cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

4017
Views
5
Helpful
10
Replies

Prime Infrastructure 2.0 tftp service

Hi

I'm having problems with upgrading software images on swithces when using tftp for image transfer. (SCP is not availiable in current image)

The job reports as failed in "Jobs Dashboard"

Validating device distribution context

Distributing image c3560-ipservicesk9-mz.150-2.SE4.bin using protocol SCP
Distributing image c3560-ipservicesk9-mz.150-2.SE4.bin using protocol TFTP

SUCCESS

FAILURE
FAILURE

..and when looking into the logfile

        /opt/CSCOlumos/conf/ifm/swim/jobs/X.X.X.X_tftp_telnet.log

it contains this output:

HOSTNAME#copy tftp://X.X.X.X/c3560-ipservicesk9-mz.150-2.SE4.bin flash:c3560-ipservicesk9-mz.150-2.SE4.bin

Destination filename [c3560-ipservicesk9-mz.150-2.SE4.bin]? c3560-ipservicesk9-mz.150-2.SE4.bin

Accessing tftp://X.X.X.X/c3560-ipservicesk9-mz.150-2.SE4.bin...

Loading c3560-ipservicesk9-mz.150-2.SE4.bin from X.X.X.X (via VlanY): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!... [timed out]

%Error reading tftp://X.X.X.X/c3560-ipservicesk9-mz.150-2.SE4.bin (Timed out)

(I removed a bunch of "!" in the output )

I guess that the tftp server on the PI server shuts down or closes the connection after a period of time

Is there a way to configure the tftp server settings on the Prime Infrastructure server or keep the tftp service always running?

Running virtual appiance

prime/admin# sh ver

Cisco Application Deployment Engine OS Release: 2.0

ADE-OS Build Version: 2.0.6.003-px-build

ADE-OS System Architecture: x86_64

Copyright (c) 2005-2010 by Cisco Systems, Inc.

All rights reserved.

Hostname: prime

Version information of installed applications

---------------------------------------------

Cisco Prime Infrastructure

------------------------------------------

Version : 2.0.0.0.294

Regards

Roger Saugestad

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Beginner

Prime Infrastructure 2.0 tftp service

Hi,

after a full day of troubleshouting I could narrow down the problem to the firewall reacting "stupid" to the lots of small UDP packets.

I was only able to solve it by disabling the firewall completely "service firewall stop" .

Before nothing worked in terms of IOS image distribution - after that - everything works.

Regards

Matthias

10 REPLIES 10
Beginner

Re: Prime Infrastructure 2.0 tftp service

We have the same problems with upgrading IOSes via TFTP.

Other TFTP tasks, like gathering vlan.dat files in Configuration Archive  Job, is also failed.

Netstat -an command in root shell shows that java process listening 69 udp.

udp        0      0 :::69                       :::*                                    9183/java

/opt/CSCOlumos/jre32/bin/java -Djava.system.class.loader=com.cisco.xmp.classLoader.XMPSystemClassLoader -Dcom.cisco.xmp.XMPHome=/opt/CSCOlumos -Dinstall.dir=/opt/CSCOlumos -server -Xms32m -Xmx256m -XX:MaxPermSize=128m -Djava.awt.headless=true -Daes.dir=/opt/CSCOlumos -Dmibs.root=/opt/CSCOlumos/resources/wirless/mibs -cp /opt/CSCOlumos/classloader-conf:/opt/CSCOlumos/./lib/xmp/XMPClassLoader-8.0.24.jar com.cisco.remoting.packaging.RemotingServiceMain Tftp

Wireshark shows that Prime tried to do "copy flash:vlan.dat tftp:" but server says "%Error opening tftp://address/xxxx.cfg"

Strange thing that in directory /localdisk/tftp I see some collected vlan.dat files (about 10, regardless that we have >1000 switches). But I cannot copy them to device manually..

Summary, TFTP service is started but not works correctly.

Beginner

Prime Infrastructure 2.0 tftp service

I've created case in Cisco TAC via our intergator. And they solved this issue.

Cisco BUG ID is CSCud90974 (Prime Infrastructure TFTP and FTP may fail in OVA deployment)

Main cause of this problem is in VMWare side as described here:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2019944:

When using the VMXNET3 adapter in a Linux guest OS on an ESXi 5.0 host, you see:

•Small UDP Packets (less than 40 bytes in size) are dropped from Linux virtual machines using the VMXNET3 Network Adapter.

•Applications that utilize small UDP packets may be unable to connect to the virtual machine.

Solution:

Change the Virtual Machine network adapter type to E1000.

Prime Infrastructure 2.0 tftp service

Hi

Thank you for your comments and findings, but I don't thing we have the same root cause, as we already use E1000 adaptors in vmware and a later release where this bug in vmware should be fixed.

Regards

Roger

Beginner

Prime Infrastructure 2.0 tftp service

Hi,

after a full day of troubleshouting I could narrow down the problem to the firewall reacting "stupid" to the lots of small UDP packets.

I was only able to solve it by disabling the firewall completely "service firewall stop" .

Before nothing worked in terms of IOS image distribution - after that - everything works.

Regards

Matthias

HiShutting down iptables on

Hi

Shutting down iptables on the server worked for me.

Thank you for sharing your solution!

 

Regards

 

Roger

Beginner

Hi,I shutdown iptables

Hi,

I shutdown iptables service, and it does works well.

But how to disable iptables service permanent also. I wonder that the iptables service will started again after I reboot PI.

Thanks

HiIf you enter this command

Hi

If you enter this command ad root, iptables will not run on next boot.

chkconfig iptables off

 

Note:This is only a workaround, if you want the security, the best is to modify the firewall rules to accept this traffic.

 

Roger

 

Highlighted
Beginner

Hi,I think the iptables

Hi,

I think the iptables already allow this kind of traffic. The problem is that it doesn't accept small UDP packets in sequence as Matthias said.

Thanks

Beginner

Hi ,  I am having the same

Hi ,

 

 I am having the same problem but with the physical Appliance ??

 

what can i do ??

Beginner

Guys , where and how do i

Guys , where and how do i read those logs ?

 

/opt/CSCOlumos/conf/ifm/swim/jobs/x.x.x.x_telnet.log

 

PI 2.1

Thanks in advance

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards