Multi NetFlow Collector Installation and Configuration Guide - Installing the Cisco Multi NetFlow Collector [Cisco NetFlow Collection Engine]

Table Of Contents

Installing the Cisco Multi NetFlow Collector

Requirements

Supported Operating Systems and Platforms

Hardware Requirements

Browser Requirements

Preparing to Install Multi NetFlow Collector

Setting Up User Accounts

Setting Up Raw Disk Partitions for Informix

Allocating Disk Space

Solaris Platform

Linux Platform

Installing Multi NetFlow Collector

Installing Informix

Configuring the Database

Uninstalling Multi NetFlow Collector

Licensing

Installing the Cisco Multi NetFlow Collector

This chapter describes how to install the Cisco Multi NetFlow Collector (MNFC) application. It includes the following sections:

•Requirements

•Preparing to Install Multi NetFlow Collector

•Setting Up User Accounts

•Setting Up Raw Disk Partitions for Informix

•Installing Multi NetFlow Collector

•Installing Informix

•Configuring the Database

•Uninstalling Multi NetFlow Collector

•Licensing

Requirements

Cisco MNFC supports only Cisco NFC Release 6. It does not support previous NFC releases. Cisco MNFC and NFC must run on separate servers.The following sections describe requirements for Cisco Multi NetFlow Collector, Release 6.0.

Note The CPU, RAM, and disk space recommendations listed are minimum requirements. Your actual requirements are determined by your configuration and by the volume and uniqueness of NetFlow data that is received. Actual resource usage can vary greatly depending on these factors.

Supported Operating Systems and Platforms

Multi NetFlow Collector, Release 6.0 supports the following operating systems and platforms:

•Solaris 8, 9, or 10 on a midrange server, such as the Sun Fire V490 with Quad UltraSPARC IV 1.5 GHz processors.

•Red Hat Enterprise Linux 3.0, or 4.0 (ES and AS) on a midrange server, such as an IBM x346 with a single dual-core Intel Xeon 3.8 GHz processor.

Note To serve as the concentrator in a scalable NetFlow solution, the workstation should be dedicated to the Multi NetFlow Collector and should not be running other applications.

Hardware Requirements

The Multi NetFlow Collector, Release 6.0 has the following hardware requirements:

•Minimum of 16 GB RAM, 10K SCSI, dual 70 GB disk, and dual processor on an midrange-level server.

Browser Requirements

The Multi NetFlow Collector, Release 6.0 web-based user interface is compatible with Microsoft Internet Explorer 6 and Mozilla Firefox 1.5 or greater on Windows or UNIX. The web-based UI requires that the browser support a Java virtual machine (JVM) to run applets.

Note The Sun JVM must be used; the JVM version must be 1.5 or higher. You can download Sun JVM 1.5 from the website http://java.sun.com/javase/downloads/index.jsp.

Preparing to Install Multi NetFlow Collector

To install the Multi NetFlow Collector, Release 6.0, you must complete the following:

•Set up nfcuser and informix user accounts

•Prepare raw disk partitions for MNFC's database

•Install the Cisco NetFlow Network Concentrator (CSCOmnfc) package

•Install Informix Dynamic Server (IDS)

•Configure the Informix Dynamic Server

•Set up the MNFC license

These tasks are described in the following sections.

Setting Up User Accounts

To create accounts for the MNFC user and for the IDS administrator, do the following:

Step 1 Verify that the group informix exists in /etc/group. Enter:

niscat group.org_dir

If the group exists, note its group id. If it does not exist, create it using the command groupadd.

Step 2 Verify that the user name informix exists in /etc/passwd. Run id informix to verify that the informix user exists.

If the user name informix does not exist, create both the user and group using the command useradd. Enter:

useradd -u 744 -d /opt/informix_home -s /bin/sh informix

If the informix user exists but is not found in /etc/group, enter the following:

useradd -u 744 -g informix -d /opt/informx_home -s /bin/sh informix

See the following example:

useradd -u 744 -d /opt/informix_home -s /bin/sh informix
mkdir /opt/informix_home
chown informix:informix /opt/informix_home
passwd informix

Setting Up Raw Disk Partitions for Informix

For optimal work with database we have to give it raw disk partitions so that RDBMS server will work using its own IO stacks bypassing the file system.

Following is outline of the procedure to prepare raw disk partitions.

Allocating Disk Space

Cisco recommend that the minimal number of hard disk drives required for running MNFC is two, the boot, OS, and file system partitions should be allocated on one disk drive, while other disk drives should be used as raw disks for the database.

Solaris Platform

On a Solaris platform, use the command format to view disk space allocation. Below is an example:
nfc-ott1# format
Searching for disks...done
AVAILABLE DISK SELECTIONS:
       0. c0t0d0 <SUN18G cyl 7506 alt 2 hd 19 sec 248>
          /pci@1f,4000/scsi@3/sd@0,0
       1. c0t1d0 <SUN36G cyl 24620 alt 2 hd 27 sec 107>
          /pci@1f,4000/scsi@3/sd@1,0
Specify disk (enter its number): 1
selecting c0t1d0
[disk formatted]
...............................
partition> p
Current partition table (original):
Total disk cylinders available: 24620 + 2 (reserved cylinders)
Part      Tag    Flag     Cylinders         Size            Blocks
  0       root    wm       0 -     0        1.41MB    (1/0/0)         2889
  1 unassigned    wu       1 - 12309       16.96GB    (12309/0/0) 35560701
  2 unassigned    wu   12310 - 24618       16.96GB    (12309/0/0) 35560701
  3     backup    wm       0 - 24619       33.92GB    (24620/0/0) 71127180
  4 unassigned    wm       0                0         (0/0/0)            0
  5 unassigned    wm       0                0         (0/0/0)            0
  6 unassigned    wm       0                0         (0/0/0)            0
  7 unassigned    wm       0                0         (0/0/0)            0
The following is an example of the raw partitions created for disk c0t1d0:
# ls -l /dev/rdsk/c0t1d0s[12]
lrwxrwxrwx   1 root     root          45 Apr 21 12:11 /dev/rdsk/c0t1d0s1 -> 
../../devices/pci@1f,4000/scsi@3/sd@1,0:b,raw
lrwxrwxrwx   1 root     root          45 Apr 21 12:11 /dev/rdsk/c0t1d0s2 -> 
../../devices/pci@1f,4000/scsi@3/sd@1,0:c,raw
To create symbolic links in /dev to /dev/rdsk, for the example above enter the following:

ln -s /dev/rdsk/c0t1d0s1 /dev/raw_dev1
ln -s /dev/rdsk/c0t1d0s2 /dev/raw_dev2
Step 3 Verify the symbolic links by entering the following:

# ls -l /dev/raw_dev?
For this example, the following is displayed:
lrwxrwxrwx 1 root oldother 18 Oct 12 16:02 /dev/raw_dev1 -> /dev/rdsk/c0t1d0s1
lrwxrwxrwx 1 root oldother 18 Oct 12 16:02 /dev/raw_dev2 -> /dev/rdsk/c0t1d0s2
Warning For MNFC database installation, the symbolic link in /dev must contain raw.
Set ownership of block devices to Informix and chmod to 66. See the following example:
# ls -l /devices/pci@1f,4000/scsi@3/sd@1,0:?,raw
crw-r-----   1 root     sys       32,496 Apr 21 12:11 
/devices/pci@1f,4000/scsi@3/sd@1,0:a,raw
crw-rw----   1 informix informix  32,497 Apr 21 12:11 
/devices/pci@1f,4000/scsi@3/sd@1,0:b,raw
crw-rw----   1 informix informix  32,498 Apr 21 12:11 
/devices/pci@1f,4000/scsi@3/sd@1,0:c,raw
crw-r-----   1 root     sys       32,499 Apr 21 12:11 
/devices/pci@1f,4000/scsi@3/sd@1,0:d,raw
crw-r-----   1 root     sys       32,500 Apr 21 12:11 
/devices/pci@1f,4000/scsi@3/sd@1,0:e,raw
crw-r-----   1 root     sys       32,501 Apr 21 12:11 
/devices/pci@1f,4000/scsi@3/sd@1,0:f,raw
crw-r-----   1 root     sys       32,502 Apr 21 12:11 
/devices/pci@1f,4000/scsi@3/sd@1,0:g,raw
crw-r-----   1 root     sys       32,503 Apr 21 12:11 
/devices/pci@1f,4000/scsi@3/sd@1,0:h,raw
Linux Platform

On a Linux platform, use the command fdisk to view disk space allocation. Below is an example for disk sdb and partitions sdb[1,3]:
:# fdisk /dev/sdb
...........
Disk /dev/sdb: 73.4 GB, 73407820800 bytes
255 heads, 63 sectors/track, 8924 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
   Device Boot    Start       End    Blocks   Id  System
/dev/sdb1             2      1724  13839997+  83  Linux
/dev/sdb2             1         1      8032   83  Linux
/dev/sdb3          1725      8924  57834000   83  Linux
To define raw devices, use the raw utility. Refer to man raw if you need details on using the utility. For example:

raw /dev/raw/raw1 /dev/sdb1

raw /dev/raw/raw3 /dev/sdb3

To verify the creation of the raw device, enter:

more /etc/sysconfig/rawdevices

Below is an example:
# more /etc/sysconfig/rawdevices
To list the raw device, enter:

ls -l /dev/raw/raw?

Below is an example:
# raw device bindings
# format:  <rawdev> <major> <minor>
#          <rawdev> <blockdev>
# example: /dev/raw/raw1 /dev/sda1
#          /dev/raw/raw2 8 5
/dev/raw/raw1 /dev/sdb1
/dev/raw/raw3 /dev/sdb3
Warning In /etc/sysconfig/rawdevices, use <rawdev> <blockdev> format because it contains word raw. For example, /dev/raw/raw1 /dev/sdb1.

Set ownership of block devices to Informix and chmod to 66. See the following example:
# ls -l /dev/raw/raw?
crw-rw----    1 informix informix 162,   1 Jun 24  2004 /dev/raw/raw1
crw-rw----    1 root     disk     162,   2 Jun 24  2004 /dev/raw/raw2
crw-rw----    1 informix informix 162,   3 Jun 24  2004 /dev/raw/raw3
crw-rw----    1 root     disk     162,   4 Jun 24  2004 /dev/raw/raw4
crw-rw----    1 root     disk     162,   5 Jun 24  2004 /dev/raw/raw5
crw-rw----    1 root     disk     162,   6 Jun 24  2004 /dev/raw/raw6
crw-rw----    1 root     disk     162,   7 Jun 24  2004 /dev/raw/raw7
crw-rw----    1 root     disk     162,   8 Jun 24  2004 /dev/raw/raw8
Installing Multi NetFlow Collector

The Multi NetFlow Collector, Release 6.0 is distributed on DVD. When installing from the DVD do the following:

Step 1 Log into the host as root.

Step 2 Insert the DVD in to the drive.

Step 3 Navigate to the CSCOmnfc-6.0.0-31-standard directory using cd.

Step 4 Run MNFC_setup.sh. The image is installed to /opt/CSCOmnfc.

Step 5 When prompted, specify the following:

•The OS user id to own the $MNFC_DIR subdirectory and to run the MNFC server.

•The version of JRE to be used for MNFC server if more than one version is available.

•Whether you want the MNFC application to start up when the server host is rebooted.

The following is a sample transcript:
# ./MNFC_setup.sh
Using software package /opt/packages/CSCOmnfc-6.0.0-31-standard/./CSCOmnfc.zip.
********************************************************************
Cisco Multi NetFlow Collector 6.0.0 [standard image, build 31]
Copyright (c) 2006-2007 by Cisco Systems, Inc.
All rights reserved.
This product contains cryptographic features and is subject to
United States and local country laws governing import, export,
transfer and use. Delivery of Cisco cryptographic products does
not imply third-party authority to import, export, distribute
or use encryption. Importers, exporters, distributors and users
are responsible for compliance with U.S. and local country laws.
By using this product you agree to comply with applicable laws
and regulations. If you are unable to comply with U.S. and local
laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be
found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email
to export@cisco.com.
********************************************************************
Press Return to continue...
An existing userid must be selected as the owner of files and processes.
Enter userid: nfcuser
This will be installed and run with user id nfcuser; group id is nfcuser.
Installing new package...
Installing Java from jdk-1_5_0_10-linux-i586.bin...
Web UI login name: [nfcuser]
Web UI password for nfcuser:
Enter value again to confirm:
Setting file ownership...
Updating platform config...
Would you like to start this when the system initializes? (y/n) y
CSCOmnfc will be started automatically when the system initializes.
Installation of Cisco Multi NetFlow Collector 6.0.0 [standard image, build 31]
is complete.  Informix should now be installed and configured
as described in the product User's Guide.
Note: In order to use this product, you must first obtain a license
from Cisco at http://www.cisco.com/go/license and copy
it to /opt/CSCOmnfc/config/mnfc.lic
#
Step 6 Update time zone data in the Java Runtime Environment (JRE) packaged with NFC with the latest time zone data available. See Appendix B, "Updating JRE Time Zone Data" for details.

Installing Informix

You must install the Informix Dynamic Serve if the MNFC server does not have IDS 9.40. Do the following:

Step 1 Log into the host as root.

Step 2 Obtain Kernel parameters and operating system patches.

Obtain the MachineNote from IBM for the IDS 9.40 pack that will be used. Verify and update if needed the patches and kernel parameters as recommended by the MachineNote.

Step 3 Insert Disk 2 in to the CDROM drive.

Step 4 Navigate to the Linux or SunOS directory using cd.

Step 5 From the current directory, run the script ids_install.

The script ids_install can be executed interactively; for MNFC the only needed component is IDS itself, so the script can be executed in straight silent mode. For example:
      INFORMIXDIR=/opt/informix
      export INFORMIXDIR
      ./ids_install IDS 
Configuring the Database
Note The script bin/configuredb.sh is designed to be executed at install time. If you execute the script after MNFC is in use, then configuration entities such as Aggregators, Summarizations, and Correlators must be discarded and recreated and the MNFC server restarted.

Step 1 As root, run /opt/CSCOmnfc/bin/configuredb.sh.

For efficiency and performance reasons, MNFC works with application data (NetFlow records and derived or correlated tables) stored in Informix tables fragmented into 24, or 48, or 96, etc. extents depending on available space. See the supported disk fragmentation profiles in Appendix B and the Records Retention and Data Latency in Primary Table section of the Cisco Multi NetFlow Collector User Guide.

The availability of disk fragmentation options for a particular server configuration is determined by the allocated disk size, that is the total space estimated as available on Informix raw disk partitions. If multiple choices exist you can pick the fragmentation option manually.

In addition, you must:

•Specify which valid user account MNFC can use internally in its built-in scheduler

•Confirm the choices

The following is a sample transcript:
[root@IBM346 bin]$ ./configuredb.sh 
Acquiring info on disk partitions...
Planning allocation of dbspaces...
The following disk fragmentation profiles are available
 based on available raw partitions space total of 214957669 
 (less slices allow for greater capacity, more slices allow for longer retention.
  Please refer to MNFC Performance and Sizing Guide for details).
     SMALL profile: number of slices =  24
    MEDIUM profile: number of slices =  48
     LARGE profile: number of slices =  96
Number of slices: [96] 48
Planning allocation of dbspaces...
System account for quartz DB access: nfcuser
Account password for nfcuser: 
Enter value again to confirm: 
Configuring the following values:
Storage for Rootdbs device/path:     /dev/raw/raw2
Rootdbs size (kb):                   23884000
System account for quartz DB access: nfcuser
Password for quartz DB access:       *******
Number of DB slices:                 48
Proceed? [yes] 
Configuring database using MEDIUM profile...
Updating /opt/informix/etc/onconfig.nfc...
Updating /opt/informix/etc/sqlhosts...
Updating /opt/CSCOmnfc/config/quartz.properties...
Updating /opt/CSCOmnfc/config/nfcdb.xml...
Finished updating files, starting Informix ...
Checking status ...
Executing DBSpace creation...
Creating dbspace 1 on /dev/raw/raw1
Verifying physical disk space, please wait ...
Space successfully added.
** WARNING **  A level 0 archive of Root DBSpace will need to be done.
Creating dbspace 2 on /dev/raw/raw1
Verifying physical disk space, please wait ...
Space successfully added.
.................................................................................
Creating dbspace 48 on /dev/raw/raw1
Verifying physical disk space, please wait ...
Space successfully added.
** WARNING **  A level 0 archive of Root DBSpace will need to be done.
Checking DBSpace count...
Creating NFC_DB instance...
Creating NFC DB and tables.
Database created.
.................................................................................
Database closed.
Creating metadata.
Shutting down Informix...
DB Configuration is complete.
[root@IBM346 bin]$ 
For more information on database configuration profiles and the number of allocated dbspaces, refer to Appendix B of the Cisco Multi NetFlow Collector User Guide.

Uninstalling Multi NetFlow Collector

To uninstall the Multi NetFlow Collector, do the following:

Step 1 Shut down the MNFC system by entering cscomnfc stop.

Step 2 Execute the command uninstall.sh outside of the $MNFC_DIR subtree. The subtree $MNFC_DIR will be removed.

Licensing

A license file is required for each host running Multi NetFlow Collector Release 6. The license is specific to the IP address of the host. You can obtaina permanent license at http://www.cisco.com/go/license.

You must have the IP address of the host on which Multi NetFlow Collector will run. To obtain a permanent license, you must also have the PAK you received after purchasing NetFlow Collector. After you enter the information, a license file is emailed to you. Copy the license file or its contents with no alterations to /opt/CSCOmnfc/config/mnfc.lic.

The first line of the license file contains either the demo expiration date or the word permanent for a permanent license, and the IP address of the host to which Multi NetFlow Collector is licensed.

If the host running Multi NetFlow Collector has more than one network card and IP address, specify the IP address associated with the hostname when licensing the product.

Note By default, Red Hat Enterprise Linux associates the system hostname with the loopback address 127.0.0.1 in /etc/hosts. However, for licensing to work, the hostname must be associated with the host's IP address. Edit /etc/hosts, remove the hostname from the loopback address entry, and add an entry for the licensed IP address.

The file /etc/nsswitch.conf is normally configured so that hostname lookups are first obtained from files (/etc/hosts).

	Multi NetFlow Collector Installation and Configuration Guide
	Installing the Cisco Multi NetFlow Collector
Multi NetFlow Collector Installation and Configuration Guide Entire book PDF file Updating JRE Time Zone Data About This Guide Overview Installing the Cisco Multi NetFlow Collector Starting and Stopping Cisco Multi NetFlow Collector Troubleshooting Index	Download this chapter Installing the Cisco Multi NetFlow Collector Table Of Contents Installing the Cisco Multi NetFlow Collector Requirements Supported Operating Systems and Platforms Hardware Requirements Browser Requirements Preparing to Install Multi NetFlow Collector Setting Up User Accounts Setting Up Raw Disk Partitions for Informix Allocating Disk Space Solaris Platform Linux Platform Installing Multi NetFlow Collector Installing Informix Configuring the Database Uninstalling Multi NetFlow Collector Licensing Installing the Cisco Multi NetFlow Collector This chapter describes how to install the Cisco Multi NetFlow Collector (MNFC) application. It includes the following sections: •Requirements •Preparing to Install Multi NetFlow Collector •Setting Up User Accounts •Setting Up Raw Disk Partitions for Informix •Installing Multi NetFlow Collector •Installing Informix •Configuring the Database •Uninstalling Multi NetFlow Collector •Licensing Requirements Cisco MNFC supports only Cisco NFC Release 6. It does not support previous NFC releases. Cisco MNFC and NFC must run on separate servers.The following sections describe requirements for Cisco Multi NetFlow Collector, Release 6.0. Note The CPU, RAM, and disk space recommendations listed are minimum requirements. Your actual requirements are determined by your configuration and by the volume and uniqueness of NetFlow data that is received. Actual resource usage can vary greatly depending on these factors. Supported Operating Systems and Platforms Multi NetFlow Collector, Release 6.0 supports the following operating systems and platforms: •Solaris 8, 9, or 10 on a midrange server, such as the Sun Fire V490 with Quad UltraSPARC IV 1.5 GHz processors. •Red Hat Enterprise Linux 3.0, or 4.0 (ES and AS) on a midrange server, such as an IBM x346 with a single dual-core Intel Xeon 3.8 GHz processor. Note To serve as the concentrator in a scalable NetFlow solution, the workstation should be dedicated to the Multi NetFlow Collector and should not be running other applications. Hardware Requirements The Multi NetFlow Collector, Release 6.0 has the following hardware requirements: •Minimum of 16 GB RAM, 10K SCSI, dual 70 GB disk, and dual processor on an midrange-level server. Browser Requirements The Multi NetFlow Collector, Release 6.0 web-based user interface is compatible with Microsoft Internet Explorer 6 and Mozilla Firefox 1.5 or greater on Windows or UNIX. The web-based UI requires that the browser support a Java virtual machine (JVM) to run applets. Note The Sun JVM must be used; the JVM version must be 1.5 or higher. You can download Sun JVM 1.5 from the website http://java.sun.com/javase/downloads/index.jsp. Preparing to Install Multi NetFlow Collector To install the Multi NetFlow Collector, Release 6.0, you must complete the following: •Set up nfcuser and informix user accounts •Prepare raw disk partitions for MNFC's database •Install the Cisco NetFlow Network Concentrator (CSCOmnfc) package •Install Informix Dynamic Server (IDS) •Configure the Informix Dynamic Server •Set up the MNFC license These tasks are described in the following sections. Setting Up User Accounts To create accounts for the MNFC user and for the IDS administrator, do the following: Step 1 Verify that the group informix exists in /etc/group. Enter: niscat group.org_dir If the group exists, note its group id. If it does not exist, create it using the command groupadd. Step 2 Verify that the user name informix exists in /etc/passwd. Run id informix to verify that the informix user exists. If the user name informix does not exist, create both the user and group using the command useradd. Enter: useradd -u 744 -d /opt/informix_home -s /bin/sh informix If the informix user exists but is not found in /etc/group, enter the following: useradd -u 744 -g informix -d /opt/informx_home -s /bin/sh informix See the following example: useradd -u 744 -d /opt/informix_home -s /bin/sh informix mkdir /opt/informix_home chown informix:informix /opt/informix_home passwd informix Setting Up Raw Disk Partitions for Informix For optimal work with database we have to give it raw disk partitions so that RDBMS server will work using its own IO stacks bypassing the file system. Following is outline of the procedure to prepare raw disk partitions. Allocating Disk Space Cisco recommend that the minimal number of hard disk drives required for running MNFC is two, the boot, OS, and file system partitions should be allocated on one disk drive, while other disk drives should be used as raw disks for the database. Solaris Platform On a Solaris platform, use the command format to view disk space allocation. Below is an example: nfc-ott1# format Searching for disks...done AVAILABLE DISK SELECTIONS: 0. c0t0d0 <SUN18G cyl 7506 alt 2 hd 19 sec 248> /pci@1f,4000/scsi@3/sd@0,0 1. c0t1d0 <SUN36G cyl 24620 alt 2 hd 27 sec 107> /pci@1f,4000/scsi@3/sd@1,0 Specify disk (enter its number): 1 selecting c0t1d0 [disk formatted] ............................... partition> p Current partition table (original): Total disk cylinders available: 24620 + 2 (reserved cylinders) Part Tag Flag Cylinders Size Blocks 0 root wm 0 - 0 1.41MB (1/0/0) 2889 1 unassigned wu 1 - 12309 16.96GB (12309/0/0) 35560701 2 unassigned wu 12310 - 24618 16.96GB (12309/0/0) 35560701 3 backup wm 0 - 24619 33.92GB (24620/0/0) 71127180 4 unassigned wm 0 0 (0/0/0) 0 5 unassigned wm 0 0 (0/0/0) 0 6 unassigned wm 0 0 (0/0/0) 0 7 unassigned wm 0 0 (0/0/0) 0 The following is an example of the raw partitions created for disk c0t1d0: # ls -l /dev/rdsk/c0t1d0s[12] lrwxrwxrwx 1 root root 45 Apr 21 12:11 /dev/rdsk/c0t1d0s1 -> ../../devices/pci@1f,4000/scsi@3/sd@1,0:b,raw lrwxrwxrwx 1 root root 45 Apr 21 12:11 /dev/rdsk/c0t1d0s2 -> ../../devices/pci@1f,4000/scsi@3/sd@1,0:c,raw To create symbolic links in /dev to /dev/rdsk, for the example above enter the following: ln -s /dev/rdsk/c0t1d0s1 /dev/raw_dev1 ln -s /dev/rdsk/c0t1d0s2 /dev/raw_dev2 Step 3 Verify the symbolic links by entering the following: # ls -l /dev/raw_dev? For this example, the following is displayed: lrwxrwxrwx 1 root oldother 18 Oct 12 16:02 /dev/raw_dev1 -> /dev/rdsk/c0t1d0s1 lrwxrwxrwx 1 root oldother 18 Oct 12 16:02 /dev/raw_dev2 -> /dev/rdsk/c0t1d0s2 Warning For MNFC database installation, the symbolic link in /dev must contain raw. Set ownership of block devices to Informix and chmod to 66. See the following example: # ls -l /devices/pci@1f,4000/scsi@3/sd@1,0:?,raw crw-r----- 1 root sys 32,496 Apr 21 12:11 /devices/pci@1f,4000/scsi@3/sd@1,0:a,raw crw-rw---- 1 informix informix 32,497 Apr 21 12:11 /devices/pci@1f,4000/scsi@3/sd@1,0:b,raw crw-rw---- 1 informix informix 32,498 Apr 21 12:11 /devices/pci@1f,4000/scsi@3/sd@1,0:c,raw crw-r----- 1 root sys 32,499 Apr 21 12:11 /devices/pci@1f,4000/scsi@3/sd@1,0:d,raw crw-r----- 1 root sys 32,500 Apr 21 12:11 /devices/pci@1f,4000/scsi@3/sd@1,0:e,raw crw-r----- 1 root sys 32,501 Apr 21 12:11 /devices/pci@1f,4000/scsi@3/sd@1,0:f,raw crw-r----- 1 root sys 32,502 Apr 21 12:11 /devices/pci@1f,4000/scsi@3/sd@1,0:g,raw crw-r----- 1 root sys 32,503 Apr 21 12:11 /devices/pci@1f,4000/scsi@3/sd@1,0:h,raw Linux Platform On a Linux platform, use the command fdisk to view disk space allocation. Below is an example for disk sdb and partitions sdb[1,3]: :# fdisk /dev/sdb ........... Disk /dev/sdb: 73.4 GB, 73407820800 bytes 255 heads, 63 sectors/track, 8924 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sdb1 2 1724 13839997+ 83 Linux /dev/sdb2 1 1 8032 83 Linux /dev/sdb3 1725 8924 57834000 83 Linux To define raw devices, use the raw utility. Refer to man raw if you need details on using the utility. For example: raw /dev/raw/raw1 /dev/sdb1 raw /dev/raw/raw3 /dev/sdb3 To verify the creation of the raw device, enter: more /etc/sysconfig/rawdevices Below is an example: # more /etc/sysconfig/rawdevices To list the raw device, enter: ls -l /dev/raw/raw? Below is an example: # raw device bindings # format: <rawdev> <major> <minor> # <rawdev> <blockdev> # example: /dev/raw/raw1 /dev/sda1 # /dev/raw/raw2 8 5 /dev/raw/raw1 /dev/sdb1 /dev/raw/raw3 /dev/sdb3 Warning In /etc/sysconfig/rawdevices, use <rawdev> <blockdev> format because it contains word raw. For example, /dev/raw/raw1 /dev/sdb1. Set ownership of block devices to Informix and chmod to 66. See the following example: # ls -l /dev/raw/raw? crw-rw---- 1 informix informix 162, 1 Jun 24 2004 /dev/raw/raw1 crw-rw---- 1 root disk 162, 2 Jun 24 2004 /dev/raw/raw2 crw-rw---- 1 informix informix 162, 3 Jun 24 2004 /dev/raw/raw3 crw-rw---- 1 root disk 162, 4 Jun 24 2004 /dev/raw/raw4 crw-rw---- 1 root disk 162, 5 Jun 24 2004 /dev/raw/raw5 crw-rw---- 1 root disk 162, 6 Jun 24 2004 /dev/raw/raw6 crw-rw---- 1 root disk 162, 7 Jun 24 2004 /dev/raw/raw7 crw-rw---- 1 root disk 162, 8 Jun 24 2004 /dev/raw/raw8 Installing Multi NetFlow Collector The Multi NetFlow Collector, Release 6.0 is distributed on DVD. When installing from the DVD do the following: Step 1 Log into the host as root. Step 2 Insert the DVD in to the drive. Step 3 Navigate to the CSCOmnfc-6.0.0-31-standard directory using cd. Step 4 Run MNFC_setup.sh. The image is installed to /opt/CSCOmnfc. Step 5 When prompted, specify the following: •The OS user id to own the $MNFC_DIR subdirectory and to run the MNFC server. •The version of JRE to be used for MNFC server if more than one version is available. •Whether you want the MNFC application to start up when the server host is rebooted. The following is a sample transcript: # ./MNFC_setup.sh Using software package /opt/packages/CSCOmnfc-6.0.0-31-standard/./CSCOmnfc.zip. ****************************************************************** Cisco Multi NetFlow Collector 6.0.0 [standard image, build 31] Copyright (c) 2006-2007 by Cisco Systems, Inc. All rights reserved. This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to export@cisco.com. **************************************************************** Press Return to continue... An existing userid must be selected as the owner of files and processes. Enter userid: nfcuser This will be installed and run with user id nfcuser; group id is nfcuser. Installing new package... Installing Java from jdk-1_5_0_10-linux-i586.bin... Web UI login name: [nfcuser] Web UI password for nfcuser: Enter value again to confirm: Setting file ownership... Updating platform config... Would you like to start this when the system initializes? (y/n) y CSCOmnfc will be started automatically when the system initializes. Installation of Cisco Multi NetFlow Collector 6.0.0 [standard image, build 31] is complete. Informix should now be installed and configured as described in the product User's Guide. Note: In order to use this product, you must first obtain a license from Cisco at http://www.cisco.com/go/license and copy it to /opt/CSCOmnfc/config/mnfc.lic # Step 6 Update time zone data in the Java Runtime Environment (JRE) packaged with NFC with the latest time zone data available. See Appendix B, "Updating JRE Time Zone Data" for details. Installing Informix You must install the Informix Dynamic Serve if the MNFC server does not have IDS 9.40. Do the following: Step 1 Log into the host as root. Step 2 Obtain Kernel parameters and operating system patches. Obtain the MachineNote from IBM for the IDS 9.40 pack that will be used. Verify and update if needed the patches and kernel parameters as recommended by the MachineNote. Step 3 Insert Disk 2 in to the CDROM drive. Step 4 Navigate to the Linux or SunOS directory using cd. Step 5 From the current directory, run the script ids_install. The script ids_install can be executed interactively; for MNFC the only needed component is IDS itself, so the script can be executed in straight silent mode. For example: INFORMIXDIR=/opt/informix export INFORMIXDIR ./ids_install IDS Configuring the Database Note The script bin/configuredb.sh is designed to be executed at install time. If you execute the script after MNFC is in use, then configuration entities such as Aggregators, Summarizations, and Correlators must be discarded and recreated and the MNFC server restarted. Step 1 As root, run /opt/CSCOmnfc/bin/configuredb.sh. For efficiency and performance reasons, MNFC works with application data (NetFlow records and derived or correlated tables) stored in Informix tables fragmented into 24, or 48, or 96, etc. extents depending on available space. See the supported disk fragmentation profiles in Appendix B and the Records Retention and Data Latency in Primary Table section of the Cisco Multi NetFlow Collector User Guide. The availability of disk fragmentation options for a particular server configuration is determined by the allocated disk size, that is the total space estimated as available on Informix raw disk partitions. If multiple choices exist you can pick the fragmentation option manually. In addition, you must: •Specify which valid user account MNFC can use internally in its built-in scheduler •Confirm the choices The following is a sample transcript: [root@IBM346 bin]$ ./configuredb.sh Acquiring info on disk partitions... Planning allocation of dbspaces... The following disk fragmentation profiles are available based on available raw partitions space total of 214957669 (less slices allow for greater capacity, more slices allow for longer retention. Please refer to MNFC Performance and Sizing Guide for details). SMALL profile: number of slices = 24 MEDIUM profile: number of slices = 48 LARGE profile: number of slices = 96 Number of slices: [96] 48 Planning allocation of dbspaces... System account for quartz DB access: nfcuser Account password for nfcuser: Enter value again to confirm: Configuring the following values: Storage for Rootdbs device/path: /dev/raw/raw2 Rootdbs size (kb): 23884000 System account for quartz DB access: nfcuser Password for quartz DB access: *** Number of DB slices: 48 Proceed? [yes] Configuring database using MEDIUM profile... Updating /opt/informix/etc/onconfig.nfc... Updating /opt/informix/etc/sqlhosts... Updating /opt/CSCOmnfc/config/quartz.properties... Updating /opt/CSCOmnfc/config/nfcdb.xml... Finished updating files, starting Informix ... Checking status ... Executing DBSpace creation... Creating dbspace 1 on /dev/raw/raw1 Verifying physical disk space, please wait ... Space successfully added. WARNING A level 0 archive of Root DBSpace will need to be done. Creating dbspace 2 on /dev/raw/raw1 Verifying physical disk space, please wait ... Space successfully added. ................................................................................. Creating dbspace 48 on /dev/raw/raw1 Verifying physical disk space, please wait ... Space successfully added. WARNING A level 0 archive of Root DBSpace will need to be done. Checking DBSpace count... Creating NFC_DB instance... Creating NFC DB and tables. Database created. ................................................................................. Database closed. Creating metadata. Shutting down Informix... DB Configuration is complete. [root@IBM346 bin]$ For more information on database configuration profiles and the number of allocated dbspaces, refer to Appendix B of the Cisco Multi NetFlow Collector User Guide. Uninstalling Multi NetFlow Collector To uninstall the Multi NetFlow Collector, do the following: Step 1 Shut down the MNFC system by entering cscomnfc stop. Step 2 Execute the command uninstall.sh outside of the $MNFC_DIR subtree. The subtree $MNFC_DIR will be removed. Licensing A license file is required for each host running Multi NetFlow Collector Release 6. The license is specific to the IP address of the host. You can obtaina permanent license at http://www.cisco.com/go/license. You must have the IP address of the host on which Multi NetFlow Collector will run. To obtain a permanent license, you must also have the PAK you received after purchasing NetFlow Collector. After you enter the information, a license file is emailed to you. Copy the license file or its contents with no alterations to /opt/CSCOmnfc/config/mnfc.lic. The first line of the license file contains either the demo expiration date or the word permanent for a permanent license, and the IP address of the host to which Multi NetFlow Collector is licensed. If the host running Multi NetFlow Collector has more than one network card and IP address, specify the IP address associated with the hostname when licensing the product. Note By default, Red Hat Enterprise Linux associates the system hostname with the loopback address 127.0.0.1 in /etc/hosts. However, for licensing to work, the hostname must be associated with the host's IP address. Edit /etc/hosts, remove the hostname from the loopback address entry, and add an entry for the licensed IP address. The file /etc/nsswitch.conf is normally configured so that hostname lookups are first obtained from files (/etc/hosts)**.
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks