You all know that fancy Mode button located on every single non-modular Catalyst switch (Cisco 3750/3560). It gives you a way to visualize switchports information – like duplex mode, speed, stack member, master switch, PoE status and so on. This magic button also provides you with the only available method to enter a recovery mode (if enable password had been lost). All these features are well known to any Cisco engineer – this is the basis of CCNA course that relates to L2/switches subject. Now, imagine another not-so-well-known feature which can put you in the middle of the nightmare…
This happened to me. I had a simple change for a remote location that required to add one extra switch to the stack of access switches. It’s just 30 minutes of work (considering you’ve prepared the rest, i.e. IOS versions match) but it turned out to be 2 hours of the nightmare. I required to connect my laptop to the core switch to stay connected while the access switch is shutdown to perform cabling work. Since we have two core switches, I have configured a particular port on switch #2 and said to local support to press Mode button few times until the STACK led will light up to find the correct port. I bet it was a poor call quality that translated my request into “Press and Hold”. Thanks God it was a small branch office.
In 10 seconds the core switch stack automatically reloaded and came up as two factory default switches! I was kind of shocked (we only planned to have few minutes of downtime). It turned out to be a hidden feature of the Express Setup. If you “Press and Hold” Mode button for 10 seconds on the live switch it renames the startup-config to flash:config.text.renamed and reloads the switch with the following messages being sent to the Syslog:
*Mar 1 00:10:39.312: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram *Mar 1 00:10:40.327: %SYS-5-RELOAD: Reload requested by Hulc LED Process. Reload reason: Reason unspecified
I tried this later in my lab and it worked same way with only one exception – it haven’t renamed the config in my lab tests. It just deleted it. I believe the behavior is IOS dependent, but still – the switches were reloaded, config wiped, renamed – it doesn’t matter much.
You will probably think of this feature as a risk? Well, yes, it is! We have all network devices well secured in the communications rooms but you’ve already read my post – a simple miscommunication resulted in this issue.
To disable this functionality once and for all apply the following command under global configuration:
no setup express
C’mon, Cisco, this must have been made as FACTORY DEFAULT setting!