The First-Time Boot utility is a wizard that walks you through a brief series of required configuration tasks, such as defining a root password and configuring IP addresses for the network interfaces. Once you complete the First-Time Boot utility, you can connect to the 3-DNS Controller from a remote workstation or through a web browser and begin configuring your load balancing setup.
The First-Time Boot utility is organized into three phases: configure, confirm, and commit. Each phase walks you through a series of screens, so that you can configure the following settings:
First, you configure all of the required information. Next, you have the opportunity to correct, if necessary, and confirm each individual setting that you have configured. Last, your confirmed settings are committed and saved to the system. Note that the screens you see are tailored to your specific hardware and software configuration. For example, if you have a stand-alone system, the First-Time Boot utility skips the redundant system screens, and if you run the controller in bridge or router mode, the First-Time Boot utility skips the NameSurfer application screens.
Before you run the First-Time Boot utility on a specific 3-DNS Controller, use the Configuration Worksheet to gather the following information:
When you run the First-Time Boot utility on a non-crypto 3-DNS Controller, a controller that does not use encrypted communications, certain screens are different from those shown when you run the First-Time Boot utility on a crypto 3-DNS Controller, a controller that uses encrypted communications.
Note: If you have both crypto and non-crypto 3-DNS Controllers, and you are setting up a crypto 3-DNS Controller, you need to configure the controller so that it accepts RSH and RCP connections. For more information on configuring RSH and RCP on crypto controllers, see Enabling remote login tools, on page 4-1 .
The First-Time Boot utility starts automatically when you turn on the 3-DNS Controller (the power switch is located on the front of the controller). The first screen the controller displays is the License Agreement screen. You must scroll through the screen, read the license, and accept the agreement before you can move to the next screen. If you accept the terms of the license agreement, the next screen you see is the Welcome screen. From this screen, simply press any key on the keyboard to start the First-Time Boot utility, and then follow the instructions on the subsequent screens to complete the process.
A root password allows you administrative access to the 3-DNS Controller. The root password must contain a minimum of 6 characters, but no more than 32 characters. Passwords are case-sensitive, and we recommend that your password contain a combination of uppercase and lowercase characters, as well as special characters. Once you enter a password, the First-Time Boot utility prompts you to confirm your root password by typing it again. If the two passwords match, your password is immediately saved. If the two passwords do not match, you receive an error message asking you to re-enter your password.
Warning: The root password is the only setting that is saved immediately, rather than confirmed and committed at the end of the First-Time Boot utility process. You can change the root password after the First-Time Boot utility completes and you reboot the 3-DNS Controller (see Chapter 6, Administration and Monitoring, in the 3-DNS Administrator Guide, for more information). You can change other system settings when the First-Time Boot utility prompts you to confirm your configuration settings.
The host name identifies the 3-DNS Controller itself. Host names must be in the format of a fully-qualified domain name. Host names may contain letters, numbers, and the symbol for dash ( - ), however, they may not contain spaces. For example, if the controller's label is controller1, then you define the host name as controller1.yourdomain.com.
If a 3-DNS Controller does not have a predefined static route for network traffic, the controller automatically sends traffic to the IP address that you define as the default route. Typically, a default route is set to a router's IP address.
Configuring a time zone ensures that the clock for the 3-DNS Controller is set correctly, and that dates and times recorded in log files correspond to the time zone of the system administrator. Scroll through the time zone list to find the time zone closest to your location. Note that one option may appear with multiple names.
You can synchronize the time on your 3-DNS Controller to a public time server by using Network Time Protocol (NTP). NTP is built on top of IP and assures accurate, local timekeeping with reference to clocks located on the Internet. This protocol is capable of synchronizing distributed clocks, within milliseconds, over long periods of time. If you choose to enable NTP, make sure UDP port 123 is open in both directions when the 3-DNS Controller is behind a firewall.
When you configure the interfaces on your 3-DNS Controller, you have several options based on whether you are configuring a redundant system. On the Configure 3-DNS Interfaces screen, select Yes, it is a redundant 3-DNS System, if you have a redundant system. Otherwise, select No, it is not a redundant 3-DNS System. The subsequent configuration screens vary, based on your selection.
Note: Note that if you are configuring a redundant system, you need to select a unit ID, and configure a shared IP address for the redundant system, in addition to configuring the interfaces themselves.
If you are configuring a redundant system, the First-Time Boot utility prompts you to provide a unit ID and an IP address for fail-over for the 3-DNS Controller. The default unit ID number is 1. If you are configuring the first controller in the redundant system, use the default. When you configure the second controller in the redundant system, type 2. These unit IDs are used for active-active redundant controller configuration.
If you have a redundant system, you are also prompted to provide the IP address that serves as an IP alias for both 3-DNS Controllers. The IP alias is shared between the units, and is used only by the currently active machine. The units themselves use unique IP addresses for each interface. The First-Time Boot utility guides you through configuring the interfaces, based on your hardware configuration.
The Select Interface screen shows a list of the installed interfaces. You must configure at least one interface, but you configure additional interfaces only if you want to have more than one independent network access path to the 3-DNS Controller, or if you want to run the controller in router mode.
Warning: The First-Time Boot utility lists only the interfaces that it detects during boot up. If the utility lists only one interface, a network adapter may have come loose during shipping. Check the LED indicators on the network adapters to ensure that they have properly detected the 3-DNS Controller media that should be installed.
Select the interface you want to configure, and press Enter (the interfaces are typically labeled fxp0 and fxp1). The utility prompts you for the following information, in many cases offering you a default:
The 3-DNS web server requires that you define a domain name for the server, a user ID, and a password. The 3-DNS web server hosts the web-based Configuration utility. The information that you configure in these screens allows you to access the Configuration utility from a web browser on your workstation. On crypto 3-DNS Controllers, the First-Time Boot utility also generates certificates for authentication.
The First-Time Boot utility guides you through a series of screens to set up web server access:
Warning: If you ever change the IP addresses or host names on the 3-DNS Controller interfaces, you need to reconfigure the 3-DNS web server to reflect your new settings. You can reconfigure the 3-DNS web server from the command line using the following command:
The 3-DNS web server hosts the browser-based Configuration utility. If you wish to create a new password for the 3-DNS web server, after you have configured the password for the first time, run the config httpd command.
You can also add users to the existing password file, change a password for an existing user, or recreate the password file, without actually going through the 3-DNS web server configuration process. For more information, see Chapter 9, Scripts, in the 3-DNS Reference Guide.
Warning: If you have modified the 3-DNS web server configuration outside of the Configuration utility, be aware that some changes may be lost when you run the config httpd command. This utility overwrites the httpd.conf file, and several other files, but it does warn you before doing so.
When you configure remote administration, the screens that you see vary, depending on whether you have a crypto 3-DNS Controller, or a non-crypto 3-DNS Controller.
The First-Time Boot utility prompts you to enter a single IP address, or a range of IP addresses, from which the 3-DNS Controller can accept administrative connections (either remote shell connections, or connections to the 3-DNS web server). To specify a range of IP addresses, you can use the asterisk (*) as a wildcard character in the IP addresses.
The following example allows remote administration from all hosts on the 192.168.2.100 network:
Warning: For 3-DNS Controllers, you must configure command line access. If you do not configure command line access, the 3-DNS Controllers cannot communicate with each other, and they cannot properly exchange configuration information.
The 3-DNS Controller can now run in three different modes: node, bridge, and router.
In the final series of the First-Time Boot utility screens, you choose whether to have NameSurfer handle DNS zone file management on the current 3-DNS Controller. If you configure the 3-DNS Controller in node mode, we strongly recommend that you configure NameSurfer to handle zone file management. If you designate NameSurfer as the primary name server, NameSurfer converts the DNS zone files on the controller, becomes the authoritative DNS, and automatically processes changes and updates to the zone files. (You can access the NameSurfer application directly from the Configuration utility).
At this point, you have entered all the configuration information, and now you confirm each setting. Each confirmation screen displays a setting and prompts you to either accept or re-enter it. If you choose to edit the setting, the utility displays the original configuration screen in which you defined the setting. When you finish editing the item, you return directly to the Confirmation screen for that item, and continue the confirmation process. Note that once you accept a setting in the Confirmation screen, you do not have another opportunity to review before the commit phase.
You confirm or edit the settings in the same order that you configured them:
Once you have confirmed the last setting, the First-Time Boot utility moves directly into the commit phase, where you are not able to make any changes.
Tip: If, at a later time, you wish to change any of the settings that you configure using the First-Time Boot utility, simply type config at the command line. The config command starts the First-Time Boot utility.
Once you confirm all of the configuration settings, the First-Time Boot utility saves the configuration settings. During the commit process, the First-Time Boot utility creates the following files and tables:
If you want to update any of the information in these files at a later time, you can re-run the First-Time Boot utility by typing config at the command line. If you want to update the zone file information in the named.conf file, you can use the NameSurfer application in the web-based Configuration utility.
To open the NameSurfer application