The following document describes the Web-Based Headend Provisioning Agent. The Headend Provisioning Agent (HPA) provides a common user interface to the address provisioning system for the purpose of continued expansion and maintenance of the network and also enables localized BOOTP services for legacy headend nodes and provides a basis on which to distribute provisioning services.

The primary functions of HPA can be accessed via the main interface shown in Figure 1.0. Through this interface, nearly all configuration settings of the Provisioning server(s) can be modified (note that new networks are activated manually as they require the Provisioning server to be shut down and re-started however this functionality is being currently added to HPA). This interface is only accessible once a correct username and password are entered.

Figure 1.0 HPA’s main interface.

Figure 1.0 shows all the available options on the HPA interface. The number of these options (buttons) that will be displayed for each user is dependent on the privileges they have been assigned. For example:

• Most people will not see the "Delete" or "Add" option.

Figure 1.1 Network policy interface

Once the policy configurations are created, networks can be added. The network interface permits various aspects of a network to be defined together (primary subnets, secondary subnets, dynamic ranges, DNS configurations, MD5 file info, and gateway DNS names). In fact, HPA goes so far as defining a "network" as a collection of related configurations. In this way, HPA is able to perform in one step what would take several (15-20) steps in any other DHCP server interface. Figure 1.5 shows and example of the network interface. The initial step is to select the headend where network resides and what use network serves. The Use menu allows the network to join a larger group for reporting purposes. The Network, Gateway, and Subnet Mask, Location, and Remarks complete the network definition. The subnet mask drop down lists available subnet masks in the form of subnet mask, bits, number of class C networks, and number of hosts. Note that each network submitted to HPA encounters a series of checks through its built-in subnet calculator. If the network for some reason fails one of the checks an error is reported back to the user to aid in the correction condition which generated the error. For example some of the error detection build into HPA includes the following:

• Network bounds checking – No static IP address or gateway can be entered into HPA unless the network which contains that IP address already exists.
• Network bit mask checking – Networks entered into HPA must agree with their subnet mask.
• Network validation – Each new network entered must not intrude on nor contain any existing network defined within HPA.
• Network duplication checking – Each new network entered will be unique with respect to that which is currently entered into HPA.

Figure 1.2 Network interface

Figure 1.4 Modify Node Interface

As a result of adding, modifying, or deleting a headend node several tasks are accomplished. Adding devices is a restricted function and requires a high userlevel. In the case of adding a new device (modem):

1. Device’s mac address is checked locally and on the server for duplicates (duplicates are not allowed).
1. Device’s name (headend, city, state, and node are checked for duplicates) – this also ensures that the DNS names generated for all nodes will be unique.
2. Device’s IP address is checked against other IP address’s known to check for duplicates (includes checking network, router, and broadcast address of know networks).
3. IP address is checked against all known networks (will not allow the assignment of an IP address to a network that does not exist or falls into a dynamic range).
4. The headend modem’s mac address is registered on the server
5. An entry for this device is added to the dhcpcap file mapping its ip address and bootfile to its mac address (this is currently how Join requires statically mapped to be entered – when available this interface will configure other types of servers).
6. Generate a DNS entry for this device – if check box is selected.
7. An entry in the log file indicates the addition that took place: who added, what record, and when it occurred.

Modify function accomplishes varying tasks depending what information is modified. Note that this function is restricted in varying degrees by individual (enabling modification of some or all of the fields based on userlevel). In the case of modifying an existing device:

1. If the mac address is changed, the new mac address is checked locally and on the server for duplication. If is not duplicated, the previous mac address is deregistered on the server and the new mac address is registered followed by an update to the provisioning server.
1. If the headend, city, or node, ip address information is changed the new settings will be checked for duplication. If there is no duplication (and the ip address is in the range of static addresses) a new dhcpcap file will be delivered to the provisioning server. DNS will also be updated (if checked).
2. All modifications are logged into a file that indicates the modification that took place: who modified, what record, when it occurred, and what in the record was changed.

Deleting a device requires the highest userlevel. Deleting an existing device performs the following tasks:

1. Since the permission to delete is held with the username, only registered users can delete devices (the userlevel also restricts individuals from having this functionality).
1. When a device is deleted its entry is removed from the database, its mac address is deregisted, and the dhcpcap and DNS files are updated.
2. All deletions are logged in a file the indicates who deleted the entry, what was deleted, and when it was deleted.

Figure 1.5 Modify Custom Interface.

Similar to the modify headend nodes, the "Make Changes" button applies the changes made to the modify interface and updates the Provisioning sever with this data (in this case the file was edited using the "View" as opposed to "Modify" so the "Make Changes" option is unavailable).

Figure 1.6 Static Entry Interface

The static entry interface in Figure 1.6 allows each entry in the "Static IP" list to be viewed or modified. Through this interface, the entry’s city and state are added along with its IP address, Unique Name, Hardware Address, and Remarks. This above example shows information needed to complete a typical static IP address entry. Additional option of static IP address entries is the use of generating DNS entries. Normally a centralized database is required to generate non-duplicate names for DNS but because of some rules previously applied (restricted characters) to other lists of DNS names two or more independent lists can coexist if they apply similar rules to ensure uniqueness between lists. The idea here is to require every DNS Name and CNAME to contain a particular character that is restricted by the other DNS list. Once this is done, the static IP entries DNS information can be updated along with other DNS entries (headend node entries) in a single shot.

The HPA bootfile contains the service group data that defines each MD5 file that HPA knows how to create. Maintaining service classes or service groups is provided through a selection item in the main display called Service Classes. When this item is modified, and the user level appropriate for editing service classes associated with the existing user, the display shown in Figure 1.7 is displayed.

Figure 1.7 Service class maintenance area

Modifying service classes with HPA is very easy but should be done with extreme caution (reason why service class access requires the highest userlevel). Note that service classes map back to individual client service group registrations. Therefore, changing the name of a service class can render that class as well as all its subscribers inoperative. In the case where a service class does not exist, the users subscribed to it will fall back to the default service defined by the network in which they reside. One should use this interface only with direction from those in charge of service definition.

Figure 1.8 Service class editor

In cases where service classes must be modified, each individual service class listed previously (Figure 1.7) can be edited. The service class editor provides a controlled interface to modifying only allowed (supported) options (as noted by all drop down fields). A goal of the service class editor is to provide commonality between editing service classes for legacy and DOCSIS cable modems. Since HPA inherently supports legacy and DOCSIS being able to configure both service classes at the same time enables HPA to align service definitions for both modem types.

Figure 1.9 represents the interface for generating reports. This interface allows various levels of reporting from summary down to individual networks (the sophistication/capabilities of the current reporting was generated from the operations group but will inevitably grow as more information is entered). Currently there are three types of reporting: summary, by headend, and by network. The number of networks included in the report depend on whether Net10 is included in the reports (Net10 doubles the size of most of the reports). Figure 2.0 represents a portion of a summary report.

Figure 2.0 IP address summary report

Figure 2.1 represents a report either by headend or network. The main difference between these two reports would be the amount of information contained (number of networks represented in the report). The "by headend" report would include all networks associated with a particular headend where as the "by network" would only include a single network. The purpose of these reports is two fold:

• Show each individual IP address of networks and all devices associated with them.
• Allow free IP addresses to be checked out.

Figure 2.1 Network IP address report

Detail:

Figure 2.2 Headend Provisioning Agent Structure

/userdb/Provisioning:

The source files located in /web/usrdb/Provisioning consist of several flat file type data. For the most part they are self explanatory (listing of cities in file city, listing of states in file state, etc). The exceptions are user.db, headend, and bootfile. These files (currently being converted into real database files) contain other information specific to each entry. For example, one entry in the headend file would look like:

Form: headend name|hostname|ip address of machine

zionhill|znbootp01|24.128.44.9

This file allows the process to correctly address the headend BOOTP servers. The user.db file has the same form where each entry has several fields. Currently the passwords are in plain text but once this file is moved over to a database this file will be converted to binary. For example one entry in the user.db file would look like:

Form: username|password|userlevel

bahlmann|I4got|500

The userlevel provides information for the multi-level access using the following information:

Userlevel Equivalent Access/Authorization (Group intended)

100 View Only! (Interested parties)

150 Modify Headend Nodes (Headend Technicians)

200 Modify Custom Configurations (Senior Installers)

250 Add Headend Nodes and change IP address on nodes (Broadband Engineers)

300 Modify Headend Groups (Network Engineers)

500 Access All Options including Delete (Administrator)

600 Modify service group configurations

In this configuration, as the userlevel is increased, individuals will have authorization to change anything with a userlevel equal to or less than theirs. The bootfile file contains detailed information about service levels. For example, one entry in the bootfile would look like:

Form: sid|sname|dsbw|usbw|apriority|btraffic|hrn|mens|ftype|filter|swfilename|

111100|basic|1500|300|3|1|No|1|LANCity|IP/DHCP||

The bootfile provides information to the provisioning interface and the MD5 file creation scripts using the following information:

Field Equivalent Functionality

sid Key field for each service <must be unique thus the use of 1111..>

sname Name of the service parameter <basic|headend|symmetric|best|etc.>

dsbw Downstream rate in bits per second <10000|1500|300>

usbw Upstream rate in bits per second <1000|1500|300>

apriority Access priority of service <3=low, 2=normal, 1=high>

Note: anything less than symmetric should have low priority

btraffic Number of overflow packets opportunities allowed:

<0=1pkt, 1=21pkts, 2=43pkts, 3=65pkts, 4=87pkts>

hrn Type of LANCity Device: <No: Not a HRN, Yes=Is a HRN>

mens Maximum ethernet nodes supported (no. CPE CM can learn)

ftype Type of modem file is intended <LANCity, DOCSIS, both>

filter Filter type <none, IP, IP/SP, IP/DHCP, IP/DHCP/NetBEUI>

swfilename Name of file to auto-upgrade to (if any)

Each entry in the bootfile represents a valid service group offering. Thus, when creating new networks or re-generating all bootfiles, any service level that is completely defined in the bootfile will have legacy MD5 files created for it (i.e. if an entry only contains an Index and service name, MD5 files will not be created for it). This bandwidth option will also show up in the custom area where different throughputs are selected.

Lock File:

Since currently, all the data is stored in a flat file, some restrictions must be in place to prevent simultaneous modifications that could corrupt the data in this file. The use of a master lock and a record lock restricts simultaneous changes to the database. The record lock is intended to lock a particular record from simultaneous changes and the master lock is intended to protect the main data file from simultaneous writes.

The record lock is implemented when a record is selected in the main interface (Figure 1.0) and the modify button is selected. The record lock consists of creating a lock file for that record associating the checkout time and the owner. When this record is modified and applied ("Make Changes" button is selected in the interface) this record lock continues until one of the following occurs:

• Record is modified and the database is updated successfully
• The record is not modified and the user cancels the modify operation
• Another person attempts to modify the record (in the case of if the user leaves this web document – surfs elsewhere) past the modify expiration time (an amount of time set for the modification to take place) in which case the record lock assumes a new modified time and owner (the current modified expiration time is 10 minutes).

The master lock protects the data file (dhcpcap.dat) by only allowing one update to happen at a time. If multiple requests to update the data file occur they each wait for the opportunity to lock the file perform their update and then unlock the file. Since updates are not frequent with data of this nature this form file locking is more than adequate.

Database:

As stated earlier, the data (dhcpcap.dat) is currently a flat file (pipe delimited). The flat file is used for simplicity as well as speed (much faster access and queries through Perl than using a UNIX database). Although the database is in plain text it should not be edited by hand. This is because, the Perl script (hpa.pl) thoroughly checks each entry before its allowed to enter the database. HPA also assigns a unique key to each and every entry which is critical to referencing that item in future operations and handling that item using record locking. Since any hand entries would not go through these steps, a simple modification may corrupt the database. Probably the most useful checking is done on the Provisioning server to ensure this device is not previously provisioned and internal checking within the database to ensure the entry is unique.

Provisioning Server Communication:

During any changes (Add or Modify) to the hpa database, a communication path is opened between the web server and the provisioning server. This communication consists of a sequence of rsh commands (run as user "nobody") that de/register mac addresses and update the files on the main provisioning server. The current provisioning server continually checks the file modification date of the bootptab file (dhcpcap) re-reading it after any changes. This allows changes to the LCh provisioning to be a matter of de/registering the mac addresses of the modems and updating the dhcpcap file. Registering and de-registering mac addresses are aided by the use of various scripts located in the /opt/bin directory. These scripts take mac addresses as arguments and submit them to the provisioning server. A useful function of these scripts is that they confirm each action within the server returning information about the success or failure of the action. For example if the requested action was to delete a registered mac address, the script would first check if the mac address was registered, if it was, it would try to deregister it, and then follow up by checking to see that it was de-registered. If the requested action was not successful, the proper error text is returned and fed back to the user. Once the mac address has been submitted to the Provisioning Sever, some trivial effort is made to ensure the dhcpcap file that is copied onto the Provisioning Server is intact before it replaces the working dhcpcap file. This checking consists of copying over two files (dhcpcap.web1 & dhcpcap.web2), checking for differences, and updating the working dhcpcap file only if the two copied files are identical. This additional step of moving two copies of the dhcpcap file is done to ensure this file is indeed complete. This file is critical to the configuration of Join and must be absolutely correct to enable intended operation of the server.

Having DNS entries for headend nodes has proved very useful in troubleshooting and installations. Since the headend nodes do not have a IP address lease (dynamic address) associated with them they cannot obtain a dns entry using the current process of using Remedy, the provisioning server, and the dns script nor would it be feasible to have them manually entered. Instead, HPA generates dns entries for each LCh/e based on its location and IP address. The following represents an example entry for one LCh:

MA-Newton-4 IN CNAME nd-hrn-newton4

nd-hrn-newton4 IN A 24.128.36.11

Note that it is critical the file permissions and ownership of the dhcpcap files be maintained for the HPA to successfully update the main provisioning server. The required file permissions of dhcpcap, dhcpcap.web1, dhcpcap.web2, and henodes.dns files located in /etc/join should be "-rw-rw-r—" or 664 chmod. The proper owner of this file should be "nobody" using chgrp.

Log Files:

There are several log files that track the use of the HPA interface. These logs track logins errors and MD5 file creation process. The log file provides a way of monitoring the use of the HPA. Currently, the detail of the log file is somewhat lacking but it does provide enough information to track down and correct improper use of the interface. These logs can be viewed by clicking on the view log button and selecting which log you want to view. The resulting display will show the last 50 lines of entries into the log file.

Profile:

To set up this server several things must be done to make the web script operational. These actions will enable the CGI script hpa.pl to communicate with the necessary machines. One key setup step is to make sure the path "/web" is able to get to the root (home) directory of the web server root directory. The easiest way to accomplish this is to make a symbolic link from a file located at "/web" to point to the actual web home directory. Once the ".profile.pl" file is edited, the remaining setup involves allowing user "nobody" to communicate with the DHCP and BOOTP servers. To do this each remote server must have the following added: (servername is the web server’s NIS name)

1. Create a "/.rhosts" file with the following entries

• servername nobody
• servername root

1. Create a "/etc/hosts.equiv" file with the following entry:

• servername +