Guest

Cisco Videoscape Distribution Suite for Television

Release Notes for Cisco Visual Quality Experience Application Release 3.7

  • Viewing Options

  • PDF (659.7 KB)
  • Feedback

Table of Contents

Release Notes for Cisco CDA Visual Quality Experience Application Release 3.7

Contents

Introduction

Overview

New and Changed Features and Functionality

Enhancements and Changes for Cisco VQE Release 3.7.3

Enhancements and Changes for Cisco VQE Release 3.7.2

Enhancements and Changes for Cisco VQE Release 3.7.1

Additional VQM Support for VQE-S RTCP Exporter

IPMI Support for CDE250

Bonded Interfaces and VLAN Support extended to VQE-Tools Server

VQE-C Smart Retransmission and Repeat Retransmission Error Repair Strategy

System Requirements

Important Note s

Security Restrictions for Logins and Root Privileges

Random “rtc: lost some interrupts at 8192Hz.” Messages Displayed on Serial Console

Deprecated sysctl Message Displayed on Serial Console

After a VQE Downgrade, Web Browser Displays Incorrect Fields for VQE-S AMT, VCDS AMT, or VCPT

L imitations and Restriction s

Changing System Time Causes Unicast Retransmission and RCC Disruptions

Performing a Date and Time Change with NTP

Performing a Date and Time Change with the Linux date Command

Load Balancing May Not Work Correctly When More Than 16 Interfaces Are Attached to an Edge Router

For OSPF Routing, Ethernet Interfaces Require a Direct Layer-3 Connection to Router

Resolved and Open Caveats

Resolved Caveats for Release 3.7.3

Resolved Caveats for Release 3.7.2

Resolved Caveats for Release 3.7.1

Open Caveats for Release 3.7.3

Open Caveats for Release 3.7.2

Open Caveats for Release 3.7.1

Accessing Bug Search

Installing VQE Release 3.7 Software

VQE Software Installation Types

ISO Clean Installation

ISO Full Upgrade

VQE Incremental Upgrade

Downloading VQE Software from Cisco.com

Upgrading VQE Software from an Earlier VQE Release 3.X to Release 3.7

Backing Up VQE Release 3.X Files Before Upgrading or Installing Software

Using a VQE Incremental Upgrade to Upgrade from an Earlier VQE Release 3.X to Release 3.7

Using an ISO Full Upgrade to Upgrade from an Earlier VQE Release 3.X to Release 3.7

Using an ISO Clean Installation to Install VQE Release 3.7 o n an Earlier VQE Release 3.X System

Performing an ISO Clean or ISO Full Upgrade Installation from a Remote Location

Prerequisites and Restrictions for a Remote ISO Software Installation

Remotely Performing an ISO Clean or ISO Full Upgrade Installation

Supporting Software Hardening Guides and VQE

Linux Security Checklist

The 60 Minute Network Security Guide

Notices

Related Documentation

Obtaining Documentation and Submitting a Service Request

Release Notes for Cisco CDA Visual Quality Experience Application Release 3.7

Last Updated: December, 2013 OL-30139-03

 

In this release note, unless it is explicitly noted that text applies to a specific VQE 3.7.X release, all statements concerning Cisco VQE, Release 3.7, apply to each VQE 3.7 release (3.7.1, 3.7.2, and so forth).

 

 

Introduction

Cisco Content Delivery Application (CDA) Visual Quality Experience Application (VQE) Release 3.7 offers service providers a set of technologies and products associated with the delivery of IPTV video services. VQE is designed to improve the quality of IPTV services and subscribers’ viewing experiences. VQE is part of an end-to-end solution from Cisco that builds video awareness into the network infrastructure. For VQE Release 3.7, Cisco VQE technology is intended for wireline operators who offer managed broadcast (multicast) IPTV services using xDSL.

For a list of Cisco VQE documentation, see the “Related Documentation” section.

Overview

The suite of standards-based Cisco VQE Release 3.7 delivers three applications: Error repair, rapid channel change (RCC), and IPTV statistics reporting.

Error repair effectively mitigates errors associated with IPTV packets as they traverse noisy access circuits. Cisco VQE technology also addresses losses associated with building wiring systems. It uses the Real-Time Transport Protocol (RTP) to provide selective retransmission as defined in RFC 4588, and Application Layer-Forward Error Correction (AL-FEC) as defined by the SMPTE 2022 to eliminate visual or audible errors at the receiver (typically STB).

RCC mitigates several critical delay components responsible for long channel-change times; including Internet Group Management Protocol (IGMP) join latency, I-Frame or IDR acquisition time, and STB buffer fill times. Cisco VQE takes advantage of the same RTP technology used for error repair to effectively reduce these and other delay components, resulting in significantly improved channel-change times.

Cisco VQE IPTV statistics enable an innovative, transport-orientated, end-to-end analysis system that represents a major step forward in the operations of the IPTV network. RTP statistics allow service providers to perform a detailed characterization of the video service capability of the network, enabling them to quickly detect, diagnose, and correct any performance problems in the network. At the same time, these statistics enable the characterization of subscriber behavior. The system offers highly granular Real-Time Control Protocol (RTCP) statistics throughout the network, from video headend devices through the network infrastructure and down to individual client STBs. RTCP XR eXtended Reports compliant with RFC 3611 are also supported, enabling capture of loss Run Length Encoding from the VQE client, both pre- and post-error repair.

New and Changed Features and Functionality

The following sections provide a summary of new and changed VQE features and functionality relevant for Cisco VQE Release 3.7:

 

Enhancements and Changes for Cisco VQE Release 3.7.3

Cisco VQE Release 3.7.3 is a maintenance release for VQE Server and VQE Tools. It contains no new software for VQE Client and has no new enhancements.

Enhancements and Changes for Cisco VQE Release 3.7.2

Cisco VQE Release 3.7.2 is a maintenance release for the VQE Server only. It contains no new software for the VQE Tools Server or the VQE Client, and has no new enhancements.

Enhancements and Changes for Cisco VQE Release 3.7.1

Cisco VQE Release 3.7.1 contains the following enhancements:

Additional VQM Support for VQE-S RTCP Exporter

In an IPTV system, VQE-S supports the exporting of video quality data via a TCP connection to a video quality monitoring system to monitor and analyze the system's video reception quality. To avoid single point of failure and monitoring video quality from different geographical locations, in this release Cisco VQE supports exporting RTCP reports to at most 2 VQMs at a time.

IPMI Support for CDE250

In this release, a new appendix is provided in Cisco CDA Visual Quality Experience Application User Guide to provide supplementary information on IPMI GUI.

Bonded Interfaces and VLAN Support extended to VQE-Tools Server

In this release, support for bonded interface and configuration of VLAN is extended to VQE-Tools Server. See Cisco CDA Visual Quality Experience Application User Guide Release 3.7 For more information

VQE-C Smart Retransmission and Repeat Retransmission Error Repair Strategy

In this release, an efficient error repair strategy is implemented on VQE-C that makes smart decisions based on the Round Trip Time (RTT) delay and extra bandwidth fraction (e-factor) available for error repair service for sending the RET requests.

System Requirements

The VQE-S runs on either a CDE111/ CDE250 2V0. The VCPT and VCDS run on the same hardware.

The CDE111 platform has two models: CDE111-2-146TXA-K9 and CDE111-2-146TXD-K9.

The system comes with the software pre-installed—either VQE-S software or Tools (VCPT and VCDS) software. In each case, the required Linux, Apache web server, and other software is also pre-installed.

To access the VQE-S Application Monitoring Tool (AMT), the VCDS AMT, or the VCPT, you need a web browser. For these tools, the following web browsers are supported:

  • Microsoft Internet Explorer version 6.0 or later
  • Mozilla Firefox version 2.0 or later

The minimum screen resolution required for VQE-S AMT, VCDS AMT, and VCPT is 1024 x 768 pixels.

To display the Channels Status Summary graph of active, inoperative, and inactive channels in the AMT VQE-S Status window, Adobe Flash Player must be installed on the computer that hosts the browser accessing AMT. Adobe Flash Player is free and can be found at this URL:

http://get.adobe.com/flashplayer/

Important Notes

The following important notes apply to all VQE Release 3.7 installations:

Security Restrictions for Logins and Root Privileges

For security reasons, the following restrictions apply to VQE:

  • Root user cannot use Secure Shell (SSH) to log in to a CDE111/ CDE250 2V0 that hosts VQE-S or VCPT. Also, the root user cannot log in to VQE-S AMT, VCDS AMT, or VCPT. The vqe user should be used instead. The vqe user is a pre-created Linux user ID and has its password set during CDE111/ CDE250 2V0 initial system configuration.
  • Only users in the wheel group can use the su or sudo commands. By default, the vqe user is in the wheel group.

If you want to add user accounts to the wheel group so that additional users can use su and sudo , log in as root and issue the following command:

usermod -G wheel username

In the preceding, username specifies the user who will be added to the wheel group.

Random “rtc: lost some interrupts at 8192Hz.” Messages Displayed on Serial Console

A message or block of messages indicating “rtc” has lost some interrupts can appear sporadically on the serial console, usually after entering a command, but the message is unrelated to any specific command.

No workaround is needed. This does not appear to have any operational impact and is believed to be information only related to an underlying Linux process.

Deprecated sysctl Message Displayed on Serial Console

On the serial console, the system will occasionally display a message of the form:

process `sysctl' is using deprecated sysctl (syscall) net.ipv6.neigh.eth4.retrans_time; Use net.ipv6.neigh.eth4.retrans_time_ms instead.
 

No workaround is needed. This has no known operational impact and is a Red Hat Linux binary message.

After a VQE Downgrade, Web Browser Displays Incorrect Fields for VQE-S AMT, VCDS AMT, or VCPT

After you have downgraded VQE software and then use the downgraded VQE release, it is possible that incorrect fields will be displayed for VQE-S AMT, VCDS AMT, or VCPT. In this situation, you are seeing the fields that were provided by your previous VQE release and that have been cached by the web browser.

The correct VQE-S AMT or VCPT fields will be displayed after you delete the files in your web browser cache.

Limitations and Restrictions

Cisco CDA Visual Quality Experience Application, Release 3.7, technology is intended for wireline operators who offer managed broadcast (multicast) IPTV services using xDSL.

See the following sections for information on other limitations and restrictions in Cisco VQE, Release 3.7:

Changing System Time Causes Unicast Retransmission and RCC Disruptions

When the system time is changed on a VQE-S that is actively repairing network errors, all Unicast Retransmissions will stop indefinitely, and output gaps will be seen on the VQE Clients.

  • When the system time is moved forward, the VQE-S receives requests for Unicast Retransmission and RCC but does not send the repairs/RCCs to the VQE Clients on the set-top boxes.
  • When the system time is moved backward, all channels go to an inactive state and no Unicast Retransmission and RCC operations are performed.

For a VQE-S server that is actively repairing network errors, an explicit system time change (that is, by using the date command) will always result in the failure of Unicast Retransmission and RCC operations until corrective action is taken.

Workaround: Any time change performed on the VQE-S system should be done during a maintenance window. The procedures for changing the date and time vary depending on whether Network Time Protocol (NTP) or the Linux date command is used. See one of the following sections:

“Performing a Date and Time Change with NTP” section


Note Using the local clock is not the recommended procedure for running with accurate time. Using NTP is recommended to keep the VQE-S services operational.


Performing a Date and Time Change with NTP

When performing a date and time change with NTP, do the following:


Step 1 Log in as root.

Step 2 Stop the VQE-S services by issuing the following command:

[root@system]# service vqes stop
 

Step 3 Stop the ntpd service by issuing the following command:

[root@system]# service ntpd stop
 

Step 4 If needed, set the time zone with the vqe_cfgtool command’s -config option. Use the Configuration Tool’s System Parameters menu and the Timezone choice.

Step 5 Set the system date and time to a date and time close to the NTP server date and time by issuing the following command:

date -s date_time_string

For example:

[root@system]# date -s “16:55:30 July 7, 2008"
 

Step 6 Synchronize the clock to the configured external NTP servers by issuing the following command:

[root@system]# ntpd -q
 

If the system clock is off by a lot, the command will take considerable time to return.

Step 7 Start the ntpd service by issuing the following command:

[root@system]# service ntpd start
 

Step 8 Synchronize the hardware clock by issuing the following command:

[root@system]# /sbin/hwclock --systohc
 

Step 9 Check NTP synchronization

[root@system]# ntpq -p
 

Step 10 Reboot the VQE-S server by issuing the following command:

[root@system]# init 6
 


 

Performing a Date and Time Change with the Linux date Command

When performing a time/date change with the Linux date command only, perform the following commands:


Step 1 Log in as root.

Step 2 Stop the VQE-S services by issuing the following command:

[root@system]# service vqes stop
 

Step 3 If needed, set the time zone with the vqe_cfgtool command’s -config option. Use the Configuration Tool’s System Parameters menu and the Timezone choice.

Step 4 Set the system date and time by issuing the following command:

date -s date_time_string

For example:

[root@system]# date -s “16:55:30 July 7, 2008"
 

Step 5 Synchronize the hardware clock by issuing the following command:

[root@system]# /sbin/hwclock --systohc
 

Step 6 Reboot the VQE-S server by issuing the following command:

[root@system]# init 6
 


 

Load Balancing May Not Work Correctly When More Than 16 Interfaces Are Attached to an Edge Router

With Cisco routers, there is a limitation in the edge router: Only the first 16 route matches for Feedback Target addresses are considered when routing requests to the VQE-S servers from the access network. If more than 16 interfaces to service Unicast Retransmission and RCC request are attached to the edge router and are serving the same Feedback Target addresses, load balancing across the VQE-S servers will not work correctly.

As an example, if four VQE-S servers that each have five Ethernet interfaces serving the same Feedback Target addresses are attached to the edge router, there is a total of 20 Ethernet interfaces serving the same Feedback Target addresses and load balancing across the VQE-S servers will not work correctly.

For OSPF Routing, Ethernet Interfaces Require a Direct Layer-3 Connection to Router

For OSPF routing on the VQE-S server, the Ethernet interfaces used for VQE-S traffic must have a direct Layer-3 connection to the edge router.

Resolved and Open Caveats

The following sections provide information on resolved and open caveats:

Resolved Caveats for Release 3.7.3

The following caveats have been resolved in Cisco VQE, Release 3.7.3:

Click on the bug ID to view the bug details. This information is displayed in the Bug Search .

Table 1 Resolved Caveats for Cisco VQE Release 3.7.3

Bug ID
Description

CSCum57002

Vqecfgtool sanitycheck, boot msg, remoteisoinstall shows checksum warning

CSCum48441

VQETools 3719 bonds not detected during first boot shows checksum error

CSCum05308

VQE ISO Upgrade (vqe_remote_iso_install) from 3.7 to 3.8 fails with error

Resolved Caveats for Release 3.7.2

The following caveats have been resolved in Cisco VQE, Release 3.7.2:

Click on the bug ID to view the bug details. This information is displayed in the Bug Search .

Table 2 Resolved Caveats for Cisco VQE Release 3.7.2

Bug ID
Description

CSCul94609

VQES CDE250 - ER and RCC not working for more than 32K receivers

Resolved Caveats for Release 3.7.1

The following caveats have been resolved in Cisco VQE, Release 3.7.1:

Click on the bug ID to view the bug details. This information is displayed in the Bug Search.

Table 3 Resolved Caveats for Cisco VQE Release 3.7.1

Bug ID
Description

CSCug83862

Bonded and VLAN feature support on VQETools platform

CSCug84371

Second TCP Port Exporter feature

CSCuh60958

VQE Client - Repeat RET

CSCuh03138

VQE Client - Smart RET

Open Caveats for Release 3.7.3

Open caveat in Cisco VQE Release 3.7.3 is same as Release 3.7.2.

Open Caveats for Release 3.7.2

Open caveat in Cisco VQE Release 3.7.2 is same as Release 3.7.1.

Open Caveats for Release 3.7.1

The following caveat is open in Cisco VQE, Release 3.7.1:

Click on the bug ID to view the bug details. This information is displayed in the Bug Toolkit .

Table 4 Open Caveat for Cisco VQE Release 3.7.1

Bug ID
Description

CSCui26735

RCC request refused in VQES for maximum ingest limit

CSCuh06744

Increase of late packets in PCM when there is long burst error

Accessing Bug Search

This section explains how to use the Bug Toolkit to search for a specific bug or to search for all bugs in a release.


Step 1 Go to https://tools.cisco.com/bugsearch/.

Step 2 At the Log In screen, enter your registered Cisco.com username and password; then, click Log In . The Bug Toolkit page opens.


Note If you do not have a Cisco.com username and password, you can register for them at http://tools.cisco.com/RPF/register/register.do.


Step 3 To search for a specific bug, click the Search Bugs tab, enter the bug ID in the Search for Bug ID field, and click Go .

Step 4 To search for bugs in the current release, click the Search Bugs tab and specify the following criteria:

  • Select Product Category— Video .
  • Select Products—Cisco Content Delivery Engine Series
  • Software Version—[ 3.7].
  • Search for Keyword(s)—Separate search phrases with boolean expressions (AND, NOT, OR) to search within the bug title and details.
  • Advanced Options—You can either perform a search using the default search criteria or define custom criteria for an advanced search. To customize the advanced search, click Use custom settings for severity, status, and others and specify the following information:

Severity—Choose the severity level.

Status—Choose Terminated , Open , or Fixed .

Choose Terminated to view terminated bugs. To filter terminated bugs, uncheck the Terminated check box and select the appropriate suboption (Closed, Junked, or Unreproducible) that appears below the Terminated check box. Select multiple options as required.

Choose Open to view all open bugs. To filter the open bugs, uncheck the Open check box and select the appropriate suboptions that appear below the Open check box. For example, if you want to view only new bugs in Prime Optical 9.5, choose only New .

Choose Fixed to view fixed bugs. To filter fixed bugs, uncheck the Fixed check box and select the appropriate suboption (Resolved or Verified) that appears below the Fixed check box.

Advanced—Check the Show only bugs containing bug details check box to view only those bugs that contain detailed information, such as symptoms and workarounds.

Modified Date—Choose this option to filter bugs based on the date when the bugs were last modified.

Results Displayed Per Page—Specify the number of bugs to display per page.

Step 5 Click Search . The Bug Toolkit displays the list of bugs based on the specified search criteria.

Step 6 To export the results to a spreadsheet:

a. In the Search Bugs tab, click Export All to Spreadsheet .

b. Specify the filename and location at which to save the spreadsheet.

c. Click Save . All bugs retrieved by the search are exported.

If you cannot export the spreadsheet, log into the Technical Support website at http://www.cisco.com/cisco/web/support/index.html or contact the Cisco Technical Assistance Center (TAC).

Installing VQE Release 3.7 Software

New Cisco CDE111/ CDE250 2V0 servers have Linux operating system, VQE-S and VQE Tools, and other needed software pre-installed. Table 5 shows the options for upgrading and installing software that Cisco VQE Release 3.7 supports.


Note VQE 3.7.3 allows the user to Remote ISO Upgrade to 3.8.x or later releases.


 

Table 5 Options for Upgrading and Installing VQE Release 3.7 Software

Upgrade or Installation Type
Where to Get Information

To upgrade from an earlier VQE Release 3.X release to Release 3.7

“Upgrading VQE Software from an Earlier VQE Release 3.X to Release 3.7” section

To install a complete set of new VQE Release 3.7 software files on an earlier VQE Release 3.X system (equivalent of a factory install of VQE Release 3.7)

“Using an ISO Clean Installation to Install VQE Release 3.7 on an Earlier VQE Release 3.X System” section

To remotely perform an ISO clean installation or ISO full upgrade of VQE Release 3.7 software

“Performing an ISO Clean or ISO Full Upgrade Installation from a Remote Location” section

For overview information on the software installation types, see the “VQE Software Installation Types” section.

The VQE Configuration Management System (VQE CMS) plays a significant role in software upgrade installations. If you are not familiar with the VQE CMS, read Chapter 6, “Configuring VQE Server and VQE Tools,” in the Cisco CDA Visual Quality Experience Application User Guide, Release 3.7 .

VQE Software Installation Types

The following sections provide overview information on the VQE software installation types:

The term “ISO installation” comes from the ISO file system format that is used to burn the CD.

ISO Clean Installation

An ISO clean installation is used to install VQE software on a new CDE111/ CDE250 2V0 server. An ISO clean installation can also be used on an existing VQE system to restore the server to a factory default state. An ISO clean installation reformats the hard drive and reinstalls the operating system and other packages, such as the VQE software. All old configurations are removed.

After the ISO clean installation is complete, the system automatically reboots and allows you to log in as root. Next the VQE Startup Configuration Utility automatically runs. This utility allows you to specify initial configuration values for the CDE111/ CDE250 2V0 server and the VQE software. Using this input, the VQE Startup Configuration Utility generates initial VQE Configuration Database (VCDB) contents and reboots the CDE111/ CDE250 2V0 server. When the server comes back up, the VQE Configuration Engine applies the changes in VCDB to the configuration files under the /etc directory.

When an ISO clean installation is performed at the factory on a new CDE111/ CDE250 2V0 server, after the installation is complete, the server reboots and is powered down. When the CDE111/ CDE250 2V0 is powered on for the first time at the user site, the VQE Startup Configuration Utility automatically runs.

ISO clean installation software includes Cisco VQE, Redhat Linux, Apache web server, and other required facilities. The ISO installation software is distributed on one CD for VQE-S, and on one CD for VQE Tools. As an alternative, VQE software can be downloaded from Cisco.com. When you are burning a CD with the ISO software, use ISO format and a CD-R disk.

ISO Full Upgrade

An ISO full upgrade is used to upgrade VQE software on an existing CDE111/ CDE250 2V0 server and preserves the existing VQE configurations. An ISO full upgrade reformats the hard drive and reinstalls the operating system and other packages, such as the VQE software. An ISO full upgrade backs up the VQE-S, system, and network configurations, which are in the existing files under /etc. For parameters that will be under the control of the VQE CMS, it restores the parameter values (from the existing /etc configuration files) in the set of newly installed /etc configuration files.

ISO full upgrade software includes Cisco VQE, Redhat Linux, Apache web server, and other required facilities. The ISO installation software is distributed on one CD for VQE-S, and on one CD for VQE Tools. As an alternative, VQE software can be downloaded from Cisco.com. When you are burning a CD with the ISO software, use ISO format and a CD-R disk.

VQE Incremental Upgrade

A VQE incremental upgrade can be used to upgrade a CDE111/ CDE250 2V0 server where the Cisco VQE software—either VQE-S or VQE Tools—has previously been installed. A VQE incremental upgrade requires a CDE111/ CDE250 2V0 server with an existing operating system. A VQE incremental upgrade backs up the VQE-S, system, and network configurations, which are in the existing files under /etc. For parameters that will be under the control of the VQE CMS, a VQE incremental upgrade restores the parameter values (from the existing /etc configuration files) in the set of newly installed /etc configuration files.

A VQE incremental upgrade is done with an executable installer—a single executable file that includes all VQE-S packages needed for the upgraded VQE software version. Each VQE incremental upgrade requires that the system already has a previously released complete VQE software package installed, including configuration files. Otherwise, the VQE incremental upgrade installer quits and informs you to use an ISO installation.

A VQE incremental upgrade assumes that the existing software version is complete. It does not remove any extra software that is installed on your system and that is not required to run the VQE software. However, use of non-Cisco release software may produce unpredictable results and is not recommended or supported.

Downloading VQE Software from Cisco.com

You must be a registered Cisco.com user to download software from Cisco.com. To download a VQE software from Cisco.com, do the following:


Step 1 Browse to the software downloads area for VQE:

http://tools.cisco.com/support/downloads/pub/Redirect.x?mdfid=280836689

Step 2 Click the + sign to expand Cisco Content Delivery Applications.

Step 3 Depending on the type of server where software is being upgraded, click one of the following:

• Cisco Visual Quality Experience (VQE) Channel Provisioning Tools (VQE Tools)

  • Cisco Visual Quality Experience Application (VQE-S)

Step 4 If needed, log in to Cisco.com.

Step 5 Click the software release that you need.

Step 6 Click the ISO installation software or VQE incremental upgrade installer that you need.

Step 7 Click Download .

Step 8 Follow the directions for downloading the ISO installation software or VQE incremental upgrade installer. Download the software to the /tmp directory.

Step 9 If you want release information, download any Release Notes or README file that is relevant to the software.

Step 10 If you downloaded ISO installation software and require a software CD, you must burn the software onto a CD. When burning the CD, use ISO format and a CD-R disk.


 

Upgrading VQE Software from an Earlier VQE Release 3.X to Release 3.7

To upgrade from an earlier VQE Release 3.X to Release 3.7 requires that you perform one of the following types of software installation on the Cisco CDE111/ CDE250 2V0 that hosts VQE-S and on the (optional) CDE111/ CDE250 2V0 that hosts the VQE Tools (VCPT and VCDS).

  • VQE incremental upgrade installs a limited set of files—only those files that are needed to upgrade to the VQE 3.7 software. This is the recommended upgrade path because it is relatively fast (approximately a minute) and simple to perform. A VQE incremental upgrade preserves your earlier VQE 3.X configurations in VCDB and in the configuration files under /etc. If a configuration parameter is not configured by the earlier VQE 3.X configurations in VCDB, it will not be preserved.
  • ISO full upgrade installs a complete new set of VQE, Linux, Quagga, and other files. An ISO full upgrade does backup and restore your earlier VQE 3.X configurations in files under /etc if the parameter will be under the control of the VQE CMS in Release 3.7. Use an ISO full upgrade if your situation does require that you install a complete new set of files and that earlier VQE 3.X configurations be preserved.

Note If you want to preserve your earlier VQE 3.X configurations for VQE Release 3.7, you must use a VQE incremental upgrade or an ISO full upgrade.


When using a VQE incremental upgrade to upgrade an earlier VQE 3.X release to Release 3.7, read each of the following sections, in the order shown:

1. “Backing Up VQE Release 3.X Files Before Upgrading or Installing Software” section

2. “Using a VQE Incremental Upgrade to Upgrade from an Earlier VQE Release 3.X to Release 3.7” section.

When using an ISO full upgrade to upgrade from an earlier VQE 3.X release to Release 3.7, read each of the following sections, in the order shown:

1. “Backing Up VQE Release 3.X Files Before Upgrading or Installing Software” section

2. “Using an ISO Full Upgrade to Upgrade from an Earlier VQE Release 3.X to Release 3.7” section

Backing Up VQE Release 3.X Files Before Upgrading or Installing Software


Caution An ISO clean installation or ISO full upgrade will format the hard disk on the CDE111/ CDE250 2V0. Formatting causes all data on the hard disk to be erased.

Before upgrading or installing software on a CDE111/ CDE250 2V0, be sure to backup all needed files to a safe location (for example, on a server separate from the CDE111/ CDE250 2V0s being upgraded).

Before the hard disk is formatted, an ISO full upgrade does a backup of configuration files under the /etc directory. After the hard disk is formatted, an ISO full upgrade restores your VQE 3.X configurations in the files under /etc—but only configuration items for which a VQE Configuration Database (VCDB) parameter exists are restored. It is recommended that you manually backup these files to another server before proceeding with an ISO full upgrade in case of a catastrophic failure.

When upgrading to or downgrading from one VQE Release 3.X to another Release 3.X, the following tables list the VQE Release 3.X files that you should backup prior to performing an ISO clean installation or ISO full upgrade.

  • Table 6 shows the files that must be backed up for the CDE111/ CDE250 2V0 that hosts VQE-S.
  • Table 7 shows the files that must be backed up for the CDE111/ CDE250 2V0 that hosts VQE Tools (VCPT and VCDS).

The easiest way to back up the /etc configuration files is to use the tar command to create a TAR file archive of all directories and files under /etc.


Note In addition to the files listed in these tables, there may be backup or alternate files in the /etc/opt/vqes directory or another location. These files must be backed up if you want them available on the upgraded CDE111/ CDE250 2V0.

If additional functions are enabled on the CDE111/ CDE250 2V0, there may be additional files not listed in these tables that need to be backed up.


 

Table 6 VQE-S Server: Files That Must Be Backed Up

File
Notes

all directories and files under /etc

These are the files needed to configure the CDE111/ CDE250 2V0 system except for the VQE-S AMT web application.

/usr/share/tomcat5/webapps/ems/WEB-INF/vqe.conf

VQE-S AMT configuration file with XML-RPC port numbers for management servers. If your deployment has not changed the default XML-RPC port numbers, the vqe.conf file does not have to be backed up.

/usr/share/tomcat5/webapps/ems/WEB-INF/classes/log4j.properties

VQE-S AMT log4j logging configuration file. If your deployment has not changed the default log4j configuration, the log4j.properties file does not have to be backed up.

 

Table 7 VQE Tools Server: Files That Must Be Backed Up

File
Notes

all directories and files under /etc

These are the files needed to configure the CDE111/ CDE250 2V0 system except for the VCPT web application.

/usr/share/tomcat5/webapps/vcpt/WEB-INF/classes/log4j.properties

VCPT log4j logging configuration file. If your deployment has not changed the default log4j configuration, the log4j.properties file does not have to be backed up.

Using a VQE Incremental Upgrade to Upgrade from an Earlier VQE Release 3.X to Release 3.7

This section explains how to use a VQE incremental upgrade to upgrade from an earlier VQE Release 3.X to Release 3.7. A VQE incremental upgrade preserves your earlier VQE 3.X configurations in VCDB and in the configuration files under /etc. If a configuration parameter is not configured by the earlier VQE 3.X configurations in VCDB, it will not be preserved.

Before running a VQE incremental upgrade installer, perform the following tasks:

1. Downloading VQE Software from Cisco.com

2. Backing Up VQE Release 3.X Files Before Upgrading or Installing Software

To run the VQE incremental upgrade installer to upgrade an earlier VQE Release 3.X release to Release 3.7, do the following:


Caution To be safe in case of a catastrophic failure, be sure to backup configuration files as described “Backing Up VQE Release 3.X Files Before Upgrading or Installing Software” section.


Step 1 If needed, log in as root on the CDE111/ CDE250 2V0 server where the VQE incremental upgrade installer was downloaded.

When you run a VQE incremental upgrade installer, you must have root privileges.

Step 2 Run the VQE incremental upgrade installer. For example:

[root@system]# /tmp/vqes-3.7.x-x.bin
 

The VQE incremental upgrade installer determines the current VQE software version, performs a sanity check on the existing VQE software, checks for the existence of needed configuration files, and does one of the following:

  • If the preceding checks determine that there is a problem, the VQE incremental upgrade installer informs you that an ISO installation is required and exits.
  • If the preceding checks determine that all is well, the VQE incremental upgrade installer displays:
You are currently running VQE version 3.x.x.
Do you want to install version 3.7.x (build xx) now? y/[n]:
 

Step 3 To install the software, enter y and press Enter .

The VQE incremental upgrade does the following:

  • Upgrades/installs/uninstalls RPMs (as needed) and installs associated default configuration files.
  • Performs installation post processing as follows:

Installs a new vcdb.conf.sample in the directory /etc/opt/vqes/.

Saves a set of factory default /etc configuration files associated with the RPM installation in the directory /vqe-etc/etc-pristine/.

  • Runs the VQE Configuration Engine to apply VCDB values to the configuration files under /etc.

After the upgrade process completes, you can examine the /var/log/upgrade.log file to look for warning and error messages, and to find out if there were any configuration files (from your previous installation) whose contents were not completely applied to the new release.

The set of /etc configuration files from your previous installation are archived in a tar file in /vqe-etc/ prior to the upgrade. You can manually apply the values from these old configuration files if these configurations must be restored.


 

Using an ISO Full Upgrade to Upgrade from an Earlier VQE Release 3.X to Release 3.7

This section explains how to use an ISO full upgrade to upgrade from an earlier VQE Release 3.X to Release 3.7 and preserve your earlier VQE Release 3.X configurations.

Before performing an ISO full upgrade, perform the following tasks:

1. If you do not have an ISO software installation CD with VQE Release 3.7 software, see Downloading VQE Software from Cisco.com

2. Backing Up VQE Release 3.X Files Before Upgrading or Installing Software


Note ISO full upgrades must be performed using the CDE111/ CDE250 2V0 serial port (not the CDE video and keyboard ports). For these installations, the serial port connection can be through a terminal server or through a directly connected PC.

For terminal emulation software configuration, see “Configuring Terminal Emulation Software” in Chapter 2 of the Cisco CDA Visual Quality Experience Application User Guide, Release 3.7.


To perform an ISO full upgrade to upgrade from an earlier VQE Release 3.X to Release 3.7, do the following:


Caution An ISO full upgrade will format the hard disk on the CDE111/ CDE250 2V0. Formatting causes all data on the hard disk to be erased.

Be sure to backup configuration files as described in the “Backing Up VQE Release 3.X Files Before Upgrading or Installing Software” section.


Step 1 Insert the ISO software installation CD in the CDE111/ CDE250 2V0 CD/DVD Combo drive.

Step 2 Power on or power cycle the CDE111/ CDE250 2V0.

When the VQE installation software runs, the boot: prompt is displayed.

Step 3 Type upgrade if you are upgrading a CDE111 or type upgrade250 if you are upgrading a CDE250 2V0 and press Enter. For example:

boot: upgrade250
 

Note If you enter invalid input at the boot: prompt, the installer displays “Could not find kernel image”. The initial boot text is redisplayed and you must enter the correct option to proceed with the installation.


The installation software checks that VQE software and configuration files exist. If either of these checks fail, the installation is terminated.

If the VQE software and configuration files exist, the following message is displayed before the actual upgrade process starts.

You are performing VQE upgrade on hostname. It currently has Cisco VQE Server_or_Tools Release xxxx installed. If this is incorrect, please power off the server within 60 seconds.
 

You can power off the server to stop the ISO full upgrade if the wrong CD has been used for the installation.

When you select an ISO full upgrade and the installation begins, no further user input is required or possible.

An ISO full upgrade does the following:

  • Checks whether the /etc configuration files have been changed manually (without the use of the VCDB). If manual changes are detected, the ISO full upgrade installer does the following:

Logs the names of files that have been manually changed. The log file is /var/log/upgrade.log.

Writes diff command output showing the manually changed items into the /vqe-etc/etc-diff file.


Note If there are manually edited files in the existing /etc directories, the changes were made by an administrator without the use of VCDB. If you want to continue to have these differences present in your configuration files, you need to carefully edit the relevant configuration files so that they include the items that are different.


  • Backs up the /etc configuration files to the vqe- release - hostname - timestamp .tar.gz file by creating a tar file archive of the following files: /vqe-etc/etc-diff, /var/log/upgrade.log and all files under /etc. Saves the tar file archive in a temporary set of files.
  • Formats the hard drive.
  • Installs the Linux operating system and add-on RPMs of VQE packages and configuration files.
  • Restores (from the tar file archive) the following /etc configuration files that were present on your earlier VQE Release 3.X host:

On a VQE-S host, the VCDB configuration file (/etc/opt/vqes/vcdb.conf)

On a VQE-S host, the channel configuration file (/etc/opt/vqes/vqe_channels.cfg)

On a VQE Tools host, the channel configuration file (/etc/opt/vqes/vqec_channels.cfg) and all VCPT configuration files in /etc/opt/vcpt/data

On both VQE-S and VQE Tools hosts, all files in the /etc/opt/certs directory (files related to Secure Sockets Layer certificates)


Note Except for the preceding files, all other /etc configuration files from an earlier Release 3.X VQE host are not copied to the directories under /etc.


  • Saves the other files shown in Table 8 to the CDE111/ CDE250 2V0 hard drive.

 

Table 8 ISO Full Upgrade: Other Saved Files

File in the Tar File Archive
Directory Location Where Saved

backed up /etc configuration files including vcdb.conf

/vqe-etc/etc-save/

upgrade.log file

/var/log/upgrade.log

diff command output (generated earlier) in the etc-diff file

/vqe-etc/etc-diff file

vqe- release - hostname - timestamp .tar.gz (tar file)

/vqe-etc/

  • Performs installation post processing

Installs a new vcdb.conf.sample file in the /etc/opt/vqes/ directory.

Saves the factory default configuration files under /etc to the directory /vqe-etc/etc-pristine.

  • Performs a final reboot. As part of the final reboot, runs the VQE Configuration Engine to apply the VCDB values (from earlier VQE Release 3.X vcdb.conf that was restored earlier) to the VQE 3.7 configuration files under /etc (including vcdb.conf).

Step 4 When the CDE111/ CDE250 2V0 completes the final reboot, you are required to log in as root and change the password for root:

localhost.localdomain login: root
You are required to change your password immediately (root enforced)
 
You can now choose the new password or passphrase.
 
A valid password should be a mix of upper and lower case letters,
digits, and other characters. You can use an 8 character long
password with characters from at least 3 of these 4 classes, or
a 7 character long password containing characters from all the
classes. An upper case letter that begins the password and a
digit that ends it do not count towards the number of character
classes used.
 
A passphrase should be of at least 3 words, 12 to 40 characters
long and contain enough different characters.
 
Enter new password:
Re-type new password:
 

Step 5 Enter the new password for root.

Step 6 Set the password for the vqe user ID.


Note No passwords are copied over to the new set of installed files.


Step 7 Check the /var/log/vqe/vqe.log file to ensure that no significant errors occurred during the ISO full upgrade.

Step 8 Remove the ISO software installation CD from the CDE111/ CDE250 2V0 CD/DVD Combo drive and close the drive tray.

Step 9 If you made changes to your earlier VQE Release 3.X /etc configuration parameters that are not now under the control of the VQE CMS, the ISO full upgrade does not preserve these changes in Release 3.7. It is possible for you to manually recreate the customized configurations in the Release 3.7 /etc configuration files. However, making manual changes in this manner is not supported or recommended.

You can examine the /vqe-etc/etc-diff file to determine the /etc file parameters (beyond the control of the VQE CMS) that have been changed.

VCPT configuration files and VQE-S and VQE-C channel configuration files from an earlier VQE Release 3.X can be used without modification with VQE Release 3.7.


 

Using an ISO Clean Installation to Install VQE Release 3.7 on an Earlier VQE Release 3.X System

This section explains how to use an ISO clean installation to install VQE Release 3.7 on an earlier VQE Release 3.X system.


Caution If you use an ISO clean installation for installing VQE Release 3.7, your previous VQE configurations will not be backed up or restored. Use an ISO clean installation only when there is no requirement to preserve previous VQE configuration values.

An ISO clean installation installs a complete new set of VQE, Linux, Quagga, and other files. An ISO clean installation does not backup or restore your current VQE 3.X configurations. An ISO clean installation reformats the hard drive and reinstalls the operating system and other packages, such as the VQE software. All old configurations are removed.

Before performing an ISO clean installation, perform the following tasks:

1. If you do not have an ISO software installation CD with VQE Release 3.2 software, see Downloading VQE Software from Cisco.com.

2. Backing Up VQE Release 3.X Files Before Upgrading or Installing Software


Note ISO clean installations must be performed using the CDE serial port (not the CDE video and keyboard ports). For these installations, the serial port connection can be through a terminal server or through a directly connected PC.

For terminal emulation software configuration, see “Configuring Terminal Emulation Software” in Chapter 2 of the Cisco CDA Visual Quality Experience Application User Guide, Release 3.7.


To perform an ISO clean installation to install VQE Release 3.7 on an earlier VQE Release 3.X system, do the following:


Caution An ISO clean installation will format the hard disk on the CDE111/ CDE250 2V0. Formatting causes all data on the hard disk to be erased.

Be sure to backup configuration files as described “Backing Up VQE Release 3.X Files Before Upgrading or Installing Software” section. With this backup of the configuration files, you will have the earlier VQE 3.X configuration files available for reference if you need them after the ISO clean installation is complete.


Step 1 Insert the ISO software installation CD in the CDE111/ CDE250 2V0 CD/DVD Combo drive.

Step 2 Power on or power cycle the CDE111/ CDE250 2V0.

When the VQE installation software runs, the boot: prompt is displayed.

Step 3 Type clean if you are installing a CDE111 or type clean250 if you are installing a CDE250 2V0 and press Enter. For example:

boot: clean
 

Note If you enter invalid input at the boot: prompt, the installer displays “Could not find kernel image” and your input.

This message is harmless. Enter correct input (clean) and proceed with the installation.


When you select an ISO clean installation and the installation begins, no further user input is required or allowed until the initial configuration of the CDE111/ CDE250 2V0 server.

An ISO clean installation does the following:

1. Formats the hard disk.

2. Installs the Linux operating system and all packages.

3. Reboots.

4. Installs the add-on RPM of VQE packages and configuration files.

5. Performs installation post processing.

a. Installs a new vcdb.conf.sample file in the /etc/opt/vqes/ directory.

b. Saves the factory default configuration files under /etc to the directory /vqe-etc/etc-pristine.

6. Reboots the server.

Step 4 Remove the ISO CD from the CDE111/ CDE250 2V0 CD/DVD Combo drive and close the drive tray.

Step 5 When the CDE111/ CDE250 2V0 completes the final reboot, you are required to log in as root and change the password for root:

localhost.localdomain login: root
You are required to change your password immediately (root enforced)
 
You can now choose the new password or passphrase.
 
A valid password should be a mix of upper and lower case letters,
digits, and other characters. You can use an 8 character long
password with characters from at least 3 of these 4 classes, or
a 7 character long password containing characters from all the
classes. An upper case letter that begins the password and a
digit that ends it do not count towards the number of character
classes used.
 
A passphrase should be of at least 3 words, 12 to 40 characters
long and contain enough different characters.
 
 
Enter new password:
Re-type new password:
 

Step 6 Enter the new password for root.

When you change the root password, the VQE Startup Configuration Utility runs:

Welcome to the Cisco VQE startup configuration utility. This utility is
intended to facilitate the initial setup of the VQE system. This is not
intended as a complete configuration tool, but merely to assist in the most
common configuration needs, therefore you may still need to customize the VQE
configuration for your specific needs after this utility is complete.
 

The system is now ready to be configured.


 

Performing an ISO Clean or ISO Full Upgrade Installation from a Remote Location

Because of the cost and time delay, it is sometimes not desirable for the service-provider technician to be physically present at the CDE111/ CDE250 2V0 server when an ISO clean or ISO full upgrade installation is performed.

Starting with VQE Release 3.3.1, an ISO clean or ISO full upgrade installation can be performed from a remote location without inserting an ISO software installation CD into the CDE111/ CDE250 2V0 server. The remote ISO installation is available for both VQE Server and VQE Tools software.

The following sections explain how to perform a remote ISO software installation:

Prerequisites and Restrictions for a Remote ISO Software Installation

Before proceeding, read and understand these sections on ISO clean and ISO full upgrade installations:

To perform an ISO software installation from a remote location, the following prerequisites and requirements must be met for the CDE111/ CDE250 2V0 server on which the software will be installed:

  • CDE111/ CDE250 2V0 server must have a factory-installed flash drive. Only CDE111 model numbers CDE111-2-146TXA-K9 and CDE111-2-146TXD-K9 have a factory-installed flash drive. If the CDE111/ CDE250 2V0 does not have the needed second drive (for example, flash drive), the installation software displays this error message:
ERROR: No second disk detected on CDE-111...
This could indicate a hardware failure.
Please contact Cisco Technical Support.
 
  • CDE111/ CDE250 2V0 servers must be running and have a functioning hard disk drive and flash drive.
  • Remote access to the CDE111/ CDE250 2V0 servers must be through the server serial port. Typically, remote access is through a terminal server connected to a serial port on the front or back of the Cisco CDE111/ CDE250 2V0. For terminal emulation software configuration, see “Configuring Terminal Emulation Software” in Chapter 2 of the Cisco CDA Visual Quality Experience Application User Guide, Release 3.7.
  • There must be a mechanism to remotely power cycle the CDE111/ CDE250 2V0 servers. This mechanism is needed to make sure that the technician can restart the installation process should the server become irresponsive during the installation.
  • VQE software currently installed on the CDE111 servers must be for VQE Release 3.3.1 or a later. VQE software currently installed on the CDE250 2V0 servers must be for VQE Release 3.7. If the CDE does not have the needed VQE software release, the installation software displays an error message. For example:
ERROR: Remote ISO installation is not supported for Versions below 3.3
ISO Image Version : Cisco VQE Server Release 3.2.2 (Build 7)
 

Because the remote installation software is not present in VQE releases earlier than Release 3.3.1, the following restrictions apply to an ISO clean or ISO full upgrade installation from a remote location:

  • If the software currently installed on the CDE111 servers is for a VQE release earlier than Release 3.3.1, an ISO clean or ISO full upgrade installation from a remote location is not possible .
  • Downgrade using an ISO clean installation from VQE Release 3.3.X to a version of VQE earlier than Release 3.3.1 is not possible.

However, you can remotely perform an ISO clean or ISO full upgrade installation to upgrade from VQE Release 3.3.X or 3.7.X to a later VQE release. For example, you can use a ISO clean or ISO full upgrade installation to upgrade from Release 3.3.2 or Release 3.7.

You can remotely perform an ISO clean installation to downgrade from VQE Release 3.3.X or 3.7.X to any earlier VQE 3.3.X or 3.7.X release. For example, a remote ISO clean installation from Release 3.7 to Release 3.3.2 is allowed. Be aware that using an ISO clean installation always removes all old configurations. An ISO full downgrade installation is not currently supported.

Remotely Performing an ISO Clean or ISO Full Upgrade Installation

The remote ISO installation script logs success and failure messages concerning the remote installation to its log file /var/log/vqe/remote_iso_install.log.

To perform an ISO clean or ISO full upgrade installation, do the following:


Step 1 Login to the remote CDE111/ CDE250 2V0 server on which the software will be installed.


Caution An ISO clean installation or ISO full upgrade installation will format the hard disk on the CDE111/ CDE250 2V0. Formatting causes all data on the hard disk to be erased.

Step 2 Backup files on the CDE111/ CDE250 2V0 server as described in the “Backing Up VQE Release 3.X Files Before Upgrading or Installing Software” section.


Caution To be safe in case of a catastrophic failure, be sure to backup configuration files as described “Backing Up VQE Release 3.X Files Before Upgrading or Installing Software” section.

Step 3 To copy the ISO software to the remote CDE111/ CDE250 2V0 server, use a facility such as NFS, FTP, or SCP. The network copy operation must be from a separate machine that can provide the ISO image file. The ISO software can be copied to any CDE111/ CDE250 2V0 directory, such as /tmp.

For information on downloading the ISO software, see the “Downloading VQE Software from Cisco.com” section.

Step 4 Run the remote installation script /usr/bin/vqe_remote_iso_install. For example:

[root@system]# /usr/bin/vqe_remote_iso_install
 

The network installation script prompts you for the following:

  • Full pathname of the ISO software file
  • Whether you want to perform an ISO clean installation or ISO full upgrade installation
  • After you verify the installation options, whether you want to continue with the installation

Note For each prompt, the default (if any) is in brackets. Press Enter to accept the default.


At the end of the script, you are given an opportunity to press Ctrl-C to abort the installation.

The following example shows output from the script when an upgrade installation is selected.

This script will perform the remote iso installation on this server.
 
Please Enter Full Path of the ISO Image : /tmp/vqes-3.x.x-xx.xxx_xx.iso
 
Please enter the installation type : clean/[upgrade] : Enter
 
Setting up Second Disk for Remote ISO Installation... | Done
 
Please validate the installation options and enter "y" at prompt to proceed
NOTE: Server will be REBOOTED if you choose to proceed with the installation
 
Install Type : upgrade
Current Version : Cisco VQE Server Release 3.3.X (Build XX)
Post-Install Version : Cisco VQE Server Release 3.3.X (Build XX)
Install Setup Log : /var/log/vqe/remote_iso_install.log
 
Do you want to proceed with the installation? y/[n]: y
 
Proceeding with upgrade install...
 
Logfile for Remote Installation Setup will be available after installation
at : /var/log/vqe/remote_iso_install.log
 
 
Setting up filesystems for remote iso install... \ Done
 
Rebooting Server in 5 seconds to start Remote ISO Installation...
Press CTRL-C if you want to abort now.
 
 
Broadcast message from root (pts/0) (Sun Mar 29 22:05:38 2009):
 
The system is going down for reboot NOW!
 

Step 5 When the CDE111/ CDE250 2V0 reboots, the ISO clean installation or ISO full upgrade installation begins. Depending on the type of installation you are performing, go to one of the following sections:

Remotely Performing an ISO Clean Installation

(Continued from Step 5 in the preceding section.)

When the ISO clean installation begins, no further user input is required or allowed until the initial configuration of the CDE111/ CDE250 2V0 server.

An ISO clean installation does the following:

1. Formats the hard disk.

2. Installs the Linux operating system and all packages.

3. Reboots.

4. Installs the add-on RPM of VQE packages and configuration files.

5. Performs installation post processing.

a. Installs a new vcdb.conf.sample file in the /etc/opt/vqes/ directory.

b. Saves the factory default configuration files under /etc to the directory /vqe-etc/etc-pristine.

6. Reboots the server.


Step 1 When the CDE111/ CDE250 2V0 completes the final reboot, you are required to log in as root and change the password for root:

localhost.localdomain login: root
You are required to change your password immediately (root enforced)
 
You can now choose the new password or passphrase.
 
A valid password should be a mix of upper and lower case letters,
digits, and other characters. You can use an 8 character long
password with characters from at least 3 of these 4 classes, or
a 7 character long password containing characters from all the
classes. An upper case letter that begins the password and a
digit that ends it do not count towards the number of character
classes used.
 
A passphrase should be of at least 3 words, 12 to 40 characters
long and contain enough different characters.
 
 
Enter new password:
Re-type new password:
 

Step 2 Enter the new password for root.

When you change the root password, the VQE Startup Configuration Utility runs:

Welcome to the Cisco VQE startup configuration utility. This utility is
intended to facilitate the initial setup of the VQE system. This is not
intended as a complete configuration tool, but merely to assist in the most
common configuration needs, therefore you may still need to customize the VQE
configuration for your specific needs after this utility is complete.
 

The system is now ready to be configured.


 

Remotely Performing an ISO Full Upgrade Installation

(Continued from Step 5 in the “Remotely Performing an ISO Clean or ISO Full Upgrade Installation” section)

The ISO full upgrade installation software checks that VQE software and configuration files exist. If either of these checks fail, the installation is terminated.

If the VQE software and configuration files exist, the following message is displayed before the actual upgrade process starts.

You are performing VQE upgrade on hostname. It currently has Cisco VQE Server_or_Tools Release xxx installed. If this is incorrect, please power off the server within 60 seconds.
 

When you select an ISO full upgrade and the installation begins, no further user input is required or possible.

An ISO full upgrade does the following:

  • Checks whether the /etc configuration files have been changed manually (without the use of the VCDB). If manual changes are detected, the ISO full upgrade installer does the following:

Logs the names of files that have been manually changed. The log file is /var/log/upgrade.log.

Writes diff command output showing the manually changed items into the /vqe-etc/etc-diff file.


Note If there are manually edited files in the existing /etc directories, the changes were made by an administrator without the use of VCDB. If you want to continue to have these differences present in your configuration files, you need to carefully edit the relevant configuration files so that they include the items that are different.


  • Backs up the /etc configuration files to the vqe- release - hostname - timestamp .tar.gz file by creating a tar file archive of the following files: /vqe-etc/etc-diff, /var/log/upgrade.log and all files under /etc. Saves the tar file archive in a temporary set of files.
  • Formats the hard drive.
  • Installs the Linux operating system and add-on RPMs of VQE packages and configuration files.
  • Restores (from the tar file archive) the following /etc configuration files that were used for the earlier VQE Release:

On a VQE-S host, the VCDB configuration file (/etc/opt/vqes/vcdb.conf)

On a VQE-S host, the channel configuration file (/etc/opt/vqes/vqe_channels.cfg)

On a VQE Tools host, the channel configuration file (/etc/opt/vqes/vqec_channels.cfg) and all VCPT configuration files in /etc/opt/vcpt/data

On both VQE-S and VQE Tools hosts, all files in the /etc/opt/certs directory (files related to Secure Sockets Layer certificates)


Note Except for the preceding files, all other /etc configuration files from the earlier VQE Release are not copied to the directories under /etc.


  • Saves the other files shown in Table 8 to the CDE111/ CDE250 2V0 hard drive.

 

Table 9 ISO Full Upgrade: Other Saved Files

File in the Tar File Archive
Directory Location Where Saved

backed up /etc configuration files including vcdb.conf

/vqe-etc/etc-save/

upgrade.log file

/var/log/upgrade.log

diff command output (generated earlier) in the etc-diff file

/vqe-etc/etc-diff file

vqe- release - hostname - timestamp .tar.gz (tar file)

/vqe-etc/

  • Performs installation post processing

Installs a new vcdb.conf.sample file in the /etc/opt/vqes/ directory.

Saves the factory default configuration files under /etc to the directory /vqe-etc/etc-pristine.

  • Performs a final reboot. As part of the final reboot, runs the VQE Configuration Engine to apply the VCDB values (from earlier VQE release vcdb.conf that was restored) to the new VQE configuration files under /etc (including vcdb.conf).

Step 1 When the CDE111/ CDE250 2V0 completes the final reboot, you are required to log in as root and change the password for root:

localhost.localdomain login: root
You are required to change your password immediately (root enforced)
 
You can now choose the new password or passphrase.
 
A valid password should be a mix of upper and lower case letters,
digits, and other characters. You can use an 8 character long
password with characters from at least 3 of these 4 classes, or
a 7 character long password containing characters from all the
classes. An upper case letter that begins the password and a
digit that ends it do not count towards the number of character
classes used.
 
A passphrase should be of at least 3 words, 12 to 40 characters
long and contain enough different characters.
 
 
Enter new password:
Re-type new password:
 

Step 2 Enter the new password for root.

Step 3 Set the password for the vqe user ID.


Note No passwords are copied over to the new set of installed files.


Step 4 Check the /var/log/vqe/vqe.log file to ensure that no significant errors occurred during the ISO full upgrade.

Step 5 If you made changes to earlier VQE Release /etc configuration parameters that are not now under the control of the VQE CMS, the ISO full upgrade does not preserve these changes in new VQE Release. It is possible for you to manually recreate the customized configurations in the new VQE Release /etc configuration files. However, making manual changes in this manner is not supported or recommended.

You can examine the /vqe-etc/etc-diff file to determine the /etc file parameters (beyond the control of the VQE CMS) that have been changed.


 

Supporting Software Hardening Guides and VQE

Customers who wish to apply the security recommendations published by SysAdmin, Audit, Network, Security Institute (SANS) or National Security Agency (NSA), as described in the documents referenced in the following sections, should be aware of some issues in using these recommendations that may affect the correct operation of the VQE-S.

The following sections describe the particular areas where customers should exercise care in following the security recommendations in these hardening guides:

Linux Security Checklist

Document: Linux Security Checklist, Version 2

Document URL:

http://www.sans.org/score/checklists/linuxchecklist.pdf

For the Linux operating system, the following are SANS requirements where it appears that if the user were to follow the specific recommendations of the guide it would likely break behavior that VQE implements.

  • Page 2, item 2: “System Patches”. Customers should obtain all system patches through Cisco support, and not directly from RedHat. Cisco will provide timely patches and notifications to customers to address security concerns that may arise within the components of the linux distribution.
  • Page 3, item 3: “Disabling Unnecessary Services”. All unnecessary services have been disabled on the shipped product. VQE customers should not normally need to disable any of the services that are enabled by default after the product is installed.
  • Page 3, item 5: “Default Password Policy”. The default password settings for the VQE-S are set in /etc/pam.d/system-auth-ac rather than in /etc/login.defs See 'man pam_passwdqc' for more information.
  • Page 7, item 13: “System Logging”. The VQE-S includes a modified version of syslogd, which is customized in order to support certain VQE-S functions. VQE customers must therefore not replace syslog with syslog-ng, as suggested in this item.
  • Page 11, item 20: “Selinux”. Selinux functionality is disabled on the VQE-S in its factory configuration, and it should not be enabled. Enabling the Selinux functions on the VQE-S may have unexpected consequences.

The 60 Minute Network Security Guide

The NSA’s The 60 Minute Network Security Guide has guidance relevant to the Apache web server and the VQE Server software.

Document: The 60 Minute Network Security Guide , Version 2.1

Document URL: http://www.nsa.gov/ia/_files/support/I33-011R-2006.pdf

If VQE customers follow instructions in the "Unix Web Servers" section of The 60 Minute Network Security Guide , it will not break the VQE web application system.

The following guidance applies to VQE Server software except for the Apache web server, which was discussed in the preceding paragraph.

  • Page 10 and 40: “Follow The Concept Of Least Privilege”. This section recommends reducing the privileges of common system utilities such as configuration tools and script interpreters. Some of these utilities may be used by the VQE-S software and their permissions should not be modified.
  • Page 35, item 2: “Services and Port”. All unnecessary services have been disabled on the shipped product. VQE customers should not normally need to disable any of the services that are enabled by default after the product is installed.
  • Page 36, item 2: “Permissions”. Some VQE-S services require SUID/SGID permissions. The permissions of these files, along with every other VQE-S related file, should not be modified.
  • Page 37, “Core Dumps”. The VQE-S stores crash related information in the core dump files. By removing the core file, valuable debugging information is discarded. Settings related to the creation and storage of core dumps should not be modified. Additionally, core dumps should only be removed after consultation with your Cisco Technical Support Contact.
  • Page 39, “Logs”. The VQE-S uses a customized version of syslogd in order to log VQE related messages. Using a remote host to log syslog messages from the VQE-S is not supported at this time.
  • Page 39, “Chroot Environment”. The VQE-S application requires a specific level of permissions and should not be set to run in a chroot environment.

Notices

The document Open Source Used in Visual Quality Experience 3.7 contains licenses and related license information for open-source software included in VQE, Releases 3.7. The document is located at the following URL:

http://www.cisco.com/en/US/products/ps7127/products_licensing_information_listing.html

If you have any questions or problems accessing the link, contact: spvtg-external-opensource-requests@cisco.com.

Related Documentation

Refer to the following documents for additional information about Cisco VQE and the Cisco CDE111/ CDE250 2V0 appliance:

  • Cisco CDA Visual Quality Experience Application User Guide, Release 3.7

http://www.cisco.com/en/US/docs/video/cds/cda/vqe/3_7/user/guide/vqe_guide3_7.html

  • Cisco CDA Visual Quality Experience Client System Configuration Guide

http://www.cisco.com/en/US/docs/video/cds/cda/vqe/vqec/configuration/guide/vqec_cnfg.html

  • Cisco CDA Visual Quality Experience Client System Command Reference Guide

http://www.cisco.com/en/US/docs/video/cds/cda/vqe/vqec/CLI_Guide/Book.html

  • Cisco Content Delivery Engine 110 Hardware Installation Guide

http://www.cisco.com/en/US/docs/video/cds/cde/cde110/installation/guide/cde110_install.html

  • Regulatory Compliance and Safety Information for the Cisco Content Delivery Engine 110

http://www.cisco.com/en/US/docs/video/cds/cde/regulatory/compliance/cde110_rcsi.pdf

  • Cisco Content Delivery Engine 205/220/250/420 Hardware Installation Guide

http://www.cisco.com/en/US/docs/video/cds/cde/cde205_220_420/installation/guide/cde205_220_420_hig.html

  • Regulatory Compliance and Safety Information for the Cisco Content Delivery Engines

http://www.cisco.com/en/US/docs/video/cds/cde/regulatory/compliance/CDE_RCSI.html

  • Open Source Used in Visual Quality Experience 3.7

http://www.cisco.com/en/US/products/ps7127/products_licensing_information_listing.html

The entire Content Delivery Systems documentation suite is available on Cisco.com at:

http://www.cisco.com/en/US/products/ps7191/Products_Sub_Category_Home.html

The VQE Client (VQE-C) documentation is included in the VQE-C software TAR file. If you are a registered Cisco.com user, the file can be downloaded from the following location:

http://tools.cisco.com/support/downloads/pub/Redirect.x?mdfid=280836689

Table 10 lists the VQE Client documentation that is provided.

Table 10 VQE Client Documentation

VQE-C Document
Description

VQE-C Release Notes

Provides release-specific information for VQE-C.

VQE-C System Integration Reference

Provides information on VQE-C components, architecture, integration, and APIs. Also includes a VQE-C quick-start guide.

Cisco CDA Visual Quality Experience Client System Configuration Guide *

Explains certain factors to consider when configuring and deploying VQE-C. Also provides reference information on the VQE-C configuration file parameters.

VQE-C CLI Command Reference

Provides reference information on the VQE-C command-line interface.

* This document is available only on Cisco.com. See the list of URLs preceding this table.

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation , which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.