|
|
Cisco Carrier Sensitive Routing (CSR) Version 1.1 is designed to work with Cisco IOS Release 12.2(2)XU and future IOS releases.
This document contains information on installation of the CSR components that include the following:
For more information on postgreSQL, go to the following URL:
This site contains information on building PostgreSQL on other platforms.
This section contains requirements and conditions that should be met before installing the CSR components.
 |
Note If you do not have root access, you have to replace the /usr/local path occurrences with the path where postgres and csr files are installed during the CSR installation process. |
Estimated performance of some of the sample platforms are as follows.
|
Note These estimates characterize using a minimally configured production system where the Route Server is sized to operate at or below 60% of capacity. All non-Netra T1405 estimates were extrapolated from the characterization of a Netra T 1405 with 2CPUs. |
The above characteristics were measured or extrapolated from a Netra T1405 system provisioned with the following carrier selection rules and response characteristics.
As the complexity of any of the 4 characteristics doubles, the user should estimate a 30% decrease in the number of Route Requests serviced per second. There is no significant increase in performance if a less complex network than the one stated above is used. This profile is a representation of a minimal configuration.
The following tables describes the minimum required configurations for each supported platform.
*This configuration requires Veritas Volume Manager (purchase separately) as follows:
*This configuration requires Veritas Volume Manager (purchase separately) as follows:
| Configurations | Order Number (Sun) |
|---|---|
The installation media is a CD. The root directory of the CD contains the following files:
To begin installation, perform the following steps:
Step 2 Install and configure the PostgreSQL database. See Installing the postgreSQL Database .
Step 3 Install the CSR application. See Installing the CSR Application .
Step 4 Install the CSR GUI. See Installing the CSR GUI .
The following section describes:
In a UNIX environment, variables can be used to customize the behavior of certain applications. In C shell, all environment variables can be displayed by using the setenv command with no arguments.
|
Note In command examples in this document, when C shell is used, it is indicated by the csh prefix appears before the command prompt—%. When the Bourne shell is used, it is indicated by the sh prefix appears before the command prompt—%. |
For example, LPDEST variable can be set to the value per319 by entering the following command for C shell and Bourne shell respectively:
The value of the LPDEST variable can be displayed by entering the following command:
The path variable or PATH environment variable is a list of directories in which executable commands can be found. An executable command in a path can be executed by entering the name of the application instead of the full path. For example, axe instead of /usr/bin/X11/axe.
In C (csh) shells, the path can be changed either through the set path or setenv PATH commands. Changes are automatically propagated between the path and PATH variables. The set path command is recommended, as shown in the following examples:
In Bourne (sh) shells, the export command can be used, as shown in the following examples:
In some computer systems, the path contains numerous directories and it is difficult to set the path with a single command. The default ".cshrc" file for Sun` systems can set multiple paths and combines these paths into the desired path variable, as shown in the following example:
The current setting of the path variable can be displayed with either one of the following commands:
To install the postgreSQL database, perform the following steps:
Step 2 Create a UNIX account with the user name postgres.
The postgres processes run under the postgres username. This new account should be used in the following steps to create the postgres account.
|
Note The home directory created for the postgres user in this document is /users/postgres. You can any home directory as your choice. If you use another directory, the /users/postgres directory occurrences are replaced by the home directory that you select. |
A user can be created with one of the following methods:
The -d option specifies the home directory location for this user (Bourne shell). The -s option specifies the shell to be used by this user.
The passwd command creates a password for the new postgres user.
 |
Caution For security purposes, do not allow the postgres user access to the root/bin directory. |
Step 3 Create /usr/local/pgsql directory and assign ownership of this directory to postgres by entering the following commands:
|
Note Alternatively, postgres user can change to a directory where the user has write access. You can replace all occurrences of /usr/local/pgsql (including those in variables, paths and scripts) by the directory you select. |
Step 4 If you want to change the path, enter the following commands:
Step 5 Login to the Solaris system as the postgres user, then update the users profile by adding or modifying the following variables to allow the postgres user the execution of PostgreSQL.
|
Note For Bourne (sh) shell, add the ".profile" file by using the "variable=value" format: PGDATA=/usr/local/pgsql/data. For C (csh) shell, add the ".cshrc" file by using the setenv command: setenv PGDATA /usr/local/pgsql/data. |
Modify the following variables:
PATH=$PATH:/usr/local/pgsql/bin and PATH=$PATH:/etc/init.d
MANPATH=$MANPATH:/usr/local/pgsql/man
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pgsql/lib
Step 6 For Bourne shell, export all the variables with the export command as in the following example:
Step 7 For Bourne shell, read the ".$HOME/.profile" file into memory with the following command:
For C shell, read the ".cshrc" file into memory with the following command:
Step 8 Install the postgreSQL database.
|
Note The PostgreSQL database requires 4 MB of disk space in addition to the data to be inserted into the database. The database is installed in the /usr/local/pgsql directory. |
a. Login to the Solaris system as the postgres user.
b. Copy the installcd.tar file on the CD to your home directory using the cp command.
f. Untar the file to the correct location with the following command for C shell and Bourne shell respectively:
g. Remove the postgres.tar file from the home directory with the following command for C shell and Bourne shell respectively:
In the /usr/local/pgsql directory, the following directories are created by the installation.
To install and configure the PostgreSQL database, perform the following steps.
Step 2 At the UNIX prompt, initialize the database by entering the following command:
The file structure and default data for the postgreSQL database are created. A directory, data, is created in the /usr/local/pgsql directory. The data directory contains database files for user and database data.
Step 3 Add write access and permission to the owner of the postgreSQL security configuration file by entering the chmod command, as shown in the following example:
Step 4 Update the permissions in the database security file by adding the following in the /usr/local/pgsql/data/pg_hba.conf file.
To activate the postgreSQL database each time the system starts, update the init.d and rc2.d directories by performing the following steps:
Step 2 Copy the postgres_init file from /usr/local/pgsql to /etc/rc2.d/ to /etc/init.d/, with the following commands:
Step 3 Give the files above execution permissions with the following commands:
The steps above also enable the capabilities of starting, stopping and restarting the database.
To verify that the installation was successful, perform the following steps:
Step 2 Connect to database testdb by entering the following commands:
Step 3 At the postgres prompt, enter an SQL statement as follows:
The system returns data similar to the following:
Step 4 Exit psql by entering the following command:
Step 5 Remove database testdb by entering the following command:
|
Note If you have servers with console login, disable the Xwindow in .profile file. Otherwise, the database cannot be reloaded from a system reboot. |
To install the CSR application, perform the following steps:
Step 2 Create a ciscocsr UNIX account.
A ciscocsr user must be created in order to run the CSR processes. Users can be created using the admintool graphical tool by entering the following command at the system prompt:
Alternatively, users can be created by using useradd and passwd as follows:
Use this new user account in the following steps.
Step 3 Create the /usr/local/csr and /usr/local/csr/app directories by entering the following commands:
Step 4 Update the users profile by adding or modifying the following variables in the profile for the ciscocsr user.
Modify the following variables:
PATH=$PATH:/usr/local/pgsql/bin
MANPATH=$MANPATH:/usr/local/pgsql/man
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pgsql/lib
|
Note Check if your local java installation location is different from this location. If it is different, include the location in the PATH. See "Installing the CSR GUI" section . |
Step 5 For Bourne shell, export all variables with the export command; for example:
Step 6 Read the ".profile" file into memory by entering the following command:
Step 7 Install the CSR application. The CSR application requires 5 MB of disk space. The CSR is installed in the /usr/local/csr/app directory.
a. Login to the Sun/Solaris system as the ciscocsr user.
b. Copy the installcd.tar file on the CD to your home directory using the cp command.
e. Change the directory to the install directory /usr/local/csr/app by entering the following command:
This section describes how to configure the CSR application.
To activate the CSR each time the system starts, update the init.d and rc2.d directories after you logged in as root, and perform the following steps:
Step 2 Give the execution permissions to the files mentioned above by entering the following commands.
The postgreSQL database is currently empty. A schema must be created for the CSR application to allow a small set of data be placed in the database. This set of data is provided with the installation package.
|
Note When you create the db users, answer Yes to the questions that appear. These users are re-created in the security section of this document. |
To import data, perform the following steps:
Step 2 Create the db user for ciscocsr by entering the following command:
Step 3 Create the db user for the ciscogui by entering the following command:
Step 4 Change directories to the CSR application directory by entering the following command:
Step 5 Enter the PostgreSQL SQL interface as ciscocsr by entering the following command:
|
Note Database tables must be set up for the CSR application to start. |
To verify that the installation is successful, perform the following steps:
Check the /etc/syslog.conf file location, if it is different from /var/adm/messages. For more detail on syslog, see "Logging," or the online manual page for "syslog.conf".
Step 2 In another console window, login as the ciscocsr user.
Step 3 Activate the CSR application by entering the following command:
The CSR application is binding to the database csrdb.
Step 4 In the console window for monitoring the messages, verify that the message "CSR Started" appears.
You can enter the csr_init start command to start the application.
This section describes the CSR GUI installation. This installation requires .5 MB of disk space on the computer system, and should be installed in the /usr/local/csr/gui directory.
To use the GUI, JRE (Java2) must be installed on the Sun/Solaris system or the Windows NT system.
For example, to download java 2 Runtime environment version 1.3.0_02, performing the following steps:
a. Enter java.sun.com/j2se/1.3/jre/download-solaris.html at http:// prompt to access java.sun.com
b. Download j2re-1_3_1_02-solsparc.sh to your installation directory (for example, /usr/local directory)
c. Change directory to /usr/local with command: cd /usr/local
d. Click on j2re-1_3_1_02-solsparc.sh to execute this file. The java executable is in /usr/local/j2re1_3_1_02/bin directory.
e. Add java in your path in .profile file by entering the following command:
Step 2 Verify Java2 run time is available by entering the following command and observe the output.
If the resulting output does not contain "Java(TM) 2 Runtime Environment", the JRE is not Java2.
In the following examples, Example 1 is a Java2 JRE output, and Example 2 is a Non-Java2 JRE output.
|
Note The JAVA application should be entered in the PATH variable. See the "Installing the CSR Application" section . |
The following steps describe installation of the CSR GUI on a Sun/Solaris system:
Step 2 Extract the csrgui.tar.gz by entering the following command:
Step 3 Unzip the file by entering the following command:
Step 4 Create directory structure by entering the following command:
Step 5 Change directory to /usr/local/csr/gui by entering the following command:
Step 6 Untar the file by entering the following command:
Step 7 Remove the tar file from the home directory by entering the following command:
Step 8 Copy the UNIX version of the startup file to a new name by entering the following command:
Step 9 Change file attributes on the renamed startup file by entering the following command:
Step 10 Change the ownership of the installed files by entering the following command:
You can run the GUI from the location /usr/local/csr/gui/csrgui.
To install the CSR GUI on a Microsoft Windows NT system, perform the following steps:
Step 2 Unzip or untar the file to the desired location by using an application such as winzip.
Step 3 Remove the .tar file.
|
Note To run the GUI from the directory where the csrgui.bat file is installed, enter csrgui at the system prompt after installation. |
To verify that the installation was successful, perform the following steps:
Step 2 Enter the following information in the entry boxes on the screen:
Click Login. The CSR window appears.
Step 3 To exit the GUI, click Exit.
Step 2 Answer the questions by providing the following information:
Continue the login process as shown on the screen. The main window of the GUI appears.
Step 3 To exit the GUI, click Exit.
The recommended security configuration is as follows:
Following is an overview of the setup.
This user is fully protected. A password is required for remote access.
This user can access the database without a password from the local host system. Otherwise, the CSR application requires the password to be passed in as a parameter. This password is visible to any user with access to the /etc/init.d/ directory.
These users must have a password to access the database remotely or locally.
To add the postgres user password to ensure security in the database, perform the following steps:
Step 2 Set the password by entering the desired password in place of "password" by entering in the following command:
Step 3 Exit the application by entering the following command:
To remove and create ciscosr users, perform the following steps:
Step 2 Create the ciscocsr user (with password) by entering the following command:
Step 3 Enter the password for this user twice.
Step 4 Enter N to answer the following question:
Step 5 Enter N to answer the following question:
The postgres database can be accessed through the network. The /usr/local/pgsql/data/pg_hba.conf file must be modified to indicate the IP addresses for connection and password requirements.
Follow the instructions in this file to customize the security for your particular needs. The following line is required in the setting of CSR:
This allows the ciscocsr user local access to the csrdb database without a password.
To uninstall the CSR, perform the following steps. Root access must be available before you uninstall.
Step 2 Remove the CSR GUI by entering the following command:
Step 3 Remove the postgreSQL database by entering the following command:
The following sections explain how to obtain documentation from Cisco Systems.
You can access the most current Cisco documentation on the World Wide Web at the following URL:
Translated documentation is available at the following URL:
http://www.cisco.com/public/countries_languages.shtml
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which is shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.
Cisco documentation is available in the following ways:
http://www.cisco.com/cgi-bin/order/order_root.pl
http://www.cisco.com/go/subscription
If you are reading Cisco product documentation on Cisco.com, you can submit technical comments electronically. Click Leave Feedback at the bottom of the Cisco Documentation home page. After you complete the form, print it out and fax it to Cisco at 408 527-0730.
You can e-mail your comments to bug-doc@cisco.com.
To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:
Cisco Systems
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883
Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.
Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you to
You can self-register on Cisco.com to obtain customized information and service. To access Cisco.com, go to the following URL:
The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available through the Cisco TAC: the Cisco TAC Web Site and the Cisco TAC Escalation Center.
Inquiries to Cisco TAC are categorized according to the urgency of the issue:
Which Cisco TAC resource you choose is based on the priority of the problem and the conditions of service contracts, when applicable.
The Cisco TAC Web Site allows you to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to the following URL:
All customers, partners, and resellers who have a valid Cisco services contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to the following URL to register:
http://www.cisco.com/register/
If you cannot resolve your technical issues by using the Cisco TAC Web Site, and you are a Cisco.com registered user, you can open a case online by using the TAC Case Open tool at the following URL:
http://www.cisco.com/tac/caseopen
If you have Internet access, it is recommended that you open P3 and P4 cases through the Cisco TAC Web Site.
The Cisco TAC Escalation Center addresses issues that are classified as priority level 1 or priority level 2; these classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer will automatically open a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to the following URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled; for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). In addition, please have available your service agreement number and your product serial number.
This document is to be used in conjunction with the documents listed in the "Related Documentation and References" section.
Copyright © 2002, Cisco Systems, Inc.
All rights reserved.
Argentina · Australia · Austria · Belgium · Brazil · Bulgaria · Canada · Chile · China PRC · Colombia · Costa Rica Croatia · Czech Republic · Denmark · Dubai, UAE · Finland · France · Germany · Greece · Hong Kong SAR · Hungary · India · Indonesia · Ireland · Israel · Italy · Japan · Korea · Luxembourg · Malaysia · Mexico · The Netherlands · New Zealand · Norway · Peru · Philippines · Poland · Portugal · Puerto Rico · Romania · Russia · Saudi Arabia Scotland · Singapore · Slovakia · Slovenia · South Africa · Spain · Sweden · Switzerland · Taiwan · Thailand · Turkey Ukraine · United Kingdom · United States · Venezuela · Vietnam · Zimbabwe
AccessPath, AtmDirector, Browse with Me, CCIP, CCSI, CD-PAC, CiscoLink, the Cisco Powered Network logo, Cisco Systems Networking Academy, the Cisco Systems Networking Academy logo, Cisco Unity, Fast Step, Follow Me Browsing, FormShare, FrameShare, IGX, Internet Quotient, IP/VC, iQ Breakthrough, iQ Expertise, iQ FastTrack, the iQ Logo, iQ Net Readiness Scorecard, MGX, the Networkers logo, ScriptBuilder, ScriptShare, SMARTnet, TransPath, Voice LAN, Wavelength Router, and WebViewer are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, and Discover All That's Possible are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, FastHub, FastSwitch, GigaStack, IOS, IP/TV, LightStream, MICA, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing, RateMUX, Registrar, SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0110R)
Cisco Carrier Sensitive Routing Installation Guide
Copyright © 2002, Cisco Systems, Inc.
All rights reserved.
Posted: Sun Jan 19 07:22:11 PST 2003
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.
