Back to Contents Page
Linux Operating System: Broadcom CryptoNetX SSL Accelerator
Adapter User Guide
Updating the Driver
and Load Balancing Troubleshooting
Glossary of Terms and Acronyms
Linux support for the CryptoNetX SSL Accelerator adapter is tightly integrated
into Red Hat 7.2. All of the software necessary to enable the adapter can be
found on the Red Hat 7.2 installation media. When installing the operating system,
support for the CryptoNetX can be included by doing the following:
- Select Server from the Installation Type menu and choose Web
Server from the Package Group Selection list, or
- Select Custom from the Installation Type menu and choose Everything
from the Package Group Selection list, or
- Opt to Select Individual Packages and include bcm5820 from
System Environment > Base.
If the adapter is being added to a computer on which Red Hat 7.2 is already
installed, complete the following steps:
- If the bcm5820 package is not already installed, install the package from
the Red Hat 7.2 operating system installation media, disk 2.
- Shut down the computer and install the CryptoNetX adapter, as described
in Hardware Installation.
- Restart the computer.
- When Kudzu, the Red Hat autoconfiguration utility appears, follow the on-screen
- When Kudzu exits, activate the CryptoNetX adapter by typing the following:
service bcm5820 start.
- Restart any services that rely on SSL, or restart the computer.
||NOTE: The CryptoNetX SSL Accelerator adapter supports only the Apache
Web server. Apache, version 1.3.20, as provided in Red Hat 7.2 has been
tested with the adapter in conjunction with OpenSSL, version 0.9.6b, and
was found to operate properly.
Updating the driver
Periodically, driver updates are made available either on the Dell website or on a support CD. When an updated driver is released, it is generally supplied in two forms: a kernel-specific binary RPM and a kernel agnostic, tarred and gzipped, source tree. Unless a customized kernel is in use, follow the instructions below to install the binary RPM.
Upgrading with a binary RPM
- Upgrade the driver with the command rpm -Uvh <filename> where "filename" is the name of the binary RPM file.
- Reboot the server.
If the kernel has been customized (reconfigured and recompiled) the driver must be built from source to match the kernel. Follow the instructions below.
Upgrading from Source Code
- Create a working directory to hold the source files: mkdir bcmdir
- Enter the working directory cd bcmdir and unzip the source code with the command tar xzvf <sourcefile> where "sourcefile" is the name of the source code package.
- Build the new driver with the command make -f Makefile.bcm
- Install the driver with the command make install -f Makefile.bcm
- Reboot the server.
||NOTE: Updated drivers may also provide updated documentaion in the form of a "readme.txt" file. If such a file exists, it's contents may supercede this document.
Use the following commands to remove the software that supports the CryptoNetX
SSL Accelerator adapter:
service bcm5820 stop
rpm -e bcm5820
The diagnostics program, b58diag,
allows you to verify that the driver is loaded and functioning properly. See
||NOTE: CryptoNet is the generic name for the Broadcom CryptoNetX SSL
Accelerator adapter. When you run b58diag,
the system software recognizes the generic name.
The bcm5820 package, as delivered in Red Hat 7.2, provides extensions to the
ucd-snmp package and the MIBs that allow the CryptoNetX adapter to be monitored
via SNMP. Further information regarding the shell scripts that extend the functionality
of the ucd-snmp daemon can be found in /usr/share/coc/bcm5820-1.17/readme.snmp.
The MIB file, which can be used by an SNMP management station, can be found
Failover and Load Balancing
If you have multiple Broadcom CryptoNetX SSL Accelerator adapters installed
in your computer, traffic is automatically shifted to other adapters in case
one or more of the adapters fails or is removed. Even if all CryptoNetX adapters
fail, traffic is automatically shifted to the CPU. Also, traffic is distributed
among all operational adapters. You do not have to configure the software to
realize the failover and load balancing features.
||WARNING: Before opening the case
of your computer, review all precautions outlined under Safety
Checking the System
Review the following checklist for recommended actions to take if any functionality
problems occur when you install or operate the CryptoNetX SSL Accelerator adapter.
- Check the adapter installation by reviewing the Adapter
Installation Procedure. Verify that the adapter is properly seated in
a PCI slot. Check for specific hardware problems, such as obvious damage to
the adapter components or the PCI connector dock.
- Check the configuration settings and change them if they are in conflict
with another device.
- Verify that your system is using the latest BIOS.
- Insert the adapter into another PCI slot. If the new position works, the
original slot in your computer may be defective.
- Replace the adapter with one that is known to work properly. If the second
adapter works in the slot where the first adapter failed to work, the original
adapter is probably defective.
- Install the adapter in another computer and check the functioning of the
adapter. If the adapter functions satisfactorily in the other computer, the
original computer may be defective.
- Remove all other adapters from the computer and check the functionality
of the CryptoNetX SSL Accelerator adapter again. If the adapter functions
satisfactorily, the other adapters may be causing contention.
- Verify that the bcm5820 package is correctly installed by doing the following:
- At the shell command prompt, type rpm
If the package is correctly installed, the following message appears:
- If you do not see the message, the package is not correctly installed.
- To install the package, do the following:
- Insert the Red Hat 7.2 operating system installation media, disk 2 in
the CD-ROM drive.
- Verify that the compact disc is mounted. Then type cd
- Install the package by typing rpm
- Repeat step 8A to verify that the installation was successful.
- Verify that the startup script is enabled.
- At the shell command prompt, type chkconfig
- Verify that run levels 3, 4, and 5 are on. If the startup script is
not enabled, type chkconfig bcm5820
- Restart the computer.
- At the shell command prompt, restart the Apache Web server by typing service
- Run lsmod to verify that the BCM5820 driver is properly loaded.
If the driver is loaded, a line similar to the one below appears, where size
is the size of the driver in bytes, and n
is the number of active CryptoNetX processes.
The Broadcom 5820 Linux diagnostic program can also be used to verify that
the driver is loaded and functioning correctly. To run the diagnostic program,
- Verify that OpenSSL is configured to use the Broadcom CryptoNetX
SSL Accelerator adapter by looking for the statement "engine
= ubsec" in /usr/share/ssl/openssl.cnf.
- Make certain that the server has the latest CryptoNetX driver. Run b58diag -v to determine the driver version in use and then check the product support CD or the Dell website for a newer driver.
Known Problems and Workarounds
|When you run the b58diag diagnostic using the -v and -s options,
the version number that is reported is 0.
|When you run the b58diag diagnostic using the -s<number
of CryptoNetX devices installed> option and you type a number that
is greater than the number of CryptoNetX devices that are actually installed,
the test reports failure on the nonexistent devices.
||When using the -s option, type a value between 1 and n, where
n equals the total number of installed CryptoNetX devices.
Back to Top
Please read all restrictions and disclaimers.
Back to Contents