Table Of Contents
Release Notes for Cisco CDA Visual Quality Experience Application Release 3.5
New and Changed Features and Functionality
Enhancements and Changes for Cisco VQE Release 3.5.11
Enhancements and Changes for Cisco VQE Release 3.5.10
Enhancements and Changes for Cisco VQE Release 3.5.9
Enhancements and Changes for Cisco VQE Release 3.5.8
Enhancements and Changes for Cisco VQE Release 3.5.7
Enhancements and Changes for Cisco VQE Release 3.5.6
Enhancements and Changes for Cisco VQE Release 3.5.5
Enhancements and Changes for Cisco VQE Release 3.5.4
Enhancements and Changes for Cisco VQE Release 3.5.3
Enhancements and Changes for Cisco VQE Release 3.5.2
Enhancements and Changes for Cisco VQE Release 3.5.1
Configuring Management Interfaces When Performing an Upgrade
Configuring Static Routes When Performing an Upgrade
Security Restrictions for Logins and Root Privileges
Random "rtc: lost some interrupts at 8192Hz." Messages Displayed on Serial Console
Deprecated sysctl Message Displayed on Serial Console
After a VQE Downgrade, Web Browser Displays Incorrect Fields for VQE-S AMT, VCDS AMT, or VCPT
Changing System Time Causes Unicast Retransmission and RCC Disruptions
Performing a Date and Time Change with NTP
Performing a Date and Time Change with the Linux date Command
Load Balancing May Not Work Correctly When More Than 16 Interfaces Are Attached to an Edge Router
For OSPF Routing, Ethernet Interfaces Require a Direct Layer-3 Connection to Router
Resolved Caveats for Release 3.5.11
Resolved Caveats for Release 3.5.10
Resolved Caveats for Release 3.5.9
Resolved Caveats for Release 3.5.8
Resolved Caveats for Release 3.5.7
Resolved Caveats for Release 3.5.6
Resolved Caveats for Release 3.5.5
The following caveats have been resolved in Cisco VQE, Release 3.5.5:
Resolved Caveats for Release 3.5.4
The following caveats have been resolved in Cisco VQE, Release 3.5.4:
Resolved Caveats for Release 3.5.3
Resolved Caveats for Release 3.5.2
Resolved Caveats for Release 3.5.1
Open Caveats for Release 3.5.1 through to Release 3.5.11
Installing VQE Release 3.5 Software
VQE Software Installation Types
Downloading VQE Software from Cisco.com
Upgrading VQE Software from an Earlier VQE Release 3.X to Release 3.5
Backing Up VQE Release 3.X Files Before Upgrading or Installing Software
Using a VQE Incremental Upgrade to Upgrade from an Earlier VQE Release 3.X to Release 3.5
Using an ISO Full Upgrade to Upgrade from an Earlier VQE Release 3.X to Release 3.5
Using an ISO Clean Installation to Install VQE Release 3.5 on an Earlier VQE Release 3.X System
Performing an ISO Clean or ISO Full Upgrade Installation from a Remote Location
Prerequisites and Restrictions for a Remote ISO Software Installation
Remotely Performing an ISO Clean or ISO Full Upgrade Installation
Supporting Software Hardening Guides and VQE
The 60 Minute Network Security Guide
Obtaining Documentation and Submitting a Service Request
Release Notes for Cisco CDA Visual Quality Experience Application Release 3.5
Revised: March 2012, OL-21605-10
Note
In these release notes, unless it is explicitly noted that text applies to a specific VQE 3.5.X release, all statements concerning Cisco VQE, Release 3.5, apply to each VQE 3.5 release (3.5.1, 3.5.2, and so forth).
Contents
These release notes contain the following sections:
•
•
•
•
Introduction
Cisco Content Delivery Application (CDA) Visual Quality Experience Application (VQE) Release 3.5 offers service providers a set of technologies and products associated with the delivery of IPTV video services. VQE is designed to improve the quality of IPTV services and subscribers' viewing experiences. VQE is part of an end-to-end solution from Cisco that builds video awareness into the network infrastructure. For VQE Release 3.5, Cisco VQE technology is intended for wireline operators who offer managed broadcast (multicast) IPTV services using xDSL.
Cisco CDA VQE Application Release 3.5 includes these major software components:
•
•
These release notes cover VQE-S and VQE-C software and two related software components: VQE Channel Provisioning Tool (VCPT) and VQE Client Configuration Delivery Server (VCDS).
For a list of Cisco VQE documentation, see the "Related Documentation" section.
New and Changed Features and Functionality
The following sections provide a summary of new and changed VQE features and functionality relevant for Cisco VQE Release 3.5:
•
•
•
•
•
•
•
•
•
•
•
Enhancements and Changes for Cisco VQE Release 3.5.11
Cisco VQE Release 3.5.11 is a maintenance release for the VQE Server only. It contains no new software for the VQE Tools server or the VQE Client, and has no new enhancements.
Enhancements and Changes for Cisco VQE Release 3.5.10
Cisco VQE Release 3.5.10 has the following enhancement:
•
•
Enhancements and Changes for Cisco VQE Release 3.5.9
Cisco VQE Release 3.5.9 is a maintenance release for the VQE Server only. It contains no new software for the VQE Tools server or the VQE Client, and has the following enhancement:
•
Enhancements and Changes for Cisco VQE Release 3.5.8
Cisco VQE Release 3.5.8 has the following enhancement:
•
Enhancements and Changes for Cisco VQE Release 3.5.7
Cisco VQE Release 3.5.7 is a maintenance release for the VQE Server only. It contains no new software for the VQE Tools server or the VQE Client, and has no new enhancements.
Enhancements and Changes for Cisco VQE Release 3.5.6
Cisco VQE Release 3.5.6 has the following enhancement:
•
Enhancements and Changes for Cisco VQE Release 3.5.5
Cisco VQE Release 3.5.5 has the following enhancements:
•
•
•
•
•
–
–
–
–
–
–
Enhancements and Changes for Cisco VQE Release 3.5.4
Cisco VQE Release 3.5.4 has the following enhancement:
•
Enhancements and Changes for Cisco VQE Release 3.5.3
Cisco VQE Release 3.5.3 has no new enhancements.
Enhancements and Changes for Cisco VQE Release 3.5.2
Cisco VQE Release 3.5.2 has no new enhancements.
Enhancements and Changes for Cisco VQE Release 3.5.1
Cisco VQE Release 3.5.1 has the following enhancements and changes:
•
–
–
–
All MIBs are read-only in the VQE 3.5 release.
•
•
•
•
•
•
•
•
•
•
System Requirements
The VQE-S runs on one Content Delivery Engine 110 (CDE110) appliance. The VCPT and the VCDS run on a separate CDE110 appliance.
The CDE110 platform can be one of the following:
•
•
The Cisco CDE110 comes with the required software pre-installed—either VQE-S software or Tools (VCPT and VCDS) software. In each case, the required Linux, Apache web server, and other software is also pre-installed.
To access the VQE-S Application Monitoring Tool (AMT), the VCDS AMT, or the VCPT, you need a web browser. For these tools, the following web browsers are supported:
•
•
The minimum screen resolution required for VQE-S AMT, VCDS AMT, and VCPT is 1024 x 768 pixels.
To display the Channels Status Summary graph of active, inoperative, and inactive channels in the AMT VQE-S Status window, Adobe Flash Player must be installed on the computer that hosts the browser accessing AMT. Adobe Flash Player is free and can be found at this URL:
http://get.adobe.com/flashplayer/
Important Notes
The following important notes apply to all VQE Release 3.5 installations:
Configuring Management Interfaces When Performing an Upgrade
If you are upgrading a VQE from VQE Release 3.1, 3.2, or 3.3 to Release 3.5, all Ethernet interfaces on the VQE-S or VQE Tools host will be, by default, used as management interfaces. Therefore, management traffic is allowed on all Ethernet interfaces. You must use the VQE Configuration Tool to limit the interfaces where management traffic will be allowed.
For information on designating Ethernet interfaces as management interfaces, see the "Interface for a Management Network" section in Chapter 2 of the Cisco CDA Visual Quality Experience Application User Guide, Release 3.5.
For information on using the VQE Configuration Tool, see Chapter 7, "Configuring VQE Server and VQE Tools," in the Cisco CDA Visual Quality Experience Application User Guide, Release 3.5.
Configuring Static Routes When Performing an Upgrade
If you are upgrading a VQE from an earlier VQE Release 3.X to Release 3.5, all static routes to the management and access networks are configured using the new static route parameter. In VQE Release 3.5, the VCDB parameters, network.route.mgmt_route and network.route.default_gateway, are deprecated, and replaced with the new VCDB parameter network.route.static_route. The static route parameter specifies the subnet IP address and prefix length of the target network (that is, the management, distribution, or access network), and the gateway IP address on the edge router. The target network is specified as 0.0.0.0/0 for static routes to the access network.
For information on configuring default routes, see the "Static Route Configurations - IP Address, Prefix Length, and Gateway Address " section in Chapter 2 of Cisco CDA Visual Quality Experience Application User Guide, Release 3.5.
Security Restrictions for Logins and Root Privileges
For security reasons, the following restrictions apply to VQE:
•
•
If you want to add user accounts to the wheel group so that additional users can use su and sudo, log in as root and issue the following command:
usermod -G wheel username
In the preceding, username specifies the user who will be added to the wheel group.
Random "rtc: lost some interrupts at 8192Hz." Messages Displayed on Serial Console
A message or block of messages indicating "rtc" has lost some interrupts can appear sporadically on the serial console, usually after entering a command, but the message is unrelated to any specific command.
No workaround is needed. This does not appear to have any operational impact and is believed to be information only related to an underlying Linux process.
Deprecated sysctl Message Displayed on Serial Console
On the serial console, the system will occasionally display a message of the form:
process `sysctl' is using deprecated sysctl (syscall) net.ipv6.neigh.eth4.retrans_time; Use net.ipv6.neigh.eth4.retrans_time_ms instead.No workaround is needed. This has no known operational impact and is a Red Hat Linux binary message.
After a VQE Downgrade, Web Browser Displays Incorrect Fields for VQE-S AMT, VCDS AMT, or VCPT
After you have downgraded VQE software and then use the downgraded VQE release, it is possible that incorrect fields will be displayed for VQE-S AMT, VCDS AMT, or VCPT. In this situation, you are seeing the fields that were provided by your previous VQE release and that have been cached by the web browser.
The correct VQE-S AMT or VCPT fields will be displayed after you delete the files in your web browser cache.
Limitations and Restrictions
Cisco CDA Visual Quality Experience Application, Release 3.5, technology is intended for wireline operators who offer managed broadcast (multicast) IPTV services using xDSL.
See the following sections for information on other limitations and restrictions in Cisco VQE, Release 3.5:
•
•
Changing System Time Causes Unicast Retransmission and RCC Disruptions
When the system time is changed on a VQE-S that is actively repairing network errors, all Unicast Retransmissions will stop indefinitely, and output gaps will be seen on the VQE Clients.
•
•
For a VQE-S server that is actively repairing network errors, an explicit system time change (that is, by using the date command) will always result in the failure of Unicast Retransmission and RCC operations until corrective action is taken.
Workaround: Any time change performed on the VQE-S system should be done during a maintenance window. The procedures for changing the date and time vary depending on whether Network Time Protocol (NTP) or the Linux date command is used. See one of the following sections:
•
•
Note
Performing a Date and Time Change with NTP
When performing a date and time change with NTP, do the following:
Step 1
Step 2
[root@system]# service vqes stopStep 3
[root@system]# service ntpd stopStep 4
Step 5
date -s "date_time_string"
For example:
[root@system]# date -s "16:55:30 July 7, 2008"Step 6
[root@system]# ntpd -qIf the system clock is off by a lot, the command will take considerable time to return.
Step 7
[root@system]# service ntpd startStep 8
[root@system]# /sbin/hwclock --systohcStep 9
[root@system]# ntpq -pStep 10
[root@system]# init 6
Performing a Date and Time Change with the Linux date Command
When performing a time/date change with the Linux date command only, perform the following commands:
Step 1
Step 2
[root@system]# service vqes stopStep 3
Step 4
date -s "date_time_string"
For example:
[root@system]# date -s "16:55:30 July 7, 2008"Step 5
[root@system]# /sbin/hwclock --systohcStep 6
[root@system]# init 6
Load Balancing May Not Work Correctly When More Than 16 Interfaces Are Attached to an Edge Router
With Cisco routers, there is a limitation in the edge router: Only the first 16 route matches for Feedback Target addresses are considered when routing requests to the VQE-S servers from the access network. If more than 16 interfaces to service Unicast Retransmission and RCC request are attached to the edge router and are serving the same Feedback Target addresses, load balancing across the VQE-S servers will not work correctly.
As an example, if four VQE-S servers that each have five Ethernet interfaces serving the same Feedback Target addresses are attached to the edge router, there is a total of 20 Ethernet interfaces serving the same Feedback Target addresses and load balancing across the VQE-S servers will not work correctly.
For OSPF Routing, Ethernet Interfaces Require a Direct Layer-3 Connection to Router
For OSPF routing on the VQE-S server, the Ethernet interfaces used for VQE-S traffic must have a direct Layer-3 connection to the edge router.
Resolved and Open Caveats
The following sections provide information on resolved and open caveats:
•
•
•
•
•
•
•
•
•
•
•
Resolved Caveats for Release 3.5.11
The following caveats have been resolved in Cisco VQE, Release 3.5.11:
CSCtw78673
Input drops seen on the bond interface. When a VQES has the input interface as a bond (two underlying Ethernet interfaces), and the data rate is high (around 1 Gbps), then input drops may occur on the bond interface (as shown in the output of the ifconfig bond1 command).
CSCty17266
The OSPF values are not applied to the bond interfaces. When configuring OSPF values (for example, "hello interval") on VQES, they are only applied to the Ethernet interfaces, and not the bond interfaces, which could result in OSPF not working properly over bond interfaces.
Resolved Caveats for Release 3.5.10
The following caveats have been resolved in Cisco VQE, Release 3.5.10:
CSCtu09981
The BWB client on the VQES switches the port on which it is sending requests to the BWB. After the VQES receives a response from the BWB, it may use a port in the response to send subsequent requests to the BWB.
CSCtu03340
When the VQES sends a request packet to the BWB, the client IP address byte order is reversed.
CSCtu10016
Bandwidth Broker Client does not report or respond to response code correctly. This may result in improperly refused or accepted RCCs.
CSCtu03329
The bwb_client_timeout parameter on VQES allows invalid high values to be chosen.
CSCtu10710
In the debug message for BWB, the version and flags print as one field. They should be two separate 4-bit values.
CSCtu10030
If the BWB timeout is above 10ms, then the RCC request itself will be rejected with an "RB request time in past" error.
CSCtu02993
In the vcdb.conf.sample file, the bwb_client_timeout parameter has no minimum or maximum value, and also does not include the unit of measure, which is milliseconds.
CSCtt42406
When the vqec_ifclient_config_override_update() API is called with no override parameters (for example, tags[0] == NULL), the API rejects the request and the following errors are logged:
•
•
CSCtt41584
The cvqsTotalAcceptedRCCs value is incorrect in the VQES MIB. When querying the VQES MIB, the cvqsTotalAcceptedRCCs OID returns the number of completed RCCs instead of the number of accepted RCCs.
Resolved Caveats for Release 3.5.9
There were no resolved caveats in Cisco VQE, Release 3.5.9.
Resolved Caveats for Release 3.5.8
The following caveats have been resolved in Cisco VQE, Release 3.5.8:
CSCtr04792
Under rare conditions, the VQE-C crashes with an assertion in the Zone Manager code stating that the magic cookie of the zone is incorrect. The crash only occurs when the VQE-C is binding to a channel with RCC enabled and it receives duplicate or invalid APP packets which are slightly delayed. The APP packets arrive after the VQE-C has already received the first few repair packets of an RCC burst.
CSCtq76380
When using the vqereport command to gather VQE system information, the VQE-S Control Plane process (vqes_cp) may crash if RCC is disabled and RCC histograms are accessed.
CSCtq57941
Build errors occur when building the VQE-C kernel module with Linux kernel version 2.6.31. Build errors also occur due to a duplicate declaration of the function inet_ntoa_r(). When new versions of the GCC compiler or the uClibe library are used to build the kernel module, build errors occur because the GCC complier and the uClibe library also define the function inet_ntoa_r().
CSCtl91131
The .so library has undefined dependencies on both the UPnP (Universal Plug and Play) and the libevent symbols when the VQE-C is built using the pic-vqec build target in both the user space and kernel space versions to build Position Independent Code (PIC). The undefined dependencies occur even when UPnP is disabled.
CSCtg76837
The VQE-C data plane module occasionally causes a hard lock-up of the entire VQE-C system following an RCC. If you are monitoring the stack usage in the kernel, you see the high watermark approach or exceed the maximum size of the stack.
Warning messages may appear on the system console or in the system logs which indicate that a sleeping function is being called while a lock is being held. Warning messages from the kernel in relation to the kmem_cache_create() function may also appear on the system console or in the system logs.
The hard lock-up is typically observed in the first few seconds following an RCC. It only occurs when the kernel is using a fixed stack size of 4 KB or less.
CSCtr26964
The RCC output bandwidth currently in use, as shown by the AMT, persistently exceeds the amount that is actually being used for the RCCs currently in progress. Over time the discrepancy between the reported level of RCC output bandwidth and the actual level keeps increasing until RCCs begin to fail due to lack of available output bandwidth.
It is possible that there may be rare corner cases which could lead to leaks of RCC output bandwidth along the code paths that are addressed by this defect.
With the fix for this defect in place, it is possible to verify that the error condition would have been hit without the fix, and that the error condition has been successfully prevented by the fix, if either of the following two error messages are observed:
•
•
CSCtn74958
On the VQE-C CLI, the output of the show tuner all detail command may omit information relating to the Input Shim streams.
CSCtn26612
Macroblocking occurs on UDP channels. When the VQE-C is enabled and bound to a UDP stream, the STB shows video artifacts.
Resolved Caveats for Release 3.5.7
The following caveat has been resolved in Cisco VQE, Release 3.5.7:
CSCto77273
During an RCC on a scrambled channel, the VQE-S sends the ECMs in an RTCP App packet. Under certain conditions, the ECMs may be present in the RTCP App packet in an incorrect order. Additionally, if using only a single ECM, an outdated ECM may be placed into the RTCP App packet.
This issue occurs when ECMs rotate without changing CRC values. This may also occur if two video streams are alternated with each stream having static ECMs but different table_id values.
Resolved Caveats for Release 3.5.6
The following caveats have been resolved in Cisco VQE, Release 3.5.6:
CSCtl71640
If the VQE-C thread is not scheduled for an extended period of time (that is, a period of time larger than the er_enable time in the APP packet) immediately after the start of an RCC operation, the VQE-C Data Plane (DP) may crash at an assertion. The VQE-C console may print an error stating that an assertion has failed in zone_mgr.c.
CSCtj67882
The VQE-C command tuner bind <tuner-name> <channel-url> tr-135 gmin <gmin> slmd <slmd> should set TR-135 parameters, and the settings should effect the TR-135 counters, which are visible in the output of a show channel counters command. However, if you attempt to set the TR-135 parameters while a tuner is binding to a channel, all of the TR-135 counters show a value of 0.
CSCtl83954
When binding to a channel that has been previously bound to, but which is not included in the VQE channel lineup, the tuner bind may fail with errors stating that the channel is invalid or that the channel is not in the database. The failure does not occur on the first bind to the channel, but occurs on subsequent binds to the channel.
CSCtl83962
The VQE-C may hang during initialization when the VQE-C is built with UPnP support and the host system has no default route configured.
CSCtk08844
When an SNMP MIB query is performed on VQE server, each query triggers a log message to be stored in the /var/log/snmpd.log file. If queries are performed continuously, this could result in the log partition filling up in a short period of time.
CSCtl06308
Rapid Channel Changes are refused with the error message "MP Internal Error". The Failed to TLV - encode PCR counter on the Advanced window of the Channel tab of the VQE-S AMT also increments. Refusals are more likely to occur on channels with large GOP sizes and when the VQE-C has a large (>5000) packet pool size.
CSCtk99536
On a highly scaled VQE-S with many thousands of VQE-Cs, a leak may occur which results in the VQE-S miscalculating the output bandwidth. As a result, the VQE-S determines that there is no output bandwidth available and rejects RCC requests, although there is still output bandwidth available.
CSCtl00270
If a VCPT pushes a channel lineup to multiple VCDS servers, the timestamp used could be different for each VCDS, resulting in logically equivalent channel lineup files with different xsums. As a result, the VQE-C could needlessly retrieve the channel lineup.
CSCtl92190
Artifacts and loss of audio are seen on channel change. If the PMT is changed in the stream, the VQE-S may still insert the original PMT into stream, causing possible artifacts and audio loss.
Resolved Caveats for Release 3.5.5
The following caveats have been resolved in Cisco VQE, Release 3.5.5:
CSCti93601
The VQE-C crashes when using the CLI while issuing a show command that searches the output for some particular content to include. The crash occurs when the output is piped to include (that is, a search of the output is performed for a specific string output using the | include CLI output modifier).
CSCti28113
The system messages log file fills with SNMP information messages. Each time the VQE-S receives an SNMP MIB query, a messages is logged in the /var/log/messages file by default. If a MIB is constantly queried, the log partition can fill over a short time frame.
CSCtj21395
On the VQE-C, the source IP address in the RTSP SETUP message is set to a value of 0.0.0.0 when the VQE_C is running in kernel mode. When the code calling the vqe_c_ifclient_socket_open function passes non-zero values for the address and port arguments, the source IP address in the RTSP SETUP messages is set to null, representing an address of 0.0.0.0. The input value of the address is entirely ignored. The same issue occurs for the rtp_port and the rtcp_port arguments of this function.
CSCti72855
On the VQE-C, a dependency on libupnp exists even when UPnP (Universal Plug and Play) is not being used. The VQE-C build attempts to link against the libupnp library even when the VQE-C is not configured with the --enable-upnp option. The build may fail due to missing dependencies.
CSCti43146
On the VQE-C, when an invalid keyword is provided for a boolean parameter in the system configuration, the VQE-C initializes without providing an error message. Valid boolean value are true and false.
CSCti37956
On the VQE-C, no documentation is provided for API parameters which are in network byte order. The VQE-C APIs which accept or return IP addresses and ports may behave unexpectedly. Address and port values are provided in host byte order in VQE-C function calls.
CSCtg50534
On the VQE-C, on changing the source address of a channel or a stream, failover timing statistics are missing from the CLI output.
CSCti79554
When building the VQE-C, running make fails, stating that the libixml or libthreadutil libraries cannot be located. The build server is missing libixml.so.2 and libthreadutil.so.2 from the /lib and /usr/lib directories.
CSCtj31265
A router serving as the default gateway for STBs experiences higher than expected ARP loads and a STB responds with ICMP unreachable messages on the RTCP repair port.
When the VQE-S has error repair (ER) enabled on a channel, and the VQE-C has both ER and RCC disabled, the VQE-S sends periodic RTCP reports to the VQE-C which results in the STB sending ICMP port unreachable/ARP request messages to its default gateway.
CSCtj18597
After performing an ISO clean installation, it is not possible to access or perform an SNMP WALK of the CISCO-VQES-MIB using textual MIB names or object identifiers (OIDs).
CSCth05747
An SNMP GET command on any channel-related parameters of the CISCO-VQES-MIB fails displaying the following "index out of range" error message:
snmpget -v2c -c public localhost CISCO-VQES-MIB::cvqsChannelMulticastIPType.1CISCO-VQES-MIB::cvqsChannelMulticastIPType.1: Unknown Object Identifier (Index out of range: 1 (cvqsChannelIndex))SNMP WALK and SNMP GETNEXT commands are not impacted.
CSCti05730
The VQE-S sends outdated CAS Information for Verimatrix systems. VQE accelerated channel changes take longer than expected for channels encrypted with Verimatrix CAS. Also, some artifacts may be seen at the beginning of the channel change. This occurs on channels encrypted with Verimatrix CAS, where all key information is contained in a single ECM packet.
CSCth41073
On the VQE-C, the parameter rcc_extra_igmp_ip cannot be set to a value of 0.0.0.0, its default value, in the VQE-C system configuration. The VQE-C returns an error indicating that this value is invalid.
CSCti28919
When accessing the VQE-S AMT or the VCPT on a VQE-S from a Firefox web browser, the following security error is displayed in the Firefox console.
server does not support RFC 5746, see CVE-2009-3555The functionality is not limited in any way.
CSCtj28523
After upgrading the VQE-S, the Error Repair and RCC window of the VQE-S AMT displays the older Histogram tab from Release 3.2 instead of the newer Excess BW and the CC Times tabs introduced in Release 3.4.3.
Workaround: Delete the /usr/share/tomcat5/work/Catalina/localhost/ems directory and all contents on VQE-S, and restart the tomcat5 process using the following commands:
rm -rf /usr/share/tomcat5/work/Catalina/localhost/emsservice tomcat5 restartResolved Caveats for Release 3.5.4
The following caveats have been resolved in Cisco VQE, Release 3.5.4:
CSCtf72611
On the VQE-C CLI, the filter "command | include pattern" that is used when executing commands does not work as intended. It does not display only the lines from the resulting output that match string pattern.
CSCtf76276
When using VQE RCC on an Alcatel ATM DSLAM, macroblocking may start immediately on a change to a new channel for a short time. Macroblocking can occur if the combined bandwidth of the previous channel's multicast stream and the bandwidth allocated for RCC on the new stream (the new stream's multicast bitrate * [1 + VQE e-factor used for the RCC]) exceeds the bandwidth of the access link. The problem occurs because the DSLAM does not stop the old multicast stream when the IGMP leave message for the old stream is received. Instead, it waits for an IGMP join message for the new multicast stream before stopping the old stream. Therefore, some of the bandwidth is still being consumed by the old stream, and there is not enough bandwidth remaining on the access link for the unicast burst required to start the RCC. The problem disappears as soon as the VQE-C joins the multicast stream for the new channel, usually several hundred milliseconds to several seconds after the start of the unicast burst.
CSCtf97216
On a VQE-S, if the /etc/sysconfig/iptables file has become corrupt and the vqe_cfgtool command with -apply is run, the VQE-S detects an issue with the iptables but still prompts the user to restart the VQE-S even though no configuration change has been made.
CSCtg36388
RCCs are rejected only on certain isolated channels when fast decorder fill is enabled. This scenario is more likely to occur with a large excess bandwidth fraction and channels with large PTS-PCR offsets (that is, video buffering delay). The counter Number of Fastfill Enabled RCCs on the Advanced window of Channel tab on the VQE-S AMT also increments.
CSCtg50493
The documentation included in the VQE-C software TAR file is for the VQE 3.4 software release. The documentation includes the VQE-C Release Notes, the VQE-C System Integration Reference, and the VQE-C CLI Command Reference.
CSCtg62858
A segmentation fault may occur up to several seconds after tuning away from a VQE-enabled channel.
All of the following conditions must be met on the VQE-enabled channel for the segmentation fault to occur:
•
•
•
–
–
–
–
–
CSCtg73674
Performing an SNMP GET of multiple OIDs fails. If this operation is followed by a SNMP GET of a single OID, and if that OID had been included in the previous SNMP GET of multiple OIDs, the SNMP GET of the single OID will also fail.
CSCth23904
When the VQE-C packet pool limit, defined by the system configuration parameter pakpool_size, is reached in kernel mode, packets are drained from the socket and thrown away. Several sk_buffs associated with the dropped packets are not correctly freed and are leaked in kernel space memory. The VQE-C must be running in kernel mode, and the packet pool must be fully used.
CSCtf54849
On the VQE-C, the commands er en and sen en do not work. The command er en is the shorthand notation for the command error-repair enable which is used to enable error repair on the VQE-C. The command sen en is the shorthand notation for the command send-debugs-to-cli enable which is used to send VQE-C debug messages to the CLI.
Resolved Caveats for Release 3.5.3
There were no resolved caveats in Cisco VQE, Release 3.5.3.
Resolved Caveats for Release 3.5.2
The following caveats have been resolved in Cisco VQE, Release 3.5.2:
CSCtf20798
The maximum value of the VCDS parameter vqe.vqes.igmp_join_variability is 500 ms. The maximum value should be increased to 1000 ms.
CSCtf39419
On the VQE-S, if the vqec_ifclient_chan_update() API is invoked for a channel on which Error Repair and RCC are disabled, a segmentation fault will occur.
CSCtf48671
Moving the system time backward on the VQE-C causes video to freeze. Although setting the clock should only be performed during a maintenance window, the VQE-C should handle this scenario in a more graceful manner.
CSCtf70302
On the VQE-S, when the option to send traps from system messages is enabled, traps are not generated, except for channel status traps. On the VQE Tools server, when the option to send traps from system messages is enabled, traps are not generated.
CSCtf78823
When the VQE-C is in kernel mode, the receive buffer (so_rcvbuf) is set too high. If the VQE-C is not scheduled for a long period of time, the socket buffers can fill up, which could cause the VQE-C to fail.
CSCtf99279
On the VQE Configuration Tool, when the Syslog Trap Priority menu, located under the SNMP Parameters menu, is set to it's default value of 2, traps are generated for system messages of all severity levels.
CSCtg04729
Video artifacts are seen on a RCC. The VQE-C CLI also reports late packets and an unreasonably large "actual_fastfill" value (that is, a value greater than 10 seconds). This may occur when fastfill is disabled on either the VQE-C, the VQE-S, or on both. This does not occur when a fastfill RCC is performed. The number of fastfill RCCs can be verified by checking the "Number of Fastfill Enabled RCCs" counter on the Advanced window of the Error Repair & RCC Statistics tab of the VQE-S AMT.
Resolved Caveats for Release 3.5.1
The following caveats have been resolved in Cisco VQE, Release 3.5.1:
CSCtb11357
The Linux bond driver selects the mac address of the lowest Ethernet interface in the bond group as the mac address for the entire bond. When the lowest Ethernet interface is removed from the bonding group, its mac address is still in use by the bond and the interface is unusable at this point.
CSCtc05432
It is not possible to specify an outbound interface when configuring a static route on the VQE-S or VQE Tools server. When configuring a static route to the management network or the distribution network, the VCDB parameter, network.route.mgmt_route, only specifies the subnet IP address and prefix length of the target network, and the gateway (next hop) IP address. When configuring a static route to the access network, the VCDB parameter, network.route.default_gateway, only specifies the gateway IP address.
CSCtc10926
When you remove one or more Ethernet interfaces from a bond interface using the VQE Configuration Tool and add these interfaces to another bond interface, the VQE-S hangs and the interfaces are brought down when you restart the network service.
CSCte50987
On the VQE-S, when an Ethernet interface underlying a static route to the management network is bounced (that is, transitions from up to down and then to up again), the static route to the management network is not recreated by the Multicast Load Balancer (MLB) when the interface is brought back up.
CSCte96266
The VQE-C kernel mode allocates packet pool memory for max_paksize packets, even though the packet payload buffer is never used in kernel mode.
CSCtc31877
The RTSP client reads the resolv.conf file for the first time when a DNS query is performed. This creates a problem in deployments where the resolv.conf file is updated after the system is up and running.
CSCtb42701
An "Invalid Picture Type in ES" message is displayed in the Advanced Channel Stats MPEG Parser: Error Status Listing. Under rare circumstances, this may lead to longer channel change times. The Stream is MPEG2, it is partially scrambled and the picture_start_code is not part of the same TS packet that the PES header is in.
CSCta56614
The SDP file provides the capability to enable or disable XR FLE blocks and XR status-summary blocks, but the file does not provide the capability to enable or disable Multicast Acquisition (MA) blocks.
CSCtb50384
An incorrect SSRC value is included in the Multicast Acquisition (MA) report. The set-top box SSRC value should match the Digital Content Manager (DCM) SSRC value of the primary multicast stream.
CSCtf17669
RCCs are refused with a message of "No TSRAP fits timing". The VQE-S AMT advanced counter "Failed to TLV-encode ECM" also increments. This occurs only on streams with multiple Conditional Access PIDs or Entitlement Control Message (ECM) PIDs.
Open Caveats for Release 3.5.1 through to Release 3.5.11
Cisco VQE Releases 3.5.1 through to Release 3.5.11 contain the following open caveat:
CSCtb19961
When running the ".bin" upgrade procedure, a "no second disk" failure is reported. On a CDE-111, the flash (second disk) drive /dev/sdb device can disappear from the disk table listing, usually after a reboot. This causes an error report in a bin upgrade process, and a failure if attempting the remote ISO upgrade procedure, which relies on the flash drive to successfully upgrade the VQE software.
Workaround: Reboot the CDE to recover the missing secondary flash disk.
CSCtf01027
The VQE-S MLB process normally monitors interfaces. The MLB withdraws or adds routes for an interface failure or recovery, respectively. However, if the initial route add fails, subsequent routes will not be monitored.
Workaround: Ensure that all interfaces are up and that all routes are valid when VQE-S is started, or restart VQE-S after all interfaces are working and routes are valid.
Installing VQE Release 3.5 Software
New Cisco CDE110 servers have Linux operating system, VQE-S and VQE Tools, and other needed software pre-installed. Table 1 shows the options for upgrading and installing software that Cisco VQE Release 3.5 supports.
Table 1 Options for Upgrading and Installing VQE Release 3.5 Software
To upgrade from an earlier VQE Release 3.X release to Release 3.5
"Upgrading VQE Software from an Earlier VQE Release 3.X to Release 3.5" section
To install a complete set of new VQE Release 3.5 software files on an earlier VQE Release 3.X system (equivalent of a factory install of VQE Release 3.5)
To remotely perform an ISO clean installation or ISO full upgrade of VQE Release 3.5 software
"Performing an ISO Clean or ISO Full Upgrade Installation from a Remote Location" section
For overview information on the software installation types, see the "VQE Software Installation Types" section.
The VQE Configuration Management System (VQE CMS) plays a significant role in software upgrade installations. If you are not familiar with the VQE CMS, read Chapter 6, "Configuring VQE Server and VQE Tools," in the Cisco CDA Visual Quality Experience Application User Guide, Release 3.5.
VQE Software Installation Types
The following sections provide overview information on the VQE software installation types:
•
•
The term "ISO installation" comes from the ISO file system format that is used to burn the CD.
ISO Clean Installation
An ISO clean installation is used to install VQE software on a new CDE110 server. An ISO clean installation can also be used on an existing VQE system to restore the server to a factory default state. An ISO clean installation reformats the hard drive and reinstalls the operating system and other packages, such as the VQE software. All old configurations are removed.
After the ISO clean installation is complete, the system automatically reboots and allows you to log in as root. Next the VQE Startup Configuration Utility automatically runs. This utility allows you to specify initial configuration values for the CDE110 server and the VQE software. Using this input, the VQE Startup Configuration Utility generates initial VQE Configuration Database (VCDB) contents and reboots the CDE110 server. When the server comes back up, the VQE Configuration Engine applies the changes in VCDB to the configuration files under the /etc directory.
When an ISO clean installation is performed at the factory on a new CDE110 server, after the installation is complete, the server reboots and is powered down. When the CDE110 is powered on for the first time at the user site, the VQE Startup Configuration Utility automatically runs.
ISO clean installation software includes Cisco VQE, Redhat Linux, Apache web server, and other required facilities. The ISO installation software is distributed on one CD for VQE-S, and on one CD for VQE Tools. As an alternative, VQE software can be downloaded from Cisco.com. When you are burning a CD with the ISO software, use ISO format and a CD-R disk.
ISO Full Upgrade
An ISO full upgrade is used to upgrade VQE software on an existing CDE110 server and preserves the existing VQE configurations. An ISO full upgrade reformats the hard drive and reinstalls the operating system and other packages, such as the VQE software. An ISO full upgrade backs up the VQE-S, system, and network configurations, which are in the existing files under /etc. For parameters that will be under the control of the VQE CMS, it restores the parameter values (from the existing /etc configuration files) in the set of newly installed /etc configuration files.
ISO full upgrade software includes Cisco VQE, Redhat Linux, Apache web server, and other required facilities. The ISO installation software is distributed on one CD for VQE-S, and on one CD for VQE Tools. As an alternative, VQE software can be downloaded from Cisco.com. When you are burning a CD with the ISO software, use ISO format and a CD-R disk.
VQE Incremental Upgrade
A VQE incremental upgrade can be used to upgrade a CDE110 server where the Cisco VQE software—either VQE-S or VQE Tools—has previously been installed. A VQE incremental upgrade requires a CDE110 server with an existing operating system. A VQE incremental upgrade backs up the VQE-S, system, and network configurations, which are in the existing files under /etc. For parameters that will be under the control of the VQE CMS, a VQE incremental upgrade restores the parameter values (from the existing /etc configuration files) in the set of newly installed /etc configuration files.
A VQE incremental upgrade is done with an executable installer—a single executable file that includes all VQE-S packages needed for the upgraded VQE software version. Each VQE incremental upgrade requires that the system already has a previously released complete VQE software package installed, including configuration files. Otherwise, the VQE incremental upgrade installer quits and informs you to use an ISO installation.
A VQE incremental upgrade assumes that the existing software version is complete. It does not remove any extra software that is installed on your system and that is not required to run the VQE software. However, use of non-Cisco release software may produce unpredictable results and is not recommended or supported.
Downloading VQE Software from Cisco.com
You must be a registered Cisco.com user to download software from Cisco.com. To download a VQE software from Cisco.com, do the following:
Step 1
http://tools.cisco.com/support/downloads/pub/Redirect.x?mdfid=280836689
Step 2
Step 3
•
•
Step 4
Step 5
Step 6
Step 7
Step 8
Step 9
Step 10
Upgrading VQE Software from an Earlier VQE Release 3.X to Release 3.5
To upgrade from an earlier VQE Release 3.X to Release 3.5 requires that you perform one of the following types of software installation on the Cisco CDE110 that hosts VQE-S and on the (optional) CDE110 that hosts the VQE Tools (VCPT and VCDS).
•
•
Note
When using a VQE incremental upgrade to upgrade an earlier VQE 3.X release to Release 3.5, read each of the following sections, in the order shown:
1.
2.
When using an ISO full upgrade to upgrade from an earlier VQE 3.X release to Release 3.5, read each of the following sections, in the order shown:
1.
2.
Backing Up VQE Release 3.X Files Before Upgrading or Installing Software
Caution
Before upgrading or installing software on a CDE110, be sure to backup all needed files to a safe location (for example, on a server separate from the CDE110s being upgraded).
Before the hard disk is formatted, an ISO full upgrade does a backup of configuration files under the /etc directory. After the hard disk is formatted, an ISO full upgrade restores your VQE 3.X configurations in the files under /etc—but only configuration items for which a VQE Configuration Database (VCDB) parameter exists are restored. It is recommended that you manually backup these files to another server before proceeding with an ISO full upgrade in case of a catastrophic failure.
When upgrading to or downgrading from one VQE Release 3.X to another Release 3.X, the following tables list the VQE Release 3.X files that you should backup prior to performing an ISO clean installation or ISO full upgrade.
•
•
The easiest way to back up the /etc configuration files is to use the tar command to create a TAR file archive of all directories and files under /etc.
Note
If additional functions are enabled on the CDE110, there may be additional files not listed in these tables that need to be backed up.
Using a VQE Incremental Upgrade to Upgrade from an Earlier VQE Release 3.X to Release 3.5
This section explains how to use a VQE incremental upgrade to upgrade from an earlier VQE Release 3.X to Release 3.5. A VQE incremental upgrade preserves your earlier VQE 3.X configurations in VCDB and in the configuration files under /etc. If a configuration parameter is not configured by the earlier VQE 3.X configurations in VCDB, it will not be preserved.
Before running a VQE incremental upgrade installer, perform the following tasks:
1.
2.
To run the VQE incremental upgrade installer to upgrade an earlier VQE Release 3.X release to Release 3.5, do the following:
Caution
Step 1
When you run a VQE incremental upgrade installer, you must have root privileges.
Step 2
[root@system]# /tmp/vqes-3.5.x-x.binThe VQE incremental upgrade installer determines the current VQE software version, performs a sanity check on the existing VQE software, checks for the existence of needed configuration files, and does one of the following:
•
•
You are currently running VQE version 3.x.x.Do you want to install version 3.5.x (build xx) now? y/[n]:Step 3
The VQE incremental upgrade does the following:
•
•
–
–
•
After the upgrade process completes, you can examine the /var/log/upgrade.log file to look for warning and error messages, and to find out if there were any configuration files (from your previous installation) whose contents were not completely applied to the new release.
The set of /etc configuration files from your previous installation are archived in a tar file in /vqe-etc/ prior to the upgrade. You can manually apply the values from these old configuration files if these configurations must be restored.
Using an ISO Full Upgrade to Upgrade from an Earlier VQE Release 3.X to Release 3.5
This section explains how to use an ISO full upgrade to upgrade from an earlier VQE Release 3.X to Release 3.5 and preserve your earlier VQE Release 3.X configurations.
Before performing an ISO full upgrade, perform the following tasks:
1.
2.
Note
For terminal emulation software configuration, see "Configuring Terminal Emulation Software" in Chapter 2 of the Cisco CDA Visual Quality Experience Application User Guide, Release 3.5.
To perform an ISO full upgrade to upgrade from an earlier VQE Release 3.X to Release 3.5, do the following:
Caution
Be sure to backup configuration files as described in the "Backing Up VQE Release 3.X Files Before Upgrading or Installing Software" section.
Step 1
Step 2
When the VQE installation software runs, the
boot:prompt is displayed.Step 3
boot: upgrade
Note
This message is harmless. Enter correct input (upgrade) and proceed with the installation.
The installation software checks that VQE software and configuration files exist. If either of these checks fail, the installation is terminated.
If the VQE software and configuration files exist, the following message is displayed before the actual upgrade process starts.
You are performing VQE upgrade on hostname. It currently has Cisco VQE Server_or_Tools Release xxxx installed. If this is incorrect, please power off the server within 60 seconds.You can power off the server to stop the ISO full upgrade if the wrong CD has been used for the installation.
When you select an ISO full upgrade and the installation begins, no further user input is required or possible.
An ISO full upgrade does the following:
•
–
–
Note
•
•
•
•
–
–
–
–
Note
•
•
–
–
•
Step 4
localhost.localdomain login: rootYou are required to change your password immediately (root enforced)You can now choose the new password or passphrase.A valid password should be a mix of upper and lower case letters,digits, and other characters. You can use an 8 character longpassword with characters from at least 3 of these 4 classes, ora 7 character long password containing characters from all theclasses. An upper case letter that begins the password and adigit that ends it do not count towards the number of characterclasses used.A passphrase should be of at least 3 words, 12 to 40 characterslong and contain enough different characters.Enter new password:Re-type new password:Step 5
Step 6
Note
Step 7
Step 8
Step 9
You can examine the /vqe-etc/etc-diff file to determine the /etc file parameters (beyond the control of the VQE CMS) that have been changed.
VCPT configuration files and VQE-S and VQE-C channel configuration files from an earlier VQE Release 3.X can be used without modification with VQE Release 3.5.
Using an ISO Clean Installation to Install VQE Release 3.5 on an Earlier VQE Release 3.X System
This section explains how to use an ISO clean installation to install VQE Release 3.5 on an earlier VQE Release 3.X system.
Caution
An ISO clean installation installs a complete new set of VQE, Linux, Quagga, and other files. An ISO clean installation does not backup or restore your current VQE 3.X configurations. An ISO clean installation reformats the hard drive and reinstalls the operating system and other packages, such as the VQE software. All old configurations are removed.
Before performing an ISO clean installation, perform the following tasks:
1.
2.
Note
For terminal emulation software configuration, see "Configuring Terminal Emulation Software" in Chapter 2 of the Cisco CDA Visual Quality Experience Application User Guide, Release 3.5.
To perform an ISO clean installation to install VQE Release 3.5 on an earlier VQE Release 3.X system, do the following:
Caution
Be sure to backup configuration files as described "Backing Up VQE Release 3.X Files Before Upgrading or Installing Software" section. With this backup of the configuration files, you will have the earlier VQE 3.X configuration files available for reference if you need them after the ISO clean installation is complete.
Step 1
Step 2
When the VQE installation software runs, the
boot:prompt is displayed.Step 3
boot: clean
Note
This message is harmless. Enter correct input (clean) and proceed with the installation.
When you select an ISO clean installation and the installation begins, no further user input is required or allowed until the initial configuration of the CDE110 server.
An ISO clean installation does the following:
1.
2.
3.
4.
5.
a.
b.
6.
Step 4
Step 5
localhost.localdomain login: rootYou are required to change your password immediately (root enforced)You can now choose the new password or passphrase.A valid password should be a mix of upper and lower case letters,digits, and other characters. You can use an 8 character longpassword with characters from at least 3 of these 4 classes, ora 7 character long password containing characters from all theclasses. An upper case letter that begins the password and adigit that ends it do not count towards the number of characterclasses used.A passphrase should be of at least 3 words, 12 to 40 characterslong and contain enough different characters.Enter new password:Re-type new password:Step 6
When you change the root password, the VQE Startup Configuration Utility runs:
Welcome to the Cisco VQE startup configuration utility. This utility isintended to facilitate the initial setup of the VQE system. This is notintended as a complete configuration tool, but merely to assist in the mostcommon configuration needs, therefore you may still need to customize the VQEconfiguration for your specific needs after this utility is complete.The VQE Startup Configuration Utility allows you to specify initial configuration values for the CDE110 server and the VQE software. Using this input, the startup utility generates initial VQE Configuration Database (VCDB) contents and reboots the CDE110 server. When the server comes back up, VQE Configuration Engine applies the changes in VCDB to the configuration files under the /etc directory.
For information on using the startup utility, see Chapter 2, "Getting Started with the VQE Startup Configuration Utility" in the Cisco CDA Visual Quality Experience Application User Guide, Release 3.5.
For information on the VQE Configuration Database and Configuration Engine, see Chapter 7, "Configuring VQE Server and VQE Tools" in the Cisco CDA Visual Quality Experience Application User Guide, Release 3.5.
Terminal Client Software Behavior. When using the Cisco VQE Startup Configuration Utility with a CDE110 serial port connection and terminal client software, different terminal client facilities have varying behavior for the Backspace and Delete Keys:
•
•
•
•
Other terminal client facilities may produce different behaviors for the Backspace and Delete keys.
Performing an ISO Clean or ISO Full Upgrade Installation from a Remote Location
Because of the cost and time delay, it is sometimes not desirable for the service-provider technician to be physically present at the CDE110 server when an ISO clean or ISO full upgrade installation is performed.
Starting with VQE Release 3.3.1, an ISO clean or ISO full upgrade installation can be performed from a remote location without inserting an ISO software installation CD into the CDE110 server. The remote ISO installation is available for both VQE Server and VQE Tools software.
The following sections explain how to perform a remote ISO software installation:
•
•
Prerequisites and Restrictions for a Remote ISO Software Installation
Before proceeding, read and understand these sections on ISO clean and ISO full upgrade installations:
To perform an ISO software installation from a remote location, the following prerequisites and requirements must be met for the CDE110 server on which the software will be installed:
•
ERROR: No second disk detected on CDE-111...This could indicate a hardware failure.Please contact Cisco Technical Support.
Note
•
•
•
•
ERROR: Remote ISO installation is not supported for Versions below 3.3 ISO Image Version : Cisco VQE Server Release 3.2.2 (Build 7)Because the remote installation software is not present in VQE releases earlier than Release 3.3.1, the following restrictions apply to an ISO clean or ISO full upgrade installation from a remote location:
•
•
However, you can remotely perform an ISO clean or ISO full upgrade installation to upgrade from VQE Release 3.3.X or 3.5.X to a later VQE release. For example, you can use a ISO clean or ISO full upgrade installation to upgrade from Release 3.3.2 or Release 3.5.1.
You can remotely perform an ISO clean installation to downgrade from VQE Release 3.3.X or 3.5.X to any earlier VQE 3.3.X or 3.5.X release. For example, a remote ISO clean installation from Release 3.5.1 to Release 3.3.2 is allowed. Be aware that using an ISO clean installation always removes all old configurations. An ISO full downgrade installation is not currently supported.
Remotely Performing an ISO Clean or ISO Full Upgrade Installation
The remote ISO installation script logs success and failure messages concerning the remote installation to its log file /var/log/vqe/remote_iso_install.log.
To perform an ISO clean or ISO full upgrade installation, do the following:
Step 1
Caution
Step 2
Caution
Step 3
For information on downloading the ISO software, see the "Downloading VQE Software from Cisco.com" section.
Step 4
[root@system]# /usr/bin/vqe_remote_iso_installThe network installation script prompts you for the following:
•
•
•
Note
At the end of the script, you are given an opportunity to press Ctrl-C to abort the installation.
The following example shows output from the script when an upgrade installation is selected.
This script will perform the remote iso installation on this server.Please Enter Full Path of the ISO Image : /tmp/vqes-3.x.x-xx.xxx_xx.isoPlease enter the installation type : clean/[upgrade] : EnterSetting up Second Disk for Remote ISO Installation... | DonePlease validate the installation options and enter "y" at prompt to proceedNOTE: Server will be REBOOTED if you choose to proceed with the installationInstall Type : upgradeCurrent Version : Cisco VQE Server Release 3.3.X (Build XX)Post-Install Version : Cisco VQE Server Release 3.3.X (Build XX)Install Setup Log : /var/log/vqe/remote_iso_install.logDo you want to proceed with the installation? y/[n]: yProceeding with upgrade install...Logfile for Remote Installation Setup will be available after installationat : /var/log/vqe/remote_iso_install.logSetting up filesystems for remote iso install... \ DoneRebooting Server in 5 seconds to start Remote ISO Installation...Press CTRL-C if you want to abort now.Broadcast message from root (pts/0) (Sun Mar 29 22:05:38 2009):The system is going down for reboot NOW!Step 5
•
•
Remotely Performing an ISO Clean Installation
(Continued from Step 5 in the preceding section)
When the ISO clean installation begins, no further user input is required or allowed until the initial configuration of the CDE110 server.
An ISO clean installation does the following:
1.
2.
3.
4.
5.
a.
b.
6.
Step 1
localhost.localdomain login: rootYou are required to change your password immediately (root enforced)You can now choose the new password or passphrase.A valid password should be a mix of upper and lower case letters,digits, and other characters. You can use an 8 character longpassword with characters from at least 3 of these 4 classes, ora 7 character long password containing characters from all theclasses. An upper case letter that begins the password and adigit that ends it do not count towards the number of characterclasses used.A passphrase should be of at least 3 words, 12 to 40 characterslong and contain enough different characters.Enter new password:Re-type new password:Step 2
When you change the root password, the VQE Startup Configuration Utility runs:
Welcome to the Cisco VQE startup configuration utility. This utility isintended to facilitate the initial setup of the VQE system. This is notintended as a complete configuration tool, but merely to assist in the mostcommon configuration needs, therefore you may still need to customize the VQEconfiguration for your specific needs after this utility is complete.The VQE Startup Configuration Utility allows you to specify initial configuration values for the CDE110 server and the VQE software. Using this input, the startup utility generates initial VQE Configuration Database (VCDB) contents and reboots the CDE110 server. When the server comes back up, VQE Configuration Engine applies the changes in VCDB to the configuration files under the /etc directory.
For information on using the startup utility, see Chapter 2, "Getting Started with the VQE Startup Configuration Utility" in the Cisco CDA Visual Quality Experience Application User Guide, Release 3.5.
For information on the VQE Configuration Database and Configuration Engine, see Chapter 6, "Configuring VQE Server and VQE Tools" in the Cisco CDA Visual Quality Experience Application User Guide, Release 3.5.
Terminal Client Software Behavior. When using the Cisco VQE Startup Configuration Utility with a CDE110 serial port connection and terminal client software, different terminal client facilities have varying behavior for the Backspace and Delete Keys:
•
•
•
•
Other terminal client facilities may produce different behaviors for the Backspace and Delete keys.
Remotely Performing an ISO Full Upgrade Installation
(Continued from Step 5 in the "Remotely Performing an ISO Clean or ISO Full Upgrade Installation" section)
The ISO full upgrade installation software checks that VQE software and configuration files exist. If either of these checks fail, the installation is terminated.
If the VQE software and configuration files exist, the following message is displayed before the actual upgrade process starts.
You are performing VQE upgrade on hostname. It currently has Cisco VQE Server_or_Tools Release xxx installed. If this is incorrect, please power off the server within 60 seconds.When you select an ISO full upgrade and the installation begins, no further user input is required or possible.
An ISO full upgrade does the following:
•
–
–
Note
•
•
•
•
–
–
–
–
Note
•
•
–
–
•
Step 1
localhost.localdomain login: rootYou are required to change your password immediately (root enforced)You can now choose the new password or passphrase.A valid password should be a mix of upper and lower case letters,digits, and other characters. You can use an 8 character longpassword with characters from at least 3 of these 4 classes, ora 7 character long password containing characters from all theclasses. An upper case letter that begins the password and adigit that ends it do not count towards the number of characterclasses used.A passphrase should be of at least 3 words, 12 to 40 characterslong and contain enough different characters.Enter new password:Re-type new password:Step 2
Step 3
Note
Step 4
Step 5
You can examine the /vqe-etc/etc-diff file to determine the /etc file parameters (beyond the control of the VQE CMS) that have been changed.
Supporting Software Hardening Guides and VQE
Customers who wish to apply the security recommendations published by SysAdmin, Audit, Network, Security Institute (SANS) or National Security Agency (NSA), as described in the documents referenced in the following sections, should be aware of some issues in using these recommendations that may affect the correct operation of the VQE-S.
The following sections describe the particular areas where customers should exercise care in following the security recommendations in these hardening guides:
•
Linux Security Checklist
Document: Linux Security Checklist, Version 2
Document URL:
http://www.sans.org/score/checklists/linuxchecklist.pdf
For the Linux operating system, the following are SANS requirements where it appears that if the user were to follow the specific recommendations of the guide it would likely break behavior that VQE implements.
•
•
•
•
•
The 60 Minute Network Security Guide
The NSA's The 60 Minute Network Security Guide has guidance relevant to the Apache web server and the VQE Server software.
Document: The 60 Minute Network Security Guide, Version 2.1
Document URL: http://www.nsa.gov/ia/_files/support/I33-011R-2006.pdf
If VQE customers follow instructions in the "Unix Web Servers" section of The 60 Minute Network Security Guide, it will not break the VQE web application system.
The following guidance applies to VQE Server software except for the Apache web server, which was discussed in the preceding paragraph.
•
•
•
•
•
•
Notices
The document Open Source Used in Visual Quality Experience 3.5.5 contains licenses and related license information for open-source software included in VQE, Releases 3.5.5, 3.5.6, 3.5.7, 3.5.8, and 3.5.9. The document is located at the following URL:
http://www.cisco.com/en/US/products/ps7127/products_licensing_information_listing.html
Related Documentation
Refer to the following documents for additional information about Cisco VQE and the Cisco CDE110 appliance:
•
http://www.cisco.com/en/US/docs/video/cds/cda/vqe/3_5/user/guide/vqe_guide3_5.html
•
http://www.cisco.com/en/US/docs/video/cds/cda/vqe/vqec/configuration/guide/vqec_cnfg.html
•
http://www.cisco.com/en/US/docs/video/cds/cde/cde110/installation/guide/cde110_install.html
•
http://www.cisco.com/en/US/docs/video/cds/cde/regulatory/compliance/cde110_rcsi.pdf
•
http://www.cisco.com/en/US/products/ps7127/products_licensing_information_listing.html
The entire Content Delivery Systems documentation suite is available on Cisco.com at:
http://www.cisco.com/en/US/products/ps7191/Products_Sub_Category_Home.html
The VQE Client (VQE-C) documentation is included in the VQE-C software TAR file. If you are a registered Cisco.com user, the file can be downloaded from the following location:
http://tools.cisco.com/support/downloads/pub/Redirect.x?mdfid=280836689
Table 6 lists the VQE Client documentation that is provided.
* This document is available only on Cisco.com. See the list of URLs preceding this table.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2012 Cisco Systems, Inc. All rights reserved.