InfiNet R5000 series User Manual Download Page 76 | Manualshive

Page: 76 / 122

background image

Chapter 2 - Features set

User Manual

R5000 series - Web GUI

67

2.4.6. IP Firewall

IP  Firewall  is  a  mechanism  of  filtering  packets  crossing  an  IP  network  node,
according  to  different  criteria.  System  administrator  may  define  a  set  of  incoming
filters and a set of outgoing filters. The incoming filters determine which packets may
be  accepted  by  the  node.  The  outgoing  filters  determine  which  packets  may  be
forwarded by the node as a result of routing. Each filter describes a class of packets
and defines how these packets should be processed (reject and log, accept, accept
and log).

Packets can be filtered based on the following criteria:

Protocol (IP, TCP, UDP, ICMP, ARP)

Source address and/or destination address (and port numbers for TCP and
UDP)

The inbound network interface

Whether the packet is a TCP/IP connection request (a packet attempting to
initiate a TCP/IP session) or not

Whether the packet is a head, tail or intermediate IP fragment

Whether the packet has certain IP options defined or not

The MAC address of the destination station or of the source station

The figure below illustrates how packets are processed by the filtering mechanism
of the router:

Incoming filters

Outgoing filters

3

2

1

Incoming

packets

Packets addressed

to node 3

Packets starting

from node 1

Packets addressed

to node 2

Figure 48 - IP Firewall

There are two classes (sets) of filters - prohibiting (reject) and permitting (accept).

«
...
74
75
76
77
78
...
»

Summary of Contents for R5000 series

Page 1: ...R5000 series Web GUI Software Version MINTv1 90 11 Last updated 8 31 2014 User Manual ...

Page 2: ...rranties of merchantability and fitness for a particular purpose and non infringement with respect to the software Units of product including all the software delivered to purchaser hereunder are not fault_ tolerant and are not designed manufactured or intended for use or resale in applications where the failure malfunction or inaccuracy of products carries a risk of death or bodily injury or seve...

Page 3: ...ment or otherwise even if advised of the possibility of such damages To the extent permitted by applicable law in no event shall the liability for damages hereunder of Infinet Wireless or its employees or agents exceed the purchase price paid for the product by purchaser nor shall the aggregate liability for damages to all parties regarding any product exceed the purchase price paid for that produ...

Page 4: ... the routine tasks and basic scenarios like setting up a basic PTP link setting the MAC switching options using test configuration firmware upgrade etc This manual is designed for individuals who prefer using a graphical user interface GUI for configuring and managing R5000 series devices It is intended for the following audiences Customers with technical knowledge of and experience with IP networ...

Page 5: ... 2 3 4 Extended Interface Statistics 13 2 3 5 Extended Switch Statistics 32 2 4 Basic Settings 34 2 4 1 System Settings 35 2 4 2 Network Settings 37 2 4 3 Link Settings 42 2 4 4 Static Links 49 2 4 5 MAC Switch 49 2 4 6 IP Firewall 67 2 4 7 SNMP 70 2 4 8 QoS Options 74 2 4 9 Traffic Shaping 76 2 4 10 Extra Commands 78 2 4 11 Apply Test and Preview the configuration 80 2 5 Maintenance 80 2 5 1 Firm...

Page 6: ...10 Radio Sources Analysis 15 Figure 11 QoS Statistics 17 Figure 12 The Network Address Table for the local unit 18 Figure 13 The Network Address Table for the remote unit 18 Figure 14 Extended Link Diagnostic 19 Figure 15 Performance test 20 Figure 16 Bi directional performance test output 21 Figure 17 Bi directional Use MINT performance test output 21 Figure 18 Alignment test 22 Figure 19 Alignme...

Page 7: ... Figure 40 Link Settings SLAVE node default configuration 44 Figure 41 Chain 48 Figure 42 Custom frequency grid 48 Figure 43 Switching Groups 50 Figure 44 Trunk Groups 51 Figure 45 Management configuration 1 52 Figure 46 Management configuration 2 53 Figure 47 MAC Switch default configuration 62 Figure 48 IP Firewall 67 Figure 49 QoS Options default configuration 75 Figure 50 Add a logical channel...

Page 8: ... the SVI interface 99 Figure 77 VLAN interface associated to the SVI interface 99 Figure 78 Remove the default Switch group 100 Figure 79 In Trunk mode untagged traffic 101 Figure 80 In Trunk mode tagged traffic 102 Figure 81 Management Switch group 102 Figure 82 Creat an SVI interface 103 Figure 83 Associate a Switch group to the SVI interface 103 Figure 84 VLAN interface associated to the SVI in...

Page 9: ...ble 9 Link Settings 47 Table 10 Qualifiers 55 Table 11 Primitives 61 Table 12 MAC Switch 64 Table 13 Switch Groups Rules 65 Table 14 IGMP Snooping 66 Table 15 IP Firewall 70 Table 16 SNMP Access 72 Table 17 SNMP Traps 73 Table 18 SNMP Trap Types 74 Table 19 QoS 76 Table 20 Logical channel parameters 77 Table 21 Traffic shaping rules 78 Table 22 Extra commands 79 Table 23 Firmware parameters 82 Tab...

Page 10: ...Getting started Chapter 1 ...

Page 11: ... using test configuration firmware upgrade etc 1 2 Abbreviations The following abbreviations are used in this document ATPC Automatic Transmit Power Control BS Base Station CINR Carrier to Interference Noise Ratio CLI Command Line Interface CPU Central Processing Unit DFS Dynamic Frequency Selection DHCP Dynamic Host Configuration Protocol DNS Domain Name System GRE Generic Routing Encapsulation G...

Page 12: ...MP Simple Network Management Protocol SNR Signal To Noise Ratio SNTP Simple Network Time Protocol SSH Secure Shell STP Spanning Tree Protocol SVI Switch Virtual Interface TAP Network TAP TCP Transmission Control Protocol TUN Network TUNnel VLAN Virtual Local Area Network VPN Virtual Private Network 1 3 Document marks CAUTION All caution warnings are marked with a special warning sign One should pa...

Page 13: ...Features set Chapter 2 ...

Page 14: ...DFS operation 2 2 R5000 unit access When you power on the unit WANFleX OS starts automatically and Web management is enabled by default so in order to access the unit via Web browser start the graphical user interface type in the address bar http unit IP address NOTE By default since v1 90 0 the access to the device is available through svi1 interface at the IP address 10 10 10 1 24 for further de...

Page 15: ...th SSL only using InfiNet Wireless self signed certificate from the Maintenance menu of Web interface The HTTPS Connection link is available in the right side of the login form Figure 2 HTTPS connection 2 3 Device Status The Device Status page is displayed by default after the authentication step It displays the main parameters of the unit in real time You can set the Auto Refresh option to refres...

Page 16: ...U load displays the load percentage of the CPU Memory load Memory the data stored in volatile memory are valid only during the current session until the system reset displays in real time the total memory available and the used memory by the running processes Flash memory non volatile memory displays in real time the total memory available and the used memory by the WANFleX and configuration files...

Page 17: ...rface whether it is up and running or not Mode Displays the operation mode of each interface E g 10 100 or 1000 Mbps and half or full duplex for the Ethernet interface Bitrate frequency and bandwidth for the Radio interface Switch Group number for the SVI Packets Displays the number of received and transmitted packets for each interface since the unit is operational The local system packets are co...

Page 18: ...ht side of Interface Statistics section e g MINTv1 90 5 2 3 2 Wireless Links Statistics This section displays the following information for the radio interface of the unit Node name and ID Noise level Number of established links ATPC status activated or deactivated Autobitrate status activated or deactivated Polling mode Parameter Description Link Quality Gives a color indication for the wireless ...

Page 19: ...x signals of the neighbor unit Retries Displays the percentage of Tx and Rx retries of the neighbor unit Errors Displays the percentage of Tx and Rx errors of the neighbor unit Load Displays the number of kbps and packets that are going inbound and outbound the radio interface of the neighbor unit main data Table 2 Wireless Links Statistics 2 3 3 Switch Statistics This section displays the number ...

Page 20: ...reach all nodes in the network in flooding STP Spanning Tree Protocol standardized as IEEE 802 1D Creates a spanning tree within a network of connected layer 2 bridges typically Ethernet switches and disables those links that are not part of the spanning tree leaving a single active path between any two network nodes The value displayed in the Switch Statistics table represents the number of the p...

Page 21: ...urce Discard The value displayed in the Switch Statistics table represents the number of the packets dropped by the configuration e g switch group N start discard MAC Limit MAC address table limit reached switch maxsources MAXSOURCES 0 default 5000 The value displayed in the Switch Statistics table represents the number of the packets dropped because the limit of MAC address table was reached Reve...

Page 22: ... In order to access the Extended Interface Statistics tools click on the row of each interface within the Interface Statistics section Figure 8 Extended Interface Statistics 2 3 4 1 General Statistics The General Statistics tool displays the information about the interface such as the interface mode current status Rx and Tx statistics etc The actual statistics details depend on the interface type ...

Page 23: ...radio links utilization analyzing the radio frequency environment for the current frequency under the current channel bandwidth without the radio link interruption and displays the following statistics Radio parameters of every source in the radio link Number of sources number of packets including the skipped ones Number of pulses their average level and average number of pulses per second ...

Page 24: ...efined node not authenticated LD Locally defined node disabled A Not authenticated MINT node Own MAC address Table 4 Node types By pressing the Close button you return to the Device Status page The Auto Refresh option is active by default and refreshes the statistics automatically You can disable the auto refresh 2 3 4 3 QoS statistics QoS Quality of Service characterizes the entire network perfor...

Page 25: ...ed Fair Queuing scheduling algorithms Strict Priority Queuing means that the packets from queue with lower priority are not processed until the queue with higher priority is not empty Weighted Fair Queuing uses weights for every queue of an interface and allows different queues to have different service shares depending on that weight Every channel is also characterized by the latency parameter Th...

Page 26: ...M_PRIO_BUSINESS8 00 00 00 CS0 000000 No priority 01 01 08 CS1 001xxx No priority 02 02 16 CS2 010xxx QM_PRIO_BUSINESS1 03 03 24 CS3 011xxx QM_PRIO_QOS3 04 04 32 CS4 100xxx QM_PRIO_VIDEO 05 05 40 CS5 101xxx QM_PRIO_VOICE 06 06 48 CS6 110xxx QM_PRIO_NETCRIT 07 07 56 CS7 111xxx Table 6 MINT priority to 802 1p TOS priority DSCP map This section displays the number of inbound packets to each priority q...

Page 27: ...ddress Table for the remote unit By pressing the Close button you return to the Device Status page The Auto Refresh option is active by default and refreshes the statistics automatically You can disable the auto refresh 2 3 4 5 Extended Link Diagnostic Once a wireless connection between the unit and the remote neighbor is established it is possible to make extended diagnostics and optimization for...

Page 28: ...tests tool generates traffic between the devices and displays the channel throughput for the traffic with chosen priority For the full throughput tests of the channel you must set the highest priority 0 for the test traffic In this case the transmission of any other traffic will be stopped for the testing time and the traffic generated by the tool will occupy all the channel The Performance tests ...

Page 29: ...ng Select all check box all the bitrates could be selected or deselected at once Three more parameters are available for management Test time parameter allows setting the duration in seconds of the test for each bitrate 5s by default Bi directional check box allows choosing between bi directional when checked and unidirectional when unchecked performance test Use mint check box allows performing M...

Page 30: ...onsists of the bitrates that correspond to the channel bandwidth set on the unit 5 10 20 40MHz To perform the tests for the bitrates related to the other channel bandwidth you need to reconfigure the channel bandwidth the Channel Width parameter in the Radio Setting section of the Basic Settings page on both units within the tested link Examples given 1 Bi directional performance test output descr...

Page 31: ...e 18 Alignment test By pressing the Start Test Stop Test buttons at the bottom of the page you can start stop the alignment test By pressing the Clear History button you delete all data stored from the moment you pressed the Start Test button By pressing the Exit Test button you return to the Device Status page Once the test is started the antenna alignment can be monitored using the graphic and t...

Page 32: ...dB indicator of antenna number 0 vertical polarization Chain 1 Signal Level input signal level measured in dB indicator of antenna number 1 horizontal polarization Error Vector Magnitude EVM indicator of the measured input signal quality it should be as high as possible in absolute value the recommended level is not less than 21 dB some old firmware had EVM value positive but most the firmware has...

Page 33: ...d signal When the top of the stripe changes its location moving from one point on the background area to another it leaves pink and blue marks behind indicating the maximum and minimum measured levels of the signal at a particular point Thus it makes possible to observe the history of the signal changes You can clear the marks by pressing the Clear History button at the bottom of the page Main rec...

Page 34: ...signals of the two antennas of the device should have similar Cross fading values Input Signal stripes should be symmetrically to the value of 0dB ALL described recommendations are applicable to both Local and Remote sections Link samples Good link sample Figure 20 Alignment test graphical indicator positive example Bad link sample ...

Page 35: ...ng modes are available real time monitoring daily and monthly data logs display use the dropdown menu from the top of the page to change the mode The system displays by default the daily data logs All charts support simultaneous zoom to improve usability the zoom in action in a certain region on any of the charts reflects on all other charts that are re scaled automatically to display the data col...

Page 36: ...tton and drag the graphs to the pan Double click on any chart to reset the zoom The parameters that can be monitored are Figure 23 Statistics Graphs RX TX Ref Level This chart displays the measured RX green and TX blue signal levels Red regions represent link outages The default graph uses the CINR measurement method however the RSSI method can be selected from the drop down menu ...

Page 37: ...vides a quick estimation of the link quality Similar to the previous graph RX retries are represented by the green lines TX retries by the blue lines and link outages by the red lines Figure 25 Statistics Graphs RX TX Bitrate The Bitrate chart displays the bitrate for each of the two units in the link These parameters indicate the link quality too ...

Page 38: ...yellow lines represent the total link load the green lines represent the RX load and the blue lines represent the TX load Figure 27 Statistics Graphs CPU Load unit temperature The last chart displays the current CPU load and unit temperature only for the units equipped with temperature sensors You can view the six graphs presented above into one or two columns per page by pressing the Change Layou...

Page 39: ... Command field and all output from the display section by pressing the Clear button Stop a command execution during the execution phase by pressing the Stop Execution button By pressing the Close button you return to the Device Status page You can choose between plain and rich text format by marking unmarking the corresponding checkbox You can execute the same command from the BS to all CPEs in th...

Page 40: ...d with system log show command By pressing the Routing Table button you fill in the Command field with netstat r command By pressing the ARP Table button you fill in the Command field with arp view command By pressing the Switch Statistics button you fill in the Command field with switch statistics command By pressing the Link Status button you fill in the Command field with mint map detail comman...

Page 41: ...the link options A warning message pops up before the link restart If the operation is executed the link disappears from Device Status page until it is reestablished again Figure 29 Link restart Figure 30 Link restart warning message 2 3 5 Extended Switch Statistics Extended Switch Statistics tools allow gathering complete information and enhanced statistics for each group of the unit In order to ...

Page 42: ...h group including kernel Figure 32 Switch DB Statistics By pressing the Close button you return to the Device Status page The Auto Refresh option is disabled by default You can enable the auto refresh in order to have the statistics automatically refreshed 2 3 5 2 Switch VLAN Statistics The Switch VLAN Statistics tool gathers complete information and enhanced statistics for each VLAN created Figur...

Page 43: ...d line interface only The commands that do not have the enhanced parameters displayed in Web interface are sys ifconfig prf qm tun route mint switch svi lag sntp dhcpc please consult the information about the Extra Commands section within the current chapter below The settings of these enhanced parameters will be lost after saving the configuration via Web interface The warning message below is di...

Page 44: ...he information at the end of the Basic Settings page in order to find out the output of the Apply Test and Preview buttons for the new configuration performed Figure 35 System Settings default configuration General System Parameter Description Device Name You can set the device name This parameter is displayed in the web page header User Name Displays the username Login used to access the unit man...

Page 45: ...PS only in the corresponding checkbox By default this option is disabled Start SNTP You can start SNTP service by marking the option Start SNTP in the corresponding checkbox By default this option is disabled SNTP IP Address You can set the IP address of a valid SNTP server The unit must have an active connection with the SNTP server in order to receive time services Time Zone You can set the time...

Page 46: ...allowed to change the parameters only For the following layer 2 and 3 logical interfaces you are allowed to add by pressing the corresponding buttons and specifying the interface number remove and change the parameters of the interface Pseudo Radio Interface prfX can be attached to the Ethernet interface in order to allow it to work as a radio interface using the MINT protocol so that the node can...

Page 47: ...ss to the unit management via this switching group This interface becomes part of this switching group and can participate in the exchange of information with other group members so that any packets received by the group according to its rules or addressed to the sviX directly or copies of multicast broadcast packets will be received by the unit through the sviX This interface allows getting the r...

Page 48: ...e DHCP obtain an IP address automatically DHCP option is disabled by default Set the interface description up to 72 characters Set the interface mode e g 1000BaseTX fullduplex The default value is Auto recommended rfX Configure the IP address es and the mask of the interface Enable disable the interface Enable disable DHCP obtain an IP address automatically DHCP option is disabled by default Set t...

Page 49: ...characters Remove the interface Set the parent interface to be transmitted the encapsulated packets assign the PRF interface to the physical Ethernet interface Set the channel number from 0 to 3 on which the frames are sent and received by the parent interface Both PRF interfaces of the two units in the link must have the same channel assigned in order to establish the wireless link vlanX Configur...

Page 50: ... and the mask of the interface Enable disable the interface Enable disable DHCP obtain an IP address automatically Set the interface description up to 72 characters Remove the interface Set the tunneling mode IPIP or GRE tapX Configure the IP address es and the mask of the interface Enable disable the interface Enable disable DHCP obtain an IP address automatically Set the interface description up...

Page 51: ...e administrator s computer should go through the radio interface to the border router NOTE Read the information at the end of the Basic Settings page in order to find out the output of the Apply Test and Preview buttons for the new configuration performed 2 4 3 Link Settings In the Link Settings section two node types can be configured Master can establish connections with all other types of nodes...

Page 52: ...adio channel by listening each other s transmission The polling regime makes it possible to establish reliable communication between subscribers when the ordinary CSMA CA wireless access method does not work at all Despite a slight decrease in the maximum transmission speed the polling mode substantially increases the total throughput of a base station and provides for its fair distribution betwee...

Page 53: ... CPEs can be linked to more than one BS either in fixed nomadic or mobile situations for the redundancy purpose different profile for each BS When the CPE tries to establish a wireless connection it chooses the BS with better radio parameters e g better SNR less retries etc If the connected BS is down the CPE retries to connect to it and after a number of unsuccessful attempts it searches to conne...

Page 54: ...n only after a hold down interval the link is switched automatically to another frequency Frequency Range List Set the frequencies that are allowed to be chosen by the DFS mechanism available only when the DFS system is enabled It is available to support the legacy products Note that this option is different from the Custom Frequency Grid tool which allows narrowing down the frequency range availa...

Page 55: ...0 Kbps Acts as a top limit for the bitrate if the autobitrate mechanism is turned on By default it is turned on it is strongly recommended to remains on Adjust the Autobitrate system thresholds when the remote SNR doesn t have the normal level Channel Type Set Dual MIMO recommended or Single MISO channel type MIMO uses multiple antennas at both the transmitter and receiver side to improve communic...

Page 56: ...at both ends of the link Table 9 Link Settings CAUTION Please note that in some countries switching DFS off and or failing to detect public service radar signals are against the regulations and may result in legal action Beside the main radio parameters above the following options are available in the General Settings Enable link enable disable the wireless link for the radio interface by default ...

Page 57: ...Single mode is set Tx or Rx of Chain 1 can be deactivated Figure 41 Chain The licensed frequencies range per each bandwidth is displayed in the Link Settings section You can limit the licensed frequencies range per each bandwidth in Custom Frequency Grid column The range of frequencies set in Custom Frequency Grid will be available in the Frequency dropdown list from the radio profiles and in DFS ...

Page 58: ... you create a new fixed link to the unit By pressing the Remove button you can delete an already created fixed link NOTE Read the information at the end of the Basic Settings page in order to find out the output of the Apply Test and Preview buttons for the new configuration performed 2 4 5 MAC Switch 2 4 5 1 Switch configuration The Switch configuration is based on a set of rules for the switchin...

Page 59: ... mesh topology there is no need to create switching groups Group 2 Group 1 1 2 3 4 5 6 Figure 43 Switching Groups In order to put an incoming frame into one of the switching groups a set of flexible rules is used which allow sorting frames according to various criteria like VLAN tag Protocol type Addresses MAC IP Ports Any PCAP expressions 2 4 5 3 Trunk groups Trunk group is a switching group in t...

Page 60: ... Trunk N BS CPEs Figure 44 Trunk Groups Trunk groups may also be used to solve the task of connecting several VLAN segments Special rules on interfaces allow flexible manipulations with VLAN ID tags deleting assigning and re assigning please consult the information provided in WANFleX OS User Manual 2 4 5 4 Management connection to the unit For the management purposes you can create a dedicated Sw...

Page 61: ...ces see section 3 3 Creating a Management VLAN interface vlanX vlanY svi 1 IP tagged IP tagged IP untagged Group 1 eth0 IP rf5 0 IP Figure 45 Management configuration 1 NOTE Make sure that the group can and will accept traffic in vlanX and vlanY An alternative way to configure Management VLAN via dedicated switch group is presented in the figure below which illustrates the step by step sequence an...

Page 62: ...n the frame enters to MINT network through one of its external ports When leaving the network no rules are required as the frame already belongs to one of the switching groups and it will be automatically forwarded to an external port s that belongs to the corresponding switching group NOTE Frames originated by MINT network nodes e g containing RIP OSPF ping packets etc do not belong to any of the...

Page 63: ... of rules is viewed further Rules are taken one at a time If a packet does not match to any rule the default decision for this group or interface is taken The expression selects which packets will fit into the group Only the packets for which the expression is true will be matched to the group The expression consists of one or more primitives Primitives usually consist of an id name or number prec...

Page 64: ...assumed proto Qualifiers restrict the match to a particular protocol Possible protos are ether ip ip6 arp rarp tcp and udp E g ether src 00 12 13 14 15 16 arp net 128 3 tcp port 21 udp portrange 7000 7009 If there is no proto qualifier all protocols consistent with the type are assumed E g src 1 1 1 1 means ip or arp or rarp src foo except the latter is not legal syntax net 1 2 3 0 24 means ip or ...

Page 65: ...ource address is ehost ether host ehost True if either the Ethernet source or destination address is ehost dst net net True if the IPv4 destination address of the packet has a network number of net src net net True if the IPv4 source address of the packet has a network number of net net net True if either the IPv4 source or destination address of the packet has a network number of net net net mask...

Page 66: ... length greater than or equal to length This is equivalent to len length ip proto protocol True if the packet is an IPv4 packet of protocol type protocol Protocol can be a number or one of the names icmp icmp6 igmp igrp pim ah esp vrrp udp or tcp The identifiers tcp udp and icmp are also keywords and must be escaped via backslash which is in the C shell This primitive does not chase the protocol h...

Page 67: ... those protocols The exceptions are iso stp and netbeui WANFleX checks for an 802 3 frame and then checks the LLC header as it does for FDDI Token Ring and 802 11 atalk WANFleX checks both for the AppleTalk etype in an Ethernet frame and for a SNAP format packet as it does for FDDI Token Ring and 802 11 aarp WANFleX checks for the AppleTalk ARP etype in either an Ethernet frame or an 802 2 SNAP fr...

Page 68: ... MPLS packet If label_num is specified only true is the packet that has the specified label_num The first mpls keyword encountered in expression changes the decoding offsets for the remainder of expression on the assumption that the packet is a MPLS encapsulated IP packet The mpls label_num expression may be used more than once to filter on MPLS hierarchies Each use of that expression increments t...

Page 69: ...le 0x80000000 and 0xffffffff are 0 To access data inside the packet use the following syntax proto expr size Proto is one of ether fddi tr wlan ppp slip link ip arp rarp tcp udp icmp and indicates the protocol layer for the index operation ether fddi wlan tr ppp slip and link all refer to the link layer tcp udp and other upper layer protocol types only apply to IPv4 The byte offset relative to the...

Page 70: ...pecial to the Shell and must be escaped Negation or not Concatenation or and Alternation or or Negation has highest precedence Alternation and concatenation have equal precedence and associate left to right Note that explicit and tokens not juxtaposition are now required for concatenation If an identifier is given without a keyword the most recent keyword is assumed For example not host 1 1 1 1 an...

Page 71: ...ation for the unit management Create Management by pressing this button you can add a vlanX and an sviX interface for the unit management via Web interface please consult the configuration examples presented in chapter 3 Switch Group configuration section Switch parameter Description Group Displays the Switch Group number Assign the switch group identifier must be unique within the MINT network se...

Page 72: ... Flood Allow deny unlimited unicast flood without protection filter Inband Allow deny access to the device through in band broadcast multicast management traffic It is enabled by default Mode Set the working mode of the switching group normal trunk in trunk give it the trunk group number created on the BS upstream downstream Normal standard mode the switch group operation is based on the configure...

Page 73: ... the packet priority to the specified value only if the processed packet has a lower priority Set used to assign a new priority regardless of the value already assigned to the packet In the absence of any Switching rule or if a packet does not match to any Switching rule the default priority is allocated Table 12 MAC Switch You can change the list order of the switch group using the up down arrows...

Page 74: ...te button Table 13 Switch Groups Rules NOTE In all three types of filters Switching IP Firewall and Traffic Shaping there is the same syntax called PCAP expression for setting a rule It is a universal tool for creating filters 2 4 5 8 IGMP Snooping In this section you can set the IGMP parameters for the groups for which support of IGMP snooping is enabled the IGMP check box is marked for these gro...

Page 75: ...urce IP in all IGMP reports query packets Last Member Query Timeout LMQT Set the timeout in seconds Group Membership Interval GMI Set the interval in seconds Multicast Group Limit Set the limit number for the multicast group Enable Querier Start stop the IGMP querier VLAN Set the IGMP querier VLAN ID in case of a VLAN broadcast domain Disable Election Enable disable the IGMP querier election proce...

Page 76: ...based on the following criteria Protocol IP TCP UDP ICMP ARP Source address and or destination address and port numbers for TCP and UDP The inbound network interface Whether the packet is a TCP IP connection request a packet attempting to initiate a TCP IP session or not Whether the packet is a head tail or intermediate IP fragment Whether the packet has certain IP options defined or not The MAC a...

Page 77: ... forwarding filters Information on packets rejected by any filter is displayed on the operator s terminal and the packets themselves are discarded without any notice to their sender A packet advancing through a set of filters is checked by every filter in the set from the first one till the end of the set or until the first matching filter The algorithm is the following 1 If the filter set is empt...

Page 78: ...iority to the specified value only if the processed packet has a lower priority Set used to assign a new priority regardless of the value already assigned to the packet Log Enable disable filter actions logging in the system log Direction Set the input output direction for applying the new rule Input the rule is used to process inbound traffic Output the rule is used to process outbound traffic an...

Page 79: ...he agent and the management stations The agent sends data to the management station The management station collects data from all the agents on the network You can set several destinations of traps with individual set of traps as well as several users with individual access rights The agent sends alerts called traps see Traps zone and answers requests that were sent by the management station The m...

Page 80: ...ed by accepted community names In SNMP v 1 and v 2c the community name passes along with the data packet in clear text Contact Set the contact information Used as a reference information about the device owner Location Set the geographical location where the unit is installed Used as a reference information about physical device s location User Name Set the authorization user name of SNMP v 3 Pass...

Page 81: ...support module which acts as an agent that performs a centralized information delivery from unit internal subsystems to the SNMP server This zone focuses on SNMP Traps agent configuration In this section you can view and edit the current SNMP traps settings You can clone remove and clear target and traps by pressing the corresponding buttons SNMP traps parameter Description Enable SNMP Traps Enabl...

Page 82: ...rap types Description topoGroup Events about topology changes in MINT network topoEvent Number of neighbors or their status has changed full neighbor list newNeighborEvent A new Neighbor has appeared lostNeighborEvent The Neighbor has been lost radioGroup Events which are related to changes of radio link parameters radioFreqChanged The Frequency has changed radioBandChanged The Band has changed mi...

Page 83: ...rly authenticated SNMP protocol message has been received syslog Events about messages recorded in a system log Table 18 SNMP Trap Types Press the Clone button if you need to setup multiple SNMP servers Each server can have an individual set of traps directed toward it Press the Clear button in order to clear all check boxes for the current server NOTE Read the information at the end of the Basic ...

Page 84: ... regardless of the source or the destination IP Detect and prioritize the RTP packets for example if the packet is recognized as a voice packet then it gets the priority 2 regardless of the previously assigned priority Enabled by default Dot1p Tags Enable disable automatic prioritization for the packets tagged with IEEE 802 1p priority tags Detect and prioritize the packets using 802 1p tags Enabl...

Page 85: ...ge in order to find out the output of the Apply Test and Preview buttons for the new configuration performed 2 4 9 Traffic Shaping The Traffic Shaping section allows you to manipulate the data streams going through the device You can create up to 200 logical channels characterized by different properties such as priority levels and data transfer rates and then to assign the data streams to these l...

Page 86: ...ified value only if the processed packet has a lower priority Set used to assign a new priority regardless of the value already assigned to the packet Redirect To Set the gateway IP address only for the router mode The whole stream is redirected to the specified IP address regardless of the current routing configuration It may be useful when the router serves as a network access unit and two or mo...

Page 87: ...erface for applying the new rule All the available interfaces are displayed in the dropdown list physical and logical If any option is used the rule will be applied to all available interfaces Group Set the Switch Group number for the applying of the new rule The Switch Group must be prior created Rule Set the packet capture filter It is the same syntax called PCAP expression as in the Switching s...

Page 88: ...r Description Command Select the command to add it to the device configuration Parameters Insert the string to specify the command parameters and options Please refer to WANFleX OS User Manual for the full explanation of all command parameters and options Disabled Check this option in order to disable the command temporarily Table 22 Extra commands Up Down arrows allow you to organize the command ...

Page 89: ...e options to extend the grace period or immediately accept reject the changes By pressing the Preview Configuration button you can view the configuration results in CLI style format A warning message is displayed in this section to inform about the consequences of saving configuration via Web or CLI interfaces Figure 52 Apply test and preview the configuration After pressing the Apply button for s...

Page 90: ...firmware build date Serial Number Displays the serial number of the unit Part Number Displays the part number of the unit It contains information about the unit type Platform Displays the processor model Uptime Displays the system up time since the last reboot Last Reboot Reason Displays the reason for the last reboot of the unit The options are Software fault Unexpected restart Manual restart Man...

Page 91: ...splays a warning message for 10s at each login to the Web interface if a new software version is available Figure 54 New firmware warning message NOTE It is not mandatory for the unit to have access to the Internet for this feature to work However the PC that is used to initialize the upgrade procedure must have access to InfiNet Wireless website both http and ftp In case of new software version a...

Page 92: ...oot the unit before using the new software version Figure 57 Firmware upgraded succesfully By pressing the Save New Firmware button you download the new firmware file locally on your PC If no new firmware version is available the system provides a full change log for the latest firmware release after pressing the Check Latest Release button ...

Page 93: ...ly the new changes 2 5 3 Download The Download section allows you to download locally to the management PC the current license firmware and configuration files by pressing the corresponding buttons Download License Download Firmware and Download Configuration 2 5 4 Bottom section of the page The following buttons are available Reboot button reboots the device A warning message pops up asking for t...

Page 94: ...listing system log output license information mint map detail command output interfaces statistics etc 2 6 Spectrum Analyzer In Spectrum Analyzer menu you can perform a deep analysis of the radio emissions in the environment where the unit is placed The unit scans the radio spectrum on all available frequencies In order to obtain the information as accurate as possible the scanning process may tak...

Page 95: ...s this parameter is applicable only to R5000 Xm models Scan Duration Set the time period for the scanning process in seconds After the end of this time period scanning will be stopped and the radio interface will be back to its normal mode operation Enable Grid Mark unmark the corresponding checkbox to display hide the grid lines and highlight the special frequency channel on the scan output The h...

Page 96: ... without it otherwise you will always see noise signal on the operating frequency generated by the remote unit You can get detailed information about the scanned radio signals on a specific frequency Just point a cursor on the needed frequency and you will see a hint with exact Signal level dBm Frequency MHz Noise Floor dBm RSSI dBm High RSSI dBm Max RSSI dBm values 2 7 DFS The DFS page provides t...

Page 97: ...erface in the Web interface This allows managing and monitoring the device by using all the commands and functions that are available via standard CLI In order to run one or a set of WANFleX commands type them in the Command field and then press the Execute button The output of the commands is displayed in the section above the Command field ...

Page 98: ...ies Web GUI 89 Figure 62 Command line In the Command Line menu the commands are only executed but not saved into the configuration while in Extra commands section from Basic Settings menu the commands are executed and saved into the configuration ...

Page 99: ...Configuration scenarios Chapter 3 ...

Page 100: ... type any username and any password in the corresponding fields Let s use in this example test for both username and password After the authentication a warning message pops up and requests us to change these initial authentication credentials Figure 63 Warning message setup system login password Step 3 In order to change the initial credentials we have to go to Basic Settings System Settings and ...

Page 101: ...for the first unit and the IP 192 168 1 2 24 for the second unit Figure 65 Add IP address on svi1 interface Step 5 In order to establish a wireless link between the two units we have to set one of them as Master By default both units are configured as Slave In Basic Settings Link Settings section let s configure the following radio parameters for the first unit Type Master Polling On DFS Off Node ...

Page 102: ...Step 7 We have now to connect to the second unit to its default IP address and to perform the configuration below In System Settings section Device Name Node2 User Name Node2 Password Infi2 In Network Settings section svi1 IP address 192 168 1 2 24 In Link Settings section Type Slave Node ID 2 Channel width 40 MHz Frequency 5870 MHz We have to save all settings performed in Basic Settings menu by ...

Page 103: ...ith no additional rules In this case all frames coming to the unit from local Ethernet interface will be delivered to the opposite side of the link and sent out the remote Ethernet interface and vice versa This simple configuration will enable transparent switching all packets will go through the link unchanged VLAN tags QoS fields etc will be preserved In order to separate data traffic from manag...

Page 104: ...e to create a VLAN interface and to assign it an ID Let s create VLAN100 interface by pressing the Create Management button and setting the ID 100 Figure 69 Create Management button Step 3 In Basic Settings Network Settings section we can observe that two new interfaces have been created automatically vlan100 and svi1 ...

Page 105: ... set VLAN100 for the outgoing traffic at the network interface Step 5 Now we can save the settings performed in all sections of the Basic Settings page by pressing the Apply button at the bottom of the page We have to perform the same settings for the second unit and check the connectivity with VLAN100 to each unit 3 4 Creating a basic PtMP configuration One of the most common solutions to separat...

Page 106: ...in this example from the traffic point of view Step 1 Let s log in to one of the four units and configure it as BS We have to go to Basic Settings MAC Switch section and modify the configuration for the default Switch Group 1 in order to accommodate the traffic from all CPEs Select Trunk mode for the Switch Group 1 Add a new rule for this switch group and select VLAN mode for it Configure all VLAN...

Page 107: ...t VLAN mode and enter the VLAN numbers that must be processed within this Switch Group let s configure VLAN100 for the management traffic Figure 74 Create a management VLAN Step 3 We have to create an SVI interface for the management traffic to the unit Open the Network Settings section Press the Create SVI button Enter the SVI interface number in the pop up window and then press the Ok button we ...

Page 108: ...is needed to be accessible via VLAN 100 For this purpose we have to create a VLAN interface it will act as a sub interface of the SVI interface created in Step 3 Press the Create VLAN button Configure the svi100 interface as the Parent interface for the vlan100 interface Configure the Vlan ID parameter for the management VLAN 100 Configure the IP address and the network mask for the management int...

Page 109: ...n this step or tagged the scenario covered in Step 6b The process is the same as the one described in the previous sections however there are two important differences The Switch Group number must correspond with the VLAN number used by this client We are going to configure VLAN 101 for the CPE 1 and the Switch Group 101 The Switch Group operation mode must be set to In Trunk This mode requires a ...

Page 110: ...his scenario so we have to create a filter rule for the Switch group 101 In case the client has multiple VLANs a separate Switch Group should be created for each VLAN We are going to perform the following configuration Press the Create Switch Group button Configure Switch Group 101 in the pop up window Press the Ports button Select both Ethernet and RF interfaces in the pop up window and then pres...

Page 111: ...p window we strongly recommend using your management VLAN number as a management Switch Group number to avoid confusion Press the Ports button Select RF interface only and click Ok This Switch Group contains only the RF interface as the management interface needs to be accessible only from the uplink direction Create a rule select VLAN mode and enter the VLAN numbers that must be processed within ...

Page 112: ...eated in Step 7 that will be associated with this SVI interface Figure 82 Creat an SVI interface Figure 83 Associate a Switch group to the SVI interface Step 9 All management traffic in our network belongs to VLAN 100 and therefore it is tagged In order to access the unit through the management network an L3 interface is needed to be accessible via VLAN 100 For this purpose we have to create a VLA...

Page 113: ...a result of the settings described in steps above System parameters Factory password mode single sys name Node1 sys prompt Node1 sys user admin setpass 1 5ieEa 9sTTnyEx4 1thTlmfb S6 Radio module parameters rf rf5 0 grid 40 4930 5930 20 rf rf5 0 grid 20 4920 5940 20 rf rf5 0 grid 10 4915 5945 5 rf rf5 0 grid 5 4915 5945 5 rf rf5 0 band 20 rf rf5 0 mimo rf rf5 0 freq 5860 bitr 130000 sid 10101010 bu...

Page 114: ...obitr mimo key 12345678 mint rf5 0 roaming leader mint rf5 0 authmode public mint rf5 0 airupdate passive normal mint rf5 0 rcmdserver enabled mint rf5 0 poll start mint rf5 0 start MAC Switch config switch list LST1 numrange add 101 103 switch group 1 add 1 eth0 rf5 0 switch group 1 vlan LST1 switch group 1 trunk on switch group 1 start switch group 100 add 2 eth0 rf5 0 switch group 100 vlan 100 ...

Page 115: ...00 mtu 1500 up group 100 ifc vlan100 mtu 1500 up ifc vlan100 10 10 10 101 24 ifc vlan100 vlan 100 vlandev svi100 group 100 QoS manager qm option rtp dot1p notos noicmp notcpack nostrict MINT configuration mint rf5 0 name Node2 mint rf5 0 nodeid 00002 mint rf5 0 type slave mint rf5 0 mode fixed mint rf5 0 key 12345678 mint rf5 0 scrambling mint rf5 0 autobitrate mint rf5 0 minbitrate 13000 mint rf5...

Page 116: ...P protocol exposes the management data as variables of the managed units which are queried and set by the network management systems like InfiMonitor In order to be managed and monitored each unit in the network must run the agent software component for reporting the information via SNMP By default the SNMP agent is disabled so the first action to be done before connecting the R5000 unit with the ...

Page 117: ...v1 which is enabled in the default configuration Then press the Add SNMPv3 User button and insert your desired SNMP login and password into the User Name and Password fields and leave the rest of the parameters available in this section with their default values Figure 86 Create SNMPv3 account In order to finalize the SNMP configuration press the Apply button at the bottom of the page Now we have ...

Page 118: ...he situation when the wireless link with the main BS is dropped For this example we have three units with the default configuration Step 1 After the authentication on the first unit let s go to Basic Settings Link Settings menu and let s do the following configuration in General Settings section Enable link selected Type slave for the CPE MultiBS selected this option tells the CPE to search automa...

Page 119: ... is set to Auto Let s do the following configuration for the first radio profile Disable profile unselected Channel Width 20 MHz Frequency 5860 MHz Node ID 2 Security Key 12345678 Figure 88 Radio profile 1 configuration Let s do the following configuration for the second radio profile Disable profile unselected Channel Width 10 MHz Frequency 4920 MHz Node ID 2 Security Key 11111111 ...

Page 120: ...2 Let s now connect to the second unit and after the authentication step let s go to Basic Settings Link Settings menu and let s do the following configuration in the General Settings section Enable link selected Type master for the BS configuration Polling On Auto Tx Power selected Node name Node1 Let s do the following configuration in the Current Settings section Channel Width 20 MHz Frequency ...

Page 121: ...Let s now connect to the third unit and after the authentication step let s go to Basic Settings Link Settings menu and let s do the following configuration in General Settings section Enable link selected Type master for the BS configuration Polling On Auto Tx Power selected Node name Node3 Let s do the following configuration in the Current Settings section Channel Width 10 MHz Frequency 4920 MH...

Page 122: ...e the settings performed in the Link Settings menu We have now two base stations nodes 1 and 3 configured and one CPE node 2 with two radio profiles configured profile 1 has the radio parameters of the BS1 and profile 2 has the radio parameters of the BS2 We can see now that the CPE can establish a wireless link with any of the two base stations depending on the link quality ...

Reviews:

No comments

Related manuals for R5000 series

Brand: Da-Lite Pages: 8

Brand: Unimec Pages: 48

Brand: Harman Pages: 10

Brand: Harman Pages: 2

Brand: Jensen Pages: 12

Brand: Neumann Pages: 9

MM2040 TOUCHBOX

Brand: Manta Pages: 16

Brand: LSS Pages: 14

Brand: Audio Technica Pages: 2

Brand: DAEWOO ELECTRONICS Pages: 34

Brand: AKG Pages: 88

Smart Phono H V2

Brand: Clearaudio Pages: 3

Brand: Kogan Pages: 5

Brand: SAL Pages: 22

Brand: GPX Pages: 2

Brand: Wharfedale Pro Pages: 20

Brand: Curtis Pages: 21

Brand: Piezotronics Pages: 5

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands