C H A P T E R 7 |
Diagnostics and Troubleshooting |
This chapter describes diagnostic tests and troubleshooting for the Sun Crypto Accelerator 1000 software. This chapter includes the following sections:
The SunVTS test dcatest, delivered in package SUNWdcav on the Sun Crypto Accelerator 1000 CD, operates with the core SunVTS test control and user interface, delivered in packages SUNWvts and SUNWvtsx on the Solaris Supplement CD, to provide diagnostics for the Sun Crypto Accelerator 1000 board.
Refer to the SunVTS documentation for instructions on how to run and monitor these diagnostics tests. These documents are available on the Solaris on Sun Hardware AnswerBook; which is provided on the Solaris Supplement CD for the Solaris release on your system.
Note - SunVTS can be used only if you have installed the SunVTS packages from the Solaris Supplement CD. |
1. As superuser, start SunVTS.
# /opt/SUNWvts/bin/sunvts |
Refer to the SunVTS User's Guide for detailed instructions on starting SunVTS.
The following instructions assume that you have started SunVTS using the CDE user interface.
2. On the SunVTS Diagnostic main window, set the System Map to Logical mode.
Note - Physical mode is supported; however, this procedure assumes you are using Logical mode. |
3. Disable all tests by clearing their check boxes.
4. Select the check box for Cryptography, then select the plus box for Cryptography to display all tests in the Cryptography group.
5. Clear check boxes in the Cryptography group that are not named dcatest.
Refer to the SunVTS documentation for the exact procedure. When the probe completes and a dcatest is displayed, continue to Step 6.
6. Click one of the instances of dcatest then right-click and drag to display the Test Parameter Options.
These options, which only pertain to the dcatest, are described in Test Parameter Options for dcatest.
7. After you have made all selections, click Apply from the Within Instance drop-down to change the selected instance of dcatest, or select Apply from the Across All Instances drop-down to change all checked instances of dcatest.
This action removes the pop-up and returns you to the Sun Diagnostic main window.
8. Click one of the instances of dcatest then right-click and drag to display the Test Execution Options.
An alternate method of displaying Test Execution Options is to click the Options drop-down main menu; then click Test Executions. These options are generic SunVTS controls that affect all tests. Refer to the SunVTS documentation for detailed information.
9. When you have made all selections, click Apply to remove the pop-up window and return to the Sun Diagnostic main window.
10. Click Start to run the selected tests.
11. Click Stop to stop all tests.
TABLE 7-1 describes the dcatest subtests.
If you choose to run dcatest from the command line instead of the CDE environment, then all arguments must be specified in the command-line string.
In 32-bit mode, the path to dcatest is /opt/SUNWvts/bin/. In 64-bit mode, the path to dcatest is /opt/SUNWvts/bin/sparcv9/.
All SunVTS standard options are supported from the command line interface for dcatest. Test-specific options are specified with the -o argument.
Refer to the SunVTS Test Reference Manual for a definition of the standard command-line arguments. The dcatest is a Functional Mode test; therefore, -f must be included. Include -u to display a usage message, or -v for VERBOSE messages. Items enclosed in square brackets denote optional entries.
The following is an example of invoking dcatest in 32-bit mode as a standalone program. The following command performs all subtests on dca0:
# /opt/SUNWvts/bin/dcatest -f -o dev=dca0,tl=3DES+RSA+DSA+RNG |
The following is an example of invoking dcatest in 64-bit mode from the SunVTS infrastructure. The following command tests RCA on dca2:
# /opt/SUNWvts/bin/sparcv9/dcatest -f -o dev=dca2,tl=RSA |
When running dcatest from the command line, omission of an option produces the default behavior for that option, as stated in TABLE 7-2.
To determine whether the Sun Crypto Accelerator 1000 device is listed in the system: from the OpenBoot PROM (OBP) prompt, type show-devs to display the list of devices. You should see lines in the list of devices, similar to the examples below, specific to the Sun Crypto Accelerator 1000 board:
ok show-devs . . . /pci@1f,0/pci@1/pci108e,5455@2 . . . |
In the above example, the pci108e,5455 identifies the device path to the Sun Crypto Accelerator 1000 board. There is no firmware on this board, so OBP level diagnostics are not available.
The Sun Crypto Accelerator 1000 board does not contain lights or other indicators to reflect cryptographic activity on the board. In order to determine whether cryptographic work requests are actually being performed on the board, use the kstat(1M) command to display the device usage:
Displaying the kstat information indicates whether cryptographic requests or "jobs" are being sent to the Sun Crypto Accelerator 1000 board. A change in the "jobs" values over time indicates that the board is accelerating cryptographic work requests sent to the Sun Crypto Accelerator 1000 board. If cryptographic work requests are not being sent to the board, verify your web server configuration per the web server specific configuration.
Do not attempt to interpret the kernel/driver statistic values returned by kstat(1M). These values are maintained within the driver to facilitate field support. The meanings and actual names may change over time.
Note - If the nostats property is defined in the /kernel/drv/dca.conf file, the capture and display of statistics will be disabled. This property may be used to help prevent traffic analysis. |
Copyright © 2002, Sun Microsystems, Inc. All rights reserved.