[c-nsp] SXI(3) code status?

andrew thehink at gmail.com
Wed Nov 18 05:29:06 EST 2009 

Breaks as in after forcing a sup switchover while on console
subsequent SSH connections are refused, as it seems the private key is
missing/unreadable.


This is logged:

Nov 18 10:16:08.211: SSH2 0: RSA_sign: private key not found
Nov 18 10:16:08.211: SSH2 0: signature creation failed, status -1


Clearing RSA keys and re-generating did not help.

Clear RSA keys, *reboot box*, and re-generate did fix.





On Wed, Nov 18, 2009 at 2:00 AM, Chris Phillips
<cphillips at wbsconnect.com> wrote:
> Define breaks.  Breaks as in your ssh connection drops and you have to login
> again, or breaks as in your ssh connection drops and the ssh service doesn't
> restart?
>
> andrew wrote:
>>
>> Here is some BAD on SXI3 ...
>>
>> with redundant supervisor, SSH breaks upon supervisor switchover.
>>
>> -andrew
>>
>> On Tue, Nov 17, 2009 at 11:34 AM, Jeff Fitzwater <jfitz at princeton.edu>
>> wrote:
>>>
>>> The 6324 100 MM is supported but did not come online in SXI 1, 2 , 2A. It
>>> did however work in SXI, which we are running now.
>>>
>>> The other flavors are not supported.
>>>
>>> Jeff
>>>
>>> On Nov 17, 2009, at 12:12 PM, Jared Mauch wrote:
>>>
>>>> Release 12.2(33)SXH and later releases do not support the following
>>>> hardware:
>>>>
>>>> These Ethernet Switching Modules:
>>>>
>>>> –WS-X6024-10FL-MT 24-port 10BASE-FL MT-RJ
>>>>
>>>> –WS-X6248A-TEL 48-port 10/100TX RJ-21
>>>>
>>>> –WS-X6248-RJ-45 48-port 10/100TX RJ-45
>>>>
>>>> –WS-X6248-TEL 48-port 10/100TX RJ-21
>>>>
>>>> –WS-X6324-100FX-SM 24-port 100FX Ethernet
>>>>
>>>> –WS-X6224-100FX-MT 24-port 100FX Ethernet Multimode MT-RJ
>>>>
>>>> –WS-X6316-GE-TX 16-port Gigabit Ethernet RJ-45
>>>>
>>>> –WS-X6416-GE-MT 16-Port Gigabit Ethernet MT-RJ
>>>>
>>>>      Now, the caveat is that they did not actually remove the hardware
>>>> support for some of these until SXI1, so while the release notes say one
>>>> thing, the actual support varies.
>>>>
>>>> You will see something like this in 'show power':
>>>> 4    WS-X6248A-TEL       112.98  2.69     -     -     on    off (not
>>>> supported)
>>>> 8    WS-X6248-RJ-45      112.98  2.69     -     -     on    off (not
>>>> supported)
>>>>
>>>> It does appear the WS-X6324-100FX-MM card does power on for SXI3, but I
>>>> can't recall if that was the case for SXI2/2a/or 1.
>>>>
>>>>      - Jared
>>>>
>>>> On Nov 17, 2009, at 12:05 PM, Chris Phillips wrote:
>>>>
>>>>> Jared,
>>>>>
>>>>> After quickly glancing at the release notes, I was unable to find
>>>>> anything about the removal of hardware support for the 63xx series cards.
>>>>>  Do you have a URL or can you be more specific?
>>>>>
>>>>> Thanks in advance!
>>>>>
>>>>> Jared Mauch wrote:
>>>>>>
>>>>>> SXI3 has a number of bug fixes for our network, including one that
>>>>>> would cause the next-hop to be populated as 'drop' in hardware.
>>>>>> I strongly recommend using it over prior versions of SXI.
>>>>>> Due to the removal of hardware support we replaced the older 63xx/62xx
>>>>>> series cards.
>>>>>> - Jared
>>>>>> On Nov 17, 2009, at 10:22 AM, Rubens Kuhl wrote:
>>>>>>>
>>>>>>> SXI2a running fine with MPLS, QoS, SVIs (no BFD on those... :-(),
>>>>>>> OSPF, BGP. PFC3C-only, no WAN cards/modules, no DFC.
>>>>>>>
>>>>>>>
>>>>>>> Rubens
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Tue, Nov 17, 2009 at 12:51 PM, Jeff Fitzwater
>>>>>>> <jfitz at princeton.edu> wrote:
>>>>>>>>
>>>>>>>> I have been running the SXI(3) on a test router with 100M MM 6324,
>>>>>>>> which it did not recognize in previous versions, and so far no complaints
>>>>>>>> but then again it's not in a real world yet.
>>>>>>>>
>>>>>>>>
>>>>>>>> Does anyone else have  GOOD or BAD new on SXI(3)?
>>>>>>>>
>>>>>>>>
>>>>>>>> Jeff Fitzwater
>>>>>>>> OIT Network Systems
>>>>>>>> Princeton University
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>>>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>>>>
>>>>>> _______________________________________________
>>>>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>>
>>>> _______________________________________________
>>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>
>>> _______________________________________________
>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>
>>
>>
>>
>
> --
> Chris Phillips
> Director of Network Engineering & Peering Coordinator
> WBS Connect
> cphillips at wbsconnect.com
> (866) WBS-CONX
> (720) 259-8361 - direct
> (303) 968-4383 - mobile
> www.wbsconnect.com
>



-- 
-andrew

More information about the cisco-nsp mailing list