aledcustdoc

Alcatel-Lucent Electronic Delivery – Customer Information Document -- Version 9.1

Alcatel-Lucent Inc. 12/01/2006

Alcatel-Lucent Electronic Delivery – Customer Information Document



Alcatel-Lucent Electronic Delivery Customer Information

Document

Table of Contents

Alcatel-Lucent Electronic Delivery Overview 3

Alcatel-Lucent Electronic Delivery Internet Connection 4

− Advantages

− Disadvantages

− Setup

Alcatel-Lucent Electronic Delivery Virtual Private Network (VPN) Connection

6

− Advantages

− Disadvantages

− Setup

Alcatel-Lucent Electronic Delivery T1 Connection 8

− Advantages

− Disadvantages

− Setup

Alcatel-Lucent Electronic Delivery Secure Shell File Transmission Protocol (SSH FTP)

Connection

10

− Advantages

− Disadvantages

− Setup

FTP Customer Home Directory Structure Section 12

General Guidelines for a Customer-developed Central File Server 13

Troubleshooting Section 14

Ping Section 15

Traceroute Section

16

Acronyms

17



Alcatel-Lucent Electronic Delivery Overview

Alcatel-Lucent Electronic Delivery provides a vehicle for customers to receive software

product installation, upgrades, and updates quickly, easily, and securely using either

file transfer protocol (ftp) or hypertext transfer protocol (http) over a TCP/IP connection.

Initial requests to access Alcatel-Lucent Electronic Delivery are handled through the

Alcatel-Lucent website and details are listed in the section of this document describing

your choice of delivery access.

Alcatel-Lucent Electronic Delivery can be accessed in four ways – directly via the

Internet (http only), Virtual Private Network (VPN), a dedicated T1 connection, or via a

secure shell file transmission protocol (ssh ftp) (See figure 1). Each method1 has

different advantages and disadvantages that must be considered when choosing the access

method you wish to use.

Switch Owner’sFirewall/Security

Servers

Alcatel-Lucent Managed

Firewall

Alcatel-Lucent Electronic Delivery Network Options

VPN

Public InterNet

Dedicated T1

SSH FTP

Alcatel-Lucent

Product

Customer Network

Alcatel-LucentProduct

Figure 1

1 Please refer to the Product documentation to determine which download methods each product support.



Internet Connection

An Internet connection (See figure 2) requires an existing high-speed (400Kbps or better)

connection utilizing the public Internet to perform secure http downloads (ftp downloads

are not currently supported via the Internet).

Since some products, such as the OneLink Manager™ ASM2, can only transfer files via

ftp, an intermediate system may be required to support downloads to the product.


Servers


Firewall

Alcatel-Lucent Electronic Delivery Internet Connection

Public Internet

Alcatel-Lucent

Product

Customer Network


Figure 2

2 For more information on the ASM, see the OneLink Manager™ ASM Network Connectivity Guidelines

document.



Internet Connection - Continued

Advantages: • Quick and easy set up.

• Access Alcatel-Lucent Electronic Delivery server from anywhere.

• Secure HTTP downloads.

• Uses existing corporate connections to the Internet.

Disadvantages: • Does not support FTP downloads.

• Throughput depends on Internet traffic.

Set up:

• Contact your Internet Service Provider to determine Internet set up.

• Register for Alcatel-Lucent Electronic Delivery by connecting to www.alcatel-

lucent.com and selecting “Support” at the top horizontal navigation bar.

• After registration is complete for OnLine Customer Support and your login has been

approved, select “Software Downloads” under the Product Information section.



Virtual Private Network Connection (VPN)

A virtual private network (VPN) allows the creation of a secure, private network over

public networks (See figure 3). It is called "virtual" because it depends on the fact that

there is an encrpted packet stream that only the two firewalls with the correct VPN

settings can unencrypt. The route through the public network is not fixed or constant yet

enables secure virtual connections between the customer and the Alcatel-Lucent network.

Good performance requires speeds of 600Kb/s or more.


Servers


Firewall

Alcatel-Lucent Electronic Delivery VPN Connection

VPN

Public InterNet

Alcatel-Lucent

Product

Customer Network


Figure 3

Advantages:

• Uses encryption and packet encapsulation to ensure integrity and security of

information

• Uses existing high speed Internet channels.

• Can use automated ftp downloads.



Virtual Private Network Connection (VPN) - Continued

Disadvantages: • Static IP address must be network routable.

• Customer firewall must allow UDP, TCP, and IPSec IP packets to pass to and from

the Internet.

• IPSec must use (protocol 50 and 51).

• Slower transmission rate due to encryption process (i.e., essentially non-compressible

encrypted data).

• Throughput depends on Internet traffic.

Set up:

• Initial setup starts with contacting the Alcatel-Lucent Electronic Delivery

administrator at (630) 224-4663 to determine VPN set up


lucent.com and selecting “Customer Support” at the top horizontal navigation bar.

• Once registration for the Alcatel-Lucent premium OnLine Customer Support is

complete and your login has been approved, select “Alcatel-Lucent Electronic

Delivery Administration” from the Tools Section.

• After registration is complete, see the FTP Customer Home Directory Structure

section of this document.



T1 Connection

T1 (See Figure 4) service is comprised of a dedicated point-to-point digital line access.

T1 connectivity is one of the fastest, widely available dedicated connections, and

represents the most economical solution for those requiring 24-hour throughputs.


Servers


Firewall

Alcatel-Lucent Electronic Delivery T1/E1 Connection

Dedicated T1/E1

Alcatel-Lucent

Product

Customer Network


Figure 4

Advantages: • Dedicated bandwidth at T1 speeds (1.544 Mbps).

• Private and secure connection.

• Customer can use automated ftp downloads.

Disadvantages: • Customer pays additional T1 charges.

• Longer setup time.

• NAR T1 connections only available to facilities in Illinois.



T1 Connection - Continue

Set up:

• Customer orders T1 link through their provider of choice

• For initial setup, contact the Alcatel-Lucent Electronic Delivery administrator at

(630) 224-4663 for any information needed from Alcatel-Lucent for T1 provider

of choice


lucent.com and selecting “Customer Support” at the top horizontal navigation bar.

• Once registration for the Alcatel-Lucent premium OnLine Customer Support is

complete and your login has been approved, select “Alcatel-Lucent Electronic

Delivery Administration” from the Tools Section.

• After registration is complete, see the FTP Customer Home Directory Structure

section of this document.



Secure Shell File Transmission Protocol Connection (SSH FTP)

A secure shell file transmission protocol (ssh ftp) allows the creation of a secure, private

network connection utilizing the public network to perform secure FTP downloads (See

figure 5). SSH provides secured encrypted communications between public hosts.


Servers


Firewall

Alcatel-Lucent Electronic Delivery SSH FTP Connection

SSH FTP

Public InterNet

Alcatel-Lucent

Product

Customer Network


Figure 5

Advantages:

• Easily integrated into existing network infrastructures.

• Uses existing IP-based connections.

• Uses Open Source widely used client programs that are freely available.

• Uses authentication and encryption to ensure secure communications of information.

• Secure FTP downloads.

• Customer can use automated ftp downloads.



Secure Shell File Transmission Protocol Connection (SSH FTP) - Continued

Disadvantages:

Throughput depends on Public Network traffic.

Set up:

Initial setup starts with accessing the SSH Quick Start for ALED SSH FTP Customer

information located at https://download.support.alcatel-lucent.com/cgi-bin/ssh_ftp.cgi.



FTP Customer Home Directory Structure Section

The base FTP customer home directory is set up for a chroot environment. This means

that when the customer logs in it appears that they are at the root level of the directory

they are in. The current base home directory contains the following sub-directories:

RETROFIT - Used by the Network Based Retrofit process and DRM installation

RSCANS - File transfer point between Alcatel-Lucent and customer

ROP - Customer directory to send ROP to Clarity

bin - part of chroot environment

dev - part of chroot environment

etc - part of chroot environment

usr - part of chroot environment

In addition there are sub-directories for each base product supported by Alcatel-Lucent

Electronic Delivery that the customer is registered to receive. The complexity of these

sub-directories depends upon the product3. The intent is to provide a sub-directory off the

home directory for only major product groups. As new products are introduced, the same

guideline will apply. However, if a new product is integrated with an existing product,

the new product may be placed under an existing base sub-directory to avoid the

problems associated with renaming an existing directory.

For backward compatibility to some tools already deployed on various product platforms,

here is an example of what the following links might look like placed in the home

directory:

5E13.1 ->5ESS/5E13.1

5E14.1 ->5ESS/5E14.1

5E15.1 ->5ESS/5E15.1

ASMSWDS ->5ESS/ASMSWDS

3 For more information on the sub-directory structure for the individual product, see that product’s

documentation.



General Guidelines for a Customer-developed Central File Server

Customers may choose to implement their own central file server option and generic

guidelines are given below to assist with this task (also see figure 3 in the Virtual Private

Network Connection section of this document). This is a customer-developed option.

There are several processes that the customer must create and maintain when choosing

this option. The customer must carefully mirror the directory structure they find in their

FTP Customer Home Directory onto their own central file server. They must develop

their own automated ftp process which looks in a user-defined list of directories on the

ALED server. Files found are downloaded and then deleted from that directory on the

ALED server. The files are then uncompressed and uncpioed into a storage directory

specified by the product. Figure 1 of this section is a generic guide for customer use.

Figure 1

1. Write a scripted ftp process that either reads a file containing the directories to parse

or a list of directories to skip.

2. Set up a storage directory structure matching the home directory.

3. Make sure the ftp script executes the binary command before retrieving any files.

4. In the ftp script cd into the ALED server directory for new files and do a lcd to the

matching local directory.

5. The ftp script should execute mget * and capture any file names retrieved.

6. If the file ended in .Z, the script should cd ../appropriate product directory name and

execute

Zcat ../ALED server directory for new files/file_name | cpio –icdum.

7. If the file does not end in .Z the script should cd ../appropriate product directory name

and execute cpio -icdum <../ ALED server directory for new files /file_name.

8. The script can do a ls -l in the local and ALED server directory for new files to check

that the file sizes match.

9. If the file sizes match and the file were uncpioed then the files in the local and remote

ALED server directory for new files can be deleted.

10. Set the ftp script to be run from cron.

11. The RSCANS and RETROFIT directories should NOT be automated.

12. Storage space is determined by how much data the user wants to retain.



Trouble Shooting Section

The following 11 steps are provided to assist with troubleshooting problems that might

occur when accessing the Alcatel-Lucent Electronic Delivery network connection.

Internet Connection:

1. If you are unable to connect to the Alcatel-Lucent Electronic Delivery server, try to

connect to another Internet site. For example, www.yahoo.com.

2. If you are unable to connect to other Internet sites, contact your Internet Service

Provider’s support organization.

3. If you are able to connect to other Internet sites, go to step 11.

Virtual Private Network (VPN) Connection:

4. If you are unable to connect to the Alcatel-Lucent Electronic Delivery server, verify

that the tunnel end point IP address is correct (Note: The tunnel end point address is a

gateway and is not pingable).

5. If the tunnel end point IP is correct, try to ping your router if one exists. For more

information on using ping, see the ping section of this document.

6. If you can ping your router, try traceroute to gather more information about where the

problem lies in the network. Information on using traceroute can be found in the

traceroute section of this document.

7. If you are not using a router, try to access another Internet site. For example,

www.yahoo.com.

8. If you are unable to ping your router and cannot access another Internet site, check

your connections and contact your internal network support organization or Internet

Service Provider.

9. If you are able to ping your router and can access another Internet site, go to step 11.

T1 Connection/ Secure Shell File Transmission Protocol (SSH FTP)

Connection:

10. If you are unable to ping the Alcatel-Lucent Electronic Delivery server, go to step 11.

11. Contact the Alcatel-Lucent Electronic Delivery technical support organization at 1-

866-582-3688 (US) or (International) call the 1-630 224-4672 number and please

mention project id “Alcatel-Lucent Electronic Delivery”.



Ping Section

Ping is a command that will send a packet to a remote host and expect a return packet. It

will measure latency (round trip time); packet drops and verifies that the interface is

working properly. Details of the ping option vary per Operating System (OS). See your

OS Manual for details. Typically, ping is use by typing the following:

ping <ip address of the interface>

For example:

<enter> ping nnn.n.n.n where “n” is the ip address

The result should be that it's alive or a reply message depending on the pinging operation

system.

If successful, try to get to the router interface using the ping command with a -s option.

This will send multiple packets to the interface and show if any packets are getting

dropped. See example below:

<enter> ping -s nnn.nnn.nn.nn where “n” is the ip address

<An example of a system response is found below>

PING nnn.nnn.nn.nn: xx data bytes where “n” is the ip address and “x” is the number of

bytes of data

xx bytes from server name (nnn.nnn.nn.nn): icmp_seq=0. time=2. ms










^?

----nnn.nnn.nn.nn PING Statistics----

10 packets transmitted, 10 packets received, 0% packet loss

round-trip (ms) min/avg/max = 1/1/2

There should not be any packet loss. If packet loss is discovered, there may be a network

outage or latency on the network, or a bad network interface card. Contact your local

Network Support Group or Internet provider.



Traceroute Section

The Traceroute command uses multiple ping-type packets to trace the path from source to

destination. This can help determine where the delay and/or dropped packets are

occurring in the path. Details of the traceroute option vary per Operating System (OS).

See your OS Manual for details. Typically, traceroute is use by typing the following:

Below is example of traceroute to www.yahoo.com

<enter>: traceroute www.yahoo.com

<An example of a system response is found below>

traceroute to www.yahoo.akadns.net (216.32.74.55), 30 hops max, 40 byte packets

1 atm3-0-2.nyc-bb2.cerf.net (134.24.131.17) 39.391 ms 34.721 ms 41.300 ms 2 pos0-0-155M.nyc-bb8.cerf.net (134.24.32.221) 41.164 ms 115.861 ms 34.317 ms

3 pos2-0-622M.nyc-bb9.cerf.net (134.24.33.157) 39.759 ms 37.476 ms 37.811 ms

4 ibr03-p1-2.jrcy01.exodus.net (216.32.132.165) 93.374 ms 36.376 ms 37.370 ms 5 bbr02-g4-0.jrcy01.exodus.net (209.67.45.126) 39.570 ms 38.737 ms 37.590 ms 6 bbr01-p5-0.stng01.exodus.net (209.185.9.98) 40.420 ms 42.167 ms 46.382 ms

7 dcr04-g10-0.stng01.exodus.net (216.33.96.162) 42.887 ms 43.986 ms 51.004 8 csr22-ve241.stng01.exodus.net (216.33.98.11) 41.894 ms 43.621 ms 42.676 ms 9 216.35.210.122 (216.35.210.122) 41.331 ms 42.990 ms 41.377 ms

10 www6.dcx.yahoo.com (216.32.74.55) 44.185 ms 44.847 ms 44.726 ms

The packet trace traversed many networks until it reached its final destination. If the

packet stopped for any reason, continuous *********** would have been displayed.

This would indicate that interface was having a problem connecting to the next hop along

the path to the intended destination. If this should happen, report a network problem to

your Internet Service Provider.



Acronyms

ASM Administrative Services Module

DRM Distinctive Remote Module

FTP File Transmission Protocol

HTTP HyperText Transmission Protocol

IP Internet Protocol

IPSec Internet Protocol/Secured

ISP Internet Service Provider

OS Operating System

SSH FTP Secure Shell File Transmission Protocol

TCP/IP Transmission Control Protocol/Internet Protocol

UDP Universal Data Port

VPN Virtual Private Network

aledcustdoc

Documents

alcatellucent website

choice of delivery access

better connection

tcpip connection

internet http

file transfer protocol

dedicated t1 connection

different advantages