Embedded Files
I inherited a Cisco ISR Router and didn't really have any plans for it.
A friend of mine convinced me to make it my home router, and play about with the features on there.
I thought, why not?
I also bought a couple of Cisco 3750x Switches to go with it, and planned on a future VMware LAB, of physical serves. Maybe even run a vCenter Server Embedded appliance on my router, and use DPM to power my lab down when it's not required... that'd be neat.
Cisco ISR Router: CISCO2921/K9
The Cisco 2900 Series ISRs offer increased levels of services integration with voice, video, security, wireless, mobility, and data services, enabling greater efficiencies and cost savings.
Date: 2016-09-18
Author: Simon Jackson
I'm not going to explain how to get a serial, or SSH connection to a router/switch. If you don't know that, you're not ready for this article :)
Let's see what we have got
Let's see what we have got
I see the CLI is just as friendly as ever :)
Here was my inventory:
Setting up DLS
Setting up DLS
I understood the EHWIC-VA-DSL card to support 2x operating modes. ATM or DSL mode.
Lets disable ATM and Configure DSL. Configure the Dialler to initiate a PPP chap auth, and
Binding the PPP dialler to VLAN 101
Setup a Dedicated VRF for Internet Traffic
Verify the dialler is working
I originally had a problem establishing the PPPoE session. turned out to be an invalid CHAP password. This command helped me find that:
show pppoe session
Waxing your modem to make it go faster!
I found this comment in a cisco community forum that gave me the mtu and mss-clamping config in the dialler interface above:
"With true PPP-over-Ethernet encapsulation, the additional overhead is 8 bytes: 2B for PPP header and 6B for PPPoE header that comes in front of IP packets and is then put into the Ethernet frame payload. Out of 1500 bytes in Ethernet frame payload portion, only 1500-2-6=1492 bytes remain available for IP and higher protocols."
Peter Paluch (Cisco employee) - 2013
Peter Paluch (Cisco employee) - 2013
Listing the compute components
Listing the compute components
Embedded Service Module (ESM)
Embedded Service Module (ESM)
This micro computer, came with a broken boot of a Cisco VPN Service (which I don't need).
I installed Cisco Integrated Mangement Controller Express (CIMCE).
Integrated Service Module (ISM)
Integrated Service Module (ISM)
A mini computer, with direct access to the PVDM3 voice-processing modules.
I installed the Cisco Utility Express software.
Services Ready Engine (SRE)
Services Ready Engine (SRE)
A small computer... with a little more horse-power.
Spec:
Intel Core2Duo (@1.86Ghz), 8GB DRAM, 2x 500GB SATA @7200RPM (RAID 1 config). 1x USB 1.0, 1x RJ-45 and 4x Gbe on the SRE Backplane.
In a separate blog i'll show how I got VMware ESXI running on here.
For a router to poses basically 3x separate compute instances, in a 2U board is kind of impressive. Even for kit this old.
Question: When is a router not a router?
Answer: Almost Never.... well except when MGF is concerned it's a switch. More on MGF here.
Configuring ESM and Installing CIMCE
Configuring ESM and Installing CIMCE
Establishing a router IP-interface has already been performed on Po1.1 (192.168.1.1/24)..
So now we will instruct the embedded-service-module to boot in that vlan, with a static ip and default-gateway.
And for the router to route traffic into the device, add a static route.
Configure the ESM uplink interface
Configure the ESM uplink interface
Installing cimce-k9 on the EMS
Installing cimce-k9 on the EMS
I won't instruct you how to get TFTPd or REBEX working... you'll have to find that for yourself.
If it helps, my laptop was bound to 192.168.1.50/24 on VLAN 1 (Po1.1)
Setting up a console-connection to the ESM
Setting up a console-connection to the ESM
ESM is basically a micro server with a serial connection to handshake with, and a network interface...
I never captured the output of the `show lines` command; this informs you of which serial-line numbers are configured for each of the ESM/ISM/SM interfaces.
Lets configure the ESM interface -->
Establishing a console-session to the ESM
Establishing a console-session to the ESM
Lets get going...
Logging in to the console
Logging in to the console
We should really be following the implementation guide at this point.
Setting up a router-side WSMA user, and setting those parameters on the CIMCE.
Configuring the router to capture console changes to log
All of this, and more is on the published CIMCe guide.
NOTE: A simple Ctrl + C to exit the Enable scope. And an ESC key to break the console session to return back to the router's enable console.
Visiting CIMCE Web interface
Visiting CIMCE Web interface
This is where the static route proves useful; I can now visit https://192.168.1.2/cimce
Configuration of the CIMCE is outside of scope for this blog; if you need to learn more, Cisco published an walkthrough here
https://www.cisco.com/c/en/us/td/docs/interfaces_modules/services_modules/cimce/1-0/configuration/guide/CIMCe.html
Preparing the ISR
Preparing the ISR
So now we will instruct the integrated-service-module to boot in that vlan, with a static ip and default-gateway.
And for the router to route traffic into the device, add a static route.
Installing CUE-VM-k9 on the EMS
Installing CUE-VM-k9 on the EMS
Instructing the device to HTTP boot took a long time, over FTP, and kept timing out - so i switched to HTTP. I had no issues from here.
Logging in via the Web-UI
Logging in via the Web-UI
The Cisco Unity Express took a long time to boot. Approximately 8 minutes. So go and get a coffee...
Then Visit the webpage: https://192.168.1.10
You might find this guide extremely useful from here on: https://www.cisco.com/c/en/us/td/docs/routers/access/interfaces/software/feature/guide/ism-sm-sre.html
I will discuss the Service-Ready-Engine in the next article. Reason for this is simple: it's got a load of VMware config, and MFG (fabric) concepts to wrap your head around. Better to document it all in a dedicated article.
Page updated
Report abuse