2. Cisco
  3. Prime Network Registrar

Cisco Prime Network Registrar, Prime Network Registrar 11.0 User guide

  • Hello! I am an AI chatbot trained to assist you with the Cisco Prime Network Registrar User guide. I’ve already reviewed the document and can help you find the information you need or explain it in simple terms. Just ask your questions, and providing more details will help me assist you more effectively!
Cisco Prime Network Registrar 11.0 Administration Guide
First Published: 2021-04-23
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,
INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH
THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY,
CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of
the UNIX operating system. All rights reserved. Copyright ©1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS.
CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT
LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS
HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network
topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional
and coincidental.
All printed copies and duplicate soft copies of this document are considered uncontrolled. See the current online version for the latest version.
Cisco has more than 200 offices worldwide. Addresses and phone numbers are listed on the Cisco website at www.cisco.com/go/offices.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL:
http://www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship
between Cisco and any other company. (1721R)
©2021 Cisco Systems, Inc. All rights reserved.
CONTENTS
Getting Started 15
PART I
Introduction to Cisco Prime Network Registrar 1
CHAPTER 1
Target Users 1
Regional and Local Clusters 1
Deployment Scenarios 2
Small-to-Medium-Size LANs 2
Large Enterprise and Service Provider Networks 3
Configuration and Performance Guidelines 4
Related Topics 4
General Configuration Guidelines 5
Special Configuration Cases 5
General Performance Guidelines 6
Interoperability with Earlier Releases 6
Cisco Prime Network Registrar User Interfaces 9
CHAPTER 2
Management Components 9
Introduction to the Web-Based User Interfaces 10
Related Topics 10
Supported Web Browsers 11
Access Security 11
Logging in to the Web UI 11
Multiple Users 12
Changing Passwords 12
Navigating the Web UI 13
Waiting for Page Resolution Before Proceeding 13
Cisco Prime Network Registrar 11.0 Administration Guide
iii
Committing Changes in the Web UI 14
Role and Attribute Visibility Settings 14
Displaying and Modifying Attributes 14
Grouping and Sorting Attributes 14
Modifying Attributes 15
Displaying Attribute Help 15
Left Navigation Pane 15
Help Pages 15
Logging Out 16
Local Cluster Web UI 16
Related Topics 16
Local Basic Main Menu Page 16
Local Advanced Main Menu Page 17
Setting Local User Preferences 19
Configuring Clusters in the Local Web UI 20
Regional Cluster Web UI 20
Related Topics 20
Command Line Interface 20
Global Search in Prime Network Registrar 22
Server Status Dashboard 23
CHAPTER 3
Opening the Dashboard 23
Display Types 24
General Status Indicators 24
Graphic Indicators for Levels of Alert 25
Magnifying and Converting Charts 25
Legends 25
Tables 25
Line Charts 26
Area Charts 27
Other Chart Types 28
Getting Help for the Dashboard Elements 28
Customizing the Display 28
Refreshing Displays 29
Cisco Prime Network Registrar 11.0 Administration Guide
iv
Contents
Setting the Polling Interval 29
Displaying Charts as Tables 29
Exporting to CSV Format 29
Selecting Dashboard Elements to Include 30
Configuring Server Chart Types 30
Host Metrics 31
System Metrics 32
JVM Memory Utilization 33
Local and Regional Administration 35
PART II
Managing Administrators 37
CHAPTER 4
Administrators, Groups, Roles, and Tenants 37
Related Topics 37
How Administrators Relate to Groups, Roles, and Tenants 38
Administrator Types 38
Roles, Subroles, and Constraints 39
Groups 42
External Authentication Servers 42
Configuring a RADIUS External Authentication Server 43
Configuring an AD External Authentication Server 44
Managing Tenants 46
Adding a Tenant 46
Editing a Tenant 47
Managing Tenant Data 47
Assigning a Local Cluster to a Single Tenant 49
Pushing and Pulling Tenant Data 49
Assigning Tenants When Using External Authentication 50
Using cnr_exim With Tenant Data 50
Managing Administrators 51
Adding Administrators 52
Editing Administrators 52
Deleting Administrators 52
Suspending/Reinstating Administrators 53
Cisco Prime Network Registrar 11.0 Administration Guide
v
Contents
CLI Commands 53
Managing Passwords 53
Managing Groups 54
Adding Groups 54
Editing Groups 54
Deleting Groups 54
CLI Commands 54
Managing Roles 55
Adding Roles 55
Editing Roles 55
Deleting Roles 55
CLI Commands 55
Granular Administration 56
Local Advanced and Regional Web UI 56
Related Topics 56
Scope-Level Constraints 56
Prefix-Level Constraints 58
Link-Level Constraints 59
Centrally Managing Administrators 59
Related Topics 60
Pushing and Pulling Administrators 60
Pushing Administrators to Local Clusters 60
Pushing Administrators Automatically to Local Clusters 61
Pulling Administrators from the Replica Database 62
Pushing and Pulling External Authentication Servers 63
Pushing and Pulling Groups 65
Pushing Groups to Local Clusters 65
Pulling Groups from the Replica Database 66
Pushing and Pulling Roles 67
Pushing Roles to Local Clusters 67
Pulling Roles from the Replica Database 68
Pushing and Pulling Tenants 68
Pushing Tenants to Local Clusters 68
Pulling Tenants from the Replica Database 69
Cisco Prime Network Registrar 11.0 Administration Guide
vi
Contents
Session Management 70
User Sessions 70
Active User Sessions 71
Logs for Session Events 72
Managing Owners and Regions 73
CHAPTER 5
Managing Owners 73
Local Advanced and Regional Advanced Web UI 73
CLI Commands 73
Managing Regions 74
Local Advanced and Regional Advanced Web UI 74
CLI Commands 74
Centrally Managing Owners and Regions 74
Related Topics 75
Pushing and Pulling Owners or Regions 75
Pushing Owners or Regions to Local Clusters 75
Pulling Owners and Regions from the Replica Database 76
Managing the Central Configuration 77
CHAPTER 6
Central Configuration Tasks 77
Default Ports for Cisco Prime Network Registrar Services 78
Firewall Considerations 79
DNS Performance and Firewall Connection Tracking 79
Configuring Caching DNS to Use Umbrella 81
Licensing 81
Use Cisco Smart Licensing 82
Setting Up Smart Licensing in Cisco Prime Network Registrar 82
Viewing Smart License Usage 85
Renewing License Authorization and ID Certificate 85
Re-registering Cisco Prime Network Register with the CSSM (or Satellite) 86
Deregistering Cisco Prime Network Register 87
Disabling Smart Licensing 87
Using Smart License Reservation 88
Smart Product Registration and License Authorization Statuses 90
Cisco Prime Network Registrar 11.0 Administration Guide
vii
Contents
Use Traditional Licensing 91
Adding Traditional License 92
License History 93
License Utilization 93
Registering a Local Cluster that is Behind a NAT 94
Configuring Server Clusters 95
Related Topics 96
Adding Local Clusters 96
Editing Local Clusters 97
Connecting to Local Clusters 98
Synchronizing with Local Clusters 98
Replicating Local Cluster Data 98
Viewing Replica Data 99
Purging Replica Data 99
Deactivating, Reactivating, and Recovering Data for Clusters 100
Viewing Cluster Report 101
Central Configuration Management Server 102
Managing CCM Server 102
Editing CCM Server Properties 103
Trivial File Transfer 103
Related Topics 104
Viewing and Editing the TFTP Server 104
Managing the TFTP Server Network Interfaces 104
Simple Network Management 105
Setting Up the SNMP Server 106
How Notification Works 107
Handling SNMP Notification Events 110
Handling Deactivated Scopes or Prefixes 112
Editing Trap Configuration 112
Deleting Trap Configuration 112
Server Up/Down Traps 113
Handling SNMP Queries 114
Integrating Cisco Prime Network Registrar SNMP into System SNMP 115
Polling Process 115
Cisco Prime Network Registrar 11.0 Administration Guide
viii
Contents
Polling Utilization and Lease History Data 115
Adjusting the Polling Intervals 116
Enabling Lease History Collection 117
Managing DHCP Scope Templates 117
Related Topics 117
Pushing Scope Templates to Local Clusters 117
Pulling Scope Templates from Replica Data 118
Managing DHCP Policies 119
Related Topics 119
Pushing Policies to Local Clusters 119
Pulling Policies from Replica Data 120
Managing DHCP Client-Classes 120
Related Topics 121
Pushing Client-Classes to Local Clusters 121
Pulling Client-Classes from Replica Data 121
Managing Virtual Private Networks 122
Related Topics 122
Pushing VPNs to Local Clusters 122
Pulling VPNs from Replica Data 123
Managing DHCP Failover Pairs 124
Regional Web UI 124
CLI Commands 124
Managing Lease Reservations 124
Related Topics 125
DHCPv4 Reservations 125
DHCPv6 Reservations 125
Monitoring Resource Limit Alarms 126
Configuring Resource Limit Alarm Thresholds 127
Setting Resource Limit Alarms Polling Interval 127
Viewing Resource Limit Alarms 128
Certificate Management 129
Adding SSL/TLS Certificates 130
Pulling and Pushing SSL/TLS Certificates 131
Pushing SSL/TLS Certificates to Local Clusters 131
Cisco Prime Network Registrar 11.0 Administration Guide
ix
Contents
Pulling SSL/TLS Certificates from the Replica Database 132
CLI Commands 132
Certificate Expiration Notification 132
Local Cluster Management Tutorial 133
Related Topics 133
Administrator Responsibilities and Tasks 133
Create the Administrators 134
Create the Address Infrastructure 135
Create the Zone Infrastructure 135
Create the Forward Zones 136
Create the Reverse Zones 136
Create the Initial Hosts 137
Create a Host Administrator Role with Constraints 137
Create a Group to Assign to the Host Administrator 138
Test the Host Address Range 139
Regional Cluster Management Tutorial 139
Related Topics 140
Administrator Responsibilities and Tasks 140
Create the Regional Cluster Administrator 141
Create the Central Configuration Administrator 141
Create the Local Clusters 141
Add a Router and Modify an Interface 142
Add Zone Management to the Configuration Administrator 143
Create a Zone for the Local Cluster 143
Pull Zone Data and Create a Zone Distribution 144
Create a Subnet and Pull Address Space 144
Push a DHCP Policy 145
Create a Scope Template 146
Create and Synchronize the Failover Pair 146
Managing Routers and Router Interfaces 149
CHAPTER 7
Adding Routers 149
Local Advanced and Regional Web UI 149
CLI Commands 149
Cisco Prime Network Registrar 11.0 Administration Guide
x
Contents
Editing Routers 150
Local Advanced and Regional Web UI 150
CLI Commands 150
Viewing and Editing the Router Interfaces 150
Local Advanced and Regional Web UI 150
CLI Commands 150
Related Topics 150
Changeable Router Interface Attributes 150
Bundling Interfaces 151
Pushing and Reclaiming Subnets for Routers 151
Maintaining Servers and Databases 153
CHAPTER 8
Managing Servers 153
Local Basic or Advanced and Regional Web UI 154
CLI Commands 155
Scheduling Recurring Tasks 155
Local Basic or Advanced Web UI 156
CLI Commands 157
Logs 157
Log Files 157
Logging Server Events 159
Logging Format and Settings 159
Searching the Logs 160
View Change Log 160
Dynamic Update on Server Log Settings 161
Running Data Consistency Rules 162
Local and Regional Web UI 162
CLI Tool 163
Monitoring and Reporting Server Status 165
Related Topics 165
Server States 166
Displaying Health 166
Server Health Status 167
Displaying Statistics 167
Cisco Prime Network Registrar 11.0 Administration Guide
xi
Contents
DNS Statistics 169
CDNS Statistics 170
DHCP Statistics 171
TFTP Statistics 173
Displaying IP Address Usage 175
Displaying Related Servers 175
Monitoring Remote Servers Using Persistent Events 176
DNS Zone Distribution Servers 177
DHCP Failover Servers 177
Displaying Leases 178
Modifying the cnr.conf File 178
Modifying the cnr.conf File for Syslog Support 179
Troubleshooting DHCP and DNS Servers 181
Related Topics 181
Immediate Troubleshooting Actions 182
Troubleshooting Server Failures 182
Troubleshooting Tools 182
Using the TAC Tool 183
Using the statscollector Utility 183
Troubleshooting and Optimizing the TFTP Server 185
Related Topics 185
Tracing TFTP Server Activity 185
Optimizing TFTP Message Logging 186
Enabling TFTP File Caching 186
Backup and Recovery 189
CHAPTER 9
Backing Up Databases 189
Recommendation 189
Related Topics 189
Syntax and Location 190
Backup Strategy 190
Manual Backup (Using cnr_shadow_backup utility) 190
Setting Automatic Backup Time 191
Performing Manual Backups 191
Cisco Prime Network Registrar 11.0 Administration Guide
xii
Contents
Using Third-Party Backup Programs with cnr_shadow_backup 191
Backing Up CNRDB Data 192
Backing Up All CNRDBs Using tar or Similar Tools 193
Database Recovery Strategy 193
Recovering CNRDB Data from Backups 195
Recovering All CNRDBs Using tar or Similar Tools 196
Recovering Single CNRDB from tar or Similar Tools 196
Recovering from Regional Cluster Database Issues 197
Handling Lease History Database Issues 197
Handling Subnet Utilization Database Issues 198
Handling Replica Utilization Database Issues 198
Rebuilding the Regional Cluster 199
Virus Scanning While Running Cisco Prime Network Registrar 200
Troubleshooting Databases 200
Related Topics 200
Using the cnr_exim Data Import and Export Tool 200
Using the cnrdb_recover Utility 203
Using the cnrdb_verify Utility 204
Using the cnrdb_checkpoint Utility 204
Using the cnrdb_util Utility 204
Restoring DHCP Data from a Failover Server 207
Managing Reports 209
CHAPTER 10
ARIN Reports and Allocation Reports 209
Managing ARIN Reports 209
Related Topics 210
Managing Point of Contact and Organization Reports 210
Creating a Point of Contact Report 211
Registering a Point of Contact 211
Editing a Point of Contact Report 211
Creating an Organization Report 212
Registering an Organization 212
Editing an Organization Report 213
Managing IPv4 Address Space Utilization Reports 213
Cisco Prime Network Registrar 11.0 Administration Guide
xiii
Contents
Regional Advanced Web UI 214
Managing Shared WHOIS Project Allocation and Assignment Reports 214
Cisco Prime Network Registrar on Container 215
PART III
Cisco Prime Network Registrar on Container 217
CHAPTER 11
How to Run Cisco Prime Network Registrar as Docker Container 217
Server Statistics 219
APPENDIX A
DNS Statistics 219
CDNS Statistics 231
DHCP Statistics 235
Glossary 249
Cisco Prime Network Registrar 11.0 Administration Guide
xiv
Contents
PART I
Getting Started
•Introduction to Cisco Prime Network Registrar, on page 1
•Cisco Prime Network Registrar User Interfaces, on page 9
•Server Status Dashboard, on page 23
CHAPTER 1
Introduction to Cisco Prime Network Registrar
Cisco Prime Network Registrar is a full featured, scalable Domain Name System (DNS), Dynamic Host
Configuration Protocol (DHCP), and Trivial File Transfer Protocol (TFTP) implementation for medium to
large IP networks. It provides the key benefits of stabilizing the IP infrastructure and automating networking
services, such as configuring clients and provisioning cable modems. This provides a foundation for
policy-based networking.
Service provider and enterprise users can better manage their networks to integrate with other network
infrastructure software and business applications.
•Target Users, on page 1
•Regional and Local Clusters, on page 1
•Deployment Scenarios, on page 2
•Configuration and Performance Guidelines, on page 4
Target Users
Cisco Prime Network Registrar is designed for these users:
•Internet service providers (ISPs)—Helps ISPs drive the cost of operating networks that provide leased
line, dialup, and DSL (Point-to-Point over Ethernet and DHCP) access to customers.
•Multipleserviceoperators(MSOs)—Helps MSOs provide subscribers with internet access using cable
or wireless technologies. MSOs can benefit from services and tools providing reliable and manageable
DHCP and DNS services that meet the Data Over Cable Service Interface Specification (DOCSIS). Cisco
Prime Network Registrar provides policy-based, robust, and scalable DNS and DHCP services that form
the basis for a complete cable modem provisioning system.
•Enterprises—Helps meet the needs of single- and multisite enterprises (small-to-large businesses) to
administer and control network functions. Cisco Prime Network Registrar automates the tasks of assigning
IP addresses and configuring the Transport Control Protocol/Internet Protocol (TCP/IP) software for
individual network devices. Forward-looking enterprise users can benefit from class-of-service and other
features that help integrate with new or existing network management applications, such as user
registration.
Regional and Local Clusters
The regional cluster acts as an aggregate management system for up to a hundred local clusters. Address and
server administrators interact at the regional and local clusters through the regional and local web-based user
Cisco Prime Network Registrar 11.0 Administration Guide
1
interface (web UI), and local cluster administrators can continue to use the command line interface (CLI) at
the local cluster. The regional cluster consists of a Central Configuration Management (CCM) server, Tomcat
web server, servlet engine, and server agent (see Management Components, on page 9). The license
management is now done at the regional cluster and hence the local server has to be registered to a regional
server to avail the necessary services. See the "Overview" chapter in Cisco Prime Network Registrar 11.0
Installation Guide for more details.
Figure 1: Cisco Prime Network Registrar User Interfaces and Server Clusters
A typical deployment is one regional cluster at a customer network operation center (NOC), the central point
of network operations for an organization. Each division of the organization includes a local address
management server cluster responsible for managing a part of the network. The System Configuration Protocol
(SCP) communicates the configuration changes between the servers.
Deployment Scenarios
The Cisco Prime Network Registrar regional cluster web UI provides a single point to manage any number
of local clusters hosting DNS, CDNS, DHCP, or TFTP servers. The regional and local clusters also provide
administrator management so that you can assign administrative roles to users logged in to the application.
This section describes two basic administrative scenarios and the hardware and software deployments for two
different types of installations—a small-to-medium local area network (LAN), and a large-enterprise or
service-provider network with three geographic locations.
Small-to-Medium-Size LANs
In this scenario, low-end Linux servers are acceptable. The image below shows a configuration that would
be adequate for this network.
Cisco Prime Network Registrar 11.0 Administration Guide
2
Getting Started
Deployment Scenarios
Regional server is MUST in deployment for small and medium sized LANs.
Note
Figure 2: Small-to-Medium LAN Configuration
Large Enterprise and Service Provider Networks
In a large enterprise or service provider network serving over 500,000 DHCP clients, use mid-range Linux
servers. Put DNS and DHCP servers on different systems. The image below shows the hardware that would
be adequate for this network.
When supporting geographically dispersed clients, locate DHCP servers at remote locations to avoid disrupting
local services if wide-area connections fail. Install the Cisco Prime Network Registrar regional cluster to
centrally manage the distributed clusters.
Cisco Prime Network Registrar 11.0 Administration Guide
3
Getting Started
Large Enterprise and Service Provider Networks
Figure 3: Large Enterprise or Service Provider Network Configuration
Configuration and Performance Guidelines
Cisco Prime Network Registrar is an integrated DHCP, DNS, and TFTP server cluster capable of running on
a Linux workstation or server.
Because of the wide range of network topologies for which you can deploy Cisco Prime Network Registrar,
you should first consider the following guidelines. These guidelines are very general and cover most cases.
Specific or challenging implementations could require additional hardware or servers.
Related Topics
General Configuration Guidelines, on page 5
Cisco Prime Network Registrar 11.0 Administration Guide
4
Getting Started
Configuration and Performance Guidelines
/