manualshive.com logo in svg

RuggedCom RuggedBackbone RX1500, Руководство пользователя

RuggedCom RuggedBackbone RX1500 - надежное и мощное решение для сетевой связи в экстремальных условиях. Для подробной настройки и использования, загрузите бесплатное руководство пользователя на manualshive.com. Получите доступ к полной информации о продукте, чтобы максимизировать его потенциал.

Поделиться
Скачать
background image

38. Firewall

ROX™ v2.2 User Guide

442

RuggedBackbone™ RX1500

38.3.6. Rules

The default policies can completely configure traffic based upon zones. But the default policies cannot
take into account criteria such as the type of protocol, IP source/destination addresses and the need to
perform special actions such as port forwarding. The firewall rules can accomplish this.

The  ROX™  firewall  rules  provide  exceptions  to  the  default  policies.  In  actuality,  when  a  connection
request arrives, the rules file is inspected first. If no match is found then the default policy is applied.
Rules are of the form:

Action  Source-Zone  Destination-Zone  Protocol  Destination-Port  Source-Port  Original-Destination-IP
Rate-Limit User-Group

Actions are ACCEPT, DROP, REJECT, DNAT, DNAT-, REDIRECT, REDIRECT-, CONTINUE, LOG
and  QUEUE.  The  DNAT-,  REDIRECT-,  CONTINUE,  LOG  and  QUEUE  actions  are  not  widely  used
used and are not described here.

Action

Description

ACCEPT

Allow the connection request to proceed.

DROP

The connection request is simply ignored. No notification is made to the requesting client.

REJECT

The connection request is rejected with an RST (TCP) or an ICMP destination-unreachable packet being
returned to the client.

DNAT

Forward the request to another system (and optionally another port).

REDIRECT

Redirect the request to a local tcp port number on the local firewall. This is most often used to “remap”
port numbers for services on the firewall itself.

Table 38.7. 

The remaining fields of a rule are as described below:

Rule Field

Description

Action

The action as described in the previous table.

Source-Zone

The zone the connection originated from.

Destination-Zone

The zone the connection is destined for.

Protocol

The tcp or udp protocol type.

Destination-Port

The tcp/udp port the connection is destined for.

Source-Port

The tcp/udp port the connection originated from.

Original-Destination-IP

The destination IP address in the connection request as it was received by the firewall.

Rate-Limit

A specification which allows the rate at which connections are made to be limited.

Table 38.8. 

Some examples will illustrate the power of the rules file:

Rule

Action

Source-Zone

Destination-Zone

Protocol Dest-Port

Source-
Port

Original-Destination-IP

1

ACCEPT

net:204.18.45.0/24

fw

2

DNAT

net

loc:192.168.1.3

tcp

ssh, http

3

DNAT

net:204.18.45.0/24

loc:192.168.1.3

tcp

http

-

130.252.100.69

4

ACCEPT

fw

net

icmp

5

ACCEPT

net:204.18.45.0/24

fw

icmp

8

Table 38.9. 

1.

This rule accepts traffic to the firewall itself from the 204.18.45.0/24 subnet. If the default policy is to
drop all requests from net to the firewall, this rule will only accept traffic from the authorized subnet.

2.

This rule forwards all ssh and http connection requests from the Internet to local system 192.168.1.3.

Содержание RuggedBackbone RX1500

Страница 1: ...v2 2 Web Interface User Guide For RuggedBackbone RX1500 November 24 2011...

Страница 2: ...ments We reserve the right to make technical improvements without notice Registered Trademarks RuggedServer RuggedWireless RuggedCom Discovery Protocol RCDP RuggedExplorer Enhanced Rapid Spanning Tree...

Страница 3: ...6 1 Uses 50 2 6 2 ROXflash Configuration 50 2 7 Scheduling Jobs 52 2 8 The Featurekey 55 2 8 1 Overview 55 2 8 2 Upgrading Feature Levels in the field 55 2 8 3 When a File based featurekey does not Ma...

Страница 4: ...or Non switched Interfaces 87 6 Alarms 89 6 1 Introduction 89 6 1 1 Alarm Subsystems 89 6 1 2 Fail Relay Behavior 89 6 1 3 Alarm LED Behavior 89 6 1 4 Clearing and Acknowledging Alarms 89 6 2 Alarm Co...

Страница 5: ...144 15 2 4 DHCP Shared Networks 145 15 2 5 DHCP Hosts 145 15 2 6 DHCP Host groups 146 15 2 7 Viewing Active DHCP Leases 146 15 2 8 DHCP Options 147 15 2 9 Custom DHCP Options 152 15 2 10 Hardware Conf...

Страница 6: ...ration 225 22 2 1 Assigning Protocols 225 22 2 2 Setting Rawsockets 228 22 2 3 Setting TcpModbus 229 22 2 4 Setting DNP 231 22 3 Serial Protocol Statistics 232 22 3 1 Transport Connections 234 22 4 Re...

Страница 7: ...d Multipoint Links 301 28 1 4 Path and Port Costs 301 28 1 5 Bridge Diameter 302 28 2 MSTP Operation 302 28 2 1 MST Regions and Interoperability 303 28 2 2 MSTP Bridge and Port Roles 304 28 2 3 Benefi...

Страница 8: ...at is a Layer 3 Switch 356 32 1 2 Layer 3 Switch Forwarding table 356 32 1 3 Static Layer 3 Switching Rules 357 32 1 4 Dynamic Learning of Layer 3 Switching Rules 357 32 1 5 Layer 3 Switch ARP table 3...

Страница 9: ...38 1 3 Network Address Translation 437 38 1 4 Port Forwarding 438 38 2 Firewall Quick Setup 438 38 3 Firewall Terminology And Concepts 439 38 3 1 Zones 439 38 3 2 Interfaces 439 38 3 3 Hosts 440 38 3...

Страница 10: ...hing The Upgrade 492 A 3 Monitoring The Software Upgrade 493 B RADIUS Server Configuration 497 B 1 PPP CHAP and Windows IAS 497 C Setting Up An Upgrade Server 498 C 1 Upgrade Server Requirements 498 C...

Страница 11: ...ROX ROX v2 2 User Guide 11 RuggedBackbone RX1500 E 2 11 Section 10 505 E 2 12 NO WARRANTY Section 11 506 E 2 13 Section 12 506 E 3 How to Apply These Terms to Your New Programs 506...

Страница 12: ...Administration form 39 2 10 Hostname form 39 2 11 Timezone form 40 2 12 Setting the Timezone Form in Edit Private Mode 40 2 13 Current System Time form 40 2 14 CLI Sessions form 41 2 15 Idle timeout f...

Страница 13: ...ble 76 4 6 Routable Interfaces form 76 4 7 Addresses table 76 4 8 Addresses form 76 5 1 Neighbor Discovery form 79 5 2 Neighbor Discovery IPv6 Prefix 80 5 3 Neighbor Discovery IPv6 Prefix forms 80 5 4...

Страница 14: ...ble 114 9 17 Key Settings form 114 9 18 SNMP Security Model to Group Mapping form 114 9 19 SNMP Group Access Configuration table 115 9 20 Key Settings form 115 9 21 SNMP Group Access Configuration for...

Страница 15: ...Shared Networks 148 15 13 Client Configuration form for Hosts 149 15 14 Client Configuration form for Host groups 149 15 15 Client Configuration form for DHCP Clients 150 15 16 NIS Configuration form...

Страница 16: ...atistics Form 184 18 5 Transmit Statistics Form 184 19 1 Virtual switch with multiple interfaces 187 19 2 Adding a Virtual Switch 188 19 3 Interface Virtualswitch menu 188 19 4 Virtualswitch table 188...

Страница 17: ...Interfaces form 216 21 26 HSPA PPP Interfaces Statistics form 216 22 1 6S01 Serial Module RJ45 Connector LEDs 218 22 2 Sources of Delay and Error in an End to End Exchange 222 22 3 Serial Protocols m...

Страница 18: ...form 256 23 31 T1E1 Statistics form 256 23 32 Frame Relay Errors Packets Statistics form 258 23 33 Frame Relay Controlling Packets Statistics form 259 23 34 Frame Relay Receiving Statistics form 260...

Страница 19: ...s form 296 27 7 Static MAC Address Parameters table 296 27 8 Purge MAC Address menu 297 27 9 Purge MAC Address Table form 297 28 1 Bridge and Port States 299 28 2 Bridge and Port Roles 300 28 3 Exampl...

Страница 20: ...348 30 6 LLDP Port Statistics table 349 30 7 LLDP Port Statistics form 349 30 8 LLDP Neighbors table 350 30 9 LLDP Neighbors form 351 30 10 LLDP submenu 351 30 11 LLDP form 352 31 1 Three interfaces...

Страница 21: ...388 33 36 L2 Ethernet Type table 388 33 37 Goose Tunnel Statistics table 388 33 38 Goose Tunnel Statistics form 389 33 39 Connections Statistics table 390 33 40 Connections Statistics form 390 33 41...

Страница 22: ...work Table 426 36 11 Reach Table 426 36 12 Router Table 427 36 13 Area Table 427 36 14 Net Table 427 36 15 Summary Table 428 36 16 ASBR Summary Table 429 36 17 AS External Table 429 36 18 Neighbor Tab...

Страница 23: ...ies table 462 39 7 Priorities form 462 39 8 Enabling Advanced configuration Mode 464 39 9 Advanced Traffic Control Classes table 465 39 10 TC Classes form 465 39 11 Options form 467 39 12 Advanced Tra...

Страница 24: ...2 Entry Fields in Upgrade Settings Form 492 A 3 Pending Commit 492 A 4 Commit Succeeded 492 A 5 Launch Upgrade 493 A 6 Upgrade Launched Dialogs 493 A 7 Software Upgrade Menu 493 A 8 Upgrade Monitorin...

Страница 25: ...d overall management of the hardware chassis and operating system including access control logging networking configuration and time synchronization Part II Network Interfaces and Ethernet Bridging Pa...

Страница 26: ...onfiguration Chapter 4 Basic Network Configuration Advanced Networking Configuration Chapter 5 IP Network Interfaces Alarms Chapter 6 Alarms Domain Name Search Chapter 7 Domain Name Search Logging Cha...

Страница 27: ...e Name Location IP Address Mask fe cm 1 Front panel interface 192 168 1 2 24 All other Ethernet ports LM and SM cards 192 168 0 2 24 Table 1 1 Default IP Address Configuration In order to connect to t...

Страница 28: ...k on the Login button The switch is shipped with a default administrator password admin If authentication is successful the main menu is presented 1 2 The Structure Of The Web Interface The system con...

Страница 29: ...nfiguration editing mode where after committing your changes you can specify a timeout period to test the changes At the end of the timeout period your changes to revert back to the original settings...

Страница 30: ...feature keys elan certificates ipsec certificates ca certificates crl certificates log files and rollback files from the system to your workstation From the Choose file type list select the type of f...

Страница 31: ...test results tunnel The tunnel menu is used for configuring IP tunnels using IPsec Layer 2 tunnelling functions and Generic Routing Encapsulation GRE ip The ip menu is used for configuring the ROX sys...

Страница 32: ...clicked displays context sensitive information about the corresponding data field A red asterisk appears beside fields that are mandatory for configuration when in Edit Private mode Note the red aste...

Страница 33: ...hassis Hardware table is indexed by slot name with the slot name being the key and a DNS Server table is indexed by IP address with the IP address being the key Key information can be added using the...

Страница 34: ...on in a Table The information entered in the key settings form will now appear in the table Note that the table appears on the server screen while the key settings form appears on the address screen w...

Страница 35: ...ttings form 1 3 2 Viewing More Information in Tables Occasionally a table may have more entries that are not visible in the initial view If you encounter a table that has a line of linked text at the...

Страница 36: ...2 User Guide 36 RuggedBackbone RX1500 Figure 1 9 First Table of Information Figure 1 10 Second Table of Information The second table of information shows the balance of the entries and contains a lin...

Страница 37: ...d passwords software versions upgraded and netconf As well you can link directly from the Admin menu to commands called actions see below that will clear or acknowledge all alarms shut down or reboot...

Страница 38: ...he reboot menu action and then click the Perform button on the Reboot the Device form Figure 2 6 Set New Time and Date form The Set New Time and Date form configures the current time and date settings...

Страница 39: ...nopsis A string Default System Name An administratively assigned name for this managed node By convention this is the node s fully qualified domain name If the name is unknown the value is the zero le...

Страница 40: ...rm to the POSIX style and have their signs reversed from common usage In POSIX style zones west of GMT have a positive sign zones east of GMT have a negative sign Timezone Synopsis string Selects the...

Страница 41: ...ures on the device Listen IP Synopsis IPv4 address in dotted decimal notation Synopsis IPv6 address in colon separated hexadecimal notation Default 0 0 0 0 The IP Address the CLI will listen on for CL...

Страница 42: ...I Figure 2 15 Idle timeout field Clicking on the Idle timeout field on the CLI Sessions form allows you to choose a value for this field The default value is PT30M which stands for Precision Time 30 M...

Страница 43: ...ecimal notation Default 0 0 0 0 The IP Address the SFTP will listen on for SFTP requests default 0 0 0 0 Listen Port Synopsis unsigned short integer Default 2222 The port the SFTP will listen on for S...

Страница 44: ...ecimal notation Default 0 0 0 0 The IP Address the CLI will listen on for WebUI requests default 0 0 0 0 Listen Port Synopsis unsigned short integer Default 443 The port on which the WebUI listens for...

Страница 45: ...the time when an inactive session expires or times out Only integer values corresponding to the following fields can be entered Year Month Day Hour Min Sec or Ms The example above shows the default va...

Страница 46: ...me Synopsis string User Name password Synopsis A string User Password role Synopsis string one of the following keywords guest operator administrator Default guest User Role Figure 2 23 Users Screen i...

Страница 47: ...ition Completed upgrades can be declined before the next reboot If major system failures are detected upon booting the upgraded partition the system will automatically roll back to the previous partit...

Страница 48: ...packages Copying filesystem Estimating upgrade size Inactive The current phase or state of the upgrade It is one of Estimating upgrade size Copying filesystem Downloading packages Installing packages...

Страница 49: ...Launch Upgrade form Note that the server URL and version name information must be entered in the Upgrade Settings form prior to launching the upgrade For detailed step by step instructions on how to...

Страница 50: ...ftware on the new unit Use ROXflash only to install earlier versions of the ROX software Software upgrades to later versions should be performed using the Software Upgrade function Table 2 1 Differenc...

Страница 51: ...tion Downloading image Inactive The current phase or state of the ROXflash operation It is always one of Inactive Downloading image Imaging partition Unknown state Completed successfully or Failed The...

Страница 52: ...ler menu There are two types of scheduled jobs periodic jobs launch at a defined interval Set the interval in the Minute Hour Day of Month and Month parameters Use the Day of Week parameter to launch...

Страница 53: ...launch the scheduled job periodic the job launches at a set date and time configchange the job launches when the configuration changes Minute Synopsis A string Default For periodic jobs sets the minut...

Страница 54: ...list For example to launch the job on the first fifteenth and thirtieth days of the month enter 10 15 30 To specify a range of values enter the range as comma separated values For example to launch t...

Страница 55: ...aturekey resides on the device s compact flash card ROX evaluates both the device featurekey and the file based featurekey and then enables the most capable feature level described by the keys When us...

Страница 56: ...n appears Figure 2 37 CLI in the ROX Web Interface 3 At the Operational mode command line prompt type show chassis and press Enter Chassis information appears ruggedcom show chassis chassis chassis st...

Страница 57: ...Command Line Interface To upload the file to your device you will need to know the following information the featurekey filename a user name and password to log in to the computer where you saved the...

Страница 58: ...e of the featurekey file For example file show featurekey 1_cmRX1K 12 11 0015 key 6 Type the command with your featurekey filename and press Enter The system displays the contents of the featurekey fi...

Страница 59: ...formation on backing up files see Section 2 9 2 Backing Up Files 2 9 Installing and Backing Up Files You can install and back up files using the following forms found under the admin menu Figure 2 40...

Страница 60: ...e and enter a URL On the Install Files To Devices form click the Perform button 2 9 2 Backing Up Files To back up a file click on backup files The Backup Files forms appear Figure 2 42 Backup Files fo...

Страница 61: ...log files click the Perform button on the Delete Log Files form This form is accessible at admin delete logs Figure 2 44 Delete Log Files form 2 11 Saving Full Configurations Save full configurations...

Страница 62: ...button in the Saving Full Configuration form 2 12 Loading Full Configurations Load full configurations to a file using the forms below These forms are accessible at admin load full configuration Figur...

Страница 63: ...n 1 You will generally configure lower stratum NTP hosts as servers and other NTP hosts at the same stratum as peers If all your configured servers fail a configured peer will help in providing the NT...

Страница 64: ...NTP Server Restrictions configure an NTP server using Multicast or Broadcast See Section 3 2 7 Configuring an NTP Server using Multicast or Broadcast configure an NTP client using Multicast See Secti...

Страница 65: ...form Enable Enables the local clock Stratum Synopsis unsigned byte integer Default 10 The stratum number of the local clock 3 2 4 Configuring NTP Servers ROX can periodically refer to an NTP server t...

Страница 66: ...eers are NTP servers of the same stratum as the router and are useful when contact is lost with the hosts in the NTP servers menu Minpoll Synopsis unsigned byte integer Default 6 Minimum poll interval...

Страница 67: ...TP Servers and NTP Broadcast Multicast Servers forms To add a server key In edit mode navigate to services time ntp key and click Add key On the Key settings form enter an identifier for the key and c...

Страница 68: ...ver Restrictions form set the restriction parameters Commit the changes Figure 3 8 Server Restrictions form Flags Synopsis string one of the following keywords version ntpport notrust notrap noserve n...

Страница 69: ...thentication be used and that a server key be set with the broadcast multicast setting For instructions on how to create server keys see Section 3 2 5 Adding Server Keys To set a multicast broadcast a...

Страница 70: ...ddress Synopsis IPv4 address in dotted decimal notation Synopsis IPv6 address in colon separated hexadecimal notation Synopsis Domain name RFC 1034 Default 224 0 1 1 The multicast address on which the...

Страница 71: ...Status To view the NTP service status In normal or edit mode navigate to services time ntp ntp status and click ntp status On the Trigger Action form click Perform Review the NTP service status in th...

Страница 72: ...lowing internet interfaces configured by default dummy0 fe cm 1 and switch 0001 The default IP addresses for fe cm 1 and switch 0001 are configured under the ipv4 submenu switch 0001 is the VLAN inter...

Страница 73: ...an existing IP address click the delete icon 4 Click Add address The Key settings form appears 5 In the IPaddress field type the new IP address 6 Click Commit 7 Click Exit Transaction To create addit...

Страница 74: ...elated to the Firewall and IP NAT that might be necessary before connecting the unit to the INTERNET see Chapter 38 Firewall For information on adding VLAN interfaces to Switched Ports Ethernet Ports...

Страница 75: ...mple IPv6 Network Setup 1 Connect a user PC to Fast Ethernet port fe cm 1 of the RX1500 and configure the PC to be on the same subnet as the port 2 Configure the S PC with IPv6 address FDD1 9AEF 3DE4...

Страница 76: ...Bandwidth kbps Synopsis unsigned long integer This value is used in auto cost calculations for this routable logical interface in kbps Figure 4 7 Addresses table The path to the Addresses table is ip...

Страница 77: ...its of an IPv6 address and the address is not routable The scope for Unique Local address is within enterprise networks It identifies the boundary of private networks within an organization Example of...

Страница 78: ...s among which five types of messages are used by the ND protocol The five types of ICMPv6 messages are briefly described in the following section Router Solicitation ICMPv6 type 133 This message is se...

Страница 79: ...a home agent and includes a home agent option Home Agent Lifetime Synopsis unsigned integer Default 1800 The value to be placed in the home agent option when the home agent config flag is set which i...

Страница 80: ...seconds The default is 1800 seconds Reachable Time Millseconds Synopsis unsigned integer Default The value in milliseconds to be placed in the Reachable Time field in the router advertisement message...

Страница 81: ...fter adding an IPv6 Prefix under the Neighbor Discovery To display the forms navigate to ip interface ipv6 nd prefix 5 3 Adding Interfaces to Switched Ports For switched ports you create routable inte...

Страница 82: ...or example 2 5 Click Add 6 Click Commit 7 Click Exit Transaction The procedures below are examples of how to create implicit VLAN interfaces Procedure 5 2 Implicitly Adding a VLAN Interface at interfa...

Страница 83: ...mit it Procedure 5 5 Implicitly Adding a VLAN Interface at switch mcast filtering static mcast table 1 Enter edit mode navigate to switch mcast filtering static mcast table and click Add static mcast...

Страница 84: ...l VLANs Properties form is displayed 3 In the IP Address Source field select dynamic if you want the interface to get an IP address from a DHCP server For information on configuring RX1500 as a DHCP s...

Страница 85: ...Non switched or Route only Interface menu is accessible from the main menu Figure 5 8 Routable Ethernet Ports table The path to the Routable Ethernet Ports table is interface eth Figure 5 9 Routable...

Страница 86: ...eed mode AUTO means advertise all supported speed modes Duplex Synopsis string one of the following keywords full half If auto negotiation is enabled this is the duplex capability advertised by the au...

Страница 87: ...ure 5 10 Configuring Dynamic Address Source and ProxyARP Procedure 5 8 Configuring IP Address Source and ProxyARP for Non switched Interfaces 1 Go into Edit Private mode 2 Go to interface eth port The...

Страница 88: ...t Transaction To set ProxyARP for a static or dynamic interface follow the procedure below Procedure 5 9 Setting ProxyARP 1 Go into Edit Private mode 2 Go to interface eth port The Routable Ethernet P...

Страница 89: ...es irregular voltages at the power supply or the insertion or removal of a module Switch Subsystem these alarms pertain to layer 2 events of interests such as RSTP topology changes and link up down ev...

Страница 90: ...l relay and LED When an alarm is acknowledged by the user it de asserts the fail relay and LED but it remains in the active alarms table unless the alarm is non clearable and de asserted by the system...

Страница 91: ...Emergency Alert Critical Error Warning Notice Info Debug description Synopsis string When applicable provides further details on the alarmable event Date Time Synopsis string The date and time the ev...

Страница 92: ...the Clear action or the Acknowledge action Figure 6 5 Clear Alarm Menu Action form Figure 6 6 Acknowledge Alarm Menu Action form To clear or acknowledge ALL alarms instead of only individual alarms a...

Страница 93: ...escription Synopsis A string The name of the alarm severity Synopsis string one of the following keywords debug info notice warning error critical alert emergency The severity level can be one of emer...

Страница 94: ...m description Synopsis A string The name of the alarm severity Synopsis string one of the following keywords debug info notice warning error critical alert emergency The severity level can be one of e...

Страница 95: ...scription Synopsis A string The name of the alarm severity Synopsis string one of the following keywords debug info notice warning error critical alert emergency The severity level can be one of emerg...

Страница 96: ...h to this menu is admin dns Figure 7 1 DNS menu Figure 7 2 Domain Name Searches form The path to the Domain Name Searches form is admin dns search domain Synopsis Domain name RFC 1034 Figure 7 3 Domai...

Страница 97: ...port per collector Syslog source facility ID per collector same value for all ROX modules Filtering severity level per collector in case different collectors are interested in syslog reports with dif...

Страница 98: ...xadecimal notation Synopsis Domain name RFC 1034 The IPv4 or IPv6 address of a logging server Up to 8 logging servers can be added enabled Enables disables the feed to the remote logging server Figure...

Страница 99: ...Synopsis string one of the following keywords same same_or_higher Default same_or_higher The message severity levels to include in the log same includes only messages of the severity level selected i...

Страница 100: ...ecurity news mail lpr kern ftp daemon cron authpriv auth Synopsis facility list occurs in an array of at most 8 elements The subsystems generating log messages Messages from the selected subusystems a...

Страница 101: ...source SNMPv3 provides security models and security levels A security model is an authentication strategy that is set up for a user and the group in which the user resides A security level is a permi...

Страница 102: ...as specified by the lldpNotificationInterval object linkUp A linkUp trap signifies that the SNMP entity acting in an agent role has detected that the ifOperStatus object for one of its communication...

Страница 103: ...ample below 9 2 1 Add an SNMP User ID Figure 9 1 Adding an SNMP User ID Procedure 9 1 Adding an SNMP User ID 1 Navigate to admin user 2 Click on Add userid The Key settings form appears 3 In the Name...

Страница 104: ...ity Procedure 9 2 Creating an SNMP Community 1 Navigate to admin snmp snmp community 2 Click on Add snmp community The Key settings form appears 3 In the Community Name field enter snmpv2_user and cli...

Страница 105: ...Navigate to admin snmp security to group 2 Click on Add snmp security to group The Key settings form appears 3 In the Security Model field select v2c 4 In the User Name field select snmpv2_user and cl...

Страница 106: ...he ability to configure snmp features on the device Listen IP Synopsis IPv4 address in dotted decimal notation Synopsis IPv6 address in colon separated hexadecimal notation Default 0 0 0 0 The IP Addr...

Страница 107: ...exadecimal notation If set all traffic traps originating from this device shall use the configured IP Address for the Source IP Authentication Failure Notify Name Synopsis string one of the following...

Страница 108: ...horitative SNMP engine s window Unknown User Names Synopsis unsigned integer The total number of packets received by the SNMP engine which were dropped because they referenced a user that was not know...

Страница 109: ...ID Discover and Trigger Action forms On the SNMP Engine ID Discover form enter parameters in the fields On the Trigger Action form click Perform 9 5 SNMP Community Figure 9 9 SNMPv1 v2c Community Conf...

Страница 110: ...9 10 SNMPv1 v2c Community Configuration form The path to the SNMP Community Configuration form is admin snmp snmp community private or public 9 6 SNMP Target Addresses Figure 9 11 SNMP Target Configur...

Страница 111: ...address address Target Name A descriptive name for the target ie Corportate NMS enabled Synopsis boolean Default true Enables disables this specific target Target Address Synopsis IPv4 address in dott...

Страница 112: ...incoming SNMP requests from the IPv4 or IPv6 address associated with this community Trap Type List Default snmpv2_trap Selects the type of trap communications to be sent to this target Inform Timeout...

Страница 113: ...ng The user for the SNMP key Select a user name from the list Authentication Protocol Synopsis string one of the following keywords sha1 md5 none Default none The authentication protocol providing dat...

Страница 114: ...curity Model to Group Mapping form The path to these forms is admin snmp snmp security to group user Security Model Synopsis string one of the following keywords v3 v2c v1 The SNMP security model to u...

Страница 115: ...s string one of the following keywords v3 v2c v1 any The SNMP security model to use SNMPv1 SNMPv2c or USM SNMPv3 Security Level The SNMP security level authPriv communication with authentication and p...

Страница 116: ...w Default all of mib The name of the write view to which the SNMP group has access all of mib restricted v1 mib or no view Notify View Name Synopsis string one of the following keywords all of mib res...

Страница 117: ...figuration information between a Network Access Server which desires to authenticate its links and a shared Authentication Server RADIUS is also widely used in conjunction with 802 1x for port securit...

Страница 118: ...ntication activity is logged to the authorization log file auth log Details of each authentication including the time of occurrence source and result are included 10 1 4 RADIUS ROX and Services RADIUS...

Страница 119: ...se forms are also accessible from global ppp radius address Synopsis IPv4 address in dotted decimal notation The IPv4 address of the server port udp Synopsis integer Default 1812 The network port of t...

Страница 120: ...sword Synopsis AES CFB128 encrypted string The password of the RADIUS server For more information on 802 1x Authentication please see Chapter 24 Port Security For additional information on RADIUS serv...

Страница 121: ...the NETCONF Sessions form and the NETCONF State Statistics form is admin netconf enabled Synopsis boolean Default true Provides the ability to configure NETCONF features on the device Listen IP Synops...

Страница 122: ...ff 16000 Maximum Number of NETCONF Sessions Synopsis unsigned integer Synopsis the keyword unbounded Default 10 The maximum number of concurrent NETCONF sessions Idle Timeout Default PT0S Maximum idle...

Страница 123: ...ds the NETCONF peer inSessions inBadHellos number of correctly started netconf sessions Dropped Sessions Synopsis unsigned integer The total number of NETCONF sessions dropped inSessions inBadHellos n...

Страница 124: ...11 NETCONF ROX v2 2 User Guide 124 RuggedBackbone RX1500 The total number of notification messages sent...

Страница 125: ...menu contains chassis level configuration and status features A variety of sub menus can be linked to from the Chassis menu The Chassis sub menu section is organized so that information tables appear...

Страница 126: ...e synopsis string one of the following keywords PM2_Active_PM1_Standby PM1_Active_PM2_Standby Balanced When more than one power modules are present this parameter specifies how they share the provisio...

Страница 127: ...integer The current mA sourced by the power module PM Voltage mV Synopsis integer The voltage mV sourced by the power module 12 2 Slot Hardware Figure 12 6 Slot Hardware table Figure 12 7 Slot Hardwar...

Страница 128: ...nstalled module s unique serial number 12 3 Slot Identification Figure 12 8 Slot Identification table Figure 12 9 Slot Identification form The Slot Identification table and form contain version inform...

Страница 129: ...dule installed in a particular chassis slot The path to the Slot CPU RAM Utilization table is chassis cpu Figure 12 10 Slot CPU RAM Utilization table The path to the Slot CPU RAM Utilization form is c...

Страница 130: ...RAM in percent recorded for the installed module since start up 12 5 Slot Status Figure 12 12 Slot Status table Figure 12 13 Slot Status form The Slot Status table and form display status information...

Страница 131: ...state of the installed module Status Synopsis string The runtime status of the installed module Uptime Synopsis string The total time elapsed since the start up of the installed module Boot Date Synop...

Страница 132: ...nopsis A string The installed module s type specifier Temperature degrees C Synopsis integer The temperature in degrees C of the installed module If multiple temperature sensors are present on the boa...

Страница 133: ...Module Type Synopsis A string Sets the module type to be used in this slot Admin State Sets the administrative state for a module Enabling the module powers it on Figure 12 18 Fixed Modules form Figur...

Страница 134: ...is Management ROX v2 2 User Guide 134 RuggedBackbone RX1500 Figure 12 20 Module Database table Figure 12 21 Module Database form Figure 12 22 Configurable Modules table Figure 12 23 Configurable Modul...

Страница 135: ...his case the device acts as a PPP client PPP users profiles and settings are configured on forms found under the PPP menu To display the PPP menu navigate to global ppp 13 2 PPP Configuration The PPP...

Страница 136: ...out PPP Users table navigate to global ppp profiles dialout Figure 13 4 Dial out PPP Users table Dial out PPP is used to add PPP profile for dialOut users name Synopsis A string The connection name To...

Страница 137: ...ial the phone number before it stops attempting to establish a connection Zero 0 means the modem will try to connect to the PPP server forever dial interval Synopsis integer Default 30 The time in sec...

Страница 138: ...ary Radius Server form address Synopsis IPv4 address in dotted decimal notation The IPv4 address of the server port udp Synopsis integer Default 1812 password Synopsis AES CFB128 encrypted string 13 3...

Страница 139: ...erface with link failover the link failover On demand option allows link failover to bring up or take down the PPP interface as needed Link failover triggers the modem dial out to establish a PPP conn...

Страница 140: ...s 00 02 04 0F The DHCP Server supporting DHCP Option 82 sends a unicast reply and echoes Option 82 The DHCP Relay Agent removes the Option 82 field and broadcasts the packet to the port from which the...

Страница 141: ...this relay agent Figure 14 3 DHCP Relay Agent Client Ports table To display the DHCP Relay Agent Client Ports table navigate to dhcp relay agent dhcp client ports DHCP Relay Agent Client Ports are po...

Страница 142: ...ional subnets behind the relay agent or when multiple virtual networks exist on one physical interface Each subnet then gets its own subnet definition inside the shared network rather than at the top...

Страница 143: ...HCP Hosts configure host groups See Section 15 2 6 DHCP Host groups configure DHCP options See Section 15 2 8 DHCP Options Under services dhcpserver you can also view a list of active DHCP leases See...

Страница 144: ...CIDR notation The network IP address for this subnet shared network Synopsis A string The shared network that this subnet belongs to You can configure DHCP options at the subnet level Options set at...

Страница 145: ...s set at higher levels To set Lease Configuration and Client Configuration options navigate to services dhcpserver shared network shared network id options For more information see Section 15 2 8 1 Le...

Страница 146: ...type a name for the host group and click Add You can configure DHCP options at the host group level Options set at this level override options set at higher levels To set Lease Configuration and Clien...

Страница 147: ...ettings This form is used at all DHCP levels NIS Configuration form sets NIS server information This form is used at all DHCP levels NetBios Configuration form sets NetBios scope and nameserver inform...

Страница 148: ...configuration options at the subnet and shared networks levels enter edit mode and navigate to subnet options services dhcpserver subnet subnet id options shared network options services dhcpserver s...

Страница 149: ...g client unknown client Synopsis string one of the following keywords ignore deny allow The action to take for previously unregistered clients shared network Synopsis A string Shared network that this...

Страница 150: ...t the client configuration options enter edit mode and navigate to DHCP server options services dhcpserver options client subnet options services dhcpserver subnet subnet id options client shared netw...

Страница 151: ...IPv4 address in dotted decimal notation The static route that the dhcpserver offers to the client when it issues the lease to the client NIS Configuration Figure 15 16 NIS Configuration form server S...

Страница 152: ...work options services dhcpserver shared network shared network id options client custom host group options services dhcpserver host groups host group id options client custom host options services dhc...

Страница 153: ...15 DHCP Server ROX v2 2 User Guide 153 RuggedBackbone RX1500 The physical network address of the client Note that this corresponds to the hardware type for example MAC address for ethernet...

Страница 154: ...pter 18 IP Statistics Virtualswitch Bridging Chapter 19 Virtual Switch Bridging Link Aggregation Chapter 20 Link Aggregation Modem Chapter 21 Modem Serial Ports Chapter 22 Serial Protocols WAN Chapter...

Страница 155: ...ection Through LFI While the link between Switch A and the Controller functions normally the Controller holds the backup link down Switch B learns that to reach the Controller it must forward frames t...

Страница 156: ...tion LFI feature for the links where no native link partner notification mechanism is available With LFI enabled the device bases generation of a link integrity signal upon its reception of a link sig...

Страница 157: ...e Switched Ethernet Ports table shows the Ethernet interfaces To display the Switched Ethernet Ports table navigate to interface switch Figure 16 4 Switched Ethernet Ports submenu The Switched Etherne...

Страница 158: ...EE 802 3 auto negotiation Enabling auto negotiation results in speed and duplex being negotiated upon link detection both end devices must be auto negotiation compliant for the best possible results S...

Страница 159: ...s full duplex Full duplex operation requires that both ends are configured as such or else severe frame loss will occur during heavy network traffic At lower traffic volumes the link may display few i...

Страница 160: ...ames on any source port is made available for analysis Select a target port that has a higher speed than the source port Mirroring a 100 Mbps port onto a 10 Mbps port may result in an improperly mirro...

Страница 161: ...port where a monitoring device should be connected Figure 16 9 Ingress Source Ports table To display the Ingress Source Ports table navigate to switch port mirroring ingress src Ingress Source Slot S...

Страница 162: ...ine module diagnostics Figure 16 11 Diagnostics menu ROX is able to perform cable diagnostics per Ethernet port and to view the results When cable diagnostics are performed on a port any established n...

Страница 163: ...s detected on the cable pairs of the selected port PassFailTotal Synopsis A string This field summarizes the results of the cable diagnostics performed so far Pass the number of times cable diagnostic...

Страница 164: ...type of fault For a typical no fault Category 5 cable plugged into a 100BASE T port Good will be incremented by two after every run of cable diagnostics once for each cable pair used by a 100BASE T p...

Страница 165: ...form To clear cable diagnostics navigate to interfaces switch line module diagnostics clear cable stats port On the Clear Port Cable Diagnostic Test Results form click Perform Figure 16 15 Clear Port...

Страница 166: ...hernet Alarms Figure 16 18 Clear All Alarms menu Alarms can be cleared by hitting the Perform button This command can be accessed from the Clear All Alarms menu action on the admin clear all alarms me...

Страница 167: ...guard Provides protection against faulty end devices generating an improper link integrity signal When a faulty end device or a mis matching fiber port is connected to the unit a large number of conti...

Страница 168: ...f response time This setting should be used with caution OFF Turning this parameter OFF will disable FAST LINK DETECTION completely The switch will need a longer time to detect a link failure This wil...

Страница 169: ...terface Status forms navigate to interfaces switch line module Slot Synopsis string one of the following keywords lm6 lm5 lm4 lm3 lm2 lm1 sm The slot of the module that contains this port Port Synopsi...

Страница 170: ...tring one of the following keywords 230 4K 115 2K 57 6K 38 4K 19 2K 9 6K 2 4K 1 2K 7 2M 3 072M 1 776M 10G 1G 100M 10M 2 4M 1 5M auto Speed in Megabits per second or Gigabits per second Duplex Synopsis...

Страница 171: ...he link is fixed to full duplex and the peer auto negotiates the auto negotiating end falls back to half duplex operation At lower traffic volumes the link may display few if any errors As the traffic...

Страница 172: ...orts ROX v2 2 User Guide 172 RuggedBackbone RX1500 Is it possible that the peer also has LFI enabled If both sides of the link have LFI enabled then both sides will withhold link signal generation fro...

Страница 173: ...these menus is interfaces switch and then clicking on any of the linked submenus from lm1 1 to lm1 14 Figure 17 1 Ethernet Port Statistics Menu 17 1 Viewing Ethernet Statistics This table provides ba...

Страница 174: ...t and dropped packets OutOctets Synopsis unsigned integer The number of octets in transmitted good packets InPkts Synopsis unsigned integer The number of received good packets Unicast Multicast Broadc...

Страница 175: ...17 Ethernet Statistics ROX v2 2 User Guide 175 RuggedBackbone RX1500 Figure 17 3 RMON Port Statistics Form InOctets Synopsis unsigned long integer...

Страница 176: ...e TotalInPkts Synopsis unsigned long integer The number of received packets This includes rejected dropped and local packets as well as packets which are not forwarded to the switching core for transm...

Страница 177: ...nt has not been detected 3 A Late Collision Event has not been detected 4 The packet has invalid CRC Jabbers Synopsis unsigned integer The number of packets which meet all the following conditions 1 T...

Страница 178: ...unsigned integer The number of received and transmitted packets with size of 512 to 1023 octets This includes received and transmitted packets as well as dropped and local received packets This does n...

Страница 179: ...ring the keyword Synopsis string one of the following keywords main pm2 pm1 Synopsis string one of the following keywords lm6 lm5 lm4 lm3 lm2 lm1 sm Synopsis string one of the following keywords em cm...

Страница 180: ...lex Synopsis string one of the following keywords full half Link duplex status MTU Synopsis integer MTU Maximum Transmission Unit value on the port MAC Synopsis Ethernet MAC address in colon separated...

Страница 181: ...rors Synopsis unsigned integer Number of error packets transmitted Dropped Synopsis unsigned integer Number of dropped packets by the transmit device Collisions Synopsis unsigned integer Number of col...

Страница 182: ...for one switched port Ports are cleared by clicking the Perform button on the Clear Switched Port Statistics form Figure 17 10 Clear All Statistics Menu Figure 17 11 Clear All Switched Port Statistic...

Страница 183: ...he main menu under interfaces ip Figure 18 2 Routable Interface Statistics Table This table appears on the same screen as the Interfaces IP menu The path to the Routable Interface Statistics form Rece...

Страница 184: ...Packets Synopsis unsigned long integer Number of packets received Errors Synopsis unsigned integer Number of error packets received Dropped Synopsis unsigned integer Number of dropped packets by the r...

Страница 185: ...Backbone RX1500 Errors Synopsis unsigned integer Number of error packets transmitted Dropped Synopsis unsigned integer Number of dropped packets by the transmit device Collisions Synopsis unsigned int...

Страница 186: ...uded in the dynamic routing protocol and the interface can carry a routing update The IP address assigned to the virtual switch can be used as the default gateway for the end devices connected to the...

Страница 187: ...of VirtualSwitch by adding the following interfaces to the virtual switch on both devices VS1 on Device 1 switch 0020 te1 3 1c01 0020 VS2 on Device 1 switch 0030 te1 3 1c01 0030 4 Use the same configu...

Страница 188: ...dd a virtual switch enter Edit Private mode Add a virtual switch and at least two interfaces You can also add VLANs Figure 19 3 Interface Virtualswitch menu The Interface Virtualswitch menu is located...

Страница 189: ...as name of the interface IP Address Source Synopsis string one of the following keywords dynamic static Default static Whether the IP address is static or dynamically assigned via DHCP or BOOTP ProxyA...

Страница 190: ...signed via DHCP or BOOTP If a virtual switch has been configured some virtual switch data will be displayed under the Interfaces Virtualswitch menu Figure 19 9 Interfaces Virtualswitch menu To display...

Страница 191: ...MAC address of the port Figure 19 12 Receive form Bytes Synopsis unsigned long integer Number of bytes received Packets Synopsis unsigned long integer Number of packets received Errors Synopsis unsig...

Страница 192: ...eger Number of collisions detected on the port Figure 19 14 VLAN table To display this table navigate to interfaces virtualswitch virtualswitch number vlan VLAN ID Synopsis integer VLAN ID Figure 19 1...

Страница 193: ...AN Transmit form Bytes Synopsis unsigned long integer Number of bytes transmitted Packets Synopsis unsigned long integer Number of packets transmitted Errors Synopsis unsigned integer Number of error...

Страница 194: ...ed on both the source and destination MAC addresses of the forwarded frames 20 1 Link Aggregation Operation Link Aggregation can be used for two purposes To obtain increased and linearly incremental l...

Страница 195: ...gregation Limitations A port mirroring target port cannot be a member of a port trunk However a port mirroring source port can be a member of a port trunk A DHCP Relay Agent Client port cannot be a me...

Страница 196: ...abled and increased bandwidth is not required Link Aggregation should not be used because it may lead to a longer fail over time 20 2 Link Aggregation Configuration To display the Link Aggregation men...

Страница 197: ...20 Link Aggregation ROX v2 2 User Guide 197 RuggedBackbone RX1500 Figure 20 4 Entering a Trunk ID Next add parameters to the Multicast Filtering CoS and VLAN forms...

Страница 198: ...ion ROX v2 2 User Guide 198 RuggedBackbone RX1500 Figure 20 5 Entering Parameters for Forms Finally add parameters for the trunk ports First click on trunk ports on the menu Next click on Add trunk po...

Страница 199: ...n Add trunk ports again to add a second trunk port Click Commit Click Exit Transaction when done Figure 20 7 Selecting a Trunk Slot After configuration the Trunk Ports table accessible at interface tr...

Страница 200: ...icking on interface switch line module Figure 20 10 Key Settings Figure 20 11 Ethernet Trunk Interfaces form Trunk ID Synopsis integer The trunk number It doesn t affect port trunk operation in any wa...

Страница 201: ...ze frames received on this port that are not prioritized based on the frames contents e g priority field in the VLAN tag DiffServ field in the IP header prioritized MAC address Inspect TOS This parame...

Страница 202: ...t untagged Specifies whether frames transmitted out of the port on its native VLAN specified by the PVID parameter will be tagged or untagged GVRP Mode synopsis token one of advertise_only learn_adver...

Страница 203: ...of the GUI or leave them blank If authentication is required by the cellular data service provider again PPP authentication will automatically use PAP or CHAP Your service provider will provide you w...

Страница 204: ...tion form The HSPA Cellular Modem Information form displays modem information network supported Synopsis A string Wireless technologies supported by the modem imei Synopsis A string International Mobi...

Страница 205: ...is currently in use between the modem and the network Network Status displays the current registration status of the cellular modem with respect to the cellular network Possible values are Registered...

Страница 206: ...ollowing information provides additional details about the fields in the Edge Cellular Modem Information Form Rssi Indicator Received Signal Strength indicates the signal level received by the cellula...

Страница 207: ...ess network when you register for data service This field is not used for CDMA modems The Dial string is a special command to be sent by the cellular modem to the cellular network to establish a data...

Страница 208: ...P link establishment on this device is controlled by link failover 21 1 2 4 CDMA The CDMA GSM profile is selected by using the CDMA EVDO Cellular Modem Configuration form but the profile needs to be c...

Страница 209: ...e IMEI for GSM networks Rssi Indicator Received Signal Strength indicates the signal level received by the cellular modem from the cell site Network Operator displays the identity of the wireless netw...

Страница 210: ...ion form and Trigger Action form is interface modem lm6 1 cdma OverTheAirActivation Figure 21 8 CDMA Over The Air Activation form Figure 21 9 CDMA Over The Air Activation Trigger Action form 1 First e...

Страница 211: ...by all network providers Activation code also known as a subsidy lock Phone Number or MDN Mobile Directory Number MIN Mobile Identification Number often the same as the Phone Number System ID or Home...

Страница 212: ...Network Configuration form and the PPP Configuration form appear on the same screen as the global menu name Synopsis A string Create cdma profile name dial string Synopsis A string Default 777 The di...

Страница 213: ...ver dial on demand Activates Dial on Demand on this connection The establishment of the PPP connection is postponed until there is data to be transmitted via the interface disconnect idle timeout Syno...

Страница 214: ...on the silkscreen across the top of the device port Synopsis integer The port number as seen on the front plate silkscreen of the switch or a list of ports if aggregated in a port trunk enabled Synop...

Страница 215: ...ect Synopsis A string Selects the gsm profile to connect to wireless network The gsm profile is configured in global cellular profiles gsm 21 1 2 5 2 CellModem Status Figure 21 22 Interfaces Cellmodem...

Страница 216: ...Long Distance or Very Long Distance with connectors like LC SC ST MTRJ etc For the modules with SFP GBICs the media description is displayed per the SFF 8472 specification if the transceiver is plugge...

Страница 217: ...is A string The IP address assigned to the modem by the remote server Peer IP address Synopsis A string The IP address of the remote server TX bytes Synopsis unsigned integer The bytes transmitted ove...

Страница 218: ...al ports RX1501 supports up to 36 serial ports Bit rates of 300 600 1200 2400 4800 9600 19200 38400 57600 115200 or 230400 bps Supports RS232 RS422 and RS485 party line operation XON XOFF flow control...

Страница 219: ...ection package which Supports TCP If a RX1500 is used at the host end it will wait for a request from the host encapsulate it in a TCP message and send it to the remote side There the remote RX1500 wi...

Страница 220: ...the ability to receive connections 22 1 3 3 Message Packetization The server buffers received characters into packets in order to improve network efficiency and demarcate messages The server uses thre...

Страница 221: ...ses are TCP encapsulated and returned to the originator A native TcpModbus master is one that can encapsulate the Modbus polls in TCP and directly issue them to the network 22 1 4 1 Local Routing At T...

Страница 222: ...the Server Gateway receives a request for an unconfigured RTU it will respond to the originator with a special message called an exception type 10 A type 11 exception is returned by the server if the...

Страница 223: ...he originator 22 1 5 6 A Worked Example A network is constructed with two Masters and 48 RTUs on four Server Gateways Each of the Master is connected to a Client Gateway with a 115 2 Kbps line The RTU...

Страница 224: ...terface the DNP source address and the IP address of the sender are entered into the Device Address Table When a message with an unknown DNP destination address is received on a local serial port the...

Страница 225: ...rds lm6 lm5 lm4 lm3 lm2 lm1 sm The name of the module location provided on the silkscreen across the top of the device port Synopsis integer The port number as seen on the front plate silkscreen of th...

Страница 226: ...ol to a port Figure 22 6 Selecting a Protocol Type in the Edit Private screen Selecting a protocol type from the Protocol field in the Key Settings form associates a protocol with a serial port Rawsoc...

Страница 227: ...00 115200 57600 38400 19200 9600 2400 1200 Default 9600 The baudrate selection of serial port data bits Synopsis integer Default 8 The number of data bits parity Synopsis string one of the following k...

Страница 228: ...e 22 9 Rawsocket Configuration form The Rawsocket Configuration form is used to configure the Raw Socket settings for each port Changes are made immediately To display the Rawsocket Configuration form...

Страница 229: ...ction place an outgoing connection or do both max connection Synopsis integer Default 1 The maximum number of incoming connections to permit when the call direction is incoming remote ip Synopsis IPv4...

Страница 230: ...ert after the transmissions of Modbus broadcast messages out the serial port retransmit Synopsis integer Default The number of times to retransmit the request to the RTU before giving up max connectio...

Страница 231: ...d DNP device in the Device Address Table may go without any DNP communication before it is removed from the table max connection Synopsis integer Default 1 The maximum number of incoming DNP connectio...

Страница 232: ...connection to the DNP device with the configured address Leave this field empty to forward DNP message that matches the configured address to local serial port remote device Enable forwarding DNP mess...

Страница 233: ...Mode MM and may be Short Distance Long Distance or Very Long Distance with connectors like LC SC ST MTRJ etc For the modules with SFP GBICs the media description is displayed per the SFF 8472 specific...

Страница 234: ...g errors on this serial port overrun errors Synopsis unsigned integer The number of overrun errors on this serial port The Serial Port Statistics table and form present statistics of serial port activ...

Страница 235: ...The port of the remote serial server Local TCP UDP port Synopsis integer The local port for the incoming connection transport Synopsis A string The transport protocol UDP or TCP for this serial port r...

Страница 236: ...click on the restart serserver trigger action and the click the Perform button on the Trigger Action form Figure 22 20 Restart Serserver Trigger Action 22 5 Resetting Ports Figure 22 21 Reset Ports me...

Страница 237: ...ctions over Frame Relay Each Frame Relay interface provides a link between a local and a peer station One of the stations must be configured as a Data Communications Equipment DCE device often referre...

Страница 238: ...fig if encap frame Cisco config if frame map ip ipaddress dlci n broadcast Cisco Cisco config if frame map ip ipaddress dlci n ietf broadcast IETF Cisco config if frame map ip ipaddress dlci n ietf br...

Страница 239: ...ean Default true Disabling link alarms will prevent alarms and LinkUp and LinkDown SNMP traps from being sent for that interface Link alarms may also be controlled for the whole system under admin ala...

Страница 240: ...esired attenuation 23 2 2 E1 Parameters You can configure E1 Parameters for a WAN port The path to the E1 Parameters form is interface wan line module E1 Figure 23 5 E1 Parameters form frame Synopsis...

Страница 241: ...rface wan lm6 2 e1 2 Click the icon beside t1 or e1 3 Click channel and Add channel The Key settings form appears 4 In the Key settings form enter a number in the range of 1 to 24 and click Add The T1...

Страница 242: ...e connection submenu see Figure 23 8 Adding a Connection add a framerelay connection by clicking on the plus sign icon next to the framerelay submenu Configure the parameters in the Frame Relay Parame...

Страница 243: ...integer Default 4 The number of error events enumerated by n393 for which the channel is declared inactive valid for either cpe or Switch n393 Synopsis integer Default 4 The number of error events on...

Страница 244: ...but is capable of defining only one MLPPP bundle For optimal PPP Multilink operation ensure that each link in the MLPPP bundle has the same bandwidth the number of time slots the clocking mode and the...

Страница 245: ...k the Exit Transaction button You can add multiple PPP interfaces to a MLPPP link by configuring the same bundle number across all t1 e1 channels that are part of MLPPP 23 2 3 6 Configuring HDLC ETH H...

Страница 246: ...and click the icon beside the hdlc eth submenu An HDLC ETH connection is added and the fields in the Ethernet Over HDLC Settings form become configurable Figure 23 14 Ethernet Over HDLC Settings form...

Страница 247: ...s src Synopsis string one of the following keywords dynamic static Default static Whether the IP address is static or dynamically assigned via DHCP or BOOTP The DYNAMIC option is a common case of a dy...

Страница 248: ...4 1c01 0012 represents t1 e1 in slot 4 port 1 channel 1 is configured for hdlc eth with VLAN 12 te1 4 1c03ppp represents t1 e1 in slot 4 port 1 channel 3 is configured for ppp te1 4 1c04f0101 represe...

Страница 249: ...e trigger action form Figure 23 18 Loopbacktest Results After launching the Loopback test the Action Result form and the Loopbacktest form appear to confirm that the test has been performed and whethe...

Страница 250: ...errors CRC Error Synopsis unsigned integer The number of receiver CRC errors Abort Synopsis unsigned integer The number of receiver abort errors Corruption Synopsis unsigned integer The number of rece...

Страница 251: ...received Frames Discarded as Link Inactive Synopsis unsigned integer Received frames that were discarded link inactive Figure 23 23 T1E1 Receiving Statistics Form 2 The path to this form is interfaces...

Страница 252: ...integer The number of transmitter PCI latency warnings DMA Error Synopsis unsigned integer The number of transmitter DMA descriptor errors DMA Length Error Synopsis unsigned integer The number of tra...

Страница 253: ...re 23 26 T1E1 Transmitting Statistics Form 2 The path to this form is interfaces wan t1e1 line module transmit Bytes Synopsis unsigned long integer Number of bytes transmitted Packets Synopsis unsigne...

Страница 254: ...this form is interfaces wan t1e1 line module alarm alos Synopsis string ALOS Loss of Signal alarm los Synopsis string LOS Loss Of Signal alarm red Synopsis string RED red alarm is a combination of a...

Страница 255: ...23 29 PPP Receiving Protocol Statistics form The PPP Receiving Protocol Statistics form displays PPP receiving statistics The path to this form is interfaces wan t1e1 line module ppp stats LCP Synops...

Страница 256: ...cs forms can be found under this ppp stats submenu LCP Synopsis unsigned integer The number of LCP Link Control Protocol packets PAP Synopsis unsigned integer The number of PAP Password Authentication...

Страница 257: ...the slot Port Synopsis integer Synopsis string Port number on the slot Channel Number Synopsis integer Synopsis string Channel number on the port state Synopsis string one of the following keywords lo...

Страница 258: ...mitted after a tx interrupt due to exessive frame length Throughput Synopsis unsigned integer I frames not transmitted after a tx interrupt due to excessive throughput Length Synopsis unsigned integer...

Страница 259: ...invalid Receive Seq Numbers received Unsolicited Response Synopsis unsigned integer The number of unsolicited responses from the Access Node N391 Synopsis unsigned integer Timeouts on the T391 timer C...

Страница 260: ...rity Verification Status messages received CPEI Synopsis unsigned integer CPE initializations SSEQ Synopsis unsigned integer The current Send Sequence Number RSEQ Synopsis unsigned integer The current...

Страница 261: ...igger Action Figure 23 36 Clearstatistics Menu Action The path to the Clear Statistics forms is interfaces wan clearstatistics 23 4 DDS Digital Data Services DDS is a North American digital transmissi...

Страница 262: ...3 Setting DDS PPP Connection Parameters set the DDS frame relay and DLCI parameters See Section 23 4 1 4 Setting DDS Frame Relay Parameters Under interfaces wan you can also view and clear DDS statis...

Страница 263: ...PP Connection Parameters To set DDS PPP connection parameters enter edit mode and navigate to interface wan wan slot and port dds connection ppp Figure 23 39 PPP form nomagic Synopsis boolean Default...

Страница 264: ...tomer Premises Equipment or as a switch signal Synopsis string one of the following keywords none q933 lmi ansi Default ansi The frame relay link management protocol used t391 Synopsis integer Default...

Страница 265: ...ds connection framerelay Beside the framerelay link click the icon and click Add dlci On the Key settings form enter a number in the range of 16 to 1007 and click Add On the On demand form set the On...

Страница 266: ...dds dds physical connection ddsreceiveerror Displays DDS physical connection receive error statistics interfaces wan dds dds physical connection ddstransmiterror Displays DDS physical connection trans...

Страница 267: ...S Interface Select the DDS interface for which to clear statistics T1E1 Interface Select the T1E1 interface for which to clear statistics T3E3 Interface Select T3E3 interface for which to clear statis...

Страница 268: ...rce MAC addresses of received frames against the contents in the Static MAC Address Table ROX also supports a highly flexible Port Security configuration which provides a convenient means for network...

Страница 269: ...thentication methods 802 1X defines a protocol for communication between the Supplicant and the Authenticator EAP over LAN EAPOL RuggedBackbone communicates with the Authentication Server using EAP ov...

Страница 270: ...curity radius address Synopsis IPv4 address in dotted decimal notation The IPv4 address of the server UDP Port Synopsis integer Default 1812 The IPv4 port of the server password Synopsis AES CFB128 en...

Страница 271: ...nown there is still an option to configure the switch to auto learn a certain number of MAC addresses Once learned they don t age out until the unit is reset or the link goes down IEEE 802 1X standard...

Страница 272: ...ess Entity parameters quiet period Synopsis integer Default 60 The period of time not to attempt to acquire a supplicant after the authorization session failed Reauthorization Enables or disables peri...

Страница 273: ...he authentication server s EAP packet Server Timeout Synopsis integer Default 30 The time to wait for the authentication server s response to the supplicant s EAP packet Max Requests Synopsis integer...

Страница 274: ...ion 1 or 2 25 1 IGMP IGMP is used by IP hosts to report their host group memberships to multicast routers As hosts join and leave specific multicast groups streams of traffic are directed to or withhe...

Страница 275: ...ally two query intervals the router will prune the multicast stream from the given segment A more usual method of pruning occurs when consumers wishing to unsubscribe issue an IGMP leave group message...

Страница 276: ...er all other routers become non queriers participating only forward multicast traffic Switches running in Active IGMP mode participate in the querier election like multicast routers When the querier e...

Страница 277: ...ies as if it is the router Processing Joins If host C1 desires to subscribe to the multicast streams for both P1 and P2 it will generate two joins The join from C1 on VLAN 2 will cause the switch to i...

Страница 278: ...t Group Periodically the switch sends GMRP queries in the form of a leave all message If a host either a switch or an end station wishes to remain in a multicast group it reasserts its group membershi...

Страница 279: ...membership for the two Multicast Groups on the example network is as follows Host H1 is GMRP unaware but needs to see traffic for Multicast Group 1 Port E2 on Switch E therefore is statically configu...

Страница 280: ...sly become a member of Multicast Group 1 Switch B forwards the Group 1 multicast via Port B4 towards Switch E Switch E forwards the Group 1 multicast via Port E2 which has been statically configured f...

Страница 281: ...efault 60 The time interval between IGMP queries generated by the switch NOTE This parameter also affects the Group Membership Interval i e the group subscriber aging time therefore it takes effect ev...

Страница 282: ...selected ports on the module installed in the indicated slot Figure 25 8 Static Multicast Summary table If data is configured the path to the Static Multicast Summary table will be switch mcast filter...

Страница 283: ...summary then clicking on one of the linked submenus then clicking on static ports and then on a linked submenu Static ports are egress ports that have been assigned to a particular multicast MAC addr...

Страница 284: ...ups form The path to this form is switch mcast filtering ip mcast groups and then clicking on one of the linked submenus that follow VLAN ID Synopsis integer The VLAN Identifier of the VLAN upon which...

Страница 285: ...s on the module installed in the indicated slot Figure 25 17 Joined Ports table The path to this table is switch mcast filtering ip mcast groups then clicking on one of the linked submenus that follow...

Страница 286: ...kept registered Figure 25 20 GMRP Dynamic Ports table The path to this menu is switch mcast filtering mcast group summary then clicking on one of the linked submenus and then clicking on gmrp dynamic...

Страница 287: ...r the multicast stream is being delivered to the router run the Ethernet Statistics menu View Ethernet Statistics command Verify that the traffic count transmitted to the router is the same as the tra...

Страница 288: ...g to operate properly Problem Six I connect or disconnect some switch ports and multicast goes everywhere Is IGMP broken No it may be a proper switch behavior When the switch detects a change in the n...

Страница 289: ...f connectivity over the network The CoS feature has two main phases inspection and forwarding 26 1 1 Inspection Phase In the inspection phase the CoS priority of a received frame is determined from A...

Страница 290: ...ueues according to the CoS assigned to each frame CoS weighting selects the degree of preferential treatment that is attached to different priority queues The ratio of the number of higher CoS to lowe...

Страница 291: ...4 Priority to CoS Mapping table The path to the Priority to CoS Mapping table is switch class of service priority to cos This table shows the mapping of each IEEE 802 1p priority value to the Class of...

Страница 292: ...cos number TOS DSCP to CoS Mapping maps each Differentiated Services Code Point DSCP in the Type Of Service TOS field in the headers of the received IP packets to the Class of Service switch DSCP Syn...

Страница 293: ...ved on this port that are not prioritized based on the frame s contents e g the priority field in the VLAN tag DiffServ field in the IP header prioritized MAC address Inspect TOS Enables or disables p...

Страница 294: ...es mac tables menu is is accessible from the main menu under switch mac tables Figure 27 1 MAC Tables menu 1 Viewing MAC Addresses To display the MAC Address table navigate to switch mac tables mac ta...

Страница 295: ...tically unlearned CoS Synopsis string one of the following keywords crit high medium normal The Class Of Service that is assigned to frames carrying this address as source or destination address 2 Con...

Страница 296: ...m to add a new MAC address MAC Address and VLAN ID are the keys Enter other relevant parameters in the Static MAC Address Parameters form Figure 27 5 Key Settings Figure 27 6 Static MAC Address Parame...

Страница 297: ...stalled in the indicated slot CoS Synopsis string one of the following keywords crit high medium normal Default normal The priority of traffic for a specified address 4 Purging The MAC Address Table T...

Страница 298: ...e guaranteed to be aware of the new topology Using the values recommended by 802 1D this period lasts 30 seconds The Rapid Spanning Tree Protocol RSTP IEEE 802 1w was a further evolution of the 802 1D...

Страница 299: ...nd whether it can currently be used State There are three RSTP states Discarding Learning and Forwarding The discarding state is entered when the port is first put into service The port does not learn...

Страница 300: ...listen to each others messages and agree on which bridge is the Designated Bridge The ports of other bridges on the segment must become either Root Alternate or Backup ports Figure 28 2 Bridge and Por...

Страница 301: ...may configure the bridge to override the half duplex determination mechanism and force the link to be treated in the proper fashion 28 1 4 Path and Port Costs The STP path cost is the main metric by...

Страница 302: ...rameter Raise the value of the maximum age parameter if implementing very large bridged networks or rings 28 2 MSTP Operation The Multiple Spanning Tree MST algorithm and protocol provide greater cont...

Страница 303: ...spanning tree instances that may be defined in an MST region not including the IST see below An MSTI is created by mapping a set of VLANs in ROX via the VLAN configuration to a given MSTI ID The same...

Страница 304: ...s the minimum cost path to a CIST Root located outside the region A Designated Port provides the minimum cost path from an attached LAN via the bridge to the CIST Regional Root Alternate and Backup Po...

Страница 305: ...MSTIs It is possible to control the spanning tree solution for each MSTI especially the set of active links for each tree by manipulating per MSTI the bridge priority and the port costs of links in th...

Страница 306: ...gure a Region Identifier and Revision Level Note that these two items must be identical for each bridge in the MST region 5 Configure Bridge Priority per MSTI 6 Configure Port Cost and Priority per po...

Страница 307: ...to the network edge 3 Identify edge ports and ports with half duplex shared media restrictions Ports that connect to host computers IEDs and controllers may be set to edge ports in order to guarantee...

Страница 308: ...rapid recovery from link failure is required In normal operation RSTP will block traffic on one of the links for example as indicated by the double bars through link H in Figure 28 4 Example of a Rin...

Страница 309: ...ce from the root bridge If the root bridge is assigned the lowest priority of 0 the bridges on either side should use a priority of 4096 and the next bridges 8192 and so on As there are 16 levels of b...

Страница 310: ...form at the top level Spanning Tree menu configures parameters applicable to RSTP and MSTP over the whole bridge Figure 28 7 Spanning Tree Parameter form Enabled Synopsis boolean Default true Enables...

Страница 311: ...number of messages is reached RSTP will be limited to 1 message per second Larger values allow the network to recover from failed links more quickly If RSTP is being used in a ring architecture the t...

Страница 312: ...of the following keywords 4 1 Default 4 The Max Network Diameter as a muliplier of the MaxAgeTime value BPDU Guard Mode Synopsis string one of the following keywords untilreset noshutdown specify Def...

Страница 313: ...s feature is only available in RSTP mode In MSTP mode the configuration parameter is ignored In a single ring topology this feature is not needed and should be disabled to avoid longer network recover...

Страница 314: ...RSTP Parameter form The Port RSTP Parameter form appears on the same screen as the interface switch line module spanning tree submenu Enabled Synopsis boolean Default true When the box is checked the...

Страница 315: ...ses the port not to be selected as the root port for the CIST or any MSTI even it has the best spanning tree priority vector This parameter should be FALSE by default Restricted TCN If TRUE causes the...

Страница 316: ...string one of the following keywords 61440 57344 53248 49152 45960 40960 36864 32768 28672 24576 20480 16384 12288 8192 4096 0 Default 32768 Bridge Priority provides a way to control the topology of...

Страница 317: ...nstance table After data has been configured the MSTP Instance table will be displayed at switch spanning tree mstp instance Figure 28 15 MSTP ID table To display the MSTP ID table navigate to switch...

Страница 318: ...I Configuration form navigate to interface switch line module spanning tree msti number MSTP ID Synopsis integer MSTP Instance Identifier MSTP Priority Synopsis string one of the following keywords 24...

Страница 319: ...inks For MSTP this parameter applies to both external and internal path costs RSTP Cost Synopsis string the keyword auto cost Synopsis unsigned integer Default auto cost The cost to use in cost calcul...

Страница 320: ...navigate to switch spanning tree Status Synopsis string one of the following keywords none rootBridge notDesignatedForAnyLAN designatedBridge The spanning tree status of the bridge The status may be r...

Страница 321: ...slot containing the port that provides connectivity towards the root bridge of the network Root Port Port Synopsis integer If the bridge is designated this is the port of the slot that provides conne...

Страница 322: ...time from the Bridge RSTP Parameters menu Learned Max Age Synopsis integer The actual Maximum Age time provided by the root bridge as learned in configuration messages This time is used in designated...

Страница 323: ...reen of the module STP State Synopsis string one of the following keywords discarding linkDown forwarding learning listening blocking disabled Describes the status of this interface in the spanning tr...

Страница 324: ...et to RSTP 1Gbps will contribute 20 000 100 Mbps ports will contribute a cost of 200 000 and 10 Mbps ports contribute a cost of 2 000 000 Note that even if the Cost style is set to RSTP a port that mi...

Страница 325: ...ssages transmitted from this port 28 5 3 MSTI Status Figure 28 21 MSTI Status table To display this table navigate to switch spanning tree msti status Figure 28 22 MSTI Status form To display these fo...

Страница 326: ...Synopsis string the keyword trnk If the bridge is designated this is the slot containing the port that provides connectivity towards the root bridge of the network Root Port Port Synopsis integer If...

Страница 327: ...cs forms is switch spanning tree port msti id number port msti stats line module Slot Synopsis string one of the following keywords lm6 lm5 lm4 lm3 lm2 lm1 sm Synopsis string the keyword trnk The slot...

Страница 328: ...y to the root bridge It is not used but is standing by Master Only exists in MSTP The port is an MST region boundary port and the single port on the bridge which provides connectivity for the Multiple...

Страница 329: ...r the length of time the port was in forwarding If one of the switches appears to flip the root from one port to another the problem may be one of traffic prioritization See problem five Another possi...

Страница 330: ...te out to the edge and then back in order to reestablish the topology Problem Four My network is composed of a ring of bridges of which two connected to each other are managed and the rest are unmanag...

Страница 331: ...etwork statistics to determine whether the root bridge is receiving TCNs around the time of observed frame loss It may be possible that you have problems with intermittent links in your network Proble...

Страница 332: ...at specify a valid VLAN identifier VID Untagged frames are frames without tags or frames that carry 802 1p prioritization tags only having prioritization information and a VID of 0 Frames with a VID 0...

Страница 333: ...s Rules Ingress Rules The VLAN ingress rules are applied to all frames when they are received by the switch Frame received This does not depend on ingress port s VLAN configuration parameters Untagged...

Страница 334: ...on Protocol to automatically distribute VLAN configuration information in a network Each switch in a network needs only to be configured with VLANs it requires locally it dynamically learns the rest o...

Страница 335: ...ome members of VLAN 7 Ports D1 and B1 advertise VID 20 and ports B3 B4 and D1 become members of VLAN 20 29 1 9 PVLAN Edge PVLAN Edge Protected VLAN Edge port refers to a feature of the switch whereby...

Страница 336: ...ing the IP address of a host on another VLAN The use of creative bridge filtering and multiple VLANs can carve seemingly unified IP subnets into multiple regions policed by different security access p...

Страница 337: ...independent networks These hosts may be replaced by a single multi homed host supporting each network on its own VLAN This host can perform routing between VLANs Figure 29 3 Inter VLAN Communications...

Страница 338: ...igure 29 6 Static VLAN table Figure 29 7 Static VLAN form VLAN ID Synopsis integer The VLAN Identifier is used to identify the VLAN in tagged Ethernet frames according to IEEE 802 1Q IGMP Snooping Ena...

Страница 339: ...dentifier specifies the VLAN ID associated with untagged and 802 1p priority tagged frames received on this port Frames tagged with a non zero VLAN ID will always be associated with the VLAN ID retrie...

Страница 340: ...the switch configured or learned and can dynamically learn VLANs 29 3 3 VLAN Summary There are actually three ways that a VLAN can be created in the switch Explicit A VLAN is explicitly configured in...

Страница 341: ...lan summary number Figure 29 12 Tagged Ports table Tagged ports and untagged ports can be viewed To display the Tagged Ports table navigate to switch vlans vlan summary number tagged ports Figure 29 1...

Страница 342: ...module Untagged Slot Synopsis string one of the following keywords lm6 lm5 lm4 lm3 lm2 lm1 sm The name of the module location provided on the silkscreen across the top of the device Untagged Ports Syn...

Страница 343: ...gure 29 20 Forbidden Ports If forbidden ports are configured display the Forbidden Ports form by navigating to switch vlans static vlan number forbidden ports Slot Synopsis string one of the following...

Страница 344: ...29 Virtual LANs ROX v2 2 User Guide 344 RuggedBackbone RX1500 can use a router The router will treat each VLAN as a separate interface which will have its own associated IP address space...

Страница 345: ...hbors across connected network links using a standard mechanism Devices that support LLDP are able to advertise information about themselves including their capabilities configuration interconnections...

Страница 346: ...m form appear on the same screen as the menu Figure 30 3 LLDP form This form is used to configure the Network Discovery Protocol LLDP Enabled Synopsis boolean Default true Enables the LLDP protocol No...

Страница 347: ...e or status changed The recommended value is set by the following formula 1 is less than or equal to txDelay less than or equal to 0 25 Tx Interval Notification Interval sec Synopsis integer Default 5...

Страница 348: ...e of the following keywords local interfaceName networkAddress macAddress portComponent interfaceAlias chassisComponent local chassis subtype Local Chassis ID Synopsis Ethernet MAC address in colon se...

Страница 349: ...Statistics form The path to the LLDP Port Statistics form is switch net discovery lldp port lldp stats and then clicking on one of the linked submenus for example sm 1 slot Synopsis string the keyword...

Страница 350: ...d integer A counter of all LLDPDUs transmitted Ageouts Synopsis unsigned integer A counter of the times that a neighbor s information has been deleted from the LLDP remote system MIB because the txinf...

Страница 351: ...cm Synopsis string the keyword trnk The slot of the module that contains this port Port Synopsis integer The port number as seen on the front plate silkscreen of the module Chassis ID Synopsis Ethern...

Страница 352: ...x only Default rx tx no lldp The local LLDP agent can neither transmit nor receive LLDP frames rxTx The local LLDP agent can both transmit and receive LLDP frames through the port txOnly The local LLD...

Страница 353: ...hing Chapter 32 Layer 3 Switching Tunnelling Chapter 33 Tunnelling Dynamic Routing Chapter 34 Dynamic Routing Static Routing Chapter 35 Static Routing Routing Status Chapter 36 Routing Status Multicas...

Страница 354: ...be performed on router ports On the RX1500 series and RX5000 platforms all Ethernet ports except for cm 1 are switch ports On the RX1000 series platforms all Ethernet ports are router ports 31 3 Routi...

Страница 355: ...at point the ROX device routes the traffic If the traffic volume to be routed is high enough then Layer 3 switching will start provided that this feature is available Note that the devices attached to...

Страница 356: ...cated firewall rules which are not normally not supported by Layer 3 switches 32 1 2 Layer 3 Switch Forwarding table To route a packet with a specific destination IP address a router needs the followi...

Страница 357: ...nfiguration as the rule takes the protocol and TCP UDP port into consideration to make forwarding decisions Host oriented learning is when the switch uses the following information to identify a traff...

Страница 358: ...ing ASICs is significantly limited and may not be sufficient to accommodate all Layer 3 switching rules If the TCAM is full and a new static rule is created the new rule replaces some dynamically lear...

Страница 359: ...e external network VLAN 400 at the address 227 100 20 100 Servers in VLAN 300 receive IP multicast data from the external network VLAN 400 at the address 227 100 250 250 No firewall is used in this us...

Страница 360: ...er3 switching arp table and switch layer3 switching rules summary Do the same for the 10 200 60 0 24 network Even if Hw accelerate is not enabled Layer 3 switching is still performed but all switching...

Страница 361: ...le Each server in the server farm would be polling device IP addresses one after the other in order Given that each server would always be talking to at least one device we could create static ARP ent...

Страница 362: ...re Layer 3 switching do the following set the Layer 3 switching settings See Section 32 2 1 Configuring Layer 3 Switching Settings create static ARP table entries See Section 32 2 2 Creating Static AR...

Страница 363: ...ic routes have to be subject to sophisticated firewall filtering Auto Both statically configured and dynamically learned Layer3 switching rules will be used In this mode maximum routing hardware accel...

Страница 364: ...ode potentially controls multiple flows with a single rule and hence is more efficient in utilizing Layer3 switching ASIC resources Aging Time sec Synopsis integer Default 32 This parameter configures...

Страница 365: ...t resolved the MAC IP address pair and keeps sending ARP requests periodically 32 2 3 Viewing Static and Dynamic ARP Table Entries The ARP Table Summary table lists all of the ARP table entries To vi...

Страница 366: ...following keywords hidden invalid unicast multicast Identifies the type of the rule unicast multicast invalid In VLAN Synopsis integer Identifies the ingress VLAN To match the rule the packet s ingre...

Страница 367: ...ghput of all packets matching the rule in packets per second static Synopsis boolean Whether the rule is static or dynamic Static rules are configured as a result of management activity Dynamic rules...

Страница 368: ...y flush dynamic rules Static rules enabled by activating hardware acceleration never age out For more information on how to enable hardware acceleration see Section 32 1 Layer 3 Switching Fundamentals...

Страница 369: ...as part of IP version 6 Openswan is the open source implementation of IPsec used by ROX The protocols used by IPsec are the Encapsulating Security Payload ESP and Internet Key Exchange IKE protocols...

Страница 370: ...Public Key And Pre shared Keys In public key cryptography keys are created in matched pairs called public and private keys The public key is made public while the private key is kept secret Messages c...

Страница 371: ...r details 33 1 1 8 The Openswan Configuration Process Each VPN connection has two ends the local router and the remote router The Openswan configuration record describing a VPN connection can be used...

Страница 372: ...s on the same screen as the IPsec menu Figure 33 3 IPsec form The IPsec form is used in configuring IPSec VPN Enable IPSec Enables IPSec NAT Traversal Enables NAT Traversal Keep Alive Synopsis unsigne...

Страница 373: ...pr kern daemon cron authpriv auth Default daemon The log facility Log Level Synopsis string one of the following keywords warnings notifications informational errors emergencies debugging critical ale...

Страница 374: ...4 RuggedBackbone RX1500 Figure 33 6 Install Certificate forms The path to the Install Certificates forms is tunnel ipsec certificate install certificate To install the certificates enter the parameter...

Страница 375: ...gedBackbone RX1500 Figure 33 7 Install Ca Certificate forms The path to the Install Ca Certificate forms is tunnel ipsec certificate install ca certificate Enter the parameters and then click on the P...

Страница 376: ...crl file To install the files enter the parameters and then click the Perform button Figure 33 9 Show IPsec Running Status form The path to the Show IPsec Running Status form is tunnel ipsec status T...

Страница 377: ...etting for all connections Startup Operation Synopsis string one of the following keywords default route start add ignore Default default The action at IPSec startup time Authenticate By Synopsis stri...

Страница 378: ...er algorithm Hash Method Synopsis string one of the following keywords any md5 sha1 Hash method Figure 33 14 IKE table If data is configured the path to the IKE table will be tunnel ipsec connection l...

Страница 379: ...eft The System Public Key System Identifier and Nexthop to Other System forms appear on the same screen as the Public IP Address form The public ip is the system identifier Type Synopsis string one of...

Страница 380: ...type Synopsis string one of the following keywords hostname address from certificate none default Default default Type Hostname or IP Address Synopsis A string conforming to Hostname or IP address Fig...

Страница 381: ...configured the path to the Preshared Key form will be tunnel ipsec preshared key line module Figure 33 22 Preshared Key form Remote Address Synopsis string the keyword any Synopsis IPv4 address in dot...

Страница 382: ...erver forms appear on the same screen as this menu Figure 33 24 L2TP form Enable L2TP Enable L2TP Local IP Address Synopsis IPv4 address in dotted decimal notation Local IP address First IP Address Sy...

Страница 383: ...s dialin menu If you are not enabling the Authorize Locally field you need to configure the Radius server for ppp authentication under the global ppp radius menu For more information on PPP see Chapte...

Страница 384: ...eatures GOOSE traffic is bridged over the WAN via UDP IP One GOOSE traffic source can be mapped to multiple remote router Ethernet interfaces in mesh fashion To reduce bandwidth consumption GOOSE daem...

Страница 385: ...on another RuggedBackbone 33 3 2 1 Generic Tunnel Implementation Details For each tunnel configured the daemon monitors the specified Ethernet interface for Ethernet Layer 2 frames of the specified ty...

Страница 386: ...te with other daemons The Beacon interval field configures how often a Round Trip Time RTT measurement message is sent to each remote peer The interval takes the values Off to disable RTT measurement...

Страница 387: ...se tunnel interface Synopsis A string The interface to listen on for goose frames multicast mac Synopsis Multicast Ethernet MAC address in colon separated hexadecimal notation The multicast MAC addres...

Страница 388: ...interface for Ethernet type frames Figure 33 36 L2 Ethernet Type table type Synopsis string the keyword iso Synopsis A string conforming to 0x 0 9A Fa f 4 Ethernet type to be forwarded ie 0xFEFE 33 3...

Страница 389: ...imal notation Multicast Destination MAC Address of Goose message rx frames Synopsis unsigned integer The number of frames received over the tunnel tx frames Synopsis unsigned integer The number of fra...

Страница 390: ...el tx packets Synopsis unsigned integer The number of frames transmitted over the tunnel rx bytes Synopsis unsigned integer The number of bytes received over the tunnel tx bytes Synopsis unsigned inte...

Страница 391: ...ing VLAN Interface name rx frames Synopsis unsigned integer The number of frames received over the tunnel tx frames Synopsis unsigned integer The number of frames transmitted over the tunnel rx chars...

Страница 392: ...of frames received over the tunnel tx packets Synopsis unsigned integer The number of frames transmitted over the tunnel rx bytes Synopsis unsigned integer The number of bytes received over the tunne...

Страница 393: ...l problems Figure 33 46 Round Trip Time Statistics form remote ip Synopsis IPv4 address in dotted decimal notation IP address of remote goose daemon transmitted Synopsis unsigned integer The number of...

Страница 394: ...dress of 172 19 20 21 and a remote subnet of 192 168 2 0 24 If you are connecting to a CISCO router in place of Router 1 in the example above the local router address corresponds to the CISCO IOS sour...

Страница 395: ...gre0 if name Synopsis A string conforming to A Za z 1 0 9A Za z 0 9 The GRE tunnel network interface name The prefix gre will be added to this interface name local ip Synopsis IPv4 address in dotted d...

Страница 396: ...33 Tunnelling ROX v2 2 User Guide 396 RuggedBackbone RX1500 cost Synopsis integer Default The routing cost associated with networking routing that directs traffic through the tunnel...

Страница 397: ...an RFC1058 compliant implementation of RIP support RIP version 1 and 2 RIP version 1 is limited to obsolete class based networks while RIP version 2 supports subnet masks as well as simple authentica...

Страница 398: ...r of routes to be advertised may help to avoid this problem In shared access networks i e routers connected by switches or hubs a designated router and a backup designated are elected to receive route...

Страница 399: ...nets which are directly connected to the router but are not part of the OSPF area or RIP or BGP networks can be advertised if redistribute connected is enabled in the OSPF RIP or BGP Global Parameters...

Страница 400: ...By enabling authentication and configuring a shared key on all the routers only routers which have the same authentication key will be able to send and receive advertisements within the RIP network 3...

Страница 401: ...eration Router 1 and 2 have VRRP setup on their Ethernet connection so that they can both function as the gateway for the clients on their network segment Normally Router 1 is the VRRP master and only...

Страница 402: ...ute connected as OSPF would not use the subnets for routing 34 1 6 BGP Fundamentals The Border Gateway Protocol BGP RFC 4271 is a robust and scalable routing protocol BGP is designed to manage a routi...

Страница 403: ...ic route and redistributing it in RIP using the redistribute element with static type Default Metric Synopsis integer in the range 32768 to 32767 Default 1 This element modifies the default metric val...

Страница 404: ...ynopsis unsigned integer Default 30 The routing table update timer in seconds Timeout Timer Synopsis unsigned integer Default 180 The routing information timeout timer in seconds Garbage Collection Ti...

Страница 405: ...ied to multiple groups of interfaces Without key chains the same settings would have to be entered for each interface separately Key chains also allow multiple keys to be entered in a single key chain...

Страница 406: ...ation Synopsis string the keyword infinite Expire time 34 3 1 4 Redistribute This element redistributes routing information into the RIP tables from route entries specified by type Redistribute Route...

Страница 407: ...element Receive Version Synopsis string one of the following keywords 2 1 1 2 2 1 The version of RIP packets that will be accepted on this interface By default version 1 and version 2 packet will be a...

Страница 408: ...etwork The split horizon prevents advertising those routes back out the same interface which helps to control this problem Some network topologies with rings of routers will still have some issues wit...

Страница 409: ...ard shortcut ibm cisco Default cisco The OSPF ABR type Auto Cost Reference Bandwidth Synopsis unsigned integer Default 100 Calculates the OSPF interface cost according to bandwidth 1 4294967 Mbps Comp...

Страница 410: ...OSPF Area Distance form can be used to define OSPF external inter area or intra area routes distance External Routes Distance Synopsis unsigned integer The administrative distance for external routes...

Страница 411: ...stributes the route type Metric Type Synopsis integer in the range 32768 to 32767 Default 2 The OSPF exterior metric type for redistributed routes Metric Synopsis unsigned integer The metric for redis...

Страница 412: ...d byte integer Default 1 Priority of interface Passive Interface Whether an interface is active or passive Passive interfaces do not send LSAs to other routers and are not part of an OSPF area Retrans...

Страница 413: ...of submenus that follow authentication ip cost ip dead interval ip hello interval ip message digest key message digest key ip retransmit interval ip and transmit delay ip 34 5 BGP 34 5 1 BGP configura...

Страница 414: ...distance value of BGP External Routes Distance Synopsis unsigned integer Distance value for external routes Internal Routes Distance Synopsis unsigned integer Distance value for internal routes Local...

Страница 415: ...Action Network Synopsis IPv4 address and prefix in CIDR notation Network xxx xxx xxx xxx xx Less Than or Equal to Synopsis unsigned byte integer The maximum prefix length to be matched Greater Than or...

Страница 416: ...g conforming to s The prefix list name Route Source Match Prefix List Synopsis A string conforming to s The prefix list name Route Map Metric Metric Synopsis unsigned integer Match the route metric Pe...

Страница 417: ...iginator ID weight Synopsis unsigned integer Weight 34 5 1 2 Network Networks may be specified in order to add BGP routers connected to the specified subnets Note that a network specification need not...

Страница 418: ...ebgp multihop Synopsis unsigned byte integer The maximum hop count This allows EBGP neighbors not on directly connected networks Maximum Prefix Synopsis unsigned integer The maximum prefix number acc...

Страница 419: ...atched Subnet Subnet Prefix Synopsis IPv4 address and prefix in CIDR notation IP Address Prefix Distance Synopsis unsigned integer Distance value 34 5 1 6 Redistribute Redistribute Route from Other Pr...

Страница 420: ...orm The path to the Static Route form is routing static ipv4 route hw accelerate If the static unicast route can be hardware accelerated the option will be available For a static unicast route to be a...

Страница 421: ...path to the Blackhole Static Route form is routing static ipv4 route blackhole Distance optional Synopsis unsigned integer The distance for the static route Figure 35 7 Static Route Using Interface ta...

Страница 422: ...e on a locally connected broadcast network i e without a gateway without also bringing up a corresponding IP address on that interface For example it would be possible to add 192 168 1 0 24 to switch...

Страница 423: ...ive Routing table is routing status ipv6routes Subnet Synopsis string The network prefix Gateway Address Synopsis string The gateway address Interface Name Synopsis string The interface name Route Typ...

Страница 424: ...The number of used ordinary blocks in bytes Free ordinary blocks Byte Synopsis unsigned integer The number of free ordinary blocks in bytes Figure 36 5 RIP Daemon Memory Statistics Form total Synopsi...

Страница 425: ...r of free ordinary blocks in bytes Figure 36 7 OSPF Daemon Memory Statistics Form total Synopsis unsigned integer The total heap allocated in bytes used Synopsis unsigned integer The number of used or...

Страница 426: ...To display the Network table navigate to routing status ospf route network id Synopsis string Network Prefix discard Synopsis string This entry is discarded entry inter area Synopsis string Is path t...

Страница 427: ...string Router ID Figure 36 13 Area Table To display the Area table navigate to routing status ospf route router number area id Synopsis string Area ID inter area Synopsis string Is path type inter ar...

Страница 428: ...r age Synopsis integer Age seqnum Synopsis string Sequence number Figure 36 15 Summary Table To display the Summary table navigate to routing status ospf database summary id Synopsis string Link ID ar...

Страница 429: ...psis string Area ID adv router Synopsis string Advertising Router age Synopsis integer Age seqnum Synopsis string Sequence number Figure 36 17 AS External Table To display the AS External table naviga...

Страница 430: ...ute tag Figure 36 18 Neighbor Table To display the Neighbor table navigate to routing status ospf neighbor id Synopsis string Neighbor ID address Synopsis string Address priority Synopsis integer Prio...

Страница 431: ...ring Network Figure 36 21 Next Hop Table To display the Next Hop table navigate to routing status bgp route address next hop address Synopsis string Next hop address selected Synopsis boolean Selected...

Страница 432: ...ring Neighbor address version Synopsis integer BGP version as Synopsis string Remote AS number msgrcvd Synopsis integer Number of received BGP messages msgsent Synopsis integer Number of sent BGP mess...

Страница 433: ...appears on the same screen as the Multicast menu enabled Enables static multicast routing service Figure 37 3 Static menu The path to the Static menu is routing multicast static From the static menu...

Страница 434: ...A string conforming to 22 4 9 23 0 9 0 9 1 9 0 9 1 0 9 2 2 0 4 0 9 25 0 5 2 0 9 1 9 0 9 1 0 9 2 2 0 4 0 9 25 0 5 The multicast IP address to be forwarded in the format xxx xxx xxx xxx The address mus...

Страница 435: ...format xxx xxx xxx xxx U indicates that this address is uniquely paired with the multicast address set in the Multicast ip field You cannot use this IP address to create another Multicast Routing ent...

Страница 436: ...37 Multicast Routing ROX v2 2 User Guide 436 RuggedBackbone RX1500 entryStatus Synopsis string The status of the multicast routing entry...

Страница 437: ...s at and tests each packet and the tests or rules may be modified depending on packets that have already been processed This is called connection tracking Stateful firewalls can also recognize that tr...

Страница 438: ...ing a public interface of 213 18 101 62 When a connection request for http port 80 arrives at 213 18 101 62 the NAT gateway could forward the request to either of the hosts or could accept it itself P...

Страница 439: ...as expected 38 3 Firewall Terminology And Concepts This section provides background on various firewall terms and concepts References are made to the section where configuration applies 38 3 1 Zones A...

Страница 440: ...REJECT QUEUE CONTINUE and NONE The first three are the most widely used and are described here When the ACCEPT policy is used a connection is allowed When the DROP policy is used a request is simply i...

Страница 441: ...udp These can be raw port numbers or names as found in file etc services Some examples should illustrate the use of masquerading Rule Interface Subnet Address Protocol Ports 1 switch 0001 switch 0002...

Страница 442: ...Redirect the request to a local tcp port number on the local firewall This is most often used to remap port numbers for services on the firewall itself Table 38 7 The remaining fields of a rule are a...

Страница 443: ...the interfaces menu as it will be carrying both traffic for both zones Visit the Host menu and for the network interface that carries the encrypted IPSec traffic create a zone host with zone VPN the c...

Страница 444: ...CCEPT dmz net ah ACCEPT dmz net esp ACCEPT dmz net udp 500 Table 38 13 38 5 Firewall Configuration All firewall fields accept only alphanumeric characters excluding spaces Do not use punctuation or ot...

Страница 445: ...5 1 Adding a Firewall To add a firewall enter edit private mode navigate to security firewall fwconfig and click Add fwconfig Figure 38 4 Adding a Firewall In the Key settings form enter a name for th...

Страница 446: ...active config Specify work configuration Synopsis string The current work firewall is specified here Specify active configuration Synopsis string The current active firewall is specified here 38 5 2...

Страница 447: ...the fw1 firewall configuration is active you might wish to make changes to the live configuration Any changes made to a configuration that is defined as active config and enable will be reflected on t...

Страница 448: ...for same interfaces ppp Figure 38 11 Interface Options form Arp Filter Responds only to ARP requests for configured IP addresses routeback Allow traffic on this interface to be routed back out that s...

Страница 449: ...nfo level logmartians Enables logging of packets with impossible source addresses Figure 38 12 Broadcast Address form broadcast addr Optional A broadcast address 38 5 5 Host Configuration Hosts are us...

Страница 450: ...rm IPsec zone Synopsis boolean Default false 38 5 6 Policies Figure 38 16 Main Policy Settings table Figure 38 17 Main Policy Settings form Default actions for connection establishment between differe...

Страница 451: ...ion zone configuration by specifiying a zone Please choose either a pre defined zone or all Figure 38 19 Source Zone form source zone The zone from which the request originates Enter a source zone con...

Страница 452: ...a DNS name Interface Synopsis A string Interfaces that have the EXTERNAL address Internal Address Synopsis IPv4 address in dotted decimal notation The internal address must not be a DNS Name Limit Int...

Страница 453: ...outgoing interfacelist usually the internet interface Outgoing Interface Specifics Synopsis string Optional An outgoing interface list specific destinations IP for the out interface Source Hosts Synop...

Страница 454: ...is rule Action Synopsis string one of the following keywords dnat dnat redirect continue reject drop accept Default reject The final action to take on incoming packets matching this rule Destination Z...

Страница 455: ...rds none Related Any Default none Optional The tcp udp port the connection is destined for Original Destination Synopsis string Synopsis string the keyword None Default none Optional The destination I...

Страница 456: ...38 Firewall ROX v2 2 User Guide 456 RuggedBackbone RX1500 Optional Add comma separated host IPs to the destination zone may include port for DNAT or REDIRECT...

Страница 457: ...e accessed simultaneously Only the mode that is currently configured can be accessed 39 1 1 Traffic Control Basic basic configuration Configuration Mode Basic configuration mode offers a limited set o...

Страница 458: ...ble 39 2 TC Classes 39 1 2 1 3 TC Rules Mark Source Destination Protocol Source Port Dest Port Test Length TOS 2 Any Any ICMP Any Any Any Any Any RESTORE Any Any Any Any Any 0 Any Any CONTINUE Any Any...

Страница 459: ...all configuration to operate Basic or Advanced Configuration Modes Synopsis string one of the following keywords advanced basic Default basic Specifies to use either simple or advanced configuration m...

Страница 460: ...he Traffic Control Configuration form click Enabled in the Enable configuration field 4 Select basic in the Basic or Advanced Configuration Modes field 5 Click Commit 6 Click Exit Transaction 39 2 1 1...

Страница 461: ...to be treated as a single flow internal causes the traffic generated by each unique destination IP address to be treated as a single flow internal interfaces seldom benefit from simple traffic shaping...

Страница 462: ...sed on the matching ToS value in the IP header if nothing else is configured under a band or when IP traffic does not match with the rules specified in a band Speed units bps bytes per second mbps kbp...

Страница 463: ...Medium band includes Normal Service 0x0 mr 0x04 mmc mr 0x06 md Maximize Throughput mt 0x18 mmc mt md 0x1a mr mt md 0x1c mmc mr mt md 0x1e Low band includes mmc 0x02 mt 0x08 mmc mt 0x0a mr mt 0x0c mmc...

Страница 464: ...figure advanced configuration mode follow the procedure below Figure 39 8 Enabling Advanced configuration Mode Procedure 39 2 Configuring Advanced configuration Mode 1 Enter Edit Private mode 2 Click...

Страница 465: ...o qos traffic control advanced configuration tcclasses class Note that each class is associated with exactly one network interface Exactly one class for each interface must be designated as the defaul...

Страница 466: ...bandwidth is a single numerical value max bandwidth Synopsis string The maximum bandwidth this class is allowed to use when the link is idle This can be either a numeric value or a calculated expressi...

Страница 467: ...ol advanced configuration tcclasses class IP Traffic matching with the ToS options take precedence over the mark rules tos minimize delay Synopsis boolean Default false Value mask encoding 0x10 0x10 t...

Страница 468: ...the given ToS value or value mask combination of an IP packet s TOS byte Value and Value Mask are both specified in hexadecimal notation using the 0x prefix It is also possible to specify a diffserv m...

Страница 469: ...ded the packets are dropped in unit Synopsis string one of the following keywords none bps mbps mbit kbps kbit Default none Unit when incoming bandwidth is specified outbandwidth Synopsis unsigned sho...

Страница 470: ...affic classification rule Add a new rule by selecting Add tcrules Remove a tcrule by selecting next to a tcrule and click on an existing tcrule to modify it Reorder rules by clicking next to the rule...

Страница 471: ...ted list of hosts or IPs MAC addr or all When using MACs use as prefix and as separator Ex 00 1a 6b 4a 72 34 00 1a 6b 4a 71 42 destination Synopsis string IF name comma separated list of hosts or IPs...

Страница 472: ...sis string Optional Match the length of a packet against a specific value or range of values Greater than and lesser than as well as ranges are supported in the form of min max Ex Equal to 64 64 Great...

Страница 473: ...ark the connection in the PREROUTING chain This can be used with DNAT SNAT and Masquerading rule in firewall An example of such a rule is Source IP 192 168 2 101 Chain option preroute or default but t...

Страница 474: ...the operation with decimal value modify chain Synopsis string one of the following keywords prerouting postrouting forward Default forward Chain in which the operation will take place Figure 39 19 Sav...

Страница 475: ...g stops This can be used to improve efficiency in combination with the SAVE and RESTORE rules For example consider a TC Rules table organized roughly as follows and in the same order A RESTORE rule is...

Страница 476: ...ection protocol to dynamically assign responsibility for the virtual router to one of the routers in the group This router is called the VRRP Master If the Master or optionally its WAN connection fail...

Страница 477: ...osts at their real IP addresses Two or more VRRP instances can be assigned to be in the same VRRP Group in which case they can fail over together In the following network both host 1 and host 2 use a...

Страница 478: ...nds If a monitored interface goes down a master router will immediately signal an election and allow a backup router to assume mastership The router issues a set of gratuitous ARPs when moving between...

Страница 479: ...Redundancy Protocol VRRP form enable or disable the VRRP service Enable VRRP Service Enables VRRP Service Router ID Synopsis string The router ID for VRRP logs Figure 40 5 VRRP Group Table The VRRP Gr...

Страница 480: ...uter ID Synopsis unsigned byte The Virtual Router ID All routers supplying the same VRIP should have the same VRID Priority Synopsis unsigned byte The priority of VRRP instance For electing MASTER hig...

Страница 481: ...D20 monitor An Extra Interface to Monitor causes VRRP to release control of the VRIP if the specified interface stops running Extra Interface to Monitor Synopsis A string The interface name Figure 40...

Страница 482: ...status number Instance Name Synopsis string The VRRP instance name State Synopsis string The VRRP instance state Time Of Change To Current State Synopsis string The time of change to the current stat...

Страница 483: ...lure in this example through Network A the link backup daemon inspects the link status of the main link and sends a regular ping to a designated host or to a dummy address on the router In this way ne...

Страница 484: ...Demand After configuring link failover you can do the following view the link failover status See Section 41 3 5 Viewing Link Failover Status view the link failover log See Section 41 3 6 Viewing the...

Страница 485: ...t the main trunk is up returned to service before stopping the backup trunk The link failover feature can only be configured on a routable interface For the link failover feature to be used on a switc...

Страница 486: ...Setting a Link Failover Ping Target A link failover ping target is an IP address that link failover pings to determine if the main link is down The address can be a dedicated host or a dummy address...

Страница 487: ...s on the Multilink PPP form at interface wan interface id t1 channel channel id connection mlppp wan ppp connections on the PPP form at interface wan interface id t1 channel channel id connection ppp...

Страница 488: ...irm that each link failover configuration works properly To launch the test you specify for how long the system should operate on the backup interface and for how long the system should delay before s...

Страница 489: ...edBackbone RX1500 Figure 41 7 Link Fail Over Test Settings form Test duration The amount of time in minutes to run the test before restoring service to the main trunk Start test delay The amount of wa...

Страница 490: ...tware RADIUS Server Configuration Appendix B RADIUS Server Configuration Setting Up An Upgrade Server Appendix C Setting Up An Upgrade Server Adding and Replacing Modules Appendix D Adding and Replaci...

Страница 491: ...nfigure the location of the software upgrade repository and the version of software to which to upgrade At the top of the screen click Edit Private to access the Edit Private view The screen in Edit P...

Страница 492: ...ox will appear prompting you to commit your changes Click the OK button Figure A 3 Pending Commit A dialog box will appear informing you that the configuration has been committed Click the OK button F...

Страница 493: ...pgrade The Success and Upgrade Options messages shown below indicate that the upgrade has been launched Figure A 6 Upgrade Launched Dialogs Click the Exit Transaction button at the top of the screen t...

Страница 494: ...one of the above four phases Failed These phases are shown in real time in the Upgrade Phase field on the Upgrade Monitoring Form below Figure A 8 Upgrade Monitoring Form in Reboot pending Stage Once...

Страница 495: ...es Downloading packages Copying filesystem Estimating upgrade size Inactive The current phase or state of the upgrade filesystem copy synopsis integer in the range 0 to 100 Phase 1 of the upgrade invo...

Страница 496: ...RX1500 The date and time of completion of the last upgrade attempt last upgrade result synopsis string one of Interrupted Declined Not Applicable Reboot Pending Unknown Upgrade Failed Upgrade Success...

Страница 497: ...e must have a user ID and password The RADIUS NAS Identifier attribute may optionally be used to restrict which service an account may access login ppp ssh Accounts that do not specify a NAS Identifie...

Страница 498: ...ze of upgrade when the routers upgrade each unit s upgrade is bandwidth limited to 500kbps by default Most web servers can serve files to the limit of the network interface bandwidth so even a modest...

Страница 499: ...d NETCONF see the appropriate user guide for details The second method allows you to configure the target release version explicitly Some administrators may prefer this approach for sake of clarity bu...

Страница 500: ...into the slot and boot the unit 4 After boot up the new line module is auto detected and operational 5 Under interface interfaces have now been created for the new module you may proceed with addition...

Страница 501: ...the module you may proceed with related configurations D 5 Swapping a Module with a Different Type of Module 1 Set the module type under chassis line modules to none this allows the system to auto det...

Страница 502: ...ams and that you know you can do these things To protect your rights we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights These restrictions t...

Страница 503: ...y protection in exchange for a fee E 2 3 Section 2 You may modify your copy or copies of the Program or any portion of it thus forming a work based on the Program and copy and distribute such modifica...

Страница 504: ...eans all the source code for all modules it contains plus any associated interface definition files plus the scripts used to control compilation and installation of the executable However as a special...

Страница 505: ...of that system it is up to the author donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice This section is intended to make...

Страница 506: ...can redistribute and change under these terms To do so attach the following notices to the program It is safest to attach them to the start of each source file to most effectively convey the exclusio...

Страница 507: ...ll copyright interest in the program Gnomovision which makes passes at compilers written by James Hacker signature of Ty Coon 1 April 1989 Ty Coon President of Vice This General Public License does no...

Отзывы:

Нет отзывов

Похожие инструкции для RuggedBackbone RX1500

Gefen HD-441 User Manual preview
HD-441
Бренд: Gefen Страницы: 11
D-Link xStack DES-3500 Series Cli Manual preview
xStack DES-3500 Series
Бренд: D-Link Страницы: 260
D-Link DXS-3600 Series Reference Manual preview
DXS-3600 Series
Бренд: D-Link Страницы: 48
D-Link DXS-3400 SERIES Quick Start Manual preview
DXS-3400 SERIES
Бренд: D-Link Страницы: 3
D-Link Web Smart Switch DGS-1210-16 Product Manual preview
Web Smart Switch DGS-1210-16
Бренд: D-Link Страницы: 71
D-Link DGS-1016A Datasheet preview
DGS-1016A
Бренд: D-Link Страницы: 3
D-Link DGS-1100-26MP Getting Started Manual preview
DGS-1100-26MP
Бренд: D-Link Страницы: 56
D-Link xStack DES-3800 Series Cli Manual preview
xStack DES-3800 Series
Бренд: D-Link Страницы: 326
D-Link xStack DES-3526 Cli Manual preview
xStack DES-3526
Бренд: D-Link Страницы: 222
D-Link DGS-1008G Quick Install Manual preview
DGS-1008G
Бренд: D-Link Страницы: 2
D-Link DXS-1210 Series Manual preview
DXS-1210 Series
Бренд: D-Link Страницы: 20
Cabletron Systems SEHI100TX-22 User Manual preview
SEHI100TX-22
Бренд: Cabletron Systems Страницы: 88
Qlogic SANbox 5000 Series Quick Start Manual preview
SANbox 5000 Series
Бренд: Qlogic Страницы: 8
Magnetrol C29 Installation And Operating Manual preview
C29
Бренд: Magnetrol Страницы: 24
Xenteq PTS Series Instruction Manual preview
PTS Series
Бренд: Xenteq Страницы: 22
Greengate VNLW-P-1001-MV-N-V Installation Instructions preview
VNLW-P-1001-MV-N-V
Бренд: Greengate Страницы: 2
Key Digital HD Flash 4 KD-SW4x1 Operating Instructions Manual preview
HD Flash 4 KD-SW4x1
Бренд: Key Digital Страницы: 12
X10 Anaconda Switcher VK68A User Manual preview
Anaconda Switcher VK68A
Бренд: X10 Страницы: 2

Бренды по названию

Популярные бренды

Загрузить еще бренды