Posts from 2016-10-10

iSCSI storage - enable JUMBO frames for ESXi 4

You must create the vSwitch and change the MTU to 9000.  For this example, vSwitch7 will be the name you would replace with your own:

esxcfg-vswitch -a vSwitch7

Then, set the MTU of the vSwitch:

esxcfg-vswitch -m 9000 vSwitch7

esxcfg-vswitch -l - will list all the vSwitches on actual ESXi. It should look something like this:

Switch Name    Num Ports   Used Ports  Configured Ports  MTU     Uplinks

     vSwitch7             64                  1            64                 9000

iSCSI access is controlled by a VMkernel interface and assigned to a port group on the vSwitch.

So create the portgroup:

esxcfg-vswitch -A vSwitch7

Then create the VMkernel interface:

esxcfg-vmknic -a -i -n -m 9000

If you named the port group "iSCSI_storage", for example, and your IP is, the command would be like this:

esxcfg-vmknic -a -i -n -m 9000 iSCSI_storage

The last step is to add a physical NIC to the vSwitch.  This can be done via the GUI optionally:

esxcfg-vswitch -L vSwitch7

You must enable jumbo frames on your physical switch for this to work!

Backup ESXi firmware (configuration) with PowerCLI

Login directly to ESXi (or through vCenter server) with PowerCLI shell:

Connect-VIserver -Server IP_address

See help from cmdlet Set-VMHostFirmware:

Get-Help Set-VMHostFirmware

No more PERL scripts and nothing else...just PowerCLI and go...

For restore procedure you must put ESXi host into MAINTENANCE mode.



Set-VMHostFirmware -VMHost esxi_IP_address -BackupConfiguration -DestinationPath C:\ -Server vCenter_IP_address


Set-VMHostFirmware -VMHost esxi_IP_address -Restore -SourcePath C:\ -HostUser -HostPassword -Server vCenter_IP_address

VMware ESXi SSH access

After installing ESXi first thing to default it is disabled. By enabling it you must strictly know what are you doing. Here are basic steps:

- go to the ESXi console and press alt+F1

- type: unsupported

- enter the root password

- type vi /etc/inetd.conf

- look for the line that starts with #ssh

- uncoment - remove the #

- save /etc/inetd.conf by typing :wq!

- restart the management service /sbin/ restart

Call restriction in Cisco Callmanager

For solving problems related to call restriction in term of "you can call international countries and you can't, you can call only local numbers etc" the best way in callmanager configuration is to use calling search space. Following are the basic steps included in this kind of configuration - just one way to accomplish that fast:

- define Partition (Class of Control-->Partition...) with appropriate name INT, LOC for example

- define calling search space and join predefined partitions that are already created

- in Route pattern join adequate partition to it

- in Device under local number define calling search space that is already created

That's should work now...

Callmanager VMware - virtual MAC address change

Useful for some Voice tests and Demo labs in virtual environments - and off course totally unsupported:

- boot the CUCM server with CentOS Disk1 (for me it was CentOS, you could use something else...

- type linux rescue at the boot: prompt

use the chroot command to change the root to the CUCM partition

- chroot /mnt/sysimage

edit the eth0 configuration file

- vim /etc/sysconfig/network-scripts/ifcfg-eth0

add or change the MACADDR variable in the ifcfg-eth0 file

- MACADDR=xx:xx:xx:xx:xx:xx

- save and close (or write and quit) with the :wq option inside vim

edit the hardware config file

- vim /etc/sysconfig/hwconf

change the network.hwaddr variable

network.hwaddr: xx:xx:xx:xx:xx:xx

- save and close with the :wq option inside vim

- exit Linux rescue mode

After all, test to see if it's OK now

- login at CM console

- show network eth0 detail...

Callmanager MGCP gateway configuration


  •     add an MGCP gateway -- New Device/Gateway...
  •     configure the MGCP gateway
  •     add voice modules
  •     add VICs to the modules
  •     configure MGCP endpoints

IOS gateway configuration

AUTO (recommended):

ccm-manager config server --CM_TFTP_IP_ADDRESS

ccm-manager config 


Specify primary and redundant Unified CM servers

Configure global MGCP parameters

Enable MGCP on POTS dial-peers

Enable MGCP

Call manager and Call manager express digit wildcard match...most used

Unified Call manager digit matching:

  •     X - any single digit in range 0-9 (ex. 8000-8999)
  •     ! - single or more digits in range 0-9 (ex. 82! - 82999999999999)
  •     ? - 0 or more occurrences of the preceding digit
  •     + - 1 or more occurrences of the preceding digit
  •     [] - enclose a range of values
  •     . - used as a delimiter, separates CM access code from the DN

Call manager express digit matching:

  •     . - means a single digit.
  •     [0-9] - specifies a range
  •     .* - any digit followed by zero or more occurence, virtually any digit including null
  •     .+ - ny digit followed by one or more occurence, virtually any digit excluding null
  •     ^$ - no digits

CME examples:

/^123$/ /456/ - replaces only the number 123 as the source number with 456

/^123+/ /456/ - replaces any number that starts with 12 and has 1 or more occurence of 3 with 456

/.*/ /123/ - replaces any number with the number 123, including null

/^0\(.*\)/ /\1/ - remove zero in front of any number with variable length

CME advanced examples:

/^\(5..\)/ /1234\1/ - match numbers in 500-599 range and transform it in 1234500-1234599

/^0011\(.......\)/ /\1/ - removes 0011 from number so you can redial directly

Callmanager extension mobility feature

Summary steps for configuring Cisco Unified Communication manager (ex Callmanager) feature:

  •     multiple login not allowed but can be enabled in EM service parameter section
  •     create service for phones (CM6.1 Device/Device Settings/Phone services...)

LOGIN and LOGOUT service uses same URLhttp://CMipaddress/emapp/EMAppServlet?device=#DEVICENAME#

  •     check that exist default device profile for each type of IP phone
  •     create new user device profile with adequate DN number
  •     subscribe created profile to phone service already defined
  •     define user and associate with created profile
  •     enable Extension mobility for IP phones and define default logout profile


Cisco router IPSec site2site configuration task list

OK...I really need this. I can't memorize all of the router cli tasks, altough they are logical and follow the basic concept of Cisco IPSec site2site technology. Anyway, just in case...

  •     define transform-set
  •     define isakmp policy
  •     crypto ACL
  •     crypto MAP
  •     assign MAP to INTF
  •     define INTF ACL
  •     some kind of routing must exist...static or dynamic!

If everything went OK, then check established IPSec tunnel parameters with show crypto isakmp sa and show crypto ipsec sa.

vDS-vSS - standard2distributed virtual switch upgrade and restore commands

First of all...never test thing on production environment...never. I have 3 ESXi 4 servers, two of them on vDS switches and one on old fashion virtual standard switch. When I moved third one to vDS and after assigning vmnic's to appropriate dvPort groups I had problems with because it was urgent (Production), I decided to bring all back to vSS just for this one ESXi 4. If you make mistake and remove physical NIC from vDS you may lose management connectivity to server at all...which is bad. But here are some useful comands which you need to enter directly on ESXi console to restore basic connectivity and after that everything else in your environment:   

alt+F1, to access cmd line interface on ESXi   

type unsupported with your admin password

From cli now you can see your curent configuration:   

esxcfg-vswitch -l, list your curent DVSwitch, DVPort and vmnic names (if output after this cmd is to big and you can't see what you need use | grep or | less or | more options),   

esxcfg-vswitch -Q vmnic0 -V --dvport --dvSwitch, to unlink vmnic0 from vDS   

esxcfg-vswitch -L vmnic0 vSwitch0, link vmnic0 to vSwitch0

After this, you have your basic connectivity back and now you can proceed with vSphere client to finish everything you need...optionally, you could check you default gateway by editing /etc/sysconfig/network or adding default gateway with route add default --gateway address.