HP StorageWorks Fabric OS 6.2 administrator guide (5697-0016, May 2009)

ManualsBrandsHP ManualsStorageHP 8/80 Base (48) Full Fabric Ports Enabled SAN Switch

221

222

223

224

225

226

227

228

229

230

Fabric OS 6.2 administrator guide 227

Power-on Firmware Checksum Test

FIPS requires the checksums of the executables and libraries on the filesystem to be validated before Fabric

OS modules are launched. This is to make sure these files have not been changed after they are installed.

When firmware RPM packages are installed during firmwareDownload, the MD5 checksums of the

firmware files are stored in the RPM database on the filesystem. The checksums go through all of the files in

the RPM database. Every file compares its current checksum with the checksum that is in the RPM database.

If they are different, the command displays an output message informing you of the difference.

Because the validation may take up to a few minutes, it will not be performed during hot code load. It is

performed only after a cold reboot of the switch.

For more information on FIPS, see Chapter 4, ”Configuring advanced security features” on page 117.

Test and restore firmware on switches

Typically, users downgrade firmware after briefly evaluating a newer (or older) version and then restore the

original version of the firmware. Testing a new version of firmware in this manner ensures that you do not

replace existing firmware because the evaluated version occupies only one partition on the switch.

IMPORTANT: When you evaluate new firmware, make sure you disabled all features that are not

supported by the original firmware before restoring to the original version.

Testing a different firmware version on a switch

1. Verify that the FTP or SSH server is running on the host server and that you have a user ID on that

server.

2. Obtain the firmware file from http://www.hp.com

or switch support provider and store the file on the

FTP or SSH server.

3. Unpack the compressed files, preserving directory structures.

The firmware is in the form of RPM packages with names defined in a .plist file, that contains

specific firmware information and the names of packages of the firmware to be downloaded.

4. Connect to the switch and log in as admin.

5. Enter the firmwareShow command to view the current firmware.

6. Enter the firmwareDownload -s command to update the firmware and respond to the prompts as

follows:

switch:admin> firmwareDownload -s

Type of Firmware (FOS, SAS, or any application) [FOS]:

Server Name or IP Address: 192.168.32.10

Network Protocol (1-auto-select, 2-FTP, 3-SCP) [1]:

User Name: userfoo

File Name: /home/userfoo/v6.0.0

Password:

Do Auto-Commit after Reboot [Y]: n

Reboot system after download [N]: y

Firmware is being downloaded to the switch. This step may take up to 30

minutes.

Checking system settings for firmwaredownload...

cfgload attributes Select Yes. The following questions are displayed:

Enforce secure config Upload/Download: Select yes

Enforce signed firmware download: Select yes

Webtools

attributes

Default is no; press Enter to select default setting.

System Default is no; press Enter to select default setting.