Installing Broadband Access Center
This chapter explains the procedures you must follow to install Cisco Broadband Access Center (BAC) in a Solaris operating system environment.
This chapter includes:
•Installing BAC
•Installing Components in Interactive Mode
•Installing Components in Noninteractive Mode
•Adding Components
Before you install BAC, ensure that you are ready by reviewing the checklist that Table 3-1 describes.
Table 3-1 Installation Checklist
|
|
1. Verify if your system meets the minimum system hardware and software requirements described in Chapter 1, "Overview." |
|
2. Ensure that you have root access to the computers on which you intend to install BAC components. |
|
3. Save your license file on the system from which you intend to launch the BAC administrator user interface via a web browser. You need a valid service license file to configure BAC licensing. |
|
4. Determine the home directory (BPR_HOME) in which you want to install the BAC component or components. The default directory is /opt/CSCObac. Ensure that the target installation directory has enough disk space.
Note We recommend that you have at least 350 MB of disk space available.
|
|
5. For the RDU, determine where you want to install the data directory (BPR_DATA) and the database logs (BPR_DBLOG). The default directory is /var/CSCObac. Ensure that the target installation directory has enough disk space.
Note We recommend that you locate the data directory on a different physical disk than the home directory; for example, /var/disk0/CSCObac. The disk should have at least 1 GB and up to 30 GB of free space. The installation program, by default, installs the data directory, the database transaction logs directory, and the logs directory in the same location. We recommend that you locate the database transaction logs directory on the fastest disk on the system. Also, ensure that 1 GB of disk space is available.
|
|
6. For the RDU, determine the listening port number. The RDU uses this interface to communicate with other BAC components, such as DPEs and Cisco Network Registrar extension points. The default port is 49187. |
|
7. For the RDU, determine the shared secret password that BAC servers on your network use as a token to authenticate communication with one another. The shared secret password should be the same for all BAC servers on your network. |
|
8. For the RDU, determine the ports through which you will access the administrator user interface using HTTP or HTTP over SSL (HTTPS). The default ports are: •8100 for HTTP •8443 for HTTPS |
|
9. Ensure that Network Registrar 7.0 is installed and running on the servers on which you are installing BAC extensions. Note To enable IPv6 support in BAC, you must install version 7.0 of Network Registrar. |
|
10. For the Network Registrar extensions, determine the name of the provisioning group to which the Network Registrar server belongs. |
|
11. For the Network Registrar extensions, determine where you want to install the data directory (BPR_DATA). The default directory is /var/CSCObac. |
|
12. Verify that you have the necessary Network Registrar configuration files. For an example of these configuration files, see Appendix A, "Network Registrar Configuration File Example." |
|
13. Verify that you have the necessary KDC servers available. |
|
14. Enable your machine to support IPv6. To enable IPv6, log in as root, and run:
# ifconfig intf inet6 plumb up
# ifconfig intf inet6 plumb up
# touch /etc/hostname6.intf
where intf identifies the interface on which you want to enable IPv6. |
|
Installing BAC
The initial steps in the BAC installation program are identical regardless of the component you are installing. This section describes how to work with the installation program and the initial installation steps.
To install BAC:
Step 1 Log in to the intended BAC host as root.
Step 2 At the Solaris system prompt, change directory to your CD-ROM drive or other installation media.
Ensure that the gzip and gtar utilities are available on your system to decompress and unpack the BAC installation file, and:
a. Change to the directory in which you will decompress and extract the installation file.
b. Decompress the file with the .gtar.gz extension. Enter:
gunzip -d BAC_400_SolarisK9.gtar.gz
c. Unpack the file with the .gtar extension that gunzip decompressed. Enter:
gtar -xvf BAC_400_SolarisK9.gtar
The utility creates the BAC_400_Solaris directory into which the installation program is extracted.
Note If the program displays a checksum error while unpacking, specify the path to the GNU tar on your machine.
Step 3 After the installation program is extracted, you can choose to install the components in interactive mode or noninteractive mode.
•Installing Components in Interactive Mode
•Installing Components in Noninteractive Mode
Installing Components in Interactive Mode
This section explains the procedures that you follow to install one or more BAC components interactively from the command line.
If you have not enabled IPv6 on your machine, a message similar to the following appears during installation:
Warning: IPv6 is not enabled on this system.
You can choose to enable IPv6 later, by running these commands:
# ifconfig intf inet6 plumb up
# ifconfig intf inet6 plumb up
# touch /etc/hostname6.intf
where intf identifies the interface on which you want to enable IPv6.
Note Before you begin any of these procedures, you must complete the initial procedure described in Installing BAC.
This section provides instructions on installing components in interactive mode:
•Installing the RDU in Interactive Mode
•Installing a DPE in Interactive Mode
•Installing Network Registrar Extensions in Interactive Mode
•Installing the KDC in Interactive Mode
Installing the RDU in Interactive Mode
Install the RDU on a server running Solaris 9 or 10 that meets the requirements described in Operating System Requirements, page 1-1. You should install the RDU on a high-end system that is the most reliable server in your network.
Note We recommend that you configure the RDU server to use a static IP address.
To install the RDU, complete the initial installation described in Installing BAC. Then:
Step 1 To start the installation program in interactive mode, enter:
# pkgadd -d install-path/BAC_400_Solaris/CSCObac.pkg CSCObac
where install-path specifies the complete path to the directory in which the BAC_400_Solaris directory has been created.
The installation program verifies that you have installed the required patches to the Solaris operating system. When the verification ends, welcome information appears.
Step 2 Press Enter to continue.
Step 3 When the installation program prompts you to select one or more components, at the RDU prompt, enter y and press Enter.
To skip installing a DPE, Network Registrar extension points, and the KDC, enter n and press Enter. You can choose to install these components later.
For example:
------------- Installation Components -----------
Regional distribution unit (RDU) (y/n)? [n] y
Device Provisioning Unit (DPE) (y/n)? [n]
Cisco Network Registrar extension points (y/n)? [n]
Key Distribution Center (KDC) (y/n)? [n]
The program prompts you to confirm the components that you want to install.
Step 4 Enter y and press Enter to continue.
BAC performs lease query requests by binding to the IP addresses and ports that are described in Table 3-2.
Table 3-2 Lease Query Address for Binding
|
|
|
IPv4 |
Wildcard1 |
67 |
IPv6 |
Wildcard |
547 |
If the installation program detects that either of these ports is being used by another process, it recommends that you use the dynamic ports that the operating system selects.
For example:
DHCPv4/DHCPv6 lease query port(s) (Udp/67 and Udp/547) is in use.
Configuring the RDU to use a dynamic port for DHCPv4/DHCPv6 lease query.
If port 67 and port 547 are available on the RDU, the installation program displays the home directory prompt.
Step 5 To accept the default directory, /opt/CSCObac, press Enter; or enter a different directory.
For example:
------------- Home Directory-----------
Home Directory Destination [/opt/CSCObac]
A confirmation prompt appears.
Step 6 To confirm the home directory location, enter y and press Enter.
The program prompts you to enter the data directory location.
Step 7 To accept the default directory, /var/CSCObac, press Enter; or enter a different directory.
For example:
------------- Data Directory-----------
DB Data Directory Destination [/var/CSCObac] /var/disk0/CSCObac
A confirmation prompt appears.
Step 8 To confirm the data directory location, enter y and press Enter.
The database log directory prompt appears.
Step 9 To accept the default directory, /var/CSCObac, press Enter; or enter another directory.
For example:
---------------- DB Log Directory ------------
DB Logs Directory Destination [/var/CSCObac] /var/disk1/CSCObac
A confirmation prompt appears.
Step 10 To confirm the directory, enter y and press Enter to continue.
The program prompts you to enter the information related to the RDU, specifically the IP address and the listening port.
While the installation program obtains the IP address of the RDU automatically, you must enter a value for the listening port. The listening port is the port number that the RDU uses to communicate with other BAC components, such as DPEs and Network Registrar extension points.
Step 11 To accept the default port number, 49187, press Enter; or enter another port number.
Caution
If you change the default listening port value, ensure that the new value does not conflict with any existing port assignments. Also, ensure that you configure all DPEs with the correct RDU port number. For details on configuring the DPE, refer to the
Cisco Broadband Access Center DPE CLI Reference, 4.0.
For example:
---------------- RDU information. ------------
Enter the IP address and the listening port of the Regional
Distribution Unit (RDU) associated with this installation.
Enter the Host/IP address and address of the listening port
RDU Listening Port [49187]
Step 12 Confirm the listening port number; enter y and press Enter to continue.
The program prompts you to enter the shared secret password.
Step 13 Enter the shared secret password that you want to use for authentication among BAC servers, and confirm the password.
Note You must use the same shared secret password for the RDU, all DPEs, and Network Registrar extension points in your network.
For example:
Enter the password to be used for authentication between the BAC servers.
Enter the shared secret password [] <changeme>
Enter the shared secret password again [] <changeme>
Step 14 Press Enter to continue.
The program displays the parameters you have selected to install the RDU.
Step 15 Enter y and press Enter to confirm the installation parameters.
For example:
Home directory:/opt/CSCObac
Data directory:/var/disk0/CSCObac
DB Log directory:/var/disk1/CSCObac
The program prompts you to enter the HTTP port for the administrator user interface.
Step 16 To accept the default port, 8100, press Enter; or enter another port number.
For example:
Please enter Admin UI http port [8100]
Step 17 Confirm the HTTP port; enter y and press Enter.
For example:
------------------Confirmation--------------------
Is this correct(y/n/q)? [y]
The program prompts you to enter the HTTPS port for the user interface.
Step 18 To accept the default port, 8443, press Enter; or enter another port number.
For example:
Please enter Admin UI https port [8443]
Step 19 Confirm the HTTPS port; enter y and press Enter.
The program displays the parameters you have selected to install the administrator user interface.
Step 20 Enter y and press Enter.
For example:
---------------------Confirmation--------------------
Is this correct(y/n/q)? [y]
The program prompts you to continue with the installation because the scripts used in the installation package run with superuser permissions.
Step 21 Enter y and press Enter.
For example:
This package contains scripts which will be executed with superuser
permission during the process of installing this package.
Do you want to continue with the installation of <CSCObac> [y,n,?] y
After successful installation, the following message appears:
Installation of <CSCObac> was successful
Installing a DPE in Interactive Mode
Install the DPE on a server running Solaris 9 or 10 that meets the requirements described in Operating System Requirements, page 1-1.
Note We recommend that you configure the DPE server to use a static IP address.
During DPE installation, if the program detects a TFTP server or a ToD server running on the same server as the DPE, the installation displays an error message and quits. To kill the TFTP or ToD server, carry out the steps that the error message lists.
To install the DPE, complete the initial installation described in Installing BAC. Then:
Step 1 To start the installation program in interactive mode, enter:
# pkgadd -d install-path/BAC_400_Solaris/CSCObac.pkg CSCObac
where install-path specifies the complete path to the directory in which the BAC_400_Solaris directory has been created.
The installation program verifies that you have installed the required patches to the Solaris operating system. When the verification ends, welcome information appears.
Step 2 Press Enter to continue.
Step 3 When the installation program prompts you to select one or more components, at the DPE prompt, enter y and press Enter.
To skip installing the RDU, Network Registrar extension points, and the KDC, enter n and press Enter.
For example:
------------- Installation Components -----------
Regional distribution unit (RDU) (y/n)? [n]
Device Provisioning Unit (DPE) (y/n)? [n] y
Cisco Network Registrar extension points (y/n)? [n]
Key Distribution Center (KDC) (y/n)? [n]
The program prompts you to confirm the components that you want to install.
Step 4 Enter y and press Enter to continue.
The home directory prompt appears.
Step 5 To accept the default directory, /opt/CSCObac, press Enter; or enter another directory.
For example:
------------- Home Directory-----------
Home Directory Destination [/opt/CSCObac]
Step 6 Confirm the directory location; enter y and press Enter.
The data directory prompt appears.
Step 7 To accept the default directory, /var/CSCObac, press Enter; or enter another directory.
For example:
------------- Data Directory-----------
DB Data Directory Destination [/var/CSCObac]
Step 8 Confirm the directory location; enter y and press Enter.
The program prompts you to enter the shared secret password.
Step 9 Enter the shared secret password that you want to use for authentication between the BAC servers.
Note You must use the same shared secret password for the RDU, all DPEs, and Network Registrar extension points in your network.
For example:
Enter the password to be used for authentication between the BAC servers.
Enter the shared secret password [] <changeme>
Step 10 Reenter the password for confirmation, and press Enter.
The program prompts you to confirm the installation because the scripts used in the installation package run on superuser (root) permissions.
Step 11 Enter y and press Enter.
Note If you choose not to proceed, the following message appears and the installation quits:
Installation of <CSCObac> was terminated due to user request.
No changes were made to the system.
The program begins the installation process. After successful installation, the following message appears:
Installation of <CSCObac> was successful
Installing Network Registrar Extensions in Interactive Mode
Install BAC extensions on all Network Registrar servers in your BAC environment. If you are deploying BAC in a failover environment, you also must install the extensions on the failover servers. After you install extensions, you must configure them. This section explains how to install, configure, and validate these extensions.
Note We recommend that you configure the Network Registrar server to use a static IP address.
Before you install Network Registrar extensions, complete the initial installation described in Installing BAC. Also, ensure that Network Registrar is running. Then:
Step 1 To start the installation program in interactive mode, enter:
# pkgadd -d install-path/BAC_400_Solaris/CSCObac.pkg CSCObac
where install-path specifies the complete path to the directory in which the BAC_400_Solaris directory has been created.
The installation program verifies that you have installed the required patches to the Solaris operating system. When the verification ends, welcome information appears.
Step 2 Press Enter to continue.
Step 3 When the installation program prompts you to select one or more components, at the Network Registrar Extension Points prompt, enter y and press Enter.
To skip installing the RDU, a DPE, and the KDC, enter n and press Enter.
For example:
------------- Installation Components -----------
Regional distribution unit (RDU) (y/n)? [n]
Device Provisioning Unit (DPE) (y/n)? [n]
Cisco Network Registrar extension points (y/n)? [n] y
Key Distribution Center (KDC) (y/n)? [n]
Note The installation program validates your Network Registrar installation. You must install Network Registrar 7.0 on your server. If the required version is not installed, the installation process terminates, and you must upgrade to the required Network Registrar version before proceeding.
The program prompts you to confirm the components that you want to install.
Step 4 Enter y and press Enter to continue.
The home directory prompt appears.
Step 5 To accept the default directory, /opt/CSCObac, press Enter; or enter another directory.
For example:
------------- Home Directory-----------
Home Directory Destination [/opt/CSCObac]
The program then prompts you to confirm the directory.
Step 6 Press y and Enter to continue.
The data directory prompt appears.
Step 7 To accept the default directory, /var/CSCObac, press Enter; or enter another directory.
Note The installation program, by default, installs the data directory (BPR_DATA) on a different directory than the home directory (BPR_HOME). We recommend that the data directory be on a different physical disk than the home directory; for example, /var/disk0/CSCObac.
For example:
------------- Data Directory-----------
DB Data Directory Destination [/var/CSCObac] /var/disk0/CSCObac
Step 8 To confirm the directory, enter y and press Enter.
The program prompts you to enter information on the RDU required to install the extensions.
Step 9 Enter the IP address (or hostname) and the listening port of the host on which you have installed the RDU. To accept the default information, press Enter; or enter alternative information.
For example:
---------------- CNR EP Info. ------------
Enter RDU IP Address or Hostname [bachost-rdu.example.com]
Enter RDU Listening Port [49187]
You are then prompted to enter the name of the extension point provisioning group.
Step 10 Enter the name of the Network Registrar extension point group.
For example:
Enter the Cisco Network Registrar extension point provisioning group.
This a required field. The value you specify must contain only alphanumeric
characters without spaces and not exceed 10 characters in length. You can use
the BAC command-line tool to change this value after you complete this
Enter Extension Point Provisioning Group [] group1
The program then asks you if you intend to provision PacketCable or voice technology devices.
Step 11 Enter y and press Enter if you are using PacketCable devices; press Enter if you are not.
For example:
Are you going to use devices that support PacketCable voice technology? [n]
If you enter n, go to Step 15. If you entered y, the program prompts you to enter several voice technology properties.
Step 12 Enter details on the KDC realm name, the IP addresses for the primary and secondary DHCP servers, and the primary and secondary DNS servers.
For example:
Note The warning in this example appears if there is more than one interface on your system.
---------------- PacketCable Configuration ------------
Enter KDC realm Name [EXAMPLE.COM]
Warning: There is more than one interface on this system. Default to the 10.10.10.1
Enter IP Address for Secondary DHCP [10.10.10.1]
Enter IP Address for Primary DNS [10.10.10.3]
Enter IP Address for Secondary DHCP [10.10.10.2]
Enter IP Address for Secondary DNS [10.10.10.4]
Step 13 Confirm the information; enter y and press Enter.
Step 14 Press Enter to continue.
Step 15 Enter the shared secret password that you want to use for authentication among BAC servers. You must use the same shared secret password for all BAC servers on your network.
For example:
Enter the password to be used for authentication between the BAC servers.
Enter the shared secret password [] <changeme>
Enter the shared secret password again [] <changeme>
Step 16 Press Enter.
The program displays the installation parameters you have selected.
Step 17 Enter y and press Enter to confirm the parameters, and install the Network Registrar extensions.
For example:
========== Confirmation ==========
RDU IP Address: 10.10.10.10
Extension Point Provisioning Group: group1
Step 18 Press Enter to continue.
The program prompts you to confirm the installation because the scripts used in the installation package run on superuser (root) permissions.
Step 19 Enter y and press Enter.
For example:
This package contains scripts which will be executed with superuser
permission during the process of installing this package.
Do you want to continue with the installation of <CSCObac> [y,n,?] y
The installation proceeds, and displays the following message after successful installation:
Installation of <CSCObac> was successful
Configuring Extensions
After you install the BAC extensions on the Network Registrar server, you must configure the extensions. The procedure described in this section assumes that:
•The BAC component is installed in /opt/CSCObac.
•Network Registrar is installed in /opt/nwreg2.
•The Network Registrar username is admin and the password is changeme.
To configure extensions:
Step 1 Log in to the Network Registrar server, with root access.
Step 2 At the command line, enter:
# NR_HOME/local/usrbin/nrcmd -N admin -P changeme -b <
BAC_HOME/cnr_ep/bin/bpr_cnr_enable_extpts.nrcmd
Step 3 To reload the Network Registrar server, enter:
# /etc/init.d/nwreglocal stop
# /etc/init.d/nwreglocal start
Alternatively, to reload the DHCP server alone, enter:
# NR_HOME/local/usrbin/nrcmd -N admin -P changeme "dhcp reload"
Note Before you can use the Network Registrar server, you must configure client classes, scope-selection tags, policies, and scopes. In an IPv6 environment, you must configure links and prefixes as well. Refer to the User Guide for Cisco Network Registrar 7.0.
Validating Extensions
To validate the extensions installed on the Network Registrar server, from the Network Registrar Command Line Tool (nrcmd), run:
Note Depending on whether you installed a local or regional cluster, the nrcmd tool is located in:
•Local—/opt/nwreg2/local/usrbin
•Regional—/opt/nwreg2/regional/usrbin
file = libdexextension.so
file = libbprextensions.so
init-args = BPR_HOME=/opt/CSCObac,BPR_DATA=/var/CSCObac
entry = bprExecuteExtension
file = libbprextensions.so
init-entry = initExtPoint
Note The BPR_HOME and BPR_DATA values may be different in your installation.
Also in the nrcmd program, run:
nrcmd> dhcp listextensions
post-packet-decode: dexdropras
pre-packet-encode: prePacketEncode
pre-client-lookup: preClientLookup
Installing the KDC in Interactive Mode
You must install the KDC only when configuring a system to support voice technology operations.
Install the KDC on a Solaris 9 or 10 server that meets the requirements described in Operating System Requirements, page 1-1. For performance reasons, you should install the KDC on a separate server.
To install the KDC, complete the initial installation described in Installing BAC. Then:
Step 1 To start the installation program in interactive mode, enter:
# pkgadd -d install-path/BAC_400_Solaris/CSCObac.pkg CSCObac
where install-path specifies the complete path to the directory in which the BAC_400_Solaris directory has been created.
The installation program verifies that you have installed the required patches to the Solaris operating system. When the verification ends, welcome information appears.
Step 2 Press Enter to continue.
Step 3 When the installation program prompts you to select one or more components, at the KDC prompt, enter y and press Enter.
To skip installing the RDU, a DPE, and the Network Registrar extension points, enter n and press Enter.
For example:
------------- Installation Components -----------
Regional distribution unit (RDU) (y/n)? [n]
Device Provisioning Unit (DPE) (y/n)? [n]
Cisco Network Registrar extension points (y/n)? [n]
Key Distribution Center (KDC) (y/n)? [n] y
Step 4 Confirm the components that you want to install; enter y and press Enter.
The home directory prompt appears.
Step 5 To accept the default directory, /opt/CSCObac, press Enter; or enter another directory.
For example:
------------- Home Directory-----------
Home Directory Destination [/opt/CSCObac]
A confirmation prompt appears.
Step 6 Enter y and press Enter.
The data directory prompt appears.
Step 7 To accept the default directory, /var/CSCObac, press Enter; or enter another directory.
For example:
------------- Data Directory-----------
DB Data Directory Destination [/var/CSCObac]
Step 8 To confirm, enter y and press Enter.
The KDC Configuration prompt appears.
Step 9 Enter the KDC interface address, the fully qualified domain name (FQDN), and the Kerberos realm name. The realm name should be consistent with the realm you give to the DPEs that belong to this provisioning group.
For example:
Note The warning in this example appears if there is more than one interface on your system.
---------------- KDC Configuration ------------
Key Distribution Center (KDC) Realm Name
Enter the Kerberos realm name for the KDC:
The realm name should be consistent with the realm you give to DPEs in this
provisioning group.
Warning: There is more than one interface on this system. Default to the 10.10.10.22
KDC Interface Address [10.10.10.22]:
KDC FQDN [bachost.example.com]:
Step 10 To confirm your entry and continue, enter y and press Enter.
The program prompts you to enter a password to generate the KDC service key.
Step 11 For each DPE, enter a password from 6 to 20 characters. The KDC service key mentioned here is one that you must generate on the DPE and the KDC to enable communication between the two components. To generate this service key, the password that you enter for the KDC must match the one that you enter for the corresponding DPE; otherwise, the DPE does not function.
For example:
Enter Password to generate Service-Key [] 12345678901234567890
Note To generate the service key on the:
•DPE, use the service packetcable 1..1 registration kdc-service-key command from the DPE CLI. For details, refer to the Cisco Broadband Access Center DPE CLI Reference 4.0.
•KDC, use the KeyGen tool. For details, refer to the Cisco Broadband Access Center Administrator Guide 4.0.
Step 12 Press Enter.
Step 13 To confirm and continue, enter y and press Enter.
The program prompts you to enter the DPE FQDN.
Step 14 Enter the FQDN of the DPE, and press Enter.
For example:
Enter Your DPE FQDN [] bac-dpe1.example.com
Step 15 Enter y and press Enter to confirm and continue.
Step 16 To add another DPE, enter y and press enter, or enter n and press Enter. The installation program uses the same voice technology shared key for all DPEs.
The program prompts you to confirm the installation because the scripts used in the installation package run on superuser (root) permissions.
Step 17 Enter y and press Enter.
For example:
This package contains scripts which will be executed with superuser
permission during the process of installing this package.
Do you want to continue with the installation of <CSCObac> [y,n,?] y
The installation proceeds, and displays the following message after successful installation:
Installation of <CSCObac> was successful
Caution
After installing the KDC, install the licenses and the chain of certificates; otherwise, you cannot launch the KDC.
Installing Components in Noninteractive Mode
This section explains the procedures that you follow to install one or more BAC components from the command line in noninteractive mode.
In order to install BAC in noninteractive mode, you must first generate a response file, in which you store values for installing a component. You then use the response file as input while installing that component. For subsequent installations of the same component, you only need to use a single command, which removes all installation prompts and installs the component using the values contained in the response file.
To install BAC in noninteractive mode, you must perform two steps, each of which is described in detail in subsequent sections:
1. Generate a response file, using:
# pkgask -r response -d install-path/BAC_400_Solaris/CSCObac.pkg CSCObac
where install-path specifies the complete path to the directory in which the BAC_400_Solaris directory has been created.
Running this command does not install BAC on your system; it only generates the response file in which you store values for installation.
Note that there can only be one response file. As a result, you can use the response file only to install the component for which you generate the response file. If you want to install another component, you must generate a response file for that component and install that component using the response file generated for it.
For example, if you generate a response file to install the DPE and, subsequently, you want to install Network Registrar extensions, you must generate a response file separately to install Network Registrar extensions. You cannot use the response file that you generated to install the DPE to install Network Registrar extensions.
2. After you generate the response file, start the installation program in noninteractive mode, using:
# pkgadd -n -r response -a BAC_400_Solaris/bacadmin -d BAC_400_Solaris/CSCObac.pkg
For subsequent installations of the same component, you only need to run this pkgadd command.
If you have not enabled IPv6 on the machine, a warning message similar to the following appears:
Warning: IPv6 is not enabled on this system.
You can choose to enable IPv6 later, by running these commands:
# ifconfig intf inet6 plumb up
# ifconfig intf inet6 plumb up
# touch /etc/hostname6.intf
where intf identifies the interface on which you want to enable IPv6.
Note Before you begin any of the procedures described in this section, complete the initial installation procedure described in Installing BAC.
This section provides instructions on installing components in noninteractive mode:
•Installing the RDU in Noninteractive Mode
•Installing a DPE in Noninteractive Mode
•Installing Network Registrar Extensions in Noninteractive Mode
•Installing the KDC in Noninteractive Mode
Installing the RDU in Noninteractive Mode
Install the RDU on a server running Solaris 9 or 10 that meets the requirements described in Operating System Requirements, page 1-1. You should install the RDU on a high-end system that is the most reliable server in your network.
Note We recommend that you configure the RDU server to use a static IP address.
To install the RDU, complete the initial installation described in Installing BAC. Then complete these procedures:
•Generating the Response File for the RDU
•Installing the RDU Using the Response File
Generating the Response File for the RDU
Use this procedure to generate a response file for RDU installation:
Step 1 To generate the response file, enter:
# pkgask -r response -d install-path/BAC_400_Solaris/CSCObac.pkg CSCObac
where install-path specifies the complete path to the directory in which the BAC_400_Solaris directory has been created.
Note The response file is created in the directory in which you run the pkgask -r command. If you want the response file to be generated in a specific location, enter:
# pkgask -r response-file-path -d CSCObac.pkg
where response-file-path specifies the path to the directory in which you want the response file to be generated; for example, /tmp/response. You can also give the response file any name; for example, outputFile.
The installation program verifies that you have installed the required patches to the Solaris operating system. When the verification ends, welcome information appears.
Step 2 Press Enter to continue.
Step 3 When the installation program prompts you to select one or more components, at the RDU prompt, enter y and press Enter.
To skip installing a DPE, Network Registrar extension points, and the KDC, enter n and press Enter. You can choose to install these components later.
For example:
------------- Installation Components -----------
Regional distribution unit(RDU) (y/n)? [n] y
Device Provisioning Unit (DPE) (y/n)? [n]
Cisco Network Registrar extension points (y/n)? [n]
Key Distribution Center (KDC) (y/n)? [n]
The program prompts you to confirm the components that you want to install.
Step 4 Enter y and press Enter to continue.
BAC performs lease query requests by binding to the IP addresses and ports that are described in Table 3-3.
Table 3-3 Lease Query Address for Binding
|
|
|
IPv4 |
Wildcard1 |
67 |
IPv6 |
Wildcard |
547 |
If the installation program detects that either of these ports is being used by another process, it recommends that you use the dynamic ports that the operating system selects.
For example:
DHCPv4/DHCPv6 lease query port(s) (Udp/67 and Udp/547) is in use.
Configuring the RDU to use a dynamic port for DHCPv4/DHCPv6 lease query.
If port 547 and port 67 are available, the installation program displays the home directory prompt.
Step 5 To accept the default directory, /opt/CSCObac, press Enter; or enter a different directory.
For example:
------------- Home Directory-----------
Home Directory Destination [/opt/CSCObac]
A confirmation prompt appears.
Step 6 To confirm the home directory location, enter y and press Enter.
The program prompts you to enter the data directory location.
Step 7 To accept the default directory, /var/CSCObac, press Enter; or enter a different directory.
For example:
------------- Data Directory-----------
DB Data Directory Destination [/var/CSCObac] /var/disk0/CSCObac
A confirmation prompt appears.
Step 8 To confirm the data directory location, enter y and press Enter.
The database log directory prompt appears.
Step 9 To accept the default directory, /var/CSCObac, press Enter; or enter another directory.
For example:
---------------- DB Log Directory ------------
DB Logs Directory Destination [/var/CSCObac] /var/disk1/CSCObac
A confirmation prompt appears.
Step 10 To confirm the directory, enter y and press Enter to continue.
The program prompts you to enter the information related to the RDU, specifically the IP address and the listening port.
While the installation program obtains the IP address of the RDU automatically, you must enter a value for the listening port. The listening port is the port number that the RDU uses to communicate with other BAC components, such as DPEs and Network Registrar extension points.
Step 11 To accept the default port number, 49187, press Enter; or enter another port number.
Caution
If you change the default listening port value, ensure that the new value does not conflict with any existing port assignments. Also, ensure that you configure all DPEs with the correct RDU port number. For details on configuring the DPE, refer to the
Cisco Broadband Access Center DPE CLI Reference, 4.0.
For example:
---------------- RDU information. ------------
Enter the IP address and the listening port of the Regional
Distribution Unit (RDU) associated with this installation.
Enter the Host/IP address and address of the listening port
RDU Listening Port [49187]
Step 12 Confirm the listening port number; enter y and press Enter to continue.
The program prompts you to enter the shared secret password.
Step 13 Enter the shared secret password that you want to use for authentication among BAC servers, and confirm the password.
Note You must use the same shared secret password for the RDU, all DPEs, and Network Registrar extension points in your network.
For example:
Enter the password to be used for authentication between the BAC servers.
Enter the shared secret password [] <changeme>
Enter the shared secret password again [] <changeme>
Step 14 Press Enter to continue.
The program displays the parameters you have selected to install the RDU.
Step 15 Enter y and press Enter to confirm the installation parameters.
For example:
Home directory:/opt/CSCObac
Data directory:/var/disk0/CSCObac
DB Log directory:/var/disk1/CSCObac
The program prompts you to enter the HTTP port for the administrator user interface.
Step 16 To accept the default port, 8100, press Enter; or enter another port number.
For example:
Please enter Admin UI http port [8100]
Step 17 Confirm the HTTP port; enter y and press Enter.
For example:
------------------Confirmation--------------------
Is this correct(y/n/q)? [y]
The program prompts you to enter the HTTPS port for the user interface.
Step 18 To accept the default port, 8443, press Enter; or enter another port number.
For example:
Please enter Admin UI https port [8443]
Step 19 Confirm the HTTPS port; enter y and press Enter.
The program displays the parameters you have selected to install the administrator user interface.
Step 20 To confirm the parameters, enter y and press Enter.
For example:
---------------------Confirmation--------------------
Is this correct(y/n/q)? [y]
Step 21 To continue, press Enter.
A message appears indicating that a response file has been created.
For example:
Response file </tmp/response> was created.
Processing of request script was successful.
Installing the RDU Using the Response File
After you generate the response file for the RDU, you can subsequently install the RDU using the following command:
# pkgadd -n -r response -a BAC_400_Solaris/bacadmin -d BAC_400_Solaris/CSCObac.pkg CSCObac
Once you run the above command, the program installs the RDU. After successful installation, the following message appears:
# Linking /etc/rc2.d/S81bprAgent to /etc/init.d/bprAgent
# Linking /etc/rc1.d/K05bprAgent to /etc/init.d/bprAgent
# Linking /etc/rc0.d/K05bprAgent to /etc/init.d/bprAgent
Starting BAC Process Watchdog...
BAC Process Watchdog has started.
Installation of <CSCObac> was successful.
Installing a DPE in Noninteractive Mode
Install the DPE on a server running Solaris 9 or 10 that meets the requirements described in Operating System Requirements, page 1-1.
Note We recommend that you configure the DPE server to use a static IP address.
During DPE installation, if the program detects a TFTP server or a ToD server running on the same server as the DPE, the installation displays an error message and quits. To kill the TFTP or ToD server, carry out the steps that the error message lists.
To install the DPE, complete the initial steps described in Installing BAC. Then complete these procedures:
•Generating the Response File for the DPE
•Installing the DPE Using the Response File
Generating the Response File for the DPE
Use this procedure to generate a response file for DPE installation:
Step 1 To generate the response file, enter:
# pkgask -r response -d install-path/BAC_400_Solaris/CSCObac.pkg CSCObac
where install-path specifies the complete path to the directory in which the BAC_400_Solaris directory has been created.
Note The response file is created in the directory in which you run the pkgask -r command. If you want the response file to be generated in a specific location, enter:
#
pkgask -r response-file-path -d CSCObac.pkg
where response-file-path specifies the path to the directory in which you want the response file to be generated; for example, /tmp/response. You can also give the response file any name; for example, outputFile.
The installation program verifies that you have installed the required patches to the Solaris operating system. When the verification ends, welcome information appears.
Step 2 Press Enter to continue.
Step 3 When the installation program prompts you to select one or more components, at the DPE prompt, enter y and press Enter.
To skip installing the RDU, Network Registrar extension points, and the KDC, enter n and press Enter.
For example:
------------- Installation Components -----------
Regional distribution unit(RDU) (y/n)? [n]
Device Provisioning Unit (DPE) (y/n)? [n] y
Cisco Network Registrar extension points (y/n)? [n]
Key Distribution Center (KDC) (y/n)? [n]
The program prompts you to confirm the components that you want to install.
Step 4 Enter y and press Enter to continue.
The home directory prompt appears.
Step 5 To accept the default directory, /opt/CSCObac, press Enter; or enter another directory.
For example:
------------- Home Directory-----------
Home Directory Destination [/opt/CSCObac]
Step 6 Confirm the directory location; enter y and press Enter.
The data directory prompt appears.
Step 7 To accept the default directory, /var/CSCObac, press Enter; or enter another directory.
For example:
------------- Data Directory-----------
DB Data Directory Destination [/var/CSCObac]
Step 8 Confirm the directory location; enter y and press Enter.
The program prompts you to enter the shared secret password.
Step 9 Enter the shared secret password that you want to use for authentication between the BAC servers. You must use the same shared secret password for the RDU, all DPEs, and Network Registrar extension points in your network.
For example:
Enter the password to be used for authentication between the BAC servers.
Enter the shared secret password [] <changeme>
Step 10 Reenter the password for confirmation, and press Enter.
A message appears indicating that a response file has been created.
For example:
Response file </tmp/response> was created.
Processing of request script was successful.
Installing the DPE Using the Response File
After you generate the response file for the DPE, you can subsequently install DPEs using the following command:
# pkgadd -n -r response -a BAC_400_Solaris/bacadmin -d BAC_400_Solaris/CSCObac.pkg CSCObac
Once you run the above command, the program installs the DPE. After successful installation, the following message appears:
# Linking /etc/rc2.d/S81bprAgent to /etc/init.d/bprAgent
# Linking /etc/rc1.d/K05bprAgent to /etc/init.d/bprAgent
# Linking /etc/rc0.d/K05bprAgent to /etc/init.d/bprAgent
Starting BAC Process Watchdog...
BAC Process Watchdog has started.
Installation of <CSCObac> was successful.
Installing Network Registrar Extensions in Noninteractive Mode
Install BAC extensions on all Network Registrar servers in your BAC environment. If you are deploying BAC in a failover environment, you also must install the extensions on the failover servers. After you install extensions, you must configure them. This section explains how to install, configure, and validate these extensions.
Note We recommend that you configure the Network Registrar server to use a static IP address.
Before you install Network Registrar extensions, complete the initial installation described in Installing BAC. Also, ensure that Network Registrar is running. Then, complete the procedures described in this section:
•Generating the Response File for Network Registrar Extensions
•Installing Network Registrar Extensions Using the Response File
Generating the Response File for Network Registrar Extensions
Use this procedure to generate a response file to install Network Registrar extensions:
Step 1 To generate the response file, enter:
# pkgask -r response -d install-path/BAC_400_Solaris/CSCObac.pkg CSCObac
where install-path specifies the complete path to the directory in which the BAC_400_Solaris directory has been created.
Note The response file is created in the directory in which you run the pkgask -r command. If you want the response file to be generated in a specific location, enter:
#
pkgask -r response-file-path -d CSCObac.pkg
where response-file-path specifies the path to the directory in which you want the response file to be generated; for example, /tmp/response. You can also give the response file any name; for example, outputFile.
The installation program verifies that you have installed the required patches to the Solaris operating system. When the verification ends, welcome information appears.
Step 2 Press Enter to continue.
Step 3 When the installation program prompts you to select one or more components, at the Network Registrar Extension Points prompt, enter y and press Enter.
To skip installing the RDU, a DPE, and the KDC, enter n and press Enter.
For example:
------------- Installation Components -----------
Regional distribution unit(RDU) (y/n)? [n]
Device Provisioning Unit (DPE) (y/n)? [n]
Cisco Network Registrar extension points (y/n)? [n] y
Key Distribution Center (KDC) (y/n)? [n]
Note The installation program validates your Network Registrar installation. You must install Network Registrar 7.0 on your server. If the required version is not installed, the installation process terminates, and you must upgrade to the required Network Registrar version before proceeding.
The program prompts you to confirm the components that you want to install.
Step 4 Enter y and press Enter to continue.
The home directory prompt appears.
Step 5 To accept the default directory, /opt/CSCObac, press Enter; or enter another directory.
For example:
------------- Home Directory-----------
Home Directory Destination [/opt/CSCObac]
The program then prompts you to confirm the directory.
Step 6 Press y and Enter to continue.
The data directory prompt appears.
Step 7 To accept the default directory, /var/CSCObac, press Enter; or enter another directory.
Note The installation program, by default, installs the data directory (BPR_DATA) on a different directory than the home directory (BPR_HOME). We recommend that the data directory be on a different physical disk than the home directory; for example, /var/disk0/CSCObac.
For example:
------------- Data Directory-----------
DB Data Directory Destination [/var/CSCObac] /var/disk0/CSCObac
Step 8 To confirm the directory, enter y and press Enter.
The program prompts you to enter information on the RDU required to install the extensions.
Step 9 Enter the IP address (or hostname) and the listening port of the host on which you have installed the RDU. To accept the default information, press Enter; or enter alternative information.
For example:
---------------- CNR EP Info. ------------
Enter RDU IP Address or Hostname [bachost-rdu.example.com]
Enter RDU Listening Port [49187]
You are then prompted to enter the name of the extension point provisioning group.
Step 10 Enter the name of the Network Registrar extension point group.
For example:
Enter the Cisco Network Registrar extension point provisioning group.
This a required field. The value you specify must contain only alphanumeric
characters without spaces and not exceed 10 characters in length. You can use
the BAC command-line tool to change this value after you complete this
Enter Extension Point Provisioning Group [] group1
The program then asks you if you intend to provision PacketCable or voice technology devices.
Step 11 Enter y and press Enter if you are using PacketCable devices; press Enter if you are not.
For example:
Are you going to use devices that support PacketCable voice technology? [n]
If you enter n, go to Step 15. If you enter y, the program prompts you to enter several voice technology properties.
Step 12 Enter details on the KDC realm name, the IP addresses for the primary and secondary DHCP servers, and the primary and secondary DNS servers.
For example:
Note The warning in this example appears if there is more than one interface on your system.
---------------- PacketCable Configuration ------------
Enter KDC realm Name [EXAMPLE.COM]
Warning: There is more than one interface on this system. Default to the 10.10.10.1
Enter IP Address for Primary DHCP [10.10.10.1]
Enter IP Address for Primary DNS [10.10.10.3]
Enter IP Address for Secondary DHCP [10.10.10.2]
Enter IP Address for Secondary DNS [10.10.10.4]
Step 13 Confirm the information; enter y and press Enter.
Step 14 Press Enter to continue.
Step 15 Enter the shared secret password that you want to use for authentication among BAC servers. You must use the same shared secret password for all BAC servers on your network.
For example:
Enter the password to be used for authentication between the BAC servers.
Enter the shared secret password [] <changeme>
Enter the shared secret password again [] <changeme>
Step 16 Press Enter.
The program displays the installation parameters you have selected.
Step 17 Enter y and press Enter to confirm the parameters, and install the Network Registrar extensions.
For example:
========== Confirmation ==========
RDU IP Address: 10.10.10.10
Extension Point Provisioning Group: group1
Step 18 To continue, press Enter.
A message appears indicating that a response file has been created.
For example:
Response file </tmp/response> was created.
Processing of request script was successful.
Installing Network Registrar Extensions Using the Response File
After you generate the response file for Network Registrar extensions, you can subsequently install extensions using the following command:
# pkgadd -n -r response -a BAC_400_Solaris/bacadmin -d BAC_400_Solaris/CSCObac.pkg CSCObac
Once you run the above command, the program installs Network Registrar extensions. After successful installation, the following message appears:
Starting BAC Process Watchdog...
Installation of <CSCObac> was successful.
After you install the extensions, you must configure and validate them. For details, see Configuring Extensions, and Validating Extensions.
Installing the KDC in Noninteractive Mode
You must install the KDC only when configuring a system to support voice technology operations.
Install the KDC on a Solaris 9 or 10 server that meets the requirements described in Operating System Requirements, page 1-1. For performance reasons, you should install the KDC on a separate server.
To install the Key Distribution Center (KDC), complete the initial installation described in Installing BAC. Then complete the procedures described in this section:
•Generating the Response File for the KDC
•Installing the KDC Using the Response File
Generating the Response File for the KDC
Use this procedure to generate a response file for KDC installation:
Step 1 To generate the response file, enter:
# pkgask -r response -d install-path/BAC_400_Solaris/CSCObac.pkg CSCObac
where install-path specifies the complete path to the directory in which the BAC_400_Solaris directory has been created.
Note The response file is created in the directory in which you run the pkgask -r command. If you want the response file to be generated in a specific location, enter:
#
pkgask -r response-file-path -d CSCObac.pkg
where response-file-path specifies the path to the directory in which you want the response file to be generated; for example, /tmp/response. You can also give the response file any name; for example, outputFile.
The installation program verifies that you have installed the required patches to the Solaris operating system. When the verification ends, welcome information appears.
Step 2 Press Enter to continue.
Step 3 When the installation program prompts you to select one or more components, at the KDC prompt, enter y and press Enter.
To skip installing the RDU, a DPE, and the Network Registrar extension points, enter n and press Enter.
For example:
------------- Installation Components -----------
Regional distribution unit(RDU) (y/n)? [n]
Device Provisioning Unit (DPE) (y/n)? [n]
Cisco Network Registrar extension points (y/n)? [n]
Key Distribution Center (KDC) (y/n)? [n] y
Step 4 Confirm the components that you want to install; enter y and press Enter.
The home directory prompt appears.
Step 5 To accept the default directory, /opt/CSCObac, press Enter; or enter another directory.
For example:
------------- Home Directory-----------
Home Directory Destination [/opt/CSCObac]
A confirmation prompt appears.
Step 6 Enter y and press Enter.
The data directory prompt appears.
Step 7 To accept the default directory, /var/CSCObac, press Enter; or enter another directory.
For example:
------------- Data Directory-----------
DB Data Directory Destination [/var/CSCObac]
Step 8 To confirm, enter y and press Enter.
The KDC Configuration prompt appears.
Step 9 Enter the KDC interface address, the fully qualified domain name (FQDN), and the Kerberos realm name. The realm name should be consistent with the realm you give to the DPEs that belong to this provisioning group.
For example:
Note The warning in this example appears if there is more than one interface on your system.
---------------- KDC Configuration ------------
Key Distribution Center (KDC) Realm Name
Enter the Kerberos realm name for the KDC:
The realm name should be consistent with the realm you give to DPEs in this
provisioning group.
Warning: There is more than one interface on this system. Default to the 10.10.10.22
KDC Interface Address [10.10.10.22]:
KDC FQDN [bachost.example.com]:
Step 10 To confirm your entry and continue, enter y and press Enter.
The program prompts you to enter a password to generate the KDC service key.
Step 11 For each DPE, enter a password from 6 to 20 characters. The KDC service key mentioned here is one that you must generate on the DPE and the KDC to enable communication between the two components. To generate this service key, the password that you enter for the KDC must match the one that you enter for the corresponding DPE; otherwise, the DPE does not function.
For example:
Enter Password to generate Service-Key [] 12345678901234567890
Note To generate the service key on the:
•DPE, use the service packetcable 1..1 registration kdc-service-key command from the DPE CLI. For details, refer to the Cisco Broadband Access Center DPE CLI Reference 4.0.
•KDC, use the KeyGen tool. For details, refer to the Cisco Broadband Access Center Administrator Guide 4.0.
Step 12 Press Enter.
Step 13 To confirm and continue, enter y and press Enter.
The program prompts you to enter the DPE FQDN.
Step 14 Enter the FQDN of the DPE.
For example:
Enter Your DPE FQDN [] bac-dpe1.example.com
Step 15 Press Enter to confirm and continue.
Step 16 To add another DPE, enter y and press enter, or enter n and press Enter. The installation program uses the same voice technology shared key for all DPEs.
A message appears indicating that a response file has been created.
For example:
Response file </tmp/response> was created.
Processing of request script was successful.
Installing the KDC Using the Response File
After you generate the response file for the KDC, you can subsequently install the KDC using the following command:
# pkgadd -n -r response -a BAC_400_Solaris/bacadmin -d BAC_400_Solaris/CSCObac.pkg CSCObac
Once you run the above command, the program installs the KDC. After successful installation, the following message appears:
# Linking /etc/rc2.d/S81bprAgent to /etc/init.d/bprAgent
# Linking /etc/rc1.d/K05bprAgent to /etc/init.d/bprAgent
# Linking /etc/rc0.d/K05bprAgent to /etc/init.d/bprAgent
Starting BAC Process Watchdog...
BAC Process Watchdog has started.
Installation of <CSCObac> was successful.
Adding Components
This section describes how you can add one component of BAC to a system on which other components have already been installed. This situation arises largely in a deployment similar to a lab installation, where, for the purposes of testing, more than one component is installed on a single machine. The definitions file (bpr_definitions.sh) is updated whenever you add new components.
Note Before proceeding to add components, ensure that all the components belong to the BAC 4.0 version.
When the installation program detects the presence of one component on your system, it does not allow you the option of adding that particular component. It prompts you to add or install other components only.
For example, if you installed a DPE on a system and then rerun the installation program, the program does not give you the option of installing the DPE.
Regional distribution unit(RDU) (y/n)? [n]
Cisco Network Registrar extension points (y/n)? [n] n
Key Distribution Center (KDC) (y/n)? [n]
The procedures for adding a component are similar to those for a fresh installation, except that the program does not allow you to add the component that you have already installed.
Note You cannot reinstall a component that you have already installed. If you must carry out a reinstallation, first uninstall that component, and then install it again.