Samsung Ubigate iBG3026 Page 274 Configuration Manual Download | Manualshive

Page: 274 / 718

background image

CHAPTER 23. Firewall NAT

234

© SAMSUNG Electronics Co., Ltd.

Figure 23.2 Three Legged Firewall Network

Access Policy Database

Access Policy Database is firewall’s central database, commonly referred as
policy database. This database makes use of all the other databases in firewall
and enables in deciding whether a datagram needs to be allowed or denied and
other actions associated to processing.

A policy is nothing but a rule that defines from host A to host B what action
needs to be taken. Every time a new connection comes from host A to host B,
this policy will be referred and the corresponding action will be taken.

This policy is available on network basis and within that direction. Currently
supported policy categories are

Outbound: Policies that govern traffic originated from one map to the
external world.

Inbound-Policies that govern traffic bound to map from the external world.

internet

PAT

Reverse
NAT

Wan interface

ethernet 0/2

interface

FIREWALL ethernet 0/4

interface

corp

dmz

Host1

Host3

Host2

Web-server

Mail-server

«
...
272
273
274
275
276
...
»

Summary of Contents for Ubigate iBG3026

Page 1: ......

Page 2: ...cs All other company and product names may be trademarks of the respective companies with which they are associated This manual should be read before the installation and operation and the operator should correctly install and operate the product by using this manual This manual may be changed for the system improvement standardization and other technical reasons without prior notice For further i...

Page 3: ...adio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense FCC REQUIREMENTS Thie equipment the iBG3026 complies with Part 68 of the FCC rules and the requirements adopted by the ATCA On the top of this equipment is a label that contains among other information a...

Page 4: ...This equipment complies with Part 68 of the FCC rules The FCC Part 68 label is located on the bottom chassis panel This label contains the FCC Registration Number and Ringer Equivalence Number REN for this equipment If requested this information must be provided to your telephone company Connection to the telephone network should be made by using standard modular telephone jacks type RJ 11C The RJ...

Page 5: ...lso you will be advised of your right to file a complaint with the FCC if you believe it is necessary CHANGES TO TELEPHONE COMPANY EQUIPMENT OR FACILITIES The telephone company may make changes in its facilities equipment operations or procedures that could affect the operation of the equipment If this happens the telephone company will provide advance notice in order for you to make necessary mod...

Page 6: ...c Switched Telephone Network PSTN when DID calls are Answered by the called station Answered by the attendant Routed to a recorded announcement that can be administered by the Customer Premises Equipment CPE user Routed to a dial prompt B This equipment returns answer supervision on all DID calls forwarded to the PSTN Permissible exceptions are A call is unanswered A busy tone is received A reorde...

Page 7: ...ws a license may be required from the American Society of Composers Authors and Publishers ASCAP or other similar organizations if copyright music is transmitted through the Music on Hold feature SAMSUNG ELECTRONICS CO LTD hereby disclaims any liability arising out of failure to obtain such a license DISA WARNING Lines that are used for the Direct Inward System Access feature must have the disconn...

Page 8: ... system is listed with Underwriters Laboratories The cUL Mark is separately shown on the label Every wire for communication should be larger than 26 AWG Double pole neutral fusing The following statement from Underwriters Labs applies to the Ubigate iBG3026 System 1 Separation of TNV and SELV Pluggable A The separate protective earthing terminal provided on this product shall be permanently connec...

Page 9: ...in Part K of Article 250 of the National Electrical Code ANSI NFPA 70 and Article 10 of Part 1 of the Canadian Electrical Code Part 1 C22 1 Termination of the supplementary earthing conductor is permitted to be made to building steel to a metal electrical raceway system or to any earthed item that is permanently and reliably connected to the electrical service equipment earthed 3 Bare covered or i...

Page 10: ...nection of the equipment to the supply circuit and the effect that overloading of the circuits might have on overcurrent protection and supply wiring Appropriate consideration of equipment nameplate ratings should be used when addressing this concern E Reliable Earthing Reliable earthing of rack mounted equipment should be maintained Particular attention should be given to supply connections other...

Page 11: ...te iBG3026 This manual is for engineers technicians and others involved with the planning and operation of the Ubigate iBG3026 Document Content and Organization This manual contains the following chapters PART I System Configuration CHAPTER 1 Basic Configuration CHAPTER 2 Port Numbering CHAPTER 3 Management Configuration CHAPTER 4 System Logging CHAPTER 5 RMON Configuration ...

Page 12: ...Routing Protocols CHAPTER 10 Layer 2 Switching CHAPTER 11 DHCP Relay CHAPTER 12 Static Routing CHAPTER 13 RIP CHAPTER 14 OSPF CHAPTER 15 BGP CHAPTER 16 MultiCast Protocols CHAPTER 17 VRRP CHAPTER 18 MPLS CHAPTER 19 QoS CHAPTER 20 VLAN forwarding with QoS PART IV Security CHAPTER 21 Authentication Authorization Accounting CHAPTER 22 Packet Filtering CHAPTER 23 Firewall NAT CHAPTER 24 GRE CHAPTER 25...

Page 13: ...N CHAPTER 33 Routing and Digit Manipulation CHAPTER 34 VoIP Services CHAPTER 35 Call Admission Control CHAPTER 36 Management CHAPTER 37 Survivable Telephony Conventions The following types of paragraphs contain special information that must be carefully read and thoroughly understood Such information may or may not be enclosed in a rectangular box separating it from the main text but is always pre...

Page 14: ...he console screen Reference Ubigate iBG3026 System Description Ubigate iBG3026 Installation Manual Ubigate iBG3026 Command Reference Ubigate iBG3026 Message Reference Ubigate iBG3026 TroubleShooting Manual Ubigate iBG3026 Quick Start Guide Ubigate iBG3026 iBG DM User Guide Ubigate iBG3026 ISM User Guide Ubigate iPX User Guide Contacting Technical Support For questions regarding the product and the...

Page 15: ...NG Electronics Co Ltd XIII Obtaining Publications and Additional Information The Ubigate iBG3026 documentation set and additional literature is available at http www samsungen com Revision History EDITION DATE OF ISSUE REMARKS 00 04 2006 First Draft ...

Page 16: ...INTRODUCTION XIV SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 17: ...RNING VI UNDERWRITERS LABORATORIES VI INTRODUCTION IX Purpose IX Document Content and Organization IX Conventions XI Console Screen Output XII Reference XII Contacting Technical Support XII Obtaining Publications and Additional Information XIII Revision History XIII PART I System Configuration CHAPTER 1 Basic Configuration 1 Logging in 1 Command Line Interface Basics 4 CHAPTER 2 Port Numbering 9 L...

Page 18: ... Events 27 CHAPTER 5 RMON Configuration 31 Configuring Remote Monitoring 31 Configuring RMON 32 Verifying RMON Configuration 33 PART II WAN Interface and Protocols CHAPTER 6 Serial Interfaces 37 Serial Interfaces Overview 37 Multi Protocol Serial Interface 37 HSSI Interface 39 Module Configuration 41 Configuring V 35 41 Bundle Configuration 43 Configuring HSSI 47 CHAPTER 7 WAN Interfaces 51 Module...

Page 19: ...ng Protocols CHAPTER 10 Layer 2 Switching 73 Layer 2 LAN Switching and Bridging 73 IGMP Snooping 74 Protocol Configuration 75 Bridge Configurations 75 Configuring 802 1x 80 LACP Configuration 81 GVRP Configuration 82 Configuring IGMP Snooping 84 CHAPTER 11 DHCP Relay 89 CHAPTER 12 Static Routing 93 Configuring Static Routes 93 CHAPTER 13 RIP 95 RIP Protocol Features 95 Configuring RIP 97 Configuri...

Page 20: ...LS Overview 141 MPLS Forwarding 142 QoS 143 Martini L2 VPN Overview 143 MPLS Configuration Example 151 Label Distribution Protocol LDP Overview 151 Enabling label switching minimal configuration 154 Establishing a Trunk CSPF disabled 156 Establishing a Trunk Using CSPF 157 Establishing a Trunk Using Explicitly Defined Path 158 Reserving Bandwidth for the Trunk 159 Adding a Secondary LSP to the Tru...

Page 21: ...licing 173 Verifying Policing Status and Configuration 173 Limitations 175 Multi Field Classification 175 Packet Marking 176 Configuring MF Classification 176 Traffic Policing 179 Policing Using Single Rate Three Color Marking srTCM 181 Configuring srTCM 183 The trTCM Two Rate Three Color Marker 183 Configuring trTCM 185 Statistics 185 Egress Queuing Shaping and Scheduling 186 CBQ Scheduler Operat...

Page 22: ...Marking 206 Configuration Example 207 Verifying the Configuration 207 Policing based CoS Marking CoS Re marking and L2 based CoS Re marking 208 Configuration Example 209 Verifying the Configuration 209 Multi Field Classification using PCLs 210 Configuration Example 211 Verifying the Configuration 211 Traffic Policing 211 Configuration Example 212 Verifying the Configuration 213 Billing Conformance...

Page 23: ...g 223 Configuration Examples 224 CHAPTER 22 Packet Filtering 229 Example Blocking Telnet Access 230 Configure the Ubigate iBG3026 230 CHAPTER 23 Firewall NAT 231 Overview 231 Virtual Firewall 232 Access Policy Database 234 Application Level Gateways 236 Network Address Translation 236 Application Content Filtering 237 Configuring Firewalls 238 NAT configuration Examples 240 Dynamic NAT many to man...

Page 24: ...ample 266 Joining Two Networks using Multiple IPSec Proposals Example 274 Supporting Remote User Access Example 286 Configuring IPSec Remote Access Example 295 PART V Voice CHAPTER 26 Voice Feature 305 Introduction of Voice Feature 305 Network Architecture 305 Operation Mode 308 Key Functions 311 Voice Deployment Scenario 324 CHAPTER 27 VoIP Gateway Management 327 Introduction to VoIP Gateway Feat...

Page 25: ...ort Monitoring 459 Configuring Analog FXS Voice Port 461 Configuring Analog FXO Voice Port 468 Configuring Analog E M Voice Port 471 Configuring Analog DID 477 Configuring E911 CAMA 481 CHAPTER 31 Digital Voice Port 489 Digital Trunk E1 R2 Features 489 Digital Trunk T1 CAS Features 511 CHAPTER 32 ISDN 537 Overview 537 Configuring ISDN BRI 540 Configuring ISDN PRI 551 CHAPTER 33 Routing and Digit M...

Page 26: ...e 621 CHAPTER 35 Call Admission Control 627 Local CAC 627 Resource based CAC 638 Call admission Spike 640 Call admission Treatment 641 CHAPTER 36 Management 643 Alarm 643 Statistics 646 Debug Management 656 CDR Management 659 CHAPTER 37 Survivable Telephony 665 Configuring Call Forward for Survivable Telephony 665 Configuring System Message for Survivable Telephony 667 Configuring COR List for Sur...

Page 27: ...ts Numbering 13 Figure 8 1 Overview of PPP 59 Figure 9 1 Multlink Frame Relay with Three Sites 67 Figure 9 2 Multilink Frame Relay with Three Site Details 68 Figure 10 1 Configuring 802 1x Security 80 Figure 10 2 Link Aggregation Example 81 Figure 10 3 GVRP Configuration 83 Figure 10 4 IGMP Snooping Example 85 Figure 11 1 DHCP relay overview 89 Figure 11 2 BOOTP Requests 90 Figure 11 3 BOOTP Repli...

Page 28: ...ork 234 Figure 23 3 Access policy database lookup 235 Figure 23 4 Dynamic NAT 240 Figure 23 5 Mapping Multiple NAT Addresses to One Public IP Address 241 Figure 23 6 Static NAT 243 Figure 23 7 Dynamic and Static NAT 244 Figure 23 8 Mapping Ports 245 Figure 23 9 Reverse NAT 246 Figure 23 10 NAT Failover for Firewalls 247 Figure 24 1 Simple GRE configuration 250 Figure 25 1 Tunnel Mode Between Tow S...

Page 29: ...rom a unknown H 323 Endpoint with Gatekeeper 414 Figure 29 4 Call Setup from Gatekeeper 414 Figure 29 5 Call Setup to a known H 323 Endpoint 415 Figure 29 6 Call Setup to a Gatekeeper 416 Figure 29 7 RAS Registration Procedure 418 Figure 30 1 Loop Start Signaling 454 Figure 30 2 Ground start signaling for Analog FXS Idle state 455 Figure 30 3 Ground start signaling for Analog FXS seizure state 455...

Page 30: ...7 Figure 33 7 Communication Between Dial Peers Sharing the Same Ubigate iBG3026 568 Figure 33 8 Relationship Between Destination Pattern and Session Target 579 Figure 33 9 VoIP Example for Number Expansion 587 Figure 33 10 Example of PLAR configuration 599 Figure 33 11 Example of PLAR OPX configuration 601 Figure 35 1 DS0 Limitation 629 Figure 35 2 max call per dialpeer 630 Figure 35 3 Call admiss...

Page 31: ...e 34 2 Supplementary services for Survivable telephony mode 618 Table 34 3 Supplementary services for Stand Alone mode 621 Table 35 1 Bandwidth per Codec 631 Table 36 1 Alarm List 643 Table 36 2 Falut List 645 Table 36 3 Call Statistics command 646 Table 36 4 Call Statistics Item 646 Table 36 5 SIP protocol Statistics command 648 Table 36 6 SIP protocol Statistics command 648 Table 36 7 Call Stati...

Page 32: ...TABLE OF CONTENTS XXX SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 33: ...PART I System Configuration Chapter 1 Basic Configuration Chapter 2 Port Numbering Chapter 3 Management Configuration Chapter 4 System Logging Chapter 5 RMON Configuration ...

Page 34: ......

Page 35: ... as in the figure login samsung password samsung samsung logged in on Fri May 7 05 28 01 2004 from console Router Changing Login Parameters The System Administrator login consists of two components the account name and the password The initial login name is always samsung but you can change this to suit the needs of your facility after logging in The default administrative password samsung should ...

Page 36: ...rn The system prompts you to verify the new password Changing Administrator Account This procedure changes the system administrator login name to a user specific name Note that the default is samsung Step Command Description 1 Router configure terminal Accesses the configure mode 2 Router configure admin_name new_account Changes the account name After the change the system displays Administrator a...

Page 37: ...vileges from level 2 to level 4 The system administrator has the privilege level 1 and only can add modify remove the user information Adding a new user Step Command Description 1 Router configure terminal Enters the terminal configuration mode 2 Router configure user name level number Name 3 to 38 characters Number 2 to 4 3 Enter Password twice Removing a user Step Command Description 1 Router co...

Page 38: ...ns a text based help facility Access this help by typing in the full or partial command string then typing The CLI displays the command keywords or parameters plus a short description For example at the CLI command prompt type show the CLI does not display the question mark The CLI displays this keyword list with short descriptions for each keyword Router show aaa To access AAA display commands ac...

Page 39: ...B once again then it displays another parameter show ip Any available paramters can be fetched by typing TAB Type and the CLI shows the list of parameters for the show interface command Router show interface avc display information about an DTE to DTE MFR avc Bundle display information about a bundle Bundles display all the names of bundles Configured in the system Ethernet display an ethernet int...

Page 40: ...57393 Configuration File Operation By using the configure flash command you can set the Router system parameters from a configuration file stored in the flash memory This method is useful if the system configuration differs from the configuration file in flash memory and you want to restore the flash configuration It is recommended that all configuration files have a CFG extension At the main CLI ...

Page 41: ...TP protocol then executes the commands from that file without operator intervention It is recommended to use the configure network command if you want to configure one or more Router systems with the same configuration An example is shown below Router configure network host testhost type t tftp s scp t fileName test cfg shown below To save current configuration in a file on a remote server use the...

Page 42: ...CHAPTER 1 Basic Configuration 8 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 43: ...referenced using a two level slot port identifier Main Board LAN Ports Numbering There are five LAN interfaces on the main processing unit One 10 100 Management port two optical Gigabit Ethernet ports and two copper Gigabit Ethernet ports The one exception in the router to the port number rule is that the 10 100 Fast Ethernet management port is declared to be port 0 Then the Gigabit Ethernet ports...

Page 44: ...etwork Modules Ports Numbering There two types of LAN Network Module 20 port and 44 port The 20 port LAN network module numbering is as follows X 1 or 2 Figure 2 3 20 port Network Module Port Numbering 10 G Gb bE E0 0 19 X 11 X 10 X 1 X 0 X 13 X 12 X 3 X 2 X 14 X 4 L LM MG G 2 20 0 X 16 X 15 X 6 X 5 X 18 X 17 X 8 X 7 X 19 X 9 G Gb bE E9 9 ESG 8 3 6 3 5 3 1 3 0 3 8 3 7 3 3 3 2 3 9 3 4 G Gb bE E6 6 ...

Page 45: ...all WAN modules Mini Module Ports Numbering Mini modules have two or four ports Port numbering is from right to left starting with port number zero X 0 1 or 2 Figure 2 5 2 Port Mini Module Port Numbering Figure 2 6 4 Port Mini Module Port Numbering BRI 2ST B1 B0 RDY ST 0 ST 1 B1 B0 0 X 1 X 0 X 2 0 3 1 FXO 3 FXO 0 FXO 4M 0 X 0 0 X 1 0 X 2 0 X 3 FXO 1 FXO 2 22 GbE0 GbE21 43 2 23 2 22 2 25 2 24 2 26 ...

Page 46: ...e port or four port configurations The port numbering is also from right to left starting at port number zero X 1 or 2 Figure 2 7 1 Port WAN Network Module Port Numbering Figure 2 8 4 Port WAN Network Module Port Numbering HSSI 1 HSSI RDY LNK X 0 T1E1 4 LNK1 LNK0 LNK3 LNK2 RDY T1E1 3 T1E1 2 T1E1 1 T1E1 0 X 1 X 0 X 3 X 2 ...

Page 47: ...ts Numbering Voice carrier Modules can have voice only mini modules plugged into them Here is an example of a voice carrier module in slot 2 with a 4 port inimodule in sub slot 0 and a 2 port mini module in sub slot 1 X 1 or 2 Figure 2 10 Voice Carrier and Mini Module Ports Numbering 0 2 1 0 2 0 0 0 1 0 0 0 GE3 GE1 GE4 GE2 AUX CON MGMT Compact Flash T1E1 0 T1E1 1 T1E1 0 T1E1 1 T1E1 0 T1E1 1 T T1 1...

Page 48: ...left on the 20 port LAN network module in slot 1 the right hand network module slot 2 10 thru 2 19 The upper row of Ethernet ports numbered from right to left on a 20 port LAN network module in right hand network module slot 2 0 thru 2 21 Lower row of Ethernet ports numbered from right to left on a 44 port LAN network module LAN Network Module Port 2 22 thru 2 43 Upper row of Ethernet ports number...

Page 49: ...terprise MIB and the Standard MIB Enterprise MIBs The Enterprise mibs should be compiled in the following order 1 SUBMARINE SMI 2 SUBMARINE SNMP MIB mib 3 SUBMARINE SYSTEM MIB mib 4 SUBMARINE BUNDLE MIB mib 5 SUBMARINE PPP MIB mib 6 SUBMARINE FR MIB mib 7 SUBMARINE CONFIG MIB mib 8 SUBMARINE DSX TC mib 9 SUBMARINE DSX TE1 MIB mib 10 SUBMARINE DSX TE3 MIB mib 11 SUBMARINE CHASSIS MIB mib 12 SUBMARI...

Page 50: ... when a bundle comes up bundleUpTrap Be notified when a link goes down linkDownTrap Be notified when a link comes up linkUpTrap SUBMARINE CHASSIS MIB mib Use chassis mib to manage the platform SUBMARINE CONFIG MIB mib Use config mib to manage configuration data on the router in memory or on the network Use this MIB to Be notified when the configuration changes cfgEventChangeNotification Be notifie...

Page 51: ...n state changes envFanNotification Be notified if the trap is set to true and the specified power supply shuts off envPowerSupply1DownNotification envPowerSupply2DownNotification Be notified if the trap is set to true and the specified power supply turns on envPowerSupply1UpNotification envPowerSupply2UpNotification SUBMARINE FR MIB mib This MIB manages Frame Relay and Multilink Frame Relay bundle...

Page 52: ...en an SNTP client is connected to a network time server sntpSuccessNotification Be notified when an SNTP client is having problems connecting to a network time server sntpErrorNotification Be notified when an there is a system shutdown shutDownNotification Be notified when a user logs in successfully userAccessNotification Be notified when a user logs off userLogOffNotification Be notified when a ...

Page 53: ...t and current user lists This MIB does not contain any traps SUBMARINE HISTORY MIB mib This MIB defines objects related to manage the user login history This MIB does not contain any traps SUBMARINE ALARM MIB mib This MIB defines objects related to manage the current and history alarms This MIB does not contain any traps SUBMARINE SYSLOG MIB mib This MIB defines objects related to manage the syste...

Page 54: ...e this MIB to Be notified when DSP module initialization fails voiceDspInitNotification Be notified when exceeding a threshold of the system maximum call limit voiceMaxCallMajNotification voiceMaxCallMinNotification Be notified when exceeding a threshold of the DSP channel capacity limit voiceDspChanMajNotification voiceDspChanMinNotification Be notified when connection fails between iBG and SIP e...

Page 55: ...fc2575 mib 13 rfc2572 mib 14 rfc2573 mib 15 rfc2574 mib 16 rfc2576 mib 17 rfc1907 mib 18 iftype mib 19 rfc2233 mib 20 rfc2127 mib 21 rfc2128 mib 22 rfc2618 mib 23 rfc2620 mib The Standard MIB folder contains the following MIBs iana iftype mib This contains the ifType enumerated values needed for rfc1213 mib and rfc2233 mib Compile iana iftype mib before you compile rfc2233 mib This MIB does not co...

Page 56: ...et like interface This MIB does not contain any traps rfc1657 mib This MIB manages specified BGP parameters This MIB does not contain any traps rfc1724 mib The objects in this MIB manage the RIP2 V2 Protocol in the router rfc1850 mib This MIB manages specified OSPF parameters This MIB does not contain any traps rfc2233 mib MIB objects for Interface Table extensions including StackTable and ifXTabl...

Page 57: ...issary release 4 0 rfc1757 mib This MIB defines objects for managing remote network monitoring devices rfc2571 mib This is the SNMP Management Architecture MIB rfc2575 mib The management information definitions for the View based Access Control Model for SNMP rfc2572 mib The MIB for Message Processing and Dispatching rfc2573 mib This MIB module defines MIB objects which provide mechanisms to remot...

Page 58: ...Type Textual Convention and thus the enumerated values of the ifType object defined in MIB II s ifTable rfc2127 mib The MIB module to describe the management of ISDN interfaces rfc2128 mib The MIB module to describe peer information for demand access and possibly other kinds of interfaces rfc2618 mib The MIB module for entities implementing the client side of the Remote Access Dialin User Service ...

Page 59: ...SNMP community name and access privileges This entry is a password string that assigns access privileges to SNMP MIBs Router configure snmp server community readuser ro Router configure snmp server community writeuser rw snmp server target This command configures the recipient of an SNMP v2 trap Router configure snmp server target 90 90 90 240 162 v2c snmp server enable target traps This command c...

Page 60: ...x3 group traps dvmrp Sends DVMRP group traps environ Sends environment group traps fr Sends frame relay group traps imc Sends inter module communication group traps ism Sends ISM group traps mpls_ldp Sends MPLS LDP group traps mpls_lsr Sends MPLS LSR group traps mpls_te Sends MPLS TE group traps ospf Sends OSPF group traps pim Sends PIM group traps rm Sends resource managements group traps rmon Se...

Page 61: ...next level commands for configuring consolelogging and syslog event reporting system logging consol This command configures system messages to be sent to the console clear cfg_log This command clears the system configuration log clear command_log This command clears all information in the command log event This command accesses next level commands for configuring the event log log local log utc Se...

Page 62: ...er For more information on syslog see RFC 3164 The following bable shows the different levels of syslog message impact The first five message levels Emergency through Warning have the potential for affecting system performance or normal functionality The last three messagelevels Notification through Debug report events that do not typically require user monitoring and Samsung recommends that you n...

Page 63: ... refer to the Ubigate iBG3026 Message Reference Manual Use the following commands to configure and manage syslog system logging syslog This command accesses next level commands for configuring syslog on the Router system show system logging syslog Use this command to display configured status related to syslog ...

Page 64: ...CHAPTER 4 System Logging 30 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 65: ...ines the following groups 1 Statistics RMON group 1 Used for Ethernet Fast Ethernet and Gigabit Ethernet ports 2 History RMON group 2 Used for Ethernet Fast Ethernet and Gigabit Ethernet ports 3 Alarm RMON group 3 4 Event RMON group 9 The RMON agent does not require monitoring equipment or network analyzers however it is useful to collect agent data at Network Management System which must support ...

Page 66: ...nfigure rmon history ethernet 0 1 interval 100 buckets 10 owner Manager 1 To configure RMON alarms for specified MIB OIDs alarm entry index numbers interval rising falling alarm threshold rising falling event index alarm sample type absolute or delta alarm startup direction rising falling alarm or default and owner RMON group 3 enter Router configure rmon alarm 1 1 3 6 1 2 1 2 2 1 10 1 300 1000 0 ...

Page 67: ...pact on performance When RMON is running be aware of its impact on data processing and CPU cycles Verifying RMON Configuration To show all RMON alarm configuration information enter Router show rmon alarms RMON Alarms Configured Alarm Index Variable OID Interval Startup Type Or 1 1 3 6 1 2 1 16 1 1 1 5 1 30 Rising or Falling C 2 1 3 6 1 2 1 16 1 1 1 5 1 30 Rising CLI Mana To show details of a spec...

Page 68: ...ndex 1 CRC errors 0 Sample time 0 days 0 16 2 Undersize pkts 0 Drop events 0 Oversize pkts 0 Octets 0 Fragments 0 Packets 0 Jabbers 0 Broadcast pkts 0 Collisions 0 Multicast Pkts 0 Utilization 0 Sample index 3 CRC errors 0 Sample time 0 days 0 16 22 Undersize pkts 0 Drop events 0 Oversize pkts 0 Octets 0 Fragments 0 Packets 0 Jabbers 0 Broadcast pkts 0 Collisions 0 Multicast Pkts 0 Utilization 0 T...

Page 69: ...cs of ethernet2 19 Owner of this Entry CLI Manager Drop Events 0 Octets 0 Packets 0 Broadcast Packets 0 Multicast Packets 0 CRC Error Packets 0 Undersize Packets 0 Oversize Packets 0 Fragments 0 Jabbers 0 Collisions 0 Packets of 64Octets 0 Packets of 65to127Octets 0 Packets of 128to255Octets 0 Packets of 256to511Octets 0 Packets of 512to1023Octets 0 Packets of 1024to1518Octets 0 RMON configure rmo...

Page 70: ...CHAPTER 5 RMON Configuration 36 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 71: ...PART II WAN Interface and Protocols Chapter 6 Serial Interfaces Chapter 7 WAN interfaces Chapter 8 PPP MLPPP and HDLC Chapter 9 FR and MFR ...

Page 72: ......

Page 73: ...dle configuration occurs within the configure interface bundle tree Serial Interfaces Overview Multi Protocol Serial Interface The Serial Network Module provides a user with four multi protocol serial interfaces with the ability to support the following serial protocol standards in either DCE or DTE mode EIA 232C EIA 449 EIA 530 EIA 530A V 35 and X 21 A Multi Protocol Transceiver in Ubigate iBG302...

Page 74: ...put of 10Mbps For the interface separate clock lines are used for receiving and transmitting data and DB 37 connector are used EIA 530 EIA 530A EIA 530 EIA 530A interface is a combination single ended differential synchronous interface EIA 530 EIA 530A uses V 11 EIA 422 electrical characteristics for data and timing differential It uses V 10 EIA 423 electrical characteristics for link management c...

Page 75: ... Token Ring and Ethernet The use of differential emitter coupled logic ECL helps HSSI achieve high data rates and low noise levels ECL has been used in Cray computer system interfaces for years and is specified by the ANSI High Performance Parallel Interface HIPPI communications standard for supercomputer LAN communications ECL is an off the shelf technology that permits excellent retiming on the ...

Page 76: ...are expected to be capable of managing the networks behind their interfaces Reducing the number of control signals improves circuit reliability by reducing the number of circuits that can fail The HSSI interface may be operated in either DTE or DCE mode depending on the cable type For consistency all signal names and functional definitions use DTE terminology Thus Receive Data is data received by ...

Page 77: ...onfiguration mode 2 Router configure module serial slot port Selects a port to configure as a serial module 3 Router configure module serial slot port mode V 35 Selects a serial interface as a V 35 4 Router configure module serial slot port V35 Enters the V 35 interface 5 Router configure module serial slot port V35 mode dce Selects V 35 mode as a DCE 6 Router configure module serial slot port V35...

Page 78: ...llowing example shows the commands used to configure the connection in The figure Router configure terminal Router configure module serial 1 0 Router configure module serial 1 0 mode V 35 Router configure module serial 1 0 v35 Router configure module serial 1 0 v35 mode dce Router configure module serial 1 0 v35 clock_rate 2000000 Router configure module serial 1 0 v35 clock_source internal Router...

Page 79: ...ter configure interface bundle bundle name link hssi 1 0 Links a HSSI interface to a wan interface 4 Router configure interface bundle bundle name encapsulation frelay Selects Frame Relay as an encapsulation method 5 Router configure interface bundle bundle name fr Enters the frame relay prompt for setting frame relay parameters 6 Router configure interface bundle bundle name fr Selects a clock ra...

Page 80: ... wan1 Router configure interface bundle wan1 link hssi 1 0 Router configure interface bundle wan1 encapsulation frelay Router configure interface bundle wan1 fr Router configure interface bundle wan1 fr intf_type dte Router configure interface bundle wan1 fr pvc 101 Router configure interface bundle wan1 fr pvc 101 ip address 165 213 89 237 24 Router configure interface bundle wan1 fr pvc 101 end ...

Page 81: ...apsulation ppp Selects PPP as an encapsulation method 5 Router configure interface bundle bundle name ip address IP address bit mask number of bits for mask Sets an IP address for the interface 6 Router configure interface bundle bundle name end Goes back to the Router prompt 7 Router show interface bundle bundle name bundles Shows configured information of the bundle interface or all bundle inter...

Page 82: ...ace to a wan interface 4 Router configure interface bundle bundle name encapsulation hdlc Selects HDLC as an encapsulation method 5 Router configure interface bundle bundle name ip address IP address bit mask number of bits for mask Sets an IP address for the interface 6 Router configure interface bundle bundle name end Returns to the Router prompt 7 Router show interface bundle bundle name bundle...

Page 83: ...slot port denotes a specified port in a specified slot 3 Router configure hssi slot port mode dte Selects a HSSI mode as a DTE 4 Router configure hssi slot port clock_source internal line Selects a synchronization clock source As a DTE the option line is recommended 5 Router configure hssi slot port clock_rate 56 000 to 52 000 000 Selects a clock rate 6 Router configure hssi slot port crc 16 32 Se...

Page 84: ...re hssi 1 0 clock_rate 45000000 Router configure hssi 1 0 crc 16 Router configure hssi 1 0 data_mode normal Router configure hssi 1 0 name hssi1 Router configure hssi 1 0 end Router show module configuration hssi 1 0 Configuring HSSI as a DCE Configuring Step Step Command Purpose 1 Router configure terminal Enters the terminal configuration mode 2 Router configure module hssi slot port Selects a p...

Page 85: ...mode 8 Router configure hssi slot port name name string Name the interface 9 Router configure hssi slot port end Goes back to the Router prompt 10 Router show module configuration hssi slot port Show configured information of the slot plort HSSI interface Configuring Example The following figure illustrates a connection of Ubigate iBG3026 configured as a DCE The following example shows the command...

Page 86: ...erfaces 50 SAMSUNG Electronics Co Ltd Router configure hssi 1 0 crc 16 Router configure hssi 1 0 data_mode normal Router configure hssi 1 0 name hssi1 Router configure hssi 1 0 end Router show module configuration hssi 1 0 ...

Page 87: ... linking of physical interfaces modules to logical interfaces bundles Module configuration occurs within the configure module tree of the Ubigate CLI and bundle configuration occurs within the configure interface bundle tree The T1 and CT3 interfaces support logical interfaces made up of fractional T1 single T1 and multi link T1 connections Module Configuration This section describes how to config...

Page 88: ...1 slot sub slot port linecode b8zs ami Selects a linecode mode 8 Router configure module t1 slot subslo t port clock_source line internal Selects a clock source 9 Router configure module t1 slot sub slot port end Returns to the Router prompt 10 Router show module configuration t1 slot subslot port Shows T1 module information Configuring Example The following example shows the commands used to conf...

Page 89: ...port 3 Router configure module e1 slot su bslot port circuitId circuit ID Sets a circuit ID 4 Router configure module e1 slot su bslot port contactInfo Contcat Information Sets contact information such as manager s name or number 5 Router configure module e1 slot su bslot port description Description Sets an interface description 6 Router configure module e1 slot su bslot port framing crc noncrc d...

Page 90: ...uration e1 0 2 0 Configuring CT3 The following shows simple steps to configure T3 interface module WT3 1C Configuring CT3 interface The following steps shows how to configure communication modes for CT3 interface Configuring Step Step Command Purpose 1 Router configure terminal Enters the terminal configuration mode 2 Router configure module ct3 slot port Enters CT3 configuration mode 3 Router con...

Page 91: ...terminal configuration mode 2 Router configure module ct3 slot port Enters CT3 configuration mode 3 Router configure module ct3 slot port t1 T1 number framing esf d4 Sets a T1 interface and its framing mode T1 number ranges from 1 to 28 4 Router configure module ct3 slot port t1 T1 number linecode b8zs ami Sets a T1 interface and its linecode mode 5 Router configure module ct3 slot port t1 T1 numb...

Page 92: ...e b8zs Router configure module ct3 2 0 t1 3 yellowalarm generate Router configure module ct3 2 0 t1 3 circuitId CT3_T1_3 Router configure module ct3 2 0 t1 3 contactInfo David Router configure module ct3 2 0 t1 3 description T1_to_SEOUL Router configure module ct3 2 0 t1 3 name THIRD_T1_LINK Router configure module ct3 2 0 end Router show module configuration ct3 2 0 3 Configuring CT3 bundle Confi...

Page 93: ...tilizing T1 number 4 This bundle uses IP unnumbered Router configure interface bundle demo1 Router configure interface bundle demo1 link ct3 2 0 4 Router configure interface bundle demo1 encap ppp Router configure interface bundle demo1 ip address 20 1 1 9 24 Router configure interface bundle demo1 exit CT3 NxT1 The following example creates a 4 5 Mbps N x T1 bundle utilizing T1s 6 8 MLPPP is not ...

Page 94: ...CHAPTER 7 WAN Interfaces 58 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 95: ... transporting multi protocol datagrams over point to point links These links provide full duplex simultaneous bi directional operation and are assumed to deliver packets in order The following figure explains how PPP fits into the Ubigate iBG3026 routing forwarding architecture Figure 8 1 Overview of PPP Network Protocol IP IP Control Protocol IPCP Authentication LCP HDLC T1 F raming WAN Driver Au...

Page 96: ...cols NCPs for establishing and configuring different network layer protocols There is a NCP for each network protocol for ex IPCP for IP networks and XNSCP for XNS network and so on Optionally before PPP NCP is established peers may need to authenticate themselves and any failure during this can result in the link termination There are two authentication protocols PAP Password Authentication Proto...

Page 97: ...emises equipment sites to a main site Site 1 uses a Multilink T1 Router system to establish a 6 Mbps MLPPP connection four T1 lines to the main site In this example MLPPP segmentation is configured lower than the default setting of 512 bytes and the differential delay tolerance is tighter than the default 128 milliseconds Site 2 connects to the main site over a single T1 link with PPP encapsulatio...

Page 98: ...lized T1 interface to a wan interface 4 Router configure bundle bundle name encapsulation ppp Selects PPP as an encapsulation method 5 Router configure bundle bundle name ip address IP address bit mask number of bits for mask Sets an IP address for the interface 6 Router configure bundle bundle name exit Returns to the upper configuration mode Configuring Example R1 configure terminal R1 configure...

Page 99: ...uter configure bundle bundle name encapsulation ppp Selects PPP as an encapsulation method 5 Router configure bundle bundle name mlppp seg_threshold 64 4500 differenctial_delay 0 128 Selects PPP as an encapsulation method 6 Router configure bundle bundle name ip address IP address bit mask number of bits for mask Sets an IP address for the interface 7 Router configure bundle bundle name exit Retur...

Page 100: ...ace to a wan interface 15 Router configure bundle bundle name encapsulation ppp Selects PPP as an encapsulation method 16 Router configure bundle bundle name mlppp seg_threshold 64 4500 differenctial_delay 0 128 Selects PPP as an encapsulation method 17 Router configure bundle bundle name ip address IP address bit mask number of bits for mask Sets an IP address for the interface 18 Router configur...

Page 101: ... 1 Router configure terminal Goes into the terminal configuration mode 2 Router configure interface bundle bundle name Sets a bundle interface bundle name represents a specific bundle interface to be configured at the moment 3 Router configure bundle bundle name link ct3 slot port channel Links a channelized T3 interface to a wan interface 4 Router configure bundle bundle name encapsulation hdlc S...

Page 102: ...main configure interface bundle HDLC main configure interface bundle HDLC link ct3 1 0 5 main configure interface bundle HDLC encapsulation hdlc main configure interface bundle HDLC hdlc keepalive 20 main configure interface bundle HDLC ip address 192 168 2 1 24 main configure interface bundle HDLC exit ...

Page 103: ...y MFR configuration with three sites PVC 16 connects Site 1 to Site 3 while PVC 31 connects Site 2 to Site 3 The Frame Relay switching equipment is represented simply as a Frame cloud Figure 9 1 Multlink Frame Relay with Three Sites SITE 1 HSSI PVC 16 Router PVC 16 PVC 31 Router SITE 2 Router Frame Cloud PVC 16 4 T1 PVC 31 2 T1 100 Base T Router A Router B SITE 3 ...

Page 104: ...he Router serves as Frame Relay DCE and the router as the Frame Relay DTE Note that the Frame Relay Layer 2 interface type is independent of and not necessarily the same as the HSSI Layer 1 interface type Configure the HSSI Bundle at Site 1 Router configure interface bundle toRouter Router configure interface bundle toRouter link hssi 1 Router configure interface bundle toRouter description hssi l...

Page 105: ...Swit Router configure interface bundle toFRSwit link ct3 2 0 1 28 Router configure interface bundle toFRSwit description DS 3 bundle to FR Switch Router configure interface bundle toFRSwit encap fr Router configure interface bundle toFRSwit fr Router configure interface bundle toFRSwit fr intf_type nni Router configure interface bundle toFRSwit fr lmi ansi Router configure interface bundle toFRSwi...

Page 106: ...e bundle wan1 fr lmi keepalive 8 Router configure interface bundle wan1 fr lmi exit Router configure interface bundle wan1 fr pvc 16 Router configure interface bundle wan1 fr pvc shaping cir 6144000 bcmax 6144000 bcmin 3072000 Configure the Router interface connecting to Router A Router configure int bundle toRouter Router configure interface bundle toRouter link t1 0 1 0 3 Router configure interf...

Page 107: ...keepalive 10 Router configure interface bundle frame1 fr lmi exit Router configure interface bundle frame1 fr pvc 31 Router configure interface bundle frame1 fr pvc shaping cir 3072000 bcmax 3072000 bcmin 1536000 Router configure interface bundle frame1 fr pvc ip address 10 0 2 1 255 255 255 0 Router configure interface bundle frame1 fr pvc enable Router configure interface bundle frame1 fr pvc ex...

Page 108: ... BundleName DLCI debug fr mfr states FRF16 States debugging debug fr mfr state machine enable statemachine changes debug fr packet invarp dump the inverse arp packets debug fr packet lmi dump the lmi packets debug fr packet mfr debug fr pvc info bundlename DLCI show inter bundle bundlename DLCI show fr lmistats bundlename show fr vcstats bundlename DLCI show fr invarp all show fr pvcs ...

Page 109: ...rotocols Chapter 10 Layer 2 Switching Chapter 11 DHCP Relay Chapter 12 Static Routing Chapter 13 RIP Chapter 14 OSPF Chapter 15 BGP Chapter 16 Multicast Protocols Chapter 17 VRRP Chapter 18 MPLS Chapter 19 QoS Chapter 20 VLAN with QoS ...

Page 110: ......

Page 111: ...atagram the bridge drops the datagram because forwarding is not required However if the destination is on another segment the bridge transmits the datagram on that segment only If the bridge does not know the destination segment it transmits the datagram on all segments except the source segment a technique known as flooding IEEE 802 1d Media Access Control MAC Bridging and Spanning Tree Protocol ...

Page 112: ...ertain data paths to be disabled 802 1S Multiple Spanning Tree Protocol MSTP resolves the problem by supporting multiple spanning trees within a network The standard lets administrators assign VLAN traffic to unique paths With this feature load balancing can be achieved through assigning multiple VLANs to 2 distinct paths With MSTP each VLAN is mapped to an instance of a MSTP Moving bridge ports i...

Page 113: ...l configuration steps to configure MSTP Configuring Step Step Command Purpose 1 Router configure terminal Enters the terminal configuration mode 2 Router configure bridge 1 protocol mstp Runs MSTP on the bridge 1 3 Router configure vlan database Enters VLAN database mode 4 Router configure vlan database vlan vlan number bridge 1 Maps VLAN to bridge Repeats as many as required vlan_number ranges 2 ...

Page 114: ...erface name bridge group 1 instance instance number Optional Hitches this bridge to an instance 13 Router configure interface interface name bridge group 1 instance instance number priority priority number Optional Assigns priority priority number ranges 0 to 240 14 Router configure interface interface name end Return to the Router prompt 15 Router show span mst detail Shows SMT details The follow...

Page 115: ...configure interface ethernet 2 4 bridge group 1 BRIDGE_A configure interface ethernet 2 4 exit BRIDGE_A configure interface ethernet 2 5 BRIDGE_A configure interface ethernet 2 5 switchport BRIDGE_A configure interface ethernet 2 5 bridge group 1 BRIDGE_A configure interface ethernet 2 5 end BRIDGE_A show spanning tree mst detail Bridge B configuration BRIDGE_B configure terminal BRIDGE_B configur...

Page 116: ...figuration BRIDGE_C configure terminal BRIDGE_C configure bridge 1 protocol mstp BRIDGE_C configure vlan database BRIDGE_C configure vlan database vlan 2 bridge 1 BRIDGE_C configure vlan database vlan 3 bridge 1 BRIDGE_C configure vlan database exit BRIDGE_C configure spanning tree mst configuration BRIDGE_C configure spanning tree mst bridge 1 instance 2 vlan 2 BRIDGE_C configure spanning tree ms...

Page 117: ...ure spanning tree mst bridge 1 instance 3 vlan 3 BRIDGE_D configure spanning tree mst exit BRIDGE_D configure interface ethernet 2 2 BRIDGE_D configure interface ethernet 2 2 switchport BRIDGE_D configure interface ethernet 2 2 bridge group 1 BRIDGE_D configure interface ethernet 2 2 bridge group 1 instance 2 BRIDGE_D configure interface ethernet 2 2 exit BRIDGE_D configure interface ethernet 2 3 ...

Page 118: ...1 1 and Ethernet 2 1 then specify the RADIUS Server IP address and port Figure 10 1 Configuring 802 1x Security Router configure terminal Router configure bridge 1 protocol mstp Router configure vlan database Router configure vlan database vlan 2 bridge 1 Router configure vlan database exit Router configure dot1x system auth ctrl Router configure interface ethernet 1 0 Router configure interface e...

Page 119: ...ress 192 126 12 2 LACP Configuration LACP is based on the 802 3ad IEEE specification It allows bundling of several physical interfaces to form a single logical channel providing enhanced performance and redundancy The aggregated interface is viewed as a single link to each router Spanning tree views it as one interface When there is a failure in one physical interface the other bundled interfaces ...

Page 120: ... channel group 10 mode active Router configure interface ethernet 2 1 exit Router configure interface ethernet 3 1 Router configure interface ethernet 3 1 channel group 10 mode active Router configure interface ethernet 3 1 exit Router configure interface ethernet 3 2 Router configure interface ethernet 3 2 channel group 10 mode active Router configure interface ethernet 3 2 exit GVRP Configuratio...

Page 121: ... enable ethernet2 0 Router configure set gvrp dynamic vlan creation enable bridge 1 Router configure interface ethernet 4 0 Router configure interface ethernet 4 0 bridge group 1 Router configure interface ethernet 4 0 switchport mode access Router configure interface ethernet 4 0 switchport access vlan 5 Bridge 3 Router configure interface ethernet 4 0 switchport access Router configure bridge 1 ...

Page 122: ... instead of a report from each host in the group To achieve this IGMP proxy is enabled on the routers This example describes the configuration on Router S1 The interface Ethernet 1 1 is configured as an mrouter port Since IGMP Snooping is used in bridged LAN environment only router R1 does not require running IGMP Snooping and can run any multicast protocol such as PIM SM The configuration on R1 i...

Page 123: ...er is not notified when Host A leaves the group as the group still has another member Host B remaining When Host B also leaves the group the router will send a Leave message to the Router with the destination address as 224 0 0 2 All Router Destination Address IGMP Snooping Configuration Router configure terminal Router configure ip igmp snooping vlan 2 bridge 1 Router configure ip igmp snooping b...

Page 124: ... an interface show ip igmp interface ethernet 1 1 shows the IGMP configuration for all interfaces or a specified interface show ip igmp snooping shows the status of IGMP snooping show ip igmp snooping explicit tracking shows the hosts being tracked explicitly a Version 3 feature show ip igmp snooping fast leave shows fast leave processing information show ip igmp snooping group membership interval...

Page 125: ...ow ip igmp snooping interface version shows the version of IGMP being used show ip igmp snooping vlan shows the IGMP snooping state for the default VLAN show ip igmpv2 snooping statistics shows Version 2 statistics show ip igmpv3 snooping statistics shows Version 3 statistics ...

Page 126: ...CHAPTER 10 Layer 2 Switching 88 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 127: ...e relay agent receives a DHCP message it generates a new DHCP and sends it out on another interface This differs from normal IP forwarding on routers wherein traffic is switched between networks Ubigate iBG3026 Modular Router s implementation of DHCP relay is based on RFC 1542 Additional RFCs supported are RFC 951 Bootstrap Protocol BOOTP RFC 2131 Dynamic Host Configuration Protocol RFC 2132 DHCP ...

Page 128: ...relay information to the DHCP gateway address giaddr field The server replies to the gateway address specified in the packet s giaddr field Figure 11 2 BOOTP Requests BOOTP Replies BOOTP replies are messages from the server to the client Reply messages include DHCP OFFER DHCP ACK DHCP NAK etc The relay agent looks up the MAC address and either sends the packet to the client or broadcasts it on the...

Page 129: ...llow configuration using IP addresses from a different subnet although this is mentioned in the RFC Figure 11 4 Typical Scenario for DHCP Relay with NAT Command Line Interface The following are examples of command strings relevant to DHCP relay Router configure terminal Router configure interface ethernet 0 0 Router configure interface ethernet 0 0 dhcp_relay server_address 20 1 1 1 Disabling DHCP...

Page 130: ...ion The following screen captures show the displayed results of issuing show commands relevant to DHCP relay with and without gateway addresses configured Router show dhcp_relay DHCP RELAY CONFIGURATION Ethernet 0 0 Enabled DHCP Server 20 1 1 1 Figure 11 5 show dhcp_relay Command ...

Page 131: ...y in a large network where the administrator would have to operate complex manual tasks This chapter describes how to configure static routing in the Ubigate iBG3026 Router Configuring Static Routes Static routes are specified by adding and deleting route entries to and from the route table This shection shows how to add a route entry The following steps show the way to add a route entry Configuri...

Page 132: ...gure ip route 165 213 100 0 255 255 255 0 165 213 89 238 or Router configure terminal Router configure ip route 165 213 100 0 24 165 213 89 238 To delete the entry simply add no just as follows Router configure terminal Router configure no ip route 165 213 100 0 255 255 255 0 165 213 89 238 or Router configure terminal Router configure no ip route 165 213 100 0 24 165 213 89 238 Network 165 213 89...

Page 133: ...itical feature that was not available in RIP RIP Protocol Features RIP sends routing update messages at regular intervals and when the network topology changes When a router receives a routing update that includes changes to an entry it updates its routing table to reflect the new route The metric value for the path is increased by 1 and the sender is indicated as the next hop RIP routers maintain...

Page 134: ...e time by not allowing routers to advertise networks in the direction from which those networks were learned The only information sent in RIP announcements are for those networks that are beyond the neighboring router in the opposite direction Networks learned from the neighboring router are not included Split horizon eliminates count to infinity and routing loops during convergence in single path...

Page 135: ...announced with a hop count of 16 through a triggered update Note that the update is sent almost immediately where a time interval to wait is typically specified on the router If triggered updates were sent by all routers immediately each triggered update could cause a cascade of broadcast traffic across the IP internetwork Triggered updates improve the convergence time of RIP internetworks but at ...

Page 136: ... RIP after changing modes for RIP configuration associate networks to run RIP on by specifying neworks with a subnet number or an interface name The following example shows the commands used to configure RIP for R1 R1 configure terminal R1 configure router rip R1 configure router rip network 10 10 10 0 24 R1 configure router rip network 10 10 11 0 24 R1 configure router rip end R1 show ip protocol...

Page 137: ...ommand Purpose 1 Router configure terminal Enters the terminal configuration mode 2 Router configure router rip Enters the RIP setup mode 3 Router configure router rip network interface number of bit masks Associates a network to RIP 4 Router configure router rip redistribute connected Enables redistributing from connected routes 5 Router configure router rip exit Returns to the upper level prompt...

Page 138: ...tion mode md5 R1 configure interface ethernet 1 1 ip rip authentication string UBI The following example shows the commands used to configure RIPv2 authentication for R2 R2 configure terminal R2 configure router rip R2 configure router rip network 10 10 11 0 24 R2 configure router rip redistribute connected R2 configure router rip exit R2 configure interface ethernet 1 1 R2 configure interface eth...

Page 139: ...tep Command Purpose 1 Router configure terminal Enters the terminal configuration mode 2 Router configure router rip Enters the RIP setup mode 3 Router configure router rip network interface Designates a bundle interface to run RIP on 4 Router configure router rip end Retruns to the Router prompt 5 Router show ip protocols rip Display RIP configuration Configuring Example The following figure illu...

Page 140: ...ws the commands used to configure RIP using a bundle interface Router configure terminal Router configure router rip Router configure router rip network 165 213 89 237 24 Router configure router rip network wan1 Router configure router rip end Router show ip protocols rip ...

Page 141: ...d solely on the destination IP address contained in the IP packet header OSPF quickly detects topological changes such as when router interfaces become unavailable and calculates new loop free routes quickly and with a minimum of routing overhead traffic Each interface running OSPF is assigned a cost which is a unitless number based on factors such as throughput round trip time and reliability whi...

Page 142: ...sent on the network and it reduces the size of the topological database that each router must maintain OSPF network architecture is built around hub and spoke topology where the backbone area designated area id 0 0 0 0 provides the connectivity to the areas that attach to it Small networks can be accommodated with in a single area and large networks require multi level area architecture OSPF Confi...

Page 143: ...rnet slot port Enters the ethernet interface configuration mode 2 iBG3026 configure interface ethernet ip address IP address bit mask number of bits for mask Sets the local ip address 3 iBG3026 configure interface ethernet exit Returns to the upper configuration level Configuring Example The following example shows the commands used to configure the local network ip address iBG3026 configure inter...

Page 144: ... as an encapsulation method 4 iBG3026 configure interface bundle Bundle name ip address IP address bit mask number of bits for mask Sets the bundle interface ip address 3 iBG3026 configure interface bundle Bundle name exit Returns to the upper configuration level Configuring Example The following example shows the commands used to configure the bundle interface iBG3026 configure interface bundle W...

Page 145: ...d to configure the bundle interface iBG3026 configure interface loopback lo iBG3026 configure interface loopback lo ip address 1 1 1 1 32 iBG3026 configure interface loopback lo exit iBG3026 configure Configuring OSPF Configuring Step Step Command Purpose 1 iBG3026 configure router id loopback interface ip address Sets the router ID iBG3026 utilizes its loopback address for the router ID 2 iBG3026...

Page 146: ...ple The following example shows the commands used to configure the bundle interface iBG3026 configure router id 1 1 1 1 iBG3026 configure router ospf 1 iBG3026 configure router ospf network 10 10 10 1 24 area 760 iBG3026 configure router ospf exit iBG3026 configure ...

Page 147: ...rotocol using port 179 for establishing connections Running over a reliable transport protocol eliminates the need for BGP to implement update fragmentation retransmission acknowledgment and sequencing BGP supports classless interdomain routing CIDR which eliminates the concept of network classes Instead of assuming which bits of an address represent the network by looking at the first octet CIDR ...

Page 148: ...GP NEXT_HOP This leads to the distinction between Internal BGP IBGP sessions between routers in the same AS and External BGP EBGP sessions between routers in different ASs NEXT_HOPs are only changed across EBGP sessions but left intact across IBGP sessions Also BGP does not relay routing traffic from one IBGP session to another only from an EBGP session to an IBGP session or another EBGP session T...

Page 149: ... information between clients and to other IBGP and EBGP peers AS confederations is a second approach to solve the scaling problem with full mesh IBGP sessions This approach divides a given AS into many sub ASs For other ASs this AS doesn t look any different from the outside There is a full mesh of IBGP sessions within a sub AS BGP sessions between routers in different sub ASs of the same confeder...

Page 150: ...event this a mechanism called soft reconfiguration is used It allows attribute reconfigurations to be made without terminating an already established TCP session This is a means of requesting that a peer re advertise all the prefixes learned from other peers its Adj RIB Out The purpose of Capability Negotiation is to facilitate the introduction of new features in BGP by providing graceful capabili...

Page 151: ...p members instead of formulating updates individually for each peer in the peer group Multi protocol BGP MBGP can be used to carry routing information for the IPv6 address family All BGP commands and routing policy capabilities can be used with IPv6 addresses Other address families like IPv4 multicast IPv6 multicast will not be supported as part of MBGP Minimum BGP Configuration This Section shows...

Page 152: ...e commands used to configure the BGP for R1 in the figure R1 configure terminal R1 configure router bgp 200 R1 configure bgp 200 neighbor 10 10 10 2 remote as 200 The following example shows the commands used to configure the BGP for R2 in the figure R2 configure terminal R2 configure router bgp 200 R2 configure bgp 200 neighbor 10 10 10 1 remote as 200 Network 10 10 10 1 165 213 100 0 24 10 10 10...

Page 153: ...ng example shows the commands used to configure the BGP for R1 in the figure R1 configure terminal R1 configure router bgp 200 R1 configure bgp 200 neighbor 10 10 10 2 remote as 300 The following example shows the commands used to configure the BGP for R2 in the figure R2 configure terminal R2 configure router bgp 300 R2 configure bgp 200 neighbor 10 10 10 1 remote as 200 10 10 10 2 R2 R1 AS 300 A...

Page 154: ...figure route map match ip address prefix list prefix name Set the match criteria 5 R1 configure route map exit Returns to the upper configuration level 6 R1 configure router bgp id Enters a BGP configuration mode 7 R1 configure router bgp id neighbor 192 168 10 2 remote as 300 Defines a BGP neighbor with its ip address and autonomous number 8 R1 configure router bgp id neighbor IP address route ma...

Page 155: ...f seq 10 permit any R1 configure route map infp permit 1 R1 configure route map match ip address prefix list inpf R1 configure route map exit R1 configure router bgp 200 R1 configure bgp 200 neighbor 192 168 10 2 remote as 300 R1 configure bgp 200 neighbor 192 168 10 2 route map inpf in The following example shows the commands used to configure the BGP for R2 R1 configure terminal R1 configure rou...

Page 156: ...CHAPTER 15 BGP 118 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 157: ...ly and then generates prune messages as required PIM SM attempts to send multicast data only to networks which have active receivers This is achieved by having a common Rendezvous Point RP known to the senders and receivers and by forming shared trees from the RP to the receivers The Protocol Independent Multicasting Sparse Mode PIM SM is a multicast routing protocol designed to operate efficientl...

Page 158: ...affic destined for the group Multicast Routing Information Base MRIB The MRIB is a multicast topology table derived from the unicast routing table In PIM SM the MRIB is used to decide where to send Join Prune messages It also provides routing metrics for destination addresses These metrics are used when sending and processing Assert messages PIM SM SPT Switchover Phase 3 Ethernet et 1 1 R3 RP R4 S...

Page 159: ...mation Base TIB The TIB is the collection of state at a PIM router storing the state of all multicast distribution trees at that router It is created by receiving Join Prune messages Assert messages and IGMP information from local hosts Upstream Towards the root of the tree The root of the tree might be either the Source or the RP Downstream Away from the root of the tree The root of tree might be...

Page 160: ...a source it can only use the tree to receive packets from the RP and not to send packets to the RP unless the source is located between the RP and the receivers Bootstrap Router BSR When a new multicast sender starts sending data packets or a new receiver starts sending the Join message towards the RP for that multicast group it needs to know the next hop router towards the RP The BSR provides gro...

Page 161: ...nd RP is reachable through Ethernet 2 1 The 0 position on this 32 bit index is for Ethernet 1 1 as illustrated in the interface display above The j on the 0 index indicates that the Join has come from Ethernet 1 1 Since Router_C is the RP and the root of this multicast tree the show ip pim sparse mode mroute command on Router_C shows RPF nbr as 0 0 0 0 and RPF idx as none Router_C show ip pim spar...

Page 162: ...Stat F Forwarder installedTimers Uptime Stat ExpiryInterface State Interface TTL 10 10 1 52 224 0 1 3 uptime 00 03 24 stat expires 00 01 28 Owner PIM SM Flags TF Incoming interface wm0 Outgoing interface list wm1 1 The following example shows how to display the multicast routing table for a source and destination address Router show ip mroute 10 10 3 34 224 1 4 3 The following is a sample output f...

Page 163: ...pim sparse mode rp mapping This system is the Bootstrap Router v2 Group s 224 0 0 0 4 RP 10 10 1 5 Info source 172 16 1 2 via bootstrap priority 192 Uptime 00 00 13 expires 00 02 29 RP 172 16 1 2 Info source 172 16 1 2 via bootstrap priority 2 Uptime 00 34 42 expires 00 01 49 RP Details To display information about the RP router for a particular group use the following command This output displays...

Page 164: ...ndidate bootstratp router to 45 enter Router configure ip pim bsr candidate ethernet 1 0 To enter the candidate Rendezvous Point interface enter Router configure ip pim rp candidate ethernet 1 0 To set the group IP address for CRP advertisements to 224 1 1 0 using the group list ACL enter Router configure ip pim rp candidate ethernet 1 0 group list ACL To set the flag at the DR to switch to the SP...

Page 165: ...re encapsulated packet rather than just over the Register message header enter Router configure ip pim cisco register checksum To set the hello hold time to 60 seconds enter Router configure interface ethernet 1 0 ip pim hello holdtime 60 To set the hello interval time to 145 seconds enter Router configure interface ethernet 1 0 ip pim hello interval 145 To set the jp timer to 30 seconds enter Rou...

Page 166: ...riority 45 Candidate BSR Period 30 Candidate BSR Hold Time 2048 Candidate BSR Admin Scope Disabled No BSR s Verifying PIM Use the following commands to verify your PIM configuration show debugging pim show ip mroute show ip pim sparse mode nexthop show memory pim sparse mode Other PIM Commands Supported Other useful PIM commands supported in this release are Interface mode commands ip pim accept r...

Page 167: ...debug pim sparse mode state debug pim sparse mode timer assert debug pim sparse mode timer bsr debug pim sparse mode timer hello debug pim sparse mode timer joinprune debug pim sparse mode timer register DVMRP Configuration Distance Vector Multicast Routing Protocol DVMRP is a multicast routing protocol that provides an efficient mechanism for connectionless datagram delivery to a group of hosts a...

Page 168: ...DF S I DF election is based on the metric toward the source network If DF S I changes for an interface Ubigate iBG3026 updates the outgoing VIF list Olist for all prune S G states and their corresponding forwarding caches VIF Table The VIF table is a tree of virtualized physical and tunnel interfaces indexed by a virtual interface number Neighbor Table The Neighbor table is a list of detected DVMR...

Page 169: ...et for Group 1 4 Every router creates an S G entry in the multicast routing table 5 When the data packet reaches Router_C it forwards via the interface Ethernet 1 1 because there is a local member on this interface for this group Router_C has a downstream receiver hence it does not send a prune message to its upstream neighbor router Router_B 10 101 52 Source_1 224 10 1 3 Group 0 10 10 1 9 eth 2 R...

Page 170: ...e ethernet 2 1 exit Verifying Configuration Use the following commands to verify interface neighbor route prune and DVMRP global state information Note For details on the commands used in the following example refer to the Ubigate iBG3026 Command Reference Interface Information The show ip dvmrp interface command displays the interface information for Router_C For example Router_C show ip dvmrp in...

Page 171: ...P Group Membership Reports When multicast routers listen for these reports they can exchange group membership information with other multicast routers This reporting system allows distribution trees to be formed to deliver multicast datagrams The original version of IGMP was defined in RFC 1112 Host Extensions for IP Multicasting Extensions to IGMP known as IGMP version 2 IGMPv2 improves performan...

Page 172: ...nterval ip igmp query max response time ip igmp version debug igmp all debug igmp decode debug igmp encode debug igmp events debug igmp fsm debug igmp tib clear ip igmp groups clear ip igmp interface Can we add more explanation to each command Verifying the Configuration To verify your IGMP configuration use the following commands show ip igmp groups show ip igmp interface IGMP Configuration Examp...

Page 173: ...e ethernet 0 1 ip igmp query interval 100 Example 3 The following example configures Ethernet 0 1 with the Query time out to be 300 seconds Router configure interface ethernet 0 1 ip igmp querier timeout 300 Example 4 The following example configures Ethernet 0 1 with the query max response time to be 10 seconds Router configure interface ethernet 0 1 ip igmp query max response time 10 Example 5 T...

Page 174: ...an Access Group on the Router for multicast group 224 7 7 7 with mask 0 0 0 0 with permit option Router configure access list 1 permit 224 7 7 7 0 0 0 0 Router configure interface ethernet 0 1 Router configure interface ethernet 0 1 ip igmp access group 1 Example 8 The following example configures Immediate leave on Ethernet 0 1 for multicast group 224 7 7 7 mpls4Router configure access list 1 per...

Page 175: ... is configured with a priority setting that determines the order in which backup routers take over in the event the Master fails When the Master router fails the backup router with the smallest priority number will preempt all other backup routers in assuming the duties of the Master router If you disable the preempt feature using the no vrrp preempt command the backup virtual router that is confi...

Page 176: ...ing traffic between the subnets labeled Host A B and C and the Gateway Router providing Internet connectivity To configure VRRP in this environment you need to configure Ubigate iBG3026 1 as the Master virtual router and Ubigate iBG3026 2 as the backup virtual router Figure 17 1 Configuring a VRRP Network Configuring Master Router Router configure terminal Router configure interface ethernet 0 1 R...

Page 177: ...address 10 1 1 2 24 Router configure interface ethernet 0 1 vrrp 10 Router configure interface ethernet 0 1 vrrp 10 priority 120 Router configure interface ethernet 0 1 vrrp 10 preempt Router configure interface ethernet 0 1 vrrp 10 advertisement_interval 2 Router configure interface ethernet 0 1 vrrp 10 enable Verifying and Troubleshooting Ubigate iBG3026 provides commands to verify VRRP status a...

Page 178: ...CHAPTER 17 VRRP 140 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 179: ...dentifies the path a packet should traverse A MPLS label is carried or encapsulated in between the Layer 2 and the Layer 3 header The receiving router examines the packet for its label content to determine the next hop Once a packet has been labeled the rest of the journey of the packet through the backbone is based on label switching The label values are of local significance only meaning that th...

Page 180: ...abeled packets by swapping the incoming MPLS labels with pre agreed outgoing label 3 Forwarding of MPLS packet as L3 packets by popping the MPLS label at the PHP HOP or at the egress LER For Martini case forwarding of MPLS packet as L2 packets by popping the MPLS outer label and examine the inner VC label The end nodes don t see this DA SA 0x8847 1076 2055 DA SA Etype Payload DA SA 0x8847 1094 205...

Page 181: ... FTN and ILM table for MPLS packet forwarding QoS MPLS EXP bit based QoS behavior will be implemented in the Ubigate product With this an MPLS EXP table will be defined This table provides DSCP to EXP bit mapping in the ingress scenario as well as rewriting of EXP bit in the transit scenario EXP to EXP mapping if desired The user will statically provision this table The Class Map which identifies ...

Page 182: ...a Provider Edge PE router known as an MPLS Label Edge Router LER Once the frame is deemed valid the packet is mapped to a user defined Forwarding Equivalence Class FEC which defines how specific packets get forwarded In the L2VPN scenario the key to identify the FEC is the incoming packet interface the PW interface The FEC lookup determines the outgoing port the PSN interface and two labels The fi...

Page 183: ...ulation type of PW interface Ethernet VLAN PPP Configuring Minimal L2VPN The following configuration is based on figure 18 2 Configuring PE1 NSM Router configure terminal Router configure interface loopback 0 Router configure interface loopback 0 ip address 1 1 1 1 32 Router configure interface loopback 0 exit Router configure router id 1 1 1 1 Router configure interface ethernet 0 2 Router config...

Page 184: ...an database Router configure vlan database vlan 7 bridge 1 Configuring the L2 Circuit PE1 Router configure mpls l2 circuit MPLS 100 3 3 3 3 Binding the L2 Circuit on the PW interface PE1 Router configure interface ethernet 3 2 Router configure interface ethernet 3 2 switchport Router configure interface ethernet 3 2 bridge group 1 Router configure interface ethernet 3 2 switchport mode trunk Route...

Page 185: ...4 Router configure interface ethernet 0 4 ip address 10 10 1 1 24 Router configure interface ethernet 0 4 label switching Router configure interface ethernet 0 4 enable ldp Router configure interface ethernet 0 4 exit Configuring P OSPF Router configure router ospf 1 Router configure router ospf network 20 20 1 0 0 0 0 255 area 0 Router configure router ospf network 10 10 1 0 0 0 0 255 area 0 Rout...

Page 186: ...nfigure router ospf 1 Router configure router ospf network 10 10 1 0 0 0 0 255 area 0 Router configure router ospf redistribute connected Router configure router ospf exit Configuring PE2 LDP Router configure router ldp Router configure router ldp transport address 3 3 3 3 Router configure router ldp target peer 1 1 1 1 Router configure router ldp exit Configuring PE2 Enable Bridge Router configur...

Page 187: ...ith VLAN filtering on PW interface An extension to the L2VPN design is to provide enhanced functionality for Ethernet traffic where the VLAN ID of the Ethernet packet can be used for selecting the actual packets to be forwarded via the L2VPN tunnels When binding an MPLS L2 Circuit to an Ethernet or PPP interface with the VLAN encapsulation type users can specify the VLAN IDs for classifying traffi...

Page 188: ...configure interface ethernet 3 2 switchport mode trunk Router configure interface ethernet 3 2 switchport trunk allowed vlan add 7 10 Router configure interface ethernet 3 2 mpls l2 circuit MPLS Router configure interface ethernet 3 2 mpls l2 circuit MPLS encapsulation vlan Router configure interface ethernet 3 2 mpls l2 circuit MPLS add vlan vlan id 10 Router configure interface ethernet 3 2 mpls...

Page 189: ... that LSP LDP assigns labels to every destination address and destination prefix provided by Ubigate iBG3026 The LDP interface to the MPLS forwarder adds labels to and deletes labels from the forwarding tables Running LDP on a system requires the following tasks Enabling label switching on the interface on NSM Enabling LDP on an interface in the LDP daemon Running an IGP for example OSPF to distri...

Page 190: ...configure router ldp Router configure router ldp transport address 192 168 0 1 Router configure router ldp exit Router configure interface ethernet 1 1 Router configure interface ethernet 1 1 enable ldp Router configure interface ethernet 1 1 exit R1 OSPF Router configure router ospf 100 Router configure router ospf network 10 10 10 0 0 0 0 255 area 0 Router configure router ospf network 192 168 0...

Page 191: ... ethernet 2 2 exit R2 LDP Router configure router ldp Router configure router ldp transport address 192 168 0 2 Router configure router ldp exit Router configure interface ethernet 1 2 Router configure interface ethernet 1 2 enable ldp Router configure interface ethernet 1 2 exit Router configure interface ethernet 2 2 Router configure interface ethernet 2 2 enable ldp Router configure interface e...

Page 192: ...configure interface ethernet 2 3 enable ldp Router configure interface ethernet 2 3 exit R3 OSPF Router configure router ospf 100 Router configure router ospf network 10 10 11 0 0 0 0 255 area 0 Router configure router ospf network 192 168 0 3 0 0 0 0 area 0 Router configure router ospf exit Enabling label switching minimal configuration To establish a trunk on a system 1 Enable label switching an...

Page 193: ... 1 Router configure interface ethernet 0 1 ip address 10 10 23 1 24 Router configure interface ethernet 0 1 label switching Router configure interface ethernet 0 1 exit R1 RSVP TE Router configure terminal Router configure router id 192 168 0 63 Router configure router rsvp Router configure router rsvp exit Router configure interface Ethernet 0 1 Router configure interface ethernet 0 1 enable rsvp...

Page 194: ...when all the participating nodes do not support the required traffic engineering extensions and configure LSPs manually to use an explicit path In this case LSP is established only along the path specified by the operator Figure 18 5 Establishing a Trunk Without CSPF R1 RSVP TE Router configure terminal Router Configuration Manual Router configure rsvp trunk T1 Router configure rsvp trunk primary ...

Page 195: ...o the RSVP daemon to be used in the Explicit Route Object ERO Each router along the path sends a Path message only to the nexthop specified in the ERO In the Ubigate iBG3026 implementation CSPF is enabled by default and if no cspf is not specified the trunk is CSPF enabled automatically Figure 18 6 Establishing a Trunk with CSPE R1 rsvpd Router configure terminal Router configure rsvp trunk T1 Rou...

Page 196: ...strict A loose hop can be reached by any available route Whereas a strict hop must be reached via a direct link and cannot be routed over any alternate routers in between In this example since R1 is defined as loose hop R2 can use R4 as an intermediate hop to reach R3 However if it was strict then R2 would have to use interface Ethernet 1 1 to reach R3 directly Figure 18 7 Explicitily Defined Path...

Page 197: ...bandwidth command specifies the total bandwidth on an interface To reserve bandwidth for the trunk Configure bandwidth on all participating interfaces Configure reservable bandwidth on NSM Configure bandwidth on the trunk Figure 18 8 Reserved Trunk Bandwidth R1 NSM Router configure terminal Router configure interface ethernet 0 1 Router configure interface ethernet 0 1 ip address 10 10 23 63 255 2...

Page 198: ...uter configure rsvp trunk primary bandwidth 10m Router configure rsvp trunk to 192 168 2 90 Router configure rsvp trunk Adding a Secondary LSP to the Trunk Although the attributes of a Secondary Label Switched Path LSP are independent of the Primary LSP a Secondary LSP cannot be configured without first configuring a Primary LSP Besides information on how to configure a secondary LSP this example ...

Page 199: ...ity 3 Router configure rsvp trunk to 192 168 0 90 Router configure rsvp trunk Adding Administrative Group Constraints to an LSP To add administrative group constraints also known as color constraints to an LSP Configure support for required admin groups in NSM on all participating routers Configure required administrative groups on all participating interfaces The configuration in this example for...

Page 200: ...ce Router configure interface ethernet 0 1 admin group A Router configure interface ethernet 0 1 admin group B Router configure interface ethernet 0 1 admin group C Router configure interface ethernet 0 1 exit Router configure interface ethernet 1 0 Configuring existing Ethernet interface Router configure interface ethernet 1 0 admin group D Router configure interface ethernet 1 0 admin group E Ro...

Page 201: ...re rsvp trunk secondary setup priority 5 Router configure rsvp trunk secondary hold priority 3 Router configure rsvp trunk to 192 168 0 90 Configuring Global Parameters Some common parameters can be configured in the Router mode on the RSVP TE daemon These parameters are global and affect all LSPs In the following example the interval between two consecutive hello messages is set The neighbor is d...

Page 202: ...r configure router rsvp hello timeout 35 Router configure router rsvp neighbor 10 10 23 60 Router configure router rsvp exit R2 RSVP TE Router configure terminal Router configure router rsvp Router configure router rsvp hello interval 10 Router configure router rsvp hello timeout 35 Router configure router rsvp neighbor 10 10 23 63 Router configure router rsvp exit ...

Page 203: ...o address congestion and Class Based Queuing CBQ to address traffic policing iBG3026 s bandwidth management capability allows multiple agencies or customers to share access bandwidth on a WAN link in a controlled fashion to effectively and efficiently utilize available bandwidth Even during times of congestion each customer is guaranteed a share of the access bandwidth and is allowed to borrow unu...

Page 204: ...fiers Traffic classes are arranged in a hierarchical manner A class has a parent class and can have one or more child classes The root class has no parent and is identified as root out or root in The only limit to the number of classes that can be created is 1500 per interface Definitions Committed Rate Each traffic class can be assigned a CR parameter in Kbps This is the amount of bandwidth that ...

Page 205: ... is configured with a CR of 1024 Kbps Additionally the SrcTwo class is further divided into application port classes All other hosts in Figure 19 1 the default class are configured for a CR of 512 Kbps The classification type must be the same across a given level of traffic class Note in Figure 19 1 that the classification type at the first level traffic class is the source IP address for the seco...

Page 206: ...re interface bundle AppTest qos add policy class AppDef SrcTwo port default Router configure interface bundle AppTest qos add policy class AppSMTP SrcTwo port 25 Router configure interface bundle AppTest qos add policy class AppHTML SrcTwo port 80 Router configure interface bundle AppTest qos policy class SrcOne Router configure interface bundle AppTest qos policy class SrcOne cbq cr 1536 pr 1536 ...

Page 207: ...s policy class AppDef exit policy class Router configure interface bundle AppTest qos policy class SrcDef Router configure interface bundle AppTest qos policy class SrcDef cbq cr 256 pr 512 Router configure interface bundle AppTest qos policy class SrcDef exit policy class Router configure interface bundle AppTest qos end VLAN Identifiers Figure 19 2 illustrates the classification based on VLAN id...

Page 208: ... vlan id 25 29 Router configure interface bundle VLANtest qos add policy class Default root out vlan id default Router configure interface bundle VLANtest qos policy class JonesInc Router configure interface bundle VLANtest qos class JonesInc cbq cr 3072 pr 6144 Router configure interface bundle VLANtest qos class JonesInc exit Router configure interface bundle VLANtest qos policy class SmithInc R...

Page 209: ...s start with the character B and class statistics start with the character C These designations allow easier parsing of the file Configuring Historical Statistics Router configure terminal Router configure qos Router configure qos historical stats Router configure qos historical stats ftp parameters Primary Ftp Server 105 52 35 77 Secondary Ftp Server 105 52 35 78 Ftp user name test Ftp password p...

Page 210: ... policing a good choice for interactive and streaming voice and video applications Policing also uses much less resources in the router than shaping It is a better and more practical method to provide QoS for incoming traffic on an interface On iBG3026 access routers policing can be used to limit the maximum rate of a traffic flow received on a WAN interface This is especially useful when the POP ...

Page 211: ...re not enough tokens available at a given time for the entire packet The iBG3026 policing algorithm allows for such loaning of tokens by default Configuring Traffic Policing As with CBQ the first step is traffic classification Flows should be defined by creating traffic classes To classify based on multiple fields for example source IP address and port a hierarchy of classes should be created Traf...

Page 212: ...ffic Class CBQ CR CBQ PR Police Avg Out Avg In Packets Packets kbps kbps kbps kbps kbps Fwded Dropped def in 1100 999 7 999 7 481 0 d1 1901 2 1999 6 1096 57 d1 def 998 9 998 9 576 0 d1 web 900 902 2 1000 6 520 57 R87 R87 show qos bundle wan1 d1 web Class d1 web Inbound Parent Class d1 CR 0 kbps PR 0 kbps Interface Bundle wan1 bandwidth 3072 kbps MON IN off Configuration Policing Rate 900 Kbps Peak...

Page 213: ...assified into flows or traffic classes Each traffic class can be configured with the desired QoS parameters which determine the forwarding treatment given to packets matching that class The classifier will support multi field MF classification of packets based on any combination of the following header fields Packet class Source IPv4 address or prefix Destination IPv4 address or prefix IPv4 DiffSe...

Page 214: ... done for MF classification and what kind of input is expected from the user Please refer to Figure 19 4 for the following explanation Figure 19 4 MF Classification Interface Class root out Class ipv6 Ether type iPv6 Class def Ether type Default Class ipv4 Ether type iPv4 Class mpls Ether type MPLS Class ipv4 hi Dscp default Class ipv4 lo Dscp 0 Class mpls hi EXP default Class mpls lo EXP 0 Class ...

Page 215: ...in for the inbound tree These root classes are automatically created at interface creation time So the general command format for creating class is add policy class class name parent class match field type match field values where class name is name of the class being added parent class can be ether root out or root in match field type can be either packet class src ip dest ip port vlan id dscp us...

Page 216: ...acket class ipv4 Configure interface bundle wan1 qos add policy class ipv4 lo ipv4 dscp 0 Configure interface bundle wan1 qos add policy class ipv4 hi ipv4 dscp default Configure interface bundle wan1 qos add policy class def root out packet class default In the above commands packet class exp dscp and tc are the matching field classification types for various rules specified above Whenever the ma...

Page 217: ...s root out It would be created as follows Configure interface bundle wan1 qos add policy class def root out packetclass default Each class has a queue structure associated with it However when a class becomes a parent class due to the addition of child classes under it its queue structure loses significance and is no longer active The queue structure plays major role in achieving CBQ queuing and s...

Page 218: ...an interface Policing can be enabled in either srTCM or trTCM mode The supported policing features in software enables to rate limit the traffic corresponding to micro flow aggregate flow or behavior flow For example VLAN ID based policing can be enabled on ingress traffic by configuring traffic class with VLAN ID is the classification key and setting appropriate policing parameters for traffic cl...

Page 219: ...equivalent of one byte Tc 0 is equal to CBS and Te 0 is equal to EBS Thereafter tokens are replenished as follows If Tc CBS then Tc is incremented by CIR bytes per second up to CBS else if Te EBS then Te is incremented by CIR bytes per second up to EBS When packet of size B bytes arrives for policing if Tc t B 0 then the packet is marked green transmit and Tc is decremented by B else if Te t B 0 t...

Page 220: ...s in all buckets configured on all interfaces in the system Running the token filler more frequently results in more frequent and incremental updates to the token bucket which can result in a smoother traffic pattern This process will execute within the context of the forwarding task tRxPoll so that no context switches are involved leading to better performance Is Tc full Get pkt size number of to...

Page 221: ...o rates CIR and PIR and two burst sizes CBS and PBS The trTCM is typically implemented using two token buckets Tc of size CBS and Tp of size PBS A packet is marked red if it exceeds PBS yellow if it exceeds CBS but not PBS otherwise it is green Coloring is just a means to convey the conformance level of packets An action can be configured for each color Supported actions include Permit Mark DSCP a...

Page 222: ... of the token filling process should at least be equal to the lesser of CBT and PBT milliseconds Without which CIR and PIR cannot be sustained It is recommended that CBS and PBS be large enough so that CBT and PBT are at least 1 second Is Tc full Get pkt size number of tokens Tc No tokens Green packet Green action Permit mark dscp drop Packets sent for further processing Yes Insufficient tokens Is...

Page 223: ...ans that the default peak burst time will be 1 sec An action corresponding to each color assigned to the packet can also be configured The types of actions that will be supported are permit mark dscp and drop A DSCP value must be provided if the action type selected is mark dscp The configuration of actions will not be mandatory They will have the following default values green packets permit yell...

Page 224: ... the destination look up the outgoing interface is identified and the packet is taken through the hierarchical MF classification configured on that interface After the packet is classified into a leaf traffic class it is placed in its class queue The CBQ scheduler periodically services the class queues of all leaf traffic classes on each interface The service that each class queue receives depends...

Page 225: ...o so by their BR Let us define Bc as the total number of bytes that can be sent on an interface in one scheduling interval 5 ms proportional to its bandwidth If the total number of bytes sent or credited in the first pass is less than Bc it means additional bytes can still be transmitted This excess bandwidth can be given to the classes that still have packets to send and whose BR CR For this a se...

Page 226: ...the first pass Therefore a higher priority class will always be serviced prior to a lower priority class during the both the first and second pass Consequently its traffic will experience lower average latency and will also have access to any excess bandwidth before the traffic in the lower priority class When CBQ is enabled the backpressure from packet driver is automatically handled in CBQ sched...

Page 227: ...ed for leaf classes because they define the traffic flows Parent classes are an intermediate step in the MF classification process and primarily aid in MF classification However we will support the configuration of the CBQ Peak Rate PR for parent classes This sets a collective rate limit for all the child classes in that sub tree This feature gives the capability to rate limit a collection of flow...

Page 228: ...tes that can be sent from an interface in one scheduler interval This is configured by the user bbr Burst rate bytes Class parameter This is the number of bytes a class can send in one scheduler interval corresponding to its BR Buffer Reservation for Interfaces When a wan interface is created a certain amount of queue buffers will be reserved for it s transmitting queue from the global buffer pool...

Page 229: ...l to have a good buffer management scheme along with a good scheduling algorithm This section discusses how buffers should be reserved for class queues of an interface It may have to be modified slightly or considerably based on memory availability and the type of interfaces on which CBQ will need to be supported Buffer Requirements for Traffic Class For a class to guarantee the CR it should have ...

Page 230: ...00 bytes This would be a very conservative estimate The minimum of buffers required for one class bbr 100 20 buffers With 20 classes on the bundle 20 20 400 buffers would be required for the bundle With 14 bundles on a t3 interface the total buffers requirement would be 400 14 5600 buffers Each buffer occupies about 2000 bytes of memory including all the control information which results in a tota...

Page 231: ...ortion of the buffers which the classes don t always need To start off with we allocate 10 BCR bytes of buffering for the entire interface This provides a decent amount of burst tolerance of 9 Ts 45 ms the allocation in terms of buffers would be 10 BCR average_packet_size where average_packet_size 100 bytes Since the sum bcr of all classes makes up the BCR of the interface each class will have an ...

Page 232: ...um limit on the buffer consumption of each class Since we have allocated 10 BCR average_packet_size buffers for the entire interface we should at least allow each class to use its fair share of 10 bcr average_packet_size buffers out of which 6 bcr average_packet_size have been reserved for it However the buffer allocation for a class should also take into consideration the Burst Rate BR configured...

Page 233: ...sses Congestion Management on Output Queues In the iBG3026 system RED Random Early Detect will be used to do congestion avoidance on output queues RED is the de facto standard for congestion management in the internet today The basic philosophy of RED is to detect the onset of congestion and start dropping packets in a random fashion before queue overflow leads to tail drops Random drops not only ...

Page 234: ...iciency in calculation The drop probability when the average queue size equals maxth is known as the Mark Probability Mark Probability 1 MPD where MPD is the Mark Probability Denominator MPD is configured as a power of 2 for efficiency in Average Queue Size Calculation Average Queue Size Calculation for Interface Queues The average queue size computation for interface is done for every packet sent...

Page 235: ...as happened it indicates that the receive rate is greater than the transmit rate for the queue which is what signals congestion Therefore to get an accurate indication of congestion in the queue we read the queue size after the queue is serviced but before en queuing process for every Ts msec We call this the pending queue size It is not very useful for RED to use the pending queue size as it is b...

Page 236: ...es set It also explains the effect of changing these parameter values and guidelines about how to set their values interface RED parameters The EWF parameter determines the weight factor in the calculation of the average queue size The weight factor w is calculated using the formula w 1 2 ewf The EWF parameter determines how RED is sensitive to traffic fluctuations or bursts If EWF is very low the...

Page 237: ... packet size is probably between 100 200 bytes for which the buffering would be up to twice the amount mentioned above The minimum permissible value for minth is L where L corresponds to xTs msec of buffering for 100 byte packets at rate of interface bandwidth or L 5 whichever is lower Maxth is given a default value of N packets where N corresponds to of maximum of 3 Ts msec of buffering at 100 by...

Page 238: ...le value for minth is L where L corresponds to Ts msec of buffering for 200 byte packets at CR Kbps or L 3 whichever is higher Maxth is given a default value of 3 times the minTh However it is recommended to set maxth to at least 2 times the minth Too small a difference between minth and maxth will reduce the effectiveness of RED by causing frequent tail drops The maximum permissible value for max...

Page 239: ...e the initial color is extracted from the DiffServ code point For the expedited traffic the color code will be set as Green For example the following command sequence configures the proper treatment for AF11 DSCP 10 traffic If DS RED is configured for a given DSCP then those RED parameters will be instead Otherwise color RED parameters will be used Router configure interface bundle wan1 configurin...

Page 240: ... Avg Rate Out 0 Kbps Avg Pending Q 0 pkts Avg Rate In 0 Kbps Current Q 0 pkts 0 bytes Current WRED Q 0 pkts Max recorded Q 0 pkts 0 bytes Counters since last boot clear Packet drop details Packets Forwarded 0 Queue overflow 0 Bytes Forwarded 0 No buffers 0 Packets Dropped 0 Policing pkts dropped 0 Bytes Dropped 0 RED pkts dropped 0 WRED Statistics Color Pkts Fwd Pkts Fwd Pkts Dropd Pkts Dropd cont...

Page 241: ...le list until one of the rule matches So it is a sequential search After matching rule is found the matching process terminates and corresponding action is attempted If IP flow classification look up fails then policy profile default table is used For handling congestion on egress queues the hardware supports three levels of drop precedence DP When congestion occurs on an egress queue packets with...

Page 242: ...sign the TC attribute To configure the associated table enter Router configure qos no map up to outq UP 0 7 TC 1 8 Using the no form will reset a specific row to default UP based DP assignment uses the UP attribute of the packet to assign the DP attribute The associated table can be configured using the following command Router configure qos no map up to dp UP 0 7 DP 0 2 Using the no form will res...

Page 243: ...q 4 Verifying the Configuration Use the following command to display the configuration show qos global config InLIF Based CoS Marking The inLIF is a logical context assigned to a user port InLIF based CoS marking allows you to override the marking done at the bridge stage and assign CoS based purely on the ingress interface To configure the inLIF based UP attribute assignment enter Router configur...

Page 244: ...iguration Use the following command to verify the configuration show qos port info ethernet3 0 Policy Based CoS Marking Policy based CoS marking assigns CoS attributes based on traffic flows identified by match rules Policy based CoS marking can be achieved though the configuration of policies rules and actions and interface to policy mappings To create a policy map enter Router configure qos poli...

Page 245: ...gure interface ethernet name qos service policyinput map name Configuration Example Router configure qos policy map map2 Router configure qos policy map map2 policy class class2 Router configure qos policy map map2 policy class class2 match ipv4 Router configure qos policy map map2 policy class class2 mark dp 2 Router configure qos policy map map2 policy class class2 markdscp 3 Router configure qo...

Page 246: ...nce level Policing based CoS marking can be achieved using the following configuration To create a policy map enter Router configure qos policy map map name To create a policy class enter Router configure qos policy map map name policy class classname To create a policy rule enter Router configure qos policy map map name policy class classname match ipv4 src ip 20 20 20 20 To map this policy to an...

Page 247: ...7 conformance green yellow red mark dscp DSCP 0 63 mark up UP 0 7 mark dp DP 0 2 Configuration Example Router configure qos police l2 cos map 0 green mark dscp 10 markdp 2 mark up 5 Router configure qos police no l2 cos map 0 green Router configure qos police l3 cos map 50 green mark dscp 20 mark dp 1 mark up 4 Router configure qos policy map map1 policy class class1 police srtcm 100 cbs 100 ebs 2...

Page 248: ...olicy rule enter Router configure qos policy map map name policy class classname no match packet class match field matchoperation value1 match operation value2 match field match operation value3 match operation value4 packet class can be ipv4 or ethernet or ipv6 match field can be src ip or dest ip or ip proto or srcport or dest port or dscp or tos or precedence or traffic class or user priority o...

Page 249: ... match ipv6 ip proto 10 Router configure qos policy map map1 policy class class1 match ipv4 ip proto 17 src port 100 Router configure qos policy map map1 policy class class1 match ipv4 ip proto 17 src port 200 Verifying the Configuration Use the following commands to verify the configuration show qos policy class Traffic Policing Traffic policing allows metering of traffic flows classification of ...

Page 250: ...e Router configure qos policy map map name policy class classname police srtcm rate_in_kbps cbs committed_burst_in_bytes ebs excess_burst_in_bytes To configure a trTCM policer for the class configured above enter Router configure qos policy map map name policy class classname police Router configure qos policy map map name policy class classname police trtcm mean_rate_in_kbps peak_rate_in_kbps cbs...

Page 251: ...illing counters are used to track the amount of data that is admitted into the router Conformance counters are used to track the amount of data classified into specific meter conformance levels Billing and Conformance counters can be configured using the commands given below To enable or disable billing at the global level enter Router configure qos no billing enable To enable for disable billing ...

Page 252: ...figuration enter Router configure qos show qos global config Router configure qos policy map map1 show qos policer policy name map1 policy class class1 Egress Queuing Scheduling and Shaping Two queuing disciplines are supported namely Strict Priority Queuing and Weighted Round Robin To configure the queuing discipline enter Router configure interface ethernet 3 0 qos queue discipline 1 Router conf...

Page 253: ...ing the Configuration To verify the configuration enter Router configure interface ethernet 3 0 show qos port info ethernet3 0 Router configure interface ethernet 3 0 show qos queue info ifname ethernet3 0 Congestion Management on Egress Queues To configure RED and tail drop congestion management strategies enter Router configure qos qos congestion set 1 Router configure qos qos congestion set 1 r...

Page 254: ...igure interface ethernet 3 0 qos rx buffers limit 2000 Router configure interface ethernet 3 0 qos tx descriptorlimit 3000 Router configure interface ethernet 3 0 qos xoff threshold 500 Router configure interface ethernet 3 0 qos xon threshold 200 Router configure interface ethernet 3 0 qos queue tx descrlimit 1 2000 Verifying the Configuration To verify the configuration enter Router configure in...

Page 255: ... The connection in the customer office can be routed or bridged depending on whether the provider will be hosting customer applications at the POP The Ethernet switch passes a VLAN trunk to the iBG3026 that forwards traffic based on the VLAN tags from this interface to the multilink bundle Multilink T1 Router Tagged VLAN Trunk Channelized T3 Router Channelized T3 Gigabit Ethernet Ethernet Switch T...

Page 256: ... not match the address of the iBG3026 the packet will be forwarded to all interfaces configured for the management VLAN with the exception of the interface where it was received This allows all transmission equipment to be managed in a single flat VLAN When the iBG3026 generates traffic on to the management VLAN an ARP request is generated in the direction of the VLAN s default route If no default...

Page 257: ...erface say an Ethernet configured for VLD tagging are also tagged only one level with the tag ID configured for VLD tagging on that interface These single level tagged VLAN packets can now be forwarded on the trunk port say a WAN interface using the VLD forwarding table itself In the return path packets arriving on the trunk port as VLAN packets can be forwarded to the Ethernet interface based on ...

Page 258: ... interface ethernet 3 3 switchport access vlan 600 Router configure interface ethernet 3 3 exit Router configure interface ethernet 3 4 switchport 2006 03 15 08 54 50 NSM interface ethernet3 4 index 9 is already a switchport Interface already a switchport Router configure interface ethernet 3 4 br 1 Interface already bound to a bridge Router configure interface ethernet 3 4 switchport mode access ...

Page 259: ...ridge group by creating a new VLAN which is bridged through the WAN interface Then it shows how to create a WAN bundle Router configure terminal Router config bridge 1 protocol mstp Router config vlan database Router Config vlan database vlan 600 bridge 1 Router Config vlan database vlan 700 bridge 1 Router configure interface bundle wan1 Router configure interface bundle wan1 link t1 0 0 2 Router...

Page 260: ...CHAPTER 20 VLAN forwarding with QoS 222 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 261: ...PART IV Security Chapter 21 Authentication Authorization and Accounting Chapter 22 Packet Filtering Chapter 23 Firewall and NAT Chapter 24 GRE Chapter 25 IPSEC ...

Page 262: ......

Page 263: ...o all interfaces When you define a method list it overrides this default method list Authorization AAAAuthorization controls remote access by defining the methods used to authorize user activities on the network In other words authorization is the process of determining what you are allowed to do Authorization manages a set of attributes describing what each user is allowed to do when they access ...

Page 264: ...d network resources your uses are consuming Accounting records consist of accounting attribute value pairs and is typically stored on the access control server Configuration Examples This section describes basic AAA configurations It shows how to enable AAA configure RADIUS and TACACS clients with related parameter settings such as authentication list Enabling AAA The following example shows how t...

Page 265: ...ports you may use default list shown in the following example Router configure terminal Router configure aaa Router configure aaa authentication login default radius local none Router configure aaa exit Configuring RADIUS Router configure terminal Router configure aaa Router configure aaa radius Router configure aaa radius primary_server 172 168 2 1 Router configure aaa radius primary_server share...

Page 266: ...10 10 1 41 Primary server 172 168 2 1 Secondary server 192 168 2 1 Authentication port 1670 Accounting port 1580 Shared secret 45J1T4n Timeout in seconds 20 Maximum retries 4 Configuring TACACS Router configure terminal Router configure aaa Router configure aaa enable Router configure aaa authentication login list1 tacacs local none Router configure aaa authentication protocols list1 ascii pap cha...

Page 267: ...list1 tacacs local none To confirm the protocols list enter Router configure aaa show aaa authentication protocols Protocol List Name Protocols Order default NOT CONFIGURED list1 ascii pap chap To confirm TACACS server configuration enter Router configure aaa show aaa tacacs TACACS CLIENT CONFIGURATION Primary server 192 168 203 213 Secondary server 192 170 200 211 Server port 49 Timeout in second...

Page 268: ...CHAPTER 21 Authentication Authorization Accounting 228 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 269: ...ons to the Ubigate iBG3026 and allows only specific internal users Telnet access to the system At the end of every rule list is an implied deny all traffic statement Therefore all packets not explicitly permitted by filtering rules are denied This effectively means that once you enter a deny statement in your filter list you are implicitly denying all packets from crossing the interface Therefore ...

Page 270: ...tor wants to completely block Telnet access to the Ubigate iBG3026 from all external networks as well as from all internal networks except 222 199 19 0 28 All other TCP IP traffic such as FTP Ping and HTTP is to flow unrestricted through the Ubigate iBG3026 Configure the Ubigate iBG3026 Router configure term Router configure ip access list filtera Router configure ip access list filtera add deny t...

Page 271: ...P etc Whenever an IP packet in transit gets to Smart Forwarder it checks whether the interface on which the packet arrived is registered for security processing or not If registered it is processed for security Otherwise it is put through regular IP forwarding Similarly whenever a packet gets to the Smart Forwarder from the local TCP IP stack it is checked if the outbound interface is registered w...

Page 272: ... the one device one policy database constraint Instead many discrete firewalls can be run on a single device with the Virtual Firewall capability A Virtual Firewall VF provides multiple logical firewalls for multiple networks on one system This is accomplished by establishing firewall maps with each map having its own user defined security policy Each map has its own outbound and inbound policies ...

Page 273: ...Configuration Three Legged Firewall Network A small firm has divided its corporate network into two security zones 1 corp private network of the firm 2 dmz web and mail servers exposed to internet Firewal Corp Firewall dmz Firewall internet Firewall Inciming Policy Database Outing Policy Database Inciming Policy Database Outing Policy Database Inciming Policy Database Outing Policy Database Transi...

Page 274: ...t a rule that defines from host A to host B what action needs to be taken Every time a new connection comes from host A to host B this policy will be referred and the corresponding action will be taken This policy is available on network basis and within that direction Currently supported policy categories are Outbound Policies that govern traffic originated from one map to the external world Inbo...

Page 275: ...estined map For self packets going towards internet firewall looks for the outbound self policies on internet map If the packet is destined to the firewall then the firewall looks for a self inbound firewall policy on the packet originated map For self packets going coming from internet firewall looks for the inbound self policies on internet map Access Policy Database Lookup Policy Lookup Session...

Page 276: ...iding this disclosure as public information This functionality also provides solutions for IP address depletion issue by allowing multiple hosts to share limited public IP addresses Firewall has reverse NAT capabilities which enables users to host various Internet services in the private IP address space such as web servers e mail servers Real Audio servers and others Firewall has an inbuilt funct...

Page 277: ... these applications and selectively filter out some commands Some of these commands might reveal unwanted information For this purpose firewall maintains a database where such protocol commands can be configured and this database will eventually be used when the actual datagram travels in the network This application control database maintains the above mentioned protocol commands Every applicatio...

Page 278: ...e RFC 1918 address range A public address routable over the Internet on the WAN side Consider a PC on the LAN sending a packet destined for some server com The source IP address and port are in the packet together with the destination IP address and port When the packet arrives at the Ubigate iBG3026 it will be de encapsulated modified and re encapsulated The re encapsulated packet sent by the Ubi...

Page 279: ... public source IP address assigned to the local router Dynamic NAT performs this task well but it does not permit providing services to the Internet from inside a LAN which requires the use of static NAT Static NAT also requires a public address from the upstream service provider Individual PCs within a LAN are assigned RFC 1918 reserved IP addresses to enable access to other PCs within the LAN Th...

Page 280: ...o yahoo com Firewall only substitutes the source address in the IP header with one of the NAT IP address and the source port will be the same as the original If traffic emanates from the same client to any other server the same NAT IP address is assigned The advantage is that the NAT IP addresses are utilized in a better and optimum manner dynamically If a NAT IP address cannot be allocated dynami...

Page 281: ...out address 10 1 1 1 10 1 1 4 any any Router configure firewall corp policy 8 out apply object nat pool dynPooll Router configure firewall corp policy 8 out exit 2 Router configure Port Address Translation Many to one NAT allows multiple IP addresses to be mapped to one address Figure 23 5 Mapping Multiple NAT Addresses to One Public IP Address There are two methods to configure Port Address Trans...

Page 282: ... configure firewall corp policy 2 out exit 2 Router configure Method 2 Attaching nat pool to the policy To configure the second type of NAT create a NAT pool with type pat and specify the IP address Then add the policy with the source IP address range Finally attach the NAT pool to the policy Router configure firewall corp Router configure firewall corp object Router configure firewall corp object...

Page 283: ... as the original The static NAT configuration shown in Figure 23 6 includes Private network address 10 1 1 1 10 1 1 3 Public NAT IP address range 50 1 1 1 50 1 1 3 To create NAT pool with type static specify the IP address and the ending NAT IP address Add a policy with source IP address range and attach NAT pool to the policy Router configure firewall corp Router configure firewall corp object Ro...

Page 284: ...ress listed in the static mapping the Ubigate iBG3026 forwards the packets to the correct PC within the LAN according to the mapping relationship established Figure 23 7 illustrates dynamic and static NAT The static translation between 192 168 1 6 and 100 1 1 6 automatically matches the port addresses thus a request destined for 100 1 1 6 tcp port 25 is translated to 192 168 1 6 tcp port 25 and so...

Page 285: ...168 1 6 32 any Router configure firewall corp policy 8 out apply object nat pool staticNat Router configure firewall corp policy 8 out end Router Figure 23 8 provides an example of static port mapping TCP port 81 of the web server at private address 192 168 1 6 is mapped to the same TCP port of the public address Figure 23 8 Mapping Ports Internet 100 1 1 1 29 192 168 1 254 24 10 100 BaceT Etherne...

Page 286: ...se NAT could be used in a situation where one LAN is using private RFC 1918 IP addresses and a second LAN is using real Internet routable IP addresses Figure 23 9 illustrates how reverse NAT would be applied Figure 23 9 Reverse NAT Internet 100 1 1 1 29 10 100 BaceT Ethernet FTP SMTP HTTP Server 192 168 1 6 24 Workstation 192 168 1 1 24 Workstation 192 168 1 2 24 Workstation 192 168 1 3 24 Worksta...

Page 287: ...rewall based Port Address Translation This feature applies to firewall NAT policies which are configured with the interface name of the primary interface The user must specify the primary and backup interface using the firewall global nat failover command When the primary interface is up packets going out through it will be translated using the IP address of the primary interface When it goes down...

Page 288: ...CHAPTER 23 Firewall NAT 248 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 289: ...passenger packets inside a transport protocol Tunnels can be created using GRE the default or IPIP By connecting multiprotocol subnetworks in a single protocol backbone environment IP tunneling using GRE allows network expansion across a single protocol backbone environment IPSec and GRE complement each other well while IPSec provides a secure method of transporting data across the internet GRE pr...

Page 290: ...terface bundle wan1 ip address 192 168 94 220 255 255 255 0 Router configure interface bundle wan1 exit 2 Configure the tunnel Router configure interface tunnel t0 Router configure interface tunnel t0 ip address 103 1 1 2 24 Router configure interface tunnel t0 tunnel source 192 168 94 220 Router configure interface tunnel t0 tunnel destination 192 168 55 75 Router configure interface tunnel t0 ex...

Page 291: ...ss 192 168 94 220 Destination Address 192 168 55 75 Gateway wan1 Protocol GRE Mac Address 00 50 52 60 00 00 For more information enter Router show interface tunnel t0 Tunnel t0 Status up Internet Address 103 1 1 2 Internet Netmask 255 255 255 0 Source Address 192 168 94 220 Destination Address 192 168 55 75 MTU 1476 bytes Protocol GRE ICMP unreachable will be sent ICMP redirect will be sent Crypto...

Page 292: ...o the tunnel 1 Prepare the WAN link Router configure terminal Router configure interface bundle wan1 Router configure interface bundle wan1 link t1 0 2 0 Router configure interface bundle wan1 encapsulation ppp Router configure interface bundle wan1 ip address 192 168 94 220 255 255 255 0 Router configure interface bundle wan1 crypto untrusted Router configure interface bundle wan1 exit 2 Configur...

Page 293: ...net policy 100 in proto gre self Router configure firewall internet policy 100 in exit Router configure firewall internet policy 101 in service ike self Router configure firewall internet policy 101 in exit 2 Router configure firewall corp Router configure firewall corp policy 100 in self 5 Check the status of the tunnel by entering Router show interface tunnel t0 6 Validate the tunnel configurati...

Page 294: ...ure router id 2 2 2 2 Router configure router ospf Router configure router ospf network 103 1 1 0 24 area 0 Router configure router ospf exit 2 Add to the Cisco compatible configuration above cisco config t cisco config router ospf 1 cisco config router network 103 1 1 0 0 0 0 255 area 0 3 To verify the OSPF configuration enter Router show ip ospf interface Using the redistribute connected command...

Page 295: ...r explains each of these features in detail Securing Remote Access Using IPSec VPN The features in SNOS allow administrators to form a security tunnel to join two private networks over the Internet The following examples show how to set up an end to end tunnel with a single proposal and pre shared key authentication with multiple proposals and pre shared key authentication and with an SA Bundle an...

Page 296: ...in limitations in providing remote access is the typical remote user connects with a dynamically assigned IP address provided by the ISP IPSec uses the IP address of users as an index to apply the Internet Key Exchange IKE and IPSec policies to be used for negotiation with each peer When the VPN client has a dynamic IP address the VPN server cannot access the policies based on the IP address of th...

Page 297: ...header is the private address allocated by the VPN server to the VPN client As in the case of user group method the administrator creates an IKE policy for a logical group of users such as a department in an organization The identity information used to identify each user uniquely is configured in the IKE policy The IKE policy is attached to a mode configuration record The mode configuration recor...

Page 298: ...re a WAN bundle of network type untrusted Router configure interface bundle wan1 Router configure interface bundle wan1 link t1 0 2 0 Router configure interface bundle wan1 encapsulation ppp Router configure interface bundle wan1 ip address 172 16 0 1 24 Router configure interface bundle wan1 crypto untrusted Router configure interface bundle wan1 exit 2 Configure the Ethernet interface with trust...

Page 299: ...to ike policy NW2 172 16 0 2 Router configure crypto ike policy NW2 172 16 0 2 local address 172 16 0 1 Router configure crypto ike policy NW2 172 16 0 2 key secretkey Router configure crypto ike policy NW2 172 16 0 2 proposal 1 Router configure crypto ike policy NW2 172 16 0 2 proposal 1 encryption algorithm 3des cbc Router configure crypto ike policy NW2 172 16 0 2 proposal 1 exit Router configu...

Page 300: ... IPSec tunnel to the remote host Router configure terminal Router configure crypto Router configure crypto ipsec policy NW2 172 16 0 2 Router configure crypto ipsec policy NW2 172 16 0 2 match address 172 16 0 1 32 10 0 2 0 24 Router configure crypto ipsec policy NW2 172 16 0 2 proposal 1 Router configure crypto ipsec policy NW2 172 16 0 2 proposal 1 encryption algorithm aes128 cbc Router configur...

Page 301: ...on is Apply Key Management is Automatic PFS Group is disabled Match Address Protocol is Any Source ip address ip mask port 172 16 0 1 255 255 255 255 any Destination ip address ip mask port 10 0 2 0 255 255 255 0 any Proposal of priority 1 Protocol esp Mode tunnel Encryption Algorithm aes128 key length 128 bits Hash Algorithm sha1 Lifetime in seconds 3600 Lifetime in Kilobytes 4608000 Policy name ...

Page 302: ...all policies to allow desired services through untrusted interface to manage the router Router configure firewall internet Router configure firewall internet policy 1001 in service snmp self Router configure firewall internet policy 1001 in exit Router configure firewall internet policy 1002 in service telnet self Router configure firewall internet policy 1002 in exit Router configure firewall int...

Page 303: ...s disabled Bytes In 0 Bytes Out 0 Policy with Priority 1001 is enabled Direction is inbound Action permit Traffic is self Logging is disable Source Address is any Dest Address is any Source Port is any Service Name is snmp Schedule is disabled Ftp Filter is disabled Smtp Filter is disabled Http Filter is disabled Rpc Filter is disabled Nat is disabled Bytes In 0 Bytes Out 0 Policy with Priority 10...

Page 304: ...er is disabled Smtp Filter is disabled Http Filter is disabled 15 Enable SNMP on the Router router Router configure crypto exit Router configure snmp server Router configure snmp server community public rw Router configure snmp server exit 16 Display SNMP communities Router show snmp communities Community public privilege rw 17 Repeat steps 1 16 with suitable modifications on NW2 prior to managing...

Page 305: ...e8453c2b 256 esp aes sha1 tunl NW2 172 16 0 2 0xa1f673aa 256 esp aes sha1 tunl Router show crypto ipsec sa all detail Crypto Policy name INNW2 Protocol is Any Local ident ip mask port 10 0 2 0 255 255 255 0 any Remote ident ip mask port 172 16 0 1 255 255 255 255 any Peer Address is 172 16 0 1 PFS Group is disabled inbound ESP sas Spi 0xe8453c2b Transform aes128 key length 128 bits sha1 In use set...

Page 306: ...ty tunnel to join two private networks 10 0 1 0 24 and 10 0 2 0 24 The security requirements are as follows Phase 1 3DES with SHA1 Phase 2 IPSec ESP with AES 256 bit and HMAC SHA1 Figure 25 2 Tunnel Mode Between Two Security Gateways Single Proposals 1 Configure a WAN bundle of network type untrusted Router configure interface bundle wan1 link t1 0 2 0 Router configure interface bundle wan1 encaps...

Page 307: ...w crypto interfaces Interface Network Name Type ethernet 0 1 trusted wan1 untrusted 4 Add route to peer LAN Router configure ip route 10 0 2 0 255 255 255 0 wan1 5 Configure IKE to the peer gateway Router configure crypto Router configure crypto ike policy NW2 172 16 0 2 Router configure crypto ike policy NW2 172 16 0 2 local address 172 16 0 1 Router configure crypto ike policy NW2 172 16 0 2 key...

Page 308: ...ey DH Group group1 Lifetime in seconds 86400 Lifetime in kilobytes unlimited 8 Configure IPSec tunnel to the remote host Router configure crypto ipsec policy NW2 172 16 0 2 Router configure crypto ipsec policy NW2 172 16 0 2 match address 10 0 1 0 24 10 0 2 0 24 Router configure crypto ipsec policy NW2 172 16 0 2 proposal 1 Router configure crypto ipsec policy NW2 172 16 0 2 proposal 1 encryption ...

Page 309: ...y Management is Automatic PFS Group is disabled Match Address Protocol is Any Source ip address ip mask port 10 0 1 0 255 255 255 0 any Destination ip address ip mask port 10 0 2 0 255 255 255 0 any Proposal of priority 1 Protocol esp Mode tunnel Encryption Algorithm aes256 key length 256 bits Hash Algorithm sha1 Lifetime in seconds 3600 Lifetime in Kilobytes 4608000 Policy name INNW2 is enabled D...

Page 310: ...e internet map Router show firewall policy internet Advanced S Self Traffic F Ftp Filter H Http Filter R Rpc Filter N Nat Ip Nat Pool L Logging E Policy Enabled M Smtp Filter Pri Dir Source Addr Destination Addr Sport Dport Proto Action Advanced 1000 in any any ike PERMIT SE 1024 out any any any any any PERMIT SE 13 Display firewall policies in the internet map in detail Router show firewall polic...

Page 311: ...ic from remote LAN to the local LAN Router configure firewall corp Router configure firewall corp policy 1000 in address 10 0 2 0 24 10 0 1 0 24 Router configure firewall corp policy 1000 in exit Router configure firewall corp exit 15 Display firewall policies in the corp map Router show firewall policy corp Advanced S Self Traffic F Ftp Filter H Http Filter R Rpc Filter N Nat Ip Nat Pool L Loggin...

Page 312: ...urce Port is any Dest Port is any any Schedule is disabled Ftp Filter is disabled Smtp Filter is disabled Http Filter is disabled Rpc Filter is disabled Nat is disabled Bytes In 0 Bytes Out 0 Policy with Priority 1023 is enabled Direction is inbound Action permit Traffic is self Logging is disable Source Address is any Dest Address is any Source Port is any Dest Port is any any Schedule is disable...

Page 313: ...SA_MATURE 1796 pre g1 3des sha1 Router show crypto ike sa all detail Crypto Policy name NW2 Remote ident 172 16 0 2 Peer Address is 172 16 0 2 Transform 3des sha1 pre shared key DH Group group1 Bytes Processed 1796 State is SA_MATURE Mode is Main Remaining Time in Sec 86376 Life Time in Sec 86400 Life Time in Bytes is unlimited Router show crypto ipsec sa all Policy Dest IP Spi Bytes Transform INN...

Page 314: ...55 255 0 any Remote ident ip mask port 10 0 2 0 255 255 255 0 any Peer Address is 172 16 0 2 PFS Group is disabled outbound ESP sas Spi 0xb013de87 Transform aes256 key length 256 bits sha1 In use settings tunnel Bytes Processed 256 Hard lifetime in seconds 3560 Hard lifetime in kilobytes 413695 Soft lifetime in seconds 3470 Soft lifetime in kilobytes 41492 Joining Two Networks using Multiple IPSec...

Page 315: ... Figure 25 3 Tunnel Mode Between Two Security Gateways Multiple Proposals 1 Configure a WAN bundle of network type untrusted Router configure interface bundle wan1 link t1 0 2 0 Router configure interface bundle wan1 encapsulation ppp Router configure interface bundle wan1 ip address 172 16 0 1 24 Router configure interface bundle wan1 crypto untrusted Router configure interface bundle wan1 exit 2...

Page 316: ... NW2 172 16 0 2 Router configure crypto ike policy NW2 172 16 0 2 local address 172 16 0 1 Router configure crypto ike policy NW2 172 16 0 2 key secretkey Router configure crypto ike policy NW2 172 16 0 2 proposal 1 Router configure crypto ike policy NW2 172 16 0 2 proposal 1 encryption algorithm 3des cbc Router configure crypto ike policy NW2 172 16 0 2 proposal 1 exit Router configure crypto ike...

Page 317: ...ure crypto ipsec policy NW2 172 16 0 2 match address 10 0 1 0 24 10 0 2 0 24 Router configure crypto ipsec policy NW2 172 16 0 2 proposal 1 Router configure crypto ipsec policy NW2 172 16 0 2 proposal 1 encryption algorithm des cbc Router configure crypto ipsec policy NW2 172 16 0 2 proposal 1 exit Router configure crypto ipsec policy NW2 172 16 0 2 proposal 2 Router configure crypto ipsec policy ...

Page 318: ...Management is Automatic PFS Group is disabled Match Address Protocol is Any Source ip address ip mask port 10 0 1 0 255 255 255 0 any Destination ip address ip mask port 10 0 2 0 255 255 255 0 any Proposal of priority 1 Protocol esp Mode tunnel Encryption Algorithm des Hash Algorithm sha1 Lifetime in seconds 3600 Lifetime in Kilobytes 4608000 Proposal of priority 2 Protocol esp Mode tunnel Encrypt...

Page 319: ...ds 3600 Lifetime in Kilobytes 4608000 10 Configure firewall policies to allow IKE negotiation through untrusted interface Router configure firewall internet Router configure firewall internet policy 1000 in service ike self Router configure firewall internet policy 1000 in exit Router configure firewall internet exit 11 Display firewall policies in the internet map Router show firewall policy inte...

Page 320: ...gging is disable Source Address is any Dest Address is any Source Port is any Dest Port is any any Schedule is disabled Ftp Filter is disabled Smtp Filter is disabled Http Filter is disabled Rpc Filter is disabled Nat is disabled 13 Configure firewall policies to allow transit traffic from remote LAN to the local LAN Router configure firewall corp Router configure firewall corp policy 1000 in addr...

Page 321: ...pc Filter is disabled Nat is disabled Max Connections 1024 Connection Rate is disabled Policing is disabled Bandwidth is disabled Bytes In 0 Bytes Out 0 Policy with Priority 1022 is enabled Direction is outbound Action permit Traffic is self Logging is disable Source Address is any Dest Address is any Source Port is any Dest Port is any any Schedule is disabled Ftp Filter is disabled Smtp Filter i...

Page 322: ...epeat steps 1 15 with suitable modifications on NW2 prior to passing bi directional traffic 17 Test the IPSec tunnel between Router and NW2 by passing traffic from the 10 0 1 0 network to the 10 0 2 0 network 18 After traffic is passed through the tunnel display the IKE and IPSec SA tables Router show crypto ike sa all Policy Peer State Bytes Transform NW2 172 16 0 2 SA_MATURE 1796 pre g1 3des sha...

Page 323: ...nd ESP sas Spi 0x8eabe4b3 Transform aes256 key length 256 bits sha1 In use settings tunnel Bytes Processed 256 Hard lifetime in seconds 3570 Hard lifetime in kilobytes 413696 Soft lifetime in seconds 0 Soft lifetime in kilobytes is unlimited Crypto Policy name NW2 Protocol is Any Local ident ip mask port 10 0 1 0 255 255 255 0 any Remote ident ip mask port 10 0 2 0 255 255 255 0 any Peer Address i...

Page 324: ...r configure interface ethernet 0 1 exit Display the crypto interfaces Networks1 show crypto interfaces Interface Network Name Type ethernet 0 1 trusted wan1 untrusted Add the route to the peer LAN Networks2Router configure ip route 10 0 1 0 24 wan1 Configure IKE to the peer gateway Networks2Router configure crypto Networks2Router configure crypto ike policy Networks2 172 16 0 1 Networks2Router con...

Page 325: ...ll Policy Peer Mode Transform Networks2 172 16 0 1 Main P1 pre g1 3des sha1 Display the IKE policies in detail Networks2 show crypto ike policy all detail Policy name Networks2 Local addr 172 16 0 1 Peer addr 172 16 0 2 Main mode Response and Initiate PFS is not enabled Shared Key is Local ident 172 16 0 1 ip address Remote Ident 172 16 0 2 ip address Proposal of priority 1 Encryption algorithm 3d...

Page 326: ...icy Networks2 172 16 0 1 exit Networks2Router configure crypto exit Networks2Router configure Supporting Remote User Access Example The following example demonstrates how to configure a router to be an IPSec VPN server using user group method with extended authentication XAUTH for remote VPN clients The client could be any standard IPSec VPN client In this example the client needs to access the co...

Page 327: ...e ethernet 0 1 message Configuring existing Ethernet interface Router configure interface ethernet 0 1 ip address 10 0 1 1 24 Router configure interface ethernet 0 1 crypto trusted Router configure interface ethernet 0 1 exit 3 Display the crypto interfaces Router show crypto interfaces Interface Network Name Type ethernet 0 1 trusted wan1 untrusted 4 Configure dynamic IKE policy for a group of mo...

Page 328: ...l 1 exit Router configure crypto dynamic ike policy sales client authentication radius pap Router configure crypto dynamic ike policy sales exit Router configure crypto dynamic 5 Display dynamic IKE policies Router show crypto dynamic ike policy all Policy Remote id Mode Transform Address Pool sales U david tabc Aggressive P1 pre g1 3des sha1 6 Display dynamic IKE policies in detail Router show cr...

Page 329: ...proposal 1 Router configure crypto dynamic ipsec policy sales proposal 1 encryption algorithm aes256 cbc Router configure crypto dynamic ipsec policy sales proposal 1 exit Router configure crypto dynamic ipsec policy sales exit Router configure crypto dynamic 8 Display dynamic IPSec policies Router show crypto dynamic ipsec policy all Policy Match Proto Transform sales S 10 0 1 0 24 any Any P1 esp...

Page 330: ... Protocol is Any Source ip address ip mask port any any any Destination ip address ip mask port 10 0 1 0 255 255 255 0 any Proposal of priority 1 Protocol esp Mode tunnel Encryption Algorithm aes256 key length 256 bits Hash Algorithm sha1 Lifetime in seconds 3600 Lifetime in Kilobytes 4608000 10 Configure RADIUS server applicable only if client authentication is configured in dynamic IKE policy Ro...

Page 331: ...Pool L Logging E Policy Enabled M Smtp Filter Pri Dir Source Addr Destination Addr Sport Dport Proto Action Advanced 1000 in any any ike PERMIT SE 1024 out any any any any any PERMIT SE 13 Display firewall policies in the internet map in detail Router show firewall policy internet detail Policy with Priority 1000 is enabled Direction is inbound Action permit Traffic is self Logging is disable Sour...

Page 332: ...in user group sales address any any 10 0 1 0 24 Router configure firewall corp policy 1000 in exit Router configure firewall corp Be sure to match the user group name in the policy command with the name used in Step 4 the dynamic IKE policy 15 Display firewall policies in the corp ma Router show firewall policy corp Advanced S Self Traffic F Ftp Filter H Http Filter R Rpc Filter N Nat Ip Nat Pool ...

Page 333: ...y Source Port is any Dest Port is any any Schedule is disabled Ftp Filter is disabled Smtp Filter is disabled Http Filter is disabled Rpc Filter is disabled Nat is disabled Bytes In 0 Bytes Out 0 Policy with Priority 1023 is enabled Direction is inbound Action permit Traffic is self Logging is disable Source Address is any Dest Address is any Source Port is any Dest Port is any any Schedule is dis...

Page 334: ...ransform sales 192 168 107 105 SA_MATURE 1580 pre g1 3des sha1 Router show crypto ike sa all detail Crypto Policy name sales Remote ident david abc corp com Peer Address is 192 168 107 105 Transform 3des sha1 pre shared key DH Group group1 Bytes Processed 1772 State is SA_MATURE Mode is Aggressive Life Time in Sec is unlimited Life Time in Bytes is unlimited Router show crypto ipsec sa all Policy ...

Page 335: ...gth 256 bits sha1 In use settings tunnel Bytes Processed 240 Hard lifetime in seconds 28780 Hard lifetime in kilobytes is unlimited Soft lifetime in seconds 28690 Soft lifetime in kilobytes is unlimited Configuring IPSec Remote Access Example The following example demonstrates how to configure a router to be an IPSec VPN server using mode configuration method The client could be any standard mode ...

Page 336: ...erface bundle wan1 exit 2 Configure the Ethernet interface with trusted network type Router configure interface ethernet 0 1 message Configuring existing Ethernet interface Router configure interface ethernet 0 1 ip address 10 0 1 1 24 Router configure interface ethernet 0 1 crypto trusted Router configure interface ethernet 0 1 exit 3 Display the crypto interfaces Router show crypto interfaces In...

Page 337: ...t ipsec proposal sales added with priority1 3des sha1 tunnel Router configure crypto dynamic ike policy sales remote id email mike abc corp com Router configure crypto dynamic ike policy sales key secretkeyforsales Router configure crypto dynamic ike policy sales proposal 1 Router configure crypto dynamic ike policy sales proposal 1 encryption algorithm 3des cbc Router configure crypto dynamic ike...

Page 338: ...2 Local ident 192 168 55 52 ip address Remote idents are david abc corp com email id mike abc corp comm email id Address Pool Pool 1 20 1 1 100 to 20 1 1 150 Proposal of priority 1 Encryption algorithm 3des Hash Algorithm sha1 Authentication Mode pre shared key DH Group group1 Lifetime in seconds 86400 Lifetime in kilobytes unlimited 7 Configure dynamic IPSec policy for a group of mobile users Rou...

Page 339: ...ll Policy Match Proto Transform sales S 10 0 1 0 24 any Any P1 esp aes sha1 tunl D any any any 9 Display dynamic IPSec policies in detail Router show crypto dynamic ipsec policy all detail Policy sales is enabled Modeconfig Group Action is Apply Key Management is Automatic PFS Group is disabled Match Address Protocol is Any Source ip address ip mask port 10 0 1 0 255 255 255 0 any Destination ip a...

Page 340: ...ter Pri Dir Source Addr Destination Addr Sport Dport Proto Action Advanced 1000 in any any ike PERMIT SE 1024 out any any any any any PERMIT SE 12 Display firewall policies in the internet map in detail Router show firewall policy internet detail Policy with Priority 1000 is enabled Direction is inbound Action permit Traffic is self Logging is disable Source Address is any Dest Address is any Sour...

Page 341: ...y 1000 in address 20 1 1 100 20 1 1 150 10 0 1 0 24 Router configure firewall corp policy 1000 in exit The address range in this command typically matches the address range configured in the dynamic IKE policy see Step 4 14 Display firewall policies in the corp map Router show firewall policy corp Advanced S Self Traffic F Ftp Filter H Http Filter R Rpc Filter N Nat Ip Nat Pool L Logging E Policy ...

Page 342: ...is any Dest Port is any any Schedule is disabled Ftp Filter is disabled Smtp Filter is disabled Http Filter is disabled Rpc Filter is disabled Nat is disabled Bytes In 0 Bytes Out 0 Policy with Priority 1023 is enabled Direction is inbound Action permit Traffic is self Logging is disable Source Address is any Dest Address is any Source Port is any Dest Port is any any Schedule is disabled Ftp Filt...

Page 343: ...tes Transform sales 192 168 107 105 SA_MATURE 2052 pre g1 3des sha1 Router show crypto ike sa all detail Crypto Policy name sales Remote ident david abc corp com Peer Address is 192 168 107 105 Transform 3des sha1 pre shared key DH Group group1 Bytes Processed 2052 State is SA_MATURE Mode is Aggressive Life Time in Sec is unlimited Life Time in Bytes is unlimited Router show crypto ipsec sa all Po...

Page 344: ...d 840 Hard lifetime in seconds 28750 Hard lifetime in kilobytes is unlimited Soft lifetime in seconds 0 Soft lifetime in kilobytes is unlimited Crypto Policy name sales Protocol is Any Local ident ip mask port 10 0 1 0 255 255 255 0 any Remote ident ip mask port 20 1 1 1 255 255 255 255 any Peer Address is 192 168 107 105 PFS Group is disabled outbound ESP sas Spi 0xcb0e23f3 Transform aes256 key l...

Page 345: ...IP Gateway Management Chapter 29 H 323 Gateway Management Chapter 30 Analog Voice Port Chapter 31 Digital Voice Port Chapter 32 ISDN Chapter 33 Routing and Digit Manipulation Chapter 34 VoIP Services Chapter 35 Call Admission Control Chapter 36 Management Chapter 37 Survivable Telephony ...

Page 346: ......

Page 347: ...uter which provides VoIP gateway feature VoIP gateway as like Ubigate iBG3026 provides real time two way voice communications between packet network and circuit network This system has two major functions The one is signaling conversion function and another is a media conversion function Network Architecture The network architecture in the view of Ubigate iBG3026 is shown in Figure 26 1 ...

Page 348: ...faces such as T1 E1 ISDN PRI BRI and Q SIG and analog trunk interfaces such as FXS DID FXO CAMA and E M Ubigate iBG3026 terminates the PSTN ISDN and analog trunk signals Ubigate iBG3026 acts as a VoIP gateway converting the TDM to packets and vice versa and communicates with the Call Manager using standard protocols such as SIP IP Video PhoNe Analog Phone FAX Analog Phone FAX FXS Proprietary SNMP ...

Page 349: ... a partial extension from a standard Analog Phone FAX Analog phone is the terminal to provide a generic voice call via legacy analog line FAX is the terminal to provide a fax service via legacy analog line PBX K P PBX or Key phone is the equipment to connect the in house extension calls or external calls in the legacy analog and digital method instead of IP Network method CLI Web It is the OAM int...

Page 350: ...s and Ubigate iBG3026s Generally the Ubigate iBG3026 delivers the calls to be routed to SIP to Call Manager Call Manager makes a decision on actual routing to route a call to other Ubigate iBG3026 IP Phone or other Call Manager The generic network configuration in Call Manager Interworking Mode is shown in the Figure 26 1 Figure 26 2 shows the configuration a single Call Manager exists in a headqu...

Page 351: ... not allowable even if Call Manager is normal To overcome this failure the Ubigate iBG3026 continuously monitors the status of connection to Call Manager and if a failure is detected it is automatically changed to a Survivable Telephony mode where Ubigate iBG3026 can provide basic functions without Call Manager In a Survivable Telephony mode the default call and minimum supplementary services with...

Page 352: ... settings Figure 26 3 Example of Stand alone mode network configuration Figure 26 3 shows the stand alone mode network configuration In this network configuration a separate Call Manager and IP phone do not exist The internal call in each office headquarter and branch is made by using the legacy PBX as in the headquarter and Branch Office 2 or analog phone or Fax is directly connected to the Ubiga...

Page 353: ... interworks with other SIP network entities residing on a network in the following way Direct Connection Direct connection enables call processing without SIP registration It is used where there is no Call Manager or a proxy server directly connected to a network where signaling is executed directly among gateways without passing through Call Manager or SIP proxy server Indirect Connection via SIP...

Page 354: ...PSTN Signaling Ubigate iBG3026 acts as a VoIP Gateway to interconnect between legacy PSTN and VoIP network To seamless interwork with PSTN Ubigate iBG3026 support various PSTN signalings that have been used for several decades Ubigate iBG3026 supports following PSTN signaling Analog FXS loop start ground start Analog E M wink immediate delay Analog FXO loop start ground start Analog DID Direct Inw...

Page 355: ...ng Voice Codec ITU T G 711 Pulse code modulation PCM of voice frequencies ITU T G 711 Appendix I A high quality low complexity algorithm for packet loss concealment with G 711 ITU T G 711 Appendix II A comfort noise payload definition for ITU T G 711 use in packet based multimedia communication systems ITU T G 723 1 Dual rate speech coder for multimedia communications transmitting at 5 3 and 6 3 k...

Page 356: ...ages transceived from to a network entity sRTP Secure RTP sRTP is the function to encode and transceive the End to End RTP data over IP network to prevent the wiretapping of conversation IPSec IPSec function is used to encode and transceive all packet data between two nodes connected via IPSec Since both SIP H 323 signaling and RTP are a type of packet data they are transceived after being encoded...

Page 357: ...tem controls the number of digits that are stripped before the dialed string is passed to the telephony interface Digit Translation Digit translation rules are used to manipulate the calling number ANI or called number DNIS digits for a voice call or to change the numbering type of a call Translation rules are used to convert a telephone number into a different number before the call is matched to...

Page 358: ...026 system provide Call Admission Control based on Maximum Call Number per Dial Peer The Ubigate iBG3026 system provide Call Admission Control based on Physical DS0 Limitation Resource based CAC Resource based CAC mechanisms function on the outgoing Ubigate iBG3026 system The CAC decision is based on nodal information such as the state of the CPU memory and DSP channels load level The Ubigate iBG3...

Page 359: ...nfigured threshold permitting the selection of a system DSP channel load level value This feature helps ensure the quality of service of existing calls and reliability of system processes by preventing system overload caused by excessive incoming calls The feature rejects new calls with minor disruption to system users The administrator of the Ubigate iBG3026 system sets a threshold at which denia...

Page 360: ...Call Manager when a low bandwidth codec is used RFC2833 The Ubigate iBG3026 system support RFC 2833 for reliable DTMF relay The Ubigate iBG3026 system to relay DTMF tones provides a standardized means of transporting DTMF tones in Real Time Transport Protocol RTP packets according to section 3 of RFC 2833 DTMF events through SIP signaling The Ubigate iBG3026 system support NOTIFY method for DTMF r...

Page 361: ...o a PBX LVBO Local Voice Busy Out LVBO provides the Ubigate iBG3026 with the ability to monitor the state of various network interfaces both LAN and WAN and busy back the trunk to the PSTN interface if any of the monitored links should fail If an ISDN lines enters a LVBO state a specific fail code is sent in regard to the ISDN Inbound Call Attempt to notify a busyout status For the LVBO PSTN FXS F...

Page 362: ...s under the control of Call Manager Calling Line Identification CLID Call Forward All Call Forward Busy Call Forward NoAnswer Call Hold and Retrieve Call Park Call Pickup Group Call Pickup Direct Call Pickup Universal Call Restriction by User Call Waiting and Retrieve Call Transfer Blind Call Transfer Consultative Call Forwarding to VMS All Call Forwarding to VMS Busy Call Forwarding to VMS NoAnsw...

Page 363: ...ation CLID Call Forward All Call Forward Busy Call Forward NoAnswer Call Hold and Retrieve Call Pickup Group Call Pickup Direct Call Pickup Universal Call Waiting and Retrieve Call Transfer Blind Call Transfer Consultative Distinctive Ring Stand Alone Mode When running in a Stand Alone mode a Ubigate iBG3026 provides the following supplementary services to the FXS subscribers connected to itself C...

Page 364: ...ispatches those services for the caller s location High Availability of Voice Feature As enterprises extend their IP telephony and high value application deployments from central sites out to remote offices one of the factors considered vital in deployment is the ability to cost effectively provide backup redundancy functions at the remote branch office However the size and number of these small o...

Page 365: ...ode Ubigate iBG3026 systems act as a stateless proxy server which sends and receives SIP message between IP phone and Call Manager transparently When IP Phone register to Call Manager Ubigate iBG3026 system finds the information about IP phone location and subscriber profile Ubigate iBG3026 system always checks WAN connection status between Call Manager and Ubigate iBG3026 If Ubigate iBG3026 detec...

Page 366: ... Ubigate iBG3026 and Call Manager The Call Manager communicate across the IP network using SIP or H 323 Packets are then routed over the IP network to destination where the reverse operation is performed and thus the call is completed over the IP network bypassing the traditional toll network PSTN When Ubigate iBG3026 is in Stand alone mode a call is established across the IP network between Ubiga...

Page 367: ...upport IP phones connected to Ubigate iBG3026 is to connect Ubigate iBG3026 to the PBX or PSTN enabling the IP phones to make calls to traditional phones In this case the IP phones communicate with the Call Manager and in turn the Call Manager establishes the call to the PBX or PSTN through Ubigate iBG3026 The packets from the IP phone are then routed through DSP and delivered to the PBX or PSTN v...

Page 368: ...k Management System uses Simple Network Management Protocol SNMP to communicate with Ubigate iBG3026 systems The SNMP get and set commands can be used to configure either system and retrieve current configuration and status information These Management Systems can be located anywhere in the IP network Figure 26 6 Management using CLI GUI NMS Ubigate iBG3026 FAX Analog Phone PABX Call Manager PSTN ...

Page 369: ...d over IP network Ubigate iBG3026 supports SIP and H 323 out of VoIP Call processing protocols That is it routes calls from PSTN to SIP or H 323 section and terminates the calls incoming from SIP or H 323 network toward PSTN In addition a Ubigate iBG3026 provides a Voip call service via interwrok with SIP Proxy SIP registrar SIP Gateway SIP terminal H 323 Gatekeeper H 323 Gateway etc Figure 27 1 A...

Page 370: ... ip address command Restrictions for VoIP Bind The interfaces which you can specify as the source address of VoIP signaling and media stream via Bind command are ethernet bundle and loopback Prerequisites for VoIP Bind You must shut down the VoIP service before executing Bind command or host ip address command To execute the Bind command it is necessary to set IP address first to the interface to ...

Page 371: ...or an interface 4 exit Example configure interface ethernet 0 0 exit Exits the current mode 2 shutdown voip gateway This procedure should be executed first before executing the bind command or host ip address command Configuration Steps configure terminal voip gateway shutdown exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode ...

Page 372: ...figuration Steps configure terminal voip gateway bind control exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voip gateway Example configure voip gateway Enters voip gateway configuration mode 3 bind control interface type num Example configure voip gateway bind control interface ethernet 0 0 Sets source interface for sign...

Page 373: ...ration mode 2 voip gateway Example configure voip gateway Enters voip gateway configuration mode 3 bind media interface type num Example configure voip gateway bind media interface ethernet 0 0 Sets source interface for media streams 4 exit Example configure voip gateway exit Exits the current mode 5 host ip address Instead of specify the source address of signaling and media stream via bind comma...

Page 374: ...teway configuration mode the other one uses a shutdown command in sip ua configuration mode or h323 gateway configuration mode The shutdown command in a sip ua configuration mode enables or disables only the sip service and the shutdown command in a h323 gateway configuration mode enables or disables only the H323 service and the shutdown command in a voip gateway configuration mode enables or dis...

Page 375: ...ry for interworking with Call Manager All calls of Ubigate iBG3026 in a Call Manager Inter working mode pass through Call Manager If a Call Manager is not set a Ubigate iBG3026 runs in a Stand Alone mode You can specify the SIP signaling IP Address and port of Call Manager using ip address command in a call server configuration mode and also specify optionally the registration expire value in a Ca...

Page 376: ...e Call Manager manual You should disable VoIP service before setting the Call server You cannot set the call server while VoIP service is enabled How to Configure Call Manager You can set the call server in the following way Configuration Steps configure terminal voip gateway call server ip address gw uri exit exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal...

Page 377: ...nager And you can also configure transport type uri type default registration expires and retry interval 5 gw uri uri expires expires retry retry Example configure voip gateway call server gw uri test test com Set the URI where a Ubigate iBG3026 will be registered in Call Manager And you can also configure registration expires and retry interval 6 exit Example configure voip gateway call server ex...

Page 378: ...CHAPTER 27 VoIP Gateway Management 336 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 379: ...f common services between the endpoints through Session Description Protocol SDP Conferences are established using only the media capabilities that can be supported by all endpoints Determines the availability of the target endpoint If a call cannot be completed because the target endpoint is unavailable SIP determines whether the called party is connected to a call already or did not answer in th...

Page 380: ...function in one of the following roles User agent client UAC A UAC is capable of generating a request based on some external stimulus the user clicking a button or a signal on a PSTN line and processing a response User agent server UAS A UAS is capable of receiving a request and generating a response based on user input external stimulus the result of a program execution or some other mechanism Ty...

Page 381: ...dio and video codecs and performs call setup and clearing on both the LAN side and the switched circuit network side 2 SIP Server Proxy server An intermediary entity that acts as both a server and a client for the purpose of making requests on behalf of other clients Proxy servers can provide functions such as authentication authorization network access control routing reliable request retransmiss...

Page 382: ... the proxy server proceeds with the call using the address resulting from the location service Finally SIP request is delivered to a callee to complete a call setup After a request is sent to a redirect server the redirect server sends the location service result to a caller using the Contact header field of a response The redirect server does not participate in the call anymore Caller sends a new...

Page 383: ...rver which in turn forwards the response to the caller The proxy server forwards the acknowledgments of both parties A session is then established between the caller and called party Real time Transfer Protocol RTP is used for the communication between the caller and the called party Figure 28 2 Figure 28 3 and Figure 28 4 illustrate the SIP works with a Proxy Server Figure 28 2 SIP Request Throug...

Page 384: ... Proxy server Figure 28 4 SIP Session Through a Proxy Server Client Server Client Server User agents User agents Proxy Redirect Server Client Response 200 OK Response 200 OK IP based network Client Server Client Server User agents User agents Proxy Redirect Server Client Ack Ack IP based network RTP ...

Page 385: ...dges receipt of the information The caller then sends a request to the device indicated in the redirection information which could be the callee or another server that forwards the request Once the request reaches the called party it sends back a response and the caller acknowledges the response RTP is used for the communication between the caller and the callee Figure 28 5 and Figure 28 6 illustr...

Page 386: ... Figure 28 7 shows a successful gateway to gateway call setup and disconnect The two end users are User A and User B User A is located at PBX A which is connected to SIP gateway 1 via a T1 E1 User B is located at PBX B which is connected to SIP gateway 2 via a T1 E1 Table 28 1 briefly describes the messages used in the call flow Client Server Client Server User agents User agents Proxy Redirect IP...

Page 387: ...Setup 3 Call Proceeding 9 Alerting 1 way voice path 12 Connect 13 Connect ACK 2 way voice path 19 Disconnect 20 Release 23 Release Complete 2 INVITE 5 100 Trying 8 180 Ringing 2 way RTP channel 11 200 OK 14 ACK 2 way RTP channel 17 BYE 21 200 OK 4 Setup 6 Call Proceeding 7 Alerting 1 way voice path 2 way voice path 10 Connect 15 Connect ACK 16 Disconnect 18 Release 22 Release Complete ...

Page 388: ...oceeding indicates that PBX B after receiving Setup proceeds with a call 7 Alerting SIP Gateway 2 receives Alerting from PBX B Alerting indicates that User B is ringing 8 180 Ringing SIP Gateway 2 sends 180 Ringing to SIP Gateway 1 180 Ringing indicates that a callee is located at SIP Gateway 2 and the User B is currently alerted 9 Alerting Upon receiving 180 Ringing SIP Gateway 1 sends Alerting t...

Page 389: ...o SIP Gateway1 BYE request indicates the end of a session 18 Release SIP Gateway2 sends Release to PBX B Release indicates the end of a call 19 Disconnect Upon receiving BYE SIP Gateway 1 sends Disconnect to PBX A 20 Release SIP Gateway1 receives Release from PBX A 21 200 OK SIP Gateway 1 sends 200 OK to SIP Gateway 2 200 OK indicates that a session was terminated normally by BYE request 22 Releas...

Page 390: ...all Via SIP Redirect Server User A PBX A GW1 IP Network GW2 PBX B User B RS 1 Setup 2 INVITE 3 300 Multiple Choice 4 ACK 5 INVITE 6 Setup 7 Call Proceeding 8 100 Trying 9 Call Proceeding 10 Alerting 11 180 Ringing 12 Alerting 1 way Voice Path 2 way RTP channel 1 way Voice Path 13 Connect 14 200 OK 15 Connect 16 Connect ACK 17 ACK 18 Connect ACK 2 way Voice Path 2 way RTP channel 2 way Voice Path 1...

Page 391: ...P Gateway 2 information from 300 Multiple choice response INVITE request indicates the call attempt from User A to User B INVITE includes the media capability of SIP Gateway1 6 Setup SIP Gateway 2 upon receiving INVITE sends Setup to PBX B 7 Call Proceeding SIP Gateway 1 sends Call Proceeding to PBX A Call Proceeding indicates that SIP Gateway1 received Setup and attempts SIP signaling call 8 100 ...

Page 392: ... request to SIP Gateway2 ACK request indicates that SIP Gateway 1 received 200 OK response normally 18 Connect ACK SIP Gateway 2 sends Connect ACK from PBX B 19 Disconnect If a subscriber hangs up the phone SIP Gateway 2 receives Disconnect from PBX B 20 BYE SIP Gateway 2 sends BYE request to SIP Gateway1 BYE request indicates the end of a session 21 Disconnect Upon receiving BYE SIP Gateway2 send...

Page 393: ...cord Route Enabled User A PBX A GW1 IP Network GW2 PBX B User B Proxy Server 1 Setup 2 INVITE 3 Call Proceeding 1 way Voice Path 2 way RTP channel 1 way Voice Path 13 Connect 2 way Voice Path 2 way RTP channel 2 way Voice Path 21 Disconnect 23 BYE 24 Disconnect 25 Release 26 Release 27 200 OK 29 Release Complete 30 Release Complete 4 INVITE 5 100 Trying 6 Setup 7 100 Trying 8 Call Proceeding 9 Ale...

Page 394: ...y server Gateway 2 sends Setup to PBX B 7 100 Trying Upon receiving INVITE from a proxy server SIP Gateway 2 replies with 100 Trying 8 Call Proceeding SIP Gateway 2 receives Call Proceeding from PBX B 9 Alerting SIP Gateway 2 receives Alerting from PBX B 10 180 Ringing Upon receiving Ringing SIP Gateway 2 sends 180 Ringing to a proxy server 180 Ringing indicates that a callee is located at SIP Gat...

Page 395: ...SIP Gateway 1 sends Disconnect to PBX A 25 Release Receives a Release in regard to Disconnect 26 Release Receives a Release in regard to Disconnect 27 200 OK SIP Gateway 1 sends 200 OK to Proxy Server 200 OK indicates that a session was terminated normally by BYE request 28 200 OK Proxy Server 2 sends 200 OK to SIP Gateway 2 29 Release Complete Receives Release Complete in regard to Release 30 Rel...

Page 396: ...rt for IP quality of service QoS and IP precedence Support S MIME SRTP IP Security IPSec for secure SIP signaling Authentication authorization and accounting AAA support For accounting the gateway device generates call data record CDR accounting records for export For authentication the SIP gateway sends validation requests to the AAA server For authorization the existing access lists are used Sup...

Page 397: ...ples 11 RFC3666 SIP Public Switched Telephone Network PSTN Call Flows 12 RFC3824 Using E 164 numbers with the SIP 13 RFC2327 Session Description Protocol 14 RFC3264 An Offer Answer Model with SDP 15 RFC3266 Support of IPv6 in SDP 16 RFC3842 A Message Summary and Message Waiting Indication Event Package for the Session Initiation Protocol SIP 17 RFC3891 The SIP Replace Header 18 RFC3892 The SIP Ref...

Page 398: ...mand are ethernet bundle and loopback Prerequisites for SIP Bind You must shut down the VoIP service before executing Bind command or host ip address command To execute the Bind command it is necessary to set IP address first to the interface to bind How to Configure SIP Bind 1 setting the IP Address of the interface to be bound This procedure should be executed first before executing the bind com...

Page 399: ...ip gateway This procedure should be executed first before executing the bind command or host ip address command Configuration Steps configure terminal voip gateway shutdown exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voip gateway Example configure voip gateway Enters voip gateway configuration mode 3 shutdown forced Ex...

Page 400: ...onfigure terminal Enters global configuration mode 2 voip gateway Example configure voip gateway Enters voip gateway configuration mode 3 bind control interface type num Example configure voip gateway bind control interface ethernet 0 0 Sets source interface for signaling 4 exit Example configure voip gateway exit Exits the current mode 4 bind media To specify the source address of media stream yo...

Page 401: ...configure voip gateway bind media interface ethernet 0 0 Sets source interface for media streams 4 exit Example configure voip gateway exit Exits the current mode 5 host ip address Instead of specify the source address of signaling and media stream via bind command you can directly specify the IP address in the following way Configuration Steps configure terminal voip gateway host ip address exit ...

Page 402: ...gateway functions Since it is essential for SIP call signaling it should be done before other settings This section describes how to specify the domain name used in SIP signaling and the function to enable disable SIP service Prerequisites for Basic SIP Configurations Before enabling SIP service a source IP address should be set first using Bind command or host ip address command And the default d...

Page 403: ...able or Shutdown SIP service There are two ways of enabling or shutting down SIP service One uses a shutdown command in voip gateway configuration mode the other one uses a shutdown command in sip ua configuration mode The shutdown command in a sip ua configuration mode enables or disables only the sip service and the shutdown command in a voip gateway configuration mode enables or disables not on...

Page 404: ... gateway no shutdown Shuts down or enables voip call services 4 Exit Example configure voip gateway exit Exits the current mode 2 shutdown in sip ua configuration mode The procedure to enable or disable SIP service is as follows Configuration Steps configure terminal voip gateway sip ua no shutdown exit exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters...

Page 405: ...iguration mode and also specify optionally the registration expire value in a Call Manager Inter working mode The gw uri command in a call server configuration mode specify the URI where a Ubigate iBG3026 will be registered in Call Manager registration expire value and the interval of reattempt upon registration fail Depending on the registration status of the URI specified by gw uri command it is...

Page 406: ...p gateway call server Enters sip ua configuration mode 4 ip address ip addr udp tcp tls sip sips expires expires retry retry Example configure voip gatway call server ip address ipv4 90 90 90 100 Sets the SIP Signaling IP Address of Call Manager And you can also configure transport type uri type default registration expires and retry interval 5 gw uri uri expires expires retry retry Example config...

Page 407: ...rpose 1 configure terminal Example configure terminal Enters global configuration mode 2 dial peer voice pots voip tag Example configure dial peer voice pots 11 Enters POTS dial peer configuration mode 3 destination pattern dest pattern Example configure dial peer voice pots 11 dest pattern 1234 Sets a destination pattern 4 register e164 register uri uri Example configure dial peer voice pots 11 r...

Page 408: ...an set SIP proxy only when Call Manager is not set already You cannot set SIP proxy in a Call Manager Inter working mode or Survivable Telephony mode To set SIP proxy first you must cancel the call server setting using no call server ip address command This changes the operation mode to Stand Alone mode How to Configure SIP Proxy You can set the SIP Proxy in the following way Configuration Steps c...

Page 409: ...e 5 exit Example configure voip gateway sip ua exit Exits the current mode 6 exit Example configure voip gateway exit Exits the current mode How to Configure Dial Peer for Call Routing To send calls to SIP proxy for the destination number of a given pattern set a dial peer in the following way Configuration Steps configure terminal dial peer destination pattern session target exit Detailed Steps S...

Page 410: ...egistrar used in a Stand Alone mode Together with SIP Registrar setting you can register POTS dial peer to each SIP Registrar using a register command in a POTS dial peer configuration mode Restrictions for SIP Registrar You can set SIP Registrar only when Call Manager is not set already You cannot set SIP Registrar in a Call Manager Inter working mode or Survivable Telephony mode To set SIP Regis...

Page 411: ... sips expires expires retry retry Example configure voip gateway sip ua registrar ip address ipv4 90 90 90 100 Sets the SIP Signaling IP Address of SIP Registrar And you can also configure transport type uri type registration expires and retry interval 5 exit Example configure voip gateway sip ua exit Exits the current mode 6 exit Example configure voip gateway exit Exits the current mode How to C...

Page 412: ...5 Exit Example configure dial peer voice pots 11 exit Exits the current mode Configuring SIP Redirect Processing This section describes how to set the SIP Redirect processing SIP Redirect processing refers to the incoming call redirection or processing of 3xx class of response In a Call Manager Inter working mode all SIP incoming calls of Ubigate iBG3026 is redirected to Call Manager This means th...

Page 413: ...configure terminal voice service sip no redirection exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voice service sip Example configure voice service sip Enters SIP Service configuration mode 3 no redirection Example configure voice service sip redirection Enables or Disables Redirect Response handling 4 Exit Example confi...

Page 414: ...ects exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 dial peer voice pots voip tag Example configure dial peer voice voip 100 Enters VoIP dial peer configuration mode 3 max redirects count Example configure dial peer voice voip 100 max redirects 3 Sets the maximum count for SIP redirect response handling 4 exit Example con...

Page 415: ...hod for an operator to change the mapping is also provided You can change the mapping using set pstn cause command and set sip status command You can check the current mapping table settings using the show sip ua maps command Restrictions for PSTN Cause Code Mapping Using the command described above you can change the existing inter code mapping not create a new code Default Mapping Default PSTN C...

Page 416: ...failure 503 Service unavailable 42 Switching equipment congestion 503 Service unavailable 47 Resource unavailable 503 Service unavailable 55 Incoming class barred within Closed User Group CUG 403 Forbidden 57 Bearer capability not authorized 403 Forbidden 58 Bearer capability not presently available 501 Not implemented 65 Bearer capability not implemented 501 Not implemented 79 Service or option n...

Page 417: ... Interworking unspecified 406 Not acceptable 127 Interworking unspecified 407 Proxy authentication required 21 Call rejected 408 Request timeout 102 Recover on Expires timeout 409 Conflict 41 Temporary failure 410 Gone 1 Unallocated number 411 Length required 127 Interworking unspecified 413 Request entity too long 127 Interworking unspecified 414 Request URI URL too long 127 Interworking unspecif...

Page 418: ...nted 79 Service or option not implemented 502 Bad gateway 38 Network out of order 503 Service unavailable 63 Service or option unavailable 504 Gateway timeout 102 Recover on Expires timeout 505 Version not implemented 127 Interworking unspecified 580 Precondition Failed 47 Resource unavailable unspecified 600 Busy everywhere 17 User busy 603 Decline 21 Call rejected 604 Does not exist anywhere 1 U...

Page 419: ...ode 3 sip ua Example configure voip gateway sip ua Enters sip ua configuration mode 4 set pstn cause cause sip status code Example configure voip gateway sip ua set pstn cause 1 sip status 404 Changes pstn cause code to sip status code mapping 5 exit Example configure voip gateway sip ua exit Exits the current mode 6 exit Example configure voip gateway exit Exits the current mode 7 show sip ua map...

Page 420: ...rpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voip gateway Example configure voip gateway Enters voip gateway configuration mode 3 sip ua Example configure voip gateway sip ua Enters sip ua configuration mode 4 set sip status code pstn cause cause Example configure voip gateway sip ua set sip status 404 pstn cause 1 Changes sip status code to pstn cause c...

Page 421: ... Using the disable early media command in a SIP UA configuration mode you can control the method for Ubigate iBG3026 to handle the SDP delivered via 180 response To the contrary it is possible to control whether when Ubigate iBG3026 sends a 18x provisional response including SDP to send 180 or 183 response or send it together with SDP by using the alert cut through command How to Configure 180 Pro...

Page 422: ...e configure voip gateway sip ua disable early media 180 Disables or re enables early media processing for 180 provisional response Default is enable 5 exit Example configure voip gateway sip ua exit Exits the current mode 6 exit Example configure voip gateway exit Exits the current mode How to Configure Early Media Cut through You can set the Early media cut through method in the following way Con...

Page 423: ...lt 5 exit Example configure voip gateway sip ua exit Exits the current mode 6 exit Example configure voip gateway exit Exits the current mode Configuring Session Timer This section describes how to enable the SIP Session Timer feature For the established session SIP Session Timer feature periodically updates the session via re INVITE or UPDATE method If no reply is received in response to re INVIT...

Page 424: ...eature you can set Min Se in the following way Configuration Steps configure terminal voice service sip min se exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voice service sip Example configure voice service sip Enters SIP Service configuration mode 3 no min se duration Example configure voice service sip min se 300 Sets ...

Page 425: ...it to PSTN How to Configure Reason Header Support You can enable the reason header function as follows The default setting does not support a reason header Configuration Steps configure terminal voip gateway sip ua reason header override exit exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voip gateway Example configure vo...

Page 426: ...lished to the response the originating side cannot hear announcement To complement this an additional method called PRACK is used to ensure reliability of Provisional response Ubigate iBG3026 supports this function by default or it can disable or forcibly provide the function Restrictions for Reliable Provisional Response Reliable Provisional Response feature is available only when both originatin...

Page 427: ...ing SIP DTMF Relay This section describes how to set the method of delivering DTMF tone via SIP signaling To relay DTMF tone Ubigate iBG3026 supports the 4 methods as follows inband rtp nte sip notify sip info The inband method delivers DTMF to a voice path without separate processing In this case a distortion may occur due to loss of RTP packets The rtp nte method delivers DTMF tone via RTP accor...

Page 428: ...nd of the DTMF event Thus the duration parameter in this final NOTIFY message measures the complete duration of the event R Reserved unused In RFC2833 unused corresponds to the volume field but is not used in NOTIFY based out of band DTMF relay duration Duration of the DTMF event in milliseconds On SIP INFO method use application dtmf relay content type header contain signal and duration attribute...

Page 429: ...nfigure terminal Example configure terminal Enters global configuration mode 2 voip gateway Example configure voip gateway Enters voip gateway configuration mode 3 sip ua Example configure voip gateway sip ua Enters sip ua configuration mode 4 dtmf relay inband rtp nte sip info sip notify Example configure voip gateway sip ua dtmf relay sip info Specifies how to relay DTMF tone between telephony i...

Page 430: ...configuration mode 3 no dtmf relay inband rtp nte h245 alphanumeric sip info sip notify Example configure dial peer voice voip 100 dtmf relay sip info Specifies how to relay DTMF tone between telephony interface and IP network 4 Exit Example configure dial peer voice voip 100 exit Exits the current mode Configuring ISDN Suspend Resume Support This section describes how to set the function in SIP a...

Page 431: ...p Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voip gateway Example configure voip gateway Enters voip gateway configuration mode 3 sip ua Example configure voip gateway sip ua Enters sip ua configuration mode 4 no suspend resume Example configure voip gateway sip ua suspend resume Enables or Disables ISDN Suspend Resume support 5 exit Example ...

Page 432: ...l Peer of SIP type How to Configure QSIG Tunneling You can enable the QSIG Tunneling function in VoIP Dial Peer of SIP type in the following way Configuration Steps configure terminal dial peer sip class qsig tunneling exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 dial peer voice pots voip tag Example configure dial peer...

Page 433: ...d be set for each FXS voice port Restrictions for SIP MWI Feature The MWI feature of Ubigate iBG3026 via interworking with MWI server only notifies if a waiting message exists via audible or visible indication but does not provide the Call redirection to the voice mail server when the line is busy or there is no answer function How to Configure SIP MWI Server You can set the SIP MWI Server in the ...

Page 434: ...can configure transport and uri type 5 exit Example configure voip gateway sip ua exit Exits the current mode 6 exit Example configure voip gateway exit Exits the current mode How to Configure Voice Port for SIP MWI You can set MWI function in FXS phone in the following way Configuration Steps configure terminal voice port mwi exit Detailed Steps Step Command Purpose 1 configure terminal Example c...

Page 435: ...ing party and change them to what configured To change the calling information for PSTN to SIP call forcibly you can make a setting using a calling info pstn to sip command and to change the calling information for SIP to PSTN call forcibly you can make a setting using a calling info sip to pstn command Restrictions for Calling Info Feature This configuration affect all SIP inbound and outbound ca...

Page 436: ...teway configuration mode 3 sip ua Example configure voip gateway sip ua Enters sip ua configuration mode 4 no calling info pstn to sip unscreened discard name name string number number Example configure voip gateway sip ua calling info pstn to sip number 7778888 Sets the calling info for pstn to sip call 5 exit Example configure voip gateway sip ua exit Exits the current mode 6 exit Example config...

Page 437: ...ple configure terminal Enters global configuration mode 2 voip gateway Example configure voip gateway Enters voip gateway configuration mode 3 sip ua Example configure voip gateway sip ua Enters sip ua configuration mode 4 no calling info sip to pstn unscreened discard name name string number number Example configure voip gateway sip ua calling info sip to pstn number 7778888 Sets the calling info...

Page 438: ...y Monitoring Feature This feature is available only when SIP remote entity can generate response which is positive or negative to OPTIONS request If SIP entity ignore OPTIONS request and make no response its status is always abnormal and it never receive call from iBG How to Configure SIP Entity Monitoring Feature You can enable or disable SIP entity monitoring feature in the following way Configu...

Page 439: ...iguration mode For the information how to use the commands see the Command Reference Command Mode Purpose offer call hold SIP UA specify globally how the Session Initiation Protocol SIP gateway should initiate call hold requests port SIP UA Specify the port number per transport to be used in the Session Initiation Protocol SIP stack by default max forwards SIP Service Specify the Max Forwards Head...

Page 440: ...ble UserName Password should be shared with SIP server in advance SIP server requesting the authentication of SIP client response to the request sent from Ubigate iBG3026 with 401 response Using the information contained in 401 response and UserName Password Ubigate iBG3026 adds Authorization Token to a request Upon receiving the request where Authorization Token is added SIP server verifies the a...

Page 441: ...nters POTS dial peer configuration mode 3 authentication username username password password Example configure dial peer voice pots 11 authentication username 1001 password 12345678 Configure a user name and password for a POTS dial peer 4 exit Example configure dial peer voice pots 11 exit Exits the current mode How to Configure System Default Digest It is the method of setting the system default...

Page 442: ...n mode 3 sip ua Example configure voip gateway sip ua Enters sip ua configuration mode 4 authentication username username password password realm realm Example configure voip gateway sip ua authentication username Ubigate iBG3026 password 12345678 realm proxy com Configure a user name password and realm for system default 5 exit Example configure voip gateway sip ua exit Exits the current mode 6 e...

Page 443: ...an perform system global configuration for SIP URI with TLS transport in the following way Configuration Steps configure terminal voice service sip uri transport exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voice service sip Example configure voice service sip Enters SIP Service configuration mode 3 uri sip sips Example...

Page 444: ...ommand Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 dial peer voice pots voip tag Example configure dial peer voice voip 100 Enters VoIP dial peer configuration mode 3 sip class uri sip sips Example configure dial peer voice voip 100 sip class uri sips Specifies SIP URI type 4 session transport udp tcp tls Example configure dial peer voice voip 100 ses...

Page 445: ...The certificate of a counterpart is obtained via SIP Signaling Prerequisites for S MIME Configuration Before specifying a certificate and private key to POTS Dial peer a certificate and private key should be saved in the file system of Ubigate iBG3026 in a PEM format How to Configure S MIME Support You can specify the certificate and private key to a desired dial peer where S MIME will be used in ...

Page 446: ...TP function to encode and deliver a media packet SRTP encodes and sends the media packet using the key exchanged via SIP signaling and the receiving party decodes the encrypted media packet to support the security of media level To use this SRTP it is necessary to specify crypto suite to a dial peer where SRTP will be used Configuration Steps configure terminal dial peer srtp crypto exit Detailed ...

Page 447: ...C_SHA1_80 or both of them 4 Exit Example configure dial peer voice voip 100 exit Exits the current mode Verifying and Troubleshooting SIP Features This section describes how to use the show command and debug command to verify and troubleshoot the SIP feature of Ubigate iBG3026 Using show commands You can use the show command commands as follows to confirm or see the current status of the SIP featu...

Page 448: ...terworking mode show sip ua registrar Shows the SIP Registrar settings Example show sip ua registrar registrar type is Call Manager host ip is ipv4 90 90 90 100 tranport is system port is used system configuration expires is 3600 uri type is system show sip ua sip server Shows the SIP Proxy settings Example show sip ua sip server proxy type is Call Manager host ip is ipv4 90 90 90 100 tranport is ...

Page 449: ...rs SIP configuration SIP UA up operation mode Call server mode auth username samsung auth password samsung SIP UA is use call server SIP UA use ip address for call server ipv4 10 254 139 50 SIP UA expires time for REGISTER 3600 SIP UA retry time for REGISTER 60 SIP UA use transport system SIP UA use uri type system SIP UA URI sip ibg3026 samsung com SIP UA use duration 30 SIP UA use retry 30 regis...

Page 450: ...se sha1 32 srtp not use sha1 80 registrar local service expires min 60 registrar local service expires max 86400 max udp msg length to switch to tcp not switch sip no answer timer value for sip outbound call 15 sip calling info pstn to sip unscreened discard no sip calling info sip to pstn unscreened discard no voip gateway profiles are syncronized to call server VoIP fallback configuration voip f...

Page 451: ...FROM sip 2301 samsung com tag 7267517 TO sip 2302 samsung com tag 7267170 SOURCE ADDRESS udp 10 254 167 249 0 DESTINATION ADDRESS udp 10 254 167 244 0 MEDIA INFO PAYLOAD ID CODEC g711u RTP LOCAL ADDRESS 10 10 10 10 16386 RTP REMOTE ADDRESS 10 10 10 10 16388 DTMF PAYLOAD TYPE 101 TOTLA NUMBER 2 show sip ua connections Shows the SIP connection status It shows the connection status per the transport ...

Page 452: ...e sent or received debug sip log Command to view the SIP message You can display messages by filtering them with calling number or called number debug sip vcc Displays the debugging messages of SIP call processing task debug sip stack Displays the debugging messages of SIP Stack level debug sip dump req Displays SIP message s request and response line debug sip dump msg Displays SIP messages ...

Page 453: ...tistics Conformance H 323 gateway basically follows the recommendations below Table 29 1 Standards Standards Title ITU T H 323 Version4 Packet based multimedia communications systems ITU T H 225 Call signalling protocols and media stream packetization for packet based multimedia communication systems ITU T H 245 Control protocol for multimedia communication ITU T E 164 Overall network operation te...

Page 454: ...lling depending on the call model supported by a gatekeeper This section will discuss how Ubigate iBG3026 performs a call setup procedure in dial peer depending on the registered information session target The H 225 0 SETUP message from the H 323 Endpoint registered as a session target on dial peer follows the call procedure illustrated in Figure 29 1 In this case call setup is done regardless of ...

Page 455: ...re 29 2 Figure 29 2 Call Setup from a unknown H 323 Endpoint no Gatekeepers If H 323 gateway is registered in a gatekeeper the H 225 0 SETUP message from the H 323 Endpoint not registered as a session target on dial peer follows the call procedure illustrated in Figure 29 3 Figure 29 3 shows the case where a gatekeeper uses a Direct Call Signalling method RelaseComplete iBG3026 a known H 323 endpo...

Page 456: ... procedure illustrated in Figure 29 4 Figure 29 4 shows the case where a gatekeeper usually uses a Gatekeeper Routed Call Signalling Figure 29 4 Call Setup from Gatekeeper CallProceeding iBG3026 a known H 323 endpoint Call Signalling Messages RAS Messages SETUP ARQ ACF Alerting or Progress Connect Gatekeeper CallProceeding iBG3026 H 323 endpoint Call Signalling Messages RAS Messages SETUP ARQ ACF ...

Page 457: ... H 225 0 SETUP message sent from H 323Gateway follows the call procedure illustrated in Figure 29 5 In this case call setup is done regardless of the existence of the gatekeeper to interwork over H 323 network Figure 29 5 Call Setup to a known H 323 Endpoint CallProceeding iBG3026 a known H 323 endpoint Call Signalling Messages RAS Messages Alerting or Progress Connect Gatekeeper SETUP ...

Page 458: ...RAS Signalling basically follows ITU T Rec H 323 recommendation and this section describes the procedure of registering H 323 gateway as a gatekeeper and an Alternative Gatekeeper procedure Registration UnRegistration An operator can designate maximum 2 Primary Second gatekeepers and the first registration is attempted with the primary gatekeeper The time points when H 323 gateway attempts registr...

Page 459: ...ttempts unregistration from a gatekeeper are as follows Table 29 3 RAS UnRegistration Trial UnRegistration Attempt Time Related CLI Remarks When gatekeeper info is deleted no gatekeeper no gatekeeper name Both primary and secondary gatekeeper info are deleted When H 323 Service is turned Down shutdown forced h323 gateway configuration mode When registration was made When URQ is explicitly received...

Page 460: ...and RRQ stage This function provides redundancy when the gatekeeper interworking over H 323 network fails and the system availability redundancy and scalability should be implemented at the gatekeeper level start current gatekeeper is primary gatekeeper send full RRQ to current gatekeeper recv RCF recv RRJ is the reason disc overy Required chosen recv GCF send lightweight RRQ to current gatekeeper...

Page 461: ...ekeeper list currently managed by H 323 gateway is replaced by the list in this field H 323 gateway selects a gatekeeper with high priority out of the list to perform the RAS Registration procedure If no response is received from the selected gatekeeper it selects the gatekeeper with the next higher priority to perform the RAS registration procedure and after the entire alternative gatekeeper list...

Page 462: ...ial peer configuration mode Each service has the restrictions as described in Table 29 4 Table 29 4 Supported Supplementary Services in H 323 Gateway Service Name Description Restriction Call Transfer blind consultative While A and B are busy blind A presses a hook flash and attempts a call to C A does hook on C does hook off Call between B and C is made consultative A presses a hook flash and att...

Page 463: ...de Call PickUp While A attempts a call to B if C presses a specific feature code after hook off C can converse with A instead of B H 323 party cannot be other party B C than A party call pickup group command should be set in a POTS dial peer configuration mode Call Statistics Debug H 323 gateway provide the statistics information as follows H 225 0 CS Message statistics sent received H 225 0 RAS M...

Page 464: ...Complete message transceived by H 323 gateway after Ubigate iBG3026 is booted To trace and debug the H 323 call in progress the command described in Table 29 6 should be entered in a privileged EXEC mode Table 29 6 H 323 Call Tracing Debug Command Command Description debug h323 stack h225 h245 ras all Shows the ASN 1 information and the encoded messages of the following messages in hexadecimal num...

Page 465: ...es to interwork with Establishing a network plan for the requirements and features of VoIP network where H 323 gateway belongs Establishing a Call Routing Plan on H 323 Network Configuring H 323 Bind This section describes the H 323 bind feature With this feature you can specify the source address of H 323 signaling and the source address for media stream as well You can specify the interface by B...

Page 466: ...global configuration mode 2 Interface type number Example configure interface Ethernet 0 0 Enters interface configuration mode to configure specific interface 3 ip address ip_address subnet_mask Example configure interface ethernet 0 0 ip address 90 90 90 90 255 255 255 0 Configures a IP Address for an interface 4 exit Example configure interface ethernet 0 0 exit Exits the current mode 2 shutdown...

Page 467: ...figure voip gateway shutdown forced Shutdowns voip call services 4 exit Example configure interface ethernet 0 0 exit Exits the current mode 3 bind control To specify the source address of H 323 signaling you have to do the followings Configuration Steps configure terminal voip gateway bind control exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters glob...

Page 468: ...ource address of media stream you have to do the followings Configuration Steps configure terminal voip gateway bind media exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voip gateway Example configure voip gateway Enters voip gateway configuration mode 3 bind media interface type num Example configure voip gateway bind me...

Page 469: ...nfigure terminal voip gateway host ip address exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voip gateway Example configure voip gateway Enters voip gateway configuration mode 3 host ip address ip address Example configure voip gateway host ip address 90 90 90 90 Sets source ip address for signaling and media streams 4 ex...

Page 470: ...on mode the other one uses a shutdown command in h323 gateway configuration mode The shutdown command in a h323 gateway configuration mode enables or disables only the h 323 service and the shutdown command in a voip gateway configuration mode enables or disables not only H 323 service but also SIP service that is the entire voip call service When H 323 service is actually enabled or shut down the...

Page 471: ... gateway Enters voip gateway configuration mode 3 no shutdown forced Example configure voip gateway no shutdown Shuts down or enables voip call services 4 Exit Example configure voip gateway exit Exits the current mode 2 shutdown in h323 gateway configuration mode The procedure to enable or disable H 323 service is as follows Configuration Steps configure terminal voip gateway h323 gateway no shut...

Page 472: ...ip gateway Enters voip gateway configuration mode 3 h323 gateway Example configure voip gateway h323 gateway Enters h323 gateway configuration mode 4 no shutdown forced Example configure voip gatway h323 gateway no shutdown Shuts down or enables H 323 services 5 exit Example configure voip gateway h323 gateway exit Exits the current mode 6 exit Example configure voip gateway exit Exits the current...

Page 473: ...3 gateway should be set normally Indirect Connection where H 323 gateway is managed by a gatekeeper How to Configure Basic H 323 Services To set a configuration enabling H 323 gateway to perform a basic call processing it should be done in a dial peer voice voip configuration mode in the following way Configuration Steps configure terminal dial peer voice voip destination pattern session protocol ...

Page 474: ...en the timer T character is included at the end of the destination pattern the router collects dialed digits until the interdigit timer expires 5 seconds by default or until you dial the termination character the default is The timer character must be a capital T 4 session protocol h323 sip Example configure dial peer voice voip 100 session protocol h323 A session protocol for calls between local ...

Page 475: ...tag Example configure dial peer voice 100 voice class h323 100 Tag value of the voice class created using voice class h323 command 8 exit Example configure dial peer voice 100 exit Exits the current mode Configuring RAS This section describes the configuration necessary for H 323 gateway to perform RAS Signalling with a gatekeeper Since this configuration is essential in the Indirect Connection mo...

Page 476: ...mand where you must enter the information of the gatekeeper to interwork directly and the other one is gatekeeper name command where you enter the gatekeeper information named by voip peer command You can register or unregister H 323 gateway in from a gatekeeper in the following way 1 RAS registration or unregistration using gatekeeper ip address command Configuration Steps configure terminal voip...

Page 477: ...d gk1 samsung com defines H 323 identification of the gatekeeper that H 323 gateway will be register with 6 no gatekeeper ip address ipv4 ip address ipv6 ip address port primary secondary Example configure voip gateway h323 gateway gatekeeper ip address ipv4 192 168 10 200 1719 primary defines the location of the gatekeeper if no flag is not used this command causes RAS registration if no flag is ...

Page 478: ...teps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voip peer peer name h323 sip Example configure voip peer pri gatekeeper h323 Enters voip peer configuration mode 3 ip address ipv4 ip address port ipv6 ip address port dns hostname port Example configure voip peer pri gatekeeper h323 ip address ipv4 10 254 10 200 1719 specifies ip address a...

Page 479: ...le configure voip gateway h323 gateway gatekeeper id gk1 samsung com defines H 323 identification of the gatekeeper that H 323 gateway will be register with 9 no gatekeeper name peer name primary secondary Example configure voip gateway h323 gateway gatekeeper name gk samsung com pri gatekeeper primary specifies peer name registered using voip peer command if no flag is not used this command cause...

Page 480: ...t and retry count values for each RAS message is as follows Configuration Steps configure terminal voice service h323 ras timeout ras retry exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voice service h323 Example configure voice service h323 Enters voice service h323 configuration mode 3 ras timeout all arq drq grq rai r...

Page 481: ...r of times that the gateway resends messages to the gatekeeper after timeout Range 1 to 10 5 Exit Example configure voice service h323 exit Exits the current mode How to configure RRQ TimeToLive ras rrq ttl command specifies the time which should be considered as that H 323 gateway is running after a gatekeeper receives the lightweight RRQ for the last time H 323 gateway sets this value TimeToLive...

Page 482: ...keeper considers the gateway active Range 15 to 300 5 exit Example configure voice service h323 exit Exits the current mode Configuring Multiple Codecs When a single dial peer is set only a single codec can be specified This however decreases the possibility of call establishment Therefore this section describes how to set a list of codecs having priority to increase the call establishment possibi...

Page 483: ...d list of codecs Keyword and arguments are as follows value Order of preference with 1 being the most preferred and 5 being the least preferred codec type Type of codec referred interval time 10 20 30 40 50 60 ms Repeat this command to specify the preferred selection order for additional codecs if required 4 exit Example configure voice class codec 100 exit Exits the current mode 5 dial peer voice...

Page 484: ... this case a distortion may occur due to loss of RTP packets The rtp nte method delivers DTMF tone via RTP according to RFC 2833 RTP Payload for DTMF Digits Telephony Tones and Telephony Signals The h245 alphanumeric method delivers DTMF tone via H 245 UserInputIndication message The queued digits method delivers DTMF tone as RTP packets according to RFC 2833 and Queued Digits are supported for an...

Page 485: ...tween telephony interface and H 323 network inband DTMF is sent together with general voice stream rtp nte DTMF is sent unsing the voice stream according to the RFC2833 recommendation h245 alphanumeric DTMF is sent using H 245 UserInputIndication alphanumeric message queued digits DTMF is sent using the voice stream according to the RFC2833 recommendation and additionally Queued Digits are support...

Page 486: ...peer voice voip 100 dtmf relay h245 alphanumeric Specifies how to relay DTMF tone between telephony interface and IP network inband DTMF is sent together with general voice stream rtp nte DTMF is sent unsing the voice stream according to the RFC2833 recommendation h245 alphanumeric DTMF is sent using H 245 UserInputIndication alphanumeric message queued digits DTMF is sent using the voice stream a...

Page 487: ...w are those available in each configuration mode Table 29 8 commands of voice service h323 configuration and voice class h323 configuration command Description voice service h323 voice class h323 h225 call start Specifies the H 323 call setup method O O h225 early h245 Specifies whether to perform the normal H 245 procedure before or after CONNECT message O O h225 h245 tunnel Specifies the H 245 T...

Page 488: ...h323 configuration mode 1 h225 call start You can perform H 323 call setup in the following way Configuration Steps configure terminal voice service h323 h225 call start exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voice service h323 Example configure voice service h323 Enters voice service h323 configuration mode 3 h22...

Page 489: ...rs global configuration mode 2 voice service h323 Example configure voice service h323 Enters voice service h323 configuration mode 3 h225 early h245 on off Example configure voice service h323 h225 early h245 on Specifies whether early H245 procedure should be implemented during call signalling 4 exit Example configure voice service h323 exit Exits the current mode 3 h225 h245 tunnel The settings...

Page 490: ...el on Specifies whether h245 tunneling method will be supported during call signaling 4 exit Example configure voice service h323 exit Exits the current mode 4 h225 call response You can determine what H 225 0 message to send as a response to H 225 0 Setup message Configuration Steps configure terminal voice service h323 h225 call response exit Detailed Steps Step Command Purpose 1 configure termi...

Page 491: ...the show command and debug command to verify and troubleshoot the H 323 feature of Ubigate iBG3026 Using show commands You can use the show command commands as follows to confirm or see the current status of the H 323 feature settings show h323 gateway service Shows the H 323 service status The service status is up or down Example show h323 gateway service H 323 service is up show h323 gateway sta...

Page 492: ...1719 show h323 gateway detailed It shows all the setting values of voice class h323 Example show h323 gateway detailed VOICE SERVICE H323 dtmf relay rtp nte tech prefix h225 call start fast h245 tunnel on early h245 off call response alert t301 180 t303 15 ras rrq ttl 60 msg retry timeout all 2 3 arq 2 5 drq 2 3 grq 2 5 rrq 2 3 rai 2 3 urq 1 3 show h323 gateway registration It shows the gatekeeper...

Page 493: ...RAS port 1719 Alternative Gatekeeper List from Gatekeeper 1 GK ID GK2 IPAddr 10 254 149 50 Port 1719 Priority 0 NeedToReg True 2 GK ID GK3 IPAddr 10 254 159 50 Port 1719 Priority 1 NeedToReg True show h323 gateway calls Shows the status of H 323 calls in progress Example show h323 gateway calls Current H323 Calls Current Time 2005 11 29 06 09 55 280 Total 2 calls CRV CallState SrcIpAddr SrcPort Ds...

Page 494: ...gging messages of an application or the H 323 message sent or received debug h323 log Command to view the H 323 message You can display messages by filtering them with calling number or called number debug h323 vcc Displays the debugging messages of H 323 call processing task debug h323 stack Displays the debugging messages of H 323 stack level ...

Page 495: ...ubscriber interface FXS the plug on the wall delivers POTS service from the local phone company s Central Office CO and must be connected to subscriber equipment telephones modems and fax machines In other words an FXS interface points to the subscriber FXO Foreign eXchange Office interface FXO the plug on the phone receives POTS Service typically from a Central Office of the Public Switched Telep...

Page 496: ...aling It works by using ground and current detectors that allow the network to indicate off hook or seizure of an incoming call independent of the ringing signal and allow for positive recognition of connects and disconnects For these reasons ground start method is used as inter PBX Trunk line 1 Idle state Analog FXS Interface or module in submarine Telephone set or PBX Ring Generator 48DC Battery...

Page 497: ...e for ground Battery 48 VDC is still connected to the ring line just as in loop start signaling PBX CO Both the tip and ring lines are disconnected from ground 1 Incoming call Analog FXS Interface or module in submarine Ring Generator 48DC Battery Tip Ring PBX grounds the ring line to indicate to the Analog FXS that there is an incoming call Tip Detector PBX CO Analog FXS Interface or module in su...

Page 498: ...s either two wire or four wire This refers to whether the audio path is full duplex on one pair of wires two wire or on two pair of wires four wire A connection may be called a four wire E M circuit although it actually has six to eight physical wires It is an analog connection although an analog E M circuit may be emulated on a digital line For more information on digital voice port configuration...

Page 499: ...ethod signaling sequence Delay Dial Method Delay dial method enters seizure action by hooking off E lead from the calling side after a given time about 200msec when the calling side takes a look at the status of terminating side if the terminating side is on hook status or he she awaits till the terminating side enters into on hook status calling side sends address information Originating Destinat...

Page 500: ...d Configuration M Lead Configuration Signaling Battery Lead Signaling Ground Lead I Output Relay to ground Input referenced to ground II Output Relay to SG Input referenced to ground Feed for M connected to 48V Return for E Galvanically isolated from ground III Output Relay to ground Input referenced to ground Connected to 48V Connected to ground V Output Relay to ground Input referenced to 48V Or...

Page 501: ... ls up up on hook idle y 0 0 2 fxs ls up up on hook idle y 0 0 3 fxs ls up up on hook idle y 0 1 0 10 01 r2 mfc up up idle idle y 0 1 0 10 02 r2 mfc up up idle idle y 0 1 0 10 03 r2 mfc up up idle idle y 0 1 0 10 04 r2 mfc up up idle idle y 0 1 0 10 05 r2 mfc up up idle idle y 0 1 0 10 06 r2 mfc up up idle idle y 0 1 0 10 07 r2 mfc up up idle idle y 0 1 0 10 08 r2 mfc up up idle idle y 0 1 0 10 09...

Page 502: ...state is indicated differently according to signaling method in each SIG Type analog of voice port or DS0 channel idle ringing off hook out_of_svc busy seized answered etc OUT STATUS indicates status changes when analog voice port or DS0 channel handles a call At this time call state is indicated differently according to signaling method in each SIG Type analog of voice port or DS0 channel idle ri...

Page 503: ...DTMF or MF Configuring Analog FXS Voice Port This section describes the configuration of analog FXS voice port How to Configure Analog FXS Voice Port To set up each parameter of basic analog voice port follow the next procedures Configuration Steps configure terminal voice port dial peer voice pots exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters glob...

Page 504: ...uency 25 Hz frequency 30 Hz frequency 50 Hz frequency 6 ring cadence on net cadence define pulse interval pulse interval pulse interval Changes Ring Cadence for on net Call 7 ring cadence off net cadence define pulse interval pulse interval pulse interval Changres Ring Cadence for off net Call 8 locale locale Selects the two letter locale for the voice call progress tones and other locale specific...

Page 505: ...timeout wait time in seconds A valid entry is an integer from 0 to 120 The default is 5 ringing Specifies the duration that the voice port allows ringing to continue if a call is not answered The range is from 0 to 60000 The default is 180 0 means infinity wait release Specifies the duration that a voice port stays in the call failure state while the device sends a busy tone reorder tone or an out...

Page 506: ...to a telephony device The string argument is a series of digits that specify the E 164 or private dialing plan telephone number Valid entries are the numbers 0 through 9 and the letters A through D You can also enter the following special characters The asterisk or pound sign on standard touch tone dial pads can be used anywhere in the pattern The period acts as a wildcard character When the timer...

Page 507: ...econds off pattern05 1 second on 5 seconds off pattern06 1 second on 3 seconds off pattern07 0 8 second on 3 2 seconds off pattern08 1 5 seconds on 3 seconds off pattern09 1 2 seconds on 3 7 seconds off pattern09 1 2 seconds on 4 7 seconds off pattern11 0 4 second on 0 2 second off 0 4 second on 2 seconds off pattern12 0 4 second on 0 2 second off 0 4 second on 2 6 seconds off In case of SIP Inbou...

Page 508: ...erval off time in hundreds of milliseconds Range is from 1 to 50 for pulses of 100 to 5000 ms For example 1 100 ms 10 1 s 40 4 s Dualtone The dualtone command enters the custom cptone configuration mode and specifies a call progress tone to be dectected You can specify addition call progress tones without exiting custom cptone configuration mode Configure voice class custom cptone tag dualtone bus...

Page 509: ...ptional Tone off duration for the first cycle of the cadence pattern in milliseconds ms Range is from 0 to 1000 The default is 0 cycle 3 on time Optional Tone on duration for the first cycle of the cadence pattern in milliseconds ms Range is from 0 to 1000 The default is 0 cycle 3 off time Optional Tone off duration for the first cycle of the cadence pattern in milliseconds ms Range is from 0 to 1...

Page 510: ...al Enters global configuration mode 2 voice port slot subslot port Enter voice port Configuration Mode slot Specifies the number of the router slot where the voice module in installed subslot Specifies the number of subslot in the slot port Indicates the voice port 3 shutdown Change status of voice port to shutdown 4 signal loop start ground start Selects the access signaling type to match that of...

Page 511: ...onds that the system waits between the caller input of the initial digit and the subsequent digit of dialed string A valid entry is from 0 to 120 The default is 10 interdigit Configures the number of seconds that the system waits after the caller has input the initial digit or a subsequent digit of the dialed string If the timeout ends before the Destination is identified a tone sounds and the cal...

Page 512: ...e port configuration mode 13 dial peer voice pots voip tag Example configure dial peer voice pots 11 Enters dial peer configuration mode and defines a local dial peer that connects to a POTS interface The number argument is one or more digits identifying the dial peer Valid entries are from 1 to 10000 The pots keyword indicates a dial peer using basic telephone service 14 destination pattern WORD ...

Page 513: ...e Port This section describes the configuration of analog E M voice port How to Configure Analog E M Voice Port Unlike FXO FXS E M voice port is not enough to send voice data as a default value the set up values of E N voice port should be sure to be matched with the features of PBX unit interworked Two wire or Four wire Jumper Setting A user should set up Cabling scheme pertinent to Analog E M vo...

Page 514: ... a 2 wire audio operation circuit this pair carries the full duplex audio path TIP1 RING1 Used on 4 wire audio operation circuits only The 4 wire implementation provides separate paths for receiving and sending audio signals The following Figure 30 8 shows a whole Jumper information for E M Board Figure 30 8 E M Jumper Information J1 J2 J11 J12 2W 4W 1 2 2 3 CH0 J1 J2 CH1 J11 J12 1 2 2 3 Type J6 J...

Page 515: ...e open The PBX indicates the off hook condition by connecting the M lead to the signal battery SB lead connected to battery of the signaling side E M Type III Not commonly used in modern systems Type III uses four leads for supervision signaling E M SB and SG During inactivity the E lead is open and the M lead is set to ground connected to SG lead of signaling side The PBX indicates off hook condi...

Page 516: ...tart immediate start delay dial This command enables Direct Inward Dialing on the voice port immediate if the voice port must use the immediate start protocol wink start if the voice port must use the wink start protocol delay dial if the voice port must use the delay start protocol 5 operation 2 wire 4 wire Specifies the number of wires used for voice transmission at this interface the audio path...

Page 517: ...delay start Specifies minimum delay time in milliseconds from outgoing seizure to outdial address Valid entries are from 20 to 2000 The default is 300 9 timeouts timer name timer value To change timeouts parameters initial Sets the number of seconds that the system waits between the caller input of the initial digit and the subsequent digit of dialed string A valid entry is from 0 to 120 The defau...

Page 518: ... peer voice pots voip tag Example configure dial peer voice pots 11 Enters dial peer configuration mode and defines a local dial peer that connects to a POTS interface The number argument is one or more digits identifying the dial peer Valid entries are from 1 to 10000 The pots keyword indicates a dial peer using basic telephone service 13 destination pattern WORD Example configure voice port dest...

Page 519: ...s section describes the analog DID Feature Direct Inward Dialing DID which is the service proposed by Telephone service providers is the service to allow a caller to dial to extension of PBX without help of an attendant DID Feature enables every extension of a PBX to work like that every extension is connected directly to PSTN Start Signal Immediate Start The originating end seizes the line by goi...

Page 520: ...an outgoing call is attempted the caller will get a fast busy signal How to Configure Analog DID To set up each parameter of basic analog voice port follow the next procedures Configuration Steps configure terminal voice port dial peer voice pots exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voice port slot subslot port ...

Page 521: ... us 6 timeouts timer name timer value To change timeouts parameters initial Sets the number of seconds that the system waits between the caller input of the initial digit and the subsequent digit of dialed string A valid entry is from 0 to 120 The default is 10 interdigit Configures the number of seconds that the system waits after the caller has input the initial digit or a subsequent digit of th...

Page 522: ...tone to the port The range is from 0 to 3600 The default is 30 0 means infinity 7 timing wink wait timer value Sets the maximum time to wait before sending wink signal after an incoming seizure is detected 8 timing wink duration timer value Sets the duration of a wink start signal 9 timing delay duration timer value Sets the duration of a delay signal 10 timing delay start timer value Sets the del...

Page 523: ...es are routed based on the calling number not the called number The calling number is checked against a database of emergency service providers that cross references the service providers for the caller s particular location When this information is known the call is then routed to the proper public service answering point PSAP which in turn dispatches those services for the caller s location CAMA...

Page 524: ...r Identification CAMA Centralized Automatic Message Accounting NPA Numbering Plan Area NPD Numbering Plan Digit NRF No Record Found PBX Private Branch Exchange PSAP Public Safety Answering Point or Primary Public Safety Answering Point SR Selective Routing End Office PSTN Traffic ALI Database Selective Router Tandem PSAP ANI ALI Controller Analog Phone IP Phone SCM 9 1 1 Service Provider Public Sa...

Page 525: ... NXX XXXX ST 7 digit Automatic Number Identification ANI transmission The Numbering Plan Area NPA or area code is implied by the trunk group and is not transmitted KP 0 NPA NXX XXXX ST 10 digit transmission The E 164 number is fully transmitted KP 2 ST Default transmission when the CAMA trunk cannot obtain a corresponding Numbering Plan Digit NPD in the look up table or when the calling number is ...

Page 526: ... audible ringing to the calling PBX party Upon answer the PSAP will disconnect audible ringing connect the call to the answering attendant display the ANI at the answering position and return an off hook signal to the PBX indicating that the call has been answered PBX E911 SWITCH 1 SEIZE OFF HOOK 2 WINK START l40 ms TO 290 ms 3 KP 911 ST 4 OFF HOOK 5 KP I NXXXXXX ST ANI 6 TALKING PATH CONNECTED Ca...

Page 527: ...555 1234 and so on NPD range is from 0 to 3 To preprogram the Numbering Plan Area NPA or area code into a single Multi Frequency MF digit 5 signal groundstart loopstart signal cama kp 0 nxx xxxx st kp 0 npa nxx xxxx st kp 2 st kp npd nxx xxxx st Selects the access signaling type to match that of the telephony connection you are making The keywords are as follows loop start default Uses a closed ci...

Page 528: ... 9 locale locale Selects the two letter locale for the voice call progress tones and other locale specific parameters to be used on this voice port The Default is us ex locale us 10 timeouts timer name timer value To change timeouts parameters initial Sets the number of seconds that the system waits between the caller input of the initial digit and the subsequent digit of dialed string A valid ent...

Page 529: ...tdown Change shutdown Status of voice port to in Service 14 exit Exits voice port configuration mode 15 dial peer voice pots voip tag Example configure dial peer voice pots 11 Enters dial peer configuration mode and defines a local dial peer that connects to a POTS interface The number argument is one or more digits identifying the dial peer Valid entries are from 1 to 10000 The pots keyword indic...

Page 530: ...r is included at the end of the destination pattern the router collects dialed digits until the interdigit timer expires 5 seconds by default or until you dial the termination character the default is The timer character must be a capital T 17 port slot subslot port Maps the dial peer to a specific Port Number 18 exit Exits voice dial peer configuration mode ...

Page 531: ...ng standard for PSTN E1 trunk A detailed specification for R2 signaling is included in ITU T Q 400 to Q 490 Digital E1 Trunk E1 trunk working in TDM method has 32 timeslots each timeslot is called as DS0 One of R2 signaling working in E1 digital trunk is used as frame synchronization of E1 trunk and the other one is used for signal transmission for R2 signaling The remaining 30 timeslots are used ...

Page 532: ...cas custom in order to customize the E1 R2 variants for different countries or regions Configuration Steps Complete physical layer of E1 trunk settings Create ds0 groups to manage the DS0 channels on the E1 trunk Configure ds0 group with sub commands such as timeslots and signal cas Customize country variants in cas custom configuration mode Configure basic voice port parameters in voice port conf...

Page 533: ...onfiguration mode To configure E1 R2 do the following steps 1 Set up the E1 trunk that connects to the private automatic branch exchange PBX or switch 2 Ensure that the framing and linecoding of the E1 are properly set 3 For E1 framing choose either CRC or non CRC 4 For E1 linecoding choose either HDB3 or AMI 5 For the E1 clock source choose either internal or line Keep in mind that different PBXs...

Page 534: ..._VSLOT 0 0 FXS_ 4M NORMAL 7 MM_2_VSLOT 0 1 WTE_ 2M NORMAL 6 MM_1_VSLOT 0 2 1 0 1 1 2 0 2 1 2 show module configuration all Displays all the digital trunk active in the system So if you use this command it helps you to recognize the carrier types of the trunks installed in the system v239 show module configuration all E1 Framing Coding ClkSrc LBO CableLength State Alarm 0 1 1 crc hdb3 int long haul...

Page 535: ...e1 trunk Specify the E1 trunk that you want to configure physical layer settings trunk is a simple notation of slot sub slot port for convenience 7 clock_source internal line Configures the clock source line Specifies that the clock facility on this port derives clocking from the external source to which the port is connected generally the CO internal Optional Specifies that the clock is generated...

Page 536: ...roup is a logical voice port configurable in digital voice port consisting of one or more DS0 channels Logical voice port is used with the same meaning of DS0 group is a logical unit that can exist in multiple units in digital voice port of E1 T1 unit each logical voice port is able to work with its own property In summary logical voice port is a multi phased abstract unit having both signaling an...

Page 537: ...rred to DS0 This created DS0 group can set up specific properties via voice port command Here is the visualized depiction of DS0 groups on a digital trunk Figure 31 5 DS0 groups on a digital voice port IP Voice Port PSTN Signaling Properties PSTN PCM Voice Properties Voice Packet Properties PSTN iBG3026 iBG3026 Network module slot 1 VWIC slot 0 Creates DSO group or Logical voice port 1 0 1 By grou...

Page 538: ...ifferent time slots Defining additional DS0 groups also creates individual DS0 voice ports Step Command Purpose 1 configure terminal Assumes the trunk becomes normal active according to the steps above Here the description starts with configuring R2 signaling to trunk 2 module e1 trunk Enter the module configuration mode 3 cas ds0 group ds0 group no Enter the ds0 group number to create in this E1 ...

Page 539: ...gions are set by entering the cas custom channel command followed by the country name command Configuring R2 Signaling Step Command Purpose 1 configure terminal Enter the global configuration mode 2 voice port slot sub slot port ds0 group no Enter the module configuration mode 3 Shutdown Shuts down the voice port for further configuration 4 timeslots timeslot list timeslots Specifies the single ti...

Page 540: ... 09 r2 mfc up up idle idle y 0 1 0 10 10 r2 mfc up up idle idle y Trunk Status Monitoring The next sub chapter addresses digital trunk status and information configured in the trunk In detail we will check out the following subject check out if configured digital trunk works normally check out if logical voice ports configured in digital trunk are normally configured check out if the configuration...

Page 541: ...band Overwrite CIRCUIT ID Not Configured CONTACT INFO Not Configured DESCRIPTION Not Configured LINK NAME Not Configured Line Status RLOS OFF RAIS OFF RLOF OFF RRAI OFF TAIS OFF TRAI OFF TPtrn OFF Loop OFF Timeslot Map 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 ____________________________________________________________________ ___ 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0...

Page 542: ...0 10 06 r2 mfc up up idle idle y 0 1 0 10 07 r2 mfc up up idle idle y 0 1 0 10 08 r2 mfc up up idle idle y 0 1 0 10 09 r2 mfc up up idle idle y 0 1 0 10 10 r2 mfc up up idle idle y PORT presents the logical voice ports created in analog voice port and digital voice port by using geographical location presentation method Form of slot sub slot port analog voice card such as analog FXS analog FXO ana...

Page 543: ...n analog voice port or DS0 channel handles a call At this time call state is indicated differently according to signaling method in each SIG Type analog of voice port or DS0 channel idle ringing off hook out_of_svc busy seized answered etc EC indicates working of echo cancellation function set up in analog voice port or DS0 Logical Voice Port In Detail displays the concrete setup values of the par...

Page 544: ...ease guard time is set to 2000 CAS custom seize ack time is set to 100 CAS custom ANI timeout is set to 0 CAS custom answer guard time is set to 0 CAS custom DNIS digit complete is set to 0 CAS custom DNIS min digits is set to 0 CAS custom DNIS max digits is set to 0 CAS custom metering is set to 0 Timeout initial is set to 10 Timeout interdigit is set to 5 Timeout ringing is set to 180 Timeout wa...

Page 545: ...for T1 or from 0 to 30 for E1 in a specific trunk 4 exit Exit the module configuration mode 5 show voice port summary Displays all the voice port configured in the system Checks out whether the ds0 group just created exists or not Delete Trunk Voice Port deletes DS0 group created in a specific digital trunk The following describes the process to delete DS0 group Step Command Purpose 1 configure te...

Page 546: ...cifies companding standard used Even though the set up values are different each other a conversion is made by internal TDM switch 5 description optional a representative ID set up in this voice port names text string 6 exit Exit the voice port configuration mode 7 show voice port slot sub slot port ds0 group no checks out if the values set up in the voice port are set up normally Configure Advanc...

Page 547: ...Enter the global configuration mode 2 voice port slot sub slot port ds0 group no Enter the module configuration mode 3 echo cancel enable Enables the echo cancellation on this voice port Echo cancellation works on the echo cancellation coverage which is configured by user or as default 4 echo cancel coverage 8 16 128 Choose the echo tail length echo cancel coverage to which echo cancellor is commi...

Page 548: ...tion mode 3 digital gain input vauel Sets the PCM to encoder input gain in decibels ranging from 13 9 to 6 0 The changes take effect at the next trial of voice connection 4 digital gain output value Sets the decoder to PCM output gain in decibels ranging from 13 9 to 6 0 The changes take effect at the next trial of voice connection 5 Exit Exit the voice port configuration mode 6 show voice port sl...

Page 549: ... is made playout delay is kept on basis of this setup value In the mode above in case that it is set as fixed jitter buffer is kept with setup value of normal 5 playout delay maximum value In case that jitter buffer size is set up in a adaptive mode set up a maximum size whose jitter buffer can be extended dynamically this allows for the delay to the limit established where instant delay may incre...

Page 550: ...essary for customizing the set up values Step Command Purpose 1 configure terminal Enter the global configuration mode 2 voice port slot sub slot port ds0 group no Enter the module configuration mode 3 cas custom Enter cas custom configuration mode Customizes E1 R2 signaling parameters for the particular ds0 group on a channelized E1 line 4 country name use defaults selects a country to initialize...

Page 551: ...eeded to be collected before it requests ANI 8 default Sets a command to its default setting 9 dnis digits Specifies the expected number of DNIS digits 10 invert abcd Specifies the inversion of the ABCD bits before tx and after rx 11 ka Specifies the KA signal code ranging from 1 to 15 12 kd Specifies the KD signal code ranging from 1 to 15 13 metering Specifies sending a metering pulse when the g...

Page 552: ...f digits to collect before it requests ANI or CallerID information The receiver side sets up the number of DNIS digits to receive ANI digits After reception of the digits as many as the number set up and requests ANI 4 Category The category type of incoming call 5 DNIS digits Expected number of DNIS digits The calling side sets up maximum and minimum number of ANI digits that the receiver wants to...

Page 553: ...On T1 trunks using a CAS protocol the signaling information for each channel is transmitted using a method called robbed bit signaling The information for each channel consists of a set of bits called the ABCD bits Whenever a channel s state changes the ABCD bit pattern for that channel changes to convey the signaling bits Signaling information is carried on a T1 trunk by two signaling bits an A b...

Page 554: ...nd pulsing digits on a rotary phone or using tone signalling which is passed through on the voice circuits themselves The biggest disadvantage of CAS signaling is that the network uses bits from information IP packets such as voice packets to perform signaling functions CAS signaling is often referred to as robbed bit signaling Digital T1 trunk to be used in connection of most switch to switch is ...

Page 555: ... FXO and FXS should be directly connected between switches When FXS connects to FXO signaling should be matched using either ground start or loop start signaling FXO provides better disconnect supervision than FXS In this case disconnect supervision means the function to notice the fact that other party hung up call Ground start provides this function but connection should be formed after understa...

Page 556: ...module Create ds0 groups to manage the DS0 channels on the T1 trunk cas ds0 group Configure ds0 group with sub commands such as timeslots and signal cas Customize CAS signaling properties with define and condition command Configure T1 Trunk This section describes the procedure to configure physical layer of T1 trunk Configuring T1 Trunk Settings To make a T1 connection with neighboring equipment i...

Page 557: ...ctive in the system So if you use this command it helps you to recognize the carrier types of the trunks installed in the system 3 configure terminal Enter the global configuration mode to advance the T1 setting 4 system carrier type slot t1 Input the slot which is qualified to be T1 trunk card And if the previous carrier type of the slot is configured T1 rebooting is not required Otherwise the sy...

Page 558: ...s a simple notation of slot sub slot port for convenience Create DS0 Groups on a Digital T1 Trunk This procedure is much like the same as the configuration of E1 trunk Step Command Purpose 1 configure terminal Assumes the trunk becomes normal active according to the steps above Here the description starts with configuring CAS signaling to trunk 2 module t1 trunk Enter the module configuration mode...

Page 559: ...iguration carrier type and status of trunk in operation can be checked v239 show module configuration t1 0 1 0 T1 0 1 0 is ENABLED Alarm Hierarchy TRUE Yellow Alarm DISABLE Framing ESF LineCode B8ZS ClockSource INT LineMode CSU LBO 0 db FDL ANSI Unit Protocol enabled ATT Unit Protocol disabled CsuDsuType CSU Loopback Framing In band Overwrite CIRCUIT ID Not Configured CONTACT INFO Not Configured D...

Page 560: ... N A 0 1 0 esf b8zs int csu 0db up N A Logical Voice Port Summary Using show voice port summary check the status of logical voice port DS0 Groups created in digital trunk It displays all the voice ports created in the system including DS0 group Logical Voice Port In Detail Using show voice port port check the detailed setup value of parameters used in the particular voice port ...

Page 561: ...3 cas ds0 group ds0 group no ds0 group no Identifies the unique DS0 group number from 0 to 23 for T1 or from 0 to 30 for E1 in a specific trunk 4 exit Exit the module configuration mode 5 show voice port summary Displays all the voice port configured in the system Checks out whether the ds0 group just created exists or not Delete Trunk Voice Port It is a function to delete DS0 group created in a s...

Page 562: ...ation function to support more detailed setup or additional setup Step Command Purpose 1 configure terminal Enter the global configuration mode 2 voice port slot sub slot port ds0 group no Enter the module configuration mode 3 locale locale Selects a two letter country name define in the voice port mode It decides call progress tone parameters and other locale specific parameters 4 compand type u ...

Page 563: ...rts use the following commands as necessary in voice port configuration mode Step Command Purpose 1 voice port slot sub slot port ds0 group no To set up the attribute values of created ds0 group starts with voice port configuration mode if ds0 group was created normally there is no error in this CLI command 2 shutdown Shuts down the voice port to manipulate timeslots and signal cas command 3 condi...

Page 564: ...ize Indicates that the pattern represents line seizure idle Indicates that the pattern represents an idle condition 0000 1111 Represents the bit pattern to use 5 ignore rx a bit rx b bit rx c bit rx d bit Configures the voice port to ignore the specified receive bit for North American E M if patterns different from the defaults are required 6 no shutdown Activate the voice port at the final step o...

Page 565: ... string2 and for generating the sequence of ANI by rotating through the range until string2 is reached and then starting from string1 again If strings are less than four digits in length then entire strings are used 4 calling number outbound sequence string1 string2 string3 string4 string5 Specifies ANI to be sent out when the T1 CAS fgd eana command is configured as signaling type This option con...

Page 566: ...ation A valid entry is an integer from 0 to 120 The default is 10 5 timeouts interdigit seconds Configures the number of seconds that the system waits after the caller has input the initial digit or a subsequent digit of the dialed string If the timeout ends before the destination is identified a tone sounds and the call ends This value is important when using variable length dial peer destination...

Page 567: ...ault is 2000 4 timing delay start milliseconds E M only Specifies minimum delay time in milliseconds from outgoing seizure to outdial address Valid entries are from 20 to 2000 The default is 300 5 timing dialout delay milliseconds Specifies dialout delay in milliseconds for the sending digit or cut through on an FXO trunk or an E M immediate trunk Valid entries are from 100 to 5000 The default is ...

Page 568: ...t because they were outside the country but because they didn t belong to the Phone Company A FXS FX Subscriber interface will be connected to a matching FXO FX Office interface at the far end Note that audio paths such as the CO sends Dial Tone path are not usually considered part of the FX signaling They are included to make the examples easier to understand Figure 31 9 T1 CAS FXS FXO signaling ...

Page 569: ...re is a 4 second period when the phone is not physically ringing So how do you know whether a PBX is trying to answer an inbound call or if it is trying to initiate a new call Ground Start eliminates this problem by adding an additional state Tip Closed which tells the FXO circuit that there is an inbound call in progress even during the quiet ringing cycle For outbound calls the PBX or FXO interf...

Page 570: ...red 0 1 1 1 Configure T1 CAS FXO signaling Step Command Purpose 1 configure terminal Enter the global configuration mode 2 module t1 slot sub slot port Enter the module configuration mode 3 cas ds0 group ds0 group no Enter the ds0 group number to create in this E1 trunk 4 Exit Exit module configuration mode 5 voice port slot sub slot port ds0 group no To set up the attribute values of created ds0 ...

Page 571: ...lows 2 3 5 1 7 9 1 12 8 signal cas fxo loop start or signal cas fxo ground start Choose FXO signaling method 9 no shutdown Activate the voice port at the final step of configuration 10 exit T1 CAS FXS Features Digital Loop Start signaling In case of Loop start signaling it works according to the following state table Incoming Call Sent Received State a f b f a b b b Idle 0 1 0 1 Seizured 0 1 0 0 R...

Page 572: ...ed 1 1 0 1 Configure T1 CAS FXS signaling Step Command Purpose 1 configure terminal Enter the global configuration mode 2 module t1 slot sub slot port Enter the module configuration mode 3 cas ds0 group ds0 group no Enter the ds0 group number to create in this E1 trunk 4 exit Exits the module configuration mode 5 voice port slot sub slot port ds0 group no To set up the attribute values of created ...

Page 573: ...d start Choose FXS signaling method 9 no shutdown Activate the voice port at the final step of configuration 10 exit T1 CAS E M Features For digital T1 Channel Associated Signaling CAS trunks running ear and mouth E M signaling there are generally only two states that a voice channel can be in When there is no call on a channel it is in the Idle or On Hook state When there is an active call on a c...

Page 574: ... 31 11 Immediate start method signaling sequence Originating Destination M wire E wire M wire E wire 1111 1111 0000 1111 seizure digits digits Start dial answer Min 120 msec Max 6 sec Min 70 msec Max 10 sec Duration 200 msec Min 200 msec Originating Destination M wire E wire M wire E wire 1111 1111 seizure digits digits answer Min 120 msec Max 10 sec Min 200 msec ...

Page 575: ...s0 group no To set up the attribute values of created ds0 group starts with voice port configuration mode if ds0 group was created normally there is no error in this CLI command 6 shutdown Shuts down the voice port to manipulate timeslots and signal cas command 7 timeslots timeslot list timeslots Specifies the single time slot number single range of numbers or multiple ranges of numbers separated ...

Page 576: ...e final step of configuration 10 exit T1 CAS R1 Features T1 CAS R1 is a type of Channel Associated Signaling CAS used widely in places other than North America Line Signaling Is in compliance with ITU T Q 311 Q 314 Q 315 Recommendation Transmitted state Signal Signal direction Transmitted duration Originating end Terminating end Idle continuous 0 0 Connect seizing continuous 1 0 Delay dialing cont...

Page 577: ...ter the global configuration mode 2 module t1 slot sub slot port Enter the module configuration mode 3 cas ds0 group ds0 group no Enter the ds0 group number to create in this E1 trunk 4 exit Exits the module configuration mode 5 voice port slot sub slot port ds0 group no To set up the attribute values of created ds0 group enter voice port configuration mode if ds0 group was created normally there ...

Page 578: ...ose 8 signal cas r1 itu or signal cas r1 modifited Choose T1 R1 signaling method r1 itu R1 signaling compliant with ITU T recommendation r1 modified R1 signaling variants 9 no shutdown Activate the voice port at the final step of configuration 10 exit Exit the voice port configuration mode ...

Page 579: ...phone transmission of high capacity file and videoconference at high speed This section briefly introduces ISDN service Services BRI Service BRI Basic Rate Interface service possesses two B channels and one D channel which is composed of Two B channels and One D channel 2B D BRI B channel service is operated with 64 Kbps and this means User data BRI D channel service is operated with 16 Kbps trans...

Page 580: ...physical layer specification is ITU T I 431 ISDN Call Flow Two Layer 3 specifications are used for ISDN signaling ITU T formerly CCITT I 450 also known as ITU T Q 930 and ITU T I 451 also known as ITU T Q 931 Together these protocols support user to user circuit switched and packet switched connections A variety of call establishment call termination information and miscellaneous messages are spec...

Page 581: ...CE Called DTE Called router Pick up Ring back indication Stop ring back indication Information Information Hang up Set up Set up ACK Information Call Proceeding Alerting Alerting Connect Connect ACK Flow Flow Disconnect Release Release complete Release complete Release Disconnect Information Information Connect Set up Ringing Pick up Flow Flow ...

Page 582: ...DN devices might be attached ask for point to multipoint service and a voice and data line Configuration Steps Create interface bundle to manage the bundle channels on the BRI bundle Configure ISDN switch type Configure Voice type Activate the ISDN Delete the ISDN Optional Configuration ISDN Create interface bundle To create the interface bundle use the following command Step Command Purpose 1 con...

Page 583: ...ISDN 5 Switch type switch type Sets the pertinent switch type with the content like the below table 36 1 timeslots BRI is just 1 or 2 but ignored value Table 32 1 switch type parameter description BRI Switch Type Keywords Description Basic ni National ISDN Basic Rate Switch Type only user side Basic dms NT DMS 100 Basic Reate Switch Type Basic 5ess AT T Basic Rate Switch Type default Basic ntt NTT...

Page 584: ...owing table 6 Incoming voice Sets up for voice 7 spid1 spid number Optional TE Only Spefies a service profile identifier for B1 channel Currently only the DMS 100 and NI switch types require SPIDs 8 spid2 spid number Optional TE only Specifies a SPID for B2 channel 9 sending alerting Optional Specify if Alerting message to be sent out before Connect message 10 overlap receiving Optional Specify if...

Page 585: ... set up bundle 2 Interface bundle bundle name Sets up bundle name 3 Link bri 0 0 0 1 Sets up the pertinent physical link 4 isdn Sets up ISDN 5 Switch type switch type Sets up the pertinent switch type with the content like the following table 6 Incoming voice Sets up for voice 7 activate Activates ISDN 8 exit 9 Voice port 0 0 0 D Configure to set up voice port 10 No shutdown Turns on the port ...

Page 586: ...he number is presented When configured this information is included in the outgoing call Setup message To configure the interface to identify the billing number use the following command in interface configuration mode Step Command Purpose 1 configure terminal Configures to set up bundle 2 Interface bundle bundle name Sets up bundle name 3 Link bri 0 0 0 1 Sets up the pertinent physical link 4 isd...

Page 587: ...Complete information element in the outgoing call Setup message use the following command in interface configuration mode Step Command Purpose 1 configure terminal Configures to set up bundle 2 Interface bundle bundle name Sets up bundle name 3 Link bri 0 0 0 1 Sets up the pertinent physical link 4 isdn Sets up ISDN 5 Switch type switch type Sets up the pertinent switch type with contents like the...

Page 588: ...spid1 spid2 idle timeout 5 connect delay 15 keep alive 10000 disconnect cause 17 switch type basic dms tei mode point to multipoint Show isdn interfaces Displays the ISDN interface information v239 show isdn interfaces ISDN Information bri000 caller answer1 answer2 called number spid1 spid2 idle timeout 5 connect delay 15 keep alive 10000 disconnect cause 17 switch type basic 은 tei mode point to m...

Page 589: ...alls Show isdn bri statistics WORD Displays the ISDN BRI statistics v239 show isdn bri statistics bri000 HDLC Statistics for D Channel GT0 rx packet counter 0 GT0 rx Byte counter 0 GT0 rx chRxErr counter 0 GT0 rx crc counter 0 GT0 rx abort counter 0 GT0 rx chainedError counter 0 GT0 rx all error counter 0 GT0 tx packet counter 73347 GT0 tx Byte counter 586761 GT0 tx packet request 73347 GT0 tx pac...

Page 590: ...de USR Primary Rate interface Switch Type primary 5ess Tei value for Point to Point 0 Side USR Troubleshooting ISDN Interfaces Command Purpose Debug isdn q921 WORD Checks Layer 2 Debug isdn q931 WORD Checks Layer 3 Debug isdn q921 timers WORD Displays q921 timers v239 show isdn q921 timers bri000 ISDN Layer 2 Timer Values K 7 Outstanding I Frames N200 3 Max number of retransmission of a frame N203...

Page 591: ...conds T308 4 Seconds T310 40 Seconds T313 4 Seconds T316 120 Seconds T319 4 Seconds T322 4 Seconds Debug isdn q931Statistics WORD Displays q931 statistics v239 show isdn q931Statistics bri000 ISDN Global Configuration Setup Tx 0 Setup Ack Tx 0 Alert Tx 0 Call P Tx 0 Conn Tx 0 Con Ack Tx 0 Prog Tx 0 Disc Tx 0 Rel Tx 0 Rel Cmp Tx 0 Stat Tx 0 Stat Enq Tx 0 Info Tx 0 Stat Enq Tx 0 Stat Enq Tx 0 Setup ...

Page 592: ... q921Statistics WORD Displays q921 statistics v239 show isdn q921Statistics bri000 Setup Tx 0 Setup Ack Tx 0 Alert Tx 0 Call P Tx 0 Conn Tx 0 Con Ack Tx 0 Prog Tx 0 Disc Tx 0 Rel Tx 0 Rel Cmp Tx 0 Stat Tx 0 Stat Enq Tx 0 Info Tx 0 Stat Enq Tx 0 Stat Enq Tx 0 Setup Rx 0 Setup AckRx 0 Alert Rx 0 Call P Rx 0 Conn Rx 0 Con Ack Rx 0 Prog Rx 0 Disc Rx 0 Rel Rx 0 Rel Cmp Rx 0 Stat Rx 0 Stat Enq Rx 0 Info...

Page 593: ... to which other ISDN devices might be attached ask for point to multipoint serice and a voice and data line Configuration Steps Create interface bundle to manage the bundle channels on the PRI bundle Configure ISDN switch type Configure Voice type Activate the ISDN Delete the ISDN Optional Configuration ISDN Create interface bundle To create interface bundle for th PRI Step Command Purpose 1 confi...

Page 594: ...e 32 2 switch type parameter description PRI Switch Type Keywords Description Primary 4ess AT T Primary Rate Switch Type Primary 5ess AT T Primary Rate Switch Type default Primary dms250 DMS250 Primary Rate Switch Type Primary dms100 DMS100 Primary Rate Switch Type Primary ntt NTT Primary Rate Switch Type Primary qsig Q Signaling Primary Rate Switch Type only user slave side Primary ni2 National I...

Page 595: ...e Actviate the ISDN To activate the ISDN use the following command Step Command Purpose 1 configure terminal Configures to set up bundle 2 Interface bundle bundle name Sets up bundle name 3 Link pri_t1 pri_e1 0 0 0 1 Sets up the pertinent physical link 4 isdn Sets up ISDN 5 Switch type switch type Sets up the pertinent switch type with the content like the following table 6 Incoming voice Sets up ...

Page 596: ... on calls in which the number is presented When configured the calling number information is included in the outgoing Setup message To configure the interface to identify the billing number use the following command in interface configuration mode Step Command Purpose 1 configure terminal Configures to set up bundle 2 Interface bundle bundle name Sets up bundle name 3 Link pri_t1 pri_e1 0 0 0 1 Se...

Page 597: ...ration mode Step Command Purpose 1 configure terminal Configures to set up bundle 2 Interface bundle bundle name Sets up bundle name 3 Link pri_t1 pri_e1 0 0 0 1 Sets up the pertinent physical link 4 isdn Sets up ISDN 5 Switch type switch type Sets up the pertinent switch type with the content like the following table 6 Incoming voice Sets up for voice 7 Sendling complete Includes the Sending Comp...

Page 598: ...bundle not yet encaped ISDN Information Switch Type primary ccitt caller called number sub address Show isdn interfaces Displays the ISDN interface information v239 show isdn interfaces ISDN Information bri000 caller answer1 answer2 called number spid1 spid2 idle timeout 5 connect delay 15 keep alive 10000 disconnect cause 17 switch type basic 은 tei mode point to multipoint Press any key to contin...

Page 599: ...bri statistics pri000 HDLC Statistics for D Channel GT0 rx packet counter 0 GT0 rx Byte counter 0 GT0 rx chRxErr counter 0 GT0 rx crc counter 0 GT0 rx abort counter 0 GT0 rx chainedError counter 0 GT0 rx all error counter 0 GT0 tx packet counter 73347 GT0 tx Byte counter 586761 GT0 tx packet request 73347 GT0 tx packet request error 0 GT0 tx packet release 73347 GT0 tx packet stop release 0 GT0 tx...

Page 600: ...g isdn q921 WORD Checks Layer 2 Debug isdn q931 WORD Checks Layer 3 Debug isdn q921 timers WORD Displays q921 timers v239 show isdn q921 timers pri000 ISDN Layer 2 Timer Values K 7 Outstanding I Frames N200 3 Max number of retransmission of a frame N203 260 Max number of TEI notification retransmits T200 2 Seconds T203 10 Seconds Debug isdn q931 timers WORD Displays q931 timers v239 show isdn q931...

Page 601: ...tatistics WORD Displays q931 statistics v239 show isdn q931Statistics pri000 ISDN Global Configuration Setup Tx 0 Setup Ack Tx 0 Alert Tx 0 Call P Tx 0 Conn Tx 0 Con Ack Tx 0 Prog Tx 0 Disc Tx 0 Rel Tx 0 Rel Cmp Tx 0 Stat Tx 0 Stat Enq Tx 0 Info Tx 0 Stat Enq Tx 0 Stat Enq Tx 0 Setup Rx 0 Setup AckRx 0 Alert Rx 0 Call P Rx 0 Conn Rx 0 Con Ack Rx 0 Prog Rx 0 Disc Rx 0 Rel Rx 0 Rel Cmp Rx 0 Stat Rx ...

Page 602: ...s pri000 Setup Tx 0 Setup Ack Tx 0 Alert Tx 0 Call P Tx 0 Conn Tx 0 Con Ack Tx 0 Prog Tx 0 Disc Tx 0 Rel Tx 0 Rel Cmp Tx 0 Stat Tx 0 Stat Enq Tx 0 Info Tx 0 Stat Enq Tx 0 Stat Enq Tx 0 Setup Rx 0 Setup AckRx 0 Alert Rx 0 Call P Rx 0 Conn Rx 0 Con Ack Rx 0 Prog Rx 0 Disc Rx 0 Rel Rx 0 Rel Cmp Rx 0 Stat Rx 0 Stat Enq Rx 0 Info Rx 0 Stat Enq Rx 0 Stat Enq Rx 0 ...

Page 603: ... used for defining characters to apply to each call leg in connecting call and identifying origination or termination of call Call leg is the logical connection between two Ubigate iBG3026s or Ubigate iBG3026 and telephony device One voice call is made up of four call legs Like the figure 33 1 it is made up of two call legs from originating Ubigate iBG3026 point of view and it is composed of twl c...

Page 604: ...t network It is IP address of Destination Ubigate iBG3026 To connect voice call through packet network both POTS and VoIP dial peer are necessary Inbound and Outbound Dial Peers Dial peer is used in both inbound and outbound call leg The meaning of Inbound and outbound is defined from Ubigate iBG3026 aspect When call enters Ubigate iBG3026 inbound call leg occurs Outbound call leg occurs when call...

Page 605: ...e pieces of information in call setup message VoIP incoming call uses IP address and five pieces of configuration information on dial peer Three call setup elements are as follows Called number or dialed number identification service DNIS is a series of digit string which is derived from the ISDN setup message or CASDNIS representing destination Calling number or dialed number identification servi...

Page 606: ...l peer matching Port displays that port makes call Session target The network address of telephony device or gatekeeper sip server Inbound Dial Peers Matching Process Ubigate iBG3026 tries matching the above information like the following order 1 In the case of POTS VoIP call called number and incoming called number 2 In the case of VoIP call calling number and answer address 3 In the case of POTS...

Page 607: ...et command to transmit call In the case of POTS incoming call Ubigate iBG3026 selects outbound dial peer based on whether it is DID of inbound POTS dial peer Both cases support longest matching DID Direct Inward Dial Case In DID call characteristic of One stage dialing set up message includes all digits necessary to route call Ubigate iBG3026 does not collect additional digits Ubigate iBG3026 trie...

Page 608: ...al peers necessary to complete a voice call Figure 33 4 Matching Call Legs to Dial Peers The following example shows the example of call made possible from number 0315854000 to 0234381000 Figure 33 5 shows inbound POTS dial peer are outbound VoIP dial peer set in originating Ubigate iBG3026 POTS dial peer displays the origination of call after being matched to either calling number or port informa...

Page 609: ...f desitination parttern is replaced as wild card This means call with ITU T Recommendation P digit number starting with 023438 in Ubigate iBG3026 A is made possible with Ubigate iBG3026 B iBG3026 B IP Network iBG3026 A Source Destination 10 1 1 1 10 1 1 2 1 0 0 1 0 0 0315854000 0234381000 dial peer voice pots 1 destination pattern 31585 port 1 0 0 dial peer voice pots 2 destination pattern 23438 s...

Page 610: ... is not necessarily to configure VoIP dial peer This case is similar to hairpinning which is the status of being detoured to PSTN after call bound to packet network becomes the impossible condition in terms of packet network Figure 33 7 Communication Between Dial Peers Sharing the Same Ubigate iBG3026 Configuring POTS Dial Peers To configure POTS dial peer the following should be done Assign dial ...

Page 611: ...bal configuration mode 2 dial peer voice pots num Example sbm configure dial peer voice pots 10 Enters dial peer configuration mode and defines a local dial peer that connects to a POTS interface The number argument is one or more digits identifying the dial peer Valid entries are from 1 to 10000 3 destination pattern string T Matches dialed digits to a telephony device The string argument is a se...

Page 612: ...ng Dial Plan Options for POTS Dial Peers When dial plan is configured the different option value should be possessed depending on how dial plan is confugred To configure optional feature about POTS dial peer see the following command Command Purpose incoming called number Example sbm configure pots num incoming called number 3438 Optional Selects the inbound dial peer based on the called number di...

Page 613: ...des a prefix that the system adds automatically to the front of the dial string before passing it to the telephony interface Valid entries for the string argument are 0 through 9 Configuring VoIP Dial Peers VoIP dial peer makes possible call with the particular Ubigate iBG3026 telephony device To set VoIP dial peer the followings should be done Assign dial peer with the tag number only Define term...

Page 614: ...here in the pattern The period acts as a wildcard character 3 Example sbm configure pots num destination pattern 0234389 When the timer T character is included at the end of the destination pattern the router collects dialed digits until the interdigit timer expires 5 seconds by default or until you dial the termination character the default is The timer character must be a capital T 4 session tar...

Page 615: ...Designating this list with either dial peer or system codec list is possible The method to make codec list is as follows Setp Command Purpose 1 voice class codec num Example sbm configure voice class codec 1 Creates a voice class for a codec preference list The range for the tag number is from 1 through 10000 The number must be unique on the router 2 codec preference prefer num g711alaw g711ulaw g...

Page 616: ...nact Example sbm configure voice class sip num offer call hold conn addr optional Specifies the call hold request value rel1xx supported require system disable Example sbm configure voice class sip num rel1xx supported optional Specifies the rel1xx value uri sip sips Example sbm configure voice class sip num uri sip optional Specifies the uri value url system sip tel Example sbm configure voice cl...

Page 617: ...formation on configuring h323 info see the 3 2 8 Configuring Dial Plan Options for VoIP Dial Peers When configuring dial plan different options can be designated depending on which dial plan is possessed To configure optional dial plan feature use the following command in dial peer configuration mode Command Purpose incoming called number string Example sbm configure voip num incoming called numbe...

Page 618: ...the highest possible transmission speed supported by the voice rate playout delay mode adaptive fixed value system Example sbm configure voip num playout delay mode adaptive Optional Specifies the type of jitter buffer playout delay to use playout delay maximum minimum nominal 20 200 Example sbm configure voip num playout delay maximum 190 Optional Specifies the amount of time that a packet is hel...

Page 619: ...service RDNIS if available Configuring Dial Peer Matching Features Destination Pattern Destination pattern forms link with dialed string and the particular telephony device It is configured in dial peer by using destination pattern command If dialed string matchs with destination pattern POTS dial peer is routed to voice port and VoIP dial peer is routed to session target Against Outbound VoIP dia...

Page 620: ...eding digit occurred zero or one time Indicate a range A range is a sequence of characters enclosed in the brackets only numeric characters from 0 to 9 are allowed in the range Indicate a pattern and are the same as the regular expression rule The only wild card symbol usable in both answer address and incoming called number is period Session Target Session target is the network address of remote ...

Page 621: ...r can not be configured in voip peer Voip peer could be used in not only dial peer but also gatekeep sip server call server mwi server or registrat server Following is the example of configuration voip peer voippeer1 sip ip address ipv4 10 254 139 56 Incoming Called Number Answer Address for VoIP Incoming called number command is the top priority attempting inbound dial peer matching by comparing ...

Page 622: ...6 transmits dial tone to caller and collects additionally numbers to find outbound dial peer This procedure is called two stage dialing After selecting Outbound dial peer it transmits call to the set destination in dial peer DID immediately enables outbound call by matching called number in dial peer If DID is set it does not send dial tone to caller or collect additionally digit It immediately se...

Page 623: ...rms of dial peer which possesses preference in hunt group Low preference number gets higher priority When the same preference number in hunt group occurs it is selected randomly In the case of the above example dial peer 1 has priority over 2 3 and 4 in sequence Basically the sequence to hunt within the hunt group is as follows 1 Longest match in phone number Destination pattern matches the longes...

Page 624: ...ongest match in phone number explicit preference random selection 1 longest match in phone number explicit preference least recent use 2 explicit preference longest match in phone number random selection 3 explicit preference longest match in phone number least recent use 4 Least recent use longest match in phone number explicit preference 5 Least recent use explicit preference longest match in ph...

Page 625: ...Plan Mode Dial plan mode is a mode that set global configuration for dial plan The Following are commands of dial plan mode Command Purpose cp tone Example sbm configure dial plan cp tone kr The cp tone command is to set the voice interface of tone ring busy cadence for a specific country fxs pattern tag full fxs pattern ext leng ext pattern Example sbm configure dial plan fxs pattern 1 802343849 ...

Page 626: ... end of destination of outbound voice network dial peer and wait for inputting additional digit after receiving the Ubigate iBG3026 fixed length of dial string Timeout letter is T in capital letter The following dial peer configuration is the example of configuring T indicator to enable variable length dial string dial peer voice voip 1 destination pattern 3456T session target ip address ipv4 10 1...

Page 627: ...ther telephony devices Digit Strip and Prefixes When the Ubigate iBG3026 of the receiver side matches with dial string as outbound POTS dial peer Ubigate iBG3026 basically takes out digit matching specifically with destination pattern The remaining digit is transmitted to either PBX or PSTN But other circumstances have dial plan applicable with the original digit that the partial digit has not bee...

Page 628: ...nfiguration should be done like the following dial peer voice pots 20 destination pattern 82023438 prefix 1 port 0 1 1 2 Forward Digits forward digits command regulates the number of digit stripped before dialed string transmitted to the other telephony device Generally outbound POTS dial peers strips the entire digit matchable specifically with destination pattern and transmits only the matchable...

Page 629: ...r should dial to remote location Application is made for called number of the entire incoming call Number expansion is similar to prefix command except that it is applied to the entire dial peer and the status before matching with destination pattern The figure 33 9 shows the network of the small company which desires to use VoIP for integrating the telephone network in the current ip network Dest...

Page 630: ...xpanded number argument means telephone number that full telephone number or extension number is likely to be expanded Digit Translation Rule Digit translation rule is used for changing digit of calling number or called number and numbering type numbering plan For example when the users call dialed with the only five extension digit to other employees using other sites in company changing to the t...

Page 631: ...tion rule sets can be designated against called number and calling number Access Group Designating translation profile rule set to apply translation to Incoming VoIP call is possible Dial peer Voice port Voip incoming Configuring Translation Rule Set By using voice translation rule global command creating rule set is possible Using rule match replace voice translation rule command it is possible t...

Page 632: ... uses the similar letter like Regular Expression Syntax The example is like the following Table 33 3 Table 33 3 Characters of Translation Rule Character Description Match the expression at thestart of a line Match the expression at the end of the line Delimiter that marks the start and end of both the matching and replacement strings Escape the special meaning of the next character I ndicates a ra...

Page 633: ...rof1 Configuring translation profile Creating translation profile is possible by designating the single profile name 2 translate called calling rule set id Example sbm translation profile prof1 translate called 1 Configuring Translation Rule Set in Profile Designates rule set id against called and calling number Applying Translation in Dial Peer Command Purpose translation profile incoming outgoin...

Page 634: ...esignates call block translation profile against incoming call Applying Translation in Voice Port Command Purpose translation profile incoming outgoing trans prof name Example sbm voice port 0 1 0 translation profile incoming prof1 Applying Translation Profile in Voice Port translate called number calling number rule set id Example sbm voice port 0 1 0 translate called number 1 Applying Translatio...

Page 635: ...tion profile incoming prof1 Applying Translation Profile in Access Group Applying Translation in VoIP Incoming Calls Command Purpose translation profile trans prof name Example sbm voip incoming translation profile prof1 Applying Translation Profile in VoIP incoming calls translation rule called calling rule set id Example sbm voip incoming translation rule called 1 Applying Translation Rule in Vo...

Page 636: ...See the below table when it comes to the method to set access group and access list Configuration Steps configure terminal voice access group access list access list permit access list deny optional description optional disconnect cause optional translation profile optional exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 v...

Page 637: ... input For example if permit ip member is designated with 10 10 10 255 it is possible to designate 10 10 10 10 as deny ip member 6 description string Example sbm access group name description description for access group Inputs description on optional Access group Uses Quotation mark 7 disconnect cause invalid number unassigned number user busy call rejected Example sbm access group name disconnec...

Page 638: ...nk group command users can limit the number of call made possible with the pertinent trunk group in terms of in and out By using Block trunk group command call to the pertinent trunk group is possible to prevent Multiple Trunk Group Designating trunk group as target up to 12 in POTS dial peer is possible Dial peer decreases the number of dial peer desired to configure by having more than a single ...

Page 639: ...d for selecting voice port or channel Trunk group having various members uses hunt scheme to find idle channel for routing outgoing call Hunt scheme provided in Ubigate iBG3026 is random round robin sequential Assume the three trunk groups A has the preference value which is the smallest Let s assume that C has the biggest value and B has the larger value than A Optional parameters can modify the ...

Page 640: ...es not have any available both numbered channel the search tries to find an channel in the next highest trunk group member which is C If successful that channel is used for the call routing A new idle channel request would start with A Sequential Regardless of the previously selected channel it is similar to the round robin method except the fact it finds the empty channel from the beginning part ...

Page 641: ...then call is made to the termination telephone or PBX Figure 33 10 Example of PLAR configuration How to Configure PLAR Configuration Steps configure terminal voice port connection plar exit Internet Backbone iBG3026 A iBG3026 B FXS FXO PABX Voice port PLAR SIP Direct Call Setup Dial peer voice voip 1 destination pattern yyy dtmf relay sip notify codec g729a session target ip address ipv4 iBG3026 2...

Page 642: ...nters global configuration mode 2 voice port slot subslot port Example configure voice port 0 0 0 Enters voice port configuration mode 3 connection plar digit string Example configure voice port slot subslot port connection plar 01034381234 Enters connection mode for voice port 4 exit Example configure voice port slot subslot port exit Exits the current mode ...

Page 643: ...nd to a dial peer Figure 33 11 Example of PLAR OPX configuration Internet Backbone iBG3026 A iBG3026 B FXS FXO PABX Voice port PLAR SIP Direct Call Setup Dial peer voice voip 1 destination pattern yyy dtmf relay sip notify codec g729a session target ip address ipv4 iBG3026 2 Dial peer voice pots 2 destination pattern xxx port slot subslot port Voice port slot subslot port timing hookflash out 500 ...

Page 644: ...port slot subslot port Example configure voice port 0 0 0 Enters voice port configuration mode 3 connection plar opx digit string Example configure voice port slot subslot port connection plar opx 01034381234 Enters connection mode for voice port 4 exit Example configure voice port slot subslot port exit Exits the current mode PLAR and PLAR OPX are able to configure in SCM interworking mode When P...

Page 645: ... the list configured of COR names Allocate the list as a outgoing cor list of outgoing dial peer The names are the values of any string so a user can define it easily Next stage defines how many call admission groups are needed Each group defines COR list Designate COR list to a dial peer and it that means defining the number of calls which an incoming dial peer can make Number Description dial pe...

Page 646: ...nfiguration Steps configure terminal dial peer cor custom name exit dial peer cor list member exit dial peer voice pots voip corlist incoming outgoing exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 dial peer cor custom Example sbm configure dial peer cor custom Enters COR configuration mode 3 name cor name Example sbm con...

Page 647: ...ame should be the cor name created in step 2 7 exit Example sbm configure list list name exit Exits COR list configuration mode 8 dial peer voice pots voip num Example Sbm configure dial peer voice pots voip 10 Creates dial peer 9 corlist incoming cor list name Example Sbm configure pots num corlist incoming corlist1 When the appropriate dial peer is used as incoming set up a cor list 10 corlist o...

Page 648: ...ame corname3 COR list list1 member corname1 member corname2 COR list list2 member corname2 member corname3 To check COR list which dial peer is set use show dial peer voice command VoiceEncapPeer1 Dial Peer Common Info id 1 type pots description admin state up operation state up destination pattern 1001 answer address preference 0 numbering type none incoming called number connections maximum 0 un...

Page 649: ... under a VoIP environment the following methods are supported pass through High bandwidth codec T 38 The method using Pass through High bandwidth codec transmits fax through the use of voice stream of G 711 alaw or G 711 ulaw and the method using T 38 exchanges the T 38 Internet Fax Protocol IFP packets to transmit the real time Group 3 fax documents which is the ITU T recommendation Regardless of...

Page 650: ...ing High bandwidth codec G 711 alaw or G 711 ulaw and the setting in VoIP dial peer configuration mode has a priority over the setting in voice service configuration mode 1 fax protocol pass through command in VoIP dial peer configuration mode Configuration Steps configure terminal dial peer voice voip fax protocol pass through exit Detailed Steps Step Command Purpose 1 configure terminal Example ...

Page 651: ... voice service voip fax protocol pass through exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voice service voip Example configure voice service voip Enters voice service configuration mode 3 fax protocol pass through Example configure voice service voip fax protocol pass through g711alaw specifies a high bandwidth codec f...

Page 652: ...ps configure terminal dial peer voice voip fax protocol t38 fax rate fax error correction mode exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 dial peer voice voip Example configure dial peer voice voip 1000 Enters VoIP dial peer configuration mode 3 fax protocol t38 Example configure dial peer voice voip 1000 fax protocol...

Page 653: ...iguration mode Configuration Steps configure terminal voice service voip fax protocol t38 fax rate fax error correction mode exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voice service voip Example configure voice service voip Enters voice service configuration mode 3 fax protocol t38 Example configure voice service voip...

Page 654: ...or the methods of using services not mentioned in this document see the Call Manager Operation Manual Table 34 1 Supplementary services for Call Manager Interworking mode Service Description CLID Calling Line Identification CLID function displays a calling party s phone number on a terminal of a called party Call Forward All It is the function to forward automatically all the calls incoming to a s...

Page 655: ...ng number followed by direct call pickup feature code Call Pickup Universal It is the function that another subscriber can answer the phone when a call is terminated to an extension subscriber and rings It is the function that when a call is terminated to a subscriber of a group picks up the call by dialing the number of the group followed by group call pickup feature code Call Restriction by User...

Page 656: ... NoAnswer This is the function that transfers the incoming call to voice mail device so an extension subscriber can leave a voice message in the voice message box when the subscriber cannot answer the phone Call forward to VMS busy transfers the incoming call to voice mail device so an extension subscriber can leave a voice message in the voice message box when the appropriate subscriber does not ...

Page 657: ...ty is being absent Conference calls ad hoc conference Ad hoc Conferencing is the function that calls other subscribers when one subscriber is talking to another subscriber and has conversation with many subscribers at the same time using conference bridge Making other subscribers participate in the conversation while talking on the phone is available only for the promoter The call is terminated wh...

Page 658: ...fers a Caller Id to a FXS phone in FXS voice port How to Configure Voice Port for CLID To enable the Caller Id function at FXS voice port follow the below procedures Configuration Steps configure terminal voice port caller id enable exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voice port slot subslot port Example config...

Page 659: ...ate in a conference call This feature code is valid only in a Call Manager Interworking mode 2 drop last joined party It is a feature code do terminate the call with the last joined subscriber during a conference call When A B C D are participating in a conference call for example and D is the last joined subscriber if A does hook flash and dial the drop last joined party feature code D is exclude...

Page 660: ...rovides some supplementary services provided by Call Manager control in Call Manager interworking mode The services provided in survivable telephony mode are like Table 34 2 below Table 34 2 Supplementary services for Survivable telephony mode Service Description CLID Calling Line Identification CLID function displays a calling party s phone number on a terminal of a called party Call Forward All ...

Page 661: ...y dialing the number of the group Call Waiting and Retrieve Call waiting lets users receive a second incoming call on the same line without disconnecting the first call When the second call arrives the user receives a brief call waiting indicator tone If a subscriber responds to the second call by pressing Hook flash the first call is held Call Transfer Blind Call Transfer holds a call in conversa...

Page 662: ... phone in FXS voice port How to Configure Voice Port for CLID To enable the Caller Id function in FXS voice port follow the below procedures Configuration Steps configure terminal voice port caller id enable exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voice port slot subslot port Example configure voice port 0 1 2 Ente...

Page 663: ...n a call is terminated to an extension subscriber and rings Call Pickup direct is the function that picks up the call by directly dialing the ringing number Call Pickup Universal It is the function that another subscriber can answer the phone when a call is terminated to an extension subscriber and rings It is the function that when a call is terminated to a subscriber of a group picks up the call...

Page 664: ...rding as the terminating call of a subscriber is on net or off net Configuring Services To provide supplementary services for FXS phone configure service by service in FXS voice port How to Configure Voice Port for CLID To enable the Caller Id function in FXS voice port follow the below procedures Configuration Steps configure terminal voice port caller id enable exit Detailed Steps Step Command P...

Page 665: ...iled Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voice port slot subslot port Example configure voice port 0 1 2 Enters Voice Port configuration mode 3 no caller id block Example configure voice port 0 1 2 caller id block Block or re enable the caller id of the calls made from this port 4 Exit Example configure voice port 0 1 2 exit...

Page 666: ...p group exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 dial peer voice pots tag Example configure dial peer voice pots 11 Enters POTS Dial peer configuration mode 3 no call pickup group group number Example configure dial peer voice pots 11 call pickup group 8400 Specifies call pickup group number for Call Pickup service ...

Page 667: ...Example configure terminal Enters global configuration mode 2 dial peer voice pots tag Example configure dial peer voice pots 11 Enters POTS Dial peer configuration mode 3 no call waiting Example configure dial peer voice pots 11 call waiting Enables or Disables Call waiting and retrieve service 4 Exit Example configure dial peer voice pots 11 exit Exits the current mode How to Configure Call Tran...

Page 668: ...minal Example configure terminal Enters global configuration mode 2 voice port slot subslot port Example configure voice port 0 1 2 Enters Voice Port configuration mode 3 ring cadence on net ring type Example configure voice port 0 1 2 ring cadence on net bellcore01 Specifies On Net Ring type for the voice port 3 ring cadence off net ring type Example configure voice port 0 1 2 ring cadence off ne...

Page 669: ...ng to the maximum number of calls allowed on a system wide basis and a dial peer basis For example Local CAC provides a function to cut off calls when there are more than 10 calls in excess of the bandwidth allocated in the network interface since it is set to have less than 10 calls in a WAN network interface Max call for system Max call for system is the function to set max limitation calls in t...

Page 670: ...tion procedure Configuration Steps configure terminal call admission max call exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 6 Call admission max call Example configure call admission max call Configure max call 7 Exit Example configure exit Exits the current mode call admission max calls 2000 In Call Manager interworking m...

Page 671: ...f heavy traffic Figure 35 1 DS0 Limitation Max call per dial peer Provides a way to limit the number of max connection of Dial peer A user is able to set this using max conn command in dial peer configuration mode This is a way to control connection number available at the same time in Dial peer for Outbound in order that current connection may not exceed the connection number set This tool is eas...

Page 672: ...way egress WAN link it provides little or no protection for links in the network backbone It does not work for IP telephony applications that do not use dial peers It is limited to simple topologies It does not react to link failures or changing network conditions Figure 35 2 max call per dialpeer In Call Manager interworking mode the mechanism of Max call per dial peer is not used PBX iBG3026 A i...

Page 673: ...726 24 kbps 40 kbps G 726 32 kbps 48 kbps G 728 32 kbps G 729 all versions 24 kbps In Call Manager interworking mode mechanism of Voice Bandwidth is not used Local voice busyout Local voice busyout monitors the status of Ethernet WAN etc and set a certain port or Digital trunk timeslot to busyout An operator is also able to set voice port DS0 group voice port BRI port and Digital trunk timeslots t...

Page 674: ...cted the call and hairpinned it CCS trunk types manage this hairpinning problem because cause code information can be returned to the PBX that triggers rerouting logic However on CAS trunks the PBX does not know what went wrong and unless digits are manipulated in the gateway the PBX cannot easily make a decision to reroute the call over a different trunk group LVBO provides the outgoing gateway w...

Page 675: ...provides the method used in busyout monitoring Gateway monitoring works upon down To configure a voice port to enter the busyout state if connectivity to the gatekeeper is lost use the busyout monitor gatekeeper command in voice port configuration mode To disable use the no form of this command busyout monitor gatekeeper no busyout monitor gatekeeper SIP server monitoring This can check out the st...

Page 676: ...to service its state changes to up If the keyword is not entered the voice port is busied out when all monitored interfaces go out of service their state changes to down WAN link monitoring Wan link monitoring detects the links of interfaces configured as WAN and provides busyout monitoring that used WAN link in order to set up release busyout according to down up of WAN link and supports to set u...

Page 677: ...ing SIP OPTIONS message for the system designated to IP address busyout monitor ip address ip address no busyout monitor ip address ip address Class monitoring To make busyout monitoring of busyout class of a voice port use busyout monitor class command in voice port configuration mode To remove busyout monitoring of busyout class use no command Refer voice class busyout section for more inforatmi...

Page 678: ... from the busyout state use the no form of this command ds0 busyout ds0 time slot no ds0 busyout ds0 time slot ds0 time slot DS0 time slots to be forced into the busyout state Range is from 1 to 24 and can include any combination of time slots voice class busyout This sets up resources information to be monitored using busyout in which items are collected voice class busyout tag no voice class bus...

Page 679: ... bundle interface to busyout monitoring class busyout monitor sip server add sip server or call server status to busyout monitoring class busyout monitor gatekeeper add gatekeeper status to busyout monitoring class busyout monitor ip address add SIP UA by ip address status to busyout monitoring class To check set up and status information on voice class busyout a user is able to use show voice bus...

Page 680: ... is less than the low value To monitor utilization which is the global resource of Ubigate iBG3026 gateway A user can set it up using call admission threshold global command that is the global CAC configuration and release it using no command A user is able to call admission control monitor utilization by using cpu 5sec cpu avg trigger of call admission threshold global call admission threshold gl...

Page 681: ...global CAC configuration and release it using no command A user is able to call admission control monitor utilization by using total mem trigger of call admission threshold global Call admission threshold global trigger name low value high value busyout treatment no call admission threshold global trigger name low 0 high 0 show call admission threshold config Trigger name is the value of total mem...

Page 682: ... admission threshold alarm max dsp min value maj value no call admission threshold alarm max dsp min value Is DSP utilization that Minor Alarm would RAISE CLEAR a user can designate from 1 TO 100 The initial value is 70 maj value Is DSP utilization that Major Alarm would RAISE CLEAR a user can designate from 1 to 100 The initial value is 80 Call admission Spike This is the function that cuts calls...

Page 683: ...d windows exist as many as steps Figure 35 3 Call admission spike window size Call admission Treatment enable treatment Use the call admission treatment on command in a global configuration mode to enable the call treatment and use the no call admission treatment on command to disable it call admission treatment on no call admission treatment on treatment action When the call treatment is enabled ...

Page 684: ...tion and use no command to release it call admission treatment causecode busy no resource no call admission treatment causecode busy no resource isdn reject code When the call treatment is enabled the call treatment is reject and the Inbound signal upon rejection is ISDN use the call admission treatment isdn reject command in a global configuration mode to select the error code to be used for reje...

Page 685: ... about RAISE CLEAR of alarm using show system logging buffered Table 36 1 Alarm List Alarm Name Level Description MaximumCallLimitMaj Major Exceeding a threshold of the system maximum call limit Major thresholds MaximumCallLimitMin Minor Exceeding a threshold of the system maximum call limit Minor thresholds DSPChannelLimitMaj Major Exceeding a threshold of the DSP channel capacity limit Major thr...

Page 686: ...max call min value Is the percentage of current call count against max call count that minor alarm would be created maj value Is the percentage of current call count against max call count that major alarm would be created Set up max call used as the basis using call admission max calls command in global configuration command mode A user is able to check current value set with show running config ...

Page 687: ...y whether ports are connected or not in analog channels of FXS card using loop start Falut The fault which might be occurred related to Voice Feature of Ubigate iBG3026 is a fault related to DSP and Voice Task When a fault is occurred a user has to restore it by resetting the system Table 36 2 Falut List Fault Name Description DSP init fail Fail to Initialize DSP resource Voice task fail Voice tas...

Page 688: ... statistics Dial peer statistics Call statistics It displays the statistics of both POTS and VoIP call Call Statistics Command Table 36 3 Call Statistics command Command Explanation show statistics call pots call voip call checks statistics of whole call POTS call and VoIP call clear statistics all call initializes statistics of whole call call Call Statistics Item Table 36 4 Call Statistics Item ...

Page 689: ...l Outbound Abnormal Terminated Calls Num Call Outgoing abnormal terminated calls number of incoming answered calls terminated with any cause code other than normal Inbound Abandon Calls Num POTS VoIP Call Incoming abandon call number of incoming not answerd calls with normal cause Outbound Abandon Calls Num POTS VoIP Call Outgoing abandon call number of outgoing not answerd calls with normal cause...

Page 690: ...g request Req Info Num Number of information messages the gateway has received inbound and how many have been transmitted outbound Req Invite Num Number of Initiates a call Req Notify Num Number of Notify requests Req Options Num Number of Request an Options Req Prack Num Number of a PRACK request Req Register Num Number of Register requests Req Subscriber Num Number of Subscribe requests Req Refe...

Page 691: ... the message is queued Session Progress Num 183 Indicates in band alerting Accepted Num 202 A successful response to a Refer request received Multiple Choices Num 300 The address resolved several choices UA can select preferred communication Moved Permanently Num 301 User is no longer available at this location Moved Temporarily Num 302 User is temporarily unavailable Use Proxy Num 305 Caller must...

Page 692: ... Extension Num 420 Server could not understand the protocol extension in the Require header Extension Required Num 421 The UAS needs a particular extension to process the request but this extension is not listed in a Supported header field in the request Session Interval Too Small Num 422 The request contains a Session Expires header field with a duration below the minimum timer for server Interva...

Page 693: ... processing the request Not Implemented Num 501 Service or option not implemented in the server or gateway Bad Gateway Num 502 Network is out of order Service Unavailable Num 503 Server is temporarily unable to process the request due to a temporary overloading or maintenace of ther server Server Timeout Num 504 Server could not produce a response before the Expires time out Version Not Supported ...

Page 694: ...ted Setup Acknowledge Number of SetupAcknowledge messages the gateway has received and transmitted Call Proceeding Number of CallProceeding messages the gateway has received and transmitted Progress Number of Progress messages the gateway has received and transmitted Alerting Number of Alerting messages the gateway has received and transmitted Connect Number of Connect messages the gateway has rec...

Page 695: ...equest Number of RRQ messages the gateway has received and transmitted RegistrationConfirm Number of RCF messages the gateway has received and transmitted RegistrationReject Number of RRJ messages the gateway has received and transmitted UnregistrationRequest Number of URQ messages the gateway has received and transmitted UnregistrationConfirm Number of UCF messages the gateway has received and tr...

Page 696: ... transmitted InfoRequestResponse Number of IRR messages the gateway has received and transmitted NonStandardMessage Number of Non Standard message the gateway has received and transmitted UnknownMessageResponse Number of XRS messages the gateway has received and transmitted RequestInProgress Number of RIP messages the gateway has received and transmitted ResourceAvailableIndicate Number of RAI mes...

Page 697: ...way has received and transmitted TerminalCapabilitySetRelease Number of TerminalCapabilitySetRelease messages the gateway has received and transmitted OpenLogicalChannel Number of OpenLogicalChannel messages the gateway has received and transmitted OpenLogicalChannelAck Number of OpenLogicalChannelAck messages the gateway has received and transmitted OpenLogicalChannelReject Number of OpenLogicalC...

Page 698: ...sages the gateway has received and transmitted EndSessionCommand Number of EndSessionCommand messages the gateway has received and transmitted UserInputIndication Number of UserInputIndication messages the gateway has received and transmitted Unknown Number of unknown messages the gateway has received and transmitted Debug Management This section describes commands that show Debug related to voice...

Page 699: ...rs of in out all that set up Incoming Outgoing and deb0 deb1 info all that set up levels Table 36 12 Voice Protocol Module Debug Command Purpose Debug vpm asi Analog Sub Interface debug Debug vpm ati Analog Trunk Interface debug Debug vpm dti Digital Trunk Interface debug Debug vpm ssi Signal Interface H323 debug mode This is the function that shows a debug message of H323 and shows the contents o...

Page 700: ... Control related command Debug sip log SIP calling or called number log related command Debug sip dump trace SIP msg Voice debug mode It is a debug command related to other voice a user is able to set up the levels deb0 deb1 info all of the displayed message Especially debug voice off command is to off all the debugs related to voice Table 36 15 Voice Debug Command Purpose Debug voice base BASE LI...

Page 701: ...on to manage CDR and CDR attribute Configuration Restrictions for CDR Management Works only when an Authentication Authorization and Accounting AAA RADIUS server is enabled for VoIP calls Supports VSAparsing only on those universal gateways that are configured for AAA How to Configure RADIUS server Set up AAA configuration first and then set up gw accounting Configuration Steps configure terminal ...

Page 702: ... 10 254 167 244 configure aaa radius shared testing123 Configure RADIUS 5 voip gateway Example configure voip gateway Enter voip gateway configuration mode 6 gw accounting Example configure voip gateway ga accounting Configure gw accounting enable 7 Exit Example configure voip gateway exit Exits the current mode CDR Attributes The CDR in the Ubigate iBG3026 system transmits accounting request pack...

Page 703: ...from the phone number the call comes in on It is only used in Access Request packets Calling Station ID Attribute type 31 Length 3 This Attribute allows the NAS to send in the Access Request packet the phone number that the call came from using Automatic Number Identification ANI or similar technology It is only used in Access Request packets Account Satus type Attribute type 40 Length 6 This attr...

Page 704: ...est packets for that session vendor specific attribute Vendor specific attributes used in the Ubigate iBG3026 system are arranged in the following table and the values of VSA attribute field are as followings Type field 26 Length field 7 byte vendor string field has to be more than 1byte Vendor ID field 70 String Field is configured as below vendor type the VSA number that Samsung has designated v...

Page 705: ...ime format is YYYYmmddHHMMSS For example at 08 09 10 on the 2nd of January in 2000 input 20000102080910 Connect time VSA No 16 Length 40 Calling setup time and time format is YYYYmmddHHMMSS For example at 08 09 10 on the 2nd of January in 2000 input 20000102080910 Disconnect time VSA No 17 Length 40 Calling disconnect time and time format is YYYYmmddHHMMSS For example at 08 09 10 on the 2nd of Jan...

Page 706: ...CHAPTER 36 Management 664 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 707: ...vable Telephony This section describes how to set up Call Forwarding Feature in Survivable Telephony mode Generally Call Forwarding in Survivable Telephony mode progresses according to the situation of Call Manager interworking That is it operates as a subscriber set up in Call Manager interworking mode Besides in case a subscriber does not set up Ubigate iBG3026 it generally provides a method to ...

Page 708: ...onfigure voip fallback call forward busy 4400 Specifies Call forward Number for Call Forward Busy in Survivable Telephony mode 4 Exit Example configure voip fallback exit Exits the current mode How to Configure Call Forward NoAnswer Configure Call Forward NoAnswer function for Survivable Telephony mode as following procedures Summary Steps configure terminal voip fallback call forward noan exit De...

Page 709: ...exit Exits the current mode Configuring System Message for Survivable Telephony When Ubigate iBG3026 is converting between Call Manager interworking mode and Survivable Telephony mode to inform that mode is converting it sends designated messages through MESSAGE method with SIP phone This section describes how to send the messages How to Configure System Message for Survivable Telephony mode When ...

Page 710: ...sage context to inform mode transition from scm interworking to survivable telephony 4 Exit Example configure voip fallback exit Exits the current mode How to Configure System Message for Call Manager interworking mode When Survivable Telephony mode is converted to Call Manager interworking mode it sets up the message that would be sent to SIP phone as following procedures The basic message is Nor...

Page 711: ...al peer This function provides flexibility in planning network and enables a user to block some calls It is possible to apply call restriction according to the class of a caller Incoming dial peer COR list is prior to COR list of outgoing dial peer In case that there is no COR list in incoming dial peer a call is processed regardless of outgoing COR list or in regard of In case that both COR lists...

Page 712: ...es a COR on dial peers associated with directory numbers 4 Exit Example configure voip fallback exit Exits the current mode Configuring Translation for Survivable Telephony Digit translation is also applicable in Survivable telephony mode This is a mechanism that handles numbers automatically modifying or adding area code or prefix of calling and called number It is applicable not only to translat...

Page 713: ...d enters voice translatioon rule configuration mode 3 rule match replace num match pattern replace pattern match type type replace type type match plan plan replace plan plan Example configure voice translation rule rule set id rule match replace num match pattern replace pattern Defines a translation rule 4 Exit Example configure voice translation rule rule set id exit Exits the current mode How ...

Page 714: ...onfigure voice translation profile prof name translate called 11 Associates a voice translation rule with a voice translation profile 4 Exit Example configure voice translation rule rule set id exit Exits the current mode How to Configure Translation Rule in Fallback Mode Summary Steps configure terminal voip fallback translate called called ruleset id exit Detailed Steps Step Command Purpose 1 co...

Page 715: ...allback Mode Summary Steps configure terminal voip fallback translation profile incoming outgoing prof name exit Detailed Steps Step Command Purpose 1 configure terminal Example configure terminal Enters global configuration mode 2 voip fallback Example configure voip fallback Enters VOIP Fallback configuration mode 3 translation profile incoming outgoing prof name Example configure voip fallback ...

Page 716: ...CHAPTER 37 Survivable Telephony 674 SAMSUNG Electronics Co Ltd This page is intentionally left blank ...

Page 717: ... reserved Information in this manual is proprietary to SAMSUNG Electronics Co Ltd No information contained here may be copied translated transcribed or duplicated by any form without the prior written consent of SAMSUNG Information in this manual is subject to change without notice ...

Page 718: ...EQBD 000026 Ed 00 ...

Reviews:

No comments

Related manuals for Ubigate iBG3026

Brand: H3C Pages: 4

Brand: Icom Pages: 2

Brand: Icom Pages: 326

Brand: Yacht Devices Pages: 32

Brand: AudioCodes Pages: 32

Brand: AudioCodes Pages: 70

NDP-ENG ETHERNET NEXSYS GATEWAY

Brand: Crest Audio Pages: 2

Flamco Flamconnect GW-10

Brand: Aalberts Pages: 2

Catalyst 8200 Series

Brand: Cisco Pages: 8

WIP310 - iPhone Wireless VoIP Phone

Brand: Cisco Pages: 8

WIP310 - iPhone Wireless VoIP Phone

Brand: Cisco Pages: 276

Brand: Technicolor - Thomson Pages: 21

Brand: Zoom Pages: 48

Brand: Zoom Pages: 72

Brand: VBOX Pages: 8

Brand: 2Wire Pages: 4

Brand: ActionTec Pages: 127

Brand: SmartRG Pages: 8

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands