Enterasys Securestack C3

From FnordWiki
Jump to navigation Jump to search

One of the Force10_S50s failed (flapping all its links uncontrollably), so an Enterasys Securestack C3G124-48P has been acquired from eBay.

Quick specs:

  • 48 1000baseT ports
  • 4 SFP ports that can assume the roles of 1000baseT ports 45-48
  • 2 proprietary stacking ports in the back
  • DB-9 (DE-9, actually) serial console port on the front wired as DTE. Use a standard null modem cable to talk to this.

This switch is Broadcom based.

Wiping the existing config

Attach a console cable, run terminal program, set port to 9600-8n1, no carrier detect, no flow control. Power on the switch and let it boot completely. Follow the process as documented at https://community.extremenetworks.com/extreme/topics/password_recovery_for_the_securestack_series-1jwf24 to reset the switch's passwords:

While the switch is operational, press and hold the Reset button for five seconds, then release.
A "Password Reset button has been pressed" message will display on the cli console and in the current.log (5487).
The admin, rw, and ro login passwords will be reset to <enter>; and with C2 f/w 3.01.45 and higher, the boot menu password will be reset to the default value of "administrator" (5551).

From here, log in to the console as the rw user. Its password is now blank. Issuing the clear config command will do the expected (wipe the saved configuration) and reboot the switch. The reset button is small and unlabeled, located on the back of the chassis, to the right of one of the stacking connectors.

Basic setup

Configuration of these switches is somewhat different than the Cisco IOS influenced setup of most other managed switches on the market. Changes are made through a series of set commands. Look for a manual called the "SecureStack C3 Stackable Switches Configuration Guide" with Google for information. We'll highlight changes made in this wiki page. Command line tab completion and "?" inline help work as in most other switches.

Assign an IP address to the switch

I like to put my switches' management IPs at the top of the range for each of the subnets they are on. 172.16.0.0/24 is the main inside subnet here. So log in to the switch as rw or similar and give it an IP like so: 

C3(rw)->set ip address 172.16.0.254 mask 255.255.255.0
C3(rw)->

Checking its IP address is similar: 

C3(rw)->show ip address
Name            Address               Mask
------------    -------------         -----------------
host            172.16.0.254          255.255.255.0
C3(rw)->

Or set it to be a DHCP client

C3(rw)->set ip protocol dhcp
Changing protocol mode will reset ip configuration.
Are you sure you want to continue? (y/n)y

C3(rw)->save config
Saving Configuration to stacking members
C3(rw)->

Naturally, the DHCP server's config needs some updates to include this device.

IPv6, anyone?

C3(rw)->set ipv6 enable
C3(rw)->show ipv6 address
Name    IPv6 Address                             
-----   ---------------------------------------- 
host    FE80::21F:45FF:FE85:1738/64

C3(rw)->

Pinging that from a host system works as expected: 

adj@stuff-puter:~$ ping6 -c 3 fe80::21f:45ff:fe85:1738%eth0
PING fe80::21f:45ff:fe85:1738%eth0(fe80::21f:45ff:fe85:1738) 56 data bytes
64 bytes from fe80::21f:45ff:fe85:1738: icmp_seq=1 ttl=64 time=0.906 ms
64 bytes from fe80::21f:45ff:fe85:1738: icmp_seq=2 ttl=64 time=1.08 ms
64 bytes from fe80::21f:45ff:fe85:1738: icmp_seq=3 ttl=64 time=0.735 ms

--- fe80::21f:45ff:fe85:1738%eth0 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.735/0.908/1.083/0.142 ms
adj@stuff-puter:~$

Turn on ye olde SSH server

RS-232 is so 1960s... 

C3(rw)->set ssh enabled
SSH hostkey generation initiated. Process should complete in 60 seconds.
C3(rw)->


configuration backup

Now that the switch has an IP address, let's make a copy of its configuration.

Retrieved from "https://wiki.fnord.greeley.co.us/mediawiki/index.php?title=Enterasys_Securestack_C3&oldid=750"