FS Europa Spedizione gratuita per ordini superiori a 79,00 €

Spedizione gratuita per ordini superiori a 79,00 €

Italia



Hub di Documentazione FS





FS GPT

Risultato di ricerca per "207993"

Tipi

Ordina per

PicOS® Quick Deployment Guide

09 gen. 2026 - PicOS® Quick Deployment Guide 1. Getting Started with PicOS® 1.1 Understanding PicOS® 1.1.1 About the Quick Deployment Guide PicOS® Quick Deployment Guide provides a high-level introduction to PicOS® and explains basic concepts and operational principles for working with PicOS® network devices. In this guide, we explain the basics of PicOS®, including: Understanding the network operating system software How to access PicOS® network devices How to perform the initial device configuration, including the root password, hostname, management and loopback interfaces, user accounts, and backup router configuration 1.1.2 Operating system infrastructure PicOS® includes processes that run on the device, including IP routing, Ethernet switching, management interfaces, and various other functions. PicOS® runs on the routing engine. The routing engine kernel coordinates communication between software processes and provides a link to the packet forwarding engine. Using the CLI, you can configure device functions and set network interface properties. After activating the software configuration, the CLI user interface is used to monitor and manage operations, as well as diagnose protocol and network connectivity issues. Routing Engine and Packet Forwarding Engine A PicOS® network router or switch has two main software processing components: Packet Forwarding Engine – Handles packets, applies filters, routing policies, and other functions, and forwards packets to the next hop on the route to their final destination. Routing Engine – Provides three primary functions: Maintains the routing table used by network devices and controls the routing protocols running on the device. Performs packet forwarding by providing route lookup, filtering, and switching for incoming packets, then directing outgoing packets to the appropriate interface for transmission onto the network. Provides control and monitoring functions for the device. 1.2 Access a PicOS® Network Device 1.2.1 Overview of PicOS® Network Device Initial Configuration After installing and starting a PicOS® Networks device, you can begin the initial configuration. All devices come pre-installed with a version of PicOS®. The procedures in this guide show you how to connect the device to the network without enabling traffic forwarding. For complete information on enabling traffic forwarding, including examples, refer to the Software Configuration Guide. Notes: For an overview of PicOS® and detailed information on configuration statements and CLI commands, refer to PicOS® Configuration Guide V4.4.5. By default, console access to the device is enabled. Initially, connect to the device using the Console Port. Before configuring the device, gather the following information: The name the device will use on the network The IP address and prefix length information for the Ethernet interface The IP address of the default gateway The most common method for configuring the device is using CLI commands. 1.2.2 Console Port Overview The Console Port allows access to a device running PicOS®, regardless of its state, unless the device is completely powered off. By connecting to the Console Port, you can access the device at the root level without relying on a network connection. The Console Port connection provides continuous direct access to the device, which is typically available even if the primary network fails. We recommend using the Console Port connection for all PicOS® and software package upgrades, as this connection remains open during the upgrade process, allowing you to monitor status and progress. Other network-based connections, such as SSH or Telnet, are usually interrupted during a software upgrade, which may result in the loss of status updates or error messages. 1.2.3 How to Access a PicOS® Network Device for the First Time When you power on a device running PicOS®, it automatically starts up. To perform the initial configuration, you must connect a terminal or laptop to the device via the Console Port. By default, console port access to the device is enabled. However, remote management access and all management protocols (such as Telnet, FTP, and SSH) are disabled by default. First Time Access to the Network Device: a) Connect your laptop or desktop computer to the Console Port on the front panel of the device. Port Settings Use the following port settings to connect a terminal or a computer to the switch console port: Baud rate: 115200 Data bits: 8 Stop bits: 1 Note: The default width for terminal sessions through the Console Port is 80 characters. This means that the terminal client width should be at least 80 characters to properly use the Console Port. Most terminal clients have a default width of 80 characters. b) Power on the device and wait for it to boot. The software will start automatically. Once the boot process is complete, you will see the PicOS login: prompt on the console. c) Log in as the user admin. By default, PicOS® has two users: root and admin. On the first login, you must manually set the password for the admin account. The user should use pica8 as the password on the first login. After that, the system will prompt the user to change the default password. The new password must be a string of 8 to 512 case-sensitive characters. PicOS login: admin Password: (input default password "pica8") You are required to change your password immediately (administrator enforced) Changing password for admin. Current password: (input "pica8" again) New password: (input new password: the new password should be no less than eight characters) Retype new password: (input new password again) Linux PicOS 5.10.23 #2 SMP Mon Aug 12 09:14:57 CST 2024 x86_64 Synchronizing configuration...OK. Welcome to PicOS admin@PicOS> d) After the switch boots up, it automatically enters the PicOS® CLI. admin@PicOS> e) Type configure to access CLI configuration mode admin@PicOS> configure admin@PicOS# 1.3 Device Hostname 1.3.1 Hostname Overview Almost every device in a network has a hostname. The hostname is the name used to identify the device on the network. It is easier to remember than an IP address. When you first boot a PicOS® network device, the default hostname is PicOS®. The PicOS® prompt indicates that the device is loading the new PicOS® software from the factory settings. By definition, such devices do not have a configured hostname. As an administrator, you need to follow naming conventions for devices. One convention is to name the device based on its location, such as: germany-berlin-R1. Make sure the hostname is unique within the local network so that users can connect to the device using that hostname. You do not need to make the local hostname globally unique. In PicOS®, the hostname can contain any combination of letters, numbers, and hyphens. Special characters are not allowed. As a best practice, use short and meaningful hostnames because long hostnames are difficult to type and remember. 1.3.2 Configure the Device Hostname A host name distinguishes one device from another. The default host name is the system name PicOS®. You can modify the host name as required. a) In the configuration mode, specify or modify a host name for the switch. set system hostname b) set system hostname commit c) Verifying the Configuration After the configuration is completed, in the configuration mode, use run show system name command to view the new host name. d) Other Configurations To reset the hostname to default, use delete system hostname command. 1.4 Management Ethernet and Loopback Interfaces 1.4.1 Management Ethernet Interface Overview The management interface is the primary interface for remotely accessing the device. Typically, the management interface does not connect to the in-band network but instead connects to the device’s internal network. As a system administrator, you can use the management interface to access the device through the network using utilities such as SSH and Telnet. You can configure the device from anywhere, regardless of its physical location. SNMP can use the management interface to collect statistics from the device. Authorized users and management systems use the management interface to connect to the device over the network. Some PicOS® network devices have dedicated management ports on the front panel. For other types of platforms, you can configure the management interface on one of the network interfaces. You can dedicate this interface to management, or share it with other traffic. You must configure the management interface before users can access it. To set up the management interface, you need information such as its IP address, prefix, and next hop. We recommend configuring the device so that traffic is not routed between the management interface and other ports. On many devices running PicOS®, traffic cannot be routed between the management interface and other ports. Therefore, you should choose an IP address with a separate prefix (network mask) in a separate (logical) network. For devices running PicOS®, the management Ethernet interface is typically named ETH0. 1.4.2 Configure Management Interface PicOS® switches provide one or two Ethernet management ports for switch configuration and out-of-band network management. See Figure 1, which shows the console and management ports of the PicOS®-3930 switch. The port labeled ETHERNET is the management port, while the port labeled CONSOLE is the console port. Figure 1. Console and Management Ports image.png Configure IP Address for Management Interface To facilitate the device management and meet the requirement of separating the management traffic from the data traffic, the switch supports the in-band or out-of-band management interface with the factory default IP address 192.168.1.1/24. If the switch cannot obtain the IP address through DHCP, the factory default IP address is valid, and you can access it through PCs in the same network segment. Besides, you can manually configure the IP address as needed. a) In the configuration mode, specify the IP address for management interface. set system management-ethernet eth0 ip-address {IPv4 | IPv6} set l3-interface vlan-interface inband-mgmt address prefix-length b) Commit the configuration. commit c) Verifying the Configuration After the configuration is completed, in the configuration mode, use run show system management-ethernet command to view the MAC address, IP address, state and traffic statistics. d) Other Configurations To clear the configuration of management interface, use delete system management-ethernet eth0 ip-address command. 1.4.3 Loopback Interface Overview The Internet Protocol (IP) specifies a loopback network with the address range (IPv4) 127.0.0.0/8. Most IP implementations support a loopback interface (lo0) to represent the loopback facility. Any traffic sent by computer programs to the loopback network is sent to the same computer. The most commonly used IP addresses on the loopback network are 127.0.0.1 (IPv4) and ::1 (IPv6). The standard domain name for this address is localhost. You can use the loopback interface to identify the device. While you can use any interface address to determine if the device is online, the loopback address is the preferred method. Even though interfaces may be removed or have their addresses changed due to changes in the network topology, the loopback address will never change. When you ping a single interface address, the result does not always reflect the health of the device. For example, a mismatch in the subnet configuration at both ends of a point-to-point link can make the link appear down. Pinging an interface to check if a device is online may lead to misleading results. The interface could be unavailable due to issues unrelated to the device’s configuration or operation. The loopback interface helps address these issues. Benefits Since the loopback address never changes, it is the best way to identify a device on the network. The loopback interface is always up and accessible as long as there is a route to that IP address in the IP routing table. Thus, it can be used for diagnostics and troubleshooting. Protocols such as OSPF use the loopback address to determine protocol-specific attributes of the device or network. Additionally, certain commands (e.g., ping mpls) require the loopback address to function properly. 1.4.4 Loopback Interface Configuration The loopback interface is always Up to ensure network reliability. The loopback interface has the following features: The loopback interface is always Up and has the loopback feature. The loopback interface can be configured with the mask of all 1s. Based on the preceding features, the loopback interface has the following applications. The IP address of a loopback interface is specified as the source address of packets to improve network reliability. When no Router ID is configured for dynamic routing protocols, the maximum IP address of the loopback interface is configured as the router ID automatically. a) In the configuration mode, specify the name and IP address for the loopback interface. set l3-interface loopback address prefix-length 32 set l3-interface loopback address prefix-length 128 b) Commit the configuration. commit c) Verifying the Configuration After the configuration is completed, in the configuration mode, use run show l3-interface loopback command to view the state, IP address, description and traffic statistics. d) Other Configurations By default, the loopback interface is enabled when created. To disable the loopback interface, use set l3-interface loopback disable command. To clear the configuration of loopback interface, use delete l3-interface loopback interface command. 1.5 Initial User Account 1.5.1 User Account Overview User accounts provide a way for users to access the device. For each account, you can define the user's login name, password, and any other user information. While it is common to use a remote authentication server to centrally store user information, it is also a good practice to configure at least one non-root user on each device. This way, you can still access the device even if the connection to the remote authentication server is interrupted. This non-root user is typically given a generic name, such as admin. 1.5.2 Configure User Account in the Configuration Group Here are two types of user accounts: super-user and read-only. The newly created user account, by default, is read-only. NOTE: "net-admin" is not allowed to use when configuring a username. Creating a User Class and Password admin@XorPlus# set system login user ychen authentication plain-text-password pica8 admin@XorPlus#set system login user ychen class super-user admin@XorPlus# commit Commit OK. Save done. admin@XorPlus# Configuring a Login Announcement after Login admin@XorPlus# set system login announcement "welcome the switch-1101" admin@XorPlus# commit Commit OK. Save done. admin@XorPlus# Configuring a Multi-line Login Announcement after Login The following example configures a multi-line announcement which will be printed on the teminal after user login. admin@XorPlus# set system login multiline-announcement 1 message "**********************************************" admin@XorPlus# set system login multiline-announcement 2 message "Welcome to the system！" admin@XorPlus# set system login multiline-announcement 3 message "**********************************************" admin@XorPlus# commit Commit OK. Save done. admin@XorPlus# Configuring a Login Banner before Login admin@XorPlus# set system login banner "Hello! Welcome!" admin@XorPlus# commit Commit OK. Save done. admin@XorPlus# Configuring a Multi-line Login Banner before Login The following example configures a multi-line banner which will be printed on the teminal before user login. admin@Xorplus# set system login multiline-banner 1 message "*********************NOTICE***********************" admin@Xorplus# set system login multiline-banner 2 message "This is a property of Pica8." admin@Xorplus# set system login multiline-banner 3 message "All users log-in are subject to company monitoring!" admin@Xorplus# set system login multiline-banner 4 message "**************************************************" admin@Xorplus# commit 1.5.3 Enable Remote Access Services Configuring the SSH Connection Limit admin@XorPlus# set system services ssh protocol-version v2 admin@XorPlus# set system services ssh connection-limit 5 admin@XorPlus# commit Waiting for merging configuration. Commit OK. Save done. admin@XorPlus# Enabling and Disabling Inband Service By default, SSH with inband interfaces are disabled. You can enable inband services by entering the command below. Set the L3 VLAN interface VLAN400 in the default VRF as the in-band management port. admin@Xorplus# set system inband vlan-interface VLAN400 admin@Xorplus# commit Set the loopback interface IP in the default VRF as the in-band management IP. admin@Xorplus# set system inband loopback 192.168.10.1 admin@Xorplus# commit Set the routed interface rif-ge3 in the default VRF as the in-band management port. admin@Xorplus# set system inband routed-interface rif-ge3 admin@Xorplus# commit Configuring the Idle Timeout for SSH User admin@Xorplus# set system services ssh idle-timeout 60 admin@XorPlus# commit Waiting for merging configuration. Commit OK. Save done. admin@XorPlus# Configuring the Port Number of the SSH server Users can use this command to configure the new port number of SSH server to prevent attackers from accessing the standard port of SSH service and ensure security. The default listening port number of the SSH server is 22. Note that, if the modified port number is not 22, the client needs to specify port number when logging in using SSH. admin@Xorplus# set system services ssh port 30 admin@Xorplus# commit Enabling Telnet Service The PicOS® switch supports functioning as a telnet server. To enable the telnet server function, users can enable the telnet service. The following command enables telnet service on the device. NOTEs: Telnet service is insecure. Do not enable a telnet server if you don't know what exactly it may mean. Limit to a maximum of 20 connections within 10 seconds. Terminate the session in 60 seconds if the connection is not successful. admin@PicOS# set system services telnet disable false admin@PicOS# commit 2. PicOS® Overview When using ONIE installer to install PicOS®, the installer reinstalls the software, rebuilds all the PicOS® file system. This can erase the configuration files and system logs from the previous installation. After a successful ONIE installation of PicOS® 4.x, the system generates multiple system partitions including PicOS® (partition size: 2G), PicOS®2 (partition size: 2G) and User-Data partitions. Among them, PicOS® and PicOS®2 are two independent system boot partitions. One of them is the active partition on which the running system resides, and the other is the inactive partition. The two-system-boot-partition feature allows the system to revert to a previous version of the installed software package when the it fails to upgrade PicOS® by using upgrade2 command. The ONIE installer removes all partitions to rebuild a brand new OS only when there is no User-Data partition. However, if there exists a User-Data partition (for example, install a new version 4.0.1 from the old one 4.0.0), the ONIE installer only rewrites the "PicOS®" partition, installs the new installation package to this partition and sets the system on "PicOS®" partition as the default and sole boot system. User-Data partition is a reserved partition which is not affected by ONIE installer and upgrade unless user manually removes it. User-Data partition uses all the available space left on the disk. Users can use this partition to store files and data. This document describes how to install PicOS® 4.x software using ONIE installer. 3. Install, Upgrade, and Downgrade PicOS® Software 3.1 Overview of Software Installation and Upgrade 3.1.1 What is ONIE ONIE (Open Network Install Environment) is an open source project of OCP (Open Compute Project). ONIE provides the environment to install any network operating system on a bare metal network switch. ONIE liberates users from captive pre-installed network operating systems, like the Cisco IOS, and provides them with a choice. ONIE is a small Linux operating system that comes pre-installed as firmware on bare metal network switches. ONIE acts as an enhanced boot loader, extending the features provided by U-Boot. ONIE is used to install PicOS® on compatible switches. The bare metal switches listed in the PicOS® Hardware Compatibility List must be pre-loaded with ONIE prior to installing PicOS®. 3.2 Preparation for Software Installation and Upgrade The installation methods used to install a new PicOS® are traditional installation and nos-boot-mode installation. You can choose a suitable installation method that is convenient and appropriate for your installation environment. If you want to install PicOS® through a console port, refer to PicOS® Configuration Guide V4.4.5. If you want to install the PicOS® through a non-console port (through the management port), refer to PicOS® Configuration Guide V4.4.5. Notes： You need to log in through the console port of the switch and perform the ONIE installation. Other NOSes including user data will be removed when install PicOS® under ONIE environment. When the ONIE installer is used to downgrade the PicOS® version from version 4.x to PicOS® 3.x or lower versions, we first need to use ONIE to uninstall the higher version PicOS® before proceeding with installing PicOS® 3.x or a lower version. On the ARM platform, execute the onie_uninstaller command at the ONIE prompt to uninstall the current version PicOS®. On the x86 platform, select the "ONIE: Uninstall OS" option in the GRUB menu to uninstall the current version PicOS®. If you enter GRUB rescue mode and the switch has GPT format partition, you can use the following commands to reset the GRUB boot variable to enter ONIE GRUB and then install PicOS®. grub rescue> set prefix=(hd0,gpt2)/grub grub rescue> set root=(hd0,gpt2) grub rescue> insmod normal grub rescue> normal Do not plug in the USB disk during onie-nos-installer process until ONIE starts up. If you have plugged in the USB disk before the installation operation, ONIE will find the installer on the USB disk when beginning the installation. On AS4610 series switches, when installation is complete, the installer will display: Please take out the usb disc, then remove the USB disk within 10 seconds after installation successful, and before machine restarts. All X86 platforms share one installation and upgrade package with the name fixed as: onie-installer-PicOS-VERSION-x86.bin, where VERSION is the release version. X86 platform are listed below: FS N9550-32D FS N8520-32D FS N9550-32D FS N8610-32D FS N8610-64D FS N9550-64D FS N8550-64C FS N5850-48S6Q FS N8550-48B8C FS S5580-48Y FS S5890-32C FS N8560-32C FS N8550-32C FS N8550-64C FS N8560-64C FS N8550-24CD8D FS S6860-24CD8D FS N5570-48S6C Edgecore AS4625-54P Edgecore AS4625-54T Edgecore AS4630-54TE Edgecore AS4630-54NPE Edgecore AS4630-54PE Edgecore AS5712-54X Edgecore AS5812-54T Edgecore AS5812-54X Edgecore AS7312-54X Edgecore AS7312-54XS Edgecore AS7326-56X Edgecore AS7712-32X Edgecore AS7726-32X Edgecore AS6812-32X Edgecore AS7816-64X Edgecore AS5835-54X Edgecore AS5835-54T Edgecore AS9716-32D Edgecore AS9726-32DB Edgecore AS9737-32DB Edgecore AS9736-64D DELL N3248P-ON DELL N3248PXE-ON DELL N3248TE-ON DELL N3224PX-ON DELL N3224P-ON DELL N3248X-ON DELL S4048-ON DELL S4148F-ON DELL S4148T-ON DELL S4128F-ON DELL S5224F-ON DELL S5296F-ON DELL S5212F-ON DELL S5248F-ON DELL S5232F-ON DELL Z9100-ON DELL Z9264F-ON DELL N3224T-ON DELL S4128T-ON DELL N3224F-ON DELL N2224PX-ON DELL N2224X-ON DELL N2248PX-ON DELL N2248X-ON DELL N3208PX-ON Delta AG7648 Delta AG5648 v1-R Delta AG9032v1 3.3 Upgrade and Downgrade Software 3.3.1 Traditional Installation NOTE： You need to log in through the console port of the switch and perform the ONIE installation described in this section. The installation method described in this section only applies to platforms that have pre-installed ONIE. 3.3.2 Manual Installation Process The following example describes the installation of PicOS® via manual installation method. Step1 Make sure that the installation package of .bin file has been load to the server (server could be HTTP, TFTP, or an FTP server or the switch local directory depending on the actual installation environment). Step2 Enter ONIE installation environment. The process is different on the following two types of platforms: ARM Platforms (AS4610 Series Switches) a) Verify that the switch is pre-loaded with ONIE, which will be used to load PicOS® on the switch. Power on the switch and interrupt the boot sequence by pressing any key when the following line is shown: Hit any key to stop autoboot: b) User will then reach the U-Boot command prompt indicated by ->. Run the printenv command at the U-Boot prompt. If the information displayed contains keywords like onie_initargs and onie_machine, the switch is pre-loaded with ONIE. LOADER->printenv active=image1 autoload=no baudrate=115200 bootcmd=run check_boot_reason;run PicOS_bootcmd;run onie_bootcmd bootdelay=10 check_boot_reason=if test -n $onie_boot_reason; then setenv onie_bootargs boot_reason=$onie_boot_reason; run onie_bootcmd; fi; consoledev=ttyS0 dhcp_user-class=arm-accton_as4610_54-r0_uboot dhcp_vendor-class-identifier=arm-accton_as4610_54-r0 ethact=eth-0 ethaddr=00:18:23:30:E7:8F fdtaddr=0xc00000 fpboot=setenv bootargs console=${consoledev},${baudrate} maxcpus=2 mem=1024M root=/dev/ram ${mtdparts} ubi.mtd=4 ethaddr=$ethaddr quiet gatewayip=192.168.0.1 initrd_high=0x80000000 ipaddr=192.168.0.1 loadaddr=0x70000000 loads_echo=1 mfg=mfg mfgdiags=run fpboot ; nand read ${loadaddr} diags ; bootm ${loadaddr} mfgdiags_recovery=nand read ${loadaddr} diags2 ; nand erase.part diags ; nand write ${loadaddr} diags mtdids=nand0=nand_iproc.0 mtdparts=mtdparts=nand_iproc.0:1m(uboot),2m(shmoo),1m(nenv),12m(onie),3992m(open),12m(onie2),2m(vpd),6m(sys_eeprom),16m(diags),16m(diags2),32m(diags_fs) netmask=255.255.255.0 nos_bootcmd=true onie_args=run onie_initargs onie_platformargs onie_bootcmd=echo Loading Open Network Install Environment ...; echo Platform: $onie_platform ; echo Version : $onie_version ; nand read $loadaddr $onie_start 0x00c00000 && run onie_args && bootm ${loadaddr} onie_dropbear_dss_host_key=begin-base64@600@d#AAAAB3NzaC1kc3MAAACBAIN7HOS7UGtQ+RS9R5Rdim9s4iadCBQ9SEFnHJZ2#ulK15hN2p1BOJ1Mf4qb/oHFGIt8hvopq157ejsJcSPuR9scXE2aYQO7r1+Ie#1MKoR3HyEFKgPhNUr0qYNiIaWGw2UUXivLUlhjmaPhjItsttb6AezNB6N1ap#TmIeEUse0NQBAAAAFQDndwbRrSsw6G/W4wd0LJVAjuyq2QAAAIAe/zGPyPNn#UwwV+i+j3l1W9IFhjA/ovXfX7PQtjHB7OJcInSpOA2gXLXHU2kYDkn+ymJQI#8Tn558nLHq64n9hIJzwaQH4ajMipBNwqR0WtpPXEaow9InDzjs+qFY0HAcTv#7DMEY9BGiJAUUSSCSFZ9dEYHIWUdk6WIpDUMX4b2ewAAAIB6bC+fHzr+Qaet#GjzynI0tApbzyydXKuIiIH6EDh2QEaP0E+TSxJ+C4xfyBAp1j0kvj0IYWR2P#H9ur0RaxDaCmKwIQs1gTJh/137Yd+OsqEV3JnrZxlEKk2DmI5c2wrGtl4oUp#XJfc+viahpFeCsGzsqGHHADWNsjlpKt457QCuQAAABUAk5406cTH4nZO0qlj#6irYf4WA65E=#====# onie_dropbear_rsa_host_key=begin-base64@600@r#AAAAB3NzaC1yc2EAAAADAQABAAAAgQCMTqwNhnJpuSLYAdRA/jjm1lyBaJF1#ovs3Hp0G7XkYnY4+JNPTCYgnmfMQnM83PQncuy89AqehJ2V22LGjpRiqT56K#MRr+hQoSWEbAObRd1azZF45pbxiQaQiQxNzIKbHDDWlGlycXfv8w9ZCElbxj#Ja7bkwmwg9EsBlW0d5u0BQAAAIAFr0FOyfn0OR1FiatvF624Aorcbl9oV/pc#JRghGfl8SxPihizz4bC7xAPCUkwd9ZHi+M2E6AjhIV69xjFKS0vYuQplvl8G#9R8YsnmP5B45TyLE3dW5V2/g+LQERQdFpRaSsPqEPHSlXPq4XHLGLRFItEBt#ohp41Qm+eA6efsAMIQAAAEEA4Y90xi8N1SuwjRk53fqpP8dC+FPnU850XtC1#cKG0rBt6v9qD+BTxxfE6GEpYM+N0fLyECbgBjA2LQF6CG3G15QAAAEEAnz3v#3POrcsMK2LkSNjWzAhzUqOWyOaNlhcvgh+2Xfj2tHyOTpZ09gCm483v1rui9#63uYu4QQurpATrHMcLIjoQ==#====# onie_initargs=setenv bootargs quiet console=$consoledev,$baudrate onie_machine=accton_as4610_54 onie_machine_rev=0 onie_platform=arm-accton_as4610_54-r0 onie_platformargs=setenv bootargs $bootargs serial_num=${serial#} ${platformargs} eth_addr=$ethaddr $onie_bootargs $onie_debugargs onie_recovery=nand read ${loadaddr} onie2 ; nand erase.part onie ; nand write ${loadaddr} onie onie_rescue=setenv onie_boot_reason rescue && boot onie_start=onie onie_sz.b=0x00c00000 onie_uninstall=setenv onie_boot_reason uninstall && boot onie_update=setenv onie_boot_reason update && boot onie_vendor_id=27658 onie_version=master-201603091701-dirty PicOS_bootcmd=usb start;run platformargs;setenv bootargs root=/dev/sda1 rw noinitrd console=$consoledev,$baudrate rootdelay=10 $mtdparts;ext2load usb 0:1 $loadaddr boot/uImage;bootm $loadaddr platform=accton_as4610_54 platformargs=mtdparts=nand_iproc.0:1m(uboot),2m(shmoo),1m(nenv),12m(onie),3992m(open),12m(onie2),2m(vpd),6m(sys_eeprom),16m(diags),16m(diags2),32m(diags_fs) maxcpus=2 mem=1024M ramdiskaddr=0x3000000 serial#=A626P1DL174300014 serverip=192.168.0.10 stderr=serial stdin=serial stdout=serial ubifscfg=ubi part nand0,4 0x0; ubifsmount fs ver=U-Boot 2012.10-gcbef171 (Mar 09 2016 - 17:01:14) - ONIE master-201603091701-dirty Environment size: 3992/65532 bytes c) From U-Boot prompt, boot ONIE in rescue mode. LOADER-> run onie_rescue x86 Platform On x86 platform, it uses GRUB menu to install OS via ONIE. a) Reboot the system, and enter ONIE installation environment from the GRUB menu: +----------------------------------------------------------------------------+ | PicOS | |*ONIE | | | | | | | | | | | | | | | | | | | | | +----------------------------------------------------------------------------+ Use the ^ and v keys to select which entry is highlighted. Press enter to boot the selected OS, `e' to edit the commands before booting or `c' for a command-line. b) From GRUB prompt, choose ONIE: Rescue to Install OS, boot ONIE in rescue mode. GNU GRUB version 2.02~beta2+e4a1fe391 +----------------------------------------------------------------------------+ |*ONIE: Install OS | | ONIE: Rescue | | ONIE: Uninstall OS | | ONIE: Update ONIE | | ONIE: Embed ONIE | | DIAG: Accton Diagnostic | | | | | | | | | | | | | +----------------------------------------------------------------------------+ Step3 Run onie-nos-install command as follows to manually install PicOS®. Install via TFTP ONIE# onie-nos-install tftp:///PicOS.bin Install via FTP When installing via FTP, you need to type username and password of the FTP server on which the image file is loaded. ONIE# onie-nos-install ftp://username:password@/PicOS.bin Install via HTTP ONIE# onie-nos-install http:///PicOS.bin Install from Local Directory a) In ONIE rescue mode, copy the image file to the current directory. ONIE# scp username@/PicOS.bin . b) Run onie-nos-install command to start installation. ONIE# onie-nos-install PicOS.bin For example, ONIE:/ # onie-nos-install onie-installer-PicOS-4.0.0-8b1219e112-x86.bin discover: Rescue mode detected. No discover stopped. ONIE: Executing installer: onie-installer-PicOS-4.0.0-8b1219e112-x86.bin Verifying image checksum ... OK. Preparing image archive ... OK. [1] PicOS L2/L3 (default) [2] PicOS Open vSwitch/OpenFlow Enter your choice (1,2):1 PicOS L2/L3 is selected. ONIE installation will overwrite the configuration file of existing system. It is recommended to follow the upgrade procedure to upgrade the system. Press any key to stop the installation... 10 9 8 7 6 5 4 3 2 1 ... The installer runs automatically, before start installation, it will prompt to choose the option to make PicOS® to boot into L2/L3 or OVS mode. If not selected, then PicOS® boots into L2/L3. After finishing installation, the device reboots automatically, the system then comes up running the new network operating system. NOTEs： After the system restarts, you need to enter the username and password, the initial login username is admin and password is pica8. After the username and password are entered, user will be asked to choose a new password for admin. This is the only post installation step after which the PicOS® operating system can be used. 3.3.3 Automatic Installation Process The automatic installation process uses the DHCP message exchange process to download and install software packages. Step1 Make sure the switch is connected to DHCP and HTTP servers and the PicOS® installation software package is downloaded to the HTTP server. a) DHCP server configuration: define the path of the installation package and then start DHCP server service: host pica8-3922 { hardware ethernet 70:72:cf:12:34:56; fixed-address 192.168.2.50; option default-url = "http://192.168.2.42/onie-installer-PicOS-4.0.0-8b1219e112-x86.bin"; b) Check if the .bin installation file is loaded onto the HTTP server: root@dev:/var/www# ls index.html onie-installer-powerpc.bin Step2 Install PicOS® via ONIE. The process is different on the following two types of platforms: ARM Platforms (AS4610 Series Switches) a) Verify that the switch is pre-loaded with ONIE, which will be used to load PicOS® on the switch. Power on the switch and interrupt the boot sequence by pressing any key when the following line is shown: Hit any key to stop autoboot: b) User will then reach the U-Boot command prompt indicated by ->. Run the printenv command at the U-Boot prompt. If the information displayed contains keywords like onie_initargs and onie_machine, the switch is pre-loaded with ONIE. LOADER-> printenv active=image1 autoload=no baudrate=115200 bootcmd=run check_boot_reason;run PicOS_bootcmd;run onie_bootcmd bootdelay=10 check_boot_reason=if test -n $onie_boot_reason; then setenv onie_bootargs boot_reason=$onie_boot_reason; run onie_bootcmd; fi; consoledev=ttyS0 dhcp_user-class=arm-accton_as4610_54-r0_uboot dhcp_vendor-class-identifier=arm-accton_as4610_54-r0 ethact=eth-0 ethaddr=00:18:23:30:E7:8F fdtaddr=0xc00000 fpboot=setenv bootargs console=${consoledev},${baudrate} maxcpus=2 mem=1024M root=/dev/ram ${mtdparts} ubi.mtd=4 ethaddr=$ethaddr quiet gatewayip=192.168.0.1 initrd_high=0x80000000 ipaddr=192.168.0.1 loadaddr=0x70000000 loads_echo=1 mfg=mfg mfgdiags=run fpboot ; nand read ${loadaddr} diags ; bootm ${loadaddr} mfgdiags_recovery=nand read ${loadaddr} diags2 ; nand erase.part diags ; nand write ${loadaddr} diags mtdids=nand0=nand_iproc.0 mtdparts=mtdparts=nand_iproc.0:1m(uboot),2m(shmoo),1m(nenv),12m(onie),3992m(open),12m(onie2),2m(vpd),6m(sys_eeprom),16m(diags),16m(diags2),32m(diags_fs) netmask=255.255.255.0 nos_bootcmd=true onie_args=run onie_initargs onie_platformargs onie_bootcmd=echo Loading Open Network Install Environment ...; echo Platform: $onie_platform ; echo Version : $onie_version ; nand read $loadaddr $onie_start 0x00c00000 && run onie_args && bootm ${loadaddr} onie_dropbear_dss_host_key=begin-base64@600@d#AAAAB3NzaC1kc3MAAACBAIN7HOS7UGtQ+RS9R5Rdim9s4iadCBQ9SEFnHJZ2#ulK15hN2p1BOJ1Mf4qb/oHFGIt8hvopq157ejsJcSPuR9scXE2aYQO7r1+Ie#1MKoR3HyEFKgPhNUr0qYNiIaWGw2UUXivLUlhjmaPhjItsttb6AezNB6N1ap#TmIeEUse0NQBAAAAFQDndwbRrSsw6G/W4wd0LJVAjuyq2QAAAIAe/zGPyPNn#UwwV+i+j3l1W9IFhjA/ovXfX7PQtjHB7OJcInSpOA2gXLXHU2kYDkn+ymJQI#8Tn558nLHq64n9hIJzwaQH4ajMipBNwqR0WtpPXEaow9InDzjs+qFY0HAcTv#7DMEY9BGiJAUUSSCSFZ9dEYHIWUdk6WIpDUMX4b2ewAAAIB6bC+fHzr+Qaet#GjzynI0tApbzyydXKuIiIH6EDh2QEaP0E+TSxJ+C4xfyBAp1j0kvj0IYWR2P#H9ur0RaxDaCmKwIQs1gTJh/137Yd+OsqEV3JnrZxlEKk2DmI5c2wrGtl4oUp#XJfc+viahpFeCsGzsqGHHADWNsjlpKt457QCuQAAABUAk5406cTH4nZO0qlj#6irYf4WA65E=#====# onie_dropbear_rsa_host_key=begin-base64@600@r#AAAAB3NzaC1yc2EAAAADAQABAAAAgQCMTqwNhnJpuSLYAdRA/jjm1lyBaJF1#ovs3Hp0G7XkYnY4+JNPTCYgnmfMQnM83PQncuy89AqehJ2V22LGjpRiqT56K#MRr+hQoSWEbAObRd1azZF45pbxiQaQiQxNzIKbHDDWlGlycXfv8w9ZCElbxj#Ja7bkwmwg9EsBlW0d5u0BQAAAIAFr0FOyfn0OR1FiatvF624Aorcbl9oV/pc#JRghGfl8SxPihizz4bC7xAPCUkwd9ZHi+M2E6AjhIV69xjFKS0vYuQplvl8G#9R8YsnmP5B45TyLE3dW5V2/g+LQERQdFpRaSsPqEPHSlXPq4XHLGLRFItEBt#ohp41Qm+eA6efsAMIQAAAEEA4Y90xi8N1SuwjRk53fqpP8dC+FPnU850XtC1#cKG0rBt6v9qD+BTxxfE6GEpYM+N0fLyECbgBjA2LQF6CG3G15QAAAEEAnz3v#3POrcsMK2LkSNjWzAhzUqOWyOaNlhcvgh+2Xfj2tHyOTpZ09gCm483v1rui9#63uYu4QQurpATrHMcLIjoQ==#====# onie_initargs=setenv bootargs quiet console=$consoledev,$baudrate onie_machine=accton_as4610_54 onie_machine_rev=0 onie_platform=arm-accton_as4610_54-r0 onie_platformargs=setenv bootargs $bootargs serial_num=${serial#} ${platformargs} eth_addr=$ethaddr $onie_bootargs $onie_debugargs onie_recovery=nand read ${loadaddr} onie2 ; nand erase.part onie ; nand write ${loadaddr} onie onie_rescue=setenv onie_boot_reason rescue && boot onie_start=onie onie_sz.b=0x00c00000 onie_uninstall=setenv onie_boot_reason uninstall && boot onie_update=setenv onie_boot_reason update && boot onie_vendor_id=27658 onie_version=master-201603091701-dirty PicOS_bootcmd=usb start;run platformargs;setenv bootargs root=/dev/sda1 rw noinitrd console=$consoledev,$baudrate rootdelay=10 $mtdparts;ext2load usb 0:1 $loadaddr boot/uImage;bootm $loadaddr platform=accton_as4610_54 platformargs=mtdparts=nand_iproc.0:1m(uboot),2m(shmoo),1m(nenv),12m(onie),3992m(open),12m(onie2),2m(vpd),6m(sys_eeprom),16m(diags),16m(diags2),32m(diags_fs) maxcpus=2 mem=1024M ramdiskaddr=0x3000000 serial#=A626P1DL174300014 serverip=192.168.0.10 stderr=serial stdin=serial stdout=serial ubifscfg=ubi part nand0,4 0x0; ubifsmount fs ver=U-Boot 2012.10-gcbef171 (Mar 09 2016 - 17:01:14) - ONIE master-201603091701-dirty Environment size: 3992/65532 bytes c) Input command run onie_bootcmd, which will automatically install PicOS® on the switch. LOADER -> run onie_bootcmd Loading Open Network Install Environment ... Platform: arm-accton_as4610_54-r0 Version : 2021.09.00.03 WARNING: adjusting available memory to 30000000 ## Booting kernel from Legacy Image at 02000000 ... Image Name: as4610_54x.1.6.1.3 Image Type: ARM Linux Multi-File Image (gzip compressed) Data Size: 3514311 Bytes = 3.4 MiB Load Address: 00000000 Entry Point: 00000000 Contents: Image 0: 2762367 Bytes = 2.6 MiB Image 1: 733576 Bytes = 716.4 KiB Image 2: 18351 Bytes = 17.9 KiB Verifying Checksum ... OK ## Loading init Ramdisk from multi component Legacy Image at 02000000 ... ## Flattened Device Tree from multi component Image at 02000000 Booting using the fdt at 0x02355858 Uncompressing Multi-File Image ... OK Loading Ramdisk to 2ff4c000, end 2ffff188 ... OK Loading Device Tree to 03ff8000, end 03fff7ae ... OK Cannot reserve gpages without hugetlb enabled setup_arch: bootmem as4610_54x_setup_arch() arch: exit pci 0000:00:00.0: ignoring class b20 (doesn't match header type 01) sd 0:0:0:0: [sda] No Caching mode page present sd 0:0:0:0: [sda] Assuming drive cache: write through sd 0:0:0:0: [sda] No Caching mode page present sd 0:0:0:0: [sda] Assuming drive cache: write through sd 0:0:0:0: [sda] No Caching mode page present sd 0:0:0:0: [sda] Assuming drive cache: write through ONIE: Using DHCPv4 addr: eth0: 192.168.2.77 / 255.255.255.0 discover: installer mode detected. Running installer. Please press Enter to activate this console. ONIE: Using DHCPv4 addr: eth0: 192.168.2.77 / 255.255.255.0 ONIE: Starting ONIE Service Discovery ONIE: Executing installer: http://192.168.2.42/onie-installer-PicOS-4.0.0-8b1219e112-x86.bin Verifying image checksum ... OK. Preparing image archive ... OK. PicOS installation .............................................. ./var/local/ ./var/run Setup PicOS environment ... .............................................. XorPlus login: admin Password: You are required to change your password immediately (root enforced) Changing password for admin. (current) UNIX password: Enter new UNIX password: Retype new UNIX password: admin@XorPlus$ x86 Platform On x86 platform, it uses GRUB menu to choose install OS via ONIE. a) Reboot the system, and enter ONIE installation environment from the GRUB menu: +----------------------------------------------------------------------------+ | PicOS | |*ONIE | | | | | | | | | | | | | | | | | | | | | +----------------------------------------------------------------------------+ Use the ^ and v keys to select which entry is highlighted. Press enter to boot the selected OS, `e' to edit the commands before booting or `c' for a command-line. b) From GRUB prompt, choose ONIE: Rescue to Install OS, boot ONIE in rescue mode. GNU GRUB version 2.02~beta2+e4a1fe391 +----------------------------------------------------------------------------+ |*ONIE: Install OS | | ONIE: Rescue | | ONIE: Uninstall OS | | ONIE: Update ONIE | | ONIE: Embed ONIE | | DIAG: Accton Diagnostic | | | | | | | | | | | | | +----------------------------------------------------------------------------+ The installer runs and will reboot the system after installation is complete. NOTEs： After the system restarts, you need to enter the username and password, the initial login username is admin and password is pica8. After the username and password are entered, user will be asked to choose a new password for admin. This is the only post installation step after which the PicOS® operating system can be used. 3.3.4 Nos-boot-mode Installation NOTE： The installation method described in this section applies to installation through both the console port and the management port. The installation method described in this section only applies to platforms that have pre-installed ONIE. The installation methods described in PicOS® Configuration Guide V4.4.5 must be performed through the console port. If you want to install the system through a non-console port, you can use the nos-boot-mode command to perform the installation which is described in this section. Usage of nos-boot-mode command: admin@Xorplus$sudo nos-boot-mode USAGE install or uninstall NOS(es) SYNOPSIS nos-boot-mode [install|uninstall] DESCRIPTION install- Install NOS uninstall- Remove all NOS(es) including PicOS® When nos-boot-mode install command is executed, PicOS® will switch to ONIE install mode, and the user should go on to complete the subsequent installation. The steps for the manual installation process and the automatic installation process using the nos-boot-mode install command are described below. When nos-boot-mode unsinstall command is executed, the system will remove all NOS(es) including PicOS® from the device. Therefore, it is suggested to use the nos-boot-mode unsinstall command with caution. 3.3.5 Manual Installation Process Step1 Make sure that the installation package of .bin file has been loaded to the server (server could be HTTP, TFTP, or an FTP server or the switch local directory depending on the actual installation environment). Step2 Execute the nos-boot-mode install command to enter ONIE installation environment. admin@Xorplus:~$ sudo nos-boot-mode install Step3 Type “yes” when the below prompt is shown, which will take the system will to ONIE install mode. Type 'yes' to install NOS! Type 'no' to exit [no]/yes: Step4 Run onie-nos-install command as follows to manually install PicOS®. Install via TFTP ONIE# onie-nos-install tftp:///PicOS.bin Install via FTP When installing via FTP, you need to type in the username and password for the FTP server on which the image file is loaded. ONIE# onie-nos-install ftp://username:password@/PicOS.bin Install via HTTP ONIE# onie-nos-install http:///PicOS.bin Install from Local Directory a) In ONIE rescue mode, copy the image file to the current directory. ONIE# scp username@/PicOS.bin . b) Run onie-nos-install command to start installation. ONIE# onie-nos-install PicOS.bin For example, ONIE:/ # onie-nos-install onie-installer-PicOS-4.0.0-8b1219e112-x86.bin discover: Rescue mode detected. No discover stopped. ONIE: Executing installer: onie-installer-PicOS-4.0.0-8b1219e112-x86.bin Verifying image checksum ... OK. Preparing image archive ... OK. [1] PicOS L2/L3 (default) [2] PicOS Open vSwitch/OpenFlow Enter your choice (1,2):1 PicOS L2/L3 is selected. ONIE installation will overwrite the configuration file of existing system. It is recommended to follow the upgrade procedure to upgrade the system. Press any key to stop the installation... 10 9 8 7 6 5 4 3 2 1 ... The installer runs automatically, before start installation, it will prompt to choose the option to make PicOS® to boot into L2/L3 or OVS mode. If not selected, then PicOS® boots into L2/L3. After finishing installation, the device reboots automatically, the system then comes up running the new network operating system. NOTEs： After the system restarts, you need to enter the username and password, the initial login username is admin and password is pica8. After the username and password are entered, user will be asked to choose a new password for admin. This is the only post installation step after which the PicOS® operating system can be used. 3.3.6 Automated Installation Process The automatic installation process uses the DHCP message exchange process to download and install software packages. Step1 Make sure the switch is connected to DHCP and HTTP servers, and the PicOS® installation software package is downloaded to the HTTP server. a) DHCP server configuration: define the path of the installation package and then start DHCP server service: host pica8-3922 { hardware ethernet 70:72:cf:12:34:56; fixed-address 192.168.2.50; option default-url = "http://192.168.2.42/onie-installer-PicOS-4.0.0-8b1219e112-x86.bin"; } b) Check if the .bin installation file is loaded onto the HTTP server: root@dev:/var/www# ls index.html onie-installer-powerpc.bin Step2 Execute the nos-boot-mode install command to enter ONIE installation environment. admin@Xorplus$ sudo nos-boot-mode install Step3 Type “yes” when the below prompt is shown, and the system will automatically complete the installation. Type 'yes' to install NOS! Type 'no' to exit [no]/yes: The installer runs automatically and will reboot the system after installation is completed. NOTEs： After the system restarts, you need to enter the username and password, the initial login username is admin and password is pica8. After the username and password are entered, user will be asked to choose a new password for admin. This is the only post installation step after which the PicOS® operating system can be used. 3.3.7 Verifying Version after Installation After system reboots automatically, the system will come up running the new network operating system. admin@Xorplus> show version Copyright (C) 2009-2022 Pica8, Inc. =================================== Hardware Model : as7312_54x Linux System Version/Revision : 4.0.0/8b1219e112 Linux System Released Date : 5/18/2021 L2/L3 Version/Revision : 4.0.0/8b1219e112 L2/L3 Released Date : 5/18/2021 OVS/OF Version/Revision : 4.0.0/8b1219e112 OVS/OF Released Date : 5/18/2021 3.3.8 Appendix: Troubleshooting Installation/Upgrade Failure on AS7326-56X Installation or upgrade failure (for example, the switches cannot boot up after install) may occur on the old AS7326-56X hardware models (revision is R01F and before). When booting PicOS® on AS7326-56X and detect hardware rev R01F, the system will log a warning message to prompt the hardware revision R01F is a pre-production hardware reversion: "This hardware revision R01F is a pre-production hardware rev, PicOS® has applied a work around to work with PicOS®. Support will be provided on a best effort basis". To work around the issue, first we need to check the “Label Revision”. If it is an old hardware model (revision is R01F or before), then, we can perform the following provided solution after installation/upgrade to solve the problem. 3.3.9 Check Label Revision Under ONIE prompt, run “onie_syseeprom” to get the “Label Revision”. ONIE:/ # onie-syseeprom TlvInfo Header: Id String: TlvInfo Version: 1 Total Length: 166 TLV Name Code Len Value -------------------- ---- --- ----- Manufacture Date 0x25 19 04/27/2019 02:10:06 Label Revision 0x27 4 R01B Platform Name 0x28 27 x86_64-accton_as7326_56x-r0 ONIE Version 0x29 13 2018.05.00.05 Manufacturer 0x2B 6 Accton Diag Version 0x2E 7 0.0.1.0 Base MAC Address 0x24 6 80:A2:35:81:D5:F0 Serial Number 0x23 14 732656X1916012 Country Code 0x2C 2 TW Part Number 0x22 13 FP4ZZ7656005A Product Name 0x21 15 7326-56X-O-AC-F MAC Addresses 0x2A 2 256 Vendor Name 0x2D 6 Accton CRC-32 0xFE 4 0xC3D3F2DE Checksum is valid. ONIE:/ # 3.3.10 Solution You can follow the steps below after installation/upgrade, to fix the problem of installation and upgrade failure on the old AS7326-56X hardware model (revision R01F or before). Step1 Power cycle the switch. Step2 From the GRUB menu, choose “ONIE” to enter ONIE GRUB menu: +----------------------------------------------------------------------------+ | PicOS | |*ONIE | | | | | | | | | | | | | | | | | | | | | +----------------------------------------------------------------------------+ Use the ^ and v keys to select which entry is highlighted. Press enter to boot the selected OS, `e' to edit the commands before booting or `c' for a command-line. Step3 From ONIE GRUB menu, choose “ONIE: Rescue” to launch ONIE in Rescue mode. GNU GRUB version 2.02~beta2+e4a1fe391 +----------------------------------------------------------------------------+ | ONIE: Install OS | |*ONIE: Rescue | | ONIE: Uninstall OS | | ONIE: Update ONIE | | ONIE: Embed ONIE | | DIAG: Accton Diagnostic | | | | | | | | | | | | | +----------------------------------------------------------------------------+ Step4 Press Enter to display the ONIE prompt. Step5 Mount PicOS® partition with label is “PicOS”. ONIE:/ # blkid /dev/sda7: LABEL="User-Data" UUID="be63cef8-4560-4c48-ab5a-8f7ced5a950b" /dev/sda6: LABEL="PicOS2" UUID="f589e53f-4cd1-44ba-8384-f339f4e2b2ac" /dev/sda5: LABEL="PicOS" UUID="8ca5f7ed-5a15-4a2a-944c-4d8872647bf5" /dev/sda4: LABEL="PicOS-GRUB" UUID="782a1372-4b66-4783-b920-dab1df8ec6e4" /dev/sda3: LABEL="ACCTON-DIAG" UUID="3e4117d0-1926-472a-9d9e-08883df83d40" /dev/sda2: LABEL="ONIE-BOOT" UUID="1a90abd8-f065-4f7a-90a0-af122b8805fa" ONIE:/ # ONIE:/ # mount /dev/sda5 /mnt Step6 Execute the following command to modify the I2C access address. ONIE:/ # sed -I "s/0x57/0x56/" /mnt/etc/rc_hw.sh ONIE:/ # sync Step7 Unmount the PicOS® partition. ONIE:/ # unmount /dev/sda5 Step8 Reboot the switch. ONIE:/ # reboot 4. Zero Touch Configuration 4.1 Overview of ZTP 4.1.1 ZTP Fundamentals NOTEs: Currently, the IPv6 ZTP is not supported. You are suggested to implement ZTP for unconfigured devices, or the error prompts may appear. Before using ZTP, you should configure the switch with two partitions of active partition and backup partition. The active partition can be used for upgrade and the backup partition can be used to save the current version, which can make sure the original version can be recovered once the upgrade is failed. ZTP (Zero Touch Provisioning) is a technology for automated upgrade and configuration of unconfigured network devices. You can automatically upgrade and configure devices with the provision script of ZTP before the PicOS® is up, obtaining the required configuration information without manual intervention, including IP addresses, routing, security policies, etc. When large numbers of switches need to be upgraded to new versions or issued with configuration files, you can use ZTP to reduce labor costs and improve deployment efficiency. It can implement fast, accurate and reliable device deployment. ZTP Process Figure 2. ZTP Workflow of White-Box Switches image.png After a switch is powered on, the switch sends DHCP Discover to get an IP address, and the DHCP server provides the switch with an IP address. The switch sends a request to the DHCP server, and the DHCP server sends a response including the HTTP server address. The switch sends an HTTP request to the HTTP server to get the shell script, and the HTTP server sends an HTTP response with the shell script. The switch executes the shell script to complete the ZTP deployment, including downloading a PicOS image, installing PicOS and its license, registering with the AmpCon-Campus server, updating switch configurations, and rebooting the switch. 4.1.2 DHCP Configuration of ZTP Option Parameters The DHCP server obtains network configuration information required by ZTP through option parameters. The request packets sent by DHCP client carry option 55, and the reply packets responded by DHCP server carry option 7, 66 and 67. The function of option parameters is shown as below. Table 1. Option description Option Description Carrier 55 Specifies the network configuration parameters need to be obtained from the server. It includes the boot file name, TFTP server address, Syslog server address and gateway. Client 7 Specifies the IP address of Syslog server. Server 66 Specifies the IP address of TFTP(HTTP) server allocated for the client. Server 67 Specifies the boot file name allocated for the client. Server DHCP Server Configuration When the switch is served as the DHCP server, you can configure the DHCP server through PicOS® commands (suggested) or Linux commands. PicOS® command Here is an example of configuring the DHCP server through PicOS® commands, which specifies the IP address of Syslog server as 192.168.10.1, the IP address of TFTP server as 192.168.10.1, and the working path of provision script on the TFTP server as ./provision.sh. For detailed information of related commands, see Configuring DHCP server. admin@PicOS# set protocols dhcp server pool pool1 log-server 192.168.10.1 admin@PicOS# set protocols dhcp server pool pool1 tftp-server 192.168.10.2 admin@PicOS# set protocols dhcp server pool pool1 bootfile-name file-path ./provision.sh admin@PicOS# commit Linux command Here is an example of configuring the DHCP server through Linux commands. host pica8-pxxxx {*************************//////////////////////////////////////////////////////////////////////////////////////// hardware ethernet 08:9e:01:62:d5:62; option bootfile-name "pica8/provision.script"; option tftp-server-name "xx.xx.xx.xx"; option log-servers xx.xx.xx.xx; fixed-address xx.xx.xx.xx; } The elements of the segment above are described below: host: the host name of the PicOS® switch. hardware ethernet: the MAC address of the PicOS® switch. bootfile-name: the file name of the shell scripts and its path relative to the TFTP root directory. tftp-server-name: the IP address of the TFTP server. log-servers: the IP address of the log server that will receive logs from ZTP. fixed-address: optional. Configure a fixed IP address as management IP of the switch. PicOS® switches send a vendor-class-identifier to the DHCP server in the format of pica8-pxxxx where xxxx is the switch model. It is possible for the customer to use the vendor-class-identifier to identify PicOS® switches. 4.1.3 Provision Script The provision script describes what is required and how to execute when you upgrade and configure PicOS® through ZTP. You can customize the provision script through running the generate_script file. The generate_script is provided in the format of Shell and Python, and you can click generate_script.py or generate_script.sh to download. The detailed contents are shown as below. import os def prompt_choice(): print("""Please choose an option to configure (enter the number to select, enter 'done' to generate the script): 1. Add remote Syslog server 2. Remove remote Syslog server 3. Get file from TFTP server 4. Get file from HTTP server 5. Enable ZTP auto-run when switch boot up 6. Disable ZTP auto-run when switch boot up 7. Get PicOS image from file server and upgrade 8. Get PicOS startup file "picos_start.conf" from file server 9. Get PicOS configuration file "pica_startup.boot" from file server 10. Get file with PicOS L2/L3 CLI commands list and execute these commands 11. Get PicOS OVS configuration file "ovs-vswitchd.conf.db" from file server""") return input("Enter your choice: ") def generate_script(): config_commands = [] while True: choice = prompt_choice() if choice == 'done': break if choice == '1': ip = input("Enter syslog server IP address: ") config_commands.append(f"add_remote_syslog_server {ip}") elif choice == '2': ip = input("Enter the syslog server IP address to remove: ") config_commands.append(f"remove_remote_syslog_server {ip}") elif choice == '3': remote_file_name = input("Enter file name in TFTP server: ") local_file_name = input("Enter file name with path in local: ") ip = input("Enter TFTP server IP address (optional): ") config_commands.append(f"tftp_get_file {remote_file_name} {local_file_name} {ip}") elif choice == '4': local_file_name = input("Enter file name with path in local: ") file_name = input("Enter file name with HTTP server URL:: ") config_commands.append(f"http_get_file {local_file_name} {file_name}") elif choice == '5': config_commands.append("ztp_enable") elif choice == '6': config_commands.append("ztp_disable") elif choice == '7': file_name = input("Enter tftp file name or http url: ") revision = input("Enter the software revision of the image: ") ip = input("Enter TFTP server IP address (optional): ") config_commands.append(f'if [ "$revision" != "{revision}" ]; then get_picos_image {file_name} {ip}; fi') elif choice == '8': file_name = input("Enter tftp file name or http url: ") ip = input("Enter TFTP server IP address (optional): ") config_commands.append(f"get_picos_startup_file {file_name} {ip}") elif choice == '9': file_name = input("Enter tftp file name or http url: ") ip = input("Enter TFTP server IP address (optional): ") config_commands.append(f"get_l2l3_config_file {file_name} {ip}") elif choice == '10': file_name = input("Enter tftp file name or http url: ") ip = input("Enter TFTP server IP address (optional): ") config_commands.append(f"l2l3_load_config {file_name} {ip}") elif choice == '11': file_name = input("Enter tftp file name or http url: ") ip = input("Enter TFTP server IP address (optional): ") config_commands.append(f"get_ovs_config_file {file_name} {ip}") else: print("Invalid choice, please try again.") print("\n") # Generate Shell script script_name = "provision.sh" with open(script_name, 'w') as script_file: script_file.write("#!/bin/bash\n") script_file.write("source /usr/bin/ztp-functions.sh\n") script_file.write("\n") for command in config_commands: script_file.write(f"{command}\n") print(f"\nGenerated Shell script has been saved as {script_name}") # Run script generation program generate_script() #!/bin/bash function prompt_choice() { echo "Please choose an option to configure (enter the number to select, enter 'done' to generate the script): 1. Add remote Syslog server 2. Remove remote Syslog server 3. Get file from TFTP server 4. Get file from HTTP server 5. Enable ZTP auto-run when switch boot up 6. Disable ZTP auto-run when switch boot up 7. Get PicOS image from file server and upgrade 8. Get PicOS startup file \"picos_start.conf\" from file server 9. Get PicOS configuration file \"pica_startup.boot\" from file server 10. Get file with PicOS L2/L3 CLI commands list and execute these commands 11. Get PicOS OVS configuration file \"ovs-vswitchd.conf.db\" from file server" read -rp "Enter your choice: " choice } function generate_script() { local config_commands=() local revision="" while true; do prompt_choice case $choice in 1) read -rp "Enter syslog server IP address: " ip config_commands+=("add_remote_syslog_server $ip") ;; 2) read -rp "Enter the syslog server IP address to remove: " ip config_commands+=("remove_remote_syslog_server $ip") ;; 3) read -rp "Enter file name in TFTP server: " remote_file_name read -rp "Enter file name with path in local: " local_file_name read -rp "Enter TFTP server IP address (optional): " ip config_commands+=("tftp_get_file $remote_file_name $local_file_name $ip") ;; 4) read -rp "Enter file name with path in local: " local_file_name read -rp "Enter file name with HTTP server URL: " file_name config_commands+=("http_get_file $local_file_name $file_name") ;; 5) config_commands+=("ztp_enable") ;; 6) config_commands+=("ztp_disable") ;; 7) read -rp "Enter tftp file name or http url: " file_name read -rp "Enter the software revision of the image:" revision read -rp "Enter TFTP server IP address (optional): " ip config_commands+=("if [ \"\$revision\" != \"$revision\" ]; then get_picos_image $file_name $ip; fi") ;; 8) read -rp "Enter tftp file name or http url: " file_name read -rp "Enter TFTP server IP address (optional): " ip config_commands+=("get_picos_startup_file $file_name $ip") ;; 9) read -rp "Enter tftp file name or http url: " file_name read -rp "Enter TFTP server IP address (optional): " ip config_commands+=("get_l2l3_config_file $file_name $ip") ;; 10) read -rp "Enter tftp file name or http url: " file_name read -rp "Enter TFTP server IP address (optional): " ip config_commands+=("l2l3_load_config $file_name $ip") ;; 11) read -rp "Enter tftp file name or http url: " file_name read -rp "Enter TFTP server IP address (optional): " ip config_commands+=("get_ovs_config_file $file_name $ip") ;; done) break ;; *) echo "Invalid choice, please try again." ;; esac printf "\n" done # Generate Shell script local script_name="provision.sh" { echo "#!/bin/bash" echo "source /usr/bin/ztp-functions.sh" echo "" for command in "${config_commands[@]}"; do echo "$command" done } > "$script_name" printf "\n" echo "Generated Shell script has been saved as $script_name" } # Run script generation program generate_script Generate Script in the Shell Format Shell Script Content #!/bin/bash function prompt_choice() { echo "Please choose an option to configure (enter the number to select, enter 'done' to generate the script): 1. Add remote Syslog server 2. Remove remote Syslog server 3. Get file from TFTP server 4. Get file from HTTP server 5. Enable ZTP auto-run when switch boot up 6. Disable ZTP auto-run when switch boot up 7. Get PicOS image from file server and upgrade 8. Get PicOS startup file \"PicOS_start.conf\" from file server 9. Get PicOS configuration file \"pica_startup.boot\" from file server 10. Get file with PicOS L2/L3 CLI commands list and execute these commands 11. Get PicOS OVS configuration file \"ovs-vswitchd.conf.db\" from file server" read -rp "Enter your choice: " choice } function generate_script() { local config_commands=() local revision="" while true; do prompt_choice case $choice in 1) read -rp "Enter syslog server IP address: " ip config_commands+=("add_remote_syslog_server $ip") ;; 2) read -rp "Enter the syslog server IP address to remove: " ip config_commands+=("remove_remote_syslog_server $ip") ;; 3) read -rp "Enter file name in TFTP server: " remote_file_name read -rp "Enter file name with path in local: " local_file_name read -rp "Enter TFTP server IP address (optional): " ip config_commands+=("tftp_get_file $remote_file_name $local_file_name $ip") ;; 4) read -rp "Enter file name with path in local: " local_file_name read -rp "Enter file name with HTTP server URL: " file_name config_commands+=("http_get_file $local_file_name $file_name") ;; 5) config_commands+=("ztp_enable") ;; 6) config_commands+=("ztp_disable") ;; 7) read -rp "Enter tftp file name or http url: " file_name read -rp "Enter the software revision of the image:" revision read -rp "Enter TFTP server IP address (optional): " ip config_commands+=("if [ \"\$revision\" != \"$revision\" ]; then get_PicOS_image $file_name $ip; fi") ;; 8) read -rp "Enter tftp file name or http url: " file_name read -rp "Enter TFTP server IP address (optional): " ip config_commands+=("get_PicOS_startup_file $file_name $ip") ;; 9) read -rp "Enter tftp file name or http url: " file_name read -rp "Enter TFTP server IP address (optional): " ip config_commands+=("get_l2l3_config_file $file_name $ip") ;; 10) read -rp "Enter tftp file name or http url: " file_name read -rp "Enter TFTP server IP address (optional): " ip config_commands+=("l2l3_load_config $file_name $ip") ;; 11) read -rp "Enter tftp file name or http url: " file_name read -rp "Enter TFTP server IP address (optional): " ip config_commands+=("get_ovs_config_file $file_name $ip") ;; done) break ;; *) echo "Invalid choice, please try again." ;; esac printf "\n" done # Generate Shell script local script_name="provision.sh" { echo "#!/bin/bash" echo "source /usr/bin/ztp-functions.sh" echo "" for command in "${config_commands[@]}"; do echo "$command" done } > "$script_name" printf "\n" echo "Generated Shell script has been saved as $script_name" } # Run script generation program generate_script Option Description of Shell Script NOTEs: Make sure that names of all files configured in the script is the same with files placed in the file server, or the switch cannot obtain them successfully. The IP address of TFTP server from DHCP server will be valid if it is not configured in the script. Option Description Example Add remote Syslog server Specify the IPv4 address of the Syslog server. Open 1 image.png The IPv4 address of Syslog server is configured as 10.10.30.1. Remove remote Syslog server Delete the IPv4 address of the Syslog server.10.10.30.1 Open 2 image.png The IPv4 address 10.10.30.1 of Syslog server is deleted. Get file from TFTP server Download a file with specified name from the TFTP server with a specified IP address and path, and save it in local with another specified name. Note： The path /cftmp is valid if you don’t specify the local path here. Open 3 image.png The file remote-file.txt in the TFTP server 10.10.30.2 is downloaded and is saved in local as local-file.txt. Get file from HTTP server Download a file with specified name from the HTTP server with a specified URL and save it in local with another specified name. Note： The root path is valid if you don’t specify the local path here. Open 4 image.png The file remote-file.txt in the HTTP server 10.10.30.2 is downloaded and is saved in local as local-file.txt. Enable ZTP auto-run when switch boot up Enable ZTP function after completing this ZTP process. Note： You are suggested to configure this option at last, or it may be invalid. Open 5 image.png Disable ZTP auto-run when switch boot up Disable ZTP function after completing this ZTP process. Note： You are suggested to configure this option at last, or it may be invalid. Open 6 image.png Get PicOS® image from file server and upgrade Download the PicOS® image from the TFTP server with the specified IP address, path and name, or from the HTTP server with URL. Then, upgrade the switch to the new version. Notes： You should specify the version number to make sure the switch only upgrades one time. You don’t need to configure the TFTP server IP address when downloading files from the HTTP server. Open 7 image.png The image onie-installer-PicOS-9.8.7-main-43d73dd983-x86v.bin in the working path of the TFTP server 10.10.30.2 is downloaded, and the switch is upgraded to this new version with the version number 43d73dd983. Get PicOS® startup file "PicOS_start.conf" from file server Download the PicOS® startup file PicOS_start.conf from the TFTP server with the specified IP address, path and name, or from the HTTP server with URL. Note： You don’t need to configure the TFTP server IP address when downloading files from the HTTP server. Open 8 image.png The file PicOS_start.conf from the HTTP server 10.10.30.3 is downloaded. Get PicOS® configuration file "pica_startup.boot" from file server Download the L2/l3 configuration file pica_startup.boot from the TFTP server with the specified IP address, path and name, or from the HTTP server with URL. Note： You don’t need to configure the TFTP server IP address when downloading files from the HTTP server. Open 9 image.png The file pica_startup.boot from the HTTP server 10.10.30.3 is downloaded. Get file with PicOS® L2/L3 CLI commands list and execute these commands Download the L2/l3 command file from the TFTP server with the specified IP address, path and name, or from the HTTP server with URL. Notes： You don’t need to configure the TFTP server IP address when downloading files from the HTTP server. You can modify the file ztpl2l3_cfg.cli as needed. For example, if you need to specify VLAN 10 and VLAN 20, you can configure as follows:set vlans vlan-id 20 set vlans vlan-id 30 Open 10 image.png he file ztpl2l3_cfg.cli in the working directory of the TFTP server 10.10.30.2 is downloaded. Get PicOS® OVS configuration file "ovs-vswitchd.conf.db" from file server Download the OVS configuration file ovs-vswitchd.conf.db from the TFTP server with the specified IP address, path and name, or from the HTTP server with URL. Notes： You don’t need to configure the TFTP server IP address when downloading files from the HTTP server. Open 11 image.png The file ovs-vswitchd.conf.db from the HTTP server 10.10.30.3 is downloaded. Generate Script in the Python Format Python Script Content import os def prompt_choice(): print("""Please choose an option to configure (enter the number to select, enter 'done' to generate the script): 1. Add remote Syslog server 2. Remove remote Syslog server 3. Get file from TFTP server 4. Get file from HTTP server 5. Enable ZTP auto-run when switch boot up 6. Disable ZTP auto-run when switch boot up 7. Get PicOS image from file server and upgrade 8. Get PicOS startup file "PicOS_start.conf" from file server 9. Get PicOS configuration file "pica_startup.boot" from file server 10. Get file with PicOS L2/L3 CLI commands list and execute these commands 11. Get PicOS OVS configuration file "ovs-vswitchd.conf.db" from file server""") return input("Enter your choice: ") def generate_script(): config_commands = [] while True: choice = prompt_choice() if choice == 'done': break if choice == '1': ip = input("Enter syslog server IP address: ") config_commands.append(f"add_remote_syslog_server {ip}") elif choice == '2': ip = input("Enter the syslog server IP address to remove: ") config_commands.append(f"remove_remote_syslog_server {ip}") elif choice == '3': remote_file_name = input("Enter file name in TFTP server: ") local_file_name = input("Enter file name with path in local: ") ip = input("Enter TFTP server IP address (optional): ") config_commands.append(f"tftp_get_file {remote_file_name} {local_file_name} {ip}") elif choice == '4': local_file_name = input("Enter file name with path in local: ") file_name = input("Enter file name with HTTP server URL:: ") config_commands.append(f"http_get_file {local_file_name} {file_name}") elif choice == '5': config_commands.append("ztp_enable") elif choice == '6': config_commands.append("ztp_disable") elif choice == '7': file_name = input("Enter tftp file name or http url: ") revision = input("Enter the software revision of the image: ") ip = input("Enter TFTP server IP address (optional): ") config_commands.append(f'if [ "$revision" != "{revision}" ]; then get_PicOS_image {file_name} {ip}; fi') elif choice == '8': file_name = input("Enter tftp file name or http url: ") ip = input("Enter TFTP server IP address (optional): ") config_commands.append(f"get_PicOS_startup_file {file_name} {ip}") elif choice == '9': file_name = input("Enter tftp file name or http url: ") ip = input("Enter TFTP server IP address (optional): ") config_commands.append(f"get_l2l3_config_file {file_name} {ip}") elif choice == '10': file_name = input("Enter tftp file name or http url: ") ip = input("Enter TFTP server IP address (optional): ") config_commands.append(f"l2l3_load_config {file_name} {ip}") elif choice == '11': file_name = input("Enter tftp file name or http url: ") ip = input("Enter TFTP server IP address (optional): ") config_commands.append(f"get_ovs_config_file {file_name} {ip}") else: print("Invalid choice, please try again.") print("\n") # Generate Shell script script_name = "provision.sh" with open(script_name, 'w') as script_file: script_file.write("#!/bin/bash\n") script_file.write("source /usr/bin/ztp-functions.sh\n") script_file.write("\n") for command in config_commands: script_file.write(f"{command}\n") print(f"\nGenerated Shell script has been saved as {script_name}") # Run script generation program generate_script() Option Description of Python Script The description of the Python script is the same with the Shell script. For detailed information, see Option Description of Shell Script. Configuration Example for Generating Provision.sh Take the Shell script as an example to introduce how to use it: a) Upload the Shell script generate_script.sh to the Linux environment. b) Use the command chmod +x generate_script.sh to enable the executable permission. c) Enter command ./generate_script.sh to run the script, and options are shown as below. image.png d) Select options of 1, 3 and 6 in sequence as needed, and enter done to generate the script. generate-20240918-062650.png e) The file named provision.sh is generated in the current directory, which includes all selected options. The content of provision script is shown as below. image-20241014-100713.png 4.2 Enabling or Disabling ZTP NOTE: By default, ZTP is enabled on PicOS® switches. If ZTP is left enabled, the PicOS® switch will try to download a new script every time the switch is booted. This is not a desirable situation, so ZTP should be disabled when it is no longer needed. Four methods are supported to disable or enable ZTP, as detailed below: Enable or disable ZTP through running the provision script. To generate the corresponding provision script, select options of 5 and 6 when running the generate_script, as shown below. image-20241014-101247.png Note： you are suggested to select this option at last, or the option may be invalid. Enable or disable ZTP through the command set system ztp enable in PicOS® configuration mode. The following example disables ZTP using the command set system ztp enable : dmin@XorPlus# set system ztp enable false admin@XorPlus# commit Enable or disable ZTP via the ztp-config script included with PicOS®. The following example disables ZTP using the ztp-config script run from the Linux shell: admin@LEAF-A$sudo ztp-config Please configure the default PicOS ZTP options: (Press other key if no change) [1] PicOS ZTP enabled * default [2] PicOS ZTP disabled Enter your choice (1,2):2 PicOS ZTP is disabled. admin@LEAF-A$ Manually edit the PicOS® configuration file PicOS_start.conf and change the value of the ztp_disable variable. The following snippet from the PicOS® configuration file shows that ZTP has been disabled (ztp_disable=true). admin@LEAF-A$more /etc/PicOS/PicOS_start.conf | grep ztp ztp_disable=true To enable ZTP, you need to set ztp_disable to false. 4.3 Preparation before ZTP Deployment Before powering on the switch to start ZTP deployment, you should make the following preparations: Items Preparations DHCP client It is network reachable, which can communicate with the DHCP server and file server. File server It is configured successfully and is network reachable. DHCP server It is network reachable. If the switch is served as the server, you should configure the IP address of file server, the path and name of provision script and the IP address of Syslog server (optional). Required files Obtain files (image file, L2/L3 configuration file, OVS configuration file, L2/L3 command file or startup file) from FS stuffs, and save them in the working directory of file servers.Note: the provision.sh is generated through running the generate_script file. For details, see Configuration Example for Generating Provision.sh. 4.4 Example for Implementing ZTP Deployment through DHCP 4.4.1 Overview Figure 3. Typical topology of ZTP implementation image.png In Figure 3, switches are configured respectively as the DHCP client and DHCP server. The client uses information configured on a DHCP server to locate the software image and configuration files on the TFTP server, and then download specified files to upgrade system and load configurations. The data plan is shown as below: Device Interface VLAN and IP Address DHCP server te-1/1/1te-1/1/2te-1/1/3 VLAN: 10IP address: 192.168.10.2/24 TFTP server eth0 IP address: 192.168.10.1/24 The image information of Client1 and Client2, and the files to be loaded are shown as below: Device Current version Files to be loaded Client1 PicOS®-9.8.7 Image: PicOS®-9.8.7-main-43d73dd983-x86v.binCommand file: ztpl2l3_cfg.cli Client2 PicOS®-4.4.0 4.4.2 Procedure DHCP Server Step 1 Configure VLAN and interface. admin@PicOS# set vlans vlan-id 10 admin@ PicOS # set interface gigabit-ethernet te-1/1/1 family ethernet-switching native-vlan-id 10 admin@ PicOS # set interface gigabit-ethernet te-1/1/2 family ethernet-switching native-vlan-id 10 admin@ PicOS # set interface gigabit-ethernet te-1/1/3 family ethernet-switching native-vlan-id 10 admin@ PicOS # set vlans vlan-id 10 l3-interface vlan10 admin@ PicOS # set l3-interface vlan-interface vlan10 address 192.168.10.2 prefix-length 24 admin@ PicOS # commit Step 2 Configure DHCP pool. admin@PicOS# set protocols dhcp server pool pool1 network address 192.168.10.2 prefix-length 24 admin@PicOS# set protocols dhcp server pool pool1 lease-time 1440 admin@ PicOS # set protocols dhcp server pool pool1 range range1 low 192.168.10.3 admin@ PicOS # set protocols dhcp server pool pool1 range range1 high 192.168.10.20 admin@ PicOS # set protocols dhcp server pool pool1 tftp-server 192.168.10.1 admin@ PicOS # set protocols dhcp server pool pool1 bootfile-name file-path provision.sh admin@ PicOS # set ip routing enable true admin@ PicOS # commit TFTP Server Step 1 Set the basic configuration of TFTP server. Make sure that the TFTP server is network reachable, which can communicate with the DHCP server and DHCP client. Step 2 Configure files needed to be saved in the TFTP server. For the provision file provision.sh, you need to run generate_script with options 7 and 10 selected to generate it. For details, see Option Description of Shell Script. For the L2/L3 command file ztpl2l3_cfg.cli, you can modify it as needed, such as configuring VLAN20 and VLAN30. Step 3 Save the image file, provision script and L2/L3 command file to the working path of TFTP server. Note： The working path of TFTP server here is /home/admin/tftp, and you should modify it based on the actual circumstances. Step 4 Generate the MD5 file. Enter the directory which saves image file, and run the following Linux command to generate MD5 file. The generated MD5 file will be saved in this directory. Note： The MD5 file name must be the format of image-file-name.md5, otherwise the DHCP server cannot recognize it. admin@TFTP:~$ cd /home/admin/tftp admin@TFTP:~/tftp$ md5sum onie-installer-PicOS-9.8.7-main-43d73dd983x86v.bin > onie-installer-PicOS-9.8.7-main-43d73dd983-x86v.bin.md5 Step 5 View the files saved in the directory of /home/admin/tftp. admin@PicOS:~$ ls /home/admin/tftp ls-20240923-075709.png DHCP Client After completing the above configuration, start client1 and client2. 4.4.3 Verifying the Configuration View the upgrade process of client1 and client2. Client1: for the version is already V9.8.7, it directly loads L2/L3 command configurations. image-20241015-082949.png Client2: for the version is V4.4.0, it upgrades to V9.8.7 and then loads L2/L3 command configurations. image-20241015-083941.png View the L2/L3 command configurations of client1 and client2. image.png 4.5 Appendix: ZTP API The ZTP makes use of the API (application programming interface) defined in the ztp-functions.sh file located in the /usr/bin directory. The API description is shown as below, and you can refer to it when configuring the ZTP function, such as running the generate_script to generate the provision script. NOTE: For APIs with name changed, please use the correct name in the corresponding version, or the error prompt will appear. API Description Parameter Return Value Supported Version ztp_disable Disable ZTP auto-run when switch boots up None 0 = success,1 = failed All ztp_enable Enable ZTP auto-run when switch boots up None 0 = success,1 = failed All add_remote_syslog_server Add the remote Syslog server Parameter #1: the IP address of remote Syslog server(eg: 192.168.1.200) 0 = success,1 = failed All remove_remote_syslog_server Remove the remote Syslog server Parameter #1: the IP address of remote Syslog server(eg: 192.168.1.200) 0 = success,1 = failed All tftp_get_file Get file from TFTP server Parameter #1: file name in TFTP serverParameter #2: file name with path in localParameter #3: IP address of TFTP server 0 = success,1 = failed All http_get_file Get file from HTTP server Parameter #1: file name with path in localParameter #2: file name with HTTP server URL 0 = success,1 = failed V4.5.0E or later versions get_l2l3_config_file Get PicOS® configuration file "pica_startup.boot" from file server Parameter #1:For TFTP download: it is the configuration file name with path on TFTP severFor HTTP download: it is the configuration file name with HTTP server URL. Parameter #2 does not need to be setParameter #2: TFTP server IP address, if not set, the TFTP server IP address from DHCP server will be used 0 = success,1 = failed V4.5.0E or later versionsNote: in the previous versions, the name is tftp_get_l2l3_config_file. get_ovs_config_file Get PicOS® OVS configuration file "ovs-vswitchd.conf.db" from file server Parameter #1:For TFTP download: it is the configuration file name with path on TFTP severFor HTTP download: it is the configuration file name with HTTP server URL. Parameter #2 does not need to be setParameter #2: TFTP server IP address, if not set, the TFTP server IP address from DHCP server will be used 0 = success,1 = failed V4.5.0E or later versionsNote: in the previous versions, the name is tftp_ get_ovs_config_file. get_PicOS_startup_file Get PicOS startup file "PicOS_start.conf" from file server Parameter #1:For TFTP download: it is the startup file name with path on TFTP severFor HTTP download: it is the startup file name with HTTP server URL. Parameter #2 does not need to be setParameter #2: TFTP server IP address, if not set, the TFTP server IP address from DHCP server will be used 0 = success,1 = failed V4.5.0E or later versionsNote: in the previous versions, the name is tftp_ get_PicOS_startup_file. get_PicOS_image Get PicOS image from file server and upgrade Parameter #1:For TFTP download: it is the image file name with path on TFTP severFor HTTP download: it is the image file name with HTTP server URL. Parameter #2 does not need to be setParameter #2: TFTP server IP address, if not set, the TFTP server IP address from DHCP server will be used 0 = success,1 = failed V4.5.0E or later versionsNote: in the previous versions, the name is tftp_ get_PicOS_image. l2l3_load_config Get a file with PicOS® L2/L3 commands list, and execute these commands. Parameter #1:For TFTP download: it is the commands file name with path on TFTP severFor HTTP download: it is the commands file name with HTTP server URL. Parameter #2 does not need to be setParameter #2: TFTP server IP address, if not set, the TFTP server IP address from DHCP server will be used 0 = success,1 = failed All 5. Configuration Statements and Operational Commands License Installation 5.1 Getting Started with PicOS® License 5.1.1 PicOS® License The PicOS® License (software license) is a software usage authorization that allows users to utilize PicOS®’s Debian Linux operating system, L2/L3 switching and routing functions, as well as OpenFlow features on the corresponding hardware device. The license is specific to the switch it is bound to and is not valid on any other switch. Therefore, it cannot be transferred across devices without authorization. However, once authorized, it remains valid permanently. 5.2 PicOS® License Operation Process 5.2.1 Activating the PicOS® License Follow the steps below to generate and install the PicOS® license. a) Get the switch’s speed type and hardware ID by issuing the following command at switch’s Linux prompt: admin@XorPlus$ license –s b) Use the assigned credential (SSO) by PicOS® License team (license@pica8.com) to login at “License Portal” website. image.png c) In the “License Portal” page, click “New Switch License” as shown below: image.png d) In “New Switch License” page, select Speed type and Feature type based on your purchased order. Then, enter the switch’s hardware ID. License name is optional. image.png e) After clicking the “Add License” button, the license will be added to the database. f) Click the “+” sign of the newly added license to display the “Download” button. image.png g) Click the “Download” button to download the license to the host. The license file name is “hardware_ID.lic”. For example: xxxx-xxxx-xxxx-xxxx.lic image.png h) Copy the downloaded license file (xxxx.lic) to the switch’s folder /home/admin/ by using scp or tftp etc. admin@XorPlus$ sudo scp xxxx.lic /home/admin/ i) Install the license by issuing the following command: admin@XorPlus$ sudo license -i /home/admin/xxxx.lic j) Restart the PicOS® service to activate the license: admin@XorPlus$ sudo systemctl restart PicOS k) After the switch rebooted, use the following command to verify the installed license. admin@XorPlus$ license –sor admin@XorPlus> license show 5.2.2 Installing the PicOS® License Installing License under Linux prompt Installing the License Notes： If no license is installed, only the first four ports and the first two uplink ports (if exist) of the switch are available after the upgrade. To upgrade the switch without production impact, user should install a license before the upgrade. It is possible to install a license in PicOS® 2.3 (starting with PicOS® 2.3.3). To upgrade a switch from a PicOS® version earlier than 2.3, it may be necessary to upgrade to PicOS® 2.3 first to install a license on the system. To avoid this step, user can run a script that can install the license on PicOS® releases earlier than 2.3. Please refer to PicOS® Configuration Guide V4.4.5 or look at the section below for older PicOS® releases. The license file cannot name pica.lic, or license will install failed. Customers can download the generated license file and copy it to the /etc/PicOS/ directory. The following example shows the contents of a switch-based license file: { "Type": "1GE", "Feature":["Open Flow", "Base Product", "Layer3"], "Hardware ID":"8A68-A7AC-D702-70D2", "Expire Date":"2020-10-28" } In the license file shown above, the type is 1GE while the feature is Base Product, Layer3, and Open Flow. Hardware ID is unique to every switch. Note： The switch cannot upgrade to a PicOS® version whose build date is later than the license expiration date. The following example shows the contents of a site-based license file: { "Type": "1GE", "Feature":["Open Flow", "Base Product", "Layer3"], "Mode":"site", "Site Name":"CompanyA", "Expire Date":"2020-10-28" } The license file can be installed with the command-line utility called license with the -i option. The following example installs a license file named js.lic: admin@PicOS:~$ cd /etc/PicOS admin@PicOS:/etc/PicOS$ ls -l total 32 drwxrwxr-x 2 root xorp 4096 Feb 4 22:00 ./ drwxrwxr-x 60 root xorp 4096 Feb 4 21:56 ../ -rw-rw-r-- 1 root xorp 26 Feb 4 18:27 fs_status -rw-r--r-- 1 root root 399 Feb 4 21:59 js.lic -rw-rw-r-- 1 root xorp 247 Sep 4 2014 license.conf -rw-rw-r-- 1 root xorp 183 Aug 10 2014 p2files.lst -rw-rw-r-- 1 root xorp 488 Feb 4 18:28 PicOS_start.conf -rw-r--r-- 1 root root 251 Feb 4 22:00 public.key admin@PicOS:~$ sudo license -i js.lic License successfully added, the switch need to be rebooted to activate the license. admin@PicOS:~$ ls -l total 32 drwxrwxr-x 2 root xorp 4096 Feb 4 22:00 ./ drwxrwxr-x 60 root xorp 4096 Feb 4 21:56 ../ -rw-rw-r-- 1 root xorp 26 Feb 4 18:27 fs_status -rw-rw-r-- 1 root xorp 247 Sep 4 2014 license.conf -rw-rw-r-- 1 root xorp 183 Aug 10 2014 p2files.lst -rw-r--r-- 1 root root 382 Feb 4 22:00 pica.lic -rw-rw-r-- 1 root xorp 488 Feb 4 18:28 PicOS_start.conf -rw-r--r-- 1 root root 251 Feb 4 22:00 public.key -rw-r--r-- 1 root root 251 Feb 4 22:00 switch-public.key admin@PicOS:~$ If the license is installed successfully, after license -i command, the following message will be displayed: License successfully added, the switch need to be rebooted to activate the license. To activate the new license, the switch must be restarted. Displaying License Information User can display the license information using the license -s command at the Linux shell. The following example displays information about the switch-based license: admin@PicOS:~$ license -s { "Type": "1GE", "Feature": ["Open Flow", "Base Product", "Layer3"], "Expire Date": "2020-10-28", "Hardware ID": "8A68-A7AC-D702-70D2" } The following example displays information about the site-based license: admin@PicOS:~$ license -s { "Type": "1GE", "Feature": ["Base Product", "Layer3", "Open Flow"], "Expire Date": "2020-10-28", "Hardware ID": "8A68-A7AC-D702-70D2", "Site Name": " CompanyA " } If the license is not valid, the license -s command generates the following output: admin@PicOS:~$ license -s Invalid license. Use below information to create a license. Type: 1GE Hardware ID: 8A68-A7AC-D702-70D2 admin@PicOS-OVS$ If no license is installed, the license -s command generates the following output: admin@PicOS:~$ license -s No license installed. Use below information to create a license. Type: 1GE Hardware ID: 8A68-A7AC-D702-70D2 admin@PicOS-OVS$ Add License Directly From License Command User can also add the license directly from the license command. The PicOS® 2.6 image supports this command. (1) Paste the license content. (2) Press enter and then press crtl+d. Example for P5401, add a site license: admin@PicOS:/ovs$ sudo license -i - sJXhrpDdd2ZsMemcJ26fqvjjw7vH30gf/4OVtLsROgPNl2VjFQhIJvS3zliF+DK+ tW2QpssH0JB4n8ae9/SumsRWdwdPpbQNB1WaeNq0onWdoTRz2HGiH+XudDAm6B37 kQvCGev7pAe0tCjnB+63F3Z5ZGPbQE89/fNSBGkE6mfZ6dG1F/86C9Bn/MyqkQSI 4uDtRwfo46elZOmwn5aD/mGyh/i2qg8IfhssIn0CbHVaJY8hyt7tYuvgkEb6Xlhx 7i9+qnk9c15ksBdak0f8gxorZDOCacwWACDt/K8NJokOMWTDLnLmDczrXO0Z5l75 eGc7ZygxCjd/jzc5oW9cgIyd License successfully added, the switch need to be rebooted to activate the license. admin@PicOS:/ovs$ Reboot system and license can be activated. Installing and Removing License for PicOS® go2cli Version Installing License under CLI Operation Mode The following steps describe how to install a license under CLI operation mode for PicOS® go2cli version. a) Before loading a license, upload the license file to the device. The following example uploads the license file 10GE-SITE-PICA8.lic to the default path. By default, the TFTP downloaded file is saved in directory /cftmp/. admin@PicOS> file tftp get remote-file /tftp/license/10GE-SITE-PICA8.lic local-file 10GE-SITE-PICA8.lic ip-address 10.10.50.22 b) Run the license install command to install the license. admin@PicOS> license install /cftmp/10GE-SITE-PICA8.lic When the license has been successfully installed, it will display the following information: License successfully added, the switch need to be rebooted to activate the license. c) Reboot the switch or restart PicOS® to activate the license. Choose either one: Reboot the switch admin@PicOS> request system reboot Restart PicOS® service licadmin@PicOS> start shell sh admin@PicOS:~$ sudo service PicOS restart admin@PicOS:~$ exit exit admin@PicOS> d) After PicOS® starts up, run the license show command to view the license information. admin@PicOS> license show { "Type": "10GE", "Feature": ["Base Product", "Layer3", "OpenFlow"], "Support End Date": "2020-10-28", "Hardware ID": "196B-A2AE-147A-73F2", "Site Name": "PICA8" } Removing License under CLI Operation Mode The following steps describe how to remove a license under CLI operation mode for PicOS® go2cli version. admin@PicOS> license remove admin@PicOS> license show No license installed. Use below information to create a license. Type: 10GE Hardware ID: 196B-A2AE-147A-73F2 5.2.3 PicOS® License FAQ User may encounter various problems during license installation as detailed below. The public.key file cannot be found. admin@PicOS:~$ sudo license -i js.lic Install failed: Cannot find public key. The license file does not exist. admin@PicOS:~$ sudo license -i js.lic Install failed: No such file or directory. The header or the key is disrupted. admin@PicOS:~$ sudo license -i js.lic Install failed: License or KEY is disrupted. The license format is not valid. admin@PicOS:~$ sudo license -i js.lic Install failed: License format error. The license file is not compatible with the switch (verify failed). admin@PicOS:~$ sudo license -i js.lic Install failed: Invalid license.

PicOS® Software Release Number

05 gen. 2026 - PicOS® Software Release Number Software Release Numbers The format of PicOS® release version number is x.y.zF. Table 1 shows the description of each letter. Table 1. Description of Release Version Number Letter Description x Major release version number Updated in the following cases: • Major code changes: such as FRR support. • New significant features: such as Linux kernel upgrade support. y Minor release version number Updated in the following cases: • New feature sets, sub-features, or feature enhancements • New hardware platforms, including new ASICs or chipsets z Maintenance release version number The version marked with E indicates that it contains new features or new hardware platform. The number is updated in the following cases: • Security updates. • New hardware platforms for existing ASICs or chipsets, or released in separate branches. The version marked with M indicates that it is in the maintenance phase. The number is updated in the following cases: • Bug fixes and updates. F Release version type E: introduces new features or supports new hardware platform, which is available for early sales and certain experimental bureaus. M: regularly releases patches to fix issues, achieving a high level of stability. Null (No letter): the hotfix version before GA version is released.

Troubleshooting Hardware for N5850-48X6C Switch

04 gen. 2026 - Troubleshooting Hardware for N5850-48X6C Switch This document provides guidance for troubleshooting hardware alarms on the N5850-48X6C switch and for reinstalling the PicOS® operating system. It covers LED alarm types, chassis alarm messages, and step-by-step procedures for upgrading or recovering PicOS®. Following this guidance will help you quickly resolve hardware issues and restore device functionality. Switch Hardware Fault Maintenance System Fault Check the system status (Diag) LED on the front panel to identify potential issues. Refer to the table below for fault symptoms and recommended actions. LED Status Issue Description Recommended Action The Diag LED is Amber. System self-diagnostic test detected a fault (fan, thermal, or interface). 1. Determine whether the fault occurred immediately after the switch was powered on, or after a period of normal operation. 2. Log in to the switch via the console port and collect the switch version and diagnostic logs for further analysis. 3. If you are unable to log in to the switch via the console port, power cycle the switch to determine whether the fault persists. 4. If restarting the switch does not resolve the issue, check the system diagnostic LED: If the LED is amber but the system is accessible, perform Software Upgrade to repair the system while retaining the configuration. If the system cannot be accessed, refer to Device ONIE to reinstall or recover the system. The Diag LED is off. The system is not receiving power or not operating even after receiving power 1. Check the power cord connection. 2. Replace the power cord and/or power supply, then verify whether the switch is functioning properly. 3. If the issue persists, replace the power cord and/or power supply again, and verify functionality. 4. If the problem remains, collect and print the console logs, then contact us for support. Power Supply Fault 1. Check the power status LED on the front panel: Solid Green: The power module is powered on. Solid Amber: The power module is not powered on or is faulty. Off: The power module is not receiving power or not operating even after receiving power. 2. Verify the power module via command line: Execute Show power to confirm if the power supply is functioning properly. The command is as follow: admin@picos> show system rpsu 3. If the power shows any problems, check the table below to see what the LED indicators mean and what actions to take. LED Status Issue Description Recommended Action The PSU LED is amber. The power status LED is off. The power module is not functioning properly. 1. Check the power supply system connected to the device to confirm that it is delivering power and that the voltage is within the normal range. 2. Check whether the power cord is loose. If necessary, replace the power cord or try a different power outlet to see if the issue persists. 3. Remove and reinstall the power module. If the issue persists, replace the power module to determine whether the problem lies with the module or the power slot. 4. Verify the current power status of the switch by running the "show system rpsu" command. 5. Collect the above information for further analysis. Fan Fault Check the fan status LED on the front panel: Solid Green: The fan works normally. Solid Amber: The system is faulty. Off: The power module is not receiving power or not operating even after receiving power. Verify the fan module via command line: Execute Show fan to confirm if the fan is functioning properly. The command is as follow: admin@picos> show system fan If the fan shows any problems, check the table below to see what the LED indicators mean and what actions to take. LED Status Fault Symptom Suggested Action The fan status LED is off or amber. The system is functioning but with a fan anomaly. 1. Check the physical fan status of the switch to identify any fans with abnormal speeds or noises. If two or more fans are faulty, power down the switch until the fans are replaced. 2. Verify the fan status and operating temperature with the commands "run show system fan" and "run show system temperature." If the operating temperature exceeds 40°C, shut down the switch immediately. 3. Replace the faulty fan module and confirm that the fan is operating normally. Gather the above information for further analysis. Switch System Fault Maintenance In certain situations, the PicOS® software on your device may become corrupted or fail to boot. To recover the system, you can either upgrade the existing software or use an emergency boot device to perform a fresh installation. Software Upgrade Before you begin, you need to download the installation media image for your device from the corresponding software download documentation. To upgrade the software package, you need to: 1. Download the required version. 2. Open a file transfer tool, such as WinSCP, XShell, or MobaXterm; then log in by entering the hostname, username, and password. 3. After the connection is established, upload the downloaded version. 4. Log in to the switch and enter: admin@PICOS> start shell sh admin@PICOS:~$ sudo su root@PICOS:/home/admin# ls PicOS-4.7.0E-DCN-c94c584003-fs-x86.bin root@PICOS:/home/admin# upgrade PicOS-4.7.0E-DCN-c94c584003-fs-x86.bin image.png image.png 5. Log in and verify the software version. admin@PICOS> show version Copyright : Copyright (C) 2009-2025 Pica8, Inc. All Rights Reserved. Model : N5850-48X6C Software Version : 4.7.0E-DCN/c94c584003-fs Software Released Date : 11/20/2025 Serial Number : HWCG2312185480N00018 System Uptime : 0 day 0 hour 3 minute Hardware ID : 3C4D-865E-B02E-6E0D License Type : Uninstalled Device MAC Address : 64:9d:99:6a:dc:01 admin@PICOS> Device ONIE If PicOS® on your device is damaged in some way that prevents the software from loading correctly, you may need to perform a recovery installation using an emergency boot device (for example, a USB flash drive) to restore the default factory installation. Once you have recovered the software, you need to restore the device configuration. You can either create a new configuration as you did when the device was shipped from the factory, or if you saved the previous configuration, you can simply restore that file to the device. Use the following procedure to create an emergency boot device. 1. Please contact customer support to obtain the RBoot installation package. 2. Insert a USB drive into the computer and copy the installation version to the USB drive. image.png 3. Insert the USB drive into the device. 4. Log in to the switch and install the software version using a USB drive. admin@PICOS# run start shell sh admin@PICOS:~$ sudo nos-boot-mode install Type 'yes' to install NOS! Type 'no' to exit [no]/yes: yes The next reboot will enter ONIE install mode. Reboot required to take effect. admin@PICOS:~$ sudo reboot -f image.png The switch automatically enters ONIE install OS mode to perform the software installation. image.png image.png 5. Log in to the switch to verify the version. admin@PICOS> show version Copyright : Copyright (C) 2009-2025 Pica8, Inc. All Rights Reserved. Model : N5850-48X6C Software Version : 4.7.0E-DCN/c94c584003-fs Software Released Date : 11/20/2025 Serial Number : HWCG2312185480N00018 System Uptime : 0 day 0 hour 3 minute Hardware ID : 3C4D-865E-B02E-6E0D License Type : Uninstalled Device MAC Address : 64:9d:99:6a:dc:01 admin@PICOS>

AmpCon-DC FAQ

31 dic. 2025 - AmpCon-DC FAQ Chapter 1. Product Overview 1.1 What is AmpCon-DC? AmpCon-DC, a management platform designed for PicOS® data center switches, automates and validates the design, deployment, and operation of data center networks from Day 0 through Day 2+. It empowers you to efficiently automate and manage your highly available HPC and data center networks at scale. Highlights: Continuous Day 0 to Day 2+ Operation Automation Automated Underlay Configurations for Efficient Deployment Visual Management with Topology Auto-Discovery Support Batch End-to-End RoCE Deployment Telemetry Visualization to Optimize Network Performance Fault Alerts via Visual Interface and Email Notifications When Issues Arise Powerful, Agentless Automation with Ansible Playbooks Virtual Pre-Configuration with PicOS-V Integration 1.2 Is the AmpCon-DC Management Platform a cloud controller or a local controller? The AmpCon-DC Management Platform needs to be deployed on a local server, the underlying layer is a Linux server, so the installation is similar to Linux. 1.3 What is the difference between AmpCon, AmpCon-DC, AmpCon-Campus, and AmpCon-T? AmpCon is the unified management platform family from FS, with different editions tailored to specific network scenarios such as data center, campus network, and optical transport system. The following outlines the positioning and key differences of each AmpCon edition. Edition Features AmpCon The original base version for general-purpose campus and data center management, supporting basic S-series campus switches and some N-series models with limited functionality, suitable for small-scale or entry-level scenarios. Version V1.14.1 will reach end-of-maintenance on June 30, 2025, be removed from FS’s site, and support ends December 31, 2026. AmpCon-DC Optimized for data center scenarios, supporting data center switch management and enhanced data center features, providing support for N-series PicOS switches and advanced DC features. AmpCon-Campus Designed for campus and enterprise networks, focusing on batch automated deployment and visual management of enterprise switches, and managing S-series PicOS switches and selected N-series models. AmpCon-T An integrated management platform for OTN/WDM devices, providing full lifecycle management for FS optical transport devices, including visual monitoring, centralized management and intelligent analysis. 1.4 If a bare-metal switch supports both AmpCon-DC and AmpCon-Campus, can it be used interchangeably based on preference? If the same bare-metal switch is compatible with both AmpCon-DC and AmpCon-Campus, you can choose the most suitable version based on your network type and environment (data center application or enterprise campus network). You should select the version that best matches your required management features, network scale, and use case to achieve optimal management results. 1.5 What is the difference between the 90-day trial and the 1/3/5-year paid version of AmpCon-DC? The 90-day trial provides access to all the same features as the paid version, allowing you to fully explore and test the platform’s capabilities. After the trial, customers can choose whether to purchase the paid AmpCon-DC license, available with 1-, 3-, or 5-year service options. 1.6 What are the key differences between AmpCon-DC, Apstra Data Center Director and Cisco Nexus Dashboard? AmpCon-DC is purpose-built for PicOS® data center switches, it supports ZTP, real-time telemetry, automatic topology discovery, and on-premises/private deployment. Future versions will continue to enhance features and capabilities. You can also follow up with the FS Product Custom service for submitting your customization requests. Apstra and Dashboard are designed for data center fabric-level management, delivering full lifecycle automation, visualization, and analytics. Apstra emphasizes multivendor intent-based networking, while Cisco Nexus Dashboard focuses on the Cisco ecosystem. In summary, AmpCon-DC is deeply optimized for PicOS®-based deployments, whereas Apstra and Cisco Nexus Dashboard are better suited for large-scale data center fabric operations. Chapter 2. Deployment & Compatibility 2.1 What devices can AmpCon-DC manage? AmpCon-DC can support FS PicOS 10–400G data center switches (requiring firmware version PicOS 4.6.0E or later), selected third-party bare-metal switches such as EDGECORE, DELL, HPE, and DELTA, as well as Broadcom and NVIDIA network interface cards. Specific product models are listed in the AmpCon-DC Compatible Hardware Matrix | FS. 2.2 What deployment methods does AmpCon-DC support? AmpCon-DC supports various deployment methods, different deployment methods correspond to different software installation packages, as follows: Deployment Methods Requirements Software Pakage VMware ESXi Versions 6.7, 7.0, 8.0 https://resource.fs.com/mall/resource/ampcon-dc-for-vmware-esxi-220-software.zip QEMU / KVM Based on Ubuntu 22.04 LTS https://resource.fs.com/mall/resource/ampcon-dc-for-qemukvm-220-software.zip Oracle VirtualBox Recommended for lab use only https://resource.fs.com/mall/resource/ampcon-dc-for-virtualbox-220-software.zip Bare-metal server Ubuntu 22.04 LTS with Docker https://resource.fs.com/mall/resource/ampcon-dc-for-ubuntu-docker-220-software.zip 2.3 What are the hardware requirements for deploying AmpCon-DC? Before you install the AmpCon-DC server, ensure that the server machine meets the following requirements: Indicators Requirements CPU Clock speed 2.0 GHz or faster Number of cores 4 CPU cores Memory 16 GB Hard disk 512 GB Operating systems Ubuntu 22.04 X86 architecture 2.4 Is AmpCon-DC compatible with PicOS-V? Yes. AmpCon-DC can manage switches running PicOS-V in a virtual environment, using the corresponding templates for configuration delivery and simulation testing. The same templates can be used for subsequent push configurations and ZTP deployments, ensuring consistency. 2.5 Can AmpCon-DC configure VLANs on switches? After a switch is managed by AmpCon‑DC, you can remotely log in to the switch via AmpCon‑DC to configure VLANs, or use the built-in templates and other functions to deploy configurations. You can refer to Configure Models, Global Configs Video to configure switches and AmpCon-DC Templates Video to configure and push templates. Chapter 3. Installation & Application 3.1 How to download, install, and activate AmpCon-DC? Customers can download the AmpCon-DC installation package in the resources section of the AmpCon-DC product page and log in to AmpCon-DC by entering the management IP address, then import and use it in AmpCon-DC software after applying for a trial licence or purchasing a product licence. Refer to AmpCon-DC Management Platform User Guide and How to Install AmpCon-DC Management Platform for step-by-step guidance. 3.2 How to upgrade the existing version to the latest version? We will display each version upgrade package in the resources section of the AmpCon-DC product page. You can select the package as needed and refer to the Upgrade Video for version upgrade instructions. 3.3 Can AmpCon-DC upgrade the PicOS system on switches? Yes, AmpCon-DC enables large-scale PicOS upgrades for single or multiple switches. Refer to AmpCon-DC Management Platform User Guide and How to Upgrade PicOS® on Single or Multiple Switches Using AmpCon-DC for step-by-step guidance. 3.4 How does AmpCon-DC manage switches? AmpCon-DC simplifies switch management through: Day 0 (Design & Planning): Using ZTP (Zero Touch Provisioning), switches automatically load their configuration files at power-on, eliminating manual setup and accelerating deployment. Day 1 (Deployment): Flexible configuration templates combined with ZTP enable rapid, large-scale deployment with consistent configurations, minimizing errors and reducing time to roll out. Day 2 (Operations & Maintenance): AmpCon-DC supports Ansible Playbooks for automated configuration and reporting, while offering real-time telemetry and health monitoring for proactive network management. Automatic topology discovery provides a comprehensive map view down to the port level, making ongoing maintenance simpler and more efficient. 3.5 Can AmpCon-DC manage FSOS switches? Currently, AmpCon-DC does not support managing FSOS switches. It only supports compatible PicOS® switches. However, monitoring FSOS via SNMP is planned in a future release. For streamlined management, we recommend choosing FS PicOS switches. 3.6 What is the maximum number of switches that AmpCon-DC can manage? A single AmpCon-DC instance can manage up to approximately 1,000 PicOS® switches, meeting the needs of most data center network deployments. 3.7 Can AmpCon-DC manage switches running operating systems from other vendors, such as Junos? At this stage, AmpCon-DC primarily supports PicOS® switches and does not support switches running other vendors’ operating systems. Future support will depend on product roadmap considerations. 3.8 What information is needed to add a new device in AmpCon-DC? Adding a new device to AmpCon-DC requires the following information: For ZTP: Provide the switch serial number and ZTP-related DHCP configuration details. For manual import: Provide the PicOS® switch IP address and login credentials. Refer to AmpCon-DC Management Platform User Guide and the videos "Deploying Switches via ZTP" and "Importing Switches via IP Discovery" for step-by-step guidance. 3.9 How does the platform notify me about network issues or failures? The AmpCon-DC management platform sends alerts through a visual interface and customizable email notifications. When a device failure or performance shifts is detected, it immediately issues alerts to help teams diagnose the root cause and resolve problems quickly. Chapter 4. License & Sales 4.1 What products and services does AmpCon-DC currently offer, and how are they priced? Is a trial available? AmpCon-DC uses a subscription-based licensing model that includes software licenses and corresponding technical support services. Currently available are a 90-day trial version and formal subscription options for 1, 3, and 5 years. Licenses are billed based on the actual number of managed PicOS® switches and can be flexibly scaled according to deployment size. After the trial or subscription period expires, the system will continue to operate but will no longer receive technical support services such as vulnerability fixes and emergency issue resolution. To maintain continuous updates and support, licenses can be renewed at any time. 4.2 What AmpCon-DC license types are available? The following license types are provided: Trail License: You can click https://www.fs.com/specials/ampcon-dc-platform-s20001.html to obtain a trial license with a 90-day trial period and an additional 14-day, offering the same functionality as the formal license. After the trial license expires, you must install a formal license to continue using AmpCon-DC. Formal License: You can click https://www.fs.com/products/344455.html?now_cid=4227 to purchase a formal license that includes service support and is available with 1-, 3-, or 5-year subscription options. 4.3 How to import a purchased license into AmpCon-DC? Steps to import a formal license: Step 1 Collect the Hardware ID of the switches to manage. Step 2 Add the IDs to the license to generate an authorized license file. Step 3 Upload and import the license file in the AmpCon-DC UI. Step 4 Validate the license to enable device management. Notes: Once a production license is installed, a trial license cannot be reinstalled. For details, refer to the latest video How to Import and Manage AmpCon-DC Licence. 4.4 What happens when the 1/3/5‑year service subscription expires? Will AmpCon‑DC or managed switches stop working? When an AmpCon-DC 1/3/5‑year subscription expires, the platform remains functional, but no further technical support (bug fixes, emergency troubleshooting) will be provided. Renewals are optional. Rest assured, AmpCon-DC and the configured switches will continue operating without disruption. However, if the 90‑day trial expires, a production license is required to log back in. 4.5 How to transfer or migrate a purchased AmpCon-DC license? If you need to transfer/migrate licenses after purchasing a formal license (e.g., due to switch hardware failure or incorrect binding), you can self-release up to 3 devices by following these steps: Step 1 Log in to AmpCon → License Management → select the license by HW ID → perform Invalid License to get a revoke code. Step 2 Log in to License Portal → AmpCon Licenses → click Verify Revoke Code to enter the verification form. Step 3 Only AmpCon-DC and AmpCon-Campus Standard Licenses support revoke code-based unbinding. Step 4 Input revoke codes in the form or in bulk → click Save → the used license units will be released. apter 5. Service & Support Chapter 5 . Service & Support 5.1 Where can I find more information about AmpCon-DC? To learn more about the latest product information, feature introductions, and related resources, you can obtain the corresponding details through the following methods. Category Resource Product Details Page https://www.fs.com/products/344455.html?now_cid=4227 Additional Feature Overview AmpCon-DC Management Platform Datasheet Supported Models List AmpCon-DC Management Platform Compatible Hardware Matrix Other Documentation Resources AmpCon-DC Document Center AmpCon-DC 90-Day Free Trial Access https://www.fs.com/specials/ampcon-dc-platform-s20001.html 5.2 Where can I find supported models for AmpCon-DC? You can refer to the AmpCon-DC compatibility documentation for a comprehensive list of devices supported by AmpCon-DC. If you require support for additional devices, you may submit a customization request through the FS Product Custom. 5.3 Are there any practical application cases for AmpCon-DC? Below are some successful case studies of AmpCon-DC applications: FS Transitions Global Telecom Provider from Cumulus to PicOS® for Agile Network Breaking Stacking Limits with PicOS® for Financial Network You can view more successful applications of AmpCon-DC in the Case Studies section.

PicOS® Software Release Notes V4.5.0

26 dic. 2025 - PicOS® Software Release Notes V4.5.0 Introduction These notes summarize PICOS 4.5 new features, new hardware, known bugs, and bug fixes. Best practices recommend that you read all the content before upgrading to this release. For more detailed feature information, refer to the configuration guides. PICOS 4.5.0E has been released as an ESS (Early Sales Support) stable version, aimed at supporting specific customer deployments and early adoption scenarios. This release provides early access to new features and enhancements tailored for targeted use cases. It serves as an intermediary step between internal testing and the General Availability (GA) release, enabling customers to explore and deploy features in controlled environments. PICOS 4.5.1E version is an evaluation release specifically designed for the N8550-24CD8D platform. This release focuses on providing a foundational feature set but comes with certain limitations in functionality and usage. Please note that the current version supports only core features of the N8550-24CD8D platform, with some advanced capabilities not yet fully implemented or optimized. PICOS 4.5.2E released as an ESS version for new platform N9600-64OD. PICOS 4.5.0M2 is a GA release that brings enhanced stability and performance improvements. This version supports all platforms except S3410 series, S3270 series, N5860-48S6Q, N8550-24CD8D, and N9600-64OD switches, ensuring broader compatibility and reliability for network deployments. Hardware Ticket ID Release Description - 4.5.2E Support FS Model N9600-64OD - 4.5.1E Support FS Model N8550-24CD8D New Features Layer 2 and Layer 3 Ticket ID Release Description - 4.5.0E IPv6 ND Inspection IPv6 Neighbor Discovery (ND) Inspection is a security feature designed to enhance the protection of IPv6 networks by managing and validating Neighbor Discovery Protocol (NDP) messages, which are essential for the proper operation of IPv6 communication. Please have the details by reference document IPv6 Neighbor Discovery Inspection. - 4.5.0E IPv6 ND Snooping IPv6 Neighbor Discovery (ND) Snooping is a security feature that safeguards IPv6 networks to prevent various types of attacks. It functions similarly to ARP (Address Resolution Protocol) Snooping in IPv4 networks. Please have the details by reference document IPv6 Neighbor Discovery Snooping. - 4.5.0E MPLS MPLS (Multiprotocol Label Switching) operates between the link layer and the network layer in the TCP/IP protocol stack. It offers connectivity services to the IP layer while leveraging services from the link layer. Unlike traditional IP forwarding, MPLS uses label switching to direct traffic through the network. Please have the details by reference document MPLS Configuration. - 4.5.0E PIM BSR (Bootstrap Router) Dynamic RP allows multiple PIM devices within a PIM domain to be configured as C-RPs (Candidate RPs). Among these C-RPs, an RP is determined through an election process. The BSR aggregates information from all C-RPs in the network into an RP Set using Bootstrap messages and distributes it to all PIM devices. Each PIM device uses the RP Set to calculate and compare based on consistent rules, ultimately selecting an RP from the available C-RPs. Please have the details by reference document PIM Configuration Guide. - 4.5.0E Ingress Buffer Supports ingress buffer management, including guaranteed/shared/headroom management. Please have the details by reference document Configuring PFC Buffer. - 4.5.0E PFC Watchdog Manual Control The PFC Watchdog feature detects and resolves PFC (Priority Flow Control) deadlocks. Recovery methods include both automatic and manual recovery, allowing users to choose the appropriate approach for resolving deadlock scenarios. Please have the details by reference document Configuring PFC Watchdog. - 4.5.0E PFC Deadlock Prevention To avoid PFC deadlock issues, the DSCP value and corresponding Dot1p priority of the message can be modified so that the modified message can be forwarded using the new DSCP value in the new Dot1p priority queue, avoiding messages with the same DSCP value from remaining in PFC deadlock state. Please have the details by reference document Configuring PFC Deadlock Prevention. - 4.5.0E Easy ECN Explicit Congestion Notification (ECN) is a congestion notification mechanism operating at the IP and transport layers, serving as an extension to the TCP/IP protocol. With Easy ECN, users can enable WRED (Weighted Random Early Detection) policies, configure WRED thresholds, and set the maximum packet loss probability to manage network congestion more effectively. Please have the details by reference document Configuring Easy ECN. - 4.5.0E DLB (Dynamic Load Balance) DLB breaks through the limitations of traditional static hash mechanisms by introducing timestamp and real-time load measurement factors (port bandwidth load, queue size) to optimize load balancing in both time and bandwidth space dimensions, providing a dynamic and intelligent hash mechanism. Please have the details by reference document Configuring Dynamic Load Balancing. - 4.5.0E Standby IP Address In cases where the management port cannot connect to the DHCP server and no static IP has been set through CLI during the switch's startup, it will default to using the secondary management IP address 192.168.1.1. This IP address serves as a backup, allowing management of the device even if DHCP services are unavailable. It is primarily used when the management port is directly connected to a PC, ensuring uninterrupted device management via this IP address. Please have the details by reference document Default Settings for Out-of-band Management Interface. - 4.5.0E Perpetual PoE Perpetual PoE (also known as hot-start uninterruptible power supply or permanent PoE) refers to the ability of Power Sourcing Equipment (PSE) to continue providing power during a system restart. This includes restarts initiated through CLI commands such as "request system reboot" or by rebooting under the Linux shell. Additionally, it supports uninterrupted power during system upgrades, including upgrades triggered via CLI or Linux-based upgrade methods. This feature ensures that PoE-powered devices remain operational even when the system is restarting or undergoing an upgrade. Please have the details by reference document Configuring Perpetual PoE. - 4.5.0E PFC/ECN GRPC monitoring PFC and ECN, in conjunction with gRPC, can provide PFC pause frame counts, PFC deadlock monitoring and ECN-marked packet counts for statistical queries. Please have the details by reference document PFC and ECN Statistical Reporting through gRPC. Feature Enhancement Ticket ID Release Description - 4.5.0E DHCP Server Enhancement In versions prior to 4.5.0E, clients were unable to obtain an address in a DHCP relay scenario. However, starting from version 4.5.0E, this issue has been resolved, and the system now fully supports DHCP address assignment in relay scenarios. - 4.5.0E DHCP ZTP After enabling the DHCP server with PicOS, address pools can be configured to allocate IP addresses to clients, along with additional network information such as gateway, DNS server addresses, log server addresses, TFTP server addresses, boot file names, and other options. These configurations are applied and synchronized with the clients as addresses are allocated. Please have the details by reference document Zero Touch Provisioning (ZTP). 4.5.0E 400G Port Splitting The N9550-32D/AS9716-32D switches support the capability to split a 400G port into 2 * 200G and split to 4 * 100G ports, providing flexible bandwidth allocation for diverse network needs. Please have the details by reference document Configuring Port Breakout and Merge. 4.5.0E PBR ECMP PBR (Policy-Based Routing) action supports not only specifying a next-hop router or modifying DSCP values, but also enables the use of nexthop-group for ECMP (Equal-Cost Multi-Path) routing, allowing for more advanced and efficient traffic distribution across multiple paths. Please have the details by reference document Policy-Based Routing (PBR). L2L3 WEB Ticket ID Release Description - 4.5.0E L2L3 WEB Access Control Support is provided for using the command set system services web disable to modify the status of Layer 2 and Layer 3 WEB access, allowing administrators to enable or disable web access. The following switches support L2L3 WEB access, which is enabled by default: S5810-48TS-P S5810-28TS S5810-28FS S5810-48TS S5810-48FS S5860-20SQ S5860-24XB-U S5860-24MG-U S5860-24XMG S5860-48XMG-U S5860-48XMG S5860-48MG-U The following switches support L2L3 WEB access, but WEB access is disabled by default: S5870-48T6S-U S5870-48T6S S5870-48MX6BC-U S5870-48T6BC-U S5870-48T6BC Fixed Issues Layer 2 and Layer 3 Ticket ID Release Description 18564 4.5.0M2 [MLAG] After configuring MLAG, the run show mlag link command always shows the link state as IDLE. This issue has been fixed. 18446 4.5.0M2 [MLAG/MLAG+EVPN] After the MLAG peer restarts or reboots, the MLAG domain status stays at CONNECTING, while the peer shows ESTABLISHED. The issue is caused by the MLAG socket using the loopback address instead of the configured MLAG IP. This issue has been fixed. 15919 4.5.0M2 [MLAG] MLAG occasionally fails to reach FULL state, with error log: local0.err : [SIF]Socket 99 connect is in progress. This issue has been fixed. 17340 4.5.0M2 [N8560-64C] Port LED stays off even when the port is operational with an optical module installed. 17378 4.5.0E [DOT1X] Setting the session timeout to 0 on the NAS and a non-zero session timeout on the NAC server causes a crash during 802.1X re-authentication. The bug is fixed in 4.5.0E. 17760 4.5.0M2 [SNMP] LLDP Neighbor Information Retrieval Issue When the number of LLDP neighbors exceeded five, SNMP failed to retrieve LLDP neighbor details. This issue has been fixed. 17386 4.5.0M2 [LLDP] SNMP Notification Issue after Interface Reconfiguration After enabling an interface by using command set interface gigabit-ethernet xx disable true and then disabling it by using command delete interface gigabit-ethernet xx disable, LLDP might not notify SNMP. This issue has been resolved. 17531 4.5.0M2 [DHCP Server] Address Assignment Failure with Excessive Address Pools In a direct connection scenario, configuring too many address pools caused the configuration file size to exceed 1024 characters, preventing the DHCP server from assigning IP addresses. This has been fixed. 17481 4.5.0M2 [N9550-32D] Port LED Issue in Breakout Mode When enabling breakout mode for 2×200G, the port LEDs did not illuminate. This issue has been addressed. 17544 4.5.0M2 [CLI] No Output for Interface Command on AS9716-32D On the AS9716-32D platform, executing the command run show interface gigabit-ethernet xe-1/1/xx and pressing Enter produced no output. This issue has been fixed. 17556 4.5.0M2 [AS4610/N3024/N3048] System Crash when Handling Large Files Copying or creating large files locally caused a core.bcmINTR error, leading to the pica_lcmgr process crashing. The kernel didn't report any errors, but PicOS restarted after some time. This issue has been fixed. 17330 4.5.0M2 [N5850-48S6Q] High CPU Usage and Memory Leak Due to FPM Packet Handling When receiving unknown packets, FPM discarded them but did not close the socket, leading to memory leaks and 100% CPU usage. This issue has been resolved. 17647 4.5.0M2 [ACL - BCM] VRRP Virtual MAC Incorrectly Installed in ACL In L2/L3 configurations, the VRRP virtual MAC (00:00:5e) was added to ACL even when VRRP was not configured, causing ping traffic destined for the VRRP MAC to be blocked. This issue has been fixed. 17366 4.5.0M2 [SIF] VLAN Removal Issue Affecting Kernel Configuration If a trunk port was configured with a native VLAN that was also a VLAN member, removing the native VLAN via CLI caused the kernel to incorrectly delete the VLAN, leading to VLAN anomalies. This issue has been fixed. 18806 4.5.0M2 [N8550-32C] Cannot Correctly Read the SN (Serial Number) of the Power Module When you execute the show system serial-number command on N8550-32C, the RPSU 1 Serial Number information cannot be displayed correctly. This issue has been fixed. 19136 4.5.0M2 [MLAG N9550-32D] The MAC Learning Issue after the Counting Number Exceeds 8K In the MLAG scenario of N9550-32D, due to the flaw in the SDK's MAC address counting mechanism, some MAC addresses are counted repeatedly. Even when the actual number of MAC entries has not reached the maximum capacity limit, the switch stops learning new MAC addresses. This issue has been fixed. Known Limitations Ticket ID Release Description 18171 4.5.2E [N9600-64OD] Some sub-interfaces cannot come up in 8×50G mode when using the OSFP-SR8-800G module. 18400 4.5.2E [N9600-64OD] The port light remains illuminated after the module is removed in port splitting mode. 18091 4.5.2E [N9600-64OD] Undersized packets are not counted in the interface's 'Undersize Packets' statistics. 18504 4.5.2E [N9600-64OD] The BMC light remains red after a successful system startup. PICOS does not control the BMC light. The light changes from flashing green to solid red. 18501 4.5.2E [N9600-64OD] Front Panel Ports 65 and 66 Not Supported The two SFP front panel ports (65 and 66) are not adapted and are not supported in 4.5.2E. - 4.5.2E [N9600-64OD] Packets smaller than 295 bytes will not reach full line rate due to hardware limitations. - 4.5.2E [N9600-64OD] This platform uses software-based MAC address learning, resulting in a slower learning rate compared to hardware-based platforms. - 4.5.0M2 PICOS 4.5.0M does not support OSPF Multi-Instance. - 4.5.0M2 PICOS 4.5.0M does not support telnet server.

PicOS® Configuration Guide V4.4.5

18 dic. 2025 - For details, please click the attachment icon below to view or download for a good reading experience or resources.

N5850-48X6C Switch Component Maintenance Guide

24 nov. 2025 - N5850-48X6C Switch Component Maintenance Guide About This Guide This guide provides maintenance operations of the N5850-48X6C switch, including the maintenance methods of the fan module, power supply, QSFP28 transceiver and fiber patch cables. Through this guide, you can complete the necessary replacement or maintenance work without interrupting the operation of the device, thereby ensuring the stable operation and heat dissipation performance of the switch and extending the service life of the device. Maintain the N5850-48X6C Cooling System Purpose For optimum cooling, verify the condition of the fan module. Action Monitor the status of the fan module. All the fan module work in unison to cool the switch. If one fan module fails, the redundant fan module acts as a backup. A major alarm is triggered when a fan fails, and a minor alarm and major alarm is triggered when a fan module is removed. We recommend that you replace the fan module immediately to maintain proper cooling. Remove a Fan Module from a N5850-48X6C Switch Before you remove a fan module in from the switch, ensure that you have the following parts and tools available: An antistatic bag or an antistatic mat—not provided A replacement fan module We ship N5850-48X6C switches with 4+1 redundant fans preinstalled in the rear panel. The fan modules are hot-removable and hot-insertable field-replaceable units (FRUs) installed in the rear panel of the switch: You can remove and replace them without powering off the switch or disrupting switch functions. Place the antistatic bag or the antistatic mat on a flat, stable surface. Hold the handle at the rear of the fan module and slowly pull out the fan module. Install the fan baffle and put the removed fan module into the fan module packaging box. (see Figure 1) Warning: When pulling out the fan module, ensure that it is pulled out straight and slowly. If no fan module is installed at the location where the fan module was removed, a fan slot blank plate needs to be installed to ensure normal ventilation and heat dissipation of the chassis and avoid dust. Figure 1: Remove a Fan Module from a N5850-48X6C Switch image.png Place the fan module in the antistatic bag or on the antistatic mat placed on a flat, stable surface. Note: You must install all the fan modules and they must be operational for optimal functioning of the switch. CAUTION: Do not mix: Fan modules with different airflow directions in the same chassis. Fan modules and power supplies with different airflow directions in the same chassis. Install the replacement fan. Install a Fan Module in a N5850-48X6C Switch Before you install a fan module in the switch: Ensure that you understand how to prevent electrostatic discharge (ESD) damage. Ensure that you have the following parts and tools available: ESD grounding strap—not provided We ship N5850-48X6C switch with 4+1 redundant fans preinstalled in the rear panel. The fan modules are hot-removable and hot-insertable field-replaceable units (FRUs) installed in the rear panel of the switch: You can remove and replace them without powering off the switch or disrupting switch functions. CAUTION: Do not mix: Fan modules with different airflow directions in the same chassis. Power supplies with different airflow directions in the same chassis. Fan modules and power supplies with different airflow directions in the same chassis. Ensure that you have the correct fan module. Wrap and fasten one end of the ESD wrist strap around your bare wrist, and connect the other end of the strap to the ESD point on the switch. Take out the new fan module from the fan module packaging box. Hold the handle at the rear of the fan module and slowly insert the fan module straight along the guide rail until the fan module is fully inserted into the chassis and in good contact with the fan slot. （See Figure 2） Figure 2: Install a Fan Module in a N5850-48X6C Switch image.png Note Only allow the fan module to be inserted smoothly. When inserting, pay attention to the direction of the fan panel and do not insert it incorrectly. During the insertion process, if the position is not aligned correctly, the inserted module must be moved back and then reinserted. Maintain the N5850-48X6C Power System Purpose For optimum performance, verify the condition of the power supplies. Action Make sure that the power and grounding cables are arranged so that they do not obstruct access to other components. Routinely check the status LED on the power supply faceplates to determine whether the power supplies are functioning normally. Each power supply faceplate has a single LED that indicates different status through different colors. Power supply LED status indications: Green: Power supply is operating normally. Yellow: Power supply fault detected. Off: Power supply is either not powered on or not functioning correctly even though powered. Check the power LED on the front panel of the device. Power supply failure or removal triggers an alarm that causes LEDs to light. Periodically inspect the site to ensure that the grounding and power cables connected to the device are securely in place and that there is no moisture accumulating near the device. Remove a Power Supply from a N5850-48X6C Switch Before you remove a power supply from a N5850-48X6C switch: Ensure that you have taken the necessary precautions to prevent electrostatic discharge (ESD) damage. Ensure that you have the following parts and tools available: ESD grounding strap—not provided Antistatic bag or an antistatic mat—not provided Number 2 Phillips (+) screwdriver—not provided We ship N5850-48X6C switch with two AC power supplies preinstalled in the rear panel. Each power supply is a hot-removable and hot-insertable field-replaceable unit (FRU) when the second power supply is installed and running. You can remove and replace it without powering off the switch or disrupting switch functions. CAUTION: Replace the power supply with a new power supply within one minute of removal to prevent chassis overheating. To remove a power supply from a N5850-48X6C switch: Place the antistatic bag or the antistatic mat on a flat, stable surface. Wrap and fasten one end of the ESD wrist strap around your bare wrist, and connect the other end of the strap to the ESD point on the switch. Note: If only one power supply is installed in your N5850-48X6C, you need to power off the switch before removing the power supply. Disconnect power to the switch: AC power supply—If the AC power source outlet has a power switch, set it to the off position. If the AC power source outlet does not have a power switch, gently pull out the plug end of the power cord connected to the power source outlet. Gently pull the power cord out of the power supply at both ends of the power cord holder. Press the power module latch with one hand, hold the handle on the power module and pull the power module out partially, then hold the bottom of the power module with the other hand and pull the power module out straight and slowly. Install the power slot blank plate and put the removed power module into the power module packaging box. Note： When pulling out the power module, ensure that it is pulled out straight and slowly. If no power module is installed at the position where the power module was removed, you need to install a power slot blank plate to ensure normal ventilation and heat dissipation of the chassis and avoid dust. Figure 3: Remove an AC Power Supply from a N5850-48X6C Switch image.png Place the power supply in the antistatic bag or on the antistatic mat placed on a flat, stable surface. Note: You must install both the power supplies and they must be operational for optimal functioning of the switch. Install the replacement power supply. Install a Power Supply in a N5850-48X6C Switch Before you install a power supply: Ensure that you understand how to prevent electrostatic discharge (ESD) damage. Ensure that you have the following parts and tools available: ESD grounding strap—not provided Each power supply is a hot-removable and hot-insertable field-replaceable unit (FRU) when the second power supply is installed and running. You can remove and replace it without powering off the switch or disrupting switch functions. CAUTION: Do not mix: AC and DC power supplies in the same chassis. Power supplies with different airflow directions in the same chassis. Power supplies and fan modules with different airflow directions in the same chassis. Note: You must connect each power supply to a dedicated power source outlet. To install a power supply in the switch: Ensure that you have the correct power supply. Wrap and fasten one end of the ESD wrist strap around your bare wrist, and connect the other end of the strap to the ESD point on the switch. Take out the new power module from the power module packaging box and confirm that the input mode and input indicators of the power module are consistent with the required ones. Remove the power baffle, use the plane with the power nameplate information as the upper panel of the power module, hold the handle of the power module with one hand, and hold the bottom of the power module with the other hand to insert the power module straightly and slowly along the guide rail until the power module is fully inserted into the chassis and a "click" sound is heard to ensure that the power module is in good contact with the power slot. Note： Only allow the power module to be inserted smoothly. When inserting, pay attention to the direction of the power panel and do not insert it incorrectly. During the insertion process, if it is difficult to push in or cannot be pushed in, the inserted module must be moved back, and the power module must be checked again to see if it fits the guide rail, and then reinsert it. Power supplies and fans with different air ducts cannot be mixed. Figure 4: Install an AC Power Supply in a N5850-48X6C-32C Switch image.png Maintain QSFP28 Transceivers Purpose For optimum performance, verify the condition of the QSFP28 Transceivers. Action Keep fiber patch cable connections clean. Small microdeposits of oil and dust in the canal of the transceiver or cable connector could cause loss of light, reducing signal power and possibly causing intermittent problems with the optical connection. To clean the transceivers, use an appropriate fiber-cleaning device, such as ATC-NE-E1. Follow the directions for the cleaning kit you use. After you clean an optical transceiver, make sure that the connector tip of the fiber patch cable is clean. Use only an approved alcohol-free fiber patch cable cleaning kit, such as the ATC-NE-R2 Fiber Cleaner. Follow the directions for the cleaning kit you use. Remove a QSFP28 Transceiver Before you remove a transceiver from a device, ensure that you have taken the necessary precautions for safe handling of lasers. Ensure that you have the following parts and tools available: An antistatic bag or an antistatic mat Rubber safety caps to cover the transceiver and fiber patch cable connector A dust cover to cover the port or a replacement transceiver The transceivers for FS Networks devices are hot-removable and hot-insertable field-replaceable units (FRUs). You can remove and replace the transceivers without powering off the device or disrupting the device functions. Note: After you remove a transceiver, or after you change the media-type configuration, wait for 6 seconds for the interface to display operational commands. Note: We recommend that you use only optical transceivers and optical connectors purchased from FS Networks with your FS Networks device. To remove a QSFP28 transceiver (see Figure 5): Place an antistatic bag or antistatic mat on a flat, stable surface to receive the QSFP28 transceiver. Have a rubber safety cap ready for the QSFP28 transceiver and the cable. Wrap and fasten one end of an ESD wrist strap around your bare wrist, and connect the other end of the strap to the ESD point on the switch. Label the cable connected to the QSFP28 transceiver so that you can later reconnect it to the correct QSFP28 transceiver. Disconnect the cable from the transceiver. Immediately cover the transceiver and the end of the cable with a rubber safety cap. CAUTION: Do not leave a fiber-optic transceiver uncovered, except when inserting or removing a cable. The safety cap keeps the port clean and protects your eyes from accidental exposure to laser light. If there is a cable management system, arrange the cable in the cable management system to prevent it from dislodging or developing stress points. Secure the cable so that it does not support its own weight as it hangs to the floor. Place excess cable out of the way in a neatly coiled loop in the cable management system. Placing fasteners on the loop helps to maintain its shape. CAUTION: Do not bend the fiber patch cable beyond its minimum bend radius. An arc smaller than a few inches in diameter can damage the cable and cause problems that are difficult to diagnose. Figure 5: Remove a QSFP28 Transceiver output (4).jpg Pull the ejector tab straight back. The locking pins on the transceiver automatically release the transceiver. Place the transceiver on the antistatic mat or in the antistatic bag. Place the dust cover over the empty port, or install the replacement transceiver. Install a QSFP28 Transceiver Before you install a transceiver in a device, ensure that you have taken the necessary precautions for safe handling of lasers. Ensure that you have a rubber safety cap available to cover the transceiver. The transceivers for FS Networks devices are hot-removable and hot-insertable field-replaceable units (FRUs). You can remove and replace the transceivers without powering off the device or disrupting the device functions. Note: After you insert a transceiver or after you change the media-type configuration, wait for 6 seconds for the interface to display operational commands. Note: We recommend that you use only optical transceivers and optical connectors purchased from FS Networks with your FS Networks device. CAUTION: The FS Networks Technical Assistance Center (FS TAC) provides complete support for FS-supplied optical modules and cables. However, FS TAC does not provide support for third-party optical modules and cables that are not qualified or supplied by FS Networks. If you face a problem running a FS device that uses third-party optical modules or cables, FS TAC may help you diagnose host-related issues if the observed issue is not, in the opinion of FS TAC, related to the use of the third-party optical modules or cables. If you encounter a network failure, your FS TAC engineer will likely request that you check the third-party optical module or cable and, if required, replace it with an equivalent FS-qualified component. Use of third-party optical modules with high-power consumption (for example, coherent ZR or ZR+) can potentially cause thermal damage to or reduce the lifespan of the host equipment. Any damage to the host equipment due to the use of third-party optical modules or cables is the users’ responsibility. FS Networks will accept no liability for any damage caused due to such use. To install a QSFP28 transceiver (see Figure 6): Wrap and fasten one end of an ESD wrist strap around your bare wrist, and connect the other end of the strap to the ESD point on the switch. Verify that a rubber safety cap covers the QSFP28 transceiver. Position the transceiver in front of the port on the device so that the QSFP28 connector faces the port. Figure 6: Install a QSFP28 Transceiver 画板 2 拷贝 2.jpg Slide the transceiver into the port until the locking pins lock in place. If there is resistance, remove the transceiver and flip it so that the connector faces the other direction. Remove the rubber safety cap from the transceiver and the end of the cable, and insert the cable into the transceiver. Laser Warning: Do not look directly into a fiber-optic transceiver or into the ends of fiber patch cables. Fiber-optic transceivers and fiber patch cable connected to a transceiver emit laser light that can damage your eyes. CAUTION: Do not leave a fiber-optic transceiver uncovered except when inserting or removing cable. The safety cap keeps the port clean and protects your eyes from accidental exposure to laser light. If there is a cable management system, arrange the cable in the cable management system to prevent the cable from dislodging or developing stress points. Secure the cable so that it does not support its own weight as it hangs to the floor. Place excess cable out of the way in a neatly coiled loop in the cable management system. Placing fasteners on the loop helps to maintain its shape. CAUTION: Do not let fiber patch cable hang free from the connector. Do not allow fastened loops of cable to dangle, which stresses the cable at the fastening point. CAUTION: Avoid bending fiber patch cable beyond its minimum bend radius. An arc smaller than a few inches in diameter can damage the cable and cause problems that are difficult to diagnose. Maintaining Fiber Patch Cables Purpose For optimum performance, verify the condition of the network cables. Action On a regular basis: Secure excess cable in tidy loops that do not obstruct access to the device. Do not allow fastened loops of cable to dangle from the connector, because this stresses the cable at the fastening point. Putting fasteners on the loops helps maintain their shape. Keep the cable connections clean and free of dust and other particles, which can cause drops in the received power level. Always inspect cables and clean them if necessary before connecting an interface. Label both ends of the cables to identify them. The following guidelines apply specifically to fiber patch cables that connect to optical transceivers that are installed in FS Networks devices: When you unplug a fiber patch cable, always cover the cable connector with the rubber safety cap. Anchor fiber patch cables to avoid stress on the connectors. Be sure to secure fiber patch cables so that they do not support their own weight as they hang to the floor. Never let fiber patch cable hang free from the connector. Avoid bending fiber patch cable beyond its bend radius. An arc smaller than a few inches can damage the cable and cause problems that are difficult to diagnose. Frequent plugging and unplugging of fiber patch cable into and out of optical instruments can cause damage to the instruments that are expensive to repair. Instead, attach a short fiber extension to the optical equipment. Any wear and tear due to frequent plugging and unplugging is then absorbed by the short fiber extension, which is easy and inexpensive to replace. Disconnect a Fiber Patch Cable Before you disconnect a fiber patch cable from an optical transceiver, ensure that you have taken the necessary precautions for safe handling of lasers. Ensure that you have the following parts and tools available: A rubber safety cap to cover the transceiver A rubber safety cap to cover the fiber patch cable connector FS Networks devices have optical transceivers to which you can connect fiber patch cables. To disconnect a fiber patch cable from an optical transceiver installed in the device: Laser Warning: Do not look directly into a fiber-optic transceiver or into the ends of fiber patch cables. Fiber-optic transceivers and fiber patch cables connected to transceivers emit laser light that can damage your eyes. Carefully unplug the fiber patch cable connector from the transceiver. Cover the transceiver with a rubber safety cap. Laser Warning: Do not leave a fiber-optic transceiver uncovered except when inserting or removing a cable. The rubber safety cap keeps the port clean and protects your eyes from accidental exposure to laser light. Cover the fiber patch cable connector with the rubber safety cap. Connect a Fiber Patch Cable Before you connect a fiber patch cable to an optical transceiver installed in a device, take the necessary precautions for safe handling of lasers. To connect a fiber patch cable to an optical transceiver installed in a device: Laser Warning: Do not look directly into a fiber-optic transceiver or into the ends of fiber patch cables. Fiber-optic transceivers and fiber patch cables connected to transceivers emit laser light that can damage your eyes. If the fiber patch cable connector is covered with a rubber safety cap, remove the cap. Save the cap. Remove the rubber safety cap from the optical transceiver. Save the cap. Insert the cable connector into the optical transceiver. Figure 7: Connect a Fiber Patch Cable image.png Secure the cables so that they do not support their own weight. Place excess cable out of the way in a neatly coiled loop. Placing fasteners on a loop helps cables maintain their shape. CAUTION:Do not bend fiber patch cables beyond their minimum bend radius. An arc smaller than a few inches in diameter can damage the cables and cause problems that are difficult to diagnose. Do not let fiber patch cables hang free from the connector. Do not allow fastened loops of cables to dangle, which stresses the cables at the fastening point.