In Cisco land (the networks lab) its a common sight to see the suicidal blink of the switches stat light as they whimper in ROM-monitor mode after a brutal assault from a student trying to do something too advanced. Maybe that's a bit cruel, the lab equipment is on 24/7 getting copy run start and reloads constantly throughout the day and the flash is taking a beating. The most common sight Ive seen is the IOS image disappearing or corrupt. There were some switches that i had seen had been in ROM mode for weeks missing an IOS without a tech fixing it, i took things into my own hands and fixed two 2960's, let me dispense this information now.....
From ROM mode you first need to initialise the flash file system and support
switch: flash_init
switch: load_helper
so now you have access to some commands and can look around the flash
switch: dir flash:
(example output)
Directory of flash:
13 drwx 192 Mar 01 1993 22:30:48 c3550-i5q3l2-mz-121-0.0.53
11 -rwx 5825 Mar 01 1993 22:31:59 config.text
17 -rwx 27 Mar 01 1993 22:30:57 env_vars
5 -rwx 90 Mar 01 1993 22:30:57 system_env_vars
18 -rwx 720 Mar 01 1993 02:21:30 vlan.dat
the IOS .bin file is in the folder at the top, you can verify the image and attempt to boot manually
switch: boot flash: c3550-i5q3l2-mz-121-0.0.53/c3550-i5q3l2-mz-121-0.0.53.bin
if it returns an boot error than you know the image file is corrupt and need to put a new one on. In my case when i looked into the flash directory there wasn't even an image file there which leads me to believe a student put the wrong command in when trying to delete a file....
Retrieve an IOS image file from cisco or what i did since there are many of the same switches in the lab tftp one from there. set up a tftp server and connect it to the working switch in vlan1, give the switch an ip address on vlan 1 in the same segment as the tftp server. This command says copy from the flash TO tftp.
swalive# copy flash:c3550-i5q3l2-mz-121-0.0.53/c3550-i5q3l2-mz-121-0.0.53.bin tftp:192.168.1.1(server address)
OK the image is acquired now we need to get it onto the broken switch. Were going to use HyperTerminal to send the file through the console using XMODEM. This command says copy from xmodem TO flash
switch: copy xmodem: flash:c3550-i5q3l2-mz-121-0.0.53/c3550-i5q3l2-mz-121-0.0.53.bin
On HyperTerminal go to the TRANSFER tab at the top and select SEND FILE, use options XMODEM and point to the image file acquired. This needs to be done sharpish or the switch will timeout. The transfer will take a while since your limited by the speed of your console connection, the 4.8MB IOS i transferred took 1hr40 so ~8400b/s even though it was a 9600 connection......
All is sorted and issue the magic command to revive the almighty
switch: boot
For me this was not the end! Once booted i found that it had been given an enable secret, no worries ill try the usual suspects, cisco, Cisco, class, password, pass, slightly annoying.... how about iamatoolforlockingthisciscoswitchdownwithanonuniformpass. Damn i cant get in. What next you ask, lets get it back into ROM mode and change the config.text file.
reboot the switch while holding the mode button for a few seconds until it flashes and it will go into ROM mode.
switch: flash_init
switch: load_helper
switch: dir flash:(you will see there is a file called config.text)
switch: rename flash:config.text flash:config.old
switch: boot
The switch is looking for its startup config, config.text, unable to find it it loads with a fresh instance with no config. You can either copy flash:config.old running-config and change the password or start from scratch.
Tip: To speed up the xmodem copy increase the BAUD rate
switch: set BAUD 115200
restart the HyperTerminal session to match. Once finished change it back
switch: unset BAUD
Additional:
This Sunday i spent the weekend AIRSOFTING in a field near Duram using initiative and tactics to win the game and keep the team and myself alive. It was a really fun game and i was 1 of 2 medics looking after 15 team members proving very tiresome. In the first game i was using a kind of Distance vector protocol periodically running around checking everyone was ok while they provided covering fire. However this proved inefficient.....see where I'm going with this. I then moved onto a link state algorithm re converging the team upon shouts of MEDIC!! Some routes were blocked so i had a chat with a node who had build up a full topology of the field via his comms and legged it through the lowest cost path. There was a problem with my gun making a horrible whirring sound so when i took apart home to be inspected. This is what the gun should look like and what the faulty part should look like
From ROM mode you first need to initialise the flash file system and support
switch: flash_init
switch: load_helper
so now you have access to some commands and can look around the flash
switch: dir flash:
(example output)
Directory of flash:
13 drwx 192 Mar 01 1993 22:30:48 c3550-i5q3l2-mz-121-0.0.53
11 -rwx 5825 Mar 01 1993 22:31:59 config.text
17 -rwx 27 Mar 01 1993 22:30:57 env_vars
5 -rwx 90 Mar 01 1993 22:30:57 system_env_vars
18 -rwx 720 Mar 01 1993 02:21:30 vlan.dat
the IOS .bin file is in the folder at the top, you can verify the image and attempt to boot manually
switch: boot flash: c3550-i5q3l2-mz-121-0.0.53/c3550-i5q3l2-mz-121-0.0.53.bin
if it returns an boot error than you know the image file is corrupt and need to put a new one on. In my case when i looked into the flash directory there wasn't even an image file there which leads me to believe a student put the wrong command in when trying to delete a file....
Retrieve an IOS image file from cisco or what i did since there are many of the same switches in the lab tftp one from there. set up a tftp server and connect it to the working switch in vlan1, give the switch an ip address on vlan 1 in the same segment as the tftp server. This command says copy from the flash TO tftp.
swalive# copy flash:c3550-i5q3l2-mz-121-0.0.53/c3550-i5q3l2-mz-121-0.0.53.bin tftp:192.168.1.1(server address)
OK the image is acquired now we need to get it onto the broken switch. Were going to use HyperTerminal to send the file through the console using XMODEM. This command says copy from xmodem TO flash
switch: copy xmodem: flash:c3550-i5q3l2-mz-121-0.0.53/c3550-i5q3l2-mz-121-0.0.53.bin
On HyperTerminal go to the TRANSFER tab at the top and select SEND FILE, use options XMODEM and point to the image file acquired. This needs to be done sharpish or the switch will timeout. The transfer will take a while since your limited by the speed of your console connection, the 4.8MB IOS i transferred took 1hr40 so ~8400b/s even though it was a 9600 connection......
All is sorted and issue the magic command to revive the almighty
switch: boot
For me this was not the end! Once booted i found that it had been given an enable secret, no worries ill try the usual suspects, cisco, Cisco, class, password, pass, slightly annoying.... how about iamatoolforlockingthisciscoswitchdownwithanonuniformpass. Damn i cant get in. What next you ask, lets get it back into ROM mode and change the config.text file.
reboot the switch while holding the mode button for a few seconds until it flashes and it will go into ROM mode.
switch: flash_init
switch: load_helper
switch: dir flash:(you will see there is a file called config.text)
switch: rename flash:config.text flash:config.old
switch: boot
The switch is looking for its startup config, config.text, unable to find it it loads with a fresh instance with no config. You can either copy flash:config.old running-config and change the password or start from scratch.
Tip: To speed up the xmodem copy increase the BAUD rate
switch: set BAUD 115200
restart the HyperTerminal session to match. Once finished change it back
switch: unset BAUD
Additional:
This Sunday i spent the weekend AIRSOFTING in a field near Duram using initiative and tactics to win the game and keep the team and myself alive. It was a really fun game and i was 1 of 2 medics looking after 15 team members proving very tiresome. In the first game i was using a kind of Distance vector protocol periodically running around checking everyone was ok while they provided covering fire. However this proved inefficient.....see where I'm going with this. I then moved onto a link state algorithm re converging the team upon shouts of MEDIC!! Some routes were blocked so i had a chat with a node who had build up a full topology of the field via his comms and legged it through the lowest cost path. There was a problem with my gun making a horrible whirring sound so when i took apart home to be inspected. This is what the gun should look like and what the faulty part should look like
And this is what they look like now. You can see the barrel just peaking out the sad bag. the pistons teeth have completely vanished resulting in a complete fail. there should be a soft rubber cushion on the end but it has evaporated! there is no sign of it. Rebuild when i get some free time.
No comments:
Post a Comment