cisco active network abstraction 3.6.7 installation guide · contents v cisco active network...

Cisco Active Network Abstraction 3.6.7 Installation GuideOctober 14, 2009

Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706 USAhttp://www.cisco.comTel: 408 526-4000

800 553-NETS (6387)Fax: 408 527-0883

Text Part Number: OL-19642-01

http://www.cisco.com

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco Pulse, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, and Flip Gift Card are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Fast Step, Follow Me Browsing, FormShare, GainMaker, GigaDrive, HomeLink, iLYNX, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0908R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

Cisco Active Network Abstraction 3.6.7 Installation Guide© 1999–2009 Cisco Systems, Inc. All rights reserved.

OL-19642-01

C O N T E N T S

Preface vii

Document Organization vii

Conventions viii

Related Documentation ix

Obtaining Documentation and Submitting a Service Request ix

C H A P T E R 1 Overview 1-1

Cisco ANA Architecture and Components 1-2

First Layer 1-2

Second Layer 1-3

Third Layer 1-4

C H A P T E R 2 Installation Prerequisites 2-1

Authenticating Users in Cisco ANA 2-1

LDAP External Authentication 2-2

Prerequisites for Using LDAP 2-2

Configuring the Windows Server 2003 Active Directory 2-2

Importing Users From the LDAP Server Into Cisco ANA 2-4

Emergency User 2-5

Hardware and Software Requirements 2-5

Cisco ANA Gateway 2-6

Cisco ANA Unit 2-7

Cisco ANA Client 2-9

Communications in Cisco ANA 2-9

Solaris Services and Components Used by Cisco ANA 2-10

Cisco ANA Server Ports 2-10

TCP and UDP Port Directions 2-12

Product Services Installed with Cisco ANA 2-13

Installation DVD 2-14

iiiCisco Active Network Abstraction 3.6.7 Installation Guide

Contents

C H A P T E R 3 Cisco ANA Installation Workflow 3-1

C H A P T E R 4 Creating and Configuring an Oracle Database 4-1

Before You Begin 4-1

Download Locations 4-2

Creating an Oracle Database 4-2

Disabling Database Features 4-4

Configuring Memory Settings 4-7

Archiving the Database 4-9

Changing XML DB Ports 4-13

Configuring the Database Size 4-13

Defining the Event History Log Size 4-14

Defining the Data Files in the Database 4-14

Recommended Disk Structure 4-15

Setting the open_cursors Parameter 4-15

Starting the Oracle Listener 4-16

Postinstallation Database Configuration 4-16

Maintaining the Database 4-16

Maintaining Archive Log File Disk Space 4-16

Adding Data Files to the Tablespace 4-17

C H A P T E R 5 Installing a Cisco ANA Gateway 5-1


Understanding the Cisco ANA Installation Prompts 5-2

Cisco ANA Gateway Installation Overview 5-3

Installing the Cisco ANA Gateway 5-3

Manually Updating the Gateway Java Version to 1.4.2_19 5-9

Launching the Gateway 5-10

Verifying the Cisco ANA Gateway Processes 5-10

Changes Resulting from the Installation 5-11

User sheer Created 5-11

The .cshrc File Modified for User sheer 5-12

Environment Variables Defined 5-13

Aliases Defined 5-13

Verifying the Cisco ANA Gateway Installation 5-13

Cisco ANA Database Configuration 5-14

Cisco ANA Version Information 5-14

Drools Rules Configuration 5-15

ivCisco Active Network Abstraction 3.6.7 Installation Guide

OL-19642-01

Contents

Web Server and Web Start Configuration 5-15

Graph Mechanism Configuration 5-16

Cisco ANA Configuration Directories 5-16

What’s Next? 5-17

C H A P T E R 6 Installing a Cisco ANA Unit 6-1

Cisco ANA Unit Installation Overview 6-2

Installing the Cisco ANA Unit 6-3

Manually Updating the Unit Java Version to 1.4.2_19 6-4

Adding the Unit to the Cisco ANA Platform 6-5

Launching the Unit 6-5

Verifying the Unit Processes 6-6

Configuring the Unit 6-6

Verifying the Cisco ANA Unit Installation 6-7

Cisco ANA Version Information 6-7

Key Directories and File Configuration 6-7

Registry Configuration 6-8

Golden Source Configuration 6-8

What’s Next? 6-8

C H A P T E R 7 Installing Clients 7-1

Using the Client Installation Wizard 7-1

Starting Clients 7-3

Upgrading Clients 7-3

Disabling the Automatic Client Update 7-3

C H A P T E R 8 Installing Cisco ANA 3.6.7 8-1


Installing the Cisco ANA 3.6.7 Software 8-2

Generating SSH Keys 8-5

Generating New SSH Keys on the Gateway and Units 8-5

Adding a Unit After Generating SSH Keys 8-7

Manually Adding a Unit and Updating SSH Keys 8-8

Uninstalling the Cisco ANA 3.6.7 Software 8-9

vCisco Active Network Abstraction 3.6.7 Installation Guide

OL-19642-01

Contents

C H A P T E R 9 Uninstalling Cisco ANA 9-1

Uninstalling the Cisco ANA Gateway System 9-1

Uninstalling a Cisco ANA Unit 9-2

Uninstalling the Client 9-2

C H A P T E R 10 Migrating to Cisco ANA 3.6 10-1

Overview of the Migration Process 10-1

Verifying that User sheer Belongs to dba Group and Has Oracle Group Access 10-1

Shutting Down System Processes and the Oracle Database 10-2

Shutting Down Cisco ANA System Processes 10-2

Shutting Down the Oracle Database 10-3

Verifying that the Processes Are Down 10-3

Backing Up the Oracle Database and Sheer Directory 10-3

Migrating to Cisco ANA 3.6 10-4

Restoring the Cisco ANA 3.5.x Database Files 10-4

Creating Units and Reloading AVMs 10-5

Installing Cisco ANA 3.6 Units 10-5

Copying the Backed-Up AVMs and site.xml File to the New Directory 10-5

Migrating Events 10-5

Reloading Cisco ANA 10-8

A P P E N D I X A Folders Created in Cisco ANA A-1

I N D E X

viCisco Active Network Abstraction 3.6.7 Installation Guide

OL-19642-01

Preface

This guide describes the typical installation of Cisco Active Network Abstraction (Cisco ANA).

This guide also provides a checklist so that you can ensure that the Cisco ANA gateway and Cisco ANA unit have been installed successfully. This list provides you with a framework for verifying the following:

• The correct versions of the setup have been installed.

• All third-party software is running the correct version.

• The directory structure is correct and nothing is missing.

• The web server is configured correctly and is running.

• The Golden Source is configured correctly.

This preface includes the following sections:

• Document Organization, page vii

• Conventions, page viii

• Related Documentation, page ix

• Obtaining Documentation and Submitting a Service Request, page ix

Document OrganizationThis guide includes the following sections:

Chapter/Appendix Title Description

1 Overview Describes the Cisco ANA platform architecture and functional blocks.

2 Installation Prerequisites Describes the hardware and software installation requirements of the Cisco ANA gateway, Cisco ANA unit, and Cisco ANA client, and the connectivity requirements. In addition, it describes the DVD that covers the installation of all the system components.

3 Cisco ANA Installation Workflow Provides a workflow of the steps required to install Cisco ANA 3.6.7.

4 Creating and Configuring an Oracle Database

Describes how to configure and create an Oracle 9i or Oracle 10g database for use with Cisco ANA 3.6.7.

viiCisco Active Network Abstraction 3.6.7 Installation Guide

OL-19642-01

Preface

Note Changes to the registry should be performed only with the support of Cisco. For details, contact your Cisco account representative.

ConventionsThis document uses the following conventions:

Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the publication.

5 Installing a Cisco ANA Gateway Describes the typical installation of a single Cisco ANA gateway and how to check the installation on the server.

6 Installing a Cisco ANA Unit Describes how to install the Cisco ANA unit and how to check the installation of Cisco ANA on the unit.

8 Installing Cisco ANA 3.6.7 Provides instructions for installing Cisco ANA 3.6.7 on an existing Cisco ANA 3.6 installation.

7 Installing Clients Describes how to install or upgrade the Cisco ANA client and how to start the client.

9 Uninstalling Cisco ANA Describes how to uninstall the Cisco ANA gateway, Cisco ANA unit, and Cisco ANA client applications.

10 Migrating to Cisco ANA 3.6 Describes how to migrate to Cisco ANA 3.6.7 from an earlier version.

A Folders Created in Cisco ANA Identifies the folders created in Cisco ANA.

Chapter/Appendix Title Description

Convention Indication

bold font Commands, keywords, and user-entered text appear in bold font.

italic font Document titles, new or emphasized terms, and arguments for which you supply values are in italic font.

[ ] Elements in square brackets are optional.

{x | y | z} Required alternative keywords are grouped in braces and separated by vertical bars.

[x | y | z] Optional alternative keywords are grouped in brackets and separated by vertical bars.

string A nonquoted set of characters. Do not use quotation marks around the string or the string will include the quotation marks.

courier font Terminal sessions and information the system displays appear in courier font.

< > Nonprinting characters such as passwords are in angle brackets.

[ ] Default responses to system prompts are in square brackets.

!, # An exclamation point (!) or a pound sign (#) at the beginning of a line of code indicates a comment line.

viiiCisco Active Network Abstraction 3.6.7 Installation Guide

OL-19642-01

Preface

Caution Means reader be careful. In this situation, you might perform an action that could result in equipment damage or loss of data.

Related Documentation

Note We sometimes update the documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates.

The following documentation is available for Cisco Active Network Abstraction 3.6.7:

• Cisco Active Network Abstraction 3.6.7 Release Notes

• Cisco Active Network Abstraction 3.6.7 Documentation Guide

• Cisco Active Network Abstraction 3.6.7 Installation Guide

• Cisco Active Network Abstraction 3.6.7 User Guide

• Cisco Active Network Abstraction 3.6.7 Technology Support and Information Model Reference Manual

• Cisco Active Network Abstraction 3.6.7 Virtual Network Element Reference Guide

• Cisco Active Network Abstraction 3.6.7 Administrator Guide

• Cisco Active Network Abstraction 3.6.7 Customization User Guide

The Cisco Developer Community provides forums, blogs, wikis, and documentation for Cisco ANA developers. Refer to the following website for more information:

http://developer.cisco.com/web/ana/home

The following is a list of the related documentation that is available:

• Cisco Active Network Abstraction Integration Developer Guide

Obtaining Documentation and Submitting a Service RequestFor information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.

ixCisco Active Network Abstraction 3.6.7 Installation Guide

OL-19642-01

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

http://www.cisco.com/en/US/products/ps6776/prod_release_notes_list.html

http://www.cisco.com/en/US/products/ps6776/products_documentation_roadmaps_list.html

http://www.cisco.com/en/US/products/ps6776/prod_installation_guides_list.html

http://www.cisco.com/en/US/products/ps6776/products_user_guide_list.html




http://www.cisco.com/en/US/products/ps6776/prod_maintenance_guides_list.html

http://www.cisco.com/en/US/products/ps6776/products_installation_and_configuration_guides_list.html


Preface

xCisco Active Network Abstraction 3.6.7 Installation Guide

OL-19642-01

Cisco OL-19642-01

C H A P T E R 1
Overview
This chapter describes the components in Cisco ANA, and provides a brief explanation of the Cisco ANA architecture.

1-1Active Network Abstraction 3.6.7 Installation Guide

Chapter 1 Overview Cisco ANA Architecture and Components

Cisco ANA Architecture and ComponentsFigure 1-1 illustrates the Cisco ANA platform’s three-layer architecture.

Figure 1-1 Cisco ANA Architecture

First LayerThe top layer of Cisco ANA comprises the commercial and legacy Operations Support System (OSS) and Business Support System (BSS) applications, as well as the Cisco ANA clients. The Cisco ANA solution enables OSS and BSS applications to integrate with the platform, via a set of well-defined, standards-based application programming interfaces (APIs).

CiscoANA

Second Layer

Third Layer

First Layer

Network

Units

Gateway

GUI Clients Web Clients Customer OSS/BSS

2020

81

WWW

1-2Cisco Active Network Abstraction 3.6.7 Installation Guide

OL-19642-01


GUI Clients

The following Cisco ANA clients provide a comprehensive suite of GUI applications to manage the network:

• Cisco ANA NetworkVision—The main GUI application of Cisco ANA, used to visualize every management function supported by the system. For more information, see the Cisco Active Network Abstraction 3.6.7 User Guide.

• Cisco ANA EventVision—A tool for viewing all historical events detected by the Cisco ANA system. For more information, see the Cisco Active Network Abstraction 3.6.7 User Guide.

• Cisco ANA Manage—A system administration and configuration tool for managing the entire Cisco ANA platform.

• Cisco ANA Registry Editor—A tool used for viewing and configuring the registry.

The clients support automatic client updates from the gateway using Web Start. When connecting with a gateway application, the system verifies that the client version is the latest available, and if an upgrade is required, the system automatically updates the clients from the gateway.

Overview of the Cisco ANA Manage GUI Client

Cisco ANA Manage is the GUI tool used for performing various system administration activities for simple system control. It provides an interface for performing the following tasks:

• Adding and removing Cisco ANA units.

• Adding and removing AVMs and Virtual Network Elements (VNEs) for the different units, starting and stopping VNEs, and setting polling information per VNE.

• Configuring global settings:

– Installing and managing Cisco ANA client licenses.

– Viewing the storage allocated for all database segments.

– Generating a message of the day (service disclaimer).

– Customizing polling groups.

– Customizing protection groups.

• Managing static and persistent topology links.

• Managing workflow templates and running workflows in runtime.

• Grouping a collection of managed network elements (NEs), or scopes, so that the user can view and manage the NEs based on user role.

• Users—Defining and managing user accounts.

Second LayerThe second layer of Cisco ANA comprises the gateway server, through which all the OSS and BSS applications and Cisco ANA GUI clients access the Cisco ANA fabric. Each client connects to its designated gateway. The gateway acts as the portal through which all clients, including any OSS and BSS applications, access the system. It enforces access control and security for all connections and manages client sessions.


OL-19642-01





The gateway server maintains a repository for keeping system settings, topological data, and snapshots of active alarms and events. Another important function of the gateway is to map network resources to the business context. This enables Cisco ANA to contain information (such as VPNs and subscribers) that is not directly contained in the network and display it to northbound applications.

The gateway also contains the alarms and events in the system.

Third LayerThe third layer of Cisco ANA comprises the interconnected fabric of unit servers, AVMs, and VNEs.

Units

Each unit manages a group of network elements. The units are distributed in a way that ensures proximity to their network elements. The gateway is connected to the units, which host the autonomous VNEs.

The units are interconnected to form a fabric of VNEs, which can intercommunicate with other VNEs regardless of which unit they are running on. Each unit can host thousands of autonomous VNE processes, depending on the server system size and VNE type.

Cisco ANA also provides a high availability mechanism to protect the system in case a unit malfunctions. If the unit is configured for high availability, Cisco ANA switches over to the redundant standby unit, with no loss of information.

AVMs

Within the units are AVMs, which are processes that provide the necessary distribution support platform for executing and monitoring multiple VNEs. AVMs and VNEs should reside on a Cisco ANA unit (as a common configuration), but they can also reside on a Cisco ANA gateway.

VNEs

The VNEs are the entities that maintain a live model of each network element and of the entire network. A VNE is a software entity that runs as a completely autonomous process within a Cisco ANA unit. Each VNE is assigned to manage a single network element instance, and contains a replica of that element. The VNE uses whatever southbound management interfaces the network element implements (for example, Simple Network Management Protocol [SNMP] or Telnet).

As the VNE loads, it starts investigating the NE and automatically builds a live model of the NE, including its physical and logical inventory, its configuration, and its status. Following device investigation, the VNEs begin to negotiate with peer VNEs, which represent the peer NEs determining the connectivity and topology at different layers. This model of the network topology, device state, and device inventory is constantly being updated by the VNEs, which track every change that occurs in the NE or in the network.

Messaging between VNEs is used for running different end-to-end flows to provide information for root cause and impact analysis, service path tracing, and more.


OL-19642-01

Cisco OL-19642-01

C H A P T E R 2
Installation Prerequisites
This chapter describes the prerequisites for installing Cisco ANA 3.6.7. It includes the following topics:

• Authenticating Users in Cisco ANA, page 2-1

• Hardware and Software Requirements, page 2-5

• Communications in Cisco ANA, page 2-9

• Solaris Services and Components Used by Cisco ANA, page 2-10

• Cisco ANA Server Ports, page 2-10

• TCP and UDP Port Directions, page 2-12

• Product Services Installed with Cisco ANA, page 2-13

• Installation DVD, page 2-14

Note Oracle 9i Enterprise Edition Release 9.2.0.8 with the partitioning option, or Oracle 10g Enterprise Edition Release 10.2.0.3 with the partitioning option, must be installed before starting the Cisco ANA installation, according to the standard software installation flow. See Chapter 4, “Creating and Configuring an Oracle Database,” for Oracle requirements and instructions on installing Oracle 9i or Oracle 10g for use with Cisco ANA 3.6.7.

Authenticating Users in Cisco ANACisco ANA does the following for users:

• Authentication—Verifying who the user is (passwords)

• Authorization—Controlling what the user can do (roles, scopes)

Two options are available for authenticating a Cisco ANA user:

• Cisco ANA Authentication—A user can be authenticated internally against the Cisco ANA gateway.

• LDAP Authentication—You can configure Cisco ANA to authenticate users against an external system, such as a Lightweight Directory Access Protocol (LDAP) server.

If LDAP authentication is being used and the LDAP server becomes unavailable for any reason, an emergency user can be used for authentication. See Emergency User, page 2-5.


Chapter 2 Installation Prerequisites Authenticating Users in Cisco ANA

The Cisco ANA gateway authorizes the following:

• Roles—Control the actions that a user is authorized to perform. Cisco ANA provides the following predefined security access roles: Administrator, Configurator, Network Operator, Viewer, and OperatorPlus.

• Scopes—Groups of network elements that control which elements a user is authorized to view and manage. Cisco ANA provides one predefined scope, called All Managed Elements, which cannot be edited. Users cannot view any network elements in Cisco ANA until they are assigned a scope.

See the Cisco Active Network Abstraction 3.6.7 User Guide for more information about roles and scopes.

LDAP External AuthenticationUser authentication can be managed locally by Cisco ANA or externally by an LDAP application. If you use an external authentication, user information is checked against what is stored in the external LDAP server (instead of the Cisco ANA database). The external authentication server stores only login and password information; information pertaining to user roles and scopes is stored in the Cisco ANA database.

When a user logs into the GUI client, the gateway server contacts the LDAP server to authenticate the user. If the user is successfully authenticated, the LDAP server sends a confirmation to the gateway server, and the gateway server allows the user to log into Cisco ANA. From that point on, the user can perform functions and access network elements as specified by the roles and scopes.

Prerequisites for Using LDAPYou must meet the following prerequisites before you can configure Cisco ANA to use LDAP:

• The LDAP server must be reachable from the Cisco ANA server, including port 389 for nonencrypted communication, 636 for encrypted communication.

• The LDAP server must support LDAPv3 protocol.

• For encrypted communication, a certificate must be installed on the Cisco ANA server.

Configuring the Windows Server 2003 Active DirectoryTo manipulate users in the Active Directory from Java, the connection to the server must be secure. Follow these procedures to make the server connection secure.

Enabling SSL

If you are using Secure Socket Layer (SSL) for encryption between the Cisco ANA server and the LDAP server, the Windows server must be a domain controller installed with an Enterprise Certificate Authority. To guarantee a secure connection, you must request and install the appropriate certificate.

To obtain the certificate from the LDAP server and place it on the gateway:

Step 1 Use RDP to log into the remote LDAP server.

Step 2 Choose Start > Programs > Administrative Tools > Domain Controller Security Policy.


OL-19642-01



Step 3 In the left pane, choose Security Settings > Public Key Policies > Automatic Certificate Request Settings.

Step 4 Right-click the right pane and choose New > Automatic Certificate Request.

Step 5 Click Next.

Step 6 Choose Domain Controller and click Next.

Step 7 Click Finish.

Step 8 Restart the server.

Step 9 After the server restarts, enter the following command on the command line:

netstat -na

The SSL port 636 should be active; for example:

TCP 0.0.0.0:636 0.0.0.0:0 LISTENING

Installing the LDAP Certificate on the Cisco ANA 3.6.7 Server

Cisco ANA requires a certificate to open a context with the LDAP server. To import the certificate into the system .truststore file, complete the following steps:

Step 1 Download the certificate from the relevant LDAP machine.

a. From the client machine, go to http://<ldaphost>/certsrv. <ldaphost> must be the fully qualified domain name or IP address of the LDAP server.

b. For blade LDAP, use the following username and password:

Username: <host>\administrator

Password: install

c. Click Download a CA certificate, certificate chain, or CRL.

d. Choose Previous cmpdc in the CA certificate option.

e. Click Download CA certificate.

f. Save the certnew.cer file on the machine. You can rename the file as CA.<LDAP_IP_address>.cer.

Step 2 Log into your Netra workstation.

Step 3 Go to ~/Main/resourcebundle/com/sheer and copy the .cer file to that directory.

Step 4 Enter the following command on the command line:

keytool -import -alias LDAP<ID> -file CA.<LDAP_IP_address>.cer -keystore .truststore

Note Use the password in the security.properties file in this directory. Be sure to use a unique ID to set a unique alias.

Step 5 Enter the following command to check your LDAP certificates on the system .truststore file:

keytool -list -keystore .truststore


OL-19642-01


Installing the Certificate on the ATF Client Machine

The ATF framework needs the LDAP certificate to communicate with the LDAP server.

Step 1 Use the .cer file from the preceding section.

Step 2 Remove the read-only attribute on L:\nm_ana\atf\atf.core\resources\ejb3.truststore.

Step 3 Open command line and go to the truststore location.

Step 4 Enter the following command on the command line, where xxx is the unique identifier for the LDAP:

keytool -import -alias ldap_xxx -file <cer_file> -keystore <truststore_file>

The password is admin123.

Importing Users From the LDAP Server Into Cisco ANAYou can perform a bulk import of users from the LDAP Data Interchange Format (LDIF) file. The Cisco ANA “import users” command has the following attributes:

• LDIF filename.

• Cisco ANA role—Administrator, Configurator, Operator, OperatorPlus, and Viewer (the default).

• “user name”—Attribute name as it appears in the LDIF file. The user name can appear in the LDIF file as user name only, or in the format username@domain. In both cases, after the import, the Cisco ANA user is the name only (without the @domain suffix).

• “user description”—Attribute name as it appears in the LDIF file.

• “user full name”—Attribute name as it appears in the LDIF file.

The LDIF file has the following constraints:

• For each user, the user name attribute is mandatory. The description and full name are optional.

• All other attributes are ignored.

• The LDIF file should reside in the gateway machine under the ~/Main directory.

For example, for a Windows LDAP server, enter the following command to produce a valid LDIF file:

ldifde -l description,displayName,userPrincipalName -f <desired_filename> -r objectClass=user

Command Syntax[~]% cd ~/Main/scripts[~/Main/scripts]% import_users_from_LDIF_file.pl <ldifFileName> [roleName] <userNameAttrName> <userDescAttrName> <fullNameAttrName>

Examples

• LDIF file: users.LDF

dn: CN=xxx,CN=Users,DC=ldapsj,DC=comchangetype: adddisplayName: xxxuserPrincipalName: [email protected]


OL-19642-01

Chapter 2 Installation Prerequisites Hardware and Software Requirements

dn: CN=yyyy,CN=Users,DC=ldapsj,DC=comchangetype: adddisplayName: yyyyuserPrincipalName: [email protected]

dn: CN=zzz,CN=Users,DC=ldapsj,DC=comchangetype: adddescription: <description>displayName: zzzuserPrincipalName: [email protected]

Note For information on the LDAP schema attributes, such as CN (common name) and DC (domain component), see the Cisco Active Network Abstraction 3.6.7 Administrator Guide.

• Corresponding Cisco ANA command:

import_users_from_LDIF_file.pl users.LDF userPrincipalName description displayName

Successful Result

Unless they already exist, three users with a Viewer role are created.

Note All imported users are created with non-Cisco ANA authentication permissions (LDAP authentication). If the user name already exists in Cisco ANA, the new user is not created.

Emergency UserIf the LDAP server goes down, the only user permitted to log back into Cisco ANA is root. The root user is the only user who can log back into Cisco ANA without being authenticated by the LDAP server. The root user can then log into Cisco ANA, change the authentication method to local, and edit user accounts so that those users can subsequently log in.

Hardware and Software RequirementsThis section details the hardware and software requirements for:

• Cisco ANA Gateway, page 2-6

• Cisco ANA Unit, page 2-7

• Cisco ANA Client, page 2-9

Note The hardware recommendations are provided under the assumption and recommendation that Cisco ANA 3.6.7 does not share the hardware with additional applications.


OL-19642-01



Cisco ANA GatewayTable 2-1 identifies the minimum software and hardware installation requirements for Cisco ANA gateways.

If you are installing Oracle software in the Cisco ANA gateway, you must also review the Recommended Disk Structure, page 4-15 for Oracle software.

Note Although the minimum hardware requirements for the Cisco ANA gateway and unit are listed in Table 2-1 and Table 2-2 respectively, you must consult with your Cisco account representative for specific hardware platform and configurations details for your Cisco ANA gateway and units before you acquire or use Cisco ANA.

Note • Cisco ANA servers must not be used by any application other than Cisco ANA.

• The server architecture mentioned in Table 2-1 cannot be partitioned or virtually split.

Table 2-1 Cisco ANA Gateway Minimum Server Installation Requirements

Item Specifications

Minimum Hardware Requirements

System hardware • Server platform with one of the following processors:

– One 8-core, 1.2-GHz UltraSPARC T1 processor.

– 1.2-GHz, 64-thread UltraSPARC T2 processor.

– Sun SPARC 64 VI-based processor.

• Solaris 10 compatible.

• One DVD drive.

• Two 73-GB hard disk drives.

For information about how disk space is configured on the gateway, see Recommended Disk Structure, page 4-15.

Memory (RAM) Maximum of 32 GB RAM.

Swap space Twice the size of the physical memory.

For example, if your server has 16 GB RAM, the recommended swap space is 32 GB.

Minimum Software Requirements

Operating system • Solaris 10 (English language).

• Solaris 10 patch cluster release as published by Sun on 18 January 2008 or later. For the exact patch list, see the Sun Patch Release (January 18, 2008).

Database One of the following:

• Customer supplied and installed Oracle 9i Enterprise Edition Release 9.2.0.8 with partitioning option.

• Customer supplied and installed Oracle 10g Enterprise Edition Release 10.2.0.3 with partitioning option.


OL-19642-01


Cisco ANA UnitTable 2-2 identifies the minimum software and hardware installation requirements for Cisco ANA units.

Note Although the minimum hardware requirements for the Cisco ANA gateway and unit are listed in Table 2-1 and Table 2-2 respectively, you must consult with your Cisco account representative for specific hardware platform and configurations details for your Cisco ANA gateway and units before you acquire or use Cisco ANA.

Note Cisco ANA servers must not be used by any application other than Cisco ANA.

Solaris 10 Patches

Note When installing a Solaris 10 patch cluster, carefully follow the instructions in the readme file that comes with the Sun patch cluster, as the readme includes procedures that are important for the successful installation of the patch.

On Sun servers, the recommended operating system for Cisco ANA 3.6.7 is Solaris 10. Cisco ANA 3.6.7 is compatible with the latest patch release as published by Sun on January 18, 2008 (cluster patch ID Generic_120011-14). Table 2-3 identifies the patches included in this patch release.

Table 2-2 Cisco ANA Minimum Unit Installation Requirements

Item Specifications

Minimum hardware requirements

• One 8-core, 1.2-GHz UltraSPARC T1 processor or 1.2-GHz, 64-thread UltraSPARC T2 processor.

• Solaris 10 compatible.

• Maximum of 32 GB RAM1.

• Two 73-GB hard disk drives.

• One DVD drive.

• Swap space: Twice the size of the physical memory. For example, if your server has 32 GB RAM, the recommended swap space is 64 GB.

1. When defining the amount of memory that will be used on a unit, consider that the larger the memory size, the longer the unit’s startup time will be.

Minimum software requirements

• Solaris 10 (English language).

• Solaris 10 patch cluster release as published by Sun on 18 January 2008 or later. For the exact patch list, see the Sun Patch Release (January 18, 2008).

Table 2-3 Sun Patch Release (January 18, 2008)

116781-02 117447-01 117463-05 118371-10 118373-01

118564-03 118731-01 118879-02 118890-03 118925-05


OL-19642-01


Note For any later patches distributed by Sun, contact your Cisco account representative.

118929-05 119012-03 119073-03 119077-10 119265-02

119332-01 119336-01 119573-02 119580-05 119586-02

119593-01 119685-11 119824-02 119826-02 119981-09

119985-02 119998-02 120023-01 120032-04 120048-03

120050-06 120469-07 120473-12 120629-08 120780-04

120809-01 120824-09 120845-05 120990-02 120998-02

121006-02 121010-06 121215-01 121229-02 121235-01

121278-01 121282-02 121284-02 121288-03 121292-01

121294-01 121406-01 121473-01 121474-01 121476-01

121478-01 121786-01 121905-01 122251-01 122328-01

122404-01 122412-01 122513-02 122535-01 122637-01

122646-02 122658-04 122660-10 122662-05 122752-04

123017-01 123249-02 123256-02 123324-03 123330-01

123350-01 123354-03 123356-02 123362-01 123418-02

123420-02 123422-03 123441-05 123444-01 123910-03

123911-01 123916-05 123954-01 124204-04 124208-01

124250-03 124254-04 124258-07 124280-01 124286-01

124327-04 124442-01 124916-03 124918-02 124921-02

124922-03 124987-02 124990-01 124993-01 124995-01

125009-01 125011-01 125014-03 125018-02 125020-01

125024-01 125026-01 125028-02 125028-03 125035-01

125040-01 125042-02 125073-01 125077-03 125079-01

125100-10 125112-01 125114-01 125116-02 125118-01

125120-03 125123-01 125127-01 125129-01 125198-02

125203-01 125329-03 125363-06 125371-01 125383-01

125385-02 125420-01 125422-01 125424-01 125427-01

125430-01 125432-01 125465-02 125478-01 125486-01

125488-02 125492-01 125494-02 125497-01 125792-01

125795-01 126255-01 126303-02 126310-01 126320-01

126429-01 126536-01 126663-01 126838-01

Table 2-3 Sun Patch Release (January 18, 2008) (continued)


OL-19642-01

Chapter 2 Installation Prerequisites Communications in Cisco ANA

Cisco ANA ClientTable 2-4 identifies the minimum hardware and software installation requirements for Cisco ANA clients.

Note The minimum client configuration is 1 GB. When several memory-intensive applications run at the same time, you might experience sluggishness in the user interface response time and a slow refresh rate. If you encounter latency problems, close other applications running on the desktop.

When planning available memory space, consider that the application does not work well with paging. When paging is used, the application’s performance degrades over time.

For information on the maximum number of objects, links, tickets, and maps that Cisco ANA NetworkVision can display, contact your Cisco account representative.

Communications in Cisco ANAThe Cisco ANA platform requires connectivity to its tiers as follows:

• Gateway and units—Units have out-band management; therefore, the gateway must have connectivity to all units.

• Gateway and clients—Clients communicate with the gateway only; therefore, IP connectivity between clients and the gateway is required.

Clients support automatic client updates from the gateway and, depending on the upgrade, the data can be up to 30 MB.

Table 2-4 Cisco ANA Minimum Client Installation Requirements

Item Specifications

Minimum Hardware Requirements

IBM PC or PC-compatible workstation

• Pentium IV, 2.66-GHz or better processor

• 1 GB RAM

• 2 GB of free disk space

• One DVD drive

• 512 MB of free nonvirtual memory

Screen • Minimum screen resolution of 1024 x 768 pixels

• True color (32-bit) setting

Minimum Software Requirements

Operating system Windows 2000, Windows XP, or Windows Vista

Internet Connection

Requirement 1.5 Mbps bandwidth (to download)


OL-19642-01

Chapter 2 Installation Prerequisites Solaris Services and Components Used by Cisco ANA

Note You can disable automatic client updates. See Disabling the Automatic Client Update, page 7-3 for details.

• Units and NEs—Units host VNEs, which require connectivity to the network elements (SNMP, Telnet).

Note For more information about the ports used, see the Cisco Active Network Abstraction 3.6.7 Administrator Guide.

Solaris Services and Components Used by Cisco ANATable 2-5 lists the Solaris services and components that are used by the Cisco ANA system and must not be removed.

Cisco ANA Server PortsTable 2-6 provides a list of the ports used by the various Cisco ANA server and client applications.

Table 2-5 Required Solaris Services and Components

Name Function Configuration InformationTCP or UDP Port Number Traffic Classification

Xntpd Time server /etc/inet/ntp.conf 123 (UDP) ntp

/bin/tcsh UNIX shell None None None

/usr/bin/tcsh UNIX shell None None None

Perl Scripting language None None None

/bin/sh UNIX shell None None None

Rsh/rexec Remote shell None 514 (TCP) None

Table 2-6 Ports Used by Cisco ANA

Scope Protocol Ports

Cisco ANA Gateway—Northbound

Cisco ANA NetworkVision

Note This point-to-point (PTP) connection is secured by SSL.

TCP 9771

Cisco ANA NetworkVision – Web Start Edition TCP 1310

Web Monitoring System

Note This port is secured by SSL and authenticated using the username and password created during the installation process.

HTTP 1311

Cisco ANA EventVision (used by Oracle) TCP 1521

Secure Shell Protocol (SSH) for Cisco ANA Shell TCP 22


OL-19642-01



Chapter 2 Installation Prerequisites Cisco ANA Server Ports

Note If any of the ports listed in Table 2-6 are unavailable, the installation fails.

Telnet for Cisco ANA Shell TCP 23

Broadband Query Language (BQL) TCP 9002

Secured (SSL) remote BQL connections TCP 9003

Patch verification TCP 8000

Registry Editor (incoming traffic) TCP 8011

Registry Editor (outgoing traffic) TCP 8099

Cisco ANA Gateway—Southbound and Intraunit Communication

Transport TCP 9390

High availability and registry synchronization TCP 8099

System administration and scripts TCP 514

Secure connectivity for system administration and scripts TCP 1101

Time synchronization using Network Time Protocol (NTP) UDP 123

Table 2-6 Ports Used by Cisco ANA (continued)

Scope Protocol Ports


OL-19642-01

Chapter 2 Installation Prerequisites TCP and UDP Port Directions

TCP and UDP Port DirectionsTable 2-7 lists the TCP and UDP ports along with the directions.


Table 2-7 Cisco ANA TCP and UDP Ports with Directions

TCP or UDP Port Number Source Destination Used by...

9770 (TCP) and 9771 (TCP) Cisco ANA clients Gateway Cisco ANA NetworkVision

1310 (TCP) Cisco ANA clients Gateway Cisco ANA NetworkVision Web Start

1311 (TCP) Cisco ANA clients Gateway Cisco ANA monitoring system

1521 (TCP) Cisco ANA clients Gateway Cisco ANA EventVision (used by Oracle)

22 (TCP) and 23 (TCP) Cisco ANA clients Gateway Cisco ANA Shell

9002 (TCP) Cisco ANA clients Gateway Cisco ANA BQL

9003 (SSL) Cisco ANA clients Gateway Cisco ANA BQL (secured connection)

8011 (TCP) and 8099 (TCP) Cisco ANA clients Gateway Cisco ANA Registry Editor

123 (UDP) Gateway NTP Server 1 NTP Sync for gateway

123 (UDP) Gateway NTP Server 2 NTP Sync for gateway

9390 (TCP) Gateway Unit Cisco ANA transport

8099 (TCP) Gateway Unit Cisco ANA high availability and registry synchronization

514 (TCP) Gateway Unit Cisco ANA system administration and scripts

1101 (TCP) Gateway Unit Cisco ANA secure connectivity for system administration and scripts

22 (TCP) Gateway Unit SSH for debugging

8011 (TCP) Gateway Unit Cisco ANA Registry Editor

8000 (TCP) Gateway Unit Cisco ANA for patch verification

123 (UDP) Unit Gateway NTP Sync between gateway and units

1101 (TCP) Unit Gateway Cisco ANA secure connectivity for system administration and scripts

9390 (TCP) Unit Gateway Cisco ANA high availability and registry synchronization

8011 (TCP) Unit Gateway Cisco ANA Registry Editor

22 (TCP), 23 (TCP), and 162 (UDP)

Unit Network elements (VNE)

SSH, Telnet, or SNMP

163 (UDP) and 514 (UDP) Network elements (VNE)

Unit SNMP trap or syslog


OL-19642-01

Chapter 2 Installation Prerequisites Product Services Installed with Cisco ANA

Product Services Installed with Cisco ANATable 2-8 lists the product services that are installed with the Cisco ANA system.

Table 2-8 Product Services Installed with Cisco ANA

Name FunctionConfiguration Information

TCP or UDP Port Number

Dynamic TCP or UDP Port Ranges

Interdependencies with Other Features, Services, and Applications

Traffic Classification

avm[1-999] Main application

Main/registry/Avm[NUM].xml

— 2000-3000, 8000-9000 (TCP)

Java, Perl, Tcsh Inner protocol

Udp2icmp ICMP redirector

— 10001 (UDP) — Perl —

redirectUdp UDP redirector — 162,1162,514,1514 (UDP)

— Perl —

sheer_secured daemon

Secured connectivity between gateway and unit

local/sheer_secured/sheer_config

1101 (TCP) — — SSH

webserver daemon

Serves the client Web Start and the diagnostics tool with graphs.

utils/apache/conf/ sheer.conf

1310, 1311 (TCP)

— — HTTP

Machine interface

BQL machine- to-machine interface

— 9002 (TCP) — Java —

Secure machine interface

Secured (SSL) BQL machine-to- machine interface

— 9003 (TCP) — Java —

Transport switch

Gateway/unit internal message bus

— 9390 (TCP) — Java —

Client Applications Transport

Client/gateway message bus

This PTP connection is secured by SSL.

— 9771 (TCP) — Java —

Syslog redirector

Redirects syslog messages

— 1512 (UDP) — — —

Traps redirector

Redirects trap events

— 1162 (UDP) — — SNMP


OL-19642-01

Chapter 2 Installation Prerequisites Installation DVD


Installation DVDTable 2-9 lists the contents of the Cisco ANA installation DVD.

Table 2-9 Installation DVD Contents

Installation DVD Description

Cisco ANA Gateway Server System and Cisco ANA Unit Server

• Apache Server 2.0.59 hardening based on the xianshield Apache 2.0 Hardening Guide

• Sun JDK 1.4.2_13-b06

• OpenSSH_4.2p1 hardening based on http://non-gnu.uvt.nl/pub/uvt-unix-doc/ssh-harden.txt guide

• ActiveState Active Perl 5.8.6

• Cisco ANA gateway v3.6

• Cisco ANA unit v3.6

• Cisco ANA 3.6.7

Web Start Cisco ANA Clients • Cisco ANA Manage v3.6

• Cisco ANA NetworkVision v3.6

• Cisco ANA EventVision v3.6

Configurable Device Management Platform (CDMP)

Includes all other Cisco ANA software

Activation Server Includes only the Verity Activation Server (formerly Dralasoft)

Workflow Client Includes only the Verity Workflow Client (formerly Dralasoft)

Cisco ANA Shell The command line interface of the Cisco ANA Shell Manage system


OL-19642-01

http://non-gnu.uvt.nl/pub/uvt-unix-doc/ssh-harden.txt

Cisco OL-19642-01

C H A P T E R 3
Cisco ANA Installation Workflow
This chapter provides a workflow of the steps required to install Cisco ANA 3.6.7.

Note Cisco ANA 3.6.7 is installed on top of a Cisco ANA 3.6 installation. Cisco ANA 3.6.7 includes all patches that were released since the Cisco ANA 3.6 release. During the installation of Cisco ANA 3.6.7, any point patches or maintenance releases that were previously installed on top of Cisco ANA 3.6 are automatically removed.


Chapter 3 Cisco ANA Installation Workflow

Figure 3-1 describes the overall steps required to install Cisco ANA 3.6.7. Detailed instructions on how to perform each step are provided in subsequent chapters.

Figure 3-1 Cisco ANA Installation Workflow

1. Install Oracle 9i or Oracle 10g for use with Cisco ANA 3.6.7. For instructions, see Chapter 4, “Creating and Configuring an Oracle Database.”

2. Install Cisco ANA 3.6, as follows:

– If you are installing Cisco ANA 3.6 for the first time, follow the instructions in Chapter 5, “Installing a Cisco ANA Gateway,” and Chapter 6, “Installing a Cisco ANA Unit.”

– If you are migrating to Cisco ANA 3.6 from an earlier version of Cisco ANA, follow the instructions in Chapter 10, “Migrating to Cisco ANA 3.6.”

3. Install Cisco ANA 3.6.7 on the gateway and units; see Chapter 8, “Installing Cisco ANA 3.6.7.” If you are upgrading from Cisco ANA 3.6.1 or later, you will also have to update JDK.

Note Cisco ANA 3.6.7 introduces a change to the structure of link OIDs. If you are upgrading to Cisco ANA 3.6.7 from an earlier version of Cisco ANA, the GUI clients:

• Will not display working hyperlinks in the “Location” field for any link events or link tickets that were created before the upgrade.

• Will not correlate clearing events for any link events or link tickets that were created before the upgrade.

• Will not display business tags that were associated with links.

If these changes affect you, please contact the Technical Assistance Center.

4. Install the required client applications. For instructions, see Chapter 7, “Installing Clients.”

Step 1: Install Oracle 9i or Oracle 10g

Step 2: Install Cisco ANA 3.6 Step 2: Migrate to Cisco ANA 3.6

Step 2a: Install a gateway

Step 3: Install Cisco ANA 3.6.7 on the gateway

Step 4: Install the client applications

Step 2b: Install the units

1950

55

or


OL-19642-01

Cisco OL-19642-01

C H A P T E R 4
Creating and Configuring an Oracle Database
This chapter provides specific guidelines for creating and configuring an Oracle database for use with Cisco ANA. For a full description of an Oracle installation and to be sure you have the most recent documentation, see the documentation that came with your Oracle software or see the Oracle Corporation website.

This chapter includes:

• Before You Begin, page 4-1

• Creating an Oracle Database, page 4-2

• Changing XML DB Ports, page 4-13

• Configuring the Database Size, page 4-13

• Setting the open_cursors Parameter, page 4-15

• Starting the Oracle Listener, page 4-16

• Postinstallation Database Configuration, page 4-16

Before You BeginOracle 9i Enterprise Edition Release 9.2.0.8 32-bit (or Oracle 10g Enterprise Edition Release 10.2.0.3 64-bit) with the partitioning option must be installed before starting the Cisco ANA installation according to the standard software installation flow. The Oracle server can be installed on the Cisco ANA gateway or on any other remote machine. If the Oracle server is installed on a remote machine, the Oracle client must be installed on the Cisco ANA gateway.

Before you attempt to install Oracle 9i or 10g, note the following:

• Cisco ANA does not manage the starting and stopping of Oracle processes. Although the customer can back up and restore the Oracle database, the database administrator is responsible for automatically restarting Oracle processes in the event of a power failure.

• If an Oracle server is installed on the Cisco ANA gateway, no Oracle services can be installed on port 2100. If an Oracle listener is installed on port 2100, you must disable it or change the port number (see Disabling Database Features, page 4-4). By default, this port is used by the Oracle XML DB service.

• It is recommended that the Oracle user be called oracle, and that it be part of a group called dba.

• The recommended Oracle 9i for Cisco ANA 3.6.7 is the 32-bit version with patch 9.2.0.8. This version is installed by executing ./runInstaller -ignoreSysPrereqs.


Chapter 4 Creating and Configuring an Oracle Database Creating an Oracle Database

• The recommended Oracle 10g for Cisco ANA 3.6.7 is the 64-bit version with patch 10.2.0.3. This version is installed by executing ./runInstaller.

• The database username and password that are related to the Cisco ANA application are created automatically during installation.

Note To reset the system password, you must reinstall Cisco ANA.

Download LocationsOracle installation patches can be downloaded from the following locations:

• Oracle 9.2.0.8 patch from:

http://metalink.oracle.com

Patchset 4547809

• Oracle 10.2.0.3 patch from:


Patchset 5337014

Note After installing patch 9.2.0.8 or 10.2.0.3, you must change the permissions for the newly installed files to enable all OS users to use Oracle on the machine. You can do this by executing the script $ORACLE_HOME\install\changePerm.sh.

Creating an Oracle DatabaseThe database instance installation can be performed as part of the Oracle installation or separately using the dbca utility. This section describes how to create an Oracle database instance using the dbca utility. This utility is located in ORACLE_HOME/bin (where ORACLE_HOME is the Oracle installation directory).

When installing a database instance, you must specify the following parameters:

• The Oracle System Identifier (SID) must be set to MCDB.

• The temporary tablespace should be named TEMP.

• The System Global Area (SGA) size must be 2 GB, and the buffer cache size must be 1.8 GB.

• The dump folders should be under ORACLE_HOME/admin/MCDB/. In most cases, this is the default location, and no special action is required.

For better performance, make sure you generate statistics for all tables in the database. Cisco ANA issues alerts if no statistics are generated, or if the current statistics are more than two weeks old.


OL-19642-01




Table 4-1 describes the steps involved in creating an Oracle 9i database using DBCA.

Table 4-2 describes the steps involved in creating an Oracle 10g database using DBCA.

Table 4-1 Creating an Oracle 9i Database Using DBCA

DBCA Install UI Recommended Action

Step 1 Database Configuration Assistant, Step 1 of 8: Operations

Choose Create a Database.

Step 2 Database Configuration Assistant, Step 2 of 8: Templates

Choose New Database.

Step 3 Database Configuration Assistant, Step 3 of 8: Database Identification

• In the Global Database Name field, enter the database name as MCDB.

• In the SID field, enter the Oracle system identifier. The SID defaults to the database name; that is, MCDB.

Step 4 Database Configuration Assistant, Step 4 of 8: Database Features

See Disabling Database Features, page 4-4.

Step 5 Database Configuration Assistant, Step 5 of 8: Database Connection Options

Retain the default selection.

Step 6 Database Configuration Assistant, Step 6 of 8: Initialization Parameters

See Configuring Memory Settings, page 4-7.

Step 7 Database Configuration Assistant, Step 7 of 8: Database Storage

See Configuring Database Storage (Redo Logs), page 4-11.

Step 8 Database Configuration Assistant, Step 8 of 8: Creation Options

1. Choose Create Database.

2. Enter the passwords for the Oracle administrative accounts such as SYS and SYSTEM.

Table 4-2 Creating an Oracle 10g Database Using DBCA


Step 1 Database Configuration Assistant, Step 1 of 12: Operations

Choose Create a Database.

Step 2 Database Configuration Assistant, Step 2 of 12: Database Templates

Choose Custom Database.

Step 3 Database Configuration Assistant, Step 3 of 12: Database Identification

• In the Global Database Name field, enter the database name as MCDB.

• In the SID field, enter the Oracle system identifier. The SID defaults to the database name; that is, MCDB.

Step 4 Database Configuration Assistant, Step 4 of 12: Management Options

Retain the default selections.

Step 5 Database Configuration Assistant, Step 5 of 12: Database Credentials

Enter the passwords for the Oracle administrative accounts such as SYS and SYSTEM.

Step 6 Database Configuration Assistant, Step 6 of 12: Storage Options

Choose File System.


OL-19642-01


Disabling Database FeaturesThe Database Configuration Assistant wizard guides you step-by-step through the Oracle database installation process. When you are prompted to select the features to configure for use in the database, it is recommended that you disable all database features and remove the Oracle XML DB service.

Figure 4-1 and Figure 4-2 show the dialog boxes that let you disable database features for Oracle 9i and Oracle 10g, respectively.

Step 7 Database Configuration Assistant, Step 7 of 12: Database File Locations

Retain the default selections.

Step 8 Database Configuration Assistant, Step 8 of 12: Recovery Configuration

See Archiving Logs for Oracle 10g, page 4-10.

Step 9 Database Configuration Assistant, Step 9 of 12: Database Content

See Disabling Database Features, page 4-4.

Step 10 Database Configuration Assistant, Step 10 of 12: Initialization Parameters

See Configuring Memory Settings, page 4-7.

Step 11 Database Configuration Assistant, Step 11 of 12: Database Storage

See Configuring Database Storage (Redo Logs), page 4-11.

Step 12 Database Configuration Assistant, Step 12 of 12: Creation Options

Choose Create Database.

Table 4-2 Creating an Oracle 10g Database Using DBCA (continued)



OL-19642-01


Figure 4-1 Disabling Database Features for Oracle 9i

Figure 4-2 Disabling Database Components for Oracle 10g


OL-19642-01


Disabling the Oracle XML DB Service

The following procedures describe how to disable the Oracle XML DB service during the database creation for Oracle 9i and Oracle 10g installations.

Disabling the Oracle XML DB Service for an Oracle 9i Installation

Step 1 In Step 4 of the Database Configuration Assistant wizard, click Standard Database Features (see Figure 4-1).

The Standard Database Features dialog box (Figure 4-3) opens, asking you to select the standard database features to configure for use in your database.

Figure 4-3 Disabling Oracle XML DB for Oracle 9i

Step 2 Uncheck the Oracle XML DB check box, then click OK.

Disabling the Oracle XML DB Service for an Oracle 10g Installation

Step 1 In Step 9 of the Database Configuration Assistant wizard, click Standard Database Components (see Figure 4-2).

The Standard Database Components dialog box (Figure 4-4) opens, asking you to select the standard database components to configure for use in your database.


OL-19642-01


Figure 4-4 Disabling Oracle XML DB for Oracle 10g

Step 2 Uncheck the Oracle XML DB check box, then click OK.

Configuring Memory SettingsMemory settings are configured in the Initialization Parameters page of the Database Configuration Assistant wizard.

Figure 4-5 and Figure 4-6 show the recommended memory settings for Oracle 9i and Oracle 10g installations, respectively.


OL-19642-01


Figure 4-5 Configuring Memory Settings for Oracle 9i

Figure 4-6 Configuring Memory Settings for Oracle 10g


OL-19642-01


Archiving the DatabaseThe Database Configuration Assistant wizard lets you configure the settings required for archiving the database.

Note The directory containing archive logs must be permitted for updates (such as read and write permissions) for a Cisco ANA OS user. See Maintaining Archive Log File Disk Space, page 4-16.

The following sections describe:

• Archiving Logs for Oracle 9i, page 4-9

• Archiving Logs for Oracle 10g, page 4-10

• Configuring Database Storage (Redo Logs), page 4-11

Archiving Logs for Oracle 9i

In the Archive tab of the Initialization Parameters page (Figure 4-7) in the Database Configuration Assistant wizard, you can configure the settings for archiving the database logs for an Oracle 9i installation.

Figure 4-7 Configuring Archive Settings for Oracle 9i


OL-19642-01


To configure the database log settings:

Step 1 In the Archive tab, check the Archive Log Mode check box to run the database in archive log mode.

Step 2 Check the Automatic Archival check box.

Step 3 Specify the archive log filename format in the field provided.

Step 4 Specify the destination directories that are to contain the archive logs.

Note It is recommended that the archive log files reside on a physical disk separate from the Oracle data files.

Archiving Logs for Oracle 10g

In the Recovery Configuration page (Figure 4-8) in the Database Configuration Assistant wizard, you can configure the settings for recovering the database logs for an Oracle 10g installation.

Figure 4-8 Configuring Archive Settings for Oracle 10g

Note Cisco ANA does not require you to enable Flash Recovery Area. You can enable this feature if you think it might be useful.


OL-19642-01


To configure the database recovery options:

Step 1 Check Enable Archiving to enable the archiving feature, then click Edit Archive Mode Parameters.

The Edit Archive Mode Parameters dialog box opens (Figure 4-9).

Figure 4-9 Edit Archive Mode Parameters

Step 2 Check Automatic Archiving.

Step 3 In the Archive Log File Format field, specify the archive log filename format.

Step 4 Specify the destination directories that are to contain the archive logs.

Note If a Flash Recovery Area was specified by the database administrator, the archive logs go there; otherwise, any other specified archive log destinations are used. It is recommended that archive log files be written to multiple locations spread across different disks.

Configuring Database Storage (Redo Logs)

In the Database Storage page in the Database Configuration Assistant wizard, you can configure the Redo Log settings for an Oracle 9i or Oracle 10g installation, as shown in Figure 4-10 and Figure 4-11.

Note The Redo log file size must be 100 MB and must reside on a physical disk separate from the Oracle data files.


OL-19642-01


Figure 4-10 Configuring Database Storage Settings for Oracle 9i

Figure 4-11 Configuring Database Storage Settings for Oracle 10g


OL-19642-01

Chapter 4 Creating and Configuring an Oracle Database Changing XML DB Ports

Changing XML DB PortsIf Oracle is installed on the Cisco ANA gateway, no Oracle services can be installed on port 2100. If an Oracle listener was installed on port 2100, you must disable it or change the port number. By default, this port is used by the Oracle XML DB service.

Use this procedure to change the port numbers of the XML DB listeners, if required.

Note You must change the FTP port number if an Oracle listener was installed by default on port 2100.

Step 1 To log into Oracle SQL, enter:

sqlplus USER/PASSWORD

Step 2 To change the HTTP port from 8080 to 8083, enter:

sql> call dbms_xdb.cfg_update(updateXML(dbms_xdb.cfg_get(), '/xdbconfig/sysconfig/protocolconfig/httpconfig/http-port/text()', 8083));

Step 3 To change the FTP port from 2100 to 2111, enter:

sql> call dbms_xdb.cfg_update(updateXML( dbms_xdb.cfg_get(), '/xdbconfig/sysconfig/protocolconfig/ftpconfig/ftp-port/text()' , 2111));

Step 4 To commit the update, enter:

sql> COMMIT;

Step 5 To refresh the settings, enter:

sql> exec dbms_xdb.cfg_refresh

Step 6 To exit SQL Command Line, enter:

sql> exit

Configuring the Database SizeThis section describes how to specify the size of the database, depending on the length of time required to store historical events. To do this, you must estimate the size of the event history log and calculate the number of data files required in the database.

Topics include:

• Defining the Event History Log Size, page 4-14

• Defining the Data Files in the Database, page 4-14

• Recommended Disk Structure, page 4-15


OL-19642-01

Chapter 4 Creating and Configuring an Oracle Database Configuring the Database Size

Defining the Event History Log SizeTable 4-3 describes how to calculate the size of the event history log.

The size of the stored data is determined mainly by the number of stored events. In Table 4-3, one event uses 800 bytes. If the maximum supported event rate of 35 events per second is used, the size of the database grows by 2.25 GB per day.

Database cleanup occurs by means of integrity scripts that run at 12-hour intervals as programmed by cron jobs. During installation, Cisco ANA configures these scripts to run at 11:00 a.m. and 11:00 p.m.

To change the times at which these scripts run, you must modify the crontab file. For information about modifying the crontab file, see http://docs.sun.com or the documentation that came with your system.

Defining the Data Files in the DatabaseTable 4-4 describes how to calculate the number of data files required in the database, assuming a rate of 35 events per second, based on 2-week, 4-week, and 12-week periods.

Note • The two hard disks of the gateway are limited to a maximum of 64 GB for database data files. The remaining space is needed for OS swap, backup and restore procedures, and database archive logs. To utilize the full hard disk size of 146 GB, external storage must be used.

• The maximum size of a data file for Oracle 9i 8 KB block size is 32 GB. Although the maximum size of a data file for Oracle 10g 8 KB block size is 32 TB, it is recommended that you limit it to 32 GB.

Table 4-3 Event History Log Size

Events per Second Seconds per Day Event Size Bytes Data per Day

35 86400 800 bytes 1073741824 GB 2.25 GB

Table 4-4 Defining Data Files in the Database

Events per Second Period (Days) Database Size

Number of Data Files Comments

35 14 (2 weeks) 32 GB 1 This is the default system configuration.

35 28 (4 weeks) 64 GB 2 Assuming a hard disk size of 146 GB, one physical hard disk can be used for two Oracle data files.

35 84 (12 weeks) 192 GB 6 Assuming a hard disk size of 146 GB, two physical hard disks can be used for six Oracle data files.


OL-19642-01

http://docs.sun.com

Chapter 4 Creating and Configuring an Oracle Database Setting the open_cursors Parameter

Recommended Disk Structure

Note • The first data file is created while running the sheer-conf.pl script (see Postinstallation Database Configuration, page 4-16). This script must be run after the Cisco ANA gateway installation (see Chapter 5, “Installing a Cisco ANA Gateway”).

• You can create additional data files only after the Cisco ANA installation is complete (see Adding Data Files to the Tablespace, page 4-17).

The recommended disk structure for an Oracle server based on the number of disks that the server holds:

• Disk 1 (146 GB): Approximately 40 GB should be used by OS files, and 100 GB can be used by two Oracle data files.

• Disk 2 should be used for redo logs and archiving, and not for Oracle data files.

• 3 or more disks (146 GB): Can be used by three Oracle data files.

Note Cisco ANA uses the Oracle partitioning option, which is available only in the Oracle Enterprise Edition. It is recommended that you not use Oracle Standard Edition for Cisco ANA, because it might not run correctly.

Setting the open_cursors ParameterOpen cursors enable the reading and writing of data between the Oracle database and Cisco ANA. The open_cursors parameter defines the maximum number of cursors that can be opened concurrently, per session. The recommended maximum number of open cursors for use with Cisco ANA is 1000. An error is generated if the number of open cursors in a session exceeds the specified number.

To set the open cursors parameter:

Step 1 To check the value of the open_cursors parameter, enter:

SQL> show parameter open_cursors

The following output should be displayed:

open_cursors integer 1000

Step 2 If the integer value is less than 1000, enter:

SQL> ALTER SYSTEM SET open_cursors = 1000 SCOPE=BOTH;

Step 3 To verify that the value has changed, enter:

SQL> show parameter open_cursors

Note If the open cursors integer value is still less than 1000, contact your local database administrator.


OL-19642-01

Chapter 4 Creating and Configuring an Oracle Database Starting the Oracle Listener

Starting the Oracle ListenerAfter the database has been created, the Oracle listener should be started to enable the sheer-conf.pl configuration script to connect to the database.

To start the Oracle listener:

Step 1 To determine if the Oracle listener is up, enter:

ps -ef | grep ora

The following output should be displayed (if the ORACLE_HOME UNIX environment variable is set to /export/home oracle):

oracle 17327 1 0 Aug 02 ? 0:00 /export/home/oracle/Ora920/bin/tnslsnr LISTENER -inherit

Step 2 If the Oracle listener is down, do the following to start it:

a. Log in as user oracle.

b. Enter lsnrctl start.

Postinstallation Database ConfigurationAfter the database has been installed, the sheer-conf.pl script must be run to prepare all necessary database objects. The script creates the schema name SHEER which cannot be changed. The script also creates a default tablespace with the name SHEER which is used by the SHEER schema. The tablespace is created with one data file with a default maximum size of 34 GB. You can add additional data files after running this script. (See Adding Data Files to the Tablespace, page 4-17.)

Maintaining the DatabaseAfter database installation, maintaining the database can involve:

• Maintaining Archive Log File Disk Space—Ensuring there is sufficient space on a disk to store a large volume of archive logs caused by the large number of Cisco ANA updates to the database.

• Adding Data Files to the Tablespace—Adding data files to enable the storage of event history logs for a longer period of time.

Note For information about how to back up and restore the database, see Appendix A of the Cisco Active Network Abstraction 3.6.7 Administrator Guide.

Maintaining Archive Log File Disk SpaceThe large number of Cisco ANA updates to the database causes the size of the archive log to expand rapidly and consume a large amount of space on the disk partition. To maintain space on the disk partition, archive log files should be deleted periodically. Archive log files can be deleted from the


OL-19642-01



Chapter 4 Creating and Configuring an Oracle Database Postinstallation Database Configuration

system only if the user has permission to do this. By default, Cisco ANA OS users do not have permission to delete files. You can change the permissions to enable OS users to delete the archive log files by executing the following script:

$ORACLE_HOME\install\changePerm.sh

Note On a remote Oracle server, the archive log files should be deleted manually.

Adding Data Files to the TablespaceAfter the Cisco ANA installation is complete and the database has been installed, the sheer-conf.pl script creates a default tablespace with one data file with a default maximum size of 34 GB.

Depending on the event rate per second, you might need to add more data files. For example, at a rate of 35 events per second, if you want to store the event history for three months, six data files are required (see Table 4-4 on page 4-14).

You can add files after running the sheer-conf.pl script.

• To add a data file to the existing tablespace for Oracle 9i, enter:

alter tablespace SHEER add datafile '<NEW-DATA-FILE-FULL_PATH>' size 100M autoextend on next 5M;

• To add a data file to the existing tablespace for Oracle 10g, enter:

alter tablespace SHEER add datafile '<NEW-DATA-FILE-FULL_PATH>' size 100M autoextend on next 5M maxsize 34G;


OL-19642-01

Chapter 4 Creating and Configuring an Oracle Database Postinstallation Database Configuration


OL-19642-01

Cisco OL-19642-01

C H A P T E R 5
Installing a Cisco ANA Gateway
This chapter provides details about installing a single Cisco ANA gateway for the first time.

Note • For instructions on how to install Cisco ANA 3.6.7 on top of an existing Cisco ANA 3.6 installation, see Chapter 8, “Installing Cisco ANA 3.6.7.”

• If you are migrating to Cisco ANA 3.6 from an earlier version, the installation is different from installing Cisco ANA for the first time. For information about how to migrate Cisco ANA, see Chapter 10, “Migrating to Cisco ANA 3.6.”

• For information about redundancy or multiple installations of the gateway, contact your Cisco account representative.

• Cisco ANA 3.6.7 involves a change to the Java version. See Using a Remote Database for the Gateway Installation, page 5-8.



• Cisco ANA Gateway Installation Overview, page 5-3

• Changes Resulting from the Installation, page 5-11

• Changes Resulting from the Installation, page 5-11

• Verifying the Cisco ANA Gateway Installation, page 5-13

Before You Begin

Note If you are installing Cisco ANA on a machine on which a previous version of the application is installed, you must delete all the files from /tmp that belong to the user sheer before the installation. To locate the list of files, enter:

cd /tmpls –l | grep “sheer”

Then, to delete each file in the list, enter:

rm <file_name>


Chapter 5 Installing a Cisco ANA Gateway Before You Begin

Before starting the installation, verify that:

• The installation DVD is available (see Installation DVD, page 2-14).

• The server machines that are going to be installed comply with the minimum system requirements specified in Chapter 2, “Installation Prerequisites.”

• The customer-supplied Oracle 9i Enterprise Edition Release 9.2.0.8 or Oracle 10g Enterprise Edition Release 10.2.0.3 with partitioning option is installed on the gateway before starting the Cisco ANA installation. For more information, see Chapter 4, “Creating and Configuring an Oracle Database.”

• The / (root) directory has at least 1 GB of disk space available.

• The Cisco ANA installation directory has at least 5 GB of disk space available. By default, Cisco ANA is installed in /export/home.

• The /tmp directory has at least 100 MB of disk space available.

Understanding the Cisco ANA Installation PromptsWhile the installation is in progress, the following user-defined prompts are displayed:

• Root password—UNIX root password. Used to connect to the Cisco ANA gateway using Cisco ANA client components such as Cisco ANA NetworkVision, Cisco ANA Manage, and so on.

• bosenable, bosconfig, and bosusermngr password—System built-in accounts. The bosenable, bosconfig, and bosusermngr are the three different login levels defined to connect to the Cisco ANA shell.

• web monitoring tool username and password—User-defined account used to connect to the Cisco ANA graph.

Note The default password is set during installation for bosenable, bosconfig, bosusermngr, and web monitoring accounts. To change the default password, see the Cisco Active Network Abstraction 3.6.7 Administrator Guide.

• Oracle home directory—Oracle installation directory.

• Root password in order to add user sheer to oracle group—UNIX root password.

• Oracle sid—MCDB. See Creating and Configuring an Oracle Database, page 4-1.

• Oracle admin username—The default value is system.

• Oracle admin password—Oracle database password.

• Password for the scheme sheer—sheer scheme password.

• Location of the data files—Oracle data files’ location.

• Oracle Listener port—1521. Oracle port used by Cisco ANA.


OL-19642-01



Chapter 5 Installing a Cisco ANA Gateway Cisco ANA Gateway Installation Overview

Cisco ANA Gateway Installation OverviewFigure 5-1 presents the gateway installation workflow and the tasks in the order in which they should be performed.

Figure 5-1 Cisco ANA Gateway Installation Workflow

1. Install the Cisco ANA gateway. See Installing the Cisco ANA Gateway, page 5-3.

2. Launch the gateway. See Launching the Gateway, page 5-10.

3. Verify the gateway installation. See Verifying the Cisco ANA Gateway Processes, page 5-10.

4. Install the Cisco ANA management tool. See Changes Resulting from the Installation, page 5-11.

Note Only a user with root privileges on the UNIX system can perform the gateway installation.

Installing the Cisco ANA GatewayThis procedure installs tools that are required for gateway functionality. These tools include the Apache Web Server and the third-party tools Java v1.4.2_13-b06 and Active Perl v5.8.3.

Note The server installation script checks for existing packages and removes them in a preinstallation phase.

To install the Cisco ANA gateway:

Step 1 Verify that the DVD is in the DVD drive.

Step 2 Open a Telnet or SSH session to the gateway machine and log into the machine as the user root.

Step 3 Confirm that system requirements such as disk space are satisfied. For more information, see Hardware and Software Requirements, page 2-5.

Step 4 Back up and remove the old version of the gateway (if an older version exists).

Step 1: Install the Cisco ANA gateway

Step 2: Launch the Cisco ANA gateway

Step 3: Verify the DNA Gateway InstallationStep 3: Verify the Cisco ANA gatewayinstallation

1951

12Step 4: Install the Cisco ANA

management tool


OL-19642-01


Step 5 To change to the CD directory, enter:

cd /cdrom/cdrom0/server

Step 6 To install the Cisco ANA gateway, enter:

perl install.pl –encaped

Note The gateway installs itself in the default directory /export/home/sheer 4. To change the installation directory, add the -dir [desired directory] switch at the end of the perl install.pl –encaped command; for example, perl install.pl –encaped –dir /opt/sheer.

The installation of the gateway starts. The installation procedure is automatic and requires no user input.

Note This process might take a while. For more information about the Cisco ANA environment created during installation, see Appendix A, “Folders Created in Cisco ANA.”

Step 7 After installation, enter the following command to provide user sheer with oinstall group access:

usermod -G <oracle-group> sheer

To identify the Oracle group, enter:

id -a <oracle-user>

For example (when Oracle 10g is installed):

root@sh-nv240-391 [~]# id -a oracle uid=168(oracle) gid=102(dba) groups=103(oinstall) root@sh-nv240-391 [~]# usermod -G dba,oinstall sheer

For information about verifying that user sheer belongs to the dba group and that it has access to the Oracle installation group oinstall, see Verifying that User sheer Belongs to dba Group and Has Oracle Group Access, page 10-1.

Note If you are using a remote database for server installation, there is no local Oracle installation on the gateway machine and hence no user named oracle. The user oracle exists on the gateway machine only after you install the Oracle client on it.

Step 8 When the installation is complete, open a Telnet or SSH session to the gateway machine and log into the machine as user sheer with the password sheer.

Step 9 The first time you log in, the system advises you to change the default password. It is strongly recommended that you do so. To change the default user password, enter:

passwd

Step 10 Enter the following command to copy the post_ana360_v1.pl script from the product DVD to Main/scripts:

cp [DVD_drive]/server/post_ana360_v1.pl ~/Main/scripts/post_ana360_v1.pl

Step 11 Enter the following command to execute the post_ana360_v1.pl script. This script expedites the installation process and ensures a successful installation:

perl ~Main/scripts/post_ana360_v1.pl


OL-19642-01


The command and a successful response are similar to the following:

sheer@ana-server [~/Main/scripts]% perl /post_ana360_v1.pl Successfully changed /export/home/sheer4/local/scripts/sheer-conf.pl!Successfully changed /export/home/sheer4/local/scripts/attach_db.pl!sheer@ana-server [~/Main/scripts]%

Step 12 To continue installing the Cisco ANA gateway, go to ~local/scripts and enter sheer-conf.pl from that location. For example:

$ cd ~/local/scripts$ sheer-conf.pl

Note The following requirements exist for executing the sheer-conf.pl script:

• The database and listener must be up before you execute the sheer-conf.pl script.

• To install the database on a server other than the gateway, you must install an Oracle client on the gateway, and it must be the same version as the one on the Oracle server. You can download the Oracle client installation from the Oracle Corporation website.

• The Cisco ANA application uses the Oracle 9.2.0.8.0 JDBC driver as the default JDBC driver to communicate with the Oracle database. If you installed a different database version, such as for Oracle 10g, you must remove the default JDBC driver and download the appropriate JDBC driver to ~/Third_Party/db.

Step 13 Choose Set machine as gateway (Figure 5-2). Use the down arrow key to choose a machine as the gateway, then press Enter.

Figure 5-2 Choose Set Machine as Gateway

Step 14 The Cisco ANA configuration utility configures the system by running a number of procedures:

a. Time server configuration tool—Configures the XNTP daemon to act as a time server for all units. The tool prompts you for the root password.

- Checking package main installation status [OK] - Setup is updating the configuration directories, this might take a while - Setting up time server, Enter root password: - Done setting up the time server.

b. Password initiator tool—Asks you to set all Cisco ANA system built-in account passwords.


OL-19642-01


You are prompted to:

– Enter the UNIX password for Cisco ANA usernames.

– Enter the requested password at each prompt as the following information appears:

+ ANA is being installed with 4 built-in user which can be used for logging into the system from ANA's client/interfaces. Setup will now request the user to enter the required passwords: - Enter the system root password: - Enter the system root password again for verification: - Enter the system bosenable password: - Enter the system bosenable password again for verification: - Enter the system bosconfig password: - Enter the system bosconfig password again for verification: - Enter the system bosusermngr password: - Enter the system bosusermngr password again for verification: + ANA is being installed with a web based monitoring tool. Setup will now request the user to enter a username/password which will be used for accessing the web based monitoring tool: - Enter the web monitoring tool username: root - Enter the web monitoring tool password: - Enter the web monitoring tool password again for verification:

c. You are asked whether you want to use the defaults for the workflow scheme:

- Use defaults for WorkFlow Scheme ? (Y,N) [default Y] + Setup will now try to connect to this machine's database,

If you enter Y, all Cisco ANA database definitions are applied to the DWE scheme.

If you enter N, you are asked a series of questions similar to the ones asked when configuring Cisco ANA’s database. For example:

Provide the following database parameters: - Would you like to use a remote database? (y or n) [default n]

Note Important: If you enter Y for the gateway to use a remote database, the subsequent parameters might be different. For more information, see Using a Remote Database for the Gateway Installation, page 5-8.

- Enter the Oracle home directory (for e.g. /export/home/oracle/Ora920/) /export/home/oracle/Ora920 - Enter root password in order to add user sheer to oracle group: - Enter the Oracle sid: MCDB - Enter the Oracle admin username: system - Enter the Oracle admin password: - Enter the password for the scheme sheer: - Enter the location of the data files: /export/home/oracle/Ora920/oradata - Enter the Oracle Listener port: 1521

Please enter WorkFlow scheme DB parameters - Enter the Oracle sid: MCDBWould you like to use a remote database? (y or n) [default n] n - Enter the Oracle Listener port: 1521 - Enter the Oracle admin username: system - Enter the Oracle admin password: - Enter the Oracle scheme username: sheer - Enter the password for the scheme sheer: - Enter the location of the data files: /export/home/oracle/Ora920/oradata ------------------------------------------------ - Oracle home directory: /export/home/oracle/Ora920


OL-19642-01


- DB address: 127.0.0.1 - Oracle SID: MCDB - Oracle User: sheer - Oracle Port: 1521 - Oracle Password: ********** - DataFiles location: /export/home/oracle/Ora920/oradata

- DB address: 127.0.0.1 - _________Work Flow schema location__________________ - DB address: 127.0.0.1 - Oracle SID: MCDB - Oracle User: sheer - Oracle Port: 1521 - Oracle Password: ********** - DataFiles location: /export/home/oracle/Ora920/oradata

- DB address: 127.0.0.1-

Note A warning message similar to the following might be displayed if an incorrect version of Oracle is installed:

WARNING: Cisco ANA requires Oracle version 9.2.0.8 while the given Oracle

version is <Oracle version>. Using the current version is not recommended as

it may cause functionality/performance issues and will void the support for

this product. Would you like to continue the installation using the current

Oracle version anyway? (Y,N)[default N]

d. You are asked if all parameters have been entered correctly.

e. You are prompted to enter the UNIX root password for adding user sheer to the Oracle group.

For example:

+ Setup will now try to connect to this machine's database,Provide the following database parameters:- Enter the Oracle home directory (for e.g. /export/home/oracle/Ora920/)/export/home/oracle/Ora920- Enter the Oracle sid: MCDB- Enter the Oracle admin username: system- Enter the Oracle admin password:- Enter the password for the scheme sheer:- Enter the location of the data files: /export/home/oracle/Ora920/oradata- Enter the Oracle Listener port: 1521------------------------------------------------- Oracle home directory: /export/home/oracle/Ora920- DB address: 127.0.0.1- Oracle SID: MCDB- Oracle User: sheer- Oracle Port: 1521- Oracle Password: **********- DataFiles location: /export/home/oracle/Ora920/oradata

- Is this information correct? (y or n) [default y]- User sheer exist, updating password- Password changed successfully, scheme exist.- scheme sheer exist, loading plugins- updating avm11.xml- Enter root password in order to add user sheer to oracle group:


OL-19642-01


If the sheer scheme does not exist, the database configuration utility prompts you for:

– Oracle admin username: system

– Oracle admin password

– Password for scheme sheer

Figure 5-3 Password for Scheme sheer

For information about using high availability in your environment, see the Cisco Active Network Abstraction 3.6.7 Administrator Guide.

Using a Remote Database for the Gateway Installation

If you want the gateway to use a remote database for server installation, some of the parameters you must enter are different from those that you enter when using the gateway server.

Note The following is an example of the warning message that might be displayed if an incorrect version of Oracle is installed:

WARNING: Cisco ANA requires Oracle version 9.2.0.8 while the given Oracle version is 10.2.0.1.0. Using the current version is not recommended as it may cause functionality/performance issues and will void the support for this product. Would you like to continue the installation using the current Oracle version anyway? (Y,N) [default N] Y

Caution If you are using a remote database with Oracle 10g, the installation process might corrupt the tnsnames.ora file. Before you enter Y, check the tnsnames.ora file to verify that the hostname.sid is not missing the sid extension. If you find this error, fix it in the tnsnames.ora file, then enter Y to continue the installation.

The following example shows the database parameters required for remote database installation:

Provide the following database parameters: Would you like to use a remote database? (y or n) [default n] y Please enter Oracle IP address [default 10.52.22.20] 10.56.56.94 - Enter the SQLPlus home directory (for e.g. /export/home/oracle/Ora920/)


OL-19642-01




/export/home/oracle/oracle/product/10.2.0/client_2 - Enter root password in order to add user sheer to oracle group: - Enter the Oracle sid: MCDB - Enter the Oracle admin username: system - Enter the Oracle admin password: - Enter the password for the scheme sheer: - Enter the location of the data files: /export/home/oracle/Ora920/oradata - Enter the Oracle Listener port: 1521 - Enter root password in order to create tnsnames file: Password: - Enter again root password in order to change owner of tnsnames file: Password: creating tnsnames.ora file for remote DB connectivity

- Oracle home directory: /export/home/oracle/oracle/product/10.2.0/client_2 - DB address: 10.56.56.94 - Oracle SID: MCDB - Oracle User: sheer - Oracle Port: 1521 - Oracle Password: ********** - DB address: 10.56.56.94 - Is this information correct? (y or n) [default y] - User sheer exist, updating password - Password changed successfully, scheme exist. - User dwe exist, updating password - Password changed successfully, scheme exist. - scheme sheer exist, loading plugins - creating dwe tables... - updating avm11.xml - updating avm66.xml - Done setting the machine as gateway

Manually Updating the Gateway Java Version to 1.4.2_19After the Cisco ANA gateway installation is complete, you must manually update the Java version from 1.4.2_13 to 1.4.2_19. To manually update the Java version:

Step 1 Shut down Cisco ANA.

Step 2 On the DVD with the Cisco ANA image, locate the file called java.tar.gz and copy it to $HOME (usually /export/home/sheer4).

Step 3 Enter the following command to change the directory name from ~/java to ~/java_old:

mv ~/java ~/java_old

Step 4 Enter the following command to delete the *jdk* directory under the utils directory:

rm -rf ~/utils/java1.4.2_13-b06

Step 5 Enter the following command:

gunzip < java.tar.gz | tar xvf -

Step 6 Restart Cisco ANA.


OL-19642-01


Launching the GatewayYou are ready to launch the gateway after you have installed the server system and the gateway software.

To launch the gateway:

Step 1 Open a Telnet or SSH session to the gateway machine and log into the machine as user root.

Step 2 To verify whether the user sheer has access to the group oinstall, enter:

groups sheer

If the user sheer does not have access to the group oinstall, enter:

usermod -G <oracle_group> sheer

For example:

usermod -G oinstall sheer

For more information about verifying that user sheer belongs to the dba group and has access to the Oracle installation group oinstall, see Verifying that User sheer Belongs to dba Group and Has Oracle Group Access, page 10-1.

Step 3 To log into the gateway as user sheer, enter:

su - sheer

Step 4 To launch the gateway, enter the initialization command:

cmpctl start

The gateway process loads.

Note The gateway loading process might take a while.

Verifying the Cisco ANA Gateway ProcessesThis section verifies that the following gateway processes are up and running:

• AVM 0—Transport switch process

• AVM 11—Gateway process

• AVM 99—Management process

• webserver daemon—Client connection process

• sheer_secured daemon

To check the status of all processes and daemons, enter:

status


OL-19642-01

Chapter 5 Installing a Cisco ANA Gateway Changes Resulting from the Installation

Figure 5-4 shows sample output that lists all processes.

Figure 5-4 List of All Processes

Note The entry “Checking for AVM100’s status [DISABLED]” is an expected condition.

For each AVM process that is checked, the status command displays, in brackets, the number of exceptions found in the total number of log file lines for that process.

Changes Resulting from the InstallationThe installation script makes the following changes on the Cisco ANA gateway:

• User sheer Created, page 5-11

• The .cshrc File Modified for User sheer, page 5-12

• Environment Variables Defined, page 5-13

• Aliases Defined, page 5-13

User sheer CreatedThe installation script automatically creates a UNIX user called sheer with the default password sheer. This user can launch Cisco ANA and perform all required functionality.


OL-19642-01

Chapter 5 Installing a Cisco ANA Gateway Changes Resulting from the Installation

The .cshrc File Modified for User sheerThe installation script automatically creates the user sheer and an associated environment. The .cshrc file is a user initialization file where required environment variables and aliases are defined.

An example of a typical .cshrc file for user sheer is:

# --- tcsh settings set prompt="%B%n@%m%b [%~]# " set autolist set autoexpand set autocorrect set history=5000 set savehist=5000 set notify set complete="enhance" set savehist set correct=cmd set autologout=0 set color set colorcat

# --- env settings setenv SHEERHOME ~sheer setenv PAGER less setenv JAVA_HOME $SHEERHOME/java setenv PERL_HOME $SHEERHOME/perl setenv PERL_VER "5.8.6" setenv MANPATH /usr/local/mrtg-2/man:/usr/local/net-snmp/man/usr/local/man:/usr/local/ActivePerlocal/samba/man:/usr/local/ActivePerl-5.6/man:/usr/local/ssl/man setenv EDITOR vi setenv LD_LIBRARY_PATH $SHEERHOME/local/lib/gen:$SHEERHOME/Third_Party/lib setenv SHEERPATH .:$SHEERHOME/perl/bin:$SHEERHOME/local/lib/gen:$SHEERHOME/local/bin:$SHEERHOMEain/scripts:$SHEERHOME/python/bin:$SHEERHOME/Main/setup

setenv PATH ${SHEERPATH}:/usr/bin:/usr/sbin:/usr/etc:/usr/ucb:/usr/local/bin/:/usr/local/net-sn setenv PERLLIB "./:${SHEERHOME}/local/lib/perl/gen:${SHEERHOME}/local/lib/perl/sheer:${SHEERHOMperl/lib/${PERL_VER}:${SHEERHOME}/perl/lib/site_perl/${PERL_VER}/sun4-solaris-thread-multi:${SHite_perl:${SHEERHOME}/Main" setenv SHEER_LOGIN_INFO 1 setenv SHEER_COMMUNICATION_METHOD ssync

# --- other settings limit descriptors 1024

# --- sourcing if ( -f $SHEERHOME/.aliases ) then source $SHEERHOME/.aliases endif if ( -f $SHEERHOME/db/.db ) then source $SHEERHOME/db/.db endif if ( -f $SHEERHOME/Main/.sheer ) then source $SHEERHOME/Main/.sheer endif

For information about checking the gateway installation, see Verifying the Cisco ANA Gateway Installation, page 5-13.


OL-19642-01

Chapter 5 Installing a Cisco ANA Gateway Verifying the Cisco ANA Gateway Installation

Environment Variables DefinedThe installation script automatically defines the environment variables listed in Table 5-1.

Note The SHEER_HOME variable content /export/home/sheer4 changes according to the gateway installation directory. For details, see Installing the Cisco ANA Gateway, page 5-3.

Aliases DefinedThe installation script automatically defines the aliases listed in Table 5-2.

Verifying the Cisco ANA Gateway InstallationSee the following sections to verify the installation of the gateway:

• Cisco ANA Database Configuration, page 5-14

• Cisco ANA Version Information, page 5-14

• Drools Rules Configuration, page 5-15

• Web Server and Web Start Configuration, page 5-15

• Graph Mechanism Configuration, page 5-16

• Cisco ANA Configuration Directories, page 5-16

• What’s Next?, page 5-17

Table 5-1 Environment Variables Defined by the Installation Script

Variable Name Content

SHEER_HOME /export/home/sheer4

JAVA_HOME /export/home/sheer4/java

SHEER_COMMUNICATION_METHOD ssync

Table 5-2 Aliases Defined by the Installation Script

Table Alias Content

sheer Changes the directory to ~sheer/Main

reg Changes the directory to ~sheer/Main/registry

main Changes the directory to ~sheer/Main

logs Changes the directory to ~sheer/Main/logs


OL-19642-01


Cisco ANA Database ConfigurationTo confirm that the Cisco ANA database is running, available, and configured correctly:

Step 1 On the server where Oracle is installed, enter:

sqlplus USER/PASSWORD

The username is sheer, and the password was set up during installation.

Step 2 Confirm that the SQL client can connect to the database.

Successful Result

The following prompt appears:

SQL*Plus: Release 9.2.0.8.0 - Production on Sun Apr 10 09:40:01 2005 Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved. Connected to: Oracle9i Enterprise Edition Release 9.2.0.8.0 - Production With the Partitioning, OLAP and Oracle Data Mining options JServer Release 9.2.0.8.0 - Production SQL>

If Failure Occurs

A test failure indicates a database error. Contact your local database administrator and repeat the test.

Cisco ANA Version InformationUse this procedure to view the version of Cisco ANA installed on the server and to verify that the major components of the Cisco ANA system are located correctly and are running.

Note This test also checks a few additional characteristics of the installation, such as directories and classes.

If there are any files missing or problems with the configuration, this check fails.

Step 1 On the gateway, enter:

status

Step 2 Confirm that the correct version of Cisco ANA has been installed.

The following is an example of the message that should be displayed:

--------------------------------------------------------------------- Welcome to sh-nv210-1A5, running Cisco ANA gateway (v3.6.7 (PRODUCT)) ---------------------------------------------------------------------


OL-19642-01


Note For the exact version installed, use the status command only on the gateway. Running the status command on the units does not reflect the changes made with maintenance releases, and instead shows version 3.6.0.

Drools Rules ConfigurationTo confirm that the Drools rules files that are being used have been created correctly:

Step 1 On the server, verify that the ~/Main/data directory exists.

Step 2 Confirm that the directory contains:

• post.drl

• pre.drl

Successful Result

The two Drools rules files exist in the ~/Main/data directory.

If Failure Occurs

Rerun the installation.

Web Server and Web Start ConfigurationThis procedure verifies that the:

• Web server is configured correctly and is running.

• Cisco ANA Web Start mechanisms are configured correctly.

Step 1 Open a web browser on a PC client connected to the server.

Step 2 Enter the following URL to connect to the gateway URL:

http://<GW-IP>:1310/webstart/networkvision.jnlp

For example, if the gateway IP address is 172.16.0.0, enter:

http://172.16.0.0:1310/webstart/networkvision.jnlp

Successful Result

• The networkvision.jnlp file is found.

• The web browser locates the file and tries to open or save (download) the file, depending on the configuration of the web server.

• The Web Start directory and Apache are installed correctly.


OL-19642-01


Note The Java Network Launching Protocol (JNLP) file returns the following expected error from the web server: An error occurred while launching/running the application.

Category: Launch File Error

The field <jnlp><information><homepage>href has an invalid value: home.html

If Failure Occurs

• Confirm that the Apache Server is running on the gateway.

• To verify that the webserver daemon is up and running, enter status on the gateway.

If the webserver daemon is down, enter startWeb.cmd to load it.

• Verify that the directory ~/Main/webstart and all of its subdirectories and files have execute privileges.

Graph Mechanism ConfigurationTo confirm that the graph mechanism is working correctly:

Step 1 Open a web browser on a PC client connected to the server.

Step 2 The graph mechanism, also known as the diagnostic web page, is enabled by default. You can disable or enable the diagnostic web page:

• To disable the diagnostic web page, enter diagnostic_framework.cmd disable.

• To enable the diagnostic web page, enter diagnostic_framework.cmd enable.

Step 3 Enter the following URL to connect to the Cisco ANA graph:

https://<GW-IP:1311>/graphs/

Note The username and password for the graphs were configured during installation.

The graphs open in the web browser.

Cisco ANA Configuration DirectoriesTo confirm that the Cisco ANA Golden Source configuration directories are installed on the gateway:

Step 1 On the server, browse to the directory ~/Main/registry/ConfigurationFiles.

Step 2 Verify that the directory contains the following two subdirectories:

• 127.0.0.1

• 0.0.0.0


OL-19642-01


Successful Result

• The subdirectory 127.0.0.1 exists.

• The subdirectory 0.0.0.0 exists.

If Failure Occurs

Verify that the webserver daemon is up and running, and then enter the status command on the gateway as shown in Figure 5-5.

Figure 5-5 Status Command on the Cisco ANA Gateway

If the webserver daemon is down, enter startWeb.cmd to load it (see Figure 5-6).

Figure 5-6 startWeb.cmd Command

What’s Next?After you have verified the successful installation of the gateway, you can install the units. For information about checking the installation of the units, see Verifying the Cisco ANA Unit Installation, page 6-7.

Note If you install a maintenance release, such as 3.6.7, you must generate unique SSH keys on the gateway when the gateway is up and running to propagate to all units in your setup. See Generating SSH Keys, page 8-5.


OL-19642-01



OL-19642-01

Cisco OL-19642-01

C H A P T E R 6
Installing a Cisco ANA Unit
This chapter covers the typical installation of a Cisco ANA unit.

Note For instructions on how to install Cisco ANA 3.6.7 on a unit in a Cisco ANA 3.6 installation, see Chapter 8, “Installing Cisco ANA 3.6.7.”

Before starting the installation, verify that:

• The installation DVD is available (see Installation DVD, page 2-14).

• The unit machines that are going to be installed comply with the minimum system requirements specified in Chapter 2, “Installation Prerequisites.”

Note • The time set on the clocks of all units in the setup should be the same. The maximum difference allowed between the different clocks is 4 minutes.

• Cisco ANA 3.6.7 involves a change to the Java version. See Manually Updating the Unit Java Version to 1.4.2_19, page 6-4.


• Cisco ANA Unit Installation Overview, page 6-2

• Installing the Cisco ANA Unit, page 6-3

• Adding the Unit to the Cisco ANA Platform, page 6-5

• Launching the Unit, page 6-5

• Verifying the Unit Processes, page 6-6

• Configuring the Unit, page 6-6

• Verifying the Cisco ANA Unit Installation, page 6-7

• What’s Next?, page 6-8


Chapter 6 Installing a Cisco ANA Unit Cisco ANA Unit Installation Overview

Cisco ANA Unit Installation OverviewFigure 6-1 presents the unit installation workflow and the tasks in the order in which they should be performed.

Figure 6-1 Cisco ANA Unit Installation Workflow

1. Install the Cisco ANA unit. See Installing the Cisco ANA Unit, page 6-3.

2. Add the unit to the Cisco ANA platform and configure it in the system. See Adding the Unit to the Cisco ANA Platform, page 6-5.

3. Launch the unit. See Launching the Unit, page 6-5.

4. Verify the unit installation. See Verifying the Unit Processes, page 6-6.

5. Configure the unit. See Configuring the Unit, page 6-6.

For information about restarting the Cisco ANA platform, see the Cisco Active Network Abstraction 3.6.7 Administrator Guide.

Step 2: Add the Cisco ANA unit to theCisco ANA platform

Step 1: Install the Cisco ANA unit

Step 4: Verify the Cisco ANA unit installation

Step 5: Configure the Cisco ANA unit

Step 3: Launch the Cisco ANA unit

1951

13


OL-19642-01



Chapter 6 Installing a Cisco ANA Unit Installing the Cisco ANA Unit

Installing the Cisco ANA UnitThis procedure describes how to install the tools that are required for unit functionality, including Java v1.3.1_09 and Active Perl v5.6.1.

To install the Cisco ANA unit:

Step 1 Verify that the DVD is in the DVD drive.

Step 2 Open a Telnet or SSH session to the unit machine and log into the machine as the user root.

Step 3 Check the system prerequisites, such as the required disk space. See Cisco ANA Unit, page 2-7.

Step 4 Back up and remove the old version of the unit (if an older version exists).

Step 5 To change to the CD directory, enter:

cd /cdrom/cdrom0/Server

Step 6 To install the Cisco ANA unit, enter:

perl install.pl –encaped

Note If you used the -dir [desired directory] switch to change the directory on the gateway, you must install the Cisco ANA unit in the same directory. To change the installation directory, add -dir [desired directory] at the end of the perl install.pl –encaped command. For example, enter: perl install.pl –encaped –dir /opt/sheer

If you did not use the -dir [desired directory] switch when you installed the gateway, do not use it here.

The installation of the Cisco ANA unit begins. This process is automatic and requires no user input.

Note This process might take a while. For an explanation of the Cisco ANA environment created during installation, see Appendix A, “Folders Created in Cisco ANA.”

Step 7 Open a Telnet or SSH session to the unit machine and log into the machine as user sheer.

Step 8 To continue installing the Cisco ANA unit, go to ~local/scripts and enter sheer-conf.pl from that location. For example:

$ cd ~/local/scripts$ sheer-conf.pl

Step 9 Choose Set machine as unit (see Figure 6-2). The Cisco ANA configuration utility requests the IP address of the gateway machine and verifies input (y).


OL-19642-01

Chapter 6 Installing a Cisco ANA Unit Installing the Cisco ANA Unit

Figure 6-2 Request IP Address of the Gateway

Step 10 Enter the root user password to complete the unit installation.

Step 11 If more than one IP address is defined on the Cisco ANA host UNIX machine, Cisco ANA automatically chooses the IP address of the network interface card (NIC) that acts as a default route to the gateway. If required, you can change the NIC; use the choose_nic.pl tool to choose any IP address defined in the operating system.

Figure 6-3 Change the Default Route to the Gateway

For information about using high availability in your environment, see the Cisco Active Network Abstraction 3.6.7 Administrator Guide.

Manually Updating the Unit Java Version to 1.4.2_19After the Cisco ANA unit installation is complete, you must manually update the Java version from 1.4.2_13 to 1.4.2_19. To manually update the Java version:

Step 1 Shut down Cisco ANA.

Step 2 On the DVD with the Cisco ANA image, locate the file called java.tar.gz and copy it to $HOME (usually /export/home/sheer4).


OL-19642-01



Chapter 6 Installing a Cisco ANA Unit Adding the Unit to the Cisco ANA Platform

Step 3 Enter the following command to change the directory name from ~/java to ~/java_old:

mv ~/java ~/java_old

Step 4 Enter the following command to delete the *jdk* directory under the utils directory:

rm -rf ~/utils/java1.4.2_13-b06

Step 5 Enter the following command:

gunzip < java.tar.gz | tar xvf -

Step 6 Restart Cisco ANA.

Adding the Unit to the Cisco ANA PlatformAdding a unit to the Cisco ANA platform requires the unit to be defined in the system so that the gateway is aware of it. When the unit is added, it automatically connects to the transport fabric so that it can communicate with the other elements in the system.

Use Cisco ANA Manage to add the unit. (See Adding New Cisco ANA Units in the Cisco Active Network Abstraction 3.6.7 Administrator Guide.) Cisco ANA Manage automatically registers the unit in the registry and creates a transport uplink between the unit and the gateway.

The following requirements must be met before you add units to the Cisco ANA platform:

• Remote Procedure Call (RPC) services must be enabled in the gateway so that the gateway and the unit can communicate.

• If you are adding a unit to an existing setup, you must generate the SSH keys. For more information, see Adding a Unit After Generating SSH Keys, page 8-7.

• For gateways with more than one NIC, you must specify the NIC that the unit is to use. For more information, see Adding a Unit After Generating SSH Keys, page 8-7.

Launching the UnitAfter installing the unit and adding it to the Cisco ANA platform, you can launch it. The gateway automatically verifies that the unit is up when it is added to the setup and, if the unit is down, starts it.

To launch the unit:

Step 1 Open a Telnet or SSH session to the unit machine and log into the machine as user sheer, with the default password sheer.

Step 2 To launch the unit, enter:

cmpctl start

The unit loading process begins.

Note This process might take a while.


OL-19642-01



Chapter 6 Installing a Cisco ANA Unit Verifying the Unit Processes

Verifying the Unit ProcessesThis procedure verifies that the following unit processes are up and running:

• AVM 0—Transport switch process

• AVM 99—Management process

• AVM 100—Trap management process

• sheer_secured daemon

At this point in the installation, no AVMs have been added. When you add AVMs and assign VNEs to them, they appear as AVM XXX, where XXX is the number assigned to the AVM.

To verify the status of all processes and daemons, enter:

status

The output lists all processes (see Figure 6-4).

Figure 6-4 List of the Processes

For each AVM process that is checked, the status command displays, in brackets, the number of exceptions found in the total number of log file lines for that process. In Figure 6-4, the information for AVM 0 is [OK 0/38]; that is, 0 exceptions in the 38 log file lines that were checked.

Configuring the UnitAt this point, the unit is installed and ready to host VNEs. For information about setting up AVMs and VNEs using Cisco ANA Manage, see the Cisco Active Network Abstraction 3.6.7 Administrator Guide.

Note Before creating any AVMs on the unit, the transport uplinks must be in place.


OL-19642-01


Chapter 6 Installing a Cisco ANA Unit Verifying the Cisco ANA Unit Installation

Verifying the Cisco ANA Unit InstallationThe following sections describe how to check the Cisco ANA unit installation:

• Cisco ANA Version Information, page 6-7

• Key Directories and File Configuration, page 6-7

• Registry Configuration, page 6-8

• Golden Source Configuration, page 6-8

Cisco ANA Version InformationThis procedure checks the version of Cisco ANA that is installed on the server. In addition, it verifies that the major parts of the Cisco ANA system are located correctly and are running.

Note This procedure also checks a few additional characteristics of the installation, such as directories and classes.

If there are any files missing or problems with the configuration, the procedure fails.

Step 1 On the server, enter:

echo $SHEER_VER

Step 2 Confirm that the correct version of Cisco ANA has been installed.

Successful Result

The version, build, and customer information installed on the setup are displayed.

Actual Sample ResultAVM OS v3.6.0 (290) (PRODUCT)

If Failure Occurs


Key Directories and File ConfigurationUse this procedure to verify that key directories and files exist in the setup.

In the ~/Main directory, confirm that:

• The license.jar file exists.

• The scheme subdirectory exists and contains the correct scheme files.

• The scripts and UNIX subdirectories were created correctly.


OL-19642-01

Chapter 6 Installing a Cisco ANA Unit What’s Next?

Successful Result

• The license.jar file exists in the directory.

• The scheme subdirectory exists.

• The scripts and UNIX subdirectories exist.

If Failure Occurs


Registry ConfigurationTo verify that the registry directory has been created correctly and contains the necessary files, browse to the ~/Main/registry directory on the server.

Successful Result

The registry directory exists and contains the necessary files.

If Failure Occurs


Golden Source ConfigurationUse this procedure to verify that the Golden Source was configured correctly on the unit.

Step 1 On the server, locate and open the following file:

~/Main/registry/avm99.xml

Step 2 Confirm that the file contains an entry for the key parent, which is the value of the IP address of the gateway.

Successful Result

The file contains an entry for the key parent, which is the value of the IP address of the gateway.

If Failure Occurs


What’s Next?After installing the gateway and the units, the system is up and ready to use. You can now install the client application to enable users to view the network. See Chapter 7, “Installing Clients.”


OL-19642-01

Cisco OL-19642-01

C H A P T E R 7
Installing Clients
This chapter covers the typical installation of the following client components:

• Cisco ANA Manage

• Cisco ANA NetworkVision

• Cisco ANA EventVision

• Java Runtime Environment v1.4

Before starting the installation procedure, verify that:

• The Web Start Cisco ANA Clients installation DVD is available. This DVD covers the installation of all client components.

• There is IP connectivity between the gateway and the client station that you are about to install.

Caution Before installing the Cisco ANA 3.6 client, you must uninstall any previous version. If you want to retain the information from a previous client, move the previous client to another directory. For information about uninstalling clients, see Uninstalling the Client, page 9-2.


• Using the Client Installation Wizard, page 7-1

• Starting Clients, page 7-3

• Upgrading Clients, page 7-3

• Disabling the Automatic Client Update, page 7-3

Using the Client Installation WizardThe client installation wizard guides you step-by-step through the client installation process.

To install the client:

Step 1 Insert the Cisco ANA client installation DVD in the DVD drive. The client installation wizard launches automatically and the Welcome window is displayed.

If the client installation wizard does not launch automatically, browse to the DVD directory and launch the CiscoANA_webstart.exe executable.


Chapter 7 Installing Clients Using the Client Installation Wizard

Note Click Cancel at any time to stop the setup process.

Step 2 Click Next. The Destination Location window is displayed.

Note The default installation location is C:\Program Files\Cisco Systems\ANA.

Step 3 To change the default installation location, click Browse and choose the preferred installation directory.

Step 4 Click OK after choosing the required directory, or click Cancel to return to the default installation location.

Step 5 Click Next to accept the installation directory location.

The Select Components window is displayed.

Note Be sure to choose the JAVA Runtime option.

This window provides options to:

• Overwrite any older or existing version of Java with a new version of Java

• Install Cisco ANA NetworkVision and Cisco ANA EventVision

• Install the management tools:

– Cisco ANA Manage

– Cisco ANA Shell

– Cisco ANA Workflow Editor

Step 6 Choose one or more of the options according to your preference, then click Next.

The Select Program Manager Group window is displayed.

Note The default Program Manager Group is Cisco ANA. Cisco ANA overwrites any existing icons. It is recommended that you add a version number to the Program Manager Group; for example, Cisco ANA 3.6.x.

Step 7 If you want to change the default Program Manager Group, enter your preference.

Step 8 Click Next. The Start Installation window is displayed.

Step 9 Click Next to start the installation. The Installing window is displayed.

Step 10 When the installation is complete, choose the options displayed in the final installation window, according to your preference:

• Create “Quick Launch” icons—Create a Quick Launch icon for Cisco ANA NetworkVision and the Cisco ANA Manage application on the Quick Launch toolbar.

• Launch Cisco ANA NetworkVision—Immediately launch the Cisco ANA NetworkVision application.

Step 11 Click Finish to end the installation.


OL-19642-01

Chapter 7 Installing Clients Starting Clients

When the client installation is finished, use Cisco ANA Manage to complete the deployment of Cisco ANA. For detailed information, see the Cisco Active Network Abstraction 3.6.7 Administrator Guide.

Starting ClientsFor detailed information about starting and working with Cisco ANA Manage, see the Cisco Active Network Abstraction 3.6.7 Administrator Guide.

For detailed information about starting and working with Cisco ANA NetworkVision and Cisco ANA EventVision, see the Cisco Active Network Abstraction 3.6.7 User Guide.

Note • If you encounter latency problems, close any other applications running on the desktop.

• When you launch the client, if you receive an error that says you are using a noncompliant Java version, you must reinstall the client. See Using the Client Installation Wizard, page 7-1.

Upgrading ClientsThe clients support automatic client updates from the gateway. When connecting with a gateway, the system verifies that the client version is the latest one available and, if an upgrade is required, the system automatically updates the client from the gateway.

Note • This process might take several minutes.

• Unless there is a major version change, you do not need to upgrade clients manually.

Disabling the Automatic Client UpdateThe automatic client update is enabled by default.

To disable the automatic client update:

Step 1 Install the client applications.

Step 2 Log into the gateway as user sheer.

Step 3 To disable the Apache port from which the clients download the JAR files, enter:

‘client_updates_port.cmd disable’

Step 4 To create /tmp/ClientJars.zip, enter:

make_client_jars.cmd

Step 5 From the client PC:

a. Use FTP to connect to the gateway.


OL-19642-01






Chapter 7 Installing Clients Disabling the Automatic Client Update

b. Transfer /tmp/ClientJars.zip in binary mode to [Applications location]\.

c. Extract the ClientJars.zip to [Applications location]\.

Note The default [Applications location]\ is C:\Program Files\Cisco Systems\ANA\.

[Applications location]\jars should now contain its original contents and the extracted contents of ClientJars.zip, and [Applications location]\ should contain .dll files.

Step 6 In all .properties files in [Applications location]\, change the value of the update entry to false (updateJars=false).

Note See the Cisco Active Network Abstraction 3.6.7 Administrator Guide for information about Cisco ANA administration tasks.


OL-19642-01


Cisco OL-19642-01

C H A P T E R 8
Installing Cisco ANA 3.6.7
This chapter describes how to install Cisco ANA 3.6.7 and update the SSH keys used to secure communication between the gateway and units in a setup.

Cisco ANA 3.6.7 is installed on top of a Cisco ANA 3.6 installation and includes versions 3.6.1, 3.6.2, 3.6.3, 3.6.4, 3.6.5, and 3.6.6. If these previous versions or point patches are already installed on your system, the 3.6.7 script removes them and installs 3.6.7.

Depending on the amount of data in your database, it might take up to several hours to remove earlier versions and install Cisco ANA 3.6.7.

For a workflow of the steps required to install Cisco ANA 3.6.7, see Figure 3-1 on page 3-2.

Note • For instructions on installing Cisco ANA 3.6, see the following chapters:

– Chapter 5, “Installing a Cisco ANA Gateway”

– Chapter 6, “Installing a Cisco ANA Unit”

• If you are migrating from Cisco ANA 3.5.x to Cisco ANA 3.6, you must complete the Cisco ANA 3.6 installation before installing Cisco ANA 3.6.7. See Chapter 10, “Migrating to Cisco ANA 3.6.”

• If you are migrating from Cisco ANA 3.6.1 or later to Cisco ANA 3.6.7, after installing Cisco ANA 3.6.7, you must upgrade your JDK version on both the gateway and units as described in the Cisco ANA 3.6.7 installation procedure.



• Installing the Cisco ANA 3.6.7 Software, page 8-2

• Generating SSH Keys, page 8-5

• Uninstalling the Cisco ANA 3.6.7 Software, page 8-9


Chapter 8 Installing Cisco ANA 3.6.7 Before You Begin

Before You BeginBefore installing Cisco ANA 3.6.7:

• Cisco ANA 3.6 must be up and running.

• The Cisco ANA installation directory must have at least 1 GB of disk space available for the upgrade. By default, Cisco ANA is installed in /export/home/sheer4.

• The installation of Cisco ANA 3.6.7 includes all patches that were released since the Cisco ANA 3.6 release. Any patches or maintenance releases that were previously installed on top of Cisco ANA 3.6 are automatically uninstalled by the Cisco ANA 3.6.7 installation script.

• See the Enhanced Functionality for VNEs table in the Cisco Active Network Abstraction 3.6.7 Release Notes to review whether new technology modeling was added to the VNEs in use in your deployed environment. If new modeling was added, memory consumption might have increased and the AVM memory allocations should be checked. Contact your Cisco account representative to perform the necessary calculations.

• If you are reverting to an existing installation of Cisco ANA 3.6 from a 3.6.7 installation, see “Best Practices for Integration BQL Parsing” in the Cisco Active Network Abstraction 3.6.7 Customization User Guide to ensure that the integration is not affected and to verify that all system configuration changes made to the registry are maintained.

• Cisco ANA 3.6.7 introduces a change to the structure of link OIDs. If you are upgrading to Cisco ANA 3.6.7 from an earlier version of Cisco ANA, the GUI clients:

– Will not display working hyperlinks in the “Location” field for any link events or link tickets that were created before the upgrade.

– Will not correlate clearing events for any link events or link tickets that were created before the upgrade.

– Will not display business tags that were associated with links.


Installing the Cisco ANA 3.6.7 SoftwareCisco ANA 3.6.7 uses the following installation scripts:

• update.pl—Prints out a usage message.

• update.pl -h—Prints out a usage message.

• update.pl -i—Installs Cisco ANA 3.6.7, including all patches that were released since Cisco ANA 3.6.

• update.pl -r—Removes any previously installed point patches or maintenance releases, and installs Cisco ANA 3.6.7 on top of Cisco ANA 3.6.

Running this installation script retrieves the patches installed from the registry (site.xml), removes the server JAR files, and performs cleanup on client directories for all of the patches installed on the system. After the server and client patches are successfully removed, the product version is reset to ANA 3.6.0. Cisco ANA 3.6.7 is then installed, and the registry and all the JNLP client files are updated with the patch information.


OL-19642-01





Chapter 8 Installing Cisco ANA 3.6.7 Installing the Cisco ANA 3.6.7 Software

The amount of data in your database affects how long it takes for the update.pl -r script to remove a patch or maintenance release. Also, the “remove” option does not remove the persistency file that exists on the units. To remove the persistency file, you must manually go into each unit and delete all of the files in the export/home/sheer4/unit/AVMxxx/instrumentor-persistency folder.

The following procedure describes how to install Cisco ANA 3.6.7 on the gateway with all patches released since Cisco ANA 3.6.

Before You Begin

• Make sure you are running Cisco ANA 3.6, at a minimum. If Cisco ANA 3.6 it is not already installed on the gateway and units, follow the instructions in Installing the Cisco ANA Gateway, page 5-3 and Installing the Cisco ANA Unit, page 6-3 before continuing.

• Back up the database as described in Backing Up the Oracle Database and Sheer Directory, page 10-3.


Step 2 Create a temporary directory named /tmp/ANAPatch on the gateway.

Step 3 Copy the provided file (ANA3.6.7.jar) to the temporary directory. If you are installing from the DVD, the ANA3.6.7.jar file is located under the Server folder.

Step 4 Enter the command:

jar -xvf ANA3.6.7.jar

This command extracts the necessary JAR files and a Perl script.


perl ./update.pl -i

This command installs Cisco ANA 3.6.7 with all the patches.

Step 6 You are asked if you want to perform the installation operation.

Note If any earlier maintenance releases or point patches were previously installed on the gateway, enter perl ./update.pl -r (instead of perl ./update.pl -i) to remove the maintenance releases or patches before 3.6.7 is installed.

The update.pl -i installation script:

• Installs the server patch JAR files.

• Updates the registry (site.xml) with patch information.

• Updates the database tables.

• Removes persistency files from:

– $HOME/Main/topology/*

– $HOME/unit/AVM*/<folder>

where <folder> is defined by the /registry/ConfigurationFiles/127.0.0.1/agentdefaults.xml persistencydir key. The default value is instrumentor-persistency.

All client patch JAR files are installed and all client JNLP files are updated with the required patch details. Upon successful completion of the installation, the product version is set to ANA 3.6.7 (3.6.7), and the server restarts automatically.


OL-19642-01

Chapter 8 Installing Cisco ANA 3.6.7 Installing the Cisco ANA 3.6.7 Software

Note • If the error “java.io.FileNotFoundException: Main/scripts/redirectUdp.pl (Permission denied)” occurs when you run perl ./update.pl -i, enter the following commands in the Cisco ANA Patch directory as user root:

jar -xvf patch_other.jar cp Main/scripts/redirectUdp.pl ~/Main/scripts/redirectUdp.pl

• The following prompt is displayed when the installer updates the database:

SQL*Plus: Release 10.2.0.1.0 - Production on Thu Jun 4 10:03:47 2009Copyright (c) 1982, 2005, Oracle. All rights reserved.Connected to:Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - 64bit Production With the Partitioning, OLAP and Data Mining optionsSQL>

You do not have to perform any action. The installation process continues after the database is updated. The duration of the database update depends on the number of entries in the alarm tables within the database. If there are many entries in the alarm tables, this operation might take longer to complete.


status

This command displays the status of the Cisco ANA gateway:

--------------------------------------------------------------------------------------.-= Welcome to lalbagh, running Cisco ANA gateway (v3.6.7 (PRODUCT) build 17) =-.--------------------------------------------------------------------------------------

+ Checking for services integrity: - Checking if host's time server is up and running [OK] - Checking if webserver daemon is up and running [OK] - Checking if sheer_secured daemon is up and running [OK] - Checking if the ssh process is up and running [OK] - Checking if mvm.pl is up and running [OK]+ Detected AVM99 is up, checking AVMs - Checking for AVM100's status [DISABLED] - Checking for AVM0's status [OK 0/29] - Checking for AVM11's status [OK 2/453]



Step 8 If you are upgrading to Cisco ANA 3.6.7 from Cisco ANA 3.6.1 or later, you must update the Java version on the gateway and units.

• For the gateway, see Manually Updating the Gateway Java Version to 1.4.2_19, page 5-9.

• For units, see Manually Updating the Unit Java Version to 1.4.2_19, page 6-4.


OL-19642-01

Chapter 8 Installing Cisco ANA 3.6.7 Generating SSH Keys

Note Cisco ANA 3.6.7 introduces a change to the structure of link OIDs. If you are upgrading to Cisco ANA 3.6.7 from an earlier version of Cisco ANA, the GUI clients:

• Will not display working hyperlinks in the “Location” field for any link events or link tickets that were created before the upgrade.

• Will not correlate clearing events for any link events or link tickets that were created before the upgrade.

• Will not display business tags that were associated with links.


Generating SSH KeysSSH keys are used to secure communication between a gateway and the units in a setup. They are unique to each gateway and the units that are connected to it. To ensure synchronization between the gateway and the units, SSH keys are generated on the gateway and then propagated to all units in the setup.

You must generate the SSH keys only after the gateway and all units in the setup are up and running.

Note • Generate SSH keys only once. If SSH keys were already generated during the installation of an earlier maintenance release, do not regenerate SSH keys for Cisco ANA 3.6.7.

• If you want to add an additional unit to the setup at a later stage, see Adding a Unit After Generating SSH Keys, page 8-7.

The following sections describe:

• Generating New SSH Keys on the Gateway and Units, page 8-5

• Adding a Unit After Generating SSH Keys, page 8-7

• Manually Adding a Unit and Updating SSH Keys, page 8-8

Generating New SSH Keys on the Gateway and UnitsUse this procedure to generate new SSH keys on the gateway and units in your setup.

Note Complete this procedure only if the SSH keys were not already generated during the installation of an earlier maintenance release, such as Cisco ANA 3.6.6.


Step 2 Enter the following command to change to the required directory, where $SHEERHOME is the Cisco ANA install directory. The default directory is /export/home/sheer4:

cd $SHEERHOME/Main/scripts/patch


OL-19642-01


Step 3 Enter the following command to update the SSH keys:

perl ./sshKeysUpdate.pl

Note Run the sshKeysUpdate.pl command only once on the gateway. If this script runs more than once, the SSH keys are deleted and the default connection to the newly installed unit is removed. If this occurs, you must add the unit manually (see Manually Adding a Unit and Updating SSH Keys, page 8-8).

Step 4 Enter the following command to open an SSH session from the gateway to the unit:

ssh <unit_ip>

Step 5 Enter the following command to open an SSH session from the unit to the gateway:

ssh <gateway_ip>

Note • If you receive the message “DSA key fingerprint is <fingerprint>. Are you sure you want to continue connecting (yes/no)?,” enter yes.

• If you receive the message “Permission denied (publickey,keyboard-interactive),” enter sheer-conf.pl on the unit to install the unit and update its SSH keys as described in Adding a Unit After Generating SSH Keys, page 8-7.

Step 6 Enter the following command to exit from the gateway session:

exit

Step 7 Enter the following command to launch the unit:

cmpctl start

Figure 8-1 shows an example of the output listing the processes.

Figure 8-1 Generating SSH Keys on Gateway Processes


OL-19642-01


Adding a Unit After Generating SSH KeysThe following procedure describes how to use the SSH keys script to add an additional unit (or standby unit) to your existing setup and update its SSH keys.

Note • Perform this procedure only if you are adding an additional unit to the setup. Do not perform this procedure on units that already exist in your setup, as the SSH keys for these units were already updated (see Generating New SSH Keys on the Gateway and Units, page 8-5).

• If you have a problem synchronizing the SSH keys between the gateway and the unit, you can use the manual procedure to add the unit and update the keys (see Manually Adding a Unit and Updating SSH Keys, page 8-8).

Step 1 Install the Cisco ANA unit software on the new unit, as described in Installing the Cisco ANA Unit, page 6-3.

Step 2 On the gateway, log in as user sheer.

Step 3 If the gateway has more than one NIC, enter the following commands to specify the gateway IP address that the unit is to use (where $SHEERHOME is the Cisco ANA install directory; the default directory is /export/home/sheer4):

cd $SHEERHOME/Main ./runRegTool.sh -gs localhost add 127.0.0.1 avm99/service/os./runRegTool.sh -gs localhost set 127.0.0.1 avm99/services/os/localhost <ip_address>

As a result, the following key entry is added to the avm99.xml file:

<key name=”os”> <entry name=”localhost”>ip-address</entry>

</key>

Step 4 Enter the following command to change to the required directory:

cd $SHEERHOME/Main/scripts/patch

Step 5 Enter the following command to update the SSH keys on the new unit:

perl ./sshNewUnitAddition.pl <new_unit_ip>

Step 6 On the unit, log in as user sheer.

Step 7 Enter the following command to launch the unit:

cmpctl start

Figure 8-2 shows an example of the output listing the processes.


OL-19642-01


Figure 8-2 Adding New Unit Processes

Step 8 Add the new unit to the Cisco ANA platform, as described in Adding the Unit to the Cisco ANA Platform, page 6-5.

Step 9 Wait a few minutes to ensure that the unit is up and running.

Manually Adding a Unit and Updating SSH KeysIf the script to update SSH keys was run more than once, thereby causing SSH keys to be deleted, the connection to the newly installed unit is removed. If this occurs, you can add the unit and update the SSH keys manually, as described in this procedure.

Step 1 Install the Cisco ANA unit, as described in Installing the Cisco ANA Unit, page 6-3.

Step 2 On the gateway, log in as user sheer.

Step 3 If the gateway has more than one NIC, enter the following commands to specify the gateway IP address that the unit is to use (where $SHEERHOME is the Cisco ANA install directory; the default directory is /export/home/sheer4):

cd $SHEERHOME/Main./runRegTool.sh -gs localhost add 127.0.0.1 avm99/service/os./runRegTool.sh -gs localhost set 127.0.0.1 avm99/services/os/localhost <ip_address>

As a result, the following key entry is added to the avm99.xml file:

<key name=”os”><entry name=”localhost”>ip-address</entry>

</key>

Step 4 Enter the following commands:

cd ~/local/sheer_secured/usr/bin/scp authorized_keys <NEW UNIT IP>:~/.ssh

Enter the password for the user sheer and enter yes when prompted to accept the host key.

/usr/bin/scp id_dsa id_dsa.pub authorized_keys <NEW UNIT IP>:~/local/sheer_secured/


OL-19642-01

Chapter 8 Installing Cisco ANA 3.6.7 Uninstalling the Cisco ANA 3.6.7 Software

Enter the password for the user sheer.

rm ~/.ssh/known_hostsssh <GATEWAY IP> "echo OK"

Enter yes when prompted to accept the host key.

Step 5 For each unit, enter:

ssh <UNIT IP> "echo OK"

Step 6 Enter yes when prompted to accept the host key.

Step 7 For each unit, enter:

scp ~/.ssh/known_hosts <UNIT IP>:~/.ssh/

Step 8 Add the new unit to the Cisco ANA platform as described in Adding the Unit to the Cisco ANA Platform, page 6-5.

Step 9 Wait a few minutes to ensure that the unit is up and running.

Uninstalling the Cisco ANA 3.6.7 SoftwareThe perl script update.pl -r removes any point patches or maintenance releases that were previously installed on top of Cisco ANA 3.6.

Running this installation script retrieves the patches installed from the registry (site.xml) and removes the server JAR files, then performs cleanup on client directories for all of the patches installed on the system. Upon successful removal of the patches, the product version is reset to ANA 3.6.0.

The following procedure describes how to uninstall Cisco ANA 3.6.7 on the gateway, including all patches released since Cisco ANA 3.6.

Note If Cisco ANA 3.6 is not already installed on the gateway and units, follow the instructions in Installing the Cisco ANA Gateway, page 5-3 and Installing the Cisco ANA Unit, page 6-3 before continuing.


Step 2 Navigate to the directory where you extracted the ANA3.6.7.jar file.


perl ./update.pl -r

All client patch JAR and JNLP files are removed, and the database is updated to its original configuration. Upon successful completion of the uninstallation, the product version is set to Cisco ANA 3.6 (3.6.0), and the server restarts automatically.


OL-19642-01

Chapter 8 Installing Cisco ANA 3.6.7 Uninstalling the Cisco ANA 3.6.7 Software

Note The following prompt is displayed when the installer updates the database:

SQL*Plus: Release 10.2.0.1.0 - Production on Thu Jun 4 10:03:47 2009Copyright (c) 1982, 2005, Oracle. All rights reserved.Connected to:Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - 64bit Production With the Partitioning, OLAP and Data Mining optionsSQL>

You do not have to perform any action. The installation process continues after the database is updated. The duration of the database update depends on the number of entries in the alarm tables within the database. If there are many entries in the alarm tables, this operation might take longer to complete.


status

This command displays the status of the Cisco ANA gateway:

--------------------------------------------------------------------------------.-= Welcome to lalbagh, running Cisco ANA gateway (v3.6.0 (372) (PRODUCT)) =-.-----------------------------------------------------------------------------------

+ Checking for services integrity: - Checking if host's time server is up and running [OK] - Checking if webserver daemon is up and running [OK] - Checking if sheer_secured daemon is up and running [OK] - Checking if the ssh process is up and running [OK] - Checking if mvm.pl is up and running [OK]+ Detected AVM99 is up, checking AVMs - Checking for AVM100's status [DISABLED] - Checking for AVM0's status [OK 0/29] - Checking for AVM11's status [OK 2/454]




OL-19642-01

Cisco OL-19642-01

C H A P T E R 9
Uninstalling Cisco ANA
This chapter describes how to uninstall the Cisco ANA gateway, unit, and one or more client applications.


• Uninstalling the Cisco ANA Gateway System, page 9-1

• Uninstalling a Cisco ANA Unit, page 9-2

• Uninstalling the Client, page 9-2

Uninstalling the Cisco ANA Gateway SystemThe following procedure describes how to uninstall the Cisco ANA gateway with a database either locally on the gateway machine or on a remote machine.

Note To keep any customized information (such as AVMs, VNEs, or device soft properties), it is recommended that you back up Main/registry and its subfolders on an external device or folder. To do this, log in as user sheer and run the following commands from the sheer home directory:

# mkdir /tmp/avmFiles# cp Main/registry/ConfigurationFiles/127.0.0.1/avm* /tmp/avmFiles

The files are copied to the /tmp/avmFiles folder. Make sure you copy them to another file system, because the /tmp file system is emptied by default each time the Solaris server reboots.

To uninstall the gateway system:

Step 1 Log into the Solaris server as user root and enter:

/usr/sbin/pkgrm sheer-dna-base /usr/sbin/pkgrm sheer-dna-main /usr/sbin/pkgrm sheer-dna-user

Step 2 To remove the user sheer and the sheer home directory, enter:

# /usr/sbin/userdel sheer # cd /export/home # rm -r sheer4


Chapter 9 Uninstalling Cisco ANA Uninstalling a Cisco ANA Unit

Step 3 Use the dbca utility to remove the Oracle Memory-Centric Database (MCDB) from the gateway server or the remote server, wherever it is located.

Note It is recommended that you perform a backup of the MCDB database before removing it.

Step 4 After the uninstallation procedure has completed, reboot the server.

Uninstalling a Cisco ANA Unit

Note If you want to keep any customized information (such as AVMs, VNEs, or device soft properties), it is recommended that you back up Main/registry and its subfolders on an external device or folder. To do this, log in as user sheer and enter the following commands from the sheer home directory:

# mkdir /tmp/avmFiles# cp Main/registry/ConfigurationFiles/127.0.0.1/avm* /tmp/avmFiles

The files are copied to the /tmp/avmFiles folder. Make sure you copy them to another file system, because the /tmp file system is emptied by default each time the Solaris server reboots.

To uninstall the Cisco ANA unit:

Step 1 Log into the unit as user root and enter:

/usr/sbin/pkgrm sheer-dna-base/usr/sbin/pkgrm sheer-dna-main/usr/sbin/pkgrm sheer-dna-user

Step 2 To remove the user sheer and the sheer home directory, enter:

# /usr/sbin/userdel sheer # cd /export/home # rm -r sheer4

Step 3 After the uninstallation procedure has completed, reboot the unit.

Uninstalling the ClientYou can uninstall all or selected client applications, and change registry keys as required.

To uninstall individual application components, make your selections in the various wizard windows.

When you choose a custom uninstallation, you can:

• Remove or change private files (such as license files or other program files).

• Remove or change directories.


OL-19642-01

Chapter 9 Uninstalling Cisco ANA Uninstalling the Client

• Remove or retain registry database keys.

• Change other registry keys.

To uninstall the client:

Step 1 Open the Uninstall window:

• Choose Start > Cisco ANA > Uninstall Cisco ANA Products.

• Double-click the UNWISE.EXE file in the Cisco Systems/ANA installation folder.

The Uninstall window is displayed with the Automatic uninstall option selected by default.

Step 2 To uninstall all client applications, click Next to accept the default. The Remove Private files window is displayed.

You can uninstall individual applications and remove or change registry keys; however, this is not recommended.

Step 3 To remove all private files, click Select All, then click Next. The Perform Uninstall window is displayed.

Step 4 To uninstall all selected files and directories, click Finish.

The Perform Uninstall window is displayed and the progress bar reflects the status of files being uninstalled.

Note If you click Cancel at any time, the uninstallation process stops. Some stranded files might remain on your computer, and you will have to uninstall the software again.


OL-19642-01

Chapter 9 Uninstalling Cisco ANA Uninstalling the Client


OL-19642-01

Cisco OL-19642-01

C H A P T E R 10
Migrating to Cisco ANA 3.6
This chapter provides information that you should be aware of when migrating Cisco ANA.

Note For specific information and instructions about migrating from Cisco ANA 3.5.x to Cisco ANA 3.6, contact your Cisco account representative.

Overview of the Migration Process Migrating to Cisco ANA 3.6 from an earlier version includes:

1. Verifying that User sheer Belongs to dba Group and Has Oracle Group Access, page 10-1

2. Shutting Down System Processes and the Oracle Database, page 10-2

3. Backing Up the Oracle Database and Sheer Directory, page 10-3

4. Migrating to Cisco ANA 3.6, page 10-4

5. Restoring the Cisco ANA 3.5.x Database Files, page 10-4

6. Creating Units and Reloading AVMs, page 10-5

7. Migrating Events, page 10-5

8. Reloading Cisco ANA, page 10-8

Caution Before you begin the migration process, verify that no users are currently logged into Cisco ANA.

Verifying that User sheer Belongs to dba Group and Has Oracle Group Access

Before starting the migration procedure from a Cisco ANA 3.5.x installation, it is recommended that you verify that the user sheer:

• Is part of the dba group

• Has group access to Oracle installation files


Chapter 10 Migrating to Cisco ANA 3.6 Shutting Down System Processes and the Oracle Database

Use the following procedure to verify these two attributes.

Step 1 To verify that user sheer belongs to the dba group, enter:

$groups sheer

The user sheer is displayed as part of the dba group in the list of groups.

If the user sheer is not displayed as part of the dba group, enter the following command to add the user sheer to the dba group:

$usermod -G dba sheer

Step 2 To verify that the user sheer has group access to the Oracle installation files, enter:

$groups sheer

If the user sheer does not have access to group oinstall, enter:

$usermod -G <oracle_group> sheer

For example, if Oracle 10g is installed, enter:

$usermod -G dba,oinstall sheer

Step 3 Log in again as user sheer for the changes to take effect.

If you do not log in again as the user sheer, the changes do not take effect. For example, if you have entered su and then exit, the change does not take effect until the command su - sheer runs.

Shutting Down System Processes and the Oracle DatabaseThis section includes:

• Shutting Down Cisco ANA System Processes, page 10-2

• Shutting Down the Oracle Database, page 10-3

• Verifying that the Processes Are Down, page 10-3

Note Cisco ANA does not manage the starting and stopping of the Oracle processes. Although the customer can back up and restore the Oracle database, the database administrator is responsible for automatically restarting Oracle processes in the event of a power failure.

Shutting Down Cisco ANA System ProcessesTo shut down the Cisco ANA system processes:


Step 2 Enter the following command to shut down the gateway Java processes:

$cmpctl stop


OL-19642-01

Chapter 10 Migrating to Cisco ANA 3.6 Backing Up the Oracle Database and Sheer Directory

Step 3 Enter the following command to shut down the unit Java processes:

$./rall.csh cmpctl stop

Shutting Down the Oracle DatabaseTo shut down the Oracle database services:

Step 1 Enter the following commands as user sheer:

sqlplus /nolog Sql>connect / as sysdba Sql>shutdown Sql>quit

Step 2 Enter the following command as an Oracle user:

$ lsnrctl stop

Verifying that the Processes Are DownTo verify that the processes are down, enter:

$ps -ef | grep java $ps -ef | grep ora

You must receive an empty output for each command.

Note If you do not receive an empty output for each command, contact your Cisco account representative.

Backing Up the Oracle Database and Sheer DirectoryFor instructions on how to back up and restore the Oracle database, see the Oracle documentation. How to back up the Sheer directory, along with the registry, is described in Cisco ANA 3.6.7

Note • Before backing up the Oracle database and sheer directory, verify that there is enough disk space in the designated backup directory, according to the size of the Oracle database and the sheer directory.

• Confirm that the backup directory is not under your sheer home directory. (The default directory is /export/home/sheer 4.)

• For failover purposes, it is recommended that you save a copy of the sheer directory on a different server.


OL-19642-01

Chapter 10 Migrating to Cisco ANA 3.6 Migrating to Cisco ANA 3.6

Migrating to Cisco ANA 3.6The procedure for migrating to Cisco ANA from an earlier version is different from the procedure for installing Cisco ANA for the first time. For information about installing Cisco ANA 3.6 for the first time, see Chapter 5, “Installing a Cisco ANA Gateway.”

Note • Before migrating to Cisco ANA 3.6, make sure that the Solaris patch level is updated. For a list of the latest Solaris patches, see the Cisco Active Network Abstraction 3.6.7 Release Notes.

• When installing a Solaris 10 patch cluster, carefully follow the instructions in the readme file that comes with the Sun patch cluster. The readme includes procedures that are important for the successful installation of the patch.

• Verify that the main Cisco ANA package file install.pl resides on the machine at a known location.

• During migration, only the Command Builder scripts that are located under <ANAHOME>Main/scripts/configuration will be migrated.

To install and configure Cisco ANA 3.6:

Step 1 Navigate to the installation location folder and enter:

$perl install.pl -encaped

Step 2 Log in as user oracle and start the database:

sqlplus /nolog Sql>connect / as sysdba Sql>startup Sql>quit

Step 3 Start the Oracle listener:

$ lsnrctl start

Step 4 Configure the newly installed Cisco ANA 3.6. For details, see Installing the Cisco ANA Gateway, page 5-3.

Restoring the Cisco ANA 3.5.x Database FilesThe next step is to restore the Cisco ANA 3.5.x database files that were backed up before the migration. For instructions on how to do this, see Appendix A in the Cisco Active Network Abstraction 3.6.7 Administrator Guide.


OL-19642-01




Chapter 10 Migrating to Cisco ANA 3.6 Creating Units and Reloading AVMs

Creating Units and Reloading AVMsThe following sections describe how to install the units and copy the backed-up AVMs and site.xml file to the new directory:

• Installing Cisco ANA 3.6 Units, page 10-5

• Copying the Backed-Up AVMs and site.xml File to the New Directory, page 10-5

Installing Cisco ANA 3.6 UnitsTo install the units:

Step 1 Install the Cisco ANA unit on the unit machines; see Chapter 6, “Installing a Cisco ANA Unit.”

Step 2 Log into Cisco ANA Manage on the newly installed gateway to connect each unit to the gateway. For more information, see the Cisco Active Network Abstraction 3.6.7 Administrator Guide.

Caution Do not create any AVMs unless they come with the default unit creation or connection, such as AVM 0 or AVM 100.

Copying the Backed-Up AVMs and site.xml File to the New DirectoryFor instructions on how to restore the registry files that were backed up, see Appendix A in the Cisco Active Network Abstraction 3.6.7 Administrator Guide.

Note • Core router VNEs must be migrated to the ipcore scheme since there are differences in the discovery of these routers and in the information presented for these routers. To update the scheme to ipcore for core router VNEs, first identify all the VNEs of the core routers, then update the scheme to ipcore (instead of product) in the AVM files, for these VNEs.

• It is recommended that you migrate events from earlier versions of Cisco ANA as described in Migrating Events, page 10-5.

Migrating EventsThis section describes how to migrate defined events from earlier versions of Cisco ANA into the new syntax for Cisco ANA 3.6.

In earlier versions of Cisco ANA, all events were defined in the events.xml (including site.xml for specific customer needs), which contained references to the alarm-types.xml. The events.xml file is no longer used in Cisco ANA 3.6. The alarm-types.xml now contains new events.

Each event must now be defined in three main xml files: eventmanager.xml, event-correlation-app.xml, and send-alarm-msg-util.xml. In addition, events that support persistency must also be defined in event-persistency-app.xml, and flapping events in flapping-app.xml.


OL-19642-01




Chapter 10 Migrating to Cisco ANA 3.6 Migrating Events

The following are descriptions of the XML files:

• eventmanager.xml—Defines the filtering and processing applications that exist for filtering and processing received events. Each event has its own key structure, under the type key. The event key name is the event name. If the event is flapping, it uses flapping-template. Subevents appear under an event and each contains a subkey. The subkey name is the subevent name. Each subevent uses the relevant template as the default. Most subevents use the generic-template, while other unique subevents might use special templates, such as flapping-template for flapping subevents or persistent-template for persistent subevents. Events that support persistency must also be defined in event-persistency-app.xml. Events that might be flapping are defined in flapping-app.xml.

• event-correlation-app.xml—Defines the correlation data needed for the new correlation mechanism; for example, event weight, the ability to correlate to other events, or the ability of other events to correlate to it. Each event defined in events.xml needs its own key structure in event-correlation-app.xml, under the events key. The event key name is the event name. If the event is flapping, it should use flapping-template. Subevents appear under an event and each subevent contains a subkey. The subkey name is the subevent name. Each subevent should use the relevant template as the default. Most subevents have a predefined template as default, such as service-template for service alarm events, syslogs-template for syslog events, and clearing-template for clearing events.

• send-alarm-msg-util.xml—Defines the data needed by the gateway to handle the event, such as alarm severity and a description. Each event defined in events.xml needs its own key structure in the send-alarm-msg-util.xml, under the types key. The event key name is the event name. Subevents appear under an event and each subevent contains a subkey. The subkey name is the subevent name. Each subevent should use the relevant template as the default. There are several templates available for default values, such as flapping-template for flapping events, flapping-trap-template for flapping traps, service-template for service events, and clearing-template for clearing events.

• flapping-app.xml—Defines the data needed to support flapping for events, such as time intervals for flapping definitions and the severity of flapping updates. Each flapping event defined in events.xml needs its own key structure in flapping-app.xml, under the events key. The event key name is the event name. Subevents appear under an event and each subevent contains a subkey. The subkey name is the subevent name. Each subevent should use the relevant template as the default (generic-event is the only template currently available).

Note Make sure to use the corresponding template for each subevent according to the values the event should have (such as flapping severity or flapping update severity), and override relevant values, such as the different severity values or the time intervals.

• event-persistency-app.xml—Defines the data needed to support persistency for the event, such as persistency key generator and persistency keys. Each persistent event defined in events.xml needs its own key structure in event-persistency-app.xml, under the events key. The event key name is the event name. Subevents appear under an event and each subevent contains a subkey. The subkey name is the subevent name. Each subevent should use the relevant template as the default (Generic persistency event is the only template currently available).

Note Make sure to use the correct template, override relevant values (specifically, additional-persistency-key), and determine the alarm-persistency entry value (persist or unpersist). The bad event subtype should use persist and the clearing subtype should use unpersist.


OL-19642-01

Chapter 10 Migrating to Cisco ANA 3.6 Migrating Events

Example of a Card-Down Event

events.xml:<key name="card down">

<entry name="default">events/templates/generic alarm</entry><key name="alarm-type">

<entry name="default">alarm-types/card down</entry></key><key name="card down">

<entry name="default">events/templates/generic sub-alarm</entry><key name="alarm">

<entry name="alarm-persistency">persist</entry><entry name="due-to-cause">card down</entry><entry name="root-cause">Card Down</entry><entry name="SEVERITY">MAJOR</entry>

</key><key name="raw-event">

<entry name="activate-flow">false</entry><entry name="correlate">false</entry>

</key></key><key name="card up">

<entry name="default">events/templates/generic sub-alarm</entry><key name="alarm">

<entry name="alarm-persistency">unpersist</entry><entry name="due-to-cause">card up</entry><entry name="is-ticketable">false</entry><entry name="root-cause">Card Up</entry><entry name="severity">CLEARED</entry>

</key><key name="raw-event">

<entry name="activate-flow">false</entry><entry name="correlate">false</entry>

</key></key>

</key>

eventmanager.xml <key name="card down">

<key name="card down"><entry name="default">eventmanager/templates/sub-event/persistent-template</entry>

</key><key name="card up">

<key name="filtering-application" template="event-types-filter-applications"><entry name="first">event-persistency</entry><key name="event-persistency" template="event-types-filter-application" />

</key><key name="processing-application" template="event-types-process-applications">

<entry name="first">event-correlation</entry><key name="event-correlation" template="event-types-process-application" />

</key></key>

</key>


OL-19642-01

Chapter 10 Migrating to Cisco ANA 3.6 Reloading Cisco ANA

event-correlation-app.xml <key name="card down">

<key name="card down"><entry name="default">event-correlation-app/templates/sub-event/service-template</entry><entry name="correlate">false</entry><entry name="weight">100000</entry>


<entry name="default">event-correlation-app/templates/sub-event/clearing-template</entry>

</key></key>

send-alarm-msg-util.xml <key name="card down">

<key name="card down"><entry name="default">send-alarm-msg-util/templates/service-template</entry><entry name="alarm-type">11</entry><entry name="severity">MAJOR</entry>entry name="severity">MAJOR</entry><entry name="short-description">Card down</entry>


<entry name="default">send-alarm-msg-util/templates/clearing-template</entry><entry name="alarm-type">11</entry><entry name="short-description">Card up</entry>

</key></key>

Reloading Cisco ANAUse this procedure to reload Cisco ANA and complete the migration from Cisco ANA 3.5.x to Cisco ANA 3.6.

Note After you have migrated to Cisco ANA 3.6, you can install 3.6.7. For instructions on how to install 3.6.7, see Chapter 8, “Installing Cisco ANA 3.6.7.”


Step 2 Enter the following commands:

$main $./cmpctl start

You have now successfully migrated from Cisco ANA 3.5.x to Cisco ANA 3.6.

Note If you want to install Cisco ANA 3.6.7 on top of the Cisco ANA 3.6 installation, it is recommended that you reboot the system before installing Cisco ANA 3.6.7 to make sure there were no errors in the migration process.


OL-19642-01

Cisco Active OL-19642-01

A
P P E N D I X A Folders Created in Cisco ANA
Table A-1 lists the folders created in Cisco ANA.

Table A-1 Folders Created in Cisco ANA

Folder Contents

~sheer/Main/bosconfig Cisco ANA configuration files. These files contain the syntax of the Cisco ANA commands, the errors supported by Cisco ANA, and the Cisco ANA connection configuration.

~sheer/Main/bosconfig/bos_shell_scripts Cisco ANA user-created scripts.

~sheer/Main/data Drools configuration files and user-defined scripts.

~sheer/Main/logs Log output files. Each AVM has its own output file named using the convention <AVM-ID>.out, such as 0.out or 11.out.

~sheer/Main/registry Local copy of registry files.

~sheer/Main/registry/ConfigurationFiles Golden Source configuration files in the Cisco ANA gateway.

~sheer/Main/registry/templates Registry file templates used by the Cisco ANA gateway for global system changes.

~sheer/Main/RPC/XML XML remote-procedure call (RPC) configuration files.

~sheer/scripts Maintenance scripts of the Cisco ANA unit.

~sheer/Main/Third_Party Third-party files.

~sheer/Main/unix UNIX maintenance scripts and utilities.

A-1Network Abstraction 3.6.7 Installation Guide

Appendix A Folders Created in Cisco ANA

A-2Cisco Active Network Abstraction 3.6.7 Installation Guide

OL-19642-01

Cisco OL-19642-01

I N D E X

Symbols

.cshrc file example 5-12

A

adding units to the Cisco ANA platform 6-5

aliases, defined during installation 5-13

automatic client updates

disabling 7-3

from the server 7-3

AVM

copying backed-up AVMs to the new directory after migrating 10-5

migrating events from earlier versions 10-5

reloading during migration 10-5

AVMs 1-4

Cisco ANA architecture and 1-4

B

backing up the Oracle database 10-4

C

Cisco ANA

architecture 1-2

AVMs 1-4

gateway 1-3

GUI clients 1-3

units 1-4

VNEs 1-4

Cisco ANA, product services 2-13

Cisco ANA 3.6.7

contents 3-1, 8-1

important notes about installation 8-2

migrating link information 3-2, 8-2, 8-5

Cisco documentation, obtaining i-ix

client

installation wizard 7-1

installing 7-1

requirements 2-9

starting 7-3

uninstalling 9-2

upgrading 7-3

clocks, setting time on units 6-1

communications in Cisco ANA 2-9

configuring a unit 6-6

connectivity in Cisco ANA 2-9

copying database files 10-5

D

database

configuring size 4-13

copying files 10-5

defining data files 4-14

defining event history log size 4-14

Oracle

creating 4-2

scheduling database cleanup 4-14

using remote for gateway installation 5-8

dba group, verifying user sheer access 10-1

disabling automatic client updates 7-3

documentation, obtaining i-ix

Drools Rules configuration, verifying 5-15

IN-1Active Network Abstraction 3.6.7 Installation Guide

Index

E

environment variables, defined during installation 5-13

F

files, verifying configuration 6-7

folders created during installation A-1

G

gateway

in Cisco ANA architecture 1-3

installation workflow 5-3

launching 5-10

multiple NICs and adding units 6-5, 8-7, 8-8

requirements 2-6

verifying installation

Cisco ANA configuration directories 5-16

Drools Rules configuration 5-15

graph mechanism configuration 5-16

SQL Plus configuration 5-14

Web Server and Web Start configuration 5-15

verifying processes 5-10

gateway system

installing 5-3

installing using remote database 5-8

uninstalling 9-1

Golden Source, verifying configuration 6-8

graph mechanism configuration, verifying 5-16

H

hardware requirements 2-5

unit 2-7

IN-2Cisco Active Network Abstraction 3.6.7 Installation Guide

I

installation DVD, components 2-14

installing

Cisco ANA 3.6.7 8-1

clients 7-1

gateway 5-3, 5-8

gateway with remote database 5-8

migrated units 10-5

removal of persistency files 8-3

unit 6-3

K

key directories, verifying configuration 6-7

L

latency problems 7-3

launching

gateway 5-10

unit 6-5

links, migrating (ANA 3.6.7) 3-2, 8-2, 8-5

M

migrating 10-4

backed-up AVMs to the new directory 10-5

events from earlier versions 10-5

link information (ANA 3.6.7) 3-2, 8-2, 8-5

Oracle database 10-3

reloading AVMs during migration 10-5

shutting down system processes 10-2

site.xml file to the new directory 10-5

verifying user sheer

belongs to the dba group 10-1

has oinstall group access 10-1

multiple installations of the gateway 5-1

OL-19642-01

Index

N

NICs, specifying on gateway for units 6-5, 8-7, 8-8

O

oinstall group, verifying user sheer access 10-1

open cursors, setting the parameter 4-15

Oracle

archiving the database 4-9

backing up the database 10-4

changing XML DB ports 4-13

cleanup, scheduling 4-14

configuring

database disk structure 4-15

running the sheer script 4-16

with postinstallation script 4-16

database

cleaning up 4-14

configuring size 4-13

creating 4-2

defining data files 4-14

defining event history log size 4-14

disabling the XML DB service 4-6

download locations 4-2

installation for Cisco ANA 3.6.7 4-1

maintaining the database 4-16

adding data files 4-17

archive log disk space 4-16

memory settings 4-7

server installation

important notes 4-1

overview 4-1

setting the open cursors parameter 4-15

shutting down database 10-3

starting up the listener 4-16

OL-19642-01

P

persistency files, removal during installation 8-3

post-installation script 5-11

processes down, verifying 10-3

product

contents 3-1, 8-1

important notes about installation 8-2

installation 8-1

services installed with Cisco ANA 2-13

R

redundancy of the gateway 5-1

registry, verifying configuration 6-8

related documentation i-ix

reloading Cisco ANA 10-8

remote database in gateway installation 5-8

requirements

clients 2-9

gateway 2-6

Oracle 2-6

unit 2-7

S

service request, submitting i-ix

shutting down

Oracle database 10-3

system processes 10-2

site.xml, copying to the new directory after migrating 10-5

software requirements 2-5

gateway 2-6

unit 2-7

Solaris

components in Cisco ANA 2-10

patches 2-7

services in Cisco ANA 2-10


Index

SQL Plus configuration, verifying 5-14

SSH keys

adding a unit 8-7

generating new keys 8-5

updating manually 8-8

starting client 7-3

system processes, shutting down 10-2

T

time, setting clocks on units 6-1

U

uninstalling

Cisco ANA 3.6.7 8-9

client 9-2

gateway 9-1

units 9-2

unit

adding to platform 6-5

adding when gateway has multiple NICs 8-7, 8-8

configuring 6-6

creating during migration 10-5

installation workflow 6-2

installing

migrated unit 10-5

system 6-3

launching 6-5

requirements 2-7

uninstalling 9-2

verifying processes 6-6

units


defined 1-4

upgrading, client 7-3

user, defined during installation 5-11


user sheer

verifying dba group 10-1

verifying oinstall group access 10-1

V

verifying

file configuration 6-7

gateway installation

Cisco ANA configuration directories 5-16

Drools Rules configuration 5-15

graph mechanism configuration 5-16

SQL Plus configuration 5-14

Web Server and Web Start configuration 5-15

gateway processes 5-10

Golden Source configuration 6-8

key directories 6-7

processes down 10-3

registry configuration 6-8

unit processes 6-6

user sheer

belongs to the dba group 10-1

has oinstall group access 10-1

VNEs


definition of 1-4

W

Web Server and Web Start configuration, verifying 5-15

workflow

gateway installation 5-3

unit installation 6-2

OL-19642-01

cisco active network abstraction 3.6.7 installation guide · contents v cisco active network...

Documents