Lucent Technologies Stinger IP2000 Скачать руководство пользователя страница 167 | Manualshive

Страница: 167 / 214

background image

Filter Configuration

Defining IP filters

Stinger®

IP2000 Configuration Guide

10-5

Filtering on port numbers

IP filters can specify a port number to be compared to the source or destination port
(or both) in a packet. A port number of zero matches nothing. TCP and UDP port
numbers are typically assigned to services. For a list of well-known port assignments,
see RFC 1700, Assigned Numbers.

Note

For security purposes, Lucent Technologies recommends that you filter all

services from outside your domain that are not required. UDP-based services make
your network particularly vulnerable to certain types of security attacks.

The specified comparison operator determines when a match occurs. For source port
values, filters applied to traffic destined for an external system support the

none

(no

comparison is made) or

eql

(equal to) operators.

For other traffic, the following operators can be used to compare source port or
destination port values:

■

none

(no comparison is made)

■

eql

(equal to)

■

less

(less than)

■

gtr

(greater than)

Note

The

neq

(not equal to) operator is not supported for port comparisons.

The following commands show an illegal rule that uses the unsupported

neq

operator

to forward packets with a source port not equal to 50:

admin> set input-filters 1 valid-entry = yes

admin> set input-filters 1 Type = ip-filter

admin> set input-filters 1 forward = yes

admin> set input-filters 1 ip-filter protocol = 17

admin> set input-filters 1 ip-filter Src-Port-Cmp = neq

admin> set input-filters 1 ip-filter source-port = 50

If the filter containing this unsupported rule is applied to a connection or an
interface, the system logs the following warning message when the connection or the
interface goes into the UP state.

LOG warning, Shelf 1, Controller-1, Time: 02:23:31--
IP Filters: Not equal operation not supported for source port comparison

In this case, the faulty rule specifying the

neq

operator is not applied. The other rules

of the filter are applied to the traffic stream.

The following commands show a legal workaround using the

less

and

gtr

comparison operator in two rules to accomplish the same effect as using the
unsupported

neq

operator:

admin> set input-filters 1 valid-entry = yes

admin> set input-filters 1 Type = ip-filter

admin> set input-filters 1 forward = yes

admin> set input-filters 1 ip-filter protocol = 17

admin> set input-filters 1 ip-filter Src-Port-Cmp = less

admin> set input-filters 1 ip-filter source-port = 50

«
...
165
166
167
168
169
...
»

Содержание Stinger IP2000

Страница 1: ...Stinger IP2000 Configuration Guide Part Number 7820 0976 004 For software version 9 6 0 January 2004 ...

Страница 2: ...or this equipment according to EN 45014 access the Lucent INS online documentation library at http www lucentdocs com ins Safety compliance and warranty Information Before handling any Lucent Access Networks hardware product read the Edge Access and Broadband Access Safety and Compliance Guide included in your product package See that guide also to determine how products comply with the electromag...

Страница 3: ...ial number Software version Software and hardware options If supplied by your carrier service profile identifiers SPIDs associated with your line Your local telephone company s switch type and operating mode such as AT T 5ESS Custom or Northern Telecom National ISDN 1 Whether you are routing or bridging with your Lucent product Type of computer you are using Description of the problem Obtaining as...

Страница 4: ......

Страница 5: ...ofile settings 2 2 Modifying default ethernet settings 2 3 Assigning an IP address in the ip interface profile 2 3 Verifying the Gigabit Ethernet interface setup 2 3 Checking the routing table 2 3 Verifying the network processor setup for the interface 2 4 Verifying the SAR setup for the interface 2 4 Verifying IP packet transfer on the interface 2 4 Gigabit Ethernet port redundancy 2 5 Configurin...

Страница 6: ...nst denial of service 4 8 Configuring ip global network features 4 9 Setting a system IP address 4 9 Configuring DNS 4 10 Overview of typical DNS settings 4 10 Specifying domain names for lookups 4 10 Setting RIP options 4 10 RIP policy for propagating updates back to the originating subnet 4 11 RIP triggering 4 12 Limiting the size of UDP packet queues 4 12 Ignoring default routes when updating t...

Страница 7: ...e settings 5 3 Example of defining a virtual router 5 4 Defining address pools for a virtual router 5 6 Assigning interfaces to a virtual router 5 7 Overview of interface vrouter settings 5 7 Examples of assigning virtual router membership to interfaces 5 7 Defining virtual router static routes 5 8 Overview of static route settings 5 8 Examples of defining a route on a per virtual router basis 5 9...

Страница 8: ...ation 7 7 Example of configuring a PPPoE connection 7 8 Overview of PPPoE connection settings 7 8 Sample PPPoE connection using PAP authentication 7 9 Optional configuration of a LIM ATM internal interface 7 10 Administrative tools for PPP sessions 7 10 Chapter 8 IP Multicast Configuration 8 1 IP multicast forwarding 8 1 Network side MBONE interfaces 8 2 Notice about Gigabit Ethernet redundancy fo...

Страница 9: ...e or destination IP addresses 10 4 Filtering on port numbers 10 5 Explicit default filter rules 10 6 Sample filter with no explicit default rule 10 6 Sample filter with explicit default rule 10 7 Sample filter using a generic explicit default rule 10 7 Defining route filters 10 8 Sample filters for the IP2000 10 9 Preventing IP address spoofing 10 9 An IP filter for more complex security issues 10...

Страница 10: ...figuration A 24 Interval transmit statistics A 24 Total transmit statistics A 24 Interval receive statistics A 26 Total receive statistics A 26 Virtual LAN VLAN statistics tables A 28 VLAN statistics A 28 VLAN clear statistics A 29 PIMv2 MIB support A 29 Index Index 1 ...

Страница 11: ...e virtual circuit using IP routing 4 36 Figure 4 10 BIR interface on a LIM port 4 38 Figure 4 11 BIR subnet configuration on LIM interface 4 39 Figure 4 12 BIR 32 configurations 4 40 Figure 4 13 Bidirectional filtering on a BIR interface 4 42 Figure 5 1 Simple diagram of three virtual domains virtual routers 5 1 Figure 6 1 OSPF broadcast network on Gigabit Ethernet 6 3 Figure 6 2 OSPF costs for di...

Страница 12: ......

Страница 13: ...uting table for Router 2 6 8 Table 6 5 Shortest path tree and resulting routing table for Router 3 6 8 Table 8 1 Unused multicast client settings for LAN interfaces 8 3 Table 8 2 Unused multicast heartbeat monitoring settings 8 4 Table 9 1 Current level of support for PIM SM functionality 9 2 Table A 1 GigEConfigTable MIB objects A 24 Table A 2 GigETxIntervalTable MIB objects A 24 Table A 3 GigETx...

Страница 14: ......

Страница 15: ... upstream traffic For details about that aspect of using the IP2000 control module as well as for ATM quality of service QoS and other traffic management capabilities see the Stinger ATM Configuration Guide This guide describes how to configure IP routing and related functions in the Stinger Stinger It includes information about local and global network IP issues as well as how to configure both I...

Страница 16: ...tional argument you might add to a command To include such an argument type only the information inside the brackets Do not type the brackets unless they appear in boldface Separates command choices that are mutually exclusive Points to the next level in the path to a parameter or menu item The item that follows the angle bracket is one of the options that appear when you select the item that prec...

Страница 17: ... the Compact Remote as a hosted unit Module guides For each Stinger line interface module LIM trunk module or other type of module an individual guide describes the module s features and provides instructions for configuring the module and verifying its status Configuration Stinger ATM Configuration Guide Describes how to integrate the Stinger into the ATM and Digital Subscriber Line DSL access in...

Страница 18: ...de background information about features described in this guide RFC 951 Bootstrap Protocol RFC 1112 Host Extensions for IP Multicasting RFC 1334 PPP Authentication Protocols RFC 1483 Multiprotocol Encapsulation over ATM Adaptation Layer 5 RFC 1587 The OSPF NSSA Option RFC 1700 Assigned Numbers RFC 1723 RIP Version 2 Carrying Additional Information RFC 1812 Requirements for IP Version 4 Routers RF...

Страница 19: ...00 software specifications 1 2 IP2000 hardware specifications 1 3 Network architecture overview 1 4 Table 1 1 IP2000 model numbers and platform support IP2000 model number Description Supporting platforms STGR CM IP2000 F IP2000 with fiber gigabit Ethernet Stinger FS Stinger FS Stinger LS STGRRT CM IP2000 F IP2000 with fiber gigabit Ethernet environmentally hardened Stinger RT STGR SFP SX Short ha...

Страница 20: ...Encapsulation over ATM Adaptation Layer 5 RFC 1483 bridged IP routing BIR Broadband RAS Broadband remote access server BRAS for PPP sessions over DSL interfaces IP Ethernet IP support for Gigabit Ethernet interface VLAN IEEE 802 1Q tagged VLANs ATM QoS and IP CoS ATM traffic is assigned the highest priority and passed through IP traffic is assigned a strict priority based on service classification...

Страница 21: ...r single mode fiber distance support to 10km Mgmt interfaces 10 100 BASE T Ethernet RS 232 serial port Status indicators 10 100 BaseT 10 Green 10 Mbps speed 100 Green 100 Mbps speed LINK Green Operational link ACT Green Traffic activity Gigabit Ethernet LINK Green Operational link ACT Green Traffic activity Others MAJOR Red Major alarm detected MINOR Red Minor alarm detected TRUNK STATUS 1 6 Amber...

Страница 22: ...deo A Stinger IP2000 uses the Internet Group Management Protocol IGMP to manage group memberships of downstream video to a PC application or set top box as shown in Figure 1 1 Administrators can configure levels of service that control subscribers access to specific multicast groups Connection to originating router can be across the Gigabit Ethernet interface or through a high speed IP over ATM co...

Страница 23: ...sses through the network processor function Non IP terminated ATM traffic including operations administration and maintenance OAM F5 traffic is treated as highest priority and handled in an ATM pass through mode This traffic passes through the network processor with no further processing RFC 1483 IP traffic that terminates on the IP2000 is reassembled from ATM cells into IP packets It is then clas...

Страница 24: ...In this case SCR is configured equal to PCR peak cell rate Rate information is configurable in the atm qos profile for each virtual circuit For details about configuring ATM QoS see the Stinger ATM Configuration Guide Table 1 2 CoS and per VC queueing for prioritizing IP packet processing Priority queue Priority level Packet classification assigned to queue 1 High IP Control Protocol Classificatio...

Страница 25: ...ntained across Gigabit Ethernet following a controller switchover Configuring the physical and logical interface The system creates configuration profiles for both IP2000 Ethernet interfaces For each controller interface 1 is always the 10 100 BASE T management interface and interface 2 is the Gigabit Ethernet interface For example admin dir ethernet 18 07 11 2003 13 55 31 shelf 1 first control mo...

Страница 26: ...address value of the profile for a Gigabit Ethernet interface always specifies an interface number of 2 For example shelf 1 first control module 2 link state enabled With the default value the system discards packets and does not choose an alternate route if the interface is down If you set this to yes the system deletes routes to the interface when the interface is unavailable and then restores t...

Страница 27: ...Ethernet interface setup After you assign an IP address you can verify that the Gigabit Ethernet interface is able to handle IP traffic by checking some command output For details about the netstat and gmac commands see the Stinger Reference You can also use the debug level ifmgr d command to verify that the Gigabit Ethernet interface is active This is described in Appendix A IP2000 Diagnostics Ch...

Страница 28: ...or gmac done Verifying the SAR setup for the interface The Stinger Segmentation and Reassembly SAR creates an ATM connection entry for the Gigabit Ethernet interface You can force the SAR setup by using the following command admin gmac s GMAC SAR conn open with vpi 0 vci 200 Verifying IP packet transfer on the interface The following command clears statistics gathered on the Gigabit Ethernet inter...

Страница 29: ... statistics txOctetsLow 816 txOctetsHigh 0 txGoodPackets 8 txPkt64 0 txPkt65127 8 txPkt128255 0 txPkt256511 0 txPkt5121023 0 txPkt1024Max 0 txPktDefer 0 txPktUndSz 0 txUnderFlow 0 txPfcf 0 txPfcc 0 txRfcf 0 txRfcc 0 txOverFlow 0 txAlmostFull 0 rxOctetsLow 816 rxOctetsHigh 0 rxGoodPackets 8 rxPkt64 0 rxPkt65127 8 rx128255 0 rx256511 0 rx5121023 0 rx1024Max 0 rxMacType 0 rxCrcErrors 0 rxUnderSize 0 ...

Страница 30: ... the default profile for the soft IP address of the 10 100M base Ethernet management ports you can create another soft IP interface using a profile index of 0 0 0 x as long as the IP address in that profile is on the same subnet as the Gigabit Ethernet ports Note The system associates its Ethernet interfaces with a particular soft address based on the subnet assignment The IP interface address of ...

Страница 31: ...rcuits Virtual LAN VLAN technology is supported with an optional software license For details about configuring VLAN see Chapter 3 VLAN Configuration A VLAN bridge circuit is a pairing between a unique VLAN ID on the Gigabit Ethernet port and a DSL subscriber connection on a LIM port To enable the system to maintain the pairing following a controller switchover you must configure the VLAN circuits...

Страница 32: ...re a soft IP interface for the Gigabit Ethernet ports enable multicast on both ports and use the any slot expression in the mbone lan interface parameter setting Figure 2 2 shows a Stinger with redundant IP2000 controllers The Gigabit Ethernet port in slot 8 1 8 2 0 the Gigabit Ethernet port in slot 9 1 9 2 0 and the soft IP interface 0 0 0 1 all have IP address assignments on the same subnet and ...

Страница 33: ...lan interface 2 any shelf any slot 0 0 mbone lan interface 3 any shelf any slot 0 0 mbone lan interface 4 any shelf any slot 0 0 Note With this configuration the LAN MBONE is supported on the Gigabit Ethernet port of the controller in slot 8 or slot 9 whichever is primary Following a switchover each IGMP client must rejoin its group to receive multicast traffic Administrative tools for Gigabit Eth...

Страница 34: ......

Страница 35: ...ure VLAN capabilities For information about obtaining and enabling Lucent Technologies software licenses contact your Lucent sales representative The IP2000 VLAN implementation The IP2000 VLAN implementation can support up to 4096 VLAN IDs on the Gigabit Ethernet port For full compatibility with IEEE 802 1Q standard however Lucent recommends that you do not use 0 or 4095 as VLAN IDs As a result as...

Страница 36: ...erface in a bridging group the system consults only that table for destination interfaces It will not forward the traffic to interfaces that are not in the same bridging group Note With the current software you cannot bridge multiple LIM side PVCs in the same system to the same VLAN ID Local management VLANs You can configure a virtual IP interface as a management VLAN which terminates on the cont...

Страница 37: ...ncy for VLAN bridge circuits on page 2 7 Overview of VLAN configuration settings You define a VLAN in a vlan ethernet profile which must specify a unique VLAN ID from 0 to 4095 and a bridging group number Note To maintain full compatibility with the IEEE 802 1Q standard Lucent recommends that you do not assign the VLAN ID values of 0 1 and 4095 However the system does not prevent you from assignin...

Страница 38: ...using the following format shelf n slot n port n vlan id The slot n is 8 for the first control module or 9 the second control module and port n is 2 for the Gigabit port The vlan id value is the IEEE 802 1Q VLAN tag value added to the IP packets transmitted on the Gigabit Ethernet interface The valid range is from 0 to 4095 but for full compatibility with IEEE 802 1Q Lucent recommends that you do ...

Страница 39: ...AN ID in Ethernet frame headers and bridges the packet stream across its Gigabit Ethernet port It does not terminate the packets by passing them up to the IP router software The external router on the Gigabit Ethernet network interprets the VLAN ID and directs the packet stream at Layer 2 to the specified VLAN which is the head office network First verify that bridging is enabled on the physical i...

Страница 40: ... Protocol ATM 1483 User Name dslcpe Ascend Route IP Route IP Yes Ascend ATM Group 51 Ascend ATM Vpi 8 Ascend ATM Vci 100 Ascend Bridge Bridge Yes Ascend BIR Bridge Group 34590 The LAN session should come up displaying log messages such as the following LOG notice Shelf 1 Slot 2 Time 20 24 02 Line 1 up LOG info Shelf 1 Controller 1 Time 20 24 02 1 2 1 0 Assigned to port MBID 1 LOG info Shelf 1 Slot...

Страница 41: ...ce after creating it see the ifmgr command in Appendix A IP2000 Diagnostics Figure 3 4 Sample management VLAN Parameter Setting interface address Address of the Gigabit Ethernet interface followed by the virtual IP interface number using the following format shelf n slot n port n item n The slot n is 8 for the first control module or 9 the second control module and port n is 2 for the Gigabit port...

Страница 42: ... 20 1 2 10 icmp_seq 5 ttl 255 time 0 ms 64 bytes from 20 1 2 10 icmp_seq 6 ttl 255 time 0 ms 64 bytes from 20 1 2 10 icmp_seq 7 ttl 255 time 0 ms C 20 1 2 10 ping statistics 8 packets transmitted 8 packets received 0 packet loss round trip min avg max 0 1 10 ms The following commands set up a static route to reach the TFTP server across the Gigabit Ethernet link admin new ip route tftp server admi...

Страница 43: ...or RADIUS route profiles If the Routing Information Protocol RIP is enabled on one or more interfaces the system adds routes as it learns them from routing update packets In addition the system is continuously updating its routing table by adding routes for links that become active and removing routes for inactive sessions If a nailed connection goes down the system removes the route from its rout...

Страница 44: ... 0 0 9 32 local CP 0 0 0 2274 255 255 255 255 32 ie0 CP 0 0 61 2274 Total Routes 11 Hidden Routes 0 For each route in the table the Destination and Gateway fields show the destination address and the address of the next hop router used to reach that destination The zero destination address is the default route If the system does not find a route for a packet s destination it forwards the packet to...

Страница 45: ...terface profile For example the default profile for 1 8 2 is indexed as follows ip interface 1 8 2 0 When the logical item number is not zero it does appear in the interface name Again the sequence of numbers is identical to the profile index For example suppose an ip interface profile has the following index ip interface 1 8 2 3 This profile has the following interface name ie1 8 2 3 The other na...

Страница 46: ...0 0 0 0 local 65535 127 0 0 1 32 127 0 0 1 58935 0 58935 0 mcast 65535 224 0 0 0 4 224 0 0 0 0 0 0 0 tunnel0 1500 10 1 26 0 24 10 1 26 1 0 0 0 0 vr0_main 1500 10 1 26 1 32 10 1 26 1 0 0 0 0 sip0 65535 0 0 0 0 wan11 1524 200 200 200 254 2 2 2 1 7 0 10 0 Similarly in the following output the in_oct in_errs out_octet and out_err statistic counters display the sum of the packets in transit as seen by ...

Страница 47: ...ss C network number The broadcast address of any subnet has the host portion of the IP address set to all ones The network address or base address represents the network itself because the host portion of the IP address is all zeros For example supposing the IP configuration assigns the following address to a remote router 198 5 248 120 29 The Ethernet network attached to that router has the follo...

Страница 48: ...format shelf num slot num item num logical item num The logical item addresses a specific logical interface It is zero except when multiple virtual interfaces have been configured on the physical port For more details see Defining a local virtual IP interface on page 4 8 Overview of typical local interface settings For information about enabling IP multicast forwarding on the Gigabit Ethernet inte...

Страница 49: ...RIP For an example of configuring a static route see Configuring ip route profiles on page 4 28 The following commands configure the interface to receive RIP 2 updates on the multicast address the multicast address is the default admin read ip interface 1 8 2 0 admin set rip mode routing recv v2 admin write f You can verify that the system can transfer IP packets across the interface by pinging an...

Страница 50: ...configurations to work Defining a soft interface for increased accessibility You can configure a soft IP interface which is an internal IP interface that is always active and reachable as long as one of the system s IP interfaces is up The ip interface profile with the zero index is reserved for the soft interface Note Do not specify the IP address of a physical LAN interface as the soft interface...

Страница 51: ...obal profile some are intended for remote access service and are not directly relevant to IP2000 operations However there are many more options you can choose to configure in this profile For details about all ip globalparameters and subprofiles see the Stinger Reference Setting a system IP address The system IP address is the source address used for all packets generated by the system It must be ...

Страница 52: ...condary server 0 0 0 0 sec domain name Specifying domain names for lookups The following commands specify a primary and secondary domain name for DNS lookups admin read ip global admin set domain name abc com admin set sec domain name eng abc com admin write f If a lookup fails with the first domain name the router tries again with the secondary domain name Setting RIP options The following parame...

Страница 53: ...RIP triggering With a yes setting the default RIP updates include only changed routes rip pref Default preference for routes learned from RIP updates When choosing the routes to put in the routing table the unit first compares their preference values preferring the lowest number If the preference values are equal the router compares the metric values using the route with the lowest metric Specify ...

Страница 54: ...P requests or RIP updates a backlog of packets waiting for processing can create enough delay in routing to cause sporadic problems with time sensitive packets such as LCP negotiation or frame relay management packets To prevent such problems UDP processing runs at a lower priority than processing of routed packets On a system busily routing packets UDP processing might be delayed and a backlog of...

Страница 55: ...s being negotiated and after the session is established only network routes are advertised for the interface If a connection profile includes a subnet mask of 32 in the remote address setting host routes for the interface are not suppressed Pool addresses also have a 32 bit mask so they are not suppressed The following set of commands configures the router to suppress host routes for connections t...

Страница 56: ...accept address assign no Settings in RADIUS pseudo user profiles You can define address pools in a RADIUS pools pseudo user profile The first line of pools pseudo user profile uses the following format pools name Password ascend Service Type Outbound User The name argument is the system name specified by the name parameter in the system profile Subsequent lines in the profile define IP address poo...

Страница 57: ...pools are defined in a global pools pseudo user profile on the server running RADIPAD The first line of a global pools pseudo user profile uses the following format global pools name Password ascend Service Type Outbound User The name argument is a designation for any class of users You can create multiple global pool profiles for multiple user classes For example you could create profiles named g...

Страница 58: ...tted because the pool is not a 24 network However some client systems such as Windows do not tolerate the class boundary addresses well For example because Windows assumes a 24 network it broadcasts NetBIOS over IP name service to the 255 address which could overwhelm a connection assigned the 255 host address To prevent client software from using a host address for broadcasts you must explicitly ...

Страница 59: ...P Pool Definition 2 11 5 7 51 50 Ascend IP Pool Definition 3 12 7 112 15 50 Although some client software assumes a default subnet mask of 255 255 255 0 for PPP interfaces you can define pools on subnets wider than 24 For example the following commands define an address pool on a 23 subnet admin read ip global admin set pool base address 1 10 55 178 1 admin set assign count 1 510 admin write f Thi...

Страница 60: ...ssign count parameter is set to 62 When you add 2 to this value you get 64 The subnet mask for 64 addresses is 255 255 255 192 256 64 192 The prefix length for a 255 255 255 192 mask is 26 The pool base address parameter is set to 10 12 253 1 When you subtract 1 from this value you get 10 12 253 0 which is a valid network aligned base address for the 255 255 255 192 subnet mask Note that 10 12 253...

Страница 61: ... ip answer assign address yes admin write f During PPP negotiation a CPE can reject an IP address offered by the router and present the caller s own IP address for consideration For security purposes many sites set must accept address assign to yes to ensure that the Stinger unit terminates such a call as shown in the following example admin read ip global admin set must accept address assign yes ...

Страница 62: ...profile defines six pools each containing 10 addresses pools JFAN TNT Password ascend Service Type Outbound Ascend IP Pool Definition 1 11 168 6 10 10 Ascend IP Pool Definition 2 12 168 6 10 10 Ascend IP Pool Definition 3 13 168 6 10 10 Ascend IP Pool Definition 7 17 168 6 10 10 Ascend IP Pool Definition 8 18 168 6 10 10 Ascend IP Pool Definition 9 19 168 6 10 10 In earlier versions of the softwar...

Страница 63: ...ddress 172 20 31 1 172 20 33 1 0 0 0 0 153 37 21 1 0 0 assign count 126 126 0 30 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Pool chaining in local profiles Whether pool chains are defined locally or in RADIUS the pool addresses are available for dynamic assignment regardless of where the connection s profile is authenticated Overview of local profile settings Following are the parameters shown with...

Страница 64: ...er defaults admin set ip answer assign yes admin write f The following commands configure profiles to acquire an address from the first pool chain When the end users initiate a session request they can acquire an address from 10 1 1 1 to 10 1 1 51 from 11 1 1 1 to 11 1 1 51 or from 12 1 1 1 to 12 1 1 51 If no addresses are available within those ranges the connection is refused admin new connectio...

Страница 65: ...udo user profile the pool addresses are available for dynamic assignment regardless of where the connection s profile is authenticated Overview of RADIUS profile settings RADIUS servers use the following attribute value pairs to define and apply pool chains RADIUS attribute Value Ascend IP Pool Chaining 85 Enable disable IP pool chaining in a pseudo user profile that defines address pools If this ...

Страница 66: ...dress from the first pool chain When the end users initiate a session request they can acquire an address from 13 1 1 1 to 13 1 1 51 or from 14 1 1 1 to 14 1 1 51 If no addresses are available within those ranges the connection is refused admin new connection hanif admin set active yes admin set encapsulation protocol ppp Ascend IP Pool Definition 217 Address pool definition in a pseudo user profi...

Страница 67: ...d RFC 2132 DHCP Options and BOOTP Vendor Information Extensions describes BOOTP additions that can be used as DHCP options When the requesting client machine does not reside on the same IP network as a BOOTP or DHCP server as is typically the case for DSL subscriber connections the IP2000 must be configured to operate as a DHCP relay agent A relay agent is an intervening system that transfers mess...

Страница 68: ... its Gigabit Ethernet interface 2 2 2 2 The DHCP server is configured to recognize the CPE router at 3 3 3 3 The following commands configure the IP2000 as a DHCP relay agent admin read ip global admin set bootp relay active yes admin set bootp relay bootp servers 1 2 2 2 142 admin write f The next commands configure the connection profile for the CPE router Parameter Setting active Enable disable...

Страница 69: ... option 82 For details see Configuring DHCP relay to allow CPE clients to obtain an address on page 4 25 DHCP option 82 configuration settings Following are the parameters shown with default settings for configuring DHCP option 82 in IP GLOBAL bootp relay relay agent information circuit id no 0 0 0 0 remote id no 0 0 0 0 in IP GLOBAL bootp relay relay agent information circuit id enable no if ip 0...

Страница 70: ...rcuit identifier suboption of DHCP option 82 and specify the Gigabit Ethernet address as the ID admin set relay agent information circuit id enable yes admin set relay agent information circuit id if id 2 2 2 2 admin write f Configuring ip route profiles Any profile that specifies how to reach an IP device or subnet such as an ip interface connection or RADIUS user profile specifies a static IP ro...

Страница 71: ... destinations to the specified gateway If no default route is defined the system drops those packets The system creates an ip route profile named default but the profile is not valid until you specify a gateway address so the route is not active until you assign an Parameter Settings name Name of the profile up to 31 characters dest address Destination IP address The default value is 0 0 0 0 which...

Страница 72: ... RIP is turned off on an IP interface the router cannot reach subnets beyond other routers on that interface unless it has a static route to the subnet To enable access to subnets beyond the local segment you must configure a static route Figure 4 5 shows an example Figure 4 5 Static route to a subnet The following commands configure a static route to the remote subnet admin new ip route subnet ad...

Страница 73: ...TM settings and quality of service QoS contracts see the Stinger ATM Configuration Guide Following are the ATM related parameters shown with default settings for ATM terminating PVCs in CONNECTION station active no encapsulation protocol atm circuit in CONNECTION atm options atm1483type aal5 llc vpi 0 vci 35 nailed group 1 Parameter RADIUS attribute Setting station User Name 1 Name of the far end ...

Страница 74: ...ed to configure IP options in RADIUS profiles see the TAOS RADIUS Guide and Reference Parameter RADIUS attribute Setting ip routing enabled Ascend Route IP 228 Enable disable IP routing on the interface vj header prediction Framed Compression 13 Enable disable Van Jacobson prediction for TCP packets on incoming calls using encapsulation protocols that support Van Jacobson compression remote addres...

Страница 75: ...dmin set atm options vpi 8 admin set atm options vci 100 admin set atm options nailed group 201 admin write f permconn st 1 Password ascend Service Type Outbound Framed Protocol ATM 1483 User Name router 1 Framed IP Address 10 7 8 200 Framed IP Netmask 255 255 255 252 Ascend ATM Group 201 Ascend Route IP Route IP Yes Ascend ATM Vpi 8 Ascend ATM Vci 100 Example of a numbered interface A numbered in...

Страница 76: ...tm options nailed group 211 admin write f Following is a comparable RADIUS profile permconn st 2 Password ascend Service Type Framed User Framed Protocol ATM 1483 User Name numbered Ascend ATM Group 211 Ascend Route IP Route IP Yes Ascend ATM Vpi 0 Ascend ATM Vci 36 Framed IP Address 3 3 3 3 Framed IP Netmask 255 255 255 252 Ascend PPP Addr 7 7 7 7 Ascend IF Netmask 255 255 255 252 In this example...

Страница 77: ...outer which routes the traffic on toward the ISP point of presence The following commands create a connection profile for each of the DSL subscribers in Figure 4 8 admin new connection user 1 admin set active yes admin set encapsulation protocol atm admin set ip options remote address 2 2 2 2 29 admin which n 1 2 1 Nailed group corresponding to port shelf 1 slot 2 1 is 51 admin set atm options nai...

Страница 78: ... address 7 7 7 7 24 admin set gateway address 1 1 1 70 admin set active route yes admin write f With this example configuration when packets destined for 7 7 7 7 24 are received on the terminating PVCs the IP2000 consults its own routing table and forwards the packets onto its Gigabit Ethernet interface to the next hop router specified as the gateway address Example of using IP routing to aggregat...

Страница 79: ...w connection isp admin set active yes admin set encapsulation protocol atm admin set ip options remote address 7 7 7 7 24 admin set atm options vpi 0 admin set atm options vci 35 admin which n 1 17 2 Nailed group corresponding to port shelf 1 trunk module 1 2 is 802 admin set atm options nailed group 802 admin write f This connection profile creates a static route to the ISP s destination address ...

Страница 80: ...n connection and RADIUS profiles described in Configuring IP connection interfaces for CPE devices on page 4 30 the following parameters apply to BIR interfaces The parameters are shown with default settings in CONNECTION bir options enable no proxy arp no in CONNECTION ip options ip routing enabled yes remote address 0 0 0 0 0 local address 0 0 0 0 0 Bridged Network side User side Bridge CPE Remo...

Страница 81: ...owing commands configure a BIR subnet interface through the DSL CPE bridge in Figure 4 11 admin new connection bir 1 admin set active yes admin set encapsulation protocol atm admin set ip options remote address 2 2 2 0 24 admin set ip options local address 2 2 2 1 32 admin set bir options enable yes admin set bir options proxy arp yes admin set atm options atm1483type aal5 llc admin set atm option...

Страница 82: ...at is not a requirement Figure 4 12 BIR 32 configurations In Figure 4 12 the local address value is the same for both BIR interfaces This is recommended for host routes to the same IP network because it simplifies configuration of the remote hosts all of which can point to the same local address as the gateway The following commands configure a BIR 32 interface through the CPE labeled Bridge 5 in ...

Страница 83: ...und Framed Protocol ATM 1483 User Name bir 5 Ascend Route IP Route IP Yes Framed IP Address 4 4 4 5 Framed IP Netmask 255 255 255 255 Ascend PPP Addr 4 4 4 1 Ascend IF Netmask 255 255 255 255 Ascend ATM Group 55 Ascend ATM Vci 111 Ascend BIR Enable BIR Enable Yes permconn cpe 6 Password ascend Service Type Outbound Framed Protocol ATM 1483 User Name bir 6 Ascend Route IP Route IP Yes Framed IP Add...

Страница 84: ...put filters 1 ip filter dest address mask 255 255 255 0 admin set input filters 1 ip filter dest address 2 2 2 36 admin set input filters 1 ip filter Src Port Cmp less admin set input filters 1 ip filter source port 50 admin set input filters 2 valid entry yes admin set input filters 2 forward yes admin set input filters 2 Type ip filter The first output filter rule shown below specifies that if t...

Страница 85: ...rotocol atm admin set ip options remote address 1 1 1 0 24 admin set ip options local address 1 1 1 1 24 admin set session options data filter udp filter admin set bir options enable yes admin set atm options nailed group 101 admin write f Administrative tools for IP routing The system supports several commands that are useful for locating the sources of problems on an IP network and for communica...

Страница 86: ......

Страница 87: ...circuit termination with secure logical partitioning and multiple route tables Virtual routing is particularly useful for remote access server RAS functionality For example it can securely partition traffic from many CPE devices to different ISPs with each ISP mapped to a separate virtual domain Figure 5 1 shows a simplified diagram with three virtual routers configured in the global router Becaus...

Страница 88: ...imize such traffic Applicability and limitations When configuring virtual routing on a Stinger IP2000 consider the following issues related to virtual router applicability and limitations Virtual routing does not apply to switched or bridged connections Only terminated virtual circuits IP PPPoA PPPoE can be integrated into a virtual domain When the virtual LAN VLAN feature is used in its usual bri...

Страница 89: ...tual router and manipulates only that virtual router s routing table All RIP related parameters in a vrouter profile use default settings that are recommended for most sites Overview of vrouter profile settings A vrouter profile contains the following parameters shown with default values in VROUTER name active yes vrouter ip addr 0 0 0 0 pool base address 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ...

Страница 90: ...pools see Configuring and using address pools on page 4 13 pool name A pool name required only when TACACS authentication is in use The pool will be exclusively for use by the virtual router For details about defining address pools see Configuring and using address pools on page 4 13 pool summary Set clear the pool summary flag to specify that the address pools will be summarized For details about...

Страница 91: ...ents retransmitted 0 active closes 0 passive closes 0 disconnects while awaiting retransmission icmp 31 packets received 0 packets received with errors Input histogram 30 echo requests 1 netmask requests 31 packets transmitted 0 packets not transmitted due to lack of resources Output histogram 30 echo replies 1 netmask replies 127 0 0 0 8 bh0_vr1 CP 0 0 1 6815 127 0 0 1 32 local CP 0 0 1 6815 127 ...

Страница 92: ...4 default ttl igmp 0 packets received 0 bad checksum packets received 0 bad version packets received 0 query packets received 0 leave packets received 0 packets transmitted 0 query packets sent 0 resonse packets sent 0 leave packets sent mcast 0 packets received 0 packets forwarded 0 packets in error 0 packets dropped 0 packets transmitted pim 0 packets received 559 packets transmitted 559 hello p...

Страница 93: ...escribed in that section Assigning interfaces to a virtual router To assign virtual router membership to an interface you specify a virtual router name in the interface profile For a virtual router to be active at least one IP interface LAN or WAN must specify its name Overview of interface vrouter settings To assign virtual router membership to an interface in local profiles set the vrouter param...

Страница 94: ...in ip route profiles in IP ROUTE vrouter inter vrouter In a RADIUS profile the value of the Framed Route 22 attribute can specify a virtual router name in the following syntax dest addr prefix gateway addr metric private profile preference vrouter name Note The fields within the value of the Framed Route attribute are positional With the exception of the optional prefix length specification if any...

Страница 95: ...G 120 7 0 9 10 1 1 1 32 10 1 1 1 wan30 S 120 7 2 9 10 5 6 0 28 10 1 1 1 wan30 SG 60 8 0 9 11 1 1 0 24 11 1 1 1 wan31 SG 120 7 0 9 11 1 1 1 32 11 1 1 1 wan31 S 120 7 1 9 12 1 1 0 24 12 1 1 1 wan32 SG 120 7 0 9 12 1 1 1 32 12 1 1 1 wan32 S 120 7 1 9 127 0 0 0 8 bh0_vr1 CP 0 0 0 2274 127 0 0 1 32 local CP 0 0 0 2274 127 0 0 2 32 rj0_vr1 CP 0 0 0 2274 Specifying an inter virtual router route You can c...

Страница 96: ...vers Virtual router DNS configuration includes settings for primary and secondary DNS servers domain names and client DNS servers The settings direct connections that belong to the virtual router to a particular DNS service To completely segment the virtual router s DNS information from any other hosts you can configure and manage DNS information separately for each virtual router The addresses co...

Страница 97: ... client dns primary server 1 2 2 2 admin set client dns secondary server 1 2 2 96 admin set allow as client dns info false Parameter Setting domain name Primary domain name up to 63 characters to use for DNS lookups for this virtual router The system appends this domain name to hostnames when performing lookups sec domain name Secondary domain name to use for DNS lookups for this virtual router if...

Страница 98: ...nection ip interface and ip route profiles that point to the virtual router to point instead to the global router or another existing virtual router Administrative tools for virtual routers You can specify a virtual router name on the command line of the network administration commands listed in Table 5 1 to obtain information specific to a particular virtual domain Table 5 1 Administrative comman...

Страница 99: ... the debug level commands see Appendix A IP2000 Diagnostics traceroute diagnostic traceroute n v m max_ttl p port q nqueries w waittime r vrouter s src_IPaddr hostname datasize agrm debug agrm rt vrouter f agrm arp vrouter ifmgr debug ifmgr r vrouter d ifNum t ifmgr up down ifNum ifName Table 5 1 Administrative commands showing optional vrouter arguments Continued Command Permissions Usage with op...

Страница 100: ......

Страница 101: ...l IP interfaces Overview of OSPF features supported by the IP2000 This section provides a brief overview of OSPF routing to help you configure the system properly For details about how OSPF works see RFC 2328 OSPF Version 2 Following are the OSPF functions discussed in this section Multiple authentication schemes per RFC 1583 Variable length subnet masks VLSMs Link state advertisement LSA types 1 ...

Страница 102: ...d two different subnets of the same IP network can use different size subnet masks A packet is routed to the best longest or most specific match Host routes are considered to be subnets whose masks are all ones 0xFFFFFFFF Note OSPF is useful for networks that use VLSMs However to prevent excessive link state calculations by all OSPF routers on the network make every effort to assign subnets that a...

Страница 103: ...erfaces Type 2 NET network Type 2 LSAs describe the set of routers attached to the network Types 3 and 4 Summary LSAs Summary LSAs are flooded throughout a single area Type 3 summary LSAs describe routes to networks Type 4 summary LSAs describe routes to autonomous system boundary routers Type 5 ASE AS external Type 5 LSAs describe routes to destinations external to the autonomous system AS An AS ...

Страница 104: ...designated router However many sites choose to assign a LAN based router for these roles to dedicate the Stinger unit to WAN processing Routing across NBMA interfaces An OSPF nonbroadcast multiaccess NBMA network is any network that has multiple points of access more than two routers and does not support broadcast capability OSPF routers operate on an NBMA network much as they do on a broadcast ne...

Страница 105: ...rea connecting the other areas The backbone area is special and always has the area number 0 0 0 0 The backbone consists of networks not contained in any area their attached routers and routers that belong to multiple areas The backbone must be contiguous You can use virtual links to connect two backbone routers that have an interface to a common nonbackbone area OSPF treats two routers joined by ...

Страница 106: ...agated into or throughout the area and instead depends on default routing to external destinations NSSAs NSSAs are like stub areas in that they do not receive or originate type 5 LSAs However NSSAs rely solely on default routing for external routes They employ type 7 LSAs for carrying ASE route information within the area Type 7 LSAs use a P bit to flag the NSSA border router to translate the type...

Страница 107: ... 4 Sample OSPF topology Table 6 2 shows the relevant information in the routers link state databases From the link state database each router builds a self rooted shortest path tree and then calculates a routing table stating the shortest path to each destination in the autonomous system See Table 6 3 Table 6 4 and Table 6 5 The table also includes externally derived routing information All the ro...

Страница 108: ...fy a few global settings in IP GLOBAL ospf global enable no Table 6 3 Shortest path tree and resulting routing table for Router 1 Destination Next hop Metric Network 1 Direct 0 Network 2 Direct 0 Network 3 Router 2 20 Network 4 Router 2 50 Table 6 4 Shortest path tree and resulting routing table for Router 2 Destination Next hop Metric Network 1 Router 1 20 Network 2 Direct 0 Network 3 Direct 0 Ne...

Страница 109: ... active no area 0 0 0 0 area type normal hello interval 10 dead interval 40 priority 5 authen type simple auth key key id 0 cost 1 down cost 16777215 ase type type 1 ase tag c0 00 00 00 transit delay 1 Parameter Setting enable Enables or disables the OSPF protocol systemwide Set to yes to enable the protocol If set to no the default the protocol is disabled systemwide If you are modifying several ...

Страница 110: ...ther OSPF routers on the network the better the chances that it will become one of these routers For details see Designated and backup designated routers on broadcast networks on page 6 3 authen type Type of authentication to use none No authentication is required simple The router uses the password supplied in the auth key parameter to validate OSPF packet exchanges This is the default value md5 ...

Страница 111: ... packet over this interface taking into account transmission and propagation delays On a connected route you can leave the default of 1 retransmit interval Number of seconds between LSA retransmissions for adjacencies belonging to this interface Its value is also used when retransmitting database description and link state request packets On a typical connected route accept the default setting of ...

Страница 112: ... number of routers relatively small because changes that occur in area zero are propagated throughout the autonomous system Another way to configure the same units is to create a second area such as 0 0 0 1 in one of the existing OSPF routers and add the Stinger IP2000 to that area You can then assign the same area number 0 0 0 1 to all OSPF routers reached through the Stinger IP2000 across a WAN ...

Страница 113: ...NECTION ip options ospf options active no area 0 0 0 0 area type normal hello interval 30 dead interval 120 priority 5 authen type simple auth key key id 0 cost 10 down cost 1000 ase type type 1 ase tag c0 00 00 00 transit delay 1 retransmit interval 5 non multicast no network type Point to Point poll interval 10 profile type wan md5 auth key These are the same parameters described for enabling OS...

Страница 114: ...1 admin set atm options nailed group 802 admin write f Sample configuration of NBMA across point to point With the current software version NBMA is supported only on a point to point WAN link Full support for multiaccess is not provided Overview of additional NBMA settings In addition to the standard settings for OSPF point to point the following parameters shown with default settings must be conf...

Страница 115: ...or an NBMA connection to a GRF multigigabit router the non multicast parameter must be set to yes This causes the translation of the multicast traffic to directed traffic This setting is required only when connecting to a GRF multigigabit router network type For NBMA the network type parameter must be set to NonBroadcast local ip address When network type is set to NonBroadcast a local ip address ...

Страница 116: ... default settings in IP GLOBAL pool ospf adv type type 1 ospf pref 10 ospf ase pref 150 ospf global no yes 0 rip tag c8 00 00 00 rip ase type 1 Example of importing a summarized pool as an ASE The following commands configure a summarized pool and import it to OSPF with a type 1 OSPF metric admin read ip global Parameter Setting pool ospf adv type Type of ASE metric applied to summarized pools imp...

Страница 117: ... ospf ase pref parameters determine the preference values assigned to routes learned from other OSPF routers and those imported from other dynamic routing protocols The default settings place a much lower preference on OSPF routes which means that the routes learned from other protocols ASE routes are more likely to be used The following commands decrease to 100 the preference assigned to ASE rout...

Страница 118: ... ase7 adv n a The following procedure configures the Stinger unit to route in an NSSA and import a type 7 LSA that specifies an external route across the WAN link 1 Assign an NSSA area type to the IP interface that is running OSPF For example admin read ip interface 1 8 2 0 admin set ospf area type nssa admin write f 2 Configure the WAN link that represents an ASE route For example admin read conn...

Страница 119: ...t uses the path with the lower cost Note Be careful when assigning costs Incorrect cost metrics can cause delays and congestion on the network In the following example an administrator assigns a cost of 25 to a static route admin new ip route mylink admin set dest 10 1 2 0 24 admin set gateway 10 9 8 10 admin set cost 25 admin write f Administrative tools for OSPF routing The ospf diagnostic level...

Страница 120: ......

Страница 121: ...PoE are not supported across trunk or Ethernet interfaces Recommended call type setting for PPP sessions The system assigns nailed group 1 to LIM slot 1 port 1 1 1 1 and also assigns nailed group 1 to permanent leased PPP connections Because the default call type in Stinger systems is nailed ft1 a conflict occurs when you configure PPPoA or PPPoE connections on any LIM interface and 1 1 1 is enabl...

Страница 122: ...er unit as shown in Figure 7 1 The PPPoA session enables an IP client on the far side of the PPPoA router to connect through the Stinger unit to the IP cloud beyond it Figure 7 1 PPPoA topology For PPPoE the connection uses Ethernet bridged framing as defined in RFC 2516 A Method for Transmitting PPP Over Ethernet PPPoE PPPoE is negotiated in two phases a discovery phase and a session phase During...

Страница 123: ...P sessions typically require password authentication each time a PPP session is opened Stinger units support RFC 1334 PPP Authentication Protocol PAP and RFC 1994 Challenge Handshake Authentication Protocol CHAP which must be negotiated with the client on the basis of settings in the answer defaults profile and the client s connection or RADIUS profile The values in the answer defaults profile are...

Страница 124: ...fic on a LIM internal interface For all installed LIMs that can terminate PPPoA or PPPoE calls the system creates an atm internal profile for the LIM s internal ATM segmentation assembly and enabled The enabled parameter must be set to yes the default for the system to answer PPP session requests receive auth mode With the default no ppp auth setting the Stinger unit does not request authenticatio...

Страница 125: ...led group of the internal interface as the second leg of the circuit in the atm connect options subprofile Note The system prevents configuration of a circuit from one LIM to the ATM internal interface of another LIM or configurations that attempt to use the internal interface of a LIM in other ways To determine the nailed group of a LIM s internal ATM interface use the which command Following is ...

Страница 126: ...own with default settings including bidirectional CHAP authentication in CONNECTION station encapsulation protocol atm circuit in CONNECTION ip options ip routing enabled yes remote address 0 0 0 0 0 in CONNECTION ppp options send auth mode none bidirectional auth none substitute recv name send password recv password in CONNECTION telco options call type ft1 IP ATM CellPipe PPPoA router 3 3 3 141 ...

Страница 127: ...e off admin write f Following is a comparable RADIUS user profile cellpipe1 Password recvpw Service Type Framed User Ascend Require Auth Require Auth Ascend Auth Type Auth CHAP Ascend Send Auth Send Auth CHAP Ascend Bi Directional Auth Bi Directional Auth Required Ascend Send Secret sendpw Framed Protocol PPP bidirectional auth Ascend Bi Directional Auth 46 Enable disable bidirectional CHAP authen...

Страница 128: ...ettings For background information about IP routing configurations see Configuring IP connection interfaces for CPE devices on page 4 30 In addition to those settings following are relevant PPPoE parameters shown with default setting including PAP authentication in CONNECTION station encapsulation protocol atm circuit in CONNECTION ip options ip routing enabled yes remote address 0 0 0 0 0 in CONN...

Страница 129: ...lco options call type off admin write f Following is a comparable RADIUS user profile pppoe 1 Password pppoe1 pw Service Type Framed User Framed Protocol PPP Framed IP Address 2 2 2 1 Framed IP Netmask 255 255 255 248 Ascend PPPoE Enable PPPoE Yes Ascend Call Type 0 ip routing enabled Ascend Route IP 228 Enable disable IP routing for the interface IP routing is enabled by default remote address Fr...

Страница 130: ... entries in the Stinger Reference for commands such as connection and userstat Parameter Setting name Assigns a name to the interface up to 15 characters The name is used only for administrative purposes physical address Physical address of the internal SAR port within the system This value is set by the system when it creates the atm internal profile and it is used to retrieve the ATM configurati...

Страница 131: ...information about obtaining and enabling Lucent Technologies software licenses contact your Lucent sales representative IP multicast forwarding IP multicast forwarding enables the Stinger to receive multicast transmissions from multicast backbone MBONE routers and forward the transmissions to multiple client interfaces A common use for IP multicast is to transmit streaming video across the Interne...

Страница 132: ...nterface used to receive transmissions from a multicast router can be either a WAN MBONE on an ATM trunk interface or a LAN MBONE on the IP2000 Gigabit Ethernet interface On an MBONE interface the Stinger responds to multicast router queries and returns responses from clients to the router The global IP router can receive multicast data from up to four MBONE interfaces Multiple MBONE capability is...

Страница 133: ...and its igmp option subprofile for the IP2000 Configuring MBONE interfaces To configure an MBONE interface you must complete the following steps 1 Enable multicast forwarding in the ip global profile 2 Specify a profile index for each MBONE interface in the ip global profile 3 Configure the ip interface or connection profile for each LAN or WAN MBONE interface Be sure to set multicast allowed to y...

Страница 134: ...interface 2 any shelf any slot 0 0 mbone lan interface 3 any shelf any slot 0 0 mbone lan interface 4 any shelf any slot 0 0 in IP INTERFACE shelf 1 first control module 2 0 multicast allowed no in CONNECTION ip options multicast allowed no Table 8 2 Unused multicast heartbeat monitoring settings Unused ip global settings in IP GLOBAL multicast hbeat addr 0 0 0 0 multicast hbeat port 0 multicast h...

Страница 135: ... or both cannot exceed four mbone lan interface N Array of four indexed parameters for specifying the index of an ip interface profile that provides access to an MBONE router across an Ethernet interface This configures up to four LAN MBONE interfaces across the Gigabit Ethernet port of the IP2000 controller or Ethernet interfaces of T1000 modules For Stinger systems with redundant controllers you...

Страница 136: ...dmin set atm options vci 101 admin set atm options nailed group 802 admin write f The following commands enable the multicast forwarding function and specify the MBONE interfaces admin read ip global admin set multicast forwarding yes admin set multiple mbone mbone profile 1 mcast1 17 1 admin set multiple mbone mbone profile 2 mcast1 17 2 admin set multiple mbone mbone lan interface 1 1 8 2 0 admi...

Страница 137: ...abled Specify the same VLAN ID used in the vlan ethernet profile 101 in this example admin new ip interface 1 8 2 1 admin set ip address 13 13 13 13 24 admin set multicast allowed yes admin set vlan enabled yes admin set vlan id 101 admin write f Note If you enable multicast without enabling VLAN the system refuses to write the profile and displays the following error message Multicast can be enab...

Страница 138: ...f multicast services you provide You can define the profiles locally or via RADIUS You then apply an mcast service profile to a client interface by specifying the profile name in the client s connection or RADIUS profile see Configuring multicast client interfaces on page 8 11 Number of multicast clients per group A Stinger IP2000 allows up to 1017 multicast clients per group The following restric...

Страница 139: ... multicast link up or link down event for all client interfaces associated with this profile To send these traps you must set this parameter to yes In addition you must also enable the traps at the system level by setting the ascend multicast link trap enabled parameter in the trap profile The objects reported in these traps are contained in the mcastserv mib filter type Ascend Multicast Service F...

Страница 140: ...p Trap Multicast Snmp Trap Yes Ascend Multicast Service Filter Type Multicast Filter Inclusive Ascend Multicast Filter Address 239 255 129 119 mcastService ipstinger 2 password pwd Ascend Multicast Service Name gold service Ascend Multicast Service Active Multicast Service Yes Ascend Multicast Service Snmp Trap Multicast Snmp Trap Yes Ascend Multicast Service Filter Type Multicast Filter Inclusive...

Страница 141: ...leave delay msec 0 multicast service profile multicast max groups 0 Parameter RADIUS attribute Setting multicast allowed Ascend Multicast Client 155 Enable disable handling of IGMP requests and responses on the interface The system does not forward multicast traffic on the basis of this setting multicast rate limit Ascend Multicast Rate Limit 152 The rate at which the Stinger IP2000 accepts multic...

Страница 142: ...ltiple multicast sessions to the same group set these parameters to a value from 10 to 20 When these parameters have nonzero values the system sends back a query to make sure there are no active multicast sessions on the interface for that group and if it receives a response before the specified specified delay expires it does not forward the Leave Group message multicast group leave delay msec As...

Страница 143: ...et loss increase this value IGMP is robust to robust count minus 1 packet losses It cannot be set to zero and should not be set to 1 The default is 2 query interval Number of seconds from 0 to 1024 between general queries You can increase this value from its default of 125 seconds to reduce the number of IGMP queries sent on the interface query response interval Maximum response time in tenths of ...

Страница 144: ...commands configure a PVC for CPE 1 in Figure 8 5 admin new connection cpe 1 admin set active yes admin set encapsulation protocol atm admin set ip options remote address 2 2 2 2 29 admin set ip options multicast allowed yes admin set ip options multicast rate limit 20 admin set ip options multicast service profile bronze service admin set ip options multicast max groups 1 admin set atm options vci...

Страница 145: ... ascend Service Type Framed User Framed Protocol ATM 1483 User Name cpe 2 Ascend Route IP Route IP Yes Framed IP Address 3 3 3 3 Framed IP Netmask 255 255 255 248 Ascend Multicast Client Multicast Yes Ascend Multicast Rate Limit 20 Ascend Multicast Service Profile Name gold service Ascend Multicast Max Groups 2 Ascend ATM Group 52 Ascend ATM Vpi 0 Ascend ATM Vci 100 Applying a filter that restrict...

Страница 146: ...e IP2000 admin read ethernet 1 8 2 admin set filter name mcast only admin write f An alternative filter to restrict each client interface If you must use the Gigabit Ethernet interface for other applications as well as multicast video you cannot restrict the type of traffic allowed on the interface In that case you can define filters for individual multicast client interfaces to restrict the those...

Страница 147: ... see Configuring multicast client PVCs on page 8 14 The following commands apply this filter to the individual client interface for CPE 1 admin read connection cpe 1 admin set session options data filter conn input filter admin write f Sample multicast video configuration with a remote MBONE interface In this sample setup shown in Figure 8 6 the MBONE interface is configured in Stinger 2 and the m...

Страница 148: ...ions vci 100 admin set atm connect options nailed group 802 admin write f Following is a comparable RADIUS profile permconn st 2 Password pwd Service Type Outbound Framed Protocol ATM CIR User Name mcast client pvc Ascend ATM Group 155 Ascend Route IP Route IP No Ascend ATM Vpi 0 Ascend ATM Vci 35 Ascend ATM Connect Vpi 0 Ascend ATM Connect Vci 100 Ascend ATM Connect Group 802 With this connection...

Страница 149: ...pi 0 Ascend ATM Vci 100 After completing the configuration starting the IPTV client software on the multicast client interface should create the 239 100 100 4 multicast group on Stinger 2 The following command on Stinger 2 checks that the group exists admin igmp groups Group Address Members Expire time Counts 230 0 0 9 14 00 00 31 0 0 S2 Mbone 0 0 S2 The following command displays client interface...

Страница 150: ......

Страница 151: ...explicit join prune messages instead of the broadcast and prune mechanism used by PIM Dense Mode or DVMRP This implementation of PIM SM follows the current IETF drafts for PIM SM v2 draft ietf pim sm v2 new 07 txt March 2003 and candidate bootstrap router C BSR functionality draft ietf pim sm bsr 03 txt February 2003 Note Stinger units support full interoperability with RFC 2362 compliant multicas...

Страница 152: ... for PIM SM functionality PIM SM capability Support in this software version PIM SM general purpose states G state PIM join prune messages Join prune messages for the G PIM SM state Bootstrap router BSR Stinger units can be configured to act as C BSR and take part in the BSR election process If the Stinger becomes the elected BSR it sends bootstrap messages BSMs to 224 0 0 13 on its PIM enabled in...

Страница 153: ... parameter must be set to yes for PIM SM operations When you change the value to yes and write the profile the multicast subsystem reads the values in the ip global profile and initiates the forwarding function enable Enables or disables the PIM routing protocol systemwide This parameter and the multicast forwarding parameter must be set to yes to enable PIM cbsr enable Enables or disables the BSR...

Страница 154: ... 0 BSR holdtime 0 BSR Current Frag Tag 0 BSR HASH masklen 0 After the bootstrap interval has elapsed and the system has received a BSM from another router in the domain a repeat of the pim bsr command shows that the Stinger has become candidate BSR For example admin pim bsr Stinger BSR State CANDIDATE_BSR Details of CURRENT BSR BSR IP Address 1 1 1 10 BSR Interface 1 BSR Priority 110 BSR holdtime ...

Страница 155: ...SM to operate properly all routers in the domain must share the same set of group to RP mappings You can statically configure associations between groups and RPs by using the pim group rp mapping profile These static mappings provide a basic interoperability mechanism if the automatic methods of obtaining mappings should fail Each pim group rp mapping profile specifies a mapping between an RP spec...

Страница 156: ...hese messages is used in DR election on the LAN interface PIM options in the ip interface and connection profiles Following are the parameters shown with default values for enabling PIM on the Gigabit Ethernet interface The listing for trunk interface follows in IP INTERFACE shelf 1 first control module 2 0 multicast allowed no in IP INTERFACE shelf 1 first control module 2 0 pim options enable no...

Страница 157: ...N ip options pim options enable no hello interval 30 hello holdtime 105 hello priority option yes hello priority 1 join prune interval 60 join prune holdtime 210 lan delay option yes lan delay 5000 override interval 2500 Parameter Setting encapsulation protocol Set to atm for MPOA terminating connections atm1483type Method of multiplexing Layer 3 packets into ATM cells AAL5 LLC or AAL5 VC For deta...

Страница 158: ...han that of the hello interval parameter hello priority option Whether the Stinger unit will participate in DR election on this interface yes or no with a default value of yes hello priority DR election priority for the Stinger unit on the trunk interface The DR election priority is a 32 bit unsigned number contained in a hello message A router with a numerically larger priority is preferred in el...

Страница 159: ...ble yes admin set telco options nailed groups 851 admin set mp options enabled no admin set atm options vci 38 admin set atm options nailed group 851 admin write f lan delay option Whether the Stinger unit will expect propagation delay over an Ethernet interface yes or no with a default value of yes The lan delay option is not sent in hello messages on a trunk interface even if it is configured be...

Страница 160: ...pim options cbsr enable yes admin set pim options cbsr ip address 1 1 1 101 admin write f The following commands configure a PVC for multicast client CPE router in Figure 9 1 admin new connection mcast client admin set active yes admin set encapsulation protocol atm admin set ip options remote address 2 2 2 2 32 admin set ip options multicast allowed yes admin set ip options multicast rate limit 2...

Страница 161: ...face Priority Holdtime DR 1 1 1 10 1 100 105 96 No Administrative tools for PIM SM routing The pim command displays PIM related information for active PIM enabled interfaces in the system For details see PIM SM diagnostics on page A 10 The system provides SNMP MIB support for the PIM protocol as defined in draft ietf pim mib v2 01 txt the PIMv2 MIB The PIMv2 MIB is placed in the MIB tree under exp...

Страница 162: ......

Страница 163: ...ard or drop packets that match the description A route filter applies only to RIP update packets and defines routes to be excluded from the Stinger system s routing table or to be included in the routing table only after modifying the route metrics A single filter can be applied to many interfaces After you apply a filter to an interface the system monitors the data stream on that interface and de...

Страница 164: ...ilter rules For an IP filter the implicit default filter rule causes the system to drop all nonmatching packets in the specified direction For details about explicit default rules for IP filters see Explicit default filter rules on page 10 6 Overview of ip filter settings Note Only the ip filter type is supported for the IP2000 and only the parameters in the ip filter subprofile are applicable For...

Страница 165: ...lue the system compares the result to the source address in a packet See Filtering on source or destination IP addresses on page 10 4 dest address mask A mask to be applied to the dest address value before comparing that value to the destination address of a packet dest address IP address After applying the dest address mask value the system compares the result to the destination address in a pack...

Страница 166: ...ne compare the dest port number to the destination port number of the packet If they do not match as specified by the dst port cmp parameter the comparison fails If all comparisons fail the packet does not match the filter For security purposes the Stinger IP2000 does not automatically forward nonmatching packets unless the filter explicitly allows nonmatching packets to pass Filtering on source o...

Страница 167: ...commands show an illegal rule that uses the unsupported neq operator to forward packets with a source port not equal to 50 admin set input filters 1 valid entry yes admin set input filters 1 Type ip filter admin set input filters 1 forward yes admin set input filters 1 ip filter protocol 17 admin set input filters 1 ip filter Src Port Cmp neq admin set input filters 1 ip filter source port 50 If t...

Страница 168: ...tain direction input or output For details see Sample filter using a generic explicit default rule on page 10 7 If a filter specifies more than one explicit default rule in the same direction only the first one is taken into account Sample filter with no explicit default rule When you do not define an explicit default rule the system uses the implicit default which discards all packets that do not...

Страница 169: ...t filters 2 forward yes admin set input filters 2 Type ip filter admin write f Sample filter using a generic explicit default rule To define an explicit default rule that affects all packets that do not match the filter rules in a certain direction set the Type value to generic filter If the explicit default filter rule is of type ip filter ARP packets and other non IP packets will not be affected...

Страница 170: ...he route filter subprofile contains the following parameters The parameters are shown with their default values for input filters The same values apply for output filter specifications in FILTER input filters n type route filter in FILTER input filters n route filter source address mask 0 0 0 0 source address 0 0 0 0 route mask 0 0 0 0 route address 0 0 0 0 add metric 0 action none If you set the ...

Страница 171: ...input 1 type ip filter admin set input 1 ip filter source address mask 255 255 255 192 admin set input 1 ip filter source address 192 100 50 128 The next set of commands creates input filter 2 which drops packets with a source address equal to the loopback address 127 0 0 0 admin set input 2 valid yes admin set input 2 type ip filter admin set input 2 ip filter source address mask 255 0 0 0 admin ...

Страница 172: ...her hosts on the local network However many local IP hosts need to access the Internet and use IP based applications such as telnet or ftp so their response packets need to be directed appropriately to the originating host In this example the Web server s IP address is 192 9 250 5 The filter will be applied in connection profiles as a data filter The following commands create the first input filte...

Страница 173: ...put 3 ip filter dst port cmp gtr admin set input 3 ip filter dest port 1023 The following commands create the fourth input filter This filter uses all default values which allows unrestricted use of ping and traceroute Unlike TCP and UDP ICMP does not use ports so a port comparison is unnecessary admin set input 4 valid yes admin set input 4 forward yes admin set input 4 type ip filter admin write...

Страница 174: ...metrics written Applying a filter to IP interfaces This section describes how to apply an IP filter to a PVC that terminates on the IP2000 and to the module s Ethernet interfaces Settings in connection and ethernet profiles To apply a filter to an IP interface for a CPE device set the following parameters shown with their default settings in CONNECTION session options data filter in CONNECTION ip ...

Страница 175: ...ter profile Note Use caution when applying a filter to the Ethernet interface You could inadvertently render the Stinger IP2000 inaccessible from the LAN The following set of commands applies a filter to the IP2000 Gigabit Ethernet interface admin read ethernet 1 8 2 admin set filter name ip filter1 admin write f Administrative tools for filters If you have access to the debug environment you can ...

Страница 176: ...output shows that no filters are applied to session 23 admin filterdisp 23 Hostname pvc5 No associated filters The following sample output shows filters applied to an externally authenticated session admin filterdisp 17 Hostname edleung searching for external filters Externally obtained filters exist Data Filter Direction Out Forward yes Type IP Filter protocol 0 source address mask 0 0 0 255 sour...

Страница 177: ...g debug level commands which are not documented in the Stinger Reference and are not supported diag igmpsp diag igmp brtbls ifmgr diag brtbl sar agrm Caution Debug level commands can be used to display low level details about IP2000 operations However they are introduced into the system for development purposes and are not part of the supported software environment Use debug level commands with ca...

Страница 178: ...ebug commands are not required for monitoring Stinger operations and under some circumstances these commands might produce undesirable results Use the information with caution Contact Lucent OnLine Customer Support at http www lucent com support with questions or concerns Gigabit Ethernet diagnostics The gmac command provides diagnostic output about the Gigabit Ethernet media access controller GMA...

Страница 179: ...IP2000 controller For details about the gmac d output fields see the descriptions of MIB objects in Total transmit statistics on page A 24 and Total receive statistics on page A 26 For example the following command displays the current GMAC statistics admin gmac d Gigabit Ethernet port statistics txOctetsLow 1040 txOctetsHigh 0 txGoodPackets 4 l i e d p Loopback l i Set port for internal loopback ...

Страница 180: ... 0 rxCrcErrors 0 rxUnderSize 0 rxOverSize 0 rxAlmostFull 0 rxOverRun 0 rxMulticastPackets 1896 rxBroadcastPackets 46 rxJabber 0 rxPfc 0 rxRfc 0 IGMP diagnostics The igmp command provides information about IGMP multicast operations The profile argument has been added to support mcast service profiles The diag igmpsp and diag igmp commands are available only in the debug environment See Enabling the...

Страница 181: ...ddresses and interfaces slots Display multicast enable slots profile Display multicast profiles mbone Display multicast backbones delete grp_addr if_num With the delete option alone delete all currently registered multicast groups and their members If a group address is specified delete all members of that group If a group address and interface number are specified delete that member of the specif...

Страница 182: ...ent Slots Shelf Slot Group SendCount 1 8 230 0 0 9 0 1 5 230 0 0 9 0 1 2 230 0 0 9 0 The output contains the following fields Field Description Group address Multicast address used for the group An asterisk indicates the IP multicast address being monitored If a group has no members the system forwards multicast traffic for the group to the MBONE interface the default route MemberIf Interface ID o...

Страница 183: ... MBONE interface admin igmp mbone Mbone is currently Slot 1 8 ifNum 1 Example The igmp delete command deletes the specified registered multicast group and its clients admin igmp delete 226 1 1 2 Field Description Shelf Slot Shelf and slot card the MBONE connection is on Group Interface number of connection SendCount Number of packets sent across the interface Field Description Service Name Name of...

Страница 184: ... Type MCAST_FILTER_EXCLUSIVE Filter List 239 100 100 4 The mcast service profile named bronze service has been applied to a connection profile that uses the first port of an ADSL LIM in slot 6 and the profile named gold service has been applied to a connection on the second port of that LIM The following commands open a session with the ADSL LIM and display diagnostics on the service profiles supe...

Страница 185: ... 4 in EXCLUSIVE filter list The next output indicates that the system accepted the message received from a client on the second LIM interface mcastJoinFilterVerify Received CLASS D address 239 100 100 4 in report _profileNameCompare Compare gold ser with gold ser mcastJoinFilterVerify gold ser is multicast service profile for term 6 2 connection The following output indicates that the system accep...

Страница 186: ...splays information about all multicast groups For example admin pim groups Group Addr RP Source Addr upJPTimer Tree Rpt Spt 223 1 1 1 192 168 101 1 40 RPT 224 4 4 4 10 10 10 10 70 RPT Command element Description groups Displays information about multicast groups rp Displays group RP mappings nbr Displays information about PIM neighbor routers if ifnum Displays PIM interface statistics bsr Displays...

Страница 187: ...ger unit For example admin pim nbr Neighbor Interface Priority Holdtime DR 1 1 101 2 2 2 100 YES Fields in the command output have the following meaning Output field pim rp Description Group The IP multicast group address and group mask for which this entry contains information about the C RP RP Address IP address of the C RP RPF neighbor IP address of the Reverse Path Forwarding RPF neighbor rout...

Страница 188: ...DR on the interface The other fields in pim if command output correspond to the pim options configuration for the interface as described in PIM options in the ip interface and connection profiles on page 9 6 Example The pim bsr command shows information about candidate BSRs within the domain if the Stinger is acting as candidate BSR otherwise it shows information about the elected BSR For example ...

Страница 189: ...gr diag brtbls and vlanstats commands are available only in the debug environment See Enabling the debug environment on page A 2 for related information brtbls Description The brtbls command supports diagnostics related to VLAN bridge circuits Permission level debug Output field pim bsr Description Stinger BSR State State of the system relevant to BSR election If C BSR is not enabled in the ip glo...

Страница 190: ...lay and marks an interface as enabled or disabled You can enter this command only from the control module Permission level debug Usage ifmgr options Example The ifmgr d command displays the interface table super ifmgr d bif slot sif u m p ifname host name remote addr local addr Command element Description c Show all bridge circuits i n Show interfaces on bridge circuit n p ifnum Show partner infor...

Страница 191: ...ation about the Gigabit Ethernet interface Command element Description bif Bundle interface number There is one interface number per bundle including Multilink Protocol Plus MP connections This number is the global interface table number slot Shelf and slot to which the interface is assigned sif Slot interface u Whether the interface is enabled or disabled m The interface is part of an Multilink P...

Страница 192: ... 0x801b61a0 mtu 1500 ip_addr 201 168 53 123 dstip_addr 0 0 0 0 netmask 255 255 255 0 net 201 168 53 0 subnet 201 168 53 0 bcast 201 168 53 255 nbcast 201 168 53 255 directed bcast yes management only no macaddr 00c07b65d579 inp_qcnt 0 out_qcnt 0 nexthop 0 0 0 0 proxy_arp_mode 0 proxy_arp_head 0 vRouterID 0 if_redirServer 0 0 0 0 if_redirPort 0 if_redirPort 0 ATMP tunnel DISABLED No associated conn...

Страница 193: ...ptions of MIB objects in Virtual LAN VLAN statistics tables on page A 28 Permission level debug Usage vlanstats c shelf slot item vlan id Example The following command displays statistics about VLAN 1 on the first controller s GigE interface admin vlanstats 1 8 2 1 rxOctetsHigh 0 rxOctetsLow 0 rxFrames 0 rxUnicastFrames 0 rxMulticastFrames 0 rxBroadcastFrames 0 txOctetsHigh 0 txOctetsLow 0 txFrame...

Страница 194: ...AR now dumping the contents of all transmitted packets admin ping c 1 20 1 2 10 PING 20 1 2 10 20 1 2 10 56 data bytes tx 1 61 d a1d46b00 packet len 102 TX packet task _brouterPacketTask at 0x81697c40 time 8907 26 102 octets 0xa1d46b00 0000 01 20 01 02 03 04 00 d0 52 01 02 04 81 00 00 64 R d Command element Description b Show free transmission buffer list c Clear SAR statistics i Reset the SAR des...

Страница 195: ...nt Description sta options Dump statistics conn slot ifnum Dump connections rt slot ifnum rt vrouter f Dump routing entries If a virtual router name is specified on the command line the command displays only the table of the virtual router If no virtual router name is specified the command displays the tables for all virtual routers arp vrouter Dump ARP entries If a virtual router name is specifie...

Страница 196: ...ee information Without the f option the command displays a shorter form of the local or virtual router interface routes For example admin agrm rt f Local If Routes dest gateway if did needArp 0 0 0 0 0 134 112 26 1 0 0 N Type Learn Tree Act Value Pattern LOC Y 3074 0 000F423F 0 32 00000000 00000000 20 20 7 0 24 20 20 7 20 16 0 N Type Learn Tree Act Value Pattern LOC Y 3074 0 000F423F 24 8 00141407...

Страница 197: ... 9 32 0 0 0 0 6 0 N Type Learn Tree Act Value Pattern LOC Y 3074 0 000F423F 32 0 E0000009 00000000 255 255 255 255 32 0 0 0 0 0 0 N Type Learn Tree Act Value Pattern LOC Y 3074 0 000F423F 32 0 FFFFFFFF 00000000 Route Table dest gateway if did needArp 10 10 7 0 24 10 10 7 10 12 511 N 10 10 7 10 32 10 10 7 10 12 511 N 30 30 7 0 24 30 30 7 30 11 506 N 30 30 7 30 32 30 30 7 30 11 506 N admin agrm rt v...

Страница 198: ...0 20 7 20 wan25 000511 N 20 20 7 20 32 20 20 7 20 wan25 000511 N 202 168 53 151 32 202 168 53 151 ie1 000512 N Example The following agrm ifstat command displays statistics for interface 1 super agrm ifstat d 1 Statistics for IF 1 Byte received 0 Unicast packet received 0 Input Packet discarded 0 Input errored packet 0 Input unknown protocol 0 Bytes transmitted 0 Unicast packet sent 0 Output packe...

Страница 199: ...ace by using the debug level vlanstats command History maintained at 15 minute intervals The system maintains a history of the following fields by averaging them at fixed 15 minute intervals for the last 24 hours 96 intervals Tx and Rx octets transmit and receive traffic streams Multicast traffic receive side only Unicast traffic transmit and receive traffic streams Broadcast traffic receive side ...

Страница 200: ...able MIB objects MIB object Description gigEValidIntervals The number of previous intervals for which data was collected The value will be 96 unless the interface was brought online within the last 24 hours in which case the value will be the number of complete 15 minute near end intervals since the interface has been online gigELastInitTime System time when the GigE port was last initialized The ...

Страница 201: ...mitted packets from 512 to 1023 bytes in length gigETxTotalPkt1024ToMax Total count of transmitted packets from 1024 bytes up to the MAX bytes in length 1536 for non jumbo packets and 9728 for jumbo packets a gigETxTotalPktDefer Total count of packets that were deferred because the interframe gap was in excess of 96 bits when a packet was available for transmission The IFG is a delay between code ...

Страница 202: ...nsmit FIFO gigETxTotalAlmostFull Total number of packets in which the transmit FIFO Almost Full flag was set a Jumbo packets are not currently supported on the Gigabit Ethernet interface of the IP2000 controller Table A 3 GigETxTotalTable MIB objects Continued MIB object Description Table A 4 GigERxIntervalTable MIB objects MIB object Description gigERxIntervalNumber A number between 1 and 96 wher...

Страница 203: ...tes in length 1536 for non jumbo packets and 9728 for jumbo packets a gigERxTotalMacType Total count of MAC Type packets received gigERxTotalCrcErrors Total count of packets received that failed CRC gigERxTotalUnderSize Total count of packets that were less than 64 bytes in length gigERxTotalOverSize Total count of packets received that were greater than the MAX bytes in length 1536 for non jumbo ...

Страница 204: ... controller Table A 5 GigERxTotalTable MIB objects Continued MIB object Description Table A 6 GigEVlanStatTable MIB objects MIB object Description gigEVlanId VLAN ID Identifies a specific VLAN on the GigE interface of the IP2000 gigEVlanRxOctetsLow Receive Frame Byte Counter Low Double Word gigEVlanRxOctetsHigh Receive Frame Byte Counter High Double Word gigEVlanRxGoodFrames Receive frame counter ...

Страница 205: ...erface for this VLAN gigEVlanTxUnicastFrames Unicast transmit frame counter Indicates the total number of unicast frames transmitted for this VLAN gigEVlanTxMulticastFrames Multicast transmit frame counter Indicates the total number of multicast frames transmitted for this VLAN gigEVlanTxBroadcastFrames Broadcast transmit frame counter Indicates the total number of broadcast frames transmitted for...

Страница 206: ...nID 2 on 1 pimInterfaceJoinPruneHoldtime 2 210 seconds The following snmpwalk command displays information from the pimNeighborTable snmpwalk m all O 50 50 50 5 public experimental pimMIB pimMIBObjects pim pimNeighborTable pimNeighborIfIndex 167837953 1 pimNeighborExpiryTime 167837953 Timeticks 98 0 00 00 98 pimNeighborMode 167837953 sparse 2 pimNeighborLanPruneDelay 167837953 0 pimNeighborOverrid...

Страница 207: ...0 00 00 56 pimRPSetExpiryTime 1 1514 65535 50397441 Timeticks 56 0 00 00 56 pimRPSetExpiryTime 1 1770 65535 50397441 Timeticks 56 0 00 00 56 Following is sample output of an snmpwalk on pimComponentTable snmpwalk m all O s 50 50 50 5 public experimental pimMIB pimMIBObjects pim pimComponentTable pimComponentBSRAddress 1 IpAddress 1 1 1 101 pimComponentBSRExpiryTime 1 Timeticks 45 0 00 00 45 pimCom...

Страница 208: ......

Страница 209: ...PAP 7 3 auto negotiation 2 3 B backup designated router BDR 6 2 6 3 bandwidth allocation where documented xv base 3 1 bidirectional CHAP 7 7 BIR described 4 38 host route BIR 32 example 4 40 interface configuration 4 38 bir options 4 38 BOOTP relay See DHCP relay bootp relay 4 25 bootp servers 4 26 bridge circuits VLAN 3 2 bridged IP routing BIR See BIR bridging groups 3 2 bridging enabled 2 2 bri...

Страница 210: ...e 1 3 ethernet 2 1 3 5 Ethernet interfaces 1 and 2 2 1 F fabric specifications 1 3 fiber GigE 1 3 filter 10 2 filters changing a route s metric 10 12 checking status in system 10 13 comparison passes in system 10 4 IP filter configuration 10 2 multicast groups and services 8 8 RIP packets 10 8 samples for multicast video traffic 8 15 specific routes filtering 10 11 unsupported fields 10 1 G gatewa...

Страница 211: ...VCs 4 32 IP2000 DHCP relay for CPE clients 4 26 Ethernet interfaces 1 and 2 2 1 Gigabit Ethernet redundancy 2 6 model numbers 1 1 redundant controllers 2 6 services overview 1 4 statistics A 23 VLAN implementation 3 1 IP2000 proprietary CoS overview 1 5 priority queueing 1 6 specifications 1 2 IP2000 specifications hardware 1 3 software capabilities 1 2 ipcache 4 43 ip filter 10 2 ip global 4 9 ip...

Страница 212: ...gnated router DR 6 3 MD5 authentication RFC 2178 6 2 neighbors 6 2 normal areas 6 6 not so stubby areas 6 6 route options configuring 6 16 routing information 6 2 summarized pool importing as an ASE 6 16 VLSM support 6 2 ospf 6 9 ospf nmba neighbor 6 14 ospf options 6 14 P packet prioritization 1 6 Password Authentication Protocol PAP 7 3 per VC queueing 1 5 pim A 10 pim group rp mapping 9 5 pim o...

Страница 213: ...words for PPP sessions 7 3 services 1 4 SNMP limitations for virtual routers 5 2 packets number queued 4 12 soft IP interface configuration 4 8 software specifications 1 2 specifications 1 2 split horizon RIP policy 4 11 static routes assigning a cost OSPF example 6 19 OSPF configuring 6 17 subnet 4 30 summarized pools to 4 19 virtual router defining for 5 8 statistics GigE interface A 23 performa...

Страница 214: ...ridging groups 3 2 diagnostics A 13 A 18 Gigabit Ethernet redundancy 2 7 Gigabit Ethernet side of bridge circuit 3 5 LIM interface side of bridge circuit 3 6 management VLAN interface 3 7 multicast forwarding on 8 6 number of VLAN IDs supported 3 1 overview 3 1 statistics A 28 tags added to Ethernet frame headers 3 1 vlan ethernet 3 3 voice services 1 4 W WAN OSPF interfaces authentication 6 2 con...

Отзывы:

Нет отзывов

Похожие инструкции для Stinger IP2000

Бренд: Rayrun Страницы: 2

Бренд: IDenticard Страницы: 2

Бренд: 3Ware Страницы: 2

Бренд: Madas Страницы: 6

Бренд: Madas Страницы: 11

Бренд: Lawler Страницы: 5

Бренд: T&S Страницы: 5

Бренд: L-Acoustics Страницы: 20

Бренд: Daihan Scientific Страницы: 11

Бренд: JASTEC Страницы: 18

Бренд: EFI Страницы: 127

Бренд: maxxess Страницы: 11

Бренд: SOLARJACK Страницы: 14

Бренд: Burkert Страницы: 15

Бренд: Vaniman Страницы: 2

Бренд: Balboa Страницы: 2

Keystation 61es

Бренд: M-Audio Страницы: 15

Home Easy HE-414

Бренд: Byron Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды