[c-nsp] Catalyst 2970 and third-party SFPs
Tony Farinholt
tony at directlink.net
Tue Dec 28 12:57:03 EST 2004
>Well, these SFPs we have here (that are supposed to work - but, no 2970TS
>switches arrived, yet) have only the Finisar label on it. No Cisco
>labels.
>
>I am going to have further information as soon as the switches arrive.
>
>Sascha
Yes Sascha, let us know how it goes. Cisco's documentation says they use a unique
SN and 'security code' and CRC in each device. My research shows a unique Serial Number in
the A0 page (memory pages are defined in the SFP MSA specification.) of the SFP
flash mem. There is a 16-byte (128-bit) code at the beginning of the A2 page that appears
to the be the 'security code'. This is probably a MD5 (or...?) hash using the contents of the
A0 page (including SN) and a cisco key. There is also a standard CRC-32 done across the entire
memory space and stored in the highest 4-bytes in the flash. The security code and CRC
are re-calculated and compared with the SFP values by IOS when the SFP is installed and,
of course must be correct. In addition, the SN (and, therefore security code) must be unique
among the SFPs installed in a single switch/router.
As I mentioned in my earlier email, be careful of these OEM parts as they may be simple
copies of real cisco devices and you could easily end up with two parts in the same switch
with identical Flash contents which puts you back in errdisable trouble.
-tony
More information about the cisco-nsp
mailing list