530 | | IG-CT-6 |
| 530 | == IG-CT-6 - Administrative Tests == |
| 531 | |
| 532 | Sent request for administrative account to site contact from the [http://groups.geni.net/geni/wiki/GeniAggregate/UVMInstaGENI UVM InstaGENI] aggregate page. Followed instructions at the [http://groups.geni.net/geni/wiki/GENIRacksAdministration/InstaGENIAdministration InstaGENI Administration] page for account request. A local administrator account was requested by joining the ''emulab-ops'' group at https://www.instageni.uvm.edu/joinproject.php3. Once the administrative account was approved and the membership to emulab-ops was granted, proceeded to execute administrative tests. |
| 533 | |
| 534 | {{{ |
| 535 | LNM:~$ ssh control.instageni.uvm.edu |
| 536 | The authenticity of host 'control.instageni.uvm.edu (132.198.183.131)' can't be established. |
| 537 | ECDSA key fingerprint is SHA256:tIAzGjrGVBkK+r18zkXvG96WTkIFn9p1vIhV25uGiYk. |
| 538 | Are you sure you want to continue connecting (yes/no)? yes |
| 539 | Warning: Permanently added 'control.instageni.uvm.edu,132.198.183.131' (ECDSA) to the list of known hosts. |
| 540 | |
| 541 | Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.13.0-116-generic x86_64) |
| 542 | |
| 543 | * Documentation: https://help.ubuntu.com/ |
| 544 | |
| 545 | System information as of Tue May 16 18:27:52 UTC 2017 |
| 546 | |
| 547 | System load: 0.0 IP address for xenbr0: 132.198.183.131 |
| 548 | Usage of /: 25.2% of 5.65GB IP address for xenbr1: 10.1.1.254 |
| 549 | Memory usage: 1% IP address for xenbr2: 10.2.1.254 |
| 550 | Swap usage: 0% IP address for xenbr3: 10.3.1.254 |
| 551 | Processes: 413 IP address for tun0: 10.8.0.1 |
| 552 | Users logged in: 1 |
| 553 | |
| 554 | Graph this data and manage this system at: |
| 555 | https://landscape.canonical.com/ |
| 556 | New release '16.04.2 LTS' available. |
| 557 | Run 'do-release-upgrade' to upgrade to it. |
| 558 | |
| 559 | |
| 560 | The programs included with the Ubuntu system are free software; |
| 561 | the exact distribution terms for each program are described in the |
| 562 | individual files in /usr/share/doc/*/copyright. |
| 563 | |
| 564 | Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by |
| 565 | applicable law. |
| 566 | |
| 567 | To run a command as administrator (user "root"), use "sudo <command>". |
| 568 | See "man sudo_root" for details. |
| 569 | |
| 570 | |
| 571 | lnevers@uvm:~$ |
| 572 | lnevers@uvm:~$ sudo whoami |
| 573 | root |
| 574 | lnevers@uvm:~$ cat /etc/issue; uname -a |
| 575 | Ubuntu 14.04.5 LTS \n \l |
| 576 | |
| 577 | Linux uvm.control-nodes.geniracks.net 3.13.0-116-generic #163-Ubuntu SMP Fri Mar 31 14:13:22 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux |
| 578 | lnevers@uvm:~$ |
| 579 | }}} |
| 580 | |
| 581 | Also access the boss node: |
| 582 | {{{ |
| 583 | LNM:~$ ssh boss.instageni.uvm.edu |
| 584 | FreeBSD 10.2-RELEASE-p22 (TESTBED-GENERIC-IB) #0: Fri Sep 30 11:18:46 MDT 2016 |
| 585 | |
| 586 | Welcome to FreeBSD! |
| 587 | |
| 588 | nc(1) (or netcat) is useful not only for redirecting input/output to |
| 589 | TCP or UDP connections, but also for proxying them with inetd(8). |
| 590 | lnevers@boss:~ % sudo whoami |
| 591 | root |
| 592 | lnevers@boss:~ % uname -a |
| 593 | FreeBSD boss.instageni.uvm.edu 10.2-RELEASE-p22 FreeBSD 10.2-RELEASE-p22 #0: Fri Sep 30 11:18:46 MDT 2016 root@node.freebsd102-64.emulab-ops.emulab.net:/usr/obj/usr/src/sys/TESTBED-GENERIC-IB amd64 |
| 594 | lnevers@boss:~ % |
| 595 | }}} |
| 596 | |
| 597 | From boss node accessed each of the experiment nodes that support VMs: |
| 598 | {{{ |
| 599 | [lnevers@boss ~]$ for i in pc1 pc2 pc3; do ssh $i "echo -n '===> Host: ';hostname;sudo whoami;uname -a;echo"; done |
| 600 | Warning: Permanently added 'pc1.instageni.uvm.edu' (RSA) to the list of known hosts. |
| 601 | ===> Host: vhost1.shared-nodes.emulab-ops.instageni.uvm.edu |
| 602 | root |
| 603 | Linux vhost1.shared-nodes.emulab-ops.instageni.uvm.edu 4.4.0-45-generic #66-Ubuntu SMP Wed Oct 19 14:12:37 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux |
| 604 | |
| 605 | Warning: Permanently added 'pc2.instageni.uvm.edu' (RSA) to the list of known hosts. |
| 606 | ===> Host: vhost2.shared-nodes.emulab-ops.instageni.uvm.edu |
| 607 | root |
| 608 | Linux vhost2.shared-nodes.emulab-ops.instageni.uvm.edu 4.4.0-45-generic #66-Ubuntu SMP Wed Oct 19 14:12:37 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux |
| 609 | |
| 610 | Warning: Permanently added 'pc3.instageni.uvm.edu' (RSA) to the list of known hosts. |
| 611 | ===> Host: vhost3.shared-nodes.emulab-ops.instageni.uvm.edu |
| 612 | root |
| 613 | Linux vhost3.shared-nodes.emulab-ops.instageni.uvm.edu 4.4.0-45-generic #66-Ubuntu SMP Wed Oct 19 14:12:37 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux |
| 614 | |
| 615 | [lnevers@boss ~]$ |
| 616 | |
| 617 | }}} |
| 618 | |
| 619 | In order to access Dedicated Nodes some experiment must be running on the raw-pc device. At the time of this capture two raw-pc nodes were in use (pc4 and pc5): |
| 620 | {{{ |
| 621 | [lnevers@boss ~]$ for i in pc4 pc5 ; do sudo ssh $i "echo -n '===> Host: ';hostname;whoami;uname -a;echo"; done |
| 622 | }}} |
| 623 | |
| 624 | Further verified access by ssh from ops.instageni.gpolab.bbn.com to boss.instageni.gpolab.bbn.com, which is usually restricted for non-admin users: |
| 625 | {{{ |
| 626 | LNM:~$ ssh ops.instageni.uvm.edu |
| 627 | |
| 628 | Last login: Tue May 16 15:44:20 2017 from 128.89.253.131 |
| 629 | FreeBSD 10.2-RELEASE-p22 (TESTBED-GENERIC-IB) #0: Fri Sep 30 11:18:46 MDT 2016 |
| 630 | |
| 631 | Welcome to FreeBSD! |
| 632 | |
| 633 | Time to change your password? Type "passwd" and follow the prompts. |
| 634 | -- Dru <genesis@istar.ca> |
| 635 | lnevers@ops:~ % sudo whoami |
| 636 | root |
| 637 | lnevers@ops:~ % uname -a |
| 638 | FreeBSD ops.instageni.uvm.edu 10.2-RELEASE-p22 FreeBSD 10.2-RELEASE-p22 #0: Fri Sep 30 11:18:46 MDT 2016 root@node.freebsd102-64.emulab-ops.emulab.net:/usr/obj/usr/src/sys/TESTBED-GENERIC-IB amd64 |
| 639 | lnevers@ops:~ % ssh boss |
| 640 | The authenticity of host 'boss.instageni.uvm.edu (132.198.183.132)' can't be established. |
| 641 | ECDSA key fingerprint is a0:bb:78:16:0b:bd:f9:73:60:5d:eb:8d:1b:be:bb:00. |
| 642 | No matching host key fingerprint found in DNS. |
| 643 | Are you sure you want to continue connecting (yes/no)? yes |
| 644 | Warning: Permanently added 'boss.instageni.uvm.edu' (ECDSA) to the list of known hosts. |
| 645 | Last login: Tue May 16 15:44:40 2017 from 128.89.253.131 |
| 646 | FreeBSD 10.2-RELEASE-p22 (TESTBED-GENERIC-IB) #0: Fri Sep 30 11:18:46 MDT 2016 |
| 647 | |
| 648 | Welcome to FreeBSD! |
| 649 | |
| 650 | To save disk space in your home directory, compress files you rarely |
| 651 | use with "gzip filename". |
| 652 | -- Dru <genesis@istar.ca> |
| 653 | lnevers@boss:~ % |
| 654 | |
| 655 | }}} |
| 656 | Access infrastructure switches using documented password. First connect to the switch named procurve1 the control network switch: |
| 657 | {{{ |
| 658 | [lnevers@boss ~]$ sudo more /usr/testbed/etc/switch.pswd |
| 659 | XXXXXXXXX |
| 660 | lnevers@boss:~ % sudo ssh procurve1 |
| 661 | We'd like to keep you up to date about: |
| 662 | * Software feature updates |
| 663 | * New product announcements |
| 664 | * Special events |
| 665 | Please register your products now at: www.hpe.com/networking/register |
| 666 | |
| 667 | |
| 668 | |
| 669 | Aruba JL071A 3810M-24G-1-slot Switch |
| 670 | Software revision KB.16.01.0004 |
| 671 | |
| 672 | Copyright (C) 2016 Aruba, a Hewlett Packard Enterprise company. |
| 673 | |
| 674 | RESTRICTED RIGHTS LEGEND |
| 675 | Confidential computer software. Valid license from Hewlett Packard |
| 676 | Enterprise required for possession, use or copying. Consistent with FAR |
| 677 | 12.211 and 12.212, Commercial Computer Software, Computer Software |
| 678 | Documentation, and Technical Data for Commercial Items are licensed to |
| 679 | the U.S. Government under vendor's standard commercial license. |
| 680 | |
| 681 | Press any key to continue |
| 682 | |
| 683 | Aruba-3810M-24G-1-slot# |
| 684 | Aruba-3810M-24G-1-slot# show version |
| 685 | Image stamp: /ws/swbuildm/rel_richmond_qaoff/code/build/bom(swbuildm_rel_richmond_qaoff_rel_richmond) |
| 686 | Jan 17 2016 15:59:54 |
| 687 | KB.16.01.0004 |
| 688 | 215 |
| 689 | Boot Image: Primary |
| 690 | |
| 691 | Boot ROM Version: KB.16.01.0005 |
| 692 | Active Boot ROM: Primary |
| 693 | |
| 694 | Aruba-3810M-24G-1-slot# show vlan |
| 695 | |
| 696 | Status and Counters - VLAN Information |
| 697 | |
| 698 | Maximum VLANs to support : 256 |
| 699 | Primary VLAN : DEFAULT_VLAN |
| 700 | Management VLAN : control-hardware |
| 701 | |
| 702 | VLAN ID Name | Status Voice Jumbo |
| 703 | ------- -------------------------------- + ---------- ----- ----- |
| 704 | 1 DEFAULT_VLAN | Port-based No No |
| 705 | 10 control-hardware | Port-based No No |
| 706 | 11 control-alternate | Port-based No No |
| 707 | |
| 708 | |
| 709 | Aruba-3810M-24G-1-slot# show running-config |
| 710 | |
| 711 | Running configuration: |
| 712 | |
| 713 | ; JL071A Configuration Editor; Created on release #KB.16.01.0004 |
| 714 | ; Ver #0c:01.7c.59.f4.7b.ff.ff.fc.ff.ff.3f.ef: |
| 715 | |
| 716 | hostname "Aruba-3810M-24G-1-slot" |
| 717 | module 1 type jl071x |
| 718 | flexible-module A type JL083A |
| 719 | telnet-server listen data |
| 720 | no web-management |
| 721 | web-management listen data |
| 722 | ip default-gateway 10.1.1.254 |
| 723 | ip ssh listen data |
| 724 | snmp-server community "xxx" unrestricted |
| 725 | snmp-server listen data |
| 726 | aaa authentication ssh login public-key |
| 727 | aaa authentication ssh enable public-key |
| 728 | oobm |
| 729 | disable |
| 730 | ip address dhcp-bootp |
| 731 | exit |
| 732 | vlan 1 |
| 733 | name "DEFAULT_VLAN" |
| 734 | no untagged 18-19 |
| 735 | untagged 1-17,20-24,A1-A4 |
| 736 | ip address 10.254.254.253 255.255.255.0 |
| 737 | ip igmp |
| 738 | exit |
| 739 | vlan 10 |
| 740 | name "control-hardware" |
| 741 | untagged 18 |
| 742 | ip address 10.1.1.253 255.255.255.0 |
| 743 | exit |
| 744 | vlan 11 |
| 745 | name "control-alternate" |
| 746 | untagged 19 |
| 747 | ip address 10.2.1.253 255.255.255.0 |
| 748 | exit |
| 749 | management-vlan 10 |
| 750 | no tftp server |
| 751 | tftp server listen data |
| 752 | no autorun |
| 753 | no dhcp config-file-update |
| 754 | no dhcp image-file-update |
| 755 | password xxx |
| 756 | password xxx |
| 757 | |
| 758 | Aruba-3810M-24G-1-slot# |
| 759 | |
| 760 | }}} |
| 761 | |
| 762 | Connect to the switch named procurve2 the dataplane network switch via ssh using the documented password: |
| 763 | {{{ |
| 764 | [lnevers@boss ~]$ sudo more /usr/testbed/etc/switch.pswd |
| 765 | xxxxxxx |
| 766 | lnevers@boss:~ % sudo ssh procurve2 |
| 767 | We'd like to keep you up to date about: |
| 768 | * Software feature updates |
| 769 | * New product announcements |
| 770 | * Special events |
| 771 | Please register your products now at: www.hpe.com/networking/register |
| 772 | |
| 773 | |
| 774 | manager@10.3.1.253's password: |
| 775 | HP J9850A Switch 5406Rzl2 |
| 776 | Software revision KB.16.02.0018 |
| 777 | |
| 778 | (C) Copyright 2017 Hewlett Packard Enterprise Development LP |
| 779 | |
| 780 | RESTRICTED RIGHTS LEGEND |
| 781 | Confidential computer software. Valid license from Hewlett Packard Enterprise |
| 782 | Development LP required for possession, use or copying. Consistent with FAR |
| 783 | 12.211 and 12.212, Commercial Computer Software, Computer Software |
| 784 | Documentation, and Technical Data for Commercial Items are licensed to the |
| 785 | U.S. Government under vendor's standard commercial license. |
| 786 | |
| 787 | Press any key to continue |
| 788 | |
| 789 | HP 5406R# show version |
| 790 | Management Module 1: Active |
| 791 | Image stamp: /ws/swbuildm/rel_spokane_qaoff/code/build/bom(swbuildm_rel_spokane_qaoff_rel_spokane) |
| 792 | Mar 30 2017 09:10:47 |
| 793 | KB.16.02.0018 |
| 794 | 526 |
| 795 | Boot Image: Primary |
| 796 | |
| 797 | Boot ROM Version: KB.16.01.0006 |
| 798 | Active Boot ROM: Primary |
| 799 | |
| 800 | HP 5406R# show vlans |
| 801 | |
| 802 | Status and Counters - VLAN Information |
| 803 | |
| 804 | Maximum VLANs to support : 256 |
| 805 | Primary VLAN : DEFAULT_VLAN |
| 806 | Management VLAN : control-hardware |
| 807 | |
| 808 | VLAN ID Name | Status Voice Jumbo |
| 809 | ------- -------------------------------- + ---------- ----- ----- |
| 810 | 1 DEFAULT_VLAN | Port-based No No |
| 811 | 10 control-hardware | Port-based No No |
| 812 | 257 5007 | Port-based No No |
| 813 | 258 5036 | Port-based No No |
| 814 | 1774 5035 | Port-based No No |
| 815 | |
| 816 | |
| 817 | HP 5406R# show running-config |
| 818 | |
| 819 | Running configuration: |
| 820 | |
| 821 | ; J9850A Configuration Editor; Created on release #KB.16.02.0018 |
| 822 | ; Ver #10:08.01.81.b3.ff.7c.59.fc.7b.ff.ff.fc.ff.ff.3f.ef:5a |
| 823 | hostname "HP 5406R" |
| 824 | module A type j9990a |
| 825 | module B type j9995a |
| 826 | telnet-server listen data |
| 827 | no web-management |
| 828 | web-management listen data |
| 829 | ip default-gateway 10.3.1.7 |
| 830 | ip ssh listen data |
| 831 | interface A1 |
| 832 | speed-duplex auto-1000 |
| 833 | exit |
| 834 | interface A2 |
| 835 | speed-duplex auto-1000 |
| 836 | exit |
| 837 | interface A3 |
| 838 | speed-duplex auto-1000 |
| 839 | exit |
| 840 | interface A4 |
| 841 | speed-duplex auto-1000 |
| 842 | exit |
| 843 | interface A5 |
| 844 | speed-duplex auto-1000 |
| 845 | exit |
| 846 | interface A6 |
| 847 | speed-duplex auto-1000 |
| 848 | exit |
| 849 | interface A7 |
| 850 | speed-duplex auto-1000 |
| 851 | exit |
| 852 | interface A8 |
| 853 | speed-duplex auto-1000 |
| 854 | exit |
| 855 | interface A9 |
| 856 | speed-duplex auto-1000 |
| 857 | exit |
| 858 | interface A10 |
| 859 | speed-duplex auto-1000 |
| 860 | exit |
| 861 | interface A11 |
| 862 | disable |
| 863 | speed-duplex auto-1000 |
| 864 | exit |
| 865 | interface A12 |
| 866 | disable |
| 867 | speed-duplex auto-1000 |
| 868 | exit |
| 869 | interface A13 |
| 870 | speed-duplex auto-1000 |
| 871 | exit |
| 872 | interface A14 |
| 873 | disable |
| 874 | speed-duplex auto-1000 |
| 875 | exit |
| 876 | interface A15 |
| 877 | disable |
| 878 | speed-duplex auto-1000 |
| 879 | exit |
| 880 | snmp-server community "xxx" unrestricted |
| 881 | snmp-server listen data |
| 882 | openflow |
| 883 | controller-id 1 ip 206.196.180.241 controller-interface vlan 10 |
| 884 | instance "instance_1" |
| 885 | member vlan 1774 |
| 886 | controller-id 1 |
| 887 | version 1.3 |
| 888 | max-backoff-interval 10 |
| 889 | enable |
| 890 | exit |
| 891 | enable |
| 892 | exit |
| 893 | oobm |
| 894 | disable |
| 895 | ip address dhcp-bootp |
| 896 | exit |
| 897 | vlan 1 |
| 898 | name "DEFAULT_VLAN" |
| 899 | no untagged A1-A10,A13,A20-A21 |
| 900 | untagged A11-A12,A14-A19,A22-A24,B1-B8 |
| 901 | no ip address |
| 902 | forbid A1-A9 |
| 903 | exit |
| 904 | vlan 10 |
| 905 | name "control-hardware" |
| 906 | untagged A20 |
| 907 | ip address 10.3.1.253 255.255.255.0 |
| 908 | exit |
| 909 | vlan 257 |
| 910 | name "5007" |
| 911 | untagged A1-A9 |
| 912 | no ip address |
| 913 | exit |
| 914 | vlan 258 |
| 915 | name "5036" |
| 916 | untagged A10,A13 |
| 917 | no ip address |
| 918 | exit |
| 919 | vlan 1774 |
| 920 | name "5035" |
| 921 | tagged A1,A21 |
| 922 | no ip address |
| 923 | exit |
| 924 | management-vlan 10 |
| 925 | no tftp server |
| 926 | tftp server listen data |
| 927 | no autorun |
| 928 | no dhcp config-file-update |
| 929 | no dhcp image-file-update |
| 930 | device-profile name "default-ap-profile" |
| 931 | cos 0 |
| 932 | exit |
| 933 | no allow-v2-modules |
| 934 | activate provision disable |
| 935 | password xxx |
| 936 | password xxx |
| 937 | |
| 938 | HP 5406R# ping 172.217.7.228 |
| 939 | 172.217.7.228 is alive, time = 30 ms |
| 940 | HP 5406R# |
| 941 | }}} |
| 942 | |
| 943 | Access the FlowVisor VM and gather version information: |
| 944 | {{{ |
| 945 | LNM:~$ ssh lnevers@flowvisor.instageni.uvm.edu |
| 946 | Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.13.0-116-generic x86_64) |
| 947 | |
| 948 | * Documentation: https://help.ubuntu.com/ |
| 949 | New release '16.04.2 LTS' available. |
| 950 | Run 'do-release-upgrade' to upgrade to it. |
| 951 | |
| 952 | Last login: Tue May 16 15:40:59 2017 from 128.89.253.131 |
| 953 | lnevers@SDNnat:~$ sudo whoami |
| 954 | root |
| 955 | lnevers@SDNnat:~$ uname -a |
| 956 | Linux SDNnat 3.13.0-116-generic #163-Ubuntu SMP Fri Mar 31 14:13:22 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux |
| 957 | lnevers@SDNnat:~$ |
| 958 | lnevers@SDNnat:~$ cat /etc/issue |
| 959 | Ubuntu 14.04.5 LTS \n \l |
| 960 | |
| 961 | lnevers@SDNnat:~$ |
| 962 | }}} |
| 963 | |
| 964 | |