[c-nsp] Cisco 7200 router with AAA problem and nvram corruption

root net rootnet08 at gmail.com
Sat Oct 8 14:23:02 EDT 2011 

I definitely have a back up of the configuration. Whew! But I was just
confused as to why the circuits came up considering the NVRAM corruption.
Miracle of course.
Thanks for your help and information.

rootnet

On Sat, Oct 8, 2011 at 12:47 PM, Jay Hennigan <jay at west.net> wrote:

> On 10/8/11 8:51 AM, root net wrote:
> > Hello,
> >
> > Just want to confirm what should be done. I have a router that resulted
> in a
> > bad NPE 225. Had a spare NPE 225 but it wouldn't work for some strange
> > reason. So had an old NPE 150 laying around so inserted. When the router
> > came backup noticed that a message flashed nvram corrupt on console. All
> > circuits came up lovely but now I can't access the router to possibly
> move
> > circuits to different router.
>
> The NVRAM is actually a battery-backed SRAM.  Some are like the early
> Sun boxes with a Dallas/Mostek chip.  It looks like a tall DIP chip.
> Others are SRAM and a coin battery.  This also can keep the time-of-day
> clock going when the box is powered down.  They are supposed to last 10
> years but your mileage may vary.  I suspect this will be happening more
> and more as the boxes age.
>
> The NVRAM holds the configuration as well as a few other variables such
> as if-index persistence, some environmental data, etc.
>
> The NVRAM isn't on the NPE unless you're using a NPE-G1 or NPE-G2.  It's
> on the I/O module on all others.
>
> Its battery is likely dead and hence it has lost its checksum.  I seem
> to recall a means from monitor mode to clear/reset it but it's one of
> those obscure commands and I'm unable to locate it right now via search.
>  Not the kind of thing you want to do other than in a situation like the
> one you're in.  You may be able to just go into password recovery and
> then write the configuration in order to restore it.
>
> I'm surprised that all circuits came up lovely, as the corrupt NVRAM is
> where the configuration is saved.  I wouldn't count on it remembering
> its configuration again.  RANCID is your friend....
>
> > I have the router configured with AAA for local and no backup
> > authentication. (Silly)
> >
> > What should be the steps I take to recover access to router so I can
> setup
> > AAA for local and backup auth?
>
> Replace the I/O module or the NVRAM if you want to try -- see below.
> Copy your configuration from backup (you do have a backup?), and you're
> good.
>
> You'll have this problem every time the power is removed from the box
> until you replace the battery.  The Mostek chips are still available as
> are the coin batteries.  If you've got the soldered-in battery on little
> legs, it can be replaced but it's tricky.  Best to make friends with
> someone who does PCB rework if you're not skilled at soldering, or just
> get a replacement I/O module with a fairly recent date code so you don't
> get bit again for a while.
>
> --
> Jay Hennigan - CCIE #7880 - Network Engineering - jay at impulse.net
> Impulse Internet Service  -  http://www.impulse.net/
> Your local telephone and internet company - 805 884-6323 - WB6RDV
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list