|
|
These release notes are for the Cisco Broadband Access Center (BAC) for Broadband Aggregation Release 2.5.1 software.
These release notes cover the following topics:
Cisco Broadband Access Center (BAC) enables you to provision devices, resources, services, and subscribers easily. You can implement BAC in small to very large scale deployments. The distributed nature of the software supports its deployment in a variety of environments and with a variety of services and technologies.
BAC has the following system requirements:
 |
Note BAC requires that you install the current patches to the Solaris 8 operating system from Sun Microsystems and patch 112438. |
BAC was tested and validated on the hardware, Cisco IOS software, and network cards described in Table 1.
Table 1 Supported Hardware and Cisco IOS Software
BAC integrates with the network servers described in Table 2, although these servers are not bundled with BAC.
This section describes the new software features in Broadband Access Center 2.5.1 and in a previous early deployment release of the software.
This section lists the features provided in Broadband Access Center for Broadband Aggregation Release 2.5:
The procedure for installing BAC is documented in the Broadband Access Center Installation and Configuration Guide. This section describes the following circumstances:
To enable HTTP download using the CNS agent, follow these steps:
a. From the Network Services tab Object Selector, select the Config Engine folder.
b. Click Create. The system displays the Select Owners page in the content area of the main window.
c. Click Next. The system displays the Configuration Engine page in the contents area of the main window.
|
Note For more information about creating a Configuration Engine server, see the Broadband Access Center for Broadband Aggregation User Guide. |
Step 2 Associate the device with the Configuration Engine server:
a. From the Network tab Object Selector, select the network to which the device belongs.
b. In the subtask bar, click Device Management.
c. Click Edit. The system displays the Device properties page in the main window.
d. Click Next four times to go to the Assign System Resources page.
e. Uncheck the setting for the Cisco Config Registrar field.
Step 3 Verify that the router has enabled the CNS agent. The following example illustrates how the configuration of the router might appear:
|
Note In this example, the management IP interface is Fast Ethernet, but it might be Gigabit Ethernet or another interface type; and the example IP address that is used is for the Configuration Engine server. |
If you are using the Cisco e-kit, you need to extract the installation script as follows:
The system displays the following message:
The script checks to see if you have sufficient space for the expanded installer and tar archive.
Step 2 Follow the instructions that the script provides, as shown in this example:
Step 3 Enter the installation path for the product; for example:
Step 4 Refer to the Broadband Access Center Installation and Configuration Guide for the installation procedure.
When you install the BAC server, you are also installing a Web server. The Web server starts automatically when you run ./bacStartup all. Before you can access the Web UI, however, if you have installed the Java Virtual Machine, you might need to reconfigure Internet Explorer as follows:
Step 2 From the Tools menu, select Internet Options. The browser displays the Internet Options dialog box.
Step 3 Click Advanced. The browser displays a list of advanced settings.
Step 4 Scroll through the list to determine if this setting is checked:
Step 5 If it is checked, then click to disable this setting.
Step 6 Click Apply and OK.
Step 7 Close Internet Explorer and then re-open it.
Step 8 To access the Web UI, in the Address field of the browser enter the URL for BAC; for example, enter the following:
The following section describes the new and changed information that you need to take advantage of the BAC 2.5.1 release. It describes the following:
The upload utility (a script called runclient) enables you to convert Cisco IOS configuration files to BAC service features, which are then stored in the BAC database. Initial upload enables you to convert the configuration files on devices that you provisioned before deploying BAC.
|
Note You can upload files using Telnet or HTTP. If you choose Telnet, make sure that the running
configuration file on the router contains the following global configuration command: ip http server This is required due to an internal implementation of Telnet and HTTP. Choosing the no form of this command would disable both Telnet and HTTP. |
To run the runclient utility, follow these steps:
Step 2 To run the utility, use the following command syntax:
>./runclient BACAdmin cisco XMLuploadfile
The following examples illustrate how to write an XML file to perform an upload. For information on the upload document type definition (DTD), see the "Upload DTD" section.
The upload DTD defines the structure and elements that you can use when you create an upload XML file. The upload DTD is as follows:
BAC produces summary and detailed upload reports. These are located in the following directory:
Summary reports provide the following information:
Detailed reports provide the following additional information:
Detailed upload reports contain a section that lists errors. The status code and the status message fields in that section indicate what went wrong.
Error messages often fall into one of these categories:
The following examples show how to correct these errors.
The synchronization operation first uploads the configuration file from the device. This operation has failed. If you are using HTTP as the upload method, verify that the CNS agent is configured on the router, that the CDM Index is properly set on the Configuration Engine server.2 and the router is associated with the correct Configuration Engine server. For more information, see "Enabling HTTP Downloads" section.
The Basic service feature is a prerequisite for all other service features because it defines basic configuration parameters, for example, the type of authentication that the device uses. Other dependencies also exist with some service features. The following two error messages illustrate the dependency requirement.
Error Message 1514, Can't delete service feature type [VirtualTemplate] Because the
existing service feature types [VCClass] need service
In this example, a user has deleted a virtual template configuration from the router, leaving behind the configuration for a VCClass that uses the template. BAC will not permit this operation. To correct this error, either restore the virtual template configuration on the router or delete the VCClass as well. Then, run synchronization again.
This can happen to any service feature. Follow similar steps to correct the error.
Error Message 1514, Service feature type [SinglePVC] needs the service feature type
[Basic]. You must add all service feature types { Basic } that [SinglePVC] depends
on before adding it.
In this example, the device just has a SinglePVC configured, but BAC requires the Basic service feature. To correct this error, add to the router the configuration information corresponding to the Basic service feature. Then, run synchronization again.
This can happen to other service features where there is a dependency between them.
Error Message 60198, Validation failed: Error message Objects of the given
System_virtual_template_no does not exist.
This example assumes that you are trying to synchronize a VCClass service feature. As per the validation XML in /opt/CSCObacss/common/XMLProperties/TemplateFeature/TfVCClass.xml, System_virtual_template_no is a mandatory variable and should be a valid value; that is the virtual template should already be existing on that device. Add the virtual template configuration to the device. Then, run synchronization again.
Sometimes a variable that BAC requires is missing from the router configuration. The following two examples illustrate this scenario.
Error Message 60127, Validation failed: Requiremenet is (System_vc_class_name is
mandatory), input value is (null). (Category 3)
In this example, assume that you are synchronizing a SinglePVC service feature. As per the validation XML, BAC requires the virtual connection class name for the SinglePVC service feature, but it is missing from the device configuration. Add this variable to the device configuration. Then, run synchronization again.
Error Message 9999, {-1=Unable to find value for variable:
System_authentication_timeout}
In this example, assume that you are synchronizing a Virtual Template service feature. As per the template, the System_authentication_timeout is a mandatory variable, but it is missing from the device configuration. Add this to virtual template configuration on the device, Then, run synchronization again.
This might happen if you have made changes to the device using the command line, and those changes do not match the BAC template.
The BAC 2.5.1 release supports Log Viewer. This tool enables you to view an audit trail of BAC activity, including the software component affected and who initiated the activity.
Log Viewer support several categories of audit information:
To read log messages, follow these steps:
Step 2 In the subtask bar, click Log Viewer. The system displays the Log Viewer page in the main window.
Step 3 To view a log message, click View Message.
Step 4 To change the sort order of the log, click the column header you would like to use to sort the file.
Step 5 To filter the log messages, click Filter. The system displays the Filter Criteria dialog box.
Step 6 Set your filter criteria.
Step 7 Click OK.
BAC 2.5.1 provides an XML file that enables you to save device provisioning information that you create using BAC to the NVRAM on the device. This means that you have a backup configuration file on the router in case of failure.
The information about how to change the default password is correctly presented in the Broadband Access Center for Broadband Aggregation Installation and Configuration Guide.
The following are limitations and restrictions with BAC:
In the following example, a router encounters a duplicate VLAN ID and generates the following message:
BAC receives this as a warning and treats the operation as a success, but the VLAN ID was not configured on the router. Thus, the operation failed. To fix the problem, update the keyword in the /opt/CSCObacss/common/IOSParser.config file. In the VLAN ID example, the update would appear as follows:
Small Deployments Startup Order
b. CNS Access Registrar (Must have Oracle running.)
c. CNS Configuration Engine (rvrd started here)
d. BAC (Must have Oracle and Configuration Engine running.)
e. CNS Notification Engine (Must have Oracle, CNS CE, and BAC running.)
f. CIC (Must have CNS Configuration Engine running.)
g. CNS Performance Engine (Must have Configuration Engine running.)
Small Deployment Shutdown Order
b. CNS Notification Engine (Must shutdown before Oracle and BAC.)
d. BAC (Must shutdown before Oracle.)
BAC steps for adding auto reboot to Solaris installations
b. Change to the /etc/init.d directory.
c. Create a BAC file in the directory and add the following:
d. Link the "bac" file to the correct shutdown level and order, i.e. "ln -s /etc/init.d/bac /etc/rc0.d/K04bac".
e. Link the "bac" file to the correct startup level and order.
The VcSystemProperties.xml file affects the following:
The VcSupportedDeviceList.xml file contains all information related to device creation. The model list field and subtype field obtain their values from this file. This file also determines whether a device supports SSH or discovery.
To refresh servers, follow these steps:
Step 2 Click Refresh Servers.
CSCdx59874—The BAC API does not support implementing multiple instances of network address translation (NAT) on the same interfaces, whether they are inside or outside interfaces. While you can add multiple NATs (with different names and ranges) to an interface, you cannot remove them.
The workaround for this situation is to do one of the following:
CSCdx63539—If you download a configuration to a router that contains an incorrect ATM subinterface, then the download configuration pattern through Telnet is wrong. Ultimately, Telnet times out, returning a message that it could not connect to the router.
CSCdy09364—A problem occurs if different roles share the same virtual private dial-up network (VPDN) template. For the PTA-PPPoEoA, PTA-PPPoEoE and PTA-PPPoEoVLAN roles, you can select IPPool or DHCP. For the LAC-PPPoEoA, LAC-PPPoEoE, LAC-PPPoEoVLAN roles, these features are not available, but are still displayed. The same problem exists when you add a virtual template service feature.
You can have only one VPDN on a router regardless of the number roles that you add. Since the router can act as either a PTA or a LAC, VPDN prompts the user to select one of three options:
You should carefully plan the number of roles you add to a router. For example, you might start with LAC-PPPoEoA. When you create the VPDN, you do not need to provide an IP address. However, you can still select either local pool or DHCP because the IP address might be required later for PTA.
CSCdy19994—When you select the console method of downloading device configuration, the Service Provisioning Manager component of the BAC software clears the console port before performing the download. When you log in to the router, the console displays a considerable amount of garbage characters before displaying the new running configuration.
This is most likely to occur when your terminal server is configured for modem callout. To turn off modem callout, do the following:
Step 2 At the command line, enter the following:
CSCdy20943—The Service Provisioning Manager (SPM) component of BAC rolls back download transactions when either the router returns an error or the IE2100 syntax checker returns an error. This is due to a limitation of the CNS Agent, which cannot distinguish between an IE2100 syntax error and a router error.
CSCdy40442—When you attempt to provision a VLAN range using HTTP or Telnet, Cisco IOS reports an error. The other download methods operate properly.
CSCdy72787—To use SSH security to communicate with a router, make sure that, when you add the device using the BAC Web UI, the hostname you enter matches the hostname of an SSH-enabled router. SSH uses the hostname to generate an encryption key. If the hostnames do not match, SSH will not authenticate transmissions to the router.
CSCdy88590—The BAC Web UI has a paging feature that enables you to choose whether to display 10 or 20 records at time. You can also pick the column of data BAC uses to sort these records for display. When you choose the column of data that you want to use for the sort, BAC displays it in alphanumeric order; for example:
CSCdz40721—When you are configuring quality of service (QoS), BAC checks the following dependencies:
The BACAdmin user can assign different ISPs to each of these resources. For example, the policy map might be associated with ISP1 and the service might be associated with ISP2. If a user belonging to a group at ISP2 logs in, the policy map field for the service is empty. To avoid this situation, make sure that the same ISP is associated with the service, policy map, class map, and access list.
CSCea01239—In some instances, the BAC Web UI provides default values that are not valid for all device types. For example, the default value for QoS Rate is not valid for all device types. You may encounter a download error if the QoS rate is out of range for a particular device. Review the QoS rate ranges for your routers.
CSCea34430—In multiple user environments, be aware that the ISC Template Manager component of BAC does not provide a locking mechanism. Thus, it is possible for one user to inadverently overwrite the work of another user. Use caution when modifying templates in such environments.
CSCea39869—If you intend to uninstall BAC and then reinstall the software, use the same username and password to perform each operation. If you use a different username and password for the reinstallation, the ISC Template Manager component of BAC generates error messages.
CSCea66254—When you first run bacStartUp and then call IE2100 setup, you might encounter the following message:
CSCea65867—If you create a device using the BAC northbound API, BAC does not validate the useSSH variable. Set the useSSH variable to true if device is created using NBAPI even if the property file sets supportsSSH to false.
CSCea79133—If you configure a broadband aggregator with the AAA authentication set to local and then provision a subscriber, the subscriber's username and password is not configured on the router during the provisioning process. To authenticate the subscriber's CPE in this configuration, you need to manually add the subscriber's username and password to the router.
CSCea80432—When you create a service under the Network Services tab, the Session-Timeout and Idle-Timeout fields are mandatory fields. These settings are associated with a subscriber when the service profile is connected to the service and saved in the AAA server. When the subscriber's CPE is brought up, these two settings are sent by the RADIUS server to the aggregator and used to set the session and idle timeout for the subscriber. You can see these settings on the aggregator by entering: >show caller timeouts.
The workaround for this situation is as follows:
Step 2 Find the Session and Idle Timeout areas which are as follows:
Step 3 Change the surrounding <IntegerField> and </IntegerField> tags to <TextField> and </TextField>, respectively.
Step 4 Save the file.
Step 5 Create a service under the Network Services and make the Session-Timeout and Idle-Timeout fields empty.
Step 6 Save the service profile.
Step 7 Provision the subscriber's service profile so it is associated with the service profile you just created.
CSCea82309—The Cisco IOS image, 12.2(15)BZ, that BAC requires for the Cisco 10000 series router does not support RPR+ mode from the router console. This means that you cannot perform simultaneous configurations on the PRE-2.
CSCea84238—If you login as an intermediate operator and then delete the LACPPPOA service feature, the Web UI behaves inconsistently. The first time that you select all service features, the Web UI grays out SinglePVCoA and PVCRangeoA. If you uncheck the select all box and then select all again, BAC enables you to select SinglePVCoA and PVCRangeoA. The backend software, however, performs a dependency check and generates an error message.
CSCea86069—If you intend to install BAC using the silent option, before you run the installation make sure the window is allowed to setup connections to the X server. Otherwise, the installation process exits, and you cannot bring up servers when you run the bacStartUp initial command. To avoid the problem, simply run the xhost + command.
CSCea86868—BAC does not validate the type of RADIUS servers that you add to a RADIUS group. For example you can add radius1, which might be an Access Registrar server, and radius2, an Interlink Merit server, to the same group. For load balancing purposes, this mixing of servers is unlikely. Make sure all RADIUS servers in a RADIUS group are of the same type.
CSCeb73930—The BAC installation script is case sensitive. This can cause a problem with the Oracle database when you enter the server id (SID). Enter the Oracle SID as it appears in the oracle configuration file.
CSCec01988—If you delete a policy map, BAC does not check to see if a virtual template service feature still uses the policy map. BAC does not generate an error message until you try to delete the last policy map associated with the virtual template service feature. The workaround is to delete all service features before you delete the policy. The dependency between service profiles and service features is documented in Chapter 7, "Provisioning Broadband Aggregators" of the Cisco Broadband Access Center for Broadband Aggregation User Guide.
CSCec05694—Before you create a class map, make sure to create an access list for it. BAC does not check to see if the access list that you specify when you create a class map already exists. If the access list does not exist, BAC generates an error message when you later provision a policy map.
CSCec14541—A synchronization operation involving an administrative network with multiple devices might fail when an ATM interfaces incorrectly references the vc-class of another device.
CSCec38931—The CNS agent on the Cisco 7301 router does not include error line number information in the <error-message> tag. The error line information is included in the <line-number> tag. For example, if a provisioning request fails, the following error message is generated:
To work around this situation and to determine at which CLI line the provisioning failed, follow these steps:
Step 2 Make the provisioning request, and enter the following command:
If an error occurred, the error line is reported in the <line-number> tag.
CSCec39363—If a BAC server has a local copy of Cisco CNS Access Registrar installed, but /cisco-ar is not created and soft-linked to the actual Access Registrar path, the Add Radius Service feature fails. This is because /opt/CSCObacss/sam/bin is soft-linked to /cisco-ar/bin. To work around this problem, manually create the symbolic link /cisco-ar.
CSCec49730—The BAC installation script erroneously displays the following prompt and error message:
The current version of BAC does not use this module, so you can ignore this message.
CSCec52024—If you are unprovisioning a device, you might encounter the following situation: You successfully unprovision a Service role (for example, PTAPPPoA), and its associated service features, but BAC still displays the device has having a role. Consider the following scenario:
Step 2 Go to Device Management to unprovision the service role and all associated service features.
Step 3 On the Unprovisioning page, click Config Preview.
Step 4 Without waiting for BAC to display the complete configuration, click Next and Unprovision. BAC displays the following error message:
Step 5 Click Back and allow BAC to display the complete configuration.
Step 6 Click Next again and unprovision successfully. Notice that in the Device Management window, however, that the device is listed as Unprovisioned, but it has a Service role (for example, PTAPPPoA). Notice also that if you click View Service, under the PTAPPPoA role, BAC displays a SinglePVCoASF but with no rows.
The BAC documentation consists of the following:
Cisco provides several ways to obtain documentation, technical assistance, and other technical resources. These sections explain how to obtain technical information from Cisco Systems.
You can access the most current Cisco documentation on the World Wide Web at this URL:
http://www.cisco.com/univercd/home/home.htm
You can access the Cisco website at this URL:
International Cisco websites can be accessed from this URL:
http://www.cisco.com/public/countries_languages.shtml
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which may have shipped with your product. The Documentation CD-ROM is updated regularly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual or quarterly subscription.
Registered Cisco.com users can order a single Documentation CD-ROM (product number DOC-CONDOCCD=) through the Cisco Ordering tool:
http://www.cisco.com/en/US/partner/ordering/ordering_place_order_ordering_tool_launch.html
All users can order annual or quarterly subscriptions through the online Subscription Store:
http://www.cisco.com/go/subscription
You can find instructions for ordering documentation at this URL:
http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm
You can order Cisco documentation in these ways:
http://www.cisco.com/en/US/partner/ordering/index.shtml
You can submit comments electronically on Cisco.com. On the Cisco Documentation home page, click Feedback at the top of the page.
You can send your comments in e-mail to bug-doc@cisco.com.
You can submit comments by using the response card (if present) behind the front cover of your document or by writing to the following address:
Cisco Systems
Attn: Customer Document Ordering
170 West Tasman Drive
San Jose, CA 95134-9883
For all customers, partners, resellers, and distributors who hold valid Cisco service contracts, the Cisco Technical Assistance Center (TAC) provides 24-hour, award-winning technical support services, online and over the phone. Cisco.com features the Cisco TAC website as an online starting point for technical assistance.
The Cisco TAC website (http://www.cisco.com/tac ) provides online documents and tools for troubleshooting and resolving technical issues with Cisco products and technologies. The Cisco TAC website is available 24 hours a day, 365 days a year.
Accessing all the tools on the Cisco TAC website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a login ID or password, register at this URL:
http://tools.cisco.com/RPF/register/register.do
The online TAC Case Open Tool (http://www.cisco.com/tac/caseopen ) is the fastest way to open P3 and P4 cases. (Your network is minimally impaired or you require product information). After you describe your situation, the TAC Case Open Tool automatically recommends resources for an immediate solution. If your issue is not resolved using these recommendations, your case will be assigned to a Cisco TAC engineer.
For P1 or P2 cases (your production network is down or severely degraded) or if you do not have Internet access, contact Cisco TAC by telephone. Cisco TAC engineers are assigned immediately to P1 and P2 cases to help keep your business operations running smoothly.
To open a case by telephone, use one of the following numbers:
Asia-Pacific: +61 2 8446 7411 (Australia: 1 800 805 227)
EMEA: +32 2 704 55 55
USA: 1 800 553-2447
For a complete listing of Cisco TAC contacts, go to this URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
To ensure that all cases are reported in a standard format, Cisco has established case priority definitions.
Priority 1 (P1)—Your network is "down" or there is a critical impact to your business operations. You and Cisco will commit all necessary resources around the clock to resolve the situation.
Priority 2 (P2)—Operation of an existing network is severely degraded, or significant aspects of your business operation are negatively affected by inadequate performance of Cisco products. You and Cisco will commit full-time resources during normal business hours to resolve the situation.
Priority 3 (P3)—Operational performance of your network is impaired, but most business operations remain functional. You and Cisco will commit resources during normal business hours to restore service to satisfactory levels.
Priority 4 (P4)—You require information or assistance with Cisco product capabilities, installation, or configuration. There is little or no effect on your business operations.
Information about Cisco products, technologies, and network solutions is available from various online and printed sources.
http://www.cisco.com/en/US/products/products_catalog_links_launch.html
http://www.cisco.com/go/packet
http://www.cisco.com/go/iqmagazine
http://www.cisco.com/en/US/about/ac123/ac147/about_cisco_the_internet_protocol_journal.html
http://www.cisco.com/en/US/learning/index.html
Copyright © 2003 Cisco Systems, Inc. All rights reserved.
Printed in the USA on recycled paper containing 10% postconsumer waste.
Posted: Fri Nov 14 12:01:22 PST 2003
All contents are Copyright © 1992--2003 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.
