Carrier Access Broadmore 1750 User Manual Download Page 272 | Manualshive

Page: 272 / 420

background image

11-6

Broadmore 1750 - Release 4.6

Security Management (FIPS Mode)

Authentication and Identification

Authentication and Identification

The cryptographic module supports distinct operator roles and enforces the separation
of these roles using identity-based operator authentication that requires a Username and
Password, and optional SecurID.

The SecurID option has no effect on FIPS 140-2 compliance. When SecurID is
enabled, operators must also enter a SecurID token before they can gain access to the
Broadmore. The SecurID token is a number that may be constant or change every
minute, and it is verified by an RSA Authentication Manager deployed at the customer
site.

A username and password are always required to log in, whether or not SecurID is
enabled. The mandatory username is an alphanumeric string of characters whose
minimum length can be set by the Security Officer. The password is a string of
characters from the 94 printable and human-readable characters whose length can be
set by the Crypto Officer.

Passwords be changed at least once every 6 months and that users be instructed to use
a random combination of all the usable characters for passwords.

Upon successful authentication, the role and privilege level are selected based on the
identity (username) of the operator. At the end of a session, the operator should log off,
though the user is automatically logged off after a configurable period of inactivity.

Role

Privilege Level

Authorized Functions

User

Browser

User is able to look at most all data plane information but is not able to
affect anything. To protect security data, no file access is permitted.
This role cannot access the security settings.

Operations

User is able to perform data plane configurations, such as defining
PVCs, SVCs, configuring service card parameters. To protect security
data, no file access is permitted under this privilege level. This role
cannot access the security settings.

SysAdmin

User is able to perform global configuration operations such as
redundancy. To protect security data, no file access is permitted. This
role cannot access the security settings.

Crypto
Officer

SuperUser

This role is required to manage system accounts, use SFTP, and alter
security settings. Only users at this privilege level may turn FIPS
mode on or off.

«
...
270
271
272
273
274
...
»

Summary of Contents for Broadmore 1750

Page 1: ...Broadmore TM 1750 USER MANUAL Part Number 770 0020 DC Product Release 4 6 January 2008 ...

Page 2: ...late into any medium electronic mechanical magnetic optical chemical manual or otherwise any part of this manual or software supplied with the Broadmore 1750 for any purpose other than the purchaser s personal use without the express written permission of Carrier Access Corporation Broadmore and the Carrier Access logo are trademarks of Carrier Access Corporation All other brand or product names a...

Page 3: ...ly to cause harmful interference in which case the user will be required to correct the interference at the user s own expense WARNING TO MEET FCC PART 15 CLASS A RADIATED EMISSIONS REQUIREMENTS YOU MUST FOLLOW SPECIFIC INSTALLATION REQUIREMENTS GIVEN FOR EACH MODULE USED IN THIS CHASSIS WHICH ARE PROVIDED IN THE MODULE INSTALLATION SECTION FOR MORE INFORMATION ABOUT INSTALLING CABLES ACCORDING TO...

Page 4: ...le Validation Program CMVP validated Broadmore to FIPS 140 2 Level 1 overall Certificate 478 November 2004 Certificate and Security Policy maintained at http csrc nist gov cryptval JITC Validated Joint Interoperability Test Certification JITC at Ft Huachuca 23 June 2006 TSSI Certificate on NIPRNET at http jitc fhu disa mil tssi IPv6 Ready The IPv6 Forum certified the Broadmore as IPv6 ready on 26 ...

Page 5: ...CSA C22 2 NO 60950 00 No 950 95 Standard for Safety for Information Technology Equipment CSA has certificated to both standards for product safety The CSA File Number is LR 107313 Some telecommunications equipment does not provide overvoltage or power cross protection on DS1 lines Equipment that does not provide overvoltage or power cross protection is not compliant with the National Electrical Co...

Page 6: ...ge potentials as high as 300 VAC may be present across the transmit and receive pairs Only use No 26 AWG or larger telecommunication line cord to reduce the risk of fire Never install telephone wiring during a lightning storm Never install telephone jacks in wet locations unless the jack is specifically designed for wet locations Refer to the installation section of this manual for a safe and prop...

Page 7: ...AUSE DEATH OR SEVERE PERSONAL INJURY IF THE HAZARD IS NOT AVOIDED CAUTION A CAUTION NOTICE INDICATES THE POSSIBILITY OF INTERRUPTING NETWORK SERVICE IF THE HAZARD IS NOT AVOIDED WARNING A WARNING NOTICE INDICATES THE POSSIBILITY OF EQUIPMENT DAMAGE IF THE HAZARD IS NOT AVOIDED NOTE A NOTE INDICATES INFORMATION TO HELP YOU UNDERSTAND HOW TO PERFORM A PROCEDURE OR HOW THE SYSTEM WORKS NOTES SHOULD B...

Page 8: ...g precautions before installing a system component 1 Do not remove a component from its protective packaging until ready to install it 2 Wear a wrist grounding strap and attach it to an ESD connector or a metal part of the system unit before handling components If a wrist strap is not available maintain contact with the system unit throughout any procedure requiring ESD protection An ESD warning l...

Page 9: ...contact your Carrier Access representative for support program details Warranty Procedure BUYER must promptly notify Carrier Access of any defect in the Product or Software and comply with Carrier Access return repair policy and procedures Carrier Access or its agent will have the right to inspect the Product or workmanship on BUYER s premises With respect to a warranty defect in Product hardware ...

Page 10: ...ificantly impair the function or service of the Carrier Access Product or the system Determination of Severity 1 2 or 3 shall be made solely by Carrier Access following receipt of the reported problem Refurbished material may be used to repair or replace the Product BUYER shall bear the risk of loss for Products or Software returned to Carrier Access for repair replacement or service and the same ...

Page 11: ... free THE WARRANTIES IN THIS AGREEMENT REPLACE ALL OTHER WARRANTIES EXPRESSED OR IMPLIED AND ALL OTHER OBLIGATIONS OR LIABILITIES OF CARRIER ACCESS INCLUDING ANY WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE NONINFRINGEMENT AND OR ANY IMPLIED WARRANTIES ARISING OUT OF COURSE OF PERFORMANCE OR COURSE OF DEALING ALL OTHER WARRANTIES ARE DISCLAIMED AND EXCLUDED BY CARRIER ACCESS THE ...

Page 12: ...s required for all equipment returned to Carrier Access Corporation Call Carrier Access Corporation Customer Support at 800 786 9929 or 303 442 5455 for RMA number repair warranty information and shipping instructions Be prepared to provide the following information Carrier Access Corporation serial number s from the system chassis or circuit card s Name of distributor or dealer from which you pur...

Page 13: ... 1 4 ATM Interfaces 1 4 User Equipment Interfaces 1 4 Management Interfaces 1 5 System Description 1 7 Features 1 7 Chassis 1 8 Fan Tray 1 9 Power and Redundancy 1 9 Grounding 1 9 Alarms 1 9 Modules 1 10 Module Descriptions 1 12 OC 12c STM 4c NIM 1 13 NIM IOM 1 14 Unstructured DS3 3 SAM 1 15 Unstructured E3 3 SAM 1 16 Unstructured DS3 3 E3 3 IOM 1 17 Structured DS3 SAM 1 18 Table of Contents ...

Page 14: ...em Planning Factors 2 6 System Architecture 2 6 Cell Bus Configuration 2 8 Unstructured DS3 3 E3 3 Configuration Guidelines 2 9 Structured DS3 Configuration Guidelines 2 10 ATM Bandwidth per Cell Bus 2 11 ATM Bandwidth per Module 2 12 ATM Network Loading 2 12 Installation Planning Factors 2 13 Ordering Guide 2 15 Contact Information 2 15 Broadmore 1750 Chassis 2 15 Broadmore 1750 Options and Spare...

Page 15: ...tallation Procedures 5 3 Overview 5 4 Tools 5 5 Remove Chassis Covers 5 5 Module Locations 5 6 Installation Sequence 5 8 NIM Installation 5 9 SAM Installation 5 10 CPU Installation 5 10 APM Installation 5 10 NIM IOM Installation 5 11 SAM IOM Installation 5 11 Protection SAM IOM Installation 5 11 CPU IOM Installation 5 12 APM IOM Installation 5 12 Replace Chassis Covers 5 13 Fan Tray Installation P...

Page 16: ...DS3 3 E3 3 IOM Connections 6 9 Structured DS3 IOM Connections 6 10 CPU IOM Connections 6 11 Remote Shutdown Connections 6 11 Serial Port Connections 6 11 Ethernet Connections 6 11 Power Supply Connections 6 12 Optional AC Power Supply Connections 6 12 Broadmore Power Input Connector 6 14 Connecting 48 VDC Power 6 14 Software 6 15 7 Configuration Overview 7 2 Power up 7 3 User Interface Requirement...

Page 17: ...iguration 7 23 Power Supply Redundancy 7 24 Module Redundancy 7 25 Protection Definitions 7 25 NIM Redundancy 7 26 SAM Redundancy 7 29 CPU Redundancy 7 33 Module Configuration 7 37 How to Configure Specific Modules 7 38 OC 12c STM 4c 7 39 OC 12c STM 4c BITS Timing Redundancy 7 40 Unstructured DS3 SAM 7 43 Structured DS3 SAM 7 50 Unstructured E3 3 SAM 7 57 PVC Connection 7 63 SVC Connection 7 65 VP...

Page 18: ...8 16 Redundancy 8 16 CPU Sync 8 17 Problem Isolation 8 18 Port Loopback 8 19 Failure Recovery 8 21 Alarm Response Reset 8 22 Flowchart 8 22 Repair Replacement 8 30 Power Supply 8 31 NIM Replacement 8 32 SAM Replacement 8 33 IOM Replacement 8 34 CPU Replacement 8 35 CPU IOM Replacement 8 36 Fan Replacement 8 36 Integrated Fan Alarm Module Replacement 8 37 General Maintenance 8 39 Fan Filter Cleanin...

Page 19: ...anagement Security Features 10 2 Security Guidance 10 3 Logging In 10 5 Log in Banner 10 6 System Clock 10 7 Network Time Protocol 10 8 Managing Users and Audit Trails 10 10 User ID Rules 10 10 Change User ID 10 11 User Audit Trails 10 13 IP ICMP Messages 10 17 SNMP Messages 10 18 Shell Commands Non FIPS Mode 10 19 FIPS Mode 10 19 Authorized Access to Shell Commands 10 19 FTP Login 10 21 ...

Page 20: ...ging in with SecurID Enabled 11 11 Log in Banner 11 13 System Clock 11 14 Network Time Protocol 11 15 Changing Security Modes 11 17 Help About Security 11 17 Enabling FIPS Mode 11 18 Disabling FIPS Mode 11 20 Enabling SecurID 11 21 Disabling SecurID 11 24 IP ICMP Messages 11 24 SNMP Messages 11 25 User Administration and Audit Trails 11 26 User ID Rules 11 26 Change User ID 11 27 User Audit Trails...

Page 21: ...ility 11 50 Non Volatile Memory 11 50 Network Interfaces 11 51 Sanitation Procedures 11 51 12 SNMP Configuration SNMP Overview 12 2 SNMP Properties 12 3 USM VACM Configuration 12 6 Users 12 8 Groups 12 13 Views 12 16 Access 12 19 Communities 12 24 Trap Configuration 12 28 Trap Detection Overview 12 28 Trap Management Overview 12 29 Table Usage 12 32 Targets 12 33 Target Parameters 12 35 Notificati...

Page 22: ... A 5 Environment A 5 Broadmore Modules A 6 OC 12c Network Interface Modules NIMs A 6 DS3 T3 Structured Circuit Emulation SAM A 6 DS3 Unstructured Circuit Emulation SAM A 7 E3 Unstructured Circuit Emulation SAM A 7 B Spare Parts List C Software Error Messages Overview C 2 System Errors C 3 Setup Errors C 4 D Sample Network with RFC 1577 Configuration E Chassis Differences Broadmore Chassis Differen...

Page 23: ...oopback Interface Address F 4 Testing route6 Application F 5 Adding an IPv6 Route F 5 Adding a Host Route F 5 Adding a Network Route F 5 Showing all IPv6 routes configured in the Broadmore F 6 Deleting the Default Route F 7 Deleting a Host Route F 7 Deleting a Network Route F 7 G Broadmore Command List Commands Available at the Command Prompt G 2 Commands Available at the CLI Prompt G 3 Glossary A...

Page 24: ...xii Broadmore 1750 Release 4 6 Table of Contents ...

Page 25: ...CHAPTER 1 Product Description In this Chapter Purpose 1 2 Applications 1 3 Interfaces 1 4 System Description 1 7 Module Descriptions 1 12 ...

Page 26: ...roadband services voice video and data over ATM networks Typically it is deployed at the edge of an ATM network as the ATM node element closest to the customer The Broadmore accepts signals from non ATM ready equipment converts the signals to standard ATM cells and multiplexes the cells onto a single ATM User Network Interface UNI port The Broadmore accepts constant bit rate CBR services Permanent...

Page 27: ...al ATM and satellite networks The Central Office configuration described in this manual has fully redundant network and service interfaces CPUs and power supplies The OC 12c network interface transports a variety of multiplexed TDM services including structured and unstructured DS3 and unstructured E3 services for voice and data communications ...

Page 28: ...e following ATM Network Interface Modules NIMs OC 12c STM 4c 622 Mbps singlemode intermediate reach IR SC connectors OC 12c STM 4c 622 Mbps multimode premise reach PR SC connectors User Equipment Interfaces The Broadmore 1750 supports the following network and Service Access Modules SAMs to support user data services Unstructured DS3 3 three ports Unstructured E3 3 three ports Structured DS3 ...

Page 29: ... SuperUser access can assign user names passwords and access levels FIPS Interface The Broadmore now includes the Broadmore SSHield Management Module which is a FIPS 140 2 validated software only module that meets the security requirements of Federal Information Processing Standard PUB 140 2 The Broadmore can operate in either FIPS mode or non FIPS mode depending on the desired level of security F...

Page 30: ...ccessed via Craft terminal or PC using the RS 232 serial or modem interface IP over ATM protocols RFC 1577 Classical IP CLIP and LAN Emulation Client LANE with the Broadmore acting as the LEC Telnet or SecureCRT via Ethernet or IP over ATM User Interfaces There are two principal user interfaces to the Broadmore system management software Communication Access Multiplexer Management Interface CAMMI ...

Page 31: ...50 consists of a chassis and various plug in modules This fully integrated system provides the following features Redundant power sources CPUs NIMs and SAMs Front loadable hot swappable modules that allow for single part replacement without affecting other portions of the system Cable separation with user equipment copper coax interfaces on the chassis rear and fiber optic ATM interface cables on ...

Page 32: ...ounting brackets are configured for standard EIA 19 inch rack installation These brackets may be rotated 90 degrees for 23 inch relay rack installation The chassis has removable front and rear covers which should remain in place during normal operations These covers should only be removed to provide internal access for installation maintenance or system upgrade Rear Cover Midplane Chassis Cover Ne...

Page 33: ...ith one power input but connecting an independent power source to the second input will provide redundancy A redundant AC power supply tray P N 7660 17PS is available as a separate unit designed to be rack mounted directly below the Broadmore 1750 chassis The AC Power Supply supports two non load sharing hot swappable power supply modules Each module is capable of supporting a Broadmore 1750 with ...

Page 34: ...imum usable configuration with a factory installed Alarm Power Module in the right most slot Unused slots are covered with blank panels except the slots for a single NIM SAM and CPU module The Broadmore 1750 chassis can be configured with the following modules Network Interface Module NIM 1 or 2 must be identical Service Access Module SAM 1 to 4 Unstructured DS3 3 or E3 3 SAMs in slots C F J and M...

Page 35: ...PU R A PM N IMSlots SA MSlots C PUSlots PR O TEC TIO N SA M O C 12c N IM O C 12c N IM uD S3 3 or uE3 3 SA M CPU CPU A PM uD S3 3 or uE3 3 SA M uD S3 3 or uE3 3 SA M uD S3 3 or uE3 3 SA M A B C D E F G H J K L M N P CPU Q CPU R A PM N IMSlots SAMSlots C PUSlots PR O TEC TIO N SA M O C 12c N IM O C 12c N IM sD S3 SA M CPU CPU A PM sD S3 SA M sD S3 SA M sD S3 SA M sD S3 SA M sD S3 SA M sD S3 SA M sD ...

Page 36: ...dules OC 12c STM 4c NIM 1 13 NIM IOM 1 14 Service Access Modules Unstructured DS3 3 SAM 1 15 Unstructured E3 3 SAM 1 16 Unstructured DS3 3 E3 3 IOM 1 17 Structured DS3 SAM 1 18 Structured DS3 IOM 1 19 Protection IOM 1 21 System Modules CPU 1 22 CPU IOM 1 23 Alarm Power Module APM 1 24 Alarm Power Module IOM 1 25 ...

Page 37: ...compatible with any combination of SAMs installed in the Broadmore 1750 chassis up to the available bandwidth Interface from the SAMs to the NIM is accomplished via the chassis midplane An OC 12c STM 4c single mode Intermediate Reach IR module supports ATM physical PHY data rates up to OC 12 622 080 Mbps Indicators FAULT normal no fault major alarm or minor alarm ON LINE normal standby or not read...

Page 38: ...he option of synchronizing the Broadmore 1750 master clock to an external source BITS timing is provided to the Broadmore 1750 via the NIM IOM In a redundant system BITS clock may be provided to each NIM IOM Connectors NIM IN BNC connector reserved for future use NIM OUT BNC connector reserved for future use BITS RJ48C connector for BITS input clock Jumpers BITS impedance matching jumpers located ...

Page 39: ...44 736 Mbps Input and output coax connectors are provided for each port on the DS3 IOM Both PVC and SVC services are provided Either may be chosen through appropriate module configuration The Broadmore 1750 supports 11 DS3 ports within the available OC 12 ATM bandwidth of 622 080 Mbps Indicators FAULT normal no fault major alarm minor alarm or no connection ONLINE normal standby or not ready ALARM...

Page 40: ... and output coax connectors are provided for each port on the IOM Both PVC and SVC services are provided Either may be chosen through appropriate module configuration The Broadmore 1750 supports 12 Unstructured E3 ports within the available OC 12 ATM bandwidth of 622 080 Mbps Controls FAULT normal no fault major alarm minor alarm or no connection ONLINE normal standby or not ready ALARM one LED pe...

Page 41: ...behind corresponding SAM Description Each Unstructured DS3 E3 IOM provides three ports When used with a DS3 SAM each port operates at 44 736 Mbps When used with an E3 SAM each port operates at 34 368 Mbps Connectors Three pairs of BNC coaxial connectors for RG 59 75 ohm cable IN port receiver RX input OUT port transmitter TX output IOM DS3 IN OUT 1 IN OUT IN OUT 7 6 6 0 4 0 9 2 3 ...

Page 42: ...port on the IOM Both PVC and SVC services are provided Either may be chosen through appropriate module configuration The Broadmore 1750 supports a maximum of four Structured DS3 modules with the standard fan tray Configurations using more than four Structured DS3 SAMs require a high capacity 3 fan tray for cooling Contact factory for details Indicators FAULT normal no fault major alarm minor alarm...

Page 43: ...d DS3 IOM Module Type IOM Part Number 7660 416 Slot Number Mounts in chassis rear behind corresponding SAM Description One structured DS3 port at 44 736 Mbps Connectors One pair of BNC coaxial connectors IN receiver input OUT transmitter output IOM DS3 STRUCT IN OUT 1 7 6 6 0 4 1 6 ...

Page 44: ...behind corresponding SAM Description Each Unstructured DS3 E3 IOM provides three ports When used with a DS3 SAM each port operates at 44 736 Mbps When used with an E3 SAM each port operates at 34 368 Mbps Connectors Three pairs of BNC coaxial connectors for RG 59 75 ohm cable IN port receiver RX input OUT port transmitter TX output IOM DS3 IN OUT 1 IN OUT IN OUT 7 6 6 0 4 0 9 2 3 ...

Page 45: ...7660 410 Slot Number Mounts in Broadmore 1750 chassis rear behind corresponding protection SAM in slot P Description Provides n 1 circuit switching for the protection SAM in slot P Connectors None Inputs and Outputs continue to be provided by the connectors on the failed SAM s IOM IOM nx1 PROTECT 7 6 6 0 4 1 0 ...

Page 46: ...SSHield management software on a flash disk system The operating system is pSOS version 2 2 7 Controls Toggle switch ON normal operation OFF turns CPU off RESET resets the CPU Indicators MASTER lights green when operating as master lights amber when operating as standby Normally the CPU that comes online first will be the master ON LINE ACTIVITY blinks amber to indicate CPU activity including mast...

Page 47: ...pins 1 2 or pins 3 4 Jumpers control how these contact closures work Jumpers REMOTE SHUT DOWN Two user installed jumpers on the component side of the module control how the remote contact closures work As shipped the jumpers connect pins 1 2 to pins 3 4 so that shorting either pair will reboot both CPUs With the jumpers removed shorting pins 1 2 will reboot the other slot CPU shorting pins 3 4 wil...

Page 48: ...provided for each power source to indicate power is present Major and minor alarms are displayed via LEDs which are visible with the front panel installed An over temperature indicator on the front of this module is reserved for future use The APM is user replaceable Indicators MAJOR ALARM lights red for major alarm MINOR ALARM lights amber for minor alarm FAN FAIL lights red when fan tray fails O...

Page 49: ... B and the other two fuses are provided as spares The chassis will operate with only one power source but two independent sources are recommended to provide power supply redundancy Power alarm and grounding connections are made to the connector panel at the bottom rear of the chassis Fuses RAIL A protection fuse for 48VDC power input A RAIL B protection fuse for 48VDC power input B SPARE FUSES two...

Page 50: ...1 26 Broadmore 1750 Release 4 6 Product Description Alarm Power Module IOM ...

Page 51: ...CHAPTER 2 Planning and Ordering Guide In this Chapter Application Planning Guide 2 2 System Planning Factors 2 6 Installation Planning Factors 2 13 Ordering Guide 2 15 ...

Page 52: ...transport of existing broadband services voice video and data over ATM networks The Broadmore accepts signals from non ATM ready equipment converts the signals to standard ATM cells and multiplexes the cells onto a single ATM User Network Interface UNI port Permanent Virtual Circuit PVC and Switched Virtual Circuit SVC services are available based upon the user defined module configuration The Bro...

Page 53: ...gation and Backhaul The Broadmore 1750 provides Massive DS3 trunking Remote shelf extension to the ATM network Reduced costs increased access Up to 11 DS3s per ATM Switch interface versus the usual 4 Edge cross connect capability User connections switched directly Central terminations are not required as with DACS ...

Page 54: ...on Distributed Protection Switching DPS Circuit source destination device edge node and CPE protection Logical and physical redundancy between the switch and access shelf Unprecedented SLA delivery for TDM and Serial link Maximum network availability APS functionality through ATM technology Guaranteed interoperability Simple configuration APS Features and Benefits Two ports are grouped as primary ...

Page 55: ...rce and or destination devices SPVx Source Resiliency Option 2 SPVC connection between source switches monitors status of active switch Once failure is identified initiates fail over to backup SPVx Destination Resiliency Option 3 Full redundancy for the destination device port destination switch access link and core Primary and backup destinations can be geographically separate APS and DPS Feature...

Page 56: ...ing a system to meet customer requirements System Architecture The Broadmore 1750 system architecture is based upon a midplane design allowing modules to be installed from the front and rear of the chassis There are 17 vertical slots as viewed from the front with the cover removed The figure shown below shows a fully redundant system configured with OC 12c NIMs and Unstructured DS3 SAMs A B C D E ...

Page 57: ...s follows The right most slot labeled APM is for the Alarm Power Module The two left most slots labeled A and B support Network Interface Modules NIMs The protection NIM goes in slot A and the working protection NIM in slot B If the system is not configured for NIM redundancy the single NIM should be inserted in slot B The two slots closest to the APM slot labeled CPU Q and CPU R support the CPU m...

Page 58: ...ur cell buses designated A C D and E Each cell bus is associated with specific module slots as shown below A B C D E F G H J K L M N P NIM Slots CELL BUS E CELL BUS D CELL BUS C Available Bandwidth is 152 520 Mbps Available Bandwidth is 152 520 Mbps Available Bandwidth is 152 520 Mbps CELL BUS A Available Bandwidth is 129 480 Mbps SAM Slots CPU Q CPU R APM SAM Pro tection Slot Cell Bus C Cell Bus ...

Page 59: ...needed for each cell bus However to utilize the 1 N SAM protection feature all SAMs must be identical and be installed in specific slots For NIM redundancy install OC 12c NIMs in slots A and B If a single OC 12c NIM is used it should be installed in slot B Working SAMs must be installed in slots C F J and M corresponding to cell buses C D E and A respectively The Protection SAM is installed in slo...

Page 60: ... OC 12c NIM is used it should be installed in slot B To utilize the 1 N SAM protection feature working SAMs are installed in slots C to N and the protection SAM is installed in slot P NOTE Configurations using more than four Structured DS3 SAMs require a high capacity 3 fan tray for cooling Contact factory for details A B C D E F G H J K L M N P CPU Q CPU R A PM N IMSlots SA MSlots C PUSlots PR O ...

Page 61: ...can multiplex data onto all four ATM cell buses providing a maximum ATM bandwidth of up to 599 04 Mbps The maximum ATM bandwidth for each cell bus is shown below Cell Bus Service Slots ATM Bandwidth Available to SAMs A C thru N used by SAMs Q R used by CPUs for AAL5 management traffic 129 48 Mbps C C D E 155 52 Mbps D F G H 155 52 Mbps E J K L 155 52 Mbps Total All service slots 599 04 Mbps ...

Page 62: ...50 can load the network UNI to 95 capacity without dropping cells Service capacities are shown in the following table ATM Service Capacity Module P N Module Description ATM Bandwidth Required Mbps 7660 206 CPU FIPS 10Base T AAL5 Average 2 5 Mbps Maximum 4 0 Mbps 7660 034 DS3 Unstructured 3 port Whole DS3 50 45 Mbps Maximum 151 35 Mbps all ports in service 7660 045 E3 Unstructured 3 port Each port ...

Page 63: ...s the following access clearances for service and maintenance Front 24 Rear 4 Top 1 75 Broadmore 1750 units may be stacked without this clearance Power Source DC Power 48 VDC at 5 amperes is connected to the rear of the Broadmore chassis A second 48 VDC source may be connected for redundancy Optional AC Power Supply Tray Converts 110 240 VAC 50 60 Hz to 48 VDC Rack mounted tray 3 5 high installs i...

Page 64: ...quipment placement User equipment interface cable connections are made to the input output modules at the rear of Broadmore chassis ATM interface connections is via fiber cable to the network interface modules at the front of Broadmore chassis Access and cable strain relief tie down points are provided Chassis front and rear cover removal is required ...

Page 65: ... Inside Sales Direct 800 365 2593 Fax 303 218 5680 E mail inside sales carrieraccess com Products and Solutions www carrieraccess com Broadmore 1750 Chassis Each Broadmore 1750 chassis comes equipped with one CPU and IOM one APM and IOM Dual 48VDC Power Inputs and a Fan Tray The following items are also included CD ROM with Users Guide and Software Grounding Strap Console Cable Combination 19 23 R...

Page 66: ...ter and one Cable to connect to the Broadmore s 48 VDC Power Input 7665 17PS Broadmore 1700 1750 AC Power Supply This is the 240W AC Power Supply used for redundancy in the Broadmore 1700 1750 AC Power Tray 7660 115 Alarm Power Module APM 7660 023 Alarm Power I O Module APM IOM 7660 025 Bussman 7 5 Amp Fuse GMT7 5 Bussman Fuse Cover GMT X Broadmore 1700 1750 Fan Tray 7660 024 Globe Motors Fan Filt...

Page 67: ...nstallations NIM Sets Each set includes the NIM IOM and cable option where applicable Individual Modules Each NIM and corresponding IOM is offered separately for sparing purposes Optical Service Sets Part No OC 12c STM 4c Single Mode Intermediate Reach Optics SC Module Set 7660 314 OC 12c STM 4c Multi Mode Optics SC Module Set 7660 313 Optical Service Modules Part No OC 12c STM 4c NIM Single Mode ...

Page 68: ...ividual Modules Each SAM and IOM is offered separately for sparing purposes TDM Service Sets Part No DS3 Structured Single Port Module Set 7660 372 DS3 Unstructured Three Port Module Set 7660 334 E3 Unstructured Three Port Module Set 7660 345 TDM Service Modules Part No DS3 Structured Single Port SAM 7660 672 DS3 Structured Single Port IOM 7660 416 DS3 Unstructured Three Port SAM 7660 034 E3 Unstr...

Page 69: ...CHAPTER 3 Receipt of Product In this Chapter Receipt 3 2 Unpacking 3 2 Inspection 3 3 ...

Page 70: ...hipment of equipment to the transporter immediately upon receipt Unpacking The Broadmore 1750 chassis is shipped with the Alarm Power module and fan tray installed Additional modules ordered by the customer will normally be installed in the chassis prior to shipping When requested modules can be individually boxed identified and shipped separately in a second container WARNING THE BROADMORE 1750 C...

Page 71: ...E IN INDIVIDUAL STATIC DISSIPATIVE BAGS WITH AN ESD CAUTION LABEL ATTACHED EMPLOY STANDARD ESD HANDLING PROCEDURES INCLUDING USE OF A PROPERLY GROUNDED ESD WRIST STRAP BEFORE OPENING OR HANDLING THESE ITEMS ONLY OPEN THESE BAGS AT AN APPROVED ESD WORKSTATION CAREFULLY RETURN THE CARDS TO THEIR BAGS FOR STORAGE UNTIL INSTALLATION FAILURE TO FOLLOW THESE PROCEDURES WILL VOID THE WARRANTY AND MAY RES...

Page 72: ...3 4 Broadmore 1750 Release 4 6 Receipt of Product Damage Reporting ...

Page 73: ...CHAPTER 4 Chassis Installation and Grounding In this Chapter Precautions 4 2 Installation Factors 4 3 Rack Mounting 4 4 Chassis Grounding 4 7 AC Power Supply Tray 4 8 ...

Page 74: ... DURING RACK MOUNTING THESE COVERS SHOULD ONLY BE REMOVED FOR MODULE INSTALLATION AND MAINTENANCE AS REQUIRED THE COVERS SHOULD BE REPLACED AS SOON AS POSSIBLE AFTER SUCH TASKS ARE COMPLETED WARNING THE BROADMORE 1750 MOUNTING BRACKETS SHALL BE CONNECTED TO THE CHASSIS USING ONLY THE SCREWS PROVIDED FOR INITIAL BRACKET INSTALLATION THE INSTALLER SHALL BE RESPONSI BLE FOR PROVIDING A STABLE RACK TH...

Page 75: ... the rear of the Broadmore chassis A second 48 VDC source may be connected for redundancy Optional AC Power Supply Tray Converts 110 240 VAC 50 60 Hz to 48 VDC Rack mounted tray 3 5 high can hold two power supplies Unit comes with one power supply and DC cable A second power supply with cable can be added to provide redundant DC power to the Broadmore AC and DC power connections are at the rear of...

Page 76: ...rackets 4 5 Rack Mounting Procedure 4 6 Tools The following tools are recommended to install configure operate and maintain the Broadmore 1750 1 flathead screwdriver for cover removal installation inch hex driver Rack mounting hardware with compatible tools Other standard electronic installation tools as preferred ...

Page 77: ...OR PROVIDING A STABLE RACK THAT SUPPORTS THE WEIGHT OF THE BROADMORE 1750 AS INSTALLED The mounting brackets can be moved to accommodate 23 racks and other mounting positions To install the chassis in 23 racks remove the mounting brackets rotate them 90 degrees and reattach them to the chassis If desired alternate mounting holes are provided for moving the mounting brackets forward or backward for...

Page 78: ...AR COVERS OF THE CHASSIS MUST REMAIN ATTACHED TO PREVENT THE CHASSIS FROM BENDING DURING THE RACK MOUNTING PROCEDURE Perform the following steps 1 Ensure that the front and rear chassis covers are firmly attached to provide mechanical support and prevent accidental damage 2 Carefully lift the Broadmore 1750 and position it in the desired rack location One technician should support the rear and the...

Page 79: ...a ground wire to the equipment rack building ground WARNING THE INSTALLER SHALL BE RESPONSIBLE FOR PROVIDING A PROPER CHASSIS GROUND CONNECTION CONNECT BUILDING GROUND TO THE CHASSIS GROUND STUD DO NOT USE THE SIGNAL GROUNDING STUDS FOR THE BUILDING GROUND CONNECTION C ha ssis G roun d Chassis Ground Stud Ground for ESD Wrist Strap Signal Ground Studs 48 VDC Power Connections Rear Cover ...

Page 80: ...uipment rack building ground AC Power Supply Tray The optional AC Power Supply Tray 7665 17PS is a 3 5 inch high rack mounted unit that converts voltage from 110 220 VAC 50 60 Hz to 48 VDC The unit comes with one 240W AC Power Supply 7660 115 one AC power cord and one 3 5 ft DC cable for connecting to the Broadmore s 48 VDC power input A second power supply with cables can be used to provide redun...

Page 81: ...ly Tray assembly 2 For ease of rack installation you can remove the power supply module s from the tray to make it lighter 3 Adjust the rack mounting brackets for desired for a 19 or 23 inch rack and for front rear mounting configuration As shipped the brackets will fit a 19 rack with front mount configuration The brackets can be removed and rotated 90 degrees to fit a 23 rack 4 Rack mount the tra...

Page 82: ...4 10 Broadmore 1750 Release 4 6 Chassis Installation and Grounding AC Power Supply Tray ...

Page 83: ...CHAPTER 5 Module and Fan Installation In this Chapter Precautions 5 2 Module Installation Procedures 5 3 Fan Tray Installation Procedure 5 14 ...

Page 84: ...BE REPLACED AS SOON AS POSSIBLE AFTER SUCH TASKS ARE COMPLETED WARNING THE BROADMORE CONTAINS CIRCUIT CARDS AND COMPONENTS THAT ARE SUBJECT TO DAMAGE BY ELECTROSTATIC DISCHARGE ESD DO NOT REMOVE A COMPONENT FROM ITS PROTECTIVE PACKAGING UNTIL READY TO INSTALL IT WEAR A WRIST GROUNDING STRAP AND ATTACH IT TO AN ESD CONNECTOR OR A METAL PART OF THE SYSTEM UNIT BEFORE HANDLING COMPONENTS IF A WRIST S...

Page 85: ...res Overview 5 4 Tools 5 5 Remove Chassis Covers 5 5 Module Locations 5 6 Installation Sequence 5 8 NIM Installation 5 9 SAM Installation 5 10 CPU Installation 5 10 APM Installation 5 10 NIM IOM Installation 5 11 SAM IOM Installation 5 11 CPU IOM Installation 5 12 APM IOM Installation 5 12 Replace Chassis Covers 5 13 ...

Page 86: ...jumpers are normally configured during installation to meet user requirements If the chassis is shipped with modules installed the modules may need to be removed configured and reinstalled The Broadmore 1750 system architecture is based upon a midplane design allowing modules to be installed from the front and rear of the chassis as shown below Rear Cover Midplane Chassis Cover Network Interface M...

Page 87: ...standard installation tools as desired Remove Chassis Covers 1 Loosen captive screws securing the front and rear covers and set the covers aside 2 Connect an ESD wrist strap to the front or rear ESD connector and follow standard ESD procedures while handling unit components WARNING USE ESD PRECAUTIONS WEAR AN ESD GROUNDING STRAP WHILE HANDLING ANY MODULES OR ACCESSING THE INSIDE OF THE BROADMORE 1...

Page 88: ...ith redundant CPUs redundant OC 12c NIMs and five Unstructured DS3 SAMs providing 1 4 protection as shown in the figure below Other configurations are possible contact factory for details The Broadmore 1750 system architecture is based upon a midplane design allowing modules to be installed from the front and rear of the chassis There are 17 vertical slots as viewed from the front with the cover r...

Page 89: ...es with the standard 2 fan cooling tray For applications needing more than five Structured DS3 modules a 3 fan cooling tray is required contact factory for details Module Type Description Available Slot s CPU CPU Q Redundant CPU R NIM OC 12c STM 4c B Redundant NIM OC 12c A SAM Unstructured DS3 C F J M Unstructured E3 C F J M Protection Unstructured DS3 E3 P Structured DS3 up to 10 modules C N Prot...

Page 90: ...o hold it in place one at the top and one at the bottom These screws must not be used for seating or unseating the cards Each card also has a set of ejectors one on top and one at the bottom These ejectors are used to unseat the card from the midplane connector for card removal NOTE Modules with jumpers are normally configured before installing the modules in the chassis However modules are hot sw...

Page 91: ...on the corresponding NIM IOM see BITS Interface Connections on page 6 7 NOTE OC 12 NIMs go in slots A and B Both optical NIMs must be identical The NIM in slot B is the Working unit and the NIM in slot A is the Protection unit 2 Place the Working NIM in slot B from the front so that it slides smoothly in the top and bottom card guides and the card connector aligns with the midplane connector 3 Fir...

Page 92: ...to the midplane 4 Secure the screws on the top and bottom of the module being careful not to over tighten 5 Repeat this process to install the other SAMs as desired CPU Installation 1 Place the CPU card in slot Q from the front of the chassis so that it slides smoothly in the top and bottom card guides and the card connector aligns with the midplane connector 2 Firmly press the CPU card into the c...

Page 93: ... IOM so that it slides easily in the top and bottom card guides with the connector aligned to the midplane connector for the slot matching the corresponding SAM 2 Visually verify that the SAM IOM physically aligns with the SAM installed above 3 Firmly press the SAM IOM into the chassis until the connectors completely seat 4 Secure the retaining screws on the top and bottom of the module being care...

Page 94: ...ns 3 4 so that shorting either pair will reboot both CPUs With both jumpers removed shorting pins 1 2 will reboot the other slot CPU shorting pins 3 4 will reboot the same slot CPU For a redundant unit with two CPUs it is recommended that both jumpers be removed so that the CPUs can be rebooted individually without disrupting system operation 2 Visually verify that each CPU IOM physically aligns w...

Page 95: ... MAINTENANCE AS REQUIRED THE COVERS SHOULD BE REPLACED AS SOON AS POSSIBLE AFTER SUCH TASKS ARE COMPLETED NOTE After installation is complete ensure that blank panels cover all empty module slots to provide proper cooling when the fan is turned on This completes module installation Replace the front and rear covers unless additional installation or maintenance procedures are to be performed at thi...

Page 96: ...15 Fan Tray Installation 5 15 Replace Chassis Cover 5 16 The fan tray is normally shipped installed in the front of the chassis below the modules as shown below If it is not installed follow the procedure below to install it Rear Cover Midplane Chassis Cover Network Interface Module Input Output Module Front Fan Cover Tray Rack Mounting Brackets Not User Removable ...

Page 97: ...over aside 2 Connect an ESD wrist strap to the front or rear ESD connector and follow standard ESD procedures while handling unit components WARNING USE ESD PRECAUTIONS WEAR AN ESD GROUNDING STRAP WHILE HANDLING ANY MODULES OR ACCESSING THE INSIDE OF THE BROADMORE 1750 FAILURE TO FOLLOW ESD PROCEDURES MAY DAMAGE SENSITIVE COMPONENTS AND VOID THE WARRANTY Fan Tray Installation 1 The fan tray instal...

Page 98: ...ERS OF THE CHASSIS SHOULD ONLY BE REMOVED FOR MODULE INSTALLATION AND MAINTENANCE AS REQUIRED THE COVERS SHOULD BE REPLACED AS SOON AS POSSIBLE AFTER SUCH TASKS ARE COMPLETED This completes fan tray installation Replace the front and rear covers unless additional installation or maintenance procedures are to be performed at this time ...

Page 99: ...s 6 2 Electrical Requirements 6 3 Cabling and Compliance Requirements 6 4 Alarm Port Connections 6 5 Optical Interface Connections 6 6 BITS Interface Connections 6 7 NIM SAM IOM Connections 6 8 CPU IOM Connections 6 11 Power Supply Connections 6 12 Software 6 15 ...

Page 100: ...ONS ARE MADE TO PUBLIC COMMUNICATIONS NETWORKS WARNING THE FRONT AND REAR COVERS OF THE CHASSIS SHOULD ONLY BE REMOVED FOR MODULE INSTALLATION AND MAINTENANCE AS REQUIRED THE COVERS SHOULD BE REPLACED AS SOON AS POSSIBLE AFTER SUCH TASKS ARE COMPLETED WARNING THE BROADMORE CONTAINS CIRCUIT CARDS AND COMPONENTS THAT ARE SUBJECT TO DAMAGE BY ELECTROSTATIC DISCHARGE ESD WEAR A WRIST GROUNDING STRAP A...

Page 101: ...ls as preferred Power DC power connections are made at the rear of the Broadmore chassis The primary DC power source is 48 volts at 5 amperes and is connected to the A inputs For redundancy a second 48 VDC source may be connected to the B inputs For AC power applications the optional dual AC redundant power supply tray is usually mounted below the Broadmore and requires 110 240 VAC 50 60 Hz AC pow...

Page 102: ... passes through the bead twice see figure below left Ethernet one or two cables Attach one ferrite bead to each cable using a single wrap so that the cable passes through the bead twice Alarm cable Attach one ferrite bead to the cable using a single wrap so that the cable passes through the bead twice EMI cable The EMI cable must be attached vertically across the bottom rear opening see figure bel...

Page 103: ...m C relay contact closure signals Two wires are labeled Major in and out and two are labeled Minor in and out as shown below The alarm connector on the lower back of the chassis is shown below The connector is a compression type in which the wire is inserted in the lower opening and the compression screw above is tightened to secure the wire A small flathead screwdriver is required to secure the w...

Page 104: ... the chassis 2 Route the cable into the chassis via the small square opening on the lower right front cover of the chassis 3 Connect the cables to the labeled TX and RX connectors on the front of the NIM See example at right 4 Use the plastic cable guides and cable protector shipped with the Broadmore 1750 to secure the cable WARNING UNTERMINATED OPTICAL CONNECTIONS MAY EMIT LASER RADIATION DO NOT...

Page 105: ...sted during NIM Installation on page 5 9 1 Use cable rated for Category 3 CAT3 or better 2 Route the cable to the lower left rear of the chassis 3 Connect the cable to the RJ48C BITS connector on the rear of the chassis See example at right 4 Use the plastic cable guides and cable protector shipped with the Broadmore 1750 to secure the cable IOM NIM BITS OUT NIM IN 7 6 6 0 4 0 6 B ITSInput Jack Fr...

Page 106: ...erial interface SAMs see Cable Specifications on page E 1 1 Route the equipment cables to the chassis rear 2 Install the plastic edge protector around both rear access square openings Note the chassis internal cable tray Two bars are provided as anchor points for cable ties This will serve as cable strain relief 3 Route the cables into the chassis via the square openings on either side of the rear...

Page 107: ... Unstructured DS3 3 E3 3 IOM Connections Each Unstructured DS3 IOM provides three pairs of BNC coaxial connectors labeled 1 to 3 for RG 59 75 ohm cable 1 Connect receiver RX inputs to the IN ports 2 Connect transmitter TX outputs to the OUT ports IOM DS3 IN OUT 1 IN OUT IN OUT 7 6 6 0 4 0 9 2 3 ...

Page 108: ...S3 IOM Connections Structured DS3 IOM Connections Each Structured DS3 IOM provides one pair of BNC coaxial connectors for RG 59 75 ohm cable 1 Connect receiver RX input to the IN port 2 Connect transmitter TX output to the OUT port IOM DS3 STRUCT IN OUT 1 7 6 6 0 4 1 6 ...

Page 109: ...To use this feature connect a cable to terminals 1 2 and or 3 4 on the CPU IOM See example at right The spring terminal block accepts 26 to 18 AWG wire Serial Port Connections This is a standard DB9 RS 232 DTE serial management port that can be connected to a serial terminal or PC running a terminal emulation program Access to this port is determined by the security settings Ethernet Connections T...

Page 110: ...ts voltage from 110 220 VAC 50 60 Hz to 48 VDC Each DC cable has pigtail wires for connecting 48 VDC power to the Broadmore chassis 1 Locate the AC power cord provided with each power supply module and connect one end to the AC connector on the rear of each module 2 Ensure the power switch on the front of each module is turned OFF and that the AC power indicator LED does not light 3 Connect each A...

Page 111: ...more 1750 Release 4 6 6 13 Electrical Installation Optional AC Power Supply Connections AC Power Switches AC Power Indicator Blank Panel if only one supply AC Connector AC Connector DC Connector DC Connector ...

Page 112: ... wire A small flathead screwdriver is required to secure the wires Connecting 48 VDC Power 1 Identify the power cables and secure their power 2 Use a Volt Ohm Meter VOM to verify the voltage and polarity of the cable wires 3 Turn off power to the cables and use a VOM to verify there is no voltage present 4 Run the power cables to the connection point on the chassis rear as shown above Note there a...

Page 113: ... is installed on each CPU s disk on chip memory DSP software code also exists on each NIM and SAM and is unique for each type of module Two programs may be used to communicate with the CPU operating system These are the Communication Access Multiplexer Management Interface CAMMI and Command Line Interface CLI This manual is based upon CAMMI For information on the CLI see Command Line Interface on ...

Page 114: ...6 16 Broadmore 1750 Release 4 6 Electrical Installation Software ...

Page 115: ...nfiguration In this Chapter Overview 7 2 Power Supply Redundancy 7 24 Module Redundancy 7 25 Module Configuration 7 37 PVC Connection 7 63 SVC Connection 7 65 VP Reservation 7 67 System Configuration 7 70 Help 7 73 ...

Page 116: ...onfiguration 7 23 CAUTION FOR SECURE OPERATION A SUPERUSER CRYPTO OFFICER SHOULD PERFORM THE INITIAL CONFIGURATION AND CREATE USER ACCOUNTS AS DESCRIBED IN CHAPTERS 10 AND 11 The Broadmore 1750 must be correctly configured using CAMMI before ATM network communications can be established This section provides background information equipment requirements and other prerequisites for accomplishing th...

Page 117: ...le configuration data as of the time the SAVE CONFIGURATION command was issued Data is stored in a subdirectory with user supplied user name Power up 1 Power up the chassis The Broadmore 1750 is designed for continuous service There is no on off power switch since the system is designed to remain on at all times Simply apply power 2 Observe the LED indicators to ensure that the system is operating...

Page 118: ...minal emulation Remote execution can be accomplished via a Telnet client application configured as a VT100 terminal An SNMP connection can be established via Ethernet to the CPU IOM via CIP RFC 1577 or via LANE NOTE In a Broadmore system with redundant CPUs the primary IP address is used to log into the online CPU and the secondary IP address is used to log into the standby CPU CAMMI is used throu...

Page 119: ...d press Enter to display the first submenu Highlight Configure on the drop down menu and press Enter to display the second drop down menu Highlight System Services on this menu and again press Enter to display the third drop down menu This type of sequence will be annotated as follows throughout this manual This example sequence displays the screen on the next page Each item in the final window is...

Page 120: ...Specific steps will be clear and easy to follow leading to more efficient system operation Key Map The following key map correlation is provided to assist in navigating through the various menus This may be required since some terminal emulation packages do not recognize the full keyboard character set Up Down Page Up Page Down Home End Insert Delete Help cli only ...

Page 121: ...minal interface baud rate The default is 9600 baud and the system reverts to this at every reboot The command to change the rate is setbaud rate where a valid rate is 300 600 1200 2400 4800 9600 19200 38400 57600 or 115200 NOTE The baud rate default is 9600 The terminal will return to 9600 baud on each system boot or reboot Operation above 19200 is not recommended Upon successful entry you are ask...

Page 122: ...name are available These two names are independent as chosen by the operator The long name appears at the top of CAMMI screens to provide on screen identification The short name appears as a shell prompt The default long name is a null field and the default short name is Broadmore From CAMMI follow the sequence below to enter names Select System Management Select Configuration Select System Servic...

Page 123: ... until the system is rebooted Use the reset toggle switch on the front of the CPU to reboot the system Follow the pull down menu selections to enter the Broadmore 1750 s IP address This address is then used for Telnet access to the CAMMI program NOTE In a Broadmore system with redundant CPUs the primary IP address is used to log into the online CPU and the secondary IP address is used to log into ...

Page 124: ...eway are assigned by your facility s network administrator Reboot the Broadmore 1750 to have this IP address take effect The entire Broadmore 1750 will reboot with the new IP address Log into the system with a valid user ID and password ID SYSADMIN password INITIAL 1 Enter the IP subnet and gateway addresses obtained from the network administrator These settings take effect when the Broadmore 1750...

Page 125: ...will be displayed as all zeroes For dual CPU systems define the ATM address to keep the same address during a CPU switchover Otherwise an address change will cause service disruption ATM Address List optional The following steps are optional for SVC services and are not used for PVCs The ATM address list provides a convenient way to store frequently called SVC addresses instead of having to enter ...

Page 126: ...dd a New user to the ATM list Select System Management Select Configuration Select System Services Select ATM Address List Select one of the following Edit edit the description and or ATM address Copy to put a copy of the ATM address into the list Delete New enter the description and or ATM address With each selection confirm your changes and press Esc to exit ...

Page 127: ...at one time An initial throttle value of 80 and interval of 30 seconds are recommended These values can then be adjusted to meet local requirements Retry Cause Codes Applicable to SVCs only each item in this list can be set to yes or no based upon local requirements These codes are set as factory defaults to the most common values Changing them will overwrite the defaults Only the yes values are r...

Page 128: ...s The server maintains a Logical IP Subnetwork LIS which cross references logical IP addresses to ATM addresses When the control station sends IP traffic e g control signals via the subnetwork IP address to a Broadmore 1750 the server uses LIS data to tell the sender an equivalent ATM address to use in place of the IP address The IP datagrams are then sent over the ATM network to the desired Broad...

Page 129: ...o gateway is defined Do this for each applicable Broadmore 1750 without an Ethernet connection Item Description ATM IP Address Enter the IP address within the subnet Set to all zeros to disable CIP ATM Subnet Mask The mask is the same for all Broadmore 1750s on the network Server Address The address of the server containing the LIS This may be a workstation on the ATM network or ATM switch Set to ...

Page 130: ...This will give you the prompt Broadmore Enter route a to display the current routing table 3 Add a routing entry in the format route add xxx xxx xxx xxx yyy yyy yyy yyy where xxx xxx xxx xxx is the destination IP address control station yyy yyy yyy yyy is the ATM subnet IP address of the Broadmore 1750 on the Ethernet segment serving as the control station 4 Enter savert to save this entry The new...

Page 131: ...ports LANE version 1 and 2 acting as LAN Emulation Client LEC Follow the sequence below to display the LANE configuration screen shown Six fields appear for data entry Explanations are provided for each in the table below Select System Management Select Configure Select System Services Select LANE Configure ...

Page 132: ... is entered below this LECS value may be left blank If the LECS is needed and no address is entered here then the well known ATM Address as defined by ATM Forum s LANE standard will be used by default The well known default address is 4700 7900 0000 0000 0000 0000 0000 A03E 0000 0100 LES ATM Address This field is optional The ATM Address of the LAN Emulation Server is entered here If data is enter...

Page 133: ... If there are active SVCs the UNI Version will not appear in the menu until you release all the SVCs This is done to prevent interrupting service on those circuits The UNI Version selection screen appears as shown below with the current selection highlighted CAUTION UNI VERSION SHOULD BE OFF WHENEVER THE NIMS ARE NOT CONNECTED TO AN ATM SWITCH INTERFACE CONFIGURED FOR UNI SUPPORT Select System Man...

Page 134: ...VC numbering Table 7 1 Settings for Max VP VC and Valid Values for VP VC Numbering VC numbering must start at 32 if the VP number is 0 For the ATM DS3 CBI and HSSI CBI modules the VP number must be 0 1 is invalid Max VP VC Setting Maximum Number of VPs Allowed Valid Values for VP Numbering Maximum Number of VCs Allowed Valid Values for VC Numbering 2 65536 1 0 or 1 65 535 1 65535 4 32768 4 0 3 32 ...

Page 135: ...iguration General Properties To set Max VP VC follow the sequence below and make the appropriate choice from the screen shown Select System Management Select Configuration Select System Services Select General Properties Select Max VP VC ...

Page 136: ...NOTE The Bandwidth meter uses the clock rate of the HSSI NIM as the bus rate If the HSSI NIM is set for received timing the bandwidth meter will not be using the correct bus rate because the clock is supplied by the HSSI at the other end Be sure to check how the HSSI s clock is set before using the Bandwidth meter Select System Management Select Configuration Select System Services Select General ...

Page 137: ...test functions Super_User Can perform all operator and maintenance technician functions plus add delete modify user access A Super_User can add delete or change user access privileges user ID password and level of access from the Administration main menu drop down Each user can change his her personal password from the Administration main menu drop down item Change Password below Follow the on scr...

Page 138: ...edundancy Carrier Access offers an optional dual AC power supply with 110 VAC and provides two sources of 48 VDC to the Broadmore 1750 This is power supply contains two independent modules each sufficient to operate the Broadmore 1750 These modules are hot swappable and they may be connected to different sources for an additional degree of redundancy There is no impact to the Broadmore 1750 as lon...

Page 139: ...ompleted Non reverting After redundancy switching the protection NIM will remain the system primary NIM after repairs are completed In this case the repaired NIM becomes the protection NIM This only applies to manual switching 1 1 Protection The signal is continuously bridged to the working and protection equipment so payloads are transmitted identically over both paths The receiving equipment cho...

Page 140: ...y some of the features described below may not apply to the NIMs you are configuring Configure redundancy following steps on the next page 1 Review the hardware configuration The Broadmore 1750 must have two NIMs installed to support redundancy the master NIM in slot B and the APS NIM in slot A If installing 1 1 protection reverting or non reverting contact the ATM switch vendor to ensure that 1 1...

Page 141: ...n the bottom of the screen and toggle through available choices for each item 4 Follow the sequence above to display the SONET screen below and make choices to meet your specific configuration Use the space bar to toggle between reverting and non reverting The third choice Single NIM is used when only one NIM is installed Select Maintenance Diagnostics Select Redundancy Select APS Install ...

Page 142: ...ority list between Force B and Switch to A In other words a command Force B will switch the Broadmore to NIM B regardless of signal degradation while a command Switch to B will be ignored in the same circumstance if there is a current SD request A Command Request can be received from any user interface 6 Set the Parameters for Bit Error Rate BER Thresholds in the right part of the display Enter a ...

Page 143: ...er interface is used since input output will continue to be provided via the cables attached to the slot of the failed SAM The Unstructured DS3 in slot P is called the protection SAM or P SAM The working SAMs called W SAMs are installed in slot C slot F slot J and slot M Follow the sequence below to enable and configure SAM redundancy Select Maintenance Diags Select Redundancy Select SAM Select AP...

Page 144: ...rom a higher priority W SAM is honored and the protection for the first protected W SAM is lost P SAM is invoked for removal of a W SAM or by user command Redundancy is not reverting After correction of a W SAM problem switch back manually Wait at least 15 seconds between removal and insertion of SAMs to ensure system stabilization CAUTION FAILURE TO WAIT 15 SECONDS BETWEEN EVENTS MAY LEAD TO A CO...

Page 145: ...st and manually set each W SAM to Online NOTE Protection switching is non revertive After correcting the fault problem the Offline W SAM must be manaully set back to Online if it is to be protected Select Maintenance Diags Select Redundancy Select SAM Select Request Change Online ...

Page 146: ...se 4 6 Configuration SAM Redundancy 3 After setting a W SAM to Online you can test the protection feature by performing a Manual Switch to divert traffic through the P SAM and a Manual Revert to return traffic back to the W SAM ...

Page 147: ...PU to take control if the online CPU experiences a failure Data files on the two CPUs are synchronized automatically when the standby CPU is powered up This synchronization process occurs automatically when the standby CPU is powered up Once both CPUs are functioning one online and the other in standby any subsequent changes to the system are mirrored recorded in the online CPU and sent to the sta...

Page 148: ...r case slot letter IP Addresses A Broadmore 1750 chassis may have one or two IP addresses see Ethernet IP Configuration on page 7 9 The online CPU will have the primary address as configured in the Config IP menu The standby CPU will have the secondary address as configured in the Config IP menu If a CPU switchover occurs the newly online CPU will change its IP address to the primary IP The Broadm...

Page 149: ...ta sync occurs automatically and should not require user intervention see CPU Sync on page 8 17 If there is a CPU sync problem follow the steps below to synchronize data and operating software SW between the two CPUs This should only be done when there is file manipulation unknown to the system such as FTP of new files to the online CPU Three options are available for synchronizing CPU Sync CPU Da...

Page 150: ...the standby CPU can be rebooted by performing the following steps This command may be used during maintenance procedures Install Single or Dual CPU This configuration item only activates detection of the SNMP trap Standby CPU missing If only one CPU is present select Single CPU If two CPUs are installed select Dual CPU Select Maintenance Diags Select Redundancy Select CPU Select Release CPU Contro...

Page 151: ... Configuration Module Configuration Module Configuration How to Configure Specific Modules 7 38 OC 12c STM 4c 7 39 OC 12c STM 4c BITS Timing Redundancy 7 40 Unstructured DS3 SAM 7 43 Structured DS3 SAM 7 50 Unstructured E3 3 SAM 7 57 ...

Page 152: ...e as delineated below For each module start the procedure by following the pull down sequence shown The slot selection screen as shown below also displays the current alarm condition of the module in each slot NOTE The list above displays only a portion of the available Retry Cause Codes Scroll down to view additional codes Select System Management Select Configure Select Slot Select the slot with...

Page 153: ...ing is a hardware function see NIM Installation Chapter 3 BITS is tied to the local in house timing source Local is on board Stratum 3 timing source SONET Tx Enable Disable If SONET Tx is enabled framing is enabled if SONET Tx is disabled framing is removed i e SONET Tx is all zeroes Loopback Mode Normal Terminal Local Remote Normal is no loopback Terminal is a loopback from the ATM interface to t...

Page 154: ... will switch to the other BITS input if a signal is detected on that input If a signal is not detected on the opposite BITS the source clock will be derived from an alternate source propagated from the NIM to the cell bus The source of the cell bus clock depends on the setting of the OC 12c STM 4c transmit timing option Two options are available Local BITS and Received The Local BITS option derive...

Page 155: ... for both OC12s Follow the sequence below to enable an alarm for loss of BITS clock Do this for both OC 12c STM 4cs Select System Management Select Configure Select Slot with DS3 Select Port of interest Choose the BITS option to allow the DS3 port to derive clock from either BITS or the cell bus Select Operational Configuration Select Clock Mode Select System Management Select Configuration Select...

Page 156: ...S3 SAM to BITS clock mode The equipment connected to the Broadmore 1750 OC 12c STM 4c interface is configured to BITS and provides a BITS reference clock embedded in the SONET serial stream 4 The Broadmore 1750 OC 12c STM 4c Transmit timing option is set to recovered In effect the Broadmore 1750 OC 12c STM 4c is loop timed off of the associated SONET device Configuring the equipment in this manner...

Page 157: ...tion parameters Operational Diagnostics and Alarm configuration are the three menu options Descriptions of the configurable items are found in the following tables Highlight each item and use the space bar to toggle available options for each Save the configuration after making changes The following tables show the options available for each item separated by operational configuration diagnostics ...

Page 158: ...put service clock If more than one ATM clock synchronization is present in the network an alternate timing recovery method must be selected For this method to work the ATM network must be synchronized to a single network wide clock source User equipment should be configured to internal clock Adaptive Timing This technique maintains a pre defined fill level in the Circuit Emulation Re assembly buff...

Page 159: ...vate deactivate commands Network FEAC Loopback Activate Deactivate Activate sends a FEAC command to the far end network equipment to go into network loopback Deactivate sends a FEAC command to go out of network loopback Only active when port is configured for C bit parity The receive code generated is DS3 Out of Frame 0000000 Service FEAC Loopback Activate Deactivate Activate sends a FEAC command ...

Page 160: ...ack DS3 on the port Remote sets a network side loopback ATM on the port See diagram Loopback Options on page 5 20 Network Alarms Options Service Alarms Cell Starvation Ignore Major Minor LOS LOF Ignore Major Minor LOF AIS Ignore Major Minor AIS Idle Ignore Major Minor Idle RAI Ignore Major Minor RAI FEAC Ignore Major Minor FEAC Sequence Errors Ignore Major Minor Line Code Violation Excessive SNP E...

Page 161: ...ng of a repeated 1010 data pattern Idle An idle alarm means that an idle signal validly framed DS3 signal with a repeated 1100 signal is being detected on the network side RAI The Remote Alarm Indicator also known as a Yellow Alarm is transmitted by setting the X bits to zero This particular alarm indicates that a Yellow alarm has been sent across the ATM network and is being received by this DS3 ...

Page 162: ... Excessive FEBE Far End Block Error alarm is triggered when the DS3 port receives FEBEs at a rate of 1 x 10 4 Service Alarm Definition LOS Loss Of Signal indicates that there is no signal being input to the DS3 from the service side LOF Loss of Framing indicates that the framing alignment of the signal coming into the Broadmore 1700 from the ATM side has been lost AIS This alarm indicates that the...

Page 163: ...ort receives F bit errors at a rate of 1 x 10 4 Excessive Parity Errors The Excessive Parity Errors alarm will be triggered when the DS3 port receives parity errors at a rate of 1 x 10 4 Excessive C bit Errors The Excessive C bit Errors alarm will be triggered when the DS3 port receives C bit errors at a rate of 1 x 10 4 Excessive FEBE Errors The Excessive FEBE Far End Block Error alarm is trigger...

Page 164: ...escriptions of the configurable items are found in the following tables Highlight each item and use the space bar to toggle available options for each and then save the configuration after making changes Use the following steps for configuring the SDS3 Select System Management Select Configure Select Slot Select Structured DS3 SAM Select one of the following Diagnostics Use the space bar to toggle...

Page 165: ...e source clock User equipment should be configured to recover timing from the Broadmore 1750 CE service interface BITS Clock Building Integrated Timing Supply distributes standard timing to equipment within the central office The Broadmore 1750 accepts BITS via either NIM IOM The fallback for the primary BITS clock is the other BITS clock The fallback for no BITS is the internal clock of the NIM S...

Page 166: ...k must be synchronized to a single source clock User equipment should be configured to recover timing from the Broadmore 1750 CE service interface BITS Clock Building Integrated Timing Supply distributes standard timing to equipment within the central office The Broadmore 1750 accepts BITS via either NIM IOM The fallback for the primary BITS clock is the other BITS clock The fallback for no BITS i...

Page 167: ...far end service equipment to go into service loopback Deactivate sends a FEAC command to go out of service loopback Only active when port is configured for C bit parity Service AIS Activate Deactivate Sends Alarm Indication Signal to the connected local service equipment when activated Service Alarms Options LOS Ignore Major Minor LOF Ignore Major Minor AIS Ignore Major Minor Idle Ignore Major Min...

Page 168: ...quipment AIS is a validly framed DS3 signal consisting of a repeated 1010 data pattern Idle An idle alarm means that an idle signal validly framed DS3 signal with a repeated 1100 signal is being detected on the service side RAI The Remote Alarm Indicator yellow alarm is transmitted by setting the X bits to zero In this instance the service side equipment is transmitting the RAI to the DS3 port FEA...

Page 169: ...red when the DS3 port receives C bit errors at a rate of 1 x 10 4 Excessive FEBE Errors The Excessive FEBE Far End Block Error alarm is triggered when the DS3 port receives FEBEs at a rate of 1 x 10 4 Item Options Description Timing Recovery Service Clocking Mode SRTS Timing Synchronous Network Synchronous Loop Each option specifies a method of clock recovery that will be used for all recovery cir...

Page 170: ...tructured allocates all 24 DS0s to the DS1 using the entire DS1 bandwidth regardless of data content Frame Type Unframed Extended Superframe Superframe No framing occurs Superframe groups 12 DS1 frames together Extended Superframe groups 24 DS1 frames together The equipment attached must be set to the same frame type as chosen here BERT Off 21e 11 PRBS 21e 15 PRBS 21e 20 PRBS 21e 23 PRBS BERT test...

Page 171: ...nfiguration parameters Operational Diagnostics and Alarm configuration are the three menu options Descriptions of the configurable items are found in the following tables Highlight each item and use the space bar to toggle available options for each Save the configuration after making changes The next three pages show the options available for each item separated by operational configuration diagn...

Page 172: ...synchronization is present in the network an alternate timing recovery method must be selected For this method to work the ATM network must be synchronized to a single network wide clock source User equipment should be configured to internal clock Adaptive Timing maintains a pre defined fill level in the Circuit Emulation Re assembly buffer to control the timing output to user equipment This metho...

Page 173: ... even if one is present Item Options Comment Network BERT Test Activate Deactivate BERT test can only be performed when the port is configured for C bit parity framing Causes the port to generate a 2e 23 pseudo random test pattern to the ATM network Service BERT Test Activate Deactivate Same as network BERT test except it goes to the service equipment These tests can be monitored from CAMMI follow...

Page 174: ...inor RDI Sequence Errors Ignore Major Minor Line Code Violation Excessive SNP Errors Ignore Major Minor Excessive F bit Errors Excessive F bit Errors Ignore Major Minor Excessive Parity Errors Excessive Parity Errors Ignore Major Minor Excessive FEBE Errors Excessive FEBE Errors Ignore Major Minor Select System Management Select Configure Select Slot with DS3 Select Port of interest Adjust setting...

Page 175: ...setting the X bits to zero This particular alarm indicates that a Yellow alarm has been sent across the ATM network and is being received by this E3 port In the E3 port configuration screen you can select the Network and Service side RAI as Auto 1 or 0 Selecting 0 will cause the network RAI alarm to be activated if the user has not selected to Ignore it FEAC Far End Alarm and Control Channel Seque...

Page 176: ...e RAI The Remote Alarm Indicator also known as a Yellow Alarm is transmitted by setting the X bits to zero In this instance the service side equipment is transmitting the RAI to the E3 port FEAC Far End Alarm and Control Channel Line Code Violation This alarm indicates that a long string of zeros is being received by the E3 port from any attached equipment Excessive F bit Errors The Excessive F bi...

Page 177: ...figuration PVC Connection PVC Connection Follow the selection process shown below to add a new PVC The Establish a PVC Call screen appears for data entry Select System Management Select Configure Select Configure PVC Select Insert shift ...

Page 178: ...t 2 Local Slot The Local Slot is the chassis slot Local Port Number Port number depends on the configuration Local Channel Map Channel map depends on the configuration Channel map only applies to the Structured DS3 SAMs There is no channel mapping for the Unstructured DS3 or Unstructured E3 and this value will be displayed as N A VP VC Transmit Receive The maximum settings for VP VC are allocated ...

Page 179: ...onnection Follow the selection process shown below to add a new SVC The Establish a Call screen appears for data entry as shown below From here use the Insert or shift key to access the input screen below Select System Management Select Configure Select Configure SVC ...

Page 180: ...ceive The maximum settings for VP VC are allocated using the Max VP VC feature in System Services see Max VP VC on page 7 20 Table 7 1 on page 7 20 shows the valid VP VC values Destination ATM Address Enter the Destination ATM address To view the ATM Address List enter Remote Slot The Remote Slot is the chassis slot of the remote unit Remote Port Number or Tributary The Remote Port Number or Tribu...

Page 181: ...hassis must be upgraded to the levels released with 4 6 or higher Firmware and instructions are provided on the upgrade CD VP Reservation allows you to reserve a block of up to 65 535 virtual channels VCs within a virtual path VP With this feature you can set a VC range on a particular VP without having to set up all of the VC connections individually You can define up to 40 VPs for reservation Th...

Page 182: ...VP Reservation The VP Reservation Table Editor is shown below Press the Enter key to edit or clear an existing connection or create a new connection then follow the on screen instructions VP Reservation settings are described on the following page ...

Page 183: ...ax VP VC on page 7 20 for valid values If the Max VP VC value is set to 2 65536 the VP number must be set to 0 a value of 1 is invalid NOTE A maximum of 40 VPs can be defined for reservation VC Start The default range is 32 to the value set for maximum VCs see Max VP VC on page 7 20 for valid values VC numbers can start at 1 if the VP is not set to 0 VC End The default range is 32 to the value set...

Page 184: ...ically load with the application of power to the Broadmore 1750 after a power interruption Select Save Configuration to save the current configuration and choose an appropriate file name when asked This should be done after each significant configuration change so that the configuration can be quickly re established at a later time Save Configuration Follow the selection sequence below to save the...

Page 185: ... be UP to restore a configuration file containing one or more SVC Follow the sequence below to check UNI status If necessary configure UNI before restoring the configuration Delete Configuration Follow the selection sequence below to delete the current configuration Answer Yes to the confirmation notice Use caution as this configuration cannot be restored once it has been deleted Select System Man...

Page 186: ...rd Defaults to restore the default configuration for the specific card This selection causes the following actions Deletes all existing connections Reads the configuration file and restores the card port settings Reads the configuration file again and sets up any SVC PVCs Select System Management Select Configuration Files Select Save Config For PowerUp Select System Management Select Configuratio...

Page 187: ...ain menu item has two pull down items About and About Security Choose About to obtain the hardware and software version data This information is important when contacting customer service Choose About Security to display the security mode and software version numbers ...

Page 188: ...7 74 Broadmore 1750 Release 4 6 Configuration Help ...

Page 189: ...CHAPTER 8 Maintenance and Troubleshooting In this Chapter Statistics 8 2 Troubleshooting 8 15 Repair Replacement 8 30 General Maintenance 8 39 Summary of Front Panel LEDs 8 44 ...

Page 190: ...stics 8 14 Statistics are available to monitor the Broadmore 1750 operation at the chassis individual module or connection level Thus the statistics provide a good initial indication of performance and a means to isolate any problems that may arise Chassis Statistics Statistics are monitored by following the sequence shown below to view the chassis statistics shown Select System Management Select ...

Page 191: ...cs OC 12c STM 4c NIM Statistics Slot statistics provide specific module level information Follow the sequence below to select an OC 12c STM 4c and view the statistics shown on the next page Select System Management Select Monitor Activity Select Slot statistics Select OC 12 NIM slot A shown ...

Page 192: ...tion for each slot of any major or minor alarm From Monitor Activity select the slot for more detailed alarm information From Configuration select the slot for more detailed alarm configuration information Slot Statistics for NIM SAM Cards Unstructured DS3 and Unstructured E3 SAM Statistics 8 5 Unstructured E3 SAM Statistics 8 8 Structured DS3 SAM Statistics 8 9 Statistics are maintained for each ...

Page 193: ...ctured DS3 Statistics For Unstructured DS3 SAMs the most recent 24 hours of statistical data is maintained in a separate file This data is presented in 15 minute increments by port in spreadsheet format Use the following steps to view the Unstructured DS3 SAM statistics Statistics for the Unstructured DS3 SAM are shown below Select System Management Select Monitor Activity Select Slot Statistics S...

Page 194: ...8 6 Broadmore 1750 Release 4 6 Maintenance and Troubleshooting Slot Statistics for NIM SAM Cards The alarm display below has two columns to differentiate network and service errors ...

Page 195: ...ay is divided into two columns service and network for clarity Definitions are provided below for reference Term Definition AS Available Seconds CCV C bit Coding Violation CES C bit Errored Seconds CSES C bit Severely Errored Seconds LCV Line Coding Violation LES Line Errored Seconds PCV P bit Coding Violation PES P bit Errored Seconds PSES P bit Severely Errored Seconds SEFS Severely Errored Fram...

Page 196: ...s maintained in a separate file This data is presented in 15 minute increments by port in spreadsheet format Use the following steps to view the Unstructured E3 SAM statistics Statistics for the Unstructured E3 SAM are shown below Select System Management Select Monitor Activity Select Slot Statistics Select E3 SAM Select Port Select one of the following statistics to view Port Counters Port Alarm...

Page 197: ...nters alarms and a summary are shown in separate windows following the sequence below For Structured DS3 SAMs the most recent 24 hours of statistical data is maintained in a separate file This data is presented in 15 minute increments by port in spreadsheet format Use the following steps to view the Structured DS3 SAM statistics Statistics for the Structured DS3 SAM statistics are shown below ...

Page 198: ...atistics for NIM SAM Cards Select System Management Select Monitor Activity Select Slot Statistics Select Structured DS3 SAM Select one of the following statistics to view Port Counters Port Alarms Tributary Alarms Select VP VC for Statistics Collection Connection Counters ...

Page 199: ...Broadmore 1750 Release 4 6 8 11 Maintenance and Troubleshooting Slot Statistics for NIM SAM Cards ...

Page 200: ...8 12 Broadmore 1750 Release 4 6 Maintenance and Troubleshooting Slot Statistics for NIM SAM Cards ...

Page 201: ...slot C port 2 and F1 represents slot F port 1 Statistics are maintained according to the following A file is created when a PVC or SVC is activated on a port Statistics for a port are not recorded after the associated PVC is released Statistics are PVC and SVC dependent When a PVC or SVC is established on a port previously in use the old statistics are moved to a discard directory and new statisti...

Page 202: ...4 6 Maintenance and Troubleshooting PLOA AAL5 Statistics PLOA AAL5 Statistics Follow the sequence below to select and view the PLOA AAL5 statistics shown Select System Management Select Monitor Activity Select PLOA AAL5 Statistics ...

Page 203: ...rocess provides a valuable aid for further analysis NOTE The steps below should be completed by a qualified technician These steps assume that the technician will follow basic circuit troubleshooting logic or contact Customer Service when in doubt Keep written records for each action taken to aid in re creation if necessary LED Alerts Front panel LED displays provide alerts by module as summarized...

Page 204: ...er is based upon the assumption that there are no system or setup software errors Therefore it is important to clear all such errors before proceeding Redundancy The Broadmore 1750 configuration has redundancy that serves to minimize system downtime Troubleshooting alerts for redundant components are clearly indicated on the LEDs as explained below Power supply a problem to either module is indica...

Page 205: ... every few seconds The messages usually do not indicate any problem but can be useful if troubleshooting is required When a CPU sync is in progress the screen will list the number of files remaining and the current file name being synchronized The files listed on the left side are those that would inhibit a controlled switchover NOTE See also Synchronizing CPU on page 7 35 Select System Management...

Page 206: ...d look at the individual ports Evaluate any information to further isolate the problem 4 Check wiring to ensure connected equipment cables are properly installed and secured Do not assume the problem is internal to the Broadmore 1750 5 Check module s Configuration from the System Management pull down menu Choose the slot of interest and verify that the configuration is correct for each port 6 Use ...

Page 207: ...hen be extended through the entire circuit until problems are isolated and corrected The NIM has four loopback options 1 Normal no loopback 2 Local The user equipment data is looped back after processing by the SONET circuitry on the NIM 3 Remote The ATM network data is looped back before passing through the NIM 4 Terminal The user equipment data is looped back after passing through the NIM framer...

Page 208: ...65 User Equipment Normal No Loopback NIM Remote Local and Terminal Loopbacks SAM Remote and Local Loopbacks ATM Network NIM SAM CAM 7665 User Equipment ATM Network NIM SAM CAM 7665 User Equipment Tx Tx Tx Rx Rx Rx Broadmore Broadmore Broadmore Normal No Loopbacks NIM Remote Local and Terminal Loopbacks SAM Local and Remote Loopbacks ...

Page 209: ...eeding 3 The Broadmore 1750 will automatically load the configuration that was saved for power up PVC and originated SVC connections will be re established to the ATM backbone Far end originated SVCs must be re established from the far end Alternate previous system configurations may be loaded if they were saved This is accomplished following the sequence below 4 Monitor activity for individual sl...

Page 210: ...ill focus response efforts The following flowchart approach to troubleshooting is based upon the initial alarm indication The alarm response is a three step process 1 Troubleshoot to isolate the cause 2 Complete corrective action to eliminate the alarm condition 3 Return system to full operation and document the events Alarms are designed as real time alerts Thus elimination of the alarm condition...

Page 211: ...ertemp Alarm APM Alarm NIM Alarm SAM Alarm Return to Normal Operation No No No No Major Alarm Minor Alarm Major Alarm Minor Alarm Inspect replace repair Fan Tray Assembly Yes Yes No Yes No No Yes Yes Major Alarm Yes Minor Alarm Yes Loss of Power Indication Yes No Check Cables Power Source Fuses Repair 1 2 Yes 3 No Yes 4 No 5 6 Yes No ...

Page 212: ... Return to 1 1B Use loopbacks to verify alarm condition Check following most likely causes correct as necessary equipment cable connectors NIM configuration reseat NIM module replace NIM module Alarm Clears Yes No 1A 1B Reset CPU from front panel switch Alarm Clears Check following most likely causes correct as necessary cable connector to CPU CPU I O reseat CPU CPU I O modules replace CPU Yes No ...

Page 213: ... No Yes 2A Return to 2 2B Use loopbacks to isolate problem Check following most likely causes correct as necessary equipment cable connectors connected equipment operating normal reseat NIM and NIM I O coordinate with distant end for AIS or loss of active service access channel as problem may be external Alarm Clears Yes No 2A Yes Use loopbacks to isolate circuit Check equipment cables Check confi...

Page 214: ...e alarm condition Check following most likely causes correct as necessary equipment cable connectors NIM configuration reseat NIM module replace NIM module Alarm Clears Yes No Alarm Clears 3A Yes Contact distant end have them start troubleshooting Alarm Clears No Yes 3B Review Alarm Summary and System log call Customer Service with pertinent information LOS check Fiber LOF LOP LOCD check Sync No ...

Page 215: ...g most likely causes correct as necessary equipment cable connectors NIM configuration reseat NIM module replace NIM module Alarm Clears Yes No Alarm Clears 4A Yes Contact distant end have them start troubleshooting Alarm Clears No Yes 4B Review Alarm Summary and System log call Customer Service with pertinent information RDI check alarms at far end and transmitter AIS disable unused service chann...

Page 216: ...ion Alarm Internal Contact Distant end have them commence troubleshooting Alarm Clears 5A Review Alarm Summary and System Log call Customer Service with pertinent information 5B Return to 5 Ckeck most likely causes as necessary SAM configuration Reseat module cable connections replace SAM Alarm Clears Reset Connected Equipment Alarm Clears No No No No Yes Yes Yes Yes 5 B ...

Page 217: ...ternal Contact distant end have them commence troubleshooting Alarm Clears 6 A Review Alarm Summary and System Log call Customer Service with pertinent information 6 B Return to 6 Check most likely causes as necessary Port configuration reseat module cable connections replace SAM Alarm clears Define actions to correct most probable causes Alarm clears No Yes No Yes Yes No Yes No 6 B ...

Page 218: ...roubleshooting and the replacement of a module or card WARNING USE ESD PRECAUTIONS WEAR AN ESD GROUNDING STRAP WHILE HANDLING ANY CARDS OR ACCESSING THE INSIDE OF THE BROADMORE 1750 FAILURE TO FOLLOW ESD PROCEDURES MAY DAMAGE SENSITIVE COMPONENTS AND VOID THE WARRANTY CAUTION MODULE REMOVAL AND INSERTION ON A POWERED UP SYSTEM WAIT AT LEAST 15 SECONDS AFTER ANY MODULE REMOVAL OR INSERTION TO ALLOW...

Page 219: ...ble 2 Identify the problem module by front panel indicator that will not be illuminated and a software alarm will be received at the control station Additionally the integrated fan alarm module front panel will give a no power indication from green to off for the defective module 3 Turn the power switch off for the defective power module Loosen the front panel screws and remove the defective modul...

Page 220: ...s is done by simultaneously pushing up on the top ejector and down on the bottom ejector 5 Remove the defective NIM by pulling it straight out the front 6 Insert the replacement NIM ensuring correct alignment with the card guides and midplane connector 7 Firmly press the new NIM into place so that it is fully seated with the midplane connector Tighten both retaining screws finger tight only and in...

Page 221: ...r modules 3 Loosen retaining screws at the top and bottom of the SAM to be replaced 4 Use the installed ejectors to unseat the SAM from the midplane This is done by simultaneously pushing out on the ejectors 5 Remove the defective SAM by pulling it straight out the chassis front 6 Insert the replacement SAM ensuring correct alignment with the card guides and midplane connector 7 Firmly press the n...

Page 222: ...n the IOM to be replaced 4 Loosen retaining screws at the top and bottom of the IOM to be replaced 5 Use the installed ejectors to unseat the IOM from the midplane This is done by simultaneously pushing out on the ejectors 6 Remove the defective IOM by pulling it straight out the chassis 7 Insert the replacement IOM ensuring correct alignment with the card guides and midplane connector 8 Firmly pr...

Page 223: ...ce is interrupted Follow the steps below to replace a CPU Card 1 Ensure that you have a replacement module 2 Remove the chassis front cover 3 Loosen retaining screws at the top and bottom of the CPU card to be replaced The Broadmore 1750 retains power the CPU card may be removed replaced without service disruption to other modules 4 Use the installed ejectors to unseat the CPU card from the midpla...

Page 224: ...jectors to unseat the module and pull it straight out to remove 4 Insert the replacement CPU IOM ensuring alignment with the guides and midplane connector Tighten both retaining screws finger tight only 5 Return the defective CPU IOM for repair Contact Customer Service for an RMA number and detailed procedures Fan Replacement There are no field repairable items on the fan tray assembly The air fil...

Page 225: ...Insert the replacement fuse s in reverse to the one s removed 4 Obtain replacement spare fuse s locally Use only 7 5 Amp Bussman part GMT7 5 or equivalent CAUTION FUSES ARE ONE TIME USAGE ITEMS IF THE FUSE BLOWS A SECOND TIME CIRCUIT DAMAGE MAY BE MORE EXTENSIVE AND IT MAY BE NECESSARY TO DISCONNECT POWER TO THE ENTIRE BROADMORE 1750 CHASSIS AND REPLACE THE INTEGRATED FAN ALARM MODULE ALL CIRCUITS...

Page 226: ...acement integrated fan alarm module ensuring correct alignment with the card guides and midplane connector 7 Firmly press the new integrated fan alarm module into place so that it is fully seated with the midplane connector Tighten the retaining screw finger tight only 8 Replace the chassis front cover 9 Return the defective integrated fan alarm module for repair Contact Customer Service for an RM...

Page 227: ...r this routine maintenance Fan Filter Cleaning and Replacement 1 Loosen screws and remove the chassis front cover 2 Loosen screws and remove the fan tray by pulling on the Center handle 3 Remove the fan filters from the bottom of the tray Each filter snaps out of place 4 The filters are re usable Wash them in a mild soapy solution clean thoroughly and dry completely Additional filters may be obtai...

Page 228: ...ined below View System Log provides a historical record of events such as configuration establishing a PVC or other action that affects service Messages are filtered by privilege level All messages are displayed at the Supervisor level many of which can only be interpreted by Carrier Access engineers Environmental Indicators will display the current status of power fan and BITS clocks This display...

Page 229: ...stics Bandwidth Utilization displays the amount of bandwidth being used the remaining bandwidth available and the percentage used This can be recalculated by pressing R when the screen displays Reset to Defaults allows you to reset the Broadmore 1750 to the factory defaults settings ...

Page 230: ...ss engineers Card Specific Functions leads to individual card diagnostics where you Peek and Poke various information fields System Test runs a preconfigured test and displays statistical results The Asserts option will activate additional software traps to provide more detailed information Check Free CPU Memory will display the free memory available as shown below This is valuable information for...

Page 231: ...place prior to the reboot This option is necessary when downloading new software revisions or changing your system s IP address The changes you make to system settings will not take effect until you reboot Save Connection Table will preserve the current connection data in a text file format so that it can be viewed using any standard text editor ...

Page 232: ...8 volts power is present Not Lit No power present Power Fail A B Red Not Lit NIM Fault Red Major alarm detected for 2 5 seconds Amber Minor alarm detected for 2 5 seconds Green Normal no fault condition On Line Red flashing NIM failed POST not ready Amber NIM passed POST and in standby Green NIM is online normal LOS Red Loss of Signal Green Acceptable optical receive power for 10 seconds SAM Fault...

Page 233: ...tenance and Troubleshooting Summary of Front Panel LEDs Amber Minor Green Normal enabled Not Lit Out of service CPU Master Green online as master Amber Standby On line Activity Amber Normal activity Module LED Display LED Color Definition ...

Page 234: ...8 46 Broadmore 1750 Release 4 6 Maintenance and Troubleshooting Summary of Front Panel LEDs ...

Page 235: ...CHAPTER 9 Command Line Interface In this Chapter CLI Access 9 2 Creating and Running Scripts 9 4 Port Configuration 9 6 Monitor 9 8 About Command 9 9 ...

Page 236: ...e and password NOTE At this point you can type help to view a list of commands You can also type help command to obtain help on any of the listed commands 2 At the 1750 prompt type cli and press enter The prompt changes to cli for successful access to the CLI program NOTE The security mode and user privilege level determines the CLI commands available to each operator 3 Type and press enter at any...

Page 237: ...e cli prompt enter to display a list of available commands At this point the level commands are sys maintain about General commands are up clear quit help The level commands correspond with the CAMMI main menu except for the administrative function which is not implemented in CLI ...

Page 238: ...mantec Procomm you can perform the following steps to create a script and save it to a file A script file must meet the following requirements Each command must begin on a new line Comments or unused configuration settings must begin with a semicolon When the Broadmore s script interpreter encounters a semicolon all remaining text on the line is ignored The file must be named as follows filename s...

Page 239: ...u were manually entering it during a normal session If the script interpreter encounters an error it continues to attempt to interpret each successive line until it can execute a valid command If no valid commands can be executed before the end of the file review the error displayed to resolve the problem It is recommended that all logs be reviewed after at least the first time a script is execute...

Page 240: ...reen to access the configuration items The steps shown below must be entered in sequence one at a time CLI does not support going directly to the last screen via a single entry e g a single entry of sys config slot c port1 configoperation show will give an error for unrecognized entry Each parameter can be revised For example to change the port name to DS3Port you would enter Port name DS3 port ...

Page 241: ...y screen is to enter up which takes you to the previous command level However this is not allowed on this screen because configuration data has been altered This data must be either discarded cancel or retained save before proceeding The command cardstatus will display a list of all Broadmore 1750 slots with the module installed Cardstatus is available when you are in either of the following comma...

Page 242: ...itor Use Monitor to display system operation statistics The CLI command string to monitor and show port counters is displayed below Note that an additional command reset is available Reset will zero all counters This was done as the first command in the display below ...

Page 243: ...mand accessed from the initial CLI prompt will provide information about each slot including Type module Module serial number Hardware revision Software revision The information displayed is tailored for the type of module This information is particularly valuable when contacting Customer Service ...

Page 244: ...9 10 Broadmore 1750 Release 4 6 Command Line Interface About Command ...

Page 245: ...rity Features 10 2 Security Guidance 10 3 Logging In 10 5 Log in Banner 10 6 System Clock 10 7 Network Time Protocol 10 8 Managing Users and Audit Trails 10 10 IP ICMP Messages 10 17 SNMP Messages 10 18 Shell Commands Non FIPS Mode 10 19 FTP Login 10 21 ...

Page 246: ...guration activity audit trails Enable disable SNMP and ICMP messages SNMPv3 USM VACM Log in Banner for special user instructions Only the Network Administrator SuperUser can create and modify user accounts set access privileges and monitor user activity audit trails The Broadmore requires that users log into the Broadmore through Telnet and FTP NOTE Be sure to use the appropriate fonts and screen ...

Page 247: ...out 5 after logging in securely you can safely create user accounts and configure the Broadmore for secure operation Security Modes The Broadmore is shipped with security turned off Only a SuperUser can change the FIPS and SecurID modes If these security modes are required see next chapter Potential Security Vulnerabilities 1 The Broadmore accepts loose source routed IP packets so it is recommende...

Page 248: ...r passwords 2 It is recommended that all users access privileges and role assignments be reviewed periodically or whenever a personnel termination transfer or role change occurs Audit Trails Audit trails must be enabled for FIPS mode The cryptographic module provides a system log and user audit log The audit log audit txt records user actions while the system log sys log records system events and ...

Page 249: ... Primary pull down menu in the Authentication panel 4 Click Connect NOTE For initial system installation the factory default user name is SYSADMIN and the password is INITIAL To ensure network security a network administrator SuperUser must create new user names and passwords See Managing Users and Audit Trails on page 10 10 5 When Broadmore user login message displays type the Login and Password ...

Page 250: ... logs in The banner is a simple way to provide special instructions to the user A SuperUser can implement this feature by using ftp or SFTP to download a banner text file named banner txt to the Broadmore cam directory When a shell login is requested the contents of the banner file if any will be dumped to the screen just ahead of the login prompt as in the following example ...

Page 251: ...ther manually after powering up the Broadmore or configure the Broadmore to use a network timing source see Network Time Protocol on page 10 8 Select Set System Time from the Administration menu Then set the Month Day Year Hour and Minute to the correct values When finished press Escape and select Yes to change the system clock NOTE Changing the system clock is an event recorded in the system log ...

Page 252: ...igure the Broadmore to use a network time source as described below The Broadmore uses Simple Network Time Protocol SNTP which is an Internet standard for periodically synchronizing the system clocks connected to an IP network If the clock uses the NTP source the system clock will be automatically synchronized to the NTP source when power is reapplied to the Broadmore Select NTP from the Administr...

Page 253: ...y network time source Aux NTP Server IP The IP address of the auxiliary network time source to be used if a request to the primary network time source exceeds the timeout period Aux Server Port 0 to 32767 Aux Timeout sec 1 to 100 The time to wait for a response from the auxiliary network time source Poll Interval 1 hr 8 hr 1 day 1 week Determines how often the Broadmore will request an update from...

Page 254: ...r ID Rules 10 10 Change User ID 10 11 User Audit Trails 10 13 User ID Rules A SuperUser can set the minimum allowable number of characters in user names and passwords by selecting User ID Rules from the Administration menu From this menu select the Username or Password and enter the required minimum number of characters ...

Page 255: ...rmation for each user that is added Item Options Comments User ID A unique user identifier Password Password A unique password for the user and a second password field to confirm Privilege BROWSER OPERATIONS SYS_ADMIN SUPER_USER The level of user access See User Security Configuration on page 7 23 Craft Access Enable Disable Access through the serial port on the front of the CPU Remote Access Enab...

Page 256: ...ser ID Deleting a User After you select the user to be deleted a confirmation message appears Select Yes to delete the user or No to exit without making any changes Modifying a User After you select the user to be modified enter the appropriate information in the ...

Page 257: ...e This prevents the audit logging of numerous initial installation configuration changes Only a SuperUser can enable or disable this function or use shell commands to access the audit file Only a SuperUser can enable or disable this function or use shell commands to access the audit files Audit Trails protect a Broadmore by providing traceability of who performed procedures on the unit what proced...

Page 258: ...best to upload the file via FTP To display the audit file at the Broadmore prompt enter the following commands cd cam tail audit txt An example of the output is provided below User audit files record the following information for each user action date time online CPU Q or R or standby CPU q or r user name event type short description of the event Once the audit txt file is full the file is automat...

Page 259: ...r file that contains a recent history of system users events and alarms Old records are overwritten by new records The log file identifies the currently active CPU and any user currently logged into the Broadmore All users can use the CAMMI interface to view those system events permitted by their access role see Maintenance and Troubleshooting on page 8 1 Only a SuperUser can copy or delete the sy...

Page 260: ...ystem log log into the Broadmore and enter the following commands at the Broadmore prompt cli maintain systemlog showi You can then navigate through the system log by following the instructions appearing at the bottom of the window To delete the system log enter clearlog instead of showi ...

Page 261: ...CMP Messages IP ICMP Messages You can use the Internet Control Message Protocol selection to enable or disable all ICMP messages for Internet Protocols such as ping or echo Disabling ICMP is a common defense against denial of service attacks using ping floods ...

Page 262: ...Broadmore supports older SNMP v1 and v2 as well as newer SNMPv3 protocols You have the option to disable only SNMPv1 and v2 messages or all SNMP messages Only a SuperUser or SysAdmin can access or change these properties see SNMP Properties on page 12 3 Select System Management Select Configure Select System Services Select SNMP Configure Select SNMP Properties ...

Page 263: ...e level FIPS Mode The Broadmore is shipped with FIPS mode security turned off A SuperUser can use the fipsmode shell command to enable FIPS mode operation see Security Management FIPS Mode on page 11 1 Authorized Access to Shell Commands The following table lists the authorized commands available to each access privilege level when operating in non FIPS mode User ID Authorized Services Super_User ...

Page 264: ...hell Commands head help ifconf ls md mem mkdir move mv netstat ping pwd rd resetSecurID resetSecurIDIp rm rmdir route savert scp selftest setbaud setenv settimeout setwrite sigmem sshdSessionShow sshdShow tail User ID Authorized Services Super_User Sys_Admin Operations Browser ...

Page 265: ... the Broadmore 1 Open your ftp program The Connect window opens 2 Enter the IP address of the Broadmore 3 Enter the Username SYSADMIN the username is case sensitive 4 Enter the Password example jsmith the default password for new installations is INITIAL passwords are case sensitive touch zeroize User ID Authorized Services Super_User Sys_Admin Operations Browser ...

Page 266: ...10 22 Broadmore 1750 Release 4 6 Security Management FTP Login ...

Page 267: ...ification 11 6 Authorized Services 11 7 Key Management 11 8 Logging In 11 9 Log in Banner 11 13 System Clock 11 14 Network Time Protocol 11 15 Changing Security Modes 11 17 User Administration and Audit Trails 11 26 Shell Commands FIPS Mode 11 34 SFTP Login 11 43 SecurID Features 11 49 Residual Data and Memory Volatility 11 50 ...

Page 268: ...ersion 4 0 Security Policy available at the following web sites http www carrieraccess com support under the Broadmore documents http csrc nist gov cryptval under the Validation Lists When the FIPS Security option is enabled on the Broadmore the following security features are available RSA SecurID authentication optional see SecurID Features on page 11 49 Private management data paths using SSHie...

Page 269: ...mory modules and storage media should be handled in accordance with applicable security procedures Initial Login The Broadmore is shipped with a default username and password for logging in the first time A SuperUser Crypto Officer should log in the first time to configure the Broadmore for secure operation For maximum security perform the following steps 1 configure IP access via ethernet LANE or...

Page 270: ...ugh the ethernet port It is recommended that all accounts be created with Remote Access only except for one failsafe SuperUser account with Craft Access The craft password should be stored safely in the NOC When needed the SuperUser can log into the craft port fix things change the password log out and store the new password back in the NOC Initialization and Verification When the Broadmore is pow...

Page 271: ...user actions while the system log sys log records system events and configuration changes A SuperUser has access to pSOS shell commands that can overwrite the system and audit log files This misuse of shell commands to corrupt the audit trail is strictly prohibited and removes the Broadmore from the evaluated configuration It is recommended that user audit trails be examined periodically in accord...

Page 272: ...st once every 6 months and that users be instructed to use a random combination of all the usable characters for passwords Upon successful authentication the role and privilege level are selected based on the identity username of the operator At the end of a session the operator should log off though the user is automatically logged off after a configurable period of inactivity Role Privilege Leve...

Page 273: ...er_User Sys_Admin Operations Browser SecureCRT SSH2 terminal client SecureFX SSH2 SFTP client Change User ID Change own password System Services Connection Retry Establish connections Delete connections Configure modules Maintenance Diagnostics View System Log Environmental Indicators Boot Reboot system or card Card diagnostics System test Check free CPU memory View configuration statistics Securi...

Page 274: ...g DSA Key Pairs DSA keys can be generated on a UNIX or Windows host using key generation utilities provided as a part of the ssh clients server software of various vendors OpenSSH provides ssh keygen to generate DSA keys on a UNIX or Windows host The ssh keygen program can be downloaded from the URL http www openssh org The following example shows how to generate the host_dsa key on a UNIX host or...

Page 275: ...r logging into the Broadmore the Crypto Officer can configure the Broadmore to use SecurID if desired Using both SecurID and FIPS mode with the Broadmore provides a two stage login First users log in using RSA SecurID Then they can log into the Broadmore SSHield Management Module Logging in with SecurID Disabled The following example uses SecureCRT as the secure client software To log into the Bro...

Page 276: ... the IP address of the Broadmore and the Username is the Broadmore user name 4 Click Connect 5 When the Broadmore Login message appears type in the Login and Password You will need to press Enter after each The factory defaults for the initial installation are SYSADMIN and INITIAL After successfully logging in the Broadmore command prompt displays ...

Page 277: ... SecurID server 1 Open SecureCRT The Quick Connect window opens 2 Select ssh2 from the Protocol pull down menu 3 Type in the Hostname and Username The Hostname is the IP address of the Broadmore and the Username is the SecurID user name that is configured on the RSA SecurID server with a token assigned to it 4 Select Keyboard Interactive from the Primary pull down menu in the Authentication panel ...

Page 278: ...ation opens 6 Type in the SecurID passcode and click OK 7 After successfully logging into SecurID the Broadmore login displays 8 Type the Login and Password You will need to press Enter after each The factory defaults for the initial installation are SYSADMIN and INITIAL After successful login the Broadmore command prompt appears ...

Page 279: ...ner is a simple way to provide special instructions to the user A SuperUser can implement this feature by using ftp or SFTP to download a banner text file named banner txt to the Broadmore cam directory There is no limit to the size of this file When a shell login is requested the contents of the banner file if any will be dumped to the screen just ahead of the login prompt as in the following exa...

Page 280: ...ck either manually after powering up the Broadmore or configure the Broadmore to use a network timing source see Network Time Protocol on page 11 15 Select Set System Time from the Administration menu Then set the Month Day Year Hour and Minute to the correct values When finished press Escape and select Yes to change the system clock NOTE Changing the system clock is an event recorded in the syste...

Page 281: ...r configure the Broadmore to use a network time source as described below The Broadmore uses Simple Network Time Protocol SNTP which is an Internet standard for periodically synchronizing the system clocks connected to an IP network If the clock uses the NTP source the system clock will be automatically synchronized to the NTP source when power is reapplied to the Broadmore Select NTP from the Adm...

Page 282: ...primary network time source Aux NTP Server IP The IP address of the auxiliary network time source to be used if a request to the primary network time source exceeds the timeout period Aux Server Port 0 to 32767 Aux Timeout sec 1 to 100 The time to wait for a response from the auxiliary network time source Poll Interval 1 hr 8 hr 1 day 1 week Determines how often the Broadmore will request an updat...

Page 283: ... change the security modes The Broadmore is shipped from the factory with FIPS mode and SecurID turned off The security modes can only be changed after successfully logging into the Broadmore while operating in the current mode configuration see Logging In on page 11 9 Help About Security Any user regardless of security level can use this command Selecting Help About Security from the main menu wi...

Page 284: ... see Logging In on page 10 5 2 Enable FIPS mode by entering the following command at the Broadmore prompt fipsmode on 3 Set the session timeout for the Broadmore craft port by entering the following command settimeout hh mm ss Example settimeout 00 05 00 sets the timeout to 5 minutes The current value can be displayed by entering settimeout by itself NOTE The SSH session timeout is fixed at 5 minu...

Page 285: ... into the online CPU 5 Verify that the Broadmore is in FIPS mode by logging in with an SSH terminal emulator such as SecureCRT see Logging In on page 11 9 If you must use Telnet the Broadmore is not in FIPS mode 6 Start up the CAMMI interface by entering the following command at the Broadmore prompt cammi 7 After logging in also verify that the Broadmore is in FIPS mode by observing that the CAMMI...

Page 286: ...PU Broadmore primary IP address with a secure SSH terminal emulator such as SecureCRT see Logging In on page 11 9 2 Disable FIPS mode by entering the following shell command at the Broadmore prompt fipsmode off 3 Reboot the Broadmore for the change to take effect by entering the following commands at the Broadmore prompt cli maintain redundancy cpu rebootstandby releasecpu NOTE The above command s...

Page 287: ...ne CPU can be accessed when SecurID is enabled Only a Superuser Crypto Officer can change the security modes The Broadmore is shipped from the factory with SecurID turned off The security mode can only be changed after successfully logging into the Broadmore while in its current security mode SecurID requires that the Broadmore CPUs be set up for use with a SecurID server Each CPU must be set up o...

Page 288: ...boot the Broadmore 3 On the SecurID server create an Agent Host for the Broadmore and a sdconf rec file 4 Using SFTP software put the sdconf rec file into the securid directory of the Broadmore s online CPU 5 Using the CAMMI Administration Security menu select SecurID and press the space bar choose Enable Select SecurID Interface and press the space bar to choose Ethernet See figure below 6 If the...

Page 289: ...rectory of the second CPU sdconf rec secret and sdopts rec 11 Using the CAMMI Administration Security menu select SecurID and press the space bar choose Enable Select SecurID Interface and press the space bar to choose Ethernet 12 Log out and log back in using your SecurID credentials 13 If the proceeding step was successful you can now insert both CPUs Item Options Comments SecurID Enable Disable...

Page 290: ...turned off The security mode can only be changed after successfully logging into the Broadmore while in its current security mode 1 Using the CAMMI Administration Security menu select SecurID and press the space bar choose Disable 2 The next time you log into the Broadmore you will not have to provide any SecurID credentials IP ICMP Messages You can use the Internet Control Message Protocol select...

Page 291: ... The Broadmore supports older SNMP v1 and v2 as well as newer SNMPv3 protocols You have the option to disable only SNMPv1 and v2 messages or all SNMP messages Only a SuperUser or SysAdmin can access or change these properties see SNMP Properties on page 12 3 Select System Management Select Configure Select System Services Select SNMP Configure Select SNMP Properties ...

Page 292: ...d passwords by selecting User ID Rules from the Administration menu From this menu select the Username or Password and enter the required minimum number of characters These values must be set to at least 6 characters to satisfy FIPS 140 2 security requirements NOTE The Broadmore will only enforce the minimum length values when creating new user accounts Old accounts are not affected It is up to th...

Page 293: ...er can change their own password using the Change Password menu Adding a User Enter the following information for each user that is added Item Options Comments User ID A unique user identifier Password Password A unique password for the user and a second password field to confirm Privilege BROWSER OPERATIONS SYS_ADMIN SUPER_USER The level of user access See User Security Configuration on page 7 23...

Page 294: ...ct the user to be deleted a confirmation message appears Select Yes to delete the user or No to exit without making any changes Craft Access Enable Disable Access through the serial port on the front of the CPU Remote Access Enable Disable Access through the Ethernet port on the CPU IOM Item Options Comments ...

Page 295: ...nts User ID A unique user identifier Password Password A unique password for the user and a second password field to confirm Privilege BROWSER OPERATIONS SYS_ADMIN SUPER_USER The level of user access See User Security Configuration on page 7 23 Craft Access Enable Disable Access through the serial port on the front of the CPU Remote Access Enable Disable Access through telnet secure shell login ft...

Page 296: ...s initial installation configuration changes Only a SuperUser can enable or disable this function or use shell commands to access the audit file Only a SuperUser can enable or disable this function or use shell commands to access the audit files Audit Trails protect a Broadmore by providing traceability of who performed procedures on the unit what procedures were performed and when they took place...

Page 297: ...f the file Use the tail command to display the end of the file For detailed examination it is best to upload the file via FTP or SFTP To display the audit file at the Broadmore prompt enter the following commands cd cam tail audit txt An example of the output is provided below User audit files record the following information for each user action date time online CPU Q or R or standby CPU q or r u...

Page 298: ...cate the audit txt and audit_o txt files System Log The system log file sys log is a circular file that contains a recent history of system users events and alarms Old records are overwritten by new records The log file identifies the currently active CPU and any user currently logged into the Broadmore All users can use the CAMMI interface to view those system events permitted by their access rol...

Page 299: ...the system log log into the Broadmore and enter the following commands at the Broadmore prompt cli maintain systemlog showi You can then navigate through the system log by following the instructions appearing at the bottom of the window To delete the system log enter clearlog instead of showi ...

Page 300: ...er privilege level fipsmode NOTE The procedure for using this command is given in Enabling FIPS Mode on page 11 18 The FIPS mode can only be changed by a SuperUser Crypto Officer At the Broadmore prompt type fipsmode to see current value or fipsmode on to enable or fipsmode off to disable After executing this command the Broadmore must be rebooted for the change to take effect selftest Self tests ...

Page 301: ... communications traffic across the data plane but the operating configuration can not be changed until the unit is repaired settimeout A SuperUser Crypto Officer can set the session timeout for the Broadmore craft port for user inactivity The command syntax is settimeout hh mm ss Example settimeout 00 05 00 will set the timeout to 5 minutes Entering settimeout by itself will display the current va...

Page 302: ...11 36 Broadmore 1750 Release 4 6 Security Management FIPS Mode sshdShow ...

Page 303: ...typing sshdSessionShow An example of the output is provided in the following graphic Item Comments Session ID Session ID ConnTid Task ID of the sshd server handling the connection ServerTid Session server task spawned for the connection ServerName Session server name User Connecting user s name ttydFd fd available to the server task for IO with the sshd connection task RemoteIp Port IP and port of...

Page 304: ...ver my_server use the following command scp local_file my_self my_server local_file_new To to copy files from the remote server my_server to the target local_file use this command scp my_self my_server dir file dir new_file To display a list of options and usage information use the h command scp h Enabling Debug Messages A SuperUser Crypto Officer can enable Debug by using the v option An example ...

Page 305: ...eset the node secret file This command is necessary if the system administrator has for example changed the server and needs to get a fresh node secret file At the Broadmore prompt type resetSecurID as shown in the following figure and then press Enter The node secret file resets and the screen returns to the prompt There is no output with this command ...

Page 306: ...OR REPAIR This command is not intended for normal operational use It is intended as a security measure per FIPS 140 2 requirements to allow a SuperUser Crypto Officer to completely remove all security sensitive data that may be required before decommissioning a CPU This command has two options To zeroize only the standby CPU type zeroize standby This option is intended primarily for decommissionin...

Page 307: ...mands The following table lists the authorized commands available to each access privilege level when operating in FIPS mode User ID Authorized Services Super_User Sys_Admin Operations Browser arp 4 cammi start GUI interface cat cd cli cmp comp copy cp del dir du echo fipsmode head help ifconf ls md mem mkdir move mv netstat ping ...

Page 308: ...de Authorized Access to Shell Commands pwd rd resetSecurID resetSecurIDIp rm rmdir route savert scp selftest setbaud setenv settimeout setwrite sigmem sshdSessionShow sshdShow tail touch zeroize User ID Authorized Services Super_User Sys_Admin Operations Browser ...

Page 309: ...SFTP the data is encrypted as it flows to and from the Broadmore over IP The following procedure provides an example of how to login using SFTP using SecureFX Logging in with SecurID Disabled To log in to RSA SecurID and the Broadmore 1 Open SecureFX The Connect window opens 2 Right click on the connection you want to use and select Properties The Session Configuration window opens ...

Page 310: ...g step works with SecureFX 4 In the SFTP logon panel type in the Hostname and Username The Hostname is the IP address of the Broadmore the Username is Broadmore local user name prefixed by a colon for example SYSADMIN 5 Select Keyboard Interactive from the Primary pull down menu in the Authentication panel 6 Click OK The following prompt appears 7 Type in the local Broadmore password and click OK ...

Page 311: ...Broadmore 1750 Release 4 6 11 45 Security Management FIPS Mode Logging in with SecurID Disabled ...

Page 312: ...ession Configuration window opens 3 In the Session panel type the IP address of the Broadmore and select SFTP from the Protocol pull down menu 4 In the SFTP logon panel type in the Hostname and Username The Hostname is the IP address of the Broadmore the Username is The SecurID user name and Broadmore local user name joined together with a colon between and no spaces for example jsmith SYSADMIN 5 ...

Page 313: ... appears 7 Click OK The Keyboard Interactive Authentication window opens 8 Type in the SecurID passcode and click OK A second Keyboard Interactive Authentication window opens 9 Type in the local Broadmore password and click OK After successfully logging into SecurID the SecureFX window appears as shown in the following graphic ...

Page 314: ...11 48 Broadmore 1750 Release 4 6 Security Management FIPS Mode Logging in with SecurID Enabled ...

Page 315: ... provided by the FIPS 2 validated Broadmore SSHield Management Module Feature Details RSA Authentication Methods Supported Native SecurID RSA Authentication Manager Agent Library Version 5 0 2 RSA Authentication Manager 5 Locking Yes Replica RSA Authentication Manager Support Full Replica Support Secondary RADIUS TACACS Server Support N A Location of Node Secret on Client securid securid RSA Authe...

Page 316: ...nded or hostile actions on the part of the Broadmore could only be enabled by the surreptitious alteration of the device s embedded firmware and hardware Thus adequate physical security and access controls are required to prevent hostile implementation of other non Carrier Access provided firmware and hardware With Release 4 0 Broadmore received FIPS 140 2 validation see certificate 478 posted und...

Page 317: ... through the Broadmore Sanitation Procedures The following table summarizes procedures for all Broadmore modules when removing them from authorized areas to open areas Product Release Product Type Sanitation Procedure Release 3 8 and earlier Broadmore Unit Power Off for 24 hours Remove Disk on Chip from CPU Network Interface Modules Power Off for 24 hours CPU Power Off for 24 hours Remove Disk on ...

Page 318: ...11 52 Broadmore 1750 Release 4 6 Security Management FIPS Mode Sanitation Procedures ...

Page 319: ...CHAPTER 12 SNMP Configuration In this Chapter SNMP Overview 12 2 SNMP Properties 12 3 USM VACM Configuration 12 6 Trap Configuration 12 28 ...

Page 320: ...Ps The Broadmore supports SNMP v1 v2 and v3 Follow the sequence below to configure the SNMP parameters NOTE SNMPv3 configuration must be performed through CAMMI Do not use the CLI to configure SNMPv3 parameters Select System Management Select Configure Select System Services Select SNMP Configure Select the item you want to configure With each selection confirm your changes and press Esc to exit ...

Page 321: ...cessed and changed by a SuperUser or SysAdmin SNMP properties allow the user to control SNMP operation Select System Management Select Configure Select System Services Select SNMP Configure Select the item you want to configure With each selection confirm your changes and press Esc to exit Select SNMP Properties ...

Page 322: ...rap is remembered and future traps will be sent only if the setting for the squelch level permits their severity Only traps with matching set and clear instances become the outstanding trap for squelching These are limited to the traps for card port major and minor alarms Each port will attempt to set a trap when an alarm first trips in the absence of squelching and a matching clear will be sent w...

Page 323: ... minor alarm Inform Card insert removed NIM switchover CPU switchover Restore User reboot Cold Start This squelch configuration will send a single critical trap if a NIM fiber breaks and will prevent cascading traps like NIM switchover in a redundant NIM system from sending dozens of SAM port notifications caused by the switchover Normally if you get a trap on a single port of a SAM you would get ...

Page 324: ...anged by a SuperUser Crypto Officer Broadmore Implementation of USM VACM Community Name char Index char UserName char TrapTag char Enabled bool true Storage unspecified Non Vol User Name Auth Encyptiontypes Auth Encryptionkeys Storage unspecified Non Vol Group Name char UserName char SecurityModel Storage unspecified Non Vol View Name char SubTreeOID Storage unspecified non vol Access Name char Re...

Page 325: ...which subset of MIB objects in the Broadmore VACM also defines the type of access Read Write over a view The Broadmore organizes the USM VACM into four tables or entities Views Users Groups and Access With each entity the following actions are associated Edit used to modify an existing User View Group or an Access entry Copy used to copy the information for an existing User View Group or an Access...

Page 326: ...n below shows the two predefined users Select System Management Select Configuration Select System Services Select SNMP Configure Select one of the following Edit edit the User information Copy to put a copy of the information into the list Delete delete an existing User New enter a new User With each selection confirm your changes and press Esc to exit Select Users Validate Table check table entr...

Page 327: ...some SNMP clients use keys for authentication and encryption while others use passwords For clients that use passwords a user needs to be created with passwords for the Authentication and Encryption parameters After choosing either Key or Password to key press OK and fill in the parameters described in the table above to define the new user as shown in the following New Users Entry screen NOTE Whe...

Page 328: ...12 10 Broadmore 1750 Release 4 6 SNMP Configuration Users Screen for entering User Key Screen for entering User Password ...

Page 329: ...Options Comments User Name string A unique value for User Name 1 to 30 characters Auth Key string Key to be used for authorizing a SNMP user to the Broadmore system Priv Key string Key to be used to encrypt SNMP traffic Auth Password string Password to be used for authorizing SNMP user Priv Password string Password to be used to encrypt SNMP traffic Auth None SHA MD5 Authentication protocol used P...

Page 330: ...se 4 6 SNMP Configuration Users User Edit Rules The following table describes which parameters can be modified in a Users table entry Item Edit Allowed User Name No Auth Password No Priv Password No Auth Yes Priv Yes Storage Yes ...

Page 331: ...the four predefined groups Follow the sequence below to modify the list Select System Management Select Configuration Select System Services Select SNMP Configure Select one of the following Edit edit the Group information Copy to put a copy of the information into the list Delete delete an existing Group New enter a new Group With each selection confirm your changes and press Esc to exit Select G...

Page 332: ...e selections Item Options Comments Group Name string value for Group Name 1 to 30 characters User Name string value for User Name 1 to 30 characters Security Model V1 V2 USM The Security Model used in processing an SNMP query from a client This parameter can be used to restrict access to the managed objects based on the security model set for a group Storage Volatile Non volatile Permanent Readonl...

Page 333: ...e any changes to the user information the system will prompt you for confirmation on whether you want to accept the changes or not Group Edit Rules The following table describes which parameters can be modified in a Groups table entry Item Edit Allowed Group Name Yes User Name No Security Model No Storage Yes ...

Page 334: ...ew Select System Management Select Configuration Select System Services Select SNMP Configure Select one of the following Edit edit the View information Copy to put a copy of the information into the list Delete delete an existing View New enter a new View With each selection confirm your changes and press Esc to exit Select Views Validate Table check table entries for consistency ...

Page 335: ... particular subtree in this MIB tree For example one view could be defined to be over the MIB subtree represented by the OID 1 3 6 while another could be over the subtree represented by OID 1 3 6 1 Of these two views the latter is more restrictive as it has fewer managed objects under it A view could also be defined to be one specific OID in the entire MIB tree of managed objects The following sho...

Page 336: ... on whether you want to accept the changes or not View Edit Rules The following table describes which parameters can be modified in a Views table entry Storage Volatile Non volatile Permanent Readonly Other Settings lost without power Settings can be changed Settings can not be deleted Settings can not be changed Item Edit Allowed Name No Subtree OID Yes Storage Yes Item Options Comments ...

Page 337: ...ct Configuration Select System Services Select SNMP Configure Select one of the following Edit edit the Group information Copy to put a copy of the information into the list Delete delete an existing Group New enter a new Group With each selection confirm your changes and press Esc to exit Select Access Validate Table check table entries for consistency ...

Page 338: ... an access policy The access list is used to define the parts of the MIB tree that are available for either read or write for specific combinations of group and security models It also defines whether an incoming SNMP request needs authentication and whether SNMP messages need to be encrypted The following table describes the selections Item Options Comments Group Name string A group name from the...

Page 339: ...he contextName must match the Context Prefix Prefix only the initial substring of the contextName must match the Context Prefix Security Model V1 V2 USM The Security Model used in processing an SNMP query from a client This parameter can be used to restrict access to the managed objects based on the security model set for a group Security Level None AuthnoPriv AuthPriv None the incoming request re...

Page 340: ...user sending the request belongs to This is done by looking up the username and the Security model used V1 V2 or USM in the SNMP request Once the group is determined the system looks up the Access table entries and decides whether the authentication and encryption is required for the SNMP query This is determined by looking up the Security Level parameter in the Access table Authentication is veri...

Page 341: ...y looking up the Read and Write parameters of the Access table the exact set of MIB variables managed objects that will be visible to the user This is determined by the Views table entries access based on the security model set in Groups and Access table NOTE In addition to the standard MIBs the Broadmore includes enterprise MIBs that are specific to its operation ...

Page 342: ...his table These settings can only be accessed and changed by a SuperUser Select System Management Select Configuration Select System Services Select SNMP Configure Select one of the following Edit edit the Community information Copy to put a copy of the information into the list Delete delete an existing Community New enter a new Community With each selection confirm your changes and press Esc to ...

Page 343: ...Views Users Groups and Access These properties are read only ILMI Interim Local Management Interface is an independent industry standard used for configuration of ATM interfaces Although it is based on SNMP ILMI communication actually occurs using a transport other than IP that traverses only the physical ATM link ILMI is essential to functions such as ATM auto discovery and LANE LAN Emulation Use...

Page 344: ...ser Create a community name public with index Trap and tag Trap Specify the predefined user v12TrapsUser Item Options Comments Community Name string SNMPv1 and SNMPv2 Community Name 1 to 30 characters The Community Name is used with the User Name and Tag Name to determine get set and trap access Index string The Index permits the table to specify the same actual string multiple times A particular ...

Page 345: ...te a community name public with index Trap and tag Trap Specify the predefined user v12TrapsUser Create a community name public with index Get and no tag Specify the predefined user v12Getuser In fact you can create as many get and or set community strings as you desire provided that they map back to users with the privileges you desire and they all have arbitrarily unique index fields For example...

Page 346: ...rking properly The Broadmore can send the following kinds of trap notifications Major Minor Alarms for each module and port each set alarm is matched by a clear indicating the states of the fault LEDs on the chassis or module Module inserted or removed from the chassis Slot failure UNI up down Redundancy switchover File restores by the user a user audit event Reboots by the user a user audit event...

Page 347: ...Originator assembles the relevant trap information into a Protocol Data Unit PDU and sends the PDU to a network manager at a target address SNMPv3 uses SNMPv2 PDUs and also adds target address tables that tell the Notification Originator which targets should be sent notifications with given Object IDs OIDs in them For example a particular event may cause a linkDown or a warmStart notification You ...

Page 348: ...nd the target params table Broadmore Implementation of SNMP tables in RFCs 2273 and 2573 Target TargetParms Notification TrapTag User Community TrapTag Group Access View Name char UserName char SecurityModel SecurityLevel MP Model Enabled bool true Storage unspecified Non Vol Name char TrapTag char Enabled bool true Severity Name char IP Port TargetParms char TrapTag char Enabled bool true Storage...

Page 349: ...s is then done 5 If filters on and we have a filter entry the Notification Originator checks the filter to see if it is set to include or exclude this target If the filter is set to exclude this target then the message need not be sent to this target 6 If filters are on and the filter associated with the target provides a mask the mask is used to see if this trap event can be sent to this target T...

Page 350: ...ts and provide finer selection of events to send Notifications Table how to group targets to send notifications and what type of notification to send Notify Filter Profile Table a list of filters used by a notification for finer grained control over trap destinations Notify Filter Table filters to limit the number of notifications generated for a particular target NOTE The Broadmore predefines som...

Page 351: ...equence below to modify the list Select System Management Select Configuration Select System Services Select SNMP Configure Select one of the following Edit edit the Target information Copy to put a copy of the information into the list Delete delete an existing Target New enter a new Target With each selection confirm your changes and press Esc to exit Select Targets Validate Table check table en...

Page 352: ...sables this target Storage Volatile Non volatile Permanent Readonly Other Settings lost without power Settings can be changed Settings can not be deleted Settings can not be changed Timeout secs 100 Enter Timeout as a value in hundredths of a second For example 1500 represents 15 seconds This value indicates the expected maximum round trip time for communicating with the IP address defined by this...

Page 353: ...ameters Entry Select System Management Select Configuration Select System Services Select SNMP Configure Select one of the following Edit edit the Target Parameter information Copy to put a copy of the information into the list Delete delete an existing Target Parameter New enter a new Target Parameter With each selection confirm your changes and press Esc to exit Select Target Params Validate Tab...

Page 354: ... V2 USM The Security Model used in processing an SNMP query from a client This parameter can be used to restrict access to the managed objects based on the security model set for a group Security Level None AuthnoPriv AuthPriv None the incoming request requires no authentication or encryption AuthnoPriv authentication is required but SNMP messages will not be encrypted AuthPriv authentication is r...

Page 355: ...hanged but individual traps can be enabled and assigned a tag name and a severity level The severity is reported as a variable with the trap and also works in concert with the squelch level in SNMP Properties to keep traps appropriately throttled Follow the sequence below to enable or disable each trap type in the list Save the configuration when asked to activate the SNMP trap reporting Select Sy...

Page 356: ...wing table describes the selections Item Options Comments Notify Name This parameter cannot be changed Trap Tag string The default name is Trap If remote managers are to receive all traps there is no need to modify the Trap Tag Different tag names would be useful if responsibility for trap management was subdivided by trap types such that a specific destination was only responsible for a partial s...

Page 357: ... is reported as a variable with the trap To configure trap severity from a remote SNMP manager use the Broadmore enterprise MIB table snmpTrapTypeTable Severity Critical Major Minor Inform Reboot failure NIM major alarm SAM major alarm slot failure Uni up down SAM minor alarm NIM minor alarm Card insert removed NIM switchover CPU switchover restore user reboot Item Options Comments ...

Page 358: ... up to 20 entries in this table An empty table is acceptable These settings can only be accessed and changed by a SuperUser Select System Management Select Configuration Select System Services Select SNMP Configure Select one of the following Edit edit the Filter information Copy to put a copy of the information into the list Delete delete an existing Filter New enter a new Filter With each select...

Page 359: ... 30 characters Note This entry must agree with the Profle Name in the Notify Profiles table see Notify Profiles on page 12 42 Subtree bit string The MIB tree address indicating the branch nodes to be filtered Subtree Mask bit string The mask is a bit string where a 1 ignores the corresponding OID bit and a 0 indicates a wild card match for the corresponding OID bit A string of all 1 bits will acce...

Page 360: ...ermits up to 20 entries in this table An empty table is acceptable These settings can only be accessed and changed by a SuperUser Select System Management Select Configuration Select System Services Select SNMP Configure Select one of the following Edit edit the Profile information Copy to put a copy of the information into the list Delete delete an existing Profile New enter a new Profile With ea...

Page 361: ... table the Notify Filter table is searched for all entries having the same profile_name The following table describes the selections Item Options Comments Profile Name string Value for Profile Name 1 to 30 characters Parameter Name string Value for Parameter Name 1 to 30 characters Note This entry must agree with the Parameters Name in the Target Parameters table see Target Parameters on page 12 3...

Page 362: ...12 44 Broadmore 1750 Release 4 6 SNMP Configuration Notify Profiles ...

Page 363: ...APPENDIX A Technical Specifications In this Appendix Broadmore 1750 Platform A 2 Broadmore Modules A 6 ...

Page 364: ...ork interfaces Up to 80 T1s 60 E1s 11 DS 3s or 12 E3s per chassis Management RS 232 V 24 async craft port SNMP v1 v2 v3 RFC 1213 RFC 3414 MIB II IPv4 and IPv6 ready Controller In band management LAN Emulation Client CLIP RFC 1577 Out of band management 10Base T Ethernet port RS 232 V 24 async craft port Management interface Command Line Interface CLI Text based menu driven Optional security featur...

Page 365: ... 0 Network Timing Protocol Client per RFC 1305 Redundancy System Level Backplane redundant segment protection Dual Power 48 VDC power rails to each card Interface Level CPUs 1 1 NIMs 1 1 SONET APS per Telcordia GR 253 CORE with Digital Protection Switching SAMs 1 N Dual BITS clock inputs with internal Stratum 3E holdover clock Alarms Dry contacts for major and minor alarms LEDs indicating major an...

Page 366: ...wer 48 VDC dual inputs labeled A and B 240 W maximum for fully populated system 10 watts per NIM 8 watts per SAM 20 watts per CPU Fused at 7 5 A each input Alarm power module 1 slot Over voltage threshold 58 1 5 VDC Under voltage threshold 38 0 72 VDC Optional Dual Redundant AC Power Supply external Regulatory Approvals FCC Part 15 Class A radiated emissions ANSI UL 60950 CSA C22 2 NO 60950 00 FIP...

Page 367: ...Rack mountable in 19 in 48 26 cm or 23 in 58 42 cm racks Dimensions 17 5 in H x 17 25 in W x 15 3 in D 44 45 cm H x 43 82 cm W x 38 86 cm D Weight 31 lb 14 1 kg empty 48 lbs 21 8 kg fully loaded Environment Operating temperature range 50 F to 122 F 10 C to 50 C Storage temperature range 4 F to 158 F 20 C to 70 C Relative humidity non condensing range 5 to 80 ...

Page 368: ...dBm Intermediate Reach Type single mode Wavelength 1300nm Tx Output power greater than or equal to 11 0 dBm Rx sensitivity less than or equal to 28 0 dBm DS3 T3 Structured Circuit Emulation SAM 1 port per card BNC connector access on rear panel IOM CES Version 2 AAL1 and ITU T recommendation I 363 Structured N x 64 DS3 1 to 672 ATM PVCs or SVCs per port DS3 options C Bit parity M13 Clocking Networ...

Page 369: ... proprietary timing algorithm and may ONLY be used with specific written prior permission from Carrier Access Corporation Additional license fees may apply E3 Unstructured Circuit Emulation SAM 3 ports per card BNC connector access on rear panel IOM Unstructured CES Version 2 AAL1 and ITU T recommendation I 363 E3 options clear channel Clocking Network BITS Adaptive SRTS Loop NOTE SRTS is a propri...

Page 370: ...A 8 Broadmore 1750 Release 4 6 Technical Specifications E3 Unstructured Circuit Emulation SAM ...

Page 371: ...e manufacturer s name and part numbers are provided for these items Contact your local Sales Account Manager for the latest availability and pricing information Please have your system model and serial number available when calling to facilitate service In the unlikely event that a part not listed above is required the Customer Support Center will provide detailed information on replacing the comp...

Page 372: ... SAR 7660 403 Module DS3 SAM IOM 3 Port 7660 404 Module SAM IOM 8 RJ48 Connectors 7660 406 Module NIM IOM 7660 410 Module Protection IOM 7660 411 Module CPU IOM 7660 416 Module Structured DS3 SAM IOM 1 BNC Port 7660 672 Module Structured DS3 SAM 51670066 01 LapLink Cable PC to Broadmore 1750 serial port cable with DB9 F and DB25 F connectors on both ends 034 0016 CPU 2 Replacement Battery Panasoni...

Page 373: ...APPENDIX C Software Error Messages In this Appendix Overview System Errors Setup Errors ...

Page 374: ...correct through normal operations as noted in chapters three and four SYSTEM ERRORS provide clues about system operation which are meant primarily for Carrier Access Customer Support analysis NOTE System errors may be observed during normal operation These errors may be an indication of events which are not necessarily a problem Evaluate the Broadmore 1750 operation according to Maintenance and Tr...

Page 375: ... ENTRY_ZERO_NOT_RESERVED 0x1005 Connection table entry 0 must be reserved for use by error handling code NO_ATM_IF_INDEX must 0 LIKELY_MEMORY_LEAK 0x1006 NONSENSICAL_STATE 0x1007 Impossible state of affairs found UNREACHABLE_CODE 0x1008 Unreachable code reached OUTBOUND_MSG_TOO_LONG 0x1009 Msg to a DSP is too long INBOUND_MSG_TOO_LONG 0x1010 Msg from a DSP is too long TRANSMIT_ERROR 0x1011 Error t...

Page 376: ...AD_OC3_RESET_OPTION 0x1109 BAD_OC3_LOOP_MODE 0x110a BAD_OC3_ACTION_ID 0x110b BAD_NX64_ACTION_ID 0x110c BAD_NX64_INPUT_PARAMETER 0x110d BAD_NX64_LINE_CODE_FORMAT 0x110e BAD_NX64_TIMING_SOURCE 0x110f BAD_NX64_LOOPMODE 0x1110 BAD_NX64_LINE_LENGTH 0x1111 BAD_NX64_FRAME_TYPE 0x1112 BAD_NX64_TRANSMIT_ALARM 0x1113 BAD_NX64_DIAG_CONTROL 0x1114 BAD_NX64_SERVICE_TYPE 0x1115 INVALID_SLOT_NUMBER 0x1116 NULL_S...

Page 377: ...nt OC3 Translation Table Address Format NIM_NOT_FOUND 0x1125 CONNECTION_LIMIT_REACHED 0x1126 Connection table is full CHANNELS_ALREADY_IN_USE 0x1127 VC related errors SIG_LINK_NOT_READY 0x1128 INVALID_PORT_NUMBER 0x1129 INVALID_CHANNEL_NUMBER 0x112a INVALID_CHANNEL_MAP 0x112b INVALID_ATM_IFINDEX 0x112c Connection not found or ifIndex was not as expected CONNECTION_IN_USE 0x112d Connection in use r...

Page 378: ... 1750 Release 4 6 Software Error Messages Setup Errors INVALID_INTERNAL_VCI 0x1131 INVALID_CALL_IDENT 0x1132 INVALID_CARD_TYPE 0x1133 CONFIG_DEFAULTS_USED 0x1134 INVALID_MESSAGE_TYPE 0x1135 UNKNOWN_ACTION_ID 0x1136 ...

Page 379: ... not have Ethernet access to the Broadmore 1750 and the Broadmore 1750 does not have an Ethernet local control station Broadmore 1750 2 3 The master control station does not have Ethernet access to the Broadmore 1750 and the Broadmore 1750 has an Ethernet local control station Broadmore 1750 3 The objective is for the master control station to be able to communicate with all three Broadmore 1750s ...

Page 380: ...net traffic over the ATM to Broadmore 1750 1 by default Broadmore 1750 1 then forwards the traffic to the gateway and ultimately to the appropriate Ethernet address Broadmore 1750 3 has an Ethernet gateway local control station in example diagram on next page However traffic to the master control station will not be delivered since the local control station has no Ethernet route to the master cont...

Page 381: ...ol station by IP address and the master control station via static route and Broadmore 1750 1 The master control station addresses Broadmore 1750 1 as IP 192 40 100 90 Broadmore 1750 2 as CIP 10 10 10 174 and Broadmore 1750 3 as CIP 10 10 10 63 The local control station addresses Broadmore 1750 3 as IP 192 50 200 63 ...

Page 382: ...eway 000 000 000 000 IP 192 40 100 90 submask 255 255 255 0 gateway 192 40 100 200 IP 192 40 100 200 submask 255 255 255 0 gateway 000 000 000 000 IP 192 50 200 63 submask 255 255 255 0 gateway 192 50 200 64 IP 192 50 200 64 submask 255 255 255 0 gateway 000 000 000 000 CIP 10 10 10 174 ATM subnet mask 255 255 255 0 CIP 10 10 10 63 ATM subnet mask 255 255 255 0 CIP 10 10 10 90 ATM subnet mask 255 ...

Page 383: ...APPENDIX E Chassis Differences ...

Page 384: ...ty and support the same NIM SAM and CPU modules The 17C chassis also uses the improved Alarm Power Module and Fan Tray assemblies as the 17B chassis The 17B chassis used in the Broadmore 1750 provides 1 4 SAM redundancy and has been NEBS tested with the OC 12 NIM 7660 114 or 7660 113 and the Un Structured DS3 SAMs 7660 034 or 7660 672 Chassis Major Assemblies Part Nos Comments 7665 17A Alarm Power...

Page 385: ...5 17B To change the file pointer in the CPU perform the following steps 1 Log in as a Superuser The default login is SYSADMIN and password INITIAL 2 From the operating system prompt enter cd cam 3 Type dir and look for one of the following files CAM7665 17A CAM7665 17B or CAM7665 17C 4 If the file name does not correspond to the chassis in which the CPU is installed the file must be renamed For ex...

Page 386: ...E 4 Broadmore 1750 Release 4 6 Chassis Differences Software Differences ...

Page 387: ...APPENDIX F IPv6 Support In this Appendix Overview F 2 Configuring IPv6 Addresses for Network Interfaces F 2 Pinging over IPv6 F 4 Testing route6 Application F 5 ...

Page 388: ... network interfaces This section provides steps to configure a network interface Adding an IPv6 Address To set the IPv6 address on the Ethernet interface from the Broadmore shell issue the command ifconf6 with the argument a For example Broadmore ifconf6 1 a 3ffe 0 0 13 5 The above command sets the IPv6 address 3ffe 0 0 13 5 on the Ethernet interface 1 Displaying an Address Check the interface con...

Page 389: ...ived 0 Mcast Packets sent 0 Total Bytes received 1480 Total Bytes sent 64 Input errors 0 Output errors 0 Packets dropped on input 0 Flags 0xa8e1 BROADCAST RUNNING UP MULTICAST Deleting an IPv6 Address To delete the IPv6 address from an Ethernet interface from the Broadmore shell issue the command ifconf6 with the argument d For example Broadmore ifconf6 1 d 3ffe 0 0 13 5 ...

Page 390: ...3ffe 0 0 13 4 16 bytes from 3ffe 0 0 13 4 icmp_seq 0 hlim 64 ping6 statistics 1 packets transmitted 1 packets received 0 packet loss Ping the Loopback Interface Address Broadmore ping6 c 10 s 1000 1 PING6 1048 40 8 1000 bytes 1 1008 bytes from 1 icmp_seq 0 hlim 64 1008 bytes from 1 icmp_seq 1 hlim 64 1008 bytes from 1 icmp_seq 2 hlim 64 1008 bytes from 1 icmp_seq 3 hlim 64 1008 bytes from 1 icmp_s...

Page 391: ...ore command route6 The following example adds a default route on the Broadmore Broadmore route6 add default gateway 3ffe 0 0 13 4 Adding a Host Route The following example adds a host route on the Broadmore Broadmore route6 add host dst 3ffe 0 0 14 41 gateway 3ffe 0 0 13 4 Adding a Network Route The following example adds a network route on the Broadmore Broadmore route6 add net dst 3ffe 0 0 14 ga...

Page 392: ... configured in the system issue the command route6 with option a For example Broadmore route6 a Destination Gateway Flags Refcnt Use Interface 3ffe 0 0 13 4 10803 0 0 1 1 1 200005 0 0 6 3ffe 0 0 13 3ffe 0 0 13 5 101 1 0 1 fe80 1 fe80 1 1 10001 0 0 6 fe80 2 fe80 2 2e0 97ff fe6b 7ffe 101 0 0 1 ff01 1 800001 0 0 6 ff02 1 1 800101 0 0 6 ff02 2 fe80 2 2e0 97ff fe6b 7ffe 800101 0 0 1 ...

Page 393: ...dmore route6 delete default gateway 3ffe 0 0 13 4 Deleting a Host Route The following example deletes a host route on the Broadmore Broadmore route6 delete host dst 3ffe 0 0 14 41 gateway 3ffe 0 0 13 4 Deleting a Network Route The following example deletes a network route on the Broadmore Broadmore route6 delete net dst 3ffe 0 0 14 gateway 3ffe 0 0 13 4 prefixlen 64 ...

Page 394: ...F 8 Broadmore 1750 Release 4 6 IPv6 Support Deleting a Network Route ...

Page 395: ...APPENDIX G Broadmore Command List In this Appendix Commands Available at the Command Prompt Commands Available at the CLI Prompt ...

Page 396: ...type help command to obtain help on any of the listed commands arp netStackUdpStatsShow cammi netstat cat ping cd ping6 chargen6tcp prefixListShow chargen6udp pwd cli rd cmp resetSecurID comp resetSecurIDIp copy rm cp rmdir daytime6tcp route daytime6udp route6 del savert dir scp du selftest echo setbaud fipsmode setenv head settimeout help setwrite icmp6StatsShow showconfig ifconf sigmem ifconf6 s...

Page 397: ...on about the availability of commands based on user access level Commands Available at the CLI Prompt The commands listed below are available at the cli prompt Type at the command prompt to view the list of commands General Commands up cls quit help Level Commands sys maintain about mem tc6 mkdir timeoutStatsShow move touch mv ts6 nd6Cache uc6 netStackTcpPcbShow us6 netStackUdpPcbShow zeroize ...

Page 398: ...G 4 Broadmore 1750 Release 4 6 Broadmore Command List Commands Available at the CLI Prompt ...

Page 399: ...ndication Signal ANSI American National Standards Institute APM Alarm Power Module APS Automatic Protection Switching ARP Address Resolution Protocol AS Available Seconds ATM Asynchronous Transfer Mode AWG American Wire Gage BITS Building Integrated Timing System Bps Bits Per Second ...

Page 400: ...tion CDVT Cell Delay Variation Tolerance CES C Bit Errored Seconds CES Circuit Emulation SAM CIP Classic IP CLI Command Line Interface CPU Central Processor Unit CSES C Bit Severely Errored Seconds DSP Digital Signal Processor DS n Digital Signal level n EIA Electronic Industries Alliance ESD Electrostatic Discharge FCC Federal Communications Commission FEAC Far End Alarm Control FTP File Transfer...

Page 401: ...ation LED Light Emitting Diode LES Line Errored Seconds LIS Logical IP Subnetwork LIU Line Interface Unit LOCD Loss of ATM Cell Delineation LOF Loss of Frame LOP Loss of Pointer LOS Loss of Signal MAC Media Access Control MBR Multi bit rate Mbps Megabits per second MIB Management Information Base NEBS Network Equipment Building System NIM Network Interface Module ...

Page 402: ...ation PES P Bit Errored Second PLOA Protocol Layer Over ATM POST Power On Self Test PSES P Bit Severely Errored Seconds PWR Power RDI Remote Defect Indicator RMA Return Material Authorization RX Receive SAM Service Access Module SAR Segmentation and Reassembly SEFS Severely Errored Framing Seconds SEQ Sequence Errors SG Signal Ground SNMP Simple Network Management Protocol SONET Synchronous Optica...

Page 403: ...Broadmore 1750 Release 4 6 Glossary 5 Glossary TBD To Be Determined TX Transmit UAS Unavailable Seconds UNI User Network Interface VGA Video Graphics Adapter VOM Volt Ohm Meter ...

Page 404: ...oriented data traffic requiring minimal sequencing or error detection support Broadband Bearer Capability A bearer class field that is part of the initial address message BCOB Broadband Connection Oriented Bearer information in the SETUP message that indicates the type of service requested by the calling user BCOB A Bearer Class A indicated by ATM end user in SETUP message for connection oriented ...

Page 405: ...s Timing requirements that address the restrictions on the amount of time a cell can take in getting from source to destination Point to Point Connection A connection with two endpoints default in CES CBR configuration Point to Multipoint Connection A collection of associated ATM VC or VP links with associated endpoint nodes with the following properties 1 One ATM link called the Root Link serves ...

Page 406: ... the ATM performance parameters for at least one of the Service Classes Service Class A B C or D from ITU T recommendation I 362 in a reference configuration that may depend on mileage and other factors QoS Classes are currently defined as Class 1 supports a QoS that will meet Service Class A performance requirements circuit emulation constant bit rate video Should yield performance comparable to ...

Page 407: ...ction After signaling is finished it drops out of the way and the established connection is used to move data This moving of payload data is done in the user plane Control and user planes are parts of the conceptual model of ATM Variable Bit Rate An ATM Forum defined service category supporting variable bit rate data traffic with average and peak traffic parameters ...

Page 408: ...Glossary 10 Broadmore 1750 Release 4 6 Glossary ...

Page 409: ...1 10 1 24 IOM 1 25 Alarms 1 9 APM 1 24 Configuration 1 10 Installation 5 10 IOM 1 25 IOM Installation 5 12 Slots 1 10 Application Planning Guide 2 2 Applications 1 3 APS 7 25 Architecture System 1 7 2 6 Archiving Audit Trails 10 15 11 32 AS 8 7 ATM 7 14 Address 7 11 Bandwidth per Cell Bus 2 11 Bandwidth per Module 2 12 Interfaces 1 4 IP Address 7 15 Network Loading 2 12 Payload Scramble Mode 7 39 ...

Page 410: ...FIG CURRENT 7 3 CONFIG DEFAULTS 7 3 CONFIG User Name 7 3 Name 7 8 CAMMI Access 7 7 C bit 7 44 7 51 7 52 7 58 CBR Service Type 7 56 CCEVS iii CCV 8 7 Cell Starvation 7 47 7 60 7 61 Cell Bus ATM Bandwidth 2 11 Configuration 2 8 Cell Starvation 7 46 Central Processing Unit 1 10 CES 8 7 Change Password 10 11 Changing Security Modes 11 17 Chassis 1 8 Access 5 5 5 15 Broadmore 1750 2 15 Cover Removal 5 ...

Page 411: ... 6 11 Ethernet 6 11 NIM IOM 6 8 Optical Interface 6 6 Power Supply 6 12 Remote Shutdown 6 11 SAM IOM 6 8 Serial Port 6 11 Structured DS3 IOM 6 10 Unstructured DS3 3 IOM 6 9 User Equipment 6 8 Connector Broadmore Power Input 6 14 Contact Information 2 15 Cover Fuse Part Number 2 16 Removal 5 5 5 15 Replacement 5 13 5 16 CPU 1 10 1 22 7 4 7 11 7 34 Configuration 1 10 Disk On Chip Replacement 2 16 In...

Page 412: ...irs Generating 11 8 E E3 IOM 1 17 1 20 SAM 1 16 Unstructured Configuration 7 57 E3 3 IOM Connections Unstructured 6 9 ELAN Name 7 18 Electrical Requirements 6 3 Electrostatic Discharge ESD Precautions viii Enabling 11 18 Equipment Connections IOM 6 8 Errors Messages Software C 1 Setup C 4 System C 3 Ethernet 7 4 7 14 Connections 6 11 Excessive C bit Errors 7 46 7 48 7 49 7 53 7 55 7 61 7 62 F bit ...

Page 413: ...ning 2 2 Ordering 2 1 2 15 Planning 2 1 Guidelines OC 12c NIM Configuration 2 9 2 10 H Hardware Revision Showing 9 9 Help About Security 11 17 I ICMP Messages 10 17 11 24 Idle 7 46 7 47 7 48 7 54 7 61 7 62 Individual Modules NIM and IOM 2 17 Modules SAM and IOM 2 18 Information Contact 2 15 Input Connector Broadmore Power 6 14 Input Output Module 1 10 Inspection of Goods 3 3 Install Single or Dual...

Page 414: ...nt 8 34 IOM Connections CPU 6 11 Structured DS3 6 10 Unstructured DS3 3 6 9 Unstructured E3 3 6 9 User Equipment 6 8 IP Address 7 14 7 34 ICMP Messages 10 17 11 24 Traffic 7 14 IP Address CPU 7 34 IPv6 Addresses Adding F 2 Configuring F 2 Deleting F 3 Displaying F 2 Pinging F 4 Routes Adding F 5 Displaying F 6 IPv6 Ready iv J JITC Validated iv Jumpers BITS 5 9 Reboot 5 12 Resync 5 11 K Key DSA 11 ...

Page 415: ...ency 2 4 Modifying a User 10 12 11 29 Module ATM Bandwidth per 2 12 Configuration 1 10 7 37 Configure How to 7 38 Descriptions 1 12 Individual NIM and IOM 2 17 Individual SAM and IOM 2 18 Installation 5 1 5 3 Installation Overview 5 4 Installation Procedures 5 3 Installation Sequence 5 8 Locations 5 6 NIM and IOM Sets 2 17 NIM Individual 2 17 Options NIM 2 17 SAM 2 18 Redundancy 7 25 SAM and IOM I...

Page 416: ...rk Interface Module 2 17 Network Interface Module NIM 2 17 Service Access Module 2 18 Service Access Module SAM 2 18 Ordering Guide 2 1 2 15 Overview 7 2 Module Installation 5 4 SNMP 12 2 P Password 7 7 7 10 PCV 8 7 Peak Cell Rate 7 15 PES 8 7 Physical Interfaces 1 6 Planning Factors Installation 2 13 System 2 6 Planning Guide 2 1 Application 2 2 PLOA AAL5 8 14 Port Configuration 9 6 Mode 7 44 7 5...

Page 417: ...olatility 11 50 Resiliency Mission Critical Circuit 2 4 Restore Configuration 7 71 Resync Jumpers 5 11 Reverting Protection Mode 7 25 RFC 1577 7 4 7 14 RS 232 7 4 RSA SecurID Authentication 11 2 S Safety Information vi SAM 7 38 Configuration 1 10 Configuration Protection 1 10 DS3 Structured 1 18 DS3 Unstructured 1 15 E3 1 16 Installation 5 10 IOM Connections 6 8 IOM Installation 5 11 IOM Protectio...

Page 418: ...zed Access 10 19 11 41 fipsmode 10 19 Shutdown Connections Remote 6 11 Signal Degradation SD 7 28 Slot Statistics 8 4 Slots APM 1 10 CPU 1 10 NIM 1 10 SAM 1 10 SNMP 7 4 Access 12 19 Access Edit Rules 12 22 Access Policy 12 22 Communities 12 24 Configuration 12 1 Group Edit Rules 12 15 Groups 12 13 Notifications 12 37 Notify Filters 12 40 Notify Profiles 12 42 Overview 12 2 Properties 12 3 Target P...

Page 419: ...m Architecture 1 7 2 6 Clock 10 7 10 8 11 14 11 15 Configuration 7 70 Errors C 3 Features 1 7 Log 7 34 Planning Factors 2 6 Services Configuration 7 8 System Log 10 15 11 32 T Target Notifications SNMP 12 37 Parameters 12 35 Targets SNMP 12 33 TDM Circuit Aggregation and Backhaul 2 3 Telnet 7 4 Threshold 7 28 Time System 10 7 11 14 Timing BITS 7 40 Tools 6 3 Fan Tray Replacement 5 15 Installation ...

Page 420: ...2 11 29 Security Configuration 7 23 User Edit Rules 12 12 User Edit Rules SNMPv3 12 12 Users Managing 10 10 USM VACM 12 8 USM VACM Access 12 19 Configuration 12 6 Groups 12 13 Users 12 8 Views 12 16 V Validation DISA iv FIPS 140 2 iv JITC iv NEBS v View Edit Rules SNMPv3 12 18 Views USM VACM 12 16 Virtual Channel 7 20 Virtual Path 7 20 W Warranty ix Limitations x Procedure ix Product Returns xii Z...

Reviews:

No comments

Related manuals for Broadmore 1750

Brand: Aastra Pages: 2

Brand: Lanpro Pages: 5

TotalStorage SAN16M-R SAN

Brand: IBM Pages: 116

Brand: TP-Link Pages: 2

Brand: ADTRAN Pages: 20

Brand: JLCooper Electronics Pages: 12

Brand: Black Box Pages: 12

Brand: Matrix Switch Corporation Pages: 48

Brand: Atlantis Land Pages: 2

Brand: Actisense Pages: 14

Brand: ActionTec Pages: 83

CloudVision DCA-CV-100

Brand: Arista Pages: 46

Brand: MikroTik Pages: 7

Brand: D-Link Pages: 59

Brand: D-Link Pages: 28

Brand: D-Link Pages: 3

Brand: D-Link Pages: 67

Brand: D-Link Pages: 40

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands