Cisco Broadband Access Center 3.8 Administrator Guide April 02, 2013 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
CONTENTS Preface xv Audience xv Organization xvi Conventions xvii Product Documentation xviii Related Documentation xviii Obtaining Documentation and Submitting a Service Request xviii xviii CHAPTER 1 Broadband Access Center Overview Features and Benefits 1-1 1-1 Supported Technology 1-3 CWMP Technology 1-3 TR-196 1-3 CHAPTER 2 Broadband Access Center Architecture Cisco BAC Deployment 2-1 2-1 Architecture 2-2 Regional Distribution Unit 2-4 Device Provisioning Engines 2-4 DPE Extens
Contents CHAPTER 3 Configuration Workflows and Checklists 3-1 Component Workflows 3-1 RDU Checklist 3-1 DPE Checklist 3-2 Technology Workflows 3-3 RDU Configuration Workflow 3-3 Preregistering Device Data in Cisco BAC 3-4 DPE Configuration Workflow 3-5 Configuring CWMP Service on the DPE 3-6 Configuring HTTP File Service on the DPE 3-7 Configuring HTTP Auth Service on the DPE 3-8 Provisioning Group Configuration Workflow 3-8 Configuring Home Provisioning Group Redirection Service on the DPE CHAPTER 4
Contents Device Diagnostics 4-21 Configuring SNMP Trap for CPEs CHAPTER 5 4-21 Configuration Templates Management Overview 5-1 5-1 Features of Cisco BAC Templates 5-4 Parameters 5-6 Parameter List for Single Instance Object 5-7 Parameter List for Multiple Instance Objects 5-7 Notification 5-8 Configuring Notification 5-8 Access Control 5-9 Configuring Access Control 5-9 Prerequisites 5-9 Expressions 5-11 MaintenanceWindow 5-11 Configuring Prerequisites 5-13 Authoring Configuration Templates 5-14 C
Contents Expression and Regular Expression 6-7 Internal Firmware File vs.
Contents CHAPTER 9 Managing Cisco Broadband Access Center 9-1 Cisco BAC Process Watchdog 9-1 Using Cisco BAC Process Watchdog from the Command Line 9-2 Enabling SNMP Trap for Cisco BAC Process Watchdog 9-3 Administrator User Interface 9-4 Command Line Interface 9-5 Accessing the DPE CLI from a Local Host 9-6 Accessing the DPE CLI from a Remote Host 9-6 SNMP Agent 9-6 Cisco BAC Tools CHAPTER 10 9-7 Database Management 10-1 Understanding Failure Resiliency 10-1 Database Files 10-2 Database St
Contents Deleting a Host 11-7 Adding an SNMP Agent Community 11-8 Deleting an SNMP Agent Community 11-9 Starting the SNMP Agent 11-9 Stopping the SNMP Agent 11-9 Configuring an SNMP Agent Listening Port 11-10 Changing the SNMP Agent Location 11-10 Setting Up SNMP Contacts 11-10 Displaying SNMP Agent Settings 11-11 Specifying SNMP Notification Types 11-11 Monitoring Server Status 11-12 Using the Administrator User Interface Using the DPE CLI 11-12 11-12 Monitoring Performance Statistics 11-14 Understandin
Contents Local Redundancy 12-16 Regional Redundancy 12-16 DPE Load-Balancing 12-17 Using DNS Round Robin 12-17 Using a Hardware Load Balancer 12-17 Adding DPE to a Provisioning Group 12-18 CHAPTER 13 Configuring CWMP Service Security Overview 13-1 13-1 Key and Certificate Management in Cisco BAC 13-2 Configuring SSL Service 13-3 Configuring DPE Keystore by Using the Keytool 13-3 Using the Keytool Commands 13-5 Generating Server Certificate Keystore and Private Key for a New Certificate Displaying S
Contents CHAPTER 14 CWMP Device Operations Overview 14-1 14-1 Connection Modes for Device Operations Immediate Mode 14-2 On-Connect Mode 14-3 Asynchronous Mode 14-5 Conditional Execution 14-6 14-2 Managing a Device’s Provisioning Group 14-6 Redirecting CPE to Home Provisioning Group 14-7 Correcting a Device’s Provisioning Group 14-8 CHAPTER 15 Understanding the Administrator User Interface Configuring the Administrator User Interface Accessing the Administrator User Interface Logging In 15-2 Logg
Contents Performing Operations on Devices 16-14 Group Management 16-18 Managing Group Types 16-18 Adding a Group Type 16-19 Modifying Group Types 16-20 Deleting Group Types 16-20 Managing Groups 16-20 Adding a New Group 16-20 Modifying a Group 16-21 Deleting Groups 16-21 Relating/Unrelating Groups to Groups Viewing Group Details 16-22 16-22 Viewing Servers 16-22 Viewing Device Provisioning Engines 16-22 Viewing Network Registrar Extension Point Details Viewing Provisioning Groups 16-26 Viewing Regional
Contents Writing a New Class for DPE Feature Pack Extensions Managing RDU Extensions 17-23 Writing a New Class for RDU 17-24 Installing RDU Custom Extensions 17-25 Viewing RDU Extensions 17-26 17-22 Publishing Provisioning Data 17-26 Publishing Datastore Changes 17-26 Modifying Publishing Plug-In Settings 17-26 Configuring Lease Query CHAPTER 18 Scripting Framework Overview 17-27 18-1 18-1 Script’s Shared Scope Extension Script 18-1 18-2 Integrating Extension Scripts in BAC 18-3 Adding Extens
Contents CHAPTER 21 Troubleshooting Broadband Access Center Troubleshooting Checklist 21-1 21-1 Logging 21-2 Log Levels and Structures 21-3 Configuring Log Levels 21-4 Rotating Log Files 21-4 RDU Logs 21-5 Viewing the rdu.log File 21-5 Viewing the audit.log File 21-5 The RDU Log Level Tool 21-5 DPE Logs 21-8 Viewing the dpe.log File 21-8 Access Registrar Logs 21-8 GLOSSARY INDEX Cisco Broadband Access Center 3.
Contents Cisco Broadband Access Center 3.
Preface The Cisco Broadband Access Center 3.8 Administrator Guide describes concepts and configurations related to Cisco Broadband Access Center, which is called Cisco BAC throughout this guide. This chapter provides an outline of the other chapters in this guide, detailed information about related documents that support this Cisco BAC release, and demonstrates the styles and conventions used in the guide.
Preface Organization This guide includes the following chapters: Chapter Title Description Chapter 1 Broadband Access Center Overview Describes Cisco BAC, its features and benefits. Chapter 2 Broadband Access Center Architecture Describes the systems architecture implemented in this Cisco BAC release. Chapter 3 Configuration Workflows and Checklists Provides checklists to follow when configuring Cisco BAC for use.
Preface Chapter Title Description Chapter 19 RDU and DPE Connection Management Describes the RDU TCP connection management, RDU batch concurrency and RDU DPE synchronization. Chapter 20 Cisco BAC Support Tools and Advanced Concepts Describes Cisco BAC tools intended to help configure, maintain speed, and improve the installation, deployment, and use of Cisco BAC. Chapter 21 Troubleshooting Broadband Access Center Describes how to troubleshoot Cisco BAC servers.
Preface Product Documentation Note We sometimes update the printed and electronic documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates. You can view the marketing and user documents for Cisco Broadband Access Center at: http://www.cisco.com/en/US/products/sw/netmgtsw/ps529/tsd_products_support_series_home.html The following document gives you the list of user documents for Cisco Broadband Access Center 3.8: http://www.cisco.
CH A P T E R 1 Broadband Access Center Overview This chapter provides an overview of Cisco Broadband Access Center (Cisco BAC). Cisco BAC automates the tasks of provisioning and managing customer premises equipment (CPE) in a broadband service provider network. With the high-performance capabilities of Cisco BAC, you can scale the product to suit networks of virtually any size, even those with millions of CPE.
Chapter 1 Broadband Access Center Overview Features and Benefits • Configuration management: Vastly simplified in Cisco BAC through configuration templates, which provide an easy, yet flexible mechanism to assign configurations for CPE. You can use the template-processing mechanism to customize configurations for millions of devices by using a small number of templates. By using these XML-based templates, you can set configuration parameters and values, and notification and access controls on a device.
Chapter 1 Broadband Access Center Overview Supported Technology • Device diagnostics and troubleshooting: You use this feature to focus on a single device and collect diagnostics information for further analysis. Cisco BAC provides several features to assist diagnosis: – Device history—Provides a detailed history of significant events that occur in a device provisioning lifecycle. – Device faults—Detects devices with recurring faults, which can cause bottlenecks and affect network performance.
Chapter 1 Broadband Access Center Overview Supported Technology The Cisco BAC template-based mechanism to assign configurations for devices is enhanced to support the TR-196 devices in the service provider's network.
CH A P T E R 2 Broadband Access Center Architecture This chapter describes the system architecture implemented in this Cisco Broadband Access Center (Cisco BAC) release. This chapter includes the following sections: • Cisco BAC Deployment, page 2-1 • Architecture, page 2-2 Cisco BAC Deployment Cisco BAC provisions devices are based on the TR-069, TR-098, TR-104, TR-106, TR-181, and TR-196 standards.
Chapter 2 Broadband Access Center Architecture Architecture Figure 2-1 CWMP Deployment in Cisco BAC Provisioning Group 1 Load Balancer CNR DHCP Servers STUN Server BAC DPE CAR RADIUS Servers Servers Redundant BAC RDU Server Access Network IP Target Subscriber Provisioning Group [n] Central Location Operations Support Systems Load Balancer CNR DHCP Servers BAC DPE CAR RADIUS Servers Servers 284384 CHMS Server Architecture This section describes the basic Cisco BAC architecture including: •
Chapter 2 Broadband Access Center Architecture Architecture • STUN server: – Supports a UDP based connection request mechanism defined in TR069 Annex G to allow Cisco BAC to initiate a session with a CPE that is operating behind a NAT Gateway. • Cisco Management Heartbeat Server (CMHS) server: – A new connection request method that allows Cisco BAC to send connection requests to DLC devices through the CMHS server, using BAC north bound API interfaces or BAC Admin UI.
Chapter 2 Broadband Access Center Architecture Architecture • An administrator user interface that provides: – Support for adding, deleting, and modifying CWMP devices; searching for devices, retrieving device details, and running device operations. – Support for configuring global defaults and defining custom properties. – Ability to view additional performance statistics. – Management of firmware rules and configuration templates.
Chapter 2 Broadband Access Center Architecture Architecture The DPE manages these activities: • Synchronization with RDU to retrieve the latest set of instructions for caching. • Communication with CPE using HTTP and HTTPS for file download service. • Authentication and encryption of communication with CPE. • Authenticate and Authorize CPE by processing the request from RADIUS server. The DPE is installed on a server that is running the Solaris 10 or Linux 5.x operating system.
Chapter 2 Broadband Access Center Architecture Architecture Cisco BAC now provides a mechanism to license DPE extension feature packs. The feature pack licenses indicate the count of the devices that can be processed by the feature pack extension. The feature pack licenses can be added to the RDU through Cisco BAC admin UI or API independently with or without CWMP / DPE licenses.
Chapter 2 Broadband Access Center Architecture Architecture • By discovering the URL via DHCP. This ACS URL is returned in response to a DHCP Discover, a DHCP Request, or a DHCP Inform. This mechanism is limited to deployments of primary Internet gateway devices, because it requires the ability to make DHCP requests to the WAN side. Note Assigning a URL using preconfiguration is a more secure mechanism than one discovered using DHCP.
Chapter 2 Broadband Access Center Architecture Architecture You can compress the files for easier e-mailing to the Cisco Technical Assistance Center or system integrators for troubleshooting and fault resolution. You can also access the RDU and the DPE logs from the administrator user interface. For detailed information on log levels and structures, and how log files are numbered and rotated, see Logging, page 21-2.
Chapter 2 Broadband Access Center Architecture Architecture LeaseQuery The LeaseQuery feature allows you to request lease information from the Network Registrar DHCP servers. In this release, the LeaseQuery feature is being used by Connection Request and Femto Authorization Service. The Connection Request performs the LeaseQuery by providing the list of DHCP servers, whereas the Femto Authorization Service performs the LeaseQuery, using the provisioning group.
Chapter 2 Broadband Access Center Architecture Architecture Cisco Broadband Access Center 3.
CH A P T E R 3 Configuration Workflows and Checklists This chapter is divided into two major sections that define the processes to follow when configuring Cisco Broadband Access Center (Cisco BAC) components to support various technologies.
Chapter 3 Configuration Workflows and Checklists Component Workflows Table 3-1 RDU Workflow Checklist (continued) Procedure Refer to... 5. Configure the RDU database backup procedure. Backup and Recovery, page 10-4 6. Configure the RDU SNMP agent. Using the snmpAgentCfgUtil.sh Tool, page 11-6 DPE Checklist You must perform the tasks described in Table 3-2 after those described in Table 3-1. Note Items marked with an asterisk (*) are mandatory tasks or procedures.
Chapter 3 Configuration Workflows and Checklists Technology Workflows Table 3-2 DPE Configuration Checklist (continued) Procedure Refer to ... 10. Verify that the DPE successfully connected to Viewing Servers, page 16-22 the RDU and was registered. 11. Configure the home provisioning group The interface ip x.x.x.x. pg-communication and service cwmp-redirect 1 enable commands described in the Cisco Broadband Access Center 3.8 DPE CLI Reference.
Chapter 3 Configuration Workflows and Checklists Technology Workflows Table 3-3 RDU Configuration Workflow (continued) Procedure c. Create a Class of Service from the administrator user interface. Refer to ... Configuring the Class of Service, page 17-1 Remember to: – Specify the configuration template file. – Specify the firmware rules file. – Optionally, specify properties. 2. Configure default settings for the CWMP technology from the administrator user interface.
Chapter 3 Configuration Workflows and Checklists Technology Workflows • Owner identifier • CPE password, if client authentication using unique client certificates is not enabled. • Connection Request username. This step is optional. • Connection Request password. This step is optional. Optional Connection Request Methods on the Class of Service. This step is optional. Configuring the connection request method enables device authentication of the autoconfiguration server.
Chapter 3 Configuration Workflows and Checklists Technology Workflows Configuring CWMP Service on the DPE Table 3-4 identifies the configuration tasks that you must perform to configure the CWMP services on the DPE. Table 3-4 DPE Configuration Workflow - CWMP Management Procedure Refer to ... Configure the CWMP services that run on the DPE. The CWMP Technology Commands described in the Cisco Broadband Access Center 3.
Chapter 3 Configuration Workflows and Checklists Technology Workflows Configuring HTTP File Service on the DPE Table 3-5 identifies the configuration tasks that you must perform to configure the HTTP file services running on the DPE. Table 3-5 DPE Configuration Workflow - Firmware Management Procedure Refer to ... Configure the HTTP file service that runs on the DPE. The CWMP Technology Commands described in the Cisco Broadband Access Center 3.8 DPE CLI Reference.
Chapter 3 Configuration Workflows and Checklists Technology Workflows Configuring HTTP Auth Service on the DPE Table 3-6 below identifies the configuration tasks that you must perform to configure the AUTH services on the DPE. Table 3-6 DPE Configuration Workflow - AUTH Management Procedure Refer to ... Configure the Auth service that run on the DPE. The CWMP Technology Commands described in the Cisco Broadband Access Center 3.8 DPE CLI Reference.
Chapter 3 Configuration Workflows and Checklists Technology Workflows To configure the ACS URL of a provisioning group from the administrator user interface: Step 1 On the primary navigation bar, click Servers > Provisioning Groups. The Manage Provisioning Groups page appears. Step 2 Click the identifier link of the correct provisioning group. The View Provisioning Group Details page appears. Step 3 In the Provisioning Group Properties area, enter the URL in the ACS URL field.
Chapter 3 Configuration Workflows and Checklists Technology Workflows Cisco Broadband Access Center 3.
CH A P T E R 4 CPE Management Overview This chapter describes the management of customer premises equipment (CPE) by using the CPE WAN Management Protocol for Cisco Broadband Access Center (BAC).
Chapter 4 CPE Management Overview Cisco BAC Device Object Model Cisco BAC Device Object Model The Cisco BAC device object model is crucial in controlling the configuration and firmware rules that are generated as instructions for the DPE to manage devices. This process occurs at the RDU, and is controlled through named attributes and relationships. The main objects in the device object model are: • IPDevice—Represents a network entity that requires provisioning.
Chapter 4 CPE Management Overview Cisco BAC Device Object Model Table 4-1 describes the attributes and relationships unique to each object in the data model. Table 4-1 Device Object Relationships Object Related to ... IP Device • Could be preregistered or unregistered (See Device Deployment in Cisco BAC, page 4-16).
Chapter 4 CPE Management Overview Discovering CPE Parameters If the registered Class of Service for a device is changed, it regenerates instructions for the generated device configuration even if it is not the selected Class of Service, since it could impose a policy that would change the selected Class of Service.
Chapter 4 CPE Management Overview Multi-Instance Object Support This instruction can be used to keep the RDU up-to-date on such key parameters as the software version and the model name. These parameters may, in turn, be used to generate other instructions, such as configuration instructions specific to a given device type. Table 4-2 lists the default parameters that Cisco BAC discovers. Table 4-2 Default Discovered Parameters Parameter Description Inform.DeviceId.
Chapter 4 CPE Management Overview Multi-Instance Object Support Configuration Template Earlier to this release of BAC, the scope of configuration template represented only the possible set parameter values and set parameter attributes that could be performed. There was no mechanism to discover object names.
Chapter 4 CPE Management Overview Multi-Instance Object Support • Index - This option can be used for direct indexing and accepts a valid positive integer. This is the index into the returned instance names. For example, index value 1 returns the first instance. In configuration template, the expression parameters in pre-requisites can also be configured with multi-instance object parameters, with any of the discovered options. For more information on prerequisites, see Prerequisites, page 5-9.
Chapter 4 CPE Management Overview Multi-Instance Object Support The behavior of BAC to apply the above template configuration during configuration sync is explained below: 1. BAC retrieves GetParameterNames RPC data for the object Device.Services.FAPService. with next level option set to true. 2.
Chapter 4 CPE Management Overview Multi-Instance Object Support The behavior of BAC to push the above template configuration during configuration sync is explained below: 1. BAC discovers the instances in the object Device.Services.FAPService. by issuing GetParameterNames RPC with next level set to true. 2. Since last() method is used, it gets the last instance and discovers the instances in the next level by issuing GetParameterNames RPC for the parameter Device.Services.FAPService.{last()}.REM.UMTS.
Chapter 4 CPE Management Overview Multi-Instance Object Support 2. Next, BAC validates the expression. Since the expression parameters are configured with multi-instance object parameters, BAC first discovers and identify the instances to evaluate the expression. 3. After the expression is evaluated to true, BAC discovers the instance for Device.Services.FAPService. by using GetParameterNames RPC with next level set to true. 4.
Chapter 4 CPE Management Overview Multi-Instance Object Support You can specify multi-instance parameter name in the expression, and the discover mechanism of these objects can be configured using the newly introduce template element InstanceConfiguration. Example 4-5 Multi-Instance Object in Expression The following example illustrates usage of multi-instance object in expression: Device.Services.FAPService.{i}.REM.GSM.Cell.{i}.
Chapter 4 CPE Management Overview Multi-Instance Object Support Device.Services.FAPService. last() OR 18 matchAllIgnoreCase Device.Services.FAPService.{i}.REM.UMTS.GSM.Cell.{i}.PLMNID Device.Services.FAPService.
Chapter 4 CPE Management Overview Multi-Instance Object Support Parameter Discovery Multi-instance object parameters can now be specified in the data discovery. This support is extended for preregistered and unregistered devices. Preregistered Devices For preregistered devices, the multi-instance object parameters can be configured in the parameter IPDeviceKeys.CWMP_CUSTOM_DISCOVER_PARAMETERS as in the example below: /IPDevice/custom/discover/parameters= Device.Services.FAPService.{i}.REM.GSM.Cell.{i}.
Chapter 4 CPE Management Overview Instruction Generation and Processing Instruction Generation and Processing Instruction generation is the process of generating specific instruction sets for CWMP devices. By using technology extensions, through which device technologies are incorporated into Cisco BAC, device details are combined with provisioning rules to produce instruction sets appropriate to the CPE.
Chapter 4 CPE Management Overview Instruction Generation and Processing • Data Synchronization Instruction (DataSyncRecord)—Keeps the RDU up-to-date on various CPE parameters, such as the software version and the model name. These parameters may, in turn, be used in generating other instructions, such as configuration instructions that are specific to a given device type. Some parameters are checked on every connection, while others are checked only when a change in the firmware version occurs.
Chapter 4 CPE Management Overview Device Deployment in Cisco BAC During the process of configuration synchronization: 1. The DPE receives a ParameterKey from the device. If the value of this ParameterKey matches the one stored in the DPE, no synchronization is initiated. If the ParameterKey values differs, the synchronization process continues. 2. If access control is set in its configuration, the DPE sets the AccessList parameter to ACS-only. The access control feature is, by default, enabled.
Chapter 4 CPE Management Overview Device Deployment in Cisco BAC Cisco BAC provides two device deployment options, which can also be used in combination: • Preregistered—The device record is added to the RDU before the device makes initial contact with the DPE, also known as the ACS. • Unregistered—The device makes contact with the DPE, before the device record is added to the RDU.
Chapter 4 CPE Management Overview Initial Provisioning Flows Note With no preregistered device data available, the chances of a Denial of Service attack increase, as unknown devices are not authenticated. Initial Provisioning Flows This section describes the configuration workflow for a device, which differs based on whether a device is preregistered or unregistered. Figure 4-2 shows a common initial configuration flow.
Chapter 4 CPE Management Overview Initial Provisioning Flows d. The device instruction set is forwarded to the DPE and cached there. Now, the DPE is programmed to handle subsequent CPE protocol interactions for this device autonomously from the RDU. After the device is added to the network and a configuration is generated for the device, the device boots to allow the DPE to begin its interactions with the preregistered device. e.
Chapter 4 CPE Management Overview Assigning Devices to Provisioning Groups Assigning Devices to Provisioning Groups Devices can be assigned to a provisioning group in three ways: explicitly, automatically, or using a combination of both. Explicit Assignment You can explicitly assign a device to a provisioning group. After devices appear in the default provisioning group, the provisioning system may, using the API, assign the device to a new provisioning group.
Chapter 4 CPE Management Overview Device Diagnostics Device Diagnostics CWMP supports device troubleshooting and diagnostics features that you use to focus on a single device and collect diagnostics information for further analysis. This feature enables you to query devices for any data, including: • Configuration • Live statistics • Fault indications • Log file • Diagnostics results Device diagnostics is made possible in Cisco BAC through a set of operations that can be run on the device.
Chapter 4 CPE Management Overview Configuring SNMP Trap for CPEs The following components are configured in Cisco BAC for SNMP Trap facility: • RDU, see Configuration at RDU Level, page 4-22 • DPE and Trap Receiver, see Configuration at DPE Level, page 4-22 • Device, see Configuration at Device Level, page 4-23 Configuration at RDU Level To configure RDU for SNMP trap facility: Step 1 Create or update the BAC configuration template to support expedited and queued alarms.
Chapter 4 CPE Management Overview Configuring SNMP Trap for CPEs • ManagedObjectInstance • EventType • ProbableCause • SpecificProblem • PerceivedSeverity • AdditionalText • AdditionalInformation These SNMP alarm property values can be configured in dpe.properties file through DPE CLI. For details on DPE CLI, see Cisco Broadband Access Center 3.8 DPE CLI Reference. Step 2 Customize the /cpeAlarm/alarmParams property in dpe.properties file to include SNMP alarm property values.
Chapter 4 CPE Management Overview Configuring SNMP Trap for CPEs Table 4-3 Properties - SNMP Trap Facility (continued) Property Possible values Default Values Description /IPDevice/cpeAlarm/prefixEID True/False False If set to true, then EID will be prefixed with ManagedObject Instance and AlarmIdentifier. /IPDevice/cpeAlarm/prefixEID Any Custom Property - If set, then the custom property will be prefixed with the ManagedObject Instance in the SNMP trap.
CH A P T E R 5 Configuration Templates Management This chapter details the templates that Cisco Broadband Access Center (BAC) supports for device configuration and device management.
Chapter 5 Configuration Templates Management Overview The syntax and content of the processed configuration template is validated when it is added to the Cisco BAC system, ensuring that the XML template is well-formed. This validation also ensures that parameter names and values are consistent with definitions in the parameter dictionary, an XML file that defines the supported objects and parameters. (See Parameter Dictionaries, page 7-1.
Chapter 5 Configuration Templates Management Overview Cisco BAC supports multiple instance object which is available in the configuration template. This facilitates discovering and updating parameters for the selective object instances without specifying the object instance number. For more information on multi-instance object support see, Multi-Instance Object Support, page 4-5. You can manage template files, configuration and firmware rules, by using the administrator user interface.
Chapter 5 Configuration Templates Management Features of Cisco BAC Templates Features of Cisco BAC Templates A configuration template is a collection of Objects and Parameters. In a TR-069 device, InternetGatewayDevice is the root object, while in TR-106 device, Device is the root object. In a TR-196 device, InternetGatewayDevice or Device is the root object. Figure 5-1 illustrates the schema of a TR-069 device Configuration. Each element featured in the schema is described in subsequent sections.
Chapter 5 Configuration Templates Management Features of Cisco BAC Templates A configuration template comprises the following components: • ObjectInstance—Represents an instance of a TR-069 CPE node. You must specify the object’s ‘name.’ An object may include other objects and parameters, both of which, in turn, may include other elements in line with the TR-069 specification. A CPE object may contain: – Object—Describes an instance of a CPE node.
Chapter 5 Configuration Templates Management Features of Cisco BAC Templates Parameters This section describes the schema associated with parameter objects in the configuration templates (see Figure 5-2). Figure 5-2 Parameter Schema cwmp:Name Name is the name of a CPE Parameter. This is validated using parameter dictionary. cwmp:Value Value is data for the Parameter. Data type is validated using parameter dictionary. cwmp:ComplexValue cwmp:Parameter Parameter element describes a CPE Parameter.
Chapter 5 Configuration Templates Management Features of Cisco BAC Templates Example 5-1 illustrates how you can configure values for a parameter: Example 5-1 Configuring Parameter Values tr069-cwmp-dictionary.
Chapter 5 Configuration Templates Management Features of Cisco BAC Templates Notification By using the Cisco BAC Notification attribute, a device can notify the DPE of parameter value changes. Notifications, by default, are turned off. If Notification is enabled, it specifies that a device should include the changed values of a particular parameter in the device Inform message to the DPE, and that the device must initiate a session to the DPE whenever the value of that particular parameter is changed.
Chapter 5 Configuration Templates Management Features of Cisco BAC Templates www.sbc.com Access Control Access control in Cisco BAC is enabled through the AccessControl attribute of the CPE that you can control by using configuration templates. CPE parameters can be changed using LAN autoconfiguration protocol if access control is set to allow such access.
Chapter 5 Configuration Templates Management Features of Cisco BAC Templates Figure 5-3 illustrates the schema of the prerequisites option: Figure 5-3 Prerequisite Schema cwmp:StartTime This is Time of Day: hh:mm:ss. [ 13:04:05 ] cwmp:MaintenanceWindow cwmp:Duration This represents the time window when this configuration can be applied to a device. hh:mm cwmp:DayOfWeek 0..7 This is Day of week when the configuration is applicable.
Chapter 5 Configuration Templates Management Features of Cisco BAC Templates Expressions Expressions are conditionals that use information from device properties. They may use Parameters, InformParameters or rpcArguments. Expressions are used within prerequisites and firmware rules and are processed when a device contacts Cisco BAC to retrieve its configuration.
Chapter 5 Configuration Templates Management Features of Cisco BAC Templates Example 5-3 Configuring MaintenanceWindow In the following example, the values of the StartTime, Duration, and DayOfWeek tags define the period when this rule is in effect. This template takes effect at 1 a.m. for a period of 5 hours, on every Monday, Tuesday, and Friday.
Chapter 5 Configuration Templates Management Features of Cisco BAC Templates For detailed information on PeriodicInformInterval, see the Broadband Forum’s Technical Report on TR-069. You can initiate a firmware upgrade in a similar fashion. Firmware upgrades are typically carried out only within a specific time range. After defining a firmware rule template with the MaintenanceWindow option set, associate the firmware rule template to a Class of Service object by using the administrator user interface.
Chapter 5 Configuration Templates Management Authoring Configuration Templates Authoring Configuration Templates You can use Cisco BAC to generate instructions for customized configurations for many devices from a single template by using template constructs. Parameter substitution and conditional inclusion or exclusion of template content, controlled by values from the Cisco BAC property hierarchy, create a custom configuration from a template.
Chapter 5 Configuration Templates Management Authoring Configuration Templates Configuration templates support: • Parameter substitution—Substitutes values from the Cisco BAC property hierarchy into XML element content and element attributes by using the VAR() construct. (For details, see Using Parameter Substitution, page 5-16). • Includes—Build a set of reusable template snippets.
Chapter 5 Configuration Templates Management Authoring Configuration Templates To configure custom properties from the administrator user interface, choose the Configuration > Custom Property tabs. Use the Add Custom Property page to add or delete custom properties. For details, see Configuring Custom Properties, page 17-5.
Chapter 5 Configuration Templates Management Authoring Configuration Templates Note The API constant for /IPDevice/connectionRequestPath is IPDeviceKeys.CONNECTION_REQUEST_PATH. Example 5-12 Using a defaultValue With a Comma VAR(token=;;name=/cpe/usrStr; defaultValue=4,5;) Example 5-13 Creating a String Value based on a Cisco BAC Property CWMP_VAR(name=/cpe/version, defaultValue=4).bin If cpe/version is 1-08 then the Value will be CWMP_1-08.bin.
Chapter 5 Configuration Templates Management Authoring Configuration Templates PeriodicInformInterval 30 Host Template: cwmp-config.xml PAGE 85Chapter 5 Configuration Templates Management Authoring Configuration Templates
Using Conditionals Cisco BAC supports powerful conditional expressions in template constructs to provide ultimate configuration customization. You can use conditional expression constructs to include or exclude blocks of text within a template. These construct elements are tc:if, tc:choose, and tc:when. You use the tc:if construct for simple single conditionals.
Chapter 5 Configuration Templates Management Authoring Configuration Templates Table 5-2 Conditional Template Constructs Supported in Cisco BAC (continued) Conditional expression when..otherwise Conditional expression choose XML does not support the left angle bracket (<) and the ampersand (&). Instead, use the predefined entities (described in Table 5-3) for these characters. Table 5-3 XML Definitions in Cisco BAC Instead of ... Use ...
Chapter 5 Configuration Templates Management Authoring Configuration Templates Enable false Example 5-18 Looking for Text in Single Quotes Using cwmp’s test: Enable false Example 5-19 Looking for Text in Double Q
Chapter 5 Configuration Templates Management Using the Configuration Utility PeriodicInformInterval 21600 PeriodicInformInterval 1200 Using the Configuration Utility You can use the configuration utility to test, validate, and view TR-069 template files: co
Chapter 5 Configuration Templates Management Using the Configuration Utility Running the Configuration Utility In subsequent procedures and examples, the phrase running the configuration utility means to enter the runCfgUtil.sh command from the directory specified. To run the configuration utility, run this command from the /rdu/bin directory: runCfgUtil.
Chapter 5 Configuration Templates Management Using the Configuration Utility If the template uses VAR() constructs to reference a device property, use the device option to generate a sample template. Step 4 After all tests succeed, configure a Class of Service to use the template. Validating XML Syntax for a Local Template File Use the runCfgUtil.sh command to validate template files stored on the local file system. Syntax Description runCfgUtil.
Chapter 5 Configuration Templates Management Using the Configuration Utility • -cwmp—Identifies the input file to be processed as a CWMP template file. • -a sc—Specifies a syntax check. • -r file—Identifies the input file as a file that has been added to the RDU. • -u username—Specifies the username to use when connecting to the RDU. • -p password—Specifies the password to use when connecting to the RDU.
Chapter 5 Configuration Templates Management Using the Configuration Utility Step 3 Run the configuration utility by using this command: ./opt/CSCObac/rdu/bin/runCfgUtil.sh -cwmp -a gc -l sample-cwmp-config.xml -o output.xml • sample-cwmp-config.xml—Identifies the input file. • output.xml—Identifies the file in which to save the processed template in XML format. After running the utility, results similar to these should appear: Broadband Access Center Configuration Utility Version: 3.
Chapter 5 Configuration Templates Management Using the Configuration Utility Testing Template Processing for a Cisco BAC Template File and a Device Use the runCfgUtil.sh command to test the template processing for a file stored in the RDU database and associated with a device. Syntax Description runCfgUtil.sh -cwmp -a gc -r file -o file -i deviceID -u username -p password • -cwmp—Identifies the input file to be processed as a CWMP template file.
Chapter 5 Configuration Templates Management Using the Configuration Utility Note You can open the output.xml file to view the configuration. The VAR(name=/IPDevice/connectionRequestUsername, defaultValue=test) statement will be replaced with testUser. Cisco Broadband Access Center 3.
CH A P T E R 6 Firmware Management This chapter describes firmware management for TR-069 compliant devices in Cisco Broadband Access Center (Cisco BAC).
Chapter 6 Firmware Management Firmware Management Mechanisms This download can be initiated in various modes: • Firmware-rule based, in which firmware rules may or may not allow the download of the file requested by a device, or may download a different file. Firmware rules are executed whenever a device connects to the DPE.
Chapter 6 Firmware Management Firmware Management Mechanisms In this model, you can make convenient updates to the definition of the rules, which apply to a large number of devices. When the rules template is updated, CPE that are indirectly associated with the template through the Class of Service are managed according to the new policy.
Chapter 6 Firmware Management Firmware Management Mechanisms Table 6-1 Files Used in Firmware Rules Template Processing File Purpose Options Available in Cisco BAC Firmware Rules Template Samples Defines device configuration Sample templates Firmware Rule Template Schema Validates firmware rules template syntax Parameter Dictionary Parameter Dictionary Schema Sample templates are located at: /rdu/samples/cwmp Default template schemas Default template schemas are located at: • Firm
Chapter 6 Firmware Management Managing Firmware Files File Service In the process of firmware management and regardless of which management method is used, the device is instructed to obtain a new firmware file from a file server. Cisco BAC provides a file service in its DPE servers. However, CPE can also be directed to other file servers if necessary. For the various configuration options that Cisco BAC supports, see CWMP Service Configuration, page 12-1.
Chapter 6 Firmware Management Authoring Firmware Rules Templates Table 6-2 Firmware File Management Operations (continued) Firmware Image File Firmware Rules Template Replace contents and/or modify file attributes/properties Replace file contents, modify file attributes and properties, or both You can replace an existing firmware image file even if the file is associated to a firmware file template using the API.
Chapter 6 Firmware Management Authoring Firmware Rules Templates – Expression—Zero or more expression for evaluating this rule; has the same syntax and definition as the Expression defined for the FirmwareRule element. For detailed information, see Expression and Regular Expression, page 6-7. • FirmwareRule—Each FirmwareRule element provides: – Expression—Zero or more expressions for evaluating this rule. The rules triggers a firmware update if all expressions in a given rule match.
Chapter 6 Firmware Management Authoring Firmware Rules Templates 3 SCHEDULED match Cisco BAC supports the following parameter names in the InformParameter tag: • Inform.DeviceId.Manufacturer • Inform.DeviceId.ManufacturerOUI • Inform.DeviceId.ProductClass • Inform.DeviceId.SerialNumber • Inform.EventCode For information on the values for Inform.EventCode, refer to the DSL Forum’s Technical Report on TR-069.
Chapter 6 Firmware Management Authoring Firmware Rules Templates • noMatch—Specifies that the device parameter value must not match any of the values in a case-sensitive comparison. • noMatchIgnoreCase—Specifies that the device parameter value must not match any of the values in a case-insensitive comparison. Example 6-1 Expression - match InformParameterName In the following sample expression, the match condition indicates that the subsequent rules are valid when the InformParameter Inform.
Chapter 6 Firmware Management Authoring Firmware Rules Templates 1.02 noMatch While specifying the Regex pattern, the operator tag may be one of the following: • regexMatch—Indicates a condition that is set to ensure that the firmware rule is applied only when the device parameter value matches the Regex pattern.
Chapter 6 Firmware Management Authoring Firmware Rules Templates • Examples FileSize—Specifies the size of the file. This is mandatory when the location is File System. The FileSize can also be set to 0. sample-firmware-image1.
Chapter 6 Firmware Management Authoring Firmware Rules Templates 01:00:00 5:00 Device.DeviceInfo.EventCode 1 BOOT match Device.DeviceInfo.HardwareVersion W3GFP-100-Rev 6.0 matchIgnoreCase Device.
Chapter 6 Firmware Management Using Template Constructs with Firmware Rule Templates Device.DeviceInfo.SoftwareVersion 5.4.1 match http://10.10.10.10:889/sample-firmware-image.
Chapter 6 Firmware Management Using Template Constructs with Firmware Rule Templates • /rdu/templates/cwmp/schema/FirmwareTemplateSchema.xsd • /rdu/templates/cwmp/schema/CommonTemplateConstructs.xsd Note The XML namespace of the Cisco BAC Common Template constructs is defined as xmlns:tc='urn:com:cisco:bac:common-template'.
Chapter 6 Firmware Management Using Template Constructs with Firmware Rule Templates Using Conditionals Cisco BAC supports powerful conditional expressions in template constructs to enable ultimate configuration customization. You can use these conditional expression constructs to include or exclude blocks of text within a template. These construct elements are tc:if, tc:choose, and tc:when. For detailed information and specific examples on conditionals, see Using Conditionals, page 5-19.
Chapter 6 Firmware Management Using Template Constructs with Firmware Rule Templates Cisco Broadband Access Center 3.
CH A P T E R 7 Parameter Dictionaries This chapter describes Parameter Dictionaries which are used in the process of configuring and managing customer premises equipment (CPE) for CWMP.
Chapter 7 Parameter Dictionaries Using Default Dictionaries Figure 7-1 illustrates the schema of a parameter dictionary. Figure 7-1 Parameter Dictionary Schema attributes name ParameterDictionary object 1.. object Name Type Parameter Readable 0.. Writable 158270 SupportsNotification writable Configuration or firmware rules template processing fails during instruction generation if there are errors in the template.
Chapter 7 Parameter Dictionaries Custom Dictionaries These default dictionaries are located at: Note • /rdu/templates/cwmp/dictionary/tr069-cwmp-dictionary.xml • /rdu/templates/cwmp/dictionary/tr104-cwmp-dictionary.xml • /rdu/templates/cwmp/dictionary/tr098-cwmp-dictionary.xml • /rdu/templates/cwmp/dictionary/tr196-cwmp-dictionary-v1.1.xml • /rdu/templates/cwmp/dictionary/tr196-cwmp-dictionary-v2.0.
Chapter 7 Parameter Dictionaries Parameter Dictionary Syntax Cisco BAC supports all data types that are defined in the TR-069 and TR-196 specification. The Parameter Dictionary specifies the data types that this Cisco BAC release supports, as listed in Table 7-1: Table 7-1 Cisco BAC Supported Data Types Type Description String A maximum allowed length may be listed using the string (N) syntax, where (N) is the maximum string length in characters.
Chapter 7 Parameter Dictionaries Managing Parameter Dictionaries through User Interface GenericObjectKeys.OID_REVISION_NUMBER DeviceDetailsKeys.
Chapter 20 Cisco BAC Support Tools and Advanced Concepts Using the disk_monitor.sh Tool Following a successful export from the Cisco BAC backup database, the Device Export tool creates a device file, which contains the list of device records that are successfully exported from the Cisco BAC backup database. The filename is bac-device-details-yyyyMMdd-HHmmss.csv: Where yyyyMMdd-HHmmss identifies the time the file was generated. Using the disk_monitor.
Chapter 20 Cisco BAC Support Tools and Advanced Concepts Using the resetAdminPassword.sh Tool Using the resetAdminPassword.sh Tool Cisco BAC supports both local authentication and TACACS+ authentication and you can use the resetAdminPassword.sh tool to reset the password for both local and TACACS+ authentication. Run the resetAdminPassword.sh tool from the BPR_HOME/rdu/internal/db/bin directory. When the authentication is local if you use the resetAdminPassword.
Chapter 20 Cisco BAC Support Tools and Advanced Concepts Using the runEventMonitor.sh Tool Table 20-1 describes the types of events that you can view from the event monitor: Table 20-1 Events that can be viewed from the Event Monitor Event Sub-Event Description Batch Completion Displays when a batch submitted by a client application ends. Contains the batch status. Class of service New Indicates when a class of service is added to the system.
Chapter 20 Cisco BAC Support Tools and Advanced Concepts Using the runEventMonitor.sh Tool Table 20-1 Events that can be viewed from the Event Monitor (continued) Event Sub-Event Description Messaging Connection Up Indicates when a connection on the local instance of the messaging system starts. Messaging Connection Down Indicates when a connection on the local instance of the messaging system stops.
Chapter 20 Cisco BAC Support Tools and Advanced Concepts Using the changeARProperties.sh Tool source=BPR Provisioning API:BPR Regional Distribution Unit:AddIPDevice command IP=null FQDN=null group=null Using the changeARProperties.sh Tool The Cisco BAC installation program establishes values for configuration properties used by Cisco BAC extensions that are incorporated into the Access Registrar RADIUS server. You use the changeARProperties.
Chapter 20 Cisco BAC Support Tools and Advanced Concepts Using the changeNRProperties.sh Tool Using the changeNRProperties.sh Tool The Cisco BAC installation program establishes values for configuration properties used by Cisco BAC extensions that are incorporated into the Network Registrar DHCP server. You use the changeNRProperties.sh command, which is found in the BPR_HOME/cnr_ep/bin directory, to change key configuration properties.
Chapter 20 Cisco BAC Support Tools and Advanced Concepts Using the changeNRProperties.sh Tool Cisco Broadband Access Center 3.
CH A P T E R 21 Troubleshooting Broadband Access Center This chapter provides the information on how to observe the RDU and DPE logs, and troubleshoot Cisco BAC. This chapter includes the following sections: • Troubleshooting Checklist, page 21-1 • Logging, page 21-2 Troubleshooting Checklist While troubleshooting with Cisco BAC, use the checklist described in Table 21-1. Table 21-1 Troubleshooting Checklist Procedure Refer to ... 1.
Chapter 21 Troubleshooting Broadband Access Center Logging Table 21-1 Troubleshooting Checklist (continued) Procedure Refer to ... 7. If troubleshooting a specific device, view the history of the device Viewing Device History, configuration from the administrator user interface. page 16-12 8. If troubleshooting a specific device, view the device instructions that are cached at the DPE. 9.
Chapter 21 Troubleshooting Broadband Access Center Logging Log Levels and Structures The log file structure is described here, and illustrated in Example 21-1, and includes: • Domain Name—This is the name of the computer generating the log files. • Date and Time—This is the date on which a message is logged. This information also identifies the applicable time zone. • Facility—This identifies the system which, in this case is the Cisco BAC.
Chapter 21 Troubleshooting Broadband Access Center Logging Domain Name Data and Time SubFacility facility Security Level Msg ID Message BAC1: 2006 04 21 07:28:00 EDT: BAC- RDU- 6 0569: Created default admin user BAC1: 2006 04 21 07:28:00 EDT: BAC- RDU- 6 0574: Loaded 6 license keys BAC1: 2006 04 21 07:28:00 EDT: BAC- RDU- 6 0575: Database initialization completed in 471 msec BAC1: 2006 04 21 07:28:00 EDT: BAC- RDU- 6 0015: Unable to locate manifest file BAC1: 2006 04 21 07:2
Chapter 21 Troubleshooting Broadband Access Center Logging RDU Logs The RDU has two logs that it maintains in the BPR_DATA/rdu/logs directory: • rdu.log—Records all RDU events according to the configured logging severity level. (See Setting the RDU Log Level, page 21-6, for instructions on setting the default log levels.) To view rdu.log, see Viewing the rdu.log File, page 21-5. • audit.
Chapter 21 Troubleshooting Broadband Access Center Logging We recommend that you keep the RDU logging level at the Warning level to help maintain a steady operations state. The Information level is recommended to be used with caution if you need to maintain steady state performance during debug operations. You should exercise caution when running with the Information level set because this creates a great number of log entries, which in itself can adversely impact performance.
Chapter 21 Troubleshooting Broadband Access Center Logging Step 3 Enter the RDU username at the prompt. In this example, the default username (bacadmin) is used. Please type RDU username: bacadmin This prompt appears: Please type RDU password: Step 4 Enter the RDU password for the RDU at the prompt. In this example, the default password (changeme) is used. Please type RDU password: changeme This message appears to notify you that the log level has been changed.
Chapter 21 Troubleshooting Broadband Access Center Logging DPE Logs The DPE maintains its logs at the BPR_DATA/dpe/logs directory. • dpe.log—Records all events having the configured default level. In situations where the DPE undergoes catastrophic failure, such as engaging in a series of system crashes, the catastrophic errors are also logged into the rdu.log file. • perfstats.log—Records device performance statistics to help troubleshoot issues related to system performance.
Chapter 21 Troubleshooting Broadband Access Center Logging The syntax for setting the trace level is: trace [server] [level] Table 21-3 Trace Levels Log Level Description 0 No trace performed. 1 Report when a packet is sent or received or when there is a change in a remote server's status.
Chapter 21 Troubleshooting Broadband Access Center Logging Cisco Broadband Access Center 3.
GLOSSARY A alert A syslog or SNMP message notifying an operator or administrator of a problem. API Application programming interface. Specification of function-call conventions that defines an interface to a service. audit logs A log file containing a summary of major changes in the RDU database. This includes changes to system defaults, technology defaults, and classes of service. autoconfiguration server (ACS) A server that provisions a device or a collection of devices.
Glossary D device provisioning engine (DPE) DPE servers cache device instructions and perform CWMP services. These distributed serves automatically synchronize with the RDU to obtain the latest instructions and provide Cisco BAC scalability. F fully qualified domain name (FQDN) FQDN is the full name of a system, rather than just its hostname. For example, cisco is a hostname and www.cisco.com is an FQDN. H See Secure Sockets Layer and Transport Layer Security.
Glossary P provisioning API A series of Cisco BAC functions that programs can use to make the operating system perform various functions. provisioning groups Groupings of devices with a defined set of associated DPE servers, based on either network topology or geography. publishing Publishing provides provisioning information to an external datastore in real time. Publishing plug-ins must be developed to write data to a datastore.
Glossary V Voice over IP (VoIP) Mechanism to make telephone calls and send faxes over IP-based data networks with a suitable quality of service (QoS) and superior cost/benefit. W watchdog agent A watchdog agent is a daemon process that is used to monitor, stop, start and restart Cisco BAC component processes such as the RDU, JRun, and the SNMP agent. Cisco Broadband Access Center 3.
INDEX BAC architecture, and A MIB support ACS alert messages definition GL-1 URL, discovery 3-9 2-6 ACS URL, configuring BAC architecture, and 3-9 9-4 12-5 8-7 8-4 15-3 viewing 15-3 about provisioning groups 2-6 2-4 9-4 9-6 command line interface deployment 7-5 logging 2-2, 2-4 audit logs, definition 7-6 authentication performance statistics, collecting about enabling, disabling 11-14 RDU extensions, managing required points (table) 9-5 2-1 watchdog process 7-6 2-7 GL-1 1
Index template processing, testing B template syntax, validating backup and recovery of database 10-4 to 10-6 using features caching, definition GL-1 5-24 5-23 5-4 access control C 5-25, 5-26, 5-27 5-9 notification 5-8 parameters 5-6, 5-7 parameters, schema (figure) cautions prerequisites regarding custom properties, deleting 17-5 disk space requirement figures 10-3 network deployment with an evaluation license key 17-20 template files, deleting 17-19 troubleshooting devices 8-10
Index CWMP RDU client certificate, configuring 17-7 external load balancer, configuring 17-10 system device history automatic enabling, disabling explicit 8-4 number of entries device deployment options preregistered 12-11 parameters deleting instruction generation, and exporting 17-19 replacing 17-18 viewing overview adding a license overview Datastore changes about custom extension points, installing 17-24 17-26 connection request service GL-1 17-25 connection request 12-
Index self-signed certificate, displaying 13-7 server certificate and private key, generating 13-6 signed certificate, verifying 11-14 runStatAnalyzer.sh tool, using 11-15 Device Export 13-8 deviceExport.
Index relationships (table) certificates for client authentication, importing 13-10 4-3 device operations about certificate signing request, generating 14-1 conditional execution existing signed server certificate, importing 14-6 self-signed certificate, displaying connection modes asynchronous 14-5 immediate workflow (figure) 14-3 signed certificate into server certificate, importing 13-9 14-3 on-connect workflow (figure) license keys 14-4 device’s provisioning group, managing correctin
Index file service 6-5 firmware image I 6-5 firmware rules template 6-5 icons, administrator user interface (table) instructions firmware rules template authoring 6-6 generation, definition constructs 6-13 generation and processing overview expressions GL-2 4-14 IP address 6-7 internal, external files regular expressions sample 15-4 definition 6-10 GL-2 use IP, connection request 6-7 12-6 6-11 management mechanisms direct firmware policy based 6-1, 6-4 6-4 K key, certificate ma
Index log file, sample scalability 21-3 log files, rotating security 21-4 log levels, configuring log level tool using 21-5 P 21-7 21-6 parameter dictionary 21-6 administrator user interface, using viewing log files adding audit.log deleting dpe.log 21-5 21-8 perfstat.log rdu.
Index redundancy parameter dictionary 12-16 DNS round robin, using prerequisite 12-17 hardware load balancer, using local 18-1 Adding to the Device Property 12-16 regional 5-10 Scripting Framework 12-17 7-2 Extensions for Unknown Devices 12-16 technology workflow publishing, definition 18-3 Integrating in BAC 3-8, 3-9 GL-3 18-4 18-3 Verifying in DPE Cache 18-5 Verifying Status in DPE 18-5 Secure Sockets Layer R See SSL security RDU (Regional Distribution Unit) about 2-4 ale
Index contacts, setting up hosts, adding definition 11-10 See SSL 11-7 hosts, deleting tools and advanced concepts 11-7 listening port, identifying location, changing adding template file notification types, specifying starting configuration utility 11-10 11-10 settings, displaying running 11-11 SSL 20-1 disk_monitor.
Index devices servers, viewing configuration history, viewing data discovery DPEs details 8-4 16-22 provisioning groups details 12-13 in troubleshooting mode 8-9 recurring faults, viewing 8-7 RDU details 16-27 user management adding a new user performance statistics collection monitoring 11-14 deleting users perfstat.log 11-15 modifying users runStatAnalyzer.
