manualshive.com logo in svg

Citrix ByteMobile T1010, Установка, настройка и администрирование

Поделиться
Скачать
Citrix ByteMobile T1010 Скачать руководство пользователя страница 101

T-Series Traffic Director Installation, Configuration and Administration Guide

3-27

Configuring Security

Creating a Net Profile

A NetScaler net profile (or network profile) contains an IP address or an IP set. It can be 
bound to load balancing or content switching virtual servers, services, service groups, or 
monitors. During communication with physical servers or peers, the NetScaler appliance 
uses the addresses specified in the profile as the source IP address.

For NAT purposes, a network profile may be used to specify the set of 172.16.113.(1-16) 
public IP addresses that will be used in place of the private addresses. 

add ns ip 172.16.113.[2-16] 255.255.255.0 -vserver DISABLED -ssh DISABLED -gui

 

DISABLED

Done

add ipset egress-vlan251

Done

bind ipset egress-vlan251 172.16.113.[1-16]

Done

add netprofile netpf-vlan251 -srcIP egress-vlan251

Done

Binding Net Profile to Existing Egress-Side Service

Once a net profile with the appropriate public IP addresses to use has been created, it should 
be associated with the corresponding router object: 

set service server1service -netprofile netpf-vlan251 -usip OFF

Done

This command implicitly enables SNAT for all outgoing OSN traffic towards the internet. 

Creating Bypass Ingress-Side Vserver

SNAT is typically required for outgoing traffic regardless of whether it hits the OSN or not. 
The latter is a common occurrence in Unison clusters that optimize only HTTP, POP3, 
IMAP, and SMTP traffic. However, it can be a rather uncommon occurrence in Unison 
clusters that optimize all data traffic, with OSNs being bypassed in case of maintenance 
windows and/or mass failure events. 

For this reason, SNAT requires the creation of a bypass ingress-side vserver. This vserver is 
of a lower priority than the normal ingress side vserver and only facilitates traffic SNAT. 

add lb vserver Ingress_bypass ANY * * -persistenceType SOURCEIP -lbMethod 

ROUNDROBIN -timeout 30 -Listenpolicy "CLIENT.VLAN.ID.EQ(151)" -Listenpriority 11 

-m MAC -cltTimeout 120 -l2Conn ON

Done

bind lb vserver Ingress_bypass server1service

Done

Configuring Security

The management IP is accessible from all interfaces. This may expose the T1000 
management shell and GUI to 3rd parties beyond the operations and management personnel. 

Содержание ByteMobile T1010

Страница 1: ...Document Part Number 707 00045 00 Printed June 18 2013 SAFETY NOTICE The product described in this document has safety considerations Before installing or maintaining this product please read the ins...

Страница 2: ...mer The information in this document is subject to change without notice and should not be construed as a commitment by Citrix Systems Inc Citrix assumes no responsibility for any errors that may appe...

Страница 3: ...nforma es de Seguran a L s sikkerhedsforskrifterne f r du installerer dette produkt Lees voordat u dit product installeert eerst de veiligheidsvoorschriften Ennen kuin asennat t m n tuotteen lue turva...

Страница 4: ...ion and danger statements in this documentation before you perform the procedures Read any additional safety information that comes with your system or optional device before you install the device St...

Страница 5: ...ot stare into the beam do not view directly with optical instruments and avoid direct exposure to the beam To Connect To Disconnect 1 Turn OFF all power sources and equipment to be attached to this pr...

Страница 6: ...aution The following label indicates a hot surface nearby Statement 13 Danger Overloading a branch circuit is potentially a fire hazard and a shock hazard under certain conditions To avoid these hazar...

Страница 7: ...he DC source and the point of connection of the earthing electrode conductor Statement 31 Danger Electrical current from power telephone and communication cables is hazardous To avoid a shock hazard D...

Страница 8: ...uct For AC systems remove all power cords from the shelf power receptacles or interrupt power at the ac power distribution unit For DC system systems disconnect DC power sources at the breaker panel o...

Страница 9: ...ed a safe level 60 V direct current Incorporate a readily available approved and rated disconnect device in the field wiring See the specifications in the product documentation for the required circui...

Страница 10: ...x T Series Traffic Director Installation Configuration and Administration Guide...

Страница 11: ...ents xvii Revision History xvii Document Conventions xviii Notices and Statements in this Document xix Documentation Feedback xix Technical Assistance xix Chapter 1 Introduction Traffic Director Archi...

Страница 12: ...11 Configuring T1000 Load Balancing 3 17 Configuring Health Checks and Redundancy 3 22 Configuring Source NAT SNAT 3 26 Configuring Security 3 27 Testing with Network Diagnostic and Shell Tools 3 29 C...

Страница 13: ...ent Parts Replaceable Components List B 1 Replacing an AC Power Supply B 2 Replacing a DC Power Supply B 4 Appendix C Legal Notices Legal Notice C 1 Trademarks C 2 Third Party Disclosures C 2 Importan...

Страница 14: ...Contents xiv T Series Traffic Director Installation Configuration and Administration Guide...

Страница 15: ...rovide advanced routing capabilities and load balancing for the Bytemobile T3100 Adaptive Traffic Manager Note This manual uses the generic term T1000 to refer to all hardware models of the T1000 Traf...

Страница 16: ...Chapter 2 Installing the T1000 Complete hardware installation procedures Also includes racking instructions and management plane configuration Chapter 3 Basic T1000 Unison Load Balancing Configuration...

Страница 17: ...nison OSN Disk Partitioning Spreadsheet Unison OSN Hardware Sizing Calculator Citrix NetScaler Documents The T1000 uses a common technology platform developed for the Citrix NetScaler appliance Certai...

Страница 18: ...1200 in Chapter 2 Installing the T1000 The T1200 ships with 4 cords and not 2 as previously indicated Procedures previously available only to support personnel such as Upgrading the T1000 Operating Sy...

Страница 19: ...can be potentially lethal or extremely hazardous to you A danger statement is placed just before the description of a potentially lethal or extremely hazardous procedure step or situation Documentatio...

Страница 20: ...omers with maintenance contracts in place Education Services at training bytemobile com offer a curriculum of technical training courses Delivery methods include Classroom Training Virtual Classroom T...

Страница 21: ...eries of hardware platforms that includes the T1010 T1100 and T1200 with a capacity range from 2 Gbps up to 100 Gbps and configurations that include up to 24 high speed optical ports To address growth...

Страница 22: ...arrier s network with subscriber traffic being processed only by the OSNs CSMs are responsible for management and control plane traffic Each OSN has two interfaces on the data plane for redundancy Sub...

Страница 23: ...loyment with Unison will be limited by the maximum capacity of a single application blade OSN which ranges from 400 Mbps when used to perform lossy media optimization up to 1 Gbps if only lossless med...

Страница 24: ...ditional ports See T1000 Hardware Specifications and Options on page 1 6 for the available port configurations Product Capabilities The T1000 combines a rich feature set with industrial strength relia...

Страница 25: ...ications running on other platforms for value added services and security IPv4 v6 networking The T1000 allows integration of Bytemobile platforms with IPv6 networks It supports an IPv4 v6 dual stack a...

Страница 26: ...l Intel X5680 Dual Intel X5680 Memory 32 GB 48 GB 96 GB Data Plane Ports 10GBASE X SFP none 8 or 16 24 Data Plane Ports 1000BASE X SFP 6 none 12 Data Plane Ports 1GB RJ 45 6 none none Management Plane...

Страница 27: ...nt Switching Policies URL URL Query URL Wildcard Domain Source Destination IP HTTP Header Custom HTTP and TCP Payload Values UDP Application Security DoS attack defense Continue service to legitimate...

Страница 28: ...lizer Secure web based GUI CLI Telnet SSH Console Real time performance dashboard Network Integration Layer 2 Routing Static routes monitored static routes weighted static routes OSPF RIP1 2 BGP VLAN...

Страница 29: ...3 T1010 Front Panel Figure 1 4 T1010 Rear Panel Each T1010 has front panel and back panel hardware components The front panel has an LCD display with keypad a lights out management port LOM RS 232 co...

Страница 30: ...s and a second higher capacity model with sixteen SFP ports Figure 1 5 T1100 Front Panel 8 Port and 16 Port Configurations Figure 1 6 T1100 Rear Panel Each T1100 has front panel and back panel hardwar...

Страница 31: ...24 10G SFP data plane ports The back panel provides access to the power supplies fans hard disk drives and a USB port Common Hardware Features LCD Display The LCD display on the front of every T1000 d...

Страница 32: ...g They show configuration information alerts HTTP information network traffic information CPU load information and port information for your T1000 Booting Screen The booting screen is displayed immedi...

Страница 33: ...isplayed in HH MM format The second line displays the IP address of the T1000 as shown in the following figure Figure 1 12 LCD Configuration Screen Alert Screen An unknown alert is displayed different...

Страница 34: ...second as shown in the following figure Figure 1 16 LCD Network Traffic Statistics Screen CPU Load Memory and Connections Screen The first line displays CPU utilization and memory utilization as perc...

Страница 35: ...ode and flow control OFF A rate of 100 megabits per second full duplex mode and flow control OFF A rate of 1 gigabit per second full duplex mode and flow control OFF A rate of 10 gigabits per second f...

Страница 36: ...et ports 1 gigabit SFP ports or 10 gigabit SFP ports RS232 Serial Port The RS232 serial console port on the front panel of the T1000 provides a connection between the T1000 and a computer allowing dir...

Страница 37: ...ing the use of either fiber or copper cables Refer to the Product Specifications and the NetScaler documentation for a build specific list of supported transceivers and cable types 10 Gbps SFP Ports T...

Страница 38: ...dicators Port Type LED Location LED Function LED Color LED Indicates SFP 1 Gbps and SFP 10 Gbps Left Link Activity Off No link Solid green Link is established but no traffic is passing through the por...

Страница 39: ...the hardware specifications Note If you suspect that a power supply fan is not working please see the description of your platform On some platforms what appears to be the fan does not turn and the ac...

Страница 40: ...k drive contains logs and other data files such as user data On certain systems a 128 GB solid state drive replaces the HDD Both types of drive have the same functionality and support the same softwar...

Страница 41: ...necting and Disconnecting AC Power Connecting and Disconnecting DC Power Accessing and Configuring the Management Plane Accessing and Configuring the LOM Port Note The T1000 is a series of hardware pl...

Страница 42: ...Precautions Basic electrical safety precautions should be followed to protect yourself from harm and the T1000 from damage Be aware of the location of the emergency power off EPO switch so that if an...

Страница 43: ...performing any hardware repairs or upgrades until the danger of lightning has passed When you dispose of an old T1000 or any components follow any local and national laws on disposal of electronic wa...

Страница 44: ...te Requirements System Reliability Guidelines Power Requirements Site Requirements Caution TO BE INSTALLED ONLY IN RESTRICTED ACCESS AREAS Dedicated Equipment Rooms Equipment Closets or the like in ac...

Страница 45: ...er system cooling and system reliability make sure that the following requirements are met Each of the power supply bays has a power supply installed in it There is adequate space around the T1000 to...

Страница 46: ...until you are ready to install them ESD is the release of stored static electricity that can damage electronic circuits Static electricity is often stored in your body and discharged when you come in...

Страница 47: ...careful not to pierce the cardboard Step 3 Remove the T1000 from the styrofoam packing material and plastic bag Locate the accessory package inside the container and set aside Step 4 Ensure the racki...

Страница 48: ...ing tasks to mount the T1000 Remove the inner rails from the rail assembly Attach the inner rails to the T1000 Install the rack rails on the rack Install the T1000 in the rack Before beginning the rac...

Страница 49: ...tep 3 Step 2 Install square nut retainers into the front post and back post of the rack as shown in the following figures Before inserting a screw be sure to align the square nut with the correct hole...

Страница 50: ...aded racks insert studs into hole in the rear of the rack Figure 2 3 Installing the Rail Assembly to the Rack Installing the T1000 in the Rack Step 1 Align the inner rails attached to the T1000 with t...

Страница 51: ...00 Making Data Plane Connections The T1000 has a set of of RJ45 SFP and or SFP ports that are used to connect the T1000 data plane to intermediate switches Refer to the following table and figure Port...

Страница 52: ...P RJ45 RJ45 RJ45 RJ45 RJ45 RJ45 SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP SFP 10 1 10 1 10 5 10 9 10 13 10 2 10 6 10 10 10 14 10 3...

Страница 53: ...following connections to the T1000 SFP data plane ports are supported depending on model 1 Gb Ethernet over copper cables Requires one 1 Gb SFP transceiver module per port Distances up to 100 m using...

Страница 54: ...age Do not place the device on the T1000 or on a metal surface Take additional care when you handle devices during cold weather Heating reduces indoor humidity and increases static electricity SFP com...

Страница 55: ...ceiver module is a hot pluggable unit meaning that it can be installed and removed at any time while the unit is operational The module provides two fiber optic cable connectors for connecting to exte...

Страница 56: ...2 Replace the protective caps on the ends of the fiber optic cable Step 3 Unlock the transceiver module by pulling the wire handle straight out Step 4 Grasp the wire handle and pull the transceiver mo...

Страница 57: ...ure 2 6 To remove the module and cables complete the following steps Step 1 Squeeze the release tab on the Ethernet cable and gently pull the cable from the transceiver module Step 2 Unlock the transc...

Страница 58: ...7 Management Connections Step 2 Insert the RJ 45 connector on the other end into the target device such as a router or switch Step 3 Verify that the LED glows amber when the connection is established...

Страница 59: ...anel of the T1000 as shown in Figure 2 7 Step 2 Insert the RJ 45 connector on the other end into the target device such as a router or switch Step 3 By design the LOM port does not have LEDs to verify...

Страница 60: ...The T1000 automatically shuts down if the total power consumption exceeds the total power supply output capacity Caution Statement 8 Never remove the cover on a power supply or any part that has the f...

Страница 61: ...240 volt 20 amp power distribution unit or appropriate electrical outlet Use a regulating uninterruptible power supply UPS to protect the T1000 from power surges and voltage spikes and to keep the T10...

Страница 62: ...bles from the rear of the T1000 See Figure 2 8 Connecting and Disconnecting DC Power Attention Only trained service personnel other than Bytemobile service technicians are authorized to install and re...

Страница 63: ...iring These interfaces are designed for use as intrabuilding interfaces only Type 2 or Type 4 ports as described in GR 1089 CORE Issue 5 They require isolation from the exposed OSP cabling The additio...

Страница 64: ...conditions must be met This equipment shall be connected directly to the DC supply system earthing electrode conductor or to a bonding jumper from an earthing terminal bar or bus to which the DC suppl...

Страница 65: ...ds telecommunications systems networks and modems before you open the device covers unless instructed otherwise in the installation and configuration procedures Connect and disconnect cables as descri...

Страница 66: ...estricted access location as defined by the NEC and IEC 60950 1 First Edition The Standard for Safety of Information Technology Equipment Connect the equipment to a properly grounded safety extra low...

Страница 67: ...e DC power cables The customer is responsible for ensuring that only trained service personnel install or remove the DC power cables The T1000 with DC option has three DC power terminal connectors on...

Страница 68: ...rsonnel are authorized to make the connections to and disconnections from the DC power source Bytemobile service technicians are not certified or authorized to install or remove the DC power cables Th...

Страница 69: ...at which you can access the T1000 for remote configuration After you complete the initial management plane configuration you can configure secure access to your T1000 As a result you are no longer pr...

Страница 70: ...ss the ENTER key without changing any of the digits the software interprets this as a user exit request The following message will be displayed for three seconds Exiting menu xxx xxx xxx xxx If all th...

Страница 71: ...ault IP address is 192 168 100 1 and the default netmask is 255 255 0 0 Step 2 In User Name and Password type the administrator credentials Note The T1000 default username is nsroot and the default pa...

Страница 72: ...der Options click Network and type values for the following parameters IP Address The IP address of the LOM port Subnet Mask The mask used to define the subnet of the LOM port Default Gateway The IP a...

Страница 73: ...onfiguring the LOM Port Step 1 In a Web browser type the IP address of the LOM port Step 2 In the User Name and Password boxes type the administrator credentials Step 3 In the Menu bar click Remote Co...

Страница 74: ...2 34 T Series Traffic Director Installation Configuration and Administration Guide Chapter 2 Installing the T1000...

Страница 75: ...ic Director to distribute and process subscriber traffic in a Bytemobile Unison deployment This chapter has the following sections Physical Integration of T1000 with Unison Managing Configurations Ass...

Страница 76: ...view for a list of supported platforms The T1000 Traffic Director offers flexible integration options for all supported Unison hardware Figure 3 1 shows a typical Unison deployment running on an IBM B...

Страница 77: ...rements The T1000 performs firewall load balancing FWLB to transparently load balance data plane traffic across OSNs in the direction of the Internet Traffic passes through the OSNs and transparently...

Страница 78: ...en applied to the system including pending settings that have not yet been saved to the system s ns conf file using the save config command use show ns runningConfig To display the last saved configur...

Страница 79: ...ment and control traffic will require additional interfaces The OSNs in this example are zoned meaning that two instances of OSN run on each blade Each zone has two interfaces for redundancy Ingress a...

Страница 80: ...virtual IP addresses When a failover occurs the secondary T1000 becomes primary and then uses gratuitous ARP GARP to advertise the floating IP addresses acquired from the offline T1000 Without additio...

Страница 81: ...terface 1 1 to 1 6 Ethernet and 1 7 to 1 12 1GE SFP T1010 8 Port Interface 10 1 to Interface 10 8 10GE SFP T1100 16 Port Interface 10 1 to Interface 10 16 10GE SFP T1200 Interface 1 1 to 1 12 1GE SFP...

Страница 82: ...T1000 Command Line Interface CLI on page 5 1 or Using the T1000 Graphical User Interface GUI on page 5 2 for more information Certain configurations such as management IP address can only be performed...

Страница 83: ...is 123456789ABCDEF Verifying Operating System The T1000 will be shipped with an appropriate operating system image You should verify the version prior to continuing To display OS version from the CLI...

Страница 84: ...Guide Chapter 3 Basic T1000 Unison Load Balancing Configuration To configure NTP from the CLI add ntp server 10 20 30 40 minpoll 6 maxpoll 10 Done set ntp server 10 20 30 40 preferredNtpServer YES Do...

Страница 85: ...interface on the ports connected to the Unison blade switch Optionally create a trunk interface for any other ports that required higher capacity See Configuring Trunking on page 3 14 Step 3 Add VLAN...

Страница 86: ...andwidthHigh 0 bandwidthNormal 0 Done To disable unused ports use the set interface command as follows set interface 10 7 haMonitor OFF tagall ON state DISABLED throughput 0 bandwidthHigh 0 Done Use t...

Страница 87: ...duplex AUTO fctl OFF throughput 0 8 Interface 10 6 10G Ethernet fiber SFP 1 10 Gbits 5 flags 0x4001 disabled DOWN down autoneg 802 1q tagall MTU 1514 native vlan 1 MAC 00 1b 21 cf 13 71 downtime 203h...

Страница 88: ...widthNormal 0 Done The set channel command configures the trunk port It has the following syntax set channel id state ENABLED DISABLED speed speed flowControl flowControl haMonitor ON OFF tagall ON OF...

Страница 89: ...00 requires one or more Subnet IP addresses SNIPs A Subnet IP enables the T1000 to connect to a subnet which is different than that of the NSIP address For the sample network in Figure 3 2 four 4 SNIP...

Страница 90: ...y Based Routing PBR The T1000 has a policy based routing PBR feature that is typically used to simplify routing decisions In most Unison deployments routing decisions are keyed against the incoming VL...

Страница 91: ...and Configuring Operating Modes on page 3 17 Step 2 Each OSN in the Unison cluster is considered a server from the perspective of the load balancer Add the ingress interfaces to a server configuration...

Страница 92: ...uster is considered a server from the perspective of the T1000 You must add the OSN ingress and T1000 egress interfaces as servers Use the add server command to add the OSN ingress interfaces and T100...

Страница 93: ...BLED The following example uses the sample configuration to add the appropriate services service type ANY add serviceGroup ingress_osn_service ANY maxClient 0 maxReq 0 cip DISABLED usip YES useproxypo...

Страница 94: ...xClient 0 maxReq 0 cip DISABLED usip YES useproxyport NO sp OFF cltTimeout 120 svrTimeout 120 CKA NO TCPB NO CMP NO Done Creating Virtual Servers After creating services a virtual server must be creat...

Страница 95: ...lb vserver Egress server1service Done To create virtual servers for server load balancing from the CLI For server load balancing the add lb vserver has the following syntax for adding a virtual serve...

Страница 96: ...check attempts are required before declaring a previously healthy server as inoperative One consecutive successful health check attempts are required before declaring a previously inoperative server...

Страница 97: ...ght positive_integer serviceGroupName state ENABLED DISABLED weight positive_integer metric string metricThreshold positive_integer metricWeight positive_integer For firewall load balancing use ARP to...

Страница 98: ...nd failover One T1000 is designated the primary and the other is the secondary The configuration in this section assumes the following There are two T1000 load balancers for the Unison cluster The bas...

Страница 99: ...nodes in the same subnet to configure HA INC nodes you log on to each of the two T1000 appliances and add a remote node representing the other appliance For instance if NSIP address of T1000 2 is 192...

Страница 100: ...n case of a failure to communicate with any of them a failover event will be initiated to the secondary unit Configuring Source NAT SNAT The T1000 allows for source NAT SNAT of traffic in order to cha...

Страница 101: ...the corresponding router object set service server1service netprofile netpf vlan251 usip OFF Done This command implicitly enables SNAT for all outgoing OSN traffic towards the internet Creating Bypas...

Страница 102: ...mand snippet applies to the example management IP subnet of section Setting Management IP Address on page 3 8 and the VLANs of reference deployment in Figure 3 2 add ns acl block_mgmt_ip_range_I DENY...

Страница 103: ...sages are returned it may indicate a configuration error on the T1000 interface a faulty connection between network elements or a host that is not responding for various reasons out of service misconf...

Страница 104: ...T1100 CLI Reference for information on the parameters To capture the trace for a given interface on the appliance at the command prompt type the following command nstrace filter expression The followi...

Страница 105: ...health injection so that an upstream router can choose the best among multiple routes to a topographically distributed server This ensures reliable operation in the result of a link or node failure a...

Страница 106: ...st router so that some paths are given preference OSPF supports a variable network subnet mask so that a network can be subdivided OSPF Configuration The following topics describe OSPF operations and...

Страница 107: ...o their link state database and forward the LSAs on to their respective neighbors This allows all routers participating in the OSPF process to have the same view of the network although from their own...

Страница 108: ...th vserver specific MAC and two vservers per traffic domain on ingress and egress OSPF may only be used on the ingress side On the egress side the Internet router is bound as a service to the egress v...

Страница 109: ...fig router network 172 16 114 102 0 0 0 0 area 1 config router network 172 16 134 102 0 0 0 0 area 1 config router exit Wireless Switch 2 config interface Vlan305 config if ip address 172 16 114 103 2...

Страница 110: ...rf rd 65500 100 config vrf exit config ip vrf egress config vrf rd 65500 200 config vrf exit config interface Vlan305 config if ip vrf forwarding ingress config if ip address 172 16 114 102 255 255 25...

Страница 111: ...onfig if ip vrf forwarding egress config if ip address 172 16 115 103 255 255 255 0 config if ip ospf cost 40 config interface Vlan406 config if ip vrf forwarding egress config if ip address 172 16 12...

Страница 112: ...sh ip route ospf O E2 10 100 0 0 16 110 20 via 172 16 125 101 01 11 18 Vlan406 O E2 10 200 0 0 16 110 20 via 172 16 125 101 01 11 18 Vlan406 O 172 16 124 0 24 110 41 via 172 16 125 101 01 11 18 Vlan4...

Страница 113: ...tion Using the T1000 Command Line Interface CLI You can access the CLI either locally by connecting a workstation to the console port or remotely by connecting through secure shell SSH from any workst...

Страница 114: ...install the plug in the first time you log on If automatic installation fails you can install the plug in separately before you attempt to log on to the configuration utility or Dashboard The system r...

Страница 115: ...igh availability setup make sure that you do not access the GUI by entering the IP address of the secondary T1000 If you do so and use the GUI to configure the secondary T1000 your configuration chang...

Страница 116: ...ied Step 3 Double click the plug in setup icon and follow the screen prompts to install the plug in Step 4 Return to your web browser and click the Java plug in icon a second time to display the GUI l...

Страница 117: ...he nsinstall directory mkdir x xnsinstall 6 Change to the x xnsinstall directory 7 Download the required installation package and documentation bundle such as ns x 0 xx x doc tgz to the temporary dire...

Страница 118: ...mand to create a temporary subdirectory of the nsinstall directory mkdir x xnsinstall 5 Change to the x xnsinstall directory 6 Download the required installation package and documentation bundle such...

Страница 119: ...y a T1000 on the network you must get the appliance licensed appropriately The T1000 includes a pre installed license License upgrades must be obtained from Bytemobile Licenses must be copied to the n...

Страница 120: ...eb browser type the IP address of the appliance such as http 192 168 100 1 2 In User Name and Password type the administrator credentials 3 Expand the System node 4 Select the Licenses node 5 Click Ma...

Страница 121: ...assword for the nsroot account Once you have changed the password no user can access the T1000 until you create an account for that user If you forget the administrator password after changing it from...

Страница 122: ...ring a user group you can easily grant the same access rights to everyone in the group To configure a group you create the group and bind users to the group You can bind each user account to more than...

Страница 123: ...the configuration unbind system group groupName userName userName show system group groupName Configuring Command Policies Command policies regulate which commands command groups vservers and other e...

Страница 124: ...t users the built in command policies are sufficient Binding Command Policies to Users and Groups Once you have defined your command policies you must bind them to the appropriate user accounts and gr...

Страница 125: ...cyName priority show system group groupName For example bind system group Managers policyName read_all 1 Done sh system group Managers Group name Managers User name johnd Command policy read_allPriori...

Страница 126: ...seconds Step 2 Press CTRL C The following message appears Type for a list of commands help for more detailed help ok Step 3 Enter boot s to start the T1000 in single user mode After the T1000 boots i...

Страница 127: ...Listener on page 5 15 Generating SNMPv1 and SNMPv2 Traps on page 5 16 Using SNMPv1 and SNMPv2 Queries on page 5 18 Configuring SNMP Alarms for Rate Limiting on page 5 20 Using SNMPv3 Queries on page 5...

Страница 128: ...larms that are enabled Some alarms are enabled by default but you can disable them When you enable an SNMP alarm the T1000 generates corresponding trap messages when some events occur Some T1000 alarm...

Страница 129: ...ke IP address and the destination port of the trap listener you can specify the type of trap either generic or specific and the SNMP version You can configure a maximum of 20 trap listeners for receiv...

Страница 130: ...MIB for the data requested and sends the data to the SNMP manager The following types of SNMP v1 and v2 queries are suppoted by the SNMP agent GET GET NEXT ALL GET BULK You can create strings called c...

Страница 131: ...ger show snmp manager IPAddress netmask netmask For example add snmp manager 10 102 29 10 Done show snmp manager 1 10 102 29 5 255 255 255 255 Done To add an SNMP manager Important If you specify the...

Страница 132: ...snmp community communityName For example add snmp community com all Done show snmp community com Community com Permissions ALL Done Configuring SNMP Alarms for Rate Limiting The T1000 uses a license t...

Страница 133: ...ormal Threshold Time State Severity Logging 1 PF RL RATE THRESHOLD70 50N A DISABLED ENABLED Done To modify or remove the threshold values To modify the threshold values enter the set snmp alarm PF RL...

Страница 134: ...the high threshold value Configuring an SNMP Alarm for Dropped Packets You can configure an alarm for packets dropped as a result of exceeding the throughput limit and an alarm for packets dropped as...

Страница 135: ...d for bandwidth measurement stat vlan stat interface The bandwidth can be calculated based on the Tx Rx bytes of ingress or egress VLAN Otherwise using the Tx Rx counters of interfaces that are interc...

Страница 136: ...o synchronize a T1000 s local clock with the other servers on the network If you enable path maximum transmission unit PMTU discovery the T1000 can use it to determine the maximum transmission unit of...

Страница 137: ...s of the T1000 Traffic Director including the T1010 T1100 and T1200 Specific model names are used only when necessary Environmental Specifications Topics in this section describe the environmental spe...

Страница 138: ...are suitable for connection to intra building or unexposed wiring or cabling only The power inputs of the T1000 must not be metallically connected to interfaces that connect to the outside plant OSP o...

Страница 139: ...l units BTU per hour T1010 630 BTU per hour maximum 185 watts T1100 2200 BTU per hour maximum 650 watts T1200 2000 BTU per hour typical 586 watts 2600 BYU per hour maximum 762 watts Physical Character...

Страница 140: ...Regulatory Specifications Specification Description Safety IEC 60950 1 CSA C22 2 No 69950 1 03 IEC 60950 1 2001 CB Certificate and CB Test Report Japan VCCI Mexico NOM 019 China CCC 4943 2001 Russia G...

Страница 141: ...dition are replaceable orderable by Bytemobile only Table B 2 Replacement Components Component Part Number 10GBase LR SFP Transceiver 1310nm SMF For 10Gbps Ethernet connection over single mode fiber o...

Страница 142: ...You cannot combine power supplies of different types wattages in the same unit Caution Statement 8 Never remove the cover on a power supply or any part that has the following label attached Hazardous...

Страница 143: ...ase latch to free the power supply from the bay See Figure B 1 Step 5 Pull the power supply part of the way out of the bay then release the latch and support the power supply as you pull it the rest o...

Страница 144: ...ly grounded electrical outlet Step 10 Make sure that the error LED on the power supply is not lit and that the dc power LED and ac power LED on the power supply are lit indicating that the power suppl...

Страница 145: ...pe You cannot combine power supplies of different types wattages in the same unit Caution Statement 29 This equipment is designed to permit the connection of the earthed conductor of the DC supply cir...

Страница 146: ...covers unless instructed otherwise in the installation and configuration procedures Connect and disconnect cables as described below when installing moving or opening covers on this product or attache...

Страница 147: ...a power control button Removing power supply modules or turning off the server blades does not turn off the electrical current supplied to the device The device also might have more than one power co...

Страница 148: ...ply See Figure B 3 Caution Statement 34 To reduce the risk of electric shock or energy hazards This equipment must be installed by trained service personnel in a restricted access location as defined...

Страница 149: ...e B 3 Connecting DC Power Step 9 Follow the instructions in Connecting and Disconnecting DC Power on page 2 18 to complete the DC power connection process and restore the T1000 to service Step 10 Retu...

Страница 150: ...B 10 T Series Traffic Director Installation Configuration and Administration Guide Appendix B Replacement Parts...

Страница 151: ...product program or service may be used Any functionally equivalent product program or service that does not infringe any Bytemobile intellectual property right may be used instead However it is the u...

Страница 152: ...nc and may be registered in some jurisdictions Because of the nature of this material numerous hardware and software products are mentioned in this document by name In most if not all cases these prod...

Страница 153: ...le local and national regulations Bytemobile encourages owners of information technology IT equipment to responsibly recycle their equipment when it is no longer needed Contact Bytemobile for informat...

Страница 154: ...to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not...

Страница 155: ...89 336 EEC on the approximation of the laws of the Member States relating to electromagnetic compatibility Bytemobile cannot accept responsibility for any failure to satisfy the protection requiremen...

Страница 156: ...T Series Traffic Director Installation Configuration and Administration Guide Appendix C Legal Notices Chinese Class A warning statement Japanese Voluntary Control Council for Interference VCCI statem...

Страница 157: ...radio channel bandwidth The range of a channel s limits the broader the bandwidth the faster data can be sent BMCLI Bytemobile Command Line Interface The BMCLI is an extended Command Line Interface si...

Страница 158: ...or more extension shelves that add additional application and network modules CIM Control Interface Module The CIM is used to implement the T3100 platform s service control network This external netwo...

Страница 159: ...that an external event has occurred failover The transfer of function from a failed component to an alternate one while preserving the operational state of the overall system See also switchover fault...

Страница 160: ...rmanent data about subscribers including a subscriber s service profile location information and activity status See VLR HTML Hypertext Markup Language The document format used to construct Web pages...

Страница 161: ...her 1 024 bytes or 1000 bytes depending on the context Strictly speaking a kilobyte has 1 024 bytes Often however the term is used loosely to mean 1 000 bytes LAN Local Area Network The computer netwo...

Страница 162: ...ns center that connects the landline PSTN system to the mobile phone system It is also responsible for compiling call information for billing and handing off calls from one cell to another Sometimes c...

Страница 163: ...etworks that communicate with a GPRS network IP is an example of a PDP supported by GPRS The protocol refers to a set of information such as a charging ID that describes a mobile wireless service call...

Страница 164: ...em administrators route Route refers to the action of moving a frame between two layer 2 networks LANs using layer 3 protocols such as IP A routed frame will be modified in a number of ways depending...

Страница 165: ...annel which is separate from the voice channel SMTP Simple Mail Transfer Protocol a TCP IP protocol for sending e mail messages between servers SMTP defines the message format and the message transfer...

Страница 166: ...3G wireless phone system UMTS which is part of IMT 2000 provides service in the 2GHz band and offers global roaming and personalized features Designed as an evolutionary system for GSM network operat...

Страница 167: ...ge used for writing Web pages that uses far less overhead which makes it more preferable for wireless access to the internet WAP runs over all the major wireless networks It is also device independent...

Страница 168: ...Glossary Glossary 12 T Series Traffic Director Installation Configuration and Administration Guide...

Страница 169: ...rt 3 xix D DAC 2 13 data plane 1 2 DC power connection 2 27 definition SEM D 8 dimensions A 3 direct attach cable DAC 2 13 disposal C 3 document conventions 3 xviii E electrical safety 1 iv 1 vi 1 vii...

Страница 170: ...ction 1 4 P part numbers B 1 PBR D 7 Physical Characteristics A 3 Policy Based Routing D 7 ports 1 16 power removal 1 viii Power Characteristics A 2 power requirements 2 5 power supplies 1 19 primary...

Страница 171: ...Index T Series Traffic Director Installation Configuration and Administration Guide Index 3 U unpacking 2 7 V ventilation 2 5 W wiring A 2 wrist strap 2 6...

Страница 172: ...Index Index 4 T Series Traffic Director Installation Configuration and Administration Guide...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды