Configuring FTP· 1

FTP overview·· 1

Introduction to FTP· 1

FTP operation· 1

Configuring the FTP client 2

Establishing an FTP connection· 2

Managing the directories on the FTP server 4

Managing the files on the FTP server 4

Using another username to log in to the FTP server 5

Maintaining and debugging an FTP connection· 5

Terminating an FTP connection· 6

FTP client configuration example (standalone mode) 6

FTP client configuration example (IRF mode) 8

Configuring the FTP server 10

Configuring FTP server operating parameters 10

Configuring authentication and authorization on the FTP server 11

FTP server configuration example (standalone mode) 12

FTP server configuration example (IRF mode) 14

Displaying and maintaining FTP· 16

Configuring TFTP· 18

TFTP overview·· 18

Introduction to TFTP· 18

TFTP operation· 18

Configuring the TFTP client 19

Displaying and maintaining a TFTP client 20

TFTP client configuration example (standalone mode) 20

TFTP client configuration example (IRF mode) 21

 

FTP overview

Introduction to FTP

The File Transfer Protocol (FTP) is an application layer protocol that transfers files between server and client over a TCP/IP network.

FTP uses TCP ports 20 and 21 for file transfer. Port 20 is used to transmit data, and port 21 to transmit control commands. For more information about basic FTP operation, see RFC 959.

FTP transfers files in the following modes:

·           Binary mode: Transfers files as raw data, such as .bin and .btm files.

·           ASCII mode: Transfers files as text, such as .txt, .bat, and .cfg files.

FTP operates in either of the following modes:

·           PORT mode: Active mode, in which the FTP server initiates a data connection request. This mode is unavailable when the FTP client is behind a firewall.

·           PASV mode: Passive mode, in which the FTP client initiates a data connection request. This mode is unavailable when the server side does not allow the client to connect to a random unprivileged port (>1024).

FTP operation

FTP adopts the client/server model. Your switch (Device) can function either as the client or the server (as shown in Figure 1).

·           When the device serves as the FTP client, use Telnet or an emulation program to log in to the device from the PC, execute the ftp command to establish a connection from the device (FTP client) to the PC (FTP server), and then upload/download files to/from the server.

·           When the device serves as the FTP server, run the FTP client program on the PC to establish a connection to the FTP server and upload/download files to/from the server.

Figure 1 Network diagram

 

When the device serves as the FTP client, you need to perform the following configuration:

 

Device	Configuration	Remarks
Device (FTP client)	Use the ftp command to establish the connection to the remote FTP server.	If the remote FTP server supports anonymous FTP, the device can log in to it directly; if not, the device must obtain the FTP username and password first to log in to the remote FTP server.
PC (FTP server)	Enable FTP server on the PC, and configure the username, password, and user privilege level.	N/A

 

When the device serves as the FTP server, you need to perform the following configuration:

 

Device	Configuration	Remarks
Device (FTP server)	Enable the FTP server.	Disabled by default. You can use the display ftp-server command to view the FTP server configuration on the device.
	Configure authentication and authorization.	Configure the username, password, and authorized directory for the FTP user. The device does not support anonymous FTP for security reasons. Therefore, you must set a valid username and password. By default, authenticated users can access the root directory of the device.
	Configure the FTP server operating parameters.	Configure parameters such as the FTP connection timeout time.
PC (FTP client)	Use the FTP client program to log in to the FTP server.	You can log in to the FTP server only after you input the correct FTP username and password.

 

CAUTION: ·       Make sure that the FTP server and the FTP client can reach each other before establishing the FTP connection. ·       When you use IE to log in to the device serving as the FTP server, some FTP functions are not available because multiple connections are established during the login process but the device supports only one connection at a time.

 

Configuring the FTP client

 

NOTE: Only users with the manage level can use the ftp command to log in to an FTP server, enter FTP client view, and execute directory and file operation commands. However, whether the commands can be executed successfully depends on the authorizations of the FTP server.

 

Establishing an FTP connection

Before you can access the FTP server, you must first establish a connection from the FTP client to the FTP server. You can either use the ftp command to establish the connection directly or use the open command in FTP client view to establish the connection.

When using the ftp command, you can specify the source interface (a loopback or dialer interface) or source IP address. The primary IP address of the specified source interface or the specified source IP address is used as the source IP address of sent FTP packets.

The FTP client follows these rules to select the source IP address of packets sent to the FTP server:

·           If no source IP address is specified, the IP address of the output interface of the route to the server is used as the source IP address.

·           The source IP address specified with the ftp client source or ftp command is used.

·           If you first use the ftp client source command to specify a source IP address and then use the ftp command to specify another source IP address, the latter is used.

·           The source IP address specified with the ftp client source command applies to all FTP connections while the one specified with the ftp command applies to the current FTP connection only.

To establish an IPv4 FTP connection:

 

Step	Command	Remarks
1.     Enter system view.	system-view	N/A
2.     Specify the source IP address of sent FTP packets.	ftp client source { interface interface-type interface-number | ip source-ip-address }	Optional. By default, the source IP address is determined by the route from the FTP client to the FTP server.
3.     Return to user view.	quit	N/A
4.     Log in to the remote FTP server.	·       (Approach 1) In user view: ftp [ server-address [ I ] [ vpn-instance vpn-instance-name ] [ source { interface interface-type interface-number | ip source-ip-address } ] ] ·       (Approach 2) In FTP client view: a.   ftp b.   open server-address [ service-port ]	Use either approach. The ftp command is available in user view; and the open command is available in FTP client view.

 

NOTE: ·       If no primary IP address is configured on the specified source interface, no FTP connection can be established. ·       If you use the ftp client source command to configure a source interface and then use it to configure a source IP address, the source IP address overwrites the source interface, and vice versa.

 

To establish an IPv6 FTP connection:

 

Task	Command	Remarks
Log in to the remote FTP server.	·       (Approach 1) In user view: ftp ipv6 [ server-address [ service-port ] [ vpn-instance vpn-instance-name ] [ source ipv6 source-ipv6-address ] [ -i interface-type interface-number ] ] ·       (Approach 1) In FTP client view: a.   ftp ipv6 b.   open ipv6 server-address [ service-port ] [ -i interface-type interface-number ]	Use either approach. The ftp ipv6 command is available in user view; and the open ipv6 command is available in FTP client view.

 

Managing the directories on the FTP server

After the device serving as the FTP client has established a connection with the FTP server, you can create or delete folders under the authorized directory of the FTP server. For more information about establishing an FTP connection, see “Establishing an FTP connection.”

To manage the directories on an FTP server:

 

Task	Command
Display detailed information about a directory or file on the remote FTP server.	dir [ remotefile [ localfile ] ]
Query a directory or file on the remote FTP server.	ls [ remotefile [ localfile ] ]
Change the working directory of the remote FTP server.	cd { directory | .. | / }
Return to the upper level directory of the remote FTP server.	cdup
Display the working directory that is being accessed.	pwd
Create a directory on the remote FTP server.	mkdir directory
Remove the specified working directory on the remote FTP server.	rmdir directory

 

Managing the files on the FTP server

After the device serving as the FTP client has established a connection with the FTP server, you can upload a file to or download a file from the FTP server under the authorized directory of the FTP server by following these steps. For more information about establishing an FTP connection, see “Establishing an FTP connection.”

You can perform the following operations for files on the FTP server:

·           Use the dir or ls command to display the directory and the location of the file on the FTP server.

·           Delete useless files.

·           Set the file transfer mode. FTP transmits files in two modes: ASCII and binary. ASCII mode transfers files as text. Binary mode transfers files as raw data.

·           Use the lcd command to display the local working directory of the FTP client. You can upload the file or save the downloaded file under this directory.

·           Upload or download a file.

To manage the files on an FTP server:

 

Task	Command	Remarks
Display detailed information about a directory or file on the remote FTP server.	dir [ remotefile [ localfile ] ]	The ls command displays the name of a directory or file only, while the dir command displays detailed information such as the file size and creation time.
Query a directory or file on the remote FTP server.	ls [ remotefile [ localfile ] ]	The ls command displays the name of a directory or file only, while the dir command displays detailed information such as the file size and creation time.
Delete the specified file on the remote FTP server permanently.	delete remotefile	N/A
Set the file transfer mode to ASCII.	ascii	ASCII by default.
Set the file transfer mode to binary.	binary	ASCII by default.
Set the data transmission mode to passive.	passive	Passive by default.
Display the local working directory of the FTP client.	lcd	N/A
Upload a file to the FTP server.	put localfile [ remotefile ]	N/A
Download a file from the FTP server.	get remotefile [ localfile ]	N/A

 

Using another username to log in to the FTP server

After the device serving as the FTP client has established a connection with the FTP server, you can use another username to log in to the FTP server. For more information about establishing an FTP connection, see “Establishing an FTP connection.”

This feature allows you to switch between different user levels without affecting the current FTP connection. If you input an incorrect username or password, the current connection is terminated, and you must log in again to access the FTP server.

To use another username to log in to the FTP server:

 

Task	Command
Use another username to log in to the server after login.	user username [ password ]

 

Maintaining and debugging an FTP connection

After a device serving as the FTP client has established a connection with the FTP server, you can perform the following operations to locate and diagnose FTP connection problems. For more information about establishing an FTP connection, see “Establishing an FTP connection.”

To maintain or debug an FTP connection:

 

Task	Command	Remarks
Display the help information of FTP-related commands supported by the remote FTP server.	remotehelp [ protocol-command ]	Optional.
Enable information display in a detailed manner.	verbose	Optional. Enabled by default.
Enable FTP related debugging when the device acts as the FTP client.	debugging	Optional. Disabled by default.

 

Terminating an FTP connection

After the device serving as the FTP client has established a connection with the FTP server, you can use any of the following commands to terminate the FTP connection. For more information about establishing an FTP connection, see “Establishing an FTP connection.”

To terminate an FTP connection:

 

Task	Command	Remarks
Terminate the connection to the FTP server without exiting FTP client view.	·       disconnect ·       close	Use either command in FTP client view.
Terminate the connection to the FTP server and return to user view.	·       bye ·       quit	Use either command in FTP client view.

 

FTP client configuration example (standalone mode)

Network requirements

As shown in Figure 2, Device and PC are reachable to each other. On PC, an FTP user account has been created for the FTP client, with the username abc and the password abc.

From Device, download a system software image file from PC for upgrade, and upload the configuration file to PC for backup.

Figure 2 Network diagram

 

Configuration procedure

 

CAUTION: If the available memory space of the device is not enough, use the fixdisk command to clear the memory or use the delete/unreserved file-url command to delete useless files before performing the following operations.

 

# Log in to the server through FTP.

<Sysname> dir

Directory of flash:/

 

   0   drw-         -  Dec 07 2008 10:00:57   filename

   1   drw-         -  Jan 02 2008 14:27:51   logfile

   2   -rw-      1216  Jan 02 2008 14:28:59   config.cfg

   3   -rw-      1216  Jan 02 2008 16:27:26   backup.cfg

 

129794 KB total (127362 KB free)

<Sysname> delete /unreserved flash:/backup.cfg

# Download the system software image file from the FTP server.

<Sysname> ftp 10.1.1.1

Trying 10.1.1.1 ...

Press CTRL+K to abort

Connected to 10.1.1.1.

220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user

User(10.1.1.1:(none)):abc

331 Give me your password, please

Password:

230 Logged in successfully

# Set the file transfer mode to binary.

[ftp] binary

200 Type set to I.

# Download the system software image file newest.bin from PC to Device.

·           Download system software image file newest.bin from PC to the root directory of the active main board (AMB).

[ftp] get newest.bin

227 Entering Passive Mode (10,1,1,1,10,68).

125 BINARY mode data connection already open, transfer starting for /newest.bin.

226 Transfer complete.

FTP: 23951480 byte(s) received in 95.399 second(s), 251.00K byte(s)/sec.

·           Download system software image file newest.bin from PC to the root directory of the standby main board (SMB) in slot 1.

[ftp] get newest.bin slot1#flash:/newest.bin

# Upload the configuration file config.cfg of the device to the server for backup.

[ftp] ascii

[ftp] put config.cfg back-config.cfg

227 Entering Passive Mode (10,1,1,1,4,2).

125 ASCII mode data connection already open, transfer starting for /config.cfg.

226 Transfer complete.

FTP: 3494 byte(s) sent in 5.646 second(s), 618.00 byte(s)/sec.

[ftp] bye

221 Server closing.

# Specify newest.bin as the main system software image file used at the next startup.

·           For the AMB.

<Sysname> boot-loader file newest.bin slot 0 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on slot 0!

·           For the SMB (in slot 1).

<Sysname> boot-loader file slot1#flash:/newest.bin slot 1 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on slot 1!

 

CAUTION: The system software image file used at the next startup must be saved under the root directory of the storage medium (For a device that has been partitioned, the system software image file must be saved on the first partition). You can copy or move a file to the root directory of the storage medium. For more information about the boot-loader command, see Fundamentals Command Reference.

 

FTP client configuration example (IRF mode)

Network requirements

As shown in Figure 3:

·           The device is an IRF virtual device, which is composed of a master and a slave device. The member ID of the master is 1, and the slot numbers of the AMB and the SMB on the master are 0 and 1 respectively. The member ID of the slave device is 2, and the slot numbers of the AMB and SMB on the slave device are 0 and 1 respectively.

·           The device serves as an FTP client. The PC serves as the FTP server. They can reach each other.

·           On the PC, an FTP user account has been created for the FTP client, with the username abc and the password abc.

From the device, download a system software image file from the PC for upgrade, and upload the configuration file to the PC for backup.

Figure 3 Network diagram

 

Configuration procedure

 

CAUTION: If the available memory of the device is insufficient, use the fixdisk command to clear the memory or use the delete/unreserved file-url command to delete the files not in use and then perform the following operations.

 

# Log in to the server through FTP.

<Sysname> ftp 10.1.1.1

Trying 10.1.1.1 ...

Press CTRL+K to abort

Connected to 10.1.1.1.

220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user

User(10.1.1.1:(none)):abc

331 Give me your password, please

Password:

230 Logged in successfully

# Set the file transfer mode to binary to transmit system software image file.

[ftp] binary

200 Type set to I.

# Download the system software image file newest.bin from the PC to the device.

·           Download the system software image file newest.bin from the PC to the root directory of the storage medium on the AMB of the IRF virtual device (that is, the AMB on the master).

[ftp] get newest.bin

·           Download the system software image file newest.bin from the PC to the root directory of the storage media of the SMBs of the IRF virtual device (that is, any main board except the AMB of the IRF virtual device) (the member ID and slot number of the member device where one SMB resides are both 1; the member ID and slot number of the member device where another SMB resides are 2 and 0 respectively; the member ID and slot number of the member device where the third SMB resides are 2 and 1 respectively).

[ftp] get newest.bin chassis1#slot1#flash:/newest.bin

227 Entering Passive Mode (10,1,1,1,10,68).

125 BINARY mode data connection already open, transfer starting for chassis1#slot1#flash:/newest.bin.

226 Transfer complete.

FTP: 23951480 byte(s) received in 95.399 second(s), 251.00K byte(s)/sec.

[ftp] get newest.bin chassis2#slot0#flash:/newest.bin

227 Entering Passive Mode (10,1,1,1,12,43).

125 BINARY mode data connection already open, transfer starting for chassis2#slot0#flash:/newest.bin.

226 Transfer complete.

FTP: 23951480 byte(s) received in 95.399 second(s), 251.00K byte(s)/sec.

[ftp] get newest.bin chassis2#slot1#flash:/newest.bin

227 Entering Passive Mode (10,1,1,1,5,49).

125 BINARY mode data connection already open, transfer starting for chassis2#slot1#flash:/newest.bin.

226 Transfer complete.

FTP: 23951480 byte(s) received in 95.399 second(s), 251.00K byte(s)/sec.

# Upload the configuration file config.cfg of the device to the server for backup.

[ftp] ascii

[ftp] put config.cfg back-config.cfg

227 Entering Passive Mode (10,1,1,1,4,2).

125 ASCII mode data connection already open, transfer starting for /config.cfg.

226 Transfer complete.

FTP: 3494 byte(s) sent in 5.646 second(s), 618.00 byte(s)/sec.

[ftp] bye

221 Server closing.

# Specify newest.bin as the main system software image file for next startup of the AMB of the IRF virtual device.

<Sysname> boot-loader file newest.bin chassis 1 slot 0 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on chassis 1 slot 0!

# Specify newest.bin as the main system software image file for next startup of the SMBs of the IRF virtual device.

<Sysname> boot-loader file chassis1#slot1#flash:/newest.bin chassis 1 slot 1 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on chassis 1 slot 1!

<Sysname> boot-loader file chassis2#slot0#flash:/newest.bin chassis 2 slot 0 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on chassis 2 slot 0!

<Sysname> boot-loader file chassis2#slot1#flash:/newest.bin chassis 2 slot 1 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on chassis 2 slot 1!

# Reboot the device, and the system software image file is updated at the system reboot.

<Sysname> reboot

 

CAUTION: The system software image file used for the next startup must be saved in the root directory of the storage medium. You can copy or move a file to the root directory of the storage medium. For more information about the boot-loader command, see Fundamentals Command Reference.

 

Configuring the FTP server

Configuring FTP server operating parameters

The FTP server uses one of the two modes to update a file when you upload the file (use the put command) to the FTP server:

·           In fast mode, the FTP server starts writing data to the storage medium after a file is transferred to the memory. This prevents the existing file on the FTP server from being corrupted in the event that anomaly, power failure for example, occurs during a file transfer.

·           In normal mode, the FTP server writes data to the storage medium while receiving data. This means that any anomaly, power failure for example, during file transfer might result in file corruption on the FTP server. This mode, however, consumes less memory space than the fast mode.

To configure the FTP server:

 

Step	Command	Remarks
1.     Enter system view.	system-view	N/A
2.     Enable the FTP server.	ftp server enable	Disabled by default.
3.     Use an ACL to control FTP clients’ access to the device.	ftp server acl acl-number	Optional. By default, no ACL is used to control FTP clients’ access to the device.
4.     Configure the idle-timeout timer.	ftp timeout minutes	Optional. 30 minutes by default. Within the idle-timeout time, if there is no information interaction between the FTP server and client, the connection between them is terminated.
5.     Set the file update mode for the FTP server.	ftp update { fast | normal }	Optional. Normal update is used by default.
6.     Return to user view.	quit	N/A
7.     Manually release the FTP connection established with the specified username.	free ftp user username	Optional.

 

Configuring authentication and authorization on the FTP server

To allow an FTP user to access certain directories on the FTP server, you need to create an account for the user, authorize access to the directories and associate the username and password with the account.

Make the following configuration to perform authentication and authorization on a local FTP user. To authenticate remote FTP users, you need to configure authentication, authorization and accounting (AAA). For detailed configuration about AAA, see Security Command Reference.

With local authentication, the device checks the input username and password against those configured on the device. In remote authentication, the device sends the input username and password to the remote authentication server for authentication.

To configure authentication and authorization for FTP server:

 

Step	Command	Remarks
1.     Enter system view.	system-view	N/A
2.     Create a local user and enter its view.	local-user user-name	No FTP authorized local user exists by default, and the system does not support FTP anonymous user access.
3.     Assign a password to the user.	password { simple | cipher } password	N/A
4.     Assign the FTP service to the user.	service-type ftp	By default, the system does not support anonymous FTP access, and does not assign any service. If the FTP service is assigned, the root directory of the switch is used by default.
5.     Configure user properties.	authorization-attribute { acl acl-number | callback-number callback-number | idle-cut minute | level level | user-profile profile-name | user-role { guest | guest-manager | security-audit } | vlan vlan-id | work-directory directory-name } *	Optional. By default, the FTP/SFTP users can access the root directory of the switch, and the user level is 0. You can change the default configuration by using this command.

 

NOTE: ·       For more information about the local-user, password, service-type ftp, and authorization-attribute commands, see Security Command Reference. ·       When the switch serves as the FTP server, if the client is to perform the write operations (for example, upload, delete, create, and delete) on the switch’s file system, the FTP login users must be level 3 users; if the client is to perform other operations, for example, read operation, the switch has no restriction on the user level of the FTP login users, that is, any level from 0 to 3 is allowed.

 

FTP server configuration example (standalone mode)

Network requirements

As shown in Figure 4, PC keeps the latest system software image file of the device. Device and PC are reachable to each other.

Use Device as an FTP server, and the PC as the FTP client. Configure an account on the server with the username abc and the password abc for the FTP client. Use FTP to upgrade the device and back up the configuration file.

Figure 4 Network diagram

 

Configuration procedure

1.      Configure the device (FTP server)

# Create an FTP user account abc, and set its password to abc and the user privilege level to level 3 (the manage level). Allow user abc to access the root directory of the flash, and specify user abc to use FTP.

<Sysname> system-view

[Sysname] local-user abc

[Sysname-luser-abc] password simple abc

[Sysname-luser-abc] authorization-attribute level 3

[Sysname-luser-abc] authorization-attribute work-directory flash:/

# To access the root directory on the SMB (in slot 1), change flash:/ to slot1#flash:/.

[Sysname-luser-abc] service-type ftp

[Sysname-luser-abc] quit

# Enable the FTP server.

[Sysname] ftp server enable

[Sysname] quit

# Check files on your device and remove redundant ones to ensure adequate space for the system software image file to be uploaded.

<Sysname> dir

Directory of flash:/

   0   drw-         -  Dec 07 2005 10:00:57   filename

   1   drw-         -  Jan 02 2006 14:27:51   logfile

   2   -rw-      1216  Jan 02 2006 14:28:59   config.cfg

   3   -rw-      1216  Jan 02 2006 16:27:26   back.cfg

   4   drw-         -  Jan 02 2006 15:20:21   ftp

 

129794 KB total (127263 KB free)

<Sysname> delete /unreserved flash:/back.cfg

2.      Configure the PC (FTP client)

# Log in to the FTP server through FTP.

c:\> ftp 1.1.1.1

Connected to 1.1.1.1.

220 FTP service ready.

User(1.1.1.1:(none)):abc

331 Password required for abc.

Password:

230 User logged in.

ftp> put aaa.bin bbb.bin

# Download the configuration file config.cfg of the device to the PC for backup.

ftp> get config.cfg back-config.cfg

# Upload the configuration file newest.bin to Device.

ftp> put newest.bin

200 Port command okay.

150 Opening ASCII mode data connection for /newest.bin.

226 Transfer complete.

ftp> bye

221 Server closing.

 

c:\>

 

NOTE: ·       You can take the same steps to upgrade configuration file with FTP. When upgrading the configuration file with FTP, put the new file under the root directory of the storage medium (For a switch that has been partitioned, the configuration file must be saved on the first partition). ·       After you finish transferring the BootROM program through FTP, you must execute the bootrom upgrade command to upgrade the BootROM.

 

3.      Upgrade Device

# Copy newest.bin to the root directory of the memory on the SMB in slot 1.

<Sysname> copy newest.bin slot1#flash:/

# Specify newest.bin as the main system software image file for next startup

¡  For the AMB.

<Sysname> boot-loader file newest.bin slot 0 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on slot 0!

¡  For the SMB.

<Sysname> boot-loader file slot1#flash:/newest.bin slot 1 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on slot 1!

# Reboot the device.

<Sysname> reboot

 

CAUTION: The system software image file used at the next startup must be saved under the root directory of the storage medium (For a device that has been partitioned, the system software image file must be saved on the first partition). You can copy or move a file to the root directory of the storage medium. For more information about the boot-loader command, see Fundamentals Command Reference.

 

FTP server configuration example (IRF mode)

Network requirements

As shown in Figure 5, an IRF virtual device comprises a master and a slave device. The member ID of the master is 1, and the slot numbers of the AMB and the SMB on the master are 0 and 1 respectively. The member ID of the slave device is 2, and the slot numbers of the AMB and SMB on the slave device are 0 and 1 respectively. The IRF virtual device and the PC are reachable to each other.

Use the IRF virtual device serves as an FTP server, and create an FTP user account with the username abc and password abc for the FTP client. From the IRF virtual device, download a system software image file from PC for upgrade, and uploads the configuration file to PC for backup.

Figure 5 Network diagram

 

Configuration procedure

 

CAUTION: If the available memory of the master and slave devices is insufficient, use the fixdisk command to clear the memory or use the delete/unreserved file-url command to delete the files not in use and then perform the following operations.

 

1.      Configure the IRF virtual device (FTP server)

# Create an FTP user account abc, set its password to abc and the user privilege level to level 3 (the manage level). Allow user abc to access the root directory of the flash on the AMB of the IRF virtual device, and specify abc to use FTP.

<Sysname> system-view

[Sysname] local-user abc

[Sysname-luser-abc] password simple abc

[Sysname-luser-abc] authorization-attribute level 3

[Sysname-luser-abc] authorization-attribute work-directory flash:/

To access an SMB of the IRF virtual device (suppose that the member ID and slot number of the member device where the SMB resides are 2 and 1 respectively), replace flash:/ with chassis2#slot1#flash:/ in authorization-attribute work-directory flash:/.

[Sysname-luser-abc] service-type ftp

[Sysname-luser-abc] quit

# Enable FTP server.

[Sysname] ftp server enable

[Sysname] quit

2.      Configure the PC (FTP client)

# Log in to the FTP server through FTP.

c:\> ftp 1.1.1.1

Connected to 1.1.1.1.

220 FTP service ready.

User(1.1.1.1:(none)):abc

331 Password required for abc.

Password:

230 User logged in.

# Download the configuration file config.cfg of the IRF virtual device to the PC for backup.

ftp> get config.cfg back-config.cfg

# Upload the configuration file newest.bin to the root directory of the storage medium on the AMB of the IRF virtual device.

ftp> put newest.bin

200 Port command okay.

150 Opening ASCII mode data connection for /newest.bin.

226 Transfer complete.

ftp> bye

221 Server closing.

 

c:\>

 

NOTE: ·       You can take the same steps to upgrade configuration file with FTP. When upgrading the configuration file with FTP, put the new file in the root directory of the storage medium (For a device that has been partitioned, the configuration file must be saved on the first partition.). ·       After you finish upgrading Boot ROM through FTP, you must execute the bootrom update command to upgrade Boot ROM.

 

3.      Upgrade the IRF virtual device

# Copy the system software image file newest.bin from PC to the root directory of the storage media of the SMBs of the IRF virtual device (the member ID and slot number of the member device where one SMB resides are both 1; the member ID and slot number of the member device where another SMB resides are 2 and 0 respectively; the member ID and slot number of the member device where the third SMB resides are 2 and 1 respectively).

<Sysname> copy newest.bin chassis1#slot1#flash:/

<Sysname> copy newest.bin chassis2#slot0#flash:/

<Sysname> copy newest.bin chassis2#slot1#flash:/

# Specify newest.bin as the main system software image file for next startup of all the main boards of the IRF virtual device.

<Sysname> boot-loader file newest.bin chassis 1 slot 0 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on chassis 1 slot 0!

<Sysname> boot-loader file chassis1#slot1#flash:/newest.bin chassis 1 slot 1 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on chassis 1 slot 1!

<Sysname> boot-loader file chassis2#slot0#flash:/newest.bin chassis 2 slot 0 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on chassis 2 slot 0!

<Sysname> boot-loader file chassis2#slot1#flash:/newest.bin chassis 2 slot 1 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on chassis 2 slot 1!

# Reboot the IRF virtual device, and the system software image file is updated at the system reboot.

<Sysname> reboot

 

CAUTION: The system software image file used for the next startup must be saved in the root directory of the storage medium. You can copy or move a file to the root directory of the storage medium. For more information about the boot-loader command, see Fundamentals Command Reference.

 

Displaying and maintaining FTP

 

Task	Command	Remarks
Display the configuration of the FTP client.	display ftp client configuration [ | { begin | exclude | include } regular-expression ]	Available in any view
Display the configuration of the FTP server.	display ftp-server [ | { begin | exclude | include } regular-expression ] [ | { begin | exclude | include } regular-expression ]	Available in any view
Display detailed information about logged-in FTP users.	display ftp-user [ | { begin | exclude | include } regular-expression ] [ | { begin | exclude | include } regular-expression ]	Available in any view

 

 

TFTP overview

Introduction to TFTP

The Trivial File Transfer Protocol (TFTP) provides functions similar to those provided by FTP, but it is less complex than FTP in interactive access interface and authentication. Therefore, it is more suitable in environments where complex interaction is not needed between client and server.

TFTP uses the UDP port 69 for data transmission. For basic TFTP operation, see RFC 1350.

In TFTP, file transfer is initiated by the client.

·           In a normal file downloading process, the client sends a read request to the TFTP server, receives data from the server, and then sends the acknowledgement to the server.

·           In a normal file uploading process, the client sends a write request to the TFTP server, sends data to the server, and receives the acknowledgement from the server.

TFTP transfers files in two modes:

·           Binary mode—Transfers files as raw data, such as .bin and .btm files.

·           ASCII mode—Transfers files as text, such as .txt, .bat, and .cfg files.

TFTP operation

 

NOTE: Only the TFTP client service is available with your switch.

 

Figure 6 Network diagram

 

Before using TFTP, the administrator needs to configure IP addresses for the TFTP client and server, and make sure that there is a reachable route between the TFTP client and server.

When the device serves as the TFTP client, you need to perform the following configuration:

 

Device	Configuration
Device (TFTP client)	·       Configure the IP address and routing function, and make sure that the route between the device and the TFTP server is available. ·       Use the tftp command to establish a connection to the remote TFTP server to upload/download files to/from the TFTP server
PC (TFTP server)	Enable TFTP server on the PC, and configure the TFTP working directory.

 

Configuring the TFTP client

When a switch acts as a TFTP client, you can upload a file on the switch to a TFTP server and download a file from the TFTP server to the local switch. You can use either of the following methods to download a file:

·           Normal download: The device writes the obtained file to the storage medium directly If you download a remote file using a filename destination-filename that exists in the directory, the device deletes the original file and then saves the new one. If file download fails due to network disconnection or other reasons, the original file will never recover because it has been deleted.

·           Secure download: The device saves the obtained file to its memory and does not write it to the storage medium until the whole file is obtained. If you download a remote file using a filename destination-filename that exists in the directory, the original file is not overwritten. If file download fails due to network disconnection or other reasons, the original file still exists. This mode is more secure but consumes more memory.

H3C recommends you to use the secure mode or, if you use the normal mode, specify a filename not existent in the current directory as the target filename when downloading the system software image file or the startup configuration file.

When using the tftp command, you can specify the source interface (such as a loopback interface) or source IP address. The primary IP address of the specified source interface or the specified source IP address is used as the source IP address of sent TFTP packets.

The TFTP client follows these rules to select the source IP address of packets sent to the TFTP server:

·           If no source IP address is specified, the IP address of the output interface of the route to the server is used as the source IP address.

·           The source IP address specified with the tftp client source or tftp command is used.

·           If you first use the tftp client source command to specify a source IP address and then use the tftp command to specify another source IP address, the latter is used.

·           The source IP address specified with the tftp client source command applies to all TFTP connections while the one specified with the tftp command applies to the current TFTP connection only.

To configure the TFTP client:

 

Step	Command	Remarks
1.     Enter system view.	system-view	N/A
2.     Use an ACL to control the device’s access to TFTP servers.	tftp-server [ ipv6 ] acl acl-number	Optional. By default, no ACL is used to control the device’s access to TFTP servers.
3.     Specify the source IP address of sent TFTP packets.	tftp client source { interface interface-type interface-number | ip source-ip-address }	Optional. By default, the source IP address is determined by the route from the TFTP client to the TFTP server.
4.     Return to the user view.	quit	N/A
5.     Specify the source IP address of sent TFTP packets.	tftp client source { interface interface-type interface-number | ip source-ip-address }	Optional. By default, the source IP address is determined by the route from the TFTP client to the TFTP server.
6.     Return to user view.	quit	N/A
7.     Download or upload a file in an IPv4 network.	tftp server-address { get | put | sget } source-filename [ destination-filename ] [ vpn-instance vpn-instance-name ] [ source { interface interface-type interface-number | ip source-ip-address } ]	Optional. Available in user view
8.     Download or upload a file in an IPv6 network.	tftp ipv6 tftp-ipv6-server [ -i interface-type interface-number ] { get | put } source-filename [ destination-filename ] [ vpn-instance vpn-instance-name ]	Optional. Use this command in user view.

 

NOTE: ·       If no primary IP address is configured on the source interface, no TFTP connection can be established. ·       If you use the ftp client source command to configure a source interface and then use it to configure a source IP address, the source IP address overwrites the source interface, and vice versa.

 

Displaying and maintaining a TFTP client

 

Task	Command	Remarks
Display the configuration of the FTP client.	display tftp client configuration [ | { begin | exclude | include } regular-expression ]	Available in any view

 

TFTP client configuration example (standalone mode)

Network requirements

As shown in Figure 7, Device and PC are reachable to each other.

Use the PC as the TFTP server and Device as the TFTP client. Download a system software image file from the PC to the Device for upgrade and upload a configuration file named config.cfg to the PC for backup

Figure 7 Network diagram

 

Configuration procedure

1.      Configure the PC (TFTP server). (Details not shown)

a.    On the PC, enable the TFTP server.

b.    Configure a TFTP working directory.

2.      Configure the Device (TFTP client)

# Download application file newest.bin from the PC to the device.

¡  Download application file newest.bin from the PC to the root directory of the storage medium on the AMB.

<Sysname> tftp 1.2.1.1 get newest.bin

¡  Download application file newest.bin from PC to the root directory of the storage medium on the SMB (in slot 1).

<Sysname> tftp 1.2.1.1 get newest.bin slot1#flash:/newest.bin

# Upload configuration file config.cfg to the TFTP server.

<Sysname> tftp 1.2.1.1 put config.cfg configback.cfg

# Specify newest.bin as the main system software image file for next startup.

¡  For the AMB.

<Sysname> boot-loader file newest.bin slot 0 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on slot 0!

¡  For the SMB (in slot 1).

<Sysname> boot-loader file slot1#flash:/newest.bin slot 1 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on slot 1!

# Reboot the device.

<Sysname> reboot

 

NOTE: ·       If the free memory space of the device is not big enough, use the fixdisk command to clear the memory or use the delete /unreserved file-url command to delete files not in use before downloading new files. ·       The system software image file used at the next startup must be saved under the root directory of the storage medium. You can copy or move a file to the root directory of the storage medium. For more information about the boot-loader command, see Fundamentals Command Reference.

 

TFTP client configuration example (IRF mode)

Network requirements

As shown in Figure 8, an IRF virtual device comprises a master and a slave device. The member ID of the master is 1, and the slot numbers of the AMB and the SMB on the master are 0 and 1 respectively. The member ID of the slave device is 2, and the slot numbers of the AMB and SMB on the slave device are 0 and 1 respectively. The IRF virtual device and PC can reach each other.

Use the IRF virtual device as a TFTP client and PC as the TFTP server. From the IRF virtual device, download a system software image file from PC for upgrade and uploads a configuration file named config.cfg to PC for backup.

Figure 8 Network diagram

 

Configuration procedure

1.      Configure the PC (TFTP server). (Details not shown)

a.    On the PC, enable TFTP server.

b.    Configure a TFTP working directory.

2.      Configure the IRF virtual device (TFTP client)

# Download application file newest.bin from PC to the master and slave devices.

¡  Download application file newest.bin from PC to the root directory of the storage medium on the AMB of the IRF virtual device.

<Sysname> tftp 1.2.1.1 get newest.bin

¡  Download the system software image file newest.bin from the PC to the root directories of the storage media of the SMBs of the IRF virtual device (the member ID and slot number of the member device where one SMB resides are both 1; the member ID and slot number of the member device where another SMB resides are 2 and 0 respectively; the member ID and slot number of the member device where the third SMB resides are 2 and 1 respectively).

<Sysname> tftp 1.2.1.1 get newest.bin chassis1#slot1#flash:/newest.bin

<Sysname> tftp 1.2.1.1 get newest.bin chassis2#slot0#flash:/newest.bin

<Sysname> tftp 1.2.1.1 get newest.bin chassis2#slot1#flash:/newest.bin

# Upload a configuration file config.cfg to the TFTP server.

<Sysname> tftp 1.2.1.1 put config.cfg configback.cfg

# Specify newest.bin as the main system software image file for next startup of all the main boards of the IRF virtual device.

<Sysname> boot-loader file newest.bin chassis 1 slot 0 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on chassis 1 slot 0!

<Sysname> boot-loader file chassis1#slot1#flash:/newest.bin chassis 1 slot 1 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on chassis 1 slot 1!

<Sysname> boot-loader file chassis2#slot0#flash:/newest.bin chassis 2 slot 0 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on chassis 2 slot 0!

<Sysname> boot-loader file chassis2#slot1#flash:/newest.bin chassis 2 slot 1 main

  This command will set the boot file of the specified board. Continue? [Y/N]:y

  The specified file will be used as the main boot file at the next reboot on chassis 2 slot 1!

# Reboot the IRF virtual device and the software is upgraded.

<Sysname> reboot

 

NOTE: ·       If the free memory space of the master and slave devices is not big enough, use the fixdisk command to clear the memory or use the delete/unreserved file-url command to delete the files not in use before downloading new files. ·       The system software image file used for the next startup must be saved in the root directory of the storage medium. You can copy or move a file to the root directory of the storage medium. For more information about the boot-loader command, see Fundamentals Command Reference.