Imanager U2000 Administration Training

Huawei
OptiX iManager U2000 Administration Training
Copyright c 2011 Huawei Technologies Co., Ltd
All Rights Reserved

No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Huawei technologies Co., Ltd
Trademarks
HUAWEI, C&C08, EAST8000, HONET, ViewPoint, Intess, ETS, DMC, TELLIN, InfoLink, Netkey, Quidway, SYNLOCK, Radium, M900/M1800, TELESIGHT, Quidview, Musa, Airbridge, Tellwin, Inmedia, VRP, DOPRA, iTELLIN, HUAWEI OptiX, C&C08 iNET, NETENGINE, Optix, SoftX, iSite, USYS, iMUSE, OpenEye, Lansway, SmartAX are trademarks of Huawei Technologies Co., Ltd. All other trademarks mentioned in this manual are the property of their respective holders.
Notice
The information in this manual is subject to change without notice, every effort has been made in the preparation of this manual to ensure accuracy of the contents, but all statements, information, and recommendations in this manual do not constitute a warranty of any kind, express or implied.
Huawei Technologies
TABLE OF CONTENT CONTENT

OptiX iManager U2000 CORBA Interface
OptiX iManager U2000 SNMP Interface iManager U2000 V100R002 Security and Data Management
iManager U2000 V100R002 Security and Data Management

Practice Guide
iManager U2000 Troubleshooting
iManager U2000 CORBA Interface
P-0
Confidential Information of Huawei. No Spreading Without Permission
P-1
OSS: Operating Support System Reference book iManager U2000 Unified Network Management System Northbound CORBA Interface User Guide (V100R200C01)
P-2
P-3
P-4
As a model and standard of software development, the Common Object Request Broker Architecture (CORBA) provides necessary services and toolkit to develop software. The CORBA northbound interface (NBI) functions to integrate the distributed software at the element management layer with that at the network management layer. The CORBA NBI has the following features: Complying with the CORBA 2.3 specification of the Object Management Group (OMG) and supporting the IIOP 1.1 and IIOP 1.2. Adopting the standard CORBA Naming Service 1.1 and Notification Service 1.0. The current version that uses The ACE ORB (TAO) 1.3 is highly efficient. Capable of being smoothly transplanted to other ORB platforms. It supports the interconnection between different ORB platforms, including: IONA Orbix2000 IONA Orbix 6.1 InterBus JacORB Borland VisiBroker Borland BES Supporting cross-platform operation Windows 2000, Windows 2003, Solaris 8, Solaris 10 The CORBA NBI complies with the following standards recommended by the Tele Management Forum (TMF): TMF 513 V2.1 TMF 608 V2.1 TMF 814 V2.0 (IDL V2.1)
P-5
Network element (NE): It refers to the device in the network. The NE reports alarms to the element management system (EMS) . EMS: The network devices provided by Huawei can be managed by the iManager U2000. The iManager U2000 is at the EMS layer and interconnects with the thirdparty NMS through the NBI. NMS: It refers to the NMS of a carrier. CORBA NBI: It provides an interface for the superior NMS to access the EMS.
P-6
Querying the Current Alarms of the EMS and All NEs in Real-Time This function allows the superior NMS to query the current alarms of the EMS and all NEs and set alarm severity levels to filter the alarms. The filter for the notification service does not affect the query result. The current alarm refers to a fault alarm that is uncleared and unacknowledged, uncleared but acknowledged, or cleared but unacknowledged. NMS can obtain the real-time alarms of the EMS and NEs. The EMS detects the alarms returned to the caller. The NMS needs to perform this task periodically to obtain the real-time alarms. Filtering Alarms This function allows the superior NMS to set the filtering rules for the EMS or NE alarms and set the alarm severity levels, event type, and device type to filter the alarms. Alarm Synchronization This function allows the superior NMS to synchronize alarm information with the EMS. Resource changing report This function allows the EMS to report the resource changing information to the superior NMS . Resource querying This function allows the superior NMS to query the resource information such as the main type of EMS resource, topology information of EMS, etc. Service deployment This function allows the superior NMS to deploy services such as SDH, WDM path creation, active, deactive, delete, etc. Current performance querying This function allows the superior NMS to query the current performance data. History performance querying This function allows the superior NMS to query the historical performance data. Confidential Information of Huawei. No Spreading Without Permission
P-7
P-8
There are three parts of the CORBA interface: standard naming service, notifying service and CORBA agent. Naming service: provides the interface for the OSS to access the U2000 CORBA. The uniqueness of the name of the EMS must be guaranteed in the NMS management domain. Notifying service: is responsible for the adding/deleting events monitoring, receiving alarm/performance/report. CORBA agent: transform the internal data of U2000 to the CORBA data complying with the international standard and transform the request from OSS to the internal data of U2000 to guarantee the integration of OSS and U2000.
P-9
IDL: Interface Definition Language. IDL is not a programming language and its only purpose is to allow the CORBA interface being defined as a programming language independent mode, and allow the inter-operation of applications programmed with different languages. IDL can not be programmed and compiled, and is only applicable to describe the CORBA interface and define the data type of the objects. Language mapping defines how to translate the IDL file into different programming languages. The third party software can be used such as TAO, JacORB. Huawei uses TAO to translate CORBA language into C++. NMS and EMS invoke functions such as getNEName{} to query and report alarm, resource, and performance information.
P-10
getEMSSession: Obtain the reference of Ems Session to set up a session. getEventChannel: Obtain an event channel. getSupportedManagers: Obtain the name list of the Manager objects supported by the EMS. getManager: Obtain the object reference of the specified Manager.
P-11
When OSS connects to U2000, U2000 establishes a session between them. U2000 performs the ping every 30 seconds and if there is no reply to the ping for 4 times, U2000 will abort the session; meanwhile, U2000 sends a heartbeat notifying message to OSS every 30 seconds.
P-12
getAllManagedElements: Query the NE resource information of the EMS and all NEs getAllActiveAlarms: Query the current alarms of the EMS and all NEs getAllCurrentPMData: Query the current performance data of the EMS and all NEs NT_ALARM: Alarm notifying
P-13
P-14
The working process is as follows: 1 start the naming service 2 start the notify service 3 start the CORBA agent 4 CORBA agent registers to naming service 5 CORBA agent creates the event channel 6 OSS connects to naming service 7 OSS identifies CORBA agent through naming service 8 OSS connects to notify service through naming service 9 OSS connects to CORBA agent 10 CORBA agent reports information to OSS
P-15
P-16
CORBA NBI software component is controlled by MSUITE. The U2000 installation package has integrated the MSUITE software, after installing the U2000, the MSUITE is installed together. So there is no need to install the MSUITE separately. CORBA Agent also need the license support. Without license, it does not work. After the MSUITE is started, we need to configure some parameters of CORBA Agent. Steps to start the MSUITE: Click the MSUITE icon on the desktop or click the program below: %MSUITE%\engineering\ startclient.bat. Enter the IP address and the user name, password to login MSUITE. After login, select NBI > Configure CORBA Interface Instance from the main menu to configure the CORBA NBI parameters. Note: If you need to install CORBA component, select Deploy > Add Component from MSUITE to add CORBA NBI. After that, you should restart U2000 server.
P-17
Notify Service: Namely TAO notification service, it is a non-persistent notification service and the default deployment type of the U2000. Orbix Notify Service: Namely Orbix notification service, it is a persistent service. That is, when the upper layer NMS is disconnected from the U2000 abnormally, the notification component can save the notification events generated by the U2000 during this period of time to the disk or memory. After the connection between the upper layer NMS and the U2000 recovers, the notification component reports the saved notification events to the upper layer NMS. If the connection between the upper layer NMS and the U2000 is normal, the notification component does not save any notification event. If the Orbix notification service is required, you need to purchase a license from the component developer, then rename the license file to license.txt and save it in the %IMAP%/../cbb/nbi/nbicbb_3p/tools/orbix/etc/ directory. Default Value of Port Common Mode Naming service port: 12001 Notify service port: 12002 CORBA Agent port: 12003 SSL Mode Naming service SSL port: 22001 Notify service SSL port: 22002 CORBA Agent SSL port: 22003
P-18
The advanced configuration items are as follows: Character-set switch Set EMS Name Maximum capacity of log file Whether Filter VirtualNE Log output mode OTN Slot Rules Enable log level Enable the NE ID Enable the virtual NE
P-19
1. Click the Process Monitor tab on the Sysmonitor. 2. Stop the CORBA Service, CORBA Naming Service and CORBA Notify Service(TAO) processes. select the CORBA Service process, right-click, and choose Stop the Process to stop the process. To stop CORBA Naming Service and CORBA Notify Service(TAO) processes, perform the same operations. 3. Start the CORBA Service, CORBA Naming Service and CORBA Notify Service(TAO) processes. select the CORBA Service process, right-click, and choose Start the Process to start the process. To start CORBA Naming Service and CORBA Notify Service(TAO) processes, perform the same operations. 4. Disable the CORBA Service, CORBA Naming Service and CORBA Notify Service(TAO) processes. select the CORBA Service process, right-click, and choose Start Mode > Disabled. To disable CORBA Naming Service and CORBA Notify Service(TAO) processes, perform the same operations.
P-20
P-21
P-22
P-23
P-24
P-25
The strategy to deal with the interface type problems: Query operation log to confirm the reason; OSS collects error information. The interface connection type problem need to analyze the log file. It is complex. If there is this type problems, please contact Huawei company.
P-26
P-27
P-28
P-29
iManager U2000 SNMP Interface
P-0
P-1
P-2
At the beginning, the network and service are simple. We can use ICMP and Ping command to manage and monitor the network. As time went by, the Ping command cannot manage the network. How to develop the new NMS protocol which is easy to the maintenance engineer is the next step for R&D. In this background SNMP (Simple Network Management Protocol) is developed.
P-3
SNMP is in the application layer of the TCP/IP stack; SNMP is above the UDP layer and the default UDP port number is 161 between NE and U2000; SNMP trap message is used to send the emergency information to NMS voluntarily, when there is a link down. SNMP trap uses UDP port 162; SNMP has three versions SNMP v1 uses community for authentication , SNMP v1 cant provide encryption. SNMP v2 improved SNMP v1 with a new concept named getbulk , it can provide more error message , but still can not provide encryption. SNMP v3 improved the security with USM (User Security Module) and VACM (View-based Access Control Model), USM is used for encryption ,and VACM is used for access control. SNMPv3 is not widely supported, U2000 can support all the versions.
P-4
Many telecom level equipment support SNMP, such as Huawei Access and IP equipment. If we enable the SNMP function, and then the U2000 is server for the equipment. In this case, SNMP is a southbound interface for U2000. Actually, SNMP is a type of NBI of U2000, which will transfer data to higher layer OSS. The relationship between SNMP and COBRA: The basic function of SNMP and COBRA is to report the information to upper level NMS; SNMP is protocol which is applied between NMS and EMS or EMS and NEs; but COBRA is only applied between NMS and EMS; COBRA is more security than SNMP in data transfer.
P-5
OSSOperating Support System Software which runs on the workstation or PC to manage and monitor the whole network. Agent Process which run on the managed equipments or low level NMS (U2000). When it receive the requirement from the OSS, the Agent will give response. The main function is collecting the status information of the NEs, the realizing the remote operation from the NMS to NEs, and sending the alarm message to the OSS. MIB MIB (Management Information Base), is the virtual database, and it is status set which is in the managed object. Normally the agent query the equipment status from the MIB, and the MIB will reply it from its tree topology structure directory. MIB (Management Information Base). SNMP NBI is the communication protocol between the OSS and Agent, it includes two parts: OSS; SNMP Agent.
P-6
SNMP is divided into NMS U2000 and AGENT. U2000, the NMS sends request to Agent. Agent is a process or task residing in managed equipment. When Agent receives the enquiry packet from the NMS, it performs decoding analysis and gets value of management variable from relevant modules. Then it generates Response message, sends the packet back to the NMS after it is encoded. SNMP is the application layer protocol that defines the transfer of management information between NMS and Agent.
P-7
To simplify the development of the Agent side, SNMP only defines two kinds of operations --- Get and Set. Get is used to obtain management information from managed equipment. And Set is used to configure managed equipment via setting the value of variable. NMS and Agent transfer management information to each other via packet. And SNMP V1 only defines five kinds of packets: Get Request packet: Used to get the value of specified management variable. GetNext Request packet: Used to continuously get the values of a group of variables. GetResponse packet: Used to respond request, return value for request or error type, etc. Set Request packet: Used to set the specified management variable. Trap packet: Used for managed equipment to send information to NMS initiatively in urgent cases. GetRequest and GetNextRequest are used to obtain information of the managed object in NM. SetRequest is used to configure the managed object. These three kinds of requests correspond with three kinds of SNMP messages. Agent responds them via sending GetResponse message. Trap is generated by Agent. It is used to report abnormal event of the managed equipment to the NM. Agent will send Trap to notify NM when equipment gives alarm or important data is changed by user/console/other NMs. When SNMP Manager receives the Trap, relevant actions will be initiated, such as diagnosing fault via polling, adopting recovery measures, modifying relevant database of the NM.
P-8
SNMP is base on TCP/IP, and it is in the application layer of TCP/IP. SNMP provides one simple command set for communication, and it use UDP to send and receive massage between NMS and Agent. Version: version of SNMP; Community: user name of NMS to login Agent. SNMP PDUSNMP PDUProtocol Data Unit), SNMP protocol message payload, querying and acknowledge command and so on.
P-9
Normally: The OSS will send message to Agent, such as request operations, after the Agent receive the message, at first, it will check the version, community and operation objective of SNMP message. If they are matched, the Agent will give the feedback message and report what the OSS want to know. In emergency: Such as the NIC port is down and repaired, and then the Agent will send TRAP message to OSS to establish the link again.
P-10
1. The agent receives an SNMP request packet from the NM station through UDP port 161. 2. The agent decodes the packet based on ASN.1 basic coding rules and represents it in an internal data structure. The agent discards the packet if there is a decoding failure. 3. The agent gets the version number from the packet. The agent discards the packet if the version is inconsistent with the SNMP version it supports. 4. The agent gets the community name from the packet. The community name is filled by the NM station that sends the request. If the community name is inconsistent with that of the agent, the packet is discarded. A trap message or an Inform packet is generated simultaneously. 5. The agent gets PDUs from the authenticated ASN.1 object. If the agent fails to get the PDUs, the agent discards the packet; otherwise, the agent processes the PDUs. 6. The agent processes PDUs differently and gets the management variables of the corresponding protocol modules by searching nodes that correspond to management variables in the MIB. 7. The agent encapsulates the values of management variables in a PDU, uses the source IP address and port of the request packet as the destination IP address and port, and adds the SNMP version number. A response packet is then generated. After being coded, the response packet is sent to the NM station.
P-11
P-12
SNMP NBI software component is controlled by MSUITE. The U2000 installation package has integrated the MSUITE software, after installing the U2000, the MSUITE is installed together. So there is no need to install the MSUITE separately. SNMP Agent also need the license support. Without license, it does not work. After the MSUITE is started, we need to configure some parameters of the SNMP. Steps to start the MSUITE: Click the MSUITE icon on the desktop or click the program below: %MSUITE%\engineering\ startclient.bat. Enter the IP address and the user name, password to login MSUITE. After login, select NBI > Configure SNMP Interface Instance from the main menu to configure the SNMP NBI parameters. Note: If you need to install SNMP component, select Deploy > Add Component from MSUITE to add SNMP NBI. After that, you should restart U2000 server.
P-13
Input the Send Trap address and Port, etc. The following table lists the description and the value of the parameters. Name Send Trap address Description Specifies the address that is set on the SNMP agent and is used to send traps to the upper level network management system OSS. Specifies the port that transmits trap packets. Specifies IP address that receives the request messages from the upper level network management system OSS. Specifies the port that receives the request messages from the upper level network management system. Value IP address Default: U2000 server IP address 1 to 65535 Default: 982 IP address Default: U2000 server IP address 1 to 65535 Recommended value: >1024 Default: 9812
Send Trap Port Receive Request from NMS address Receive Request from NMS Port
P-14
The SNMP agent supports a maximum of 10 read/write communities. The Community can not be empty. The default value of Read Community is public and Write Community is private. Input the OSS Receive Trap Address and Port, etc. The default port is 6666. The following table lists the description and the value of the parameters. Name NMS Receive Trap Address Port Read /Write Community Description Specifies the IP address of the third-party NMS. Specifies the port of the third party NMS for receiving traps. When the third-party NMS uses the SNMP v1 or v2c protocol, the authentication control between the SNMP agent and the upperlayer NMS is implemented through community information. To be specific, only when the set community is the same as that of the upper-layer NMS, the third party NMS responds to the alarm query requests received. Otherwise, the third-party NMS ignores the requests. Value IP address Default: OSS IP address 1-65535 Default: 6666 The default read/write community is public/private. You can also enter any character string consisting of 255 characters at most.
P-15
The advanced settings include the following items. Heartbeat Settings Alarm Field Settings Set reporting notification Report Date Format Settings Encoding Format Settings Other Settings MIB Frame Settings
P-16
After we add the SNMP Agent instant, we can start and stop the process by right click on the process.
P-17
Entrance Choose Administration > NE Communicate Parameter > Default Access Protocol Parameters from the main menu. In the Default Access Protocol Parameters tab, click the SNMP version tab to switch to the page for configuring protocol parameters. Configure the NE SNMP parameter template as follows: Add a parameter template. Click Add. After setting all the parameters in the parameter setting area at the bottom of the window, click OK. Modify a parameter template. Double-click the template to be modified in the parameter template list. Modify the related parameters in the Common parameters area. Then, click Apply. Delete a parameter template. Select the template to be deleted in the parameter template list and then click Delete. In the Confirm dialog box, click Yes. Note: After configure the template, you can select and apply them when creating or discovering the NEs.
18
For U2000 SBI, we need to configure on U2000 and configure SNMP parameters in the managed equipment, such as DSLAM and Router. If the parameters are the same. The SNMP interface will work normal.
P-19
Pre-configuration Tasks Before Configuring, complete the following tasks: Assigning an IP address to the router Configuring the routing protocol to make the router and the NM Station accessible snmp-agent The SNMP agent function is enabled. snmp-agent sys-info version all The SNMP version is configured. By default, only SNMPv3 is configured. snmp-agent mib-view { excluded | included } view-name oid-tree A MIB view is created. snmp-agent community { read | write } community-name mib-view view-name MIB-view-based access control is configured. snmp-agent trap enable [ Trap-type [ Trap-list ] ] The router is enabled to send alarms. In the VRP system, alarms generated by the interface-name-change, port and standard are enabled through the snmp-agent trap enable command. snmp-agent target-host trap address udp-domain ip-address [ udp-port portnumber | vpn-instance vpn-intance-name ] params securityname security-string [ v1 | v2c | v3 [ authentication | privacy ]] The destination host of trap messages is configured. Note: At present, the VRP does not support the configuration of sending trap messages to the IPv6-based VPN. snmp-agent trap source interface-type interface-number The source interface to send Trap messages is configured. Note: The source interface to send trap messages configured on the router must be the same as that configured on the NM Station; otherwise, the NM Station discards trap messages because of unmatched addresses.
P-20
P-21
P-22
For more detailed steps, please refer Northbound SNMP Interface User Guide (U2000 V100R002C01)
P-23
P-24
P-25
Performance indexes of the SNMP alarm NBI Item Maximum concurrent NMS connections Alarm Forwarding capacity Alarm forwarding delay SNMP request response delay Index 10 Not less than 60 alarms per second (three NMSs connected) Less than 10 seconds (three NMSs connected) Less than 5 seconds (CPU usage is less than 50%)
P-26
iManager U2000 Security and Data Management
P-0
P-1
P-2
P-3
P-4
security management strategy: The security management function provides the rolebased and domain-based management for the U2000 and NEs. With this function, the U2000 can also monitor in real time the users that already log in to the U2000 and NEs. In this way, the network and data security ensures that login failures or illegal operations are captured.
P-5
After installing U2000 on Solaris platform, there will be three system users: root, sybase, nmsuser. Usually we use nmsuser to log in the JDE and start U2000 server. root: this user is the super user of the OS and it has the highest authority in the system. The root user is used to create other users with relevant authorities. The default password of root is rootkit. sybase: this user is the database operation user. It is responsible for setting Sybase environment variables, installing, maintaining and managing the Sybase database, As the owner of the directory /opt/sybase, the sybase user can manage the Sybase database, for example, configuring Sybase environment variables and starting/stopping the Sybase service. nmsuser: During the U2000 installation, the software creates a nmsuser user of the operating system automatically. The nmsuser user is responsible for setting environment variables of the U2000 server and starting the U2000 server. The nmsuser user has all the rights of its home directory. The file .profile in this directory records environment variables for the U2000 running. After database initialization, there are two default users: sa and NMSuser. sa is the super user of the database. The default password is changeme. NMSuser is the database user which is used for U2000 to login database. The default password is NMSuser NM User: The one to login U2000 Server. NE User: The one to login NEs by U2000 or other software.
P-6
The logs include the U2000 security log, the U2000 operation log, the system logs and the NE log. The logs record operations performed by operators to the U2000 or an NE. Security logs record the security operations that the user performs in the U2000, for example, login, logout, locking, and unlocking. By viewing the logs, an administrator can track and check the security operations of the users. Operation logs record the information about the non-security operations that the user performs in the U2000, for example, creating subnets, and muting and unmuting the alarm sound. By viewing the logs, an administrator can track and check the user operations. System logs record the operations or tasks that the U2000 performs automatically, for example, scheduled tasks and system tasks. The NE syslog running logs record the running information of U2000 NEs. By obtaining all NE syslog running logs from NEs through the U2000, you can view the NE syslog running logs managed by the U2000 through the U2000, instead of viewing the NE syslog running logs on each NE.
P-7
Procedure: Choose Administration > Log Management > Query Operation Logs. You can also select Query System Logs or Query Security Logs to browse system or security logs. In the Filter window as follows, set the filtering conditions, and then click OK.
Right-click in the query window and perform the operations listed in the picture.
P-8
Procedure: Choose Administration > Log Management > Operation Log Statistics from the main menu. You can also select System Log Statistics or Security Log Statistics items. In the Statistic Filter window, set the statistical items and statistical conditions, and then click OK.
P-9
Dump log can avoid that the logs reach the maximum storage capacity of the database and that the system performance is degraded. There are three types of dump: scheduled dump, manual dump and overflow dump. Setting the log timing dump: Choose Administration > Task Schedule > Task Management from the main menu. In the Task Management window, select Database Capacity Management in the navigation tree. Double-click the Operation Log Dump task in the task list. You can configure the timing dump parameters as follows and the presentation. The file type support CSV and XML.
P-10
In the network planning, you can configure and plan the data transmission according to certain network security isolation policy. In this way, you can ensure the security and reliability of the network and data of the U2000 system, and avoid illegal login and data loss or theft.
P-11
After the SSL(Security Socket Layer) protocol is enabled, the communication between the client and server is encrypted and secured. This can avoid hacker attacks. Procedure: Run ssl_adm cmd query command in U2000\server\bin to query data transmission modes in the server. You must run ssl_adm -cmd query command as the nmsuser user in the OS of Solaris and SUSE Linux. Stop U2000 server if it is running. Run ssl_adm cmd setmode ssl to enable SSL mode. Start U2000 server. On the computer of the U2000 client, double-click the U2000 Client icon on the desktop Enter the User Name, Password The server mode of the user need to be set to SSL Value Description Normal SSL Both Indicates that the connection between the U2000 and client is not encrypted. Indicates that the connection between the U2000 and client is encrypted. Indicates that both the situations when the connection between the U2000 and client is encrypted or is not encrypted are supported.
P-12
The ACL (Access Control List) is a secure access control mechanism. It restricts a user to log in to the server through only the clients with the specified IP addresses.
Procedure: Choose Administration > NMS Security > ACL from the Main Menu. The ACL dialog box is displayed Click Add and the New System Access Control Item box is displayed Set parameters of the IP address or network segment, and click OK Click Close to close the System ACL dialog box
P-13
Procedure: Choose Administration > NMS Security > NMS User Management from the Main Menu. In the NMS User Management area, double-click Users and select a desired user. In the right-hand pane, click the ACL Settings tab. Select Use all the ACLs in the system or Use the specified ACLs according to requirements. Click Set ACL and the ACL dialog box is displayed.
NOTES: If you select Use System ACL, the U2000 user can log in to the clients corresponding to all IP addresses or network segments in the list by default. If you select Use User ACL, you need to select an IP address or network segment of the client that the U2000 user can log in.
P-14
Procedure: Click Add and the New System Access Control Item dialog box is displayed. Set parameters of the IP address or network segment, and click OK. Click Close to close the Set ACL dialog box.
P-15
Procedure: Optional: If Use the specified ACLs is selected, you need to check the Access Permitted check box corresponding to the IP address or network segment. Click Apply.
P-16
P-17
Procedure: Choose Administration > NMS Security > Security Policies from the Main Menu. The Security Policy dialog box is displayed In the Security Policy dialog box, click the Password Policy tab. Set the basic and advanced parameters of the password policy as required. Click OK. In the Security Policy dialog box, click the Account Policy tab. Set the account policy as required. Click OK.
P-18
Procedure: Log in the Msuite system. In the main menu ,select System > Change Password.
P-19
The U2000 remote maintenance function allows login to the U2000 server from a remote client. Strict management for the remote maintenance user not only ensures U2000 system security, but also makes maintenance operations easier. Procedure: Choose Administration > NMS Security > Remote Maintenance User Management from the Main Menu. The Remote Maintenance User Management dialog box is displayed. Enable the remote maintenance user and set its other parameters Set the Operation Authority. You can select Query or Configuration as needed Set Valid Forever or Not to No Set Validity Period Click OK
P-20
By DCN or other types, you can access the U2000 server by remote maintenance user. Then maintenance command can be done by this function. Remote maintenance client login procedure. On the Windows platform, click startup_cmdclient_global.bat under the \U2000\client directory; Input the user and password, then the windows display as the slide; Double click the NE, and input the command.
P-21
User: The user name and password of a U2000 user identifies the U2000 management rights entitled to the user. When a user is added to a user group, the user has all the operation rights of this user group. The U2000 provides a default user: admin. It is the super user of the system and has a higher authority than the system administrator group. You can neither modify the rights of the user admin, nor add user admin to other user groups. Procedure: Choose Administration > NMS Security > NMS User Management from the Main Menu In the NMS User Management area, double-click Users, right-click and choose New User from the shortcut menu Complete the information in the New User dialog box For network maintenance purposes, you can create U2000 users and assign different authorities to them. Apart from user admin, all the users to operate the U2000 need to create corresponding accounts, that is, the U2000 user accounts.
P-22
You can specify the user group of a U2000 user so that the user can have the management rights and operation rights of the user group. Usually, we assign the user with certain user authorities by adding the user to a user group rather than assigning specific authorities for the user. Procedure: Choose Administration > NMS Security > NMS User Management from the Main Menu In the NMS User Management area, double-click Users and select a desired user In the right-hand pane, click the Groups tab Optional: Select a desired user group and click Delete Click Add and the Add User Groups dialog box is displayed Select a user group that you want to add, and click OK In the right-hand pane, click the Operation Rights tab Optional: Select a desired user operation rights and click Delete Click Add and the Add Rights dialog box is displayed Select a user group that you want to add, and click OK
P-23
User Group: This is a collection of the U2000 users that have the same management rights. The default user groups are maintainer group, manager group, monitor group, operator group and security manager. The attributes of the user groups include name, description, member and authority. Procedure: Choose Administration > NMS Security > NMS User Management from the Main Menu. In the NMS User Management area, double-click User Group, right-click and choose New User Group from the shortcut menu. In the New User Group dialog box that is displayed, input the information of a new user group. Click OK.
P-24
The principle of assigning user authorities is as follows: After creating a U2000 user, you assign the user with certain user authorities by adding the user to a user group rather than assigning specific authorities for the user. If the user authorities are limited, and the user cannot perform certain operations after the user is added to a default user group, you can create user group. After adding authorities to this user group, you can assign the user to this new user group. In practice, you may need to add or delete specific authorities for a user without creating new user groups. In this case, follow the rules below. To modify specific authorities for a number of NEs, do not directly select these NEs. Creating an Object Set for the NEs that require more authorities, and assign authorities for the equipment set. To assign a number of operation authorities to a user, do not directly select all these operation authorities. Creating an Operation Set for these operations and assign the operation set to the user. If you want to add one or more authorities to a user, you can select the user that you want to set the authority directly. Select the Operation Rights tab, and click select to add the corresponding operation authorities to the user.
P-25
Operation Set: This is a collection of client-side operations. Operation sets are established to facilitate the user right management. Different client-side operations have different impacts on the system security. Those operations that impose similar impacts on the system security are allocated to the same operation set. In this way, if a user (or user group) is authorized with the rights of an operation set, the user (or user group) can perform all the operations in the operation set. If the default operation sets do not meet the requirements for the right allocation, you can create new operation sets as required. Procedure: Choose Administration > NMS Security > NMS User Management from the Main Menu. In the NMS User Management area, right-click Operation Set and choose New Operation Set from the shortcut menu. In the New Operation Set dialog box displayed, input the information of a new operation set. Click the Members tab. Check the Select button (display in the slide) or Copy member from operation button to add members to the operation set. Click OK. U2000 supports modifying an operation set, deleting an operation set, exporting or importing operation sets.
P-26
Object Set: It is a collection of manageable devices and device services. By default, the U2000 provides All Objects. If a user or user group can manage an object set, it indicates that the user or user group can manage all the objects in the object set. The administrator can create an object set, add objects that can be managed in a centralized manner to the object set, and specify a user or user group to manage the objects in the object set. In this way, the management cost of the administrator can be reduced. Procedure: Choose Administration > NMS Security > NMS User Management from the Main Menu In the NMS User Management area, click Object Set, right-click and choose New Object Set from the shortcut menu In the New Object Set dialog box that is displayed, input the information of a new equipment set
Click the Members tab. Check the Select button (display in the slide) or Copy members from object button to add device to the object set.
Click OK. U2000 supports modifying an object set, deleting an object set.
P-27
Procedure Choose Administration > NMS Security > NMS User Management from the Main Menu In the NMS User Management area, double-click User Groups, and select a U2000 user group In the right-hand pane, click the Operation Rights tab Optional: Select one or more desired operation authorities and click Delete Click Select and the Select Operation Rights dialog box is displayed Select the operation and operation set Click OK
P-28
Procedure: Choose Administration > NMS Security > NMS User Management from the main menu In the NMS User Management navigation tree, expand the User Groups node, and then select a user group Click the Domain tab to view the managed domain of the user group Click Select button. In the Select Domain dialog box, select the devices and object sets. Click OK
P-29
P-30
You can back up and restore the U2000 data in two ways: Back up and restore all data in U2000 databases, and back up and restore the U2000 network configuration data by using scripts. The following data is not backed up when you back up the U2000 database: The data save at the NE side that cannot be uploaded. The custom options of the system. Comparison of Two Data Maintenance Methods Method
Backing up and restoring all data in the U2000 databases
Characteristics
1. Backs up the structure and contents of the U2000 database. The data is in the binary mode. 2. Backs up all data. 3. The processing speed is fast, and the backup file is big. 1. Exports the configuration data in the U2000 to a txt file that is similar to the MML format. This is done to save data. You can directly understand the configuration contents of the txt file. 2. Backs up only some of the data, including the basic configuration data, port naming data and user-defined data. 3. The processing speed is slow and the backup file is very small.
Application Scenario
The backed up data for a certain type of database cannot be restored to the data for a different type of database. This method is usually used to upgrade the U2000.
Backing up and restoring the U2000 network configuration data by using the script files
P-31
Databases used by U2000 NMS and LCT Sybase 15 database (Solaris OS) a relationship database which uses tables to store data MS SQL Server database (Windows OS) the function is similar to Sybase, which supports graphic user interface. MS SQL Server 2000 is used by U2000. Sybase database server All the operations about backup and restoration are implemented via backup server Precondition: backup server and master server must be installed in the same computer Procedure: sends out backup or restore commands by SQL language, the backup server executes data input or output of disk after receiving the commands
P-32
Back up is a method used to store important data to prevent the damage of the original data. You can back up network configuration data, alarm data and performance data. Dump is a method used to store the log information in databases as operating system files in text format, to clear database space. The dumped objects are various types of logs, including alarm events, abnormal events, operation logs and different types of performance events.
P-33
Procedure : Choose Administration > Back Up/Restore NMS Data > Database Backup from the Main Menu Set a backup directory for the server, and click Backup. The U2000 starts to back up the database. A progress bar is displayed showing the status of the operation. Notes: The default directory for database backup is as below: On the UNIX platform, /U2000/server/var/backup On the Windows platform, d:\U2000\server\var\backup
P-34
Procedure: 1. Login to the U2000 client. 2. Choose Administration > Task Schedule > Task Management from the main menu. 3. Click New. The New Task dialog box is displayed. 4. Select DB Backup as the task type and enter a name for the scheduled task. Select Period as the run type. Then click Next. 5. In Time Setting, set the planed start time of the task. In Period Setting, set the planed period and execution times of the task. Then, click Next. 6. Select Back up the data to the local server and enter a backup path on the local server. Then click Finish. The created scheduled task is displayed in the Task Management window.
It supports backing up the U2000 data to a remote server.
P-35
Procedure for backup: 1. Start the NMS Maintenance Suite In Solaris and Linux, run the following commands: # cd /opt/HWENGR/engineering # ./startclient.sh In Windows, access the C:\HWENGR\engineering path, and then run the startclient.bat file. 2. Log in to the MSuite. The default user name and password are both admin. 3. Select Back Up and Restore -> Back Up System Data. Procedure for Restore: 1. Shut down U2000 client and server. 2. Start the U2000 MSuite, login MSuite client. 3. On the NMS maintenance tool client, choose Backup and Restore > Restore System Data. 4. Select the backup file and click Next. 5. The system starts the restoration preprocessing and data restoration, and displays the restoration progress in a progress bar. Wait patiently. 6. After the backup is complete, click Finish. 7. Start U2000 server and client. Prerequisite for backup: On UNIX and Linux, the current user is root and the Sybase database must be started. On Windows, the current user must have the administrator authority of the operating system. The MS SQL database server must also be started.
P-36
Procedure for backup: 4. Select Data Backup Binary Mode (Recommended). Then click Next. 5. Select Back up the data to the local server. 6. Set the backup path on the local server. Then click Next. 7. The system starts the backup preprocessing and data backup process. A progress bar is displayed to show the backup progress. Wait patiently. 8. After the backup is complete, click Finish. Backing Up U2000 Data to a Remote Server by FTP mode.
P-37
Procedure for Initialization: 1. Start the U2000 MSuite 2. Log in to the client. The default user name and password are both admin. 3. Choose System > Initialize NMS from the main menu. . 4. Click Next. 5. The system starts initializing the database and displays the initialization progress in a progress bar. Wait patiently. 6. After the initialization is complete, click Finish
Prerequisite for database initialization: The U2000 server application is stopped. On UNIX and Linux, the current user is root and the Sybase database must be started. On Windows, the current user must have the administrator authority of the operating system. The MS SQL database server must also be started.
P-38
This method is usually used to upgrade the U2000 and to back up and restore the basic configuration data for a single NE. This method also restores the user-defined data. The new U2000 version is compatible with the scripts of the old version. Procedure: Choose Administration > Back Up/ Restore NMS Data > Import/Export Script File from the Main Menu Select a file format. Then select a script file type from the Script File Type field Select the NE for which you want to export script files from the Export NE List Click Create File Directory to create a directory where the exported script files are to be saved Enter the directory name and click OK Select a directory and click Apply In the Confirm dialog box, click OK. A progress bar appears showing the status of the export NOTES: The script file is saved on the U2000 server. On Windows, the backup directory is \U2000\server\script; on UNIX, the backup directory is /opt/U2000/server/script. You can create a new directory under it.
P-39
Procedure: Choose Administration > Back Up/ Restore NMS Data > Import/Export Script File from the Main Menu. Click the Import option button. Select the file format and select the script file type from the Script File Type field. In the Operation Directory List, select the directory where the script file is to be imported is located. Select the script file to import from the Import File List. Click Apply. The system prompts you twice that the import of the configuration script will result in data inconsistency between the U2000 and the NE. Click OK. A progress bar appears showing the status of the import. NOTES: Before importing the script file, it is better to back up the U2000 database.
P-40
Procedure: Choose Administration > Task Schedule > Task Management from the main menu. In the Task Management window, select Database Capacity Management, Manual Dump or Overflow Dump in the navigation tree. Double-click the task in the task list. You can configure the dump parameters as the presentation. The file type support CSV and XML. overflow dump :It is performed when the logs in the databases reach the maximum storage capacity. You can specify the number of logs to dump. Maximum Capacity : The maximum piece of data that can be saved when the U2000 server works normally. If exceeded, the overflow occurs scheduled dump : It is the alternative method of overflow dump, is optional. You can set whether to create a scheduled task, and if you create a scheduled task you can specify the schedule time and duration. Overflow dump and periodic dump can work together. In this case, the U2000 dumps the data or log according to the settings of overflow dump and periodic dump. During the routine maintenance of the U2000, you can clear the unwanted log data to save spaces for the computer. Notes: Clearing the U2000 log data will directly delete the log data from the database. This affects the fault location in future. You are recommended to clear the database space by dumping.
P-41
P-42
iManager U2000 Security and Data Management Practice Guide ISSUE 1.00
iManager U2000 Security Management Practice Guide
and
Data
Table of Contents
Task 1 Starting and Shutting Down U2000 .............................................................................................. 1 1.1 Starting U2000 ....................................................................................................................... 1 1.1.1 1.1.2 1.2 On the UNIX Platform............................................................................................ 1 On the Windows Platform ...................................................................................... 2
Shutting Down U2000 ........................................................................................................... 4 1.2.1 1.2.2 On the UNIX Platform............................................................................................ 4 On the Windows Platform ...................................................................................... 4
Task 2 Starting and Shutting Down U2000 (Solaris HA System) Optional .................................... 5 1.1 1.2 Starting U2000 ....................................................................................................................... 5 Shutting Down U2000 ........................................................................................................... 7
Task 3 Security Management .................................................................................................................... 9 1.1 1.2 1.3 1.4 1.5 Changing the Password of NMSuser (DB user) ................................................................. 9 Setting SSL Protocol Communication between Server and Client ................................... 9 Setting the System ACL of U2000 Client .......................................................................... 10 Modifying the U2000 User Validity ................................................................................... 11 Creating a U2000 User ........................................................................................................ 12
Task 4 DCN Management....................................................................................................................... 16 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 Modifying GNE Parameters............................................................................................... 16 Changing the GNE of the NEs ........................................................................................... 16 Configuring Standby GNEs for the NEs ........................................................................... 17 Changing a GNE to a Normal NE...................................................................................... 17 Changing a Normal NE to a GNE...................................................................................... 17 Checking GNE Switching Status ....................................................................................... 18 Testing the Communication between the U2000 and the GNE ....................................... 18 Checking the Network Communication Status ................................................................ 18 1.8.1
i
Check the communication status between the U2000 and a non-gateway NE........ 18
Confidential Information of Huawei. No Spreading without Permission
and
Data
1.8.2
Check the communication status between the U2000 and the GNE. ...................... 19
Task 5 Database Management ................................................................................................................ 20 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 Manually Backing Up the U2000 Database ...................................................................... 20 Automatically Backing Up the U2000 Database............................................................... 21 Manually Backing Up the U2000 Data by Script ............................................................. 21 Initializing the U2000 Database (HA System) (Optional) ................................................ 22 Initializing the U2000 Database ......................................................................................... 22 Restoring the U2000 Database (HA System) (Optional) .................................................. 22 Restoring the U2000 Database ........................................................................................... 23 Restoring the U2000 Data by Script .................................................................................. 23 Viewing the Status of the Databases .................................................................................. 24
Task 6 Log Management......................................................................................................................... 25 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 Browsing Security Logs ...................................................................................................... 25 Period dump of security logs .............................................................................................. 25 Setting the Overflow Dump for Security Logs ................................................................. 27 Dumping Security Logs Manually ..................................................................................... 28 Browsing Operation Logs ................................................................................................... 30 Period dump of operation logs ........................................................................................... 30 Setting the Overflow Dump for Operation Logs .............................................................. 31 Dumping Operation Logs Manually.................................................................................. 31 Browsing System Logs ........................................................................................................ 31
1.10 Period dump of System logs ............................................................................................... 32 1.11 Setting the System Dump for Operation Logs .................................................................. 32 1.12 Dumping System Logs Manually ....................................................................................... 33 Task 7 File System and Disk Management ............................................................................................. 34 1.1 Checking the Disk Status of the U2000 Server ................................................................. 34 1.1.1 1.1.2 On the UNIX Platform.......................................................................................... 34 On the Windows Platform .................................................................................... 34
Confidential Information of Huawei.
No Spreading without Permission
ii
and
Data
1.2
Checking the Disk Space of the U2000 Server .................................................................. 34 1.2.1 1.2.2 On the UNIX Platform.......................................................................................... 34 On the Windows Platform .................................................................................... 35
1.3
Clearing Disk Space of the U2000 Server ......................................................................... 35 1.3.1 1.3.2 On the UNIX Platform.......................................................................................... 35 On the Windows Platform .................................................................................... 35
1.4
Clearing Disk Space of the U2000 Client .......................................................................... 36 1.4.1 On the Windows Platform .................................................................................... 36
Task 10 MSUITE Operation (Optional) ................................................................................................. 37 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 Logging in the MSUITE ..................................................................................................... 37 Refreshing the Information of the Network Management System ................................. 38 Synchronizing the Information of Network Management System ................................. 38 Adding component .............................................................................................................. 39 Deleting component............................................................................................................. 40 Adding the Instance ............................................................................................................ 40 Modifying the Instance Information ................................................................................. 41 Deleting the Instance ........................................................................................................... 41 Configuring the CORBA Interface Instance (Optional) .................................................. 42
1.10 Exiting the MSUITE Client ................................................................................................ 42
iii
and
Data
Task 1 Starting and Shutting Down U2000

1.1 Starting U2000
iManager U2000 (U2000 for short as below) includes three parts:
Database
U2000 Server
U2000 Client
So to start U2000, there are three steps: 1) 2) 3) Starting the database; Starting the U2000 Server; Starting the U2000 Client.
U2000 can be installed on the UNIX/Linux and Windows platforms, and it provides the same functions and shares the same operations on these platforms.
1.1.1 On the UNIX Platform

The database always starts with the Operating System (OS), and you can check in by inputting the commands on the terminal window: (Here we use nmsuser user) $cd /opt/sybase/ASE-15_0/install $ ./showserver If it replies at least two processes as below, it means sybase has started correctly. /opt/sybase/ASE-15_0/bin/dataserver sDBSVR d/opt/sybase/data/lv_master /opt/sybase/ASE-15_0/bin/backupserver SDBSVR_back e/opt/sybase/ASE-15_0/ And then start the U2000 Server and the U2000 Client as follows:
Step Action
Starting the U2000 Server Method 1: U2000 server will automatically start with OS; 1 Method 2: Enter the following commands in the terminal window. $cd /opt/U2000/server/bin
Confidential Information of Huawei. No Spreading without Permission 1
and
Data
Step
Action
$ ./startnms.sh Starting the U2000 System Monitor Method 1: Double-click the "U2000 System Monitor " icon on the desktop; 2 Method 2: Enter the following commands in the terminal window. $cd /opt/U2000/client $ ./startup_sysmonitor_global.sh Enter the user, password and server. For example, User: admin Password: XXXXX (The initial password of the admin user is null. When you log in
to the system for the first time, the system requires you to change the password.)
Server: Local Click <Login>
Notes:
4
Wait a few minutes until the NE Manager, Security Process, Topology Processr, etc. processes of Automatic start mode are all in "Running" status. Then the U2000 server starts successfully. Starting the U2000 Client
Method 1: Double-click the "U2000Client" icon on the desktop.
Method 2: Enter the following commands on the terminal window: $cd /opt/U2000/client $./startup_all_global.sh Enter the user name, password and server. For example: User: admin Password: XXXXX (The same password as you login system monitor) Server: <Local>
Notes: If the UU2000 Server and the U2000 Client are on different computers, click icon to edit the IP Address and port where the U2000 Server is installed.
7 Click <Login> to display the U2000 workbench.
1.1.2 On the Windows Platform

Normally the database will start automatically when the OS starts. In the Notification Area (window bottom right) there is the icon for MS SQL Server Service Manager.
2 Confidential Information of Huawei. No Spreading without Permission
and
Data
Double-click the icon to see the status. If it is not in running status, then click Start. And then start the U2000 Server and U2000 Client as follow:
Step Action
Starting the U2000 Server 1 Method 1: Double-click the "U2000Server" icon on the desktop; Method 2: In the directory C:\U2000\server\bin, double-click startnms.bat. Starting the U2000 System Monitor Method 1: Double-click the "U2000 System Monitor " icon on the desktop; 2 Method 2: In the directory C:\U2000\client, double-click startup_sysmonitor_global.bat. Enter the user, password and server. For example, User: admin Password: XXXXX (The initial password of the admin user is null. When you log in
to the system for the first time, the system requires you to change the password.)
Server: Local Click <Login>
Notes:
4
Wait a few minutes until the NE Manager, Security Process, Topology Processr, etc. processes of Automatic start mode are all in "Running" status. Then the U2000 server starts successfully. Start the U2000 Client
Method 1: On the computer of the U2000 client, double-click the "U2000 Client"
icon on the desktop. Method 2: In the directory C:\U2000\client, double click startup_all_global.bat. Enter the user name, password and server. For example: User: admin Password: XXXXX(The same password as you login system monitor) Server: <Local>
Notes: If the U2000 Server and the U2000 Client are on different computers, click to edit the IP Address and port where the U2000 Server is installed.
7 Click <Login> to display the U2000 workbench.
icon
and
Data
1.2
Shutting Down U2000
To shut down U2000, there are two steps: Shutting down the U2000 Client; Shutting down the U2000 Server;

Step Action
Shutting down the U2000 client: 1 Select [File/Exit] on the main menu. 2 3 Click <OK> on the Logout Confirmation dialogue box. If the topology has changed, please save it to the database, click <OK>. Shutting down the U2000 server by command $cd /opt/U2000/server/bin 4 $ ./stopnms.sh Shutting down the U2000 server from System Monitor Client. Select [Administration/ShutDown NMS] from the menu.

Step Action
Shutting down the U2000 client: 1 Select [File/Exit] on the main menu. 2 3 Click <OK> on the Logout Confirmation dialogue box. If the topology has changed, please save it to the database, click <OK>. Shutting down the U2000 server by command
In the directory C:\U2000\server\bin, double-click stopnms.bat. Shutting down the U2000 server from System Monitor Client.
Select [Administration/ShutDown NMS] from the menu.
and
Data
Task 2 Starting and Shutting Down U2000 (Solaris HA System) Optional

1.1 Starting U2000
iManager U2000 (U2000 for short as below) includes three parts:
OS/Veritas
U2000 Server
U2000 Client
So to start U2000, there are three main steps: 1) 2) 3) Starting the OS and Veritas software; Starting the U2000 Server; Starting the U2000 Client.
You should start the OS of both the active and standby servers and the software such as VxVM, VVR and VCS. Normally, the U2000 is not started automatically with the VCS. You need to start the U2000 applications manually. Caution: Start the U2000 server only on the primary node.
Step Action
Turn on the power supply of the active server. Login the Solaris as root user and the default password for root user is rootkit. The OS is automatically started and at the same time, VxVM, VVR and VCS are all started automatically along with the OS. Turn on the power supply of the standby server. Login the Solaris as root user and the default password for root user is rootkit. The OS is automatically started and at the same time, VxVM, VVR and VCS are all started automatically along with the OS. Run the following command to log in to the VCS interface on primary node. # hagui &
and
Data
Step
Action
Select [File/New Cluster...], and input [Primary] in the Host name column, then click <OK>; Here Primary is the hostname of the primary workstation. You can also enter the IP address of
the Heartbeat network service of the primary site
Input user name [admin] and password [password], then click <OK>;
Right-click AppService in the Object Tree and choose Online > Primary to start the U2000 on 6 the primary node.
and
Data
Step
Action
7 8 9
If the status of all resources in the AppService group is Online on Primary, the AppService is normally started. On the U2000 client computer, double-click the U2000 Client icon on the desktop. Enter the User Name and Password of the U2000 client. For example, the default super user name: admin; password: admin.
1.2
Shutting Down U2000
To shut down U2000, there are four steps: Shutting down the U2000 Client; Offline the U2000 server; Disable VCS service; Shutting down the workstation.
and
Data
Step
Action
Choose File > Exit from the Main Menu of U2000 client. 1 In the Confirm dialog box displayed, click OK to log out of the client. Log in to the VCS interface on active server. 2 Right-click AppService in the Object Tree and choose Offline > Primary to shut down the U2000 on the active node. Log in to the active server as the root user and run the following commands to stop the VCS service: 3 # cd /opt/VRTSvcs/bin # hastop -all force To check whether the VCS service is disabled normally, run the following command: 4 # ps -ef | grep had If information about "had" and "hadshadow" is not detected, it indicates that the VCS service is disabled normally. Log in to the server of the standby site as the root user and perform the 5 preceding two steps to stop the VCS service on the server of the standby site. Run the following command on both the primary and secondary nodes to keep 6 the data in the disk synchronous with the data stored in the memory: # sync; sync; sync; sync; sync Run the following command at both the primary and secondary nodes to shut 7 down the workstation: # shutdown -y -g0 -i5
and
Data
Task 3 Security Management

1.1
Step
Changing the Password of NMSuser (DB user)

Action
Stop U2000 Server if U2000 server is online. On the NMS Maintenance Suite client, choose Deploy > Change Database
User Password. The Change Database User Password dialog box is displayed.
3 4
Enter the old password and new password. Click OK. The password is changed. After the preceding operations are performed, to restart the NMS Maintenance Suite server, run the following commands:
# cd /opt/HWENGR/engineering # ./stopserver.sh # ./startserver.sh
1.2
Step
Setting SSL Protocol Communication between Server and Client

Action
Stop U2000 Server if U2000 server is online.

Run the ssl_adm -cmd query command to query data transmission modes in the server.
The path of ssl_adm.bat or ssl_adm.sh is U2000/server/bin. Note: You must run ssl_adm -cmd query command as the nmsuser user in the OS of Solaris and SUSE Linux
and
Data
Step U2000 server and client.
Action Run the ssl_adm -cmd setmode both command to change the SSL mode between
The new communication mode takes effect after you restart the U2000. Note:
Value Normal Description Indicates that the connection between the U2000 Server and Client is not encrypted. SSL Indicates that the connection between the U2000 Server and Client is encrypted. Both Indicates that both the situations when the connection between the U2000 Server and Client is encrypted or is not encrypted are supported.
1.3
Step
Setting the System ACL of U2000 Client

Action
Choose Administration > NMS Security > NMS User Management from the 1 main menu. 2 3 In the NMS User Management navigation tree, expand the User node, and then select a user.
Click the ACL tab.
Click Set ACL, then click Add and the Add dialog box is displayed.
10
and
Data
Step
Action
Set parameters of the IP address or network segment, and click OK. Click Close to close the ACL dialog box. NOTE: If you select Use all the ACLs in the system, you can not specify the ACLs for the user. If you select Use the specified ACLs, you can select some permitted access IP address for the user.
1.4
Step
Modifying the U2000 User Validity

Action
Choose Administration > NMS Security > NMS User Management from the main 1 menu. 2 3 In the NMS User Management navigation tree, expand the User node, and then select a user. Click the Details tab. Modify the following user validity parameters: User account is disabled and Password validity period(days).
Click Apply.
11
and
Data
1.5
Step
Creating a U2000 User

Action
Choose Administration > NMS Security > NMS User Management from the main menu. Create the U2000 user NM_user1. 1. In the NMS User Management area, double-click User, right-click and choose New User from the shortcut menu. 2. In the New User dialog box, complete the following information: Name: NM_user1 Password: User1368 Confirm Password: User1368
Assign user group to the user NM_user1. 1. Click User Groups tab. Then click add. 2. Select Maintenance Group as the following window.
12
and
Data
3. Click OK. 4 Assign management domain to the user NM_user1. 1. Click Domain tab. Then click Select. 2. Select the devices and object sets as the following window.
13
and
Data
3. Click OK. Assign operation rights to the user NM_user1. 1. Click the Operation Rights tab and click Select. 2. In the Select Operation Rights dialog box, select the additional operation rights for the user as following.
3. Click OK. The added authorities are displayed in the Operation Rights list. 6
14
Set the IP address range of clients from which NM_user1 is allowed to log in.
and
Data
1. Click the ACL tab. 2. Click Use the specified ACLs. 3. Click Set ACL and the ACL dialog box is displayed. 4. Click Add and the New System Access Control Item dialog box is displayed.. 5. Click Start IP address - end IP address and set the following parameters: Start IP Address: 192.168.0.1 End IP Address: 192.168.0.168
6. Click OK to close the dialog box. 7. Click Close to close the ACL dialog box. 8. For the specified IP address range, check the Access Permitted check box and click Apply.
15
and
Data
Task 4 DCN Management

1.1
Step
Modifying GNE Parameters

Action
Choose Administration > DCN Management from the Main Menu. Click OK in the Filter NE window. Then click Close in the Operation Result dialog box. Click the GNE tab. Select the GNE to be modified, right-click and choose Modify GNE from the shortcut menu. In the Modify GNE dialog box displayed, set Gateway Type.
Click OK. In the Warning dialog box that is displayed, click Close.
1.2
Step
Changing the GNE of the NEs

Action
1 2 3 4
Choose Administration > DCN Management from the Main Menu. Click OK in the Filter NE window. Then click Close in the Operation Result dialog box. Click the NE tab. Select an NE. Double-click the Primary GNE1 field and select a GNE from the drop-down list. Click Apply. Click Close in the Operation Result dialog box.
16
and
Data
Click Refresh.
1.3
Step
Configuring Standby GNEs for the NEs

Action
Choose Administration > DCN Management from the Main Menu. Click the NE tab. Select an NE. Double-click GNE2 and select a GNE from the drop-down list.
Click Apply. Click Close in the Operation Result dialog box.
1.4
Step
Changing a GNE to a Normal NE

Action
Choose Administration > DCN Management from the Main Menu. Click the GNE tab. Right-click the GNE that you want to change and choose Delete GNE from the shortcut menu. Click OK in the Confirm and Reconfirm dialog box. Click Close in the Operation Result dialog box.
1.5
Step
Changing a Normal NE to a GNE

Action
Choose Administration > DCN Management from the Main Menu. Click the NE tab.
and
Data
Right-click a normal NE and choose Change to GNE from the shortcut menu. In the Change to GNE dialog box, select the Gateway Type, and enter the IP Address.
Click OK. Click Close in the Operation Result dialog box.
1.6
Step
Checking GNE Switching Status

Action
1 2 3
Choose Administration > DCN Management from the Main Menu. Click the NE tab. Click Refresh to query the GNE switching status.
1.7
Step
Testing the Communication between the U2000 and the GNE

Action
1 2 3
Choose Administration > DCN Management from the Main Menu. Click the GNE tab. Right-click the GNE to be tested and choose Test GNE from the shortcut menu. Click Close in the Operation Result dialog box.
1.8
1.8.1
Checking the Network Communication Status

Check the communication status between the U2000 and a non-gateway NE.
Step
Action
1 2 3
18
Choose Administration > DCN Management from the Main Menu. Click the NE tab. Click Refresh to view the communication status of all NEs. Select an NE. Right-click in the Communication Status column and choose Test
and
Data
NE from the shortcut menu. 4 The Operation Result dialog box is displayed indicating the test result of the non gateway NE. Check the communication status between the U2000 and the GNE.
1.8.2
Step
Action
1 2 3 4
Choose Administration > DCN Management from the Main Menu. Click the GNE tab. Click Refresh to view the communication status of the GNE. Right-click an NE and choose Test GNE from the shortcut menu. The Operation Result dialog box is displayed indicating the test result of the GNE.
19
and
Data
Task 5 Database Management

1.1 Manually Backing Up the U2000 Database
Method 1: By U2000 Client

Step Action
1 2
Choose Administration >Back Up/Restore NMS Data > Database Backup from the Main Menu. Set a backup directory for the server, and click Backup. The U2000 starts to back up the database. A progress bar is displayed showing the status of the operation.
Method 2: By Maintenance SUITE

Step Log in to the U2000 MSuite. In Solaris and Linux, run the following commands: # su - nmsuser $ cd /opt/HWENGR/engineering $ ./startclient.sh The login dialog box is displayed. Action
The default user name and password are both admin. If the password has been changed, enter the changed password.
2 3 4 5 6 7
Click Back Up and Restore > Back Up System Data. Select Data Backup Binary Mode (Recommended). Then click Next. Select Backup the data to the local server. Set the backup path on the local server. Then click Next. The system starts the backup preprocessing and data backup process. A progress bar is displayed to show the backup progress. Wait patiently. After the backup is complete, click Finish.
20
and
Data
1.2
Step
Automatically Backing Up the U2000 Database

Action Log in to the U2000 client. Choose Administration > Task Schedule > Task Management from the Main Menu. On the Task Management page, Select DB Backup then click New.
1 2
4 5 6
Input DB Backup as the task name. Select Run Type as Period. Then click Next. Configure the running time and period. Then click Next. Select Back up the data to the local server and enter Backup Path on the Local Server. Then click Finish.
1.3
Step
Manually Backing Up the U2000 Data by Script

Action
1 2
Log in to the U2000 client. Choose Administration > Back Up/Restore NMS Data > Import/Export Script File from the Main Menu. Select TXT file format. Then select a script file type from the Script File Type field.
NOTE: To export the networkwide script file, select Networkwide Configuration File. Export the following files to a specified directory: NE Port Naming File, NE Configuration File, NE List File, Confidential Information of Huawei. No Spreading without Permission 21
and
Data
NM Computer Information File, Service Actualization Script, Network Layer Information File, Network Modeling and Design Information File, CEAS.
Select the NE for which you want to export script files from the Export NE List. 4
NOTE: Specify the NE only when you export the NE Configuration File, NE List File, NE Port Naming File and Networkwide Configuration File.
5 6 7 8
Click Create File Directory to create a directory where the exported script files are to be saved.
Enter the directory name and click OK. Select a directory and click Apply. In the Confirm dialog box, click OK.
1.4
Step
Initializing the U2000 Database (HA System) (Optional)

Action Stop U2000 on the active server. The current user is root user, and the Sybase database is started Log in to the U2000 MSuite on the active server. Select System > Initialize NMS from the main menu. Click Next. The system starts initializing the database and displays the initialization progress in a progress bar. Wait patiently. After the initialization is complete, click Finish.
1 2 3 4 5 6
1.5
Step
Initializing the U2000 Database

Action Stop U2000 server. The Sybase or SQL server is started Log in to the U2000 MSuite. Select System > Initialize NMS from the main menu. Click Next. The system starts initializing the database and displays the initialization progress in a progress bar. Wait patiently. After the initialization is complete, click Finish.
1 2 3 4 5 6
1.6
Step
Restoring the U2000 Database (HA System) (Optional)

Action Stop U2000 on the active server. The current user is root user, and the Sybase database is started Log in to the U2000 MSuite on the active server.
1 2
22
and
Data
3 4 5 6 7 8
Select Back Up and Restore > Restore System Data from the main menu. Select Data Restore Binary Mode(Recommended) and click Next. Select Path to the file on the local server. Enter the restoration path on the local server and click Next. The system starts the restoration preprocessing and data restoration, and displays the restoration progress in a progress bar. Wait patiently. After the restore is complete, click Finish.
1.7
Step
Restoring the U2000 Database

Action Stop U2000 server. The current user is root user, and the Sybase database is started Log in to the U2000 MSuite on the active server. Select Back Up and Restore > Restore System Data from the main menu. Select Data Restore Binary Mode(Recommended) and click Next. Select Path to the file on the local server. Enter the restoration path on the local server and click Next. The system starts the restoration preprocessing and data restoration, and displays the restoration progress in a progress bar. Wait patiently. After the restore is complete, click Finish.
1 2 3 4 5 6 7 8
1.8
Step
Restoring the U2000 Data by Script

Action
1 2
Log in to the U2000 client. Choose Administration > Back Up/Restore NMS Data > Import/Export Script File from the Main Menu.
Click the Import option button. Select the TXT file format and select Networkwide Configuration File from the Script File Type field.
NOTE: Service Actualization Script and NM Computer Information File are not supported. In the Operation Directory List, select the directory where the script file is to be imported is located.
5 6 7 8
Select the script file to import from the Import File List. Click OK. A progress bar appears showing the status of the import. In the Import Subnet List, select the subnets to be imported. All subnets are
and
Data
required to be selected. Click Apply. The system prompts you twice that the import of the configuration 9 script will result in data inconsistency between the U2000 and the NE. 10 Click OK. A progress bar appears showing the status of the import.
1.9
Step
Viewing the Status of the Databases

Action Open a terminal window in the server.
Run the following command as user sybase: (The default password of sybase user is sybase.)
$ /opt/sybase/ASE-15_0/install/showserver
if the server DBSVR and the backup server DBSVR_back are running, the status of databases is normal.
24
and
Data
Task 6 Log Management

1.1
Step
Browsing Security Logs

Action
Choose Administration > Log Management > Query Security Logs from the main menu.
Click OK in the Filter dialog box.
Choose to perform the following operations:
1 Click Refresh to refresh the security logs. 2 Click Filter. In the Filter dialog box, set the conditions to filter the security logs you browse. 3 Select the start row and the end row, and then right click to Save or Print.
1.2
Step
Period dump of security logs

Action
1 2
Choose Administration > Task Schedule > Task Management from the main menu. In the Task Type navigation tree, select Database Capacity Management > Security Log Dump.
25
and
Data
Step
Action
Select Security Log Dump, then click Attribute to set period dump.
26
and
Data
1.3
Step
Setting the Overflow Dump for Security Logs

Action
Choose Administration > Task Schedule > Task Management from the main menu. In the Task Type navigation tree, select Overflow Dump > Security Log Overflow Dump.
Select Security Log Overflow Dump, then click Attribute to set overflow dump.
27
and
Data
Step
Action
1.4
Step
Dumping Security Logs Manually

Action
1 2
Choose Administration > Task Schedule > Task Management from the main menu.
In the Task Type navigation tree, select Manual Dump > Security Log Manual Dump.
28
and
Data
Step
Action
Select Security Log Manual Dump, then click Attribute to browse manual dump settings.
29
and
Data
1.5
Step
Browsing Operation Logs

Action
Choose Administration > Log Management > Query Operation Logs from the main menu.
1 Click Refresh to refresh the operation logs. 2 Click Filter. In the Filter dialog box, set the conditions to filter the operation logs you browse. 3 Select the start row and the end row, and then right click to Save or Print.
1.6
Step
Period dump of operation logs

Action
Choose Administration > Task Schedule > Task Management from the main 1 menu. 2 3 In the Task Type navigation tree, select Database Capacity Management > Operation Log Dump. Select Operation Log Dump, then click Attribute to set period dump.
30
and
Data
1.7
Step
Setting the Overflow Dump for Operation Logs

Action
1 2 3
Choose Administration > Task Schedule > Task Management from the main menu. In the Task Type navigation tree, select Overflow Dump > Operation Log Overflow Dump. Select Operation Log Overflow Dump, then click Attribute to set overflow dump.
1.8
Step
Dumping Operation Logs Manually

Action
Choose Administration > Task Schedule > Task Management from the main 1 menu. 2 3
In the Task Type navigation tree, select Manual Dump > Operation Log Manual Dump.
Select Operation Log Manual Dump, then click Attribute to browse manual dump settings.
1.9
Step
Browsing System Logs

Action
1 2
Choose Administration > Log Management > Query System Logs from the main menu.
31
and
Data
1 Click Refresh to refresh the system logs. 2 Click Filter. In the Filter dialog box, set the conditions to filter the system logs you browse. 3 Select the start row and the end row, and then right click to Save or Print.
1.10 Period dump of System logs

Step Action
Choose Administration > Task Schedule > Task Management from the main 1 menu. 2 3 In the Task Type navigation tree, select Database Capacity Management > System Log Dump. Select System Log Dump, then click Attribute to set period dump.
1.11 Setting the System Dump for Operation Logs

Step Action
1 2 3
32
Choose Administration > Task Schedule > Task Management from the main menu. In the Task Type navigation tree, select Overflow Dump > System Log Overflow Dump. Select System Log Overflow Dump, then click Attribute to set overflow dump.
and
Data
1.12 Dumping System Logs Manually

Step Action
Choose Administration > Task Schedule > Task Management from the main 1 menu. 2 3
In the Task Type navigation tree, select Manual Dump > System Log Manual Dump.
Select System Log Manual Dump, then click Attribute to browse manual dump settings.
33
and
Data
Task 7 File System and Disk Management

1.1 Checking the Disk Status of the U2000 Server

Step Action Log in to the Solaris operating system as user nmsuser.
1 2
Open a terminal window, and run the following commands to switch to user root: % su - root Password:password_of_user_root Run the following commands to view the physical status of the disk on the current server: # iostat -E Run the following commands to switch to non-root user: # exit
3 4

Step Action In the My Computer window, select a disk, right-click, and choose Attribute from the shortcut menu.
1 2 3
In the dialog box displayed, click the Tools tab. In the Check Error area, click Start Check. Follow the prompts to check the disk status.
1.2
Checking the Disk Space of the U2000 Server

You can view the disk space of the server through sysmonitor or command lines. The following describes how to view the disk space by running a command.
Step Action Log in to the Solaris operating system as user nmsuser.
1 2
Open a terminal window, and run the following commands to switch to user root: % su - root Password:password_of_user_root Run the following command to view the disk space usage on the server: # df -k
34
and
Data
Step
Action
4 5
In the screen output, view the space usage of the / and /opt directories. Run the following commands to switch to non-root user: # exit

Step Action View the disk space of the server through sysmonitor or in the My Computer window. You need to view the disk space usage of the operating system, SQL server, and U2000 mainly.
1.3
Clearing Disk Space of the U2000 Server

Step Action
1 2
Log in to the system as user root. Delete the core files created by the system. These files are usually located in the directories of /, /opt/U2000/server/conf and /opt/U2000/server/bin. The file names start with core. Delete the outdated and useless alarm dump files. The default path is /opt/U2000/server/dump. Delete the outdated and useless log dump files. The default path is /opt/U2000/server/dump. Delete the outdated and useless database backup files. The default path is /opt/U2000/server/var/backup. Delete the outdated and useless U2000 running logs. The default path is /opt/U2000/server/log. Delete other outdated and useless files, such as installation files and patch files of earlier versions.
3 4 5 6 7

Step Action Log in to Windows as the administrator user.
1 2 3
Delete the outdated and useless alarm dump files. The default path is %IMAPROOT%\server\dump. Delete the outdated and useless log dump files. The default path is %IMAPROOT%\server\dump.
and
Data
Step
Action
4 5 6
Delete the outdated and useless database backup files. The default path is %IMAPROOT%\server\var\backup. Delete the outdated and useless U2000 running logs. The default path is %IMAPROOT%\serve\log. Delete other outdated and useless files, such as installation files and patch files of earlier versions.
1.4
Clearing Disk Space of the U2000 Client

Step Action
1 2 3
Empty the Recycle Bin. Delete the files in D:\U2000\client\log. Delete other useless files.
36
and
Data
Task 10 MSUITE Operation (Optional)

1.1
Step
Logging in the MSUITE

Action
On the desktop of the computer that the network management system maintenance suite locates in, double-click the U2000 NMS Maintenance Suite icon, the Login dialog box is displayed.
Enter the IP address of the U2000 server. NOTE: Each MSUITE server can access a maximum of one client. Each client can connect to one server at the same time. Enter the user and password of the network management system maintenance suite. The user and password are both admin. Click Login. Successfully log in to the network management system maintenance suite client.
3 4
37
and
Data
Step
Action
1.2
Step
Refreshing the Information of the Network Management System

Action
In the network management system maintenance suite client, select the Instance tab. Click the system. shortcut icon to refresh the information of the network management
1.3
Step
Synchronizing the Information of Network Management System

Action
On the network management system maintenance suite client, choose System > Synchronizing the NMS Information. The Synchronize Data dialog box is displayed.
38
and
Data
Step
Action
2 3
Click OK. The progress bar of data synchronization is displayed. Wait until a message is displayed indicating that data synchronization is complete. Click OK. The deployment is successfully synchronized.
1.4
Step
Adding component
Action
1 2
Log in to the client of NMS Maintenance Suite. On the NMS Maintenance Suite client, choose Deploy > Add Component from the main menu. The Add Component dialog box is displayed.
39
and
Data
Step
Action
3 4 5
Select the components to be added and click OK. Wait until the dialog box is displayed to prompt the message "Succeeded in adding the component." Click OK.
1.5
Step
Deleting component
Action
On the client of the NMS Maintenance Suite, choose Deploy > Remove Component 1 from the main menu. The Remove Component dialog box is displayed. 2 3 4 Select the components to be removed and click OK. Click OK. The deleting of the components is started. Wait until the message Succeeded in removing the following components is displayed. This indicates that deleting the components is complete. Click OK.
1.6
Step
Adding the Instance

Action
1 2
Log in to the MSUITE client. In the U2000 NMS maintenance suite, select Deployment Package tab, then click the package you want to adds. Choose Deploy > Add Instance from the Main Menu or right click to select Add Instance. The Add Instance dialog box is displayed.
40
and
Data
Step
Action
3 4 5
Input Instance Name and Memo. Click OK. Wait. The The instance is successfully added dialog box is displayed. Click OK. The instance is successfully added. NOTE: In some cases, restart the U2000 server after adding an instance.
1.7
Step
Modifying the Instance Information

Action
1 2 3 4 5 6
Log in to the MSUITE client. On the network management system maintenance suite client, select the instance whose information you want to modify. Choose Deploy > Modify the instance name and description from the Main Menu, and the Modify the instance name and description dialog box is displayed. Enter the new name and memo of the instance. Click OK and wait until the prompt is displayed indicating that the instance information is successfully modified. Click OK.
1.8
Step
Deleting the Instance

Action
1 2 3
Log in to the MSUITE client. In the network management system maintenance suite client, click the Instance tab. Choose Deploy > Delete Instance from the main menu or right-click the instance that
and
Data
Step
Action
you want to delete and choose Delete Instance from the shortcut menu. 4 5 6 A reconfirmation dialog box of Delete local Instance is displayed. Click OK to start deleting the instance. Wait. The The instance is successfully deleted dialog box is displayed indicating that the instance is successfully deleted. Click OK.
1.9
Step
Configuring the CORBA Interface Instance (Optional)

Action
Log in to the MSUITE client. On the network management system maintenance suite client, choose NBI > Configure the CORBA interface instance. The NBI Config dialog box is displayed.
3 4 5
Click the General tab to perform the basic configuration of CORBA instance. Click the Advanced tab to perform the advanced configuration of CORBA instance. Click OK.
1.10 Exiting the MSUITE Client

Step Action
1 2
In the network management system maintenance suite client, choose System > Exit. The Exit dialog box is displayed. Click OK to exit the network management system maintenance suite client.
42
iManager U2000 Troubleshooting

www.huawei.com
Copyright 2010 Huawei Technologies Co., Ltd. All rights reserved.
Objectives
Upon completion of this course, you will be able to:
List the common analysis methods of fault localization Locate U2000 faults Get the experience for U2000 troubleshooting Analyze and handle the typical faults
Page 1
Contents
1. General Thoughts About U2000 Troubleshooting 2. Typical Troubleshooting Cases on Windows OS 3. Typical Troubleshooting Cases on Solaris OS 4. Veritas Troubleshooting Cases
Page 2
General Thoughts About Troubleshooting

Main Fault Type
OS Fault
Solaris Windows Linux
Database Fault
Installation and startup of Sybase Installation and startup of MS SQL Server
U2000 Software Fault

Software installation Server startup Client startup Connection between server and client
Others
Page 3

Localization sequence
1. operating system 2. database 3. server 4. client
Client
Server
Database
OS
U2000 software
architecture
Page 4

OS Faults Cause Abnormal end of OS Virus infection Man-made mistake Method Restore the OS by installation CD Reinstall OS
Page 5

Database Faults Fail to install Cause The database has been installed ever and there are some leftover information in OS. The free space of the disk is not enough. Method Delete the leftover information. Check the space of the disk. Fail to start Cause The host name is changed. The host IP is changed, also can lead to start database failure on Solaris. Method Change back to the old name Reinstall the database , and select upgrade option on Window OS Comply the operation guide strictly to modify host IP and name on Solaris OS.
Copyright 2010 Huawei Technologies Co., Ltd. All rights reserved. Page 6

U2000 Software Faults Fail to install Cause The T2000/U2000 software has been installed ever, there are some leftover information in OS The free space of the disk is not enough. Method Delete the leftover information. Check the space of the disk. Fail to start server Cause OS or database start abnormally. The connection between server and database is incorrect. Method Check whether the database is started Check whether the value of environment variable IMAP is correct. Check the communication between server and database.
Page 7

U2000 Software Faults Fail to Cause start client Method The problem of client software. Fail to communicate with server. Copy the files of the same version client from other computer and cover the problem client. Or reinstall the client. Check the physical connection. Check the software configuration.
Page 8

U2000 Software Faults License fault Check whether the ESN information of U2000 server and the license file are the same Check whether the position of the license file is correct. Whether load the license file to directory /U2000/server/license by FTP ASCII mode in Solaris platform.
Page 9

U2000 Software Faults Fail to backup the Check the running status of database database Ensure that the firewall is closed Ensure the authority of directory dump is writable for the current user Fail to restore the Check the running status of database database Ensure that all the processes of U2000 server are closed The data can be restored only during the same version servers
Page 10
Contents
Page 11
Case 1
Phenomenon Description
......
U2000 Client1
X Operator U2000 Manager system consist of N* Client and a Server. As show in the figure, client connect with server through DCN. One day, after install a new client, that client cannot connect with server, shows a message error.
U2000 Client N
U2000 Server
Page 12
Case 1
Can not be local
Page 13
Case 2
Phenomenon Description A U2000 NMS and SQL are running on the same computer normally, an operator creates a new Windows user, then switches user, logins again, server cant be started.
Page 14
Case 2
Page 15
Case 2
Page 16
Case 2
Page 17
Case 2
Page 18
Case 3
When the operator renames the computer, and restart the computer, then the OS prompts as follows :
Page 19
10
Case 3
Handling Process
1 Rerun the setup program ,and select the upgrade, then SQL
SERVER can be started normally.

2According to the installation manual, but the prompt as follows ,
Do you want to upgrade to Desktop Edition? the option must be Yes, when finish all the operation, the SQL SERVER can be started normally, and the data also is kept.
Page 20
Case 4
The following IP address error occurs during the U2000 LCT installation.
Page 21
11
Case 5
Network element (NE) managers of some devices at the U2000 NM client are opened, appear in gray screen or abnormal display.
Cause Analysis
For the NE managers of some devices (such as PTN series, RTN series, NG WDM series, and SLM 3160) incorrect browser settings may cause abnormal display.
Page 22
Case 6
On the U2000 NM, certain NEs are logged in and out frequently.
Cause Analysis
1. The number of NEs exceeds the NM management capability. 2. Insufficient disk space
Handling Process
1. Check whether the number of NEs is within the NMS management capability. Refer to the performance indexes indicated in iManager U2000 Description. 2. Check whether the disk space usage on the server exceeds 80%. If yes, free up the disk. Backup and delete related files to free up disk space.
Page 23
12
Case 7
An NM fails to communicate with a NE. The NE icon on the NM is grayed out. In this case, an NE_COMMU_BREAK alarm is usually sent.
Cause Analysis
1. Incorrect communication parameters on the NMS or NEs.
2. Data Communication Network (DCN) failure between the NMS and NEs. 3. Mutual interference between embedded Control Channel (ECC) of subnetworks. 5. Too many non-gateway NEs carried by the gateway NEs. 6. ECC error codes. 7. Conflicts between NE users.
Contents
Page 25
13
Case 1
A U2000 NMS is running on a workstation, status is normal, one day, the workstation is powered off abnormally, restart it, and input fsck y , but the OS cant be booted from hard disk.
Cause Analysis
The system is shut down abnormally, may be damaged the system files, in rebooting procedure, the OS cant switch to the CDE interface, generally speaking, fsck -y can repair the common errors, but if the kernel is damaged or OS boot parameters are error, fsck -y cant repair them.
Page 26
Case 1
Handling Process 1. Power on the workstation, press STOP+A, switch to OK interface 2. Put the Solaris installation CD into CD-ROM 3. Input #boot cdrom -s ,boot system from CD-ROM 4. Run fsck y and restart workstation again, but the fault still exists. 5. Switch to OK interface again, input #df -k ,check whether the information of slices are correct (referring to the installation record ),then find information of slices are wrong.
Page 27
14
Case 1
Handling Process
6Execute format command to repair the slices table, as follows: # format Searching for disks...done Specify disk (enter its number): 0 selecting c0t0d0
7Restore slice information format> label Ready to label disk, continue? yconfirm format> quit
Restart the workstation, ensure whether the fault is solved . 8If the fault still exits, and the hard disk has the abnormal sound, try to replace the hard disk.
Case 2
When U2000 is upgraded, finish all the operation, then restart the OS, the operator cant login JDE desktop with user nmsuser, only can use user name: root, password: rootkit to login.
Page 29
15
Case 3
One day, a workstation with U2000 is restarted, re-login again, but fail to start server.
Cause Analysis
About the problem of starting server , the reader can consider it in three aspect---database is running or not, database number of user connections, environment variable.
Page 30
Case 3
Handling Process
1. Judge whether database is running; 2. Check the number of devices; 3. Check the environment variable, ensure the value of IMAP is the path of installation.
Page 31
16
Case 4
Because of requirement , the operator modify the IP of workstation manually, then start U2000, but he cant start U2000, query the Sybase running status ,the database can not be started(U2000 software and Sybase are installed on the same workstation).
Cause Analysis
When modify the IP of workstation, not only modify host IP, but also need to modify database IP, otherwise database can not run.
Page 32
Contents
Page 33
17
Common Troubleshooting List

AppService abnormality Data replication abnormality Recovery from dual-active status The primary node failure recovery
Page 34
Case 1
AppService abnormality If AppService stopped abnormally, the VCS will try to restart them. If restarting fails, under the rules the system will switch to the secondary node. The recovery strategies are as follows:
Clear fault of AppService on the primary and secondary nodes. Temporarily freeze AppService on the primary and secondary nodes. Troubleshoot the system as single node until the failure is removed. Unfreeze AppService on the primary and secondary nodes. Make AppService online on the primary node.
Page 35
18
Case 2
Data replication abnormality (RVG resource abnormality) Run the following commands: # vxprint v # vradmin -g datadg repstatus datarvg And the status of the data volume is not ACTIVE or ENABLED, the status of datarvg and datarlk is RECOVER, That means data replication is abnormal.
Page 36
Case 3
Dual-Active Recovery When the network between the primary and secondary nodes is interrupted more than 10 minutes, the secondary node will take over the server. Then the HA system is running in a dual-active status that the primary and secondary nodes are both active servers. In the case of dual-active, the U2000 server processes are all running on both primary and secondary nodes. After the connection recovered from the fault, the system is running in a healing status.
Healing status checking: #vradmin -g datadg repstatus datarvg Config Errors: 129.9.1.1: Primary-Primary configuration
Page 37
19
Case 4
The primary node failure recovery
Recover the primary node. Reinstall the primary node if it is necessary. Run the following command to forcibly disable the VCS on the primary and secondary nodes. # hastop -all -force Use the full synchronization method to recover the system. Restart the primary and secondary nodes after the data replication is complete. Set the AppService online on the active server.
Page 38
Summary
Basic Ideas and Methods for U2000 Troubleshooting Typical Troubleshooting Cases on Windows OS Typical Troubleshooting Cases on Solaris OS Veritas Troubleshooting Cases
Lets share your cases!
Page 39
20
Thank you
www.huawei.com
21

Imanager U2000 Administration Training

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Imanager U2000 Administration Training

Uploaded by

Copyright:

Available Formats

Huawei

OptiX iManager U2000 Administration Training

Copyright c 2011 Huawei Technologies Co., Ltd

All Rights Reserved

TABLE OF CONTENT CONTENT

iManager U2000 V100R002 Security and Data Management

iManager U2000 Troubleshooting

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface

Confidential Information of Huawei. No Spreading Without Permission

iManager U2000 CORBA Interface