Sun Ray Provisioning


There have been a few improvements in the 3.1 firmware which make it easier to bring up a set of Sun Ray DTU's with nothing more than generic DHCP parameters.  A lot of folks have questions regarding the newest and easiest option, which shifts the burden solely to DHCP and option 66 (tftp-server).  If DHCP is out of the Sun Ray administrators control, the next best option would be to use the new DNS options.

In order to use the most recent provisioning techniques, you must be running 3.1 firmware.  This is somewhat of a catch 22 as the Sun Ray 1g and Sun Ray 170 ship with 3.0 revision of firmware which cannot make use of the new features.  In order to get Sun Rays up to date to use option 66, the best way is to to run utfwload -L to force all connected Sun Rays to download the newest firmware.  Please note that this will "interrupt" user sessions, but will not kill them.  If need be, do it during off hours.

Note, in order to use utfwload, Sun Rays must be running at least the 2.0 114880-04 rev of firmware.  If your firmware is older than this, you will need to use the older methods of vendor class options or a "filling station" to get the Sun Rays up to date.  Once the Sun Rays are up to date, you may abandon older methods of FW management and Server discovery for standard DHCP or DNS.

Here is the order in which 3.1 FW Sun Rays will look for Sun Ray firmware and session servers.

DTU Search Method Order
FW Management
Session Server
DHCP Option 66 .parms file
Yes
Yes1
sunray-config-servers DNS query2 Yes
Yes1
AltAuth Discover or Request response
No
Yes3
DHCP Option 49 Discover or Request
No
Yes
AltAuth Inform response
No
Yes3
DHCP Option 49 INFORM response
No
Yes
sunray-servers DNS query2 No
Yes
Broadcast (same subnet only)
No
Yes


Note: Vendor specific options take precedence over the above methods.  .parms files configuration will take precedence over vendor specific options if both are present. If you have vendor class options defined for Sun Ray (SUNW.NewT.SUNW), you should remove them from service unless there is functionality that the above methods do not address.  Client sys logging is one such feature, but is rarely used outside of a lab environment for troubleshooting.  During normal Sun Ray operations, you should not need anything more than standard DHCP or DNS in addition to the parms files.

1) The use of parms files to have the Sun Ray find a session server requires that the administrator add instructions to each parms file in /tftpboot the server that is listed in option 66  (single IP/hostname)  of your DHCP server or in your DNS entry of sunray-config-servers.

These lines will be servers= and select=.

The servers= line will contain a comma delimited list of Sun Ray Server IP addresses or host names.  In order to use host names, they must be resolvable by the client which means that a domain server and domain name must be provided as part of the basic DHCP parameters.

The select= line can contain either of the keywords "inorder" or "random".  If inorder is specified, the DTU will try to contact the Sun Ray Servers in the order listed.  If random is selected, the client will chose one of the servers in a random order.  This may help the load balancing of the initial connections to the Sun Ray Server group.  Note that this will not affect the session based balancing (NSCM or Smart Cards)

If interconnects are created via utadm -A or -a, the /tftpboot directory boot structure along with the firmware files and the basic parms files get created automatically.  However they are not created if only utadm -L on was ran.  If this is the case, the administrator must run the following command:   /opt/SUNWut/sbin/utfwadm -A -a -V

To have utfwadm read the servers= and select= from a text file, simply create a text file with your entries then add the -i <name of your text file> option to the utfwadm.  Example:  /opt/SUNWut/sbin/utfwadm -A -a -V -i /tmp/servers.conf.  In this example /tmp/servers.conf would look like the following:

servers=129.154.152.29,129.154.152.30,129.154.152.31
select=random

Note regarding Sun Ray 2 ModelsCurrently there are no FW files for Sun Ray 2 models in SRSS 3.1 (as of patch -03), but you can still create a parms file that they will read to find the session servers. Patch -05 now includes Sun Ray 2 Firmware. The subtlety here is that we changed the parms prefix name for Sun Ray 2 models, instead of looking for a CoronaP\*.parms files, Sun Ray 2 models will look for a SunRayP\*.parms file.  To create a parms file that will be read by Sun Ray 2 models, copy your servers= and select= lines along with a line that reads version=_NONE_ into a file called SunRayP8.parms and move that file to /tftpboot along with the other parms files paying attention to ownership and permissions.  When Sun Ray 2 firmware gets included in the way of patches, you will no longer have to create the SunRayP\*.parms files by hand.

2)  If relying on DNS  the Sun Ray DTUs will try to resolve sunray-config-servers in the DNS domain given to them through DHCP and any parent domains. For example:

sunray-config-servers.group.division.myco.com
sunray-config-servers.division.myco.com
sunray-config-servers.myco.com

The host name sunray-servers can also be used, but like only using option 49, firmware upgrades will not occur.  Using sunray-config-servers with the proper additions to the parms files noted in step one is preferred.

Note:  If DNS is used or a host name is provided via Option 66 then both a list of DNS Servers (DHCP Option 6) and a domain name (DHCP Option 15) must also be provided.

Note:  Option 66 is a single entry and must be a "string".  It cannot be a comma separated list or names or addresses.  If need be you can round robin the host name entry in your DNS Server.  It's up to the client to parse an IP out of the string, and Sun Rays do support this.

3) AltAuth is a vendor class option.  The vendor class would be SUNW.NewT.SUNW and the DHCP option under this option class would be 35.  While this is not a recommended method of having a Sun Ray client find a session server, it is included in this post to ensure the reader understands.

Querying the DTU for options received

The command utquery (/opt/SUNWut/sbin/utquery) will query a Sun Ray DTU to find out what options the unit received from DHCP.  Here are a few examples of what utquery will respond with given different provisioning options:

Option 66 w/ servers= and select= in the parms file
---------------------------------------------------
terminalIPA=192.168.8.119
model=CoronaP2
Subnet=255.255.255.0
Router=192.168.8.1
MTU=1500
Broadcst=192.168.8.255
LeaseTim=3600
DHCPServer=192.168.8.10
INFORMServer=192.168.8.10
tftpSrvr=192.168.8.10
parmsVersion=3.1_120879-03_2006.04.03.16.51
parmsBarrier=310
parmsServers=192.168.8.10
parmsSelect=random
currentAuth=192.168.8.10
currentFW=3.1_120879-03_2006.04.03.16.51
currentBarrier=310
currentBarrierLevel=310
dnsList=24.234.0.7,24.234.0.71
dname=sunlasvegas.com


Option 49 Only
---------------
terminalIPA=192.168.8.118
model=CoronaP2
Subnet=255.255.255.0
Router=192.168.8.1
MTU=1500
Broadcst=192.168.8.255
LeaseTim=3060
DHCPServer=192.168.8.10
INFORMServer=192.168.8.10
currentAuth=192.168.8.10
currentFW=3.1_120879-03_2006.04.03.16.51
currentBarrier=310
currentBarrierLevel=310
AltAuth=192.168.8.10
dnsList=24.234.0.7,24.234.0.71
dname=sunlasvegas.com


Option 49 & 66 (without server/select in parms file)
--------------------------------------------------------
terminalIPA=192.168.8.119
model=CoronaP2
Subnet=255.255.255.0
Router=192.168.8.1
MTU=1500
Broadcst=192.168.8.255
LeaseTim=2629
DHCPServer=192.168.8.10
INFORMServer=192.168.8.10
tftpSrvr=192.168.8.10
parmsVersion=3.1_120879-03_2006.04.03.16.51
parmsBarrier=310
currentAuth=192.168.8.10
currentFW=3.1_120879-03_2006.04.03.16.51
currentBarrier=310
currentBarrierLevel=310
AltAuth=192.168.8.10
dnsList=24.234.0.7,24.234.0.71
dname=sunlasvegas.com

Option 66 and 49 \*with\* servers and select in parms file
--------------------------------------------------------
terminalIPA=192.168.8.118
model=CoronaP2
Subnet=255.255.255.0
Router=192.168.8.1
MTU=1500
Broadcst=192.168.8.255
LeaseTim=2137
DHCPServer=192.168.8.10
INFORMServer=192.168.8.10
tftpSrvr=192.168.8.10
parmsVersion=3.1_120879-03_2006.04.03.16.51
parmsBarrier=310
parmsServers=192.168.8.10
parmsSelect=random
currentAuth=192.168.8.10
currentFW=3.1_120879-03_2006.04.03.16.51
currentBarrier=310
currentBarrierLevel=310
AltAuth=192.168.8.10
dnsList=24.234.0.7,24.234.0.71
dname=sunlasvegas.com

Option 66 and 49 with a different server in option 49 than in servers= in parms file.
-------------------------------------------------------------------------------------
terminalIPA=192.168.8.119
model=CoronaP2
Subnet=255.255.255.0
Router=192.168.8.1
MTU=1500
Broadcst=192.168.8.255
LeaseTim=1937
DHCPServer=192.168.8.10
INFORMServer=192.168.8.10
tftpSrvr=192.168.8.10
parmsVersion=3.1_120879-03_2006.04.03.16.51
parmsBarrier=310
parmsServers=192.168.8.10
parmsSelect=random
currentAuth=192.168.8.10
currentFW=3.1_120879-03_2006.04.03.16.51
currentBarrier=310
currentBarrierLevel=310
AltAuth=192.168.8.12  <-----Still requests option 49.  This is the wrong server but it still goes to the one noted in the parms file.
dnsList=24.234.0.7,24.234.0.71
dname=sunlasvegas.com

Using Vendor Class options/DHCPInform
-----------------------------------------
terminalIPA=192.168.8.117
model=CoronaP2
Subnet=255.255.255.0
Router=192.168.8.1
MTU=1500
Broadcst=192.168.8.255
LeaseTim=86400
DHCPServer=192.168.8.10
AuthSrvr=192.168.8.10
AuthPort=7009
LogHost=192.168.8.10
FwSrvr=192.168.8.10
NewTVer=3.1_120879-03_2006.04.03.16.51
parmsVersion=3.1_120879-03_2006.04.03.16.51
parmsBarrier=310
currentAuth=192.168.8.10
currentFW=3.1_120879-03_2006.04.03.16.51
currentBarrier=310
currentBarrierLevel=310
AltAuth=192.168.8.10

Broadcast (same subnet only)
----------------------------
 terminalIPA=192.168.8.101
 model=CoronaP2
 Subnet=255.255.255.0
 Router=192.168.8.1
 LeaseTim=85655
 DHCPServer=192.168.8.1
 currentAuth=192.168.8.10
 currentFW=3.1_120879-03_2006.04.03.16.51
 currentBarrier=310
 currentBarrierLevel=310
 dnsList=24.234.0.71,24.234.0.7
 dname=sunlasvegas.net

Here's a problem!
=========
Option 66 listed as a name, but no DNS servers given
----------------------------------------------------
terminalIPA=192.168.8.119
model=CoronaP2
Subnet=255.255.255.0
Router=192.168.8.1
MTU=1500
Broadcst=192.168.8.255
LeaseTim=1329
DHCPServer=192.168.8.10
INFORMServer=192.168.8.10
tftpSrvr=craig
currentFW=3.1_120879-03_2006.04.03.16.51
currentBarrier=310
currentBarrierLevel=310
dname=sunlasvegas.com

Comments:

Hey ThinGuy,

When using the utfwadm command with the -i option, "all" the parameters aren't appended to the config file? Only the server and select parameters are passed.

Can't I pass the vpn.peer, vpn.enabled, etc parameters with this command?

Even if I manually include the vpn parameters to the .parms file, they don't get picked up by the client...

Posted by The_Shizz on September 08, 2008 at 02:46 AM PDT #

Thanks for the post. I've run Sun Ray networks at home in the past before and I'm considering doing it again.

Do you have any suggestions for DHCP servers? Rather buy a small low-power box than keep a desktop machine running with a DHCP server. Do you have any suggestions for DHCP servers for a small home setup?

Posted by Curt Cox on July 11, 2009 at 11:19 PM PDT #

Post a Comment:
Comments are closed for this entry.
About

Think Thin is a collection of bloggers that work with Oracle's Virtual Desktop portfolio of products.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today