Deploying Cisco Prime Network Registrar
Cisco Prime Network Registrar is a full featured, scalable Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), and Trivial File Transfer Protocol (TFTP) implementation for medium to large IP networks. It provides the key benefits of stabilizing the IP infrastructure and automating networking services, such as configuring clients and provisioning cable modems. This provides a foundation for policy-based networking. Service provider and enterprise users can better manage their networks to integrate with other network infrastructure software and business applications.
Related Topics
Target Users
Regional and Local Clusters
Deployment Scenarios
Configuration and Performance Guidelines
Interoperability with Earlier Releases
Target Users
Cisco Prime Network Registrar is designed for these users:
•Internet service providers (ISPs)—Helps ISPs drive the cost of operating networks that provide leased line, dialup, and DSL (Point-to-Point over Ethernet and DHCP) access to customers.
•Multiple service operators (MSOs)—Helps MSOs provide subscribers with Internet access using cable or wireless technologies. MSOs can benefit from services and tools providing reliable and manageable DHCP and DNS services that meet the Data Over Cable Service Interface Specification (DOCSIS). Cisco Prime Network Registrar provides policy-based, robust, and scalable DNS and DHCP services that form the basis for a complete cable modem provisioning system.
•Enterprises—Helps meet the needs of single- and multisite enterprises (small-to-large businesses) to administer and control network functions. Cisco Prime Network Registrar automates the tasks of assigning IP addresses and configuring the Transport Control Protocol/Internet Protocol (TCP/IP) software for individual network devices. Forward-looking enterprise users can benefit from class-of-service and other features that help integrate with new or existing network management applications, such as user registration.
Regional and Local Clusters
The regional cluster acts as an aggregate management system for up to a hundred local clusters. Address and server administrators interact at the regional and local clusters through the regional and local web-based user interfaces (web UIs), and local cluster administrators can continue to use the command line interface (CLI) at the local cluster. The regional cluster consists of a Central Configuration Management (CCM) server, Router Interface Configuration (RIC) server, Tomcat web server, servlet engine, and server agent (see the Chapter 1 "Cisco Prime Network Registrar Components"). The license management is now done at the regional cluster and hence the local server has to be registered to a regional server to avail the necessary services. See the Overview chapter of Cisco Prime Network Registrar 8.1 Installation Guide for more details.
Figure 4-1 Cisco Prime Network Registrar User Interfaces and Server Clusters
A typical deployment is one regional cluster at a customer network operation center (NOC), the central point of network operations for an organization. Each division of the organization includes a local address management server cluster responsible for managing a part of the network. The System Configuration Protocol (SCP) communicates the configuration changes between the servers.
The regional and local cluster can also manage a RIC server responsible for end point cable modem termination systems (CMTSs). (See the Chapter 11 "Managing Router Interface Configurations.")
Deployment Scenarios
The Cisco Prime Network Registrar regional cluster web UI provides a single point to manage any number of local clusters hosting DNS, CDNS, DHCP, or TFTP servers. The regional and local clusters also provide administrator management so that you can assign administrative roles to users logged in to the application.
This section describes two basic administrative scenarios and the hardware and software deployments for two different types of installations—a small-to-medium local area network (LAN), and a large-enterprise or service-provider network with three geographic locations.
Related Topics
Small-to-Medium-Size LANs
Large Enterprise and Service Provider Networks
Small-to-Medium-Size LANs
In this scenario, low-end Windows, Solaris, or Linux servers are acceptable. You can also use systems with EIDE disks, although we recommend you use Ultra-SCSI disks for dynamic DNS update. Figure 4-2 shows a configuration that would be adequate for this network.
Figure 4-2 Small-to-Medium LAN Configuration
Large Enterprise and Service Provider Networks
In a large enterprise or service provider network serving over 500,000 DHCP clients, use mid-range Sun, Windows, or Linux servers. Put DNS and DHCP servers on different systems. Figure 4-3 shows the hardware that would be adequate for this network.
When supporting geographically dispersed clients, locate DHCP servers at remote locations to avoid disrupting local services if wide-area connections fail. Install the Cisco Prime Network Registrar regional cluster to centrally manage the distributed clusters.
Figure 4-3 Large Enterprise or Service Provider Network Configuration
Configuration and Performance Guidelines
Cisco Prime Network Registrar is an integrated DHCP, DNS, and TFTP server cluster capable of running on a Windows, Solaris, or Linux workstation or server.
Because of the wide range of network topologies for which you can deploy Cisco Prime Network Registrar, you should first consider the following guidelines. These guidelines are very general and cover most cases. Specific or challenging implementations could require additional hardware or servers.
Related Topics
General Configuration Guidelines
Special Configuration Cases
General Configuration Guidelines
The following suggestions apply to most Cisco Prime Network Registrar deployments:
•Configure a separate DHCP server to run in remote segments of the wide area network (WAN).
Ensure that the DHCP client can consistently send a packet to the server in under a second. The DHCP protocol dictates that the client receive a response to a DHCPDISCOVER or DHCPREQUEST packet within four seconds of transmission. Many clients (notably early releases of the Microsoft DHCP stack) actually implement a two-second timeout.
•In large deployments, separate the secondary DHCP server from the primary DNS server used for dynamic DNS updates.
Because lease requests and dynamic DNS updates are persisted to disk, server performance is impacted when using a common disk system. So that the DNS server is not adversely affected, run it on a different cluster than the DHCP server.
•Include a time server in your configuration to deal with time differences between the local and regional clusters so that aggregated data at the regional server appears in a consistent way. See the "Polling Subnet Utilization and Lease History Data" section.
•Set DHCP lease times in policies to four to ten days.
To prevent leases from expiring when the DHCP client is turned off (overnight or over long weekends), set the DHCP lease time longer than the longest period of expected downtime, such as seven days. See the Chapter 23 "Managing Leases."
•Locate backup DNS servers on separate network segments.
DNS servers are redundant by nature. However, to minimize client impact during a network failure, ensure that primary and secondary DNS servers are on separate network segments.
•If there are high dynamic DNS update rates in the network, configure separate DNS servers for forward and reverse zones.
•Use NOTIFY/IXFR.
Secondary DNS servers can receive their data from the primary DNS server in two ways: through a full zone transfer (AXFR) or an incremental zone transfer (NOTIFY/IXFR, as described in RFCs 1995 and 1996). Use NOTIFY/IXFR in environments where the name space is relatively dynamic. This reduces the number of records transferred from the primary to the secondary server. See the "Enabling Incremental Zone Transfers (IXFR)" section.
Special Configuration Cases
The following suggestions apply to some special configurations:
•When using dynamic DNS updates for large deployments or very dynamic networks, divide primary and secondary DNS and DHCP servers across multiple clusters.
Dynamic DNS updates generate an additional load on all Cisco Prime Network Registrar servers as new DHCP lease requests trigger dynamic DNS updates to primary servers that update secondary servers through zone transfers.
•During network reconfiguration, set DHCP lease renewal times to a small value.
Do this several days before making changes in network infrastructure (such as to gateway router and DNS server addresses). A renewal time of eight hours ensures that all DHCP clients receive a changed DHCP option parameter within one working day. See the Chapter 23 "Managing Leases."
Interoperability with Earlier Releases
Table 4-1 shows the interoperability of Cisco Prime Network Registrar features on the regional CCM server with versions of the local cluster.
The following Red Hat (RH) Linux compatibility issues exist among Cisco Network Registrar and Cisco Prime Network Registrar releases:
•Release 6.1.x supports RH 7.3, RH ES 2.1, and RH ES 3.0:
–The linux download kit supports RH 7.3 and RH ES 2.1
–The linux3 download kit supports RH ES 3.0 for Release 6.1.2 and later
•Release 6.2.x supports RH ES 3.0 and RH ES 4.0:
–The linux3 download kit supports RH ES 3.0
–The linux4 download kit supports RH ES 4.0
•Release 6.3 and later supports RH ES 4.0 only.
•Release 7.1 RH ES 4.0 and RH ES 5.0.
•Release 7.2 supports RH ES 5.0 only.
•Release 8.0 RH ES 5.0 and RH ES 6.0.
•Release 8.1 RH ES 5.0 and RH ES 6.0.
Table 4-1 CCM Regional Feature Interoperability with Server Versions
|
|
|
|
|
|
|
Push and pull: Address space IPv6 address space Scope templates, policies, client-classes IPv6 prefix and link templates Zone data and templates Groups, owners, regions Resource records (RRs) Local cluster restoration Host administration Extended host administration Administrators and roles |
x x x x x x x x x x x |
x x x x x x x x x x x |
x x x x x x x x x x x |
x x x x x x x x x x x |
x x x x x x x x x x x |
Administrator: Single sign-on Password change |
x x |
x x |
x x |
x x |
x x |
IP history reporting: Lease history Detail lease history |
x x |
x x |
x x |
x x |
x x |
Utilization reporting: Subnet utilization history Subnet and scope utilization IPv6 prefix utilization |
x x x |
x x x |
x x x |
x x x |
x x x |
Note Cisco Prime Network Registrar 8.1 supports interoperability with Cisco Prime Network Registrar components from versions 7.0.x, 7.1.x, to 7.2.x. It does not support interoperability with the versions earlier than 7.0.x.