Enabling Administrative Services


There are many features of the Arista Networks fabric that require or can be enhanced using remote access. For example, when packets are written to a log file, you may want to transfer that file from a switch to a different system for analysis. Also, if you are creating a NetVM environment, an IOS image of the guest OS must be loaded on the switch.


You can enhance or modify several services such as SSH, NFS, Web, SNMP, SFTP. 

To check the status of various services, use the following command:


CLI (network-admin@Leaf-1) > admin-service-show


switch:                         Leaf-1

if:                                 mgmt

ssh:                         on

nfs:                         on

web:                         on

web-ssl:                         off

web-ssl-port:                 443

web-port:                 80

web-log:                         off

snmp:                         on

net-api:                         on

icmp:                         on

switch:                         Leaf-1

if:                                 data

ssh:                         on

nfs:                         on

web:                         on

web-ssl:                         off

web-ssl-port:                 443

web-port:                 80

web-log:                         off

snmp:                         on

net-api:                         on

icmp:                         on


To modify administrative services, use the command:


CLI (network-admin@Leaf-1) > admin-service-modify

admin-service-modify

Modifies services on the switch.

if if-string

Specify the administrative service interface. 
The options are mgmt or data.

ssh|no-ssh

Specify if you want to enable or disable SSH.

web|no-web

Specify if you want to enable web management. Use this option to enable REST API access over HTTP.

web-ssl|no-web-ssl

Specify if you want to use SSL and certificates for web services. Use this option to enable REST API access over HTTPS.

web-ssl-port web-ssl-port-number

Specify the web SSL port.

web-port web-port-number

Specify the port for web management.

web-log|no-web-log

Specify if you want to turn web logging on or off.

Note: This option is for use in debugging with Arista support’s guidance.

vrrp|no-vrrp

Specify if you want to enable or disable VRRP.

snmp|no-snmp

Specify if you want to enable or disable SNMP.

net-api|no-net-api

Specify if you want to enable or disable NetVisor API.

icmp|no-icmp

Specify if you want to enable or disable Internet Message Control Protocol (ICMP).


NetVisor OS supports the file transfer method, SFTP and  SFTP is enabled by default on NetVisor OS. Because SFTP relies on Secure Shell (SSH), you must enable SSH before enabling SFTP. 

To enable SSH, use the following command

CLI (network-admin@Leaf1) > admin-service-modify nic mgmt ssh


To enable SFTP, use the following command:

CLI (network-admin@Leaf1) > admin-sftp-modify enable


sftp password: <password>

confirm sftp password: <password>

 

The default SFTP username is sftp and the password can be changed using the admin-sftp-modify command:


CLI (network-admin@Leaf1) > admin-sftp-modify


sftp password: <password>

confirm sftp password: <password>


To display the details, use the following commands:


CLI (network-admin@Leaf-1) > admin-service-show


switch if   ssh nfs web web-ssl web-ssl-port web-port snmp net-api icmp

------ ---- --- --- --- ------- ------------ -------- ---- ------- ----

Leaf-1 mgmt on  off off off     443          80       on   off     on

Leaf-1 data on  off off off     443          80       on   off     on


admin-service-show: Fabric required. Please use fabric-create/join/show


CLI (network-admin@Leaf1) > admin-sftp-show


switch:     Leaf1

sftp-user:  sftp

enable:     yes

 

Use SFTP from a host to the switch, and login with the username sftp and the password configured for SFTP. Then you can download the available files or upload files to the switch.


CLI (network-admin@Leaf1) > admin-service-show


switch nic  ssh nfs web web-port snmp net-api icmp

------ ---- --- --- --- -------- ---- ------- ----

Leaf1  mgmt on  off on  80       off  on      on

north
    keyboard_arrow_up
    keyboard_arrow_down
    description
    print
    feedback
    support
    business
    rss_feed
    south