|
|
Table Of Contents
Configuration Workflows and Checklists
Non-Secure CableHome Provisioning Checklist
Configuration Workflows and Checklists
This chapter is divided into two major sections that define the processes to follow when configuring BACC components to support various technologies. These sections are:
Component Workflows
This section describes the workflows you must follow to configure each BACC component for the technologies supported by BACC. These configuration activities are performed before configuring BACC to support specific technologies. In some instances certain procedures may only be applicable to a lab or component installation. In these cases that appropriate indication is made.
The component workflows described in this section are arranged in a checklist format and include:
•
DPE Checklists including:
Note
RDU Checklist
Table 3-1 identifies the workflow to follow when configuring the RDU.
Table 3-1 RDU Workflow Checklist
1.
Configure the system syslog service for use with BACC.
Cisco Broadband Access Center for Cable Installation Guide.
Both
2.
Access the BACC administrative user interface.
"Accessing the BACC Administrators Graphical User Interface" section on page 8-1.
Both
3.
Change the admin password.
"Accessing the BACC Administrators Graphical User Interface" section on page 8-1.
Both
4.
Add the appropriate license keys.
Both
5.
Configure the RDU database backup procedure.
Component Only
6.
Configure the RDU SNMP agent.
"Using the snmpAgentCfgUtil.sh Command" section on page 12-46.
Component Only
Hardware DPE Checklist
You must perform the activities described in Table 3-2 after those described in Table 3-1, RDU Workflow Checklist.
Note
Table 3-2 Hardware DPE Configuration Checklist
1.
Change the passwords.
"password" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
2.
Configure the system syslog service for use with BACC.
Cisco Broadband Access Center for Cable Installation Guide.
Both
3.
Configure your IP address.*
"interface ethernet 0..1 ip address" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
4.
Configure the provisioning interface.*
"interface <0..1> provisioning enabled" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
5.
Configure the default hardware gateway.*
"ip default-gateway" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
6.
Configure the provisioning FQDN.
"Automatic FQDN Generation" section on page 10-35 for more information on enabling and configuring the auto generation of FQDNs.
Component Only
7.
Configure the BACC shared secret.*
"dpe shared-secret" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
8.
Configure the DPE to connect to the desired RDU.*
"dpe rdu-server (IP)" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
9.
Configure the network time protocol (NTP).
"ntp server (IP)" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
10.
Configure the primary provisioning group.*
"dpe provisioning-group primary" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
11.
Configure a hostname.*
"hostname" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
12.
Configure a domain name.*
"ip domain-name" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
13.
Configure a minimum of one name server.*
"ip name-server" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
14.
Configure the required routes to the other BACC components as well as to the devices in the network.
"ip route" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
15.
Configure the DPE SNMP agent.
SNMP Agent Commands section in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
16.
Verify that you are connected to RDU.
Component Only
Solaris DPE Checklist
You must perform the activities described in Table 3-3 after those described in Table 3-1, RDU Workflow Checklist.
Note
Note
Table 3-3 Solaris DPE Configuration Checklist
1.
Configure the system syslog service for use with BACC.
Cisco Broadband Access Center for Cable Installation Guide.
Both
2.
Change the passwords.
"password" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Both
3.
Configure the provisioning interface.*
"interface ethernet [intf0|intf1]" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
4.
Configure the provisioning FQDN.
"Automatic FQDN Generation" section on page 10-35 for more information on enabling and configuring the auto generation of FQDNs.
Component Only
5.
Configure the BACC shared secret.*
"dpe shared-secret" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
6.
Configure the DPE to connect to the desired RDU.*
"dpe rdu-server (IP)" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
7.
Configure the network time protocol (NTP).
See the Solaris documentation for configuration information.
Component Only
8.
Configure the primary provisioning group.*
"dpe provisioning-group primary" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
9.
Configure the required routes to the other BACC components as well as to the devices in the network.
"ip route" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
10.
Configure the DPE SNMP agent.
SNMP Agent Commands section in the Cisco Broadband Access Center for Cable Command Line Interface Reference.
Component Only
11.
Verify that you are connected to RDU.
Both
Network Registrar Checklist
You must perform the activities described in Table 3-4 after those described in either Table 3-2, Hardware DPE Configuration Checklist or Table 3-3, Solaris DPE Configuration Checklist.
Caution
Note
Technology Workflows
This section describes the activities that you must perform when configuring BACC to support specific technologies. These configuration activities are performed subsequent to configuring BACC components and may, in limited circumstances, apply only to a lab or component installation. In these cases that appropriate indication is made.
The technology workflows described in this section are arranged in a checklist format and include:
•
•
Note
DOCSIS Checklist
You must perform the activities described in the "Component Workflows" section, in addition to those described in Table 3-5 in order to successfully configure BACC for DOCSIS operation.
Perform the activities in this checklist in the order specified.
Table 3-5 DOCSIS Checklist
1.
Configure all provisioned DHCP criteria.
"Configuring DHCP Criteria" section on page 10-23 for more information.
2.
Configure provisioned classes of service.
Add all classes of service that may be used by any provisioned DOCSIS modem.
3.
Configure the promiscuous mode of operation.
1.
Configure client-classes/scope-selection- tags to match those added for the provisioned DOCSIS modem DHCP criteria.
Network Registrar User's Guide for more information about configuring client-classes and scope-selection-tags.
PacketCable Checklists
BACC supports three different variations of PacketCable. This section identifies the activities that must be performed for each, including:
Note
PacketCable
You must perform the PacketCable related activities described in Table 3-6 after those described in the "Component Workflows" section. The PacketCable checklist involves working with almost every BACC component.
Perform the activities in this checklist in the order specified.
Note
Note
Table 3-6 PacketCable Checklist
1.
Enable the autogeneration of MTA FQDNs.
"Automatic FQDN Generation" section on page 10-35 for more information on enabling and configuring the auto generation of FQDNs.
2.
Configure all provisioned DHCP criteria.
"Configuring DHCP Criteria" section on page 10-23 for more information.
3.
Configure all provisioned classes of service.
"Configuring the Class of Service" section on page 10-1 for more information.
4.
Configure an SNMPv3 cloning key.*
the "packetcable snmp key-material" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference and the Cisco Broadband Access Center for Cable Installation Guide.
Note
1.
Configure a KDC service key.*
the "packetcable registration kdc-service-key" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference and the Cisco Broadband Access Center for Cable Installation Guide.
2.
Configure a privacy policy.*
the "packetcable registration policy-privacy" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference and the Cisco Broadband Access Center for Cable Installation Guide.
3.
Configure an SNMPv3 cloning key.*
the "packetcable snmp key-material" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference and the Cisco Broadband Access Center for Cable Installation Guide.
Note
4.
Enable PacketCable.*
the "packetcable enable" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference and the Cisco Broadband Access Center for Cable Installation Guide.
5.
Configure the optional MTA file encryption.
the "packetcable registration encryption" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference and the Cisco Broadband Access Center for Cable Installation Guide.
1.
Obtain a KDC license from your Cisco representative and copy that file to the <BACC_HOME>/kdc directory.
2.
Configure a certificate chain.
"Using the PKCert.sh Tool to Manage KDC Certificates" section on page 12-41.
3.
Configure a service key pair for each DPE's provisioning FQDN.
4.
Configure service keys for the ticket-granting-ticket (TGT).
5.
Configure service keys for the Call Management Server.
6.
Configure network time protocol (NTP).
Solaris documentation for more information on configuring NTP for Solaris.
1.
Configure all necessary PacketCable voice technology properties.
"Using the changeNRProperties.sh Tool" section on page 12-43.
2.
Configure dynamic DNS for the MTA scopes.
Network Registrar User's Guide for more information on configuring dynamic DNS.
3.
Configure client-classes/scope-selection- tags that match those defined in the RDU.*
Network Registrar User's Guide for more information about configuring client-classes and scope-selection-tags.
1.
Configure dynamic DNS for each DHCP server.
Network Registrar User's Guide for more information on configuring dynamic DNS.
2.
Configure a zone for the KDC realm.
Network Registrar User's Guide for more information on configuring zones.
3.
Configure an SRV record for the KDC.
"Configuring the SRV Record in the Network Registrar DNS Server" section on page 10-34 and the Network Registrar User's Guide for more information on configuring SRV records.
4.
Configure records for the KDC and DPE provisioning interface names.
Network Registrar User's Guide for more information on configuring records.
Note
Non-Secure PacketCable
You must perform the PacketCable related activities described in Table 3-7 after those described in the "Component Workflows" section. The non-secure PacketCable checklist involves working with almost every BACC component.
Perform the activities in this checklist in the order specified.
Note
Note
Euro-PacketCable
You must perform the Euro-PacketCable related activities described in Table 3-8 after those described in the "Component Workflows" section. The Euro- PacketCable checklist involves working with almost every BACC component.
Perform the activities in this checklist in the order specified.
Note
Table 3-8 Euro-PacketCable Checklist
1.
Enable the autogeneration of MTA FQDNs.
"Automatic FQDN Generation" section on page 10-35 for more information on enabling and configuring the auto generation of FQDNs.
2.
Configure all provisioned DHCP criteria.
"Configuring DHCP Criteria" section on page 10-23 for more information.
3.
Configure all provisioned classes of service.
"Configuring the Class of Service" section on page 10-1 for more information.
4.
Configure an SNMPv3 cloning key.*
the "packetcable snmp key-material" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference and the Cisco Broadband Access Center for Cable Installation Guide.
Note
1.
Configure a KDC service key.*
the "packetcable registration kdc-service-key" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference and the Cisco Broadband Access Center for Cable Installation Guide.
2.
Configure a privacy policy.*
the "ipacketcable registration policy-privacy" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference and the Cisco Broadband Access Center for Cable Installation Guide.
3.
Configure an SNMPv3 cloning key.*
the "packetcable snmp key-material" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference and the Cisco Broadband Access Center for Cable Installation Guide.
Note
4.
Enable PacketCable.*
the "packetcable enable" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference and the Cisco Broadband Access Center for Cable Installation Guide.
5.
Configure the optional MTA file encryption.
the "packetcable registration encryption" command described in the Cisco Broadband Access Center for Cable Command Line Interface Reference and the Cisco Broadband Access Center for Cable Installation Guide.
1.
Obtain a KDC license from your Cisco representative and copy that file to the <BACC_HOME>/kdc directory.
2.
Configure a certificate chain using the -e switch in the PKCert.sh tool.
"Using the PKCert.sh Tool to Manage KDC Certificates" section on page 12-41.
3.
Configure a service key pair for each DPE's provisioning FQDN.
4.
Configure service keys for the ticket-granting-ticket (TGT).
5.
Configure service keys for the Call Management Server.
6.
Configure network time protocol (NTP).
Solaris documentation for more information on configuring NTP for Solaris.
1.
Configure all necessary PacketCable voice technology properties.
"Using the changeNRProperties.sh Tool" section on page 12-43.
2.
Configure dynamic DNS for the MTA scopes.
Network Registrar User's Guide for more information on configuring dynamic DNS.
3.
Configure client-classes/scope-selection- tags that match those defined in the RDU.*
Network Registrar User's Guide for more information about configuring client-classes and scope-selection-tags.
1.
Configure dynamic DNS for each DHCP server.
Network Registrar User's Guide for more information on configuring dynamic DNS.
2.
Configure a zone for the KDC realm.
Network Registrar User's Guide for more information on configuring zones.
3.
Configure an SRV record for the KDC.
"Configuring the SRV Record in the Network Registrar DNS Server" section on page 10-34 and the Network Registrar User's Guide for more information on configuring SRV records.
4.
Configure records for the KDC and DPE provisioning interface names.
Network Registrar User's Guide for more information on configuring records.
Note
Non-Secure CableHome Provisioning Checklist
You must perform the activities described in the "Component Workflows" section, in addition to those described in Table 3-9 to successfully configure BACC for non-secure CableHome provisioning operation.
Perform the activities in this checklist in the order specified.
Posted: Thu Feb 2 13:14:16 PST 2006
All contents are Copyright © 1992--2006 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.
