Professional Documents
Culture Documents
Annex Terminal Servers: System Administrator & User Notes
Annex Terminal Servers: System Administrator & User Notes
Bob Beattie
CSIRO Marine & Atmospheric Research
Hobart, TAS, Australia
email: bob.beattie@csiro.au
Version:
30 January 2006
This document can be viewed on-line on Southern Surveyors internal web site
or at http://www.marine.csiro.au/~dpg/sysManDocs/annex_man.pdf
Source document: /opt/fdcs/doc/annex_man.fm
prepared using FrameMaker 7.0 ( Adobe Systems Inc.)
A guide to the configuration and use of the Xylogics MicroAnnex XL and Remote
Annex 2000 terminal servers used in Southern Surveyors data collection system.
If you need more detailed information, please refer to the Annex Communications
Server, Network Administrators Guide, Hardware Installation and Users guides.
Introduction
1.0 Introduction
The Franklin Data Collection System (FDCS) uses Xylogics Micro Annex
XL and Remote Annex 2000 terminal servers to provide the interface
between the RS232 outputs from various instruments and the data acquisition computers. The R2000s have the advantage of being self-booting,
which means that they can be used without having to power-up one of the
Suns.
This manual documents the aspects of terminal server installation and
management that apply to the Southern Surveyor installation. It is not
intended as a How to do it manual. For that you should go to the appropriate, manufacturer-supplied documentation.
The first three sections of this manual describe how to configure and monitor Annex ports. All Southern Surveyor computing and electronics personnel should familiarise themselves with these procedures.
The later sections provide background & reference information about
installing Annexes, setting up printer queues on Annex ports, cabling
details etc. Browse through these sections, so that you know what they
contain, but only study them in detail when you have to.
1.1
Related documentation
d)
Introduction
2.1
The Annex and the port to be used must have been correctly set up.
This is described in the next section.
When modifying or adding an entry, use the <page-down> & <pageup> keys to step through the fields. <return> terminates the entry.
5. Things to note when making or modifying entries:
The database is case sensitive
4.
The admin command can be used from any CLI or virtual CLI port on the
server.
To use a virtual CLI session, telnet to tcp port 5000 of the annex,
either from one of the Suns or from a terminal connected to any
annex:
telnet annexn 5000
Become superuser:
annex prompt> su
password: annex
annex prompt# admin
If the annex wont accept annex as the password, try using the units IP
number, eg 140.79.18.13)
Annex Terminal Servers
Using na
Activate na by typing
/opt/annex/na
/opt/annex/ra_R5.4/bin/na
(Micro Annex)
(R2000)
read command.script
or you can pass the contents of the script when you activate na:
na < command.script
where command.script is a file containing the lines:
annex annex1
show annex
3.1.3
Using gui_am
If you have loaded the annex module, you should just have to type
gui_am
otherwise you will have to set environment variable GUI_AM_DIR and
specify the full path for gui_am:
setenv GUI_AM_DIR /opt/annex/gui_am_r2.3/GUI_AM_R2.3
$GUI_AM_DIR/bin/gui_am
Only nominated users can use gui_am. To add or remove users, edit
$GUI_AM_DIR/bin/users.list
3.1.4
(port 8)
(ports 2 to 4)
(ports 1 & 6)
(general parameters)
(port parameters)
e.g.:
set annex name_server1 dns
set port speed 19200
The new settings dont take effect until the annex is rebooted or the
port(s) are reset.
Reboot using the boot command. This can be typed from within na
but if you are using admin, you will first need to quit back to the
annex prompt:
admin:
quit
annex_prompt# boot
Just type <Return> in response to the several prompts from the boot
process.
3.2
# /opt/annex/bin/na
command: annex annexn
command: write /opt/annex/etc/annexn_yymmdd.cfg
command: quit
# gzip /opt/annex/etc/annexn_yymmdd.cfg
Make a note in /opt/annex/etc/diary.txt each time you write a new configuration file.
3.3
Copying configurations
The na copy command is used to copy a servers configuration or the configuration of 1 or more ports eg the commands:
copy annex annex3 annex6
copy port 1@annex2 5-10@annex4
respectively copy the configuration of annex3 to annex6 and the configuration of port 1 on annex2 to ports 5-10 on annex4.
If you wish to duplicate the complete configuration of one annex into
another, the configurations of the 16 ports must be copied individually.
This can be done with the script /opt/config/scripts/copy_annex_cfg.
eg to copy the configuration of annex6 to annex1, type:
/opt/config/scripts/copy_annex_cfg
annex1
annex6
annex parameters
name_server_broadcast
name_server_1
name_server_2
pref_name1_addr
pref_name2_addr
rwhod
time_broadcast
timezone_minuteswest
10
Y
dns
dns
140.79.18.9
140.79.18.7
N
Y
request time from network
0
( UTC )
daylight_savings
cli_prompt
syslog_host
syslog_mask
syslog_port
password
3.4.2
none
%a%s%r%s%p%cannexn port nn:
0.0.0.0
all
0
<set> (=annex)su admin password
<unset> use IP No.
mode
input_flow_control
output_flow_control
allow_broadcast
echo
speed
data bits
slave
none
none
N
N
desired value (typically 9600)
desired value (typically 8)
If the instrument output uses parity, the port should typically be set to 7
data bits, the desired parity and imask_7bits Y(to mask out the parity
bit). This is because Unix expects 7-bit ascii data, and characters with 8
significant bits will give unexpected results in character compares!!
It may be necessary to Reset the port after it has been configured. To do
this, type
reset nn
from the admin prompt or na utility. nn is the port number.
3.5
Modem connections
Annexs 1 & 3-8 have full modem control on all ports and annex2 and the
older Surveyor Annexes have it only on ports 7, 8, 15 & 16. (The modem
ports are enclosed by a thick, black line labelled Full modem control.)
Some additional setups, in addtion to the general settings are required if
you wish to use dial-in modems.
If you require additonal information, please refer to the Annex Network
Administrators Guide.
3.5.1
Security must be enabled on any Annexes being used for dial-up connections on the Hobart end, as unprotected dial-in lines present a security
risk. We havent worried about security on the ship, as the phone numbers are less accessible.
Host-based security is used for the main line of defence, with annex-based
security taking over, in the event that no security server is available
When security is enabled, you will be prompted for a username and password when you dial-in to the port or telnet to it in preparation for dialling
out..
11
y
0
y
140.79.18.9 (ss-users ip No.)
140.79.18.7 (ss1)
as all 3 Suns are security servers, in which case you need to have a preferred security server
You also need to set up the security files on the security server(s). The
Annex erpcd daemon expects these files to be in the same directory as the
erpcd executable (/opt/annex/bin (hobart), /opt/annex (ship)), but it
makes more sense to put them in /opt/annex/etc, with soft links pointing
to them from /opt/annex[/bin].
Do the following:
Uncomment the acp record in /opt/annex/eservices. You may wish
to move this file to /opt/annex/etc, with a soft link in the bin subdirectory.
2. Create the file acp_passwd
This file should contain a password entry for each user that is entitled
to use the port(s). It is a series of records with identical format to
those in /etc/shadow or produced by the ypmatch (Hobart) or nismatch (Southern Surveyor) commands. eg, to add 2 new users to the
file, type:
ypmatch user1 user2 >> acp_passwd (Hobart)
nismatch user1 user2 >> acp_passwd (Southern Surveyor)
1.
12
3.5.2
mode
type
speed
speed
control_lines
input_flow_control
output_flow_control
bidirectional_modem
adaptive
dial_in
38400 (Hobart)
9600 (MobileSat port)
both
eia
eia
y
The following are set on the Hobart Annex modems. We may ultimately activate security on Southern Surveyor.
cli_security
port_server_security
y
y
When security is enabled, all users, either incoming or outgoing, require an entry
in the password file acp_passwd. The next section describes how this is done.
y
<set>
This password will be prompted for in the event that the security server host is
down.
The MobileSat modem does not drop DSR when the connection is broken. This means that its annex port can be left in an indeterminate
state if the connection was not shut down cleanly. eg it may be left
logged onto a Sun.
To reduce the effects of this, its port should be set to:
cli_inactivity
inactivity_timer
5
5
which will normally cause the connection to be hung-up after 5 minutes inactivity. (This is not foolproof, and on some occasions, you may have to reset the port
manually by doing a reset nn from one of the Annex admin tools.)
3.5.3
13
Make sure that you have loaded the annex module before you issue the
command. eg.
module load annex
then, as root:
set_annex_pw user1 [user2] [..] [..]
or to add or modify your own entry:
set_annex_pw
14
Trouble shooting
Activity from a device connected to the port. e.g., when trying to make
a 5000-style network connection to an Adaptive port with an active
device connected to it.
The problem can often be cleared by resetting the port. (See next item)
4.2
4.3
15
Trouble shooting
This section does not apply to Solaris or, if it does, I dont know how to get
it to work. It is much simpler to log messages to a terminal connected to
the annex. This is described in the previous section.
Messages from annexes can be logged to a file on a selected remote BSD
Unix host. This can be done, by adding the lines
#annex logging
local7.debug /var/spool/log/annex
to /etc/syslog.conf on the selected host. The messages will be sent to
/usr/spool/log/annex.
Use na or admin to set the syslog_host parameter to the IP number of
the host, or leave at 0.0.0.0 so that the annex will broadcast for a logging
host. Leave the syslog_facility set to the default log_local7 (to match
the local7 value in syslog.conf).
Messages can be sent to a terminal server port as well as to a logfile by
setting syslog_port to the desired port.
The type of messages output depend on the value of the annexs
syslog_mask parameter, eg:
debug : only time setting messages seem to be generated.
info: generates informative messages such as opening & closing connections.
error
warning
I havent yet discovered how to log errors such as connection rejections.
16
The 1Mb units should not be on the ship, but we may need them for onshore testing.
5.1
17
Connect the annex to the network & power it up. It may take several minutes to complete its initial boot. (When booting is complete, the power,
unit and net indicators will be permanently on and the activity and one
or more of the status indicators may be flickering intermittently.)
Verify that the annex has the correct name and IP number.
Refer to the section on Configuring Annexes and Annex Ports and use
admin or na to configure the server to your requirements.
Once you are satisfied with the configuration, use na to write a configuration script file for the server to ss-user. See the description of na in this
manual for details of how to do this. This file is a security backup, in case
the server fails & has to be replaced with another unit.
5.1.2
The older Annexes (annex1 & annex2) are unable to use RARP to determine their IP numbers from the network nameserver. The following procedure will also have to be used to change the number of a later Micro
Annex, as these only request their IP number when they are first intialized.
To set the IP number, follow the instructions in Chapters 2 & 3 of the
Hardware Installation Guide.
Connect a terminal to port #1.
2. The Annex must be powered up in test mode. (Push the test button
within 5 secs of powering up, but after the test indicator has gone out).
3. Use the addr command to enter the settings:
monitor:: addr
Enter Internet Address:: 140.79.18.nnn
Internet address: 140.79.18.nnn
Enter Subnet mask [255.255.248.0]:: <Ret>
Enter preferred load host Internet address:: <Ret>
Enter broadcast address [0.0.0.0]:: <Ret>
Select type of IP encapsulation [ethernet]:: <Ret>
1.
18
Power up the server. All the LED indicators will initially be illuminated. Push the Test button when at least one of these indicators has
gone OFF. It should enter Monitor mode.
3. Use the addr command to enter the IP number, subnet mask and
broadcast address. Do not enter a Load Address or Dump Host. Load
Broadcast? should be Y.
4. Use the seq command to set the boot sequence to self,net. (net,self
would probably work equally well, but would take longerif none of the
Suns were up.)
2.
i.e., you want the replacement Annex to take on the IP number, name and
configuration of the old one.
If the replacement server is not a new unit, you will have to change its IP
number to the correct value in the manner described for older annexes.
You will also need to use admapp to change the ethernet address in the
hosts database
You will also need to use the Annex na utility read the old server configuration into the new unit. Refer to the section on configuring annexes for
details on how to do this.
5.1.5
The Annex package is stored in the /opt/annex ($ANNEX_HOME) directory tree, rather than /usr/annex. Executables are in
$ANNEX_HOME/bin, and sources in $ANNEX_HOME/src etc.
The Annexes are booted using the erpcd daemon. erpcd is started at boot
time by means of the script file, /etc/rc2.d/S79annex, which contains the
following:
if [ -f /opt/annex/bin/erpcd ]; then
/opt/annex/bin/erpcd && echo Starting terminal
server daemon
fi
This will be executed by the /sbin/rc2 script when computer boots to run
state 2.
The boot images, oper52.enet for the Micro Annexes and oper56.enet
for the R2000s, are in /opt/annex/bfs, instead of the specified
/var/spool/erpcd/bfs directory. (We disguised this by setting up
/var/spool/erpcd/bfs as a link to /opt/annex/bfs.)
If you have a problem, eg a server wont boot, you can generate error messages by starting erpcd in debug mode. ie, kill the running daemon and
start it again manually by typing:
/opt/annex/bin/erpcd -D
19
5.1.6
If you change the nameserver host (currently ss-user) without changing an Annexs pref_name1_addr, you will be able to ping the Annex,
but not telnet to it. If this happens, you will have to change the configuration using a CLI session from one of the serial ports.
2. Annex and port reconfiguration can be done via a telnet session run
from one of the serial ports. Port 1 should be reserved for this purpose,
but if it is unavailable, just try the other ports until you find one that
works.
Just become su and run the admin utlity, as you would from a virtual
(telnet) CLI session.
1.
20
The 2Mb Micro Annexes, including the self booting annex8, are running R10.0. This is not compatible with the older 1Mb units, which
should not be used on the ship.
The older, 1Mb annexes require R7, which is only operational onshore. (The is code is also on the ship, in /opt/annex_orig.)
We run the R10 version of erpcd, but this should be able to up-load the
R2000 boot image to the server if its internal copy of the software is lost or
corrupted.
21
22
DTR
TXD
DCD
RXD
GND
DSR
CTS
3
4
5
6
7
8
blue
NC
______ 4
|_____ 5
orange ____________ 6
|_____ 8
black _____________ 3
red _______________20
green _____________ 2
yellow _____________7
brown
NC
white
NC
This diagram applies to the RJ-DB adaptor connectors and to flat cables
with an RJ connector on one end and a direct solder connection to a DB25.
RJ pin #1 is on the top LH side of the socket when looking into the socket
with the locking slot facing down:
_________
|1
|
|
|
---| |-----
Whenever a round cable is fastened to a ribbon cable or to an RJ connector, it should be connected so that the signals at the RJ match those
shown above. If this is done, only 4 types of RJ/DB adaptors will be
required, namely male & female modems & null modems. The type of
adaptor on a piece of equipment should never have to be changed.
Ribbon cables terminated with RJ connectors at both ends should always
have the blue wire connected to pin #1. (Strictly speaking, it makes no dif-
23
ference whether the blue or white wire goes to pin 1 in these cables, provided it is the same colour at both ends. However, adherence to this
convention will eliminate any confusion.)
7.2
24
RJ pin No.
1
DTR
TXD
DCD
RXD
GND
DSR
CTS
3
4
5
6
7
8
Colour
blue
DB9 M or F
NC
______ 7
|_____ 8
orange __________ 6
|_____ 1
black ___________ 2
red ____________ 4
green ___________ 3
yellow __________5
brown
N.C.
white
N.C.
8.2
The changes are made on ss-user. If the files are edited on other hosts,
the changes will be lost when the housekeeper job runs.
Make sure that the edited files have the same ownership & protection
as the originals.
2.
25
except, dont use /dev/null, because this will tie up the null device
driver & stop many other programs from running!!! -i specifies the
nec version of the interface script.
3. Resart the scheduler:
# /usr/lib/lpsched
4.
5.
If you wish, you can then use the admintool printer control window to
add comments re the printer you have just defined.
26
Annex specs
Serial Nos
Memory
EEPROM
Rom rev
Rom software rev
annex1
annex2
52/129660
1Mb
8192 Kb
2/0
509
52/151664
1Mb
8192Kb
4/0
511
Ethernet addresses
See /etc/ethers.
27