# Basic Configuration in Ciena SAOS *June 17, 2014* — https://jade.wtf/tech-notes/ciena-saos-basic/ Tags: Ciena --- [Ciena](http://www.ciena.com/) makes Ethernet & Optical switches for the service provider market. There's essentially zero publicly available documentation available which is a shame because they make some interesting equipment and as carriers upgrade there's a lot of used equipment available that smaller providers can put to good use. I'm not sure why it's traditional for telco-oriented companies to be stingy with their documentation but it's annoying. I have some LE-311v, 3911, and a 3940 here for a project so here's my notes. They are applicable to all devices as far as I know unless otherwise noted. This also applies to devices running World Wide Packets LE-OS. Ciena acquired WWP and built their packet Ethernet offerings on tech from the acquisition. ## Configuration style CLI is subject-verb instead of verb-subject (think "interface show" not "show interface"). "configuration" enters config mode. Configuration is a blend of Cisco & Juniper Style: * JunOS: set system hostname lab * Cisco: hostname lab * Ciena: system set host-name lab You can view the current configuration with: > configuration show The configuration is displayed as a sequence of commands that are entered to achieve the desired state when you are starting from the default state. You save the configuration with: `save` You have to be in configuration mode to save the config but you don't have to be configuration mode to change the configuration. You can navigate the configuration in a sort of tree format as on a Juniper or Mikrotik device. For example you can enter "interface remote show" to view management interface status or you can enter "interface remote" and then "show" or "set" as appropriate. ## Hardware reset to factory default I found someone else's [notes on configuring Ciena devices](http://www.tech.karloss.net/index.php?option=com_content&view=article&id=8:konfigurace-ciena&catid=2:navody&Itemid=2) that covered this and got me started. On the LE-311v and 3940 there's a pinhole reset button. There's three options: * Less than 2 seconds: soft reboot * Between 2 and 10 seconds: factory default * More than 10 seconds: hard reboot. ## Management access ### Default users There are two default users: su & user. su is the superuser with a default password of wwp. user doesn't have a password. ### Serial console My devices have a DB9 serial port. You'll need a null modem cable for this. The 3911 has DB9 port visible from the user compartment but if you remove the inner cover to the carrier compartment you'll see that it's just a jumper to a Cisco-style cat5 console port. The serial ports use the typical console settings of 9600 baud, 8 data bits, 1 stop bit, no parity (9600 8N1). ### Local Management Ethernet port The LE-311v & 3940 have a ethernet management port for *local access*. The local access part is important. You can plug your laptop into it. You can't put a default gateway or other route on it and hook it up to your out of band network. Management IP: `172.16.233.214/24`. You can see current settings with: `interface show local` For example: ``` lab> interface show local +----------------------------------- local -----------------------------------+ | Parameter | Operational | User | DHCP | +----------------------+-------------------+-----------------+-----------------+ | IP Address | 172.16.233.214 | 172.16.233.214 | 0.0.0.0 | | Subnet Mask | 255.255.255.0 | 255.255.255.0 | 0.0.0.0 | +----------------------+-------------------+-----------------+-----------------+ | Index | 1 | | | | Admin State | Enabled | | | | Oper State | Disabled | | | | Broadcast Address | 172.16.233.255 | | | | MAC Address | 00:03:18:8b:cf:5e | | | | VLAN | 0 | | | | Priority | 0 | | | | MTU | 1500 | | | +----------------------+-------------------+-----------------+-----------------+ ``` Out of the box you should be able to plug in, set you a IP in the subnet on your laptop, and telnet in. ### Managing users You can see the current users with: `user show` For example, with default users: ``` CN 3911> user show +--------- USER ACCOUNT TABLE -----+-------+ | Username | Privilege | Flags | +------------------+---------------+-------+ | su | super | DP | | user | limited | D | +------------------+---------------+-------+ ``` Removing the read-only user: `user delete user user` ``` CN 3911> user delete user user CN 3911> user show +--------- USER ACCOUNT TABLE -----+-------+ | Username | Privilege | Flags | +------------------+---------------+-------+ | su | super | DP | +------------------+---------------+-------+ ``` Adding a management user: ``` user create user labadmin access-level super password blah123 ``` Changing the password for the built-in user "su": ``` user set user su password blah123 ``` ### Software version and licenses Check OS version with: `software show` For example: ``` lab> software show +------------------------------------------------------------------------------+ | Software Information Slot #01 | +------------------------------------------------------------------------------+ | Installed Package : leos-04-08-00-0066 | | Running Package : leos-04-08-00-0066 | | Running Kernel : Build 4529 10:16:02 Sep 2 2009 C:\AR\BUILD_4529\ | | Running Application : Build 6830 04:54:20 Mar 24 2011 C:\AR\BUILD_6830\ | | Running MIB version : 02-08-00-0013 | | Release Status : CA | +------------------------------------------------------------------------------+ | Last command file: unknown | | Last configuration file: unknown | +------------------------------------------------------------------------------+ ``` Check feature licenses with: `software license show` For example: ``` CN 3911> software license show +-----------------------------------------------------------------------------+ | | | License | | Sequence | Days | | Feature Name |Status | Domain | Admin | Number | Remain| +------------------------------+-------+---------+-------+------------+-------+ | Base-Features |enable | | 00000 | 0000000000 | 00000 | | Advanced-Security |disable| | 00000 | 0000000000 | 00000 | | Advanced-Ethernet |disable| | 00000 | 0000000000 | 00000 | | Advanced-OAM |disable| | 00000 | 0000000000 | 00000 | +------------------------------+-------+---------+-------+------------+-------+ | Feature Name | License Key | +-----------------------------------------------------------------------------+ | Base-Features | | | Advanced-Security | | | Advanced-Ethernet | | | Advanced-OAM | | +-----------------------------------------------------------------------------+ ``` ## Optics I'm testing with a WWP-branded LX SFP and a [Hoyos Consulting](http://www.hoyosconsulting.com/)-branded GLC-T SFP that identifies as Cisco SFP. My LE-311v doesn't show a difference between the SFP modules. The 3911 shows a difference (GLC-T in 9, LX in 10): ``` CN 3911> port show +-----------------------------------------------------------------------------+ | Port Table | Operational Status | Admin Config | |--------+--------+----+--------------+----+---+-------+----+----+-------+----| | Port | Port | | Link State | | | |Auto| | |Auto| | Name | Type |Link| Duration |XCVR|STP| Mode |Neg |Link| Mode |Neg | +--------+--------+----+--------------+----+---+-------+----+----+-------+----| | 1 |10/100/G|Down| 0d 0h 0m 0s| |Dis| | On |Ena |1000/FD| On | | 2 |10/100/G|Down| 0d 0h 0m 0s| |Dis| | On |Ena |1000/FD| On | | 3 |10/100/G|Down| 0d 0h 0m 0s| |Dis| | On |Ena |1000/FD| On | | 4 |10/100/G|Down| 0d 0h 0m 0s| |Dis| | On |Ena |1000/FD| On | | 5 |10/100/G|Down| 0d 0h 0m 0s| |Dis| | On |Ena |1000/FD| On | | 6 |10/100/G|Down| 0d 0h 0m 0s| |Dis| | On |Ena |1000/FD| On | | 7 |10/100/G|Down| 0d 0h 0m 0s| |Dis| | On |Ena |1000/FD| On | | 8 |10/100/G|Down| 0d 0h 0m 0s| |Dis| | On |Ena |1000/FD| On | | 9 |Uncertif|Down| 0d 0h 0m 0s|UCTF|Dis| | On |Ena |Auto/FD| On | | 10 | Gig |Down| 0d 0h 0m 0s| |Dis| | On |Ena |Auto/FD| On | +--------+--------+----+--------------+----+---+-------+----+----+-------+----+ ``` You can see the type of transceiver with `port xcvr show`: ``` CN 3911> port xcvr show +----+-----+-----+---------Transceiver-Status------------+----------------+----+ | |Admin| Oper| |Ether Medium & |Diag| |Port|State|State| Vendor Name & Part Number |Connector Type |Data| +----+-----+-----+---------------------------------------+----------------+----+ |9 |Ena |UCTF |OEM SFP-T Rev11.0 |1000BASE-T/LC | | |10 |Ena | |WORLDWIDEPACKETS XCVR-010Y31 Rev10 |1000BASE-LX/LC | | +----+-----+-----+---------------------------------------+----------------+----+ ``` The port will still come up and pass traffic with a uncertified transceiver. --- © 2014 Jade Angrboða.