Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Scenario B: Fresh Ubuntu 18.04 Installation

  • On the Ubuntu 16.04 instance, take backups of Paragon Active Assurance product data.


    This is the backup procedure described in the Operations Guide, chapter "Backing Up Product Data", only more briefly worded.

    Run these commands:


    The pg_dump command will ask for a password which can be found in /etc/netrounds/netrounds.conf under "postgres database". The default password is "netrounds".


    For a large-scale setup (> 50 GB), making a tarball of the RRD files might take too long, and taking a snapshot of the volume can be a better idea. Possible solutions for doing this include: using a file system that supports snapshots, or taking a snapshot of the virtual volume if the server is running in a virtual environment.

  • On the Ubuntu 16.04 instance, take backups of the Control Center configuration files:

    • /etc/apache2/sites-available/netrounds-ssl.conf
    • /etc/apache2/sites-available/netrounds.conf
    • /etc/netrounds/netrounds.conf
    • /etc/netrounds/probe-connect.conf
    • /etc/openvpn/netrounds.conf

    For example:

  • On the Ubuntu 16.04 instance, back up the license file.

  • The new instance needs to satisfy at least the same hardware requirements as the old one.

  • On the new instance, install Ubuntu 18.04. We recommend the following tutorial:

    As far as Paragon Active Assurance is concerned, you can keep the defaults throughout. (It may of course happen that you need to make different choices for reasons unrelated to Paragon Active Assurance.)

  • Once Ubuntu 18.04 is installed, reboot the system.

    • The following disk partitioning is recommended, especially for snapshot backups (but it is up to you as a user to decide):

      • Recommended partitioning for lab setup:
        • /: Whole disk, ext4.
      • Recommended partitioning for production setup:
        • /: 10% of disk space, ext4.
        • /var: 10% of disk space, ext4.
        • /var/lib/netrounds/rrd: 80% of disk space, ext4.
      • No encryption
    • Set the time zone to UTC, for example as follows:

    • Set all locales to en_US.UTF-8.

      • One way to do this is to manually edit the file /etc/default/locale. Example:

      • Make sure the following line is NOT commented out in the /etc/locale.gen:

      • Regenerate the locale files to make sure the selected language is available:

  • Make sure that traffic on the following ports are allowed to and from Control Center:

    • Inbound:
      • TCP port 443 (HTTPS): Web interface
      • TCP port 80 (HTTP): Web interface (used by Speedtest, redirects other URLs to HTTPS)
      • TCP port 830: ConfD (optional)
      • TCP port 6000: Encrypted OpenVPN connection for Test Agent Appliances
      • TCP port 6800: Encrypted WebSocket connection for Test Agent Applications
    • Outbound:
      • TCP port 25 (SMTP): Mail delivery
      • UDP port 162 (SNMP): Sending SNMP traps for alarms
      • UDP port 123 (NTP): Time synchronization
  • Install NTP:

    • First disable timedatectl:

    • Run this command:

      and verify that

    • Now you can run the NTP installation:

    • Make sure that the configured NTP servers are reachable:

      The output should normally be "all ones" expressed in octal. 1

  • Install PostgreSQL and set up a user for Control Center:

    Using an external PostgreSQL server is not recommended.

  • Install and configure an email server.

    • Control Center will send emails to users:

      • when they are invited to an account,
      • when sending email alarms (i.e. if email rather than SNMP is used for this purpose), and
      • when sending periodic reports.
    • Run the command

    • For a simple setup where postfix can send directly to the destination email server, you can set General type of mail configuration to "Internet Site", and System mail name can usually be left as-is. Otherwise, postfix needs to be configured according to the environment. For guidance, refer to the official Ubuntu documentation at

  • Install Control Center on the Ubuntu 18.04 instance.

This procedure also installs the Paragon Active Assurance REST API.

  • Stop all Paragon Active Assurance services:

  • Restore database backup:

  • Before doing the database migration, you need to perform some additional steps. Go to this Knowledge base article, scroll down to the section Actions if the release has been installed, and perform steps 1 through 4 of those instructions.


    Do not perform step 5 at this point.

  • Run the database migration:


    This is a sensitive command, and care should be taken when executing it on a remote machine. In such a scenario it is strongly recommended that you use a program like screen or tmux so that the migrate command will continue running even if the ssh session breaks.

    The ncc migrate command takes considerable time to execute (many minutes). It should print the following (details omitted below):

  • Transfer the backup data to the 18.04 instance using scp or some other tool.

  • Restore the OpenVPN keys:

  • Restore RRD data:

  • Compare the backed-up configuration files with the newly installed ones, and manually merge the contents of the two sets of files (they should remain in the same locations).

  • Activate the product license using the license file taken from the old instance:

  • Start Paragon Active Assurance services:

  • To activate the new configuration, you also need to run:

  • Install new Test Agent repositories:

  • (Optional) Follow the NETCONF & YANG API Orchestration Guide to install and configure ConfD if you need it.


When you upgrade to 3.x later on, you must begin by running this command: