|
|
This chapter explains how to administer and control your servers' operations through Network Registrar's graphical user interface (GUI), ntwkreg, and the command line interface (CLI), nrcmd.
Table 3-1 lists the major Network Registrar server administration tasks and the sections where you can find procedural information about how to accomplish those tasks.
| If you want to... | Go to this section... |
|---|---|
Add, remove, connect to, or disconnect from a cluster, or view a cluster's state | |
Add an administrator, create or change an administrator's password, or exit Network Registrar | |
Start, stop, or reload the servers | |
Monitor server status, the health of a particular server, display server statistics for a single server, or display related servers | |
Configure servers for backup or recover backup data | |
Set and view the debug logging options |
For more basic information about the Network Registrar's user interfaces, see the "Network Registrar User Interfaces" chapter in this guide.
Step 1 From the Admin menu, select Clusters (Figure 2-2).
Step 2 In the Clusters dialog box, click Add Cluster. The Add Cluster dialog box appears (Figure 3-1).
Step 3 In the Add Cluster dialog box, enter the cluster name.
The cluster name is either "localhost" or the host DNS name on the machine on which Network Registrar is installed.
If you want to connect the cluster at this time, select the Connect to this cluster check box.
Step 4 Click OK.
Step 1 From the Admin menu, select Clusters (Figure 2-2).
Step 2 In the Clusters dialog box, select the cluster you want to remove.
Step 3 Click Remove.
Step 4 Click Yes in the Network Registrar dialog box.
Step 5 Click Close to exit the Clusters dialog box.
After you have added a cluster to Network Registrar, you must connect before you can configure or administer the cluster.
If you try to connect to a cluster that is being used by someone else, Network Registrar warns you that the cluster is locked and tells you who is holding the lock. The format of the warning message is:
username@machine-name.process-id-number
If someone else is using the cluster, then disconnect. If you want to connect to a locked cluster, then contact the person who is currently connected and request that he or she disconnect.
You can override the lock, but you should do so only if you know that no one else is editing the cluster, for example, if the other system had crashed while the cluster was connected.
Step 1 From the Admin menu, select Clusters (Figure 2-2).
Step 2 In the Clusters dialog box, select the cluster you want to connect.
Step 3 Click Connect.
Step 4 Click Close.
Use the nrcmd -C switch to connect to a cluster. For example, to connect to the mycluster cluster, type the following from a command line prompt:
C:\Program Files\Network Registrar> nrcmd -C mycluster
When you disconnect from a cluster it can no longer be configured or administered from that workstation. Another user can then administer the connection.
Step 1 From the Admin menu, select Clusters (Figure 2-2).
Step 2 In the Clusters dialog box, select the cluster you want to disconnect.
Step 3 Click Disconnect.
Step 4 Click Close to exit the Clusters dialog box.
Use the exit command at the nrcmd prompt to disconnect from a cluster.
nrcmd> exit
To see whether a cluster is connected or not, you can view its state.
Step 1 From the Admin menu, select Clusters (Figure 2-2).
Network Registrar displays the cluster's state.
Step 2 Click Close.
The CLI is always connected to one cluster if it is successfully invoked. Use the getHealth command to return a number that indicates the condition of the server. For example, 10 represents normal operation and 1 indicates that the server has stopped.
nrcmd> server DHCP getHealth
From the Admin command level (GUI) or using the CLI admin command, you can add administrators, change passwords, and configure administrators for the cluster.
Step 1 From the Admin menu, select Add Administrator (Figure 2-2).
Step 2 Enter the administrator's username.
You can choose any string for the administrator's name.
Step 3 Enter the administrator's password.
Step 4 Enter the password a second time.
Step 5 Select the clusters the administrator can access.
Step 6 Click Add.
Use the admin create command to create an administrator and associated password. For example, to create the administrator bob with the password of xyz, type:
nrcmd> admin bob create password=xyz
If you want to enter a password and not have Network Registrar display the password on your screen, create an administrator and do not supply a password. Then use the enterPassword command to enter a password and prevent Network Registrar from echoing it on the screen. Network Registrar prompts you to verify the password before it accepts it.
Use the admin enterPassword command to associate a password with an administrator. For example, to cause nrcmd to prompt you for a password for administrator bob, type:
nrcmd> admin bob enterPassword
Step 1 From the Admin menu, select Change Administrator Password (Figure 2-2).
Step 2 Enter the administrator's username.
Step 3 Enter the administrator's current password.
Step 4 Enter the administrator's new password.
Step 5 Enter the new password a second time.
Step 6 Select the cluster the administrator can access.
Step 7 Click OK.
nrcmd> admin bob set password=abc
 | Caution It is possible to lock an administrator out of Network Registrar by logging in as that administrator and setting the password for another administrator without confirming the previous password. This procedure effectively prevents the first administrator from logging in. |
Use the admin list command to list all administrator in Network Regisrar.
nrcmd> admin list
Exiting the Network Registrar user interface does not affect your network servers' or your hosts' ability to request leases or access the Internet.
Step 1 From the Admin menu, select Exit (Figure 2-2).
If you have not saved configuration changes, Network Registrar prompts you to save changes.
To exit Network Registrar's CLI, use the exit command. Network Registrar writes all your unsaved changes to the database. If Network Registrar is unable to save your changes, it displays the same error code as if you had used the save command.
Use the exit command to quit Network Registrar's command line interface when you are in interactive mode.
nrcmd> exit
Network Registrar administration for controlling includes:
Step 1 From the Server Manager window (Figure 2-2), select the server you want to start.
Step 2 From the Servers menu, select Start.
You will see a red star on the server in the tree control if you make a change to the server.
Step 3 Click OK.
nrcmd> server DNS start
Step 1 From the Server Manager window (Figure 2-2), select the server you want to stop.
Step 2 From the Servers menu, select Stop.
Step 3 Click OK.
Use the server stop command to stop the specified server. For example, to stop Network Registrar's DHCP server, type:
nrcmd> server DHCP stop
When you reload the server, Network Registrar performs several steps: it stop the server you have selected, updates the database with the new configuration information, and restarts the server. Only after you issue the reload command does the server use your changes to the configuration.
Step 1 From the Server Manager window (Figure 2-3), select the server you want to reload.
Step 2 From the Servers menu, select Reload.
Step 3 Click OK.
Use the server reload command to reload the specified server. For example, to reload Network Registrar's DHCP server, type:
nrcmd> server DHCP reload
Network Registrar stops the server you have selected, updates the database with the new configuration information, and restarts the server.
When you start Network Registrar, it automatically starts logging system activity. Network Registrar maintains all the logs in the Program Files\Network Registrar\logs (Windows NT) or /var/nwreg2/logs (UNIX) directory. If you would like to view the contents of these logs while the Network Registrar servers are running, issue the command tail -f (Solaris), or view the files through the Web browser (Windows NT).
 | Caution o avoid filling up the Windows NT event log, change the Log Settings to Overwrite Events as Needed. If you do not make this change, you might fill up your disk with log messages and thus prevent Network Registrar from running. |
This section describes the types of logs that Network Registrar keeps and explains how to set and view the debug logging options.
The format for the log entries are the following categories:
Table 3-2 shows all the Network Registrar log files.
| Component | File Name | Description |
|---|---|---|
Contains information about when the servers have been started and stopped. | ||
Contains GUI messages and only logs activity on the server PC not from the remote GUI. | ||
Contains the management system configuration and start, stop, and GUI login. | ||
DHCP server | Contains server state, new leases, and lease renewal. | |
DNS server | Contains server state, DDNS updates, and zone transfers. |
Each component has a number of log files, each with a maximum size of 1 MB. The first log file is created without a suffix extension. When that file reaches 1 MB in size, Network Registrar renames it to xx_log_01 and begins filling up the current log. When the current log file reaches 1 MB, it renames the current to _01 and _01 to _02, etc.
The DNS server can have a maximum of three log files. By default, the DHCP server can have a maximum of four log files of one MB each.
You can set the debug settings for the Network Registrar DNS and the DHCP servers.
You can set the debug level from 1 to 4 for the Network Registrar DNS server and from 1 to 9 for the Network Registrar DHCP servers, with the higher levels giving you more extensive logging.
You can use Mlog to add the debug messages to the existing logs.
The Debug settings button lets you collect debug information about the DNS server. You should only need to set debug settings if you have been instructed by Technical Support.
Step 1 From the Server Manager (Figure 2-3), select the server for which you want to set debug options.
Step 2 Click the Show Properties toolbar button.
Step 3 Click the Advanced tab on the Show Properties dialog box (Figure 2-7).
Step 4 Click Debug settings.
Step 5 From the Debug Settings dialog box, click Enable Debug.
Step 6 Type in the category as supplied by Technical Support.
Step 7 Check MLOG, which sends the output to the Network Registrar's files.
Step 8 Click OK.
You can use the server setDebug and server unsetDebug commands to set or unset the debugging level.
Use the server setdebug command to specify the debugging level. For example, to set the DNS debugging level to 5, type:
nrcmd> server DNS setDebug D=5
To disable debugging, use the server unsetDebug command.
You can monitor the state of your Network Registrar servers by displaying or reporting aspects of a specified server's health. The following items can decrement the health of the servers so you should monitor their status periodically:
Perform these steps to view server status.
The Server Status Monitor window (Figure 3-2) is a window in which you can place server icons to monitor their state. The icons change to reflect the server's current state. The traffic lights indicate the state of the server: started is green and stopped is red.
The bar to the right of the traffic light shows the health of the server, that is, it indicates how well the server is running. The health is a combination of servers' resources and network balance
Step 1 From the Server Manager window (Figure 2-3), select the server you want to add.
Step 2 From the Servers menu, select Add to Status Monitor, or, from Windows 95 or Windows NT, drag the server icon to the Server Status Monitor window (Figure 3-2).
Perform these steps to remove servers from the Server Status Monitor.
Step 1 In the Server Status Monitor window (Figure 3-2), select the server you want to remove.
Step 2 Use the right mouse button (right-click) to select Remove.
You can display the health of a server, that is, whether it is running or stopped.
nrcmd> server DHCP getHealth
Perform these steps to display server statistics.
Step 1 From the Server Manager window (Figure 2-3), select the server whose statistics you want to view.
Step 2 From the Servers menu, select Show Statistics.
Network Registrar displays the Statistics window.
nrcmd> server DHCP getStats
The Network Registrar Web GUI lets you login to your Network Registrar servers and run the Server status report. The Server satus report displays the status of the specified server. It indicates whether the server is running or stopped.
For information about how to run the Server status report, see "Running the Server Status Report" section.
Perform these steps to display IP address usage.
nrcmd> report file myreportfile
You can use the Web GUI to display the server's address usage. The Web GUI lets you login to your Network Registrar servers and run a Address usage report. The Address usage report displays the IP address usage for all of the servers or just some of the servers in your network.
For information about how to run the Address usage report, see "Running the Address Usage Report" section.
Network Registrar displays a report that contains the following information:
Step 1 From the Server Manager window (Figure 2-3), select the DHCP server.
Step 2 From the Servers menu, select Show related servers.
Network Registrar refreshes this document window every 10 seconds. If you want more current information, click Refresh.
nrcmd> server DHCP getRelatedServers
You can use the Web GUI to display the server's related servers. The Web GUI lets you login to your Network Registrar servers and run a Related servers report. The Related servers report displays the IP address usage for all of the servers or just some of the servers in your network.
For information about how to run the Related servers report, see "Running the Related Servers Report" section.
After you have established a scope, you can monitor lease activity and view lease attributes using either the Leases tab in the GUI or the CLI lease list command.
Step 1 From the Server Manager window (Figure 2-3), select the scope whose leases you want to view.
Step 2 From the DHCP Scope properties dialog box, click the Leases tab.
Step 3 Select the lease that you want to view.
Step 4 Click Lease Properties. The properties of the lease you selected displays.
Use the lease list command from the DOS prompt to view the properties of a particular lease. For example:
C:\Program Files\Network Register> nrcmd -C <cluster> -N <user> -P <password> lease list > <filename.txt>
You can use the Web GUI to display the server's lease status. In addition, the Web GUI lets you login to your Network Registrar servers and run a Lease status report. The Lease status report displays the status of leases, whether they are available, reserved, and if reserved, the associated MAC addresss.
For information about how to run the Lease status report, see "Running the Lease Status Report" section.
To ensure a consistent snapshot of the Network Registrar database, Network Registrar provides a shadow backup facility. Because the Network Registrar database (called MCD) does a variety of memory caching and may be active at any time, you cannot rely on doing system backups to protect the data in the database. At the time you run a system backup, there may be Network Registrar operations in progress that cause the data copied to the system backup tape to be inconsistent, and unusable as a replacement database.
| Caution If you are using Windows NT, make sure you backup the files only in the db.bak directory. Otherwise, you might cause your server to crash. |
The only configuration for this facility is through a single entry in the system Registry.
HKEY_LOCAL_MACHINE/SOFTWARE/American Internet/NetworkRegistrar/2.0/DBShadowTime/opt/nwreg2/conf/aic.confThis entry is a string that represents the time-of-day at which the shadow backup is scheduled to occur (in 24 hour HH:MM format). The default is 23:45.
If you remove this Registry entry or set it to an illegal value (for example, anything that does not begin with a digit), you will suppress the backups. The server is otherwise unaffected.
In addition to being available at a scheduled time of day, you can also force a shadow backup manually by using the mcdshadow utility located in the \Program Files\Network Registrar\bin directory for Windows NT or the /opt/nwreg2/usrbin directory for UNIX. There are no command-line arguments. Type mcdshadow to cause Network Registrar to perform the shadow backup.
Because a full copy of the database is created, this may take a few minutes to complete. Files are saved in /var/nwreg2/data/db.bak.
Step 1 Stop all Network Registrar servers.
Step 2 Change the directory to \Program Files\Network Registrar\data\db (Windows NT) or /var/nwreg2/data/db (UNIX).
Step 3 As a safety check, type the command ..\..\bin\dbcheck mcddb (Windows NT) or /opt/nwreg2/dbcheck -a mcddb (UNIX) to verify the integrity of the database.
Use the shadow backup to recover data, either because a system crash corrupted the regular working database or because the disk on which it resides is corrupted.
Step 1 Stop the AIC Server Agent within UNIX by typing the command aicservagt stop (UNIX) or within Windows NT, select Start/Settings/Control Panel/Service, highlight AIC Server Agent, and click stop.
| Caution If you do not stop the AIC Server Agent, you will get errors. |
Step 2 Make sure that the following three files are in \Program Files\Network Registrar\data\db.bak (Windows NT) or /var/nwreg2/data/db (UNIX).
The files are mcddb.d01, mcddb.d02, and mcddb.d03.
Step 3 Copy them into \Program Files\Network Registrar\data\db (Windows NT) or /var/nwreg2/data/db (UNIX). Do not move them because you may need them again.
Step 4 Change the directory to \Program Files\Network Registrar\data\db (Windows NT) or /var/nwreg2/data/db (UNIX).
Step 5 Type the following command to rebuild the key files by typing the command ..\..\bin\keybuild mcddb (Windows NT) or /opt/nwreg2/keybuild mcddb (UNIX).
This can take several minutes.
Step 6 As a safety check, type the command ..\..\bin\dbcheck mcddb (Windows NT) or /opt/nwreg2/dbcheck mcddb (UNIX) to verify the integrity of the database.
You should have no errors. However, if you do get errors, make sure that
The mcdshadow command uses the files listed in Table 3-3.
| File | Description |
|---|---|
Template file that describes the low-level data schema for the Raima runtime library. | |
Key files that contain the data that is redundant with the data files. Network Registrar does not back up these files because they can be completely rebuilt with the keybuild command. | |
Data files that contain the backup. | |
Text file from which Network Registrar configures the initial at-install-time database. | |
Text file that contains a version number denoting the level of the schema contained in the dbd file. Network Registrar will not attempt to open the database unless the number in this file matches a constant that is hard-coded in the libraries. If the result of the mcdshadow (which it just copies of the data files) is divorced from its original mcdschema.txt, you will not be able to run Network Registrar. | |
Working files used by the Raima runtime to ensure transactional integrity. |
Posted: Thu Nov 18 13:35:24 PST 1999
Copyright 1989-1999©Cisco Systems Inc.