Steel-Belted Radius Carrier 7.2.x Installaion Guide > Session State Register Cluster Installation Overview > Session State Register Cluster Installation Checklist

Session State Register Cluster Installation Checklist

Before You Begin

Before you begin to install the Session State Register software and after you read all of this chapter, perform these preliminary tasks or verify that they have been accomplished:

o

1. Review the Steel-Belted Radius Carrier Release Notes for up-to-date information that became available after the Steel-Belted Radius Carrier guides were published.

Download the most recent Release Notes file from:
http://www.juniper.net/techpubs/software/aaa_802/sbr.html

If the information in the Release Notes differs from the information in any Steel-Belted Radius Carrier guide, follow the Release Notes.

o

2. Read the next chapter, Planning Your Session State Register Cluster, and fill out the provided worksheet so you have all required information ready to use during the installation.

o Migration

3. If you are migrating settings from a SBR/HA 5.5 server installation, put a copy of that installation on the system that you want to host Release 7.2.

The recommended method is:

1. As root on the old server, shut down the SBR daemon.
   Execute: /radiusdir/sbrd stop.
2. Create a gzip archive of the radiusdir directory, preserving the file structure.

Change directories to /opt/JNPRsbr/ and execute (for example):
tar cfE - radius |gzip > 55_radius.tgz

1. As root on the Release 7.2 host, create a working directory for the archive:

Execute:
mkdir -p /opt/JNPRsbr/PreviousRelease_backup

and:

cd /opt/JNPRsbr/PreviousRelease_backup

1. Use FTP binary mode to copy the archive file to the Release 7.2 host.
2. Gunzip the archive in the working directory. This does not create a working installation, but serves as a source of files that can be reused by the Release 7.2 server.

Execute (using the example file name):
gunzip -dc 55_radius.tgz |tar xf -

1. Check the file permissions on the unzipped archive to ensure that the files are writable.

See Creating a Copy of Existing SBR Server Release Files for Migration for more information.

o

4. Ensure that all server chassis are physically secure.

To review recommendations on the server's characteristics, see Selecting an Appropriate Server.

o

5. Verify root access on all servers.

o

6. Confirm that all server chassis provide at least the minimum hardware and software requirements.

See Meeting System Requirements.

o

7. Verify that all servers meet basic network requirements:

• See Configuring Multipathing.
• See Verifying Network Connectivity.
• See Verifying Hostname Resolution.

o CCM

8. Verify the server role in the centralized configuration management (CCM) environment. The installation script can configure a Steel-Belted Radius Carrier server as:

• An autonomous server that does not use CCM.
• The primary server supplying a group of replication servers.
• A replication server.

• In an environment that uses replication servers, the primary server must be configured first to provide a base for replication.

Migration

• If you are migrating from a SBR/HA 5.5 environment and CCM was in use, you may only migrate the same server type: autonomous to autonomous, primary to primary, and replica to replica.

o LDAP

9. (Optional) If you want the server to interact with a Lightweight Directory Access Protocol (LDAP) directory service agent, verify or record the path to the LDAP library files. (The default path is /usr/lib.)

o Oracle

10. (Optional) If you intend the Steel-Belted Radius Carrier server to authenticate using an external database, you need to:

• Verify database compatibility and interoperability.

See Setting Up External Database Connectivity (Optional).

• If the external database is Oracle, the Steel-Belted Radius Carrier server must be configured as a client of the Oracle server.

As you set up the client, collect this information, or if the client is already installed, record this information to use while installing SBR software:

• Record the path to the local Oracle Home directory (for example: /opt/10g/app/oracle/product/10.2.0.3).
• Record the path to the local Oracle shared library (for example: /opt/10g/app/oracle/product/10.2.0.3/lib32)
• Record the path to the local TNS_ADMIN (for example: /opt/10g/app/oracle/product/10.2.0.3/network/admin)

o SS7

11. (Optional) Install a compatible SS7 interface board.

The Ulticom SS7 PH0301 or XH0303 communication boards are supported. See Supporting SIM, SMS, SS7 and Other Protocols with Ulticom Signalware.

o SIM /SMS/ WiMAX / SS7

12. (Required only for these modules) Install and configure Signalware 9 with Service Pack 5T software, following the product documentation and the guidelines in Signalware 9 Support for Steel-Belted Radius Carrier.

This step is only required for the optional WiMAX mobility module, if using EAP-AKA, which requires the optional SIM authentication module. This step is mandatory for the SIM and SMS authentication modules and any other SS7 applications.

o RSA

13. (Optional) If you intend the Steel-Belted Radius Carrier server to interact with an RSA authorization server, the Steel-Belted Radius Carrier server must be set up as an RSA client. Follow the RSA product documentation for the procedure.

The Steel-Belted Radius Carrier server must receive a copy of several files from the RSA server. See Setting Up RSA Authorization Client (Optional) for Steel-Belted Radius Carrier requirements and the list of required files that must be copied to the server.

o

14. Verify that the Steel-Belted Radius Carrier license keys have been assigned by logging in to your Juniper Networks support account. Because this is a SSR installation, collect:

• SBR Carrier server license numbers
• Optional module numbers
• The SSR Starter Kit license number
• SSR optional Expansion Kit numbers

Installing Session State Register Software

If you have completed all items on the "Before You Begin" list (for each item for each server in the cluster), you are ready to install the software. The servers must be installed in a particular order, so you perform this portion of the list four times for a Starter Kit.

The order of installation for a four-server Starter Kit cluster is:

1. First SBR Carrier/management node host. This server is also the primary server if CCM is used because it must be installed before the replica nodes.
2. Second SBR Carrier/management node host.
3. First data node host.
4. Second data node host.

Repeat these key steps on each server:

o

1. Unpack the Session State Register software.

See Unpacking Session State Register Software.

If you are not familiar with UNIX package management commands, see Package Management Commands.

o

2. Run the Session State Register configure script to set up or read in cluster and server configuration files.

o

3. Restart the Session State Register configure script.

When the script runs the second time, you are prompted to enter more information that you recorded in Planning Your Session State Register Cluster and Before You Install Software.

Basic Configuration

After the Session State Register software is on all servers in the cluster, you can ensure that the base software runs properly and then perform basic configuration steps:

o

1. Start the cluster.

See Initial Cluster Startup Procedure.

o

2. Start SBR Administrator.

Use an HTML browser to address one of the Steel-Belted Radius Carrier servers. Download the Administrator client application and log in as root. Also confirm that the links to the documentation work. See Running SBR Administrator.

Verify that you can download and run the application both from the local host and from a workstation on the network.

o

3. Configure the server.

For a new installation, configuring the environment includes basic low-level configuration tasks such as:

• Configuring communications between any additional devices and the Steel-Belted Radius Carrier servers.
• Adding additional users to the server.

See Configuring the Server.

o

4. Configure SNMP. If you elected not to configure the Steel-Belted Radius Carrier SNMP agent during software installation and other agents also run on the server (such as the Solaris operating system agent), you must adjust the ports the agents use so multiple agents do not contend for the same resource.

See Configuring SNMP.

o

5. Set up shared SSR IP address pools and a local emergency pool. See Setting Up IP Address Pools.