|
|
An aspect of the integration between CIPM and VPNSC MPLS Solution software consists of keeping the administration models of the two systems synchronized. The VPNSC MPLS Solution software system holds the master information for the administration model. The synchronization from the VPNSC MPLS Solution system into the CIPM system "trickles down" during the configuration file download, process, when elements in CIPM are created, and the element attributes are updated. A common naming convention is required to uniquely identify objects in both systems (see the "Naming Convention to Uniquely Identify Domains" section).
The communication between VPNSC MPLS Solution software and Cisco IP Manager is through CORBA APIs (for a list of these APIs, refer to Chapter 1, "Overview," in the Cisco VPN Solutions Center: MPLS Solution API Programmer's Reference).
The Download to IPM (DIPM) Server runs as a CORBA server in the VPNSC MPLS Solution software system, and implements the CiscoDIPM::DIPMServer interface in the DIPM.IDL file. The DIPM Server registers itself with the Orbix Name Service under the name DIPMServer. You can configure the server name in the csm.properties file, which is in the /opt/vpnadm/vpn/etc/ directory.
The DIPM Server runs as a daemon within the VPNSC MPLS Solution software system, and is controlled by the VPNSC MPLS Solution software Watchdog process. The Watchdog "pings" the DIPM Server to make sure it is running. As shown in Figure B-1, the client process CORBA VPN Provisioning and Inventory Manager (CVPIM Server) makes requests to the DIPM Server for getting router configurations, and then for downloading configlets.
The DIPM Server also acts as a CORBA client to the Cisco IP Manager Administration (ADM) and Network Element Manager (NEM) servers. The Cisco IP Manager NAM server accesses Cisco IP Manager domain information from the Cisco IP Manager Oracle database. The NEM server accesses element information from the Cisco IP Manager Oracle database, and also accesses the routers via Telnet.
You can also run the DIPM Server in Echo mode for testing and demonstrations. In Echo mode, the DIPM Server receives a router configuration file from the Repository. For downloading, the DIPM Server appends the configlets to the initial router configuration file, just prior to the "\nend" statement. The mode is determined by a property in the csm.properties file:
DIPMServer.mode = (CIPM,ECHO)
If all the Cisco IP Manager servers on the CIPM 2.0 workstation go down (after a system reboot, for example), the DIPM Server reconnects when the Cisco IP Manager system is back online. This occurs automatically without having to restart the DIPM Server. This behavior is implemented in the underlying IONA CORBA libraries.
For VPNSC MPLS Solution 1.1, if any of the Cisco IP Manager servers go down, a "Cisco IP Manager server disconnect" message is placed in the DIPM Server log file.
Cisco IP Manager downloads configlets to the routers (PEs and CEs) in three stages:
1. Collects all the necessary current router configurations.
2. Calculates and construct the configlets.
3. Downloads the configlets to each router and collects the final router configuration files.
The DIPM Server client can specify whether the running configuration should be written to the startup configuration or not. The CVPIM Server is responsible for putting the final router configuration into the Repository. Each request to the Cisco IP Manager servers is a synchronous and blocking call. The requests that the CVPIM Server makes to DIPM Server are also synchronous and blocking.
The Cisco IP Manager CORBA API functions for locking and unlocking objects are not used since all functions to set attributes and read and write router configuration files do implicit locking of the object.
By default, VPNSC MPLS Solution software uses Telnet to upload and download configuration files to and from Provider Edge Routers (PEs) and Customer Edge Routers (CEs) in the service provider network.
If you wish to change that setting after CIPM is installed and use the Trivial File Transfer Protocol (TFTP) instead, you must complete these tasks:
a. On the Cisco IP Manager workstation, set up a TFTP server (see the "Using TFTP to Transport Router Configuration Files" section).
b. For new CIPM network elements, edit the csm.properties file on the VPNSC: MPLS Solution workstation to change the CIPM transfer mode to TFTP as described in the "Enabling TFTP on the VPNSC: MPLS Solution Workstation" section.
c. For existing CIPM network elements set to use Telnet, you must use the CIPM GUI to change those elements to use TFTP. For information on how to edit the properties of a network element, refer to "Element Properties" on page 5-11 of the Cisco IP Manager (Lite) User's Guide, Version 2.0.
In the following properties, the host names are either set during the VPNSC MPLS Solution software installation, or later modified by hand. The DNS domain name can be blank, but it must match what was entered during the Cisco IP Manager installation.
# Cisco IP Manager specific settings DIPMServer.CIPMNameServer = <CIPM_host>[.<DNS_domainname>] DIPMServer.CIPMPrimaryNEMServer = <CIPM_host>[.<DNS_domainname>] DIPMServer.CIPMBackupNEMServer = <CIPM_host>[.<DNS_domainname>]
The backup NEM Server is not supported in Cisco IP Manager 2.0.
A convention to uniquely identify domains and networks in both of the systems is required.
In VPNSC MPLS Solution software:
In Cisco IP Manager software:
The domain and network naming convention is as follows:
The VPNSC MPLS Solution software network is the equivalent of the Cisco IP Manager domain.
Because the element names are unique:
VPNSC MPLS Solution software network:hostname[.DNS_domainname] =Cisco IP Manager domain:element_name
In Cisco IP Manager, the VPNSC MPLS Solution software network is created as a domain under the Cisco IP Manager Root domain (if it does not already exist in Cisco IP Manager). The VPNSC MPLS Solution software network can also preexist anywhere in the Cisco IP Manager domain hierarchy.
When a service request is first received from the CVPIM Server, an element object reference is retrieved from the Cisco IP Manager system. The DIPM Server searches for the element in Cisco IP Manager, if not found it will create the element in the Cisco IP Manager domain corresponding to the VPNSC MPLS Solution software network if it exists. If the domain does not exist it will be created in Cisco IP Manager under the "Root" domain, and then the element is created in the newly created domain. This process effectively synchronizes the elements in the VPNSC MPLS Solution software system into the Cisco IP Manager system, if the Cisco IP Manager system has no elements.
If the DIPM Server finds the element, it checks to see if the connection type is console. If it is, the DIPM Server does not update the user name, user password, and enable password. By using existing elements in the Cisco IP Manager system, the VPNSC MPLS Solution software system leverages the Cisco IP Manager's ability to access routers through a terminal server. These elements need to be created and configured (for terminal server access) via the Cisco IP Manager GUI. For more information, see the "Setting Access to Routers with VTY, Console, or TACACS" section.
The only required VPNSC MPLS Solution software element attributes are hostname (router name) and network. This applies for both "ECHO" mode and "CIPM" mode. If an VPNSC MPLS Solution software DNS domain is given, then it is appended to the hostname to create the element name in Cisco IP Manager. The VPNSC MPLS Solution software domain can also be in the Cisco IP Manager IP address string—see the next section for details.
| Repository Fields | VPNSC MPLS Solution Type | CIPM Element Attributes | CIPM Type |
|---|---|---|---|
dir_network_name | Char 128 | domain name | Char 128 |
dir_machine_name | Char 64 | element_name | Char 320 |
dir_machine_addr | Char 128 | hostIP | Char 64 |
Dir_pw_uid1 | Char 64 | username | Char 32 |
Dir_pw_uid2 | Char 64 | element_name | Char 320 |
Dir_password1 | Char 128 | userPw | Char 72 |
Dir_pasword2 | Char 128 | secretPw | Char 32 |
If there are any errors in downloading configlets, the DIPM Server attempts to get the final router configuration file and return it.
You can view the Cisco IP Manager logs using the Cisco IP Manager Log Viewer application. Note that all VPNSC MPLS Solution software generated log entries are for the vpnadm user. For detailed information about the Log Viewer, see Chapter 7, "System Administration and Log Management" in the Cisco IP Manager (Lite) User's Guide.
Posted: Wed Sep 20 15:05:25 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.
