Guest

Cisco Network Registrar

Release Notes for Cisco Network Registrar 6.3

  • Viewing Options

  • PDF (176.5 KB)
  • Feedback
Release Notes for Cisco Network Registrar Release 6.3

Table Of Contents

Release Notes for Cisco Network Registrar Release 6.3

Contents

Introduction

Before You Begin

License Keys

System Requirements

Software and Standards Compatibility

Interoperability

Installation and Upgrade Notes

General Installation

Red Hat Linux Installation

Windows Installation

Upgrade Paths

New Feature in Network Registrar 6.3

Caveats

Open Source License Acknowledgements

OpenSSL/Open SSL Project

License Issues

Related Documentation

Obtaining Documentation, Obtaining Support, and Security Guidelines


Release Notes for Cisco Network Registrar Release 6.3


February 28, 2008

These release notes are for Cisco Network Registrar Release 6.3. This document describes system requirements, new features in this release, installation and upgrade notes, and caveats.

Contents

These release notes cover the following topics:

Introduction

Before You Begin

License Keys

System Requirements

Software and Standards Compatibility

Interoperability

Installation and Upgrade Notes

General Installation

Windows Installation

Upgrade Paths

New Feature in Network Registrar 6.3

Caveats

Open Source License Acknowledgements

Related Documentation

Obtaining Documentation, Obtaining Support, and Security Guidelines

Introduction

This release of Cisco Network Registrar adds support for the Solaris 10 operating system and drops support for the Solaris 8 and Red Hat 3 operating systems. In addition, it fixes a number of customer-reported issues with prior releases and enhances DNS exception forwarding.

Before You Begin

Review the following critical information before installing Network Registrar 6.3.

License Keys

Each Network Registrar software license key addresses a separate functional area. You enter these license keys during installation or in the web-based user interface (web UI) or CLI. An upgrade now prompts for a license key only if it finds no valid license keys in the existing license file.

To determine if you need a new license key:

Initial installation of Network Registrar—Use the license key provided with your shipment.

Upgrading from Network Registrar 6.1 or 6.2—You can use a license key from 6.1 or 6.2 for a local server upgrade. Although a 6.0 license key operates on the local server cluster, the regional cluster requires one or more new license keys (introduced in 6.1) to view or change the server configuration data.

Upgrading from a release before 6.1—You must first upgrade to 6.1 or 6.2. If you are upgrading from a release prior to 6.0, you must then add a new license key. License keys that were valid before 6.0 do not work.

DHCPv6 functionality requires a new ipv6 license key.

The router license can now be applied to the local cluster.

System Requirements

Review these system requirements before installing the Network Registrar 6.3 software:

Java—You must have the Java Runtime Environment (JRE) 1.4.2 or later, or the equivalent Java Development Kit (JDK), installed on your system. (The JRE is available from Sun Microsystems on its web site.)

Operating system—Your Network Registrar machine must meet the minimum requirements of the Windows, Solaris, or Linux operating systems that are specified in Table 1.) Network Registrar must run on 32-bit operating systems.

User Interface—Network Registrar currently includes two user interfaces: a web UI and a CLI:

The web UI runs on a minimum of Microsoft Internet Explorer 6.0 (Service Pack 2), Mozilla Firefox 1.5, or Netscape 7.0 and requires JRE 1.4.2 or later.

The CLI runs in a Windows, Solaris, or Linux command window.


Tip Include a network time service in your configuration to avoid time differences between the local and regional clusters. This method ensures that aggregated data at the regional server appears consistently.


Table 1 System Requirements for Network Registrar

Component
Windows
Solaris
Linux

CPU architecture

Intel Pentium III or its equivalent

Sun Netra AC200

Intel Pentium III or its equivalent

OS version

Windows 2003 server 1

Solaris 9 or Solaris 10

Red Hat Enterprise Server, 4.0

RAM

512 MB for all operating systems

 

Disk space

18 GB recommended, minimum 310 MB required for installation

Swap space

100 MB free swap space

1 Installing on Windows 2000 or later requires support for 16-bit compatibility mode.


Note Network Registrar no longer supports the following platforms: Red Hat ES 2.1, Red Hat 3.0, and Solaris 8. If you are running one of these operating systems, you must upgrade it before installing or upgrading Network Registrar 6.3. (See the "Upgrade Paths" section.)


Software and Standards Compatibility

The Network Registrar servers comply with the applicable Request for Comments (RFCs), protocols, standards, and Internet Engineering Task Force (IETF) drafts:

Domain name system (DNS) servers—Comply with RFCs 974, 1034, 1035 (with updates 1101and 1183), 1995 (IXFR), 1996 (NOTIFY), 2136 (DNS Update), 2181 (Clarifications), 2308 (Negative Caching of DNS Queries), 2317 (Classless in-addr.arpa), 2782 (SRV), 2845 (Secret Key Transaction Authentication), and 2915 (NAPTR).

DHCP and Bootstrap protocol (BOOTP) clients—Comply with RFCs 951 (with updates 1497 and 1542), 1534, 2131, 2132, 2136, 3004, and 3046 (DHCP Relay Agent Information Option).

DHCP failover—Comply with draft-ietf-dhc-failover-03.txt. Also, RFC 3074 (DHC Load Balancing Algorithm).

TFTP—Comply with RFCs 1123 and 1350.

Lightweight Directory Access Protocol (LDAP) servers—Operate with any LDAP version 2 or 3 servers that comply with RFCs 1798, 2241, and 2254 (Extensible Filtering).

DHCPv6 functionality—Comply (all or in part) with RFCs 3315 (DHCP for IPv6), 3633 (IPv6 Prefix Options for DHCPv6), and 3736 (Stateless DHCP Service for IPv6).

DNSv6 functionality—Comply (all or in part) with RFC 3152 (Delegation of IP6.ARPA), 3363 (Representing IPv6 Addresses in DNS), and related RFCs.

Interoperability

The Network Registrar 6.3 protocol servers (DNS and DHCP, for example) interoperate with 6.1 and later protocol servers. However, the 6.3 DNS HA server interoperates only with the 6.2 server, which is the version in which the DNS HA server was introduced.

The regional CCM server interoperates with prior versions of Network Registrar. The regional cluster supports the features listed in Table 2 when it manages clusters running prior versions of Network Registrar.

Table 2 Regional Cluster Features

Feature
Local Cluster Version
 
6.1
6.1.x
6.2
6.3

Central push and pull:

Address space
Scope templates, policies, client-classes
Zone data and templates
Groups, owners, regions
Administrators, roles

x
x
x
x

x
x
x
x
x

x
x
x
x
x

x
x
x
x
x

Administrator:

Single sign-on
Password change

x

x
x

x
x

x
x

IP history reporting:

Central lease history
Detail lease history

x

x
x

x
x

x
x

Utilization reporting:

Central subnet utilization history
Current subnet and scope utilization

x

x
x

x
x

x
x


Installation and Upgrade Notes

Review the following notes before installing Network Registrar 6.3 or upgrading from a previous release. For full installation and upgrade procedures, see the Cisco Network Registrar Installation Guide.

General Installation

Review the following points before beginning a new installation or an upgrade:

Windows, Solaris, and Linux installations occur through these means:

Windows—Windows-based InstallShield setup program.

Solaris—The pkgadd command.

Linux—The install_cnr script that uses RPM Package Manager (RPM).

On Windows, close all currently running applications, including any antivirus software.

Because Network Registrar maintains lock files in the \Temp directory on Windows and the /tmp directory on Solaris or Linux, do not delete these directories while Network Registrar is running.

Network Registrar includes a list of informational, activity, warning, and error messages that it logs during certain operating conditions. Obtain this list in HTML files for each component as links from a MessageIDIndex.html file:

Windows—C:\Program Files\Network Registrar\{Local | Regional}\Docs\
Msgid\MessageIDIndex.html by default.

Solaris and Linux—/opt/nwreg2/{local | regional}/docs/msgid/MessageIDIndex.html by default.

Red Hat Linux Installation

Be aware of compatibility issues when you download Network Registrar to install it on a Red Hat Linux platform.

Release 6.1.x supports RH 7.3, RH ES 2.1, and RH ES 3.0:

The linux download kit supports RH 7.3 and RH 2.1

The linux3 download kit supports RH ES 3.0 for Release 6.1.2 and later

Release 6.2.x supports RH ES 3.0 and RH ES 4.0:

The linux3 download kit supports RH ES 3.0

The linux4 download kit supports RH ES 4.0

Release 6.3 supports RH ES 4.0 only.

Windows Installation

The Network Registrar installation program for Windows no longer attempts to modify ACLs to restrict access to installed files and directories. If you want to restrict access to these files and directories, use the native Microsoft utilities cacls and icacls to manually change file and directory permissions.

If you decide to change ACLs manually, Cisco recommends that you control the settings so that the contents of the entire installation area are read-only to everyone except those in the Administrators system group. The following files and subdirectories are sensitive, and you might want to restrict access them:

installdir\conf\cnr.conf

installdir\tomcat\conf\server.xml

installdir\conf\priv\

installdir\data\

Modifying the ACLs is strictly optional, and Network Registrar will function normally without making any changes to these files. Refer to documentation supplied by Microsoft for information about how to use the cacls and icacls utilities.

Upgrade Paths

Network Registrar 6.3 supports upgrades from releases 6.1.x. and 6.2.x. When you install the software, the installation program automatically detects an existing version and upgrades the software to the latest release. The program first prompts you to archive existing Network Registrar data. If the program encounters errors during the upgrade, it rolls back the software to the earlier release.

Network Registrar no longer supports the Red Hat ES 2.1, Red Hat 3.0, and Solaris 8 operating systems. Before you upgrade to 6.3, back up your Network Registrar data and upgrade your operating system before installing this latest release. See Table 1 for the currently supported operating systems.


Step 1 Ensure that your environment meets the current system requirements (see the "System Requirements" section).

Step 2 Use the currently installed release to complete any configuration changes in progress, so that the existing database is consistent before you perform the upgrade.

Step 3 Ensure that no pending database tasks result from recent edits. You can confirm that the task lists are empty by viewing the CCM and MCD Tasks pages under the Administration menu in the web UI. Wait until both lists are empty before proceeding with the update.

Step 4 Back up your database. The installation program tries to detect configuration data from an earlier installation and will upgrade the data.

Step 5 Upgrade your operating system.


New Feature in Network Registrar 6.3

Network Registrar 6.3 provides greater control over whether DNS forwards a query to a resolution exception server or uses cached name server records. DNS servers now have a BIND-like function with an exception-forwarding attribute that you can set using either the web UI or the CLI.

To set the attribute using the web UI, go to the Edit DNS Server page. You can set the exception-forwarding attribute using a drop-down list. To set the attribute using the CLI, use the dns show command to see its current value and the dns set attribute=value command to change the value.

Possible values for the exception-forwarding attribute are:

forward-always—DNS always forwards queries to a configured exception server.

forward-first—DNS first forwards queries to a configured exception server, and, if it does not receive an answer before the request expires, it forwards to name servers (if any).

forward-last— DNS first forwards queries to cached name servers (if any), and, if it doesn't get an answer before request expires, it forwards the query to a configured exception server.

Caveats

You can find the complete list of resolved and known bugs in the cnr_6_3-buglist.html file included with the release. Refer to this list for information about fixes to customer-reported issues.

Open Source License Acknowledgements

The following acknowledgements pertain to this software license.

OpenSSL/Open SSL Project

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).

This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).

This product includes software written by Tim Hudson (tjh@cryptsoft.com).

License Issues

The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually both licenses are BSD-style Open Source licenses. In case of any license issues related to OpenSSL please contact openssl-core@openssl.org.

OpenSSL License:

© 1998-2007 The OpenSSL Project. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions, and the following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following acknowledgment: "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)"

4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact openssl-core@openssl.org.

5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL" appear in their names without prior written permission of the OpenSSL Project.

6. Redistributions of any form whatsoever must retain the following acknowledgment:

"This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)"

THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT "AS IS"' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com).

Original SSLeay License:

© 1995-1998 Eric Young (eay@cryptsoft.com). All rights reserved.

This package is an SSL implementation written by Eric Young (eay@cryptsoft.com).

The implementation was written so as to conform with Netscapes SSL.

This library is free for commercial and non-commercial use as long as the following conditions are adhered to. The following conditions apply to all code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson (tjh@cryptsoft.com).

Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library used. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

3. All advertising materials mentioning features or use of this software must display the following acknowledgement:

"This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)".

The word `cryptographic' can be left out if the routines from the library being used are not cryptography-related.

4. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement: "This product includes software written by Tim Hudson (tjh@cryptsoft.com)".

THIS SOFTWARE IS PROVIDED BY ERIC YOUNG "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

The license and distribution terms for any publicly available version or derivative of this code cannot be changed. i.e. this code cannot simply be copied and put under another distribution license [including the GNU Public License].

Related Documentation

See also the following documents for important information about installing, configuring, and managing Network Registrar:

For Network Registrar installation procedures, see the Cisco Network Registrar Installation Guide.

For configuration and management procedures, see the Cisco Network Registrar User's Guide.

For details about commands available through the command line interface (CLI), see the Cisco Network Registrar CLI Reference.

Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html