 Feedback
|
Table Of Contents
Release Notes for Cisco CDA Visual Quality Experience Application, Release 2.1
New and Changed Features and Functionality
VQE SDP Channel Information Compatibility
Changing the System Time Causes Unicast Retransmission Disruptions
Performing a Date and Time Change with NTP
Performing a Date and Time Change with the Linux date Command
Upgrading From VQE Release 2.0 to Release 2.1
Backing Up Files Before Upgrading
Making Cable Connections on the Cisco CDE110 That Hosts VQE-S or VCPT
Connecting Cables to the CDE110
Adjusting BIOS Settings and Installing the VQE Software
Migrating VQE Release 2.0 Configuration Files to VQE Release 2.1
Migrating Channel-related Files from VQE Release 2.0 to VQE Release 2.1
Creating VCPT Configuration Files for Release 2.1
Creating VQE-S and VQE-C Channel Configuration Files for Release 2.1
Supporting Software Hardening Guides and VQE
The 60 Minute Network Security Guide
GNU General Public License Information
Obtaining Documentation and Submitting a Service Request
Release Notes for Cisco CDA Visual Quality Experience Application, Release 2.1
Revised: August 26, OL-15567-01
CDC Date August 26, 2008Contents
These release notes contain the following sections:
•
"New and Changed Features and Functionality" section
•
•
•
•
•
•
Introduction
Cisco CDA Visual Quality Experience Application (VQE), Release 2.1, offers service providers a set of technologies and products associated with the delivery of IPTV video services. VQE is designed to improve the quality of IPTV services and subscribers' viewing experiences. VQE is part of a Cisco end-to-end solution that builds video awareness into the network infrastructure. For Release 2.1, VQE technology is intended for wireline operators who offer managed broadcast (multicast) IPTV services using xDSL.
Cisco Content Delivery Application (CDA) Visual Quality Experience Application, Release 2.1, includes these major software components:
•
•
These release notes cover VQE Server software and two related software components: VQE Channel Provisioning Tool (VCPT) and VQE Client Channel Configuration Delivery Server (VCDS).
For information on VQE Server, VQE Channel Provisioning Tool, and VQE Client Channel Configuration Delivery Server, see the Cisco CDA Visual Quality Experience Application User Guide, Release 2.1.
For information on VQE Client, see the documentation that is provided in the TAR file containing the VQE Client software.
New and Changed Features and Functionality
The enhancements for VQE Release 2.1 include the following:
•
•
•
•
•
For changed functionality, the VQE-S and VQE Tools software no longer includes the Quagga routing package (ospfd and zebra daemons).
With the removal of Quagga, VQE-S Release 2.1 does not contain any dynamic routing capability. Loss of the dynamic routing capability does not affect the basic operation of the VQE-S. It does, however, have the following implications:
•
•
On the VQE-S host, the Cisco VQE Startup Configuration Utility configures the required static routes when you provide it with the needed information (CDE110 interface names, IP addresses, and so forth). For information on the VQE Startup Configuration Utility and on configuring static routes, see the Cisco CDA Visual Quality Experience Application User Guide, Release 2.1.
System Requirements
VQE Server runs on one Content Delivery Engine 110 (CDE110) appliance. VQE Channel Provisioning Tool and VQE Client Channel Configuration Delivery Server run on a separate CDE110 appliance.
The Cisco CDE110 comes with the required software pre-installed—either VQE Server software or VQE Channel Provisioning Tool and VQE Client Channel Configuration Delivery Server software. In each case, the required Linux, Apache web server, and other software is also pre-installed.
To access the VQE-S Application Monitoring Tool (VQE-S AMT or AMT) or the VQE Channel Provisioning Tool, you need a web browser. For these tools, the following web browsers are supported:
•
•
The minimum screen resolution required for VQE-S AMT and VCPT is 1024 x 768 pixels.
To display the Channels Status Summary graph of active, inoperative, and inactive channels in the AMT VQE-S Status window, Adobe Flash Player must be installed on the computer that hosts the browser accessing AMT. Adobe Flash Player is free and can be found at this URL:
http://get.adobe.com/flashplayer/
Limitations and Restrictions
Cisco CDA Visual Quality Experience Application, Release 2.1, technology is intended for wireline operators who offer managed broadcast (multicast) IPTV services using xDSL.
See the following sections for other limitations and restrictions:
•
•
VQE SDP Channel Information Compatibility
Cisco VQE channel configuration information in Session Description Protocol (SDP) format is sent to VQE Servers and VQE Clients. VQE-S and VQE-C create channel configuration files from the information received. Table 1 lists the SDP channel configuration compatibility requirements for VQE Release 2.0 and 2.1.
Table 1 SDP Channel Information Compatibility Requirements
VQE 2.0 SDP
Yes
Yes
Yes *
Yes *
VQE 2.1 SDP
No
No
Yes
Yes
* VQE Channel Provisioning Tool (VCPT) opens and automatically converts Release 2.0 SDP to Release 2.1 SDP. In that sense, VQE 2.0 SDP is compatible with VQE-S 2.1 and VQE-C 2.1.
Note
For information on the migrating channel-related files, see the "Migrating Channel-related Files from VQE Release 2.0 to VQE Release 2.1" section.
Changing the System Time Causes Unicast Retransmission Disruptions
When the system time is changed on a VQE-S server that is actively repairing network errors, all Unicast Retransmissions will stop indefinitely, and output gaps will be seen on the VQE Clients.
•
•
For a VQE-S server that is actively repairing network errors, an explicit system time change (that is, by using the date command) will always result in the failure of Unicast Retransmission operations until corrective action is taken.
Workaround: Any time change performed on the VQE-S system should be done during a maintenance window. The procedures for changing the date and time vary depending on whether Network Time Protocol (NTP) or the Linux date command is used. See one of the following sections:
•
•
Note
Performing a Date and Time Change with NTP
When performing a date and time change with NTP, do the following:
Step 1
Step 2
[root@system]# service ntpd stopStep 3
[root@system]# /usr/bin/tzselectStep 4
date -s "date_time_string"
For example:
[root@system]# date -s "16:55:30 July 7, 2008"Step 5
[root@system]# ntpd -qIf the system clock is off by a lot, the command will take considerable time to return.
Step 6
[root@system]# service ntpd startStep 7
[root@system]# /sbin/hwclock --systohcStep 8
[root@system]# ntpq -pStep 9
[root@system]# init 6
Performing a Date and Time Change with the Linux date Command
When performing a time/date change with the Linux date command only, perform the following commands:
Step 1
Step 2
[root@system]# /usr/bin/tzselectStep 3
date -s "date_time_string"
For example:
[root@system]# date -s "16:55:30 July 7, 2008"Step 4
[root@system]# /sbin/hwclock --systohcStep 5
[root@system]# init 6
Open Caveats
VQE Release 2.1 contains the following open caveats:
CSCsk11985
SNMPSA will not operate without the IMB driver.
On rare occasions after an ISO image installation, SNMPSA (SNMP subagent) may fail to start because an IMB driver is not installed correctly. The following messages are displayed when you run the vqes_init_setup script:
SNMPSA: IMB driver is not started, possibly due to kernel version mismatch.SNMPSA: SNMPSA will not operate without the IMB driverWorkaround: Reboot the machine after seeing this error.
CSCsj70513
An "Invalid module format" error is thrown on ipmi/imb.ko.
The following errors are shown on the CDE110 system console and saved in first_boot_addon.log file during VQE-S installation first boot phase:
+ /usr/local/ism/driver/imbload startinsmod: error inserting '/usr/local/ism/driver/imb.ko': -1 Invalid module format/bin/mknod: missing operand after `0'Try `/bin/mknod --help' for more information.The error always occurs during the first boot phase of initial VQE-S install. The VQE-S installation patches the Linux kernel during first boot phase, and installs the Intel IPMI driver for the new kernel. The IPMI driver tries to load before the new kernel is loaded and causes the error messages shown on console and in first_boot_addon.log.
Workaround: No work around is required. The system will function correctly since the patched kernel will be used once the installation is complete and system is reloaded.
CSCsj95844
The ifup command produces a core dump of the arping process.
The ifup command used to activate an Ethernet interface executes a system utility named arping to do duplicate address detection on the network. In certain cases, the arping utility may stop unexpectedly while running an interface up or interface down operation. A message indicating that the duplicate address detection check has failed is displayed. However, the interface up operation will continue to run and apply configuration changes as expected. A second message to the console will indicate that arping has segfaulted. A core dump file of the arping process will be found in /var/core.
This failure can occur whenever an interface is started using the /sbin/ifup command and the VQE-S application is running.
Workaround: Retry the interface up operation by first issuing the interface down command /sbin/ifdown ethX. Then issue the interface up command /sbin/ifup ethX again.
CSCsi67816
Manual startup or restart of tomcat5 service daemon fails.
The symptom is that the VQE-S Application Management Tool (AMT) does not work and simple restarts of the tomcat5 service fail to clear the problem. The tomcat 5 service is required for the VQE-S AMT to operate.
In some conditions, an attempt to restart the tomcat5 service fails and leaves tomcat5 in an inoperable state even though the process itself may appear to be running. The root cause of the problem is not known. However, the issue only seems to occur when the tomcat5 service has been started, or restarted, from within a Linux shell environment that has been reached with the su command rather than through a direct login.
Workaround: Perform the following:
1.
ssh -l root vqes-system
2.
service tomcat5 restart
CSCsj53629
On initial CD/DVD installation, error messages are displayed on the system console.
The following error messages come from the CD/DVD drive during initial installation:
hda: packet command error: status=0x51 { DriveReady SeekComplete Error }hda: packet command error: error=0x54 { AbortedCommand LastFailedSense=0x05 }ide: failed opcode was: unknownhda: packet command error: status=0x51 { DriveReady SeekComplete Error }Workaround: No workaround is needed because these messages do not affect CD/DVD performance. Users can safely ignore them.
CSCs142168
A java exception is thrown at the console when tomcat is restarted.
If tomcat is currently not running and the command to restart tomcat is issued from the console, a java exception is thrown.
Workaround: No workaround is needed. The exception can be safely ignored.
CSCsl75266
In VCPT, a validation error is displayed when all fields have correct data.
When a channel is cloned and all data is updated so that it is unique, VCPT displays a validation error.
Workaround: When the error is displayed, position the cursor in the field that is highlighted as red. The validation error will be removed, and the Create button will be accessible.
CSCs177161
The error provided for a VQE-S misconfiguration is missing details about what is invalid in the configuration file.
When a newline is entered at the end of a string for a variable in the vqes.conf file, the invalid configuration error occurs.
Workaround: Remove the newline and ensure that any modifications to string variables in the vqes.conf file for do not have a newline in the string.
CSCs174806
In the Session Description Protocol (SDP) for a channel lineup, unsupported SDP lines are not ignored. The channel lineup is rejected.
If the following lines are included in the session layer section of the channel configuration:
u=...e=...p=...z=...k=...r=...The k=... line in the media section of the channel configuration file causes the channel lineup to be rejected.
Workaround: Correct the SDP file so that it includes only the SDP defined for the VQE applications.
CSCs165927
Static routes, which were configured in /etc/sysconfig/static-routes-iputil, are missing, and the VQE-S can no longer send repair packets or can no longer reach certain IP destination addresses.
This condition can occur when VQE-S interfaces are manually shutdown by the operator using the Linux ifdown ifname command and then manually brought back up using the Linux ifup ifname command. In cases where all of the next hop routers for a route configured in /etc/sysconfig/static-routes-iputil become unreachable due to interfaces being manually shut down in this manner, the corresponding routes will be removed from the routing table and will not be reinstalled even when one or more of the interfaces are brought back up.
Workaround: Instead of using the ifup ifname command to bring each of the interfaces up individually, bring them all back up at once using the command service network start command. This will bring up all interfaces that were shut down, and will also reinstall all of the routes contained in the file /etc/sysconfig/static-routes-iputil.
CSCsl65623
In a channel lineup where two different channels share the same multicast address (but different ports), one or both of the channels fail to receive data on the VQE-S, or only receive packets intermittently.
Multiple channels with the same multicast address but different RTP ports can be sent to VQE-S and will be accepted. This configuration causes errors within the Multicast Load Balancer, which in turn may cause one or both of the channels to fail to be received on the VQE-S.
Workaround: Change the channel configuration so that each channel uses a unique multicast address.
CSCsl27309
CD drive sense errors are displayed when rebooting the VQE-S.
These errors are displayed only on initial startup when the CD tray is open.
Workaround: This error can be safely ignored during startup. To prevent the errors from occurring, close the CD drive tray before powering on the server.
Resolved Caveats
These caveats have been resolved in VQE Release 2.1.
CSCsj40019
Adding channels causes intermittent Error Repair loss.
When new channel lineups are sent to a VQE Server, temporary loss of Error Repair can occur for several seconds depending on the number of changes in the new channel lineup from the existing one on the VQE-S server.
CSCsk12402
The SDP Parser does not perform syntax checks or checks for mandatory elements.
VQE-S may fail to perform syntax checks and checks for mandatory elements in the SDP data describing a channel. In cases where the syntax of the SDP data is incorrect, or where mandatory elements are missing from the SDP, the parser may incorrectly accept the channel description as valid and attempt to operate on it, with undefined results.
CSCsk19357
VQE-S may generate syslog error messages when no error has occurred.
VQE-S may generate a syslog error message when, in fact, no error has occurred and the system is behaving as expected. The syslog message contains the text CP channel handle not match DP's from upcall event:channel.
CSCsk19624
Cache Manager rejects a channel with too little bandwidth configured.
When a channel is configured with less than approximately 1500Kbps of aggregate bandwidth, the Cache Manager may fail to properly create the channel, causing the channel to remain inoperative. The channel will be shown with a "red" status in the "Channels" summary screen of the VQE-S Application Monitoring Tool and VQE-S will fail to perform error repair for that channel.
Important Notes
For security reasons, the following restrictions apply to VQE.
•
•
If you want to add user accounts to the wheel group so that additional users can use su and sudo, log in as root and issue the following command:
usermod -G wheel username
In the preceding, username specifies the user who will be added to the wheel group.
Upgrading From VQE Release 2.0 to Release 2.1
To upgrade from VQE Release 2.0 to Release 2.1 requires that you perform an ISO installation of the VQE Release 2.1 software on the Cisco CDE110 that hosts VQE-S and on the CDE110 that hosts the VQE Tools (VCPT and VCDS).
The software for Cisco VQE Release 2.1, Redhat Linux, Apache web server, and other required facilities is distributed on two CDs. One CD is for VQE-S, and one CD is for VQE Tools.
Read each of the following sections, in the order shown, when performing the upgrade from VQE Release 2.0 to Release 2.1:
1.
2.
3.
4.
5.
Backing Up Files Before Upgrading
Caution
Before upgrading the software on a CDE110, be sure to backup all needed files to a safe location (for example, on a server separate from the CDE110s being upgraded) if you intend to use that data to configure the upgraded CDE110.
If you want to replicate any user-customized configuration that was used for VQE Release 2.0 on the CDE110 that hosts VQE-S or on the CDE110 that hosts VCPT and VCDS, you must back up the files shown in the following tables.
•
•
Note
If additional functions are enabled on the CDE110, there may be additional files not listed in these tables that need to be backed up.
Table 2 VQE-S CDE110: Files That Must Be Backed Up
/etc/hosts
--
/etc/ntp.conf
If additional Network Time Protocol configuration has been enabled, files in other locations may need to be backed up.
/etc/resolv.conf
--
/etc/sysconfig/network
--
/etc/sysconfig/network-scripts/ifcfg-eth#
There are four of these files, where # is the number of the Ethernet interface. For example: ifcfg-eth1
/etc/sysconfig/network-scripts/route-eth#
There are four of these files, where # is the number of the Ethernet interface. For example: route-eth1
/etc/opt/vqes/vqes.conf
VQE-S configuration file
/etc/opt/vqes
There may be additional backup or alternate files in the vqes directory (or another location) that you want available on the upgraded CDE110.
/etc/opt/vqes/vqe_channels.cfg
VQE-S channel configuration file. This Release 2.0 file is for reference only; it is not usable on the upgraded CDE110. See "Migrating Channel-related Files from VQE Release 2.0 to VQE Release 2.1" section.
/etc/opt/vqes/vqes_syslog.conf
VQE-S syslog configuration file
/usr/share/tomcat5/webapps/ems/WEB-INF/vqe.conf
VQE-S AMT configuration file with XML-RPC port numbers for management servers
/usr/share/tomcat5/webapps/ems/WEB-INF/classes/log4j.properties
VQE-S AMT log4j logging configuration file
Table 3 VCPT and VCDS CDE110: Files That Must Be Backed Up
/etc/hosts
--
/etc/ntp.conf
If additional Network Time Protocol configuration has been enabled, files in other locations may need to be backed up.
/etc/resolv.conf
--
/etc/sysconfig/network
--
/etc/sysconfig/network-scripts/ifcfg-eth#
There are four of these files, where # is the number of the Ethernet interface. For example: ifcfg-eth1
/etc/sysconfig/network-scripts/route-eth#
There are four of these files, where # is the number of the Ethernet interface. For example: route-eth1
VCPT configuration files in /etc/opt/vcpt/data
VCPT configuration files are in this directory. Filenames are user-defined and vary.
/etc/opt/vqes
There may be additional backup or alternate files in the vqes directory (or another location) that you want available on the upgraded CDE110.
/etc/opt/vqes/VCDServer.cfg
VCDS configuration file
/etc/opt/vqes/vqec_channels.cfg
VQE-C channel configuration file. This Release 2.0 file is for reference only; it is not usable on the upgraded CDE110. See "Migrating Channel-related Files from VQE Release 2.0 to VQE Release 2.1" section.
/usr/share/tomcat5/webapps/vcpt/WEB-INF/classes/log4j.properties
VCPT log4j logging configuration file
For information on migrating configuration files from VQE Release 2.0 to Release 2.1, see the "Migrating VQE Release 2.0 Configuration Files to VQE Release 2.1" section.
For information on migrating channel-related files from VQE Release 2.0 to Release 2.1, see the "Migrating Channel-related Files from VQE Release 2.0 to VQE Release 2.1" section.
Making Cable Connections on the Cisco CDE110 That Hosts VQE-S or VCPT
Since this is an upgrade of a CDE110 that already hosts VQE-S or VCPT, the cable connections described in this section may already be made.
Connecting Cables to the CDE110
The following cable connections are used on the Cisco CDE110 that hosts VQE-S and on the CDE110 that hosts VCPT:
•
–
–
•
Note
–
–
Note
•
For the location of connectors on the Cisco CDE110 front and back panels, see the Cisco Content Delivery Engine 110 Hardware Installation Guide.
Adjusting BIOS Settings and Installing the VQE Software
Use the procedure in this section for upgrading from VQE Release 2.0 to Release 2.1.The procedure is used for the CDE110 that hosts VQE-S and for the CDE110 that hosts the VQE Tools.
Note
To adjust the BIOS settings and install the VQE software, follow these steps:
Step 1
•
•
•
•
•
Step 2
Step 3
Step 4
Changing the Boot Sequence to Start from the CD Drive
Step 5
Step 6
Figure 1 Boot Options Menu
Step 7
1.
2.
3.
4.
Note
To change the boot sequence, use the arrow keys to move to the boot option you will change (for example, Boot Option #1) and press Enter. Then use the arrow keys to move to the required boot device and press Enter.
The updated Boot Option is displayed.
Step 8
The Setup Confirmation message "Save Configuration Changes and exit now?" is displayed.
Step 9
The CDE110 restarts.
Loading the VQE Software
The system starts loading the VQE software from the CD.
The output displayed during the software installation varies depending on whether you are viewing a video monitor connected to the CDE110 video connector, or a PC connected to the CDE110 serial port. The output you see may be different from what is shown.
•
Loading device Drivers...Running anaconda ...Running pre-install scriptsRetrieving Installation information...Checking dependencies...Formatting / file system ...Transferring install image to hard drive...Starting install process. This may take several minutes...Installing Bootloader ......Sending termination signal ...•
The time for the VQE software to load is approximately 10 minutes.
Note
The system ejects the CD and then automatically reboots.
Step 10
The system starts again and displays many boot messages on the video monitor and through the serial port. The section below takes approximately four to five minutes to complete.
Installing additional VQE-S Packages ...After the additional packages are installed, the following is displayed on the video monitor:
Installing additional VQE-S packages ...VQE-S installation finished. Run prelink ...*****************************************************************************Installation is successful. Press enter on ttyS1 to halt the system ...*****************************************************************************After the additional packages are installed, the following is displayed on the serial port console connection:
Checking VQE-S binary checksums: [ OK ]Checking required kernel parameters: [ OK ]Checking required file/dir ownership: [ OK ]+ ret=0+ set +xRemoving password for user root.passwd: Success*****************************************************************Installation is successful. Press enter to halt the system ...*****************************************************************Step 11
The following output is displayed:
INIT: INIT: Sending processes the TERM signalStopping HAL daemon: [ OK ]Stopping yum-updatesd: [ OK ]Stopping anacron: [ OK ]Stopping atd: [ OK ]Stopping cups: [ OK ]Shutting down console mouse services: [ OK ]Stopping sshd: [ OK ]...Output omitted...ACPI: PCI interrupt for device 0000:09:00.1 disabledACPI: PCI interrupt for device 0000:09:00.0 disabledACPI: PCI interrupt for device 0000:06:00.1 disabledACPI: PCI interrupt for device 0000:06:00.0 disabledSystem halted.The system is halted but not powered off.
Step 12
Changing the Boot Sequence to Start from the Hard Drive and Performing First Boot Setup
To complete the software installation, the BIOS settings must be adjusted so that the boot sequence starts with the hard drive.
Step 13
Step 14
Step 15
Step 16
1.
2.
3.
4.
Note
To change the boot sequence, use the arrow keys to move to the boot option you will change (for example, Boot Option #1) and press Enter. Then use the arrow keys to move to the required boot device and press Enter.
The updated Boot Option is displayed.
Step 17
The Setup Confirmation message "Save Configuration Changes and exit now?" is displayed.
Step 18
The CDE110 restarts and the first normal boot of the system begins. Only partial output is shown in the following:
Press any key to continue.Press any key to enter the menuBooting Red Hat Enterprise Linux Server (2.6.18-8.1.15.el5PAE kdump) in 4 seconds...Booting Red Hat Enterprise Linux Server (2.6.18-8.1.15.el5PAE kdump) in 3 seconds......Output omitted...Starting anacron: [ OK ]Starting HAL daemon: [ OK ]Script started, file is ../log/wizard.logBacking up factory default configurations ...Done.After the system boots normally, the login prompt is displayed.
Step 19
Note
Step 20
Script started...Output omitted...Welcome to the Cisco VQE startup configuration utility. This utility is intended to facilitate the initial setup of the VQE system. ...For information on using the VQE startup configuration utility, see the "Getting Started Using the VQE Startup Configuration Utility" in Chapter 2 of the Cisco CDA Visual Quality Experience Application User Guide, Release 2.1.
For information on migrating VQE Release 2.0 configuration files to VQE Release 2.1, see the next section "Migrating VQE Release 2.0 Configuration Files to VQE Release 2.1" section.
Migrating VQE Release 2.0 Configuration Files to VQE Release 2.1
This section provides some guidance on how to use information in your VQE Release 2.0 configuration files in your VQE Release 2.1 configuration files.
Caution
Do not use a VQE Release 2.0 configuration file in place of a VQE Release 2.1 configuration file. In many cases, new configuration options have been added to the Release 2.1 files. Using a VQE Release 2.0 configuration file for VQE Release 2.1 may produce unpredictable and unwanted results.
In most cases, if you want to use some or all of your VQE Release 2.0 configuration in VQE Release 2.1, you will have to use a text editor to incorporate the Release 2.0 values into the Release 2.1 configuration files. You use the default Release 2.1 configuration file as the base file to start from and modify that file with the selected Release 2.0 values. You carefully examine each Release 2.1 configuration file and make changes only to those items where you want to replicate a Release 2.0 configuration value. When done, save the file in the appropriate directory on the CDE110 appliance.
Table 2 and Table 3 provide lists of VQE files that should have been saved prior to installing the VQE 2.1 software.
Note
Migrating Channel-related Files from VQE Release 2.0 to VQE Release 2.1
VQE can use three types of channel-related configuration files:
•
•
•
Note
Creating VCPT Configuration Files for Release 2.1
VCPT Release 2.1 is able to open and use valid VCPT 2.0 configuration files. When VCPT Release 2.1 opens a VCPT 2.0 configuration file, the fields for new Release 2.1 functionality items related to Forward Error Correction (FEC) are blank. When you save the Release 2.0 file, VCPT converts the files to the Release 2.1 format, updating the file so that any changed channel values (including those related to FEC) are saved.
Creating VQE-S and VQE-C Channel Configuration Files for Release 2.1
Release 2.0 channel configuration files for VQE-S and VQE-C are not usable with the Release 2.1 version of VQE-S and VQE-C.
Regardless of the channel-provisioning system that was used for VQE 2.0, the easiest way to create a valid Release 2.1 channel configuration file for VQE-S and VQE-C is to open the channel-provisioning system file and send the channel information to the Release 2.1 VQE Servers and to VQE Client Channel Configuration Delivery Servers (VCDS). For example with VCPT, create a VCPT Release 2.1 configuration file for the channel lineup as described in the previous section "Creating VCPT Configuration Files for Release 2.1" and with that file opened, use VCPT to send the channel information to the VQE Servers and to VCDS.
When VQE-S and VCDS receive the channel information, VQE-S and VCDS use it to create valid Release 2.1 channel configuration files for VQE-S or VQE-C, respectively.
Supporting Software Hardening Guides and VQE
Customers who wish to apply the security recommendations published by SysAdmin, Audit, Network, Security Institute (SANS) or National Security Agency (NSA), as described in the documents referenced in the following sections, should be aware of some issues in using these recommendations that may affect the correct operation of the VQE-S.
The following sections describe the particular areas where customers should exercise care in following the security recommendations in these hardening guides:
•
Linux Security Checklist
Document: Linux Security Checklist, Version 2
Document URL:
http://www.sans.org/score/checklists/linuxchecklist.pdf
For the Linux operating system, the following are SANS requirements where it appears that if the user were to follow the specific recommendations of the guide it would likely break behavior that VQE implements.
•
•
•
•
•
The 60 Minute Network Security Guide
The NSA's The 60 Minute Network Security Guide has guidance relevant to the Apache web server and the VQE Server software.
Document: The 60 Minute Network Security Guide, Version 2.1
Document URL: http://www.nsa.gov/ia/_files/support/I33-011R-2006.pdf
If VQE customers follow instructions in the "Unix Web Servers" section of The 60 Minute Network Security Guide, it will not break the VQE web application system.
The following guidance applies to VQE Server software except for the Apache web server, which was discussed in the preceding paragraph.
•
•
•
•
•
•
Notices
The following notices pertain to this software license.
OpenSSL/Open SSL Project
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).
This product includes software written by Tim Hudson (tjh@cryptsoft.com).
License Issues
The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually both licenses are BSD-style Open Source licenses. In case of any license issues related to OpenSSL please contact openssl-core@openssl.org.
OpenSSL License:
Copyright © 1998-2007 The OpenSSL Project. All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
1.
2.
3.
4.
5.
6.
"This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)".
THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT "AS IS"' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com).
Original SSLeay License:
Copyright © 1995-1998 Eric Young (eay@cryptsoft.com). All rights reserved.
This package is an SSL implementation written by Eric Young (eay@cryptsoft.com).
The implementation was written so as to conform with Netscapes SSL.
This library is free for commercial and non-commercial use as long as the following conditions are adhered to. The following conditions apply to all code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson (tjh@cryptsoft.com).
Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library used. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
1.
2.
3.
"This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)".
The word `cryptographic' can be left out if the routines from the library being used are not cryptography-related.
4.
THIS SOFTWARE IS PROVIDED BY ERIC YOUNG "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
The license and distribution terms for any publicly available version or derivative of this code cannot be changed. i.e. this code cannot simply be copied and put under another distribution license [including the GNU Public License].
GNU General Public License Information
Cisco CDA Visual Quality Experience Application (VQE), Release 2.1, includes Cisco-modified software derived from the following packages that are licensed under version 2 of the GNU General Public License (GPLv2):
•
•
•
Cisco will make the source code of these modified packages available upon request, in accordance with the terms of the GPLv2 license. Interested parties may obtain the source code by making a written request to:
Cisco Legal Department
300 E. Tasman Drive,
San Jose, California 95134Please include the product name, version number, date of purchase, and specifics regarding the code you are requesting.
Related Documentation
Refer to the following documents for additional information about Cisco VQE and the Cisco CDE110 appliance:
•
http://www.cisco.com/en/US/docs/video/cds/cda/vqe/2_1/user/guide/vqe_guide2_1.html
•
http://www.cisco.com/en/US/docs/video/cds/cde/cde110/installation/guide/cde110_install.html
•
http://www.cisco.com/en/US/docs/video/cds/cde/regulatory/compliance/cde110_rcsi.pdf
The entire Content Delivery Systems documentation suite is available on Cisco.com at:
http://www.cisco.com/en/US/products/ps7191/Products_Sub_Category_Home.html
The VQE Client (VQE-C) documentation is included in the VQE-C software TAR file. If you are a registered Cisco.com user, the file can be downloaded from the following location:
http://www.cisco.com/public/sw-center/content-delivery/cda.shtml
Table 4 lists the VQE Client documentation that is provided.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
This document is to be used in conjunction with the documents listed in the "Related Documentation" section.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card, and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0910R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2007-2008 Cisco Systems, Inc. All rights reserved.
