diff --git a/docs/S4810.md b/docs/S4810.md new file mode 100644 index 0000000..21a715b --- /dev/null +++ b/docs/S4810.md @@ -0,0 +1,222 @@ +# Flashing the S4810-ON to regular FTOS (S4810P) +## Preparation +This guide will convert your S4810-ON ONIE model into a regular S4810P running Dell's regular FTOS. To begin, download the zip below. + +[```S4810 Onie > FTOS Zip```](store/ftos-onie-06-07-2024.zip) +```FTOS Version: 9.14.1.14``` +```ZIP Updated: 06-07-2024``` +```MD5: eb0fcd7305bb3d63cd535b811364ee9d``` + +Inside this archive you'll see a folder titled `ftos-onie-(date)` - extract this entire folder somewhere on your PC. Then, you need to get a TFTP server up and running temporarily, serving files out of the `TFTP-Content` subfolder. If you're already familiar with how to do this, point your TFTP server at `TFTP-Content` so it's the root folder, then skip ahead to the Flashing section. If you need some pointers getting TFTP running, read below. + +### Setting up TFTP (Windows) +For a simple temporary TFTP server under Windows, I highly recommend Tftpd64. In the brocade ZIP above, a portable copy that requires no installation is included under the `Tftpd64` folder - just launch the `tftpd64.exe` executable inside - it should already be configured with the appropriate settings, and set to serve the correct folder (`..\TFTP-Content\`). + +That's it! You're now serving all the files via TFTP so your switch can grab them. When you're done with the guide, just exit the program. If you don't want to trust an executable from a random site, you can also just [download Tftpd64](https://pjo2.github.io/tftpd64/) from the official site and configure it yourself (granted, if you `diff` it with mine, you'll see they're identical). +>**Note:** On any modern version of Windows, the Windows Firewall will probably block TFTP connections by default - if you get TFTP issues and the switch can't download files, just completely disable the windows firewall temporarily + +### Setting up TFTP (Linux) +You may already have a TFTP daemon you prefer on *nix but if not, I've found `tftpd-hpa` to typically be the simplest. The following assumes you're on a Debian-ish distro or similar. If you're on something `yum` or `pkg` based, I'm sure you can figure out the equivalent commands. First, install `tftpd-hpa`: +``` +apt install tftpd-hpa +``` +By default it will enable it as a service so it will start every boot, let's disable that so it will only run when you manually start it: +``` +systemctl disable tftpd-hpa +``` +Now you need to edit the config located at `/etc/default/tftpd-hpa` to match the below exactly, but of course changing the directory path to wherever you happened to extract the brocade ZIP: +``` +# /etc/default/tftpd-hpa + +TFTP_USERNAME="nobody" +TFTP_DIRECTORY="/home/jon/ftos-onie-06-07-2024/TFTP-Content" +TFTP_ADDRESS="0.0.0.0:69" +TFTP_OPTIONS="--secure -vvvv" +``` +>Note: tftpd-hpa does *not* like spaces in the directory path + +Save the config file and now reboot the matt daemon: + +``` +systemctl restart tftpd-hpa +``` +That's it, you're now serving all the guide files and your switches can grab them. If you have trouble, you should see a good amount of related info from `tail -F /var/log/syslog` - see if it's complaining about file permissions or similar. When you're finished with the guide, you can stop the daemon and it won't start again until you tell it to, or just uninstall it completely: +``` +systemctl stop tftpd-hpa +##optionally remove it completely +apt remove tftpd-hpa +``` + +### Setting up TFTP (macOS) +Fortunately macOS has a built in TFTP server, all you have to do is enable it. Lets first temporarily disable the Firewall: **System Settings** -> **Network** -> **Firewall**. + +Load the TFTP service: +``` +sudo launchctl load -F /System/Library/LaunchDaemons/tftp.plist +``` +Start the service: +``` +sudo launchctl start com.apple.tftpd +``` +By default, the TFTP directory is at `/private/tftpboot`. Be sure to grant permissions: +``` +sudo chmod 777 /private/tftpboot +``` +Move the contents of `TFTP-Content` to the `/private/tftpboot` directory. + +Once complete, you can stop and disable the service: +``` +sudo launchctl stop com.apple.tftpd +sudo launchctl unload -F /System/Library/LaunchDaemons/tftp.plist + +##optionally to be double sure TFTP is no longer running, ensure theres no output from the following: +sudo lsof -i :69 +``` + +Finally, be sure to re-enable the firewall: **System Settings** -> **Network** -> **Firewall** + +## Flashing + +Connect to the serial console port of the switch, the ONIE switches use 115200 baud. You also need to connect the dedicated management port to your network, so it can reach your tftp server serving the files from the zip. Once connected, boot the switch and stop in the bootloader by repeatedly pressing the Esc key as soon as it powers on. When succesfully in the bootloader, the prompt should be: +``` +dell_s4810_on-> +``` +Now we need to change the baud to 9600, so when FTOS boots (which uses 9600), you won't suddenly lose console output and think you have a brick: +``` +setenv baudrate 9600 +``` + +it will ask you to press enter after changing your client to 9600 baud: close your serial program, and start a new session at 9600 baud and press enter, it should show the baud has changed. then save the change: +``` +saveenv +``` + +Now you need to perform a sanity check to make sure you're on the right hardware, and can operate copy/paste correctly. Run the following command to view the first bit of the bootloader: +``` +md 0xeff80000 2c +``` +The output should match the below exactly. If it doesn't, **STOP** now and report the output you have in the ServeTheHome forum thread: +``` +eff80000: 27051956 552d426f 6f74202d 204f4e49 '..VU-Boot - ONI +eff80010: 4520312e 32302e31 2e312028 44656c6c E 1.20.1.1 (Dell +eff80020: 20496e63 29202841 75672030 35203230 Inc) (Aug 05 20 +eff80030: 3134202d 2031383a 31343a31 32292042 14 - 18:14:12) B +eff80040: 6f6f7420 4c6f6164 6572204c 6162656c oot Loader Label +eff80050: 20312e32 302e302e 31000000 00000000 1.20.0.1....... +eff80060: 3c60ffd0 60633bf0 38000000 90030000 <`..`c;.8....... +eff80070: 90030004 7c611b78 48000005 7d8802a6 ....|a.xH...}... +eff80080: 800c185c 7d806214 48006081 3c600002 ...\}.b.H.`.<`.. +eff80090: 60631200 7c600124 4c00012c 48005e7d `c..|`.$L..,H.^} +eff800a0: 4800a0e9 4c00012c 00000000 00000000 H...L..,........ +``` + +If your output matches, we can continue loading in the FTOS bootloader. We need to set a temporary IP for the switch to use, then tell it the IP of your TFTP server. Lastly, we copy the FTOS bootloader from your TFTP server into RAM: +``` +setenv ipaddr 192.168.1.55 +setenv serverip 192.168.1.8 +tftpboot 0x20000000 ftos-full-uboot-1.2.0.5.bin +``` +Verify that it copied correctly by reading some bytes from the memory location we copied it to: +``` +md 0x200000F0 20 +``` +Your output should match the below exactly: +``` +200000f0: 27051956 552d426f 6f742032 3030392e '..VU-Boot 2009. +20000100: 31312844 656c6c29 20284170 72203036 11(Dell) (Apr 06 +20000110: 20323031 34202d20 30383a34 343a3535 2014 - 08:44:55 +20000120: 290d0a42 75696c74 20627920 6275696c )..Built by buil +20000130: 64206174 20556e6b 6e6f776e 20686f73 d at Unknown hos +20000140: 74206f6e 2053756e 20417072 20203620 t on Sun Apr 6 +20000150: 20383a34 343a3534 20323031 34200d0a 8:44:54 2014 .. +20000160: 53343831 3020426f 6f742073 656c6563 S4810 Boot selec +``` +If it doesn't, **STOP!** Something went wrong during the copy process. You are safe to reboot or power off your switch. If it does match, continue on. + +Now is the scary part, we need to erase the ONIE version of u-boot, then copy in the FTOS version. Run these commands exactly as they are shown, copy/paste them to avoid the possibility of typos: +``` +protect off all +erase 0xeff80000 +0x80000 +cp.b 0x200000F0 0xeff80000 0x80000 +``` +Now verify that it copied correctly: +``` +md 0xeff80000 20 +``` +Your output should match the below exactly: +``` +eff80000: 27051956 552d426f 6f742032 3030392e '..VU-Boot 2009. +eff80010: 31312844 656c6c29 20284170 72203036 11(Dell) (Apr 06 +eff80020: 20323031 34202d20 30383a34 343a3535 2014 - 08:44:55 +eff80030: 290d0a42 75696c74 20627920 6275696c )..Built by buil +eff80040: 64206174 20556e6b 6e6f776e 20686f73 d at Unknown hos +eff80050: 74206f6e 2053756e 20417072 20203620 t on Sun Apr 6 +eff80060: 20383a34 343a3534 20323031 34200d0a 8:44:54 2014 .. +eff80070: 53343831 3020426f 6f742073 656c6563 S4810 Boot selec +``` +If it doesn't, something has gone wrong. Try the three flashing commands above a second time, then check with `md` again. If it still does not match **STOP** and do not power off or reboot your switch as it will be bricked. Post in the ServeTheHome forum and keep the switch booted. If it does match, then you're clear to reboot, and if everything went right, it will boot into the FTOS build of u-boot (which is now at 9600 baud, but you should have switched to that already as described earlier): +``` +reset +``` + +Once it boots into the new bootloader, spam the Esc key to get into u-boot. If you miss it, don't worry, it will just keep bootlooping because it won't find an OS to boot. + + +Now that you're in the FTOS version of u-boot, we can netboot FTOS. But first, we need to flash the FTOS magic partition header to the beginning of flash. Without this, FTOS will complain that it doesn't recognize the flash with ToC errors. + +Run **all** of the following commands. If you skip setting the `showhiddencmd` variable, the erase command will not work correctly, so don't skip any commands. Provide the same TFTP server IP and temporary switch IP as you did previously: + +``` +setenv ipaddr 192.168.1.55 +setenv serverip 192.168.1.8 +setenv showhiddencmd true +saveenv +tftpboot 0x20000000 ftos-flash-header.bin +protect off all +erase 0xF8000000 +0x200 +cp.b 0x20000000 0xF8000000 0x200 +``` +Now we can finally netboot the FTOS operating system from your TFTP server. Change the IP in the command to the IP of your TFTP server: +``` +f10boot tftp://192.168.1.8/TFTP-Content/FTOS-SE-9.14.1.14.bin +``` +It will start booting into FTOS. Note that it will start scanning/deleting orphan files it finds on the internal SD card that are leftover from whatever you were running on the switch before. If this was a fully Cumulus install or similar, it can take up to 20 minutes sitting here and doing this. Go make a hot pocket or something. + +Once it stops spitting output and scrolling, and you see this: +``` +Apr 24 13:47:37 %STKUNIT0-M:CP %CRYPTO-5-FIPS_SELF_TEST_PASSED: [bmp] FIPS crypto module self-test passed +``` +It should be fully done booting, and you can press enter to get the CLI. It will ask about bare metal provisioning, hit A to abort. It will scroll more. once it stops scrolling and you see: +``` +%STKUNIT0-M:CP %BMP-5-PROCESS_COMPLETED: BMP process is complete. blahblahblah +``` +Hit enter to finally get the FTOS CLI: +``` +Dell> +``` +Now we need to do some housekeeping and preparation. give a temporary IP to the management port, this can be the same temporary IP you've been using in the bootloader. We also need to format the internal SD card:: + +``` +enable +conf t +eula-consent support-assist reject +interface ManagementEthernet 0/0 +ip address 192.168.1.55/24 +exit +exit +format flash: +#confirm it, will take 1 minute or so +``` +Now we can finally properly flash FTOS to internal flash. Change the IPs in these commands to the IP of your TFTP server: +``` +upgrade boot tftp://192.168.1.8/ftos-full-uboot-1.2.0.5.bin +upgrade system tftp://192.168.1.8/FTOS-SE-9.14.1.14.bin a +upgrade system tftp://192.168.1.8/FTOS-SE-9.14.1.14.bin b +upgrade fpga-image stack-unit 0 booted +#confirm yes even if versions match +``` +The switch will now reboot, and will automatically boot fully into FTOS, and you are done - you know have a regular S4810P. + +## Thanks + - Thanks to is39 from ServeTheHome for providing access to multiple S4810-ON units to fine tune this guide with. + diff --git a/overrides/main.html b/overrides/main.html index 6e3eca6..9f210e4 100644 --- a/overrides/main.html +++ b/overrides/main.html @@ -2,7 +2,7 @@ {% block announce %}