A Note About NTA1000 Hardware Versions
The NTA1000 system has evolved from its original version (v1) to v2, v3, v4, and is now at v5. The v1, v2, v3, and v4 models are no longer being shipped. This document refers to the second version NTA1000 (v2). Although the model name has not changed and the four versions look similar, there are key differences that should be noted. If you’re not sure which model you have, please refer to this page:
Throughout the remainder of this document the NTA1000 v2 will be referred to simply as the NTA1000.
If you are not using a v2 NTA1000 system, please instead refer to the appropriate Quick Start Guide.
- NTA1000 v1 Quick Start Guide.
- NTA1000 v3 Quick Start Guide.
- NTA1000 v4 Quick Start Guide.
- NTA1000 v5 Quick Start Guide.
The NTA1000 from QA Cafe is a turn-key hardware appliance optimized for use with CDRouter - the CPE industry’s leading functional test verification tool. The NTA1000 is equipped with a variety of test interfaces offering tremendous flexibility in a compact 1U form factor.
If at any time you have additional questions or would like additional assistance, please contact firstname.lastname@example.org.
What’s in the box?
Here’s what you’ll find in the box:
- (1) NTA1000 v2 system
- (3) dual band antennas
- (3) magnetic antenna mounts
- (1) documentation pack
- (1) power cord
- (2) 19 inch rack mount ears
The NTA1000 is very easy to install and use. Simply unpack the NTA1000, set it up in a convenient location, plug the power cable in, connect the MGMT port on the front panel to your corporate LAN and turn it on. In a few minutes the NTA1000 will be fully booted and will display the MGMT port’s DHCP IP address on the LCD screen. At this point you can load CDRouter’s web interface and begin testing, or perform operating system administration and maintenance locally (by connecting a monitor, keyboard, and mouse) or remotely via SSH (credentials provided below).
More detailed information on the NTA1000 is provided in the sections below. If at any point you have any questions, please contact email@example.com.
The NTA1000 is based on an advanced Intel Core i5-660 CPU with 8 GB of RAM and a 2 TB fixed hard disk. For a complete list of hardware specifications, please see the NTA1000 data sheet:
The NTA1000 includes a full-range 300W ATX power supply. Specifically, the operating conditions supported by the NTA1000 are:
- Voltage: 100 - 240 VAC
- Frequency: 50 - 60 Hz
- Current demand (max): 3 - 6 A
The NTA1000 is equipped with seven Gigabit Ethernet ports accessible from the front panel. Of these seven ports, six are available for use as CDRouter test interfaces, and one is reserved for management access.
The six CDRouter test ports are labeled ETH1 through ETH6. The management port is labeled MGMT(ETH0). The MGMT port supports both DHCP and static addressing, as discussed in the section below. By default, the MGMT port is configured for DHCP. Ports ETH1 through ETH6 have all been configured for use as CDRouter test interfaces.
Note: The seven Ethernet ports map directly to the same interface names within the operating system (eth0 through eth6). The MGMT port maps to eth0 within the operating system.
The NTA1000 also includes an integrated dual-band 802.11 a/b/g/n wireless adapter based on a Qualcomm Atheros mini PCI-Express chipset. This wireless adapter has been configured for use as a CDRouter test interface and is accessible on the rear panel of the NTA1000 via three RP-SMA connectors located above the VGA port.
If you plan to use the NTA1000’s wireless interface you must attach suitable antennas to the three RP-SMA connectors on the rear panel. Three magnetic dual-band antennas with six foot pigtails are provided with the NTA1000 . We recommend using these antennas with your NTA1000. The six foot pigtails provide some flexibility for antenna placement. Signal quality will generally be better if the antennas are in close proximity to the device under test (DUT).
Note: The wireless adapter maps to the interface name wlan0 within the operating system.
The NTA1000 also includes a front panel LCD screen. The LCD keypad is not enabled. However, the LCD will display the installed version of CDRouter and the IP address of the MGMT port. This allows you to install and access the NTA1000 without the use of a monitor. Just connect the MGMT port to your network and power the NTA1000 on. After the system boots the management port’s IP address will be displayed. At this point you can connect to the system remotely via SSH or load the CDRouter web interface to begin testing.
The NTA1000 is also equipped with a front panel serial console port which can be used for local administration of the operating system. The serial console port is active after the operating system loads; BIOS and bootloader information is not displayed. The console port has the following settings:
- Speed: 115200
- Data bits: 8
- Parity: none
- Stop bits: 1
You can connect to the serial console port using a standard DB9 or USB to DB9 serial adapter. The system authentication is the same as the rest of the system, and is listed later in this document.
The NTA1000 ships with a slightly modified 64-bit CentOS 6.3 operating system. The only modifications made to the stock CentOS distribution are:
- The addition of some packages required by CDRouter
- Removal of some packages and services not required by CDRouter
- Configuration of the MGMT port, six Ethernet test interfaces, and wireless test interface
- Minor cosmetic tweaks
- SSH and BuddyWeb services are allowed through the IP Firewall, all other ports closed
- SELinux disabled
The NTA1000 includes a 2 TB internal hard disk for data storage. This disk is divided into two major partitions:
- Partition 1: approximately 50 GB reserved for the operating system
- Partition 2: approximately 1.8 TB reserved for /home and /usr/buddyweb
The /home and /usr/buddyweb directories have been isolated from the main operating system to allow for multiple recovery options in the event of a software failure. All CDRouter configs, packages, and test results are stored in the /usr/buddyweb directory. Likewise, we recommend that any custom tests or buddy CLI driven test results be stored somewhere in the /home directory.
These partitions require no action on the part of the user. The disk layout and partitioning scheme is presented for information only.
Administration and default login credentials
The NTA1000’s default login credentials are:
- Login: qacafe
- Password: cdrouter
These credentials can be changed at your discretion and are required for local or remote administration of the operating system. Local administration is possible at any time via the front panel console port or by connecting a standard monitor to the rear panel VGA port and a keyboard and mouse to the USB ports on the front panel.
Remote administration is available via SSH on the MGMT port. The LCD screen will display the IP of the MGMT port making it possible to remotely administer the system without needing a monitor, keyboard, and mouse.
The seven physical Ethernet ports that are accessible on the front panel of the NTA1000 map to the same respective interface names within the operating system. The integrated wireless adapter maps to the interface wlan0. The eth0 interface is reserved for management, while all other interfaces (eth1 through eth6 and wlan0) are reserved for use as CDRouter test interfaces. The MGMT port has been specially configured within the operating system and should not be used as a CDRouter test interface under any circumstances.
The NTA1000 is shipped with the firewall completely disabled. We have made this decision because the NTA1000 is often protected in a lab network, and configuring the firewall is an advanced system administration procedure.
You are free to implement the firewall according to any corporate guidelines. The firewall is Linux iptables. You may use the interface provided by the CentOS operating system used as the base of the NTA1000 for complete integration, or you may prefer a simple shell script.
A simple firewall shell script is included here for reference. You can paste this firewall into a script and test it before committing to its effects.
#!/bin/bash # This is a firewall script for the NTA1000. It denies all traffic except # for SSH, ICMP (ping, et al), and BuddyWeb. # We must clear the existing rules. iptables -F # Default policies can be only DROP or ACCEPT iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP # Allow all ICMP traffic, including pings. iptables -A INPUT -p icmp -j ACCEPT # Allow ssh, buddyweb, and buddyweb's talkback port. iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 8015 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT # Allow packets associated with services we have explicitly allowed # (This tells iptables to dynamically allow the connections that go # in the opposite direction, which have random port values) iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Catchall rule - REJECT will send a message that the # port is refused. This makes debugging easier for everyone. # Remove this rule to invoke the default policy rule of DROP, # which silently discards packets. iptables -A INPUT -j REJECT
Copy this script into a new file on your system. Set the execute bit. Run the script as the root user or with sudo permissions.
- Log into the NTA1000 as root
- run “nano firewall.sh”
- Copy the file into the editor
- Save the file
- run “chmod u+x firewall.sh”
- run “./firewall.sh”
To make the changes permanent, you can add a line to /etc/rc.local which invokes the script in the location you have saved it.
This example is a very simple firewall. To integrate with the CentOS firewall, please see http://wiki.centos.org/HowTos/Network/IPTables
Management port configuration
By default, the NTA1000 uses the NetworkManager service to automatically configure the MGMT port’s IP address and update the system’s DNS and default gateway information using DHCP.
If instead you’d like to assign a static IP address to the MGMT port, you must disable the NetworkManager service and update the system configuration files with the appropriate network address information for your local network by following the steps below.
(Note that any changes you make will not take effect until the next system reboot)
- Use the chkconfig command to turn the NetworkManager service off for all run levels:
# chkconfig NetworkManager off
You can use this command to turn NetworkManager “on” again, or check the status of the setting.
# chkconfig --list NetworkManager NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off
- Edit the following two files accordingly with a simple text editor in order to update the system’s network configuration and IP address information for the MGMT port:
Be sure to fully reboot the NTA1000 after making these changes in order for them to be applied properly.
$ gedit /etc/sysconfig/network NETWORKING=yes NETWORKING_IPV6=no HOSTNAME=nta1000.localdomain GATEWAY=10.0.0.1 $ gedit /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 HWADDR=00:03:2D:1A:CB:9D NM_CONTROLLED=no ONBOOT=yes IPADDR=10.0.0.128 BOOTPROTO=none NETMASK=255.255.255.0 DNS1=10.0.0.1 DOMAIN=lan
The above settings are provided only as an example. The IPADDR, DNS1, DOMAIN, and GATEWAY options must all match your desired static IP configuration.
Operating system updates
The NTA1000 software is fixed. As a result, all of the CentOS software repositories are disabled to avoid unwarranted updates which may lead to potential software conflicts. This is accomplished by moving the stock CentOS repository configuration files to a non-standard location. It is possible to re-enable software updates by moving these files back into their standard location. Doing so is unsupported unless directed by QA Cafe’s Support Team.
QA Cafe maintains a separate software repository for security and feature updates. QA Cafe’s Support Team may advise you to perform a specific update that utilizes this repository.
WARNING: It is unsupported to re-enable software updates from CentOS. To re-enable the CentOS software repositories:
$ sudo mv /etc/yum.repos.d.offline/* /etc/yum.repos.d/
After this command is complete, you must restart your NTA1000 to ensure that the YUM cache is rebuilt.
We highly recommend that you disable these repositories again to ensure your system does not update any system components that are not compatible with CDRouter. This requires two steps:
$ sudo mv /etc/yum.repos.d/* /etc/yum.repos.d.offline/ $ sudo mv /etc/yum.repos.d.offline/qacafe.repo /etc/yum.repos.d/
It is of particular concern that Linux kernel updates may break the functionality of your CDRouter software. CDRouter interacts with the kernel directly and the specific version shipped with your NTA1000 has been verified as compatible. QA Cafe will publish newer kernels to its software repository as security and feature requirements are determined.
CDRouter software updates
The NTA1000 ships with the most recent released version of CDRouter pre-installed and ready to run. QA Cafe periodically makes new major, minor, and maintenance releases of CDRouter available. QA Cafe’s Support Team will notify all active customers of new CDRouter software releases via email. Updated CDRouter software can be downloaded from the Customer Lounge (login required). Upgrade instructions can be found here.
Factory default configuration and system recovery
The NTA1000 has a system recovery system which allows you to revert your NTA1000 to its initial factory configuration.
To recover the NTA1000, select “Recovery” from the boot menu directly after the BIOS screen. Then select “NTA1000 Recovery Mode”. A System Recovery utility will load which offers two recovery choices:
The first System Recovery option is to completely recover the entire hard disk drive. WARNING: This option is completely destructive and all of the user generated data will be lost. This option is appropriate for hardware failures, where a new hard disk drive is being introduced to the NTA1000. Unsupported software updates are also remedied by this option.
The second System Recovery option is to recover the main operating system, but to preserve user generated data. This option will preserve the data in the /home directory and the /usr/buddyweb directory. Any data stored under a user account’s home directory and the BuddyWeb results, packages, and configurations will be retained. The system’s main operating system will be replaced, and the user data directories will be relinked.
WARNING: Please be aware that the process of replacing the hard disk drive will change the system-id and CDRouter will not load until QA Cafe’s Support Team has been alerted and the new system-id is registered. Please contact firstname.lastname@example.org before opening or replacing any of the NTA1000’s hardware components.
The necessity of performing regular backups
The NTA1000, like any industrial tool, is not immune to software or hardware failure and it is the responsibility of the customer to perform regular backups of the user data on the system to ensure quick, complete recovery in the aftermath of a system incident.
It is adequate to completely rebuild an NTA1000 by regularly archiving the data in /home and /usr/buddyweb as frequently as is necessary by the customer’s policies.
NTA1000 System Recovery can be performed to restore an NTA1000 to its factory default state. After the recovery has completed, the most recent backup should be restored onto the NTA1000. Finally, the CDRouter installer is available from the QA Cafe Customer Lounge, which is a binary installer that will automatically discover and index all previous CDRouter data. If the original hard drive is still in use, the buddy -update-license command will automatically retrieve the CDRouter license from the QA Cafe website. Following a reboot, the system will be restored with the contents of the backup immediately available.
Getting started with CDRouter
Getting started with CDRouter is easy! You can start exploring by opening a web browser and pointing it at port 8015 on your NTA1000’s management port IP address:
http://<NTA1000 IP address>:8015