System Setup and Software Installation Guide for Cisco NCS 1004

Boot NCS 1004

The various boot options in NCS 1004 are as follows:

Boot using SSD (hard disk)
Boot using USB drive
Boot using iPXE
Boot using ZTP
Boot using Golden ISO

If there is no bootable image in all of the above boot options, reboot the system.

Boot NCS 1004

Use the console port to connect to NCS 1004. By default, the console port connects to the XR mode. If necessary, you can establish subsequent connections through the management port, after it is configured.

Procedure

Step 1

Connect a terminal to the console port of the RP.

Step 2

Start the terminal emulation program on your workstation.

The console settings are 115,200 bps, 8 data bits, 1 stop bit and no parity.

Step 3

Power on NCS 1004.

To turn on the power shelves, press the power switch up. As NCS 1004 boots up, you can view the boot process details at the console of the terminal emulation program.

Step 4

Press Enter.

The boot process is complete when the system prompts you to enter the root-system username. If the prompt does not appear, wait for a while to give NCS 1004 more time to complete the initial boot procedure; then press Enter.

Important

If the boot process fails, it may be because the preinstalled image on the NCS 1004 is corrupt. In this case, you can boot NCS 1004 using an external bootable USB drive.

Boot NCS 1004 Using USB Drive

The bootable USB drive is used to reimage NCS 1004 for system upgrade or to boot the NCS 1004 in case of boot failure. A bootable USB drive is created by copying a compressed boot file into a USB drive. The USB drive becomes bootable after the contents of the compressed file are extracted.

You can complete this task using the Windows, Linux, or MAC operating systems available on your local machine. The exact operation to be performed for each generic step that is outlined here depends on the operating system in use.

Before you begin

You need a USB drive with a storage capacity of at least 4 GB.
The USB drive should have a single partition.
NCS 1004 software image can be downloaded from Software Download page on Cisco.com.
Copy the compressed boot file from the software download page at Cisco.com to your local machine. The filename for the compressed boot file is in the format ncs1004-usb-boot-<release_number>.zip. For example, ncs1004-usb-boot-7.0.1.zip.

Procedure

Step 1

Connect the USB drive to your local machine and format it with the FAT32 file system.

Step 2

Copy the compressed boot file to the USB drive.

Step 3

Verify that the copy operation is successful. To verify, compare the file size at source and destination. Also, verify the MD5 checksum value.

Step 4

Extract the content of the compressed boot file by unzipping it in the USB drive. This makes the USB drive a bootable drive.

Note

You must extract the contents of the zipped file ("EFI" and "boot" directories) directly in the root folder of the USB drive. If the unzipping application places the extracted files in a new folder, move the "EFI" and "boot" directories to the root folder of the USB drive.

Step 5

Insert the USB drive in one of the USB ports of NCS 1004.

Step 6

Reboot NCS 1004 using power cycle or console.

Step 7

Press Esc to enter BIOS.

Step 8

Select the Save & Exit tab of BIOS.

Step 9

Choose IOS -XR Install.

The system detects USB and boots the image from USB.


Admin Console:
GNU GRUB version 2.00
Press F2 to goto grub Menu..
Booting from USB..
Loading Kernel..

Validating End Entity Certificate...

Validating SubCA Certificate...

Validating Root Certificate...
Loading initrd..

Validating End Entity Certificate...

Validating SubCA Certificate...

Validating Root Certificate...
CiscoSec: Image signature verification completed.
XR Console:
CiscoSec: Image signature verified.
[    9.957281] i8042: No controller found
Starting udev
udevd[972]: failed to execute '/etc/udev/scripts/network.sh' '/etc/udev/scripts/network.sh': No such file or directory
Populating dev cache
Running postinst /etc/rpm-postinsts/100-dnsmasq...
update-rc.d: /etc/init.d/run-postinsts exists during rc.d purge (continuing)
 Removing any system startup links for run-postinsts ...
  /etc/rcS.d/S99run-postinsts
Configuring network interfaces... done.

Step 10

Remove the USB drive. The NCS 1004 reboots automatically.


Setting maximal mount count to -1
Setting interval between checks to 0 seconds
Fri Dec 11 20:35:56 UTC 2015: Install EFI on /dev/mb_disk4
Fri Dec 11 20:35:57 UTC 2015: Install finished on mb_disk
Rebooting system after installation ...
[  116.973666] reboot: Restarting system
Version 2.17.1245. Copyright (C) 2015 American Megatrends, Inc.                 
BIOS Date: 11/29/2015 12:02:45 Ver: 0ACBZ1110                                   
Press <DEL> or <ESC> to enter setup.                                            
CiscoSec: Image signature verified.


GNU GRUB version 2.00
Press F2 to goto grub Menu..
Booting from Disk..
Loading Kernel..

Validating End Entity Certificate...

Validating SubCA Certificate...

Validating Root Certificate...
Loading initrd..

Validating End Entity Certificate...

Validating SubCA Certificate...

Validating Root Certificate...
CiscoSec: Image signature verification completed.
Initrd, addr=0xff69a000, size=0x955cb0
[    1.745686] i8042: No controller found

Boot Using iPXE

iPXE is a pre-boot execution environment that is included in the network card of the management interfaces and works at the system firmware (UEFI) level of the chassis. iPXE is used to reimage the system, and boot the chassis in case of boot failure or in the absence of a valid bootable partition. iPXE downloads the ISO image, proceeds with the installation of the image, and finally bootstraps inside the new installation.

Note

The time taken for iPXE to download the ISO image depends on the network speed. Ensure that the network speed is sufficient to complete the image download in less than 10 minutes. The chassis reloads if the image is not downloaded by 10 minutes.

iPXE acts as a bootloader and provides the flexibility to choose the image that the system will boot based on the Platform Identifier (PID), the Serial Number, or the management mac-address. You must define iPXE in the DHCP server configuration file.

Setup DHCP Server

A DHCP server must be configured for IPv4, IPv6, or both communication protocols.

Note

For DHCPv6, a routing advertisement (RA) message must be sent to all nodes in the network that indicates which method is to be used to obtain the IPv6 address. Configure Router-advertise-daemon (radvd, install using yum install radvd) to allow the client to send the DHCP request. For example:

interface eth3
{
        AdvSendAdvert on;
        MinRtrAdvInterval 60;
        MaxRtrAdvInterval 180;
        AdvManagedFlag on;
        AdvOtherConfigFlag on;
        prefix 2001:1851:c622:1::/64
        {
                AdvOnLink on;
                AdvAutonomous on;
                AdvRouterAddr off;
        };
};

To setup a DHCP server:

Create the dhcpd.conf file (for IPv4, IPv6 or both communication protocols), dhcpv6.conf file (for IPv6) or both in the /etc/ directory. This configuration file stores the network information such as the path to the script, location of the ISO install file, location of the provisioning configuration file, serial number, MAC address of the chassis.

Test the server once the DHCP server is running:

For example, for ipv4:

Use MAC address of the chassis:

host ncs1004 
{
hardware ethernet ab:cd:ef:01:23:45;
fixed-address <ip address>;
filename "http://<httpserver-address>/<path-to-image>/ncs1004-mini-x.iso";
}

Ensure that the above configuration is successful.

Use serial number of the chassis:

host demo {
option dhcp-client-identifier "<chassis-serial-number>";
  filename "http://<IP-address>/<hardware-platform>-mini-x.iso";
  fixed-address <IP-address>;
}

The serial number of the chassis is derived from the BIOS and is used as an identifier.

Example


host 10.89.205.202 {
       hardware ethernet 40:55:39:56:0c:e8;
          if exists user-class and option user-class = "iPXE" {
          filename "http://10.89.205.127/box1/ncs1004-mini-x-7.0.1.iso";
       } else {
           filename "http://10.89.205.127/box1/StartupConfig.cfg";
       }
       fixed-address 10.89.205.202;
    }

Boot Using iPXE

Before you use the iPXE boot, ensure that:

DHCP server is set and is running.
You have logged in to the System Admin console using the admin command.

Run the following command to invoke the iPXE boot process to reimage the chassis:

hw-module location all bootmedia network reload

Example:

sysadmin-vm:0_RP0# hw-module location all bootmedia network reload
Tue Feb 12 15:29:57.376 UTC
Reload hardware module ? [no,yes]

The following example shows the output of the command:

 
iPXE 1.0.0+ (3e573) -- Open Source Network Boot Firmware -- http://ipxe.org
Features: DNS HTTP TFTP VLAN EFI ISO9660 NBI Menu
Trying net0...
net0: c4:72:95:a6:14:e1 using dh8900cc on PCI01:00.1 (open)
[Link:up, TX:0 TXE:0 RX:0 RXE:0]
Configuring (net0 c4:72:95:a6:14:e1).................. Ok << Talking to DHCP/PXE server to obtain network information
net0: 10.37.1.101/255.255.0.0 gw 10.37.1.0
net0: fe80::c672:95ff:fea6:14e1/64
net0: 2001:1800:5000:1:c672:95ff:fea6:14e1/64 gw fe80::20c:29ff:fefb:b9fe
net1: fe80::c672:95ff:fea6:14e3/64 (inaccessible)
Next server: 10.37.1.235
Filename: http://10.37.1.235/ncs1004/ncs1004-mini-x.iso
http://10.37.1.235/ncs1004/ncs1004-mini-x.iso ncs1004/ncs1004-mini-x.iso... 58% << Downloading file as indicated by DHCP/PXE server to boot install image

Boot Using Zero Touch Provisioning (ZTP)

Zero Touch Provisioning (ZTP) is used to deploy minimal configurations on several chassis. You can use ZTP to boot, set up, and configure the system. Configurations such as configuring the management Ethernet interface, installing SMUs, applications, and optional packages can be automated using ZTP. ZTP does not execute if a username is already configured in the system.

ZTP auto provisioning involves:

Configuration: Downloads and executes the configuration files. The first line of the file must contain !! IOS XR for ZTP to process the file as a configuration.
Script: Downloads and executes the script files. These script files include a programmatic approach to complete a task. For example, scripts created using IOS XR commands to perform patch upgrades. The first line of the file must contain #! /bin/bash or #! /bin/sh for ZTP to process the file as script.

You can either use the ZTP bash script or the ZTP configuration file.


host ncs1004 {
  #hardware ethernet 00:a0:c9:00:00:00; 
  option dhcp-client-identifier "<chassis-serial-number>";
     filename "http://<IP-address>/<folder>/ncs1004-ztp.script";
     #filename "http://<IP-address>/<folder>/ncs1004-ztp.cfg";
  }

The following is the sample content of the ZTP bash script.


#! /bin/bash
#
# NCS1004 Demo Sample
# ZTP installation of config and day-0 SMU's
#
source ztp_helper

wget http://downloads.sourceforge.net/project/yourcode/application.tgz
#install the downloaded application.tgz

#Run XR CLI’s from the script
`xrcmd “show version”`

The following is the sample content of the ZTP configuration file. You can automate all the configurations.


!! IOS XR Configuration version = 7.0.1
!
telnet vrf default ipv4 server max-servers 20
!
vty-pool default 0 20 line-template default
!
interface MgmtEth0/RP0/CPU0/0
 ipv4 address dhcp
 no shutdown
!
router static
 address-family ipv4 unicast
  0.0.0.0/0 10.77.132.1
!
end

Boot NCS 1004 Using Golden ISO

Golden ISO is a feature that is provided to the user to build the customized ISO using mini ISO, required SMUs, and IOS XR configuration.

Before the introduction of Golden ISO feature, you must perform the following three steps, to install a new image.

Boot the system with mini ISO. You can do this task using iPXE or USB boot.
Install, add, and activate all the relevant SMUs and optional packages on to NCS 1004. NCS 1004 reloads on reload of any SMUs.
Apply IOS XR configuration.

Benefits of Golden ISO

Saves installation effort and time.
The system is available in a single command and boot.

You can build the Golden ISO using ‘gisobuild.py’script available at /pkg/bin/gisobuild.py location.

Limitations

install operation over IPv6 is not supported.

Build Golden ISO

You can use the following command to build the Golden ISO.

gisobuild.py -i./ncs1004-mini-x.iso -r ./rpm-directory -c ./xr-config -1 label

rpm-directory - Directory where SMUs (xr, calvados, and host) are copied.

xr-config - IOS XR configuration to be applied to the system after booting.

label - Label of the Golden ISO.

Note

You must copy /pkg/bin/gisobuild.py from NCS 1004 to the Linux environment and use the following command to build the Golden ISO image.


python gisobuild.py -i ./ncs1004-mini-x-7.0.1.04I.iso -r. -c startup_new.cfg -l v2
System requirements check [PASS]
Golden ISO build process starting...

Platform: ncs1004 Version: 7.0.1.04I

XR-Config file (/bh/bosshogg_images/r701/701_04I_DT_IMAGE/giso/startup_new.cfg) will be encapsulated in Golden ISO.

Scanning repository [/bh/bosshogg_images/r701/701_04I_DT_IMAGE/giso]...

Building RPM Database...
Total 1 RPM(s) present in the repository path provided in CLI

Following XR x86_64 rpm(s) will be used for building Golden ISO:

(+) ncs1004-k9sec-2.1.0.0-r70104I.x86_64.rpm

...RPM compatibility check [PASS]

Building Golden ISO...
Summary .....

XR rpms:
ncs1004-k9sec-2.1.0.0-r70104I.x86_64.rpm

XR Config file:
router.cfg

...Golden ISO creation SUCCESS.

Golden ISO Image Location: /bh/bosshogg_images/r701/701_04I_DT_IMAGE/giso/ncs1004-goldenk9-x-7.0.1.04I-v2.iso

Detail logs: /bh/bosshogg_images/r701/701_04I_DT_IMAGE/giso/Giso_build.log-2019-03-20:15:47:19.516203

Golden ISO file is created in the following format:

platform-name-golden-x.iso-version.label (does not contain security(*k9sec*.rpm) rpm)

Example: ncs1004-golden-x-7.0.1.014I-V1.iso

platform-name-goldenk9-x.iso-version.label (contains security(*k9sec*.rpm) rpm)

Example: ncs1004-goldenk9-x-7.0.1.014I-V1.iso

Verify Boot Operation

Procedure

show version

Example:

RP/0/RP0/CPU0:ios# show version
Thu Apr 30 21:57:48.371 IST 
Cisco IOS XR Software, Version 7.2.1 Copyright (c) 2013-2020 by Cisco Systems, Inc.

Build Information:
 Built By     : ahoang
 Built On     : Wed Apr 29 19:22:26 PDT 2020
 Built Host   : iox-lnx-023
 Workspace    : /auto/srcarchive14/prod/7.2.1/ncs1004/ws
 Version      : 7.2.1
 Location     : /opt/cisco/XR/packages/
 Label        : 7.2.1

cisco NCS-1004 () processor
System uptime is 5 hours 25 minutes

Compare the displayed version with the boot image version. The versions must be the same.

Boot NCS 1004 Using Golden ISO for Open ROADM

The following topics describe on how to boot NCS 1004 using golden ISO for Open ROADM:

GISO for Open ROADM
Build GISO Image for Open ROADM
Create USB File for Open ROADM
Boot NCS 1004 using USB File for Open ROADM
Verify Boot Operation for Open ROADM

GISO for Open ROADM

From Release 7.3.1 onwards, NCS 1004 supports GISO images for new Open ROADM deployments. The GISO image is bundled with the following files:

Mini ISO image
Open ROADM RPM
OTN-XP RPM
Startup configuration file

The new Open ROADM deployment mandatorily requires a startup configuration file to enable open ROADM. The start up configuration file contains the following information:

DHCP client configuration for IPv4 and IPv6 addresses
SSH sever configuration
XR Netconf configuration
Telnet configuration for IPv4 and IPv6 addresses

Build GISO Image for Open ROADM

The mini ISO file, RPM directory, and the startup configuration file should be placed in the same path.

To build the new Golden ISO for open ROADM, use the following command:

gisobuild.py -i ./ncs1004-mini-x.iso -r ./rpm-directory -c ./xr-config -l label

Example

gisobuild.py -i ./ncs1004-mini-xr-7.3.1.iso -r ./RPMS -c ./giso.startup.txt -1 V1

gisobuild.py – Python script to run the GISO image. You can download the script from the Github site.
ncs1004-mini-x.iso – Mini ISO NCS 1004 file, for example ncs1004-mini-xr-7.3.1.iso.
rpm-directory - RPM directory where the RPM files such as OPEN ROADM RPM and OTN-XP RPM files are stored.

Sample RPM files:
- OPEN ROADM RPM - ncs1004-tp-sw-1.0.0.0-r731.rpm
- OTN-XP RPM - ncs1004-sysadmin-otn-xp-dp-7.3.1-r731.rpm
xr-config - IOS XR start up configuration file, for example, giso.startup.txt. This file has Open ROADM specific configurations that are to be applied to the system after booting.
label - Label of the Golden ISO image.

Sample


python gisobuild.py -i ./ncs1004-mini-x-7.3.1.iso -r./RPMS-c giso.startup.txt -l v1
System requirements check [PASS]
Golden ISO build process starting...

Platform: ncs1004 Version: 7.3.1

XR-Config file (/bh/bosshogg_images/r731/731_image/giso/giso.startup.txt) will be encapsulated in Golden ISO.

Scanning repository [/bh/bosshogg_images/r731/731_image/giso]...

Building RPM Database...
Total 1 RPM(s) present in the repository path provided in CLI

Following XR x86_64 rpm(s) will be used for building Golden ISO:

(+) ncs1004-k9sec-2.1.0.0-r731.x86_64.rpm

...RPM compatibility check [PASS]

Building Golden ISO...
Summary .....

XR rpms:
ncs1004-k9sec-2.1.0.0-r731.x86_64.rpm

XR Config file:
giso.startup.txt

...Golden ISO creation SUCCESS.

Golden ISO Image Location: /bh/bosshogg_images/r731/731_image/giso/ncs1004-goldenk9-x-7.3.1-v1.iso

Detail logs: /bh/bosshogg_images/r731/731_image/giso/Giso_build.log-2021-03-10:15:47:19.516203

Create USB File for Open ROADM

Once the Golden ISO image is available, you need to create a bootable compressed USB file. Use this USB file to boot NCS 1004.

To create the USB file using the GISO image, use the following command:

./create_usb_zip ncs1004 ncs1004-golden-x-7.3.1-V1.iso

The bootable compressed USB file is created. You must copy the boot file from the system to the USB drive. Use the following procedure to copy the compressed USB file, extract the content, and reboot NCS 1004.

Boot NCS 1004 using USB File for Open ROADM

The bootable USB drive is used to reimage NCS 1004 for system upgrade or to boot the NCS 1004 in case of boot failure. A bootable USB drive is created by copying a compressed boot file into a USB drive. The USB drive becomes bootable after the contents of the compressed file are extracted.

You can complete this task using the Windows, Linux, or MAC operating systems available on your local machine. The exact operation to be performed for each generic step that is outlined here depends on the operating system in use.

Before you begin

You need a USB drive with a storage capacity of at least 8 GB.
The USB drive should have a single partition.
NCS 1004 software image can be downloaded from Software Download page on Cisco.com.
Copy the compressed boot file from the software download page at Cisco.com to your local machine. The filename for the compressed boot file is in the format ncs1004-usb-boot-<release_number>.zip. For example, ncs1004-usb-boot-7.1.3.zip.
Plugin the USB drive into the USB 0 port of NCS 1004.

Procedure

Step 1

Connect the USB drive to your local machine and format it with the FAT32 file system.

Step 2

Copy the compressed boot file to the USB drive.

Step 3

Verify that the copy operation is successful. To verify, compare the file size at source and destination. Also, verify the MD5 checksum value.

Step 4

Extract the content of the compressed boot file by unzipping it in the USB drive. This makes the USB drive a bootable drive.

Note

You must extract the contents of the zipped file ("EFI" and "boot" directories) directly in the root folder of the USB drive. If the unzipping application places the extracted files in a new folder, move the "EFI" and "boot" directories to the root folder of the USB drive.

Step 5

Insert the USB drive in one of the USB ports of NCS 1004.

Step 6

Reboot NCS 1004 using power cycle or console.

Step 7

Press Esc to enter BIOS.

Step 8

Select the Save & Exit tab of BIOS.

Step 9

Choose IOS -XR Install.

The system detects USB and boots the image from USB.


TAM: Chip DB Verified
CiscoSec: Image Signature Verified
GNU GRUB version 2.00
Press F2 to goto grub Menu..
Booting from USB..
Loading Kernel..
Kernel Secure Boot Validation Result: PASSED
Loading initrd….
Initrd Secure Boot Validation Result: PASSED
Starting udev…..
Running postinst /etc/rpm-postinsts/100-dnsmasq...
Sun Mar  7 19:22:30 UTC 2021: pd_download_giso
Write at Address 0x7bbe000098 (mmap addr 0x7fe08ec87000(0x98)) value 0x1 len 4 width 4 byte 
Write at Address 0x7bbe000098 (mmap addr 0x7f54fc88b000(0x98)) value 0x2 len 4 width 4 byte 
 Watchdog timer reset done, next reset needed within 10 minutes 
Golden ISO type = 1.1 and PKG_VER = 1.0
Current Boot: IOSXR-Install 
Current Boot: USB…
 * First booting, filesystem will be relabeled...
Finished Calvados patch for lxc
Starting to prepare calvados logical volume---
 Create sub partition on /dev/panini_vol_grp/calvados_lv0
 Create data sub partition on /dev/panini_vol_grp/calvados_data_lv0
 File system creation on /dev/panini_vol_grp/calvados_lv0 took 6 seconds
 Install sysadmin-vm image on /dev/panini_vol_grp/calvados_lv0
 RP based installation
 Starting Calvados patch for lxc for sysadmin-vm
 Uninstalling rpm task-nxos-core
 Uninstalling rpm gdb
 Uninstalling rpm smartmontools
NCS1004: Complete Patch Calvados
Enable selinux to relabel filesystem from initramfs
Checking SELinux security contexts: 
 * First booting, filesystem will be relabeled...
 Finished Calvados patch for lxc
 Installing sysadmin-vm image size of 1.9G took 53 seconds
---Starting to prepare repository---
 File system creation on /dev/cpu_disk2 took 3 seconds
 Check for unwanted iso and remove if required.
 Copying /iso/host.iso to repository /iso directory
 Copying /iso/ncs1004-sysadmin.iso to repository /iso directory
 Copy Sysadmin rpms to repository
 Copy XR rpms to repository
 Copy giso_info.txt to repository
 Copying /iso/ncs1004-xr.iso to repository /iso directory
 Copying all ISOs to repository took 12 seconds
 Install EFI on /dev/cpu_disk4
pd_notify_img_install_done
Checking disk error for: sdb
 Chassis disk smartctl -a output 
 Chassis disk smartctl output done
 Disk model: Micron_5100_MTFDDAV240TCB
 No failures found in dmesg
 Checking Chassis disk mount failures.
 No mount failures found in Chassis disk /dev/sdb2
 No mount failures found in Chassis disk /dev/BHDisasterRecovery/golden_image
 Chassis disk partitions exist
 Install finished on cpu_disk

Step 10

Remove the USB drive. The NCS 1004 reboots automatically.


Rebooting system after installation ...
[201.715171] reboot: Restarting system
ERROR: Class:0; Subclass:10000; Operation: 1004
NCS1004: Initilizing Devices
Version 2.19.1266. Copyright (C) 2020 American Megatrends, Inc. 
BIOS Date: 10/23/2020 09:03:42 Ver: 0ACHI470 
Press <DEL> or <ESC> to enter setup 
TAM: Chip DB  
CiscoSec: Image Signature Verified 
GNU GRUB version 2.00 
Press F2 to goto grub Menu.. 
Booting from Disk.. 
Loading Kernel.. 
Kernel Secure Boot Validation Result: PASSED 
Loading initrd.. 
Initrd Secure Boot Validation Result: PASSED
[3.836637] i8042: No controller found  
Enable selinux to relabel filesystem from initramfs                                                                                                                                                                                          
Load IMA appraise policy: OK                                                                                                                                                                                                                 
Switching to new root and running init.                                                                                                                                                                                                      
Sourcing /etc/sysconfig/udev                                                                                                                                                                                                                 
Starting udev: [  OK  ]                                                                                                                                                                                                                      
Starting udev                                                                                                                                                                                                                                
Running postinst /etc/rpm-postinsts/100-dnsmasq...                                                                                                                                                                                           
update-rc.d: /etc/init.d/run-postinsts exists during rc.d purge (continuing)                                                                                                                                                                 
 Removing any system startup links for run-postinsts 
  /etc/rcS.d/S99run-postinsts
Configuring network interfaces... done.
Starting system message bus: dbus.
Starting OpenBSD Secure Shell server: sshd
  generating ssh RSA key...
  generating ssh ECDSA key...
  generating ssh DSA key...
  generating ssh ED25519 key...
sshd start/running, process 3559
Starting rpcbind daemon...done.
Starting kdump:[  OK  ]
Starting random number generator daemon.
Starting system log daemon...0
Starting kernel log daemon...0
tftpd-hpa disabled in /etc/default/tftpd-hpa
Starting internet superserver: xinetd.
Starting S.M.A.R.T. daemon: smartd.
Starting Lighttpd Web Server: lighttpd.
Starting libvirtd daemon: [  OK  ]
Starting crond: OK
Starting cgroup-init
Network ieobc_br defined from /etc/init/ieobc_br_network.xml
Network local_br defined from /etc/init/local_br_network.xml
Network xr_local_br defined from /etc/init/xr_local_br_network.xml
Network ieobc_br started
Network local_br started
Network xr_local_br started
mcelog start/running, process 4647
diskmon start/running, process 4653
Creating default host password file
Start serial incoming on , Clearing ..
initctl: Unknown instance: /dev/ttyS0
Connecting to 'default-sdr--1' console
bootlogd: ioctl(/dev/pts/2, TIOCCONS): Device or resource busy
Running postinst /etc/rpm-postinsts/100-dnsmasq...
update-rc.d: /etc/init.d/run-postinsts exists during rc.d purge (continuing)
Removing any system startup links for run-postinsts ...
  /etc/rcS.d/S99run-postinsts
Configuring network interfaces... done.
Starting system message bus: dbus.
Starting OpenBSD Secure Shell server: sshd
  generating ssh RSA key...
  generating ssh ECDSA key...
  generating ssh DSA key...
  generating ssh ED25519 key...
sshd start/running, process 2197
Starting rpcbind daemon...done.
Starting random number generator daemon.
Starting system log daemon...0
Starting kernel log daemon...0
tftpd-hpa disabled in /etc/default/tftpd-hpa
Starting internet superserver: xinetd.
net.ipv4.ip_forward = 1
Libvirt not initialized for container instance
Starting crond: OK
SIOCADDRT: File exists
Start serial incoming on , Clearing ..
ios con0/RP0/CPU0 is now available
Press RETURN to get started.
This product contains cryptographic features and is subject to United 
States and local country laws governing import, export, transfer and 
use. Delivery of Cisco cryptographic products does not imply third-party 
authority to import, export, distribute or use encryption. Importers, 
exporters, distributors and users are responsible for compliance with 
U.S. and local country laws. By using this product you agree to comply 
with applicable laws and regulations. If you are unable to comply with 
U.S. and local laws, return this product immediately. 

A summary of U.S. laws governing Cisco cryptographic products may be 
found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to 
export@cisco.com.

Verify Boot Operation for Open ROADM

Procedure

show version

Example:


RP/0/RP0/CPU0:ios#show version
Sun Mar  7 19:31:38.139 UTC
Cisco IOS XR Software, Version 7.3.1
Copyright (c) 2013-2021 by Cisco Systems, Inc.

Build Information:
Built By     : ingunawa
Built On     : Thu Feb 25 19:10:10 PST 2021
Built Host   : iox-lnx-070
Workspace    : /auto/srcarchive17/prod/7.3.1/ncs1004/ws
Version      : 7.3.1
Location     : /opt/cisco/XR/packages/
Label        : 7.3.1-0

cisco NCS-1004 () processor
System uptime is 1 minute

Compare the displayed version with the boot image version. The versions must be the same.

Bring-Up Line Card

Procedure

Step 1	Insert the line card into slot.
Step 2	Wait until the LED on the line card turns Green.
Step 3	Configure OTN-XP card with LC MODE. See LC Mode on OTN-XP Card.
Step 4	Upgrade the FPDs of the line card depending on the output of show hw-module location 0/line-card-slot fpd command.

Disaster Recovery

When you replace the CPU or NCS 1004 chassis, the Disaster Recovery feature allows you to restore the node configuration with minimum downtime. The feature works without console access. Before replacing CPU, use the graceful-recovery backup initiate command to back up the XR configuration. The node will also back up the running XR configuration after 20 mins. After reboot, the node backs up the XR configuration immediately.

CPU Replacement

You must consider the following points for CPU replacement.

The node runs in headless mode.
You can insert the CPU with SSD and the node starts to boot the OS from CPU SSD.
The version of the images in CPU or chassis SSD are compared.
If the version is different, configuration is taken from chassis SSD as the chassis golden image has priority.
If the version is same, the node boots up. This version comparison happens upon each reboot including power cycle.
The configuration is always taken from the chassis. If the chassis SSD is not functional, the node boots with only the CPU.

Chassis Replacement

You must consider the following points for chassis replacement.

Chassis replacement involves minimum downtime.
When the chassis is obtained, you can connect the CPU and boot. After receiving the empty chassis through RMA, you can insert the CPU and same configuration is restored.
CPU swap from other units is also supported; however, the chassis image and configuration will be replaced in the CPU.

Health Check for Proper Backup ISO Image

Table 1. Feature History
Feature Name	Release Information	Feature Description
Health Check for Proper Backup ISO Image	Cisco IOS XR Release 7.5.2	This feature primitively validates the backup ISO image to be used during Disaster Recovery. The validation happens before copying the image to the CPU disk and motherboard disks, and thereafter the copied image is audited every 12 hours. Image corruption triggers the Disaster recovery is disabled due to corrupted ISO alarm. This Health Check feature ensures error-free booting of NCS 1004 chassis during disaster recovery operations.

Note

To clear "Clear the DISASTER-RECOVERY-DISABLED Alarm", log in to the Technical Support Website at http://www.cisco.com/c/en/us/support/index.html for more information or call Cisco TAC (1 800 553-2447).

Note

Verify that there is no Disaster recovery is disabled due to corrupted ISO alarm using the show alarms command before sending the CPU for RMA.

Access the System Admin Console

All the system administration and hardware management setups are performed from the System Admin console.

Procedure

Step 1

Login to the XR console as the root user.

Step 2

Type Ctrl + O to access the console logs.

Example:

RP/0/RP0/CPU0:ios# Ctrl + O


RP/0/RP0/CPU0:ios#
Disconnecting from 'default-sdr--1' console. Continue(Y/N)?


Y
Connecting to 'sysadmin' console

System Admin Username: root
Password:
root connected from 127.0.0.1 using console on sysadmin-vm:0_RP0
sysadmin-vm:0_RP0#

After you enter the System Admin console, the prompt changes to:

sysadmin-vm:0_RP0#

Configure Management Interface

To use the management interface for system management and remote communication, you must configure an IP address and subnet mask for the management Ethernet interface. To communicate with devices on other networks (such as remote management stations or TFTP servers), you must configure a default (static) route for NCS 1004.

Before you begin

Consult your network administrator or system planner to procure IP addresses and a subnet mask for the management port.
Ensure that the management port is connected to the management network.

Procedure

Step 1	configure Example: `RP/0/RP0/CPU0:ios# configure` Enters XR configuration mode.
Step 2	interface mgmtEth `rack/slot/instance/port` Example: `RP/0/RP0/CPU0:ios(config)# interface mgmtEth 0/RP0/CPU0/0` Enters interface configuration mode for the management interface.
Step 3	ipv4 address `ipv4-address` `subnet-mask` Example: `RP/0/RP0/CPU0:ios(config-if)# ipv4 address 10.1.1.1 255.0.0.0` Assigns an IP address and a subnet mask to the interface.
Step 4	no shutdown Example: `RP/0/RP0/CPU0:ios(config-if)# no shutdown` Places the interface in an "up" state.
Step 5	exit Example: `RP/0/RP0/CPU0:ios(config-if)# exit` Exits the management interface configuration mode.
Step 6	router static address-family ipv4 unicast `0.0.0.0/0default-gateway` Example: `RP/0/RP0/CPU0:ios(config)# router static address-family ipv4 unicast 0.0.0.0/0 192.0.2.1` Specifies the IP address of the default gateway to configure a static route. This IP address must be used for communication with devices on other networks.
Step 7	Use the commit or end command. commit-Saves the configuration changes and remains within the configuration session. end-Prompts user to take one of these actions: Yes-Saves configuration changes and exits the configuration session. No-Exits the configuration session without committing the configuration changes. Cancel-Remains in the configuration session without committing the configuration changes.

What to do next

Configure Telnet and Configure SSH.

Configure Telnet

This procedure allows you to establish a telnet session to the management interface port using its IP address.

Procedure

Step 1

configure

Example:

RP/0/RP0/CPU0:ios# configure

Enters the configuration mode.

Step 2

telnet {ipv4 | ipv6} server max-servers limit

Example:

RP/0/RP0/CPU0:ios(config)# telnet ipv4 server max-servers 10

Specifies the number of allowable telnet servers (up to 100). By default, no telnet servers are allowed. You must configure this command to enable the use of telnet servers.

Step 3

Use the commit or end command.

commit-Saves the configuration changes and remains within the configuration session.

end-Prompts user to take one of these actions:

Yes-Saves configuration changes and exits the configuration session.
No-Exits the configuration session without committing the configuration changes.
Cancel-Remains in the configuration session without committing the configuration changes.

What to do next

Configure SSH

This procedure allows you to establish an SSH connection to the management interface port using its IP address.

Before you begin

Install the ncs1004-k9sec package on NCS 1004. For details about package installation, see Install Packages.
Generate the crypto key for SSH using the crypto key generate dsa command.

Procedure

Step 1	configure Example: `RP/0/RP0/CPU0:ios# configure` Enters the configuration mode.
Step 2	ssh server v2 Example: `RP/0/RP0/CPU0:ios(config)# ssh server v2` Enables the SSH server to accept only SSHv2 client connections.
Step 3	Use the commit or end command. commit-Saves the configuration changes and remains within the configuration session. end-Prompts the user to take one of these actions: Yes-Saves configuration changes and exits the configuration session. No-Exits the configuration session without committing the configuration changes. Cancel-Remains in the configuration session without committing the configuration changes.
Step 4	show ssh session details Example: `RP/0/RP0/CPU0:ios# show ssh session details` Displays a detailed report of the SSHv2 connections to and from NCS 1004. `Tue Feb 12 16:03:51.455 UTC SSH version : Cisco-2.0 id key-exchange pubkey incipher outcipher inmac outmac ---------------------------------------------------------------------------------------------------- Incoming Sessions 1 ecdh-sha2-nistp256 ecdsa-sha2-nistp256 aes128-ctr aes128-ctr hmac-sha2-256 hmac-sha2-256 Outgoing sessions`

What to do next

Perform Clock Synchronization with NTP Server

There are independent system clocks for the XR and the System Admin. To ensure that these clocks do not deviate from true time, they must be synchronized with the clock of an NTP server. In this task, you will configure an NTP server for the XR. After the XR clock is synchronized, the System Admin clock automatically synchronizes with the XR clock.

Before you begin

Configure and connect to the management port.

Procedure

Step 1

configure

Example:

RP/0/RP0/CPU0:ios# configure

Enters XR configuration mode.

Step 2

ntp server server_address

Example:

RP/0/RP0/CPU0:ios# ntp server 192.0.2.55

The XR clock is configured to be synchronized with the specified server.

Bias-Free Language

Results

Chapter: Bring-up Cisco NCS 1004

Bring-up Cisco NCS 1004

Boot NCS 1004

Boot NCS 1004

Procedure

Boot NCS 1004 Using USB Drive

Before you begin

Procedure

Boot Using iPXE

Setup DHCP Server

Boot Using iPXE

Boot Using Zero Touch Provisioning (ZTP)

Boot NCS 1004 Using Golden ISO

Verify Boot Operation

Procedure

Example:

Boot NCS 1004 Using Golden ISO for Open ROADM

GISO for Open ROADM

Build GISO Image for Open ROADM

Create USB File for Open ROADM

Boot NCS 1004 using USB File for Open ROADM

Before you begin

Procedure

Verify Boot Operation for Open ROADM

Procedure

Example:

Bring-Up Line Card

Procedure

Disaster Recovery

CPU Replacement

Chassis Replacement

Health Check for Proper Backup ISO Image

Access the System Admin Console

Procedure

Example:

Configure Management Interface

Before you begin

Procedure

Example:

Example:

Example:

Example:

Example:

Example:

What to do next

Configure Telnet

Procedure

Example:

Example:

What to do next

Configure SSH

Before you begin

Procedure

Example:

Example:

Example:

What to do next

Perform Clock Synchronization with NTP Server

Before you begin

Procedure

Example:

Example:

Was this Document Helpful?

Contact Cisco