Guest

Cisco Network Registrar

Release Notes for Cisco Network Registrar 7.1

  • Viewing Options

  • PDF (224.9 KB)
  • Feedback
Release Notes for Cisco Network Registrar 7.1

Table Of Contents

Release Notes for Cisco Network Registrar 7.1

Contents

Introduction

Before you Begin

System Requirements

Network Registrar Communications Security Option

Software and Standards Compatibility

Interoperability

Installation and Upgrade Notes

General Installation

Red Hat Linux Installation

Upgrade Considerations

Software Features Added in Release 7.1

Dynamic Lease Notification

Discriminating Rate-Limiter

Performance Improvements

Dashboard Improvements

User Management Improvements

EDNS0 Support

DNS Blackhole Support

New Platform Support

DHCP option definitions list enhancements

Important Notes

Modifying the Configuration File (cnr.conf)

Installing the SDK

Installing on Linux or Solaris

Installing on Windows

Testing Your Installation

Limitations and Restrictions

Defects

Product Documentation

Obtaining Documentation and Submitting a Service Request


Release Notes for Cisco Network Registrar 7.1


Revised: April 22, 2010, OL-16004-01

This release notes describes the system requirements, new software features added in this release, and installation and upgrade notes for Cisco Network Registrar (CNR) 7.1 release.

Contents

This release notes includes the following sections:

Introduction

System Requirements

Software and Standards Compatibility

Interoperability

Installation and Upgrade Notes

Software Features Added in Release 7.1

Important Notes

Limitations and Restrictions

Product Documentation

Obtaining Documentation and Submitting a Service Request

Introduction

This release of Cisco Network Registrar includes the following features and enhancements:

Dynamic lease notification

Discriminating rate-limiter

Performance improvements

Dashboard improvements

User management improvements

EDNS0 support

DNS blackhole support

New platform support

DHCP option definitions list enhancements

For more information about these features see the "Software Features Added in Release 7.1" section.

Before you Begin

Review the following sections before installing CNR 7.1:

System Requirements

Network Registrar Communications Security Option

System Requirements

Review these system requirements before installing the CNR 7.1 software:

Java—You must have the Java Runtime Environment (JRE) 5.0 (1.5.0_06) or later, or the equivalent Java Development Kit (JDK), installed on your system. (The JRE is available from Sun Microsystems on its website.)

Operating System—We recommend that your Network Registrar machine runs on the Windows, Solaris, or Linux operating systems as described in Table 1. Network Registrar must run on 32-bit or 64-bit operating systems.


Note CNR applications are 32-bit applications and the system should support 32-bit applications (Java JRE/JDK, OpenLDAP library (for RH)).


User Interfaces—Network Registrar currently includes two user interfaces: a Web UI and a command-line interface (CLI):

Web UI—Runs on a minimum of Microsoft Internet Explorer 6.0 (Service Pack 2) and 7.0, Mozilla Firefox 2.0 and 3.0 and requires JRE 5.0 [1.5].

CLI—Runs in a Windows, Solaris, or Linux command window.


Note For the CLI, the number of concurrent active user sessions and processes on a cluster can be no more than 14.



Tip Include a network time service (such as NTP) in your configuration to avoid time differences between the local and regional clusters, so that aggregated data appears consistently at the regional server.


Table 1 Network Registrar System Recommendations 

Component
Operating System
Solaris
Linux
Windows

OS version1

Solaris 102

Red Hat Enterprise Linux ES 4.0

Red Hat Enterprise Linux 5.0

Windows Server 2003

Disk space3

2 x 73/146 SAS4 drives

With basic DHCP and optimal hardware configuration:

SATA5 drives with 7500 RPM drive > 500 leases/second

SAS drives with 15K RPM drive > 1000 leases/second

(Recommended hard drive 146 GB)

Memory6

16 GB

4 GB (small networks), 8 GB (average networks), or 16 GB (large networks)

1 Network Registrar must run on 32-bit or 64-bit operating systems.

2 Network Registrar 7.1 supports 128-KB block sizes in the Solaris 10 ZFS.

3 Higher I/O bandwidth usually results in higher average leases per second.

4 Serial Attached SCSI.

5 Serial Advanced Technology Attachment (Serial ATA).

6 Faster CPU and more memory typically result in higher peak leases per second.



Note Network Registrar no longer supports Red Hat 3.0, and Solaris 8 and 9. If you are running one of these operating systems, you must upgrade to Red Hat 4.0 or Solaris 10 before installing or upgrading CNR 7.1. (See the "Upgrade Considerations" section.)


Network Registrar Communications Security Option

You need to upgrade the security option to Network Registrar Communications Security Option release 2.2 for CNR 7.1.

Software and Standards Compatibility

With the features introduced in this release, the software conforms to these additional documents:

EDNS0 support as defined in RFC 2671 (not including the request forwarding).

Support (or the option definitions) for RFC 5010, RFC 5107, and RFC 5223.

Interoperability

CNR 7.1 protocol servers interoperate with versions 7.0, 6.3.x and 6.2.x. CNR 7.1 will not support interoperability with the versions prior to 6.2.x.

CNR 7.1 DHCPv4 failover servers interoperate with CNR 7.0.x, 6.3.x and 6.2.x failover servers.

By the nature of the EDNS0 protocol, CNR 7.1 DNS servers interoperate with prior versions of CNR DNS (and 3rd party DNS vendors). EDNS0 defines the interoperability with DNS servers that do not support EDNS0; CNR 7.1 DNS adhere to the RFC and consequently interoperate with earlier versions of CNR.

CNR 7.1 HA DNS servers interoperate with CNR 7.0.x, 6.3.x and 6.2.x versions.

CNR 7.1 DDNSv6 interoperates only with CNR 7.0 and CNR 7.1 DNS servers - because of the usage of the DHCID RRs (in place of TXT RRs for DDNSv6).

Installation and Upgrade Notes

Review the following points before beginning a new installation or an upgrade. For full installation and upgrade procedures, see the Installation Guide for Cisco Network Registrar.

This section covers:

General Installation

Red Hat Linux Installation

For information about installing the Network Registrar SDK, see the "Installing the SDK" section.


Note See the CNR 7.1 release notes only for the updates of the releases since CNR 7.0.1. If you are upgrading from 6.x and later, and prior to 7.0.1, please see the intervening Release Notes to find all the changes that has happened since the release of the version which you are using.


General Installation

Network Registrar now implements the FLEXlm licensing mechanism; therefore, you must obtain a FLEXlm license file.

The installation program prompts you for the license file. You can defer submitting a license file during the upgrade, but you must provide one when you invoke the web UI or the CLI. License keys obtained for prior versions of Network Registrar no longer function.


Note If CNR has to be installed via a Remote Desktop Connection on a Windows Server, you will not be able to enter the license information during the installation process. CNR will reject the license as invalid. You have to skip the license information steps (select an appropriate option to continue the installation process without a license), and then add the license using either the Web UI or nrcmd, after the installation has completed.


The Network Registrar installation program for Windows does not try to modify ACLs to restrict access to installed files and directories. If you want to restrict access to these files and directories, use the native Microsoft utilities cacls and icacls to manually change file and directory permissions. See the Installation Guide for Cisco Network Registrar for more information.

Windows, Solaris, and Linux installations occur through these means:

Windows—Windows-based InstallShield setup program.

Solaris—The pkgadd command.

Linux—The install_cnr script that uses RPM Package Manager (RPM).

On Windows, close all currently running applications, including any antivirus software.

On Windows, ensure that you uncheck the Dr. Watson Visual Notification check box. If checked, this option prevents the servers from restarting automatically if a failure occurs until you respond to a pop-up dialog box. The Visual Notification check box in Dr. Watson is usually checked by default. Execute C:\WINNT\system32\DRWTSN32.exe, uncheck the Visual Notification check box, and then click OK. (You can perform this step after installation.)

Due to changes in the behavior of the Windows installer, you now require a new silent installation response file to successfully perform unattended installations of Network Registrar. The installer will fail to perform unattended installations properly if you use a response file that was generated for CNR 7.0.

To avoid losing the most recent log entries when the Application Event Log is full in the Windows Event Viewer, check the Overwrite Events as Needed check box in Event Log Settings for the Application Log. If the installation process detects that this option is not set properly, it displays a warning message advising corrective action.

Because Network Registrar maintains lock files in the \Temp directory on Windows and the /tmp directory on Solaris or Linux, do not delete these directories while Network Registrar is running.

You cannot run the Network Registrar DNS, DHCP, or TFTP servers concurrently with any other DNS, DHCP, and TFTP servers. In many Windows 2003 server system, these services are enabled and running by default. If the Network Registrar installation process detects that a conflict may exist, it displays a warning message. Before installing Network Registrar, take the appropriate action to disable the conflicting servers.

Network Registrar includes a list of informational, activity, warning, and error messages that it logs during certain operating conditions. Obtain this list in HTML files for each component as links from a MessageIDIndex.html file, which, by default, is in:

Windows—C:\Program Files\Network Registrar\
{Local | Regional}\docs\msgid\MessageIDIndex.html

Solaris and Linux—/opt/nwreg2/{local | regional}/docs/msgid/MessageIDIndex.html

Red Hat Linux Installation

Installing Network Registrar on Red Hat Linux requires that you install the 32-bit OpenLDAP library; otherwise, the DHCP server may fail to start.

To verify if openldap is installed, enter:

# rpm -ql openldap | more

If the openldap package is installed, the LDAP library details will appear; otherwise, an error message will appear similar to:

package openldap is not installed

To install the openldap package, enter:

# yum install compat-openldap.i386

Upgrade Considerations

CNR 7.1 supports upgrades from releases 6.2 and later. When you install the software, the installation program automatically detects an existing version and upgrades the software to the latest release. The program first prompts you to archive existing Network Registrar data. If the program encounters errors during the upgrade, it restores the software to the earlier release.


Note If you are upgrading from a version earlier than 7.0.1, review the Release Notes for any intervening Network Registrar versions before upgrading, to fully understand all of the changes incorporated in this release. The 7.1 Release Notes documents only the changes since 7.0.1.


Network Registrar no longer supports the Red Hat 3.0, and Solaris 8 and 9 operating systems. Backup your Network Registrar data and upgrade your operating system before installing this latest release. (See Table 1 for currently supported operating systems.)

During an upgrade, Network Registrar now displays any pre-existing HTTPS configuration defaults for the keystore filename and password to enable a secure connection for web UI logins (CSCee14992). If you have enabled HTTPS, and are unaware of the keystore filename and password at the time of the upgrade, you can preserve HTTPS connectivity during the upgrade, and re-enter the defaults when prompted.


Note The default keystore filename and password appear only if you are upgrading from 6.3.1 or later versions, or reinstalling the 7.1 version.


To upgrade to CNR 7.1:


Step 1 Ensure that your environment meets the current system requirements (see Table 1).

Step 2 Use the currently installed release to complete any configuration changes in progress, so that the existing database is consistent before you perform the upgrade.

Step 3 Ensure that no pending database tasks result from recent edits. You can confirm that the task lists are empty by viewing the CCM and MCD Tasks pages under the Administration menu in the web UI. Wait until both lists are empty before proceeding with the update.

Step 4 Stop the Network Registrar server agent and backup the existing database:

Windows—net stop nwreglocal

Solaris and Linux—/etc/init.d/nwreglocal stop

Step 5 Copy the data directory in your installation path to a .zip file.

Step 6 Upgrade your operating system, if necessary.

Step 7 Upgrade Network Registrar. Note that:

The recommended practice is to upgrade the regional cluster before upgrading any local clusters, because an older version of a regional cluster cannot connect to newer local clusters (CSCsm61420).

For upgrades from version 6.2 of DHCP failover servers, upgrade the main server before the backup server, because mixed-mode failover synchronization back to version 6.1 (which is needed for the period until the backup is also upgraded) is supported only from main to backup.

Step 8 If the upgrade fails for any reason, you can revert to the earlier Network Registrar version. The Network Registrar installation program provides the capability of archiving the existing product configuration and data when upgrading to a newer version of the product. If you chose this option, and the upgrade process fails, use the following procedure to revert to the earlier product version and configuration:


Caution To complete this process, you must have access to the product installer and license key or license file for the earlier Network Registrar version. Any attempt to proceed otherwise may destabilize the product.

If the installer had successfully performed the upgrade but you want to roll back to the earlier version at some later point, this procedure can result in network destabilization and data loss; for example, you will lose updates made to the Network Registrar database after the upgrade, including DHCP lease data and DNS dynamic updates.

a. Verify that the archive directory (cnr_archive.tar) that you specified during the upgrade process exists and is valid. These examples assume the default archive location provided during installation. Ensure that the path to the cnr_archive.tar file reflects the value of the archive directory that you specified during installation. If you are using:

Windows—C:\Program Files\Network Registrar\{Local.sav | Regional.sav}

Solaris and Linux—/opt/nwreg2/{local.sav | regional.sav}

b. Uninstall Network Registrar using the procedure described in the Installation Guide for Cisco Network Registrar.

c. Other than the contents of the specified archive directory, delete any remaining files and directories in the Network Registrar installation paths.

d. Reinstall the original version of Network Registrar. Ensure that you follow the reinstallation procedure described in the Installation Guide for Cisco Network Registrar that is specific to the original product version.

e. After the installation ends successfully, stop the Network Registrar server agent:

Windows—net stop nwreglocal

Solaris and Linux—/etc/init.d/nwreglocal stop

f. Delete the contents of the Network Registrar install-path/data subdirectory.

g. Extract the contents of the backup file to the newly reinstalled version of Network Registrar. To do this:

1. Change to the root directory of the filesystem. On Windows, this directory would be the base drive (such as C:\); on Solaris and Linux, it would be /.

2. Using the fully qualified path to the archive directory containing the cnr_archive.tar file, extract the archive. These examples assume the default archive location provided during installation. Ensure that the paths to the tar executable and cnr_archive.tar file reflect the value of the archive directory that you specified during installation.

Windows—"C:\Program Files\Network Registrar\{Local.sav | Regional.sav}\tar.exe" xf "//C/Program Files/Network Registrar/{Local.sav | Regional.sav}/cnr_archive.tar"


Note Running the tar executable requires that you change the directory delimiters for the tar filepath to forward slashes (/) and that the drive letter be specified using double slashes (//) without the colon (:).


Solaris and Linux—/opt/nwreg2/{local.sav | regional.sav}/tar -xf /opt/nwreg2/{local.sav | regional.sav}/cnr_archive.tar

h. Start the Network Registrar server agent:

Windows—net start nwreglocal

Solaris and Linux—/etc/init.d/nwreglocal start

Step 9 Verify if the previous configuration, including scopes and zones, is intact.


Software Features Added in Release 7.1

This section describes the most important changes made in the Release 7.1.

Dynamic Lease Notification

With Dynamic Lease Notification, customers can have external systems notified whenever CNR issues a lease. This feature is used in Lawful Intercept solutions and long-term storage of customer data for Regulatory Compliance and Operational Efficiency.

For more details, please see the "Managing Leases" chapter of the User Guide for Cisco Network Registrar.

Discriminating Rate-Limiter

The patent-pending Discriminating Rate-Limiter reduces downtime after outage in very large service networks by restricting the rate of DISCOVER requests while still honoring all RENEW requests.

For more details, please see the Table 23-1 in the "Advanced DHCP Server Properties" chapter of the User Guide for Cisco Network Registrar.

Performance Improvements

Protocol Implementation improvements that enhance the query performance of the DNS server. The improvements to the DNS vulnerability fix enhances the query performance. The DHCP reservation system improvements enhances the reliability and performance of this mechanism.

Dashboard Improvements

CNR 7.1 provides the end-users the ability to select and persist the dashboard default chart types.

User Management Improvements

The fine-grained role-based system includes the ability to define the administrative roles at the scope/prefix and link levels of DHCP. Also admin password changes are now synched between regional and local clusters.

EDNS0 Support

Added support in the DNS implementation for EDNS0 as defined in RFC 2671 (not including the request forwarding).

DNS Blackhole Support

The DNS server can now be configured to avoid the interaction with misbehaving and/or unresponsive remote name-servers and clients.

For more details, please see the "Handling Malicious DNS Clients and Unresponsive Nameservers" section of the "Managing DNS Server Properties" chapter of the User Guide for Cisco Network Registrar.

New Platform Support

CNR 7.1 is optimized to leverage the multi-core processors. It is certified to run on 64 bit variants of the supported OS versions and Red Hat 5.0 was added to the list of supported OS's.

DHCP option definitions list enhancements

The DHCP option definitions list has been updated to support the following RFCs, which does not require any modification to the DHCP server behavior,

RFC5192 is the PANA option, which was not an RFC on CNR 7.0 release

RFC5223 is the LOST server option

Cisco Vendor Specific Option definitions is included in the dhcp-cisco-config and dhcp6-cisco-config option definitions sets

For more details about the new software features added, please see the User Guide for Cisco Network Registrar.

Important Notes

This section contains important information related to this software release that was unavailable when the user documentation was completed; and it contains information in response to recent customer queries. This section describes:

Modifying the configuration file (cnr.conf)

Installing the SDK

CLI prompt change

Modifying the Configuration File (cnr.conf)

The cnr.conf file contains important configuration information. In rare cases, you might want to modify the file; for example, to exclude certain data from daily backups due to capacity issues. To do this, you need to add the appropriate settings manually.


Caution In most situations, Cisco recommends that you use the default settings in this file. If you must change these settings, do so only in consultation with the Cisco Technical Assistance Center (TAC) or the Network Registrar development team.

The following settings are supported:

cnr.backup-dest—Specify the destination to place backed up databases. Defaults to cnr.datadir if not specified.

cnr.backup-dbs—Provide a comma-separated list of the databases you want to backup. For a local cluster the default is ccm,dhcp,dns,mcd,cnrsnmp. For a regional cluster it is ccm,leasehist,subnetutil,replica.


Note The raima (mcd) database is always included in a backup.


cnr.backup-files—Provide a comma-separated list of files and the complete path to the files that you want copied as part of the backup. Files are copied to cnr.backup-dest. The default action is to copy install/conf/mcdschema.txt.

cnr.dbrecover-backup—Specify whether to run db recover and db verify on a backed up Sleepy Cat database. The default value is true. This setting is used for daily backups only, and manual backups ignore this setting. Disabling the automatic operation means that you must run the operation manually, preferably on a separate machine, or at a time when the CNR servers are relatively idle.

cnr.daily-backup—Specify whether to run the daily back up. The default is true.

Installing the SDK

This section documents how to install the Network Registrar SDK on Linux, Solaris, and Windows platforms. Before installing the SDK, ensure that you install Java Runtime Environment (JRE) 5.0 (1.5.0_06) or later, or the equivalent Java Development Kit (JDK), on your system.

Installing on Linux or Solaris

To install the Network Registrar SDK on a Linux or Solaris platform:

1. Extract the contents of the distribution .tar file.

a. Create the SDK directory:

% mkdir /cnr-sdk

b. Change to the directory you just created and extract the .tar file contents:

% cd /cnr-sdk
% tar xvf sdk_tar_file_location/cnrsdk.tar

2. Export your LD_LIBRARY_PATH and CLASSPATH environment variable.

% export LD_LIBRARY_PATH=/cnr-sdk/lib
% export CLASSPATH=/cnr-sdk/classes/cnrsdk.jar:. 

Installing on Windows

To install the Network Registrar SDK on a Windows platform:

1. Extract the contents of the distribution .tar file.

a. Create the SDK directory:

> md c:\cnr-sdk

b. Change to the directory you just created and extract the .zip file contents:

> c:
> cd \cnr-sdk
> tar xvf sdk_tar_file_location\cnrsdk.tar

You may optionally use winzip to extract cnrsdk.tar to the C:\cnr-sdk directory.

2. Set your PATH and CLASSPATH variables:

> set PATH=%PATH%;c:\cnr-sdk\lib
> set CLASSPATH=c:\cnr-sdk\classes\cnrsdk.jar;.

Testing Your Installation

On Linux or Solaris, the following test program verifies that you have set your PATH or LD_LIBRARY_PATH correctly:

% java -jar /cnr-sdk/classes/cnrsdk.jar 

On Windows, the following test program verifies that you have set your CLASSPATH correctly:

> java -jar c:\cnr-sdk\classes\cnrsdk.jar 

Limitations and Restrictions

This section describes limitations and restrictions you might encounter using CNR 7.1.

The Regional "Pull Replica Address Space" fails when reservations are being pulled for new failover-pair objects. This problem occurs only if there is a new failover-pair and one or more reservations associated with that failover-pair. To workaround this issue, repeat the operation twice - first checking "Omit Reservations" and then without checking "Omit Reservations". Once the failover-pairs have been pulled, subsequent pull replica address space operations will work correctly.

In situations where a DHCPv6 server supports clients with multiple leases, be aware that the demand on server memory increases. DHCPv4 supports only one lease per client, while DHCPv6 supports multiple leases. Therefore, a DHCPv6 server cannot support as many leases (clients) as can the same server running DHCPv4. For example, one DHCPv6 client might require 2,500 bytes of space compared to 1,000 bytes per DHCPv4 client. This comparison means that a machine that would support one million DHCPv4 clients will only support 400,000 DHCPv6 clients. Cisco recommends that you allow three times the memory for DHCPv6 clients as you would for DHCPv4. As a result, you must:

Be aware of how many prefixes per link are configured. If the configuration has two prefixes on a link, then with default configuration parameters, you have to cut in half the number of clients.

Use care if you enable inhibit-all-renews. When enabled, each client would use at least two leases, and perhaps three, depending on the grace and affinity times per prefix.

Be aware that the max-client-leases value is now pre-set to 50. A known issue exists, and if clients renew rapidly, you quickly reach the limit of 50 leases per client, consuming much more memory.

Defects

You can find the complete list of resolved and known bugs in the cnr_7_1-buglist.html file included with the release. Refer to this list especially for information about fixes to customer-reported issues.

Product Documentation


Note We sometimes update the electronic documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates.


Table 2 describes the product documentation that is available. You can view the marketing and user documents for Network Registrar at: http://www.cisco.com/en/US/products/sw/netmgtsw/ps1982/index.html.

Table 2 Product Documentation 

Document Title
Available Formats

Documentation Guide for Cisco Network Registrar 7.1

PDF on the product CD-ROM

On Cisco.com:
http://www.cisco.com/en/US/products/sw/netmgtsw/ps1982/tsd_products_support_general_information.html

User Guide for Cisco Network Registrar 7.1

PDF on the product CD-ROM

On Cisco.com: http://www.cisco.com/en/US/products/sw/netmgtsw/ps1982/products_user_guide_list.html

Installation Guide for Cisco Network Registrar 7.1

PDF on the product CD-ROM

On Cisco.com: http://www.cisco.com/en/US/products/sw/netmgtsw/ps1982/prod_installation_guides_list.html

Quick Start Guide for Cisco Network Registrar 7.1

PDF on the product CD-ROM

On Cisco.com: http://www.cisco.com/en/US/products/sw/netmgtsw/ps1982/prod_installation_guides_list.html

CLI Reference Guide for Cisco Network Registrar 7.1

As an HTML document that you can view in your web browser when you install the software. The document is available at Programs > Network Registrar >   Registrar CLI Reference Guide.

On Cisco.com: http://www.cisco.com/en/US/products/sw/netmgtsw/ps1982/prod_command_reference_list.html

Release Notes for Cisco Network Registrar 7.1 (This document)

It is available on Cisco.com:
http://www.cisco.com/en/US/products/sw/netmgtsw/ps1982/prod_release_notes_list.html

Online Help

Choose Help > Help Contents in the main menu to view the entire help contents


Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.