Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.

Alcatel-Lucent Electronic Delivery Customer Information Document

Alcatel-Lucent Inc.
12/01/2006 Page 1

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

Alcatel-Lucent Electronic Delivery Customer Information Document

Table of Contents
Alcatel-Lucent Electronic Delivery Overview 3

Alcatel-Lucent Electronic Delivery Internet Connection Advantages Disadvantages Setup

Alcatel-Lucent Electronic Delivery Virtual Private Network (VPN) Connection Advantages Disadvantages Setup

Alcatel-Lucent Electronic Delivery T1 Connection Advantages Disadvantages Setup

Alcatel-Lucent Electronic Delivery Secure Shell File Transmission Protocol (SSH FTP) Connection Advantages Disadvantages Setup

10

FTP Customer Home Directory Structure Section General Guidelines for a Customer-developed Central File Server

12 13

Troubleshooting Section

14

Ping Section Traceroute Section Acronyms

15 16 17

Alcatel-Lucent Inc.
12/01/2006 Page 2

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

Alcatel-Lucent Electronic Delivery Overview

Alcatel-Lucent Electronic Delivery provides a vehicle for customers to receive software product installation, upgrades, and updates quickly, easily, and securely using either file transfer protocol (ftp) or hypertext transfer protocol (http) over a TCP/IP connection. Initial requests to access Alcatel-Lucent Electronic Delivery are handled through the Alcatel-Lucent website and details are listed in the section of this document describing your choice of delivery access. Alcatel-Lucent Electronic Delivery can be accessed in four ways directly via the Internet (http only), Virtual Private Network (VPN), a dedicated T1 connection, or via a secure shell file transmission protocol (ssh ftp) (See figure 1). Each method1 has different advantages and disadvantages that must be considered when choosing the access method you wish to use.

Alcatel-Lucent Electronic Delivery Network Options

Al catel-Lucent Product

VPN

Alcatel-Lucent Managed Firewall

Public InterNet Dedicated T1 SSH FTP

Customer Network

Switch Owner s Firewall/Security Servers

Al catel-Lucent Product

Figure 1
1

Please refer to the Product documentation to determine which download methods each product support. Alcatel-Lucent Inc.
12/01/2006 Page 3

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

Internet Connection
An Internet connection (See figure 2) requires an existing high-speed (400Kbps or better) connection utilizing the public Internet to perform secure http downloads (ftp downloads are not currently supported via the Internet). Since some products, such as the OneLink Manager ASM2, can only transfer files via ftp, an intermediate system may be required to support downloads to the product.

Alcatel-Lucent Electronic Delivery Internet Connection

Al catel-Lucent Product

Alcatel-Lucent Managed Firewall

Public Internet

Customer Network

Switch Owner s Firewall/Security Servers

Al catel-Lucent Product

Figure 2

For more information on the ASM, see the OneLink Manager ASM Network Connectivity Guidelines document. Alcatel-Lucent Inc.
12/01/2006 Page 4

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

Internet Connection - Continued

Advantages:
Quick and easy set up. Access Alcatel-Lucent Electronic Delivery server from anywhere. Secure HTTP downloads. Uses existing corporate connections to the Internet.

Disadvantages:
Does not support FTP downloads. Throughput depends on Internet traffic.

Set up:
Contact your Internet Service Provider to determine Internet set up. Register for Alcatel-Lucent Electronic Delivery by connecting to www.alcatellucent.com and selecting Support at the top horizontal navigation bar. After registration is complete for OnLine Customer Support and your login has been approved, select Software Downloads under the Product Information section.

Alcatel-Lucent Inc.
12/01/2006 Page 5

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

Virtual Private Network Connection (VPN)

A virtual private network (VPN) allows the creation of a secure, private network over public networks (See figure 3). It is called "virtual" because it depends on the fact that there is an encrpted packet stream that only the two firewalls with the correct VPN settings can unencrypt. The route through the public network is not fixed or constant yet enables secure virtual connections between the customer and the Alcatel-Lucent network. Good performance requires speeds of 600Kb/s or more.

Alcatel-Lucent Electronic Delivery VPN Connection

Al catel-Lucent Product

VPN

Alcatel-Lucent Managed Firewall

Public InterNet

Customer Network

Switch Owner s Firewall/Security Servers

Al catel-Lucent Product

Figure 3

Advantages:
Uses encryption and packet encapsulation to ensure integrity and security of information Uses existing high speed Internet channels. Can use automated ftp downloads.

Alcatel-Lucent Inc.
12/01/2006 Page 6

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

Virtual Private Network Connection (VPN) - Continued

Disadvantages:
Static IP address must be network routable. Customer firewall must allow UDP, TCP, and IPSec IP packets to pass to and from the Internet. IPSec must use (protocol 50 and 51). Slower transmission rate due to encryption process (i.e., essentially non-compressible encrypted data). Throughput depends on Internet traffic.

Set up:
Initial setup starts with contacting the Alcatel-Lucent Electronic Delivery administrator at (630) 224-4663 to determine VPN set up Register for Alcatel-Lucent Electronic Delivery by connecting to www.alcatellucent.com and selecting Customer Support at the top horizontal navigation bar. Once registration for the Alcatel-Lucent premium OnLine Customer Support is complete and your login has been approved, select Alcatel-Lucent Electronic Delivery Administration from the Tools Section. After registration is complete, see the FTP Customer Home Directory Structure section of this document.

Alcatel-Lucent Inc.
12/01/2006 Page 7

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

T1 Connection
T1 (See Figure 4) service is comprised of a dedicated point-to-point digital line access. T1 connectivity is one of the fastest, widely available dedicated connections, and represents the most economical solution for those requiring 24-hour throughputs.

Alcatel-Lucent Electronic Delivery T1/E1 Connection

Al catel-Lucent Product

Alcatel-Lucent Managed Firewall

Dedicated T1/E1

Customer Network

Switch Owner s Firewall/Security Servers

Al catel-Lucent Product

Figure 4

Advantages:
Dedicated bandwidth at T1 speeds (1.544 Mbps). Private and secure connection. Customer can use automated ftp downloads.

Disadvantages:
Customer pays additional T1 charges. Longer setup time. NAR T1 connections only available to facilities in Illinois.
Alcatel-Lucent Inc.
12/01/2006 Page 8

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

T1 Connection - Continue
Set up:
Customer orders T1 link through their provider of choice For initial setup, contact the Alcatel-Lucent Electronic Delivery administrator at (630) 224-4663 for any information needed from Alcatel-Lucent for T1 provider of choice Register for Alcatel-Lucent Electronic Delivery by connecting to www.alcatellucent.com and selecting Customer Support at the top horizontal navigation bar. Once registration for the Alcatel-Lucent premium OnLine Customer Support is complete and your login has been approved, select Alcatel-Lucent Electronic Delivery Administration from the Tools Section. After registration is complete, see the FTP Customer Home Directory Structure section of this document.

Alcatel-Lucent Inc.
12/01/2006 Page 9

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

Secure Shell File Transmission Protocol Connection (SSH FTP)

A secure shell file transmission protocol (ssh ftp) allows the creation of a secure, private network connection utilizing the public network to perform secure FTP downloads (See figure 5). SSH provides secured encrypted communications between public hosts.

Alcatel-Lucent Electronic Delivery SSH FTP Connection

Al catel-Lucent Product

SSH F TP

Alcatel-Lucent Managed Firewall

Public InterNet

Customer Network

Switch Owner s Firewall/Security Servers

Al catel-Lucent Product

Figure 5

Advantages:
Easily integrated into existing network infrastructures. Uses existing IP-based connections. Uses Open Source widely used client programs that are freely available. Uses authentication and encryption to ensure secure communications of information. Secure FTP downloads. Customer can use automated ftp downloads.

Alcatel-Lucent Inc.
12/01/2006 Page 10

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

Secure Shell File Transmission Protocol Connection (SSH FTP) - Continued

Disadvantages:
Throughput depends on Public Network traffic.

Set up:
Initial setup starts with accessing the SSH Quick Start for ALED SSH FTP Customer information located at https://download.support.alcatel-lucent.com/cgi-bin/ssh_ftp.cgi.

Alcatel-Lucent Inc.
12/01/2006 Page 11

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

FTP Customer Home Directory Structure Section

The base FTP customer home directory is set up for a chroot environment. This means that when the customer logs in it appears that they are at the root level of the directory they are in. The current base home directory contains the following sub-directories: RETROFIT - Used by the Network Based Retrofit process and DRM installation RSCANS - File transfer point between Alcatel-Lucent and customer ROP - Customer directory to send ROP to Clarity bin - part of chroot environment dev - part of chroot environment etc - part of chroot environment usr - part of chroot environment In addition there are sub-directories for each base product supported by Alcatel-Lucent Electronic Delivery that the customer is registered to receive. The complexity of these sub-directories depends upon the product3. The intent is to provide a sub-directory off the home directory for only major product groups. As new products are introduced, the same guideline will apply. However, if a new product is integrated with an existing product, the new product may be placed under an existing base sub-directory to avoid the problems associated with renaming an existing directory. For backward compatibility to some tools already deployed on various product platforms, here is an example of what the following links might look like placed in the home directory: 5E13.1 ->5ESS/5E13.1 5E14.1 ->5ESS/5E14.1 5E15.1 ->5ESS/5E15.1 ASMSWDS ->5ESS/ASMSWDS

For more information on the sub-directory structure for the individual product, see that products documentation. Alcatel-Lucent Inc.
12/01/2006 Page 12

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

General Guidelines for a Customer-developed Central File Server

Customers may choose to implement their own central file server option and generic guidelines are given below to assist with this task (also see figure 3 in the Virtual Private Network Connection section of this document). This is a customer-developed option. There are several processes that the customer must create and maintain when choosing this option. The customer must carefully mirror the directory structure they find in their FTP Customer Home Directory onto their own central file server. They must develop their own automated ftp process which looks in a user-defined list of directories on the ALED server. Files found are downloaded and then deleted from that directory on the ALED server. The files are then uncompressed and uncpioed into a storage directory specified by the product. Figure 1 of this section is a generic guide for customer use.

Figure 1
1. Write a scripted ftp process that either reads a file containing the directories to parse or a list of directories to skip. 2. Set up a storage directory structure matching the home directory. 3. Make sure the ftp script executes the binary command before retrieving any files. 4. In the ftp script cd into the ALED server directory for new files and do a lcd to the matching local directory. 5. The ftp script should execute mget * and capture any file names retrieved. 6. If the file ended in .Z, the script should cd ../appropriate product directory name and execute Zcat ../ALED server directory for new files/file_name | cpio icdum. 7. If the file does not end in .Z the script should cd ../appropriate product directory name and execute cpio -icdum <../ ALED server directory for new files /file_name. 8. The script can do a ls -l in the local and ALED server directory for new files to check that the file sizes match. 9. If the file sizes match and the file were uncpioed then the files in the local and remote ALED server directory for new files can be deleted. 10. Set the ftp script to be run from cron. 11. The RSCANS and RETROFIT directories should NOT be automated. 12. Storage space is determined by how much data the user wants to retain.

Alcatel-Lucent Inc.
12/01/2006 Page 13

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

Trouble Shooting Section

The following 11 steps are provided to assist with troubleshooting problems that might occur when accessing the Alcatel-Lucent Electronic Delivery network connection.

Internet Connection:
1. If you are unable to connect to the Alcatel-Lucent Electronic Delivery server, try to connect to another Internet site. For example, www.yahoo.com. 2. If you are unable to connect to other Internet sites, contact your Internet Service Providers support organization. 3. If you are able to connect to other Internet sites, go to step 11.

Virtual Private Network (VPN) Connection:

4. If you are unable to connect to the Alcatel-Lucent Electronic Delivery server, verify that the tunnel end point IP address is correct (Note: The tunnel end point address is a gateway and is not pingable). 5. If the tunnel end point IP is correct, try to ping your router if one exists. For more information on using ping, see the ping section of this document. 6. If you can ping your router, try traceroute to gather more information about where the problem lies in the network. Information on using traceroute can be found in the traceroute section of this document. 7. If you are not using a router, try to access another Internet site. For example, www.yahoo.com. 8. If you are unable to ping your router and cannot access another Internet site, check your connections and contact your internal network support organization or Internet Service Provider. 9. If you are able to ping your router and can access another Internet site, go to step 11.

T1 Connection/ Secure Shell File Transmission Protocol (SSH FTP) Connection:

10. If you are unable to ping the Alcatel-Lucent Electronic Delivery server, go to step 11. 11. Contact the Alcatel-Lucent Electronic Delivery technical support organization at 1866-582-3688 (US) or (International) call the 1-630 224-4672 number and please mention project id Alcatel-Lucent Electronic Delivery.
Alcatel-Lucent Inc.
12/01/2006 Page 14

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

Ping Section
Ping is a command that will send a packet to a remote host and expect a return packet. It will measure latency (round trip time); packet drops and verifies that the interface is working properly. Details of the ping option vary per Operating System (OS). See your OS Manual for details. Typically, ping is use by typing the following: ping <ip address of the interface> For example: <enter> ping nnn.n.n.n where n is the ip address The result should be that it's alive or a reply message depending on the pinging operation system. If successful, try to get to the router interface using the ping command with a -s option. This will send multiple packets to the interface and show if any packets are getting dropped. See example below: <enter> ping -s nnn.nnn.nn.nn where n is the ip address <An example of a system response is found below> PING nnn.nnn.nn.nn: xx data bytes where n is the ip address and x is the number of bytes of data xx bytes from server name (nnn.nnn.nn.nn): icmp_seq=0. time=2. ms xx bytes from server name (nnn.nnn.nn.nn): icmp_seq=1. time=1. ms xx bytes from server name (nnn.nnn.nn.nn): icmp_seq=2. time=1. ms xx bytes from server name (nnn.nnn.nn.nn): icmp_seq=3. time=1. ms xx bytes from server name (nnn.nnn.nn.nn): icmp_seq=4. time=1. ms xx bytes from server name (nnn.nnn.nn.nn): icmp_seq=5. time=1. ms xx bytes from server name (nnn.nnn.nn.nn): icmp_seq=6. time=1. ms xx bytes from server name (nnn.nnn.nn.nn): icmp_seq=7. time=1. ms xx bytes from server name (nnn.nnn.nn.nn): icmp_seq=8. time=1. ms xx bytes from server name (nnn.nnn.nn.nn): icmp_seq=9. time=1. ms ^? ----nnn.nnn.nn.nn PING Statistics---10 packets transmitted, 10 packets received, 0% packet loss round-trip (ms) min/avg/max = 1/1/2 There should not be any packet loss. If packet loss is discovered, there may be a network outage or latency on the network, or a bad network interface card. Contact your local Network Support Group or Internet provider.
Alcatel-Lucent Inc.
12/01/2006 Page 15

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

Traceroute Section
The Traceroute command uses multiple ping-type packets to trace the path from source to destination. This can help determine where the delay and/or dropped packets are occurring in the path. Details of the traceroute option vary per Operating System (OS). See your OS Manual for details. Typically, traceroute is use by typing the following: Below is example of traceroute to www.yahoo.com <enter>: traceroute www.yahoo.com <An example of a system response is found below> traceroute to www.yahoo.akadns.net (216.32.74.55), 30 hops max, 40 byte packets 1 atm3-0-2.nyc-bb2.cerf.net (134.24.131.17) 39.391 ms 34.721 ms 41.300 ms
2 pos0-0-155M.nyc-bb8.cerf.net (134.24.32.221) 41.164 ms 115.861 ms 34.317 ms 3 pos2-0-622M.nyc-bb9.cerf.net (134.24.33.157) 39.759 ms 37.476 ms 37.811 ms 4 ibr03-p1-2.jrcy01.exodus.net (216.32.132.165) 93.374 ms 36.376 ms 37.370 ms 5 bbr02-g4-0.jrcy01.exodus.net (209.67.45.126) 39.570 ms 38.737 ms 37.590 ms

6 7

bbr01-p5-0.stng01.exodus.net (209.185.9.98) 40.420 ms 42.167 ms 46.382 ms dcr04-g10-0.stng01.exodus.net (216.33.96.162) 42.887 ms 43.986 ms 51.004

8 csr22-ve241.stng01.exodus.net (216.33.98.11) 41.894 ms 43.621 ms 42.676 ms

9 216.35.210.122 (216.35.210.122) 41.331 ms 42.990 ms 41.377 ms 10 www6.dcx.yahoo.com (216.32.74.55) 44.185 ms 44.847 ms 44.726 ms The packet trace traversed many networks until it reached its final destination. If the packet stopped for any reason, continuous *********** would have been displayed. This would indicate that interface was having a problem connecting to the next hop along the path to the intended destination. If this should happen, report a network problem to your Internet Service Provider.

Alcatel-Lucent Inc.
12/01/2006 Page 16

Alcatel-Lucent Electronic Delivery Customer Information Document -- Version 9.1

Acronyms
ASM DRM FTP HTTP IP IPSec ISP OS SSH FTP TCP/IP UDP VPN Administrative Services Module Distinctive Remote Module File Transmission Protocol HyperText Transmission Protocol Internet Protocol Internet Protocol/Secured Internet Service Provider Operating System Secure Shell File Transmission Protocol Transmission Control Protocol/Internet Protocol Universal Data Port Virtual Private Network

Alcatel-Lucent Inc.
12/01/2006 Page 17