dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
742
share rss forum feed


McLovin
Chicka chicka yeah
Premium
join:2005-06-12
Fairbanks, AK
Reviews:
·GCI.net

1 edit

Accidental Discovery - A Mistake to Possibly Learn From

I'm going to preface this by saying that all of this is second-hand information. My point with that is, all of this information comes from a mistake that I did not commit earlier this afternoon. Although I did not know that this "feature" ever existed.

Apparently, Cisco has been making strides in the world of zero-touch, or little-touch deployments, effectively opening up entry level networking positions up to people who may not have any real enterprise networking experience. Laudable I suppose, but apparently this "express setup" feature exists and is enabled by default, enacted by that handy "Mode" button on the front of every Cisco switch almost ever.

Holding said mode button for 3 seconds on a blank switch will help guide you through the process of getting an IP and potentially a config template running on it. If you have a config on the switch and you hold the mode button for 3 seconds, the lights will just blink at you telling you that a config already exists. If you choose to continue to hold that button for a total of 7 seconds (which is a quick 7 seconds, I might add), your config gets wiped and you force reload the switch and any associated members of a stack that it may be a member of.

That said, a coworker of mine accidentally did this on the building's main 3750X stack while adding a new stack member. After he brought the new switch online, he was going through the mode button to figure out the new switches member number and to make sure the master didn't get re-elected. Apparently, during that process he held the button too long, and that switch stack, as well as all of the wireless APs and wired connections to other switches downstream ceased to communicate back to the core and the switch stack completely reset back to a factory-default config at 2:30PM on a business day.

"Would you like to enter the initial configuration dialog?" NO THANK YOU!

I've been a network admin now for about 6 years between 3 different shops, and have never known this to exist. Needless to say "no setup express" is now a default line in my config templates, and I'll be running a batch job to update 790 access switches this weekend...
--
Tube surfin' at 22Mbps/2Mbps


cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:8

I've never known the older switches to do that (2900, 1900, etc.) There is a recovery process that involved holding the mode button during powerup/restart.

Also note, many HP switches have a similar reset feature... plug port 1 into port 2 and power it on. There have been a few interesting bugs logged on that one. (don't use ports 1 & 2 for a STP backup)

Bay/Nortel/Avaya switches can also be reset from the front panel -- I've not had to do it in a long time.


HELLFIRE
Premium
join:2009-11-25
kudos:13
reply to McLovin

You know, times like this, a picture's just worth a thousand words....

Hope your coworker's still gainfully employed, and learned their lesson about changes in the middle
of the day on a PROD network...

Thanks for the tip though!

Regards



McLovin
Chicka chicka yeah
Premium
join:2005-06-12
Fairbanks, AK
Reviews:
·GCI.net

Great meme

He's still employed. Only one of our group of 6 knew about this feature, and he had discovered it by accident as well. Albeit not in a production network.

Here's to hoping this discovery helps others before the mode button bites them.
--
Tube surfin' at 22Mbps/2Mbps



TomS_
Git-r-done
Premium,MVM
join:2002-07-19
London, UK
kudos:5

1 edit
reply to McLovin

I know your pain, second hand as well.

At my previous place of employment we went through basically the exact same scenario.

A reasonably "core" switch in a reasonably busy POP. Some cables were being reorganised, and one of them just happened to rest on the mode button, and wiped the config off it.

Needless to say, "no setup express" became a default line in our config templates too!

This was a 2950 IIRC.



TomS_
Git-r-done
Premium,MVM
join:2002-07-19
London, UK
kudos:5
reply to cramer

said by cramer:

plug port 1 into port 2 and power it on.

wtf????

Where can I read more about this ..... It sounds hilariously, painfully, comical.

cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:8

»h20000.www2.hp.com/bizsupport/Te···=3231819



OmenQ
Spazz
Premium
join:2003-03-21
Continuum
reply to McLovin

said by McLovin:

Needless to say "no express setup" is now a default line in my config templates, and I'll be running a batch job to update 790 access switches this weekend...

Well, now I know what I'm doing this weekend as well.
--
Cogito Ergo Nom


battleop

join:2005-09-28
00000
reply to TomS_

That was a reset procedure for a firewall that I worked on years ago. I don't remember the brand but net screen seems to stick in my mind.
--
I do not, have not, and will not work for AT&T/Comcast/Verizon/Charter or similar sized company.


Aidens Daddy

join:2006-01-30
united state
reply to McLovin

The mode button should just rename the config file. You might want to check the flash for the original file.



McLovin
Chicka chicka yeah
Premium
join:2005-06-12
Fairbanks, AK
Reviews:
·GCI.net

Yeah the config was there on flash, not as bad as it could have been. He copied it back to running config and let everything come back, but the damage of taking a major academic building down in a University network, where upwards of 600 people were in classrooms, had already been done. Nothing like adding a dash of downtime to the mix!
--
Tube surfin' at 22Mbps/2Mbps


markysharkey
Premium
join:2012-12-20
united kingd
reply to McLovin

Just tried to run no express setup on a 2960S with IOS 12.2(55r)SE5. No dice. Doesn't seem to exist...

2960S-Gigabit#no express-setup
                 ^
% Invalid input detected at '^' marker.
 
2960S-Gigabit#no express setup
                 ^
% Invalid input detected at '^' marker.
 
2960S-Gigabit#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
2960S-Gigabit(config)#no express setup
                           ^
% Invalid input detected at '^' marker.
 
2960S-Gigabit(config)#no express-setup
                           ^
% Invalid input detected at '^' marker.
 
2960S-Gigabit(config)#
 

--
Binary is as easy as 01 10 11


McLovin
Chicka chicka yeah
Premium
join:2005-06-12
Fairbanks, AK

My fault, I fixed my OP. The command is "no setup express" from global config.
--
Tube surfin' at 22Mbps/2Mbps


markysharkey
Premium
join:2012-12-20
united kingd
reply to McLovin

Yup, that's the badger.


HELLFIRE
Premium
join:2009-11-25
kudos:13
reply to cramer

Nice doc cramer See Profile... remind me to try it the next time in a DC with a crapload of HP networking gear around :twisted:

Regards


cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:8

If they have 1800's in the DC, they deserve what's coming! (that said, I shipped a 1800 to a colo )



TomS_
Git-r-done
Premium,MVM
join:2002-07-19
London, UK
kudos:5
reply to McLovin

Fixed mine too.



McLovin
Chicka chicka yeah
Premium
join:2005-06-12
Fairbanks, AK
Reviews:
·GCI.net

1 recommendation

reply to McLovin

I don't know if any of you know Bob McCouch but he's had a blog going for a while. I met him at Live! this year and chatted for a little bit. Anyway, I told the story on my Twitter feed and Bob sent me a blog post that he had just written the day before... Talk about coincidences. Anyway, his post is worth a read on this subject.

»herdingpackets.net/2013/07/23/ex···uration/
--
Tube surfin' at 22Mbps/2Mbps