|
|
This chapter covers the tasks required for maintaining a Content Engine or a Content Engine farm:
Presently, two types of Cache software files are available on Cisco Connnection Online (CCO) to download, files with the .pax suffix and files with the .bin suffix. The .pax file contains the full-image software with the graphical user interface (GUI) and is the file routinely installed. The .bin file software is for recovery situations that require booting from the network, or restoring Flash memory. See the "Recovering the System Software" section for instructions on loading your system image with the .bin file.
The following procedure describes how to upgrade the Content Engine system software and optionally change the boot parameters.
Step 2 From the Windows NT or UNIX machine, use FTP to put the new image file (for example, ce500-200.pax) in the Content Engine /local directory.
If you are using a command-line FTP client, perform the following substeps to put the .pax file on the Content Engine. In the example, the Content Engine IP address is 192.168.88.89:
a. At the command line of your Windows NT or UNIX host, enter:
ftp 192.168.88.89
b. Enter the Content Engine user login and password when prompted.
c. The default FTP directory of the Content Engine should be /local. Use the cd command as follows to make sure that you are in the /local directory of the Content Engine:
cd /local
d. Set the FTP client to binary transfer mode:
bin
e. Put the .pax file on the Content Engine. For example, if the upgrade software filename is ce500-200.pax, enter:
put ce500-200.pax
Step 3 Log on to the Content Engine through the console port.
 |
Note Upgrading software can be done through Telnet, but the connection is broken when the Content Engine reboots. |
Step 4 At the Content Engine command prompt, enter install to install the image files. For example, if the filename is ce550-210.pax, enter:
console# install ce550-210.pax Extracting . Extracting ./imgname.txt Extracting ./etc Extracting ./etc/boot ... (etc) Extracting ./lib/gui/snmp Extracting ./lib/gui/snmp/CISCO-CACHEENGINE-MIB.my Extracting ./lib/gui/snmp/CISCO-SMI.my Extracting ./[image_name].bin.dbg.cus1 File extraction done. ce25.pax: installation is complete. Copy new image '[image_name].bin' to flash memory?[no]: y Erasing Programming erasing program image sector. 100% complete... You may type [reload] to reboot your box now
|
Note Be sure to copy the new image to Flash memory. The Content Engine will not run the updated software version until the image is stored in memory and you reboot the system. If you choose not to copy the image to Flash memory when prompted, you can do so later by entering copy diskflash filename, where filename is the name of the image file. |
Step 5 From the Content Engine console, enter reload to reboot the Content Engine:
console# reload Proceed with reload? [confirm] y 303949 bytes copying bootagent boot start: 0x7fee000 starting new system - entry 0x8010 0x7dc8800 (tCallback0): NCR810_ Press any key to stop auto-boot...
|
Note If you have not saved your most recent configuration to Flash memory (NVRAM), you will be asked to do so before rebooting the Content Engine. |
If you want to stop the auto-boot process to change default boot parameters, perform the following steps (console connection only):
|
Note In the example, the Content Engine boot device parameter is changed from net to flash. |
a. Press any key during the auto-boot sequence.
b. Enter c at the prompt to change the auto-boot settings.
c. At the boot device prompt, enter flash.
d. At the filename prompt, press Ctrl-D to quit the change-default-boot-parameter sequence.
e. At the console prompt, enter @.
Press any key to stop auto-boot... [CE500 Series]: c '.' = clear field; '-' = go to previous field; ^D = quit boot device (flash,net) [ net]: flash filename [ ]: ^D . . [CE500 Series]: @
Step 6 When the boot process is complete, verify the software version with the show version command:
console# show version Cisco Content Engine Copyright (c) 1986-2000 by Cisco Systems, Inc. Software Release: CE ver 2.30 (Build: #1 08/07/00) Compiled: 13:47:15 Aug 6 2000 by morlee Image text-base 0x108000, data_base 0x392244 System restarted by Reload The system has been up for 0 weeks, 0 day, 0 hours, 1 minutes, 10 seconds. System booted from "flash"
The Content Engine can be booted from a system image resident on another network host (booted from the network) if the native onboard image is corrupted. A corrupted system image can result from a power failure that occurs while the installation procedure is updating the Flash memory. When the Content Engine is booted from the network, a new Flash memory image can be installed.
Recovery software is available from Cisco Connection Online (CCO). Make sure to download the correct .bin file for your Content Engine model.
To reboot the Content Engine with recovery software, perform the following steps:
Step 2 Stop the auto-boot process by pressing any key.
a. Enter c to change the auto-boot settings.
b. Enter net for the boot device type.
c. Enter the appropriate CCO filename, cache IP address, IPO network mask, server IP address, gateway IP address, protocol (FTP or TFTP), user name, and password, as shown in the example that follows:
Press any key to stop auto-boot... 6 [CE500 Series]: c '.' = clear field; '-' = go to previous field; ^D = quit boot device (flash,net) [ flash]: net filename [ ]: /Path/filename.bin cache IP address [ ]: 10.1.1.3 IP network mask [ ]: 255.255.255.0 server IP address [ ]: 172.16.63.250 gateway IP address [ ]: 10.1.1.2 protocol (rcp,ftp,tftp) [ ]: ftp username [ ]: name password [ ]: password flags [ 0]:
Step 3 Enter @ to start the boot sequence.
[CE500 Series]: [CE500 Series]: @ boot device (flash,net) [ net]: filename [/CCO Path/filename.bin]: cache IP address [ 10.1.1.3]: IP network mask [ 255.255.255.0]: server IP address [ 172.16.63.250]: gateway IP address [ 10.1.1.2]: protocol (rcp,ftp,tftp) [ ftp]: username [ name]: password [ password]: flags [ 0]: Loading from the network Attaching network interface fei0... done. Attaching network interface lo0... done. Loading... Starting at 0x108000... .................. Console IO Initialized Attaching network interface lo0... done. Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. Cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Content Engine Copyright (c) 1986-2000 by Cisco Systems, Inc. Software Release: CE ver 2.30 (Build: #01 08/03/2000) Compiled: 18:09:47 Aug 08 2000 by morlee Image text-base 0x108000, data_base 0x42bea4 System restarted by Power Up The system has been up for 0 seconds. System booted from fei SVCINIT - phase complete Initializing SCSI interface... Initializing SCSI controller... Configuring SCSI peripherals... ID LUN VendorID ProductID Rev. Type Blocks BlkSize pScsiPhysDev -- --- -------- ---------------- ---- ---- -------- ------- 0 0 QUANTUM VIKING II 9.1SCA 4110 0 17836668 512 0x00fc9458 DEVINIT - phase complete FSINIT - phase complete Configuring from NVRAM... %% Non-volatile configuration memory has not been set up CONF - phase complete NTP: Waiting (2 minutes) for network initialization START - phase complete
Step 4 Reconfigure the Content Engine with the basic network settings. You can modify the system configuration later using the CLI.
---- System Configuration Dialog ---- You may use Ctrl-D to abort Configuration Dialog at any prompt. Would you like to enter the initial configuration? [yes]: y host name: myContent domain name: myfirm.com admin password: iforget cache IP address: 1.1.1.1 IP network mask: 255.255.230.2 gateway IP address:10.10.10.10 DNS server:yo
If the basic configuration is acceptable, enter yes. The Content Engine indicates whether the configuration is accepted. At this point, the basic configuration is finished.
Use this configuration? [yes]: y Building configuration... . . START - phase complete
Step 5 Log on to the Content Engine with your new admin password. Verify that you are running the correct version by entering show version.
Username: admin Password: test cache# cache# show version Cisco Content Engine Copyright (c) 1986-1998 by Cisco Systems, Inc. Software Release: Compiled: 17:08:40 Mar 24 1999 by morlee Image text-base 0x108000, data_base 0x419d2c
Step 6 To operate the management interface (the Cache software GUI) and boot from Flash memory in the future, see the "Upgrading the System Software" section to download the .pax file from CCO and install the .pax file.
You can now use the management interface or the CLI to enable WCCP or proxy mode and start caching.
Content Engines are equipped with one or more disks that are properly partitioned at the factory before shipment. The Cisco Storage Array can be shipped with unformatted disks. For information on maintaining the Cisco Storage Array disks, see the "Hard Disk Preparation Procedure for the Cisco Storage Array" section.
The principal disk partitions are for the DOS file system and cache file system (dosf and cfs respectively). The dosfs partition contains the image file, user interface images, and memory for system output from features such as syslog. The cfs contains cached network content.
To verify that a disk is partitioned correctly, execute the show disk-partitions command. To display the volume names, execute the show disks command.
|
Note The UVFAT partition refers to the dosfs. The bfs partition refers to the boot file system, which is currently not used. |
Console# show disk-partitions /c0t0d0
Disk size : 17836667 sectors
Partition 1: CISCO_UVFAT_1, offset 63 sectors, size 3906250 sectors
Partition 2: CISCO_BFS_1, offset 3906323 sectors, size 1024 sectors
Partition 3: CISCO_CFS_1, offset 3907357 sectors, size 13929300 sectors
Partition 4: UNUSED, offset 0 sectors, size 0 sectors
Console# show disk-partitions /c0t1d0
Disk size : 17836667 sectors
Partition 1: UNUSED, offset 0 sectors, size 0 sectors
Partition 2: CISCO_BFS_1, offset 10 sectors, size 1024 sectors
Partition 3: CISCO_CFS_1, offset 1044 sectors, size 17835613 sectors
Partition 4: UNUSED, offset 0 sectors, size 0 sectors
Console# show disks
/c0t0d0 (scsi bus 0, unit 0, lun 0)
/c0t1d0 (scsi bus 0, unit 1, lun 0)
|
Note The name of disk 0 is /c0t0d0; the name of disk 1 is /c0t1d0. The c indicates the SCSI contoller number, t is the target number, and d is the logical unit number (LUN). |
At any time, you can use the show cfs volumes and show dosfs volumes commands to verify volume status.
Console# show cfs volumes /c0t0d0s3: mounted /c0t1d0s3: mounted Console# show dosfs volumes /c0t0d0s1: mounted /c0t1d0s1: mounted /local: mounted
|
Note You can substitute the alias /local for the dosfs volume name /c0t0d0. |
The dosfs partition may be unmounted if the dosfs unmount command was executed. If the dosfs partition is unmounted, mount the dosfs partition using the dosfs mount command.
If the dosfs mount command does not work properly, execute the show disk-partitions command. Check for the UVFAT partition. The size of the dosfs partition should be approximately 2 gigabytes. A sector is equal to 512 bytes. If there is no disk partition for the dosfs, see the "Repartitioning the Hard Disks" section.
If the dosfs volume does not mount, perform the procedure in the "Checking and Repairing DOS File System Volumes" section. If the dosfs volume still does not mount after you perform this procedure, repartition and reformat the disks as described in the "Repartitioning the Hard Disks" section."
 |
Caution Anytime a volume is partitioned or formatted (dosfs or cfs), all the data on the disk is lost. |
The Storage Array hard disks are shipped without formatting or partitions. You must enter the disk manufacture EXEC command for each newly installed hard disk. Use the disk, cfs, and dosfs EXEC commands for subsequent maintenance of the disks.
Perform the following procedure when installing a new hard disk for the Cisco Storage Array:
Step 2 Power on the Storage Array, and then power on the Content Engine.
Step 3 Make a note of the target numbers of any new disk drive that did not mount. The target number is the value of the "t" parameter in the disk volume name.
Determine the target numbers of the unmounted disks with one of the following methods:
CacheEngine# show cfs volumes /c0t0d0s3: mounted
/c0t1d0s3: mounted
/c0t2d0s3: not mounted
/c0t3d0s3: not mounted
/c0t4d0s3: not mounted
/c0t5d0s3: not mounted /c0t6d0s3: not mounted
/c0t7d0s3: not mounted
Thu Dec 31 16:06:50 1987: CFS volume /c0t2d0s3 mount failed S_cfslib_NOT_CFS_PARTITION
Thu Dec 31 16:06:50 1987: CFS volume /c0t3d0s3 mount failed S_cfslib_NOT_CFS_PARTITION
Thu Dec 31 16:06:50 1987: CFS volume /c0t4d0s3 mount failed S_cfslib_NOT_CFS_PARTITION
Thu Dec 31 16:06:50 1987: CFS volume /c0t5d0s3 mount failed S_cfslib_NOT_CFS_PARTITION
Thu Dec 31 16:06:50 1987: CFS volume /c0t6d0s3 mount failed S_cfslib_NOT_CFS_PARTITION
Thu Dec 31 16:06:50 1987: CFS volume /c0t7d0s3 mount failed S_cfslib_NOT_CFS_PARTITION
Step 4 Enter the disk manufacture command for each new hard disk to be installed.
In the following example, the disks with target numbers 2 and 3 are partitioned, formatted, and mounted with the disk manufacture EXEC command.
ContentEngine# disk manufacture /c0t2d0
total size of disk = 35843670
CISCO_UVFAT_1 vol /c0t2d0s1 part_off 0 part_siz 0
Skipping creation of DOS partition for SCSI device
CISCO_BFS_1 vol /c0t2d0s2 part_off 10 part_siz 1024
CISCO_CFS_1 vol /c0t2d0s3 part_off 1044 part_siz 35842616
CacheEngine# disk manufacture /c0t3d0
total size of disk = 35843670
CISCO_UVFAT_1 vol /c0t3d0s1 part_off 0 part_siz 0
Skipping creation of DOS partition for SCSI device
CISCO_BFS_1 vol /c0t3d0s2 part_off 10 part_siz 1024
CISCO_CFS_1 vol /c0t3d0s3 part_off 1044 part_siz 35842616
Step 5 Enter the show cfs volumes command to verify that the disks are mounted.
ContentEngine# show cfs volumes /c0t0d0s3: mounted /c0t1d0s3: mounted /c0t2d0s3: mounted /c0t3d0s3: mounted
See the disk manufacture command in the Cisco Cache Software Command Reference documentation for further information on the Storage Array.
|
Caution Whenever a disk is partitioned, all the data on the disk is lost. |
To repartition disk 0, which is the location of the dosfs partition, enter the disk partition command.
|
Note The name of disk 0 is /c0t0d0; the name of disk 1 is /c0t1d0. |
Console# disk partition /c0t0d0 dosfs cfs this will create a dos partition and cfs partition total size of disk = 17836667 CISCO_UVFAT_1 vol /c0t0d0s1 part_off 63 part_siz 3906250 CISCO_BFS_1 vol /c0t0d0s2 part_off 3906323 part_siz 1024 CISCO_CFS_1 vol /c0t0d0s3 part_off 3907357 part_siz 13929300
It is also possible to repartition only the dosfs of disk 0 using the disk partition command, excluding the cfs keyword.
Console# disk partition /c0t0d0 dosfs total size of disk = 17836667 CISCO_UVFAT_1 vol /c0t0d0s1 part_off 63 part_siz 3906250 CISCO_BFS_1 vol /c0t0d0s2 part_off 3906323 part_siz 1024 CISCO_CFS_1 vol /c0t0d0s3 part_off 0 part_siz 0 Skipping creation of CFS partition for SCSI device
To repartition disk 1, enter the disk partition command.
Console# disk partition /c0t1d0 cfs total size of disk = 17836667 CISCO_UVFAT_1 vol /c0t1d0s1 part_off 0 part_siz 0 Skipping creation of DOS partition for SCSI device CISCO_BFS_1 vol /c0t1d0s2 part_off 10 part_siz 1024 CISCO_CFS_1 vol /c0t1d0s3 part_off 1044 part_siz 17835613
Following a repartition, you must format and mount the dosfs and cfs using the following commands:
If the first disk is reformatted, all the cache data is lost as well as all data in the dosfs partition. It will be necessary to reinstall the software image as well as the user interface images. See the "Recovering the System Software" section.
If the second disk is reformatted, all the cache data on that disk (cfs) is lost. The Content Engine will repopulate the disk with regular use.
|
Note If the dosfs partition is not mounted correctly, an error message may be generated from the CLI. An example of this error message is shown below. |
Console# cli command Could not get stat information about /local <====
The dosfs partition may be corrupted if a power outage occurs while the Content Engine is writing to the disk, or if the disk is removed while writing to the dosfs partitions.
If there is a problem caused by the corrupted dosfs FAT table, perform the following steps:
Step 2 If an error message occurs, enter the dosfs unmount /local command.
Step 3 Enter the dosfs repair auto /local command.
Step 4 Enter the dosfs mount /local command.
Step 5 If the dosfs mount fails after you enter the dosfs repair command, enter the dosfs format command followed by the dosfs mount command.
If you are working in the current working directory of /local, you may see the following error message:
Could not get stat information about /local.
You can enter the cd / command to avoid this error message.
|
Note Entering the dosfs check command effectively prevents system features (such as syslog or transaction logging) from writing to the disk. Disregard error messages generated by these features after entering the dosfs check command, as shown in the following example. |
Console# dosfs check /local tSyslog: Cannot write log to Disk File (/local/var/log/syslog.txt), OK
If a user password is forgotten, lost, or misconfigured, perform the following steps to reset the password.
|
Note There is no way to restore a lost password. You must reset the password to a new one, as described in this procedure. |
Step 2 Break to the bootstrap program prompt and press any key before the Content Engine completes the auto-boot sequence.
a. Enter c to change the auto-boot settings.
b. Enter flash for the boot device type.
Press any key to stop auto-boot... 7 [PRESS ANY KEY NOW before the Content Engine auto reboots] [CE500 Series]:c boot device (flash,net) [ net]: flash filename [ filename]: cache IP address [ 10.1.138.5]: IP network mask [ 255.255.255.0]: server IP address [ 172.16.63.250]: gateway IP address [ 10.1.138.1]: protocol (rcp,ftp,tftp) [ ]: username [ ]: password [ ]: flags [ 0]: 0x8000 [CE500 Series]:@
Step 3 Change the configuration flags field to 0x8000 (as shown above). Then enter @ to continue with the boot sequence.
|
Note Setting the configuration flags field to 0x8000 lets you into the system, bypassing all security. Setting the configuration flags field to 0x4000 lets you bypass the NVRAM configuration. |
Step 4 Once you see the CLI prompt, set the password for the user using the user modify username name password new-password command in the global configuration mode.
Step 5 Use the write command to save the configuration change.
By default, the Content Engine has an "admin" user with no password set. When no password is set, you can enter anything as a password.
The following sample configurations are outputs of the show running-config command and can be used as a guide for configuring the Content Engine in WCCP Version 1 and Version 2 environments. If a feature is not enabled, it does not appear in the running configuration display, though settings configured for that feature are displayed.
The following is a sample WCCP Version 1 configuration:
console# show running-config Building configuration... Current configuration: ! ! logging event-export critical-events alert kernel logging 10.7.8.9 ! user add admin uid 0 password 1 "ceSzbyeb" capability admin-access user add britt uid 5001 password 1 "bbdze9eSbS" capability telnet-access ! ! ! hostname cache1D ! interface ethernet 0 ip address 10.1.1.34 255.255.255.0 ip broadcast-address 10.1.1.255 exit ! ! interface ethernet 1 exit ! ip default-gateway 10.1.1.2 ip name-server 10.2.2.2 ip domain-name cisco.com cron file /local/etc/crontab ntp server 10.6.14.7 ! ! http proxy incoming 8080 icp server remote-client 10.4.6.8 no-fetch url-filter good-sites-allow wccp home-router 10.1.2.1 wccp version 1 ! transaction-logs destination disk transaction-logs interval 750 ! trusted-host 10.4.4.4 ! end cache1D#
The following is a sample configuration of a Content Engine in a WCCP Version 2 environment:
console# show running-config Building configuration... Current configuration: ! ! logging event-export critical-events warning user ! user add admin uid 0 password 1 "ceSzbyeb" capability admin-access user add bwhidney uid 5013 password 1 "bSzyydQbSb" capability admin-access user add name uid 5001 ! ! ! hostname console ! interface ethernet 0 ip address 172.16.0.1 255.255.255.128 ip broadcast-address 172.16.0.255 exit ! ! interface ethernet 1 exit ! ! interface ethernet 1 exit ! ip default-gateway 172.16.217.129 ip name-server 10.1.2.2 ip name-server 172.16.2.144 ip domain-name cisco.com ip route 0.0.0.0 0.0.0.0 172.16.227.222 cron file /local/etc/crontab clock timezone pst -8 0 ! bypass static 172.17.11.11 any-server bypass static any-client 172.23.23.23 http cache-cookies http max-ttl days text 4 binary 3 http cache-authenticated http proxy outgoing origin-server http proxy incoming 8082 icp client exclude google.com,cruzio.com url-filter websense server 172.18.11.22 port 3333 timeout 5 no url-filter websense allowmode wccp router-list 1 10.1.1.1 wccp router-list 2 10.1.1.2 wccp router-list 3 10.1.1.3 wccp port-list 1 8082 8080 10 200 3000 40000 wccp port-list 2 65222 65333 wccp port-list 6000 60010 60200 63000 8000 wccp web-cache router-list-num 1 wccp reverse-proxy router-list-num 3 wccp custom-web-cache router-list-num 1 port 473 hash-destination-ip wccp service-number 90 router-list-num 1 port-list-num 1 hash-destination-ip weight 20 password **** wccp home-router 10.1.1.1 wccp version 2 wccp shutdown max-wait 1 ! radius-server exclude enable authentication login tacacs enable primary authentication login local enable authentication configuration tacacs enable authentication configuration local enable ldap server host 10.1.1.5 port 88 ldap server allow-mode transaction-logs archive files 5 transaction-logs archive interval every-day at 12:00 transaction-logs enable transaction-logs export enable transaction-logs sanitize proxy-protocols transparent original-proxy proxy-protocols outgoing-proxy exclude list cisco.com proxy-protocols outgoing-proxy exclude list cruzio.com proxy-protocols outgoing-proxy exclude list 172.19.24.22 rule enable rule block dst-port 33 rule block domain ethel.com rule no-auth domain google.com rule no-cache domain fred.com https proxy outgoing host 1.1.1.1 76 https destination-port allow 111 222 333 https destination-port allow 44 33 https destination-port deny 20 21 23 119 ! exec-timeout 60 !
Posted: Fri Sep 22 18:52:11 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.