Cisco CDA Visual Quality Experience Application User Guide, Release 3.0
Appendix D: Manual Initial VQE System Configuration
Download this chapter
Appendix D: Manual Initial VQE System ConfigurationAppendix D: Manual Initial VQE System Configuration
 Feedback

Table Of Contents

Manual Initial VQE System Configuration

Setting Up a Cisco CDE110 That Hosts VQE-S

Prerequisites for a Cisco CDE110 That Hosts VQE-S

Connecting Cables for VQE-S

Setting Up SSL Certificates for VQE-S

Configuring the Linux Operating System for VQE-S

Configuring Static Routes for VQE-S

Configuring Default ECMP Routes for CDE110 Ethernet Interfaces (VQE-S Host)

Configuring a Static Route for a Management Network (VQE-S Host)

Configuring Static Routes for Feedback Targets on the Attached Router

Configuring Ethernet Interfaces for VQE-S Traffic

Synchronizing the Time and Configuring Network Time Protocol

VQE STUN Server Is Enabled By Default

Configuring SNMP (Optional)

Ensuring That Only Trusted HTTPS Clients Can Push an SDP File

Starting VQE-S System Services and Verifying Status

Starting the VQE-S Processes and Verifying Status

Restarting the System and Verifying System and VQE-S Status

Setting Up a Cisco CDE110 That Hosts VQE Tools

Prerequisites for a Cisco CDE110 That Hosts VQE Tools

Connecting Cables

Setting Up SSL Certificates for VCPT

Configuring the Linux Operating System for VCPT and VQE Client Channel Configuration Delivery Server

Configuring a Static Route for a Management Network

Synchronizing the Time and Configuring Network Time Protocol

Configuring SNMP (Optional)

Starting VQE Tools System Services and Verifying Status

Starting the VCDS Service and Verifying VCDS and VCPT Status

Restarting the System and Verifying System, VCPT, and VCDS Status


Manual Initial VQE System Configuration

This appendix explains how to perform manual initial configuration on the two categories of CDE110 servers running the VQE software:

VQE-S server—CDE110 hosting VQE Server

VQE Tools server—CDE110 hosting VQE Channel Provisioning Tool (VCPT) and VQE Client Channel Configuration Delivery Server (VCDS)

In a VQE deployment, use of a VQE Tools server and VCPT is optional.

The alternative to manual configuration is to use the Cisco VQE Startup Configuration Utility. For information on using the utility, see the "Using the VQE Startup Configuration Utility" section on page 2-12.

Note Cisco recommends that you use the VQE Startup Configuration Utility rather than try to do the initial configuration manually because the utility simplifies your work and is known to produce correct results.

The manual initial configuration procedures are explained in these sections:

"Setting Up a Cisco CDE110 That Hosts VQE-S" section

"Setting Up a Cisco CDE110 That Hosts VQE Tools" section

Setting Up a Cisco CDE110 That Hosts VQE-S

This section explains how to perform the initial configuration tasks for a Cisco CDE110 hosting VQE-S.

When performed manually, the initial configuration tasks involve editing the /etc/opt/vqes/vcdb.conf file to configure the essential VCDB parameters. The use of the vcdb.conf file simplifies the configuration tasks. Because the VQE Configuration Tool automatically applies the VCDB values to the /etc configuration files on system reboot, mistakes in configuration file syntax are unlikely.

For information on manually editing the vcdb.conf file, see "Manually Editing the VCDB File" section on page 6-12.

Perform these initial configuration tasks in the order shown:

1. Prerequisites for a Cisco CDE110 That Hosts VQE-S

2. Configuring the Linux Operating System for VQE-S

3. Configuring Static Routes for VQE-S

4. Configuring Ethernet Interfaces for VQE-S Traffic

5. Synchronizing the Time and Configuring Network Time Protocol

6. VQE STUN Server Is Enabled By Default

7. Configuring SNMP (Optional)

8. Ensuring That Only Trusted HTTPS Clients Can Push an SDP File

9. Starting VQE-S System Services and Verifying Status

10. Starting the VQE-S Processes and Verifying Status

11. Restarting the System and Verifying System and VQE-S Status

Note The configuration instructions in this section are intended for new installations of Cisco VQE Release 3.0 software, where the Cisco CDE110 has the Cisco VQE Release 3.0 software preinstalled.

For information on upgrading an already configured Cisco CDE110 from Cisco VQE Release 2.1 to Release 3.0, see the Release Notes for Cisco CDA Visual Quality Experience, Release 3.0

For information on configuring VQE-S RTCP Exporter, see the "Configuring VQE-S RTCP Exporter" section on page 2-25.

Prerequisites for a Cisco CDE110 That Hosts VQE-S

This section explains tasks that should be performed before setting up a Cisco CDE110 that hosts VQE-S.

Connecting Cables for VQE-S

The following cable connections are used on the Cisco CDE110 that hosts VQE-S:

Category 5 UTP cable connects each of the four Ethernet interfaces on the back of the Cisco CDE110 to Ethernet interfaces on the edge router that is providing multicast streams for each IPTV channel. For optimal VQE-S performance, all four Ethernet interfaces on the Cisco CDE110 should have a direct Layer-3 connection to the edge router.

If a terminal server is used, the RJ-45 cable from the terminal server is connected to an RJ-45 serial port on the front or back of the Cisco CDE110. Only one serial port can be used because it is one shared serial port.

If a PC is directly connected to the CDE110 serial port, the cable from the PC is connected to an RJ-45 serial port on the front or back of the Cisco CDE110. Only one serial port (front or back) can be used because it is one shared serial port. The PC end of the cable connected to the CDE110 serial port varies depending on the type of ports supported by the PC.

Note The serial port is used for the system console. A system console is typically used rather than a monitor, keyboard, and mouse directly attached to the Cisco CDE110.

If a monitor, keyboard, and mouse are used, the cables for the devices are connected to the appropriate connectors on the Cisco CDE110.

For the location of connectors on the Cisco CDE110 front and back panels, see the Cisco Content Delivery Engine 110 Hardware Installation Guide.

Setting Up SSL Certificates for VQE-S

It is recommended that you deploy your own Secure Sockets Layer (SSL) certificates or commercial SSL certificates prior to beginning the tasks for setting up a Cisco CDE110 that hosts VQE-S. For information on setting up the certificates, see the "Setting Up SSL Certificates" section on page 2-4.

Configuring the Linux Operating System for VQE-S

This section explains the initial Linux configuration tasks needed for a Cisco CDE110 appliance that will run VQE-S software. The explanation assumes that the needed software for Linux and VQE-S has been pre-installed on the Cisco CDE110 appliance. For Red Hat Enterprise Linux 5.1 documentation, go to the following web site:

http://www.redhat.com/docs/manuals/enterprise/

For software configuration, the RJ-45 NIC (Ethernet) ports on the Cisco CDE110 back panel are specified as eth1, eth2, eth3, and eth4 as shown in Figure D-1.

Figure D-1 NIC Port Numbering for Software Configuration

Note On the back panel, the NIC ports labeled 1, 2, 3, and 4 are, respectively, for interfaces eth1, eth2, eth3, and eth4.

For the configuration examples in this section, Figure D-2 shows the IP addresses for interfaces eth1, eth2, eth3, and eth4 and the corresponding interfaces on the edge router.

Figure D-2 IP Addresses for VQE-S Configuration Examples

To configure the Linux operating system and other software for VQE-S, follow these steps:

Step 1 If needed, login as root. You must have root privileges to modify the vcdb.conf file.

Step 2 To create the password for the vqe username (a pre-created Linux user ID), issue the following command: 

[root@system]# passwd vqe

Enter a password that follows the password guidelines: 

A valid password should be a mix of upper and lower case letters,

digits, and other characters.  You can use an 8 character long

password with characters from at least 3 of these 4 classes, or

a 7 character long password containing characters from all the

classes.  An upper case letter that begins the password and a

digit that ends it do not count towards the number of character

classes used.


A passphrase should be of at least 3 words, 12 to 40 characters

long and contain enough different characters.

This username and password can be used to log in to Linux directly using SSH. The vqe username and password can also be used log in to the VQE-S Application Monitoring Tool.

Step 3 To configure CDE110 Ethernet interfaces eth1, eth2, eth3, and eth4, edit the /etc/opt/vqes/vcdb.conf file by adding to the file one or more network.ethx.addr parameters, where ethx is eth1, eth2, eth3, or eth4. Specify an IP address and prefix length for each interface. The following example shows four vcdb.conf lines for the four Ethernet interfaces: 

network.eth1.addr="10.2.9.2/24" 

network.eth2.addr="10.2.10.2/24"

network.eth3.addr="10.2.11.2/24"

network.eth4.addr="10.2.12.2/24"

Step 4 To configure the hostname for the CDE110 server, edit the /etc/opt/vqes/vcdb.conf file by adding to the file the system.global.hostname parameter and specifying a hostname. The following example specifies the hostname as starfire-iptv: 

system.global.hostname="starfire-iptv"

Step 5 To configure a DNS server, edit the /etc/opt/vqes/vcdb.conf file by adding the VCDB parameters for the IP address and optionally for the search domain of a DNS server and specifying the needed values:

system.dns.server="IP_address"

system.dns.search_domain="search_domain"

For example: 

system.dns.server="192.0.20.53."

system.dns.search_domain="domain.com"

Step 6 Save the vcdb.conf file.

Note VCDB configurations will be applied to the CDE110 when it is rebooted in "Restarting the System and Verifying System and VQE-S Status" section. You reboot once when all VCDB configuration tasks are completed.

After the VQE-S host is rebooted, you can verify that the eth1, eth2, eth3, and eth4 interfaces are configured correctly and up and running by issuing the following commands:

Use the ifconfig interface command to verify that each Ethernet interface is up and running and the IP address and netmask for each are set correctly. The following example is for eth1: 

[root@system]# ifconfig eth1 


eth1      Link encap:Ethernet  HWaddr 00:0E:0C:C6:F3:0F  

          inet addr:10.2.10.2  Bcast:10.2.10.255  Mask:255.255.255.0

          inet6 addr: fe80::20e:cff:fec6:f30f/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:3 errors:0 dropped:0 overruns:0 frame:0

          TX packets:36 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000 

          RX bytes:192 (192.0 b)  TX bytes:2700 (2.6 KiB)

          Base address:0x3000 Memory:b8800000-b8820000

Use the ip link show eth# command (where # is the Ethernet interface number) to check that the link is up. The following example is for eth1: 

[root@system]# ip link show eth1 


eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000

link/ether 00:0e:0c:c6:e4:fe brd ff:ff:ff:ff:ff:ff

Use the ping command to check that the Cisco CDE110 can reach the connected edge router. For example: 

[root@system]# ping 10.2.9.1

Configuring Static Routes for VQE-S

This section provides information on configuring static routes on the CDE110 that hosts VQE-S and on the directly attached router:

Configuring Default ECMP Routes for CDE110 Ethernet Interfaces (VQE-S Host)

Configuring a Static Route for a Management Network (VQE-S Host)

Configuring Static Routes for Feedback Targets on the Attached Router

For the configuration examples in this section, Figure D-3 shows the IP addresses for interfaces eth1, eth2, eth3, and eth4 and the corresponding interfaces on the edge router.

Figure D-3 IP Addresses for VQE-S Configuration Examples

Configuring Default ECMP Routes for CDE110 Ethernet Interfaces (VQE-S Host)

On the Cisco CDE110 that hosts VQE-S, multiple Ethernet interfaces are used for VQE-S traffic, including incoming multicast streams, outgoing Unicast Retransmissions and RCC unicast transmissions, and other VQE-S traffic. In addition, some VQE deployments may use one of the Ethernet ports as the interface to a management network.

If default route (gateway) is configured for each Ethernet interface that is available for VQE-S traffic, Equal Cost Multipath (ECMP) is used to load balance output traffic across all of the listed next hop interfaces.

Note A single default route should be configured for each interface used for VQE-S traffic. Otherwise, output load will not be balanced and some interfaces may be overloaded.

To configure a default gateway for multiple CDE110 Ethernet interfaces, follow these steps:

Step 1 If needed, log in as root. You must have root privileges to modify the vcdb.conf file.

Step 2 Edit the /etc/opt/vqes/vcdb.conf file by adding to the file one or more network.route.default_gateway parameters and specifying values for each of the parameters. The following example shows four vcdb.conf lines that add default gateways for the four CDE110 Ethernet interfaces. 

network.route.default_gateway="10.2.9.1" 

network.route.default_gateway="10.2.10.1" 

network.route.default_gateway="10.2.11.1" 

network.route.default_gateway="10.2.12.1"

In the preceding example, 10.2.9.1, 10.2.10.1, 10.2.11.1 , and 10.2.12.1 are the gateway (next hop) addresses on the router that is directly attached to the VQE-S host.

Note If one Ethernet interface is used for a management network, that interface should not be included in the set for which gateway router interfaces are specified.

Step 3 Save the vcdb.conf file.

Note VCDB configurations will be applied to the CDE110 when it is rebooted in "Restarting the System and Verifying System and VQE-S Status" section. You reboot once when all VCDB configuration tasks are completed.

After the VQE-S host is rebooted, you can verify that the default gateway routes are present in the routing table of the CDE110 by issuing the following command: 

[root@system]# ip route show

The output will be similar to the following: 

default

nexthop via 10.2.9.1 dev eth1 weight 1

nexthop via 10.2.10.1 dev eth2 weight 1

nexthop via 10.2.11.1 dev eth3 weight 1

nexthop via 10.2.12.1 dev eth4 weight 1

Configuring a Static Route for a Management Network (VQE-S Host)

If your deployment makes use of a management network, a static route for the management network can be configured using the VCDB parameter network.route.mgmt_route. The configuration example in this section assumes that one CDE110 Ethernet interface will be used to connect to the VQE network.

Note If you configure a static route for a management network as described in this section, see "Static Route for a Management Network Is Missing on CDE110 Hosting VQE-S or VQE Tools" section on page 5-7 for some additional information.

To configure a static route for a management network, follow these steps:

Step 1 If needed, log in as root. You must have root privileges to modify the vcdb.conf file.

Step 2 Edit the /etc/opt/vqes/vcdb.conf file by adding to the file a network.route.mgmt_route parameter and specifying the needed values using the following format:

network.route.mgmt_route="management-network-addr/prefix-length via gateway-addr "

The management-network-addr/prefix-length is the IP address and prefix length for the management network. The gateway-addr is the IP address of the router interface that is directly attached to the CDE110 Ethernet port that will be used for management network traffic.

For this example, assume the following:

CDE110 Ethernet interface eth1 (10.2.9.2) will be used for the management network.

The management network is 192.0.0.0/8.

The line in the vcdb.conf file is as follows: 

network.route.mgmt_route="192.0.0.0/8 via 10.2.9.1"

In the preceding example, 10.2.9.1 is the gateway-addr—the router interface that is directly attached to eth1. Figure D-3 shows the IP addresses used in this example for the eth1 interface and the directly attached router.

Step 3 Save the vcdb.conf file.

Note VCDB configurations will be applied to the CDE110 when it is rebooted in "Restarting the System and Verifying System and VQE-S Status" section. You reboot once when all VCDB configuration tasks are completed.

After the VQE-S host is rebooted, you can verify that the static route for the management network is present in the routing table by issuing the following command: 

[root@system]# ip route show

The output will be similar to the following: 

    192.0.0.0/8 via 10.2.9.1 dev eth1

default

nexthop via 10.2.10.1 dev eth2 weight 1

nexthop via 10.2.11.1 dev eth3 weight 1

nexthop via 10.2.12.1 dev eth4 weight 1

Configuring Static Routes for Feedback Targets on the Attached Router

When channels are configured with a channel-provisioning tool such as VQE Channel Provisioning Tool, it is required that you specify a unique Feedback Target (FBT) address for each channel. The router that is directly attached to the VQE-S host must have a static route configured for the FBT address so that the router can reach the target. If the FBT addresses are allocated within a contiguous address range, this configuration piece can be done with a single aggregated route.

For example, if the FBT addresses for the channels are assigned to be 8.86.1.1, 8.86.1.2, 8.86.1.3, ..., 8.86.1.250, then the single static route 8.86.1.0/24 configured on the directly attached router allows any of these FBT addresses to be reached. The commands on the router for the FBT addresses would be as follows: 

configure terminal 

ip route 8.86.1.0 255.255.255.0 10.2.9.2 

ip route 8.86.1.0 255.255.255.0 10.2.10.2 

ip route 8.86.1.0 255.255.255.0 10.2.11.2 

ip route 8.86.1.0 255.255.255.0 10.2.12.2

As shown in Figure D-3, the IP addresses 10.2.9.2, 10.2.10.2, 10.2.11.2, and 10.2.12.2 have been assigned to the Ethernet interfaces on the VQE-S host. These interfaces are used for Unicast Retransmission.

Configuring Ethernet Interfaces for VQE-S Traffic

On the VQE-S host, the vqe.vqes.vqe_interfaces parameter in the /etc/vqes/vcdb.conf file allows you to specify the Ethernet interfaces that will be available to Multicast Load Balancer (MLB) for incoming multicast streams and outgoing Unicast Retransmission and RCC traffic, and other non-management VQE-S traffic. You manually edit the vcdb.conf file and specify the Ethernet interfaces that will be used.

Note If the vqe.vqes.vqe_interfaces parameter is not specified in the vcdb.conf file, all four Ethernet interfaces are available for VQE-S traffic.

To configure the Ethernet interfaces for VQE-S traffic on the Cisco CDE110 that hosts VQE-S, follow these steps:

Step 1 If needed, log in as root. You must have root privileges to modify the vcdb.conf file.

Step 2 Edit the /etc/opt/vqes/vcdb.conf file. Add the vqe.vqes.vqe_interfaces parameter to the file and specify the CDE110 Ethernet interface names that will be used for MLB. For example: 

vqe.vqes.vqe_interfaces="eth2,eth3,eth4"

For the preceding example, assume that the implementation uses eth1 for management network traffic. Therefore, eth1 is not included in the set of interfaces that will be available to MLB.

For information on manually editing the vcdb.conf file, see the "Manually Editing the VCDB File" section on page 6-12.

Note If your deployment uses one Ethernet interface for a management network, be sure not to include that interface as one of the interfaces that will be available to Multicast Load Balancer.

Step 3 Save the vcdb.conf file.

Note VCDB configurations will be applied to the CDE110 when it is rebooted in "Restarting the System and Verifying System and VQE-S Status" section. You reboot once when all VCDB configuration tasks are completed.

Synchronizing the Time and Configuring Network Time Protocol

To keep system time correct and synchronized, we recommend that you use Network Time Protocol (NTP) on the VQE-S host. To synchronize the time and configure NTP, follow these steps:

Step 1 If needed, log in as root.

Step 2 To set the time zone, issue the tzselect command and follow the prompts: 

[root@system]# /usr/bin/tzselect

Step 3 To set the date and time, issue the date command as follows:

date -s "date_time_string"

For example: 

[root@system]# date -s "16:55:30 July 7, 2008"

Step 4 Edit the /etc/opt/vqes/vcdb.conf file by adding to the file one or more system.ntp.server parameters and specifying the IP address of an NTP server for each of the parameters. For example: 

system.ntp.server="10.2.26.2"

In the preceding example, the IP address of the NTP server is 10.2.26.2.

Step 5 Save the vcdb.conf file.

Note VCDB configurations will be applied to the CDE110 when it is rebooted in "Restarting the System and Verifying System and VQE-S Status" section. You reboot once when all VCDB configuration tasks are completed.

For information on starting the NTP service (ntpd daemon), see the "Starting VQE-S System Services and Verifying Status" section.

VQE STUN Server Is Enabled By Default

Starting with Cisco VQE Release 3.0, the VQE STUN Server is enabled by default. The STUN Server allows set-top boxes behind NAT devices to be supported by VQE-S. Unless you are sure that no set-top boxes being serviced by VQE-S are behind NAT devices, we recommend that you leave the STUN Server enabled.

Configuring SNMP (Optional)

The CDE110 that hosts VQE-S uses Net-SNMP, a third-party product, for SNMP support for some basic, non-VQE system services. Net-SNMP offers a set of built-in MIBs for Linux platforms. The use of Net-SNMP is optional. For more information on Net-SNMP support, see Appendix B, "Using Net-SNMP."

To configure SNMP on the Cisco CDE110 that hosts VQE-S, follow these steps:

Step 1 If needed, log in as root. You must have root privileges to modify the vcdb.conf file.

Step 2 Edit the /etc/opt/vqes/vcdb.conf file by adding the following VCDB parameters and specifying the needed values for each:

system.snmp.ro_community_string="community_string"

system.snmp.location="server_location"

system.snmp.contact="contact_person"

system_snmp_trap_listener="listener_IP_or_host_name"

For more information on the SNMP-related VCDB parameters, see Table A-6.

The following example shows the four vcdb.conf lines that specify the SNMP parameters: 

system.snmp.ro_community_string="XXYYZZ"

system.snmp.location="Building 6 San Francisco"

system.snmp.contact="Helen_Lee@company.com"

system_snmp_trap_listener="192.0.2.25"

Step 3 Save the vcdb.conf file.

Note VCDB configurations will be applied to the CDE110 when it is rebooted in "Restarting the System and Verifying System and VQE-S Status" section. You reboot once when all VCDB configuration tasks are completed.

Ensuring That Only Trusted HTTPS Clients Can Push an SDP File

In your IPTV deployment, VQE Channel Provisioning Tool (VCPT) or another channel-provisioning server sends channel information to the VQE Servers. It is recommended that you configure each CDE110 that hosts VQE-S so that only trusted HTTPS clients (the channel-provisioning servers) can send the channel information to the CDE110. For more information on VCPT and how it sends channel information, see the "VQE Channel Provisioning Tool and Channel Information" section on page 1-14.

To allow only traffic from trusted HTTPS clients on the CDE110 port used for HTTPS, follow these steps:

Step 1 If needed, log in as root. You must have root privileges to modify the vcdb.conf file.

Step 2 Edit the /etc/opt/vqes/vcdb.conf file by adding to the file one or more vqe.iptables.trusted_vcpt parameters and specifying the IP address of a trusted channel-provisioning server, such as VCPT. For example: 

vqe.iptables.trusted_vcpt="10.86.17.200"

In the preceding example, 10.86.17.200 is the IP address of a trusted channel-provisioning server.

Step 3 Save the vcdb.conf file.

Note VCDB configurations will be applied to the CDE110 when it is rebooted in "Restarting the System and Verifying System and VQE-S Status" section. You reboot once when all VCDB configuration tasks are completed.

Starting VQE-S System Services and Verifying Status

For the CDE110 that hosts VQE-S, Table D-1 lists the system services that you configure and start. Use of the SNMP and NTP services are optional depending on your deployment's requirements.

Table D-1 System Services for CDE110 That Hosts VQE-S

Service
Description

sshd

The Secure Shell daemon.

httpd

HyperText Transfer Protocol daemon (the Apache web server).

tomcat5

The Apache Tomcat application server.

snmpd

(Optional) The SNMP daemon.

snmpsa

(Optional) The SNMP subagent.

ntpd

(Optional) The NTP daemon.

check_daemons

A script that monitors httpd and tomcat processes and attempts to restart them if they fail. The script runs once a minute as a cron job owned by root.


To start the VQE-S system services and verify their status, follow these steps:

Step 1 If needed, log in as root on the CDE110 that hosts VQE-S.

Step 2 To configure the system services to be managed by chkconfig and started automatically at run levels 2, 3, 4, and 5, and to start the services, issue the following commands: 

[root@system]# chkconfig --add sshd 

[root@system]# chkconfig sshd on 

[root@system]# service sshd start 


[root@system]# chkconfig --add httpd 

[root@system]# chkconfig httpd on 

[root@system]# service httpd start 


[root@system]# chkconfig --add tomcat5 

[root@system]# chkconfig tomcat5 on 

[root@system]# service tomcat5 start

The following commands for SNMP, SNMP subagent, and NTP are optional depending on whether these services are used in your deployment: 

[root@system]# chkconfig --add snmpd 

[root@system]# chkconfig snmpd on 

[root@system]# service snmpd start 


[root@system]# chkconfig --add snmpsa 

[root@system]# chkconfig snmpsa on 

[root@system]# service snmpsa start 


[root@system]# chkconfig --add ntpd 

[root@system]# chkconfig ntpd on 

[root@system]# service ntpd start

Step 3 To configure the check_daemons script to run as a cron job under root, issue the following command: 

[root@system]# /usr/bin/check_daemons >> /var/spool/cron/root

Step 4 To verify the sshd run levels and that the service and process are running, issue the following commands: 

[root@system]# chkconfig --list | grep sshd 


sshd            0:off   1:off   2:on    3:on    4:on    5:on    6:off


[root@system]# service sshd status 


sshd (pid 2772) is running...


[root@system]# ps -ef | grep sshd 


root      2772     1  0 Jul23 ?        00:00:00 /usr/sbin/sshd

Step 5 To verify the httpd run levels and that the services and process are running, issue the following commands: 

[root@system]# chkconfig --list | grep httpd 


httpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off


[root@system]# service httpd status


httpd (2894) is running...


[root@system]# ps -ef | grep httpd 


apache     447  2894  0 Jul23 ?        00:00:00 /usr/sbin/httpd

root      2894     1  0 Jul02 ?        00:00:00 /usr/sbin/httpd

apache   30078  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30079  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30080  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30082  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30083  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30084  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30085  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30087  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

Step 6 To verify the tomcat5 run levels and that the service and process are running, issue the following commands: 

[root@system]# chkconfig --list | grep tomcat5 


tomcat5         0:off   1:off   2:on    3:on    4:on    5:on    6:off


[root@system]# service tomcat5 status 


Tomcat is running...


[root@system]# ps -ef | grep tomcat5 


root     19800     1  0 Jul23 ?        00:00:08 /usr/java/default/bin/java 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Djava.util.logging.config.file=/usr/share/tomcat5/conf/logging.properties 
-Djava.endorsed.dirs=/usr/share/tomcat5/common/endorsed -classpath 
:/usr/share/tomcat5/bin/bootstrap.jar:/usr/share/tomcat5/bin/commons-logging-api.jar 
-Dcatalina.base=/usr/share/tomcat5 -Dcatalina.home=/usr/share/tomcat5 
-Djava.io.tmpdir=/usr/share/tomcat5/temp org.apache.catalina.startup.Bootstrap start

Step 7 If you have configured and started the SNMP service, to verify the snmpd run levels and that the service and process are running, issue the following commands: 

[root@system]# chkconfig --list | grep snmpd 


snmpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off


[root@system]# service snmpd status


snmpd (pid 17654) is running... 


[root@system]# ps -ef | grep snmpd 


root     17654     1  0 Jul25 ?        00:09:24 /usr/sbin/snmpd -Lsd -Lf /dev/null -p 
/var/run/snmpd.pid -a

Step 8 If you have configured and started the SNMP subagent service, to verify the snmpsa run levels and that the service and process are running, issue the following commands: 

[root@system]# chkconfig --list | grep snmpsa 


snmpsa          0:off   1:off   2:on    3:on    4:on    5:on    6:off


[root@system]# service snmpsa status


The SNMP subagent is running.


[root@system]# ps -ef | grep snmpsa 


root     17678     1  0 Jul25 ttyS1    00:09:14 /usr/local/snmpsa/bin/smSubagent

Step 9 If you have configured and started the NTP service, to verify that the ntpd service and process are running, issue the following commands: 

[root@system]# chkconfig --list | grep ntpd


ntpd            0:off   1:off   2:on    3:on    4:on    5:on    6:off


[root@system]# service ntpd status


ntpd (pid 17219) is running...


[root@system]# ps -ef | grep ntpd


ntp      17219     1  0 Jul25 ?        00:00:06 ntpd -u ntp:ntp -p /var/run/ntpd.pid 
-g

Starting the VQE-S Processes and Verifying Status

To start the VQE-S service and processes and verify status, follow these steps:

Step 1 If needed, log in as root on the CDE110 that hosts VQE-S.

Step 2 To configure the VQE-S service to be managed by chkconfig and started automatically at run levels 2, 3, 4, and 5, and to start the service, issue the following commands: 

[root@system]# chkconfig --add vqes 

[root@system]# chkconfig vqes on 

[root@system]# service vqes start

Note System error messages are displayed indicating that the VQE-S processes are starting without a channel configuration file. This is normal behavior because a channel configuration file from the VQE Channel Provisioning Tool (VCPT) has not yet been sent to VQE-S. Creating and sending the file is done when the Cisco CDE110 that hosts VCPT is configured, and VCPT is used to create and send the file.

Step 3 To verify that the VQE-S service is running, issue the following command: 

[root@system]# service vqes status 


process_monitor (pid 15189) is running...

Step 4 To check that the VQE-S processes are running, issue the following commands: 

[root@system]# ps -ef | grep vqe 


root     15189     1  0 11:46 ttyS1    00:00:00 /opt/vqes/bin/process_monitor

vqes     15202 15189  0 11:46 ttyS1    00:00:00 stun_server --ss-uid 499 --ss-gid 499 
--xmlrpc-port 8054 --log-level 6

root     15226 15189 99 11:46 ttyS1    06:31:33 vqes_dp --group vqes --max-pkts 
1000000 --log-level 6 --rtp-inactivity-tmo 300 --max-core-bw 900000000 
--reserved-core-rcv-bw 350000000 --reserved-core-er-bw 200000000

vqes     15280 15189 28 11:46 ttyS1    00:35:04 vqes_cp --cp-uid 499 --cp-gid 499 
--xmlrpc-port 8051 --cfg /etc/opt/vqes/vqe_channels.cfg --er-cache-time 3000 
--rtp-hold-time 20 --max-channels 500 --max-clients 32000 --exporter-enable --vqm-host 
11.8.1.2 --vqm-port 8312 --client-er-tb-rate-ratio 5 --client-er-tb-depth 10000 
--log-level 6 --rcc-mode conservative --igmp-join-variability 100 --max-client-bw 0 
--max-idr-penalty 0 --rap-interval 2000 --excess-bw-fraction 20 
--rcc-burst-delay-to-send 10 --rtp-dscp 0 --rtcp-dscp 24 --overlap-loss 0 
--intf-output-allocation 75


[root@system]# ps -ef | grep mlb 


root     15206 15189  0 11:46 ttyS1    00:00:04 mlb --interface eth2 eth3 eth4 
--add-routes 0.0.0.0/0~10.2.15.1,0.0.0.0/0~10.2.16.1,0.0.0.0/0~10.2.17.1 --xmlrpc-port 
8052 --unicast-reservation 20 --poll-interval 1 --ssm --log-level 6

In the preceding output, the VQE-S processes to check for are as follows:

process_monitor—Process Monitor

stun_server—STUN Server

vqes_dp—Data Plane

vqes_cp—Control Plane

mlb—Multicast Load Balancer

Step 5 To use the VQE-S Application Monitoring Tool from a web browser, enter as the URL the IP address of the Cisco CDE110 that hosts VQE-S: 

https://ip_address_of_VQES_host

Log in using the vqe username and password. (Any valid Linux username and password can be used to log in to the VQE-S Application Monitoring Tool.)

If you click System in the left pane, the VQE-S Application Monitoring Tool displays information on the VQE-S processes. Figure 4-2 on page 4-4 shows an example.

Restarting the System and Verifying System and VQE-S Status

To restart the Cisco CDE110 and verify system and VQE-S status, follow these steps:

Note The output for the commands issued in this section has been omitted. For example output, see the previous sections in this chapter where the same commands were issued.

Step 1 If needed, log in as root on the CDE110 that hosts VQE-S.

Step 2 To restart the system, issue the following command: 

[root@system]# reboot

The operating system boots.

Note Syslog error messages are displayed indicating that the VQE-S processes are starting without a channel configuration file. This is normal behavior because a channel configuration file from the VQE Channel Provisioning Tool (VCPT) has not yet been sent to VQE-S. Creating and sending the file is done when the Cisco CDE110 that hosts VCPT is configured, and VCPT is used to create and send the file.

Step 3 Log in as root.

Step 4 To verify that interfaces eth1, eth2, eth3, and eth4 are up and running and the IP address and netmask for each are set correctly, issue the following command: 

[root@system]# ifconfig -a 


... Output omitted


Step 5 To check that the vqes service is running, issue the following command: 

[root@system]# service vqes status 


... Output omitted

Step 6 To check that the STUN Server process is running, issue the following command: 

[root@system]# ps -ef | grep stun 


... Output omitted

Step 7 To verify that the sshd service is running, issue the following command: 

[root@system]# service sshd status 


... Output omitted

Step 8 To verify that the httpd service is running, issue the following command: 

[root@system]# service httpd status 


... Output omitted


Step 9 To verify that the tomcat5 service is running, issue the following command: 

[root@system]# service tomcat5 status 


... Output omitted

Step 10 If you have configured SNMP, to verify that the snmpd service process is running, issue the following command: 

[root@system]# service snmpd status 


... Output omitted

Step 11 If you have configured SNMP, to verify that the snmpsa service is running, issue the following command: 

[root@system]# service snmpsa status 


... Output omitted

Step 12 If you have configured an NTP server, to verify that the ntpd service is running, issue the following command: 

[root@system]# service ntpd status 


... Output omitted

Step 13 Do one of the following:

If the preceding checks indicate that all is well, proceed to the "Setting Up a Cisco CDE110 That Hosts VQE Tools" section.

If one of the preceding checks fails, inspect the configuration of the item that failed and make any needed adjustments.

Setting Up a Cisco CDE110 That Hosts VQE Tools

This section explains how to perform the initial configuration tasks for a Cisco CDE110 hosting VQE Tools (VQE Channel Provisioning Tool [VCPT] and VQE Client Channel Configuration Delivery Server).

When performed manually, the initial configuration tasks involve editing the /etc/opt/vqes/vcdb.conf file to configure the essential VCDB parameters. The use of the vcdb.conf file simplifies the configuration tasks. Because the VQE Configuration Tool automatically applies the VCDB values to the /etc configuration files on system reboot, mistakes in configuration file syntax are unlikely.

For information on manually editing the vcdb.conf file, see the "Manually Editing the VCDB File" section on page 6-12.

Perform these initial configuration tasks in the order shown:

1. Prerequisites for a Cisco CDE110 That Hosts VQE Tools

2. Configuring the Linux Operating System for VCPT and VQE Client Channel Configuration Delivery Server

3. Configuring a Static Route for a Management Network

4. Synchronizing the Time and Configuring Network Time Protocol

5. Configuring SNMP (Optional)

6. Starting VQE Tools System Services and Verifying Status

7. Starting the VCDS Service and Verifying VCDS and VCPT Status

8. Restarting the System and Verifying System, VCPT, and VCDS Status

On the VQE Tools server, proper route configuration is needed for external access to the VQE Tools server. You can use the static management route explained in "Configuring a Static Route for a Management Network" section to configure this access.

Note The configuration instructions in this section are intended for new installations of Cisco VQE Release 3.0 software, where the Cisco CDE110 has the Cisco VQE Release 3.0 software preinstalled.

For information on upgrading an already configured Cisco CDE110 from Cisco VQE Release 2.1 to Release 3.0, see the Release Notes for Cisco CDA Visual Quality Experience, Release 3.0.

Prerequisites for a Cisco CDE110 That Hosts VQE Tools

This section explains tasks that should be performed before setting up a Cisco CDE110 that hosts VQE Tools.

Connecting Cables

The following cable connections are used on the Cisco CDE110 that hosts VQE Tools:

Note The configuration examples in this section assume that one CDE110 Ethernet interface will be used to connect to the VQE network.

Use Category 5 UTP cable to connect at least one of the four Ethernet interfaces on the back of the CDE110 to the same network that the CDE110s that host VQE-S are on. If you use additional Ethernet interfaces for link redundancy, connect Category 5 UTP cables for those interfaces also.

If a terminal server is used, the RJ-45 cable from the terminal server is connected to an RJ-45 serial port on the front or back of the Cisco CDE110. Only one serial port can be used because it is one shared serial port.

If a PC is directly connected to the CDE110 serial port, the cable from the PC is connected to an RJ-45 serial port on the front or back of the Cisco CDE110. Only one serial port (front or back) can be used because it is one shared serial port. The PC end of the cable connected to the CDE110 serial port varies depending on the type of ports supported by the PC.

Note The serial port is used for the system console. A system console is typically used rather than a monitor, keyboard, and mouse directly attached to the Cisco CDE110.

If a monitor, keyboard, and mouse are used, the cables for the devices are connected to the appropriate connectors on the Cisco CDE110.

For the location of connectors on the Cisco CDE110 front and back panels, see the Cisco Content Delivery Engine 110 Hardware Installation Guide.

Setting Up SSL Certificates for VCPT

It is recommended that you deploy your own or commercial Secure Sockets Layer (SSL) certificates prior to beginning the tasks for setting up a Cisco CDE110 that hosts VCPT. For information on setting up the certificates, see the "Setting Up SSL Certificates" section on page 2-4.

Configuring the Linux Operating System for VCPT and VQE Client Channel Configuration Delivery Server

This section explains the initial Linux configuration tasks needed for a Cisco CDE110 appliance that will run VCPT and VQE Client Channel Configuration Delivery Server software. The explanation assumes that the needed software for Linux, VCPT, and VQE Client Channel Configuration Delivery Server have been pre-installed on the Cisco CDE110 appliance. For Red Hat Linux 5.1 documentation, go to the following web site:

http://www.redhat.com/docs/manuals/enterprise/

For software configuration, the RJ-45 NIC (Ethernet) ports on the Cisco CDE110 back panel are specified as eth1, eth2, eth3, and eth4 as shown in Figure D-4.

Figure D-4 NIC Port Numbering for Software Configuration

Note On the back panel, the NIC ports labeled 1, 2, 3, and 4 are, respectively, for interfaces eth1, eth2, eth3, and eth4.

For the configuration examples in this section, Figure D-5 shows the IP addresses for interface eth1 and the corresponding interface on the edge router.

Figure D-5 IP Addresses for VQE Tools Configuration Examples

Note The configuration examples in this section assume that one CDE110 Ethernet interface (eth1) will be used to connect to the VQE network.

To configure the Linux operating system and other software for VCPT and VQE Client Channel Configuration Delivery Server (VCDS), follow these steps:

Step 1 If needed, login as root. You must have root privileges to modify the vcdb.conf file.

Step 2 To create the password for the vqe username (a pre-created Linux user ID), issue the following command: 

[root@system]# passwd vqe

Enter a password that follows the password guidelines: 

A valid password should be a mix of upper and lower case letters,

digits, and other characters.  You can use an 8 character long

password with characters from at least 3 of these 4 classes, or

a 7 character long password containing characters from all the

classes.  An upper case letter that begins the password and a

digit that ends it do not count towards the number of character

classes used.


A passphrase should be of at least 3 words, 12 to 40 characters

long and contain enough different characters.

This username and password can be used to log in to Linux directly using SSH. The vqe username and password can also be used log in to the VQE Channel Provisioning Tool.

Step 3 To configure CDE110 Ethernet interfaces eth1, eth2, eth3, and eth4, edit the /etc/opt/vqes/vcdb.conf file by adding to the file one or more network.ethx.addr parameters, where ethx is eth1, eth2, eth3, or eth4. Specify an IP address and prefix length for each interface. The following example shows one vcdb.conf line for the eth1 Ethernet interface: 

network.eth1.addr="10.2.15.2/24"

Step 4 To configure the hostname for the CDE110 server, edit the /etc/opt/vqes/vcdb.conf file by adding to the file the system.global.hostname parameter and specifying a hostname. The following example specifies the hostname as starfire1-iptv: 

system.global.hostname="starfire1-iptv"

Step 5 To configure a DNS server, edit the /etc/opt/vqes/vcdb.conf file by adding the VCDB parameters for the IP address and optionally for the search domain of a DNS server and specifying the needed values:

system.dns.server="IP_address"

system.dns.search_domain="search_domain"

For example: 

system.dns.server="192.0.20.53."

system.dns.search_domain="domain.com"

Step 6 Save the vcdb.conf file.

Note VCDB configurations will be applied to the CDE110 when it is rebooted in "Restarting the System and Verifying System, VCPT, and VCDS Status" section. You reboot once when all VCDB configuration tasks are completed.

After the VQE Tools host is rebooted, you can verify that the eth1 interface is configured correctly and up and running.

Use the ifconfig interface command to verify that the Ethernet interface is up and running and the IP address and netmask is set correctly. The following example is for eth1: 

[root@system]# ifconfig eth1 


eth1      Link encap:Ethernet  HWaddr 00:0E:0C:C6:F3:0F  

          inet addr:10.2.15.2  Bcast:10.2.15.255  Mask:255.255.255.0

          inet6 addr: fe80::20e:cff:fec6:f30f/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:3 errors:0 dropped:0 overruns:0 frame:0

          TX packets:36 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000 

          RX bytes:192 (192.0 b)  TX bytes:2700 (2.6 KiB)

          Base address:0x3000 Memory:b8800000-b8820000

Use the ip link show eth# command (where # is the Ethernet interface number) to check that the link is up. For example: 

[root@system]# ip link show eth1 


eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000

link/ether 00:0e:0c:c6:e4:fe brd ff:ff:ff:ff:ff:ff

Use the ping command to check that the Cisco CDE110 can reach the connected edge router. For example: 

[root@system]# ping 10.2.15.1

Configuring a Static Route for a Management Network

If your deployment makes use of a management network, a static route for the management network can be configured using the VCDB parameter network.route.mgmt_route. The configuration example in this section assumes that one CDE110 Ethernet interface (eth1) will be used to connect to the VQE network.

On the VQE Tools server, proper route configuration is needed for external access to the VQE Tools server. You can use the static management route to configure this access.

Note If you configure static route for a management network as described in this section, see "Static Route for a Management Network Is Missing on CDE110 Hosting VQE-S or VQE Tools" section on page 5-7 for some additional information.

To configure a static route for a management network, follow these steps:

Step 1 If needed, log in as root. You must have root privileges to modify the vcdb.conf file.

Step 2 Edit the /etc/opt/vqes/vcdb.conf file by adding to the file a network.route.mgmt_route parameter and specifying the needed values using the following format:

network.route.mgmt_route="management-network-addr/prefix-length via gateway-addr "

The management-network-addr/prefix-length is the IP address and prefix length for the management network. The gateway-addr is the IP address of the router interface that is directly attached to the CDE110 Ethernet port that will be used for management network traffic.

For this example, assume the following:

CDE110 Ethernet interface eth1 (10.2.15.2) will be used for the management network.

The management network is 192.0.0.0/8.

The line in the vcdb.conf file is as follows: 

network.route.mgmt_route="192.0.0.0/8 via 10.2.15.1"

In the preceding example, 10.2.15.1 is the gateway-addr—the router interface that is directly attached to eth1. Figure D-5 shows the IP addresses used in this example for the eth1 interface and the directly attached router.

Step 3 Save the vcdb.conf file.

Note VCDB configurations will be applied to the CDE110 when it is rebooted in "Restarting the System and Verifying System, VCPT, and VCDS Status" section. You reboot once when all VCDB configuration tasks are completed.

After the VQE Tools host is rebooted, you can verify that the static route for the management network is present in the routing table by issuing the following command: 

[root@system]# ip route show

The output will be similar to the following: 

    192.0.0.0/8 via 10.2.9.1 dev eth1

Synchronizing the Time and Configuring Network Time Protocol

To keep system time correct and synchronized, we recommend that you use Network Time Protocol (NTP) on the VQE Tools host. To synchronize the time and configure NTP, follow these steps:

Step 1 If needed, log in as root on the CDE110 that hosts VQE Tools.

Step 2 To set the time zone, issue the tzselect command and follow the prompts: 

[root@system]# /usr/bin/tzselect

Step 3 To set the date and time, issue the date command as follows:

date -s "date_time_string"

For example: 

[root@system]# date -s "16:55:30 July 7, 2008"

Step 4 Edit the /etc/opt/vqes/vcdb.conf file by adding to the file one or more system.ntp.server parameters and specifying the IP address of an NTP server for each of the parameters. For example: 

system.ntp.server="10.2.26.2"

In the preceding example, the IP address of the NTP server is 10.2.26.2.

Step 5 Save the vcdb.conf file.

Note VCDB configurations will be applied to the CDE110 when it is rebooted in "Restarting the System and Verifying System, VCPT, and VCDS Status" section. You reboot once when all VCDB configuration tasks are completed.

For information on starting the NTP service (ntpd daemon), see the "Starting VQE Tools System Services and Verifying Status" section.

Configuring SNMP (Optional)

The CDE110 that hosts VQE Tools uses Net-SNMP, a third-party product, for SNMP support for some basic, non-VQE system services. Net-SNMP offers a set of built-in MIBs for Linux platforms. The use of Net-SNMP is optional. For more information on Net-SNMP support, see Appendix B, "Using Net-SNMP."

To configure SNMP on the Cisco CDE110 that hosts VQE Tools, follow these steps:

Step 1 If needed, log in as root. You must have root privileges to modify the vcdb.conf file.

Step 2 Edit the /etc/opt/vqes/vcdb.conf file by adding the following VCDB parameters and specifying the needed values for each:

system.snmp.ro_community_string="community_string"

system.snmp.location="server_location"

system.snmp.contact="contact_person"

system_snmp_trap_listener="listener_IP_or_host_name"

For more information on the SNMP-related VCDB parameters, see Table A-6.

The following example shows the four vcdb.conf lines that specify the SNMP parameters: 

system.snmp.ro_community_string="XXYYZZ"

system.snmp.location="Building 6 San Francisco"

system.snmp.contact="Helen_Lee@company.com"

system_snmp_trap_listener="192.0.2.25"

Step 3 Save the vcdb.conf file.

Note VCDB configurations will be applied to the CDE110 when it is rebooted in "Restarting the System and Verifying System, VCPT, and VCDS Status" section. You reboot once when all VCDB configuration tasks are completed.

Starting VQE Tools System Services and Verifying Status

For the CDE110 that hosts VQE Tools, Table D-2 lists the system services that you configure and start. Use of the SNMP and NTP services are optional depending on your deployment's requirements.

Table D-2 System Services for CDE110 That Hosts VQE Tools

Service
Description

sshd

The Secure Shell daemon.

httpd

HyperText Transfer Protocol daemon (the Apache web server).

tomcat5

The Apache Tomcat application server.

snmpd

(Optional) The SNMP daemon.

snmpsa

(Optional) The SNMP subagent.

ntpd

(Optional) The NTP daemon.

check_daemons

A script that monitors httpd and tomcat processes and attempts to restart them if they fail. The script runs once a minute as a cron job owned by root.


To start the VQE Tools system services and verify their status, follow these steps:

Step 1 If needed, log in as root on the CDE110 that hosts VQE Tools.

Step 2 To configure the system services to be managed by chkconfig and started automatically at run levels 2, 3, 4, and 5, and to start the services, issue the following commands: 

[root@system]# chkconfig --add sshd 

[root@system]# chkconfig sshd on 

[root@system]# service sshd start 


[root@system]# chkconfig --add httpd 

[root@system]# chkconfig httpd on 

[root@system]# service httpd start 


[root@system]# chkconfig --add tomcat5 

[root@system]# chkconfig tomcat5 on 

[root@system]# service tomcat5 start

The following commands for SNMP and NTP are optional depending on whether these services are used in your deployment: 

[root@system]# chkconfig --add snmpd 

[root@system]# chkconfig snmpd on 

[root@system]# service snmpd start 


[root@system]# chkconfig --add snmpsa 

[root@system]# chkconfig snmpsa on 

[root@system]# service snmpsa start 


[root@system]# chkconfig --add ntpd 

[root@system]# chkconfig ntpd on 

[root@system]# service ntpd start

Step 3 To configure the check_daemons script to run as a cron job under root, issue the following command: 

[root@system]# /usr/bin/check_daemons >> /var/spool/cron/root

Step 4 To verify the sshd run levels and that the service and process are running, issue the following commands: 

[root@system]# chkconfig --list | grep sshd 


sshd            0:off   1:off   2:on    3:on    4:on    5:on    6:off


[root@system]# service sshd status 


sshd (pid 2772) is running...


[root@system]# ps -ef | grep sshd 


root      2772     1  0 Jul23 ?        00:00:00 /usr/sbin/sshd

Step 5 To verify the httpd run levels and that the service and process are running, issue the following commands: 

[root@system]# chkconfig --list | grep httpd 


httpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off


[root@system]# service httpd status


httpd (2894) is running...


[root@system]# ps -ef | grep httpd 


apache     447  2894  0 Jul23 ?        00:00:00 /usr/sbin/httpd

root      2894     1  0 Jul02 ?        00:00:00 /usr/sbin/httpd

apache   30078  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30079  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30080  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30082  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30083  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30084  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30085  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

apache   30087  2894  0 Jul19 ?        00:00:00 /usr/sbin/httpd

Step 6 To verify the tomcat5 run levels and that the service and process are running, issue the following commands: 

[root@system]# chkconfig --list | grep tomcat5 


tomcat5         0:off   1:off   2:on    3:on    4:on    5:on    6:off


[root@system]# service tomcat5 status 


Tomcat is running...


[root@system]# ps -ef | grep tomcat5 


root     19800     1  0 Jul23 ?        00:00:08 /usr/java/default/bin/java 
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager 
-Djava.util.logging.config.file=/usr/share/tomcat5/conf/logging.properties 
-Djava.endorsed.dirs=/usr/share/tomcat5/common/endorsed -classpath 
:/usr/share/tomcat5/bin/bootstrap.jar:/usr/share/tomcat5/bin/commons-logging-api.jar 
-Dcatalina.base=/usr/share/tomcat5 -Dcatalina.home=/usr/share/tomcat5 
-Djava.io.tmpdir=/usr/share/tomcat5/temp org.apache.catalina.startup.Bootstrap start

Step 7 If you have configured and started the SNMP daemon, to verify the snmpd run levels and that the service and process are running, issue the following commands: 

[root@system]# chkconfig --list | grep snmpd 


snmpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off


[root@system]# service snmpd status


snmpd (pid 17654) is running... 


[root@system]# ps -ef | grep snmpd 


root     17654     1  0 Jul25 ?        00:09:24 /usr/sbin/snmpd -Lsd -Lf /dev/null -p 
/var/run/snmpd.pid -a

Step 8 If you have configured and started the SNMP subagent, to verify the snmpsa run levels and that the service and process are running, issue the following commands: 

[root@system]# chkconfig --list | grep snmpsa 


snmpsa          0:off   1:off   2:on    3:on    4:on    5:on    6:off


[root@system]# service snmpsa status


The SNMP subagent is running.


[root@system]# ps -ef | grep snmpsa 


root     17678     1  0 Jul25 ttyS1    00:09:14 /usr/local/snmpsa/bin/smSubagent

Step 9 If you have configured and started the NTP service, to verify run levels and that the ntpd service and process are running, issue the following commands: 

[root@system]# chkconfig --list | grep ntpd


ntpd            0:off   1:off   2:on    3:on    4:on    5:on    6:off


[root@system]# service ntpd status


ntpd (pid 17219) is running...


[root@system]# ps -ef | grep ntpd


ntp      17219     1  0 Jul25 ?        00:00:06 ntpd -u ntp:ntp -p /var/run/ntpd.pid 
-g

Starting the VCDS Service and Verifying VCDS and VCPT Status

This section explains how to start the VQE Client Channel Configuration Delivery Server (VCDS) service and verify that the process is running and that VCPT is available.

Note VCPT is a web application and has no dedicated processes associated with it. The processes needed for the VCPT web application to work (for example, the web server) are started automatically when the Cisco CDE110 is started.

To start the VCDS service and verify VCDS and VCPT status, follow these steps:

Step 1 If needed, log in as root on the CDE110 that hosts VQE Tools.

Step 2 To configure the VCDS service to be managed by chkconfig and started automatically at run levels 2, 3, 4, and 5, and to start the service, issue the following commands: 

[root@system]# chkconfig --add vcds 

[root@system]# chkconfig vcds on 

[root@system]# service vcds start

Step 3 To verify that the VCDS service is running, issue the following command: 

[root@system]# service vcds status 


VQECCfgDeliveryServer (pid 29860) is running...

Step 4 To check that the VCDS process (VQECCfgDeliveryServer) is running, issue the following command: 

[root@system]# ps -ef | grep VQECCfg 


root     29860     1  0 Jul25 ?        00:00:00 /opt/vqes/bin/VQECCfgDeliveryServer -d 
-f /etc/opt/vqes/VCDServer.cfg

Step 5 To verify that VCPT is accessible from a web browser, enter as the URL the IP address of the Cisco CDE110 that hosts VCPT: 

https://ip_address_of_VCPT_host

Log in using the vqe username and password. (Any valid Linux username and password can be used to log in to VCPT.)

If you are able to log in successfully, VCPT is running correctly.

Restarting the System and Verifying System, VCPT, and VCDS Status

To restart the Cisco CDE110 and verify system, VCPT, and VQE Client Channel Configuration Delivery Server (VCDS) status, follow these steps:

Note The output for the commands issued in this section has been omitted. For example output, see the previous sections in this chapter where the same commands were issued.

Step 1 If needed, log in as root on the CDE110 that hosts VQE Tools.

Step 2 To restart the system, issue the following command: 

[root@system]# reboot

The operating system boots.

Step 3 To verify that interface eth1 is up and running and the IP address and netmask is set correctly, issue the following command: 

[root@system]# ifconfig -a 


... Output omitted

Step 4 To verify that the sshd service is running, issue the following command: 

[root@system]# service sshd status 


... Output omitted

Step 5 To verify that the httpd service is running, issue the following command: 

[root@system]# service httpd status 


... Output omitted

Step 6 To verify that the tomcat5 service is running, issue the following command: 

[root@system]# service tomcat5 status 


... Output omitted

Step 7 If you have configured SNMP, to verify that the snmpd service is running, issue the following command: 

[root@system]# service snmpd status 


... Output omitted

Step 8 If you have configured SNMP, to verify that the snmpsa service is running, issue the following command: 

[root@system]# service snmpsa status 


... Output omitted

Step 9 If you have configured an NTP server, to verify that the ntpd service is running, issue the following command: 

[root@system]# service ntpd status 


... Output omitted

Step 10 To check that the vcds service is running, issue the following command: 

[root@system]# service vcds status 


... Output omitted

Step 11 To verify that VCPT is accessible from a web browser, enter as the URL the IP address of the Cisco CDE110 that hosts VCPT: 

https://ip_address_of_VCPT_host

Log in with a Linux username and password.

If you are able to log in successfully, VCPT is running correctly.

Step 12 Do one of the following:

If the preceding checks indicate that all is well, you are ready to start using VCPT. For information, see Chapter 3, "Using the VQE Channel Provisioning Tool."

If one of the preceding checks fails, inspect the configuration of the item that failed and make any needed adjustments.