manualshive.com logo in svg

BelAir Networks BelAir 100SN, User Manual

The BelAir Networks BelAir 100SN - User Manual is now available for download from our website, free of charge. This comprehensive manual provides detailed instructions on how to maximize the performance and features of your BelAir 100SN device. Get your manual today at manualshive.com, and unleash the true potential of your product.

Share
Download
background image

BelAir100SN User Guide

Wi-Fi AP Security

May 31, 2010

Confidential

Page 110 of 212

Document Number BDTM11001-A01 Released

Determining the MAC address of your Internet gateway(s) depends on the type 

of equipment you are using. Refer to your equipment’s User Manual for the 

specific details.
You will need the MAC address of your gateways later to provision the secure 

MAC white list of the APs configured in 

secure port

 mode.

Disabling or Enabling AP 

Wireless Bridging

/interface/wifi-<n>-<m>/set ssid <ssid_index> wireless-bridge
                                             {enabled|disabled}

Use the 

show ssid table

 command to determine 

<ssid_index>

.

Disabling wireless bridging for an AP prevents wireless clients associated to that 

particular AP from communicating with one another.
It does not prevent a wireless client associated with one AP (AP “A”) from 

communicating with a wireless client associated with another AP (AP “B”). The 

secure port

 mode prevents this. See 

“AP Secure Port Mode” on page 111

.

By default, wireless bridging is 

enabled

.

Disabling Inter-AP 

Wireless Client 

Communication

Disabling inter-AP wireless client communications involves setting up a secure 
MAC white list and enabling secure port mode for each AP.

Secure MAC White List

/interface/wifi-<n>-<m>/add secure-mac-address <mac-address-string>
                              [secure-mac-mask <mac-mask-string>] 
                             [all | untagged | <vlan-id>]
/interface/wifi-<n>-<m>/del secure-mac-address <mac-address-string> 
                             [all | untagged | <vlan-id>]

Use these commands only if you want to manually provision the MAC 

addresses of the Internet gateway(s) or router(s) in your network.
These commands add and remove a MAC address from the secure MAC white 

list. The MAC address can optionally be qualified with a mask and a traffic 

descriptor as follows:
• The mask is specified with the 

secure-mac-mask

 option. Use 

ff

 to indicate 

bits to accept. Use 

00

 to indicate bits to ignore. For example, a MAC 

address of 00:0d:67:0c:21:90 with a mask of ff:ff:ff:00:00:00 specifies all MAC 
addresses beginning with 00:0d:67. You can also customize the mask to 
exactly suit your needs by using values other than 

ff

 or 

00

.

• The traffic descriptor can be one of 

all

untagged

 or a VLAN ID. Use a 

VLAN ID to specify the traffic of a particular VLAN. Use 

untagged

 to specify 

only untagged traffic. Use 

all

 to specify all traffic.

When configured in secure port mode, the AP forwards to the associated 
wireless clients only those Layer 2 (Ethernet) frames for which the source MAC 

Summary of Contents for BelAir 100SN

Page 1: ... confidential and proprietary to BelAir Networks Errors and Omissions Excepted Specification may be subject to change All trademarks are the property of their respective owners Protected by U S Patents 7 171 223 7 164 667 7 154 356 7 030 712 and D501 195 Patents pending in the U S and other countries BelAir Networks the BelAir Logo BelAir200 BelAir100 BelAir100S BelAir100C BelAir100T BelAir20 BelA...

Page 2: ...ration Overview 76 Configuring Wi Fi Radio Parameters 77 Configuring Wi Fi Access Point Parameters 85 Wi Fi AP Security 99 Wi Fi Backhaul Link Configuration 113 Mobile Backhaul Mesh 120 Mobile Backhaul Point to point Links 124 Operating in High Capacity and Interference Environments 134 DHCP Relay Settings 142 Network Address Translation 145 Using Layer 2 Tunnels 150 Quality of Service Settings 16...

Page 3: ... Typographical Conventions This document uses the following typographical conventions Text in indicates a parameter required as input for a CLI command for example IP address Text in indicates optional parameters for a CLI command Text in refers to a list of possible entries with as the separator Parameters in indicate that at least one of the parameters must entered Related Documentation The foll...

Page 4: ...m based on RSTP to automatically control the creation of loops within the mesh This loop management function is fully transparent to customers and under normal operating conditions you do not need to modify any settings Hardware Description Figure 1 on page 5 shows the relationship between the main BelAir100SN hardware modules The BelAir100SN consists of the following modules one Dual Radio Unit D...

Page 5: ...Number BDTM11001 A01 Released Figure 1 BelAir100SN Hardware Module Block Diagram Ethernet 10Base TX 100Base TX 1000Base TX DOCSIS 40 to 87 V DRU 5 GHz Radio Antenna 1 Antenna 3 Antenna 2 2 4 GHz Radio Diplexer Cable Modem Power Supply Unit Power Protection Module Reset Antenna 4 Diplexer ...

Page 6: ...r100SN unit including system parameters system configuration and status radio module configuration and status user accounts BelAir100SN traffic statistics layer 2 functionality such as those related to bridging and VLANs Quality of Service parameters alarm system configuration and alarms history Each unit can have up to nine simultaneous CLI sessions Telnet or SSH For a description of basic CLI co...

Page 7: ... Table 3 on page 8 describes the BelAir100SN SNMP MIBs A copy of the BelAir100SN SNMP MIBs is available from the BelAir Networks online support center at www belairnetworks com support index cfm Table 2 Standard SNMP MIBs File Name Description BRIDGE MIB mib implements RFC1493 IANAifType MIB mib defines standard interface types assigned by the Internet Assigned Numbers Authority IANA IEEE802dot11 ...

Page 8: ... mib defines DOCSIS cable modem data types BELAIR IEEE802DOT11 CLIENT mib BELAIR IEEE802DOT11 mib defines features that are not supported by the standard IEEE802 11 MIB BELAIR IP mib defines BelAir IP data types BELAIR MESH mib defines BelAir multipoint to multipoint data types BELAIR MOBILITY mib defines data types to support mobile backhaul mesh and point to point links BELAIR PHYIF MAPPING mib ...

Page 9: ...SN node is shipped Each unit can have up to five simultaneous CLI sessions HTTP or HTTPS By default the BelAir100SN Web interface has an associated time out value If the interface is inactive for 9 minutes then you are disconnected from the interface To reconnect to the interface you need to log in again Accessing the System Page with Secure HTTP or with HTTP To log in to the BelAir100SN Web inter...

Page 10: ... 212 Document Number BDTM11001 A01 Released Figure 2 Typical Login Page 2 Enter a valid user name such as root and a valid password Note The specified password is case sensitive Figure 3 on page 10 shows a typical resulting main page for the Web interface Figure 3 Typical Web Interface Main Page ...

Page 11: ...ssion click on the Logout button located in the top right corner each page See Figure 3 Additional Troubleshooting Tools The Web interface provides the following tools to display radio performance metrics a throughput meter histogram display of various performance metrics These tools are only available with the Web interface For full details see the BelAir100SN Troubleshooting Guide ...

Page 12: ...thernet port on the BelAir100SN by connecting through the cable modem CAUTION Do not connect the BelAir100SN to an operational data network before you configure its desired IP network parameters This may cause traffic disruptions due to potentially duplicated IP addresses The BelAir100SN unit must connect to an isolated LAN or to a desktop or laptop PC configured to communicate on the same IP sub ...

Page 13: ...ssful the BelAir100SN prompt is displayed The default prompt is if you login as root Otherwise the default prompt string is Note 1 The terminal session locks after four unsuccessful login attempts To unlock the terminal session you must enter the super user password Note 2 BelAir100SN CLI commands are not case sensitive uppercase and lowercase characters are equivalent However some command paramet...

Page 14: ...once for your password telnet 10 1 1 10 BelAir Backhaul and Access Wireless Router BelAir User root Password Command Modes The BelAir100SN CLI has different configuration modes Different commands are available to you depending on the selected mode Each card in the BelAir100SN has at least one associated physical interface Some examples of physical interfaces are a Wi Fi radio or an Ethernet interf...

Page 15: ... physical interfaces Interface wifi 1 1 is associated with the DRU 2 4 GHz radio Interface wifi 2 1 is associated with the DRU 5 GHz radio Interface eth 1 1 is associated the DRU card s Ethernet interface The mgmt mode allows you to control user accounts which authentication to use and whether you can access the node with Telnet You can control the IP RADIUS RSTP SNMP SNTP and L2TP protocols throu...

Page 16: ...terface is located in the BelAir platform m is port number m is 1 for most interfaces The DRU card can have multiple ports representing multiple Wi Fi radios operating different frequencies Some configurations may have multiple Ethernet ports Node Management mgmt Configure user accounts user authentication and Telnet access Protocol Management protocol protocol one of ip nat radius rstp snmp sntp ...

Page 17: ... that apply to that specific type and version of interface are available when you access a particular physical interface For example if you access an DRU interface only the commands that apply to an DRU Wi Fi radio are available Entering displays the commands that apply to the currently accessed mode Entering or help displays the commands that apply to the currently accessed mode plus common comma...

Page 18: ...w to enter the mgmt mode command show telnet status mgmt sh t s Command History You can use the history command to display a list of the last commands that you have typed Example history 8 h 9 hi 10 11 show user 12 cd system 13 show loads 14 show sessions 15 cd 16 cd interface wifi 1 1 17 18 show 19 show ssid table 20 show statistics 21 history Special CLI Keys Command Completion You can ask the C...

Page 19: ...p Command command help command These commands display a list of commands available in the current mode help on a particular command available in the current mode help on commands starting with the given keyword in the current mode Entering is equivalent to entering help Available Commands Entering displays the commands that apply to the currently accessed mode For example mgmt Available commands a...

Page 20: ...ser username password password config restore remoteip ipaddress remotefile filename tftp ftp user username password password force show date su username Keyword Help Entering or help followed by a keyword displays all possible commands starting with that keyword For example mgmt show Available commands show authentication login Description show authentication login status and RADIUS servers confi...

Page 21: ...guration database from a previously saved backup copy Saving the Configuration Database config save active backup remoteip ipaddress remotefile filename tftp ftp user usrname password pword This command allows you to save the current configuration of the entire BelAir100SN node This includes all system layer 2 and radio settings When used without its optional parameters the config save command sav...

Page 22: ...f you specify FTP you can also specify the user name and password The default FTP user name is anonymous and the default FTP password is root nodeip where nodeip is the IP address of node making the request If you do not use the default FTP username the FTP server must be configured to accept your username and password The optional force parameter suppresses version checking on the configuration f...

Page 23: ... unit s configuration to factory defaults Example passwd Old Password Enter New Password Reenter the Password Password updated Successfully Clearing the Console Display clear screen This command clears your console display window Locking the Console Display console lock This command lock your console display window You must enter your password to unlock it Displaying the Current Software Version v...

Page 24: ...User is root Switching User Accounts su username This command changes the user account you are currently using To return to the original user account use the exit command Example whoami Current User is root su guest whoami Current User is guest exit whoami Current User is root Replacing a Token by a String alias replacement string token to be replaced This command replaces the specified token by t...

Page 25: ...r machine such as another BelAir node by specifying the IP address By default t Telnet uses port 23 You can also specify an alternate port number Radio Configuration Summary show interface summary This command displays a summary of the configuration of all radio interfaces Example The following example shows a typical output for a BelAir20 show interface summary wifi 1 1 Radio description HTMv1 5G...

Page 26: ... a CLI session window If you use this method 1 Paste only 20 to 25 commands at a time Otherwise you may overfill the command buffer used for the CLI session If you overfill the command buffer you need to determine exactly which commands were executed and which were not before proceeding 2 After pasting a block of commands verify that your script behaved as expected that is that the pasted commands...

Page 27: ...nfigure an SNMP community use the set community command described in Communities on page 29 For sending traps use the set trap command described in Traps on page 29 to configure the node with the parameters of the destination SNMP manager Refer to SNMP Command Reference on page 28 for detailed descriptions of all SNMP commands SNMPv3 Servers To configure an SNMP user use the set user command descr...

Page 28: ...only displayed to users with root privileges See User Privilege Levels on page 34 for details Example 1 protocol snmp show config v2 EngineId 80003d9805000d67091448 Community configuration Index Name IP Address Privilege 1 public 0 0 0 0 ReadOnly 2 private 10 1 1 70 ReadWrite Trap configuration Index IP address Community Version 1 10 1 1 70 public v1v2 Example 2 protocol snmp show config v3 Engine...

Page 29: ...mp set community 1 community name belair ipaddr 0 0 0 0 privilege readonly In this example all managers configured with the SNMP community of belair can access the node for read only functions Example 2 protocol snmp set community 1 community name belair200 ipaddr 10 10 10 11 privilege readonly protocol snmp set community 2 community name belair100 ipaddr 20 20 20 20 privilege readwrite protocol s...

Page 30: ...ameter specifies the IP address associated with this user The access parameter specifies the level of access granted to this user The password parameter is the password required by the user to access SNMP data A user must supply this password if using a MIB browser The BelAir100SN uses DES encryption to encrypt SNMP packets The priv DES parameter specifies the encryption key required to encrypt or...

Page 31: ...lete notify command disables notifications from being sent for the specified notification name The show notify command displays the current SNMP notify configuration Passwords are only displayed to users with root privileges See User Privilege Levels on page 34 for details Example 1 protocol snmp set notify trap1 type trap ipaddr 10 1 1 70 Example 2 protocol snmp show notify Name Type IP address T...

Page 32: ...led HTTP ssl set http enable disable ssl show http status These commands enable or display the HTTP interface The show command displays the current status Secure HTTP ssl set secure http enable disable ssl show secure http status These commands enable or display the secure HTTP interface The show command displays the current status SSH The following sections show you how to configure the Secure Sh...

Page 33: ...es a new RSA key pair The input value of no of bits can be 512 or 1024 Example cd ssl ssl ssl gen key rsa 1024 Creating Certificate Request ssl ssl gen cert req algo rsa sn SubjectName This command creates a certificate request using the RSA key pair and SubjectName The subject name is the identification of the switch or the switch s IP address Example cd ssl ssl ssl gen cert req algo rsa sn 10 1 ...

Page 34: ...levels An observer user can execute only the following commands most show commands the help and commands the passwd command the clear screen and exit commands the cd and mode commands the history command the whoami command the ping command A normal user can execute any CLI command except those reserved for the super user The super user can execute any CLI command Table 5 on page 34 lists the CLI c...

Page 35: ...hentication login System Commands set country country_name set global session timeout period terminate session session_index upgrade load remoteip serverIPaddress remotepath serverSubDir tftp ftp user usrname password pword cancel upgrade reboot force commit load set next load A B current inactive syscmd restoreDefaultConfig syscmd backupToShadow syscmd restoreFromShadow Card card_type n Commands ...

Page 36: ...atus show server cert ssl gen cert req algo rsa sn SubjectName ssl gen key rsa no of bits ssl save ssl server cert Syslog Mode Commands logserver enable disable ip address monitor logging enable disable logging enable disable loglevel debug info notice warn error critical alert emerg Protocol SNMP Mode Commands set snmp agent enabled disabled set community CommunityIndex community name name ipaddr...

Page 37: ...el For example under Groups normal users display NORMAL OBSERVER while the root account displays root NORMAL OBSERVER The mode parameter sets the command mode that a user accesses when they log in If unspecified it defaults to a slash so the user begins their session in root mode Users with observer privileges must start their sessions in root mode The group parameter specifies the user account s ...

Page 38: ... sure the user privilege levels are entered exactly as specified If the privilege levels are unspecified in RADIUS then the BelAir100SN provides the user with observer privileges Example 1 mgmt adduser testuser p userpwd d system Example 2 mgmt deluser xyz Example 3 In the following example the user guest begins their session in interface mode and their password is changed to guest123 mgmt moduser...

Page 39: ...entication server table Index 1 Radius Server Address 10 1 3 254 UDP port number 1812 Radius Client Address 10 1 3 48 Timeout 3 Index 2 Radius Server Address 10 1 3 253 UDP port number 1812 Radius Client Address 10 1 3 48 Timeout 3 RADIUS Servers protocol radius set server server idx IP_addr shared secret authport server port acctport acct port interface system vlan 1 2814 timeout seconds reauthti...

Page 40: ... the RADIUS server that is make sure they are still allowed to access the network at the specified interval You only need to configure this parameter if it is not specified on the RADIUS server Setting the interval to zero disables this feature The maximum interval time is 2147483647 If you enter a higher number the value is set to its maximum Note Make sure the user s privilege level are correctl...

Page 41: ...omatic disconnection The set global session timeout command changes the idle period of all CLI sessions Its period parameter ranges from 1 to 1440 that is up to 24 hours You cannot specify 0 as the global session idle period You must be logged in as root to use this command The set session timeout command changes the idle period of only the current CLI sessions Its period parameter ranges from 0 t...

Page 42: ...he 20 character string as defined by the set prompt string command The string can consist of any 20 ASCII characters except for the semicolon The show prompt command displays the current prompt settings Examples system set prompt string BelAir 128 50 46 189 system set prompt selection string BelAir 128 50 46 189 system system switch BA20 A BelAir 128 50 46 189 system set prompt selection switch na...

Page 43: ...IP Address Notification on page 46 CAUTION The BelAir100SN uses internal IP addresses in the range of 192 168 1 x 192 168 2 x and 192 168 3 x As a result do not configure the BelAir100SN to use any IP addresses within these ranges Displaying IP Parameters protocol ip show config The protocol ip show config command displays a detailed view of the system s IP configuration Example protocol ip show c...

Page 44: ...s previously created with the set interface command If the IP address is dynamically set BelAir Networks recommends that you also configure the switch name location and contact parameters These parameters then allow you to identify the node if you later need to do a remote CLI session Refer to System Identification Parameters on page 48 In addition to providing the IP address the DHCP server can b...

Page 45: ...f the node s management interface or of the VLAN CAUTION Using this command may cause the DHCP server to change the IP address of the node s management interface If this happens you may need to reconnect to the node using the new IP address Auto IP protocol ip set auto IP enabled disabled This command automatically configures the node to have a specific default IP address if it cannot get an IP ad...

Page 46: ...ateway Configuring the Domain Name System Lookup Service protocol ip set dns server primary secondary ip_address protocol ip del dns server primary secondary protocol ip set dns domain name customer com protocol ip del dns domain name The BelAir100SN provides a Domain Name System DNS lookup service by providing a DNS client that resolves computer names to IP addresses If the local DNS server fails...

Page 47: ... System Up Time on page 52 Saving and Restoring the BelAir100SN Configuration on page 53 Restarting the Node on page 53 Creating and Using Script Files on page 54 Enabling or Disabling Session Logging on page 61 Country of Operation system show country detail system set country country_code These commands allow you to adjust the radios in your unit to conform to the regulatory requirements for you...

Page 48: ... switch location The name parameter is limited to 32 characters Example The following example sets the switch name to BA20 A the contact information to BelAirNetworks and its location to PoleNumber1 system system id switch BA20 A contact BelAirNetworks location PoleNumber1 Custom Fields system set custom field1 random_str field2 random_str field3 random_str field4 random_str field5 random_str syst...

Page 49: ...tem set time 08 45 00 Managing an SNTP Server protocol sntp set ip address primary secondary host disabled protocol sntp set timeoffset hour_offset minute_offset protocol sntp set status enabled disabled protocol sntp show config status The BelAir100SN supports the Simple Network Time Protocol SNTP by providing an SNTP client that can synchronize the unit date and time with any SNTP compatible ext...

Page 50: ...he accept dhcp params parameter See DHCP Options on page 63 Example 1 protocol sntp set ip address primary 10 1 1 2 Example 2 protocol sntp set timeoffset 4 30 Example 3 protocol sntp show status SNTP process is running Effective SNTP Timeoffset SNTP Timeoffset origin SNTP schema SNTP Timeoffset 4 00 Effective SNTP server SNTP Servers origin SNTP schema Active Server Primary 180 1 4 31 SNTP server...

Page 51: ...d directly to the outside network through its Ethernet port or a DSL modem Use indirect when the node is connected to the outside network through a Wi Fi link WiMAX link or third party device In such cases you must supply the IP address of the device that is connected to the outside network The default setting is yes direct Limiting Broadcast Packets system show broadcast filter config system set ...

Page 52: ...XH105AA A A01 9 CM 3 0 0 BRG35503Bel Physical Interface Table Name Type Slot Card type Description wifi 1 1 Wifi 802 11 1 DRU DRUv1 2 4GHz 802 11n wifi 1 2 Wifi 802 11 1 DRU DRUv1 5GHz 802 11n eth 1 1 Ethernet 1 DRU 1x1000baseTx Electrical Single cm 9 1 DOCSIS cable modem 9 CM Cable Modem Temperature Display system show environment The show environment command displays the unit s the internal temp...

Page 53: ...in persistent storage to the active software load in persistent storage The term Shadow refers to the standby software load Use the reboot command for the new configuration to take effect Note The parameters of the syscmd command are case sensitive Displaying the Running Configuration system show running configuration This command displays the configuration that the node is currently operating wit...

Page 54: ...r you configure them If your script is for BelAir100SN auto configuration at startup and if it must include the reboot command then your script must include special declarations For details see Guidelines for Using the reboot Command in a Script on page 58 Caution Using the reboot command in an auto configuration script without the correct declarations may cause the node to enter a continuous rebo...

Page 55: ...mands These may be commands directed to the physical interface specified by step 1 or they may be other commands Any commands not directed to the specified physical interface must start with a slash followed by the mode s containing that command In all cases make sure you follow the guidelines in Script Creation Guidelines on page 54 3 Terminate the command sequence with the following declaration ...

Page 56: ...tate enabled show config int stop int wifi 4 9GHz 1 set channel 10 set admin state disabled show config int stop int wifi 5GHz 1 set channel 155 set backhaul admin state disabled show config int stop int wifi 5GHz 2 set channel 148 set backhaul admin state disabled show config int stop int BELAIR100T_20 wifi 5GHz 1 show config int stop int BELAIR20 11 wifi 5GHz 1 show config int stop int BELAIR100...

Page 57: ...ard Type brm revision 3 Port 1 Radio BRMv3 5GHz 802 11a admin state Enabled channel 155 tx power 20 0 dBm tx power optimize Disabled antenna gain 10 5 dBi link distance 1 km base radio MAC 00 0d 67 00 44 49 Interface stop Interface int wifi 5GHz 2 interface wifi 3 1 start interface wifi 3 1 set channel 148 interface wifi 3 1 set backhaul admin state disabled interface wifi 3 1 show config Slot 3 C...

Page 58: ...lAir node functions such as Network Address Translation NAT require that you reboot the node after you configure them If your script is for BelAir100SN auto configuration at startup and if it must include the reboot command then your script must include the declarations described in this section Caution Using the reboot command in an auto configuration script without the correct declarations may c...

Page 59: ...ange stop declaration Stop recording whether the following commands change the node s settings 6 Use more valid CLI commands and physical interface declarations as required 7 At the end of the script include the int db change start declaration 8 Use the config save command to save any remaining changes to the node s database 9 Include the system reboot CLI command 10 Include y Confirm the reboot 1...

Page 60: ...me system tftpput remoteip ip_addr localfile filename remotefile name system getfile remoteip ip_addr remotefile filename localfile filename tftp ftp user username password password ftps user username password password These commands allow you to transfer files such as script files to and from a BelAir node For the tftpget and getfile commands if you do not specify a local file name then the trans...

Page 61: ...m show script script file These commands allow you to manage script files You can run a script file while in any mode See Script Files on page 25 Tip You can also run a script by copying it and pasting it into a CLI session window If you use this method 1 Paste only 20 to 25 commands at a time Otherwise you may overfill the command buffer used for the CLI session If you overfill the command buffer...

Page 62: ...A01 Released This command allow you to enable or disable session logging The default setting is enable Use the system show sessions command to see the current setting Use the syslog export logs command to access the command log file Refer to the BelAir100SN Troubleshooting Guide for a detailed description ...

Page 63: ...file You then use the configuration download profile to download a second script file for the rest of the BelAir100SN DHCP Options With this method the BelAir100SN uses the exchange of DHCP packets with a DHCP server as a means of exchanging information during startup The BelAir100SN uses DHCP Options 12 60 55 and 43 to retrieve extra information during startup and to supply the DHCP server with i...

Page 64: ...th the system show system id command custom field 1 as shown with the system show custom fields command You can use the information from DHCP Option 55 to configure the BelAir100SN management interface or one of its VLAN interfaces After the BelAir100SN receives these parameters it configures the interface in question At startup it downloads the script file from the TFTP server and executes it DHC...

Page 65: ...e accept dhcp params parameter to enabled See Configuring Dynamic IP Addressing on page 44 2 Specify which specific parameters to accept from DHCP server See Accepting Specific DHCP Parameters on page 65 The BelAir100SN then contacts the DHCP server to request the parameters Accepting Specific DHCP Parameters protocol ip set dhcp accept dns domain enabled disabled dns server enabled disabled tftp ...

Page 66: ...y during a startup If the script on the server changes it is not sent to the node until the next time the node reboots or starts up If DNS and SNTP data on the DHCP server changes then it is sent to the node whenever the node renews DHCP information The new DNS and SNTP data then takes effect immediately In all cases DNS and SNTP data provided by the DHCP server overrides any data configured local...

Page 67: ...se commands provision the configuration download profile The server may be identified by supplying either its IP address or providing its name The default server name is belairconfig com The default protocol is FTPS The default user name and password is anonymous The default filename is auto config txt By default the configuration download file is disabled Example system show config download statu...

Page 68: ...d locally Example interface eth 1 1 show status Type 1x1000baseTx Electrical Single Admin Status Enabled Link State Up Speed 100 Mbps Mode Full Duplex Auto Negotiation Enabled Mac Address 00 0D 67 0C 23 38 Managing Egress Node Traffic In a BelAir network the Ethernet port of a node can act as an egress point for the backhaul traffic of many other nodes The other nodes may be connected to the egres...

Page 69: ... list containing up to four VLAN IDs to control which traffic enters or leaves the Ethernet port of an egress node Only packets that are tagged with a VLAN ID in the list are allowed to enter or leave the Ethernet port of the egress node These commands let you manage list of VLAN IDs By default the list is empty meaning that all traffic is allowed to enter or leave the Ethernet port of the egress ...

Page 70: ...tion card cm n show info This command displays the addresses and firmware version of the cable modem Example card cm 9 show info MAC address 00 05 CA 76 41 FC IP address 10 12 12 101 Software version 1 4 0 20BelAir PPM version 3 Status Operational Displaying the Cable Modem Configuration card cm n show config This command displays the configuration settings of the cable modem To adjust the downstr...

Page 71: ...er offset Hz 16548 13034 15819 14321 QAM mode 256 256 256 256 QAM lock yes yes yes yes FEC Sync yes yes yes yes MPEG Sync yes yes yes yes Weak signal no no no no Upstream power dBmV 57 0 1 0 1 0 1 0 Downstream power dBmV 17 7 19 0 19 1 19 2 Downstream SNR dB 29 1 28 4 28 5 28 7 Configuring Attenuation card cm n set attenuation upstream downstream mode auto manual att_val parameters target target_v...

Page 72: ...5 dB with a delta of 5 dB meaning that the in lock range is from 40 dB to 50 dB For downstream the default target is 0 dB with a delta of 7 dB meaning that the in lock range is from 7 dB to 7dB The acceptable input values for target_val and delta_val for upstream are target_val delta_val cannot exceed 50 dB target_val delta_val cannot be less than 20 dB The acceptable input values for target_val a...

Page 73: ... operations see Cable Modem Configuration on page 70 Table 6 lists the location of documentation for physical interface parameters Determining which Cards are in a Node mode card mode Use the mode command to determine card_type and n Table 6 Physical Interface Parameter Settings Physical Interface Type Refer to Wi Fi Wi Fi Radio Configuration Overview on page 76 Configuring Wi Fi Radio Parameters ...

Page 74: ...stics Example 2 card mode dru 1 Displaying Card Information The following sections describe commands that display card parameters Displaying the Card Physical Data card card_type n show info This command displays various physical aspects of the card Example card dru 1 show info Slot Type Version Serial Number Assembly Code 1 dru 1 K002188591 B2XH105AA A A01 Displaying the Card Physical Interfaces ...

Page 75: ...ed These commands manage the card s administrative state Example card dru 1 show state Admin Up Status running Restarting a Card card card_type n reboot force This command restarts a specific card You must confirm your intent before the card is rebooted Under some circumstances a reboot may be prevented because of processing from other user sessions Use the force parameter to override these restri...

Page 76: ...radio parameters See Configuring Wi Fi Radio Parameters on page 77 2 Configure AP parameters if required See Configuring Wi Fi Access Point Parameters on page 85 and Wi Fi AP Security on page 99 3 Configure backhaul parameters See Wi Fi Backhaul Link Configuration on page 113 4 Configure mobile backhaul mesh parameters See Mobile Backhaul Mesh on page 120 Table 7 BelAir Wi Fi Radio Summary Radio M...

Page 77: ...age 83 802 11b Protection on page 83 ARP Filtering on page 83 Changing Wi Fi Interface Admin State on page 83 To configure parameters that are specific to Wi Fi Access Points APs see Configuring Wi Fi Access Point Parameters on page 85 To configure parameters that are specific to backhaul radios including the different types of backhaul links see Wi Fi Backhaul Link Configuration on page 113 See a...

Page 78: ...cast Disabled Misc deauth dos defense Disabled client auth trap Enabled Misc rts cts threshold 100 broadcast filter status Enabled broadcast filter rate 100 QOS wmm Enabled uapsd Enabled mapping UP DSCP Backhaul Common privacy Disabled traffic limit Disabled Stationary Backhaul link admin state Enabled link id druTest2 topology p2p Mobile Backhaul mobile admin state Disabled mobile link id mobile ...

Page 79: ...The set channel command let you specify the channel settings for a Wi Fi radio Use the show available config options command to display valid channel numbers The displayed values vary depending on the country of operation Refer to your RF plan and site survey to determine which value you should use CAUTION Improper setting of channel antenna gain and transmit power may exceed regulatory requiremen...

Page 80: ...v1 The auto parameter causes the radio to search for surrounding APs It then selects channel settings based on the result of that search The re scan channel command causes the radio to perform another search See also Country of Operation on page 47 the BelAir Radio Transmit Power Tables Antenna Gain interface wifi n m set antenna gain gain port dedicated shared This command let you specify the gai...

Page 81: ...smit power setting for your 5 Ghz radio Figure 5 BelAir100SN Connector Fields See also Country of Operation on page 47 Operating Channel on page 79 the BelAir Radio Transmit Power Tables Transmit Power Level interface wifi n m set tx power tx power value secondary tx power value This command sets the transmit power for a Wi FI radio The range of tx power value is limited to be valid for your count...

Page 82: ...secondary channel CAUTION Improper setting of the transmit power may exceed regulatory requirements and void the operator s right to operate the radio equipment See also Country of Operation on page 47 Operating Channel on page 79 Antenna Gain on page 80 Link Distance interface wifi n m set link distance distance This command adjusts the unit s MAC timers to compensate for the additional time to r...

Page 83: ... is small but in High Capacity and Interference environments the accumulated effect is a substantial performance penalty This feature disables 802 11b protection for the radio maximizing the throughput for wireless clients that operate in the 2 4 GHz range This feature improves performance if there are only a few 802 11b clients present and they are not generating large amounts of traffic If not t...

Page 84: ...2010 Confidential Page 84 of 212 Document Number BDTM11001 A01 Released disable the Wi Fi interface and all associated functions are disabled The default is disabled Use the interface wifi n m show config command to view the current admin state of the Wi Fi interface ...

Page 85: ... 90 Wireless Client Load Balancing on page 90 Enabling RTS CTS Handshaking on page 91 Displaying Client Association Records on page 91 Changing AP Admin State on page 92 AP Service Set Identifiers on page 92 Displaying the SSID Table on page 93 Displaying SSID Details on page 94 Default Management SSID on page 94 Configuring SSIDs on page 95 Changing SSID Admin State on page 96 Out of service Adve...

Page 86: ...led client auth trap Enabled Misc rts cts threshold 100 broadcast filter status Enabled broadcast filter rate 100 AP Custom Rates interface wifi n m show custom rates available interface wifi n m del custom rate rate_string interface wifi n m add custom rate rate_string interface wifi n m set custom rates enabled disabled These commands lets you customize the modulation rates used by your 802 11n ...

Page 87: ...5 20 ss 65 0 20 ss 13 0 20 ds 26 0 20 ds 39 0 20 ds 52 0 20 ds 78 0 20 ds 104 0 20 ds 117 0 20 ds 130 0 20 ds 13 5 40 ss 27 0 40 ss 40 5 40 ss 54 0 40 ss 81 0 40 ss 108 0 40 ss 121 5 40 ss 135 0 40 ss 27 0 40 ds 54 0 40 ds 81 0 40 ds 108 0 40 ds 162 0 40 ds 216 0 40 ds 243 0 40 ds 270 0 40 ds 300 0 40 ds Disabled N Rates 2 0 11 0 Displaying Associated Wireless Clients interface wifi n m show clien...

Page 88: ...tto For dot1x WPA1 or WPA2 Problems sending EAP packets to client Table 9 DHCP Field Value Descriptions Value Description init Client has just connected and has not yet started a DHCP sequence disc Client has sent a DHCP Discover message and is waiting for a DHCP Offer message to get its IP address Applicable only if client does not already have a valid IP address Otherwise client sends DHCP Reque...

Page 89: ...ne the client number 1 2 2007 with the show clients command See Displaying Associated Wireless Clients on page 87 The throughput parameter displays additional information on traffic throughput The stats parameter allows displays additional information on packet statistics ack Client has sent a DHCP Request message and the server has confirmed the assigned IP address a appended to the value indicat...

Page 90: ... with the show clients command See Displaying Associated Wireless Clients on page 87 Wireless Client Load Balancing interface wifi n m set max num clients max_num strict This command lets you set the maximum number of clients that can associate with the AP Once the maximum is reached new client associations are not immediately accepted While using this command keep in mind the following If you do ...

Page 91: ...D index for the radio the Wi Fi client is associated to The start and end connection time as well as the times a client has a throughput greater than 2 kBps or transmits more than 2 kB of traffic If a client connection crosses more than one 15 minute interval another client record is generated for that client A continue flag indicates that the client has another record in the next 15 minute interv...

Page 92: ...e c2 30 46 45 0 11 8 11 05 00 52 not exceed 4 wifi 2 1 1 11 05 08 02 11 06 57 59 10 1 1 7 00 18 de c2 30 46 44 0 1074 1255 11 05 08 21 not exceed Example Client Record Detail Figure 6 Client Record Detail Example Changing AP Admin State interface wifi n m set ap admin state enable disable This command controls the state of the AP When set to enable the AP is in the operational state When set to di...

Page 93: ...D information element is present in the beacon dataframe but has a length of 0 and a null value A suppressed SSID has a Basic Service Set BSS a unique identifier having the same format as a MAC address Example Typical Output interface wifi 1 1 show ssid table SSID Information id enabled vlan type privacy wb sp acl bss ssid 1 yes Broadcast none 00 0D 67 0C 21 98 RickBA20 15 2 2 no Suppressed none 0...

Page 94: ...ridge state Disabled acl state Disabled secure port state Disabled radius NAS identifier belair radius accounting Disabled radius station id unformatting Disabled radius account session id Disabled secure addresses vlan No secure addresses configured client blacklist No blacklist entries auto secure gateway enabled Address Vlan 00 0a 5e 49 1c 33 500 00 0a 5e 49 1c 8b 600 radius servers No radius s...

Page 95: ...ure AP SSIDs The ssid_string parameter is the SSID setting SSIDs are case sensitive and can contain up to 32 alphanumeric characters The ssid_index parameter is an integer from 1 to 8 Use the show ssid table command to determine ssid_index For a description of the broadcast and suppressed parameters see Displaying the SSID Table on page 93 The vlanID list parameter if present specifies a comma sep...

Page 96: ... SSID Admin State interface wifi n m set ssid ssid_index admin state enable disable This command enables or disables a particular SSID Use the show ssid table command to determine ssid_index The default is enabled for SSID 1 and disabled for all others Out of service Advertising interface wifi n m set ssid ssid number ap oos identifier oos_string interface wifi n m set ap oos broadcast enabled dis...

Page 97: ...ast Packet Conversion interface wifi n m set dhcp unicast enable disable interface wifi n m set ssid ssid_index dhcp advanced upstream unicast none Theses commands work together to let you control how the AP converts broadcast packets to unicast packets Reducing the number of broadcast packets sent over wireless connections provides the following benefits Broadcast packet are not retried in wirele...

Page 98: ...ackets including DHCP packets coming from the network are converted from broadcast to unicast and sent to the wireless client The broadcast MAC address is converted to the client MAC address If the packet is not for a connected client the packet is dropped When the set ssid ssid_index dhcp advanced command is set to upstream unicast it unsets the Request Broadcast bit for BOOTP packets including D...

Page 99: ...vers on page 104 RADIUS Pre authentication on page 104 RADIUS Assigned VLAN on page 105 RADIUS Accounting on page 105 Client Authentication and De authentication Trap on page 106 AP Privacy on page 106 Wireless Client Blacklist on page 108 Wireless Client Access Control List on page 108 Controlling Inter client Communication on page 109 Protecting against Denial of Service Attacks on page 112 See ...

Page 100: ...asic encryption scheme Temporal Key Integrity Protocol TKIP This is an more advanced encryption scheme Advance Encryption Standard AES This is the strongest encryption scheme BelAir Wi Fi radios offer WEP WPA WPA2 and WPA2mixed privacy settings With WPA2mixed the wireless client can use WPA or WPA2 and the AP accepts them both WPA WPA2 and WPA2mixed privacy uses TKIP or AES encryption Because of t...

Page 101: ...ociation ID that ranges from 1 to 256 For RADIUS packets contains the SSID index values from 0 to 15 100 RA_SERVICE_TYPE 6 Always 2 RA_FRAMED_MTU 12 Always 1400 RA_STATE 24 Client state from the RADIUS server RA_CLASS 25 Always 0 RA_VENDOR_SPECIFIC 26 Not used RA_SESSION_TIMEOUT 27 RADIUS reauth time configured with the protocol radius set server command See Managing RADIUS Servers on page 103 RA_...

Page 102: ...e 103 RA_ACCT_INPUT_PACKET 47 Integer counter RA_ACCT_OUTPUT_PACKET 48 Integer counter RA_TERMINATE_CAUSE 49 One of 1 for session terminated by user request 2 for session terminated due to lost carrier 4 for session terminated due to idle timeout 5 for session timeout 9 for session terminated due to NAS error 20 for session terminated due to reauth failure RA_ACCT_INPUT_GIGAWORDS 52 Not used RA_AC...

Page 103: ...erver The shared secret parameter specifies the password for access to the RADIUS server The server_port parameter ranges from 0 to 65535 It specifies the UDP port number of the RADIUS server The default is 1812 The radius_acc_port parameter ranges from 0 to 65535 It specifies the UDP port number for RADIUS accounting data The default value is 1813 The NAS IP address parameter specifies the Networ...

Page 104: ...timeout 15 reauthtime 1 Changing RADIUS Server Admin State protocol radius set server state server_idx enable disable This command enables or disables a particular RADIUS server on the server list Use the show servers command to determine server_idx Assigning SSIDs to RADIUS Servers interface wifi n m add ssid ssid_index radius server server_idx interface wifi n m del ssid ssid_index radius server...

Page 105: ... disabled RADIUS Assigned VLAN The BelAir100SN can create VLANs as instructed by the RADIUS server When this feature is activated the RADIUS server instructs the BelAir100SN to tag the authenticated packets to use the specified VLAN This feature has no BelAir CLI commands To activate this feature you must provision the following attributes on your RADIUS server RA_TUNNEL_TYPE set to 13 RA_TUNNEL_M...

Page 106: ...or client activities When the client trap is enabled and the trap delay is enabled the trap is not sent out until 10 seconds after either of the following events the client connects and stays connected the client is disconnected and stays disconnected If the trap delay is disabled then the trap is sent out immediately after either of the previous events When the client trap is disabled the trap is...

Page 107: ...up key the key that is used for communication between the access radio and a group of clients must be generated at regular intervals The default rekey setting is no meaning that the group key is not changed If rekey is set to n seconds the group key is changed after that time period If rekey is set to n kpackets the group key is changed after that many thousand packets If strict is set to yes the ...

Page 108: ...reate a local list of clients an ACL that controls access to the network The list can contain up to 256 clients per SSID Clients are identified by the MAC address of their network card If you have multiple BelAir100SN units in your network you need to create this list for every AP You should only use an ACL as an extra security measure if you cannot or prefer not to set up a RADIUS server your net...

Page 109: ...ffers the precise control of SSID communications 1 Determine the MAC address of the Internet gateway s or router s in your network 2 Disable wireless bridging for each AP in your network 3 Disable inter AP wireless client communications a Add the previously determined gateway MAC address or addresses to the secure MAC white list This allows wireless clients to communicate with the Internet The sec...

Page 110: ...setting up a secure MAC white list and enabling secure port mode for each AP Secure MAC White List interface wifi n m add secure mac address mac address string secure mac mask mac mask string all untagged vlan id interface wifi n m del secure mac address mac address string all untagged vlan id Use these commands only if you want to manually provision the MAC addresses of the Internet gateway s or ...

Page 111: ...fect only when the AP secure port mode is enabled AP Secure Port Mode interface wifi n m set ssid ssid_index secure port enabled disabled Use the show ssid table command to determine ssid_index To prevent wireless clients associated with different APs from communicating with each other you must enable the secure port mode on each of the APs in your network By default the secure port mode is disabl...

Page 112: ...atically generates alarms when it detects the following conditions If the BelAir100SN detects more than 600 DHCP requests within 30 seconds it raises a DHCP_STARVATION alarm If the BelAir100SN detects a client with a MAC address that matches any of the addresses in the secure MAC white list it raises a SECURE_MAC_SPOOF alarm You can clear these alarms with the following command interface wifi n m ...

Page 113: ...Admin State on page 119 See also Configuring Wi Fi Radio Parameters on page 77 Configuring Wi Fi Access Point Parameters on page 85 Wi Fi AP Security on page 99 Mobile Backhaul Mesh on page 120 Displaying Backhaul Link Configuration Use the show config backhaul command to display the current backhaul configuration See Displaying Wi Fi Radio Configuration on page 77 for details Example Typical BelA...

Page 114: ...tifies all members of a particular topology The link_id parameter is case sensitive and can be up to 32 alphanumeric characters For Point to Point P to P links BelAir Networks recommends that the link identifier describes the link that is the nodes it connects For Point to Multipoint P to MP or Multipoint to Multipoint MP to MP links the link identifier is also known as a mesh identifier It is the...

Page 115: ...station in the middle connecting up to eight subscriber stations 1 Set the topology parameter to p2p 2 Set the node s role The node can be a base station bs or a subscriber station ss A base station is located at the center of the star and can support up to eight subscriber stations 3 Set the lnk_idx parameter The link index identifies individual links in the star topology It ranges from 1 to 8 Fo...

Page 116: ...180 1 5 120 S 2 00 0d 67 0b 51 ed fwd fwd 54 wifi 3 1 180 1 4 150 In the previous output link 1 goes to RadioC and link 2 goes to RadioB RadioA is measuring a signal strength of 49 dBm from RadioC RadioC has a MAC address of 00 0d 67 0b 55 17 and is physical interface wifi 3 1 on a node with IP address 180 1 5 120 RadioA is measuring a signal strength of 54 dBm from RadioB RadioB has a MAC address...

Page 117: ...nsmit or inject setting The max_rate parameter is specified in kBits s Typically it is set between 1000 and 4000 kBits s By default the traffic limit is set to 0 meaning it is disabled The transmit setting is intended for interfaces in an MP to MP mesh When this setting is selected the maximum traffic rate applies to both the interface s access traffic and its backhaul traffic through the mesh lin...

Page 118: ...s the link RSSI threshold to 70 dBm If the signal from another radio is stronger than 70 dBm then a backhaul link to that radio is created If it is weaker than 70 dBm then a link is not created Managing the Mesh Blacklist interface wifi n m add backhaul blacklist mesh_pt_MAC_addr interface wifi n m del backhaul blacklist mesh_pt_MAC_addr These commands allow you to control whether or not a link is...

Page 119: ...19 of 212 Document Number BDTM11001 A01 Released Changing Backhaul Link Admin State interface wifi n m set backhaul admin state enable disable This command lets you enable or disable backhaul functionality regardless of the topology MP to MP P to MP or P to P The default setting is disable ...

Page 120: ... deployment the mobile node mounted on a vehicle acts as a subscriber station to a stationary base station node All mobile subscriber stations and their stationary base stations use the same wireless channel mobile link identifier and privacy settings Each mobile subscriber station can have up to three mobile links with three different stationary base station nodes Mobile links can be either liste...

Page 121: ...for Mobile Applications on page 122 Configuring and Enabling Mobile Backhaul Mesh Links on page 122 Displaying Mobility Configuration and Status interface wifi n m show backhaul mobility path select history This command displays the history of a radio s mobile path switches for debugging purposes The displayed information includes an event ID local RSSI peer RSSI failure rate age time mobile credi...

Page 122: ...nfiguring and Enabling Mobile Backhaul Mesh Links interface wifi n m set backhaul mobile identifier link id role bs ss privacy enabled key pre_shared_key disabled admin state enable disable This command configures the mobile backhaul link identifier the role of the node and backhaul privacy It also lets you enable or disable mobile backhaul mesh functionality The default setting is disable The mob...

Page 123: ...s a hexadecimal or ASCII string and must not contain the following characters bar semicolon question mark double quotation mark Example 1 Mobile Node interface wifi 1 1 set backhaul mobile identifier test100m role ss interface wifi 1 1 set backhaul mobile admin state enable Example 2 Stationary Node interface wifi 1 1 set backhaul mobile identifier test100m role bs interface wifi 1 1 set backhaul ...

Page 124: ...and the subscriber station searches for a new secondary link If performance degrades on the active and standby links the subscriber station searches for new base station links with better signal strength In addition to providing mobile links a base station node can also provide links to other stationary base stations Mobile link pairs can only be used by one subscriber station The links of a base ...

Page 125: ... station selects the link with a matching mobile link identifier and the best signal strength If another link in the subscriber station is using a channel in the configured channel list then this channel is skipped by the scanning process Once connected the subscriber station does not scan again until the connection is lost SampleSubscriber Station Configuration 1 Configure the topology and privac...

Page 126: ...secondary threshold the subscriber station begins scanning with its third or fourth radio if they exist services mobility set RSSI minimum 85 margin 5 switch 70 secondary 75 f Enable scanning by connecting the Wi Fi interfaces to the appropriate scan list services mobility connect scan list 1 wifi 2 1 4 Display the configuration and correct any settings as required Use following commands as requir...

Page 127: ...ackhaul mac addr ch RSSI age priv topo role linkIdx identifier dbm s 12345678 00 0D 67 00 B2 47 151 42 0 none P to P mobilityTest noise floor 91 dbm e Display the status of the primary and secondary links services mobility show link state LINK ROLE INTERFACE CH RSSI MESH ID NODE IP NODE NAME Primary wifi 3 1 148 44 mobilityTest 10 1 1 13 ba100tBSmode Secondary wifi 2 1 151 40 mobilityTest 10 1 1 2...

Page 128: ...ices mobility show config Topology point to point Role BS Rel 7 False Network Id BS OOS broadcast Enabled BS OOS timeout 180 s Home Check Disable Link Id AutoconfSSID RSSI minimum margin switch secondary dbm 85 5 70 75 b Display the interface list services mobility show interface list Mobility BS Interfaces wifi 2 1 wifi 3 1 c Display the backhaul status interface wifi 2 1 show backhaul status Bac...

Page 129: ...ary Link Drop on page 131 Mobile Link Identifier on page 132 Home Check on page 132 Base Station Out of service Check on page 132 Release 7 Compatibility on page 133 Single Channel Mesh on page 133 Displaying Mobile Backhaul Point to point Configuration services mobility show config This command displays the current mobile backhaul point to point configuration Example services mobility show config...

Page 130: ... Address CH ANT RSSI dBm AVL BS ENBL BS NET ID MATCH Age MESH ID 00 0d 67 09 c4 79 91 1 58 Yes Yes Yes 0 mobilityTest current time 01 06 30 last scan time 21 01 38 wifi 3 1 MRMv1 4 4GHz 802 11n scan list Mac Address CH ANT RSSI dBm AVL BS ENBL BS NET ID MATCH Age MESH ID 00 0d 67 09 c6 b9 107 1 67 Yes Yes Yes 0 mobilityTest current time 01 06 30 last scan time 20 59 03 Managing Interfaces services...

Page 131: ...0 0 secondary 100 0 This command let you configure the RSSI parameters that the BelAir100SN use to determine the viability of creating primary and secondary links The minimum parameter specifies the minimum signal strength required to connect The switch parameter defines the signal strength level at which a link switch occurs provided the secondary link is better by at least the specified margin s...

Page 132: ... of up to 20 characters Base Station Out of service Check services mobility set bs oos timeout time out services mobility set bs oos broadcast enabled disabled These commands apply to base stations only They let you configure and activate the behavior when the base station can no longer egress traffic to an outside network The time out parameter is a timer in seconds Values range from 60 to 86400 ...

Page 133: ...d on each node in the mesh The chan_no parameter allows you to specify which channel to use The link_id parameter is case sensitive and can be up to 32 alphanumeric characters BelAir Networks recommends that the link identifier describes the link that is the nodes it connects The privacy setting determines whether AES privacy is used or not The pre shared key must be exactly 32 bytes long 16 chara...

Page 134: ...nectivity to a network of Wi Fi Access Points The BelAir100SN provides several features that you can adjust to optimize performance in such an environment These include Modulation Rate Control described on page 135 VLAN based QOS described on page 135 No SSID on Egress Down described on page 136 Ethernet Port Statistics described on page 136 Access Receive and Transmit Error Statistics with SNMP S...

Page 135: ...to eliminate lower modulation rates and put a lower bound on this effect Eliminating lower modulation rates also eliminates distant clients low RSSI and clients in high noise areas low SNR For details see AP Custom Rates on page 86 VLAN based QOS This feature allows the operator to control the relative priority of traffic on a per VLAN basis By mapping certain VLANs onto higher priorities in HCI e...

Page 136: ...gress point yes direct indirect gateway ip ip_addr no described in detail in Setting the Network Egress Point on page 51 Ethernet Port Statistics Ethernet port statistics are available for the BelAir200 BelAir100 BelAir100C and BelAir100T In HCI environments these statistics measure the traffic passing through the node if its Ethernet port is connected to an external network The relevant command i...

Page 137: ...erable to exclude clients that make inefficient use of air time For details see Minimum Receive Threshold on page 83 Effective Mesh Path Selection Higher modulation rates are strongly preferred in HCI environments BelAir Networks mesh path selection software favors paths with good RSSI and therefore higher modulation rates even at the cost of a few more hops Field testing has shown increasing the ...

Page 138: ...Protection on page 83 DHCP to Attached Clients Only This feature prevents the radio from forwarding DHCP responses for MAC addresses that are not used by an associated client thus reducing the number of transmitted packets and improving bandwidth use This feature is always enabled ARP to Attached Clients Only This feature prevents the radio from forwarding ARP responses for IP addresses that are n...

Page 139: ...eway and can be used to allow traffic policy enforcement It prevents client to client direct communication that could load down the network For details see Controlling Inter client Communication on page 109 Client Load Balancing BelAir nodes allow you to configure the maximum number of associated clients per radio If the number of associated clients exceeds the configured value new clients are not...

Page 140: ...g a disproportionate share of bandwidth For details see Managing Mesh Bandwidth on page 117 Automatic Mesh Connect This feature allows BelAir APs to automatically reconnect to a network if they lose their egress connection A cluster of meshed nodes may lose their egress connection if the ethernet connection to the exterior network fails or if a node fails In this case a member of the cluster looks...

Page 141: ...be used to test the network deployment during the commissioning phase It can be used to determine the theoretical capacity of the network and identify poorly performing links The relevant command is diagnostics test link IP end point IP address rate traffic rate update_interval report interval duration test duration dir tx rx both The command is described in detail in the Troubleshooting Guide ...

Page 142: ...nt DHCP servers for each subnet interface Your BelAir100SN can also add BelAir Networks specific information to the DHCP packets sent to the wireless client Finally you can create a list of valid IP address subnets to filter out unwanted directed and broadcast DHCP packets from your wireless network The following topics are covered in this chapter Providing Vendor Specific Information on page 142 ...

Page 143: ...ocol dhcp set relay relay idx server addr 1 ip addr server addr 2 ip addr server addr 3 ip addr interface system vlan vlan id protocol dhcp del relay relay idx server server idx The set relay command creates a DHCP Relay profile or modifies an existing one It configures the IP addresses of the DHCP servers to which the Relay Agent needs to forward the packets from the client You must specify at le...

Page 144: ... When enabled the Relay Agent forwards the packets from the client to the DHCP servers specified in the profile Assigning SSID Traffic to Use DHCP Relay interface wifi n m set ssid ssid_index dhcp relay disabled enable relay idx This command assigns which SSID traffic uses the node s DHCP relay functionality Perform this step after the DHCP Relay profile is added and enabled The ssid_index paramet...

Page 145: ... enable a portal to provide client authentication Authentication is done using a Web browser redirect to an external HTTP server that displays a splash page where the client must provide credentials The external HTTP server uses an external RADIUS server to authenticate the client and UAM to collect billing information Once authenticated the client Web session is redirected back to its original de...

Page 146: ...ISABLED Dns1 undefined Dns2 undefined DHCP scopes Num Status VLAN IP subnet Lease min Portal Mgmt 1 enabled untg 192 168 5 0 60 no no 2 disabled 0 0 0 0 0 0 yes yes 3 disabled 0 0 0 0 0 0 no no 4 disabled 0 0 0 0 0 0 no no 5 disabled 0 0 0 0 0 0 yes yes 6 disabled 0 0 0 0 0 0 no no 7 disabled 0 0 0 0 0 0 no yes 8 disabled 0 0 0 0 0 0 no no UAM configuration In Use Num Server 2 https wirelessbeta n...

Page 147: ...cp server setting lets you specify which VLAN traffic to associate to the scope The untagged setting specifies that the scope applies only to untagged traffic The vlan VLAN ID settings specifies that the scope applies only to traffic with that VLAN ID VLAN IDs cannot be shared across different scopes The default setting is untagged Refer to Layer 2 Network Configuration on page 167 for more inform...

Page 148: ...ividual Scopes protocol nat set scope index 1 8 status enabled disabled This command lets you enable or disable individual NAT scopes The default setting is disabled Configuring an HTTP Portal Traffic is directed to required scope and portal based on its VLAN ID See Configuring Network Address Translation on page 147 To configure an HTTP portal 1 Make sure your radio SSIDs are configured properly ...

Page 149: ...g scope 2 radiusserver1 63 79 12 172 radiusserver2 63 79 12 172 radiussecret BA20nnu test radiusnasid BA20 uam test uamserver https wirelessbeta nnu com nw4 sites templatet sysid 13565 uamsecret secret uamallowed www belairnetworks com In the previous example the scope 2 portal is configured to use the NNU server Enabling or Disabling the HTTP Portal protocol nat set scope index 1 8 portal enabled...

Page 150: ...s especially for customers using DOCSIS technology in their access network Figure 8 shows how wireless mobility is implemented with L2TP When a wireless client transmits an 802 11 frame the BelAir Access Point AP converts it to an Ethernet frame with VLAN information encapsulates it within an IP packet and then sends the packet to a Tunnel End Point TEP The TEP is usually part of a network central...

Page 151: ... AP its traffic travels through a different Layer 2 tunnel The traffic is encapsulated and sent to TEP as before The VLAN aware Ethernet switch then updates its MAC address table as required with the information for the wireless client s new AP Any subsequent frames sent to the wireless client are then forwarded to the new AP Tunneling is performed by a software module called a tunnel engine BelAi...

Page 152: ...Status protocol te eng show config protocol te eng show status These commands display the current tunnel configuration and status Example 1 protocol te syst show config Tunnel server is running mode egress IP address 192 168 219 25 system Protection backhaul Disabled N Type Remote IP Name Label QoS map State 1 L2TP 167 206 58 160 tsacm0c none UP Authentication disabled Secret N C PPP name N C PPP ...

Page 153: ...ll tunnel forwarding Configuring Layer 2 Tunnels protocol te eng set tunnel index ip peer_IP_addr name stn_name backup ip backup_IP_addr backup name backup_name switch non revertive revertive protocol te eng delete tunnel all index The set tunnel command creates a new tunnel to be terminated at the specified peer IP address which is usually the network central router You can create up to five tunn...

Page 154: ...el command removes all tunnels or the specified tunnel After using this command user data mapped to this tunnel is dropped instead of forwarded Setting Tunnel Engine Parameters protocol te eng set mode local egress interface vlan VLAN_ID extended The set mode command is used when the unit is connected to other units through backhaul links In this case you may want the unit to act as an egress poin...

Page 155: ...ting is 8 seconds PPP echo transmission interval Values range from 0 seconds to 300 seconds 0 seconds means PPP echo is disabled The default setting is 10 seconds PPP echo retransmission count Values range from 1 to 50 The default setting is 10 DSCP value for control L2TP PPP packets The default setting is 0 The AP uses the L2TP Hello parameters to determine if the tunnel is available If the AP do...

Page 156: ...parameters specify the primary and backup VLAN interfaces The lns and backup lns parameters specify the IP addresses of the LNS for each of the VLAN interfaces The name and backup name parameters specify the host names for each of the VLAN interfaces The host name parameter can be any series of 18 alphanumeric ASCII characters It is analogous to the stn_name parameter when configuring a simple tun...

Page 157: ...auto ip ip_addr label number backup ip ip_addr backup label number switch non revertive revertive protocol te eng l2vpn autoconfig renew protocol te eng set l2vpn autoconfig ip IP_addr username string password string protocol te eng set tunnel l2vpn index 1 5 advanced inactivity timer seconds These commands are used to create tunnel to the central router using Ethernet over MPLS over GRE encapsula...

Page 158: ...he main router This is the default setting If switch is set to revertive then the BelAir unit uses the tunnel to the backup router only while the main tunnel is unavailable The BelAir unit switches back to the tunnel using the main router as soon as it becomes available again Use the l2vpn autoconfig renew command to trigger getting a new set of configuration parameters from the NetOp NSM configur...

Page 159: ...arameters for L2TP authentication for a specified tunnel The secret parameter sets the shared secret for tunnel authentication The ppp name and ppp password parameters set the data for session authentication The settings for each of these three parameters must match the equivalent settings on the main router The backup secret backup ppp name and backup ppp password parameters are equivalent settin...

Page 160: ...erentiated Services Code Point DSCP information from the client data packet is included in the IP packet header The up bits settings means that the IP packet header contains QOS settings based on User Priority bits 0 to 7 from the client data packet The none setting means that QOS information from the client data packet is not sent to upstream equipment The default setting is none Configuring the ...

Page 161: ...ur traffic priority queues numbered 0 to 3 Queue 3 has the highest priority while queue 0 has the lowest priority Table 12 describes each queue All traffic that is not associated to a VLAN has priority 1 This means that until you create VLANs all traffic has priority 1 Once VLANs have been created you configure the node traffic to have different priorities based on User Priority bits 0 to 7 or VLA...

Page 162: ...fied priority queue The priority parameter ranges from 0 to 7 The queue_id parameter ranges from 0 to 3 as described in Table 12 on page 161 Note Settings made with the set vlan to queue mapping command have precedence over settings made with this command Table 13 shows how User Priority values are processed to priority queues by default To unmap a previously set priority use the set up to queue m...

Page 163: ... id 100 Qos Vlan Id Configuration Vlan Id 100 Vlan Qos Status Enabled Queue Map 3 Resetting the QoS Configuration qos set defaults This command returns the system QoS configuration to factory default settings Note This command does not affect radio QoS configuration Displaying a Summary of System QoS Settings qos show config This command displays a summary of all current QOS settings including how...

Page 164: ...opportunities This allows over the air QoS for WMM client devices with faster burst transfer Use the mode command to see the version number of your radio modules Some WMM features such as selecting the priority scheme and the mapping scheme are also available for BelAir backhaul radios to provide end to end QoS functionality Displaying a Summary of Radio QoS Settings Use the interface wifi n m sho...

Page 165: ...s mapping up dscp both The set command lets you decide how traffic is processed to the four BelAir priority queues depending on the values of the User Priority UP field or the Differentiated Services Code Point DSCP subfield in the client traffic fields Selecting up means that traffic is sent to the four BelAir priority queues based on the UP field value Selecting dscp means that traffic is sent t...

Page 166: ...wifi n m set qos uapsd enable disable Unscheduled Automatic Power save Delivery UAPSD extends the battery life of wireless clients and reduces radio transmission traffic To enable UAPSD you must first enable Wireless Multi media WMM for the radio Refer to Enabling or Disabling Wireless Multi media on page 165 This command lets you enable or disable UAPSD By default UAPSD is enabled ...

Page 167: ...e the different paths This chapter contains the following sections Spanning Tree Protocol Overview on page 167 Configuring Spanning Tree Priority on page 168 Configuring Other Spanning Tree Parameters on page 169 RSTP Commands on page 170 See also Managing Egress Node Traffic on page 68 Spanning Tree Protocol Overview It is important to configure the Spanning Tree Protocol STP when multiple paths ...

Page 168: ...inal spanning tree protocol is STP When STP detects a topology change in the network STP blocks all user traffic creates a new loop free configuration and then re enables user traffic STP reconfigurations create outages that are typically 30 to 60 seconds in length A newer protocol Rapid STP RSTP greatly reduces the length of outages caused by topology reconfigurations RSTP is backwards compatible...

Page 169: ... cost Table 15 Configurable Spanning Tree Timers and Associated Parameters Parameter Default Value Description Possible Range Hello Timer 2 s Determines how often the bridge broadcasts hello messages to other bridges 1 s to 10 s Must be less than or equal to 1 2Max_Age 1 Forward Delay Timer 15 s Determines how long each of the listening and learning states last before the interface begins forwardi...

Page 170: ...ds apply to specific physical interfaces or to specific radio links The Name column of the protocol rstp show config port all command displays available interfaces and radio links For example if the Name column displays wifi 3 1 1 then wifi 3 1 identifies the interface and the 1 suffix identifies radio link 1 of that interface The BelAir100SN layer 2 switch forwards layer 2 frames to the output of...

Page 171: ...2000000 False False False True False RSTP Enabled 830769 5 wifi 1 1 5 128 2000000 False False False True False RSTP Enabled 830769 6 wifi 1 1 6 128 2000000 False False False True False RSTP Enabled 830769 7 wifi 1 1 7 128 2000000 False False False True False RSTP Enabled 830769 8 wifi 1 1 8 128 2000000 False False False True False RSTP Enabled 830769 9 wifi 2 1 1 128 2000000 False False False True...

Page 172: ...le 3 protocol rstp show config port wifi 2 1 1 RSTP Port Configurations Port Name Prio Pathcost Migration Edge P2P Protocol Dynamic Cost Interface link Conf Oper Conf Oper Version Status Default 9 wifi 2 1 1 128 2000000 False False False True False RSTP Enabled 3000000 Example 4 protocol rstp show config port active RSTP Port Configurations Port Name Prio Pathcost Migration Edge P2P Protocol Dynam...

Page 173: ...0 Stp Root Port 33 Stp Max Age 31 seconds Stp Hello Time 1 seconds Stp Forward Delay Time 21 seconds Example 2 protocol rstp show topology port all RSTP Port Topology Information Port Name Designated root Designated Designated bridge Designated Interface link Cost Port 1 wifi 1 1 1 60 00 00 23 34 b0 3e 80 200000 90 00 00 0d 67 00 69 5e 80 01 2 wifi 1 1 2 00 00 00 00 00 00 00 00 0 00 00 00 00 00 00...

Page 174: ...0 00 00 00 00 00 00 00 00 00 27 wifi 4 1 3 00 00 00 00 00 00 00 00 0 00 00 00 00 00 00 00 00 00 00 28 wifi 4 1 4 00 00 00 00 00 00 00 00 0 00 00 00 00 00 00 00 00 00 00 29 wifi 4 1 5 00 00 00 00 00 00 00 00 0 00 00 00 00 00 00 00 00 00 00 30 wifi 4 1 6 00 00 00 00 00 00 00 00 0 00 00 00 00 00 00 00 00 00 00 31 wifi 4 1 7 00 00 00 00 00 00 00 00 0 00 00 00 00 00 00 00 00 00 00 32 wifi 4 1 8 00 00 0...

Page 175: ...ocol rstp show port roles all RSTP Port Roles and States Port Name Remote id Port Role Port State Port Status Link status 1 wifi 1 1 1 Disabled Discarding Enabled Down 2 wifi 1 1 2 Disabled Discarding Enabled Down 3 wifi 1 1 3 Disabled Discarding Enabled Down 4 wifi 1 1 4 Disabled Discarding Enabled Down 5 wifi 1 1 5 Disabled Discarding Enabled Down 6 wifi 1 1 6 Disabled Discarding Enabled Down 7 ...

Page 176: ...idge aging time 10 630 This command specifies the aging time in seconds for the dynamically learned forwarding information RSTP Priority protocol rstp set priority Decimal 0 61440 or Hexadecimal 0x0000 0xf000 This command specifies the STP priority The default node priority is 36864 or 0x9000 The priority values must be set in steps of 4096 or 0x1000 RSTP Version protocol rstp set version stpCompa...

Page 177: ...he root The default value is 15 The value must not be less than 1 1 2 MaxAge Note BelAir Networks recommends that you do not change the RSTP parameter values from their default values Experience has shown that the default values work well in a variety of networks Example protocol rstp set max age 20 hello time 2 forward delay 15 RSTP Link Priority protocol rstp set interface interface name priorit...

Page 178: ...ned for each radio link on your BelAir100SN The interface name parameter specifies a particular interface such as wifi 2 1 Dynamic path costs are a useful way to adjust the topology of a network to isolate a link as a result of unplanned or seasonal effects For example there may be an unplanned source of radio interference with a particular link Or vegetation may affect a link during summer When d...

Page 179: ...gration on an Interface protocol rstp set interface interface name protocol migration true false While operating in RSTP mode setting of this value to true forces the interface to transmit RSTP BPDUs The interface name parameter specifies a particular interface such as wifi 2 1 RSTP Edge Port Status protocol rstp set interface interface name edge port true false This command indicates whether the ...

Page 180: ...be updated later by the BelAir100SN bridge software The interface name parameter specifies a particular interface such as wifi 2 1 Setting a value of forcetrue forces it to function as a point to point link Setting a value of forcefalse forces it not to function as a point to point link The default settings vary depending on the hardware in use the topology and whether dynamic path cost is used or...

Page 181: ...ne release can be structurally different than in other releases For example the configuration database in Release 11 0 is structurally different than in previous releases Because of this downgrading a software load from Release 11 0 to the previous release requires much effort BelAir Networks strongly recommends that you fully verify the configuration and operation of an upgraded unit before you c...

Page 182: ...l overwrite the standby bank 3 Download the new software load The new software load is downloaded to the standby software load bank If A is active then the new software load is downloaded to bank B If B is active then the new software load is downloaded to bank A 4 Verify the new software downloaded successfully 5 Activate the new software load from the standby software load bank containing the ne...

Page 183: ...act BelAir Networks Displaying the Active and Next Software Loads Display the active software load and the load that is activated at the next reboot with the following command system show loads Downloading a New Software Load system upgrade load remoteip serverIPaddress remotepath serverSubDir tftp ftp user usrname password pword This command downloads a new software image from a remote server It ...

Page 184: ...ncel upgrade 3 When requested confirm your intent If you confirm that you want to cancel the software upgrade a message appears in the other CLI session informing it s user that the upgrade has been cancelled CAUTION Because the software upgrade process was interrupted the software in the standby software load bank may no longer be suitable to reboot the system Do not set it to be the next active ...

Page 185: ...w Version BA100 8 0 8 D 2008 09 18 18 18 r19148 State Shadow CommitState committed Md5Sum OK Bootloader Info PPC405EP Common Bootloader Version 4 06 11 06 2008 Activating a Software Load To activate a software load enter the following system reboot The reboot command is only available if you are logged in as root This command forces the unit to execute with the new load and completes the activatio...

Page 186: ...New Software Load system commit load Once you have activated the unit with new software load you can commit it with this command See Figure 11 CAUTION This command copies the contents of the active software bank to the standby bank For example if the active software bank is A its contents overwrite those of bank B Backing out is no longer possible after the new software load has been committed Aft...

Page 187: ...sible to back out from a software upgrade in case its effects are undesired but only if the new software load has not been committed See Figure 12 on page 187 Figure 12 Backing Out from an Uncommitted Software Upgrade When you back out of a software upgrade the old load overwrites the new software load To back out from an upgrade do the following steps 1 Determine which bank has the old software l...

Page 188: ...e significantly longer up to 20 minutes depending on the unit s configuration 4 Run the commit command Running the commit command is not necessary if the system is already executing the old software load because you have decided for example to back out of the upgrade before activating the new load In this case the content of the old software load which is active overwrites the contents of the new ...

Page 189: ...when you are determining infrastructure requirements pre configuring the BelAir units installing BelAir units problem solving on the site mounting BelAir units commissioning the BelAir units User Guide Use this document when you are becoming accustomed to the CLI interface becoming accustomed to the SNMP interface accessing the Web interface configuring the unit IP parameters data and time Etherne...

Page 190: ...212 Document Number BDTM11001 A01 Released upgrading the unit saving and restoring the configuration Troubleshooting Guide Use this document when you are troubleshooting and in need of technical support looking up system configuration details Alarms and events System logs Statistics ...

Page 191: ... your situation If it does do the provided corrective actions 2 If the troubleshooting guide does not cover your situation contact your BelAir Networks product representative 3 If you still need assistance use the BelAir Networks online support center at www support belairnetworks com 4 Finally if your issue is not resolved contact BelAir Networks 613 254 7070 1 877 BelAir1 235 2471 techsupport be...

Page 192: ...aintain a loop free network BSS Basic Service Set A set of 802 11 compliant stations that operate as a fully connected wireless network Client A device that uses the services of a wireless access point to connect to a network CLI Command Line Interface DHCP Dynamic Host Configuration Protocol IP Internet Protocol IP address The Internet Protocol IP address of a station Expressed in dotted notation...

Page 193: ...e Set Identifier also referred to as Network Name or Id A unique identifier used to identify a radio network and which stations must use to be able to communicate with each other or to an access point SSL Secure Socket Layer TCP Transmission Control Protocol TKIP Temporal Key Integrity Protocol an optional IEEE 802 11 function that offers frame transmission privacy Like WEP it is based on RC4 encr...

Page 194: ...ssword and privacy keys Unit part number located on the sticker on to the unit __________________________ Unit serial number located on the sticker on to the unit __________________________ Super user password ____________________________ System Name ______________ Location ____________ Contact _______________ Base MAC Address ______________ IP Address _____________Subnet ______________ Gateway __...

Page 195: ...on PSMv2 only TKIP or AES Others AES only ____________________ RADIUS or 8 to 63 byte pre shared key ___________________________________________ dot1x RADIUS EAP authentication 1 ________________ 2 ________________ 3 ________________ 4 ________________ __________________ Y or N wep40 RADIUS or 5 byte pre shared key _______________________________________________ wep104 RADIUS or 13 byte pre shared...

Page 196: ...to MP star ________________________________ P to MP star role base station or subscriber station ____________________________ P to MP star link index ____________________________ WiMAX Backhaul Setting if configured Interface wimax ___ ___ Mode base station or subscriber station ____________________________ Channel _______________ Bandwidth _____________________ Antenna gain ________ Key 16 charac...

Page 197: ...ccess to system commands you can reset the unit to the factory defaults CAUTION By performing the following procedure all local configuration data will be replaced by default factory settings You will not be able to recover any local configuration data CAUTION You may not able to reestablish connectivity to a remotely located unit after you execute this procedure Use the following command sequence...

Page 198: ...arefully remove the Reset Cover Screw with its gasket and place it in a secure location 3 With a pen tip or paperclip gently press the unit s reset button for more than 5 seconds The reset button is located in the hole exposed by removing the Reset Cover Screw Refer to Figure 13 The Power Status LED should become amber once you release the reset button indicating that the unit is initializing Note...

Page 199: ...lts May 31 2010 Confidential Page 199 of 212 Document Number BDTM11001 A01 Released 4 Reinstall the Reset Cover Screw and its gasket Make sure you tighten the screw enough so that the gaskets forms a watertight seal over the reset button access hole ...

Page 200: ...h a Pre deployed NMS 7 Web Interface 9 Accessing the Web Interface 9 Accessing the System Page with Secure HTTP or with HTTP 9 Stopping a Session 11 Additional Troubleshooting Tools 11 Command Line Interface Basics 12 Connecting to the BelAir100SN 12 Starting a CLI Session 13 Command Modes 14 Abbreviating Commands 18 Command History 18 Special CLI Keys 18 Help Command 19 Saving your Changes 21 Sav...

Page 201: ...h 24 Starting a Telnet Session 25 Radio Configuration Summary 25 Script Files 25 BelAir100SN Access Methods 27 SNMP Configuration Guidelines 27 SNMPv1 v2 Servers 27 SNMPv3 Servers 27 SNMP Naming Restrictions 27 SNMP Command Reference 28 SNMP Agent 28 SNMP Configuration 28 Communities 29 Traps 29 Users 30 Notifications 30 Authentication Traps 31 Engine Identifier 32 Telnet 32 HTTP 32 Secure HTTP 32...

Page 202: ...imeout Interval 41 CLI Prompt Customization 41 IP Settings 43 Displaying IP Parameters 43 Configuring IP Parameters 44 Configuring Dynamic IP Addressing 44 Renewing the IP Address 45 Auto IP 45 Setting a Static IP Address and Subnet Mask 45 Static IP Routes 46 Configuring the Domain Name System Lookup Service 46 Configuring IP Address Notification 46 System Settings 47 Country of Operation 47 Syst...

Page 203: ... Specifying a Physical Interface in Script 54 Guidelines for Using the reboot Command in a Script 58 Transferring Files to and from a BelAir Node 60 Managing Script Files 61 Enabling or Disabling Session Logging 61 BelAir100SN Auto configuration 63 DHCP Options 63 Pre requisites 65 Configuring and Using DHCP Options 65 Accepting Specific DHCP Parameters 65 Configuration Download Profile 66 Pre req...

Page 204: ... 75 Restarting a Card 75 Wi Fi Radio Configuration Overview 76 Available Wi Fi Radios 76 Configuration Process 76 Configuring Wi Fi Radio Parameters 77 Displaying Wi Fi Radio Configuration 77 Displaying Configuration Options 78 Operating Channel 79 Antenna Gain 80 Transmit Power Level 81 Link Distance 82 Dynamic Frequency Selection 82 Minimum Receive Threshold 83 802 11b Protection 83 ARP Filterin...

Page 205: ... Broadcast to Unicast Packet Conversion 97 Wi Fi AP Security 99 Security Options for Wireless Clients 99 RADIUS Servers for Wireless Clients 100 Managing RADIUS Servers 103 Changing RADIUS Server Admin State 104 Assigning SSIDs to RADIUS Servers 104 RADIUS Pre authentication 104 RADIUS Assigned VLAN 105 RADIUS Accounting 105 Client Authentication and De authentication Trap 106 AP Privacy 106 Wirel...

Page 206: ...Backhaul Mesh 120 Configuring Mobile Backhaul Mesh Links 121 Displaying Mobility Configuration and Status 121 Configuring MIMO Operation for Mobile Applications 122 Configuring and Enabling Mobile Backhaul Mesh Links 122 Mobile Backhaul Point to point Links 124 Scanning Process 125 Sample Subscriber Station Configuration 125 Sample Base Station Configuration 127 Mobile Backhaul Point to point Comm...

Page 207: ...e Mesh Path Selection 137 Blacklist SNMP Support 137 Client Association Records 137 CTS to Self Control 138 DHCP to Attached Clients Only 138 ARP to Attached Clients Only 138 Upstream Broadcast Filter 138 Secure Port Mode 139 Wireless Bridging 139 Client Load Balancing 139 Client Authentication History 139 Radio Rate Limiting 140 Automatic Mesh Connect 140 Traffic Test Tool 140 DHCP Relay Settings...

Page 208: ...151 Displaying Tunnel Configuration and Status 152 Starting and Stopping Layer 2 Tunneling 153 Configuring Layer 2 Tunnels 153 Setting Tunnel Engine Parameters 154 Configuring Tunnel Advanced Parameters 155 Configuring Layer 2 Extended Tunnels 156 Bandwidth Limits 157 Configuring Tunnels for the RedBack SmartEdge Router 157 Mapping User Traffic 158 Configuring Authentication 159 Configuring a Tunn...

Page 209: ...tings 170 Displaying the RSTP Topology Information 172 Displaying RSTP Port Roles and States 174 Configuring the Bridge Aging Time 176 RSTP Priority 176 RSTP Version 176 Transmit Hold Count 176 Max Age Hello Time and Forward Delay 177 RSTP Link Priority 177 RSTP Static Path Cost 178 Dynamic Path Cost 178 RSTP Protocol Migration on an Interface 179 RSTP Edge Port Status 179 RSTP Point To Point Stat...

Page 210: ...2 Appendix A Node Configuration Sheets 194 Appendix B BelAir100SN Factory Defaults 197 Resetting to Factory Defaults with a CLI Command 197 Resetting to Factory Defaults with the Reset Button 197 Detailed Table of Contents 200 List of Figures Figure 1 BelAir100SN Hardware Module Block Diagram 5 Figure 2 Typical Login Page 10 Figure 3 Typical Web Interface Main Page 10 Figure 4 Sample Output of mod...

Page 211: ...Bs 7 Table 3 BelAir Enterprise MIBs 8 Table 4 Command Line Interface Modes 15 Table 5 Super user commands 34 Table 6 Physical Interface Parameter Settings 73 Table 7 BelAir Wi Fi Radio Summary 76 Table 8 Auth Field Value Descriptions 88 Table 9 DHCP Field Value Descriptions 88 Table 10 RADIUS Attributes 101 Table 11 Wi Fi Backhaul Configuration Requirements 114 Table 12 Traffic Priority Queues 161...

Page 212: ...613 254 7070 May 31 2010 Confidential Page 212 of 212 Document Number BDTM11001 A01 Released General Information info belairnetworks com Sales sales belairnetworks com Technical Support techsupport belairnetworks com Visit us on the web at www belairnetworks com 212 BelAir100SN User Guide ...

Reviews:

No comments

Related manuals for BelAir 100SN

Kasda KA300 User Manual preview
KA300
Brand: Kasda Pages: 42
Extreme Networks EN-SLX 9640-24S-12C Installation Manual preview
EN-SLX 9640-24S-12C
Brand: Extreme Networks Pages: 113
Lanpro LP-1521 Manual preview
LP-1521
Brand: Lanpro Pages: 3
Ubiquiti AirRouterHP User Manual preview
AirRouterHP
Brand: Ubiquiti Pages: 61
Check box Wireless Hotspots HSv210 Setup & User Manual preview
Wireless Hotspots HSv210
Brand: Check box Pages: 36
Belkin F5D7132 - Wireless G Universal Range Extender/Access Point Specifications preview
F5D7132 - Wireless G Universal Range Extender/Access Point
Brand: Belkin Pages: 2
HABITECH RIVI RV65 Quick Setup preview
RIVI RV65
Brand: HABITECH Pages: 3
TRENDnet TEW-311BRP User Manual preview
TEW-311BRP
Brand: TRENDnet Pages: 127
Motorola AP-621 Series Installation Manual preview
AP-621 Series
Brand: Motorola Pages: 36
Motorola AP-6521-60010-US Installation Manual preview
AP-6521-60010-US
Brand: Motorola Pages: 56
Motorola AP-6511 Installation Manual preview
AP-6511
Brand: Motorola Pages: 46
Motorola AP-650 Series Installation Manual preview
AP-650 Series
Brand: Motorola Pages: 40
Motorola AP-51 Series Product Reference Manual preview
AP-51 Series
Brand: Motorola Pages: 724
Motorola AP-6521E Installation Manual preview
AP-6521E
Brand: Motorola Pages: 44
Motorola AP-6511E Installation Manual preview
AP-6511E
Brand: Motorola Pages: 44
Motorola 5750APUSG Specification Sheet preview
5750APUSG
Brand: Motorola Pages: 1
Pioneer CD-ML100 Owner'S Manual preview
CD-ML100
Brand: Pioneer Pages: 6
EnGenius ECB600 Quick Installation Manual preview
ECB600
Brand: EnGenius Pages: 2

Brands by name

Popular brands

Load more brands