Tuesday, January 28, 2014

Using USB Storage Devices Under Cisco IOS-XE

IOS-XE supports a limited number of usb-devices for storage.

These are mainly  USB thumb drives. I don't know if there's a hard limit on the size of the usb storage device that's supported, but I have  used up to 32gig-sized devices & on various ASR1K  devices.

Cisco has finally got inline with other network hardware vendors, who have always allowed active FileSystem mounting  ( e.g  what the folks at  Juniper, Arista, etc...... have done )


To mount the  usb device,  just stick it in  the USB slot. ( yes,   it's really that easy ! )


You don't have to worry about any un-mount options, but if you  are in fear of FileSystem corruption, you can enable  shell access,  and use the linux unmount command

( enabling  shell access  YMMV use at YOUR OWN RISK , CISCO strongly suggest you don't enable shell access!)

config t
   service  internal
   platform shell
end

You can use the following  cisco commands to validate it's mount;
  • dir usb0:
  • show usb0:
  • show usb-device 

or by executions of a combination of show_cmds or  linux  commands ( df , mount, ls ,etc.....)

 Examples;

IOS-XE show commands )




listing files on the usb0: device;



NOTE1: logging is NOT ALWAYS  output under 15.1.x code to show that the device was removed, which really sucks btw





  ( sample log entry  via syslog )


NOTE2:  a stand-alone cdrom will typically draw too much current and will NOT mount. This will generate a log message btw



NOTE3:  a stand-alone ext-USB-HDD will typically draw too much current and will NOT mount.  


( using linux via a shell )







( 32gig device  and our   proc entry for usb device )


So keep in mind, you have very limited capabilities within IOS-XE , and for the use of  usb-storage-devices.

Mounting a device to the linux kernel, give you greater access for log collections, gather ios-xe files, backups, and host of other hacks.


Ken Felix
Freelance Network / Security Engineer
kfelix  ----a---t---socpuppets ---d---o---t---com

     ^      ^
=(   ^   ^  )=
          o
       /     \

No comments:

Post a Comment