RuggedCom RuggedBackbone RX1500 User Manual Download Page 268 | Manualshive

Page: 268 / 507

background image

24. Port Security

ROX™ v2.2 User Guide

268

RuggedBackbone™ RX1500

24. Port Security

ROX™ Port Security provides the following features:

• Authorizing network access using Static MAC Address Table.

• Authorizing network access using IEEE 802.1X authentication.

• Configuring IEEE 802.1X authentication parameters.

• Detecting port security violation attempt and performing appropriate actions.

24.1. Port Security Operation

Port Security, or Port Access Control, provides the ability to filter or accept traffic from specific MAC
addresses.

Port Security works by inspecting the source MAC addresses of received frames and validating them
against the list of MAC addresses authorized on the port. Unauthorized frames will be filtered and,
optionally, the port that receives the frame will be shut down permanently or for a period of time.

Frames to unknown destination addresses will not be flooded through secure ports.

Port security is applied at the edge of the network in order to restrict admission to specific
devices. Do not apply port security on core switch connections.

ROX™ supports the MAC address authorization methods described below:

24.1.1. Static MAC address-based authorization

• With this method, the switch validates the source MAC addresses of received frames against the

contents in the Static MAC Address Table.

• ROX™ also supports a highly flexible Port Security configuration which provides a convenient means

for network administrators to use the feature in various network scenarios.

• A Static MAC address can be configured without a port number being explicitly specified. In this case,

the configured MAC address will be automatically authorized on the port where it is detected. This
allows devices to be connected to any secure port on the switch without requiring any reconfiguration.

• The switch can also be programmed to learn (and, thus, authorize) a preconfigured number of the first

source MAC addresses encountered on a secure port. This enables the capture of the appropriate
secure addresses when first configuring MAC address-based authorization on a port. Those MAC
addresses are automatically inserted into the Static MAC Address Table and remain there until
explicitly removed by the user.

24.1.2. IEEE 802.1X Authentication

The IEEE 802.1X standard defines a mechanism for port-based network access control and provides
a means of authenticating and authorizing devices attached to LAN ports.

Although 802.1X is mostly used in wireless networks, this method is also implemented in wired switches.

The 802.1X standard defines three major components of the authentication method: Supplicant,
Authenticator and Authentication server.

«
...
266
267
268
269
270
...
»

Summary of Contents for RuggedBackbone RX1500

Page 1: ...v2 2 Web Interface User Guide For RuggedBackbone RX1500 November 24 2011...

Page 2: ...ments We reserve the right to make technical improvements without notice Registered Trademarks RuggedServer RuggedWireless RuggedCom Discovery Protocol RCDP RuggedExplorer Enhanced Rapid Spanning Tree...

Page 3: ...6 1 Uses 50 2 6 2 ROXflash Configuration 50 2 7 Scheduling Jobs 52 2 8 The Featurekey 55 2 8 1 Overview 55 2 8 2 Upgrading Feature Levels in the field 55 2 8 3 When a File based featurekey does not Ma...

Page 4: ...or Non switched Interfaces 87 6 Alarms 89 6 1 Introduction 89 6 1 1 Alarm Subsystems 89 6 1 2 Fail Relay Behavior 89 6 1 3 Alarm LED Behavior 89 6 1 4 Clearing and Acknowledging Alarms 89 6 2 Alarm Co...

Page 5: ...144 15 2 4 DHCP Shared Networks 145 15 2 5 DHCP Hosts 145 15 2 6 DHCP Host groups 146 15 2 7 Viewing Active DHCP Leases 146 15 2 8 DHCP Options 147 15 2 9 Custom DHCP Options 152 15 2 10 Hardware Conf...

Page 6: ...ration 225 22 2 1 Assigning Protocols 225 22 2 2 Setting Rawsockets 228 22 2 3 Setting TcpModbus 229 22 2 4 Setting DNP 231 22 3 Serial Protocol Statistics 232 22 3 1 Transport Connections 234 22 4 Re...

Page 7: ...d Multipoint Links 301 28 1 4 Path and Port Costs 301 28 1 5 Bridge Diameter 302 28 2 MSTP Operation 302 28 2 1 MST Regions and Interoperability 303 28 2 2 MSTP Bridge and Port Roles 304 28 2 3 Benefi...

Page 8: ...at is a Layer 3 Switch 356 32 1 2 Layer 3 Switch Forwarding table 356 32 1 3 Static Layer 3 Switching Rules 357 32 1 4 Dynamic Learning of Layer 3 Switching Rules 357 32 1 5 Layer 3 Switch ARP table 3...

Page 9: ...38 1 3 Network Address Translation 437 38 1 4 Port Forwarding 438 38 2 Firewall Quick Setup 438 38 3 Firewall Terminology And Concepts 439 38 3 1 Zones 439 38 3 2 Interfaces 439 38 3 3 Hosts 440 38 3...

Page 10: ...hing The Upgrade 492 A 3 Monitoring The Software Upgrade 493 B RADIUS Server Configuration 497 B 1 PPP CHAP and Windows IAS 497 C Setting Up An Upgrade Server 498 C 1 Upgrade Server Requirements 498 C...

Page 11: ...ROX ROX v2 2 User Guide 11 RuggedBackbone RX1500 E 2 11 Section 10 505 E 2 12 NO WARRANTY Section 11 506 E 2 13 Section 12 506 E 3 How to Apply These Terms to Your New Programs 506...

Page 12: ...Administration form 39 2 10 Hostname form 39 2 11 Timezone form 40 2 12 Setting the Timezone Form in Edit Private Mode 40 2 13 Current System Time form 40 2 14 CLI Sessions form 41 2 15 Idle timeout f...

Page 13: ...ble 76 4 6 Routable Interfaces form 76 4 7 Addresses table 76 4 8 Addresses form 76 5 1 Neighbor Discovery form 79 5 2 Neighbor Discovery IPv6 Prefix 80 5 3 Neighbor Discovery IPv6 Prefix forms 80 5 4...

Page 14: ...ble 114 9 17 Key Settings form 114 9 18 SNMP Security Model to Group Mapping form 114 9 19 SNMP Group Access Configuration table 115 9 20 Key Settings form 115 9 21 SNMP Group Access Configuration for...

Page 15: ...Shared Networks 148 15 13 Client Configuration form for Hosts 149 15 14 Client Configuration form for Host groups 149 15 15 Client Configuration form for DHCP Clients 150 15 16 NIS Configuration form...

Page 16: ...atistics Form 184 18 5 Transmit Statistics Form 184 19 1 Virtual switch with multiple interfaces 187 19 2 Adding a Virtual Switch 188 19 3 Interface Virtualswitch menu 188 19 4 Virtualswitch table 188...

Page 17: ...Interfaces form 216 21 26 HSPA PPP Interfaces Statistics form 216 22 1 6S01 Serial Module RJ45 Connector LEDs 218 22 2 Sources of Delay and Error in an End to End Exchange 222 22 3 Serial Protocols m...

Page 18: ...form 256 23 31 T1E1 Statistics form 256 23 32 Frame Relay Errors Packets Statistics form 258 23 33 Frame Relay Controlling Packets Statistics form 259 23 34 Frame Relay Receiving Statistics form 260...

Page 19: ...s form 296 27 7 Static MAC Address Parameters table 296 27 8 Purge MAC Address menu 297 27 9 Purge MAC Address Table form 297 28 1 Bridge and Port States 299 28 2 Bridge and Port Roles 300 28 3 Exampl...

Page 20: ...348 30 6 LLDP Port Statistics table 349 30 7 LLDP Port Statistics form 349 30 8 LLDP Neighbors table 350 30 9 LLDP Neighbors form 351 30 10 LLDP submenu 351 30 11 LLDP form 352 31 1 Three interfaces...

Page 21: ...388 33 36 L2 Ethernet Type table 388 33 37 Goose Tunnel Statistics table 388 33 38 Goose Tunnel Statistics form 389 33 39 Connections Statistics table 390 33 40 Connections Statistics form 390 33 41...

Page 22: ...work Table 426 36 11 Reach Table 426 36 12 Router Table 427 36 13 Area Table 427 36 14 Net Table 427 36 15 Summary Table 428 36 16 ASBR Summary Table 429 36 17 AS External Table 429 36 18 Neighbor Tab...

Page 23: ...ies table 462 39 7 Priorities form 462 39 8 Enabling Advanced configuration Mode 464 39 9 Advanced Traffic Control Classes table 465 39 10 TC Classes form 465 39 11 Options form 467 39 12 Advanced Tra...

Page 24: ...2 Entry Fields in Upgrade Settings Form 492 A 3 Pending Commit 492 A 4 Commit Succeeded 492 A 5 Launch Upgrade 493 A 6 Upgrade Launched Dialogs 493 A 7 Software Upgrade Menu 493 A 8 Upgrade Monitorin...

Page 25: ...d overall management of the hardware chassis and operating system including access control logging networking configuration and time synchronization Part II Network Interfaces and Ethernet Bridging Pa...

Page 26: ...onfiguration Chapter 4 Basic Network Configuration Advanced Networking Configuration Chapter 5 IP Network Interfaces Alarms Chapter 6 Alarms Domain Name Search Chapter 7 Domain Name Search Logging Cha...

Page 27: ...e Name Location IP Address Mask fe cm 1 Front panel interface 192 168 1 2 24 All other Ethernet ports LM and SM cards 192 168 0 2 24 Table 1 1 Default IP Address Configuration In order to connect to t...

Page 28: ...k on the Login button The switch is shipped with a default administrator password admin If authentication is successful the main menu is presented 1 2 The Structure Of The Web Interface The system con...

Page 29: ...nfiguration editing mode where after committing your changes you can specify a timeout period to test the changes At the end of the timeout period your changes to revert back to the original settings...

Page 30: ...feature keys elan certificates ipsec certificates ca certificates crl certificates log files and rollback files from the system to your workstation From the Choose file type list select the type of f...

Page 31: ...test results tunnel The tunnel menu is used for configuring IP tunnels using IPsec Layer 2 tunnelling functions and Generic Routing Encapsulation GRE ip The ip menu is used for configuring the ROX sys...

Page 32: ...clicked displays context sensitive information about the corresponding data field A red asterisk appears beside fields that are mandatory for configuration when in Edit Private mode Note the red aste...

Page 33: ...hassis Hardware table is indexed by slot name with the slot name being the key and a DNS Server table is indexed by IP address with the IP address being the key Key information can be added using the...

Page 34: ...on in a Table The information entered in the key settings form will now appear in the table Note that the table appears on the server screen while the key settings form appears on the address screen w...

Page 35: ...ttings form 1 3 2 Viewing More Information in Tables Occasionally a table may have more entries that are not visible in the initial view If you encounter a table that has a line of linked text at the...

Page 36: ...2 User Guide 36 RuggedBackbone RX1500 Figure 1 9 First Table of Information Figure 1 10 Second Table of Information The second table of information shows the balance of the entries and contains a lin...

Page 37: ...d passwords software versions upgraded and netconf As well you can link directly from the Admin menu to commands called actions see below that will clear or acknowledge all alarms shut down or reboot...

Page 38: ...he reboot menu action and then click the Perform button on the Reboot the Device form Figure 2 6 Set New Time and Date form The Set New Time and Date form configures the current time and date settings...

Page 39: ...nopsis A string Default System Name An administratively assigned name for this managed node By convention this is the node s fully qualified domain name If the name is unknown the value is the zero le...

Page 40: ...rm to the POSIX style and have their signs reversed from common usage In POSIX style zones west of GMT have a positive sign zones east of GMT have a negative sign Timezone Synopsis string Selects the...

Page 41: ...ures on the device Listen IP Synopsis IPv4 address in dotted decimal notation Synopsis IPv6 address in colon separated hexadecimal notation Default 0 0 0 0 The IP Address the CLI will listen on for CL...

Page 42: ...I Figure 2 15 Idle timeout field Clicking on the Idle timeout field on the CLI Sessions form allows you to choose a value for this field The default value is PT30M which stands for Precision Time 30 M...

Page 43: ...ecimal notation Default 0 0 0 0 The IP Address the SFTP will listen on for SFTP requests default 0 0 0 0 Listen Port Synopsis unsigned short integer Default 2222 The port the SFTP will listen on for S...

Page 44: ...ecimal notation Default 0 0 0 0 The IP Address the CLI will listen on for WebUI requests default 0 0 0 0 Listen Port Synopsis unsigned short integer Default 443 The port on which the WebUI listens for...

Page 45: ...the time when an inactive session expires or times out Only integer values corresponding to the following fields can be entered Year Month Day Hour Min Sec or Ms The example above shows the default va...

Page 46: ...me Synopsis string User Name password Synopsis A string User Password role Synopsis string one of the following keywords guest operator administrator Default guest User Role Figure 2 23 Users Screen i...

Page 47: ...ition Completed upgrades can be declined before the next reboot If major system failures are detected upon booting the upgraded partition the system will automatically roll back to the previous partit...

Page 48: ...packages Copying filesystem Estimating upgrade size Inactive The current phase or state of the upgrade It is one of Estimating upgrade size Copying filesystem Downloading packages Installing packages...

Page 49: ...Launch Upgrade form Note that the server URL and version name information must be entered in the Upgrade Settings form prior to launching the upgrade For detailed step by step instructions on how to...

Page 50: ...ftware on the new unit Use ROXflash only to install earlier versions of the ROX software Software upgrades to later versions should be performed using the Software Upgrade function Table 2 1 Differenc...

Page 51: ...tion Downloading image Inactive The current phase or state of the ROXflash operation It is always one of Inactive Downloading image Imaging partition Unknown state Completed successfully or Failed The...

Page 52: ...ler menu There are two types of scheduled jobs periodic jobs launch at a defined interval Set the interval in the Minute Hour Day of Month and Month parameters Use the Day of Week parameter to launch...

Page 53: ...launch the scheduled job periodic the job launches at a set date and time configchange the job launches when the configuration changes Minute Synopsis A string Default For periodic jobs sets the minut...

Page 54: ...list For example to launch the job on the first fifteenth and thirtieth days of the month enter 10 15 30 To specify a range of values enter the range as comma separated values For example to launch t...

Page 55: ...aturekey resides on the device s compact flash card ROX evaluates both the device featurekey and the file based featurekey and then enables the most capable feature level described by the keys When us...

Page 56: ...n appears Figure 2 37 CLI in the ROX Web Interface 3 At the Operational mode command line prompt type show chassis and press Enter Chassis information appears ruggedcom show chassis chassis chassis st...

Page 57: ...Command Line Interface To upload the file to your device you will need to know the following information the featurekey filename a user name and password to log in to the computer where you saved the...

Page 58: ...e of the featurekey file For example file show featurekey 1_cmRX1K 12 11 0015 key 6 Type the command with your featurekey filename and press Enter The system displays the contents of the featurekey fi...

Page 59: ...formation on backing up files see Section 2 9 2 Backing Up Files 2 9 Installing and Backing Up Files You can install and back up files using the following forms found under the admin menu Figure 2 40...

Page 60: ...e and enter a URL On the Install Files To Devices form click the Perform button 2 9 2 Backing Up Files To back up a file click on backup files The Backup Files forms appear Figure 2 42 Backup Files fo...

Page 61: ...log files click the Perform button on the Delete Log Files form This form is accessible at admin delete logs Figure 2 44 Delete Log Files form 2 11 Saving Full Configurations Save full configurations...

Page 62: ...button in the Saving Full Configuration form 2 12 Loading Full Configurations Load full configurations to a file using the forms below These forms are accessible at admin load full configuration Figur...

Page 63: ...n 1 You will generally configure lower stratum NTP hosts as servers and other NTP hosts at the same stratum as peers If all your configured servers fail a configured peer will help in providing the NT...

Page 64: ...NTP Server Restrictions configure an NTP server using Multicast or Broadcast See Section 3 2 7 Configuring an NTP Server using Multicast or Broadcast configure an NTP client using Multicast See Secti...

Page 65: ...form Enable Enables the local clock Stratum Synopsis unsigned byte integer Default 10 The stratum number of the local clock 3 2 4 Configuring NTP Servers ROX can periodically refer to an NTP server t...

Page 66: ...eers are NTP servers of the same stratum as the router and are useful when contact is lost with the hosts in the NTP servers menu Minpoll Synopsis unsigned byte integer Default 6 Minimum poll interval...

Page 67: ...TP Servers and NTP Broadcast Multicast Servers forms To add a server key In edit mode navigate to services time ntp key and click Add key On the Key settings form enter an identifier for the key and c...

Page 68: ...ver Restrictions form set the restriction parameters Commit the changes Figure 3 8 Server Restrictions form Flags Synopsis string one of the following keywords version ntpport notrust notrap noserve n...

Page 69: ...thentication be used and that a server key be set with the broadcast multicast setting For instructions on how to create server keys see Section 3 2 5 Adding Server Keys To set a multicast broadcast a...

Page 70: ...ddress Synopsis IPv4 address in dotted decimal notation Synopsis IPv6 address in colon separated hexadecimal notation Synopsis Domain name RFC 1034 Default 224 0 1 1 The multicast address on which the...

Page 71: ...Status To view the NTP service status In normal or edit mode navigate to services time ntp ntp status and click ntp status On the Trigger Action form click Perform Review the NTP service status in th...

Page 72: ...lowing internet interfaces configured by default dummy0 fe cm 1 and switch 0001 The default IP addresses for fe cm 1 and switch 0001 are configured under the ipv4 submenu switch 0001 is the VLAN inter...

Page 73: ...an existing IP address click the delete icon 4 Click Add address The Key settings form appears 5 In the IPaddress field type the new IP address 6 Click Commit 7 Click Exit Transaction To create addit...

Page 74: ...elated to the Firewall and IP NAT that might be necessary before connecting the unit to the INTERNET see Chapter 38 Firewall For information on adding VLAN interfaces to Switched Ports Ethernet Ports...

Page 75: ...mple IPv6 Network Setup 1 Connect a user PC to Fast Ethernet port fe cm 1 of the RX1500 and configure the PC to be on the same subnet as the port 2 Configure the S PC with IPv6 address FDD1 9AEF 3DE4...

Page 76: ...Bandwidth kbps Synopsis unsigned long integer This value is used in auto cost calculations for this routable logical interface in kbps Figure 4 7 Addresses table The path to the Addresses table is ip...

Page 77: ...its of an IPv6 address and the address is not routable The scope for Unique Local address is within enterprise networks It identifies the boundary of private networks within an organization Example of...

Page 78: ...s among which five types of messages are used by the ND protocol The five types of ICMPv6 messages are briefly described in the following section Router Solicitation ICMPv6 type 133 This message is se...

Page 79: ...a home agent and includes a home agent option Home Agent Lifetime Synopsis unsigned integer Default 1800 The value to be placed in the home agent option when the home agent config flag is set which i...

Page 80: ...seconds The default is 1800 seconds Reachable Time Millseconds Synopsis unsigned integer Default The value in milliseconds to be placed in the Reachable Time field in the router advertisement message...

Page 81: ...fter adding an IPv6 Prefix under the Neighbor Discovery To display the forms navigate to ip interface ipv6 nd prefix 5 3 Adding Interfaces to Switched Ports For switched ports you create routable inte...

Page 82: ...or example 2 5 Click Add 6 Click Commit 7 Click Exit Transaction The procedures below are examples of how to create implicit VLAN interfaces Procedure 5 2 Implicitly Adding a VLAN Interface at interfa...

Page 83: ...mit it Procedure 5 5 Implicitly Adding a VLAN Interface at switch mcast filtering static mcast table 1 Enter edit mode navigate to switch mcast filtering static mcast table and click Add static mcast...

Page 84: ...l VLANs Properties form is displayed 3 In the IP Address Source field select dynamic if you want the interface to get an IP address from a DHCP server For information on configuring RX1500 as a DHCP s...

Page 85: ...Non switched or Route only Interface menu is accessible from the main menu Figure 5 8 Routable Ethernet Ports table The path to the Routable Ethernet Ports table is interface eth Figure 5 9 Routable...

Page 86: ...eed mode AUTO means advertise all supported speed modes Duplex Synopsis string one of the following keywords full half If auto negotiation is enabled this is the duplex capability advertised by the au...

Page 87: ...ure 5 10 Configuring Dynamic Address Source and ProxyARP Procedure 5 8 Configuring IP Address Source and ProxyARP for Non switched Interfaces 1 Go into Edit Private mode 2 Go to interface eth port The...

Page 88: ...t Transaction To set ProxyARP for a static or dynamic interface follow the procedure below Procedure 5 9 Setting ProxyARP 1 Go into Edit Private mode 2 Go to interface eth port The Routable Ethernet P...

Page 89: ...es irregular voltages at the power supply or the insertion or removal of a module Switch Subsystem these alarms pertain to layer 2 events of interests such as RSTP topology changes and link up down ev...

Page 90: ...l relay and LED When an alarm is acknowledged by the user it de asserts the fail relay and LED but it remains in the active alarms table unless the alarm is non clearable and de asserted by the system...

Page 91: ...Emergency Alert Critical Error Warning Notice Info Debug description Synopsis string When applicable provides further details on the alarmable event Date Time Synopsis string The date and time the ev...

Page 92: ...the Clear action or the Acknowledge action Figure 6 5 Clear Alarm Menu Action form Figure 6 6 Acknowledge Alarm Menu Action form To clear or acknowledge ALL alarms instead of only individual alarms a...

Page 93: ...escription Synopsis A string The name of the alarm severity Synopsis string one of the following keywords debug info notice warning error critical alert emergency The severity level can be one of emer...

Page 94: ...m description Synopsis A string The name of the alarm severity Synopsis string one of the following keywords debug info notice warning error critical alert emergency The severity level can be one of e...

Page 95: ...scription Synopsis A string The name of the alarm severity Synopsis string one of the following keywords debug info notice warning error critical alert emergency The severity level can be one of emerg...

Page 96: ...h to this menu is admin dns Figure 7 1 DNS menu Figure 7 2 Domain Name Searches form The path to the Domain Name Searches form is admin dns search domain Synopsis Domain name RFC 1034 Figure 7 3 Domai...

Page 97: ...port per collector Syslog source facility ID per collector same value for all ROX modules Filtering severity level per collector in case different collectors are interested in syslog reports with dif...

Page 98: ...xadecimal notation Synopsis Domain name RFC 1034 The IPv4 or IPv6 address of a logging server Up to 8 logging servers can be added enabled Enables disables the feed to the remote logging server Figure...

Page 99: ...Synopsis string one of the following keywords same same_or_higher Default same_or_higher The message severity levels to include in the log same includes only messages of the severity level selected i...

Page 100: ...ecurity news mail lpr kern ftp daemon cron authpriv auth Synopsis facility list occurs in an array of at most 8 elements The subsystems generating log messages Messages from the selected subusystems a...

Page 101: ...source SNMPv3 provides security models and security levels A security model is an authentication strategy that is set up for a user and the group in which the user resides A security level is a permi...

Page 102: ...as specified by the lldpNotificationInterval object linkUp A linkUp trap signifies that the SNMP entity acting in an agent role has detected that the ifOperStatus object for one of its communication...

Page 103: ...ample below 9 2 1 Add an SNMP User ID Figure 9 1 Adding an SNMP User ID Procedure 9 1 Adding an SNMP User ID 1 Navigate to admin user 2 Click on Add userid The Key settings form appears 3 In the Name...

Page 104: ...ity Procedure 9 2 Creating an SNMP Community 1 Navigate to admin snmp snmp community 2 Click on Add snmp community The Key settings form appears 3 In the Community Name field enter snmpv2_user and cli...

Page 105: ...Navigate to admin snmp security to group 2 Click on Add snmp security to group The Key settings form appears 3 In the Security Model field select v2c 4 In the User Name field select snmpv2_user and cl...

Page 106: ...he ability to configure snmp features on the device Listen IP Synopsis IPv4 address in dotted decimal notation Synopsis IPv6 address in colon separated hexadecimal notation Default 0 0 0 0 The IP Addr...

Page 107: ...exadecimal notation If set all traffic traps originating from this device shall use the configured IP Address for the Source IP Authentication Failure Notify Name Synopsis string one of the following...

Page 108: ...horitative SNMP engine s window Unknown User Names Synopsis unsigned integer The total number of packets received by the SNMP engine which were dropped because they referenced a user that was not know...

Page 109: ...ID Discover and Trigger Action forms On the SNMP Engine ID Discover form enter parameters in the fields On the Trigger Action form click Perform 9 5 SNMP Community Figure 9 9 SNMPv1 v2c Community Conf...

Page 110: ...9 10 SNMPv1 v2c Community Configuration form The path to the SNMP Community Configuration form is admin snmp snmp community private or public 9 6 SNMP Target Addresses Figure 9 11 SNMP Target Configur...

Page 111: ...address address Target Name A descriptive name for the target ie Corportate NMS enabled Synopsis boolean Default true Enables disables this specific target Target Address Synopsis IPv4 address in dott...

Page 112: ...incoming SNMP requests from the IPv4 or IPv6 address associated with this community Trap Type List Default snmpv2_trap Selects the type of trap communications to be sent to this target Inform Timeout...

Page 113: ...ng The user for the SNMP key Select a user name from the list Authentication Protocol Synopsis string one of the following keywords sha1 md5 none Default none The authentication protocol providing dat...

Page 114: ...curity Model to Group Mapping form The path to these forms is admin snmp snmp security to group user Security Model Synopsis string one of the following keywords v3 v2c v1 The SNMP security model to u...

Page 115: ...s string one of the following keywords v3 v2c v1 any The SNMP security model to use SNMPv1 SNMPv2c or USM SNMPv3 Security Level The SNMP security level authPriv communication with authentication and p...

Page 116: ...w Default all of mib The name of the write view to which the SNMP group has access all of mib restricted v1 mib or no view Notify View Name Synopsis string one of the following keywords all of mib res...

Page 117: ...figuration information between a Network Access Server which desires to authenticate its links and a shared Authentication Server RADIUS is also widely used in conjunction with 802 1x for port securit...

Page 118: ...ntication activity is logged to the authorization log file auth log Details of each authentication including the time of occurrence source and result are included 10 1 4 RADIUS ROX and Services RADIUS...

Page 119: ...se forms are also accessible from global ppp radius address Synopsis IPv4 address in dotted decimal notation The IPv4 address of the server port udp Synopsis integer Default 1812 The network port of t...

Page 120: ...sword Synopsis AES CFB128 encrypted string The password of the RADIUS server For more information on 802 1x Authentication please see Chapter 24 Port Security For additional information on RADIUS serv...

Page 121: ...the NETCONF Sessions form and the NETCONF State Statistics form is admin netconf enabled Synopsis boolean Default true Provides the ability to configure NETCONF features on the device Listen IP Synops...

Page 122: ...ff 16000 Maximum Number of NETCONF Sessions Synopsis unsigned integer Synopsis the keyword unbounded Default 10 The maximum number of concurrent NETCONF sessions Idle Timeout Default PT0S Maximum idle...

Page 123: ...ds the NETCONF peer inSessions inBadHellos number of correctly started netconf sessions Dropped Sessions Synopsis unsigned integer The total number of NETCONF sessions dropped inSessions inBadHellos n...

Page 124: ...11 NETCONF ROX v2 2 User Guide 124 RuggedBackbone RX1500 The total number of notification messages sent...

Page 125: ...menu contains chassis level configuration and status features A variety of sub menus can be linked to from the Chassis menu The Chassis sub menu section is organized so that information tables appear...

Page 126: ...e synopsis string one of the following keywords PM2_Active_PM1_Standby PM1_Active_PM2_Standby Balanced When more than one power modules are present this parameter specifies how they share the provisio...

Page 127: ...integer The current mA sourced by the power module PM Voltage mV Synopsis integer The voltage mV sourced by the power module 12 2 Slot Hardware Figure 12 6 Slot Hardware table Figure 12 7 Slot Hardwar...

Page 128: ...nstalled module s unique serial number 12 3 Slot Identification Figure 12 8 Slot Identification table Figure 12 9 Slot Identification form The Slot Identification table and form contain version inform...

Page 129: ...dule installed in a particular chassis slot The path to the Slot CPU RAM Utilization table is chassis cpu Figure 12 10 Slot CPU RAM Utilization table The path to the Slot CPU RAM Utilization form is c...

Page 130: ...RAM in percent recorded for the installed module since start up 12 5 Slot Status Figure 12 12 Slot Status table Figure 12 13 Slot Status form The Slot Status table and form display status information...

Page 131: ...state of the installed module Status Synopsis string The runtime status of the installed module Uptime Synopsis string The total time elapsed since the start up of the installed module Boot Date Synop...

Page 132: ...nopsis A string The installed module s type specifier Temperature degrees C Synopsis integer The temperature in degrees C of the installed module If multiple temperature sensors are present on the boa...

Page 133: ...Module Type Synopsis A string Sets the module type to be used in this slot Admin State Sets the administrative state for a module Enabling the module powers it on Figure 12 18 Fixed Modules form Figur...

Page 134: ...is Management ROX v2 2 User Guide 134 RuggedBackbone RX1500 Figure 12 20 Module Database table Figure 12 21 Module Database form Figure 12 22 Configurable Modules table Figure 12 23 Configurable Modul...

Page 135: ...his case the device acts as a PPP client PPP users profiles and settings are configured on forms found under the PPP menu To display the PPP menu navigate to global ppp 13 2 PPP Configuration The PPP...

Page 136: ...out PPP Users table navigate to global ppp profiles dialout Figure 13 4 Dial out PPP Users table Dial out PPP is used to add PPP profile for dialOut users name Synopsis A string The connection name To...

Page 137: ...ial the phone number before it stops attempting to establish a connection Zero 0 means the modem will try to connect to the PPP server forever dial interval Synopsis integer Default 30 The time in sec...

Page 138: ...ary Radius Server form address Synopsis IPv4 address in dotted decimal notation The IPv4 address of the server port udp Synopsis integer Default 1812 password Synopsis AES CFB128 encrypted string 13 3...

Page 139: ...erface with link failover the link failover On demand option allows link failover to bring up or take down the PPP interface as needed Link failover triggers the modem dial out to establish a PPP conn...

Page 140: ...s 00 02 04 0F The DHCP Server supporting DHCP Option 82 sends a unicast reply and echoes Option 82 The DHCP Relay Agent removes the Option 82 field and broadcasts the packet to the port from which the...

Page 141: ...this relay agent Figure 14 3 DHCP Relay Agent Client Ports table To display the DHCP Relay Agent Client Ports table navigate to dhcp relay agent dhcp client ports DHCP Relay Agent Client Ports are po...

Page 142: ...ional subnets behind the relay agent or when multiple virtual networks exist on one physical interface Each subnet then gets its own subnet definition inside the shared network rather than at the top...

Page 143: ...HCP Hosts configure host groups See Section 15 2 6 DHCP Host groups configure DHCP options See Section 15 2 8 DHCP Options Under services dhcpserver you can also view a list of active DHCP leases See...

Page 144: ...CIDR notation The network IP address for this subnet shared network Synopsis A string The shared network that this subnet belongs to You can configure DHCP options at the subnet level Options set at...

Page 145: ...s set at higher levels To set Lease Configuration and Client Configuration options navigate to services dhcpserver shared network shared network id options For more information see Section 15 2 8 1 Le...

Page 146: ...type a name for the host group and click Add You can configure DHCP options at the host group level Options set at this level override options set at higher levels To set Lease Configuration and Clien...

Page 147: ...ettings This form is used at all DHCP levels NIS Configuration form sets NIS server information This form is used at all DHCP levels NetBios Configuration form sets NetBios scope and nameserver inform...

Page 148: ...configuration options at the subnet and shared networks levels enter edit mode and navigate to subnet options services dhcpserver subnet subnet id options shared network options services dhcpserver s...

Page 149: ...g client unknown client Synopsis string one of the following keywords ignore deny allow The action to take for previously unregistered clients shared network Synopsis A string Shared network that this...

Page 150: ...t the client configuration options enter edit mode and navigate to DHCP server options services dhcpserver options client subnet options services dhcpserver subnet subnet id options client shared netw...

Page 151: ...IPv4 address in dotted decimal notation The static route that the dhcpserver offers to the client when it issues the lease to the client NIS Configuration Figure 15 16 NIS Configuration form server S...

Page 152: ...work options services dhcpserver shared network shared network id options client custom host group options services dhcpserver host groups host group id options client custom host options services dhc...

Page 153: ...15 DHCP Server ROX v2 2 User Guide 153 RuggedBackbone RX1500 The physical network address of the client Note that this corresponds to the hardware type for example MAC address for ethernet...

Page 154: ...pter 18 IP Statistics Virtualswitch Bridging Chapter 19 Virtual Switch Bridging Link Aggregation Chapter 20 Link Aggregation Modem Chapter 21 Modem Serial Ports Chapter 22 Serial Protocols WAN Chapter...

Page 155: ...ection Through LFI While the link between Switch A and the Controller functions normally the Controller holds the backup link down Switch B learns that to reach the Controller it must forward frames t...

Page 156: ...tion LFI feature for the links where no native link partner notification mechanism is available With LFI enabled the device bases generation of a link integrity signal upon its reception of a link sig...

Page 157: ...e Switched Ethernet Ports table shows the Ethernet interfaces To display the Switched Ethernet Ports table navigate to interface switch Figure 16 4 Switched Ethernet Ports submenu The Switched Etherne...

Page 158: ...EE 802 3 auto negotiation Enabling auto negotiation results in speed and duplex being negotiated upon link detection both end devices must be auto negotiation compliant for the best possible results S...

Page 159: ...s full duplex Full duplex operation requires that both ends are configured as such or else severe frame loss will occur during heavy network traffic At lower traffic volumes the link may display few i...

Page 160: ...ames on any source port is made available for analysis Select a target port that has a higher speed than the source port Mirroring a 100 Mbps port onto a 10 Mbps port may result in an improperly mirro...

Page 161: ...port where a monitoring device should be connected Figure 16 9 Ingress Source Ports table To display the Ingress Source Ports table navigate to switch port mirroring ingress src Ingress Source Slot S...

Page 162: ...ine module diagnostics Figure 16 11 Diagnostics menu ROX is able to perform cable diagnostics per Ethernet port and to view the results When cable diagnostics are performed on a port any established n...

Page 163: ...s detected on the cable pairs of the selected port PassFailTotal Synopsis A string This field summarizes the results of the cable diagnostics performed so far Pass the number of times cable diagnostic...

Page 164: ...type of fault For a typical no fault Category 5 cable plugged into a 100BASE T port Good will be incremented by two after every run of cable diagnostics once for each cable pair used by a 100BASE T p...

Page 165: ...form To clear cable diagnostics navigate to interfaces switch line module diagnostics clear cable stats port On the Clear Port Cable Diagnostic Test Results form click Perform Figure 16 15 Clear Port...

Page 166: ...hernet Alarms Figure 16 18 Clear All Alarms menu Alarms can be cleared by hitting the Perform button This command can be accessed from the Clear All Alarms menu action on the admin clear all alarms me...

Page 167: ...guard Provides protection against faulty end devices generating an improper link integrity signal When a faulty end device or a mis matching fiber port is connected to the unit a large number of conti...

Page 168: ...f response time This setting should be used with caution OFF Turning this parameter OFF will disable FAST LINK DETECTION completely The switch will need a longer time to detect a link failure This wil...

Page 169: ...terface Status forms navigate to interfaces switch line module Slot Synopsis string one of the following keywords lm6 lm5 lm4 lm3 lm2 lm1 sm The slot of the module that contains this port Port Synopsi...

Page 170: ...tring one of the following keywords 230 4K 115 2K 57 6K 38 4K 19 2K 9 6K 2 4K 1 2K 7 2M 3 072M 1 776M 10G 1G 100M 10M 2 4M 1 5M auto Speed in Megabits per second or Gigabits per second Duplex Synopsis...

Page 171: ...he link is fixed to full duplex and the peer auto negotiates the auto negotiating end falls back to half duplex operation At lower traffic volumes the link may display few if any errors As the traffic...

Page 172: ...orts ROX v2 2 User Guide 172 RuggedBackbone RX1500 Is it possible that the peer also has LFI enabled If both sides of the link have LFI enabled then both sides will withhold link signal generation fro...

Page 173: ...these menus is interfaces switch and then clicking on any of the linked submenus from lm1 1 to lm1 14 Figure 17 1 Ethernet Port Statistics Menu 17 1 Viewing Ethernet Statistics This table provides ba...

Page 174: ...t and dropped packets OutOctets Synopsis unsigned integer The number of octets in transmitted good packets InPkts Synopsis unsigned integer The number of received good packets Unicast Multicast Broadc...

Page 175: ...17 Ethernet Statistics ROX v2 2 User Guide 175 RuggedBackbone RX1500 Figure 17 3 RMON Port Statistics Form InOctets Synopsis unsigned long integer...

Page 176: ...e TotalInPkts Synopsis unsigned long integer The number of received packets This includes rejected dropped and local packets as well as packets which are not forwarded to the switching core for transm...

Page 177: ...nt has not been detected 3 A Late Collision Event has not been detected 4 The packet has invalid CRC Jabbers Synopsis unsigned integer The number of packets which meet all the following conditions 1 T...

Page 178: ...unsigned integer The number of received and transmitted packets with size of 512 to 1023 octets This includes received and transmitted packets as well as dropped and local received packets This does n...

Page 179: ...ring the keyword Synopsis string one of the following keywords main pm2 pm1 Synopsis string one of the following keywords lm6 lm5 lm4 lm3 lm2 lm1 sm Synopsis string one of the following keywords em cm...

Page 180: ...lex Synopsis string one of the following keywords full half Link duplex status MTU Synopsis integer MTU Maximum Transmission Unit value on the port MAC Synopsis Ethernet MAC address in colon separated...

Page 181: ...rors Synopsis unsigned integer Number of error packets transmitted Dropped Synopsis unsigned integer Number of dropped packets by the transmit device Collisions Synopsis unsigned integer Number of col...

Page 182: ...for one switched port Ports are cleared by clicking the Perform button on the Clear Switched Port Statistics form Figure 17 10 Clear All Statistics Menu Figure 17 11 Clear All Switched Port Statistic...

Page 183: ...he main menu under interfaces ip Figure 18 2 Routable Interface Statistics Table This table appears on the same screen as the Interfaces IP menu The path to the Routable Interface Statistics form Rece...

Page 184: ...Packets Synopsis unsigned long integer Number of packets received Errors Synopsis unsigned integer Number of error packets received Dropped Synopsis unsigned integer Number of dropped packets by the r...

Page 185: ...Backbone RX1500 Errors Synopsis unsigned integer Number of error packets transmitted Dropped Synopsis unsigned integer Number of dropped packets by the transmit device Collisions Synopsis unsigned int...

Page 186: ...uded in the dynamic routing protocol and the interface can carry a routing update The IP address assigned to the virtual switch can be used as the default gateway for the end devices connected to the...

Page 187: ...of VirtualSwitch by adding the following interfaces to the virtual switch on both devices VS1 on Device 1 switch 0020 te1 3 1c01 0020 VS2 on Device 1 switch 0030 te1 3 1c01 0030 4 Use the same configu...

Page 188: ...dd a virtual switch enter Edit Private mode Add a virtual switch and at least two interfaces You can also add VLANs Figure 19 3 Interface Virtualswitch menu The Interface Virtualswitch menu is located...

Page 189: ...as name of the interface IP Address Source Synopsis string one of the following keywords dynamic static Default static Whether the IP address is static or dynamically assigned via DHCP or BOOTP ProxyA...

Page 190: ...signed via DHCP or BOOTP If a virtual switch has been configured some virtual switch data will be displayed under the Interfaces Virtualswitch menu Figure 19 9 Interfaces Virtualswitch menu To display...

Page 191: ...MAC address of the port Figure 19 12 Receive form Bytes Synopsis unsigned long integer Number of bytes received Packets Synopsis unsigned long integer Number of packets received Errors Synopsis unsig...

Page 192: ...eger Number of collisions detected on the port Figure 19 14 VLAN table To display this table navigate to interfaces virtualswitch virtualswitch number vlan VLAN ID Synopsis integer VLAN ID Figure 19 1...

Page 193: ...AN Transmit form Bytes Synopsis unsigned long integer Number of bytes transmitted Packets Synopsis unsigned long integer Number of packets transmitted Errors Synopsis unsigned integer Number of error...

Page 194: ...ed on both the source and destination MAC addresses of the forwarded frames 20 1 Link Aggregation Operation Link Aggregation can be used for two purposes To obtain increased and linearly incremental l...

Page 195: ...gregation Limitations A port mirroring target port cannot be a member of a port trunk However a port mirroring source port can be a member of a port trunk A DHCP Relay Agent Client port cannot be a me...

Page 196: ...abled and increased bandwidth is not required Link Aggregation should not be used because it may lead to a longer fail over time 20 2 Link Aggregation Configuration To display the Link Aggregation men...

Page 197: ...20 Link Aggregation ROX v2 2 User Guide 197 RuggedBackbone RX1500 Figure 20 4 Entering a Trunk ID Next add parameters to the Multicast Filtering CoS and VLAN forms...

Page 198: ...ion ROX v2 2 User Guide 198 RuggedBackbone RX1500 Figure 20 5 Entering Parameters for Forms Finally add parameters for the trunk ports First click on trunk ports on the menu Next click on Add trunk po...

Page 199: ...n Add trunk ports again to add a second trunk port Click Commit Click Exit Transaction when done Figure 20 7 Selecting a Trunk Slot After configuration the Trunk Ports table accessible at interface tr...

Page 200: ...icking on interface switch line module Figure 20 10 Key Settings Figure 20 11 Ethernet Trunk Interfaces form Trunk ID Synopsis integer The trunk number It doesn t affect port trunk operation in any wa...

Page 201: ...ze frames received on this port that are not prioritized based on the frames contents e g priority field in the VLAN tag DiffServ field in the IP header prioritized MAC address Inspect TOS This parame...

Page 202: ...t untagged Specifies whether frames transmitted out of the port on its native VLAN specified by the PVID parameter will be tagged or untagged GVRP Mode synopsis token one of advertise_only learn_adver...

Page 203: ...of the GUI or leave them blank If authentication is required by the cellular data service provider again PPP authentication will automatically use PAP or CHAP Your service provider will provide you w...

Page 204: ...tion form The HSPA Cellular Modem Information form displays modem information network supported Synopsis A string Wireless technologies supported by the modem imei Synopsis A string International Mobi...

Page 205: ...is currently in use between the modem and the network Network Status displays the current registration status of the cellular modem with respect to the cellular network Possible values are Registered...

Page 206: ...ollowing information provides additional details about the fields in the Edge Cellular Modem Information Form Rssi Indicator Received Signal Strength indicates the signal level received by the cellula...

Page 207: ...ess network when you register for data service This field is not used for CDMA modems The Dial string is a special command to be sent by the cellular modem to the cellular network to establish a data...

Page 208: ...P link establishment on this device is controlled by link failover 21 1 2 4 CDMA The CDMA GSM profile is selected by using the CDMA EVDO Cellular Modem Configuration form but the profile needs to be c...

Page 209: ...e IMEI for GSM networks Rssi Indicator Received Signal Strength indicates the signal level received by the cellular modem from the cell site Network Operator displays the identity of the wireless netw...

Page 210: ...ion form and Trigger Action form is interface modem lm6 1 cdma OverTheAirActivation Figure 21 8 CDMA Over The Air Activation form Figure 21 9 CDMA Over The Air Activation Trigger Action form 1 First e...

Page 211: ...by all network providers Activation code also known as a subsidy lock Phone Number or MDN Mobile Directory Number MIN Mobile Identification Number often the same as the Phone Number System ID or Home...

Page 212: ...Network Configuration form and the PPP Configuration form appear on the same screen as the global menu name Synopsis A string Create cdma profile name dial string Synopsis A string Default 777 The di...

Page 213: ...ver dial on demand Activates Dial on Demand on this connection The establishment of the PPP connection is postponed until there is data to be transmitted via the interface disconnect idle timeout Syno...

Page 214: ...on the silkscreen across the top of the device port Synopsis integer The port number as seen on the front plate silkscreen of the switch or a list of ports if aggregated in a port trunk enabled Synop...

Page 215: ...ect Synopsis A string Selects the gsm profile to connect to wireless network The gsm profile is configured in global cellular profiles gsm 21 1 2 5 2 CellModem Status Figure 21 22 Interfaces Cellmodem...

Page 216: ...Long Distance or Very Long Distance with connectors like LC SC ST MTRJ etc For the modules with SFP GBICs the media description is displayed per the SFF 8472 specification if the transceiver is plugge...

Page 217: ...is A string The IP address assigned to the modem by the remote server Peer IP address Synopsis A string The IP address of the remote server TX bytes Synopsis unsigned integer The bytes transmitted ove...

Page 218: ...al ports RX1501 supports up to 36 serial ports Bit rates of 300 600 1200 2400 4800 9600 19200 38400 57600 115200 or 230400 bps Supports RS232 RS422 and RS485 party line operation XON XOFF flow control...

Page 219: ...ection package which Supports TCP If a RX1500 is used at the host end it will wait for a request from the host encapsulate it in a TCP message and send it to the remote side There the remote RX1500 wi...

Page 220: ...the ability to receive connections 22 1 3 3 Message Packetization The server buffers received characters into packets in order to improve network efficiency and demarcate messages The server uses thre...

Page 221: ...ses are TCP encapsulated and returned to the originator A native TcpModbus master is one that can encapsulate the Modbus polls in TCP and directly issue them to the network 22 1 4 1 Local Routing At T...

Page 222: ...the Server Gateway receives a request for an unconfigured RTU it will respond to the originator with a special message called an exception type 10 A type 11 exception is returned by the server if the...

Page 223: ...he originator 22 1 5 6 A Worked Example A network is constructed with two Masters and 48 RTUs on four Server Gateways Each of the Master is connected to a Client Gateway with a 115 2 Kbps line The RTU...

Page 224: ...terface the DNP source address and the IP address of the sender are entered into the Device Address Table When a message with an unknown DNP destination address is received on a local serial port the...

Page 225: ...rds lm6 lm5 lm4 lm3 lm2 lm1 sm The name of the module location provided on the silkscreen across the top of the device port Synopsis integer The port number as seen on the front plate silkscreen of th...

Page 226: ...ol to a port Figure 22 6 Selecting a Protocol Type in the Edit Private screen Selecting a protocol type from the Protocol field in the Key Settings form associates a protocol with a serial port Rawsoc...

Page 227: ...00 115200 57600 38400 19200 9600 2400 1200 Default 9600 The baudrate selection of serial port data bits Synopsis integer Default 8 The number of data bits parity Synopsis string one of the following k...

Page 228: ...e 22 9 Rawsocket Configuration form The Rawsocket Configuration form is used to configure the Raw Socket settings for each port Changes are made immediately To display the Rawsocket Configuration form...

Page 229: ...ction place an outgoing connection or do both max connection Synopsis integer Default 1 The maximum number of incoming connections to permit when the call direction is incoming remote ip Synopsis IPv4...

Page 230: ...ert after the transmissions of Modbus broadcast messages out the serial port retransmit Synopsis integer Default The number of times to retransmit the request to the RTU before giving up max connectio...

Page 231: ...d DNP device in the Device Address Table may go without any DNP communication before it is removed from the table max connection Synopsis integer Default 1 The maximum number of incoming DNP connectio...

Page 232: ...connection to the DNP device with the configured address Leave this field empty to forward DNP message that matches the configured address to local serial port remote device Enable forwarding DNP mess...

Page 233: ...Mode MM and may be Short Distance Long Distance or Very Long Distance with connectors like LC SC ST MTRJ etc For the modules with SFP GBICs the media description is displayed per the SFF 8472 specific...

Page 234: ...g errors on this serial port overrun errors Synopsis unsigned integer The number of overrun errors on this serial port The Serial Port Statistics table and form present statistics of serial port activ...

Page 235: ...The port of the remote serial server Local TCP UDP port Synopsis integer The local port for the incoming connection transport Synopsis A string The transport protocol UDP or TCP for this serial port r...

Page 236: ...click on the restart serserver trigger action and the click the Perform button on the Trigger Action form Figure 22 20 Restart Serserver Trigger Action 22 5 Resetting Ports Figure 22 21 Reset Ports me...

Page 237: ...ctions over Frame Relay Each Frame Relay interface provides a link between a local and a peer station One of the stations must be configured as a Data Communications Equipment DCE device often referre...

Page 238: ...fig if encap frame Cisco config if frame map ip ipaddress dlci n broadcast Cisco Cisco config if frame map ip ipaddress dlci n ietf broadcast IETF Cisco config if frame map ip ipaddress dlci n ietf br...

Page 239: ...ean Default true Disabling link alarms will prevent alarms and LinkUp and LinkDown SNMP traps from being sent for that interface Link alarms may also be controlled for the whole system under admin ala...

Page 240: ...esired attenuation 23 2 2 E1 Parameters You can configure E1 Parameters for a WAN port The path to the E1 Parameters form is interface wan line module E1 Figure 23 5 E1 Parameters form frame Synopsis...

Page 241: ...rface wan lm6 2 e1 2 Click the icon beside t1 or e1 3 Click channel and Add channel The Key settings form appears 4 In the Key settings form enter a number in the range of 1 to 24 and click Add The T1...

Page 242: ...e connection submenu see Figure 23 8 Adding a Connection add a framerelay connection by clicking on the plus sign icon next to the framerelay submenu Configure the parameters in the Frame Relay Parame...

Page 243: ...integer Default 4 The number of error events enumerated by n393 for which the channel is declared inactive valid for either cpe or Switch n393 Synopsis integer Default 4 The number of error events on...

Page 244: ...but is capable of defining only one MLPPP bundle For optimal PPP Multilink operation ensure that each link in the MLPPP bundle has the same bandwidth the number of time slots the clocking mode and the...

Page 245: ...k the Exit Transaction button You can add multiple PPP interfaces to a MLPPP link by configuring the same bundle number across all t1 e1 channels that are part of MLPPP 23 2 3 6 Configuring HDLC ETH H...

Page 246: ...and click the icon beside the hdlc eth submenu An HDLC ETH connection is added and the fields in the Ethernet Over HDLC Settings form become configurable Figure 23 14 Ethernet Over HDLC Settings form...

Page 247: ...s src Synopsis string one of the following keywords dynamic static Default static Whether the IP address is static or dynamically assigned via DHCP or BOOTP The DYNAMIC option is a common case of a dy...

Page 248: ...4 1c01 0012 represents t1 e1 in slot 4 port 1 channel 1 is configured for hdlc eth with VLAN 12 te1 4 1c03ppp represents t1 e1 in slot 4 port 1 channel 3 is configured for ppp te1 4 1c04f0101 represe...

Page 249: ...e trigger action form Figure 23 18 Loopbacktest Results After launching the Loopback test the Action Result form and the Loopbacktest form appear to confirm that the test has been performed and whethe...

Page 250: ...errors CRC Error Synopsis unsigned integer The number of receiver CRC errors Abort Synopsis unsigned integer The number of receiver abort errors Corruption Synopsis unsigned integer The number of rece...

Page 251: ...received Frames Discarded as Link Inactive Synopsis unsigned integer Received frames that were discarded link inactive Figure 23 23 T1E1 Receiving Statistics Form 2 The path to this form is interfaces...

Page 252: ...integer The number of transmitter PCI latency warnings DMA Error Synopsis unsigned integer The number of transmitter DMA descriptor errors DMA Length Error Synopsis unsigned integer The number of tra...

Page 253: ...re 23 26 T1E1 Transmitting Statistics Form 2 The path to this form is interfaces wan t1e1 line module transmit Bytes Synopsis unsigned long integer Number of bytes transmitted Packets Synopsis unsigne...

Page 254: ...this form is interfaces wan t1e1 line module alarm alos Synopsis string ALOS Loss of Signal alarm los Synopsis string LOS Loss Of Signal alarm red Synopsis string RED red alarm is a combination of a...

Page 255: ...23 29 PPP Receiving Protocol Statistics form The PPP Receiving Protocol Statistics form displays PPP receiving statistics The path to this form is interfaces wan t1e1 line module ppp stats LCP Synops...

Page 256: ...cs forms can be found under this ppp stats submenu LCP Synopsis unsigned integer The number of LCP Link Control Protocol packets PAP Synopsis unsigned integer The number of PAP Password Authentication...

Page 257: ...the slot Port Synopsis integer Synopsis string Port number on the slot Channel Number Synopsis integer Synopsis string Channel number on the port state Synopsis string one of the following keywords lo...

Page 258: ...mitted after a tx interrupt due to exessive frame length Throughput Synopsis unsigned integer I frames not transmitted after a tx interrupt due to excessive throughput Length Synopsis unsigned integer...

Page 259: ...invalid Receive Seq Numbers received Unsolicited Response Synopsis unsigned integer The number of unsolicited responses from the Access Node N391 Synopsis unsigned integer Timeouts on the T391 timer C...

Page 260: ...rity Verification Status messages received CPEI Synopsis unsigned integer CPE initializations SSEQ Synopsis unsigned integer The current Send Sequence Number RSEQ Synopsis unsigned integer The current...

Page 261: ...igger Action Figure 23 36 Clearstatistics Menu Action The path to the Clear Statistics forms is interfaces wan clearstatistics 23 4 DDS Digital Data Services DDS is a North American digital transmissi...

Page 262: ...3 Setting DDS PPP Connection Parameters set the DDS frame relay and DLCI parameters See Section 23 4 1 4 Setting DDS Frame Relay Parameters Under interfaces wan you can also view and clear DDS statis...

Page 263: ...PP Connection Parameters To set DDS PPP connection parameters enter edit mode and navigate to interface wan wan slot and port dds connection ppp Figure 23 39 PPP form nomagic Synopsis boolean Default...

Page 264: ...tomer Premises Equipment or as a switch signal Synopsis string one of the following keywords none q933 lmi ansi Default ansi The frame relay link management protocol used t391 Synopsis integer Default...

Page 265: ...ds connection framerelay Beside the framerelay link click the icon and click Add dlci On the Key settings form enter a number in the range of 16 to 1007 and click Add On the On demand form set the On...

Page 266: ...dds dds physical connection ddsreceiveerror Displays DDS physical connection receive error statistics interfaces wan dds dds physical connection ddstransmiterror Displays DDS physical connection trans...

Page 267: ...S Interface Select the DDS interface for which to clear statistics T1E1 Interface Select the T1E1 interface for which to clear statistics T3E3 Interface Select T3E3 interface for which to clear statis...

Page 268: ...rce MAC addresses of received frames against the contents in the Static MAC Address Table ROX also supports a highly flexible Port Security configuration which provides a convenient means for network...

Page 269: ...thentication methods 802 1X defines a protocol for communication between the Supplicant and the Authenticator EAP over LAN EAPOL RuggedBackbone communicates with the Authentication Server using EAP ov...

Page 270: ...curity radius address Synopsis IPv4 address in dotted decimal notation The IPv4 address of the server UDP Port Synopsis integer Default 1812 The IPv4 port of the server password Synopsis AES CFB128 en...

Page 271: ...nown there is still an option to configure the switch to auto learn a certain number of MAC addresses Once learned they don t age out until the unit is reset or the link goes down IEEE 802 1X standard...

Page 272: ...ess Entity parameters quiet period Synopsis integer Default 60 The period of time not to attempt to acquire a supplicant after the authorization session failed Reauthorization Enables or disables peri...

Page 273: ...he authentication server s EAP packet Server Timeout Synopsis integer Default 30 The time to wait for the authentication server s response to the supplicant s EAP packet Max Requests Synopsis integer...

Page 274: ...ion 1 or 2 25 1 IGMP IGMP is used by IP hosts to report their host group memberships to multicast routers As hosts join and leave specific multicast groups streams of traffic are directed to or withhe...

Page 275: ...ally two query intervals the router will prune the multicast stream from the given segment A more usual method of pruning occurs when consumers wishing to unsubscribe issue an IGMP leave group message...

Page 276: ...er all other routers become non queriers participating only forward multicast traffic Switches running in Active IGMP mode participate in the querier election like multicast routers When the querier e...

Page 277: ...ies as if it is the router Processing Joins If host C1 desires to subscribe to the multicast streams for both P1 and P2 it will generate two joins The join from C1 on VLAN 2 will cause the switch to i...

Page 278: ...t Group Periodically the switch sends GMRP queries in the form of a leave all message If a host either a switch or an end station wishes to remain in a multicast group it reasserts its group membershi...

Page 279: ...membership for the two Multicast Groups on the example network is as follows Host H1 is GMRP unaware but needs to see traffic for Multicast Group 1 Port E2 on Switch E therefore is statically configu...

Page 280: ...sly become a member of Multicast Group 1 Switch B forwards the Group 1 multicast via Port B4 towards Switch E Switch E forwards the Group 1 multicast via Port E2 which has been statically configured f...

Page 281: ...efault 60 The time interval between IGMP queries generated by the switch NOTE This parameter also affects the Group Membership Interval i e the group subscriber aging time therefore it takes effect ev...

Page 282: ...selected ports on the module installed in the indicated slot Figure 25 8 Static Multicast Summary table If data is configured the path to the Static Multicast Summary table will be switch mcast filter...

Page 283: ...summary then clicking on one of the linked submenus then clicking on static ports and then on a linked submenu Static ports are egress ports that have been assigned to a particular multicast MAC addr...

Page 284: ...ups form The path to this form is switch mcast filtering ip mcast groups and then clicking on one of the linked submenus that follow VLAN ID Synopsis integer The VLAN Identifier of the VLAN upon which...

Page 285: ...s on the module installed in the indicated slot Figure 25 17 Joined Ports table The path to this table is switch mcast filtering ip mcast groups then clicking on one of the linked submenus that follow...

Page 286: ...kept registered Figure 25 20 GMRP Dynamic Ports table The path to this menu is switch mcast filtering mcast group summary then clicking on one of the linked submenus and then clicking on gmrp dynamic...

Page 287: ...r the multicast stream is being delivered to the router run the Ethernet Statistics menu View Ethernet Statistics command Verify that the traffic count transmitted to the router is the same as the tra...

Page 288: ...g to operate properly Problem Six I connect or disconnect some switch ports and multicast goes everywhere Is IGMP broken No it may be a proper switch behavior When the switch detects a change in the n...

Page 289: ...f connectivity over the network The CoS feature has two main phases inspection and forwarding 26 1 1 Inspection Phase In the inspection phase the CoS priority of a received frame is determined from A...

Page 290: ...ueues according to the CoS assigned to each frame CoS weighting selects the degree of preferential treatment that is attached to different priority queues The ratio of the number of higher CoS to lowe...

Page 291: ...4 Priority to CoS Mapping table The path to the Priority to CoS Mapping table is switch class of service priority to cos This table shows the mapping of each IEEE 802 1p priority value to the Class of...

Page 292: ...cos number TOS DSCP to CoS Mapping maps each Differentiated Services Code Point DSCP in the Type Of Service TOS field in the headers of the received IP packets to the Class of Service switch DSCP Syn...

Page 293: ...ved on this port that are not prioritized based on the frame s contents e g the priority field in the VLAN tag DiffServ field in the IP header prioritized MAC address Inspect TOS Enables or disables p...

Page 294: ...es mac tables menu is is accessible from the main menu under switch mac tables Figure 27 1 MAC Tables menu 1 Viewing MAC Addresses To display the MAC Address table navigate to switch mac tables mac ta...

Page 295: ...tically unlearned CoS Synopsis string one of the following keywords crit high medium normal The Class Of Service that is assigned to frames carrying this address as source or destination address 2 Con...

Page 296: ...m to add a new MAC address MAC Address and VLAN ID are the keys Enter other relevant parameters in the Static MAC Address Parameters form Figure 27 5 Key Settings Figure 27 6 Static MAC Address Parame...

Page 297: ...stalled in the indicated slot CoS Synopsis string one of the following keywords crit high medium normal Default normal The priority of traffic for a specified address 4 Purging The MAC Address Table T...

Page 298: ...e guaranteed to be aware of the new topology Using the values recommended by 802 1D this period lasts 30 seconds The Rapid Spanning Tree Protocol RSTP IEEE 802 1w was a further evolution of the 802 1D...

Page 299: ...nd whether it can currently be used State There are three RSTP states Discarding Learning and Forwarding The discarding state is entered when the port is first put into service The port does not learn...

Page 300: ...listen to each others messages and agree on which bridge is the Designated Bridge The ports of other bridges on the segment must become either Root Alternate or Backup ports Figure 28 2 Bridge and Por...

Page 301: ...may configure the bridge to override the half duplex determination mechanism and force the link to be treated in the proper fashion 28 1 4 Path and Port Costs The STP path cost is the main metric by...

Page 302: ...rameter Raise the value of the maximum age parameter if implementing very large bridged networks or rings 28 2 MSTP Operation The Multiple Spanning Tree MST algorithm and protocol provide greater cont...

Page 303: ...spanning tree instances that may be defined in an MST region not including the IST see below An MSTI is created by mapping a set of VLANs in ROX via the VLAN configuration to a given MSTI ID The same...

Page 304: ...s the minimum cost path to a CIST Root located outside the region A Designated Port provides the minimum cost path from an attached LAN via the bridge to the CIST Regional Root Alternate and Backup Po...

Page 305: ...MSTIs It is possible to control the spanning tree solution for each MSTI especially the set of active links for each tree by manipulating per MSTI the bridge priority and the port costs of links in th...

Page 306: ...gure a Region Identifier and Revision Level Note that these two items must be identical for each bridge in the MST region 5 Configure Bridge Priority per MSTI 6 Configure Port Cost and Priority per po...

Page 307: ...to the network edge 3 Identify edge ports and ports with half duplex shared media restrictions Ports that connect to host computers IEDs and controllers may be set to edge ports in order to guarantee...

Page 308: ...rapid recovery from link failure is required In normal operation RSTP will block traffic on one of the links for example as indicated by the double bars through link H in Figure 28 4 Example of a Rin...

Page 309: ...ce from the root bridge If the root bridge is assigned the lowest priority of 0 the bridges on either side should use a priority of 4096 and the next bridges 8192 and so on As there are 16 levels of b...

Page 310: ...form at the top level Spanning Tree menu configures parameters applicable to RSTP and MSTP over the whole bridge Figure 28 7 Spanning Tree Parameter form Enabled Synopsis boolean Default true Enables...

Page 311: ...number of messages is reached RSTP will be limited to 1 message per second Larger values allow the network to recover from failed links more quickly If RSTP is being used in a ring architecture the t...

Page 312: ...of the following keywords 4 1 Default 4 The Max Network Diameter as a muliplier of the MaxAgeTime value BPDU Guard Mode Synopsis string one of the following keywords untilreset noshutdown specify Def...

Page 313: ...s feature is only available in RSTP mode In MSTP mode the configuration parameter is ignored In a single ring topology this feature is not needed and should be disabled to avoid longer network recover...

Page 314: ...RSTP Parameter form The Port RSTP Parameter form appears on the same screen as the interface switch line module spanning tree submenu Enabled Synopsis boolean Default true When the box is checked the...

Page 315: ...ses the port not to be selected as the root port for the CIST or any MSTI even it has the best spanning tree priority vector This parameter should be FALSE by default Restricted TCN If TRUE causes the...

Page 316: ...string one of the following keywords 61440 57344 53248 49152 45960 40960 36864 32768 28672 24576 20480 16384 12288 8192 4096 0 Default 32768 Bridge Priority provides a way to control the topology of...

Page 317: ...nstance table After data has been configured the MSTP Instance table will be displayed at switch spanning tree mstp instance Figure 28 15 MSTP ID table To display the MSTP ID table navigate to switch...

Page 318: ...I Configuration form navigate to interface switch line module spanning tree msti number MSTP ID Synopsis integer MSTP Instance Identifier MSTP Priority Synopsis string one of the following keywords 24...

Page 319: ...inks For MSTP this parameter applies to both external and internal path costs RSTP Cost Synopsis string the keyword auto cost Synopsis unsigned integer Default auto cost The cost to use in cost calcul...

Page 320: ...navigate to switch spanning tree Status Synopsis string one of the following keywords none rootBridge notDesignatedForAnyLAN designatedBridge The spanning tree status of the bridge The status may be r...

Page 321: ...slot containing the port that provides connectivity towards the root bridge of the network Root Port Port Synopsis integer If the bridge is designated this is the port of the slot that provides conne...

Page 322: ...time from the Bridge RSTP Parameters menu Learned Max Age Synopsis integer The actual Maximum Age time provided by the root bridge as learned in configuration messages This time is used in designated...

Page 323: ...reen of the module STP State Synopsis string one of the following keywords discarding linkDown forwarding learning listening blocking disabled Describes the status of this interface in the spanning tr...

Page 324: ...et to RSTP 1Gbps will contribute 20 000 100 Mbps ports will contribute a cost of 200 000 and 10 Mbps ports contribute a cost of 2 000 000 Note that even if the Cost style is set to RSTP a port that mi...

Page 325: ...ssages transmitted from this port 28 5 3 MSTI Status Figure 28 21 MSTI Status table To display this table navigate to switch spanning tree msti status Figure 28 22 MSTI Status form To display these fo...

Page 326: ...Synopsis string the keyword trnk If the bridge is designated this is the slot containing the port that provides connectivity towards the root bridge of the network Root Port Port Synopsis integer If...

Page 327: ...cs forms is switch spanning tree port msti id number port msti stats line module Slot Synopsis string one of the following keywords lm6 lm5 lm4 lm3 lm2 lm1 sm Synopsis string the keyword trnk The slot...

Page 328: ...y to the root bridge It is not used but is standing by Master Only exists in MSTP The port is an MST region boundary port and the single port on the bridge which provides connectivity for the Multiple...

Page 329: ...r the length of time the port was in forwarding If one of the switches appears to flip the root from one port to another the problem may be one of traffic prioritization See problem five Another possi...

Page 330: ...te out to the edge and then back in order to reestablish the topology Problem Four My network is composed of a ring of bridges of which two connected to each other are managed and the rest are unmanag...

Page 331: ...etwork statistics to determine whether the root bridge is receiving TCNs around the time of observed frame loss It may be possible that you have problems with intermittent links in your network Proble...

Page 332: ...at specify a valid VLAN identifier VID Untagged frames are frames without tags or frames that carry 802 1p prioritization tags only having prioritization information and a VID of 0 Frames with a VID 0...

Page 333: ...s Rules Ingress Rules The VLAN ingress rules are applied to all frames when they are received by the switch Frame received This does not depend on ingress port s VLAN configuration parameters Untagged...

Page 334: ...on Protocol to automatically distribute VLAN configuration information in a network Each switch in a network needs only to be configured with VLANs it requires locally it dynamically learns the rest o...

Page 335: ...ome members of VLAN 7 Ports D1 and B1 advertise VID 20 and ports B3 B4 and D1 become members of VLAN 20 29 1 9 PVLAN Edge PVLAN Edge Protected VLAN Edge port refers to a feature of the switch whereby...

Page 336: ...ing the IP address of a host on another VLAN The use of creative bridge filtering and multiple VLANs can carve seemingly unified IP subnets into multiple regions policed by different security access p...

Page 337: ...independent networks These hosts may be replaced by a single multi homed host supporting each network on its own VLAN This host can perform routing between VLANs Figure 29 3 Inter VLAN Communications...

Page 338: ...igure 29 6 Static VLAN table Figure 29 7 Static VLAN form VLAN ID Synopsis integer The VLAN Identifier is used to identify the VLAN in tagged Ethernet frames according to IEEE 802 1Q IGMP Snooping Ena...

Page 339: ...dentifier specifies the VLAN ID associated with untagged and 802 1p priority tagged frames received on this port Frames tagged with a non zero VLAN ID will always be associated with the VLAN ID retrie...

Page 340: ...the switch configured or learned and can dynamically learn VLANs 29 3 3 VLAN Summary There are actually three ways that a VLAN can be created in the switch Explicit A VLAN is explicitly configured in...

Page 341: ...lan summary number Figure 29 12 Tagged Ports table Tagged ports and untagged ports can be viewed To display the Tagged Ports table navigate to switch vlans vlan summary number tagged ports Figure 29 1...

Page 342: ...module Untagged Slot Synopsis string one of the following keywords lm6 lm5 lm4 lm3 lm2 lm1 sm The name of the module location provided on the silkscreen across the top of the device Untagged Ports Syn...

Page 343: ...gure 29 20 Forbidden Ports If forbidden ports are configured display the Forbidden Ports form by navigating to switch vlans static vlan number forbidden ports Slot Synopsis string one of the following...

Page 344: ...29 Virtual LANs ROX v2 2 User Guide 344 RuggedBackbone RX1500 can use a router The router will treat each VLAN as a separate interface which will have its own associated IP address space...

Page 345: ...hbors across connected network links using a standard mechanism Devices that support LLDP are able to advertise information about themselves including their capabilities configuration interconnections...

Page 346: ...m form appear on the same screen as the menu Figure 30 3 LLDP form This form is used to configure the Network Discovery Protocol LLDP Enabled Synopsis boolean Default true Enables the LLDP protocol No...

Page 347: ...e or status changed The recommended value is set by the following formula 1 is less than or equal to txDelay less than or equal to 0 25 Tx Interval Notification Interval sec Synopsis integer Default 5...

Page 348: ...e of the following keywords local interfaceName networkAddress macAddress portComponent interfaceAlias chassisComponent local chassis subtype Local Chassis ID Synopsis Ethernet MAC address in colon se...

Page 349: ...Statistics form The path to the LLDP Port Statistics form is switch net discovery lldp port lldp stats and then clicking on one of the linked submenus for example sm 1 slot Synopsis string the keyword...

Page 350: ...d integer A counter of all LLDPDUs transmitted Ageouts Synopsis unsigned integer A counter of the times that a neighbor s information has been deleted from the LLDP remote system MIB because the txinf...

Page 351: ...cm Synopsis string the keyword trnk The slot of the module that contains this port Port Synopsis integer The port number as seen on the front plate silkscreen of the module Chassis ID Synopsis Ethern...

Page 352: ...x only Default rx tx no lldp The local LLDP agent can neither transmit nor receive LLDP frames rxTx The local LLDP agent can both transmit and receive LLDP frames through the port txOnly The local LLD...

Page 353: ...hing Chapter 32 Layer 3 Switching Tunnelling Chapter 33 Tunnelling Dynamic Routing Chapter 34 Dynamic Routing Static Routing Chapter 35 Static Routing Routing Status Chapter 36 Routing Status Multicas...

Page 354: ...be performed on router ports On the RX1500 series and RX5000 platforms all Ethernet ports except for cm 1 are switch ports On the RX1000 series platforms all Ethernet ports are router ports 31 3 Routi...

Page 355: ...at point the ROX device routes the traffic If the traffic volume to be routed is high enough then Layer 3 switching will start provided that this feature is available Note that the devices attached to...

Page 356: ...cated firewall rules which are not normally not supported by Layer 3 switches 32 1 2 Layer 3 Switch Forwarding table To route a packet with a specific destination IP address a router needs the followi...

Page 357: ...nfiguration as the rule takes the protocol and TCP UDP port into consideration to make forwarding decisions Host oriented learning is when the switch uses the following information to identify a traff...

Page 358: ...ing ASICs is significantly limited and may not be sufficient to accommodate all Layer 3 switching rules If the TCAM is full and a new static rule is created the new rule replaces some dynamically lear...

Page 359: ...e external network VLAN 400 at the address 227 100 20 100 Servers in VLAN 300 receive IP multicast data from the external network VLAN 400 at the address 227 100 250 250 No firewall is used in this us...

Page 360: ...er3 switching arp table and switch layer3 switching rules summary Do the same for the 10 200 60 0 24 network Even if Hw accelerate is not enabled Layer 3 switching is still performed but all switching...

Page 361: ...le Each server in the server farm would be polling device IP addresses one after the other in order Given that each server would always be talking to at least one device we could create static ARP ent...

Page 362: ...re Layer 3 switching do the following set the Layer 3 switching settings See Section 32 2 1 Configuring Layer 3 Switching Settings create static ARP table entries See Section 32 2 2 Creating Static AR...

Page 363: ...ic routes have to be subject to sophisticated firewall filtering Auto Both statically configured and dynamically learned Layer3 switching rules will be used In this mode maximum routing hardware accel...

Page 364: ...ode potentially controls multiple flows with a single rule and hence is more efficient in utilizing Layer3 switching ASIC resources Aging Time sec Synopsis integer Default 32 This parameter configures...

Page 365: ...t resolved the MAC IP address pair and keeps sending ARP requests periodically 32 2 3 Viewing Static and Dynamic ARP Table Entries The ARP Table Summary table lists all of the ARP table entries To vi...

Page 366: ...following keywords hidden invalid unicast multicast Identifies the type of the rule unicast multicast invalid In VLAN Synopsis integer Identifies the ingress VLAN To match the rule the packet s ingre...

Page 367: ...ghput of all packets matching the rule in packets per second static Synopsis boolean Whether the rule is static or dynamic Static rules are configured as a result of management activity Dynamic rules...

Page 368: ...y flush dynamic rules Static rules enabled by activating hardware acceleration never age out For more information on how to enable hardware acceleration see Section 32 1 Layer 3 Switching Fundamentals...

Page 369: ...as part of IP version 6 Openswan is the open source implementation of IPsec used by ROX The protocols used by IPsec are the Encapsulating Security Payload ESP and Internet Key Exchange IKE protocols...

Page 370: ...Public Key And Pre shared Keys In public key cryptography keys are created in matched pairs called public and private keys The public key is made public while the private key is kept secret Messages c...

Page 371: ...r details 33 1 1 8 The Openswan Configuration Process Each VPN connection has two ends the local router and the remote router The Openswan configuration record describing a VPN connection can be used...

Page 372: ...s on the same screen as the IPsec menu Figure 33 3 IPsec form The IPsec form is used in configuring IPSec VPN Enable IPSec Enables IPSec NAT Traversal Enables NAT Traversal Keep Alive Synopsis unsigne...

Page 373: ...pr kern daemon cron authpriv auth Default daemon The log facility Log Level Synopsis string one of the following keywords warnings notifications informational errors emergencies debugging critical ale...

Page 374: ...4 RuggedBackbone RX1500 Figure 33 6 Install Certificate forms The path to the Install Certificates forms is tunnel ipsec certificate install certificate To install the certificates enter the parameter...

Page 375: ...gedBackbone RX1500 Figure 33 7 Install Ca Certificate forms The path to the Install Ca Certificate forms is tunnel ipsec certificate install ca certificate Enter the parameters and then click on the P...

Page 376: ...crl file To install the files enter the parameters and then click the Perform button Figure 33 9 Show IPsec Running Status form The path to the Show IPsec Running Status form is tunnel ipsec status T...

Page 377: ...etting for all connections Startup Operation Synopsis string one of the following keywords default route start add ignore Default default The action at IPSec startup time Authenticate By Synopsis stri...

Page 378: ...er algorithm Hash Method Synopsis string one of the following keywords any md5 sha1 Hash method Figure 33 14 IKE table If data is configured the path to the IKE table will be tunnel ipsec connection l...

Page 379: ...eft The System Public Key System Identifier and Nexthop to Other System forms appear on the same screen as the Public IP Address form The public ip is the system identifier Type Synopsis string one of...

Page 380: ...type Synopsis string one of the following keywords hostname address from certificate none default Default default Type Hostname or IP Address Synopsis A string conforming to Hostname or IP address Fig...

Page 381: ...configured the path to the Preshared Key form will be tunnel ipsec preshared key line module Figure 33 22 Preshared Key form Remote Address Synopsis string the keyword any Synopsis IPv4 address in dot...

Page 382: ...erver forms appear on the same screen as this menu Figure 33 24 L2TP form Enable L2TP Enable L2TP Local IP Address Synopsis IPv4 address in dotted decimal notation Local IP address First IP Address Sy...

Page 383: ...s dialin menu If you are not enabling the Authorize Locally field you need to configure the Radius server for ppp authentication under the global ppp radius menu For more information on PPP see Chapte...

Page 384: ...eatures GOOSE traffic is bridged over the WAN via UDP IP One GOOSE traffic source can be mapped to multiple remote router Ethernet interfaces in mesh fashion To reduce bandwidth consumption GOOSE daem...

Page 385: ...on another RuggedBackbone 33 3 2 1 Generic Tunnel Implementation Details For each tunnel configured the daemon monitors the specified Ethernet interface for Ethernet Layer 2 frames of the specified ty...

Page 386: ...te with other daemons The Beacon interval field configures how often a Round Trip Time RTT measurement message is sent to each remote peer The interval takes the values Off to disable RTT measurement...

Page 387: ...se tunnel interface Synopsis A string The interface to listen on for goose frames multicast mac Synopsis Multicast Ethernet MAC address in colon separated hexadecimal notation The multicast MAC addres...

Page 388: ...interface for Ethernet type frames Figure 33 36 L2 Ethernet Type table type Synopsis string the keyword iso Synopsis A string conforming to 0x 0 9A Fa f 4 Ethernet type to be forwarded ie 0xFEFE 33 3...

Page 389: ...imal notation Multicast Destination MAC Address of Goose message rx frames Synopsis unsigned integer The number of frames received over the tunnel tx frames Synopsis unsigned integer The number of fra...

Page 390: ...el tx packets Synopsis unsigned integer The number of frames transmitted over the tunnel rx bytes Synopsis unsigned integer The number of bytes received over the tunnel tx bytes Synopsis unsigned inte...

Page 391: ...ing VLAN Interface name rx frames Synopsis unsigned integer The number of frames received over the tunnel tx frames Synopsis unsigned integer The number of frames transmitted over the tunnel rx chars...

Page 392: ...of frames received over the tunnel tx packets Synopsis unsigned integer The number of frames transmitted over the tunnel rx bytes Synopsis unsigned integer The number of bytes received over the tunne...

Page 393: ...l problems Figure 33 46 Round Trip Time Statistics form remote ip Synopsis IPv4 address in dotted decimal notation IP address of remote goose daemon transmitted Synopsis unsigned integer The number of...

Page 394: ...dress of 172 19 20 21 and a remote subnet of 192 168 2 0 24 If you are connecting to a CISCO router in place of Router 1 in the example above the local router address corresponds to the CISCO IOS sour...

Page 395: ...gre0 if name Synopsis A string conforming to A Za z 1 0 9A Za z 0 9 The GRE tunnel network interface name The prefix gre will be added to this interface name local ip Synopsis IPv4 address in dotted d...

Page 396: ...33 Tunnelling ROX v2 2 User Guide 396 RuggedBackbone RX1500 cost Synopsis integer Default The routing cost associated with networking routing that directs traffic through the tunnel...

Page 397: ...an RFC1058 compliant implementation of RIP support RIP version 1 and 2 RIP version 1 is limited to obsolete class based networks while RIP version 2 supports subnet masks as well as simple authentica...

Page 398: ...r of routes to be advertised may help to avoid this problem In shared access networks i e routers connected by switches or hubs a designated router and a backup designated are elected to receive route...

Page 399: ...nets which are directly connected to the router but are not part of the OSPF area or RIP or BGP networks can be advertised if redistribute connected is enabled in the OSPF RIP or BGP Global Parameters...

Page 400: ...By enabling authentication and configuring a shared key on all the routers only routers which have the same authentication key will be able to send and receive advertisements within the RIP network 3...

Page 401: ...eration Router 1 and 2 have VRRP setup on their Ethernet connection so that they can both function as the gateway for the clients on their network segment Normally Router 1 is the VRRP master and only...

Page 402: ...ute connected as OSPF would not use the subnets for routing 34 1 6 BGP Fundamentals The Border Gateway Protocol BGP RFC 4271 is a robust and scalable routing protocol BGP is designed to manage a routi...

Page 403: ...ic route and redistributing it in RIP using the redistribute element with static type Default Metric Synopsis integer in the range 32768 to 32767 Default 1 This element modifies the default metric val...

Page 404: ...ynopsis unsigned integer Default 30 The routing table update timer in seconds Timeout Timer Synopsis unsigned integer Default 180 The routing information timeout timer in seconds Garbage Collection Ti...

Page 405: ...ied to multiple groups of interfaces Without key chains the same settings would have to be entered for each interface separately Key chains also allow multiple keys to be entered in a single key chain...

Page 406: ...ation Synopsis string the keyword infinite Expire time 34 3 1 4 Redistribute This element redistributes routing information into the RIP tables from route entries specified by type Redistribute Route...

Page 407: ...element Receive Version Synopsis string one of the following keywords 2 1 1 2 2 1 The version of RIP packets that will be accepted on this interface By default version 1 and version 2 packet will be a...

Page 408: ...etwork The split horizon prevents advertising those routes back out the same interface which helps to control this problem Some network topologies with rings of routers will still have some issues wit...

Page 409: ...ard shortcut ibm cisco Default cisco The OSPF ABR type Auto Cost Reference Bandwidth Synopsis unsigned integer Default 100 Calculates the OSPF interface cost according to bandwidth 1 4294967 Mbps Comp...

Page 410: ...OSPF Area Distance form can be used to define OSPF external inter area or intra area routes distance External Routes Distance Synopsis unsigned integer The administrative distance for external routes...

Page 411: ...stributes the route type Metric Type Synopsis integer in the range 32768 to 32767 Default 2 The OSPF exterior metric type for redistributed routes Metric Synopsis unsigned integer The metric for redis...

Page 412: ...d byte integer Default 1 Priority of interface Passive Interface Whether an interface is active or passive Passive interfaces do not send LSAs to other routers and are not part of an OSPF area Retrans...

Page 413: ...of submenus that follow authentication ip cost ip dead interval ip hello interval ip message digest key message digest key ip retransmit interval ip and transmit delay ip 34 5 BGP 34 5 1 BGP configura...

Page 414: ...distance value of BGP External Routes Distance Synopsis unsigned integer Distance value for external routes Internal Routes Distance Synopsis unsigned integer Distance value for internal routes Local...

Page 415: ...Action Network Synopsis IPv4 address and prefix in CIDR notation Network xxx xxx xxx xxx xx Less Than or Equal to Synopsis unsigned byte integer The maximum prefix length to be matched Greater Than or...

Page 416: ...g conforming to s The prefix list name Route Source Match Prefix List Synopsis A string conforming to s The prefix list name Route Map Metric Metric Synopsis unsigned integer Match the route metric Pe...

Page 417: ...iginator ID weight Synopsis unsigned integer Weight 34 5 1 2 Network Networks may be specified in order to add BGP routers connected to the specified subnets Note that a network specification need not...

Page 418: ...ebgp multihop Synopsis unsigned byte integer The maximum hop count This allows EBGP neighbors not on directly connected networks Maximum Prefix Synopsis unsigned integer The maximum prefix number acc...

Page 419: ...atched Subnet Subnet Prefix Synopsis IPv4 address and prefix in CIDR notation IP Address Prefix Distance Synopsis unsigned integer Distance value 34 5 1 6 Redistribute Redistribute Route from Other Pr...

Page 420: ...orm The path to the Static Route form is routing static ipv4 route hw accelerate If the static unicast route can be hardware accelerated the option will be available For a static unicast route to be a...

Page 421: ...path to the Blackhole Static Route form is routing static ipv4 route blackhole Distance optional Synopsis unsigned integer The distance for the static route Figure 35 7 Static Route Using Interface ta...

Page 422: ...e on a locally connected broadcast network i e without a gateway without also bringing up a corresponding IP address on that interface For example it would be possible to add 192 168 1 0 24 to switch...

Page 423: ...ive Routing table is routing status ipv6routes Subnet Synopsis string The network prefix Gateway Address Synopsis string The gateway address Interface Name Synopsis string The interface name Route Typ...

Page 424: ...The number of used ordinary blocks in bytes Free ordinary blocks Byte Synopsis unsigned integer The number of free ordinary blocks in bytes Figure 36 5 RIP Daemon Memory Statistics Form total Synopsi...

Page 425: ...r of free ordinary blocks in bytes Figure 36 7 OSPF Daemon Memory Statistics Form total Synopsis unsigned integer The total heap allocated in bytes used Synopsis unsigned integer The number of used or...

Page 426: ...To display the Network table navigate to routing status ospf route network id Synopsis string Network Prefix discard Synopsis string This entry is discarded entry inter area Synopsis string Is path t...

Page 427: ...string Router ID Figure 36 13 Area Table To display the Area table navigate to routing status ospf route router number area id Synopsis string Area ID inter area Synopsis string Is path type inter ar...

Page 428: ...r age Synopsis integer Age seqnum Synopsis string Sequence number Figure 36 15 Summary Table To display the Summary table navigate to routing status ospf database summary id Synopsis string Link ID ar...

Page 429: ...psis string Area ID adv router Synopsis string Advertising Router age Synopsis integer Age seqnum Synopsis string Sequence number Figure 36 17 AS External Table To display the AS External table naviga...

Page 430: ...ute tag Figure 36 18 Neighbor Table To display the Neighbor table navigate to routing status ospf neighbor id Synopsis string Neighbor ID address Synopsis string Address priority Synopsis integer Prio...

Page 431: ...ring Network Figure 36 21 Next Hop Table To display the Next Hop table navigate to routing status bgp route address next hop address Synopsis string Next hop address selected Synopsis boolean Selected...

Page 432: ...ring Neighbor address version Synopsis integer BGP version as Synopsis string Remote AS number msgrcvd Synopsis integer Number of received BGP messages msgsent Synopsis integer Number of sent BGP mess...

Page 433: ...appears on the same screen as the Multicast menu enabled Enables static multicast routing service Figure 37 3 Static menu The path to the Static menu is routing multicast static From the static menu...

Page 434: ...A string conforming to 22 4 9 23 0 9 0 9 1 9 0 9 1 0 9 2 2 0 4 0 9 25 0 5 2 0 9 1 9 0 9 1 0 9 2 2 0 4 0 9 25 0 5 The multicast IP address to be forwarded in the format xxx xxx xxx xxx The address mus...

Page 435: ...format xxx xxx xxx xxx U indicates that this address is uniquely paired with the multicast address set in the Multicast ip field You cannot use this IP address to create another Multicast Routing ent...

Page 436: ...37 Multicast Routing ROX v2 2 User Guide 436 RuggedBackbone RX1500 entryStatus Synopsis string The status of the multicast routing entry...

Page 437: ...s at and tests each packet and the tests or rules may be modified depending on packets that have already been processed This is called connection tracking Stateful firewalls can also recognize that tr...

Page 438: ...ing a public interface of 213 18 101 62 When a connection request for http port 80 arrives at 213 18 101 62 the NAT gateway could forward the request to either of the hosts or could accept it itself P...

Page 439: ...as expected 38 3 Firewall Terminology And Concepts This section provides background on various firewall terms and concepts References are made to the section where configuration applies 38 3 1 Zones A...

Page 440: ...REJECT QUEUE CONTINUE and NONE The first three are the most widely used and are described here When the ACCEPT policy is used a connection is allowed When the DROP policy is used a request is simply i...

Page 441: ...udp These can be raw port numbers or names as found in file etc services Some examples should illustrate the use of masquerading Rule Interface Subnet Address Protocol Ports 1 switch 0001 switch 0002...

Page 442: ...Redirect the request to a local tcp port number on the local firewall This is most often used to remap port numbers for services on the firewall itself Table 38 7 The remaining fields of a rule are a...

Page 443: ...the interfaces menu as it will be carrying both traffic for both zones Visit the Host menu and for the network interface that carries the encrypted IPSec traffic create a zone host with zone VPN the c...

Page 444: ...CCEPT dmz net ah ACCEPT dmz net esp ACCEPT dmz net udp 500 Table 38 13 38 5 Firewall Configuration All firewall fields accept only alphanumeric characters excluding spaces Do not use punctuation or ot...

Page 445: ...5 1 Adding a Firewall To add a firewall enter edit private mode navigate to security firewall fwconfig and click Add fwconfig Figure 38 4 Adding a Firewall In the Key settings form enter a name for th...

Page 446: ...active config Specify work configuration Synopsis string The current work firewall is specified here Specify active configuration Synopsis string The current active firewall is specified here 38 5 2...

Page 447: ...the fw1 firewall configuration is active you might wish to make changes to the live configuration Any changes made to a configuration that is defined as active config and enable will be reflected on t...

Page 448: ...for same interfaces ppp Figure 38 11 Interface Options form Arp Filter Responds only to ARP requests for configured IP addresses routeback Allow traffic on this interface to be routed back out that s...

Page 449: ...nfo level logmartians Enables logging of packets with impossible source addresses Figure 38 12 Broadcast Address form broadcast addr Optional A broadcast address 38 5 5 Host Configuration Hosts are us...

Page 450: ...rm IPsec zone Synopsis boolean Default false 38 5 6 Policies Figure 38 16 Main Policy Settings table Figure 38 17 Main Policy Settings form Default actions for connection establishment between differe...

Page 451: ...ion zone configuration by specifiying a zone Please choose either a pre defined zone or all Figure 38 19 Source Zone form source zone The zone from which the request originates Enter a source zone con...

Page 452: ...a DNS name Interface Synopsis A string Interfaces that have the EXTERNAL address Internal Address Synopsis IPv4 address in dotted decimal notation The internal address must not be a DNS Name Limit Int...

Page 453: ...outgoing interfacelist usually the internet interface Outgoing Interface Specifics Synopsis string Optional An outgoing interface list specific destinations IP for the out interface Source Hosts Synop...

Page 454: ...is rule Action Synopsis string one of the following keywords dnat dnat redirect continue reject drop accept Default reject The final action to take on incoming packets matching this rule Destination Z...

Page 455: ...rds none Related Any Default none Optional The tcp udp port the connection is destined for Original Destination Synopsis string Synopsis string the keyword None Default none Optional The destination I...

Page 456: ...38 Firewall ROX v2 2 User Guide 456 RuggedBackbone RX1500 Optional Add comma separated host IPs to the destination zone may include port for DNAT or REDIRECT...

Page 457: ...e accessed simultaneously Only the mode that is currently configured can be accessed 39 1 1 Traffic Control Basic basic configuration Configuration Mode Basic configuration mode offers a limited set o...

Page 458: ...ble 39 2 TC Classes 39 1 2 1 3 TC Rules Mark Source Destination Protocol Source Port Dest Port Test Length TOS 2 Any Any ICMP Any Any Any Any Any RESTORE Any Any Any Any Any 0 Any Any CONTINUE Any Any...

Page 459: ...all configuration to operate Basic or Advanced Configuration Modes Synopsis string one of the following keywords advanced basic Default basic Specifies to use either simple or advanced configuration m...

Page 460: ...he Traffic Control Configuration form click Enabled in the Enable configuration field 4 Select basic in the Basic or Advanced Configuration Modes field 5 Click Commit 6 Click Exit Transaction 39 2 1 1...

Page 461: ...to be treated as a single flow internal causes the traffic generated by each unique destination IP address to be treated as a single flow internal interfaces seldom benefit from simple traffic shaping...

Page 462: ...sed on the matching ToS value in the IP header if nothing else is configured under a band or when IP traffic does not match with the rules specified in a band Speed units bps bytes per second mbps kbp...

Page 463: ...Medium band includes Normal Service 0x0 mr 0x04 mmc mr 0x06 md Maximize Throughput mt 0x18 mmc mt md 0x1a mr mt md 0x1c mmc mr mt md 0x1e Low band includes mmc 0x02 mt 0x08 mmc mt 0x0a mr mt 0x0c mmc...

Page 464: ...figure advanced configuration mode follow the procedure below Figure 39 8 Enabling Advanced configuration Mode Procedure 39 2 Configuring Advanced configuration Mode 1 Enter Edit Private mode 2 Click...

Page 465: ...o qos traffic control advanced configuration tcclasses class Note that each class is associated with exactly one network interface Exactly one class for each interface must be designated as the defaul...

Page 466: ...bandwidth is a single numerical value max bandwidth Synopsis string The maximum bandwidth this class is allowed to use when the link is idle This can be either a numeric value or a calculated expressi...

Page 467: ...ol advanced configuration tcclasses class IP Traffic matching with the ToS options take precedence over the mark rules tos minimize delay Synopsis boolean Default false Value mask encoding 0x10 0x10 t...

Page 468: ...the given ToS value or value mask combination of an IP packet s TOS byte Value and Value Mask are both specified in hexadecimal notation using the 0x prefix It is also possible to specify a diffserv m...

Page 469: ...ded the packets are dropped in unit Synopsis string one of the following keywords none bps mbps mbit kbps kbit Default none Unit when incoming bandwidth is specified outbandwidth Synopsis unsigned sho...

Page 470: ...affic classification rule Add a new rule by selecting Add tcrules Remove a tcrule by selecting next to a tcrule and click on an existing tcrule to modify it Reorder rules by clicking next to the rule...

Page 471: ...ted list of hosts or IPs MAC addr or all When using MACs use as prefix and as separator Ex 00 1a 6b 4a 72 34 00 1a 6b 4a 71 42 destination Synopsis string IF name comma separated list of hosts or IPs...

Page 472: ...sis string Optional Match the length of a packet against a specific value or range of values Greater than and lesser than as well as ranges are supported in the form of min max Ex Equal to 64 64 Great...

Page 473: ...ark the connection in the PREROUTING chain This can be used with DNAT SNAT and Masquerading rule in firewall An example of such a rule is Source IP 192 168 2 101 Chain option preroute or default but t...

Page 474: ...the operation with decimal value modify chain Synopsis string one of the following keywords prerouting postrouting forward Default forward Chain in which the operation will take place Figure 39 19 Sav...

Page 475: ...g stops This can be used to improve efficiency in combination with the SAVE and RESTORE rules For example consider a TC Rules table organized roughly as follows and in the same order A RESTORE rule is...

Page 476: ...ection protocol to dynamically assign responsibility for the virtual router to one of the routers in the group This router is called the VRRP Master If the Master or optionally its WAN connection fail...

Page 477: ...osts at their real IP addresses Two or more VRRP instances can be assigned to be in the same VRRP Group in which case they can fail over together In the following network both host 1 and host 2 use a...

Page 478: ...nds If a monitored interface goes down a master router will immediately signal an election and allow a backup router to assume mastership The router issues a set of gratuitous ARPs when moving between...

Page 479: ...Redundancy Protocol VRRP form enable or disable the VRRP service Enable VRRP Service Enables VRRP Service Router ID Synopsis string The router ID for VRRP logs Figure 40 5 VRRP Group Table The VRRP Gr...

Page 480: ...uter ID Synopsis unsigned byte The Virtual Router ID All routers supplying the same VRIP should have the same VRID Priority Synopsis unsigned byte The priority of VRRP instance For electing MASTER hig...

Page 481: ...D20 monitor An Extra Interface to Monitor causes VRRP to release control of the VRIP if the specified interface stops running Extra Interface to Monitor Synopsis A string The interface name Figure 40...

Page 482: ...status number Instance Name Synopsis string The VRRP instance name State Synopsis string The VRRP instance state Time Of Change To Current State Synopsis string The time of change to the current stat...

Page 483: ...lure in this example through Network A the link backup daemon inspects the link status of the main link and sends a regular ping to a designated host or to a dummy address on the router In this way ne...

Page 484: ...Demand After configuring link failover you can do the following view the link failover status See Section 41 3 5 Viewing Link Failover Status view the link failover log See Section 41 3 6 Viewing the...

Page 485: ...t the main trunk is up returned to service before stopping the backup trunk The link failover feature can only be configured on a routable interface For the link failover feature to be used on a switc...

Page 486: ...Setting a Link Failover Ping Target A link failover ping target is an IP address that link failover pings to determine if the main link is down The address can be a dedicated host or a dummy address...

Page 487: ...s on the Multilink PPP form at interface wan interface id t1 channel channel id connection mlppp wan ppp connections on the PPP form at interface wan interface id t1 channel channel id connection ppp...

Page 488: ...irm that each link failover configuration works properly To launch the test you specify for how long the system should operate on the backup interface and for how long the system should delay before s...

Page 489: ...edBackbone RX1500 Figure 41 7 Link Fail Over Test Settings form Test duration The amount of time in minutes to run the test before restoring service to the main trunk Start test delay The amount of wa...

Page 490: ...tware RADIUS Server Configuration Appendix B RADIUS Server Configuration Setting Up An Upgrade Server Appendix C Setting Up An Upgrade Server Adding and Replacing Modules Appendix D Adding and Replaci...

Page 491: ...nfigure the location of the software upgrade repository and the version of software to which to upgrade At the top of the screen click Edit Private to access the Edit Private view The screen in Edit P...

Page 492: ...ox will appear prompting you to commit your changes Click the OK button Figure A 3 Pending Commit A dialog box will appear informing you that the configuration has been committed Click the OK button F...

Page 493: ...pgrade The Success and Upgrade Options messages shown below indicate that the upgrade has been launched Figure A 6 Upgrade Launched Dialogs Click the Exit Transaction button at the top of the screen t...

Page 494: ...one of the above four phases Failed These phases are shown in real time in the Upgrade Phase field on the Upgrade Monitoring Form below Figure A 8 Upgrade Monitoring Form in Reboot pending Stage Once...

Page 495: ...es Downloading packages Copying filesystem Estimating upgrade size Inactive The current phase or state of the upgrade filesystem copy synopsis integer in the range 0 to 100 Phase 1 of the upgrade invo...

Page 496: ...RX1500 The date and time of completion of the last upgrade attempt last upgrade result synopsis string one of Interrupted Declined Not Applicable Reboot Pending Unknown Upgrade Failed Upgrade Success...

Page 497: ...e must have a user ID and password The RADIUS NAS Identifier attribute may optionally be used to restrict which service an account may access login ppp ssh Accounts that do not specify a NAS Identifie...

Page 498: ...ze of upgrade when the routers upgrade each unit s upgrade is bandwidth limited to 500kbps by default Most web servers can serve files to the limit of the network interface bandwidth so even a modest...

Page 499: ...d NETCONF see the appropriate user guide for details The second method allows you to configure the target release version explicitly Some administrators may prefer this approach for sake of clarity bu...

Page 500: ...into the slot and boot the unit 4 After boot up the new line module is auto detected and operational 5 Under interface interfaces have now been created for the new module you may proceed with addition...

Page 501: ...the module you may proceed with related configurations D 5 Swapping a Module with a Different Type of Module 1 Set the module type under chassis line modules to none this allows the system to auto det...

Page 502: ...ams and that you know you can do these things To protect your rights we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights These restrictions t...

Page 503: ...y protection in exchange for a fee E 2 3 Section 2 You may modify your copy or copies of the Program or any portion of it thus forming a work based on the Program and copy and distribute such modifica...

Page 504: ...eans all the source code for all modules it contains plus any associated interface definition files plus the scripts used to control compilation and installation of the executable However as a special...

Page 505: ...of that system it is up to the author donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice This section is intended to make...

Page 506: ...can redistribute and change under these terms To do so attach the following notices to the program It is safest to attach them to the start of each source file to most effectively convey the exclusio...

Page 507: ...ll copyright interest in the program Gnomovision which makes passes at compilers written by James Hacker signature of Ty Coon 1 April 1989 Ty Coon President of Vice This General Public License does no...

Reviews:

No comments

Related manuals for RuggedBackbone RX1500

Brand: Campbell Hausfeld Pages: 12

Brand: Maipu Pages: 21

Brand: Maico Pages: 56

Champion KD-2X1

Brand: Key Digital Pages: 12

Brand: LEGRAND Pages: 12

Brand: Optical Systems Design Pages: 20

Brand: WIKA Pages: 8

3C63100-AC-C - PathBuilder S600...

Brand: 3Com Pages: 232

ETHERLINE ACCESS U04TP01T

Brand: LAPP Pages: 16

Brand: Crestron Pages: 2

Brand: GE Pages: 50

Brand: PABX Pages: 46

Brand: DLS Pages: 226

Brand: Gefen Pages: 14

Brand: Steren Pages: 13

Brand: Konig Pages: 40

Brand: Black Box Pages: 76

Brand: BERNSTEIN Pages: 38

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands