Turn the “POWER ON/OFF” switch to “OFF”, while turning the “ENABLE” switch to the “ENABLE” position. 3. DO NOT CONTINUE until the “PS ON” light on the front LED panel turns off. His could take several minutes (20+ minutes is not uncommon). Failure to follow this step can lead to DATA LOSS. 4. Stop the SVP. 5. Turn off the circuit breakers at the breaker boxes. 6. If the array is to remain powered off for more than 48 hours, the jumpers on the BATCTRs should be removed. If the array will not be down for more than 48 hours, do NOT remove these jumpers unless instructed to do so by some other maintenance procedure. *NOTE: Always make sure the array is in good health and rectify any outstanding issues before powering down 13.5.3.2. Power On Sequence: 1. If the jumpers for the BATCTRs were removed as part of step 6 of the power off sequence, replace them now. 2. Turn on the circuit breakers on the Disk Units. 3. Check battery charge voltage on battery controller PCBs. 4. Check battery voltage. 5. Turn “ENABLE/DISABLE” switch on DKUMN PCBs to “ENABLE”. 6. On the DKC, turn the “REMOTE/LOCAL” switch to “LOCAL”. 7. Turn the “POWER ON/OFF” switch to “ON” while turning the “ENABLE” switch to the “ENABLE” position. 8. Turn the “REMOTE/LOCAL” switch to “REMOTE”.

Sun Proprietary & Confidential: Internal Use Only

Page 259

SSE Field Reference Guide

13.0. Disk Arrays

13.5.3. Licenses
3 kinds of keys/licenses: permanent temporary emergency (feature,serial, and capacity based) 120 days; can't be renewed or reinstalled re-enable software when temp keys expired

13.5.4. Passwords
SVP Passwords: “Initial” mode: “Install” mode: “Mode” mode: “Debug” mode: [Ctrl]-[Shft]-i [Install] [Ctrl]-[Shft]-m {Ctl}-{Shift}-d raid-initialsetup raid-install mode raid-debug

Windows "Administrator" login password: raid-login

13.5.5. Configuring HiTrack
A. HiTrack Configuration Window - Quick Reference Site ID: Enter the HDS site ID. This is the 7 digit value starting with an “X” Line Identifier: Select “1” Account Name: Enter the Name of the Account Account Phone Number:Enter the POTS number Central Phone Number 1: For US & Cananda, use 1-800-331-6395 Central Phone Number 2: For US & Cananda, use 1-800-331-6395 Modem Set String 1:Leave the default values Modem Set String 2:Leave the default values Weekly Day:Select appropriate day to send system configuration info to Call Center Run Time Hour: Set at least 1.5 hours before/after 03:00 am. Run Time Minute: Leave at 00 DCE Speed:Set to “57600” Call Out:Set to “Enable” Redial Attempt: Set to “10” HT Converter Board: Leave at “Not Installed” pcAW dialing:Set to “9”

Sun Proprietary & Confidential: Internal Use Only

Page 260

SSE Field Reference Guide

13.0. Disk Arrays

13.5.6. How to replace a failed disk
1.Click Modify Mode 2.Click Mantainence 3.Click on DKU that is flashing 4.Click on HDU that is flashing 5.Look for which disk is failed (Device status "failed") (NOTE: Replace Inline is for DOA ONLY) 6.Are You sure you want to replace physical device? (Yes) 7.Look for red light on physical device Note: "top red LED on PCB is for top drive, and bottom LED on PCB is for bottom drive." At this point you should remove the bad disk and insert the new one 8.Please replace physical device (Ok) 9.Insert floppy (provided with replacement disk) (Ok) 10.Remove floppy (Ok) 11.Are you sure you want to copy data back to disk? (Yes) 12.Copy data has started (Ok) 13.Replace finished (Ok) 14.Click Information 15.Click Log 16.Copy action code, ref code, error wl (error section) from Drivr Error SIM for DMT tag 17.Complete all SIMs - drive error, copy back, etc. 18.RETURN BACK TO VIEW MODE

13.5.7. HiCommand Database Recovery
13.5.7.1 Structure There are two instances of HiCommand Database. 1) Device Manager Database HiCommand.gdb - Device manager HiCommand Database HiCommand.gbk - Device manager "Backup" Database (THIS IS REALLY JUST AN EMPTY DB, WHICH YOU CAN USE TO 'START FROM SCRATCH'. IF YOU RUN A BACKUP IT IS CALLED HICOMMAND_BACKUP.GBK BY DEFAULT, THOUGH YOU CAN CALL IT ANYTHING) 2) Common Component Database HBASE.GDB Common Component Database (Under /var/opt/HiCommand/Base/database) HBASE_BACKUP.gbk Common Component "Backup" Database. (Under /var/opt/HiCommand/Base/database/HBASE_BACKUP.gbk These two databases needs to be in sync to get full functionality of HiCommand Gui. The sync option is in the server.properties file: server.base.initialsynchro This property allows you to specify whether to synchronize the management information database and the displayed information (HiCommand" Suite Common Repository) when you start Device Manager. A setting of true will synchronize the information. A setting of false will not synchronize the information. Default: false 13.5.7.2 How To Restore HiCommand Database from Manual Backup: 1) Stop the Single Sign-On Service and the Common Web Service

Sun Proprietary & Confidential: Internal Use Only

Page 261

SSE Field Reference Guide
# /opt/HiCommand/Base/bin/hcmdssrv -stop 2) Stop the Device ManagerServer # /opt/HiCommand/hicommand.sh stop 3) Copy the backup to the installation directory of the Device Manager Server #/opt/HiCommand/database.sh restore 4) Change /opt/HiCommand/HiCommandServer/config/server.properties to: server.base.initialsynchro=true

13.0. Disk Arrays

5) Enter the following command to start HiCommand Suite Single Sign-On service and HiCommand Suite Common Web Service: # /opt/Hicommand/Base/bin/hcmdssrv -start 6) Enter the following command to start HiCommand Server: # /etc/init.d/hicommand start 7) Change /opt/HiCommand/HiCommandServer/config/server.properties to: server.base.initialsynchro=false >>>>> No need to do anything with this DB!!!! 13.5.7.3 How To Backing Up the Common Component Database ( HBASE.GDB ) 1) Stop the Single Sign-On Service: # /opt/HiCommand/Base/bin/hcmdssrv -stop -server HiCommand 2) Specify the following command: # /opt/HiCommand/Base/bin/hcmdsdb -backup /var/buckup/HBASE_BACKUP.gbk 3) If you do not specify a backup file in the hcmdsdb command, the absolute path for a backup file is as follows: # /var/opt/HiCommand/Base/database/HBASE_BACKUP.gbk 13.5.7.4 Restoring the Common Component Database 1) Stop the Single Sign-On Service: # /opt/HiCommand/Base/bin/hcmdssrv -stop -server HiCommand 2) Specify the following command: # /opt/HiCommand/Base/bin/hcmdsdb - restore /var/backup/HBASE_BACKUP.gbk 3) If you do not specify a backup file in the hcmdsdb command, the absolute path for a backup file is assumed as follows: # /var/opt/HiCommand/Base/database/HBASE_BACKUP.gbk

Sun Proprietary & Confidential: Internal Use Only

Page 262

SSE Field Reference Guide

13.0. Disk Arrays

13.5.8. Microcode Upgrade Procedure
A. Update SVP 1. From SVP, switch to “Modify” mode 2. Click on INSTALL 3. Click on Microprogram Install 4. Select Microprogram and click on OK 5. Select “Online” and “CD-ROM” 6. From the Microprogram Exchange Dialog Box, select SVP only. 7. Click on OK to begin the update. Note: SVP will reboot. B. Update DKCMAIN, MAINDIFF, LCP, HTP, RAMBOOT, PCDG, LCDG & FCDG 1. From SVP, switch to “Modify” mode 2. Click on INSTALL 3. Click on Microprogram Install 4. Select Microprogram and click on OK 5. Select “Online” and “CD-ROM” 6. From the Microprogram Exchange Dialog Box, select everything except SVP & DKU. 7. Click on OK to begin the update. 8. Select 1/8 and Alternate SCSI. Note: If any host is using Veritas' vxdmp, you must wait five (5) minutes after cluster-1 is updated before moving on to cluster-2. Otherwise, the host(s) will lose connectivity. C. Update DKU 1. From SVP, switch to “Modify” mode 2. Click on INSTALL 3. Click on Microprogram Install 4. Select Microprogram and click on OK 5. Select “Online” and “CD-ROM” 6. From the Microprogram Exchange Dialog Box, select DKU only. 7. Click on OK to begin the update. D. Config Exchange Procedure 1. From SVP, switch to “Modify” mode 2. Click on INSTALL 3. Click on Copy Config Files 4. Select Configuration Update 5. Insert “New” Floppy and click on OK 6. Click OK after removing floppy disk. Note: copying will begin and Please Wait is displayed. 7. Insert the floppy again and click on OK. 8. Click on Yes. 9. Click OK after removing the floppy. 10.Click on OK to reboot the SVP. E. Config Backup 1. From SVP, switch to “Modify” mode 2. Click on INSTALL 3. Click on Copy Config Files 4. Click on Create Configuration Backups 5. Insert “New” Floppy and click on OK Sun Proprietary & Confidential: Internal Use Only Page 263

SSE Field Reference Guide
6. Click OK after removing floppy disk. E. Set Modes 1. From SVP, switch to “Mode” mode (Ctl-Shift-m)

13.0. Disk Arrays

Note: make sure that numlocks is OFF, otherwise the “m” key is assumed to be the “1” key. 2. Password is mode 3. Click on INSTALL 4. Click on CHANGE CONFIG 5. Click on SYSTEM OPTION 6. Select/deselect mode numbers as necessary. F. Initialize ORM Valu 1. From SVP, switch to “Modify” mode 2. Click on INSTALL 3. Click on Initialize ORM Value

13.5.9. Accessing SVP on 9990
13.5.9.1 Installing Remote Desktop for Solaris (sparc): 1. Go to the following URL: http://pts-storage.west/products/T99x0/software.html 2. Select the Remote Desktop for Solaris [sparc-rdesktop.tar.gz] file from the list and download to /opt 3. There are three packages included in this tar file: common-1.3.3-sparc-CSW.pkg openssl-0.9.7-sparc-CSW.pkg rdesktop-1.3.1-sparc.pkg 4. Install the packages in the following order: # pkgadd -d common-1.3.3-sparc-CSW.pkg # pkgadd -d openssl-0.9.7-sparc-CSW.pkg # pkgadd -d rdesktop-1.3.1-sparc.pkg 5. Once all three packages are installed create a executable file (chmod 755 <filename>) with the following parameters: /opt/csw/bin/rdesktop -u Administrator -p raid-login -g 1024x768 -a 16 <ip address of SVP> 6. Once the the file is created run it and connect to the SVP from your Solaris box. 13.5.9.2 Installing Remote Desktop for Java Desktop System (JDS): 1. Go to the following URL: http://pts-storage.west/products/T99x0/software.html 2. Select the Remote Desktop for JDS [jds-rdesktop.tar.gz] file and download to /opt 3. The following files are included in this tarfile: README_JDS_009 rdesktop-1.3.1.tar.gz do_JDS_009 openssl-devel-0.9.6g-99.i586.rpm 4. Run the do_JDS_009 executable to install: # do_JDS_009 5. Once the install has completed create a executable file (chmod 755 <filename>) with the following parameters: Sun Proprietary & Confidential: Internal Use Only Page 264

SSE Field Reference Guide
# vi /var/tmp/svp_access --- add this line:

13.0. Disk Arrays

/opt/csw/bin/rdesktop -u Administrator -p raid-login -g 1024x768 -a 16 <ip address of SVP> Save the file. # chmod 755 /var/tmp/svp_access 6. Once the the file is created, run it and connect to the SVP from your JDS laptop.

13.5.10. Battery Information
The batteries in the Sun StorEdge[TM] 9910 and 9960 arrays are used to backup cache memory, and shared memory to prevent data loss in case of power failure. They can backup shared memory for up to 168 hours and cache memory for up to 48 hours. The life of the battery is three years and the minimum charging time after backup is about eight hours. The battery can be replaced without disruption. Each clusterhas a different set of battery controllers and battery boxes,so you need to replace the batteries on one cluster and then on the other and both need to be replaced on the same day. By default the Battery Life Warning SIM Date is set to be 730 days in the future (~2 years). This default value of 730 days is an historicaldefault, and relates to the 2 Year Battery Life of the older HDS7700product. For the SE9910/SE9960 products this default value needs to be adjusted to be 3 years minus 3 months = 990 days.

Sun Proprietary & Confidential: Internal Use Only

Page 265

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

14.0 EOL'd Disk Arrays
14.1. D1000 (Dilbert) Disk Array
14.1.1. LED's
Front LEDs
· ·

Rear LEDs

System Power LED: lights green when the system is powered on Each disk drive slot has a two color LED above the disk drive. The LED: · Remains unlit when no drive is in the slot. · Lights green when the drive is present but not active. · Flashes green when the drive in the slot is active

Power Supply Status, one two color LED on each power module: · Lights green when the power supply is operating properly. · Lights amber when the power supply has failed but the other power supply is operating normally, or when the power cord is unplugged. · Off if both power supplies are not plugged in or have failed. · Cooling Status, 2 two color LEDs on each cooling canister (one for each blower): · Lights green when the individual blower is operating properly. · Lights amber when the individual blower has failed. · Off when the cooling canister is not inserted. · Controller Interface Board, 2 single color LEDs: · Temperature Fault LED: 1. Lights amber when the board has detected a thermal fault. 2. Off when the temperature is normal. · Power LED: 1. Lights green when the controller interface board is powered on. 2. Off when the controller interface board is receiving no power.
·

Sun Proprietary & Confidential: Internal Use Only

Page 266

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

14.1.2. Cabling the Sun StorEdge D1000 Array
The D1000 68-pin connectors, are Differential Ultra SCSI connections, which are supported to · · ·

Sbus Differential Ultra/Wide SCSI Host Adapter(UDWIS/S)(HVD)(X1065A) PCI Dual Differential Ultra/Wide SCSI(UDWIS/P)(HVD)(X6541A) Compact PCI Dual Differential Ultra/Wide SCSI(UDWIS/cPCI)(HVD)(X6749A)

The D1000 is available in 2 models; an 8 drive or 12 drive system. It has the capability of using all 8 or 12 drives on one host, or it can be divided into 2 backplanes, each using 4 or 6 drives, depending on which model you have on each host. You can now dual host the D1000 with Sun[TM] Cluster software 2.1, 2.2 or 3.0. On the rear of the D1000 there are (4) 68 pin scsi connectors. If connecting all 8 or 12 drives to one system, connect the SCSI cable from the host, to the far left or the far right connector. On the other far right or left 68-pin connection, connect a differential terminator(Part Number 150-1890). The 2 inside connections, will need to be connected to each other, using the small SCSI cable that came with the D1000(Part number 530-1883). If you will be using the D1000 as 2 backplanes of 4 or 6 drives each, you will need to connect HOST-A to the far left 68 pin connector. Then connect HOST-B to the far right 68-pin connector. Then, the 2 inside 68-pin connectors each need to have a differential terminator(part number 150-1890) connected. The D1000 can now be dual hosted, but ONLY with Sun Cluster 2.1, 2.2 & 3.0 software installed. To install the hardware you will need to connect HOST-A to the far left 68-pin connector. Then connect HOST-B to the far right 68-pin connector. The 2 inside connections, should be connected to each other, using the small SCSI cable that came with the D1000 (Part number 530-1883).

14.1.3. Setting the Target Address
You can change the address of the drives, by changing the dipswitch settings on SW1. SWITCH -----SW1 SW1 SW1 SW1 SW1 SW1 SW1 SW1 SW1 DIP --1 1 2 2 3 3 4 4 5 SETTING ------UP* DOWN UP DOWN* UP DOWN* UP* DOWN UP/DOWN DESCRIPTION ----------Addresses 4 right drives to 8 - 11 or 8 - 13 Addresses 4 right drives to 0 - 3 or 0 - 5 Addresses 4 left drives to 8 - 11 or 8 - 13 Addresses 4 left drives to 0 - 3 or 0 - 5 Wait for a start unit command Uses the SW1 dip 4 settings Delay each drive 12 sec X the drive id Start all drives on power on Reserved for future use on the D1000

* denotes default settings. NOTE: Be careful in setting the switches, that there is no conflict in the target address, when using all drives on a single host.

14.1.4. Determining Connectivity
Sometimes, you need to see if you have a D1000 attached to a Solaris 8 machine without going to the machine room to look at it. The D1000 uses SCSI Enclosure Services, so you can check for that with cfgadm -alv. oops:/> cfgadm -alv | grep -in d1000 37:c3::es/ses0 connected 39:c3::es/ses1 connected oops:/> luxadm inq /dev/es/ses0 INQUIRY: Sun Proprietary & Confidential: Internal Use Only Page 267 configured configured unknown unknown SYMBIOS SYMBIOS D1000 D1000

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

Physical Path: /devices/pci@1f,0/pci@5/scsi@1,1/ses@e,0:0 Vendor: SYMBIOS Product: D1000 Revision: 2 Serial Number 1 Device ty pe: 0x3 (Processor device) Removable media: no ISO version: 0 ECMA version: 0 ANSI version: 2 (Device complies to ANSI X3.131-1994 (SCSI2)) Response data format: 2 Additional length: 0x31 VENDOR-SPECIFIC PARAMETERS Byte# Hex Value ASCII 36 4e 76 e9 20 31 00 20 20 53 41 46 2d 54 45 31 2e Nv. 1. SAF-TE1. 30 30 00

14.1.5. Disk Replacement
The Sun StorEdge D1000 system you ordered comes configured with either 1.6-inch drives or one-inch drives. The procedure for removing and replacing the drives differs only in the software you use to control the disks. In all cases the hard disks are hot-pluggable.

Sun Proprietary & Confidential: Internal Use Only

Page 268

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

14.2. A1000 (Dilbert w/RAID) Disk Array
14.2.1. LED's

Front LEDs System Power LED: lights green when the system is powered on System Summary Fault LED: lights amber when a system component, such as a disk, cooling canister, or a power supply, needs service. · Each disk drive slot has a two color LED above the disk drive. The LED: · Remains unlit when no drive is in the slot. · Lights green when the drive is present but not active. · Flashes green when the drive in the slot is active · Lights amber when the drive has been marked as failed by the A1000 controller. Rear LEDs
· ·

Power Supply Status, one two color LED on each power module: · Lights green when the power supply is operating properly. · Lights amber when the power supply has failed but the other power supply is operating normally, or when the power cord is unplugged. · Off if both power supplies are not plugged in or have failed. · Cooling Status, 2 two color LEDs on each cooling canister (one for each blower): · Lights green when the individual blower is operating properly. · Lights amber when the individual blower has failed. · Off when the cooling canister is not inserted. · A1000 Controller has 6 single color LEDs: · Controller Fault LED: · Lights amber when a controller fault is detected. · Off when the controller functions normally. · Controller Activity LED: · Lights green when the controller is active. · Off when the controller is inactive · Temperature Fault LED: · Lights amber when the controller board is over normal operating temperature. · Off when the controller temperature is normal. · Controller Power LED: · Lights green when the controller board is powered on.
·

Sun Proprietary & Confidential: Internal Use Only

Page 269

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

· ·

· Off when the controller board is receiving no power. Battery Fault LED: · Lights amber when there is no battery or there is a battery fault. · Off when the battery is fully charged. Battery Charge LED: · Lights solid green when the battery is fast charging. · Flashes green when the battery is in the pre-charging phase · Off when the battery is not charging.

14.2.2. Disk Replacement
The Sun StorEdge A1000 system you ordered comes configured with either 1.6-inch drives or one-inch drives. The procedure for removing and replacing the drives differs only in the software you use to control the disks. In all cases the hard disks are hot-pluggable.

14.2.3. Controller Replacement
14.2.3.1 Preparation
To make sure that the correct replacement controller is chosen, you need to know: how much memory the defecive controller has: 16MB or 64MB? Follow this procedure: A. Gathering Mod Profile Information 1. Run "/usr/lib/osa/bin/rm6" command as superuser. 2. Select the module from which you wish to gather the module profile. 3. Click on the icon labelled "Maintenance and Tuning" 4. Select a specific RAID module name from which you would like to get the module profile in the "RAID Module" pull down menu. (By default, "All RAID Modules" is selected but at this point, you need to select a specific one rather than "All RAID Modules". (For example, select "sonoma_001".) 5. Click "File" menu -> "Save Module Profile" on the window, then you will see "Save module profile" window. Make sure all items are selected on "Save module profile" window, then click the "OK" button. 6. You will be prompted to enter the filename you want to save the module profile as. Type the absolute pathname for the file to be created, then click on "OK". Once you do this, the module profile for the selected RAID module will be written to the file. Once you have the module profile, you can view the file. The following section will guide you to check the cache memory size of the array, segment size of the individual luns and the write cache status of individual luns. Example output of module profile: ====================================== Profile for sonoma_001 Profile Generated By: RAID Manager Release 06.22.01.55 Host: sonoma Controllers: Name Serial Number Mode Logical Units A (c1t5d0) 1T00300756 Active 3 B (c2t4d1) 1T92000694 Active 2 Number of Drives = 25 Detailed Controller Information for sonoma_001 Parameters Controller A (c1t5d0) Controller B (c2t4d1) Board Name: Series 3 Series 3 Board ID: 3621 3621 Board Serial Number: 1T00300756 1T92000694 Sun Proprietary & Confidential: Internal Use Only Page 270

SSE Field Reference Guide
Product ID: Product Serial Number: Vendor ID: Date of Manufacture: Product Revision: Host Interface: Host-side ID (dec): Boot Level: Firmware Level: Fibre Channel Level: Cache/Processor Size: Drives: Detailed Drive Information for sonoma_001 Location [1,0] [2,0] [3,0] [4,0] [5,0] [1,1] -------- cut Capacity (MB) Status Vendor FUJITSU FUJITSU FUJITSU FUJITSU FUJITSU FUJITSU StorEDGE A3000 1T00300756 Symbios 02/12/00 0003 Parallel SCSI 5 03.01.04.00 03.01.04.75 64/16 MB

14.0 EOL'd Disk Arrays
StorEDGE A3000 1T92000694 Symbios 05/29/99 0003 Parallel SCSI 4 03.01.04.00 03.01.04.75 64/16 MB

Product ID MAA3182S MAA3182S MAA3182S MAA3182S MAA3182S MAA3182S SUN18G SUN18G SUN18G SUN18G SUN18G SUN18G

17274 Optimal 17274 Optimal 17274 Optimal 17274 Optimal 17274 Optimal 17274 Optimal for brevity -----

Detailed Drive Information for sonoma_001 (continued) Location Firmware Version Serial Number 00G08649 00G08364 00G08386 00G04816 00G08258 00G08322 Date Code 9848 9848 9848 9848 9848 9848

[1,0] 2107 [2,0] 2107 [3,0] 2107 [4,0] 2107 [5,0] 2107 [1,1] 2107 ----- cut for brevity ----Logical Units (LUNs):

Detailed LUN Information for sonoma_001 LUN 0 1 2 3 4 Controller c1t5d0 c2t4d1 c1t5d2 c2t4d3 c1t5d4 Capacity (MB) 1024 1024 1024 1024 1024 RAID Level 5 5 5 5 1

Detailed LUN Information for sonoma_001 (continued) LUN 0 Associated Drives [1,0] [2,0] [3,0] [4,0] [5,0]

Sun Proprietary & Confidential: Internal Use Only

Page 271

SSE Field Reference Guide
1 2 3 4 [1,1] [1,2] [1,3] [4,1] [2,1] [2,2] [2,3] [5,1] [3,1] [3,2] [3,3] [4,2] [5,2]

14.0 EOL'd Disk Arrays

Detailed LUN Information for sonoma_001 (continued) LUN 0 1 2 3 4 Segment Size (Blocks) 64 64 64 64 128 Write Cache Enabled * Enabled Enabled Enabled Enabled Cache Mirroring Enabled Enabled Enabled Enabled Enabled Cache Without Batteries Disabled Disabled Disabled Disabled Disabled Status Optimal Degraded Optimal Optimal Optimal

Drive Group Information for sonoma_001 No. No. of RAID of LUNS Level Drives 0 1 1 1 1 1 5 5 5 5 1 6 1 5 3 3 3 4 Total Capacity (MB) 103644 68938 34469 34469 34469 34469 Remaining Capacity (MB) 103407 67914 33445 33445 33445 33445

Group Unassigned Hot Spare 1 2 3 4 5

Logical Unit Information for sonoma_001 LUN 0 1 2 3 4 Group 1 2 3 4 5 Device Name c1t5d0 c2t4d1 c1t5d2 c2t4d3 c1t5d4 RAID Cap. Level (MB) Status 5 5 5 5 1 1024 1024 1024 1024 1024 Optimal Degraded Optimal Optimal Optimal

================End of Example ====================== B. Determining Cache memory size of the controller: In case of A3x00, you can see the cache memory size of both the controllers. In the example below, controller A's cache memory size is 64 MB, and system memory size is 16MB. The same is true for controller B. Note: This should be same on both the controllers. Cache/Processor Size: 64/16 MB 64/16 MB

C. Determining Segment size of LUNs: In case of the following example, LUN 0's segment size is 64 blocks. (1 block is equal to 512 byte.) LUN 4's one is 128 blocks.

Sun Proprietary & Confidential: Internal Use Only

Page 272

SSE Field Reference Guide
Detailed LUN Information for sonoma_001 (continued) LUN 0 1 2 3 4 Segment Size (Blocks) 64 64 64 64 128 Write Cache Enabled Enabled Enabled Enabled Enabled Cache Mirroring Enabled Enabled Enabled Enabled Enabled Cache Without Batteries Disabled Disabled Disabled Disabled Disabled

14.0 EOL'd Disk Arrays

Status Optimal Degraded Optimal Optimal Optimal

D. Determining write-cache status of LUNs Segment Size (Blocks) 64 64 64 64 128 Write Cache Enabled * Enabled Enabled Enabled Enabled Cache Mirroring Enabled Enabled Enabled Enabled Enabled Cache Without Batteries Status Disabled Disabled Disabled Disabled Disabled Optimal Degraded Optimal Optimal Optimal

LUN 0 1 2 3 4

In the above example, write-cache status of all LUNs are shown. The asterisk (*) in front of LUN 1 indicates that the write cache for this LUN is disabled. So by this way, we can come to know the memory size of the controller(s),segment size of the LUNs and and the write-cache status of the LUNs from the module profile. E) What version of RM6 is used. This determines whether the replacement controller needs Firmware level 02xxxxxx or 03xxxxxx preloaded: Service Logistics now stocks four different A1000 controller FRU's. A1000 controller FRU's for RM6.1.1 and RM6.22 are not interchangeable. See the table below: ----------------------------------------------------------------------| | A1000 | | | | | RAID Manager|Controller | Mem. SIMMs | | | | Version | FRU P/N | CPU/Cache | Appdware | Bootware | |=============|==============|============|==============|==============| | RM6.1.1 | F375-0016-03 | 8/16 | 02050211.apd | 02050100.bwd | | | | | | | | RM6.1.1 | F375-0015-03 | 16/64 | 02050211.apd | 02050100.bwd | | | | | | | | RM6.22 | F375-0135-01 | 8/16 | 03010235.apd | 03010233.bwd | | | | | | | | RM6.22 | F375-0136-01 | 16/64 | 03010235.apd | 03010233.bwd | ----------------------------------------------------------------------As can be seen from the table above, RM6.1.1 is compatible with firmware version 02xxxxxx and RM6.22 is compatible with firmware version 03xxxxxx. Two FRU's with different memory sizes are available for each version of RAID Manager.

14.2.3.2 Replacement
1) Rename the file /etc/osa/mnf (for instance to /etc/osa/mnf-disabled). This is done to make sure the serial number of the bad controller doesn't show up anymore, otherwise you might see two instead of one controller in Sun Proprietary & Confidential: Internal Use Only Page 273

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

RM6 after the replacement. (This file will automatically be recreated when the RM6 GUI is started). 2) Temporarly set auto-boot? to false: # eeprom 'auto-boot?'=false 3) Make sure all A1000 LUNs are umounted on host or shut down host (recommended). 4) Shutdown host, then power off A1000. 5) Note down target ID of the A1000 controller (the white, round SCSI ID switch). 6) Replace the controller. 7) Make sure to set the ID switch to the same SCSI ID as the bad controller. This is very important, otherwise RM6 will not be able to talk to the controller anymore (without device name change). 8) Re-cable, power on A1000 and wait a couple of minutes, then power on host. 9) ok > probe-scsi-all -> is the A1000 visible? 10) ok > boot -s 11) Important ugrade the NVSRAM and the controller FW (bootware / appware). Unlike an A3x00, an A1000 controller can not be replaced online (only one controller). Therefore the NVSRAM must be updated manually. The steps are: 11.1) Verify the correct FW versions are installed on the host. The correct files are already available on the host if the system had a correct patch state according to the following Matrix. (See InfoDoc 43483) 11.2) If Veritas Volume Manager or Solaris Volume Manager are used to manage A1000 LUNs, some preparation steps are required before the NVSRAM / FW can be updated. (See SRDB 24828). 1. Unmount all filesystems made from LUNs on the A1000. 2. Deport the disk group(s) where LUNs are located. 3. Run "vxdiskadm" and run option #11 for each LUN in the disk group(s). 4. Run through the firmware upgrade as documented. 5. Run "vxdiskadm" and run option #10 for each LUN. 6. Import the disk group(s). 7. Start volumes manually using "vxvol -g <disk_group> startall". 11.3) Update NVSRAM. You can do this with the RM6 GUI in a similar way as you update the normal FW. For procedure and revision levels see FIN I07090-1. 11.4) Upgrade the FW to the latest level that is available in /usr/lib/osa/fw/: Maintenance & Tuning -> select the module -> Firmware Upgrade -> offline (directory should be /usr/lib/osa/fw/)-> ok Notes:
· · ·

Downgrad controller is not recommended. Upgrade the rdriver patch if needed to the latest release. The latest FW will be put into /usr/lib/osa/fw/

12) set auto-boot? back to true: # eeprom 'auto-boot?'=false 13) If everything works fine, delete /etc/osa/mnf-disabled

14.2.4. Battery Replacement Procedure
1. Run the following Sun StorEdge RAID Manager 6(RM6) CLI command to determine the name of the controller: Sun Proprietary & Confidential: Internal Use Only Page 274

SSE Field Reference Guide
#/usr/lib/osa/bin/lad c1t0d0 1T93803809 LUNS: 0 1

14.0 EOL'd Disk Arrays

2. Determine the battery age, use the device name listed in lad command, /usr/lib/osa/bin/raidutil -c <device> -B #/usr/lib/osa/bin/raidutil -c c1t0d0 -B LUNs found on c1t0d0. LUN 0 RAID 0 10 MB LUN 1 RAID 5 1000 MB Battery age is between 720 days and 810 days. raidutil succeeded! battery age between 630 and 720 days - near expiration battery age greater than 720 days - expired Battery should be replaced for all the above cases. NOTE: A1000 battery is not hotswappable. The RM6 GUI can be started by issuing the command #/usr/lib/osa/bin/rm6 & 3. Disabling cache If you want disable the Write Caching option, follow the steps below by using the RM6's GUI or command line commands. Note that when the battery has already expired,cache function for write operations has been switched off automatically. a. Using RM6 GUI, open the Maintenance and Tuning application. b. Select the RAID module for the Sun StorEdge A1000 array. c. Click the Cache Parameters button, or select Option -> Cache Parameters from the drop-down menu. d. Disable the Write Caching option. Using the RM6 cli commands to disable cache: #/usr/lib/osa/bin/lad c1t0d0 1T93803809 LUNS: 0 1 #/usr/lib/osa/bin/raidutil -c c1t0d0 -w off 0,1 LUNs found on c5t5d0. LUN 0 RAID 5 8100 MB LUN 1 RAID 5 8108 MB 4. Stop the host machine that is connected to the Sun StorEdge A1000 array. # init 0 5. Before turning off the StorEdge A1000 array, wait approximately two minutes to make sure that remaining data in the cache are flushed to the disks. Turn off the Sun StorEdge A1000 array and follow the battery replacement procedure in the Sun StorEdge A1000 and D1000 array Installation, Operations, and Service Manual, When turning on the StorEdge A1000 array, wait until all the disks has spun up! 6. Boot the host machine, without the -r option. 7. After the battery replacement, run the following RM6 command to reset the battery age: raidutil -c <device> -R #/usr/lib/osa/bin/raidutil -c c1t0d0 -R LUNs found on c1t0d0. LUN 0 RAID 0 10 MB LUN 1 RAID 5 1000 MB raidutil succeeded!

Sun Proprietary & Confidential: Internal Use Only

Page 275

SSE Field Reference Guide
8. Check the new battery age: #/usr/lib/osa/bin/raidutil -c c1t0d0 -B LUNs found on c1t0d0. LUN 0 RAID 0 10 MB LUN 1 RAID 5 1000 MB Battery age is between 0 days and 90 days. raidutil succeeded!

14.0 EOL'd Disk Arrays

9. Re-enable the Write Caching option by using the RM6 GUI or by using the RM6 command line commands: #/usr/lib/osa/bin/raidutil -c c1t0d0 -w on 0,1 LUNs found on c5t5d0. LUN 0 RAID 5 8100 MB LUN 1 RAID 5 8108 MB 10. After 12 hours, check to see if the battery is working, for example running RM6 GUI's healt check or running command "/usr/lib/osa/bin/healthck -a ".

14.2.5. Command Reference
1. To show how many drives (LUNs) are currently available: # format Searching for disks...done c1t5d0: configured with capacity of 6.00MB AVAILABLE DISK SELECTIONS: 0. c0t0d0 <SUN18G cyl 7506 alt 2 hd 19 sec 248> /pci@1f,4000/scsi@3/sd@0,0 1. c1t5d0 <Symbios-StorEdgeA3500FCd-0003 cyl 3 alt 2 hd 64 sec 64> /pseudo/rdnexus@1/rdriver@5,0 2. c3t5d0 <Symbios-StorEDGEA1000-0003 cyl 3 alt 2 hd 64 sec 64> /pseudo/rdnexus@3/rdriver@5,0 3. c3t5d1 <Symbios-StorEDGEA1000-0003 cyl 48 alt 2 hd 64 sec 64> /pseudo/rdnexus@3/rdriver@5,1 Specify disk (enter its number): ^D Note: The LUNs will identify themselves as A3500FC or A1000 2. To display the available RAID modules(aka hardware RAID arrays): # ./lad c1t5d0 1T03701713 LUNS: 0 c2t4d0 1T03701636 LUNS: c3t5d0 1T81006267 LUNS: 0 1 <- first controller of the a3500fc <- second controller of the a3500fc <- controller of the a1000

Note: The 0 and 1 next to each controller, indicates that the A1000 sees two LUNs, and the first controller of the 3500FC has one. After creating another LUN, you would see the following: # ./lad c1t5d0 1T03701713 LUNS: 0 c2t4d0 1T03701636 LUNS: c3t5d0 1T81006267 LUNS: 0 1 2

<- notice that a new lun appears here now

3. To display the controller numbers of the RAID modules by name:

Sun Proprietary & Confidential: Internal Use Only

Page 276

SSE Field Reference Guide
# ./storutil -c ultra60_A1000 -d ultra60_A1000:

14.0 EOL'd Disk Arrays
(one controller only)

Controller A: 1T81006267 ( c3t5d0 ) Independent Controller Configuration: # ./storutil -c ultra60_A3500FC -d ultra60_A3500FC: Controller A: 1T03701713 ( c1t5d0 ) Controller B: 1T03701636 ( c2t4d0 ) Independent Controller Configuration:

OFF (two controllers in a 3500fc)

OFF

4. To display information about a specific RAID module, such as how many controllers: # ./rdacutil -i ultra60_A1000 ultra60_A1000: single-controller Active controller a (c3t5d0) ./rdacutil succeeded! 5. To display a list of LUNs and their status in a specific RAID module: # ./drivutil -l ultra60_A1000 Logical Unit Information for ultra60_A1000 LUN 0 1 Group Name 1 2 Device Level c3t5d0 c3t5d1 RAID 0 1 Capacity (MB) 10 100 Status Optimal Optimal

units:

0 1

drivutil succeeded! 6. To display which drives belong to which drive groups # ./drivutil -d ultra60_A1000 Drives in Group for ultra60_A1000 Group Drive List [Channel,Id] Unassigned [1,3]; [2,3]; [1,4]; [2,4]; [1,5]; [2,5]; Group 1: [1,0]; [2,0]; Group 2: [1,1]; [2,1]; Group 3: [1,2]; [2,2]; drivutil succeeded! 7. To verify the status of two different luns (0 and then 31) # ./drivutil -p 0 c3t5d0 ultra60_A1000 drivutil succeeded! # ./drivutil -p 31 c3t5d0 ultra60_A1000 drivutil succeeded! 8. To display drive group information: # ./drivutil -I c3t5d0 Group Information for ultra60_A1000 Group No. of RAID No. of Sun Proprietary & Confidential: Internal Use Only unit 0: optimal

unit

31:

does not exist

Total

Remaining Page 277

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

LUNs Level Drives Space(MB) Space(MB) Unassigned 0 6 24564 1 1 0 2 8108 8098 2 1 1 2 4054 3954 3 1 1 2 4054 0 drivutil succeeded! 9. To display a list of the luns, their size and firmware info in a RAID module: # ./raidutil -c c3t5d0 -i LUNs found on c3t5d0. LUN 0 RAID 0 10 MB LUN 1 RAID 1 100 MB Vendor ID Symbios ProductID StorEDGE A1000 Product Revision 0003 Boot Level 03.01.04.00 Boot Level Date 04/05/01 Firmware Level 03.01.04.75 Firmware Date 04/11/02 raidutil succeeded! 10. To verify that the controllers have the proper nvsram settings: # ./nvutil -v The NVSRAM settings of controller c1t5d0(1T03701713) are correct. The NVSRAM settings of controller c2t4d0(1T03701636) are correct. The NVSRAM settings of controller c3t5d0(1T81006267) are correct. nvutil command succeeded. 11. To display information about the drives in a RAID module: # ./drivutil -i c3t5d0 Drive Information for ultra60_A1000 Location Serial Serial Number [1,0] LG551899 [2,0] LG551587 [1,1] LG551974 [2,1] LG548431 [1,2] LG549790 [2,2] LG551944 [1,3] LG551869 [2,3] Capacity (MB) 4094 4094 4094 4094 4094 4094 4094 4094 Optimal Optimal Optimal Optimal Optimal Optimal Optimal Optimal Status Vendor Product ID Firmware Version

SEAGATE ST34501WCSUN4.2G 0558 SEAGATE ST34501WCSUN4.2G 0558 SEAGATE ST34501WCSUN4.2G 0558 SEAGATE ST34501WCSUN4.2G 0558 SEAGATE ST34501WCSUN4.2G 0558 SEAGATE ST34501WCSUN4.2G 0558 SEAGATE ST34501WCSUN4.2G 0558 SEAGATE ST34501WCSUN4.2G 0558

Sun Proprietary & Confidential: Internal Use Only

Page 278

SSE Field Reference Guide
LG551591 [1,4] LG548929 [2,4] LG548750 [1,5] LG552389 [2,5] LG551966

14.0 EOL'd Disk Arrays

4094 4094 4094 4094

Optimal Optimal Optimal Optimal

SEAGATE ST34501WCSUN4.2G 0558 SEAGATE ST34501WCSUN4.2G 0558 SEAGATE ST34501WCSUN4.2G 0558 SEAGATE ST34501WCSUN4.2G 0558

drivutil succeeded! 12. To display firmware information about a RAID module: # ./fwutil -v c3t5d0 The controller firmware version for controller c3t5d0 (module: ultra60_A1000) is 3.01.04. The recommended firmware version for this application is 3.00.00 or higher. fwutil succeeded! 13. To display the battery age: # ./raidutil -c c3t5d0 -B LUNs found on c3t5d0. LUN 0 RAID 0 10 MB LUN 1 RAID 1 100 MB LUN 2 RAID 1 4054 MB Battery age is between 360 days and 450 days. raidutil succeeded!

Sun Proprietary & Confidential: Internal Use Only

Page 279

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

14.3. A3x00 (Sonoma) Disk Array
14.3.1. LED's
14.3.1.1 Front Panel LEDs Under Normal Operating Conditions

LED Type Power Power Supply Fault Fan Fault Controller Fault

Color Green Amber Amber Amber

State On Off Off Off

Description Power is being supplied to controller. If lit, power supply requires troubleshooting. If lit, controller fan requires troubleshooting. If lit, one or both controllers require troubleshooting.

Note During normal operation, you will see green LEDs glowing or blinking on the controller module. The number and pattern of green status LEDs lit on the controllers depends on how your system is configured. An active controller does not have the same status LEDs lit as a passive controller. 14.3.1.2 Controller LEDs Under Normal Operating Conditions

Sun Proprietary & Confidential: Internal Use Only

Page 280

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

LED Type Fault Power Heartbeat Status

Color Amber Green Green Green

State Off On Blinking On

Description If lit, controller requires troubleshooting. Power is being supplied. The controller is active. The number and pattern of status LEDs lit depends on your system configuration.

14.3.1.3 Battery Canister LEDs Under Normal Operating Conditions LED Type Full Charge Color A/B Green State On Off Fault A/B Amber Off Description The corresponding battery is fully charged and no fault condition exists. The corresponding battery is not fully charged. The RAID controller is also restricted from caching. If lit, there is a Fault condition in the circuit and the battery canister must be replaced. The RAID controller is also restricted from caching.

14.3.1.4 Power Supply and Power Supply Fan LEDs Under Normal Operating Conditions

LED Type Power Fan Fault Fan Power

Color Green Amber Green

State On Off On

Description Power supply is functional. If lit, power supply fan requires troubleshooting. Fan power is being supplied.

Sun Proprietary & Confidential: Internal Use Only

Page 281

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

14.3.2. Battery Replacement Procedure
1) Get the output of /usr/lib/osa/bin/lad to identify the controller device name: # /usr/lib/osa/bin/lad c4t5d0 1T94412912 LUNS: 0 1 c3t4d0 1T95523023 LUNS: where the device name here is: c4t5d0 2) Determine the battery age by running the following RM6 CLI command, raidutil -c <device> -B. For example: #/usr/lib/osa/bin/raidutil -c c4t5d0 -B LUNs found on c4t5d0. LUN 0 RAID 0 10 MB LUN 1 RAID 0 51582 MB Battery age is between 360 days and 450 days. 3) Using rm6 gui, click on Maintenance and Tuning application. 4) Select the RAID Module for the A3500. 5) Click on the Cache Parameters button or select Option -> Cache Parameters from the drop-down menus. 6) Disable the following Write Caching option and Write Caching Mirroring option. 7) Stop the host machine that is connected to the A3x00 (if is possible) or stop the I/O Activity on these Array. NOTE: The newer batteries in A3x00 are hot pluggable, but the older ones need the RDAC module powered off to be replaced. The newer batteries have LEDs on the front whereas the older ones do not. 8) Follow the battery replacement procedure on Sun StorEdge A3500/A3500FC Controller Module Guide. 9) After replacement, run the following command to reset the battery age, raidutil -c <device> -R For example: #/usr/lib/osa/bin/raidutil -c c4t5d0s0 -R LUNs found on c4t5d0. LUN 0 RAID 0 60180 MB LUN 2 RAID 5 60180 MB raidutil succeeded! NOTE: You will need to run this on both controllers. From the lad(1M) output in step 1, the second device is what you will need to run the reset against. 10) Check the new battery age on BOTH controllers. For example: #/usr/lib/osa/bin/raidutil -c c4t5d0 -B LUNs found on c4t5d0. LUN 0 RAID 0 60180 MB LUN 2 RAID 5 60180 MB Battery age is between 0 days and 90 days. raidutil succeeded! #/usr/lib/osa/bin/raidutil -c c3t4d0 -B LUNs found on c4t5d0. Battery age is between 0 days and 90 days. Note: The battery age should be "between 0 days and 90 days". 11) Enable again the Write Caching option and Write Caching Mirroring option within the rm6 gui, using steps 3-6. 12) After 12hs, check if the battery is ok.

Sun Proprietary & Confidential: Internal Use Only

Page 282

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

14.3.3 Disk Replacement
The Sun StorEdge A3500 system you ordered comes configured with either 1.6-inch drives or one-inch drives. The procedure for removing and replacing the drives differs only in the software you use to control the disks. In all cases the hard disks are hot-pluggable.

Sun Proprietary & Confidential: Internal Use Only

Page 283

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

14.4. A5x00 (Photon) Disk Array
14.4.1 LED's

Illustration 2Front View

Illustration 3Rear View GBIC LEDs Ready Fault on off on on off on n/a on off off off off off off Indication Okay Fault in link to GBIC Fault in source to link Fault in GBIC GBIC not installed No power to GBIC GBIC is incompletely inserted Corrective Action None Verify link is installed and unbroken. Verify link source is operating. Replace GBIC. Install GBIC if required Verify system power is on Reinsert GBIC

Sun Proprietary & Confidential: Internal Use Only

Page 284

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

Interface Board LEDs Ready Fault Indication on off Okay off on Fault condition Fan Tray LEDs Ready Fault Indication on off Okay n/a on Fault condition off off Fan tray is turned off off off Fan tray is improperly inserted off off No power to fan tray Enclosure LEDs Power Fault Ready on off off on off on on off flash n/a on n/a off off off Indication Power is on System is ready System is active A FRU has failed No power to system

Corrective Action None Replace the Interface Board. Corrective Action None Replace the fan tray. Turn on the fan tray if required. Reinsert the fan tray. Verify that the system power is on. Corrective Action None None None Use the FPM Make sure the system is connected. Verify that the system power is on. Corrective Action None Replace the power supply. Install the power supply if required. Reinsert the power supply Verify that the system power is on.

Power Supply LEDs Ready Fault Indication on off Okay off on Fault condition off off The power supply is not installed off off The power supply is improperly inserted. off off There is no power to the fan tray. . Disk Drive LEDs Ready Fault flashing off on off flashing off off n/a off off off off off

Indication Corrective Action The disk drive is ready and active. None The disk drive is ready, but not active. None The disk drive is becoming ready or None spinning down in preparation for removal. flashing The disk drive slot is identified and Insert or remove the disk drive. disk drive can be inserted or removed. on Fault condition Replace disk drive. off The disk drive is not installed. Install the disk drive if required. off The disk drive is improperly inserted. Reinsert the disk drive off There is no power to disk drive. Verify that the system power is on. off The disk drive is turned off. Turn on the disk drive if required. off Disk drive power sequencing is in progress. The disk drive ready LED should start flashing within 30 seconds.

14.4.1. luxadm command reference
luxadm probe -p - Display information about all attached A5000s. This will give you the enclosure names luxadm display Use the display subcommand to display enclosure or device specific info enclosure info ex: # luxadm display mars-0 device info ex: # luxadm display mars-0,f3 (f3= front disk slot# 3) luxadm inq Use the inquiry subcommand to display inquiry info for the enclosure or specific disk enclosure info ex: # luxadm inq mars-0 device info

Sun Proprietary & Confidential: Internal Use Only

Page 285

SSE Field Reference Guide
ex: # luxadm inq mars-0,f4 (f4=front disk slot#4)

14.0 EOL'd Disk Arrays

luxadm led_blink Use the led_blink subcommand to start flashing the yellow led associated with a specific disk. ex: # luxadm led_blink mars-0,f2 (f2=front disk slot 2) luxadm led_off Use the led_off subcommand to turn off the yellow LED associated with a specific disk. ex: # luxadm led_off mars-0,r3 (r3= rear disk slot#3) luxadm power_off Use the power_off subcommand to set an enclosure or disk to power save mode enclosure ex: # luxadm power_off mars-0 disk ex: # luxadm power_off mars-0,f5 (f5=front disk slot#5) luxadm power_on Use the power_on subcommand to set a drive or enclosure to its normal power on state. enclosure ex: # luxadm power_on mars-0 disk ex: # luxadm power_on mars-0,f1 (f1=front disk slot#1) luxadm remove_device Use this subcommand to 'hot remove' a device or enclosure, when removing failed disk units for replacement. Verbose output will walk you thru the proceedure enclosure ex: # luxadm remove_device mars-0 disk only ex: # luxadm remove_device mars-0,f6 luxadm insert_device Use the insert_device subcommand for 'hot' insertion of a new disk or enclosure. Use after the remove_device command to replace a failed drive with a new one. Verbose output will walk you thru the proceedure. ex: # luxadm insert_device mars-0,f5 luxadm reserve Use the reserve subcommand to reserve the specified disk(s) for exclusive use by the host from which the subcommand was issued. ex: # luxadm reserve mars-0,f6 luxadm release The release command releases the drive from the reserve state ex: # luxadm release mars-0,f6 luxadm enclosure_name Use the enclosure_name subcommand to change the enclosure name of one or more A5000s ex: # luxadm enclosure_name mars1 pluto2 (change from pluto2 to mars1) luxadm download Use the download command to download a prom image to the FEPROMs on an A5000 interface board. Stop all activity on this connection before downloading firmware, the array will recycle automatically after the download. ex: # luxadm download -s mars-0 (will download firmware from default file /usr/lib/locale/C/LC_MESSAGES/ibfirmware) ex: # luxadm download -s -f /special/upgrade/ibfirmware.latest mars-0 -f you can specify the file name and do not use the default luxadm fcal_s_download Use the fcal_s_download command to download new fcode into ALL the FC100-HA sbus cards or display the current versions of the fcode in each FC100-HA Sbus card. display: ex: # luxadm fcal_s_download download: ex: # luxadm fcal_s_download -f /usr/lib/firmware/fc_s/fcal_s_fcode

Sun Proprietary & Confidential: Internal Use Only

Page 286

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

14.4.2. Minimum Configuration
These are minimum disk configurations to insure adequate signal retransmission. 14 disk array The minimum configuration system has drives in slots 3, 6 in front and drives in 0, 3, and 6 in the rear. No other configuration is authorized. As disks are added they should be spaced to minimize gaps between disks. 22 disk array The minimum configuration system has drives in slots 0, 5 in front and drives in 0, 3, 6,and 10 in the rear. No other configuration is authorized. As disks are added they should be spaced to minimize gaps between disks.

14.4.3. Addressing
“sf" = Host Adapter (socal) has 2 ports sf@0,0 and sf@1,0 "ses" = Interface Boards (IB) in the A5000, 2 IBs/array, 2 ports/IB ses 0 and 1 = IB-A ses 2 and 3 = IB-B "ssd" = disk drives Example: I/O Board slot port path wwn lun slice | | | | | | | | | | | | | | sbus@1f,0/SUNW,socal@1,0/sf@1,0/ssd@w2100002037007fa1,0:a 1 -I/O Board Number - convert if to decimal, divide by 2, round down. 2 -sbus slot number, d = on bd soc+ 3 -Loop connection port on the HBA 0 = port A 1 = port B 4 -Data path through IB to disk: 21 = node A 22 = node B 5 -WWN# 6 – LUN (always 0) 7 – Slice (a=0)

14.4.4. A5000 Target ID assignments
(Box ID* 32) + (Backplane# * 16) + (Disk slot#) = Target ID Box Id's = 0,1,2,3 Backplane Id's 0=front, 1=rear Disk Slot Number=0-11, left to right Example, a disk in rear slot 5 in a A5000 with box ID of 3 would be: (3 * 32) + (1*16) +5 = t117

Sun Proprietary & Confidential: Internal Use Only

Page 287

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

14.5. T3 (Purple) Disk Array
14.5.1. LED's
14.5.1.1 T3 Controller

Controller LED off solid green solid amber blinking amber Fibre Channel LED off solid green blinking green

Controller Status bootmode-none at EEPROM level Controller is not installed or recognized Controller OK Controller boot, shutdown, or firmware download in progress Controller failed to initialize, no boot code, hardware fault or failure; replace controller Fibre Channel Status Fibre Channel disabled Fibre Channel enabled and inactive Fibre Channel enabled and active

14.5.1.2 T3+ Controller

Controller LED off solid green solid amber blinking amber FC-AL Active LED off solid green blinking green Ethernet Active LED off solid green blinking green 10/100bps Active LED off solid green blinking green

Controller Status Controller is not installed or recognized Controller OK Controller boot, shutdown, or firmware download in progress Controller failed to initialize, no boot code, hardware fault or failure; OK to replace. Fibre Channel Status Port disabled Fibre Channel enabled and idle Fibre Channel enabled and active Fibre Channel Status Link invalid Link valid and idle Link valid and active Fibre Channel Status Port disabled (10 Mbps rate) Port enabled and idle (100 Mbps rate) Port enabled and active

Sun Proprietary & Confidential: Internal Use Only

Page 288

SSE Field Reference Guide 14.5.1.3 Interconnect Card

14.0 EOL'd Disk Arrays

IC Status LED Current Status off IC not installed or recognized solid green IC OK Cable OK (if present) blinking green IC OK Cable bad solid amber IC firmware download in progress blinking amber IC hardware fault or failure, replace IC

14.5.1.4 Power and Cooling Unit

AC Status LED off solid amber solid green

PS OK Status LED off off solid green

solid green solid amber solid green

off solid amber solid amber

solid green

blinking green

Status Power is off No AC power present Power is off Power Switch turned off AC Power is available Normal Operating State: PCU receiving AC Power switch turned on AC power available Occurs when disk tray is shut down: PCU disabled AC power is available PCU is off; disk tray willpower off after PCU is disabled Indicates one or more of the following: Over temperature condition; PCU disabled DC power not available; PCU disabled Both fans have fault; PCU disabled Battery on refresh cycle Battery recharging

Sun Proprietary & Confidential: Internal Use Only

Page 289

SSE Field Reference Guide
solid green blinking amber

14.0 EOL'd Disk Arrays
Indicates one or more of the following: PCU disabled One fan fault Battery hold time low; PCU remains enabled Battery out of warranty; PCU remains enabled Battery life span failure; PCU remains enabled

14.5.1.5 Disk Drive

Drive Activity off blinking green solid green blinking green N/A N/A

Drive Status off off off off solid amber

Status Drive not installed or recognized Drive spin up or spin down Drive ok and idle Drive ok and active Drive reconstruct Firmware download in progress blinking amber Drive failure, replace drive

14.5.2. Command Reference
14.5.2.1 File management: mkdir rmdir cd pwd touch cat more* tail rm mv telnet ftp** *more command usage q=quit, f= forward, b= backward ** ftp requires a password for the root account 14.5.2.2 vol commands: vol list, vol add, vol remove, Sun Proprietary & Confidential: Internal Use Only Page 290

SSE Field Reference Guide
vol init, vol mount, vol unmount, vol mode, vol verify, vol stat. 14.5.2.3 System Commands boot - Boot system (-i, -s,) disable - Disable controller (u1,u2) or loop cards (ux lx) disk - Disk administration (version) date - set date and time (200003071607 = 03/07/2000 16:07) enable - Enable controller (u1,u2) or loop cards (ux lx) ep - Program the flash prom fru - Display FRU information (-s , -st, list, stat,) help - Display reference Manual pages id - Display fru identification summary lpc - Get interconnect card property (ledtest) passwd - change or display array password port - Configure the interface port number (list, listmap, set) proc - Display status of outstanding vol processes (list, kill) refresh - Start/stop battery refreshing or display its status reset - Reset system set - Display or modify the set information shutdown - Shutdown disk tray or partner group sys - Display or modify the system information ver - Display the software version vol - Display or modify volume information

14.0 EOL'd Disk Arrays

14.5.3. Firmware upgrading
It is recommended that the array is "out of use" before upgrading firmware. (This includes disable polling from Component Manager) 1. ftp firmware files to / on the array. 2. Upgrade Raid controller firmware: t3-a:/:> boot -i nb###.bin t3-a:/:> reset -y (Warning: if base firmware was below 1.17a, use serial port to reset) 3. Upgrade EEprom: t3-a:/:> ep download ep2_09.bin 4. Upgrade UIC: t3-a:/:> lpc download u#l# lpc_04.11 (3minutes/card, will take card off line) 5. Upgrade Disks: t3-a :/:> disk download u1d1-9 D44a.lod (unmount volumes, 20min for 9 disks, led goes amber during download)

Sun Proprietary & Confidential: Internal Use Only

Page 291

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

14.5.4. TFTP Boot Procedure
Note: if chasis is swapped enter new mac address into /etc/ethers file of tftp server. On Server: 1. 2. 3. 4. 5. 6. On Array: 7. Modify Bootmode to tftp (:/:set bootmode tftp) 8. Modify tftphost to server's IP (:/: set tftphost xxx.xxx.xxx.xxx) 9. Modify tftpfile to nbxxx.bin (step#3) (:/: set tftpfile nbxxx.bin) 10.Modify IP to ip assigned to your array ** (:/: set ip xxx.xxx.xxx.xxx) 1 11.Reset array *
·

Modify /etc/hosts file on server with ip and name of array Modify (create) /etc/ethers file on server with mac and array name Create /tftpboot directory and copy nbxxx.bin (psos) to it Un comment '#tftp' in /etc/inetd.conf # kill -HUP inetd PID# # ps -ef | grep in.rarpd (should be running... restart if tftp doesn't work)

if rarp is working, array should get IP from server, If IP is assigned thru "set" command than array will go to the 'who is tftphost' phase of tftpboot.

14.5.5. Forgotten password
1. reset the T3 2. press (return) within 3 seconds of reset (on the console sesion you have open) 3. type in - set passwd (this will display the current password)

14.5.6. Rebuilding the sysarea
In cases where the Sun StorEdge[TM] T3 array is able to boot but unable to mount the / file system, it is necessary in some cases, to wipe out and rebuild the sysarea. The process to wipe out and rebuild the T3 sysarea is completed in 3 stages. Stage 1 wipe out the corrupt sysarea Stage 2 rebuild a new sysarea Stage 3 Lun recovery Each of the 9 disks in the T3 has a 200MB region reserved for the boot code and configuration data. The configuration data includes the bootcode, volume configuration and logging data. The system area has 2 partitions. Bootcode is located on the first and psos+ and a filesystem make up the second. In this case we assume that the bootcode is good but the filesystem is damaged. The only way to repair the filesystem in this case is to wipe out and rebuild the system area.. Warning: Collect the required information to recover the luns in stage 3 before continuing. 14.5.6.1 Data Collection: Use output from a saved copy of extractor or explorer to identify the lun configuration raid level and block size. If any of these things are not rebuilt exactly as they were, the data is lost. Note: For T3+ arrays, if vol slicing is enabled we will need the output of: volslice list lun map list lun perm list. 1. Verify block size and mp_support with output from sys_list

Sun Proprietary & Confidential: Internal Use Only

Page 292

SSE Field Reference Guide
brm04-storage-lab4:/:<1>sys list blocksize : 64k mp_support : rw 2. Verify lun make up with output from vol_list brm04-storage-lab4:/:<2>vol list volume capacity raid data standby vol01 35.8 GB 1 u2d1-4 u2d9 2a. If T3+, collect T3+ Info (these are just examples): brm04-storage-lab4:/:<2> volslice list Slice s0 s1 s3 s2 Slice Num 0 1 3 2 Start Blk 0 209740800 211838208 264273408 0 209740800 Size Blks 209740800 2097408 52435200 164617728 209740800 219150336

14.0 EOL'd Disk Arrays

Capacity 100.011 1.000 25.002 78.495 100.011 104.499

GB GB GB GB GB GB

Volume vol01 vol01 vol01 vol01 vol02 vol02

brm04-storage-lab4:/:<2>lun map list Lun No Slice No ---------------0 0 1 1 2 2 3 3 brm04-storage-lab4:/:<2>lun perm list lun slice WWN Group Name Group Perm WWN Perm Effective Perm ----------------------------------------------------------------------0 0 default --none none 0 0 210000e08b053880 --rw rw 1 1 default --none none 1 1 210000e08b053880 --rw rw 2 2 default --none none 2 2 210000e08b053880 --rw rw 3 3 default --none none 3 3 210000e08b053880 --rw rw ----------------------------------------------------------------------disabled access to default(everyone) 14.5.6.2 Procedure Stage 1 - Wipe out the corrupt sysarea In order to wipe out the sysarea on a disk we interrupt the boot process by hitting ctrl t as soon as the message initializing QLCF component... initializing loop 1 ISP2100 ... firmware status = 3 Detected 10 FC-AL ports on loop 1 Initializing loop 2 ISP2100 ... firmware status = 3 The boot will continue in a normal fashion until it finally enters offline diagnostics.

Sun Proprietary & Confidential: Internal Use Only

Page 293

SSE Field Reference Guide
Cache Mem Addr Toggle Test begin... Cache Mem Addr Toggle Test complete... Passed 256 MBytes Cache Memory Detected Testing CPU DRAM... Cancelled

14.0 EOL'd Disk Arrays

Once the Diagnostic menu appears Select the QC: to quit but go into Label Control Menu DIAGNOSTICS MENU CO: Configure options for Diagnosis MM: Memory Diagnostic Menu DM: Data Path Diagnostic Menu XM: Xor Diagnostic Menu IM: QLOGIC ISP2100 Chip Diagnostic Menu RS: Reset System QC: Quit but go into Label Control Menu QT: Quit Diagnostic Menu Enter command [HE]: qc Once again select the QC: option to quit and enter the label control menu. DIAGNOSTICS MENU CO: Configure options for Diagnosis MM: Memory Diagnostic Menu DM: Data Path Diagnostic Menu XM: Xor Diagnostic Menu IM: QLOGIC ISP2100 Chip Diagnostic Menu RS: Reset System QC: Quit but go into Label Control Menu QT: Quit Diagnostic Menu Enter command [HE]: qc Select the W1 option. This will wipe out unit 1 sys area and LFS LABEL CONTROL MENU W1: Wipe out unit 1 Sysarea and LFS QQ: Quit Label Menu for this UNIT QA: Quit All Enter command [HE]: w1 Select qa to quit and resume boot proccess. LABEL CONTROL MENU W1: Wipe out unit 1 Sysarea and LFS QQ: Quit Label Menu for this UNIT QA: Quit All Enter command [HE]: qa Stage 2 -Rebuild a new sysarea The rebuild of the sys area will require a tftp boot server. The process is documented in Sun InfoDoc 19272. Once the tftpboot server is ready, tftpboot the unit. 1. Interrupt boot process (Hit any key before the time-out value) 2. t3:> set bootmode tftp 3. t3:> boot Once the boot completes the system is ready to be rebuilt. Use the t3.sh script (available in the 109115 patch) to reload psos. Follow the patch readme included with 109115-xx. Stage 3 - Lun recovery Sun Proprietary & Confidential: Internal Use Only Page 294

SSE Field Reference Guide
Use the data collected earlier for this part of the procedure. 1. After the layout is determined, reset the block size to the correct value. brm04-storage-lab4:/: <3>sys blocksize 64k Notice that the luns are now missing after the rebuild of the boot and sysareas. brm04-storage-lab4:/:<4>vol list volume capacity raid data standby 2. Add back vol01: brm04-storage-lab4:/:<5>vol add vol01 data u2d1-4 raid 1 standby u2d9 3. Check the lun against the saved output. brm04-storage-lab4:/:<6>vol list volume capacity raid data standby vol01 35.8 GB 1 u2d1-4 u2d9

14.0 EOL'd Disk Arrays

4. Now we can re-initialize the lun. This is done with the .vol command so that the volume data is not actually initialized. In our case: brm04-storage-lab4:/:<7>.vol init vol01 fast WARNING - Existing volume data won't be changed. Continue ? [N]: y 5. If volume slices existed, we must use the output from the volslice list command to recreate the slices. It is critical if multiple slices existed to start the volume slices on the exact start block. brm04-storage-lab4:/:<2> volslice list Slice s0 s1 s3 s2 Slice Num 0 1 3 2 Start Blk 0 209740800 211838208 264273408 0 209740800 Size Blks 209740800 2097408 52435200 164617728 209740800 219150336 Capacity 100.011 1.000 25.002 78.495 100.011 104.499 GB GB GB GB GB GB Volume vol01 vol01 vol01 vol01 vol02 vol02

brm04-storage-lab4:/:<2> volslice create 0 -s 0 -z 100GB vol01 brm04-storage-lab4:/:<2> volslice create 1 -s 209740800 -z 1GB vol01 brm04-storage-lab4:/:<2> volslice create 3 -s 211838208 -z 25GB vol01 brm04-storage-lab4:/:<2> volslice create 2 -s 0 -z 100GB vol02 6. Then map the slices to the lun numbers as retrieved from the lun map list command. brm04-storage-lab4:/:<9> lun map add lun 0 slice 0 Now the volume(s) can be remounted and data can be brought back online. Stage 3 is particularly critical. All data will be lost if any incorrect information is used in the lun rebuild stage.

14.5.7. Accessing “dot” commands
Dot commands such as .vol, .bat, and .id, which were readily available in1.x and 2.x versions of the T3 firmware, are now password protected on the T3+ and 6020/6120 Array (Maserati) when firmware level 3.1.2 or later is loaded. Access to "dot" commands has been password protected in order to restrict their use to Sun service personnel. Use of these commands may be requiredwhen performing system maintenance such as replacing the battery. They may also be required when performing certain recovery procedures.

Sun Proprietary & Confidential: Internal Use Only

Page 295

SSE Field Reference Guide
To access these "dot" commands: 1. Connect to the Array using a serial cable or a telnet connection. 2. Login as root. 3. Check the version of the firmware by issuing the ver command. t3b:/:<1>ver

14.0 EOL'd Disk Arrays

T3B Release 3.1.2 Fri Dec 19 14:42:03 PST 2003 (10.1.9.236) Copyright (C) 1997-2003 Sun Microsystems, Inc. All Rights Reserved 4. If the version is 3.x.x or greater, use the "sun" command to gain access to the dot commands. t3b:/:<2>sun Password: arrayservice sun: commands enabled

14.5.8. Battery Status
Checking Refresh times T3:/etc:40>refresh -s PCU1 PCU2 ----------------------------------------------------------------U1 Recharging Pending U2 Recharging Pending Current Time Start Time Next Refresh Total time elapsed : Fri Sep 15 17:09:01 2000 Fri Sep 15 16:52:40 2000 Fri Sep 29 16:52:40 2000 0 hours, 16 minutes, 21 seconds.

refresh refresh refresh refresh

-c -s -i -k

----> ----> ----> ---->

start refresh get status re-init command file kill current refreshing task

Setting Battery Refresh Time Modify the T3's /etc/schd.conf file. Syntax for the file is: BAT_BEG MM-DD-YYYY,hh-mm-ss (where this is the start time to initiate a refresh cycle on a particular day) BAT_CYC 28 (where this is the number of days between refresh cycles. ) Note: The battery service life is dependent on a battery refresh cycle of 28 days. Don't alter this value unless instructed to do so by Sun. Battery hold time The length of time it takes to discharge a battery during a refresh cycle. The longer the time, the better the battery. The minimum PCU battery hold time is 6 minutes. The T3 refers to hold time in seconds, e.g. 6 minutes equates to 360 seconds. If the battery discharges in less than 6 minutes, the system assumes it has very little "juice" left and marks it as Sun Proprietary & Confidential: Internal Use Only Page 296

SSE Field Reference Guide
unhealthy by saying it's hold time is low.

14.0 EOL'd Disk Arrays

Typical times for a healthy battery are 6-20 minutes. If hold time falls below 6, the battery must be replaced by replacing the PCU. Battery Life Span T3:/etc:37>id read u1pcu1 Revision : 0000 Manufacture Week : 00032000 Battery Install Week : 00032000 Battery Life Used : 31 days, 8 hours Battery Life Span : 730 days, 12 hours Serial Number : 010293 Battery Warranty Date: 20000815151902 Battery Internal Flag: 0x00000000 Vendor ID : TECTROL-CAN Model ID : 300-1454-01(50 From the 'id read' output in the last question, the Battery Life Span is 730 days or 2 years. After that it must be replaced, by replacing the PCU.

Sun Proprietary & Confidential: Internal Use Only

Page 297

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

14.6. 6x20 (Maserati) Disk Array
14.6.1. logins, passwords and roles
Maserati Default UserID # -------storage admin guest setup root guest rss root Passwords Password --------!storage !admin !guest !setup root guest sun1rss sun1 Device ------------SSCS CLI/GUI SSCS CLI/GUI SSCS CLI/GUI Service Processor Service Processor Service Processor NTC Service Array (array00, etc)

Login to service processor from external system using: # ssh ssh -l root <ip> Note:sp does not have menu to make changes to config. Use web based GUI: https://<ip>:9443/se6000ui/login.do

14.6.2. LED's
Array Unit SIS LEDs

White Off Off On

Amber Green Off Off n/a On n/a On

Function Array is not powered (no AC power). No locator action is active to this tray. A locator action is underway for this tray.

Sun Proprietary & Confidential: Internal Use Only

Page 298

SSE Field Reference Guide
Disk Drive LED's

14.0 EOL'd Disk Arrays

Blue Off On Off Off Off Off Off On On

Amber Green Off Off Off Off Off On On On Off Off Off Slow Blink * On Mainly on, flashing off at a visible frequency On Slow Blink Off Slow Blink Fast Blink n/a

Function Drive not mated or not powered on OK to remove; not ready; software deconfigured; drive mated, powered on Not ready; drive powered on; spinning up/ down, waiting for the spin-up command Ready; drive spun-up Ready with SCSI activity Drive service action required; drive ready; not OK to remove Drive service action required; drive not ready; not OK to remove OK to remove; drive service action required; drive not ready; software deconfigured OK to remove; not ready; software deconfigured; powered on; either spinning up or down or waiting for the spin-up command Array power-on test, drive insertion test, or array LED check

Fast Blink *

Power & Cooling LED's

Blue Off Off Off Off Off

Amber Off Off Off On On

Green Off On Fast Blink * On Off

Function PCU not mated; no AC power, or normal state for PCU in standby PCU ready; all voltages at rated value PCU ready, battery power available, and all DC voltages within tolerance PCU service action is required; PCU ready PCU service action is required; PCU not ready

Sun Proprietary & Confidential: Internal Use Only

Page 299

SSE Field Reference Guide
On On Fast Blink On Off Fast Blink Off Off Fast Blink

14.0 EOL'd Disk Arrays
OK to remove; PCU service action is required; PCU not ready; PCU is software deconfigured OK to remove; PCU is software deconfigured; no service action required Array power-on test, PCU insertion test, or array LED test

* - Fast Blink is measured as four blinks per second.

Sun Proprietary & Confidential: Internal Use Only

Page 300

SSE Field Reference Guide
Interconnect Card SIS LEDs

14.0 EOL'd Disk Arrays

Blue Off Off Off Off On On Fast Blink * check

Amber Off Off On On Off On Fast Blink

Green Function Off On On Off Off Off Interconnect card not mated or no standby power Ready; standby power OK Interconnect card service action required; interconnect card ready Interconnect card service action required; interconnect card not ready OK to remove; not ready; software deconfigured OK to remove; interconnect card service action required; interconnect card not ready; interconnect card is software deconfigured Fast Blink Array power-on test, interconnect card insertion test, or array LED

* - Fast Blink is measured as four blinks per second. Interconnect Card Channel Status LEDs Amber Green Function Off Off On On Off Off Interconnect cable present; OK Interconnect cable missing or port has been shut down Interconnect cable present; no signal detected

Sun Proprietary & Confidential: Internal Use Only

Page 301

SSE Field Reference Guide
Controller Card SIS LED's

14.0 EOL'd Disk Arrays

Blue Off Off Off Off On On Fast Blink *

Amber Off Off On On On Off Fast Blink

Green Function Off On On Off Off Off n/a Controller not mated, not powered, or not booted Controller ready Controller service action required; controller ready Controller service action required; controller not ready OK to remove; controller service action required; controller not ready; controller is software deconfigured OK to remove; controller not ready; software deconfigured Array power-on test, controller insertion test, or array LED check

* - Fast Blink is measured as four blinks per second.

Sun Proprietary & Confidential: Internal Use Only

Page 302

SSE Field Reference Guide
FC-AL Channel Status LEDs

14.0 EOL'd Disk Arrays

FC-AL Channel Status LEDs Green Amber Function Off Off On Blink Off On Off Off Port disabled Port enabled; no signal detected or Laser Fault Port enabled; signal detected Port enabled; signal detected; transferring information

Ethernet Channel Status LEDs LED Green Function Link invalid Link valid Link valid and active On 100 Mbps communication speed Off 10 Mbps communication speed VAL/ACT Off On Blink 100 bps or 10 bps

14.6.3. Terminology
The terms "pool", "volume", "LUN", "vdisk" and "slice" are often used to describes structures within the 6120, 6320 and 6920 products. However, depending on the context that the term is being used, they can have very different meanings. The following lays out the terms and their meaning relative to each product. A 6120 Volume = a 6320 pool = 6920 vdisk Each on of these is exactly the same structure on the array. 6120 Volume: A RAID grouping of physical disk drives, restricted to a single array tray. Slices are then carved from the Volume and presented to the upstream host as a LUN. 6320 Pool: A RAID grouping of physical disk drives, restricted to a single array tray. Volumes are then carved from the Pool and presented to the upstream host as a LUN.

Sun Proprietary & Confidential: Internal Use Only

Page 303

SSE Field Reference Guide

14.0 EOL'd Disk Arrays

6920 vdisk: A RAID grouping of physical disk drives, restricted to a single array tray. vdisks then become members of a 6920 Storage Pool (see below for 6920 Storage Pool definition). Virtual Volumes are then carved from the 6920 Pool and presented to the upstream host as a LUN. A 6120 Slice = a 6320 Volume Each on of these is exactly the same structure on the array. 6120 Slice: LUN. 6320 Volume: Is the smallest logical unit carved from a 6120 Volume and presented to the upstream host as a Is the logical unit that is carved from the 6320 Pool and presented to the upstream host as a LUN.

A 6320 Pool is NOT EQUAL to a 6920 Pool 6320 Pool: A RAID grouping of physical disk drives, restricted to a single array tray. Volumes are then carved from the Pool and presented to the upstream host as a LUN. 6920 Pool: Is a collection of vdisks (up to 32) with a common configuration, availability and performance. The Pool can be carved into Virtual Volumes and presented to the upstream host a LUN. The 6120, 6320 and 6920 all have the concept of a volume. In all cases it is the logical unit presented to the upstream host as a LUN. However, the underlying structures that make up the "volume" are different for each product. 6120 Volume: A RAID grouping of physical disk drives, restricted to a single array tray. Slices are then carved from the Volume and presented to the upstream host as a LUN. 6320 Volume: Is the logical unit that is carved from the 6320 Pool and presented to the upstream host as a LUN. 6920 Volume: A: Virtual Volume. Is the logical unit carved from the 6920 Pool and is presented to the upstream host as a LUN.

14.6.4. sscs Commands
Use sccs CLI: ( from external system with packages installed.) You will need to log into the CIM database before executing any commands. Logging in: # /opt/se6x20/cli/bin/sscs login -h [localhost] -u [user name] How to list What arrays are available [sp0]# ./sscs list array Array: array00 [sp0]# Listing the array configuration (name of array = array00) [sp0]# ./sscs list array array00 Array: array00 Segment size: 64K Cache mode: auto Readahead mode: on Disk recon rate: medium Failover mode: explicit Fiber chanel topology: fabric_p2p Fiber chanel port speed: 2 gigabit Description: array00 Status: ok Tray id: 3 Tray id: 2 Tray id: 1 Sun Proprietary & Confidential: Internal Use Only Page 304

SSE Field Reference Guide
Tray id: 0 [sp0]# List all the trays id numbers in array00 [sp0]# ./sscs list -a array00 tray Tray: 3 Tray: 2 Tray: 1 Tray: 0 [sp0]# List the trays Configuration Parameters in array00, tray id=0 [sp0]# ./sscs list -a array00 tray 0 Tray: 0 Type: Controller Role: Master State: Enabled Status: Ready Number of drives: 7 All drives healthy: yes Drive capacity: 68.37 GB Pool: t0pool0 [sp0]# Show the date [sp0]# ./sscs list date Mon May 5 15:37:10 PDT 2003 [sp0]# List all the volumes in array00 [sp0]# ./sscs list -a array00 volume Volume: t0pool0v0 Volume: t0pool0v1 Volume: t0pool0v2 Volume: t0pool0v3 Volume: t1pool0v0 Volume: t1pool0v1 Volume: t1pool0v2 Volume: t1pool0v3 Volume: t2pool0v0 Volume: t2pool0v1 Volume: t2pool0v2 Volume: t2pool0v3 Volume: t3pool0v0 Volume: t3pool0v1 Volume: t3pool0v2 Volume: t3pool0v3 [sp0]# List a specfic volume in array00 [sp0]# ./sscs list -a array00 volume t2pool0v1 Volume: t2pool0v1 Sun Proprietary & Confidential: Internal Use Only

14.0 EOL'd Disk Arrays

Page 305

SSE Field Reference Guide
Pool: t2pool0 Size: 10 GB Default permissions: None Tray id: 2 LUN: 5 [sp0]# Create a pool from array00 name of array = array00 -t 0 (tray id) -d 6 (number of disks) -r 5 (raid 5) -s 1 (hot spare = 1 and no hot spare = 0) [sp0]# ./sscs create -a array00 -t 0 -d 6 -r 5 -s 1 pool t0pool0 Create a volume in array00 from pool t0pool0 name of array = array00 -s size volume -P permission of volume (readwrite none readonly) -n lun #

14.0 EOL'd Disk Arrays

[sp0]# ./sscs create -a array00 -p t0pool0 -s 10gb -P none -n 0 volume t0pool0v0 Create a volume group for array00 name of array = array00 name of volgroup = group_even [sp0]# ./sscs create -a array00 volgroup group_even List all active jobs v4u-450f# ./sscs list -o true jobs Job ID: 192.168.0.40:1:t1pool0:3 Job ID: 192.168.0.40:1:t1pool0:4 List the last to log messages from the SP [sp0]# ./sscs list -t 10 log May 23, 2003 1:18:01 PM PDT: May 23, 2003 1:20:04 PM PDT: May 23, 2003 1:22:01 PM PDT: May 23, 2003 1:24:01 PM PDT: May 23, 2003 1:26:00 PM PDT: May 23, 2003 1:28:01 PM PDT: May 23, 2003 1:30:04 PM PDT: May 23, 2003 1:32:01 PM PDT: May 23, 2003 1:34:02 PM PDT: May 23, 2003 1:36:01 PM PDT: [sp0]# Error Error Error Error Error Error Error Error Error Error accessing accessing accessing accessing accessing accessing accessing accessing accessing accessing persistence persistence persistence persistence persistence persistence persistence persistence persistence persistence flash flash flash flash flash flash flash flash flash flash disk disk disk disk disk disk disk disk disk disk

Sun Proprietary & Confidential: Internal Use Only

Page 306

SSE Field Reference Guide
List all the initgroups from the array name of array = array00 [sp0]# ./sscs list -a array00 initgroup Initiator Group: 450e Initiator Group: e10k Delete a initgroup from the array name of array = array00 name of initgroup = 450e [sp0]# ./sscs delete -a array00 initgroup 450e List the all initiators from the array name of array = array00 [sp0]# ./sscs list -a array00 initiator Initiator: 210000E08B0602E9 Initiator: 210000E08B06FCE8 Initiator: 210000E08B0705B5 Initiator: 210000E08B07CCB4 Delete a initiator from the array name of array = array00 wwn of hba = 210000E08B0602E9

14.0 EOL'd Disk Arrays

[sp0]# ./sscs delete -a array00 initiator 210000E08B0602E9 List all the volume groups from the array name of array = array00 [sp0]# ./sscs list -a array00 volgroup Volume Group: group_even Volume Group: group_odd Delete volume group group_even from the array00 name of array = array00 name of volume group = group_even [sp0]# ./sscs delete -a array00 volume t0pool0v0 Delete a volume from the array00 name of array = array00 name of volume = t0pool0v0 [sp0]# ./sscs list -a array00 pool t0pool0

Sun Proprietary & Confidential: Internal Use Only

Page 307

SSE Field Reference Guide
List a pool from the array00 v4u-450f# ./sscs list -a array00 pool t1pool0 Pool: t1pool0 Raid level: 5 Hot Spare: 1 Total Size: 340.85GB Available capacity: 340.85GB Status: online Modify Timezone [sp0]# ./sscs modify timezone US/Eastern [sp0]# ./sscs list timezone Eastern Standard Time Modify Timezone - month day hour minute year second [sp0]# ./sscs modify -G false date 052715332003.00 List all the pools in array00 [sp0]# Pool: Pool: Pool: Pool: ./sscs list -a array00 pool t0pool0 t1pool0 t2pool0 t3pool0

14.0 EOL'd Disk Arrays

Add volume to a volume group called group_odd [sp0]# ./sscs add -a array00 -v t0pool0v1,t1pool0v1 volgroup group_odd

14.6.5. Forgotten Password
You must have a serial connection setup in order to complete this procedure. 1. Power back on T4 to L2; i.e. Sun StorEdge 6120 2.5 Controller - (256 MB) 6120-2 Starting POST ........ POST end Starting... 6120-EP Release 3.0.2 Fri Feb 21 16:06:09 PST 2003 (192.168.0.40) Copyright (C) 1997-2003 Sun Microsystems, Inc. All Rights Reserved. Found units: [u1-ctr] auto boot is enabled hit the RETURN key within 3 seconds to cancel...Cancelled! => 2. Enter the following (The password will be: letmein ) => set flags 0x40000000

Sun Proprietary & Confidential: Internal Use Only

Page 308

SSE Field Reference Guide
=> set passwd letmein Root password changed. => boot

14.0 EOL'd Disk Arrays

3. Once the unit has booted you can now log in using the password you set at L2; i.e. Login: root Password: letmein

Sun Proprietary & Confidential: Internal Use Only

Page 309

SSE Field Reference Guide

Sun Proprietary & Confidential: Internal Use Only

Page 310

SSE Field Reference Guide

15.0 Storage Area Networks (SAN)

15.0 Storage Area Networks (SAN)
15.1. SAN Switches
15.1.1. Default Passwords
Sun (Qlogic) 1gb switch: Sun (Qlogic) 2gb switch: Brocade: McData: root/ma31_glw admin/password admin/password Administrator/administrator

15.1.2. SAN Quick Command Reference
luxadm fcode -p (lists SUN/QLOGIC HBAs and firmware on each). luxadm -e port (Here you would be looking for a connected status for your device in question.) luxadm -e dump_map /devices/pci@1f,4000/SUNW,qlc@4/fp@0,0:devctl (path is from above command) luxadm probe luxadm display <path> (path from above or WWN) ls -l /dev/cfg (This will show you paths to controller mapping.) cfgadm -al (View what fabric devices are seen and configured and their condition) cfgadm -c configure c# (to configure a device ex: cfgadm -c configure c5::50020f2300000cab) cfgadm -o show_FCP_dev -al (list luns under each device. very handy when troubleshooting lun issues). ls -l /dev/fc (give you fp to path mappings) prtconf -vp|grep -i wwn (will give you the wwn of all configured HBAs on the system, this is a snap shot of what the prom saw at boot).

15.1.3. Configuration Procedures
15.1.3.1. Determining SAN Foundation Kit Version
sfkcheck - ksh script to check revision levels of Leadville packages and patches. Can be run on a live lab system, against Explorer output, or against a flat 'showrev -p' output file TO RUN ON EXTERNAL CUSTOMER SYSTEM, USE THE "-l" OPTION (which will check for patches, but not provide you what the latest rev is). Or you can use the "-r" option and reference a local patchdiag.xref file. Sample output: root# sfkcheck sfkcheck Version 1.3.0 (01/31/04) =============================================== CHECKING LIVE SYSTEM, HOSTNAME = "fade"... =============================================== Checking SAN/Leadville PACKAGES for Solaris 8 7/01 PACKAGE ------SUNWqlc SUNWqlcx SUNWfcp SUNWfcpx SUNWfcip SUNWfcipx SUNWfctl SUNWfctlx SUNWsan SUNWcfpl VERSION ------11.8.0 11.8.0 11.8.0 11.8.0 11.8.0 11.8.0 11.8.0 11.8.0 1.0 11.8.0 STATUS -----INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED KEY: [B]undled;[U]nbundled;[O]ptional ------------------------------------[B] FULL+OEM INSTALL / ON SOLARIS CD [B] FULL+OEM INSTALL / ON SOLARIS CD [B] FULL+OEM INSTALL / ON SOLARIS CD [B] FULL+OEM INSTALL / ON SOLARIS CD [B] FULL+OEM INSTALL / ON SOLARIS CD [B] FULL+OEM INSTALL / ON SOLARIS CD [B] FULL+OEM INSTALL / ON SOLARIS CD [B] FULL+OEM INSTALL / ON SOLARIS CD [U] SFK PACKAGE / ON SDLC [U] SFK PACKAGE / ON SDLC Page 311

Sun Proprietary & Confidential: Internal Use Only

SSE Field Reference Guide
SUNWcfplx ! SUNWmdiu SUNWfchba SUNWfchbr SUNWfchbx SUNWfcsm SUNWfcsmx SUNWcfcl SUNWcfclr SUNWcfclx SUNWjfca SUNWjfcax SUNWjfcau SUNWjfcaux SUNWsmgr SUNWsmgr2 SUNWstade 11.8.0 N/A 11.8.0 11.8.0 11.8.0 11.8.0 11.8.0 11.8.0 11.8.0 11.8.0 11.8.0 11.8.0 11.8.0 11.8.0 2.07.54 2.1 2.3 INSTALLED NOT INSTALLED! INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED INSTALLED [U] [U] [O] [O] [O] [O] [O] [O] [O] [O] [O] [O] [O] [O] [O] [O] [O]

15.0 Storage Area Networks (SAN)
SFK PACKAGE / ON SDLC SAN 4.3 PKG (STMS BOOT) / ON SDLC ESM/SNIA CONFIGS ONLY / ON SDLC ESM/SNIA CONFIGS ONLY / ON SDLC ESM/SNIA CONFIGS ONLY / ON SDLC ESM/SNIA CONFIGS ONLY / ON SDLC ESM/SNIA CONFIGS ONLY / ON SDLC ESM/SNIA CONFIGS ONLY / ON SDLC ESM/SNIA CONFIGS ONLY / ON SDLC ESM/SNIA CONFIGS ONLY / ON SDLC SUN/JNI HBAS ONLY / ON SDLC SUN/JNI HBAS ONLY / ON SDLC SUN/JNI HBAS ONLY / ON SDLC SUN/JNI HBAS ONLY / ON SDLC SAN 3.x SWITCH GUI / ON SDLC SAN 4.x SWITCH GUI / ON SDLC (GET v2.1) StorADE AGENTS ONLY / ON SDLC

Checking SAN/Leadville PATCHES for Solaris 8 7/01 PATCHDB: /net/patchdb.central/patches/patchroot/reports/patchdiag.xref [Feb/18/04] PATCH FOUND --------111847 -08 110614 -02 108982 -09 108983 -08 108984 -08 109529 -06 ! 108974 -36 109524 111412 -12 DISABLED! 111095 -14 111096 -07 111097 -13 111413 -11 111846 -07 113766 -02 114475 -02 113767 -03 ! 114877 -02 110696 -04 PATCH ! 112429 N/F! 112433 -03 SANbox1 ONLY 112434 -04 SANbox2 ONLY ! 113230 N/F! ! 114590 N/F! ! 114616 N/F! ! 115861 N/F! ! 116261 N/F! ! 116342 N/F! SAN --4.3 LATEST ------08 -02 -09 -08 -08 -06 -37 -12 -14 -07 -13 -11 -07 -02 -02 -03 -03 -04 -08 -03 -04 -02 -18 -04 -03 -01 -01 SYNOPSIS -------SFK (SUNWsan) patch 5.8: ses patch 5.8: fctl/fp/fcp/usoc 5.8: fcip patch 5.8: qlc patch 5.8: luxadm/liba5k/libg_fc 5.8: sd and ssd patch 5.8: STMS patch 5.8: fctl/fp/fcp/usoc 5.8: fcip patch 5.8: qlc patch 5.8: luxadm/liba5k/libg_fc 5.8: cfgadm/fp library 5.8: Common FC HBA API Lib 5.8: fcsm patch 5.8: SNIA Sun FC HBA Lib 5.8: JNI driver patch SUNWsmgr (SANSurfer) SUNWsmgr2 (SANbox_Manager) SAN 4.x SANbox1 FW SUNWsmgr2 GUI, SANbox2 FW StorADE 2.1: SUNWstade SUNWstade Support patch ESM 1.2 patch SAN Mgr mgmt station SAN Manager CLI patch SAN Mgr agent station KEY: [O]ptional --------------SFK UPDATE USUALLY BUNDLED w/OS USUALLY BUNDLED w/OS USUALLY BUNDLED w/OS USUALLY BUNDLED w/OS REPLACES OLD ssd PATCH REQUIRED EVEN IF STMS SFK/LV UPDATE SFK/LV UPDATE SFK/LV UPDATE SFK/LV UPDATE SFK/LV UPDATE [O] ESM/SNIA CONFIGS ONLY [O] ESM/SNIA CONFIGS ONLY [O] ESM/SNIA CONFIGS ONLY [O] SUN/JNI HBA ONLY [O] SAN 3.x SWITCH GUI [O] SUNWsmgr2 v1.0 ONLY [O] SUNWsmgr2 v2.1, [O] SUNWsmgr2 v2.1, [O] [O] [O] [O] [O] [O] SUNWstade v2.1 ONLY SUNWstade v2.2 ONLY ESM 1.2 CONFIGS ONLY ESM 2.0 CONFIGS ONLY ESM 2.0 CONFIGS ONLY ESM 2.0 CONFIGS ONLY

4.3 4.3 4.3 4.3 4.3 4.3 4.3 4.3 4.3 4.3*

Sun Proprietary & Confidential: Internal Use Only

Page 312

SSE Field Reference Guide
! ! ! ! 116375 116251 116252 116253 N/F! N/F! N/F! N/F! -01 -01 -01 -01

15.0 Storage Area Networks (SAN)
ESM common patch Capacity Rpt Components Capacity Rpt Mgmt Station Capacity Rpt Agent [O] [O] [O] [O] ESM ESM ESM ESM 2.0 CONFIGS ONLY 2.0/CAPACITY RPT 2.0/CAPACITY RPT 2.0/CAPACITY RPT

- Help/Usage output root# sfkcheck -h sfkcheck Version 1.3.5 (03/31/04) Usage: sfkcheck sfkcheck sfkcheck sfkcheck sfkcheck sfkcheck <default> -l revs -patch -pkg -e <explorer> -r <patchdiag.xref> -R <root_path> -s8|-s9 <showrev-p> -list <pkg|s8|s9|fw> [-l | -patch | -pkg] -e <explorer> -r <patchdiag.xref> -R <root_path> -s8 | -s9 <showrev-p> -list <pkg | s8 | s9 | fw> : Check pkgs and patches on live system : Same as default, but do not list latest available patch : : : : : : : (For use when patchdiag.xref file is not available) Check patches only (bypass package checks) Check packages only (bypass patch checks) Same as default, but run against Explorer output Same as default, but uses a local copy of patchdiag.xref Same as default, but uses alternate root absolute path Check for s8 or s9 patches against 'showrev -p' output file Generate pkg or patch list only, no checking performed

[NOTE: If outside of SWAN, "-l" or "-r" will be required to do any checks]

7.12.3.2. Identifying Brocade Switch Type
The FOS command "switchShow" displays the "switchType" in the form "M.R" where M is the Model Type as follows: switchType: switchType: switchType: switchType: switchType: switchType: switchType: switchType: switchType: Examples: From a Brocade Silkworm 12000 sw12ka0:admin> switchShow switchName: sw12ka0 switchType: 10.0 switchState: Online : : 1 2 3 4 5 9 10 12 16 = = = = = = = = = Brocade Brocade Brocade Brocade Brocade Brocade Brocade Brocade Brocade SilkWorm SilkWorm SilkWorm SilkWorm SilkWorm SilkWorm SilkWorm SilkWorm SilkWorm 1000 2800 2400 20x0 22x0 3800 12000 3900 3200

Sun Proprietary & Confidential: Internal Use Only

Page 313

SSE Field Reference Guide
From a Brocade SilkWorm 3900 sw3900a:admin> switchShow switchName: sw3900a switchType: 12.4 switchState: Online : : From a Brocade SilkWorm 2400 sw2400a:admin> switchShow switchName: sw2400a switchType: 3.4 switchState: Online

15.0 Storage Area Networks (SAN)

15.1.3.3. Redirecting syslogd on Brocade Switches
1. telnet to the switch as user 'admin': # telnet sw5 Trying 192.168.1.80... Connected to sw5. Escape character is '^]'. Fabric OS (cp0) cp0 login: admin Password: sw5:admin> 2. To view current setting: sw5:admin> syslogdIpShow syslog.IP.address.1: syslog.IP.address.2: syslog.IP.address.3: 3. To add a log host to the list: sw5:admin> syslogdIpAdd "192.168.1.60" 192.168.1.60 192.168.1.88 192.168.2.77

15.1.3.4. User Account Management on Brocade Switches
Starting with Fabric OS v3.2/4.4 you have the ability to add multiple user accounts. There are 4 default accounts: 1. 2. 3. 4. factory root admin user

You can administer up to 15 user accounts. User accounts can be specified as either admin or user level. You can have a maximum of 15 simultaneous sessions on the switch at any given time. You can add new users with the command:

Sun Proprietary & Confidential: Internal Use Only

Page 314

SSE Field Reference Guide

15.0 Storage Area Networks (SAN)

userconfig --add <user name> -r <role> -d <description> -e <yes|no> -r = specify <admin|user> as the role -d = specify a "descripton" in quotes -e = specify either enabled yes or no NOTE: Using this way, you need to be cautious. If you disable a user via CLI and the user is logged in they will be logged off. If you disable a user through Web Tools the user will not be logged off even though the GUI tells they will be. User the command: userconfig --show -a to list all users configured on the switch and their status.

15.1.3.5. Saving Brocade Switch configuration
This infodoc will explain how to Save your Brocade configuration to a host and then how to Restore The configuration file from a host. To save the configuration file you log on to the Brocade switch and run the configupload command. The syntax for the command is: broke28:admin>configupload "Host-ip-address", "host-user-name", "file-name" If the upload is done this way then it will try and rsh into the Host-ip-address. The host will have to have an entry in the .rhosts file of the "user" The second way of uploading the configuration is by doing the following: broke28:admin>configupload "Host-ip-address", "host-user-name", "file-name", "host-user-password" This command will use ftp to do the upload to the host. Example: broke28:admin> configupload "129.148.190.148" , "tape", "confignew.txt", "tape" upload complete broke28:admin> This example used the ftp method to upload the config. Then to download the config you will need to disable the switch. To disable the switch you use the switchdisable command broke28:admin> switchdisable This will change the status of the switch from ok to Marginal/Warning. You can then download the config using either rsh method or ftp method The following method will download the config using the rsh method. broke28:admin>configdownload ""Host-ip-address", "host-user-name", "file-name" The following method will download the config using the ftp method. broke28:admin>configdownload ""Host-ip-address", "host-user-name", "filename", "host-user-passwo

rd"

Sun Proprietary & Confidential: Internal Use Only

Page 315

SSE Field Reference Guide

15.0 Storage Area Networks (SAN)

Example: broke28:admin>configdownload "129.148.190.148", "tape", "config1.txt","tape" cfgEnable successfully completed Committing configuration...done. download complete You wil then need to enable the switch: broke28:admin> switchenable WARNING FW-STATUS_SWITCH, 3, Switch status changed from Marginal/Warning to HEALTHY/OK 10 9 8 7 6 5 4 3 2 1

Then configdownload will be complete.

15.1.4. Troubleshooting
15.1.4.1. Brocade Switches
Things to check.. Note: commands below are for sun/qlogic switches except where noted.
· · · ·

Did the port in question login to the fabric correctly? ( switchshow(brocade) or show port or show donor ) Is zoning and issue? (zoneshow(brocade) or zone list and zone members <zone name> or zoning list) What config is active on switch? (cfgshow(brocade) or zoneset active and zoneset list) To capture all support information on the brocade switch – use the supportshow command. In order to capture this large amount of output you must do the following: 1) start a script from the commandlin (#script /tmp/supportshow) 2) telnet to the switch (#telnet brocade2g) 3) execute supportshow command on the switch (brocade2g:user> supportshow) 4) logout of the switch (brocade2g:user> logout) 5) break the script session (# [ctrl-d]) 6) Script done, file is /tmp/supportshow Below is a sample of some of the swtich commands mentioned above.

·

NOTE: Each command example below is on a different switch so, check the prompt to see switch type ie brocade2g or sun2g. brocade2g:admin> switchshow switchName: switchType: switchState: switchMode: switchRole: switchDomain: switchId: switchWwn: switchBeacon: Zoning: port 0: id N2 port 1: id N2 (downstream) port 2: id N2 port 3: id N2 port 4: id N2 (downstream) port 5: -- N2 brocade2g162 9.2 Online Native Principal 2 fffc02 10:00:00:60:69:51:2e:35 OFF ON (active) No_Light Online E-Port 10:00:00:60:69:51:2e:61 "brocade2g164" Online No_Light Online No_Module Page 316 F-Port 21:00:00:e0:8b:07:ea:a6 E-Port 10:00:00:60:69:51:2e:b8 "brocade2g163"

Sun Proprietary & Confidential: Internal Use Only

SSE Field Reference Guide
port port port port port port port port port port 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: id -id -------N2 N2 N2 N2 N2 N2 N2 N2 N2 N2 Online No_Module Online No_Module No_Module No_Module No_Module No_Module No_Module No_Module

15.0 Storage Area Networks (SAN)
F-Port 21:01:00:e0:8b:27:ea:a6 F-Port 21:01:00:e0:8b:27:05:a7

Note: The N2 above indicates port logins of 2GBs. We also see the switch is cascaded with 2 others E-Port and list them as downstream meaning this is the domain principal and has a domain ID of 2. sun2g #> show port Port Number Speed ---------0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Admin State ----Online Online Online Online Online Online Online Online Online Online Online Online Online Online Online Online Operational Login State Status ----------- -----Offline Offline Offline Offline Offline Offline Offline Offline Offline Offline Offline Offline Offline Offline Offline Offline NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn NotLoggedIn Config Running Type Type ------ ------G G TL G G G G G G G G G G G G G Unknown Unknown TL Unknown Unknown Unknown Unknown Unknown Unknown Unknown Unknown Unknown Unknown Unknown Unknown Unknown Link State ----Inactive Inactive Inactive Inactive Inactive Inactive Inactive Inactive Inactive Inactive Inactive Inactive Inactive Inactive Inactive Inactive Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Auto Link

Above you can see we have a 16 port switch with no active ports. Before making any decision to change port types using the above commands, refer to the WWWW matrix, release notes and appropriate storage or SAN documentation on what port types should be used. Use 'portcfgshow' to identify any ports set from the above commands. sun2g #> portcfgshow Ports of Slot 1 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 -----------------+--+--+--+--+----+--+--+--+----+--+--+--+----+--+--+-Speed AN AN AN AN AN AN AN AN AN AN AN AN AN AN AN AN Trunk Port ON ON ON ON ON ON ON .. ON ON ON ON ON ON ON ON Long Distance .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. VC Link Init .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. Locked L_Port .. .. .. .. .. .. .. .. ON .. .. .. .. .. .. .. Locked G_Port .. .. .. .. .. .. .. .. .. ON .. .. .. .. .. .. Disabled E_Port .. .. .. .. .. .. .. .. .. .. ON .. .. .. .. .. ISL R_RDY Mode .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. Persistent Disable.. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. port 8 has been modified using portcfglport

Sun Proprietary & Confidential: Internal Use Only

Page 317

SSE Field Reference Guide
port 9 has been modified using portcfggport port 10 has been modified using portcfgeport

15.0 Storage Area Networks (SAN)

Brocade use the following port types as shown in 'switchshow' output (1) U - universal port (can become G,E, L or F port ) G - global port (can become F or E port only) E - expansion port (for Interswich link) L - loop port (public or private loop nodes) F - fabric port Some HBAs or storage devices may require a particular port setting, commands that affect the eventual port type outcome are:'portcfgeport' - enable or disable a port from becoming E-port 'portcfggport' - set the port as a G-port, so can only become E or F-port 'portcfglport ' - only >attempt< to initialise as loop (2) sun2g #> show donor Port Number -----0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Credit Pool: From above you can see no ports are donors so this wont prevent a device from loging in. brocade2g:admin> zoneshow Defined configuration: active priv_zone; shared_zone priv_zone private zone: shared_zone shared alias: private 1,6; 1,2; 2,2; 2,6; 3,3; 4,3 alias: shared 1,6; 1,2; 1,8; 2,6; 2,2; 2,8; 3,5; 4,5 Effective configuration: cfg: active zone: priv_zone 1,6 1,2 2,2 Sun Proprietary & Confidential: Internal Use Only Page 318 cfg: zone: Config Type -----G G TL G G G G G G G G G G G G G Ext Credit Requested ---------0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Max Credit Available ---------12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 Donated to Port ------None None None None None None None None None None None None None None None None

SSE Field Reference Guide
2,6 3,3 4,3 shared_zone 1,6 1,2 1,8 2,6 2,2 2,8 3,5 4,5

15.0 Storage Area Networks (SAN)

zone:

You can see the active zones above and the ports in each. This switch is zoned by ports (hard zoned). sun2g #> zone list Zone ZoneSet ------------------jz2 (no zonesets found) frank2 Frank frank jz1 (no zonesets found) frank1 Frank frank bob1_8-15 frank bob_0-7 frank sun2g16-1 #> zone members bob_0-7 Current list of members for Zone: bob_0-7 --------------------------------21:00:00:e0:8b:07:ea:a6 50:02:0f:23:00:00:30:44 Note: Zone bob_0-7 is soft zoned which contains the WWNs listed above. A quick way to list all zone members is with the below command sun2g #> zoning list Active ZoneSet Information ZoneSet Zone ZoneMember -------------------------------bob bob1_8-15 21:01:00:e0:8b:27:05:a7 21:01:00:e0:8b:27:ea:a6 50:02:0f:23:00:00:0c:ab 50:02:0f:23:00:00:2a:57 50:02:0f:23:00:00:2f:58 bob_0-7 21:00:00:e0:8b:07:ea:a6 50:02:0f:23:00:00:30:44 frank1 21:00:00:e0:8b:07:06:a7 50:02:0f:23:00:00:2a:7b frank2 21:00:00:e0:8b:07:e9:a6

Sun Proprietary & Confidential: Internal Use Only

Page 319

SSE Field Reference Guide

15.0 Storage Area Networks (SAN)

21:01:00:e0:8b:27:06:a7 50:02:0f:23:00:00:0c:aa 50:02:0f:23:00:00:30:96 50:02:0f:23:00:00:2d:44 Configured Zoning Information ZoneSet Zone ZoneMember -------------------------------bob bob1_8-15 21:01:00:e0:8b:27:05:a7 21:01:00:e0:8b:27:ea:a6 50:02:0f:23:00:00:0c:ab 50:02:0f:23:00:00:2a:57 50:02:0f:23:00:00:2f:58 bob_0-7 21:00:00:e0:8b:07:ea:a6 50:02:0f:23:00:00:30:44 frank1 21:00:00:e0:8b:07:06:a7 50:02:0f:23:00:00:2a:7b frank2 21:00:00:e0:8b:07:e9:a6 21:01:00:e0:8b:27:06:a7 50:02:0f:23:00:00:0c:aa 50:02:0f:23:00:00:30:96 50:02:0f:23:00:00:2d:44 The above lists all configuration zoninig information as well as the active zonesets, zones and there perspective members. You can see this switch is soft zoned by WWNs. brocade2g:admin> cfgshow Defined configuration: cfg: active priv_zone; shared_zone zone: priv_zone private zone: shared_zone shared alias: private 1,6; 1,2; 2,2; 2,6; 3,3; 4,3 alias: shared 1,6; 1,2; 1,8; 2,6; 2,2; 2,8; 3,5; 4,5 Effective configuration: cfg: active zone: priv_zone 1,6 1,2 2,2 2,6 3,3 4,3 zone: shared_zone 1,6 1,2 1,8 2,6 2,2 2,8 3,5 4,5 The active config is called active and contains zones priv_zone and shared_zone.

Sun Proprietary & Confidential: Internal Use Only

Page 320

SSE Field Reference Guide
sun2g #> zoneset list Current list of ZoneSets -----------------------bob sun2g #> zoneset active The active ZoneSet is: bob

15.0 Storage Area Networks (SAN)

Brocade Diagnostic Testing
Brocade diagnostic tests can be classified into Circuit Tests and Functional Tests. Diagnostic tests let you know that the switch itself is normally functional and that operations you run on it will work. If circuit tests fail, replace the switch. If functional tests fail, the problem needs to be further isolated to SFPs/GBICs, cable or the switch. Note: For crossPortTest, spinSilk and loopPortTest, the cables and the SFPs connected should be of the same technology. That is, a short wavelength SFP port is connected to another short wavelength SFP port through a short-wavelength cable, a long wavelength port is connected to a long wavelength port, and a copper port is connected to a copper port. portLoopbackTest – used to verify bad port when other tests fail a) Functionally tests the switch by sending frames from the port N’s transmitter and back to the same port N’s receiver via the serial loopback of the ASIC. b) To run this test, an external fiber cable is not required. c) To run this test, the switch must be disabled. d) The test path does not include the SFP and the fiber cable. e) The results from this test combined with the results of crossPortTest and spinSilk can be used to determine which components of the switch are faulty. crossPortTest – used online or offline to test cables, SFPs and switch ports a) Similar to the portLoopbackTest except that the loopback is done via an external fiber cable. b) Functionally tests the switch by sending frames from port M’s transmitter and looping them back through an external fiber cable into port N’s receiver. c) This test exercises all the switch components, from the main board, to the media, to the fiber cable, to the media, and back to the main board. d) To run this test, external fiber cables are required. e) For best coverage, connected ports should be from different ASICs. f) This test can be run in SwitchEnable or SwitchDisable Mode. In online mode, only ports that are cable loopbacked to ports in the same switch are tested. Ports connected outside of the switch is ignored. In offline mode, all ports are assumed to be cable loopbacked to different ports in the same switch. If one or more ports are not connected, the test aborts. g) The results from this test combined with the results of portLoopbackTest and spinSilk can be used to determine which components of the switch are faulty. spinSilk – used like a burn-in test to force a suspected problem to occur with switch offline (tests cables, SFPs and switch ports) a) Functionally tests the switch such that frames received by port M are retransmitted through port N. Likewise frames received by port N are retransmitted through port M. b) To run this test, an external fiber cable is required. c) To run this test, the switch must be disabled. d) The results from this test in conjunction with the results from crossPortTest and portLoopbackTest can be used to determine which components of the switch are not functioning properly. spinFab – used to test ISLs and SFPs between switches a) Set the routing hardware such that test frames received by each E_Port retransmit on the same E_Port. Next, send several frames to the neighbor port attached to each active E_Port specified. b) This test is best combined with the online crossPortTest for ISL link-failure isolation. If this test fails, replace the cable with a loop-back plug and run crossPortTest to verify the local switch and media. If these Sun Proprietary & Confidential: Internal Use Only Page 321

SSE Field Reference Guide

15.0 Storage Area Networks (SAN)

pass, the fault lies in the cable or remote switch and media. loopPortTest – used online or offline to test loop devices and SFPs/GBICs and switch ports that are part of a loop a) Functionally tests the switch by sending frames from port M’s transmitter and looping the frames back through an external fiber cable, including all devices on the loop, into port M’s receiver. b) This test exercises all the switch components, from the main board, to the SFP, to the fiber cable, to the SFPs (of the devices and the switch), and back to the main board.

15.1.4.2. McData Switches
Below are a few commands you can run on the McData switches to get information or you can have the customer run the McDataxtr perl script that will gather the data needed to trouble shoot most McData problems: SHOW SYSTEM =========== System Information Name: md6064-2g Description: Fibre Channel Director Contact: Tom Gray Location: Sun Microsystems Date/Time: 08/18/2003 20:22:24 Serial Number: FJ04086 Type Number: 006064 Model Number: 001 EC Level: Firmware Version: 04.01.00 12 Beaconing: Disabled SHOW SWITCH =========== Switch Information State: Online BB Credit: 16 R_A_TOV: 100 E_D_TOV: 20 Preferred Domain ID: 29 Switch Priority: Default Speed: 2 Gb/sec Rerouting Delay: Disabled Operating Mode: Open Systems Interop Mode: Open Fabric 1.0 Active Domain ID: 29 World Wide Name: 10:00:08:00:88:A0:CC:4C Insistent Domain ID: Disabled Domain RSCN: Disabled SHOW PORT STATUS ================ Port State Type Attached WWN Beaconing Reason ---- ------------------ ----- ----------------------- --------- -----0 Online fPort 10:00:00:00:C9:27:28:5D Off 1 Online fPort 10:00:00:00:C9:2B:8E:EF Off 2 Online fPort 50:06:0E:80:03:27:7A:10 Off 3 Online fPort 50:06:0E:80:03:27:7A:00 Off 4 Online fPort 21:35:00:01:5D:00:93:00 Off 5 Online fPort 21:01:00:E0:8B:24:29:C7 Off 6 No Light gPort 00:00:00:00:00:00:00:00 Off 7 No Light gPort 00:00:00:00:00:00:00:00 Off 8 No Light gPort 00:00:00:00:00:00:00:00 Off 9 Online fPort 21:00:00:E0:8B:09:E7:8D Off 10 No Light gPort 00:00:00:00:00:00:00:00 Off

Sun Proprietary & Confidential: Internal Use Only

Page 322

SSE Field Reference Guide
11 12 13 14 62 63

15.0 Storage Area Networks (SAN)
Off Off Off Off Off Off

No Light gPort 00:00:00:00:00:00:00:00 Online fPort 21:00:00:E0:8B:07:54:B7 Online fPort 21:01:00:E0:8B:27:54:B7 Online fPort 21:00:00:E0:8B:04:D5:B2 --- cut short for brevity ---Not Installed gPort 00:00:00:00:00:00:00:00 Not Installed gPort 00:00:00:00:00:00:00:00 SHOW NAMESERVER =============== Port Name

Type Port Id Node Name COS FC4 Types ---- ------- ----------------------- ----------------------- -----------fPort 7D0413 20:00:00:00:C9:27:28:5D 10:00:00:00:C9:27:28:5D 2-3 2 fPort 7D0513 20:00:00:00:C9:2B:8E:EF 10:00:00:00:C9:2B:8E:EF 2-3 2 fPort 7D0613 50:06:0E:80:03:27:7A:10 50:06:0E:80:03:27:7A:10 3 2 fPort 7D0713 50:06:0E:80:03:27:7A:00 50:06:0E:80:03:27:7A:00 3 2 fPort 7D0813 21:00:00:01:5D:00:93:00 21:35:00:01:5D:00:93:00 3 2 fPort 7D0913 20:01:00:E0:8B:24:29:C7 21:01:00:E0:8B:24:29:C7 3 2 fPort 7D0D13 20:00:00:E0:8B:09:E7:8D 21:00:00:E0:8B:09:E7:8D 3 2 fPort 7D1013 20:00:00:E0:8B:07:54:B7 21:00:00:E0:8B:07:54:B7 3 2 fPort 7D1113 20:01:00:E0:8B:27:54:B7 21:01:00:E0:8B:27:54:B7 3 2 fPort 7D1213 20:00:00:E0:8B:04:D5:B2 21:00:00:E0:8B:04:D5:B2 3 2 fPort 7D1313 20:01:00:E0:8B:24:D5:B2 21:01:00:E0:8B:24:D5:B2 3 2 fPort 7D1813 20:00:00:E0:8B:04:29:C7 21:00:00:E0:8B:04:29:C7 3 2 fPort 7D1913 21:00:00:01:5D:00:93:00 21:45:00:01:5D:00:93:00 3 2 fPort 7D1B13 20:60:00:C0:FF:00:00:32 21:60:00:C0:FF:00:00:32 3 N/A 0. ISO/IEC 8802-2 LLC 1. ISO/IEC 8802-2 LLC/SNAP 2. SCSI-FCP 3. SCSI-GPP 4. IPI-3 Master 5. IPI-3 Slave 6. IPI-3 Peer 7. CP IPI-3 Master 8. CP IPI-3 Slave 9. CP IPI-3 Peer 10. SBCCS-Channel 11. SBCCS-Cntrl Unit 12. FC Srvcs 13. FC-FG 14. FC-XS 15. FC-AL 16. SNMP 17. HIPPI-FP 18. Vendor Unique SHOW ZONING =========== Active Zone Set Default Zone Enabled: False Zone Set: md6064-1g Zone: ESM1 Zone Member: 21:01:00:E0:8B:2A:73:E3 Zone Member: 50:06:0E:80:03:9C:80:00 Zone: ESM2 Zone Member: 21:00:00:E0:8B:0A:73:E3 Zone Member: 50:06:0E:80:03:9C:80:10 Zone: fc_minnow

Sun Proprietary & Confidential: Internal Use Only

Page 323

SSE Field Reference Guide
Zone Zone Zone Zone Zone: Zone Zone Zone Zone Zone: Zone Zone Zone Zone Zone Zone Zone: Zone Zone Zone Zone Zone: Zone Zone Zone Zone Member: Member: Member: Member: gty482 Member: Member: Member: Member: minnow1 Member: Member: Member: Member: Member: Member: PSX-1A Member: Member: Member: Member: PSX-1B Member: Member: Member: Member: 21:00:00:E0:8B:07:9F:2F 21:01:00:E0:8B:28:54:ED 21:60:00:C0:FF:00:00:32 22:60:00:C0:FF:20:00:32 10:00:00:00:C9:27:28:5D 10:00:00:00:C9:2B:8E:EF 50:06:0E:80:03:27:7A:00 50:06:0E:80:03:27:7A:10 21:00:00:E0:8B:09:E7:8D 21:00:00:E0:8B:09:76:D2 21:60:00:C0:FF:80:0D:B6 22:60:00:C0:FF:A0:0D:B6 25:60:00:C0:FF:C0:0D:B6 26:60:00:C0:FF:E0:0D:B6 21:00:00:E0:8B:04:D5:B2 21:00:00:E0:8B:04:29:C7 21:00:00:E0:8B:07:54:B7 21:35:00:01:5D:00:93:00 21:01:00:E0:8B:24:D5:B2 21:01:00:E0:8B:24:29:C7 21:01:00:E0:8B:27:54:B7 21:45:00:01:5D:00:93:00

15.0 Storage Area Networks (SAN)

15.1.4.3. Server Side Troubleshooting:
1. luxadm fcode -p (lists SUN/QLOGIC HBAs and firmware on each). Found Path to 0 FC/S Cards Complete Found Path to 0 FC100/S Cards Complete Found Path to 8 FC100/P, ISP2200, ISP23xx Devices Opening Device: /devices/pci@1f,4000/pci@5/SUNW,qlc@4/fp@0,0:devctl Detected FCode Version: ISP2200 FC-AL Host Adapter Driver: 1.13 01/03/05 Opening Device: /devices/pci@1f,4000/pci@5/SUNW,qlc@5/fp@0,0:devctl Detected FCode Version: ISP2200 FC-AL Host Adapter Driver: 1.13 01/03/05 2. luxadm -e port (Here you would be looking for a connected status for your device in question. If not connected check hardware and Switch ZONING) /devices/pci@1f,4000/SUNW,qlc@4/fp@0,0:devctl CONNECTED /devices/pci@1f,4000/SUNW,qlc@4,1/fp@0,0:devctl CONNECTED /devices/pci@1f,4000/pci@5/SUNW,qlc@4/fp@0,0:devctl NOT CONNECTED /devices/pci@1f,4000/pci@5/SUNW,qlc@5/fp@0,0:devctl NOT CONNECTED 3. luxadm -e dump_map /devices/pci@1f,4000/SUNW,qlc@4/fp@0,0:devctl (path is from above command) Pos Port_ID Hard_Addr Port WWN Node WWN Type 0 21600 0 210100e08b27eaa6 200100e08b27eaa6 0x1f (Unknown Type) 1 21800 0 210100e08b2705a7 200100e08b2705a7 0x1f (Unknown Type) 2 313bc 300bc 50020f2300002a7b 50020f2000002a7b 0x0 (Disk device) 3 31500 050020f2300000caa 50020f2000000caa 0x0 (Disk device) 4 413ba 400ba 50020f2300003044 50020f2000003044 0x0 (Disk device) 5 41500 0 50020f2300000cab 50020f2000000cab 0x0 (Disk device) 6 21200 0 210000e08b07eaa6 200000e08b07eaa6 0x1f (Unknown Type,Host Bus Adapter) 4. cfgadm -al (View what fabric devices are seen and configured and their condition)

Sun Proprietary & Confidential: Internal Use Only

Page 324

SSE Field Reference Guide
Ap_Id Condition c5 c5::50020f2300000cab c5::50020f2300002a7b c5::50020f2300003044 c6 Type fc-fabric disk disk disk fc-private

15.0 Storage Area Networks (SAN)
Receptacle connected connected connected connected connected Occupant unconfigured configured configured configured unconfigured unknown unknown unknown unknown unknown

Devices using the Leadville driver stack have to be configure here for the OS to see them. To configure a device run cfgadm -c configure c# or for a specific device cfgadm -c configure c5::50020f2300000cab To list out luns under each device run: 5. cfgadm -o show_FCP_dev -al (very handy when troubleshooting lun issues). Ap_Id Condition c5 c5::210000e08b07eaa6 c5::210100e08b2705a7 c5::50020f2300000caa,1 c5::50020f2300000caa,3 c5::50020f2300000caa,5 c5::50020f2300000caa,7 c5::50020f2300000caa,9
· · · · · ·

Type fc-fabric unknown unknown disk disk disk disk disk

Receptacle connected connected connected connected connected connected connected connected

Occupant unconfigured unconfigured unconfigured configured configured configured configured configured unknown unknown unknown unknown unknown unknown unknown unknown

15.1.4.4. Storage Side Troubleshooting
Are the luns mapped properly? (lun map list(T3)) Are you using lun masking? (lun perm list (T3)) Are the luns available? (vol stat (T3)) What is the WWN of the ports? (port list (T3)) Is there persistant binding? (check sd.conf, jnic.conf, qlc.conf & ssd.conf to name a few.) If using JNI card what does EZFibre GUI show? (/opt/jni/ezfibre/standalone/ezf Must be installed).

Sun Proprietary & Confidential: Internal Use Only

Page 325

SSE Field Reference Guide

Appendix A - T3 & 6x20 “dot” Commands

Appendix A - T3 & 6x20 “dot” Commands
Dot commands such as .vol, .bat, and .id, which were readily available in1.x and 2.x versions of the T3 firmware, are now password protected on the T3+ and 6020/6120 Array (Maserati) when firmware level 3.1.2 or later is loaded. Access to "dot" commands has been password protected in order to restrict their use to Sun service personnel. Use of these commands may be requiredwhen performing system maintenance such as replacing the battery. They may also be required when performing certain recovery procedures. To access these "dot" commands: 1. Connect to the Array using a serial cable or a telnet connection. 2. Login as root. 3. Check the version of the firmware by issuing the ver command. t4b:/:<1>ver 6120 Release 3.1.2 Fri Dec 19 14:49:54 PST 2003 (192.168.0.42) Copyright (C) 1997-2003 Sun Microsystems, Inc. All Rights Reserved. 4. If the version is 3.x.x or greater, use the "sun" command to gain access to the dot commands. t4b:/:<2>sun Password: arrayservice sun: commands enabled The “dot” commands: .bat .bat -i u[12]pcu[12] .bat -n u[12]pcu[12] The -i option will clear the battery warrenty date. The -n option sets up the install week and year using todays date. .disp .disp pos .disp ts .disp type The 'pos' command will show the physical slots and the systems view of those drives. A perfect match should be seen otherwise the system believes a drive is in location that it's not. array00:/:<10>.disp pos U1 U2 U3 U4 ---------- ------- ------- -------s01: u1d01 u2d01 u3d01 u4d01 s02: u1d02 u2d02 u3d02 u4d02 s03: u1d03 u2d03 u3d03 u4d03 s04: u1d04 u2d04 u3d04 u4d04 s05: u1d05 u2d05 u3d05 u4d05 s06: u1d06 u2d06 u3d06 u4d06 s07: dummy dummy dummy dummy s08: dummy dummy dummy dummy s09: dummy dummy dummy dummy Sun Proprietary & Confidential: Internal Use Only Page 326

SSE Field Reference Guide
s10: s11: s12: s13: s14: dummy dummy dummy dummy u1d14 dummy dummy dummy dummy u2d14 dummy dummy dummy dummy u3d14 dummy dummy dummy dummy u4d14

Appendix A - T3 & 6x20 “dot” Commands

'ts' will show the timestamps that are stored in the label area of each drive. 'type' indicates if the drive has a valid label with 'Labeled'. If the sysarea is valid, it must also have a valid label, then 'Sysarea' will be display. array00:/:<16>.disp type U1 U2 --------------------- ---------------d01: Sysarea Sysarea d02: Sysarea Sysarea d03: Sysarea Sysarea d04: Sysarea Sysarea d05: Sysarea Sysarea d06: Sysarea Sysarea d07: dummy dummy d08: dummy dummy d09: dummy dummy d10: dummy dummy d11: dummy dummy d12: dummy dummy d13: dummy dummy d14: Sysarea Sysarea .ondg .ondg [-y] test u{12}l{12} [count n] .ondg [-y] find u{12}l{12} Online version of diagnostic checks .ofdg [-y] health_check .ofdg [-y] fast_test u{12}l{12} .ofdg [-y] fast_find u{12}l{12} .ofdg [-y] find u{12}l{12} Offline version of diagnostic checks .pfstart .pfstart nccb [nscb [nset]] .pfstart -1 nccb .pfstart -2 nccb [nscb] .pfstart -3 nccb [nscb [nset]] Performance tracing. Level 1 traces Command Control Blocks, level 2 adds Stripe Control Blocks to the mix, and level 3 adds Command Sets. There must be at least twice as many nset as nscb's. That also applies to the ratio between nscb and nccb's. The Performance tracing commands are not enabled by default and require a special engineering build to actually do anything. .pfstop Stop PF tracing. .pffree U3 U4 -----------------------Sysarea Sysarea Sysarea Sysarea Sysarea Sysarea Sysarea Sysarea Sysarea Sysarea Sysarea Sysarea dummy dummy dummy dummy dummy dummy dummy dummy dummy dummy dummy dummy dummy dummy Sysarea Sysarea

.ofdg

Sun Proprietary & Confidential: Internal Use Only

Page 327

SSE Field Reference Guide
Frees dynamic memory allocated for PF tracing .pfdisp .pfdisp -1 .pfdisp -2 .pfdisp -3

Appendix A - T3 & 6x20 “dot” Commands

Displays the tracing information. At this time the arguments are noops. .probe .loc Calls low level pPROBE entry point in pSOS kernel. .loc list .loc rm dev 0|[1-14] The 'list' option will dump some internal state information about the mirrored configuration block. The 'rm' command removes the label by writing zero across the information present. auggie:/:<6>.loc list Local Volume ------------------------------Enclosure Id : 1 Slice : 2 Raid Level : 1 Stripe Unit Size: 512 Block Size : 512 Mounted : Yes Start Block : 16493 End Block : 57453 Partition Size : 40960 .sim .sim -f|-s num 0|1|2 pause .sim -f|-s num 0|1|2 resume .sim -f|-s num 0|1|2 rd .sim -f|-s num 0|1|2 wt [data ] .sim -f|-s num 0|1|2 mb <#0 [#1 #2 #3]> .sim -f|-s num 0|1|2 mbx <#0 [#1 #2 #3 #4 #5 #6 #7]> .sim -f|-s num 0|1|2 getmode .sim -f num 0|1|2 getmap .sim -f num 0|1|2 linkstat .sim -f num 0|1|2 getrniddata .sim -f num 0|1|2 dump .sim -f num 0|1|2 offline .sim -f num 0|1|2 online .sim -f num 0|1|2 reset .sim -f num 0|1|2 simstat .sim -f num 0|1|2 alpa2id .sim -f num 0|1|2 getpdg .cfg .cfg use buff|dram .cfg log 0|1|2|3|4 .cfg bypass 0|1

Sun Proprietary & Confidential: Internal Use Only

Page 328

SSE Field Reference Guide
.cfg fhs 0|1 .cfg fatalreset 0|1 .cfg flushes .cfg open|close u1p{1|2|3}c{1|2} .cfg perf 0|1

Appendix A - T3 & 6x20 “dot” Commands

The 'use' subcommand causes disk read and writes to the cache when 'buff' is used as an argument. The I/O occurs to the CPU memory if 'dram' is given. There are internal checks which will panic the system if the wrong value is given. Under most conditions 'buff' is the desired result. log allows someone to control the level of messages which are added to the syslog. The higher the value the more verbose the messages become. Here's what the values mean. 0 = no messages 1 = only error messages 2 = add warning messages 3 = plus notice messages 4 = debug messages The 'bypass' command can be used to prevent any disk drive reads or writes. fhs' is Fast Host Sim. Used to pick the correct configuration table when issuing commands. 1 while enable the FHS functions otherwise the default is used. Normal on a fatal error the system will reset itself. If fatalreset is set to 0 the pSOS probe entry point will be called. Normally 20 stripes can be flushed from the cache in between commands. The 'flushes' subcommand can change this value. No bounds checking is done. The open and close commands allow modification of the access to either channel on one of the three qlogic ports. perf' starts (1) the testing of the ISP2100 target mode using fake I/O. 'perf' with 0 stops the testing. .id .id read [options] .id write [options] .id range has one of the following patterns: u{1-8}c1 u{1-8}l{1|2} u{1-8}pcu{1|2} u{1-8}b{1|2} [options] are one of the following: static dynamic all config -g : get, no arguments -s : set, no arguments -a : alternate prom, local only, -f : same as above -o : 0x1800, strtol(..base=0) format -l : 0x200, strtol(..base=0) format -v : l0x1234abcd for long, or : w0x1234 for word, or : b0xab for byte examples: auggie:/:<14>.id range -sfg u1c1 -o 0x200 -l 0x40 -v l0x1234abcd auggie:/:<14>.id range -gaf u1c1 -o 0x0 -l 0x40 Sun Proprietary & Confidential: Internal Use Only Page 329

SSE Field Reference Guide

Appendix A - T3 & 6x20 “dot” Commands

This command either reads or writes the FRUID information from the SEEPROM. Here's a typical display of the information provided. auggie:/:<14>.id Description: Short Name: Serial Number: Part Number: Dash Level: Rev Level: Vendor Name: Manufacture Loc: Timestamp: read u1c1 ASSY, PURPLE2, CONTROLLER BD T3B-Cntlr 110457 5015710 02 51 0x301 SOLECTRON,MILPITAS,CA Tue Mar 05 03:47:56 GMT 2002

Note: The options of static, dynamic, all, and config dump the information in in ascii hex. .size .size recon Set the reconstruction size of any volumes created. By using a small size commands like 'vol init' complete in a much shorter time. This command is dangerous to use in anything but a test environment. .stat .stat cache .stat xfer .stat port .stat sys .stat prog Display statistics about the cache and transfers based on the FAC. The FAC value is comprised of two groups of 10 for the T3B or two groups of 16 for the T4. In either case the group number is encoded in the upper nibble with group 1 being encoded as 0x10 not 0x00 as you might think. The 'port' option gives statistics on just what you would expect. The incomming requests from the FC. The option 'sys' while enabled doesn't do anything. The 'prog' option returns the number of commands in progress on port 0. .disk spindown .disk spinup .disk -f format .disk version .disk download .disk mkhard lba .disk mksoft lba .disk reassign lba .disk glist .disk plist .disk softerr .disk harderr .disk gettune .disk settune stack {num} .disk setpath 0|1 .disk setfail 0|1 .disk pathstat .disk failover .disk failback .disk loopdown path .disk loopup path Sun Proprietary & Confidential: Internal Use Only Page 330

.disk

SSE Field Reference Guide
.disk linkstat path .disk tmon_list .disk tmon_over .disk tmon_warn .disk tmon_ref .disk bypass path .disk unbypass path The is of the format uXdX or uXdX-Y.

Appendix A - T3 & 6x20 “dot” Commands

'spindown' attempts to remove power from the drives motor such that when the device is pulled from the system the user isn't holding a gyroscope in their hands. 'spinup' attempts to enable the motor on the drive so that disk accesses can occur. 'format' performs a track level formatting of the drive. The -f option is used on drives which don't appear to be valid, but do exist in the system. 'version' shows the firmware version of the drives. This is the same as the normal 'disk version' command. 'download' allows system administrators to load new versions of drive firmware. Same as the 'disk download' command. 'mkhard' creates a hard disk error at the given block number on the disk(s). 'mksoft' creates a soft disk error at the given block number on the disk(s). 'reassign' uses the SCSI reassign command to deal with the given block. 'plist' and 'glist' display their respective error lists ithe following format. auggie:/:<5>.disk plist u1d1 DISK PLIST -----------u1d01 836 softerr' and 'harderr' show two different error lists in the following format: auggie:/:<9>.disk harderr u1d1 DISK HARDERR -------------u1d01 0x0 'gettune' displays the tunable SCSI disk parameters such as queue depth (stack) and path policy. auggie:/:<25>.disk gettune u1d1 DISK STACK_LEVEL PATH_POLICY FAIL_POLICY -----------------------------------------u1d01 8 APATH PATH 'settune' allows you to change the depth of the queue of commands which can be fired at one time. 'setpath' controls which path is used to the disk. The primary (0) or alternate (1). 'setfail' controls if a failover can occur. If set to 1 normal failover is used. If 0 no failover will occur. 'pathstat' displays information about the current path policy to the disk drive. 'failover' cause a fail over from primary to alternate path. 'failback' return to primary path. 'loopdown' causes the loop for the drive to drop which uses the given path. 'loopup' enables the loop which was previously down. 'linkstat' provides information about the link to a given disk. auggie:/:<27>.disk linkstat u1d1 path 0 DISK LINKFAIL LOSSSYNC LOSSSIG PROTOERR INVTXWORD INVCRC -------------------------------------------------------u1d01 1 5 0 0 1078 0

Sun Proprietary & Confidential: Internal Use Only

Page 331

SSE Field Reference Guide

Appendix A - T3 & 6x20 “dot” Commands

'tmon_list' gives information about the temperature monitoring for the drives. auggie:/:<28>.disk tmon_list u1d1-2 DISK REF WARN OVER ---------------------------------------u1d01 0 0 0 u1d02 0 0 0 'tmon_over' sets the over temperature limit. 'tmon_warn' sets the warning temperature limit. 'tmon_ref' allows someone to set the reference temperature. 'bypass' causes the path of the specific drive to be bypassed. 'unbypass' undoes the bypass command. .port .port list .port set u{1|2}p{1|2|3} |soft> .port host u{1|2}p{1|2|3} sun|other .port map u{1|2}p{1|2|3} lun {0-15} primary|failover [sun] .port unmap u{1|2}p{1|2|3} lun {0-15} .port listmap [u{1|2}p{1|2|3}] This command is the same as the port command with the exception of the 'map' and 'unmap' options. The 'map' option changes the mode of a lun to be either the primary or failover path. .vol .vol list [] .vol stat [] .vol mode [] .vol add data raid 0|1|5 [standby] .vol init data|sysarea|fast [rate <1-16>] .vol mount .vol unmount .vol [-y] remove .vol verify [fix] [rate <1-8>] .vol recon [to_standby | from_standby] .vol disable [to_standby] The options are the same with the .vol command as they are with the normal vol command. The difference is that when using the 'init' option 'fast' can be specified on all raid levels, not just RAID 0. .ep .ep netload1 .ep netload2 .ep netload3 .ep netloadp .ep invalidate l 2|3|p s 1|2 .ep info The netload options read a file from the network using TFTP and directly program the flash rom of the particular level that's specified by the option name. There are two images of each level stored in the flash. The 'invalidate' options sets the code signature to so that the system will not use that copy to boot from. 'info' provides version information for all levels of firmware. Sun Proprietary & Confidential: Internal Use Only Page 332

SSE Field Reference Guide

Appendix A - T3 & 6x20 “dot” Commands

Auggie:/:<28>.ep info P2L1 section 1: Code size=000008ec chksum=fb920489 base=fff00000 start=fff00100 Code version=0200 subrevision= date=20010420 time=16184000 Header counter=fffffffb chksum=7e425f44 .sys .sys stat .sys blocksize 16k|32k|64k .sys cache auto|writebehind|writethrough|off .sys mirror auto|off .sys naca on|off .sys mp_support none|rw|mpxio|std .sys rd_ahead on|off .sys recon_rate high|med|low .sys enable_volslice .sys fc_topology auto|loop|fabric_p2p .sys autodisable on|off .sys autorecon on|off .sys loop1_split auto|off .sys idle_disk_timeout <0-24> .sys tmon_over <0-80> .sys tmon_warn <0-80> .sys tmon_ref <0-80> .sys tmon_poll_interval <0-10> .sys tmon_warn_interval <0-24> .sys offline .sys online .sys list The following have the same usage as the normal sys command.stat, blocksize, cache, mirror, naca, mp_support, rd_ahead, recon_rate, enable_volslice, fc_topology 'autodisable' is used with the online diagnostics to automatically fail a drives if certain failure thresholds have been exceeded. It is also used to disable the software if a disable event has been seen. 'autorecon' controls the automatic reconstruction of a drive when it's been inserted into the system. 'loop1_split' controls the systems ability to split the loop. 'idle_disk_timeout' is set to some number of hours. If the drive hasn't been used within that time period a read and seek operation are done to see if the drive is still healthy. 'tmon_over' is the over temperature setting used for all disks if there's not a specific one set for an individual disk. 'tmon_warn' is the warn threshold at the general level for disks. 'tmon_ref' is the reference temperature. 'tmon_poll_interval' is used by the ondg subsystem when polling for temperatures. The value is in minutes. 'tmon_warn_interval' indicates how often the system should print a warning message about temperature thresholds being exceeded. 'offline' turns off the heartbeat checking. 'online' turns on the heartbeat checking. array00:/:<140>.sys list controller : 2.5 blocksize : 64k cache : auto mirror : auto mp_support : mpxio naca : off rd_ahead : 2 Sun Proprietary & Confidential: Internal Use Only Page 333

SSE Field Reference Guide
recon_rate sys memsize cache memsize fc_topology fc_speed autodisable autorecon loop1_split idle_disk_timeout ondg ondg_tm_slice tmon_over_temp tmon_warn_temp tmon_ref_temp tmon_poll_interval tmon_warn_interval .set .set bootmode auto|tftp|none .set bootdelay .set tip .set netmask .set gateway .set tftphost .set tftpfile .set hostname .set timezone .set spindelay <0..> .set logto 1|*|filename .set loglevel 0|1|2|3|4 .set logmask .set rarp on|off : : : : : : : : : : : : : : : :

Appendix A - T3 & 6x20 “dot” Commands
8 128 MBytes 1024 MBytes fabric_p2p 2Gb on on auto 8 off 5 60 55 50 1 8

The only difference between the dot command and the normal version are the spindelay and logmask options. spindelay is the number of seconds for the driver to wait during initialization for the drive to come online. It's possible to use the logmask to only enable certain messages to be sent to the syslog daemon. Knowledge of the code is required to understand what bits will indicate which messages are displayed. margin margin -e encid -l low|off|high Adjusts the power supply margining on the T4. This command may not be part of the 3.0 release because hardware engineering is still deciding if the feature should continue to be manufacturered into the hardware. rnid rnid [-i ip_addr] [-p port] [-n host] [-l] The -l option will list the ip, port, and hostname stored in NVRAM which make up a RNID packet. The other options set the corresponding fields. .lpcrd [ [ []]] .lpcwr Issues a low level loopcard register read. This command is a debugging aid for the loopcard engineers.

.lpcrd

Sun Proprietary & Confidential: Internal Use Only

Page 334

SSE Field Reference Guide
.lpcwr []

Appendix A - T3 & 6x20 “dot” Commands

Performs register write operation to both paths. Debugging command. .lpcmrd .lpcmrd [ ] Command currently is a noop on T4 arrays. Issues a memory read operation to the loopcard. .lpc .lpc version .lpc start .lpc stop .lpc download u{1-8}l{1|2} .lpc reboot u{1-8}l{1|2} .lpc rsterr u{1-8}l{1|2} .lpc fread u{1-8}l{1|2} .lpc fwrite u{1-8}l{1|2} .lpc finvalid u{1-8}l{1|2} 0x8000|0xc000 .lpc ferase u{1-8}l{1|2} .lpc property u{1-8}l{1|2} .lpc rtemp u{1-8}l{1|2} .lpc ledtest u{1-8}l{1|2} .lpc preset u{1-8}l{1|2} .lpc test l{1|2} 'version' displays the version information of the loopcard. auggie:/:<31>.lpc version LOOP A Enclosure 1 5.2 Enclosure 2 5.2 LOOP B 5.2 5.2

'start' and 'stop' are pretty obvious in their function. 'download' updates the firmware on the loopcard. 'reboot' causes the loopcard to reboot. 'rsterr' resets the error counters. 'fread', 'fwrite', 'finvalid', 'ferase', and 'property' are currently disabled and do nothing. 'rtemp' reads the temperature sensors on the loopcard. auggie:/:<35>.lpc rtemp u1l1 Temperature = 0.0 C Temperature = 0.0 C 'ledtest' causes the loopcard to run through a LED test. 'preset' sends a extended preset command to the loopcard. Unknown functionality. 'test' causes the loopcard to enter a special test modes. .lpctest lpctest l{1|2} Current test is a noop on T4 arrays. Runs a set of simple diagnostic commands on loopcard. The array must be configured as a single brick because a loopback cable must be attached to run the tests. .lpcstat Noop on T4 arrays. .loop

Sun Proprietary & Confidential: Internal Use Only

Page 335

SSE Field Reference Guide

Appendix A - T3 & 6x20 “dot” Commands

.loop stat .loop set .peek .philechk pSOS file system checking utility. .poke .poke [ []] Poke the hex pattern into cache memory. The pattern is a 32bit value and the size is in bytes. size defaults to four bytes. If a pattern is not given then the location address is stored in the location. .mcdk There are four commands which can be sent to a slot (aka disk) in each enclosure. 1 = bypass the drive 2 = enable drive 3 = set busy LED 4 = set OK LED .mclp The valid command numbers are the following: 6 = Set the MUX which uses the forth argument in the following manner. 0 = Isolated 1 = Bottom 2 = Top 3 = Middle 7 = Force bypass of a controller. 8 = Disable bypass of a controller. 14 = Set a controller as master 15 = Execute a poll of loopcard to check status. .mcps Executes PCU commands to LPC. The following are valid commands: 1 = Start a battery refresh cycle 2 = Stop a battery refresh cycle 3 = Enable PCU 4 = Disable PCU The ps_id is the PCU number with valid values being 1 and 2. .mclc Executes loop card commands to LPC. Commands available are: 1 = Start loopcard communication 2 = Disable loopcard 3 = Enable loopcard Executes controller commands to LPC. Commands available are: 3 = Assert Watchdog Timer 4 = Disable Watchdog Timer 5 = Set SCSI address using .wwn Sun Proprietary & Confidential: Internal Use Only Page 336

.mcct

SSE Field Reference Guide

Appendix A - T3 & 6x20 “dot” Commands

Displays the various world wide numbers available on the array. auggie:/:<11>.wwn Master(u1) WWN : 0x50 0x02 0x0f 0x23 0x00 0x01 0xaf 0x79 Alternate(u2) WWN: 0x50 0x02 0x0f 0x23 0x00 0x01 0xaf 0x79 System WWN : 0x60 0x02 0x0f 0x20 0x00 0x00 0x5d 0x40 .diag Allow various tests to be run. Here's the menu which is displayed. auggie:/:<37>.diag DIAGNOSTICS MENU CO: Configure options for Diagnosis MM: Memory Diagnostic Menu DM: Data Path Diagnostic Menu XM: Xor Diagnostic Menu XB: Xor BringUp Menu IM: QLOGIC ISP Chip Diagnostic Menu RS: Reset System QC: Quit but go into Label Control Menu QT: Quit Diagnostic Menu Enter command [HE]: qt .sysdiag Runs the following tests in a loop until a Cntrl-T is pressed on the keyboard: DRAM, Data Path, ans ISP2100. .tdl list .tdl remove .tdl trap Transaction Data Log commands are used to view and modify the systems command transaction data which may not have completed before a reset or error condition. The 'list unction shows what's currently in the log: The 'remove' function is used to completely reset the log to its default state which is empty. 'trap' will call the pSOS probe function when anyone of 256 possible TDL's occur. See src/common/msc/ri_util.h for a valid list of traps. .ecc s .ecc v {value} .ecc i {value} 's' shows the status of ECC errors: auggie:/:<24>.ecc s Num of single-bit ECC errors -------------------------------------------------Unit-01 0 Unit-02 0 Note: ECC threshold is 0. The syslog of single-bit ECC error is disabled 'v' sets the threshold of ECC errors before a syslog message is written. 'i' sets the disk number to initialize MCB file system. .ref r .ref v {value}

.tdl

.ecc

.ref

Sun Proprietary & Confidential: Internal Use Only

Page 337

SSE Field Reference Guide

Appendix A - T3 & 6x20 “dot” Commands

Battery threshold information. The 'r' option gets the minimum battery hold time in seconds. The 'v' option sets the threshold of of minimum battery hold time in seconds. .devtree .devtree {encid} [{encid}...] Prints out the data from the internal device tree in a raw ascii format. array00:/:<179>.devtree 1 ENCLOSURE[1]: Present: true Id: 1 DRIVE[1]: Present: true Bypass[0]: false Bypass[1]: false Detect[0]: true Detect[1]: true Sensor[1]: Temperature: 23 State: ok Age: 759 Warning threshold: 60 Shutdown threshold: 65 Manufacture Record: Timestamp: unknown Description: unknown Manufacture Loc: unknown Part Number: ST373405FSUN72G Serial Number: 3EK1QYDR Vendor Name: SEAGATE Dash Level: unknown Rev Level: A538 Short Name: unknown CONTROLLER[1]: Present: true Is dummy: false L3 Version: 3.0.5 L2 Version: 3.0.5 L1 Version: 3.0.5 LP Version: 3.0.5 Detect[0]: false Detect[1]: false alt_loop: true Bypass[0]: false Bypass[1]: false Sensor[1]: Temperature: 22 State: ok Age: 760 Warning threshold: 55 Shutdown threshold: 60 Manufacture Record: Timestamp: Thu Dec 26 10:04:00 PST 2002 Description: ASSY, T4 CONTROLLER, 14 SLOT Manufacture Loc: Milpitas,CA,USA Part Number: 5405559 Sun Proprietary & Confidential: Internal Use Only Page 338

SSE Field Reference Guide
Serial Number: 000636 Vendor Name: 0x301 Dash Level: 01 Rev Level: 01 Short Name: T4-14_Ctlr Extended Record Mac: 00:03:ba:27:c8:81 PCU[1]: Present: true Off: false Enable: true ACOK: true DCOK: true Switch: true FAN[1]: Fault: false Speed: unknown FAN[2]: Fault: false Speed: unknown BATTERY: Present: true State: true Refresh: false Charger: false --------- Cut for brevity -----------.boot .boot -c .lun

Appendix A - T3 & 6x20 “dot” Commands

Wipes out labels which looses all configuration information and sets the system to be like new. .lun map add lun slice .lun map rm lun [slice ] .lun map rm all .lun map list [lun | slice ] .lun perm {all_lun|lun } {rw|ro|none}{all_wwn|wwn |grp } .lun perm list [lun |wwn |grp] .lun map default This command is almost the same as the normal admistrator command 'lun'. There are two differences. First is the 'map default' which is only available when using the dot version. The second being the information displayed when using the 'list' option. The volume number which this lun is associated with is also displayed.

Sun Proprietary & Confidential: Internal Use Only

Page 339

SSE Field Reference Guide

Alphabetical Index

Alphabetical Index
A adb.........................................................................................................................................................................113 add_install_client......................................................................................................................................................29 add_to_install_server.........................................................................................................................................29, 36 addboard........................................................................................................................................................181, 195 arp..................................................................................................................23, 28, 91, 92, 105, 106, 164, 291, 333 ARP........................................................................................................................................................105, 161, 164 autoconfig.......................................................................................................................................105, 213, 214, 242 B blacklist...........................................................................................................181, 182, 188, 189, 195, 214, 217, 222 Blacklist..................................................................................................................................................................222 board_id.................................................................................................................................................................213 bootmode...........................................................................................................................12, 17, 287, 291, 293, 333 Bootmode...............................................................................................................................................................291 break..................................................................................................................................................................12, 17 bringup...................................................................................................................181, 213, 214, 218, 222, 224, 225 BringUp..................................................................................................................................................................336 C cancelcmdsync...............................................................................................................................................181, 213 cb_prom.................................................................................................................................................................213 cb_reset.................................................................................................................................................................213 cbs ........................................................................................................................................................................215 ccd.database..................................................................................................................................................143, 144 ccdadm..................................................................................................................................................................143 cconsole.........................................................................................................................................................143, 145 ccp.................................................................................................................................................................143, 145 ccradm...................................................................................................................................................................145 cdrw.........................................................................................................................................................................47 cfgadm..................................................................................49, 71, 72, 181, 228, 236, 247, 248, 266, 310, 311, 324 check_host.............................................................................................................................................................213 chkinfr....................................................................................................................................................................145 clinfo.......................................................................................................................................................................145 cmdsync.........................................................................................................................................................181, 213 cmm_ct .................................................................................................................................................................145 connections......................................................................................................................54, 143, 161, 178, 195, 266 console.......................................................................................................................................................12, 17, 195 console ..................................................................................................................................................................181 copy-clock-tod-to-io-boards....................................................................................................................................226 cpio..................................................................................................................................................................50, 119 CPIO........................................................................................................................................................................45 crlogin....................................................................................................................................................................145 cron.......................................................................................................50, 52, 57, 77, 78, 79, 80, 116, 140, 174, 176 Cron...................................................................................................................................................................50, 77 ctelnet....................................................................................................................................................................145 cups.........................................................................................................................................................................73 CUPS.......................................................................................................................................................................73 D dcs_config..............................................................................................................................................................145 dd..........................................................................................3, 23, 45, 51, 54, 58, 59, 65, 71, 72, 74, 77, 82, 85, 146 ddb.........................................................................................................................................131, 132, 145, 181, 192 deleteboard....................................................................................................................................................181, 195 devfsadm........................................................................................................................................125, 152, 241, 247 dfmounts................................................................................................................................................................110 dfshares...........................................................................................................................................................30, 110 dhcp............................................................................................................................13, 14, 15, 23, 28, 89, 105, 110 Sun Proprietary & Confidential: Internal Use Only Page 340

SSE Field Reference Guide

Alphabetical Index

DHCP.................................................................................................................................................14, 28, 208, 209 dhtadm.....................................................................................................................................................................89 disablecomponent..................................................................................................................................181, 189, 195 disconnect..............................................................................................................................................................195 disk download........................................................................................................................................................290 dmesg............................................................................................................................................................106, 113 domain_create...............................................................................................................................................213, 214 domain_history...............................................................................................................................................213, 214 domain_link ...........................................................................................................................................................213 domain_remove.....................................................................................................................................................213 domain_rename.....................................................................................................................................................213 domain_status................................................................................................................................................213, 225 domain_switch.......................................................................................................................................213, 223, 225 domain_unlink........................................................................................................................................................213 domainname................................................................................................................................................94, 95, 96 dumpadm...............................................................................................................................................3, 38, 51, 130 dumpf.....................................................................................................................................................................217 E edd.........................................................................................................................................................................215 edd_cmd................................................................................................................................................................213 eeprom...................................................................................................................3, 33, 51, 100, 175, 188, 214, 273 EEprom..................................................................................................................................................................290 EEPROM..................................................................................................................................................27, 175, 287 enablecomponent...................................................................................................................................181, 189, 195 environment.............................................................................................................................................................17 ep download...........................................................................................................................................................290 explorer....................................................................................................................................................52, 291, 312 Explorer..........................................................................................................................................................310, 312 F fad..........................................................................................................................................................................215 fan..........................................................................................................................................................................213 find...........................................................................................................................................................................53 flarcreate..................................................................................................................................................................30 flashupdate.....................................................................................................3, 12, 71, 181, 183, 184, 185, 195, 196 Flashupdate...................................................................................................................................................184, 185 fmthard...........................................................................................................................................................121, 192 fsck.............................................................................................................................................3, 27, 37, 38, 53, 123 G get_node_status.....................................................................................................................................................143 growfs....................................................................................................................................................................139 H hareg......................................................................................................................................................................143 hastat.............................................................................................................................................................143, 145 haswitch.................................................................................................................................................................143 hostint....................................................................................................................................................................213 hostreset ...............................................................................................................................................................213 hostview.................................................................................................................................................................213 hpost......................................................................................................................................191, 213, 214, 217, 218 httpd.........................................................................................................................................................30, 149, 150 I in.named....................................................................................................................................................92, 93, 105 inetadm..............................................................................................................................................................79, 80 inetconv..............................................................................................................................................................79, 80 inetd......................................................................................57, 79, 80, 101, 105, 161, 162, 163, 165, 166, 167, 291 inetsvc....................................................................................................................................................................161 installboot.........................................................................................................................................................53, 131 iostat......................................................................................................................................................115, 116, 117

Sun Proprietary & Confidential: Internal Use Only

Page 341

SSE Field Reference Guide

Alphabetical Index

ipfilter.............................................................................................................................................................164, 165 ipmp.......................................................................................................................................................................100 IPMP......................................................................................................................................................................151 K kbd...........................................................................................................................................................................54 ksh...........................................................................................................................................................................61 kstat..................................................................................................50, 103, 106, 115, 143, 167, 168, 170, 327, 330 L lockfs......................................................................................................................................................................130 lpc download..................................................................................................................................................290, 334 luactivate............................................................................................................................................................40, 44 lucancel....................................................................................................................................................................44 lucompare................................................................................................................................................................44 lucreate............................................................................................................................................36, 37, 38, 39, 44 lucurr........................................................................................................................................................................44 ludelete....................................................................................................................................................................44 ludesc.......................................................................................................................................................................44 lufslist.......................................................................................................................................................................44 lumake.....................................................................................................................................................................44 lumount..............................................................................................................................................................41, 44 lurename..................................................................................................................................................................44 lustatus.....................................................................................................................................................................44 luumount............................................................................................................................................................42, 44 luupgrade.....................................................................................................................................................39, 40, 44 luxadm..............................................................................................49, 140, 247, 248, 266, 284, 285, 310, 311, 323 M machine_server .....................................................................................................................................................215 MAXWEEKS..........................................................................................................................................................179 metaclear...............................................................................................................................................................139 metadb...........................................................................................................................129, 131, 132, 138, 139, 192 metadetach............................................................................................................................................................139 metahs...................................................................................................................................................................139 metainit.............................................................................................................57, 129, 130, 133, 138, 139, 192, 193 metaoffline.............................................................................................................................................................139 metaonline.............................................................................................................................................................139 metaparam.............................................................................................................................................................139 metarename...........................................................................................................................................................139 metareplace...........................................................................................................................................................139 metaroot.................................................................................................................................129, 130, 133, 139, 193 metaset..................................................................................................................................................................139 metastat.........................................................................................................................................130, 131, 132, 139 metasync................................................................................................................................................................139 metattach................................................................................................................................130, 133, 138, 139, 193 MINWEEKS...........................................................................................................................................................179 mkisofs.....................................................................................................................................................................47 modinfo................................................................................................................................................................3, 54 modload...................................................................................................................................................................55 mount.....27, 37, 38, 40, 41, 42, 44, 53, 55, 58, 80, 98, 109, 119, 120, 131, 138, 146, 147, 149, 151, 155, 166, 171, 175, 193, 218, 291 Mount..........................................................................................................38, 39, 40, 41, 55, 98, 120, 131, 146, 175 moveboard.............................................................................................................................................................181 mpstat............................................................................................................................................................115, 116 N ndd.............................................................................................................................85, 86, 103, 106, 118, 163, 164 netcon..................................................................................................................................79, 80, 87, 213, 214, 215 netcon_server................................................................................................................................................213, 215 netstat......................................................................................................................................85, 106, 115, 116, 161

Sun Proprietary & Confidential: Internal Use Only

Page 342

SSE Field Reference Guide

Alphabetical Index

nfs.server...................................................................................................................................................30, 98, 162 nfsd............................................................................................................................................................55, 98, 109 NFSD.......................................................................................................................................................................98 nfsstat....................................................................................................................................................................115 nice........................................................................................................................................................................115 nmap..............................................................................................................................................114, 162, 163, 331 Nmap.....................................................................................................................................................................163 ntpq....................................................................................................................................................................58, 97 nvalias..............................................................................................................................................................24, 207 nvedit...........................................................................................................................................................24, 25, 26 nvquit.......................................................................................................................................................................24 nvrecover.................................................................................................................................................................24 nvrun........................................................................................................................................................................24 nvstore.........................................................................................................................................................24, 25, 26 nvunalias..................................................................................................................................................................24 O obp_helper.....................................................................................................................................................213, 215 orbadmin................................................................................................................................................................145 P pargs........................................................................................................................................................................56 PASSLENGTH.......................................................................................................................................................178 patchdiag..........................................................................................................................................46, 310, 311, 312 pbind........................................................................................................................................................................72 pgre..................................................................................................................................................................56, 145 pGre.......................................................................................................................................................................173 PGRe.....................................................................................................................................................................145 pgrep........................................................................................................................................................................56 ping...........................27, 41, 50, 57, 59, 107, 123, 131, 176, 207, 224, 237, 241, 250, 251, 302, 303, 310, 320, 321 PING......................................................................................................................................................................107 pkill...........................................................................................................................................................................56 plimit.........................................................................................................................................................................56 pnmptor..................................................................................................................................................................145 pnmrtop..................................................................................................................................................................145 pnmset...................................................................................................................................................143, 144, 145 pnmstat..................................................................................................................................................143, 144, 145 pntadm.....................................................................................................................................................................89 power......3, 12, 13, 14, 16, 17, 21, 23, 49, 51, 58, 59, 71, 72, 82, 117, 181, 186, 188, 195, 196, 205, 213, 223, 224, 225, 226, 227, 228, 230, 238, 240, 251, 253, 254, 258, 264, 265, 266, 268, 269, 273, 279, 281, 283, 284, 288, 297, 298, 299, 300, 301, 330, 333 Power .16, 17, 21, 49, 71, 82, 117, 119, 190, 223, 224, 226, 227, 230, 232, 238, 240, 251, 253, 258, 265, 268, 279, 280, 281, 283, 288, 298, 307 POWER....................................................................................................................................................58, 226, 258 poweroff ......................................................................................................................................12, 17, 49, 181, 195 poweron..............................................................................................................12, 13, 14, 17, 49, 71, 181, 186, 195 preap........................................................................................................................................................................56 print_net_state.......................................................................................................................................................145 priocntl...............................................................................................................................................................71, 72 prom-copy..............................................................................................................................................................226 prstat........................................................................................................................................................................56 prtdiag........................................................................................................................................................71, 72, 115 prtvtoc............................................................................................................................................................123, 192 psradm...................................................................................................................................................................115 psrinfo......................................................................................................................................................................71 R ras_admin..............................................................................................................................................................140 ras_install...............................................................................................................................................................140 rasagent.................................................................................................................................................................140

Sun Proprietary & Confidential: Internal Use Only

Page 343

SSE Field Reference Guide

Alphabetical Index

RBAC...............................................................................................................................................................94, 176 redx................................................................................................................................................................213, 217 removefru.................................................................................................................................................................12 renice.....................................................................................................................................................................115 replctl.....................................................................................................................................................................145 reset.................................................................................................................................................................12, 181 resetrsc..............................................................................................................................................................17, 18 resetsc.......................................................................................................................................................12, 15, 181 rgmd_debug...........................................................................................................................................................145 rm_install_client.......................................................................................................................................................29 route add........................................................................................................................................................102, 104 route change..........................................................................................................................................................104 route delete....................................................................................................................................................103, 104 route flush..............................................................................................................................................................104 rpcinfo....................................................................................................................................................108, 109, 110 rscadm.............................................................................................................................................17, 18, 19, 20, 21 rup...............................................................................39, 45, 107, 114, 119, 130, 151, 213, 218, 264, 291, 292, 293 RUP.......................................................................................................................................................................206 S sar....71, 72, 87, 95, 96, 104, 115, 123, 130, 131, 132, 151, 162, 163, 171, 172, 175, 176, 177, 189, 230, 236, 250, 253, 263, 291, 292, 293, 294, 326, 331 scadm.......................................................................................................13, 14, 15, 16, 17, 18, 19, 20, 21, 143, 144 scadmin..........................................................................................................................................................143, 144 sccheck..................................................................................................................................................................145 scconf.............................................................................................................................................143, 144, 145, 154 scdidadm................................................................................................................................143, 145, 152, 153, 155 scdidadmn..............................................................................................................................................................143 scdsbuilder.............................................................................................................................................................145 scdsconfig..............................................................................................................................................................145 scdscreate..............................................................................................................................................................145 scgdevs..................................................................................................................................................145, 152, 153 scinstall..................................................................................................................................................143, 145, 151 scmgr.....................................................................................................................................................................143 scp...........................................................................................................................................................................86 SCP........................................................................................................................................................184, 185, 197 scrgadm..........................................................................................................................145, 146, 147, 148, 150, 158 script.......3, 20, 23, 43, 44, 45, 50, 56, 57, 61, 65, 66, 68, 69, 70, 73, 77, 78, 79, 104, 116, 118, 155, 164, 171, 177, 181, 208, 244, 254, 293, 310, 315, 321 Script........................................................................................................................................................21, 117, 315 scsetup...........................................................................................................................................145, 154, 156, 157 scshutdown............................................................................................................................................................145 scsi-initiator-id....................................................................................................................................3, 23, 25, 26, 51 scstat......................................................................................................................................145, 155, 156, 157, 158 scswitch..................................................................................................................145, 146, 147, 148, 150, 158, 159 scvxinstall...............................................................................................................................................................145 scvxvmlg................................................................................................................................................................152 service............................................................................................................................................................195, 196 setchs.........................................................................................................................................3, 188, 189, 191, 196 setdate.......................................................................................................................................12, 18, 181, 186, 195 setdefaults................................................................................................................................................12, 181, 195 setfailover...............................................................................................................................181, 184, 185, 195, 213 setkeyswitch.....................................................................................................72, 181, 183, 188, 190, 191, 195, 196 setsc...............................................................................................................................................12, 13, 14, 15, 181 setup_install_server.....................................................................................................................................29, 32, 36 setupplatform...........................................................................................................................................71, 181, 195 setupsc...............................................................................................................................................................12, 15 sftp...........................................................................................................................................................................86

Sun Proprietary & Confidential: Internal Use Only

Page 344

SSE Field Reference Guide

Alphabetical Index

share........................................................................................................................................................................98 showboards..............................................................................................................................71, 181, 185, 186, 195 showchs.................................................................................................................................................188, 189, 196 showcomp..............................................................................................................................................181, 190, 195 showcomponent.............................................................................................................................................181, 195 showdate............................................................................................................................................12, 18, 181, 195 showenvironment.......................................................................................................................12, 17, 181, 186, 195 showerrorbuffer......................................................................................................................................................195 showescape...........................................................................................................................................................195 showfailover...................................................................................................................................181, 195, 213, 224 showfru............................................................................................................................................................12, 195 showkeyswitch.........................................................................................................................................72, 181, 195 showlogs..........................................................................................................................................12, 181, 195, 257 showmount...............................................................................................................................................................98 shownetwork..........................................................................................................................................12, 15, 17, 18 showplatform....................................................................................................................................12, 181, 185, 195 showsc.................................................................................................................................................12, 13, 18, 195 shscan....................................................................................................................................................................217 sigbcmd..................................................................................................................................................................213 smsbackup.....................................................................................................................................................181, 184 smsconfig...............................................................................................................................................................181 smsrestore.............................................................................................................................................................181 smsversion.............................................................................................................................................................181 snmpd....................................................................................................................................................................215 snoop.............................................................................................................................................................107, 108 spray......................................................................................................................................................108, 161, 162 ssh..............................................................................................................................57, 86, 161, 162, 165, 195, 297 ssp_backup............................................................................................................................................................213 ssp_config..............................................................................................................................................................213 ssp_downgrade......................................................................................................................................................213 ssp_restore............................................................................................................................................................213 ssp_startup............................................................................................................................................................215 straps.....................................................................................................................................................................215 sudo................................................................................................................................143, 169, 170, 171, 172, 174 svcadm.............................................................................................................................3, 57, 77, 78, 79, 80, 95, 96 svccfg.....................................................................................................................................................77, 78, 79, 80 svcprop........................................................................................................................................................77, 78, 80 svcs..................................................................................................................................3, 57, 58, 77, 78, 79, 80, 95 swap..........................................................29, 32, 35, 36, 37, 51, 54, 58, 72, 115, 117, 123, 124, 129, 130, 191, 192 Swap........................................................................................................................................................................58 SWAP....................................................................................................................................................................124 sys_clock...............................................................................................................................................................213 sys_id.....................................................................................................................................................................213 syslog.............................................................................................161, 165, 169, 174, 182, 257, 313, 328, 333, 336 T tcp wrappers...................................................................................................................................................167, 174 TCP wrappers................................................................................................................................................165, 167 TCP Wrappers.......................................................................................................................................................165 testboard................................................................................................................................................................195 tftp..........................................................................................................................101, 105, 161, 290, 291, 293, 333 TFTP......................................................................................................................................................101, 290, 331 thermcal_config......................................................................................................................................................213 tip.............................................................................................................................................................................99 top..........................................................................................................................................................................115 traceroute...............................................................................................................................................................108 truss...............................................................................................................................................................114, 115 U

Sun Proprietary & Confidential: Internal Use Only

Page 345

SSE Field Reference Guide

Alphabetical Index

uadmin...............................................................................................................................................................58, 59 ufsdump...................................................................................................................................................................59 ufsrestore.................................................................................................................................................................59 umask..............................................................................................................................................................43, 177 umount............................................................................................41, 42, 44, 55, 119, 171, 192, 208, 209, 242, 273 V vmstat...............................................................................................................................................56, 115, 116, 117 volcancel..................................................................................................................................................................60 volcheck...............................................................................................................................................................3, 59 volmgt................................................................................................................................................................60, 77 vxassist..................................................................................................................................................121, 126, 127 vxconfigd..........................................................................................................................................43, 121, 122, 125 vxdctl........................................................................................................................................43, 122, 125, 153, 159 vxdg................................................................................................................................................121, 122, 125, 126 vxdisk.............................................................................................................................................123, 125, 153, 273 vxdisksetup............................................................................................................................................................125 vxedit......................................................................................................................................................................126 vxiod.................................................................................................................................................43, 121, 125, 159 vxlicinst..................................................................................................................................................................159 vxmend..................................................................................................................................................................126 vxmksdpart.....................................................................................................................................................123, 124 vxplex.............................................................................................................................................................126, 127 vxrelayout...............................................................................................................................................................127 vxsd........................................................................................................................................................................126 vxtask.....................................................................................................................................................................125 vxunroot.................................................................................................................................................................125 vxvol...............................................................................................................................................................126, 273 W WARNWEEKS.......................................................................................................................................................179 wfail........................................................................................................................................181, 195, 213, 217, 224 X xir.............................................................................................................................................................................17 xntpd..................................................................................................................................................................58, 97 Y ypbind........................................................................................................................................................95, 96, 108 ypcat........................................................................................................................................................................95 ypinit.............................................................................................................................................................94, 95, 96 ypstart..........................................................................................................................................................94, 95, 96 ypstop................................................................................................................................................................95, 96 ypwhich..............................................................................................................................................................95, 97 Z zlogin..................................................................................................................................................................74, 75 zoneadm......................................................................................................................................................74, 75, 76 zonecfg..............................................................................................................................................................74, 76 / /dev/console.....................................................................................................................................................75, 178 /etc/gateways.........................................................................................................................................................102 /etc/issue................................................................................................................................................................178 /etc/lvm/md.tab...............................................................................................................................................129, 192 /etc/netmasks.................................................................................................................................................102, 103 /etc/path_to_inst.....................................................................................................................................................119 /etc/system........................................................................26, 27, 43, 85, 86, 117, 118, 120, 130, 131, 151, 165, 177

Sun Proprietary & Confidential: Internal Use Only

Page 346

Sign up to vote on this title
UsefulNot useful