Page 1 Preface Introduction Using RUGGEDCOM ROX II RUGGEDCOM ROX II v2.9 Device Management System Administration Setup and Configuration CLI User Guide Troubleshooting For RX1500, RX1501, RX1510, RX1511, RX1512 01/2016 RC1243-EN-02...
Page 2 Siemens has verified the contents of this document against the hardware and/or software described. However, deviations between the product and the documentation may exist. Siemens shall not be liable for any errors or omissions contained herein or for consequential damages in connection with the furnishing, performance, or use of this material.
Page 3 RUGGEDCOM ROX II CLI User Guide Contacting Siemens Address Telephone E-mail Siemens Canada Ltd. Toll-free: 1 888 264 0006 ruggedcom.info.i-ia@siemens.com Industry Sector Tel: +1 905 856 5288 300 Applewood Crescent Fax: +1 905 856 1995 www.siemens.com/ruggedcom Concord, Ontario Canada, L4K 5C7...
Page 4 RUGGEDCOM ROX II CLI User Guide...
Page 5: Table Of Contents
1.6 Removable Memory ........................12 Chapter 2 Using RUGGEDCOM ROX II ................2.1 Connecting to RUGGEDCOM ROX II ..................15 2.1.1 Connecting Directly ......................15 2.1.2 Connecting Through the Network ..................17 2.2 Default User Names and Passwords ................... 17 2.3 Logging In ..........................
Page 6 RUGGEDCOM ROX II Table of Contents CLI User Guide 2.6 Using the Command Line Interface ..................... 21 2.6.1 Accessing Different CLI Modes ..................21 2.6.2 Using Command Line Completion ..................22 2.6.3 Displaying Available Commands ..................22 2.6.4 Editing Commands ......................23 2.6.5 Using Output Redirects ....................
Page 7 3.10 Managing the Software Configuration ..................71 3.10.1 Saving the Configuration ....................71 3.10.2 Loading a Configuration ....................71 3.11 Upgrading/Downgrading the RUGGEDCOM ROX II Software ............72 3.11.1 Configuring the Upgrade Source ..................72 3.11.2 Setting Up an Upgrade Server ..................73 3.11.2.1 Configuring the Upgrade Server ................
Page 8 RUGGEDCOM ROX II Table of Contents CLI User Guide 3.12.4 Uninstalling an Application ..................... 79 3.12.5 Managing Application Repositories ................. 80 3.12.5.1 Viewing a List of Repositories ................80 3.12.5.2 Checking the Repository Connection ..............80 3.12.5.3 Adding a Repository .................... 81 3.12.5.4 Deleting a Repository ..................
Page 9 RUGGEDCOM ROX II CLI User Guide Table of Contents 3.19.1 Viewing a List of Serial Ports ..................107 3.19.2 Viewing Serial Port Statistics ..................107 3.19.3 Viewing Transport Connection Statistics ................ 108 3.19.4 Viewing DNP Device Table Statistics ................108 3.19.5 Clearing Serial Port Statistics ..................
Page 10 RUGGEDCOM ROX II Table of Contents CLI User Guide 3.22.4 Viewing the HSPA Network Status for Cellular Modems ..........127 3.22.5 Viewing the CDMA Network Status for Cellular Modems ..........128 3.22.6 Configuring a Cellular Modem Interface ................. 129 3.22.7 Activating a Cellular Modem Account ................130 3.22.7.1 Activating a Cellular Modem Account Over-the-Air ..........
Page 11 RUGGEDCOM ROX II CLI User Guide Table of Contents 3.24.5.2 Viewing a List of Virtual Switch Filters ..............150 3.24.5.3 Adding a Virtual Switch Filter ................150 3.24.5.4 Deleting a Virtual Switch Filter ................151 3.24.6 Managing Filtering Rules ....................151 3.24.6.1 Viewing a List of Rules ..................
Page 12 RUGGEDCOM ROX II Table of Contents CLI User Guide 4.7.1.2 Viewing the Status of a CA Certificate and CRL ............ 166 4.7.1.3 Adding a CA Certificate and CRL ................. 167 4.7.1.4 Deleting a CA Certificate and CRL ............... 168 4.7.2 Managing Private Keys ....................168 4.7.2.1 Viewing a List of Private Keys ................
Page 13 RUGGEDCOM ROX II CLI User Guide Table of Contents Chapter 5 Setup and Configuration .................. 5.1 Configuring a Basic Network ..................... 192 5.1.1 Configuring a Basic IPv4 Network ................... 192 5.1.2 Configuring a Basic IPv6 Network ................... 193 5.2 Configuring ICMP Control ......................193 5.3 Enabling and Configuring CLI Sessions ..................
Page 14 RUGGEDCOM ROX II Table of Contents CLI User Guide 5.11.9.3 Deleting an SNMP Group .................. 215 5.12 Managing Time Synchronization Functions ................216 5.12.1 Configuring the Time Synchronization Settings .............. 217 5.12.2 Configuring the System Time and Date ................. 217 5.12.3 Configuring the System Time Zone ................
Page 15 RUGGEDCOM ROX II CLI User Guide Table of Contents 5.14.3 Adding DHCP Client Ports .................... 236 5.14.4 Deleting a DHCP Client Port ..................236 5.15 Managing the DHCP Server ....................236 5.15.1 Configuring the DHCP Server ..................237 5.15.2 Enabling/Disabling the DHCP Server ................237 5.15.3 Enabling/Disabling the DHCP Relay Support ..............
Page 16 RUGGEDCOM ROX II Table of Contents CLI User Guide 5.15.11.2 Adding a Host Group ..................254 5.15.11.3 Configuring Host Group Options ............... 254 5.15.11.4 Configuring a Host Group Client ............... 255 5.15.11.5 Deleting a Host Group ..................256 5.15.12 Managing Custom Host Group Client Configurations ............ 256 5.15.12.1 Viewing a List of Custom Host Group Client Configurations ........
Page 17 RUGGEDCOM ROX II CLI User Guide Table of Contents 5.17.1.5 Protecting Against a SYN Flood Attack ............... 270 5.17.2 Viewing a List of Firewalls .................... 271 5.17.3 Adding a Firewall ......................271 5.17.4 Deleting a Firewall ....................... 272 5.17.5 Working with Multiple Firewall Configurations ..............272 5.17.6 Configuring the Firewall for a VPN ................
Page 18 RUGGEDCOM ROX II Table of Contents CLI User Guide 5.17.14.5 Deleting Rules ....................293 5.17.15 Validating a Firewall Configuration ................293 5.17.16 Enabling/Disabling a Firewall ..................293 5.18 Managing IS-IS ........................294 5.18.1 IS-IS Concepts ......................294 5.18.1.1 IS-IS Routers ....................295 5.18.1.2 Network Entity Title (NET) Addresses ..............
Page 19 RUGGEDCOM ROX II CLI User Guide Table of Contents 5.18.12.2 Adding a Redistribution Metric ................312 5.18.12.3 Deleting a Redistribution Metric ................ 313 5.19 Managing BGP ........................313 5.19.1 Configuring BGP ......................314 5.19.2 Viewing the Status of Dynamic BGP Routes ..............315 5.19.3 Managing Route Maps ....................
Page 20 RUGGEDCOM ROX II Table of Contents CLI User Guide 5.19.7.5 Deleting a Neighbor ..................332 5.19.8 Managing Networks ..................... 332 5.19.8.1 Viewing a List of Networks ................. 333 5.19.8.2 Adding a Network ..................... 333 5.19.8.3 Tracking Commands for a BGP Network ............. 334 5.19.8.4 Deleting a Network ....................
Page 21 RUGGEDCOM ROX II CLI User Guide Table of Contents 5.20.7.1 Viewing a List of Neighbors ................348 5.20.7.2 Adding a Neighbor .................... 348 5.20.7.3 Deleting a Neighbor ..................349 5.20.8 Managing the Prefix List Distribution ................349 5.20.8.1 Viewing a List of Prefix List Distribution Paths ............. 349 5.20.8.2 Adding a Prefix List Distribution Path ..............
Page 22 RUGGEDCOM ROX II Table of Contents CLI User Guide 5.21.6.4 Adding a Route Map Filter Entry ................ 369 5.21.6.5 Deleting a Route Map Filter ................370 5.21.6.6 Deleting a Route Map Filter Entry ..............370 5.21.6.7 Configuring Match Rules ................... 371 5.21.7 Managing Incoming Route Filters ..................
Page 23 RUGGEDCOM ROX II CLI User Guide Table of Contents 5.22.8.2 Adding an IP/VPN Tunnel .................. 390 5.22.8.3 Deleting an IP/VPN Tunnels ................390 5.22.9 Managing VPNv4 Neighbors ..................391 5.22.9.1 Viewing a List of Neighbors ................391 5.22.9.2 Adding a Neighbor .................... 391 5.22.9.3 Deleting a Neighbor ..................
Page 24 RUGGEDCOM ROX II Table of Contents CLI User Guide 5.23.6.1 Configuring Gateways for IPv6 Static Routes ............406 5.23.6.2 Viewing a List of Gateways for IPv4 Static Routes ..........406 5.23.6.3 Adding a Gateway for an IPv4 Static Route ............407 5.23.6.4 Deleting a Gateway for an IPv4 Static Route ............
Page 25 RUGGEDCOM ROX II CLI User Guide Table of Contents 5.26.3.4 Deleting a Router Port ..................428 5.26.4 Managing the Static Multicast Group Table ..............428 5.26.4.1 Viewing a List of Static Multicast Group Entries ........... 429 5.26.4.2 Adding a Static Multicast Group Entry ..............429 5.26.4.3 Deleting a Static Multicast Group Entry ...............
Page 26 RUGGEDCOM ROX II Table of Contents CLI User Guide 5.27.9.3 Deleting a Virtual IP Address ................447 5.28 Managing Link Failover Protection ................... 447 5.28.1 Viewing the Link Failover Log ..................448 5.28.2 Viewing the Link Failover Status ................... 449 5.28.3 Managing Link Failover Parameters ................
Page 27 RUGGEDCOM ROX II CLI User Guide Table of Contents 5.29.7.1 Viewing a List of IKE Algorithms ................ 467 5.29.7.2 Adding an IKE Algorithm ................... 468 5.29.7.3 Deleting an IKE Algorithm .................. 468 5.29.8 Managing the Encapsulated Security Payload (ESP) Protocol ......... 468 5.29.8.1 Configuring ESP Encryption ................
Page 28 RUGGEDCOM ROX II Table of Contents CLI User Guide 5.31.8.1 Viewing a List of IP Addresses ................488 5.31.8.2 Adding an IP Address ..................488 5.31.8.3 Deleting an IP Address ..................488 5.31.9 Managing Remote Daemon Egress Interfaces for Generic Tunnels ........489 5.31.9.1 Viewing a List of Egress Interfaces ..............
Page 29 RUGGEDCOM ROX II CLI User Guide Table of Contents 5.34.3.1 Viewing a List of DSCP-to-CoS Mapping Entries ..........508 5.34.3.2 Adding a DSCP-to-CoS Mapping Entry ............... 508 5.34.3.3 Deleting a DSCP-to-CoS Mapping Entry ............. 508 5.35 Managing MAC Addresses ...................... 509 5.35.1 Viewing a Dynamic List of MAC Addresses ..............
Page 30 RUGGEDCOM ROX II Table of Contents CLI User Guide 5.36.7.4 Deleting a Port-Specific Multiple Spanning Tree Instances ........537 5.36.8 Viewing the Status of RSTP ..................538 5.36.9 Viewing RSTP Per-Port Statistics .................. 539 5.36.10 Clearing Spanning Tree Protocol Statistics ..............541 5.37 Managing VLANs ........................
Page 31 RUGGEDCOM ROX II CLI User Guide Table of Contents 5.37.8.5 Deleting a VLAN for a Routable Ethernet Port ............. 559 5.37.8.6 Deleting a VLAN for a T1/E1 Line ..............560 5.38 Managing Network Discovery and LLDP .................. 560 5.38.1 Configuring LLDP ......................561 5.38.2 Viewing Global Statistics and Advertised System Information ..........
Page 32 RUGGEDCOM ROX II Table of Contents CLI User Guide 5.40.1 Configuring Costing for Routable Interfaces ..............591 5.40.2 Viewing Statistics for Routable Interfaces ..............591 5.40.3 Managing IPv4 Addresses .................... 592 5.40.3.1 Viewing a List of IPv4 Addresses ............... 592 5.40.3.2 Adding an IPv4 Address ..................
Page 33 RUGGEDCOM ROX II CLI User Guide Table of Contents 5.41.7.8 Viewing a List of LDP Interfaces ................ 612 5.41.7.9 Enabling/Disabling an LDP Interface ..............612 5.42 Managing the RUGGEDCOM CROSSBOW Application ............613 5.42.1 Enabling/Disabling CROSSBOW ................... 613 5.42.2 Configuring the Client Connection ................. 613 5.42.3 Configuring the SAC Connection ..................
Page 34 RUGGEDCOM ROX II Table of Contents CLI User Guide xxxiv...
Page 35: Preface
CLI User Guide Preface Preface This guide describes the CLI user interface for RUGGEDCOM ROX II v2.9 running on the RUGGEDCOM RX1500/RX1501/RX1510/RX1511/RX1512. It contains instructions and guidelines on how to use the software, as well as some general theory. It is intended for use by network technical support personnel who are familiar with the operation of networks. It is also recommended for use by network and system planners, system programmers, and line technicians.
Page 36: Related Documents
• RUGGEDCOM RX1500 Data Sheet System Requirements Each workstation used to connect to the RUGGEDCOM ROX II Rugged CLI interface must meet the following system requirements: • Must have a working Ethernet interface compatible with at least one of the port types on the RUGGEDCOM RX1500 •...
Page 37: License Conditions
Siemens sales representative. Customer Support Customer support is available 24 hours, 7 days a week for all Siemens customers. For technical support or general information, contact Siemens Customer Support through any of the following methods: Online Visit http://www.siemens.com/automation/support-request...
Page 38: Customer Support
RUGGEDCOM ROX II CLI User Guide Preface Customer Support xxxviii...
Page 39: Introduction
Introduction Introduction Welcome to the RUGGEDCOM ROX II (Rugged Operating System on Linux®) v2.9 CLI User Guide for the RUGGEDCOM RX1500/RX1501/RX1510/RX1511/RX1512. This document details how to configure the RX1500 via the RUGGEDCOM ROX II Command Line Interface (CLI). RUGGEDCOM ROX II also features a Web interface, which is described in a separate CLI User Guide.
Page 40: Troubleshooting
Ethernet frames. Switches can introduce latency in times of heavy network traffic due to the internal queues that buffer frames and then transmit on a first come first serve basis. RUGGEDCOM ROX II supports Class of Service, which allows time critical traffic to jump to the front of the queue, thus minimizing latency and reducing jitter to allow such demanding applications to operate correctly.
Page 41 • Port Mirroring RUGGEDCOM ROX II can be configured to duplicate all traffic on one port to a designated mirror port. When combined with a network analyzer, this can be a powerful troubleshooting tool. • Port Configuration and Status RUGGEDCOM ROX II allows individual ports to be hard configured for speed, duplex, auto-negotiation, flow control and more.
Page 42 • Brute Force Attack Prevention Protection against Brute Force Attacks (BFAs) is standard in RUGGEDCOM ROX II. If an external host fails to log in to the CLI, NETCONF or Web interfaces after a fixed number of attempts, the host's IP address will be blocked for a period of time.
Page 43: Feature Keys
Section 1.2 Feature Keys Feature keys add features to an existing installation of RUGGEDCOM ROX II. They can be purchased and installed at any time. Three feature keys are currently available: L2STD, L3STD and L3SEC. By default, each new RX1500/RX1501/ RX1510/RX1511/RX1512 is ordered with a base feature key, which is permanently installed on the device.
Page 44: Security Recommendations
Accessibility hazard – risk of data loss. Do not misplace the passwords for the device. If both the maintenance and boot passwords are misplaced, the device must be returned to Siemens Canada Ltd. for repair. This service is not covered under warranty. Depending on the action that must be taken to regain access to the device, data may be lost.
Page 45 ▪ Make sure the default community strings are changed to unique values. • When using RUGGEDCOM ROX II as a client to securely connect to a server (such as, in the case of a secure upgrade or a secure syslog transfer), make sure the server side is configured with strong ciphers and protocols.
Page 46 • Use the latest Web browser version compatible with RUGGEDCOM ROX II to make sure the most secure Transport Layer Security (TLS) versions and ciphers available are employed. Additionally, 1/n-1 record splitting...
Page 47: Available Services By Port
RUGGEDCOM ROX II Chapter 1 CLI User Guide Introduction Section 1.4 Available Services by Port The following table lists the services available by the device, including the following information: • Services The service supported by the device • Port Number The port number associated with the service •...
Page 48: User Permissions
Chapter 1 RUGGEDCOM ROX II Introduction CLI User Guide Section 1.5 User Permissions The following table lists the operation, configuration, and action commands permitted to the administrator, operator, and guest users. Types of user access: • Create (C) - can create and remove optional parameters •...
Page 49 RUGGEDCOM ROX II Chapter 1 CLI User Guide Introduction Access Commands/Paths Permitted Notes Administrator Operator Guest /admin/sftp /admin/time (status) /admin/switch-config (status) /admin/system /admin/sytem-name /admin/timezone C/R/U /admin/clear-all-alarms (action) C/R/U /admin/backup-files (action) E/R/U /admin/delete-all-ssh-known-hosts (action) /admin/delete-logs (action) /admin/delete-ssh-known-host (action) /admin/full-configuration-load (action) /admin/full-configuration-save (action)
Page 50: Removable Memory
Chapter 1 RUGGEDCOM ROX II Introduction CLI User Guide Access Commands/Paths Permitted Notes Administrator Operator Guest /services C/R/U C/R/U /services/time/ntp/key/ C/R/U /tunnel C/R/U C/R/U /tunnel/ipsec C/R/U C/R/U C/R/U /mpls C/R/U C/R/U /mpls/interface-mpls /mpls/ldp/interface-ldp /switch C/R/U C/R/U /switch/vlans/all-vlans C/R/U C/R/U /switch/port-security...
Page 51 • Upgrade/Downgrade Firmware – Use the USB Mass Storage device as a portable repository for new or legacy versions of the RUGGEDCOM ROX II firmware. • Backup Files – Configure RUGGEDCOM ROX II to backup important information to the USB Mass Storage device, such as rollbacks, log files, feature keys and configuration files.
Page 52 RUGGEDCOM ROX II Chapter 1 CLI User Guide Introduction Removable Memory...
Page 53: Using Ruggedcom Rox Ii
Chapter 2 CLI User Guide Using RUGGEDCOM ROX II Using RUGGEDCOM ROX II This chapter describes how to use the RUGGEDCOM ROX II interface. It describes the following tasks: • Section 2.1, “Connecting to RUGGEDCOM ROX II” • Section 2.2, “Default User Names and Passwords”...
Page 54 • Disable hardware and software flow control Establish a connection to the device and press any key. The login prompt appears. Log in to RUGGEDCOM ROX II. For more information about logging in to RUGGEDCOM ROX II, refer to Section 2.3, “Logging In”.
Page 55: Connecting Through The Network
Launch the SSH client on the computer and connect to admin@{ipaddress}, where {ipaddress} is the IP address for the MGMT port. The login prompt appears: Using username "admin". admin@192.168.0.2's password: Log in to RUGGEDCOM ROX II. For more information about logging in to RUGGEDCOM ROX II, refer to Section 2.3, “Logging In”. Section 2.1.2...
Page 56: Logging In
Passwords”. IMPORTANT! RUGGEDCOM ROX II features a Brute Force Attack (BFA) protection system to detect potentially malicious attempts to access the device. When enabled, the protection system will block an IP address after 15 failed login attempts over a 10 minute period. The IP address will be blocked for 720 seconds or 12 minutes the first time.
Page 57: Logging Out
To log out of the device, type exit at the root level. ruggedcom# exit Section 2.5 Using Network Utilities The following sections describe how to use the built-in RUGGEDCOM ROX II network utilities: • Section 2.5.1, “Pinging a Host” • Section 2.5.2, “Dumping Raw Data to a Terminal or File”...
Page 58: Dumping Raw Data To A Terminal Or File
Chapter 2 RUGGEDCOM ROX II Using RUGGEDCOM ROX II CLI User Guide Section 2.5.2 Dumping Raw Data to a Terminal or File Tcpdump is a packet analyzer for TCP/IP and other packets. It can be used to dump raw data to a terminal or file.
Page 59: Tracing The Route Of An Ipv4 Address Using Mpls Protocols
Section 2.6.9, “Common Commands” Section 2.6.1 Accessing Different CLI Modes RUGGEDCOM ROX II provides commands for monitoring and configuring software, hardware and network connectivity. The Command Line Interface (CLI) supports the following modes: Tracing the Route of an IPv4 Address Using MPLS...
Page 60: Using Command Line Completion
Chapter 2 RUGGEDCOM ROX II Using RUGGEDCOM ROX II CLI User Guide Mode Description Operational Mode Operational mode is the default mode after a user logs in to the device. It allows users to perform general device management actions and provides troubleshooting and maintenance utilities. It is used for viewing the system status, controlling the CLI environment, monitoring and troubleshooting network connectivity, and launching the Configuration mode.
Page 61: Editing Commands
RUGGEDCOM ROX II Chapter 2 CLI User Guide Using RUGGEDCOM ROX II ruggedcom# ? Possible completions: admin Configures the general device characteristics autowizard Automatically query for mandatory elements clear Clear parameter commit Confirm a pending commit compare Compare running configuration to another configuration or a file...
Page 62 Chapter 2 RUGGEDCOM ROX II Using RUGGEDCOM ROX II CLI User Guide Inserting Recently Deleted Text Command Description Ctrl+y Inserts the most recently deleted text at the cursor's location Displaying Previously Entered Commands Command Description Ctrl+p or Up Arrow Shows the previous command in the command history...
Page 63: Using Output Redirects
RUGGEDCOM ROX II Chapter 2 CLI User Guide Using RUGGEDCOM ROX II Section 2.6.5 Using Output Redirects Information returned from a CLI term can be processed in various ways using an output redirect term. To specify an output redirect, type | after the CLI term and then type the redirect term. To display the available redirects, type | ? after a CLI term.
Page 64 Chapter 2 RUGGEDCOM ROX II Using RUGGEDCOM ROX II CLI User Guide Parameter Description begin Begins the output with the line containing the specified text. Regular expressions can be used with this redirect. For more information about regular expressions, refer to Section 2.6.6, “Using Regular...
Page 65 RUGGEDCOM ROX II Chapter 2 CLI User Guide Using RUGGEDCOM ROX II Parameter Description gmtime "Tue Feb 15 08:37:42 2011\n" localtime "Tue Feb 15 03:37:42 2011\n" software-upgrade more Paginates the output. When the output reaches the screen-length setting, the CLI prompts you to press a key for more. Press Enter to advance line-by-line;...
Page 66: Using Regular Expressions
Section 2.6.6 Using Regular Expressions RUGGEDCOM ROX II command line regular expressions are a subset of the regular expressions found in egrep and in the AWK programming language. Regular expressions can be used along with several of the output redirects. For more information about using output redirects, refer to Section 2.6.5, “Using Output...
Page 67: Using Cli Utilities
RUGGEDCOM ROX II Chapter 2 CLI User Guide Using RUGGEDCOM ROX II Character Description Example • Each AS set delimiter (e.g. { and }) • Each AS confederation delimiter (e.g. ( and )) • The beginning and end of the line Therefore, the underscore can be used to match AS values.
Page 68: Common Commands
Chapter 2 RUGGEDCOM ROX II Using RUGGEDCOM ROX II CLI User Guide In this example, a command is issued to ports 1, 2 and 4 on LM1, LM2 and LM4: ruggedcom(config)# interface switch lm1-2,4 1-2,4 When available, the range parameter can be included before the value range: ruggedcom(config)# interface switch range lm1-3 1-6 Section 2.6.9...
Page 69 RUGGEDCOM ROX II Chapter 2 CLI User Guide Using RUGGEDCOM ROX II Parameter Description Shows selected configuration information. Use auto completion to show [ admin | chassis | interface | interfaces | display the list of options available at each configuration level. For...
Page 70: File Commands
Chapter 2 RUGGEDCOM ROX II Using RUGGEDCOM ROX II CLI User Guide Parameter Description auto completion to see a list of configuration options. Use | and one or more output redirects to restrict the information to be shown. Section 2.6.9.2 File Commands Operational mode provides commands for managing log, configuration and feature key files on the device.
Page 71 RUGGEDCOM ROX II Chapter 2 CLI User Guide Using RUGGEDCOM ROX II Parameter Description Copies a configuration file. After typing the command, press Tab to file copy-config current-filename new-filename view a list of available files. For example, the following command...
Page 72 Chapter 2 RUGGEDCOM ROX II Using RUGGEDCOM ROX II CLI User Guide Parameter Description • current-filename is the current filename of the configuration file. • new-filename is the new filename for the configuration file. To use the current filename, specify the current filename or exclude this parameter from the command.
Page 73 RUGGEDCOM ROX II Chapter 2 CLI User Guide Using RUGGEDCOM ROX II Parameter Description • host is the host name or IP address of the remote computer. • path path is the path to the feature key file on the remote computer.
Page 74: Interface And Services Commands
Chapter 2 RUGGEDCOM ROX II Using RUGGEDCOM ROX II CLI User Guide Parameter Description • user is a user name with access rights to the remote computer. • host is the host name or IP address of the remote computer.
Page 75: Administration Commands
Boots to a previous software release on the alternate partition. admin software-upgrade rollback-reboot maint-login CAUTION! Configuration hazard – risk of data loss/corruption. Maintenance mode is provided for troubleshooting purposes and should only be used by Siemens Canada Ltd. technicians. Maintenance mode is provided for Administration Commands...
Page 76 Chapter 2 RUGGEDCOM ROX II Using RUGGEDCOM ROX II CLI User Guide Parameter Description troubleshooting purposes and all possible commands are not documented. Misuse of maintenance mode commands can corrupt the operational state of the device and render the device inaccessible.
Page 77: Configuration Mode General Commands
RUGGEDCOM ROX II Chapter 2 CLI User Guide Using RUGGEDCOM ROX II Section 2.6.9.5 Configuration Mode General Commands Configuration mode provides a set of general commands that allow users to work with configuration data. Parameter Description Exits the configuration session without saving changes.
Page 78 Chapter 2 RUGGEDCOM ROX II Using RUGGEDCOM ROX II CLI User Guide Parameter Description Copies a configured element to a new element. For example, the copy following command copies the userid admin to the new userid wsmith: ruggedcom(config)# copy admin users userid admin...
Page 79 RUGGEDCOM ROX II Chapter 2 CLI User Guide Using RUGGEDCOM ROX II Parameter Description Moves an existing IPv4 address to a new position in the list move [ after | before | first | last | ipv4 ] of addresses. The address can be moved to the first or last (default) position in the list, or before or after another address.
Page 80 Validates the current configuration. validate Runs the rox_flash or rox_upgrade wizards. For more information, wizard [ rox_flash | rox_upgrade ] refer to Section 3.11.5.2, “Downgrading Using ROXflash” Section 3.11.3, “Upgrading the RUGGEDCOM ROX II Software”. Configuration Mode General Commands...
Page 81: Configuring The Cli Interface
Section 2.8 Accessing Different Modes Aside from normal mode, there are three additional modes within RUGGEDCOM ROX II that offer various controls over the operating system. The following sections describe how to access the different modes within RUGGEDCOM ROX II: •...
Page 82: Accessing Bist Mode
Accessing BIST Mode BIST (Built-In-Self-Test) mode is used by RUGGEDCOM ROX II to test and configure internal functions of the device. The method for accessing BIST is different if a new software image has been flashed onto the flash card.
Page 83 RUGGEDCOM ROX II Chapter 2 CLI User Guide Using RUGGEDCOM ROX II 'l' List the available boot targets 'c' Exit to the boot loader command line Will reboot after 60 seconds of inactivity NOTE In the example above, the text Auto booting [4-0] indicates the active partition is Boot Partition 4.
Page 84: Accessing Service Mode
Changes made to the configuration in this mode will override the current configuration settings (e.g. IP addresses, VLAN settings, etc.), but are discarded following a system reboot. Connect to RUGGEDCOM ROX II through the RS-232 console connection and a terminal application. For more information, refer to Section 2.1.1, “Connecting...
Page 85: Accessing Maintenance Mode
To access maintenance mode, do the following: CAUTION! Configuration hazard – risk of data corruption. Maintenance mode is provided for troubleshooting purposes and should only be used by Siemens Canada Ltd. technicians. As such, this mode is not fully Accessing Maintenance Mode...
Page 86 Chapter 2 RUGGEDCOM ROX II Using RUGGEDCOM ROX II CLI User Guide documented. Misuse of the commands available in this mode can corrupt the operational state of the device and render it inaccessible. IMPORTANT! Changes made to the configuration in this mode will override the current configuration settings (e.g. IP addresses, VLAN settings, etc.), but are discarded following a system reboot.
Page 87: Device Management
Section 3.8, “Managing Files” • Section 3.9, “Managing Logs” • Section 3.10, “Managing the Software Configuration” • Section 3.11, “Upgrading/Downgrading the RUGGEDCOM ROX II Software” • Section 3.12, “Managing RUGGEDCOM ROX II Applications” • Section 3.13, “Managing Feature Keys” •...
Page 88: Determining The Product Version
Section 3.1 Determining the Product Version During troubleshooting or when ordering new devices, Siemens Canada Ltd. personnel may request specific information about the device, such as the model, order code or serial number. To display general information about the product, type:...
Page 89: Viewing The Slot Hardware
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management • Section 3.2.4, “Viewing CPU/RAM Utilization” • Section 3.2.5, “Viewing the Slot Status” • Section 3.2.6, “Viewing the Slot Sensor Status” • Section 3.2.7, “Viewing the Power Controller Status” Section 3.2.1...
Page 90: Viewing Flash Card Storage Utilization
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide --------------------------------------------------------------------------------- main RX1501 8 Gigabit Layer 3 w/ 6 LM slots and 1 PM slots 2010.09RR12 14-23 This table or list provides the following information: Parameter Description slot Synopsis: { ---, pm1, pm2, main, sm, lm1, lm2, lm3, lm4, lm5, lm6, swport, eth, serport, celport, cm, em, trnk } The slot name, as marked on the silkscreen across the top of the chassis.
Page 91: Viewing Cpu/Ram Utilization
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Parameter Description The %usage of the current partition. Section 3.2.4 Viewing CPU/RAM Utilization To view the CPU/RAM utilization statistics for each module installed in the device, type: show chassis cpu slot-cpu...
Page 92: Viewing The Slot Sensor Status
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide 88-300 VDC or 85-264VAC, screw terminal block operating Normal 1D 4hr 47min 12sec 2012-10-24Z 06:44:32Z 1000TX w/ 2x RJ45 operating Normal 0D 0hr 0min 0sec 2012-10-24Z 06:42:28Z none empty ----...
Page 93: Viewing The Power Controller Status
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management This table or list provides the following information: Parameter Description slot Synopsis: { ---, pm1, pm2, main, sm, lm1, lm2, lm3, lm4, lm5, lm6, swport, eth, serport, celport, cm, em, trnk } The slot name, as marked on the silkscreen across the top of the chassis.
Page 94: Viewing The Parts List
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.3 Viewing the Parts List To view a list of parts installed in the device, type: show running-config chassis part-list If jobs have been configured, a table or list similar to the following example appears:...
Page 95: Rebooting The Device
This includes removing any sensitive, proprietary information. To decommission the device, do the following: Obtain a copy of the RUGGEDCOM ROX II firmware currently installed on the device. For more information, contact Siemens Customer Support.
Page 96: Managing Files
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Log in to RUGGEDCOM ROX II. For more information, refer to Section 2.3, “Logging In”. Flash the RUGGEDCOM ROX II firmware obtained in Step 1 to the inactive partition and reboot the device.
Page 97: Managing Logs
Section 3.9 Managing Logs RUGGEDCOM ROX II maintains various logs to record information about important events. Each log falls into one of the following log types: Security Event Logs Information related to the following security events are logged by RUGGEDCOM ROX II: NOTE Passwords can be retried up to 3 times before the login attempt is considered a security event.
Page 98: Viewing Logs
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide All log files are organized in the log directory (/var/log) according to the facility and priority at which they have been logged. Remote Syslog sends the requested logs to the remote server(s) at whichever facility and priority they were initially logged, after filtering the logs based on the selectors configured for the server.
Page 99: Deleting Logs
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Section 3.9.2 Deleting Logs To delete all logs stored on the device, type: admin delete-logs Section 3.9.3 Configuring a Source IP Address for Remote Syslog Messages IP packets for remote syslog messages include a destination IP address and a source IP address. The source IP address is the interface from which the message is sent (e.g.
Page 100: Enabling/Disabling The Developer's Log
CAUTION! Configuration hazard – risk of reduced performance. Enabling diagnostic logging will significantly affect the performance of RUGGEDCOM ROX II. Only enable diagnostic logging when directed by Siemens. The following sections describe how to configure and manage diagnostic logs: •...
Page 101: Enabling/Disabling The Netconf Summary Log
CAUTION! Configuration hazard – risk of reduced performance. Enabling diagnostic logging will significantly affect the performance of RUGGEDCOM ROX II. Only enable diagnostic logging when directed by Siemens. To enable or disable the SNMP log, do the following: Make sure the CLI is in Configuration mode.
Page 102: Enabling/Disabling The Xpath Trace Log
CAUTION! Configuration hazard – risk of reduced performance. Enabling diagnostic logging will significantly affect the performance of RUGGEDCOM ROX II. Only enable diagnostic logging when directed by Siemens. To enable or disable the XPATH Trace log, do the following: Make sure the CLI is in Configuration mode.
Page 103: Configuring Secure Remote Syslog
Secure remote syslog encrypts all system logs sent to syslog servers using an Secure Sockets Layer (SSL) certificate signed by a Certified Authority (CA). IMPORTANT! The client (RUGGEDCOM ROX II) and server certificates must by signed by the same CA. The following sections describe how to enable and configure secure remote syslog: •...
Page 104: Viewing A List Of Permitted Peers
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide [Optional] Define one or more match patterns or permitted peers. Permitted peers compare the server's host name to the common name defined in the SSL certificate. For more information, refer to Section 3.9.5.3,...
Page 105: Managing Remote Syslog Servers
Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 3.9.6 Managing Remote Syslog Servers RUGGEDCOM ROX II can support up to 6 event message collectors, or remote Syslog servers. Remote Syslog provides the ability to configure: • IP address(es) of collector(s) •...
Page 106: Deleting A Remote Server
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide admin logging server address Where: • address is the IP address of the remote server Configure the following parameter(s) as required: Parameter Description enabled Synopsis: typeless Enables/disables the feed to the remote logging server.
Page 107: Viewing A List Of Remote Server Selectors
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Section 3.9.7.1 Viewing a List of Remote Server Selectors To view a list of remote server selectors, type: show running-config admin logging server address selector Where: • address is the IP address of the remote server.
Page 108: Deleting A Remote Server Selector
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Parameter Description comparison { comparison } Synopsis: { same_or_higher, same } Default: same_or_higher The message severity levels to include in the log: <itemizedlist><listitem><emphasis role="bold">same:</ emphasis> includes only messages of the severity level selected in the <emphasis>Level</emphasis>...
Page 109: Managing The Software Configuration
Device Management Section 3.10 Managing the Software Configuration Configuration parameters for RUGGEDCOM ROX II can be saved on the device and loaded in the future. The following sections describe how to save and load the RUGGEDCOM ROX II software configuration: •...
Page 110: Upgrading/Downgrading The Ruggedcom Rox Ii Software
Section 3.11.1 Configuring the Upgrade Source Firmware for upgrading or downgrading RUGGEDCOM ROX II can be uploaded from either an upgrade server or a portable USB Mass Storage drive. For information about setting up an upgrade server, refer to Section 3.11.2, “Setting Up an Upgrade...
Page 111: Setting Up An Upgrade Server
Section 3.11.2.2, “Adding Software Releases to the Upgrade Server” Section 3.11.2.1 Configuring the Upgrade Server For RUGGEDCOM ROX II to properly retrieve files from an upgrade server, the following must be configured on the server: • MIME Types The following MIME types must be defined for the chosen upgrade server (e.g. Microsoft IIS Manager, Apache HTTP Server, Lighttpd, etc.) for RUGGEDCOM ROX II to properly retrieve files from the server:...
Page 112: Adding Software Releases To The Upgrade Server
Double escaping allows special double encoded characters, such as +, % and &, in a URI. As some files in RUGGEDCOM ROX II upgrade/downgrade packages may contain a + sign in their file names, double escaping must be enabled for the upgrade server. If double escaping is not enabled, some files will be un-retrievable and the upgrade will fail.
Page 113 To upgrade the RUGGEDCOM ROX II software, do the following: If the source of the software is a USB Mass Storage drive, insert the drive in the USB port on the device. For more information, refer to the RUGGEDCOM RX1500/RX1501/RX1510/RX1511/RX1512 Installation Guide.
Page 114: Stopping/Declining A Software Upgrade
Section 3.11.5.2, “Downgrading Using ROXflash” Section 3.11.5.1 Rolling Back a Software Upgrade To activate a previous version of the RUGGEDCOM ROX II software stored on the inactive partition, do the following: Make sure the CLI is in Configuration mode. Stopping/Declining a Software Upgrade...
Page 115: Downgrading Using Roxflash
Section 3.11.5.2 Downgrading Using ROXflash ROXflash is used to flash any previous version of a RUGGEDCOM ROX II software image to the inactive partition. To obtain a RUGGEDCOM ROX II software image, contact Siemens Customer Support. After a successful software downgrade and reboot, the downgraded partition is activated.
Page 116: Managing Ruggedcom Rox Ii Applications
ROX products (e.g. RUGGEDCOM CROSSBOW, RUGGEDCOM ELAN, etc.). They are installed and upgraded the same as the RUGGEDCOM ROX II operating system, in that they are first installed on the inactive partition and are only activated after a reboot. This makes it possible to decline or undo the installation if the application creates undesirable results.
Page 117: Installing An Application
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Section 3.12.2 Installing an Application To install an application, do the following: Make sure the CLI is in Configuration mode. Make sure a repository for the application has been configured before installing the application. For more information, refer to Section 3.12.5.3, “Adding a...
Page 118: Managing Application Repositories
CLI User Guide Section 3.12.5 Managing Application Repositories Before any RUGGEDCOM ROX II application can be installed or upgraded, a connection to its repository on the upgrade server must be configured. NOTE Multiple applications can be installed or upgraded at the same time. Therefore, multiple repositories may be configured.
Page 119: Adding A Repository
Managing Feature Keys RUGGEDCOM ROX II can be enhanced with additional features at any time by adding feature levels. Feature levels are encoded in feature keys that can be loaded on a device. At the time of ordering, a device feature key...
Page 120: Viewing The Contents Of A Feature Key
Mass Storage drive, and can be moved from device to device. NOTE Some RUGGEDCOM ROX II features are only available through the purchase of feature levels. For more information about the available feature levels, refer to the product data sheet for the device available at www.siemens.com/ruggedcom...
Page 121: Installing Feature Keys
Section 3.13.2 Installing Feature Keys When installing a new feature key, RUGGEDCOM ROX II evaluates the new file-based feature key and the device feature key and enables the most capable feature level described by the keys. Feature keys can be installed from a host computer or USB Mass Storage drive.
Page 122: Managing Fixed Modules
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide • path is the directory path to the feature key file on the USB Mass Storage drive. • current-filename is the current name of the feature key file. • new-filename is the new name of the feature key file on the device. This parameter is optional. The current filename will be used if a new filename is not provided.
Page 123: Adding A Fixed Module Configuration
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Section 3.14.2 Adding a Fixed Module Configuration To add a configuration for a fixed module, do the following: Make sure the CLI is in Configuration mode. Add the module by typing:...
Page 124: Removing A Line Module
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.15.1 Removing a Line Module To remove a line module from the chassis, do the following: Shut down the device. The device will shutdown for a period of time before rebooting and restarting. The default time-out period is 300 seconds (five minutes).
Page 125: Configuring A Line Module
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management SLOT MODULE TYPE ENABLED BYPASS ------------------------------------------------------------------- SM 88 Gigabit Layer 3 w/ 2x 10G SFP+ slots 4x 10/100/1000TX RJ45 none none 16x 10/100TX RJ45 16x 10/100TX RJ45 16x 10/100TX RJ45 If no line modules have been configured, install line module as needed.
Page 126: Managing Event Trackers
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide NOTE An M12 line module with bypass control is required for this feature. To enable or disable controlled bypass for M12 line modules, do the following: Log in to the defective router.
Page 127: Viewing A List Of Event Trackers
Section 3.16.3, “Adding an Event Tracker”. Section 3.16.2 Viewing Event Tracker Statistics RUGGEDCOM ROX II records statistics for each event tracker. To view the statistics for an event tracker, type: show global tracking event statistics A list similar to the following example appears:...
Page 128: Adding An Event Tracker
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Parameter Description min-rtt Synopsis: A string The minimum of the round trip time (in milliseconds). average-rtt Synopsis: A string The average of the round trip time (in milliseconds). Synopsis: A string max-rtt The maximum of the round trip time (in milliseconds).
Page 129: Deleting An Event Tracker
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 3.16.4 Deleting an Event Tracker To delete an event tracker, do the following: Make sure the CLI is in Configuration mode.
Page 130: Configuring A Switched Ethernet Port
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide no ingress-limit no egress-limit port-security no shutdown-time no admin-shutdown dot1x no reauth-enable lldp no notify mcast-filtering no gmrp no inspect-tos vlan pvid 1 no gvrp-mode spanning-tree no restricted-role no restricted-tcn Section 3.17.2...
Page 131 RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management NOTE Switched Ethernet ports in dedicated routing port mode cannot be trunk ports. NOTE The configuration for a switched Ethernet port in switchport mode can be restored when it is removed from a trunk.
Page 132 Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Parameter Description proxyarp Synopsis: typeless Enables/Disables whether the VLAN will respond to ARP requests for hosts other than itself mtu { mtu } Synopsis: An integer between 68 and 1500...
Page 133 RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Parameter Description Disabling notifications will prevent sending notifications and generating alarms for a particular interface from the LLDP agent. NOTE Multicast filtering, CoS and VLAN parameters are only available when the port is in switchport mode.
Page 134: Configuring Port Security
MAC address. Access is granted if the MAC address appears on the Static MAC Address table. NOTE RUGGEDCOM ROX II only supports the authentication of one host per port that has the port security mode set to 802.1x or 802.1x/MAC-Auth.
Page 135 RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management IMPORTANT! Do not apply port security on core switch connections. Port security is applied at the end of the network to restrict admission to specific devices. To configure port security for a switched Ethernet port, do the following: Make sure the CLI is in Configuration mode.
Page 136: Viewing Switched Ethernet Port Statistics
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Parameter Description reauth-period { reauth-period } Synopsis: An integer between 60 and 86400 Default: 3600 The time between successive reauthentications of the supplicant. reauth-max { reauth-max } Synopsis: An integer between 1 and 10...
Page 137: Viewing Rmon Port Statistics
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Parameter Description in-octets The number of octets in received good packets. (Unicast+Multicast +Broadcast) and dropped packets. out-octets The number of octets in transmitted good packets. in-pkts The number of received good packets (Unicast+Multicast +Broadcast) and dropped packets.
Page 138 Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Parameter Description dropped packets. in-pkts The number of received good packets (Unicast+Multicast +Broadcast) and dropped packets. in-bcast-pkts The number of good broadcast packets received. in-mcast-pkts The number of good multicast packets received.
Page 139: Clearing Switched Ethernet Port Statistics
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Parameter Description 1. The packet data length is greater that 1536 octets. 2. The packet has invalid CRC. collisions The number of received packets for which a Collision Event has been detected.
Page 140: Resetting A Switched Ethernet Port
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.17.7 Resetting a Switched Ethernet Port To reset a switched Ethernet port, type: interfaces switch slot port reset-port Where: • slot is the name of the module location • port is the port number (or a list of ports, if aggregated in a port trunk) for the module Section 3.17.8...
Page 141: Viewing Cable Diagnostic Statistics
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Enter the calibration value and run the cable diagnostic test a few more times. The distance to the OPEN fault should now be similar to the cable length. Use the distance value to determine the calibration value.
Page 142: Clearing Cable Diagnostic Statistics
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Parameter Description fail-count Failure Count Section 3.17.8.3 Clearing Cable Diagnostic Statistics The following describes how to clear the statistics collected when cable diagnostic tests are performed. All of the statistics or only those for a specific switchport can be cleared.
Page 143: Configuring A Routable Ethernet Port
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management no on-demand no alias lldp no notify Section 3.18.2 Configuring a Routable Ethernet Port To configure a routable Ethernet port, do the following: Make sure the CLI is in Configuration mode.
Page 144: Managing Serial Ports
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Parameter Description Enables/Disables whether the port will respond to ARP requests for hosts other than itself. on-demand Synopsis: typeless This interface is up or down on demand of link fail over.
Page 145: Viewing A List Of Serial Ports
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Section 3.19.1 Viewing a List of Serial Ports To view a list of serial ports configured on the device, type: show running-config interface serial A table or list similar to the following example appears:...
Page 146: Viewing Transport Connection Statistics
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Parameter Description rx-chars The number of bytes received by the serial port. rx-packets The number of packets received by the serial port. packet-errors The number of packet errors on this serial port.
Page 147: Clearing Serial Port Statistics
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management show interfaces serial dnp-device-table A table or list similar to the following appears: ruggedcom# show interfaces serial dnp-device-table | tab DEVICE SERIAL ADDRESS REMOTE IP PORT --------------------------------- ser-3-1 10.200.22.199 This table or list provides the following information:...
Page 148: Restarting The Serial Server
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Parameter Description Provides the option to enable or disable this interface. When unchecked (i.e disabled), the interface will prevent all frames from being sent and received on that interface. Synopsis: A string 1 to 64 characters long alias { alias } The SNMP alias name of the interface.
Page 149: Managing Serial Port Protocols
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Section 3.20 Managing Serial Port Protocols The following sections describe how to configure and manage serial port protocols: • Section 3.20.1, “Serial Port Protocol Concepts” • Section 3.20.2, “Viewing a List of Serial Port Protocols”...
Page 150: Modbus Tcp Applications
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Host And Remote Roles The raw socket protocol can either initiate or accept a TCP connection for serial encapsulation. It can establish a connection initiated from a remote host, vice versa, or bidirectionally.
Page 151: Dnp Applications
DNP messages. Address Learning for DNP RUGGEDCOM ROX II implements both local and remote address learning for DNP. A local Device Address Table is populated with DNP Addresses learned for local and remote DNP devices. Each DNP address is associated with either a local serial port or a remote IP address.
Page 152: Incoming/Outgoing Serial Connections
TCP/UDP port number, a learning network interface and an aging timer. DNP Broadcast Messages DNP addresses 65521 through 65535 are reserved as DNP3 broadcast addresses. RUGGEDCOM ROX II supports DNP3 broadcast messages. DNP broadcast messages received on local serial ports are transmitted to all IP Addresses in the Device Address Table (whether learned or statically configured).
Page 153: Adding A Serial Port Protocol
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Section 3.20.3 Adding a Serial Port Protocol To add a serial port protocol, do the following: Make sure the CLI is in Configuration mode. Add the protocol by typing: interface serial slot port protocols protocol Where: •...
Page 154: Configuring The Modbus Tcp Protocol
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.20.5 Configuring the Modbus TCP Protocol To configure the modbus TCP protocol for a serial port, do the following: Make sure the CLI is in Configuration mode. Navigate to interface » serial » {interface} » protocols » tcpmodbus » settcpmodbus, where {interface} is the serial port.
Page 155 RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Make sure the CLI is in Configuration mode. Navigate to interface » serial » {interface} » protocols » rawsocket, where {interface} is the serial port. Configure the following parameter(s) as required:...
Page 156: Deleting A Serial Port Protocol
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.20.7 Deleting a Serial Port Protocol To delete a serial port protocol, do the following: Make sure the CLI is in Configuration mode. Delete the serial port protocol by typing:...
Page 157: Adding A Device Address Table
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Section 3.20.8.2 Adding a Device Address Table To add a Device Address table for a serial port using the DNP protocol, do the following: Make sure the CLI is in Configuration mode.
Page 158: Managing Remote Hosts
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.20.9 Managing Remote Hosts Remote hosts are required when the UDP transport connection protocol is selected for the raw socket protocol. The following sections describe how to configure and manage remote hosts: •...
Page 159: Deleting A Remote Host
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Section 3.20.9.3 Deleting a Remote Host To delete a remote host, do the following: Make sure the CLI is in Configuration mode. Delete the remote host by typing: no interface serial slot port protocols rawsocket setrawsocket remote-host address remote-port Where: •...
Page 160: Adding An Ethernet Trunk Interface
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide If no Ethernet trunk interfaces have been configured, add trunks as needed. For more information, refer to Section 3.21.2, “Adding an Ethernet Trunk Interface”. Section 3.21.2 Adding an Ethernet Trunk Interface To add an Ethernet trunk interface, do the following: Make sure the CLI is in Configuration mode.
Page 161 RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Parameter Description ONLY : the port will declare all MCAST addresses existing in the switch (configured or learned) but will not learn any MCAST addresses.</listitem> <listitem>ADVERTISE and LEARN : the...
Page 162: Deleting An Ethernet Trunk Interface
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Parameter Description VLANs existing in the switch (configured or learned) and can dynamically learn VLANs.</listitem></itemizedlist> Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 163: Adding An Ethernet Trunk Port
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management If no Ethernet trunk ports have been configured, add ports as needed. For more information, refer to Section 3.21.4.2, “Adding an Ethernet Trunk Port”. Section 3.21.4.2 Adding an Ethernet Trunk Port To add an Ethernet trunk port, do the following: Make sure the CLI is in Configuration mode.
Page 164: Viewing A List Of Cellular Modem Interfaces
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide • Section 3.22.6, “Configuring a Cellular Modem Interface” • Section 3.22.7, “Activating a Cellular Modem Account” • Section 3.22.8, “Resetting the Cellular Modem” • Section 3.22.9, “Running AT Commands” •...
Page 165: Viewing Ppp Interface Statistics
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Parameter Description The wireless data communication technology that modem is compatible with{ GSM/HSPA, CDMA/EVDO, LTE }. admin-state Synopsis: { not set, up, down, testing, unknown, dormant, notPresent, lowerLayerDown } The port's administrative status.
Page 166: Viewing The Cdma Network Status For Cellular Modems
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide 211# show interfaces cellmodem cel-1-1 hspaplus hspaplus hspaplus network supported GSM,GPRS,EDGE,UMTS,HSDPA/HSUPA,HSPA+ imei 353567040070824 radio rssi indicator network operator "\"KORE\",2" network in use UMTS network status "Registered to Home network" 89302370200990049282...
Page 167: Configuring A Cellular Modem Interface
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management network status Registered phone number 9546496654 This list provides the following information: Parameter Description network-supported Synopsis: A string 1 to 128 characters long Wireless technologies supported by the modem Synopsis: A string 1 to 128 characters long The Electronic Serial Number of the modem.
Page 168: Activating A Cellular Modem Account
CDMA cellular service providers for provisioning cellular end stations for use on their networks. Using this method, the service provider (or carrier) supplies an OTASP dial string which RUGGEDCOM ROX II can use to activate the cellular account. During this OTASP call, the carrier authorizes and configures the modem for use on its network.
Page 169: Activating A Cellular Modem Account Manually
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management • port is the port number (or a list of ports, if aggregated in a port trunk) for the module • profile is the profile configured for the module • string is the activation data string Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 170: Running At Commands
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide • profile is the profile configured for the module Section 3.22.9 Running AT Commands To issue AT (Hayes) commands to the cellular modem, type: interfaces cellmodem at command command Where: •...
Page 171: Managing Wan Interfaces
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Section 3.23 Managing WAN Interfaces The following sections describe how to configure and manage WAN interfaces: • Section 3.23.1, “Viewing a List of WAN Interfaces” • Section 3.23.2, “Configuring a WAN Interface”...
Page 172: Viewing Wan Statistics
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Make sure the CLI is in Configuration mode. Navigate to interface » wan » {interface}, where {interface} is the WAN interface. Configure the following parameter(s) as required: Parameter Description { slot } Synopsis: { sm, lm1, lm2, lm3, lm4, lm5, lm6, swport, eth, serport, celport } The name of the module location for the WAN card.
Page 173: Clearing Wan Statistics
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management abort corruption pcierror dmaerror This table or list provides the following information: Parameter Description slot Synopsis: { sm, lm1, lm2, lm3, lm4, lm5, lm6, swport, eth, serport, celport } or a string Line module name of the slot.
Page 174: Performing A Loopback Test
This test is used to isolate problems within the T1/E1 circuit. • Remote Loopback – RUGGEDCOM ROX II transmits frames to the Tx port and compares them with frames received on the Rx port. A loopback plug or cable must be installed on the T1/E1 port. This test is used to isolate problems within the WAN module.
Page 175: Configuring An E1 Line
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Configure the following parameter(s) as required: Parameter Description frame { frame } Synopsis: { esf } Default: esf The frame format. line-code { line-code } Synopsis: { b8zs } Default: b8zs The line encoding/decoding scheme.
Page 176: Configuring Dds
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.23.8 Configuring DDS To configure DDS for a WAN interface, do the following: Make sure the CLI is in Configuration mode. Navigate to interface » wan » {interface} » dds » ddsparams, where {interface} is the WAN interface.
Page 177: Adding A Channel
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management wan lm2 1 t1 channel 2 connection ppp nomagic If no channels have been configured, add channels as needed. For more information, refer to Section 3.23.9.2, “Adding a Channel”. Section 3.23.9.2...
Page 178: Deleting Channels
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.23.9.3 Deleting Channels To delete a channel configured for a T1/E1 physical interface, do the following: Make sure the CLI is in Configuration mode. Delete the channel by typing:...
Page 179: Configuring A Multi Link Ppp Connection
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Parameter Description mtu { mtu } Synopsis: An integer between 256 and 1500 Default: 1500 Maximum transmission unit (largest packet size allowed for this interface). Add one or more VLANs for the HDLC-ETH connection. For more information, refer to Section 5.37.6.2,...
Page 180: Configuring A Frame Relay Connection
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Configure the following parameter(s) as required: Parameter Description nomagic Synopsis: true or false Default: false Disables the Magic Number. (Valid on RX1000 only) on-demand Synopsis: typeless This interface is up or down on demand of link fail over.
Page 181: Managing Data Links For Frame Relay Connections
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Parameter Description n391 { n391 } Synopsis: An integer between 1 and 255 Default: 6 Defines the frequency of transmission of full status enquiry messages. Valid for CPE. n392 { n392 }...
Page 182: Adding A Data Link
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide If no data links have been configured, add data links as needed. For more information, refer to Section 3.23.14.2, “Adding a Data Link”. Section 3.23.14.2 Adding a Data Link To add a data link for a frame relay connection, do the following: Make sure the CLI is in Configuration mode.
Page 183: Managing Virtual Switches
DHCP server running on FE-CM-1 is subsequently made a member of the VirtualSwitch vsw-1, the DHCP configuration must be changed to refer to vsw-1. • The virtual switch is implemented in the RUGGEDCOM ROX II software. Therefore, a CPU resource is needed to forward broadcast, multicast and unicast traffic.
Page 184: Viewing A List Of Virtual Switches
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide • Section 3.24.2, “Adding a Virtual Switch” • Section 3.24.3, “Deleting a Virtual Switch” • Section 3.24.4, “Managing Virtual Switch Interfaces” • Section 3.24.5, “Filtering Virtual Switch Traffic” • Section 3.24.6, “Managing Filtering Rules”...
Page 185: Deleting A Virtual Switch
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Parameter Description Retain IP on bridge device. Default: 15 forward-delay { forward-delay } Delay (in seconds) of the listening and learning state before goes to forwarding state. alias { alias }...
Page 186: Viewing A List Of Virtual Switch Interfaces
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.24.4.1 Viewing a List of Virtual Switch Interfaces To view a list of virtual switch interfaces, type: show running-config interface virtualswitch name interface Where: • name is the name assigned to the virtual switch...
Page 187: Deleting A Virtual Switch Interface
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 3.24.4.3 Deleting a Virtual Switch Interface To delete a virtual switch interface, do the following: Make sure the CLI is in Configuration mode.
Page 188: Viewing A List Of Virtual Switch Filters
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.24.5.2 Viewing a List of Virtual Switch Filters To view a list of virtual switch filters, type: show running-config security virtualswitch-filter virtualswitch If filters have been configured, a table or list similar to the following example appears:...
Page 189: Deleting A Virtual Switch Filter
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Section 3.24.5.4 Deleting a Virtual Switch Filter To delete a virtual switch filter, do the following: Make sure the CLI is in Configuration mode. Delete the virtual switch filter by typing:...
Page 190: Viewing A List Of Rules Assigned To A Virtual Switch Filter
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.24.6.2 Viewing a List of Rules Assigned to a Virtual Switch Filter To view a list of rules assigned to a virtual switch filter, type: show running-config security virtualswitch-filter virtualswitch name rule Where: •...
Page 191: Adding A Rule To A Virtual Switch Filter
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management Parameter Description The required source MAC address for incoming frames. Synopsis: A string dstmac { dstmac } The required destination MAC address for incoming frames. proto { proto } Synopsis: { iso, arp, ipv4, ipv6 } or a string The pre-defined protocol or hex-string (i.e.
Page 192: Deleting A Rule From A Virtual Switch Filter
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.24.6.6 Deleting a Rule from a Virtual Switch Filter To delete a rule from a virtual switch filter, do the following: Make sure the CLI is in Configuration mode.
Page 193: Adding In/Out Interfaces
RUGGEDCOM ROX II Chapter 3 CLI User Guide Device Management If no in/out interfaces have been configured, add interfaces as needed. For more information, refer to Section 3.24.7.2, “Adding In/Out Interfaces”. Section 3.24.7.2 Adding In/Out Interfaces To add an in/out interface that can be used by a virtual switch filter, do the following: Make sure the CLI is in Configuration mode.
Page 194: Managing Domain Names
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide Section 3.25.1 Managing Domain Names The DNS service can be configured to use one or more domain names when quering a domain name server. The list of domain names can include the domain in which the router is a member of, and other domains that may be used to search for an unqualified host name (i.e.
Page 195: Managing Domain Name Servers
Section 3.25.2 Managing Domain Name Servers A hierarchical list of domain name servers can be configured for the DNS service. RUGGEDCOM ROX II will contact each server in the order they are listed when domain names require resolution. The following sections describe how to configure and manage a list of domain name servers: •...
Page 196: Deleting A Domain Name Server
Chapter 3 RUGGEDCOM ROX II Device Management CLI User Guide • address is the IP address of the domain name server. Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 3.25.2.3...
Page 197: System Administration
RUGGEDCOM ROX II Chapter 4 CLI User Guide System Administration System Administration This chapter describes how to perform various administrative tasks related to device identification, user permissions, alarm configuration, certificates and keys, and more. It describes the following tasks: •...
Page 198: Configuring The Hostname
Chapter 4 RUGGEDCOM ROX II System Administration CLI User Guide Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 4.2 Configuring the Hostname To configure the host name for the device, do the following: Make sure the CLI is in Configuration mode.
Page 199: Setting The Maximum Number Of Sessions
Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 4.6 Managing Alarms The alarm system in RUGGEDCOM ROX II notifies users when events of interest occur. The system is highly configurable, allowing users to: • Enable/disable most alarms, with the exception of mandatory alarms •...
Page 200: Pre-Configured Alarms
Section 4.6.3, “Clearing and Acknowledging Alarms” • Section 4.6.4, “Configuring an Alarm” Section 4.6.1 Pre-Configured Alarms RUGGEDCOM ROX II is equipped with a series of pre-configured alarms designed to monitor and protect the device. Alarm Type Alarm Description Suggested Resolution...
Page 201: Clearing And Acknowledging Alarms
RUGGEDCOM ROX II Chapter 4 CLI User Guide System Administration show admin alarms A table or list similar to the following example appears: ruggedcom# show admin alarms | tab ALARM EVENT SUBSYSTEM SEVERITY DESCRIPTION DATE TIME USER ACTIONS ACTUATORS ---------------------------------------------------------------------------------------------...
Page 202: Acknowledging Alarms
Chapter 4 RUGGEDCOM ROX II System Administration CLI User Guide Section 4.6.3.2 Acknowledging Alarms To acknowledge all active alarms, type: admin acknowledge-all-alarms Alternatively, to acknowledge an individual alarm, type: admin alarms active-alarms type id event acknowledge Where: • type is the type of alarm. Options include admincellmodemchassisethsecurityswitchwan.
Page 203: Managing Certificates And Keys
RUGGEDCOM ROX II Chapter 4 CLI User Guide System Administration Parameter Description If disabled, the alarm is not reported in the active list and does not actuate LED/failrelay. failrelay-enable Synopsis: typeless If enabled, this alarm will assert the failrelay. led-enable...
Page 204: Viewing A List Of Ca Certificates And Crls
Chapter 4 RUGGEDCOM ROX II System Administration CLI User Guide Section 4.7.1.1 Viewing a List of CA Certificates and CRLs To view a list of certificates issued by a Certified Authority (CA) and the Certificate Revocation Lists (CRLs) associated with them, type:...
Page 205: Adding A Ca Certificate And Crl
RUGGEDCOM ROX II Chapter 4 CLI User Guide System Administration Parameter Description not-before Synopsis: A string This certificate is not valid before this date. not-after Synopsis: A string This certificate is not valid after this date. To view the status of a Certificate Revocation List (CRL) that was not signed by a separate certificate, type:...
Page 206: Deleting A Ca Certificate And Crl
Chapter 4 RUGGEDCOM ROX II System Administration CLI User Guide NOTE Large CRLs (bigger than 100KB) are not currently supported and may be difficult to add/view in the configuration. NOTE Before inserting the contents of the CRL, enter multi-line mode by pressing Esc+m. Press Ctrl+d to exit multi-line mode after the CRL has been added.
Page 207: Viewing A List Of Private Keys
RUGGEDCOM ROX II Chapter 4 CLI User Guide System Administration • Section 4.7.2.1, “Viewing a List of Private Keys” • Section 4.7.2.2, “Adding a Private Key” • Section 4.7.2.3, “Deleting a Private Key” Section 4.7.2.1 Viewing a List of Private Keys...
Page 208: Deleting A Private Key
Chapter 4 RUGGEDCOM ROX II System Administration CLI User Guide Parameter Description contents { contents } Synopsis: A string The contents of the unsigned private key. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 209: Adding A Public Key
RUGGEDCOM ROX devices, can be imported into RUGGEDCOM ROX II and automatically converted. Once added to the RUGGEDCOM ROX II database, the IPSec-formatted public key is visible via the System Public Key form under tunnel » ipsec » connection » {name} » {end}, where {name} is the name of the...
Page 210: Deleting A Public Key
{end} is the either the left (local router) or right (remote router) connection end. Type must be set to rsasig to display the public key. The public key can be copied from the System Public Key form and added to another RUGGEDCOM ROX II device, as described in the following procedure, or to a RUGGEDCOM ROX device.
Page 211: Viewing A List Of Certificates
RUGGEDCOM ROX II Chapter 4 CLI User Guide System Administration Section 4.7.4.1 Viewing a List of Certificates To view a list of certificates, type: show running-config security crypto certificate If certificates have been configured, a table or list similar to the following example appears:...
Page 212: Deleting A Certificate
Chapter 4 RUGGEDCOM ROX II System Administration CLI User Guide Make sure the required CA certificates, public keys and/or private keys have been added to the device. • For more information about adding CA Certificates, refer to Section 4.7.1.3, “Adding a CA Certificate and CRL”...
Page 213: Managing Radius Authentication
RUGGEDCOM ROX II Chapter 4 CLI User Guide System Administration Section 4.8 Managing RADIUS Authentication RADIUS is a UDP-based protocol used for carrying authentication, authorization and configuration information between a Network Access Server (NAS) that desires to authenticate its links and a shared authentication server.
Page 214: Configuring Radius Authentication For Login Services
Section 3.9.1, “Viewing Logs”. RUGGEDCOM ROX II supports RADIUS authentication for the LOGIN and PPP services. Different RADIUS servers can be configured to authenticate both services separately or in combination. The LOGIN services consist of the following access types: •...
Page 215: Configuring Radius Authentication For Ppp Services
RUGGEDCOM ROX II Chapter 4 CLI User Guide System Administration Parameter Description port-udp { port-udp } Synopsis: An integer between 1 and 65535 Default: 1812 The network port of the server. password { password } Synopsis: A string The password of the RADIUS server.
Page 216: Managing Users
Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 4.9 Managing Users RUGGEDCOM ROX II allows for up to three user profiles to be configured locally on the device. Each profile corresponds to one of the following access levels: • Guest •...
Page 217: Viewing A List Of Users
RUGGEDCOM ROX II Chapter 4 CLI User Guide System Administration • Section 4.9.2, “Adding a User” • Section 4.9.3, “Deleting a User” • Section 4.9.4, “Monitoring Users” Section 4.9.1 Viewing a List of Users To view a list of user accounts, type:...
Page 218: Monitoring Users
Section 4.9.4 Monitoring Users Users currently logged in to the device are monitored by RUGGEDCOM ROX II and can be viewed through the CLI. RUGGEDCOM ROX II allows administrators to monitor users, log users out, and broadcast message to all users.
Page 219: Managing Passwords And Passphrases
Section 4.10 Managing Passwords and Passphrases RUGGEDCOM ROX II requires separate passwords or passphrases for logging into the various device modes, such as normal, boot, service and maintenance modes. Default passwords are configured for each user type initially. It is strongly recommended that these be changed before the device is commissioned.
Page 220: Setting A User Password/Passphrase
If special characters are used, make sure to encapsulate the password in double-quotation marks (") as follows: NOTE RUGGEDCOM ROX II supports the following special characters in passwords/passphrases: !@#$ %^&*()_+-={}[];:',<.>/?\|`~. Setting a User Password/Passphrase...
Page 221: Setting The Boot Password/Passphrase
If special characters are used, make sure to encapsulate the password in double-quotation marks (") as follows: NOTE RUGGEDCOM ROX II supports the following special characters in passwords/passphrases: !@#$ %^&*()_+-={}[];:',<.>/?\|`~. Setting the Boot Password/Passphrase...
Page 222: Setting The Maintenance Password/Passphrase
Configuration hazard – risk of data corruption. Maintenance mode is provided for troubleshooting purposes and should only be used by Siemens technicians. As such, this mode is not fully documented. Misuse of maintenance mode commands can corrupt the operational state of the device and render it inaccessible.
Page 223: Resetting The Admin Password/Passphrase
If special characters are used, make sure to encapsulate the password in double-quotation marks (") as follows: NOTE RUGGEDCOM ROX II supports the following special characters in passwords/passphrases: !@#$ %^&*()_+-={}[];:',<.>/?\|`~. admin users userid admin set-password new-password "new-password-passphrase" new-password-repeat "new-password-passphrase"...
Page 224: Resetting The Boot Password/Passphrase
Chapter 4 RUGGEDCOM ROX II System Administration CLI User Guide [4-1]: Debian GNU/Linux, kernel 3.0.0-2-8360e (BIST mode) [4-2]: Debian GNU/Linux, kernel 3.0.0-2-8360e (single-user mode) [4-3]: Debian GNU/Linux, kernel 3.0.0-2-8360e (service mode) ****Boot Partition 6**** [6-0]: Debian GNU/Linux, kernel 3.0.0-2-8360e [6-1]: Debian GNU/Linux, kernel 3.0.0-2-8360e (BIST mode) [6-2]: Debian GNU/Linux, kernel 3.0.0-2-8360e (single-user mode)
Page 225 Enter the inactive partition by typing the associated target number. For example, if the active partition is Boot Partition 4, type 6-0 and press Enter to enter Boot Partition 6. Log in to RUGGEDCOM ROX II. For more information about logging in to RUGGEDCOM ROX II, refer to Section 2.3, “Logging In”.
Page 226: Scheduling Jobs
Section 4.11 Scheduling Jobs The RUGGEDCOM ROX II scheduler allows users to create jobs that execute command line interface (CLI) commands at a specific date and time, or in response to specific configuration changes. Typical applications include scheduling the regular clearing of system logs, or performing periodic file transfers to remote servers.
Page 227 RUGGEDCOM ROX II Chapter 4 CLI User Guide System Administration Parameter Description job-type { job-type } Synopsis: { configchange, periodic } Default: periodic Determines when to launch the scheduled job: <itemizedlist><listitem>periodic: The job launches at a set date and time.</listitem> <listitem>configchange: The job launches when the configuration changes.</listitem></itemizedlist>...
Page 228: Deleting A Scheduled Job
Chapter 4 RUGGEDCOM ROX II System Administration CLI User Guide Parameter Description job-command { job-command } Synopsis: A string 1 to 1024 characters long One or more commands to execute at the scheduled time. For example, this command saves the running configuration to a file name 'myconfig': show running-config | save myconfig.
Page 229: Setup And Configuration
Setup and Configuration Setup and Configuration This chapter describes how to setup and configure the device for use on a network using the various features available in RUGGEDCOM ROX II. It describes the following tasks: • Section 5.1, “Configuring a Basic Network”...
Page 230: Configuring A Basic Network
Section 5.1 Configuring a Basic Network RUGGEDCOM ROX II has the following Internet interfaces configured by default: dummy0, fe-cm-1 and switch.0001. The default IP addresses for fe-cm-1 and switch.0001 are configured under the ip » {interface} » ipv4, where {interface} is the name of the interface. The default switch.0001 interface is the VLAN interface and is only seen if there is one or more Ethernet line modules installed.
Page 231: Configuring A Basic Ipv6 Network
Make sure all computers connected to the device can ping one another. Section 5.2 Configuring ICMP Control To configure how RUGGEDCOM ROX II manages ICMP redirect messages, do the following: Make sure the CLI is in Configuration mode. Navigate to admin and configure the following parameter(s) as required:...
Page 232: Enabling And Configuring Cli Sessions
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description Sends out syncookies when the syn backlog queue of a socket overflows. This is to prevent against the common 'SYN flood attack'. Synopsis: true or false send-icmp-redirect Default: true Sends the ICMP redirect.
Page 233: Enabling And Configuring Sftp Sessions
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Sets the greeting presented when the user logs in to the CLI. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 234: Enabling/Disabling Brute Force Attack Protection
Section 5.6 Enabling/Disabling Brute Force Attack Protection RUGGEDCOM ROX II features a Brute Force Attack (BFA) protection mechanism to prevent attacks via the CLI, Web interface and NETCONF. This mechanism analyzes the behavior of external hosts trying to access the SSH port, specifically the number of failed logins.
Page 235 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration methods of accessing the device, notably when the same or different ports are used across a series of failed logins. IMPORTANT! The BFA protection system is not applicable to SNMP. Follow proper security practices for configuring SNMP.
Page 236: Viewing The Status Of Ipv4 Routes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.7 Viewing the Status of IPv4 Routes To view the status of the IPv4 routes configured on the device, type: NOTE It is possible to create a route on a locally connected broadcast network (i.e. without a gateway) without also bringing up a corresponding IP address on that interface.
Page 237: Viewing The Memory Statistics
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration ----------------------------------------------------------- fe80::/64 switch kernel fe80::/64 kernel fe80::/64 vrf_lo kernel fe80::/64 switch.0001 kernel fe80::/64 fe-cm-1 kernel fe80::/64 switch.4094 kernel ff00::/8 switch ff00::/8 ff00::/8 vrf_lo ff00::/8 switch.0001 ff00::/8 fe-cm-1 ff00::/8 switch.4094...
Page 238: Managing Netconf
Engineering Task Force (IETF). NETCONF provides functions to download, upload, change, and delete the configuration data on network devices. RUGGEDCOM ROX II devices also support the ability to collect data and perform direct actions on the device, such as rebooting the device, clearing statistics, and restarting services.
Page 239 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description enabled Synopsis: true or false Default: true Provides the ability to configure NETCONF features on the device. listen-ip { listen-ip } Synopsis: A string Default: 0.0.0.0 The IP Address the CLI will listen on for NETCONF requests.
Page 240: Viewing Netconf Statistics
The Simple Network Management Protocol (SNMP) is used by network management systems and the devices they manage. It is used to report alarm conditions and other events that occur on the devices it manages. In addition to SNMPv1 and SNMPv2, RUGGEDCOM ROX II also supports SNMPv3, which offers the following features:...
Page 241: Mib Files And Snmp Traps
• Section 5.11.9, “Managing SNMP Group Access” Section 5.11.1 MIB Files and SNMP Traps The current MIB files supported by RUGGEDCOM ROX II can be downloaded from the www.siemens.com/ruggedcom. NOTE SNMP traps are not configurable in RUGGEDCOM ROX II. The MIB files support the following SNMP traps:...
Page 242 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Table: SNMP Traps Standard Trap and Description authenticationFailure RFC 3418 SNMPv2-MIB An authenticationFailure trap signifies that the SNMP entity has received a protocol message that is not properly authenticated. While all implementations of SNMP entities MAY be capable of generating this trap, the snmpEnableAuthenTraps object indicates whether this trap will be generated.
Page 243: Enabling And Configuring Snmp Sessions
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Standard Trap and Description RFC 3895 DS1-MIB ds1LineStatusChange A ds1LineStatusChange trap is sent when the status of a dsx1Line instance changes. The value of the trap is the value of one or more of the following instances: •...
Page 244: Viewing Statistics For Snmp
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description auth-failure-trap-notify { auth-failure-trap-notify } Synopsis: { none, snmpv1_trap, snmpv2_trap, snmpv2_inform, snmpv3_trap, snmpv3_inform } Default: none When the SNMP agent sends the standard authenticationFailure notification, it is delivered to the management targets defined for the snmpNotifyName in the snmpNotifyTable in SNMP-NOTIFICATION-MIB (RFC3413).
Page 245: Discovering Snmp Engine Ids
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description wrong-digests The total number of packets received by the SNMP engine which were dropped because they did not contain the expected digest value. decryption-errors The total number of packets received by the SNMP engine which were dropped because they could not be decrypted.
Page 246: Adding An Snmp Community
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.11.5.2 Adding an SNMP Community To add an SNMP community, do the following: Make sure the CLI is in Configuration mode. Add the SNMP community by typing: admin snmp snmp-community name Where: •...
Page 247: Viewing A List Of Snmp Target Addresses
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.11.6.1 Viewing a List of SNMP Target Addresses To view a list of SNMP target addresses configured on the device, type: show running-config admin snmp snmp-target-address If target addresses have been configured, a table or list similar to the following example appears:...
Page 248: Deleting An Snmp Target Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description The SNMP security model to use: SNMPv1, SNMPv2c, or USM/SNMPv3. user-name { user-name } The user name to be used in communications with this target. security-level { security-level }...
Page 249: Viewing A List Of Snmp Users
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.11.7.3, “Deleting an SNMP User” Section 5.11.7.1 Viewing a List of SNMP Users To view a list of SNMP users configured on the device, type: show running-config admin snmp snmp-user...
Page 250: Deleting An Snmp User
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description A free-text password in the format <code>$0$<your password></code>. passphrase must be minimum 8 characters long privacy-protocol { privacy-protocol } Synopsis: { none, des3cbc, aescfb128 } Default: none The symmetric privacy protocol providing data encryption and decryption for SNMP exchanges between the user and the SNMP engine.
Page 251: Adding An Snmp Security Model
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration MODEL NAME GROUP ----------------------------- oper all-rights guest all-rights oper all-rights admin testgroup guest all-rights admin initial If no SNMP security models have been configured, add security models as needed. For more information, refer to Section 5.11.8.2, “Adding an SNMP Security...
Page 252: Managing Snmp Group Access
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • model is the security model • name is the name of the user Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 253: Deleting An Snmp Group
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • level is the security level for the group Configure the following parameter(s) as required: Parameter Description { group } Synopsis: A string 1 to 32 characters long The name of the SNMP group.
Page 254: Managing Time Synchronization Functions
CLI User Guide Section 5.12 Managing Time Synchronization Functions RUGGEDCOM ROX II uses version 4 of the Network Time Protocol (NTP) to synchronize the internal clock with a time source. NOTE For more information about version 4 of NTP, refer to RFC 5905 [http://tools.ietf.org/html/rfc5905].
Page 255: Configuring The Time Synchronization Settings
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.12.11, “Managing NTP Servers” • Section 5.12.12, “Managing NTP Broadcast/Multicast Addresses” • Section 5.12.13, “Managing Server Keys” • Section 5.12.14, “Managing Server Restrictions” Section 5.12.1 Configuring the Time Synchronization Settings To configure the time synchronization settings, do the following: Configure the system time and date.
Page 256: Configuring The System Time Zone
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.12.3 Configuring the System Time Zone To configure the system time zone, do the following: Make sure the CLI is in Configuration mode. Set the system time zone by typing:...
Page 257: Configuring Ntp Broadcast Clients
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description address { address } Synopsis: A string Default: 224.0.1.1 The multicast address on which the NTP client listens for NTP messages. Add a multicast address for a known NTP server. For more information, refer to Section 5.12.12.2, “Adding a...
Page 258: Viewing The Ntp Service Status
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.12.8 Viewing the NTP Service Status To view the status of the NTP service, do the following: Make sure the NTP service is enabled. For more information, refer to Section 5.12.7, “Enabling/Disabling the...
Page 259: Monitoring Subscribers
The observed jitter (in milliseconds). Section 5.12.10 Monitoring Subscribers RUGGEDCOM ROX II monitors the subscriptions of up to 600 hosts (e.g. clients, servers and peers) that are connected to the NTP server. To view the list of subscriber hosts, type:...
Page 260: Managing Ntp Servers
Section 5.12.11 Managing NTP Servers RUGGEDCOM ROX II can periodically refer to a remote NTP server to correct any accumulated drift in the onboard clock. RUGGEDCOM ROX II can also serve time via SNTP (Simple Network Time Protocol) to hosts that request it.
Page 261: Viewing A List Of Ntp Servers
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.12.11.2, “Adding an NTP Server” • Section 5.12.11.3, “Deleting an NTP Server” Section 5.12.11.1 Viewing a List of NTP Servers To view a list of NTP servers configured on the device, type:...
Page 262: Deleting An Ntp Server
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description When the server is unreachable and at each poll interval, a burst of eight packets is sent instead of one. ntp-version { ntp-version } Synopsis: An integer between 1 and 4 The version of the NTP protocol used to communicate with this host.
Page 263: Adding A Broadcast/Multicast Address
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration If addresses have been configured, a table or list similar to the following example appears: ruggedcom# show running-config services ntp broadcast services broadcast 224.0.0.1 no enabled key 1 no ntp-version If no broadcast/multicast addresses have been configured, add addresses as needed.
Page 264: Deleting A Broadcast/Multicast Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 5.12.12.3 Deleting a Broadcast/Multicast Address To delete a broadcast/multicast address for an NTP server, do the following: Make sure the CLI is in Configuration mode.
Page 265: Adding A Server Key
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.12.13.2 Adding a Server Key To add a server key, do the following: Make sure the CLI is in Configuration mode. Add the key by typing: services ntp key id Where: •...
Page 266: Viewing A List Of Server Restrictions
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.12.14.1 Viewing a List of Server Restrictions To view a list of NTP server restrictions, type: show running-config services ntp restrict If restrictions have been configured, a table or list similar to the following example appears:...
Page 267: Deleting A Server Restriction
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description trap service to matching hosts.</listitem> <listitem>noserve: Denies all packets except ntpq(8) and ntpdc(8) queries.</listitem> <listitem>noquery: Denies ntpq(8) and ntpdc(8) queries.</ listitem> <listitem>nopeer: Denies packets which result in mobilizing a new association.</listitem>...
Page 268: Viewing A List Of Cdma Profiles
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide The following sections describe how to configure and manage CDMA profiles: • Section 5.13.1.1, “Viewing a List of CDMA Profiles” • Section 5.13.1.2, “Adding a CDMA Profile” • Section 5.13.1.3, “Deleting a CDMA Profile”...
Page 269: Deleting A Cdma Profile
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Enables the DNS server entries that the PPP server recommends. Enables this option unless you provide your own name servers. Synopsis: A string username { username } Default: N/A The user ID to connect to the remote server.
Page 270: Managing Gsm Profiles
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.13.2 Managing GSM Profiles GSM (Global System for Mobile Communications) profiles must be configured before HSPA data is available. For more information about viewing the status of the HSPA networks, refer to Section 3.22.4, “Viewing the HSPA...
Page 271 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description The name of the wireless network access point. Synopsis: { ipv4, ipv4v6 } apn-type { apn-type } Default: ipv4 Specify APN type used to attach to PDN...
Page 272: Deleting A Gsm Profile
ID sub-option). This information uniquely defines the access port’s position in the network. For example, in RUGGEDCOM ROX II, the Circuit ID for VLAN 2 on Line Module (LM) 4 Port 15 is 00:00:00:02:04:0F. The DHCP Server supporting DHCP Option 82 sends a unicast reply and echoes Option 82. The DHCP Relay Agent removes the Option 82 field and broadcasts the packet to the port from which the original request was received.
Page 273: Configuring The Dhcp Relay Agent
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration NOTE While DHCP Relay and DHCP Server may both be configured to run concurrently, they may not be configured to run on the same network interface. To configure the DHCP relay agent, do the following: •...
Page 274: Adding Dhcp Client Ports
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.14.3 Adding DHCP Client Ports To add a client port for the DHCP relay agent, do the following: Make sure the CLI is in Configuration mode. Add the client port by typing:...
Page 275: Configuring The Dhcp Server
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.15.6, “Managing Shared Networks” • Section 5.15.7, “Managing Subnets” • Section 5.15.8, “Managing Custom Client Options for Subnets” • Section 5.15.9, “Managing Hosts” • Section 5.15.10, “Managing Custom Host Client Configurations”...
Page 276: Enabling/Disabling The Dhcp Relay Support
Section 5.15.4 Viewing a List of Active Leases RUGGEDCOM ROX II can generate a list of active leases. The list includes the start and end times, hardware Ethernet address, and client host name for each lease. To view a list of active leases, do the following:...
Page 277: Managing Dhcp Listen Interfaces
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration hardware Ethernet 00:01:c0:0b:b7:70; lease 192.168.0.8 { starts 2 2012/11/13 20:38:47; ends 2 2012/11/13 20:48:47; hardware Ethernet 00:01:c0:0c:8b:a3; client-hostname "ape2-PC"; lease 192.168.0.22 { starts 2 2012/11/13 20:36:14; ends 2 2012/11/13 20:46:14;...
Page 278: Deleting A Dhcp Listen Interface
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide services dhcpserver interface name Where: • name is the name of the interface Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 279: Adding A Shared Network
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration dhcpserver shared-network Shared options client no hostname no subnetmask no default-route no broadcast no domain no dns-server no static-route no nis server no nis domain If no shared networks have been configured, add shared networks as needed. For more information, refer to Section 5.15.6.2, “Adding a Shared...
Page 280: Configuring A Shared Network Client
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description The action to take for previously unregistered clients. Synopsis: typeless authorize-server Enables/disables the server's authorization on this client. If enabled, the server will send deny messages to the client that is trying to renew the lease, which the server knows the client shouldn't have.
Page 281: Customizing Shared Network Clients
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description domain { domain } Synopsis: A string 1 to 256 characters long The NIS domain name that the DHCP server offers to the client when it issues the lease to the client.
Page 282: Managing Subnets
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.15.7 Managing Subnets Subnets control settings for each subnet that DHCP serves. A subnet can include a range of IP addresses to give clients. Subnets contain groups, pools and hosts. Only one subnet can contain dynamic IP address ranges without any access restrictions on any given physical port, since DHCP doesn't know which subnet a client should belong to when the request is received.
Page 283: Configuring Subnet Options
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • name is the name of the subnet Configure the following parameter(s) as required: Parameter Description network-ip { network-ip } Synopsis: A string 9 to 18 characters long The network IP address for this subnet.
Page 284: Configuring A Subnet Client
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 5.15.7.4 Configuring a Subnet Client To configure a client for a subnet, do the following: Make sure the CLI is in Configuration mode.
Page 285: Deleting A Subnet
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration If custom options are required for the subnet client, refer to Section 5.15.8.2, “Adding a Custom Client Option”. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 286: Adding A Custom Client Option
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide If no custom client options have been configured, add options as needed. For more information, refer to Section 5.15.8.2, “Adding a Custom Client Option”. Section 5.15.8.2 Adding a Custom Client Option...
Page 287: Managing Hosts
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.15.9 Managing Hosts Host entries assign settings to a specific client based on its Ethernet MAC address. The following sections describe how to configure and manage hosts on a DHCP server: •...
Page 288: Configuring Host Options
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Add the host by typing: services dhcpserver host name Where: • name is the name of the host Configure options for the host. For more information, refer to Section 5.15.9.3, “Configuring Host Options”.
Page 289: Deleting Hosts
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description subnetmask { subnetmask } Synopsis: A string 7 to 15 characters long Subnet mask default-route { default-route } Synopsis: A string 7 to 15 characters long The default route that the server offers to the client when it issues the lease to the client.
Page 290: Managing Custom Host Client Configurations
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.15.10 Managing Custom Host Client Configurations Custom configuration settings can be set for each host client. The following sections describe how to configure and manage custom host client configurations on a DHCP server: •...
Page 291: Deleting Custom Host Client Configurations
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.15.10.3 Deleting Custom Host Client Configurations To delete a custom configuration for a host client on the DHCP server, do the following: Make sure the CLI is in Configuration mode.
Page 292: Adding A Host Group
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide no nis server no nis domain If no host groups have been configured, add host groups as needed. For more information, refer to Section 5.15.11.2, “Adding a Host Group”.
Page 293: Configuring A Host Group Client
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description The maximum leased time in seconds that the server offers to the clients. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 294: Deleting A Host Group
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description The NetBIOS name server that the DHCP server offers to the client when it issues the lease to the client. If custom configuration settings are required for the host group client, refer to Section 5.15.12, “Managing...
Page 295: Adding Custom Host Group Client Configurations
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration hostname SUB3 subnetmask 255.255.255.224 default-route 192.168.0.33 no broadcast no domain no dns-server no static-route no nis server no nis domain If no custom configurations have been configured for the host group client, add custom configurations as needed.
Page 296: Managing Ip Pools
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.15.13 Managing IP Pools The following sections describe how to configure and manage IP pools for DHCP subnets: • Section 5.15.13.1, “Viewing a List of IP Pools” •...
Page 297: Deleting An Ip Pool
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • name is the name of the subnet • description is the name of the IP pool Configure the leased time settings by configuring the following parameter(s): Parameter Description...
Page 298: Managing Ip Ranges For Subnets
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.15.14 Managing IP Ranges for Subnets The following sections describe how to configure and manage IP ranges for DHCP subnets: • Section 5.15.14.1, “Viewing a List of IP Ranges for Subnets”...
Page 299: Deleting An Ip Range From A Subnet
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.15.14.3 Deleting an IP Range From a Subnet To delete an IP range from a DHCP subnet, do the following: Make sure the CLI is in Configuration mode.
Page 300: Adding An Ip Range To An Ip Pool
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide If no IP ranges have been configured, add ranges as needed. For more information, refer to Section 5.15.15.2, “Adding an IP Range to an IP Pool”. Section 5.15.15.2 Adding an IP Range to an IP Pool To add an IP range to an IP pool, do the following: Make sure the CLI is in Configuration mode.
Page 301: Viewing A List Of Option 82 Classes For Ip Pools
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.15.16.1 Viewing a List of Option 82 Classes for IP Pools To view a list of Option 82 classes configured for an IP pool, type: show running-config services dhcpserver subnet name options ippool description option82 Where: •...
Page 302: Deleting An Option 82 Class From An Ip Pool
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description Specifies the information relating to the remote host end of the circuit. circuit-id { circuit-id } Synopsis: A string 1 to 17 characters long Specifies the local information to which circuit the request came in on (ie.
Page 303: Configuring Port Mirroring
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Switch management frames generated by the switch (such as Telnet, HTTP, SNMP, etc.) may not be mirrored. The following sections describe how to configure and manage port mirroring: •...
Page 304: Adding An Egress Source Port
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide If egress source ports have been configured, a table or list similar to the following example appears: ruggedcom# show running-config switch port-mirroring egress-src switch port-mirroring egress-src lm1 1 If no egress source ports have been configured, add egress source ports as needed. For more information, refer Section 5.16.2.2, “Adding an Egress Source...
Page 305: Viewing A List Of Ingress Source Ports
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.16.3.1 Viewing a List of Ingress Source Ports To view a list of ingress source port for port mirroring, type: show running-config switch port-mirroring ingress-src If ingress source ports have been configured, a table or list similar to the following example appears:...
Page 306: Managing Firewalls
Internet users from accessing private networks (Intranets) connected to the Internet. When the RUGGEDCOM ROX II firewall is enabled, the router serves as a gateway machine through which all messages entering or leaving the Intranet pass. The router examines each message and blocks those that do not meet the specified security criteria.
Page 307: Firewall Concepts
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.17.1 Firewall Concepts The following sections describe some of the concepts important to the implementation of firewalls in RUGGEDCOM ROX II: • Section 5.17.1.1, “Stateless vs. Stateful Firewalls”...
Page 308: Port Forwarding
Protecting Against a SYN Flood Attack RUGGEDCOM ROX II responds to SYN packets according to the TCP standard by replying with a SYN-ACK packet for open ports and an RST packet for closed ports. If the device is flooded by a high frequency of SYN packets, the port being flooded may become unresponsive.
Page 309: Viewing A List Of Firewalls
SYN packets from reaching the kernel. Siemens also recommends setting the listen ports to include IP addresses on separate interfaces. For example, set the device to listen to an IP address on switch.0001 and fe-cm-1. This will make sure that one port is accessible if the other is flooded.
Page 310: Deleting A Firewall
Section 5.17.5 Working with Multiple Firewall Configurations RUGGEDCOM ROX II allows users to create multiple firewall configurations and work with one configuration while another is active. To set one configuration as the working configuration and another as the active configuration, do the following: Make sure the CLI is in Configuration mode.
Page 311: Configuring The Firewall For A Vpn
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration security firewall work-config name Where: • name is the name of a firewall configuration Specify the active configuration by typing: security firewall active-config name Where: • name is the name of a firewall configuration Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 312: Configuring The Firewall For A Vpn In A Dmz
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide NOTE The IPsec protocol operates on UDP port 500, using protocols Authentication Header (AH) and Encapsulation Security Payload (ESP) protocols. The firewall must be configured to accept this traffic in order to allow the IPsec protocol.
Page 313: Managing Zones
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Table: Example Action Source-Zone Destination-Zone Protocol Dest-Port Accept — Accept — Accept Accept — Accept — Accept For more information about configuring rules, refer to Section 5.17.14, “Managing Rules”.
Page 314: Adding A Zone
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • firewall is the name of the firewall If zones have been configured, a table or list similar to the following example appears: ruggedcom# show running-config security firewall fwconfig fwzone...
Page 315: Deleting A Zone
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Zone types are plain IPv4, firewall, or IPSec Synopsis: A string description { description } (Optional) The description string for this zone Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 316: Viewing A List Of Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.17.9.1 Viewing a List of Interfaces To view a list of interfaces, type: show running-config security firewall fwconfig firewall fwinterface Where: • firewall is the name of the firewall...
Page 317: Associating An Interface With A Zone
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description description { description } Synopsis: A string (Optional) The description string for this interface Parameter Description arp_filter Synopsis: typeless IPv4 ONLY. Responds only to ARP requests for configured IP addresses (This is permanently enabled system wide since ROX 2.3.0, and this option no longer has any effect).
Page 318: Configuring A Broadcast Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Make sure the CLI is in Configuration mode. Navigate to security » firewall » fwconfig » fwconfig » {firewall} » fwinterface{interface} » zone, where {firewall} is the name of the firewall and {interface} is the name of the interface.
Page 319: Managing Hosts
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.17.10 Managing Hosts Hosts are used to assign zones to individual hosts or subnets (if the interface supports multiple subnets). This allows the firewall to receive a packet and then redirect it to the same device that received it. This functionality is useful for VPN setups to handle the VPN traffic separately from the other traffic on the interface which carries the VPN traffic.
Page 320: Deleting A Host
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Make sure the CLI is in Configuration mode. Add the host by typing: security firewall fwconfig firewall fwhost name Where: • firewall is the name of the firewall • name is the name of the host...
Page 321: Managing Policies
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.17.11 Managing Policies Policies define the default actions for establishing a connection between different firewall zones. Each policy consists of a source zone, a destination zone and an action to be performed when a connection request is received.
Page 322: Adding A Policy
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide ruggedcom# show running-config security firewall fwconfig firewall1 fwpolicy security firewall fwconfig firewall1 fwpolicy p1 description Policy If no policies have been configured, add policies as needed. For more information, refer to Section 5.17.11.2,...
Page 323: Configuring The Source Zone
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.17.11.3 Configuring the Source Zone To configure the source zone for a firewall policy, do the following: Make sure the CLI is in Configuration mode. Navigate to security » firewall » fwconfig » {firewall} » fwpolicy » {policy} » source-zone, where {firewall} is the name of the firewall and {policy} is the name of the policy.
Page 324: Managing Network Address Translation Settings
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.17.12 Managing Network Address Translation Settings Network address translation entries can be used to set up a one-to-one correspondence between an external address on the firewall and the RFC1918 address of a host behind the firewall. This is often set up to allow connections to an internal server from outside the network.
Page 325: Adding A Nat Setting
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.17.12.2 Adding a NAT Setting To configure a Network Address Translation (NAT) entry, do the following: Make sure the CLI is in Configuration mode. Add the entry by typing:...
Page 326: Managing Masquerade And Snat Settings
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.17.13 Managing Masquerade and SNAT Settings Masquerading and Source Network Address Translation (SNAT) are forms of dynamic Network Address Translation (NAT). Both hide a subnetwork behind a single public IP address.
Page 327: Deleting A Masquerade Or Snat Setting
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration NOTE Masquerading requires that the IP address being used to masquerade must belong to the router. When configuring the SNAT address under masquerading, the SNAT address must be one of the IP addresses on the outbound interface.
Page 328: Managing Rules
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • firewall is the name of the firewall • name is the name of the masquerade or SNAT setting Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 329: Adding A Rule
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.17.14.2 Adding a Rule To configure a rule for a firewall, do the following: Make sure the CLI is in Configuration mode. Add the rule by typing: security firewall fwconfig firewall fwrule rule Where: •...
Page 330: Configuring The Source Zone
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description (Optional) The TCP/UDP port(s) the connection originated from. Default: all ports. Add a single port or a list of comma-separated ports Synopsis: A string destination-ports { destination-ports } Default: none (Optional) The TCP/UDP port(s) the connection is destined for.
Page 331: Deleting Rules
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description predefined-zone { predefined-zone } A pre-defined zone other { other } Synopsis: A string An undefined zone (string). All zones Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 332: Managing Is-Is
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide IMPORTANT! Enabling or disabling the firewall will reset – but not disable – the BFA protection mechanism, if previously enabled. Any hosts that were previously blocked will be allowed to log in again. If multiple hosts are actively attacking at the time, this could result in reduced system performance.
Page 333: Is-Is Routers
IS-IS routers can be defined as Level-1, Level-2, or both. Level 1 routers form the area, while Level 2 routers form the backbone of the network. By default, RUGGEDCOM ROX II configures areas to be both (or Level-1-2). This allows the device to inter-operate between different areas with minimal configuration.
Page 334: Advantages And Disadvantages Of Using Is-Is
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.18.1.3 Advantages and Disadvantages of Using IS-IS The advantages and disadvantages of using IS-IS include the following: Advantages Disadvantages • runs natively on the OSI network layer • used mostly by service providers •...
Page 335: Viewing The Status Of Neighbors
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration 192.168.12.0/24 192.168.11.0/24 R3 18.18.18.18 .1 eth2 .1 eth2 1.3.5.0/32 1.2.6.0/32 eth1 eth1 eth1 R1 78.78.78.78 R2 72.72.72.72 1.9.5.0/32 1.4.5.0/32 R4 16.16.16.16 R5 15.15.15.15 Figure 4: Multi-Level IS-IS Configuration Section 5.18.3...
Page 336: Viewing The Status Of The Link-State Database
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description SNPA The MAC address of the Sub-Network Point of Attachment (SNPA). Section 5.18.4 Viewing the Status of the Link-State Database To view the basic status of the link-state database for the IS-IS network, do the following: Make sure IS-IS is configured.
Page 337: Managing Area Tags
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Spirent-right.00-00 1460 0x0000000f 0x1137 0/0/0 Spirent-right.00-01 0x0000000f 0x0db7 0/0/0 14 LSPs This list displays the following information: Parameter Description LSP-ID Link-state PDU identifier. Pdulength Size of the PDU packet.
Page 338: Adding An Area Tag
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide is-type level-1-2 metric-style narrow area-authorization area-password admin area-authentication validate domain-authorization domain-password admin domain-authentication validate net 49.0001.1921.6800.1001.00 redistribute bgp is-type level-1-2 metric-type internal metric lsp-gen-interval is-type level-1-only interval 60 lsp-refresh-interval is-type level-1-2...
Page 339: Deleting An Area Tag
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description area-authorization { area-authorization } Synopsis: { clear, md5 } Default: clear The authorization type for the area password. Default is clear. area-password { area-password } Synopsis: A string 1 to 254 characters long The area password to be used for transmission of level-1 LSPs.
Page 340: Managing Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • name is the unique name for a routing process that belongs to a specific router. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 341 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration routing isis interface name Where: • name is the name of the interface. If the desired interface is not available, it must be created as a VLAN. For more information about creating a VLAN, refer to Section 5.37, “Managing...
Page 342: Managing Lsp Generation
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.18.7 Managing LSP Generation IS-IS generates new Link-State Packets (LSPs) every 30 seconds by default. However, the interval can be configured anywhere between 1 and 120 seconds. Since the introduction of a new LSP causes other routers in the area to recalculate routes, it is recommended to increase the interval to decrease flooding during periods of network instability, so as to reduce the load on other routers in the area.
Page 343: Deleting An Lsp Generation Interval
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • seconds is the minimum interval in seconds, ranging from 1 to 120. The default value is 30. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 344: Adding An Spf Calculation Interval
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide ISTYPE INTERVAL ------------------------ level-1-only If no intervals have been configured, add intervals as needed. For more information, refer to Section 5.18.8.2, “Adding an SPF Calculation Interval”. Section 5.18.8.2 Adding an SPF Calculation Interval To add an SPF calculation interval to an IS-IS area, do the following: Make sure the CLI is in Configuration mode.
Page 345: Managing The Lifetime Of Lsps
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.18.9 Managing the Lifetime of LSPs IS-IS retains Link-State Packets (LSP) in the Link-State Database (LSDB) for only a short period of time unless they are refreshed. By default, the maximum time limit is 1200 seconds. However, this interval can be customized for different routing types within the range of 350 to 65535 seconds if needed.
Page 346: Deleting An Lsp Lifetime Interval
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide routing isis area name max-lsp-lifetime is-type [ level-1-2 | level-1-only | level-2-only ] interval seconds Where: • name is the unique name for a routing process that belongs to a specific router.
Page 347: Viewing A List Of Lsp Refresh Intervals
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.18.10.1 Viewing a List of LSP Refresh Intervals To view a list of LSP refresh intervals configured for an IS-IS area, type: show running-config routing isis area name lsp-refresh-interval Where: •...
Page 348: Managing Network Entity Titles (Nets)
ID will be forwarded to this router. RUGGEDCOM ROX II supports IS-IS multi-homing, which allows for multiple NETs to be defined for a single router and increases the list of possible traffic sources.
Page 349: Adding A Net
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • name is the unique name for a routing process that belongs to a specific router. If NETs have been configured, a table or list similar to the following example appears:...
Page 350: Managing Redistribution Metrics
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.18.12 Managing Redistribution Metrics Redistribution in general is the advertisement of routes by one protocol that have been learned via another dynamic routing protocol, a static route, or a directly connected router. It is deployed to promote interoperability between networks running different routing protocols.
Page 351: Deleting A Redistribution Metric
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration routing isis area name redistribute source Where: • name is the unique name for a routing process that belongs to a specific router. • source is the protocol transmitting packets over the IS-IS route. Options include bgp, connected, kernel, ospf, rip, and static.
Page 352: Configuring Bgp
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide NOTE In complex legacy networks, RIP, OSPF, BGP and IS-IS may all be active on the same router at the same time. Typically, however, only one dynamic routing protocol is employed at one time.
Page 353: Viewing The Status Of Dynamic Bgp Routes
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Distance value for internal routes. Prerequisite: external, internal and local must all be empty or all be configured. local { local } Synopsis: An integer between 1 and 255 Distance value for local routes.
Page 354 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description Selected next-hop for this route. Synopsis: true or false internal Internal route. metric Metric value. local-preference Synopsis: A string Local preference. weight Weight. as-path Synopsis: A string Path.
Page 355: Managing Route Maps
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description network Synopsis: A string Network. next-hop Synopsis: A string Next-hop address. Synopsis: true or false selected Selected next-hop for this route. internal Synopsis: true or false Internal route.
Page 356: Viewing A List Of Route Map Filters
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.19.3.1 Viewing a List of Route Map Filters To view a list of route map filters for either dynamic BGP routes, type: show running-config routing bgp filter route-map...
Page 357: Adding A Route Map Filter Entry
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Make sure the CLI is in Configuration mode. Add the new filter by typing: routing bgp filter route-map tag Where: • tag is the tag for the route map filter Add one or more entries.
Page 358: Deleting A Route Map Filter Entry
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • tag is the tag for the route map filter Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 5.19.3.6...
Page 359: Configuring A Set
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.19.3.8 Configuring a Set To configure matched rules for a route map filter entry, do the following: Make sure the CLI is in Configuration mode. Navigate to routing » bgp » filter » route-map » {tag} » entry » {number} » set, where {tag} is the tag for the route map filter and {number} is the sequence number for the entry.
Page 360: Viewing A List Of Prepended Autonomous System Path Filters
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Section 5.19.4.2, “Viewing a List of Excluded Autonomous System Paths” • Section 5.19.4.3, “Adding a Prepended Autonomous System Path Filter” • Section 5.19.4.4, “Adding an Excluded Autonomous System Path filter”...
Page 361: Adding A Prepended Autonomous System Path Filter
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration If no excluded autonomous system path filters have been configured, add filters as needed. For more information, refer to Section 5.19.4.4, “Adding an Excluded Autonomous System Path filter”. Section 5.19.4.3...
Page 362: Deleting An Excluded Autonomous System Path Filter
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • number is the entry number • path is the number for the autonomous system path Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 363: Viewing A List Of Prefix Entries
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration list-permit-lan-22 permit 192.168.33.0/24 list-withdraw-lan-11 permit 192.168.33.0/24 permit 192.168.33.0/24 If no prefix lists have been configured, add lists as needed. For more information, refer to Section 5.19.5.3, “Adding a Prefix List”.
Page 364: Adding A Prefix Entry
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 5.19.5.4 Adding a Prefix Entry To add an entry for a dynamic BGP prefix list, do the following: Make sure the CLI is in Configuration mode.
Page 365: Deleting A Prefix Entry
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.19.5.6 Deleting a Prefix Entry To delete an entry for a dynamic BGP prefix list, do the following: Make sure the CLI is in Configuration mode. Delete the entry by typing:...
Page 366: Viewing A List Of Autonomous System Path Entries
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.19.6.2 Viewing a List of Autonomous System Path Entries To view a list of entries for an autonomous system path filter, type: show running-config routing bgp filter as-path name entry Where: •...
Page 367: Deleting An Autonomous System Path
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • action is the action. • match is the regular expression to match with the autonomous system path. For more information about regular expressions, refer to Section 2.6.6, “Using Regular Expressions”.
Page 368: Viewing A List Of Neighbors
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide The following sections describe how to configure and manage neighbors for dynamic BGP routes: • Section 5.19.7.1, “Viewing a List of Neighbors” • Section 5.19.7.2, “Adding a Neighbor” •...
Page 369: Configuring The Distribution Of Prefix Lists
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Configure the neighbor settings by configuring the following parameter(s): Parameter Description remote-as { remote-as } Synopsis: An integer between 1 and 65535 A BGP neighbor. ebgp-multihop { ebgp-multihop } Synopsis: An integer between 1 and 255 The maximum hop count.
Page 370: Tracking Commands For Bgp Neighbors
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.19.7.4 Tracking Commands for BGP Neighbors Network commands can be tracked using event trackers configured under global » tracking. For more information about event trackers, refer to Section 3.16, “Managing Event Trackers”.
Page 371: Viewing A List Of Networks
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration NOTE For point-to-point links, such as T1/E1 links, specify neighbors instead of a network. For more information, refer to Section 5.19.7.2, “Adding a Neighbor”. NOTE Networks for the BGP protocol do not require a valid entry in the routing table. Since BGP is a broader gateway protocol, a more general network specification would typically be entered.
Page 372: Tracking Commands For A Bgp Network
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Where: • address is the IP subnet address and prefix for the network If necessary, configure an event tracker to track network commands. For more information, refer to Section 5.19.8.3, “Tracking Commands for a BGP Network”.
Page 373: Managing Aggregate Addresses
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.19.9 Managing Aggregate Addresses The following sections describe how to configure and manage aggregate addresses: • Section 5.19.9.1, “Viewing a List of Aggregate Addresses” • Section 5.19.9.2, “Adding an Aggregate Address”...
Page 374: Managing Aggregate Address Options
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Delete the address by typing: no routing bgp aggregate-address address Where: • address is the subnet address and prefix for the aggregate address Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 375: Deleting An Aggregate Address Option
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.19.10.3 Deleting an Aggregate Address Option To delete an option for an aggregate address, do the following: Make sure the CLI is in Configuration mode. Delete the option by typing:...
Page 376: Deleting A Redistribution Metric
It uses the shortest route available to a given network as the route to use for sending packets to that network. The RUGGEDCOM ROX II RIP daemon is an RFC 1058 [http://tools.ietf.org/rfc/rfc1058.txt] compliant...
Page 377: Configuring Rip
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.20.2, “Viewing the Status of Dynamic RIP Routes” • Section 5.20.3, “Managing Prefix Lists and Entries” • Section 5.20.4, “Managing Networks” • Section 5.20.5, “Managing Network IP Address”...
Page 378: Viewing The Status Of Dynamic Rip Routes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description The garbage collection timer (in seconds). Configure prefix lists. For more information, refer to Section 5.20.3.3, “Adding a Prefix List”. Configure a network. For more information, refer to Section 5.20.4.1, “Configuring a...
Page 379: Managing Prefix Lists And Entries
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description time Synopsis: A string The route update time. To view the status of the RIP interfaces configured on the device, type: show routing status rip interface If RIP interfaces have been configured, a table or list similar to the following example appears:...
Page 380: Viewing A List Of Prefix Lists
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Section 5.20.3.3, “Adding a Prefix List” • Section 5.20.3.4, “Adding a Prefix Entry” • Section 5.20.3.5, “Deleting a Prefix List” • Section 5.20.3.6, “Deleting a Prefix Entry” Section 5.20.3.1...
Page 381: Adding A Prefix List
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.20.3.3 Adding a Prefix List To add a prefix list for dynamic RIP routes, do the following: Make sure the CLI is in Configuration mode. Add the list by typing:...
Page 382: Deleting A Prefix List
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.20.3.5 Deleting a Prefix List To delete a prefix list for dynamic RIP routes, do the following: Make sure the CLI is in Configuration mode. NOTE Deleting a prefix list removes all associate prefix entries as well.
Page 383: Configuring A Network
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration NOTE If neighbors are specified but no networks are specified, the router will receive routing information from its neighbors but will not advertise any routes to them. For more information about neighbors, refer to Section 5.20.7, “Managing...
Page 384: Managing Network Ip Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.20.5 Managing Network IP Address The following sections describe how to configure and manage network IP addresses for dynamic RIP routes: • Section 5.20.5.1, “Viewing a List of Network IP Addresses”...
Page 385: Managing Network Interfaces
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Where: • address is the IP subnet address and prefix for the network Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 386: Deleting A Network Interface
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.20.6.3 Deleting a Network Interface To delete an interface from a RIP network, do the following: Make sure the CLI is in Configuration mode. Delete the network by typing:...
Page 387: Deleting A Neighbor
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration routing rip network neighbor address Where: • address is the IP address of the neighbor Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 388: Adding A Prefix List Distribution Path
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.20.8.2 Adding a Prefix List Distribution Path To add a prefix list distribution path for dynamic RIP routes, do the following: Make sure the CLI is in Configuration mode.
Page 389: Viewing A List Of Key Chains
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.20.9.3, “Adding a Key Chain” • Section 5.20.9.4, “Adding a Key” • Section 5.20.9.5, “Deleting a Key Chain” • Section 5.20.9.6, “Deleting a Key” Section 5.20.9.1 Viewing a List of Key Chains...
Page 390: Adding A Key Chain
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.20.9.3 Adding a Key Chain To add a key chain for dynamic RIP routes, do the following: Make sure the CLI is in Configuration mode. Add the path by typing:...
Page 391: Deleting A Key Chain
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Prerequisite: The start time cannot be configured unless the expire time is configured. expire { expire } Synopsis: { infinite } or a string Expire time. Prerequisite: The expire time cannot be configured unless the start time is configured.
Page 392: Managing Redistribution Metrics
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • id is the ID of the key Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 5.20.10 Managing Redistribution Metrics Redistribution metrics redistribute routing information from other routing protocols, static routes or routes handled by the kernel.
Page 393: Deleting A Redistribution Metric
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.20.10.3 Deleting a Redistribution Metric To delete a redistribution metric for dynamic RIP routes, do the following: Make sure the CLI is in Configuration mode. Delete the metric by typing: no routing rip redistribute [ bgp | ospf | connected | static | kernel ] Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 394: Managing Ospf
Unlike static routing, OSPF takes link failures and other network topology changes into account. OSPF also differs from RIP in that it provides less router to router update traffic. The RUGGEDCOM ROX II OSPF daemon (ospfd) is an RFC 2178 [http://tools.ietf.org/html/rfc2178] compliant...
Page 395: Ospf Concepts
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration used to pick the winner. Keeping the ID fixed will avoid any unexpected changes in the election of the master router. NOTE In complex legacy networks, RIP, OSPF, BGP and IS-IS may all be active on the same router at the same time.
Page 396: Configuring Ospf
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.21.2 Configuring OSPF To configure dynamic routing using the Open Shortest Path First (OSPF) daemon, do the following: Make sure the CLI is in Configuration mode. Navigate to routing » ospf and configure the following parameter(s) as required:...
Page 397: Viewing The Status Of Dynamic Ospf Routes
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description external { external } Synopsis: An integer between 1 and 255 The administrative distance for external routes. inter-area { inter-area } Synopsis: An integer between 1 and 255 The administrative distance for inter-area routes.
Page 398 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide To view the status of the dynamic OSPF neighbor configured on the device, type: show routing status ospf neighbor If an OSPF neighbor have been configured, a table or list similar to the following example appears:...
Page 399 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Synopsis: A string Link ID. area Synopsis: A string Area ID. Synopsis: A string adv-router Advertising Router. Age. seqnum Synopsis: A string Sequence number. link-count Link count.
Page 400: Managing Prefix Lists And Entries
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.21.4 Managing Prefix Lists and Entries Neighbors can be associated with prefix lists, which allow the OSPF daemon to filter incoming or outgoing routes based on the allow and deny entries in the prefix list.
Page 401: Adding A Prefix List
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • For VRF Routes via OSPF routing ospf vrf vrf filter prefix-list name entry Where: • vrf is the name of the chosen VRF • name is the name of the prefix list...
Page 402: Adding A Prefix Entry
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.21.4.4 Adding a Prefix Entry To add an entry for a dynamic OSPF prefix list, do the following: Make sure the CLI is in Configuration mode. Add the entry by typing: •...
Page 403: Deleting A Prefix Entry
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • For VRF Routes via OSPF no routing ospf vrf vrf filter prefix-list name Where: • vrf is the name of the chosen VRF • name is the name of the prefix list Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 404: Viewing A List Of Areas
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.21.5.1 Viewing a List of Areas To view a list of areas configured for dynamic OSPF routes, type: • For Standard OSPF Routes show running-config routing ospf area •...
Page 405: Deleting An Area
In RUGGEDCOM ROX II, route maps are configured to filter routes based on their metric value, which defines the cost of the route. Once a match is found, the assigned action is taken.
Page 406: Viewing A List Of Route Map Filters
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Section 5.21.6.3, “Adding a Route Map Filter” • Section 5.21.6.4, “Adding a Route Map Filter Entry” • Section 5.21.6.5, “Deleting a Route Map Filter” • Section 5.21.6.6, “Deleting a Route Map Filter Entry”...
Page 407: Adding A Route Map Filter
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration If entries have been configured, a table or list similar to the following example appears: ruggedcom# show running-config routing ospf filter route-map map entry | tab MATCH PREFIX PREFIX...
Page 408: Deleting A Route Map Filter
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • vrf is the name of the chosen VRF • tag is the tag for the route map filter • number is the sequence number for the entry Configure the following parameter(s) as required:...
Page 409: Configuring Match Rules
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Make sure the CLI is in Configuration mode. Delete the filter key by typing: • For Standard OSPF Routes no routing ospf filter route-map tag entry number • For VRF Routes via OSPF...
Page 410: Viewing List Of Incoming Route Filters
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide NOTE For more information about route map filters, refer to Section 5.21.6, “Managing Route Maps”. The following sections describe how to configure and manage incoming route filters: • Section 5.21.7.1, “Viewing List of Incoming Route Filters”...
Page 411: Deleting An Incoming Route Filter
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • vrf is the name of the chosen VRF • route-map is the name of the route map Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 412: Adding A Redistribution Metric
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Where: • vrf is the name of the chosen VRF If metrics have been configured, a table or list similar to the following example appears: ruggedcom# show running-config routing ospf redistribute...
Page 413: Managing Routing Interfaces
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • For Standard OSPF Routes no routing ospf redistribute [ bgp | rip | connected | static | kernel ] • For VRF Routes via OSPF no routing ospf vrf vrf redistribute [ bgp | rip | connected | static | kernel ] Where: •...
Page 414 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Make sure the CLI is in Configuration mode. Navigate to either: • For Standard OSPF Routes routing » dynamic » ospf » interface » {name} • For VRF Routes via OSPF routing »...
Page 415: Managing Message Digest Keys
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration cost-bandwidth parameter set for the interface. For more information about the auto-cost- bandwidth, refer to Section 5.40.1, “Configuring Costing for Routable Interfaces”. The default OSPF reference bandwidth for link cost calculations is 100 Mbit. The reference bandwidth divided by the link bandwidth gives the default cost for a link, which by default is 10.
Page 416: Viewing A List Of Message Digest Keys
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide IMPORTANT! The router can only share routing information with neighbors that use the same authentication method and password. NOTE Authentication adds a small overhead due to the encryption of messages. It is not recommended for completely private networks with controlled access.
Page 417: Deleting A Message Digest Key
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • For Standard OSPF Routes routing ospf interface name message-digest-key id • For VRF Routes via OSPF routing ospf vrf vrf interface name message-digest-key id Where: • vrf is the name of the chosen VRF •...
Page 418: Vrf Concepts
Both also provide a level of security for those interfaces forward to the VRFs. Under full VRF, MPLS is used in conjunction with IP/VPNs to provide a greater level of security than VRF-Lite. RUGGEDCOM ROX II supports both VRF and VRF-Lite simultaneously. Use of full VRF interfaces and VRF-Lite interfaces can be mixed.
Page 419: Viewing Vrf Interface Statistics
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Advantages Disadvantages • Create multiple isolated network pipes for various • Greater memory consumption. Each VRF configured data streams results in BGP route replication and requires new FIBs and IP routing tables •...
Page 420: Configuring Vrf
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description The port's administrative status. Synopsis: { not set, up, down, testing, unknown, dormant, notPresent, lowerLayerDown } state Shows whether the link is up or down. pointopoint Synopsis: true or false The point-to-point link.
Page 421: Configuring A Vrf Interface
Section 5.22.5 Managing VRF Definitions VRF definitions represent individual Customer Edge (CE) routers in the VRF topology. RUGGEDCOM ROX II supports up to eight definitions in total, each composed of a unique VRF name, an optional description and a Route Distinguisher (RD). The Route Distinguisher is an 8 octet field typically made up of an AS number or IP address followed by a colon (:) and the site ID (e.g.
Page 422: Viewing A List Of Vrf Definitions
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide address of the associated interface, it uniquely identifies each IP packet, allowing the Provider Edge (PE) to determine which VPN tunnel the packet belongs to. Each VRF definition can also be associated with one or more route targets.
Page 423: Deleting A Vrf Definition
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description vrf-description { vrf-description } Synopsis: A string 0 to 256 characters long A string that can be used to describe the vrf. Maximum length 256 characters, including blanks.
Page 424: Viewing A List Of Route Targets
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.22.6.1 Viewing a List of Route Targets To view a list of VRF definitions, type: show running-config global vrf definition name routing-target If definitions have been configured, a table or list similar to the following example appears:...
Page 425: Managing Vrf Instances And Ospf
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • community is the route distinguisher for the target VRF to either export the routing table to, import the routing table from, or both Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 426 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description { vrf-name } The VRF name. enabled Synopsis: typeless Enables the OSPF dynamic routing protocol. abr-type { abr-type } Synopsis: { cisco, ibm, shortcut, standard } Default: cisco The OSPF ABR type.
Page 427: Deleting A Vrf Instance
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description intra-area { intra-area } Synopsis: An integer between 1 and 255 The administrative distance for intra-area routes. Configure prefix list filters for the VRF instance. For more information, refer to Section 5.21.4.3, “Adding a...
Page 428: Viewing A List Of Ip/Vpn Tunnels
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.22.8.1 Viewing a List of IP/VPN Tunnels To view a list of IP/VPN tunnels configured for VRF, type: show running-config routing bgp address-family vpnv4 A table or list similar to the following example appears:...
Page 429: Managing Vpnv4 Neighbors
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.22.9 Managing VPNv4 Neighbors VPNv4 neighbors are other routers with which to exchange routes. One or more neighbors must be specified in order for VRF-Lite to operate. The following sections describe how to configure and manage VPNv4 neighbors for VRF-Lite: •...
Page 430: Managing Ipv4 Address Families
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Make sure the CLI is in Configuration mode. Delete the network by typing: no routing bgp address-family vpnv4 neighbor address Where: • address is the IP address of the neighbor Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 431: Adding An Ipv4 Address Family
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.22.10.2 Adding an IPv4 Address Family To add an IPv4 address family, do the following: Make sure the CLI is in Configuration mode. Add the IPv4 address family by typing:...
Page 432: Viewing A List Of Redistributions
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.22.11.1 Viewing a List of Redistributions To view a list of redistributions for an IPv4 address family, type: show running-config routing bgp address-family ipv4 vrf vrf redistribute Where: •...
Page 433: Managing Neighbors For Ipv4 Address Families
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Make sure the CLI is in Configuration mode. Delete the redistribution by typing: no routing bgp address-family ipv4 vrf vrf redistribute [ connected | ospf | static ] Where: •...
Page 434: Adding A Neighbor
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide If no neighbors have been configured, add neighbors as needed. For more information, refer to Section 5.22.12.2, “Adding a Neighbor”. Section 5.22.12.2 Adding a Neighbor To add a new neighbor to an IPv4 address family, do the following: Make sure the CLI is in Configuration mode.
Page 435: Configuring The Distribution Of Prefix Lists
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description in { in } Apply route map to incoming routes. out { out } Apply route map to outbound routes. Configure the prefix list distribution. For more information, refer to Section 5.22.12.3, “Configuring the...
Page 436: Deleting A Neighbor
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description event { event } Select to track an event, apply the distribute-prefix-list only when the tracked event goes to UP state. apply-when { apply-when } Synopsis: { up, down }...
Page 437: Adding A Static Vrf Route
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Where: • vrf is the chosen VRF instance If routes have been configured, a table or list similar to the following example appears: ruggedcom# show running-config routing vrf VRF1 ipv4 | tab...
Page 438: Configuring A Black Hole Connection For A Static Vrf Route
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.22.13.3 Configuring a Black Hole Connection for a Static VRF Route To configure a black hole connection for a static VRF route, do the following: Make sure the CLI is in Configuration mode.
Page 439: Adding A Gateway For A Static Vrf Route
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • vrf is the chosen VRF instance. • subnet is the subnet (network/prefix) of the static route If gateway addresses have been configured, a table or list similar to the following example appears:...
Page 440: Managing Interfaces For Static Vrf Routes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • gateway is the gateway address for the static route Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 5.22.15...
Page 441: Deleting A Gateway For A Static Vrf Route
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Configure the following parameter(s) as required: Parameter Description distance { distance } Synopsis: An integer between 1 and 255 The distance for the static route. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 442: Adding An Ipv4 Static Route
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide show running-config routing protocol Where: • protocol is either IPv4 or IPv6 If routes have been configured, a table or list similar to the following example appears: ruggedcom# show running-config routing ipv4 | tab...
Page 443: Adding An Ipv6 Static Route
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.23.3 Adding an IPv6 Static Route To add an IPv6 static route, do the following: Make sure the CLI is in Configuration mode. Add the IPv6 static route by typing:...
Page 444: Managing Gateways For Static Routes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description The distance for this static route's blackhole. Default is 1. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 445: Adding A Gateway For An Ipv4 Static Route
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration via 172.30.128.1 no distance If no gateway addresses have been configured, add addresses as needed. For more information, refer to Section 5.23.6.3, “Adding a Gateway for an IPv4 Static Route”.
Page 446: Configuring Interfaces For Ipv6 Static Routes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Section 5.23.7.1, “Configuring Interfaces for IPv6 Static Routes” • Section 5.23.7.2, “Viewing a List of Interfaces for IPv4 Static Routes” • Section 5.23.7.3, “Adding an Interface for an IPv4 Static Route”...
Page 447: Deleting An Interface For An Ipv4 Static Route
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Make sure the CLI is in Configuration mode. Add the gateway address by typing: routing ipv4 route subnet dev interface Where: • subnet is the subnet (network/prefix) of the static route •...
Page 448: Managing Static Multicast Groups
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Enable static multicast routing by typing: routing multicast static enable Configure the following parameter(s) as required: Parameter Description Synopsis: typeless enabled Enables static multicast routing service Prerequisite: Dynamic and static multicast routing can not be enabled together.
Page 449: Deleting A Static Multicast Group
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration routing multicast static mcast-groups description Where: • description is the name of the multicast group. Up to 32 characters are allowed, excluding spaces. Configure the following parameter(s) as required:...
Page 450: Viewing A List Of Out-Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Section 5.24.3.2, “Adding an Out-Interface” • Section 5.24.3.3, “Deleting an Out-Interface” Section 5.24.3.1 Viewing a List of Out-Interfaces To view a list of out-interfaces, type: show runing-config routing multicast static mcast-group out-interface...
Page 451: Managing Dynamic Multicast Routing
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.25 Managing Dynamic Multicast Routing The PIM-SM feature is used for Dynamic Multicast Routing. PIM-SM stands for Protocol Independent Multicast - Sparse Mode. It is a dynamic multicast routing protocol that can dynamically prune and maintain multicast routes.
Page 452: Pim-Sm Concepts
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.25.1 PIM-SM Concepts When a PIM router receives a subscription from a host, e.g. Host A, for particular multicast traffic, the directly attached designated router (DR) sends a PIM join message for this multicast group towards the rendezvous point (RP).
Page 453: Viewing A List Of Pim-Sm Interfaces
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description default-preference { default-preference } Synopsis: An integer Default: 1024 Default preference value. Preferences are used by assert elections to determine upstream routers. default-metric { default-metric } Synopsis: An integer Default: 1024 Default metric value.
Page 454: Enabling/Disabling A Pim-Sm Interface
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.25.4 Enabling/Disabling a PIM-SM Interface To enable or disable a PIM-SM interface, do the following: NOTE Enabling PIM-SM on an interface also enables IGMPv2 on the interface, wherein the interface with the lowest IP address becomes the IGMP querier and sends periodic query messages every 125 seconds.
Page 455: Configuring A Bsr Candidate
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.25.6.1, “Configuring a BSR Candidate” • Section 5.25.6.2, “Configuring a Group Prefix” • Section 5.25.6.3, “Configuring an RP Candidate” Section 5.25.6.1 Configuring a BSR Candidate To configure a BSR candidate, do the following: Make sure the CLI is in Configuration mode.
Page 456: Viewing The Status Of Pim-Sm
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Add the RP candidate by typing: routing multicast dynamic pim-sm RP-candidate local-address timer priority number Where: • local-address is the local address to be used in the Cand-RP messages. If not specified, the largest local IP address will be used (excluding passive interfaces).
Page 457: Viewing The Status Of Dynamic Multicast Routing
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description router.</listitem> <listitem>NO-NBR: No neighbor on this virtual interface.</listitem> <listitem>PIM: PIM neighbor.</listitem> <listitem>DVMRP: DVMRP neighbor.</listitem></itemizedlist> Section 5.25.8 Viewing the Status of Dynamic Multicast Routing To view the status of dynamic multicast routing, type:...
Page 458: Igmp
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.26.1.1 IGMP IGMP is used by IP hosts to report their host group memberships with multicast routers. As hosts join and leave specific multicast groups, streams of traffic are directed to or withheld from that host.
Page 459 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration A more common method of pruning occurs when consumers wishing to unsubscribe issue an IGMP leave group message. The router will immediately issue a group-specific membership query to determine whether there are any remaining subscribers of that group on the segment.
Page 460 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • When sending IGMP packets, the switch uses its own IP address, if it has one, for the VLAN on which packets are sent, or an address of 0.0.0.0, if it does not have an assigned IP address.
Page 461: Gmrp (Garp Multicast Registration Protocol)
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration In this example: • P1, Router 1, Router 2 and C3 are on VLAN 2 • P2 and C2 are on VLAN 3 • C1 is on both VLAN 2 and 3 Assuming that router 1 is the querier for VLAN 2 and router 2 is simply a non-querier, the switch will periodically receive queries from router 1 and maintain the information concerning which port links to the multicast router.
Page 462 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide When a switch transmits GMRP updates (from GMRP-enabled ports), all of the multicast groups known to the switch, whether configured manually or learned dynamically through GMRP, are advertised to the rest of network.
Page 463 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Figure 7: Example – Establishing Membership with GMRP 1. Multicast Source 2. Switch 3. Multicast Host The hosts and switches establish membership with the Multicast Group 1 and 2 as follows: 1.
Page 464: Enabling And Configuring Gmrp
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Source S1 transmits multicast traffic to Port D2 which is forwarded via Port D1, which has previously become a member of Multicast Group 1. • Switch B forwards the Group 1 multicast via Port B4 towards Switch E.
Page 465: Configuring Igmp Snooping
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.26.3.2, “Viewing a List of Router Ports” • Section 5.26.3.3, “Adding a Router Port” • Section 5.26.3.4, “Deleting a Router Port” Section 5.26.3.1 Configuring IGMP Snooping To configure IGMP snooping, do the following: Make sure the CLI is in Configuration mode.
Page 466: Adding A Router Port
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide ruggedcom# show running-config switch mcast-filtering igmp-snooping router-ports | tab SLOT PORT ------------ If no router ports have been configured, add ports as needed. For more information, refer to Section 5.26.3.3, “Adding a Router...
Page 467: Viewing A List Of Static Multicast Group Entries
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.26.4.3, “Deleting a Static Multicast Group Entry” Section 5.26.4.1 Viewing a List of Static Multicast Group Entries To view a list of entries for known static multicast groups on other devices, type:...
Page 468: Managing Egress Ports For Multicast Groups
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • id is the ID for the VLAN upon which the static multicast group operates • address is the MAC address for the device in the form of 01:xx:xx:xx:xx:xx Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 469: Deleting An Egress Port
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Where: • id is the ID for the VLAN upon which the static multicast group operates • address is the MAC address for the device in the form of 01:xx:xx:xx:xx:xx •...
Page 470: Viewing A List Of Ip Multicast Groups
The Virtual Router Redundancy Protocol (VRRP) eliminates a single point of failure associated with statically routed networks by providing automatic failover using alternate routers. The RUGGEDCOM ROX II VRRP daemon Viewing a List of IP Multicast Groups...
Page 471: Vrrp Concepts
VRRP. NOTE RFC 5798 defines the standard for VRRP version 3 on IPv4 and IPv6. Only IPv4 is supported in this release of RUGGEDCOM ROX II. The following sections describe how to configure VRRP: • Section 5.27.1, “VRRP Concepts”...
Page 472: Vrrp Terminology
(or highest number) is elected the Master, while all other routers are considered Backups. On RUGGEDCOM RX1500/RX1501/RX1510/RX1511/RX1512 devices with RUGGEDCOM ROX II v2.3 or higher installed, if the router with the highest priority is in a fault state, the backup VRRP Router can delay its transition to becoming the Master router.
Page 473 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration w1ppp w2ppp 1.1.1.200 1.1.1.201 Figure 8: VRRP Example 1. Network 2. Remote Router 1 3. Remote Router 2 4. Switch 5. Host 1 6. Host 2 In this example, the remote routers are configured as follows:...
Page 474: Viewing The Status Of Vrrp
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide 192.168.2.2 192.168.2.3 192.168.3.2 192.168.3.3 Figure 9: VRRP Group Example 1. Network 2. Remote Router 1 3. Remote Router 2 4. Switch 5. Host 1 6. Host 2 In this example, the remote routers are configured as follows:...
Page 475: Enabling/Disabling Vrrp
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration NAME STATE PRIORITY TIME CHANGE STATE STATE -------------------------------------------------------------------------------- master Sat Feb 2 06:30:41 EST 2013 fe-cm-1 is Up This table or list provides the following information: Parameter Description Synopsis: A string name The VRRP instance name.
Page 476: Viewing A List Of Vrrp Trackers
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Section 5.27.4.2, “Adding a VRRP Tracker” • Section 5.27.4.3, “Deleting a VRRP Tracker” Section 5.27.4.1 Viewing a List of VRRP Trackers To view a list of VRRP trackers, type:...
Page 477: Deleting A Vrrp Tracker
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description weight { weight } Synopsis: An integer between 254 and 254 The amount by which to increase or decrease the router's priority. When negative, the priority decreases by this amount when the tracker falls.
Page 478: Adding A Vrrp Group
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide If groups have been configured, a table or list similar to the following example appears: ruggedcom# show running-config services vrrp group services vrrp group group1 If no VRRP groups have been configured, add groups as needed. For more information, refer to Section 5.27.5.2,...
Page 479: Viewing A List Of Vrrp Instances
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.27.6.1 Viewing a List of VRRP Instances To view a list of VRRP instances, type: show running-config services vrrp instance If instances have been configured, a table or list similar to the following example appears:...
Page 480 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description Configure VRRP version for this instance. interface { interface } The interface that will host the VRIP when the router becomes the VRRP Master. vrid { vrid } Synopsis: An integer between 1 and 255 The Virtual Router ID.
Page 481: Deleting A Vrrp Instance
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.27.6.3 Deleting a VRRP Instance To delete a VRRP instance, do the following: Make sure the CLI is in Configuration mode. Delete the instance by typing: no services vrrp instance name Where: •...
Page 482: Adding A Vrrp Monitor
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.27.7.2 Adding a VRRP Monitor To add a VRRP monitor, do the following: Make sure the CLI is in Configuration mode. Add the instance by typing: services vrrp instance name monitor interface Where: •...
Page 483: Viewing A List Of Track Scripts
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.27.8.1 Viewing a List of Track Scripts To view a list of track scripts, type: show running-config services vrrp instance name monitor Where: • name is the name of the VRRP instance...
Page 484: Deleting A Track Script
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.27.8.3 Deleting a Track Script To delete a track script, do the following: Make sure the CLI is in Configuration mode. Delete the track script by typing: no services vrrp instance name track-script tracker Where: •...
Page 485: Adding A Virtual Ip Address
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.27.9.2 Adding a Virtual IP Address To add a virtual IP address, do the following: Make sure the CLI is in Configuration mode. Add the instance by typing:...
Page 486: Viewing The Link Failover Log
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Section 5.28.3, “Managing Link Failover Parameters” • Section 5.28.4, “Managing Link Failover Backup Interfaces” • Section 5.28.5, “Managing Link Failover Ping Targets” • Section 5.28.6, “Testing Link Failover”...
Page 487: Viewing The Link Failover Status
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.28.2 Viewing the Link Failover Status The Link Failover Status form displays the current link failover status. To view the link failover status, do the following: show services link-failover status...
Page 488: Adding A Link Failover Parameter
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide show running-config services link-failover If parameters have been configured, a table or list similar to the following example appears: ruggedcom# show running-config services link-failover services link-failover switch.0001 enabled backup fe-1-1...
Page 489: Deleting A Link Failover Parameter
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description The number of ping retries before constructing a path failure. Synopsis: An integer between 0 and 65536 start-delay { start-delay } Default: 180 The delay time, in seconds, when first starting link failover.
Page 490: Adding A Link Failover Backup Interface
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide show running-config services link-failover interface backup Where: • interface is the name of the interface If backup interfaces have been configured, a table or list similar to the following example appears: ruggedcom# show running-config services link-failover switch.0001 backup...
Page 491: Deleting A Link Failover Backup Interface
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description priority { priority } Synopsis: { third, second, first } Default: first The priority which is applied to the backup interface when switching. transfer-default-route Synopsis: typeless The transfer default gateway on the switching main and backup interface.
Page 492: Viewing A List Of Link Failover Ping Targets
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.28.5.1 Viewing a List of Link Failover Ping Targets To view a list of link failover ping targets, type: show running-config services link-failover interface target Where: • interface is the name of the interface If ping targets have been configured, a table or list similar to the following example appears: R1-RX1512# show running-config services link-failover switch.0001 target...
Page 493: Deleting A Link Failover Ping Target
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.28.5.3 Deleting a Link Failover Ping target To delete a link failover ping target, do the following: Make sure the CLI is in Configuration mode. Delete the backup interface by typing:...
Page 494: Managing Ipsec Tunnels
The IPsec suite of protocols were developed by the Internet Engineering Task Force (IETF) and are required as part of IP version 6. Openswan is the open source implementation of IPsec used by RUGGEDCOM ROX II. The protocols used by IPsec are the Encapsulating Security Payload (ESP) and Internet Key Exchange (IKE) protocols.
Page 495: Ipsec Modes
Diffie-Hellman key exchange protocol, which allows two parties without any initial shared secret to create one in a manner immune to eavesdropping. The following sections provide more information about IPsec and its implementation in RUGGEDCOM ROX II: •...
Page 496: X509 Certificates
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide When this form of encryption is used, each router configures its VPN connection to use a secret pre-shared key. For information about how to configure pre-shared keys, refer to Section 5.29.5, “Managing Pre-Shared...
Page 497: Ipsec And Router Interfaces
Configuring IPsec Tunnels To configure IPsec tunnels, do the following: NOTE RUGGEDCOM ROX II supports the creation of policy-based VPNs, which can be characterized as follows: • No IPsec network interfaces have been created. • The routing table is not involved in directing packets to IPsec.
Page 498: Configuring Certificates And Keys
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Configure one or more pre-shared keys. For more information, refer to Section 5.29.5.2, “Adding a Pre- Shared Key”. Configure one or more encrypted connections. For more information, refer to Section 5.29.6.2, “Adding a...
Page 499 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration 000 interface lo/lo 127.0.0.1 000 interface vrf_gw0/vrf_gw0 169.254.0.1 000 interface switch.0001/switch.0001 192.168.0.2 000 interface switch.1000/switch.1000 172.30.151.38 000 %myid = (none) 000 debug none 000 virtual_private (%priv): 000 - allowed 0 subnets:...
Page 500: Managing Pre-Shared Keys
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.29.5 Managing Pre-Shared Keys Pre-shared keys are used in secret key cryptography. For more information about secret key cryptography and pre-shared keys, refer to Section 5.29.1.3, “Public and Secret Key Cryptography”.
Page 501: Deleting A Pre-Shared Key
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description The pre-shared key. Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 5.29.5.3 Deleting a Pre-Shared Key To delete a pre-shared key, do the following: Make sure the CLI is in Configuration mode.
Page 502: Adding A Connection
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide esp algorithm aes256 sha1 left public-ip type default-route subnet 192.168.11.0/24 right public-ip type any If no connections have been configured, add connections as needed. For more information, refer to Section 5.29.6.2, “Adding a...
Page 503 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description pfs { pfs } Synopsis: { default, yes, no } Default: default Enables/disables Perfect Forwarding Secrecy (PFS). When enabled, IPsec negotiates new keys for each session. If an attacker compromises a key, only the session protected by the key is revealed.
Page 504: Configuring Dead Peer Detection
Security Association (SA), or restart all SA's to the dead peer. In RUGGEDCOM ROX II, DPD Requests are sent when there is no traffic detected by the peer. How long to wait before sending a DPD Request and how long to wait for a DPD Response is user configurable.
Page 505: Deleting A Connection
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.29.6.4 Deleting a Connection To delete a connection for a VPN, do the following: Make sure the CLI is in Configuration mode. Delete the connection by typing: no tunnel ipsec connection name Where: •...
Page 506: Adding An Ike Algorithm
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.29.7.2 Adding an IKE Algorithm To add a new algorithm for the Internet Key Exchange (IKE) protocol, do the following: Make sure the CLI is in Configuration mode.
Page 507: Configuring Esp Encryption
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.29.8.1 Configuring ESP Encryption To configure the encryption algorithm for the Encapsulate Security Payload (ESP), do the following: Make sure the CLI is in Configuration mode. Navigate to tunnel » ipsec » connection » {connection} » esp, where {connection} is the name of the connection.
Page 508: Deleting Esp Algorithms
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Where: • connection is the name of the connection • cipher is the cipher algorithm • method is the hash method Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 509 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Default: none Key type. rsa-sig { rsa-sig } The RSA signature key name. rsa-sig-ipsec { rsa-sig-ipsec } Synopsis: A string 1 to 8192 characters long The RSA signature in IPsec format.
Page 510: Managing Private Subnets
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description main mode peer ID is ID_FQDN: '@example.com', but when a Vista, Windows 7 or other RFC 3947 compliant client connects, Openswan reports the main mode peer ID is ID_IPV4_ADDR: '192.168.1.1'.
Page 511: Viewing A List Of Addresses For Private Subnets
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.29.10.2 Viewing a List of Addresses for Private Subnets To view a list of addresses configured for private subnets, type: show running-config tunnel ipsec connection connection { right | left } subnet Where: •...
Page 512: Managing 6In4 And 4In6 Tunnels
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.30 Managing 6in4 and 4in6 Tunnels In networks where IPv4 and IPv6 operate simultaneously, 6in4 and 4in6 tunnels can be used to enable IPv6/IPv4 hosts to reach services using the opposite protocol. IPv6/IPv4 hosts and networks isolated from one another can also use these tunnels to access one another.
Page 513: Viewing The Status Of 6In4/4In6 Tunnels
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.30.3 Viewing the Status of 6in4/4in6 Tunnels To view the status of a 6in4 or 4in6 tunnel, type: show interfaces [ ip6in4 | ip4in6 ] tunnel name Where: •...
Page 514: Managing Layer 2 Tunnels
Managing Layer 2 Tunnels RUGGEDCOM ROX II is capable of extending the range of services that communicate solely via Layer 2 protocols (i.e. at the level of Ethernet) by tunnelling them over routed IP networks. The Layer 2 Tunnel Daemon supports the IEC61850 GOOSE protocol as well as a generic mechanism for tunnelling by Ethernet type.
Page 515: Configuring L2Tp Tunnels
IP network, although it is also capable of tunneling other layer 2 protocols. RUGGEDCOM ROX II utilizes L2TPD in conjunction with Openswan and PPP to provide support for establishing a secure, private connection with the router using the Microsoft Windows VPN/L2TP client.
Page 516: Configuring L2Tpv3 Tunnels
LAN extension are some applications of this feature. RUGGEDCOM ROX II supports Static L2TPv3 tunnel over UDP starting with version 2.5. Static tunnel is an unmanaged tunnel type. All tunnel information, such as tunnel id, session id, cookies etc., must be agreed in advance between two endpoints to establish a tunnel.
Page 517 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Navigate to tunnel » l2tpv3 » static » tunnel and configure the following parameter(s) as required: Parameter Description { tunnel-name } Synopsis: A string 1 to 3 characters long Tunnel name, contains any lower case letter or numerical digit.
Page 518: Configuring The Layer 2 Tunnel Daemon
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description mtu { mtu } Synopsis: An integer between 68 and 1500 Default: 1488 MTU of network interface size { size } Synopsis: { 4, 8 } Cookie size in byte.
Page 519: Managing Goose Tunnels
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Default: 1311 The UDP port to communicate with the other daemon. beacon-interval { beacon-interval } Synopsis: { off } or an integer between 10 and 3600 Default: 60 The Round Trip Time (RTT) of the sent message Add GOOSE or generic tunnels as required.
Page 520: Viewing The Goose Tunnel Statistics
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Ethernet Type: set as 0x88b8 • Remote Daemon: select the VLAN to which to forward the GOOSE packets The following sections describe how to configure and manage GOOSE tunnels: •...
Page 521: Viewing A List Of Goose Tunnels
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.31.5.2 Viewing a List of GOOSE Tunnels To view a list of GOOSE tunnels, type: show running-config tunnel l2tunneld goose If tunnels have been configured, a table or list similar to the following example appears:...
Page 522: Managing Remote Daemons For Goose Tunnels
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Where: • name is the name of the GOOSE tunnel Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 5.31.6 Managing Remote Daemons for GOOSE Tunnels In place of a local Ethernet interface for the tunnel egress, IP addresses for a remote daemon can be specified.
Page 523: Deleting A Remote Daemon
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 5.31.6.3 Deleting a Remote Daemon To delete a remote daemon, do the following: Make sure the CLI is in Configuration mode.
Page 524: Viewing A List Of Generic Tunnels
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide 192.168.5.1 This table or list provides the following information: Parameter Description tunnel-name Synopsis: A string 1 to 32 characters long The generic tunnel name. ifname Synopsis: A string 1 to 15 characters long The name of the ingress interface.
Page 525: Deleting A Generic Tunnel
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description ingress-if { ingress-if } The interface to listen on for Ethernet type frames. replace-mac Synopsis: typeless Replaces the sender's MAC with the out-interface's MAC. If necessary, configure one or more remote daemon IP addresses for the tunnel. For more information, refer Section 5.31.8.2, “Adding an IP...
Page 526: Viewing A List Of Ip Addresses
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.31.8.1 Viewing a List of IP Addresses To view a list of remote L2 protocol server IP addresses for a generic tunnel configuration, type: show running-config tunnel l2tunneld generic tunnel remote-daemon...
Page 527: Managing Remote Daemon Egress Interfaces For Generic Tunnels
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.31.9 Managing Remote Daemon Egress Interfaces for Generic Tunnels The following sections describe how to configure and manage remote daemon egress interfaces for generic tunnels: • Section 5.31.9.1, “Viewing a List of Egress Interfaces”...
Page 528: Deleting An Egress Interface
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.31.9.3 Deleting an Egress Interface To delete an egress interface for a generic tunnel, do the following: Make sure the CLI is in Configuration mode. Delete the egress interface by typing:...
Page 529: Deleting An Ethernet Type
Managing Generic Routing Encapsulation Tunnels RUGGEDCOM ROX II can employ the Generic Routing Encapsulation (GRE) protocol to encapsulate multicast traffic and IPv6 packets together and transport them through an IPv4 network tunnel. As such, GRE tunnels can transport traffic through any number of intermediate networks.
Page 530: Viewing Statistics For Gre Tunnels
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide In this example, Router 1 establishes a GRE tunnel to Router 2 using a local router address of 172.16.17.18, a remote router address of 172.19.20.21, and a remote subnet of 192.168.2.0/24.
Page 531: Viewing A List Of Gre Tunnels
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.32.2 Viewing a List of GRE Tunnels To view a list of GRE tunnels, type: show running-config tunnel gre If GRE tunnels have been configured, a table or list similar to the following example appears:...
Page 532: Deleting A Gre Tunnel
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description key { key } Synopsis: { none, input, output, both } Default: none The key for tunneled packets key-id { key-id } Synopsis: An integer between 0 and 4294967295...
Page 533 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Figure 11: Conventional Layer 3 Router 1. Router 2. Routing Table 3. Switch 4. Layer 3 Traffic 5. Layer 2 Traffic Figure 12: Layer 3 Switch 1. Router 2. Forwarding Table 3.
Page 534: Layer 3 Switching Concepts
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.33.1 Layer 3 Switching Concepts The following sections describe Layer 3 Switching concepts and rules: • Section 5.33.1.1, “Layer 3 Switch Forwarding Table” • Section 5.33.1.2, “Static Layer 3 Switching Rules”...
Page 535: Dynamic Learning Of Layer 3 Switching Rules
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration NOTE Only TCP and UDP traffic flows will be accelerated by the IP/Layer 3 switch fabric. Non-IP packet types, such as ICMP and IGMP, will not be accelerated. Section 5.33.1.3...
Page 536: Multicast Cross-Vlan Layer 2 Switching
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide to MAC addresses. The same information is also needed by the Layer 3 switching ASIC when it switches IP packets between subnets. The destination or gateway MAC address is usually obtained through ARP. However, ARP entries can also be statically configured in the Layer 3 Switch so that they do not time out.
Page 537: Configuring Layer 3 Switching
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration firewall has to be implemented in software and the Layer 3 Switch must not switch traffic that is subject to firewall processing. Whenever a change is made to the firewall configuration, some of the dynamically learned Layer 3 switching rules might conflict with the new firewall configuration.
Page 538: Managing Static Arp Table Entries
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description while traffic flows following dynamic routes have to be subject to sophisticated firewall filtering.</listitem> <listitem>Auto: Both statically configured and dynamically learned Layer 3 switching rules will be used. In this mode, maximum routing hardware acceleration is utilized.</listitem></itemizedlist>...
Page 539: Adding A Static Arp Table Entry
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration 192.11.0.4 00:11:94:11:00:03 4084 192.11.0.5 00:11:94:11:00:04 4084 192.11.0.6 00:11:94:11:00:05 4084 If no ARP table entries have been configured, add static ARP table entries as needed. For more information about adding static ARP table entries, refer to Section 5.33.3.2, “Adding a Static ARP Table...
Page 540: Viewing A Static And Dynamic Arp Table Summary
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide no switch layer3-switching arp-table address Where: • address is the IP address for the network device the entry describes Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 541 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration show switch layer3-switching routing-rules-summary A table or list similar to the following example appears: ruggedcom# show switch layer3-switching routing-rules-summary PACKETS RULE RULE DEST ROUTING TYPE VLAN VLAN PROTO SOURCE...
Page 542: Flushing Dynamic Hardware Routing Rules
Classes of Service (CoS) provides the ability to expedite the transmission of certain frames and port traffic over others. The CoS of a frame can be set to Normal, Medium, High or Critical. By default, RUGGEDCOM ROX II enforces Normal CoS for all traffic.
Page 543: Configuring Classes Of Service
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration IMPORTANT! Use the highest supported CoS with caution, as it is always used by the switch for handling network management traffic, such as RSTP BPDUs. If this CoS is used for regular network traffic, upon traffic bursts, it may result in the loss of some network management frames, which in turn may result in the loss of connectivity over the network.
Page 544: Managing Priority-To-Cos Mapping
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • weighting is the weighting algorithm for transmitting different priority CoS frames. During traffic bursts, frames queued in the switch pending transmission on a port may have different CoS priorities.
Page 545: Deleting A Priority-To-Cos Mapping Entry
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Add the entry by typing: switch class-of-service priority-to-cos priority Where: • priority is the value of the IEEE 802.1p priority Configure the following parameter(s) as required: Parameter Description cos { cos }...
Page 546: Viewing A List Of Dscp-To-Cos Mapping Entries
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.34.3.1 Viewing a List of DSCP-to-CoS Mapping Entries To view a list of priorites, type: show running-config switch class-of-service dscp-to-cos If entries have been configured, a table or list similar to the following example appears:...
Page 547: Managing Mac Addresses
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Make sure the CLI is in Configuration mode. Delete the entry by typing: no switch class-of-service dscp-to-cos dscp Where: • dscp is the value of the 6 bit DiffServ field in the Type-Of-Service (TOS) field of the IP header Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 548: Purging The Dynamic Mac Address List
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description The port on which the MAC address has been learned. Synopsis: { static, dynamic } type How the MAC address has been learned by the switch: <itemizedlist><listitem>STATIC:...
Page 549: Managing Static Mac Addresses
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description not aged-out, the switch will still be forwarding traffic to that port, thus preventing that traffic from reaching its destination via the new network topology. This parameter allows the aging-out of all MAC addresses learned on a failed port immediately upon link failure detection.
Page 550: Deleting A Static Mac Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide NOTE Letters in MAC addresses must be lowercase. switch mac-tables static-mac-table static-mac address vlan Where: • address is the Unicast MAC address that is to be statically configured. It can have up to 6 '*' wildcard characters continuously applied from the right.
Page 551: Rstp Operation
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.36.1, “RSTP Operation” • Section 5.36.2, “RSTP Applications” • Section 5.36.3, “MSTP Operation” • Section 5.36.4, “Configuring STP Globally” • Section 5.36.5, “Configuring STP for Switched Ethernet Ports and Ethernet Trunk Interfaces”...
Page 552 IMPORTANT! Purely for purposes of management, RUGGEDCOM ROX II introduces two more states: Disabled and Link Down. The Disabled state refers to links for which RSTP has been disabled. The Link Down state refers to links for which RSTP is enabled but are currently down.
Page 553: Edge Ports
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Figure 13: Bridge and Port Roles 1. Root Bridge 2. Designated Bridge 3. Designated Port 4. Root Port 5. Alternate Port 6. Backup Port A port is alternate when it receives a better message from another bridge on the LAN segment it is connected to.
Page 554: Point-To-Point And Multipoint Links
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.36.1.3 Point-to-Point and Multipoint Links RSTP uses a peer-peer protocol called Proposing-Agreeing to ensure transitioning in the event of a link failure. This protocol is point-to-point and breaks down in multipoint situations, i.e. when more than two bridges operate on a shared media link.
Page 555: Bridge Diameter
• When the age exceeds the value of the maximum age parameter the next bridge to receive the message immediately discards it. To achieve extended ring sizes, Siemens's eRSTP™ uses an age increment of ¼ of a second. The value of the maximum bridge diameter is thus four times the configured maximum age parameter.
Page 556: Fast Root Failover
Section 5.36.1.7 Fast Root Failover Siemens’s Fast Root Failover feature is an enhancement to RSTP that may be enabled or disabled. Fast Root Failover improves upon RSTP’s handling of root bridge failures in mesh-connected networks, resulting in slightly increased failover times for some non-root bridge scenarios.
Page 557: Rstp In Structured Wiring Configurations
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.36.2.2, “RSTP in Ring Backbone Configurations” • Section 5.36.2.3, “RSTP Port Redundancy” Section 5.36.2.1 RSTP in Structured Wiring Configurations RSTP may be used to construct structured wiring systems where connectivity is maintained in the event of link failures.
Page 558: Rstp In Ring Backbone Configurations
Enable RSTP Fast Root Failover option. This is a proprietary feature of Siemens. In a mesh network with only RUGGEDCOM devices in the core of the network, it is recommended to enable the RSTP Fast Root Failover option to minimize the network downtime in the event of a Root bridge failure.
Page 559 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Figure 15: Example - Ring Backbone Configuration To design a ring backbone configuration with RSTP, do the following: Select the design parameters for the network. What are the requirements for robustness and network fail-over/recovery times? Typically, ring backbones are chosen to provide cost effective but robust network designs.
Page 560: Rstp Port Redundancy
Disable RSTP Fast Root Failover option. This is a proprietary feature of Siemens. In RUGGEDCOM ROX II, the RSTP Fast Root Failover option is enabled by default. It is recommended to disable this feature when operating in a Ring network.
Page 561: Mstp Regions And Interoperability
VLAN-to-MSTI mappings must be identical for all bridges in an MST region. RUGGEDCOM ROX II supports 16 MSTIs in addition to the IST. Each MSTI has a topology that is independent of others. Data traffic originating from the same source and bound to the same destination, but on different VLANs on different MSTIs, may therefore travel a different path across the network.
Page 562: Mstp Bridge And Port Roles
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide CIST The CIST (Common and Internal Spanning Tree) is the union of the CST and the ISTs in all MST regions. The CIST therefore spans the entire bridged network, reaching into each MST region via the latter’s IST to reach every bridge on the network.
Page 563: Benefits Of Mstp
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Role Description • The CIST Root Port of the CIST Regional Root (and therefore also the MSTI Master Port). • A CIST Designated Port, CIST Alternate/Backup Port, or Disabled. At the MSTP region boundary, the MSTI Port Role is the same as the CIST Port Role.
Page 564: Implementing Mstp On A Bridged Network
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.36.3.4 Implementing MSTP on a Bridged Network The following procedure is recommended for configuring MSTP on a network. Beginning with a set of MSTP- capable Ethernet bridges, do the following for each bridge on the network: NOTE Careful network analysis and planning should inform each step of creating an MSTP network.
Page 565 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description changes at the expense of moderate increases in STP traffic. (Relationship : maxAgeTime >= 2 * (helloTime + 1.0 seconds)) max-age { max-age } Synopsis: An integer between 6 and 40...
Page 566 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description Default: noshutdown The Rapid Spanning Tree Protocol (RSTP) standard does not address network security. RSTP must process every received Bridge Protocol Data Unit (BPDU) and take an appropriate action.
Page 567: Configuring Stp For Switched Ethernet Ports And Ethernet Trunk Interfaces
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 5.36.5 Configuring STP for Switched Ethernet Ports and Ethernet Trunk Interfaces To configure the Spanning Tree Protocol (STP) for a switched Ethernet port, do the following: Make sure the CLI is in Configuration mode.
Page 568: Managing Multiple Spanning Tree Instances Globally
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description If TRUE, causes the port not to propagate received topology change notifications and topology changes to other ports. This parameter should be FALSE by default. If set, it can cause a...
Page 569: Viewing Statistics For Multiple Spanning Tree Instances
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.36.6.1, “Viewing Statistics for Multiple Spanning Tree Instances” • Section 5.36.6.2, “Viewing a List of Multiple Spanning Tree Instances” • Section 5.36.6.3, “Adding a Multiple Spanning Tree Instance”...
Page 570: Viewing A List Of Multiple Spanning Tree Instances
Adding a Multiple Spanning Tree Instance To add a Multiple Spanning Tree Instance (MSTI), do the following: NOTE RUGGEDCOM ROX II supports up to 16 MSTIs. Make sure the CLI is in Configuration mode. IMPORTANT! Since each MSTI acts as an independent RSTP instance, its configuration is similar to that of RSTP.
Page 571: Deleting A Multiple Spanning Tree Instance
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration switch spanning-tree mstp-instance id Where: • id is the ID for the Multiple Spanning Tree Instance Configure the following parameter(s) as required: Parameter Description { instance-id } The Multiple Spanning Tree Protocol (MSTP) instance ID.
Page 572: Viewing Per-Port Multiple Spanning Tree Instance Statistics
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.36.7.1 Viewing Per-Port Multiple Spanning Tree Instance Statistics To view Multiple Spanning Tree Instance (MSTI) statistics for individual switched Ethernet ports and/or Ethernet trunk interfaces, type: show switch spanning-tree port-msti-id...
Page 573: Viewing A List Of Per-Port Multiple Spanning Tree Instances
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description it is connected to.</listitem> <listitem>Root: The single port on the bridge, which provides connectivity towards the root bridge.</ listitem> <listitem>Backup: The port is attached to a LAN that is serviced by another port on the bridge.
Page 574: Adding A Port-Specific Multiple Spanning Tree Instance
To add a Multiple Spanning Tree Instance (MSTI) for a switched Ethernet port or an Ethernet trunk interface, do the following: NOTE RUGGEDCOM ROX II supports up to 16 MSTIs per port/interface. Make sure the CLI is in Configuration mode. IMPORTANT! Since each MSTI acts as an independent RSTP instance, its configuration is similar to that of RSTP.
Page 575: Deleting A Port-Specific Multiple Spanning Tree Instances
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Configure the following parameter(s) as required: Parameter Description mstp-priority { mstp-priority } Synopsis: { 16, 32, 64, 96, 112, 128, 144, 160, 176, 192, 208, 224, 240 } Default: 128 The STP port priority.
Page 576: Viewing The Status Of Rstp
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • For Ethernet trunk interfaces: no interface trunks id spanning-tree msti mstp-id Where: ▪ id is the ID given to the interface ▪ mstp-id is the ID for the Multiple Spanning Tree Instance Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 577: Viewing Rstp Per-Port Statistics
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description regional-root-priority The bridge identifier of the Internal Spanning Tree (IST) regional root bridge for the Multiple Spanning Tree (MST) region this device belongs to. Synopsis: A string...
Page 578 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide A table or list similar to the following example appears: ruggedcom# show switch spanning-tree port-rstp-stats | tab DESG BRIDGE OPER SLOT PORT STP STATE ROLE COST PRIORITY DESG BRIDGE MAC...
Page 579: Clearing Spanning Tree Protocol Statistics
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description rx-rsts The number of Rapid Spanning Tree Protocol (RSTP) configuration messages received on this port. tx-rsts The number of Rapid Spanning Tree Protocol (RSTP) configuration messages transmitted on this port.
Page 580: Vlan Concepts
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Section 5.37.5, “Managing Forbidden Ports” • Section 5.37.6, “Managing VLANs for HDLC-ETH Connections” • Section 5.37.7, “Managing VLANs for Virtual Switches” • Section 5.37.8, “Managing VLANs for Routable-Only Ethernet Ports”...
Page 581: Ingress And Egress Rules
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration An edge port attaches to a single end device, such as a PC or Intelligent Electronic Device (IED). An edge port carries traffic on the native VLAN. Trunk ports are part of the network and carry traffic for all VLANs between switches. Trunk ports are automatically members of all VLANs configured in the switch.
Page 582: Forbidden Ports List
The native operation mode for an IEEE 802.1Q compliant switch is VLAN-aware. Even if a specific network architecture does not use VLANs, RUGGEDCOM ROX II's default VLAN settings allow the switch to still operate in a VLAN-aware mode, while providing functionality required for almost any network application. However, the IEEE 802.1Q standard defines a set of rules that must be followed by all VLAN-aware switches:...
Page 583 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration The following is an example of how to use GVRP: Figure 17: Using GVRP 1. Switch 2. End Node • Switch B is the core switch, all others are edge switches •...
Page 584: Pvlan Edge
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.37.1.8 PVLAN Edge Protected VLAN (PVLAN) Edge refers to a feature of the switch that isolates multiple VLAN Edge ports from each other on a single device. All VLAN Edge ports in a switch that are configured as protected in this way are prohibited from sending frames to one another, but are still permitted to send frames to other, non-protected ports within the same VLAN.
Page 585 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Figure 18: Multiple Overlapping VLANs 1. VLAN 2. Switch Administrative Convenience VLANs enable equipment moves to be handled by software reconfiguration instead of by physical cable management. When a host's physical location is changed, its connection point is often changed as well. With VLANs, the host's VLAN membership and priority are simply copied to the new port.
Page 586: Configuring The Internal Vlan Range
Configuring the Internal VLAN Range RUGGEDCOM ROX II creates and utilizes internal VLANs for internal functions. To provide RUGGEDCOM ROX II with a pool of VLAN IDs to pull from when creating internal VLANs, a range of VLAN IDs must be reserved.
Page 587: Managing Vlans For Switched Ethernet Ports
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration To configure the internal VLAN range, do the following: Make sure the CLI is in Configuration mode. Navigate to admin » switch-config and configure the following parameter(s) as required:...
Page 588: Configuring Vlans For Switch Ethernet Ports
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide none none none none The VLANs listed are based on the PVIDs assigned to the switched Ethernet ports. For more information about assigning PVIDs to switched Ethernet Ports, refer to Section 3.17.2, “Configuring a Switched Ethernet...
Page 589: Managing Static Vlans
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.37.4 Managing Static VLANs The following sections describe how to configure and manage static VLANs: • Section 5.37.4.1, “Viewing a List of Static VLANs” • Section 5.37.4.2, “Adding a Static VLAN”...
Page 590: Deleting A Static Vlan
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Configure the VLAN for the port. For more information, refer to Section 5.37.3.2, “Configuring VLANs for Switch Ethernet Ports”. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 591: Adding A Forbidden Port
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration If no ports have been forbidden, add forbidden ports as needed. For more information, refer to Section 5.37.5.2, “Adding a Forbidden Port”. Section 5.37.5.2 Adding a Forbidden Port To add a forbidden port, do the following: Make sure the CLI is in Configuration mode.
Page 592: Viewing A List Of Hdlc-Eth Vlans
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Section 5.37.6.2, “Adding an HDLC-ETH VLAN” • Section 5.37.6.3, “Deleting an HDLC-ETH VLAN” Section 5.37.6.1 Viewing a List of HDLC-ETH VLANs To view a list of VLANs configured for an HDLC-ETH connection, type:...
Page 593: Deleting An Hdlc-Eth Vlan
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description This interface is up or down on demand of link fail over. Synopsis: An integer between 256 and 1500 mtu { mtu } Default: 1500 Maximum transmission unit (largest packet size allowed for this interface).
Page 594: Viewing A List Of Virtual Switch Vlans
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.37.7.1 Viewing a List of Virtual Switch VLANs To view a list of virtual switch VLANs, type: show running-config interface virtualswitch id vlan Where: • id is the ID assigned to the virtual switch...
Page 595: Managing Vlans For Routable-Only Ethernet Ports
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Make sure the CLI is in Configuration mode. Delete the chosen VLAN by typing: no interface virtualswitch id vlan vlan-id Where: • id is the ID assigned to the virtual switch •...
Page 596: Viewing A List Of Vlans For T1/E1 Lines
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.37.8.2 Viewing a List of VLANs for T1/E1 Lines To view a list of VLANs configured for either a T1 or E1 line, type: show running-config interface wan slot port protocol channel number connection hdlc-eth vlan Where: •...
Page 597: Adding A Vlan To A T1/E1 Line
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Add a QoS map for the VLAN. For more information, refer to Section 5.39.7.2, “Adding a QoS Map”. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 598: Deleting A Vlan For A T1/E1 Line
Section 5.38 Managing Network Discovery and LLDP RUGGEDCOM ROX II supports the Link Layer Discovery Protocol (LLDP), a Layer 2 protocol for automated network discovery. LLDP is an IEEE standard protocol, IEEE 802.11AB, which allows a networked device to advertise its own basic networking capabilities and configuration.
Page 599: Configuring Lldp
Setup and Configuration CAUTION! Security hazard – risk of unauthorized access and/or exploitation. LLDP is not secure by definition. Avoid enabling LLDP on devices connected to external networks. Siemens recommends using LLDP only in secure environments operating within a security perimeter. NOTE LLDP is implemented to keep a record of only one device per Ethernet port.
Page 600: Viewing Global Statistics And Advertised System Information
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description The delay in seconds between successive LLDP frame transmissions initiated by the value or status changed. The recommended value is set by the following formula: 1 is less than or equal to txDelay less than or equal to (0.25 * Tx Interval)
Page 601: Viewing Statistics For Lldp Neighbors
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration ruggedcom# show switch net-discovery lldp local-system local-system local chassis subtype macAddress local chassis id 00:0a:dc:ff:9a:00 local system name R12.localdomain local system desc RX5000-R-MNT-HI-HI-SM61-CM01-L3SEC-16TX01-XX-XX-XX-4FG50-XX local system caps bridge,router local system caps enabled bridge,router...
Page 602 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description slot Synopsis: { ---, pm1, pm2, main, sm, lm1, lm2, lm3, lm4, lm5, lm6, swport, eth, serport, celport, cm, em, trnk } The slot of the module that contains this port.
Page 603: Viewing Statistics For Lldp Ports
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description The duration of time between power-on and when this information was received. Section 5.38.4 Viewing Statistics for LLDP Ports To view statistics for LLDP ports, type: show switch net-discovery lldp port-lldp-stats...
Page 604: Managing Traffic Control
Section 5.17, “Managing Firewalls”. RUGGEDCOM ROX II allows up to 4 different firewall configurations, enabling users to quickly change between configurations. Users can quickly assess different configurations without needing to save and reload any part of the configuration. In contrast, there is only one traffic control configuration. When enabled, a traffic control configuration is used with the current firewall configuration.
Page 605: Enabling And Configuring Traffic Control
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.39.1 Enabling and Configuring Traffic Control Traffic control functions are divided into two modes: • Basic Mode Basic mode offers a limited set of options and parameters. Use this mode to set the outgoing bandwidth for an interface, the interface priority (high, medium or low), and some simple traffic control characteristics.
Page 606: Managing Traffic Control Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide b. Add traffic control priorities. For more information, refer to Section 5.39.3.2, “Adding a Traffic Control Priority”. If advanced mode is enabled, do the following: a. Add traffic control classes. For more information, refer to Section 5.39.4.2, “Adding a Traffic Control...
Page 607: Adding A Traffic Control Interface
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration If no interfaces have been configured, add interfaces as needed. For more information, refer to Section 5.39.2.2, “Adding a Traffic Control Interface”. Section 5.39.2.2 Adding a Traffic Control Interface To add a new traffic control interface, do the following: Make sure the CLI is in Configuration mode.
Page 608: Deleting A Traffic Control Interface
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.39.2.3 Deleting a Traffic Control Interface To delete a traffic control interface, do the following: Make sure the CLI is in Configuration mode. Delete the traffic control interface by typing:...
Page 609: Adding A Traffic Control Priority
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration band protocol icmp description "Low priority traffic" If no priorities have been configured, add priorities as needed. For more information, refer to Section 5.39.3.2, “Adding a Traffic Control Priority”.
Page 610: Deleting A Traffic Control Priority
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description (choice) The source address. This can be specified <emphasis role="bold">only if</emphasis> the protocol, port and interface are not defined. Prerequisite: An address can be specified only if neither a protocol or port nor an interface are specified.
Page 611: Viewing A List Of Traffic Control Classes
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration The following sections describe how to configure and manage traffic control classes: • Section 5.39.4.1, “Viewing a List of Traffic Control Classes” • Section 5.39.4.2, “Adding a Traffic Control Class”...
Page 612 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description Internet protocol type - use both when no addresses are used, otherwise define IPv4 and IPv6 rules for each type of addresses used. interface { interface } Synopsis: A string The interface to which this class applies.
Page 613: Deleting A Traffic Control Class
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Value/mask encoding: 0x04/0x04 Synopsis: true or false tos-minimize-cost Default: false Value/mask encoding: 0x02/0x02 tos-normal-service Synopsis: true or false Default: false Value/mask encoding: 0x00/0x1e default Synopsis: true or false Default: false <emphasis role="bold">One default class</emphasis>...
Page 614: Viewing A List Of Traffic Control Devices
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide The following sections describe how to configure and manage traffic control devices: • Section 5.39.5.1, “Viewing a List of Traffic Control Devices” • Section 5.39.5.2, “Adding a Traffic Control Device”...
Page 615: Deleting A Traffic Control Device
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Internet protocol type - use both when no addresses are used, otherwise define IPv4 and IPv6 rules for each type of addresses used. inbandwidth { inbandwidth } Default: 0 Incoming bandwidth.
Page 616: Viewing A List Of Traffic Control Rules
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Section 5.39.6.2, “Adding a Traffic Control Rule” • Section 5.39.6.3, “Configuring QoS Marking” • Section 5.39.6.4, “Deleting aTraffic Control Rule” Section 5.39.6.1 Viewing a List of Traffic Control Rules...
Page 617: Configuring Qos Marking
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Internet protocol type - use both when no addresses are used, otherwise define IPv4 and IPv6 rules for each type of addresses used. source { source } Synopsis: A string IF name, comma-separated list of hosts or IPs, MAC addresses, or 'all'.
Page 618 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • Save/Restore: Replaces the connection's QoS mark value with an assigned value. • Continue: If the packet matches, no more traffic control rules are checked and the packet is automatically forwarded to the specified chain.
Page 619 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Configuring a Modify Mark Make sure the CLI is in Configuration mode. Select the Modify option by typing: qos traffic-control advanced-configuration tcrules name mark-choice modify Where: • name is the name of the traffic control rule...
Page 620 Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Where: • name is the name of the traffic control rule Configure the following parameter(s): Parameter Description value-mask { value-mask } Synopsis: A string A mask to process the mark with.
Page 621: Deleting Atraffic Control Rule
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Default: forward A chain where the DSCP marking will take place. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 622: Adding A Qos Map
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • For Routable Ethernet Ports show running-config interface eth slot port vlan id qosmap Where: ▪ slot is the name of the module location ▪ port is the port number (or a list of ports, if aggregated in a port trunk) for the module ▪...
Page 623: Deleting A Qos Map
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration ▪ id is the ID given to the VLAN ▪ priority is the priority assigned to the QoS map • For Routable-Only Ethernet Ports interface eth slot port vlan id qosmap priority Where: ▪...
Page 624: Managing Egress Markers For Qos Maps
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • For Switched Ethernet Ports no switch vlans all-vlans id qosmap priority Where: ▪ id is the ID given to the VLAN ▪ priority is the priority assigned to the QoS map •...
Page 625: Viewing A List Of Egress Marks
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.39.8.1 Viewing a List of Egress Marks To view a list of egress marks for a QoS map, type: • For Switched Ethernet Ports show running-config interface switch vlans all-vlans id qosmap priority egress Where: ▪...
Page 626: Adding An Egress Mark
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide If no egress marks have been configured, add egress marks as needed. For more information, refer to Section 5.39.8.2, “Adding an Egress Mark”. Section 5.39.8.2 Adding an Egress Mark To add an egress mark for a QoS Map, do the following: Make sure the CLI is in Configuration mode.
Page 627: Deleting An Egress Mark
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration ▪ mark is the value of the egress mark Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 5.39.8.3 Deleting an Egress Mark To delete an egress mark for a QoS map, do the following: Make sure the CLI is in Configuration mode.
Page 628: Viewing Qos Statistics
Section 5.39.9 Viewing QoS Statistics RUGGEDCOM ROX II provides statistics for traffic going through each class that has been configured. Packets are assigned to classes on the outbound interface based on rules. If a packet matches the specified criteria, it is considered to be a member of the class and is forwarded to that class.
Page 629: Managing Ip Addresses For Routable Interfaces
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Based on a 10-second average. Section 5.40 Managing IP Addresses for Routable Interfaces The following sections describe how to configure and manage IP addresses for routable interfaces: •...
Page 630: Managing Ipv4 Addresses
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide errors dropped 0 transmit bytes packets errors dropped collisions 0 interfaces ip fe-cm-1 This table or list displays the following information: Parameter Description Synopsis: { not set, up, down, testing, unknown, dormant, notPresent, lowerLayerDown } admin-state The port's administrative status.
Page 631: Adding An Ipv4 Address
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration show running-config ip interface ipv4 Where: • interface is the name of the interface If addresses have been configured, a table or list similar to the following example appears:...
Page 632: Configuring Ipv6 Neighbor Discovery
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Delete the address by typing: no ip interface ipv4 address address Where: • address is the IPv4 address Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 633 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • interface is the name of the interface Configure the following parameter(s) as required: Parameter Description enable-ra Synopsis: typeless Enable to send router advertisement messages. adv-interval-option Synopsis: typeless Includes an Advertisement Interval option which indicates to hosts the maximum time in milliseconds, between successive unsolicited router advertisements.
Page 634: Managing Ipv6 Network Prefixes
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.40.5 Managing IPv6 Network Prefixes An IPv6-capable interface can use Neighbor Discovery to advertise IPv6 network prefixes to its neighbor on the same link. The following sections describe how to configure and manage IPv6 network prefixes: •...
Page 635: Deleting An Ipv6 Network Prefix
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description Prerequisite: The router address can not be set unless off-link or no-autoconfig are set. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 636: Adding An Ipv6 Address
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide If no addresses have been configured, add addresses as needed. For more information, refer to Section 5.40.6.2, “Adding an IPv6 Address”. Section 5.40.6.2 Adding an IPv6 Address To add an IPv6 address to a routable interface, do the following: Make sure the CLI is in Configuration mode.
Page 637: Viewing The Status Of Ip Binding
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.41.3, “Enabling/Disabling MPLS Routing” • Section 5.41.4, “Managing the MPLS Interfaces” • Section 5.41.5, “Managing Static Label Binding” • Section 5.41.6, “Managing Static Cross-Connects” • Section 5.41.7, “Managing LDP”...
Page 638: Enabling/Disabling Mpls Routing
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide A table or list similar to the following example appears: ruggedcom# show mpls status forwarding-table LOCAL OUTGOING OUTGOING LABEL LABEL PREFIX INTERFACE NEXT HOP UPTIME ------------------------------------------------------------------------ 1.1.1.1/32 switch.0010 192.168.10.1 01:04:31 2.2.2.2/32...
Page 639: Viewing The Status Of Mpls Interfaces
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.41.4.1, “Viewing the Status of MPLS Interfaces” • Section 5.41.4.2, “Viewing a List of MPLS Interfaces” • Section 5.41.4.3, “Enabling/Disabling an MPLS Interface” Section 5.41.4.1 Viewing the Status of MPLS Interfaces...
Page 640: Enabling/Disabling An Mpls Interface
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide • ENABLED refers to the status of the MPLS operation on the interface If no MPLS interfaces have been configured, enable interfaces as needed. For more information about enabling MPLS interfaces, refer to Section 5.41.4.3, “Enabling/Disabling an MPLS...
Page 641: Viewing A List Of Static Labels
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description ip-address Synopsis: A string The destination address prefix. in-label Synopsis: A string The incoming (local) label. Synopsis: A string out-label The outgoing (remote) label. nexthop Synopsis: A string The destination next hop router.
Page 642: Deleting A Static Label
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description in-label { in-label } Synopsis: An integer between 16 and 1048575 The incoming label: integer 16 -> 1048575. next-hop { next-hop } Synopsis: A string 7 to 15 characters long The IP address for the destination next-hop router.
Page 643: Viewing The Status Of Static Cross-Connects
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration • Section 5.41.6.2, “Viewing a List of Static Cross-Connects” • Section 5.41.6.3, “Adding a Static Cross-Connect” • Section 5.41.6.4, “Deleting a Static Cross-Connect” Section 5.41.6.1 Viewing the Status of Static Cross-Connects...
Page 644: Adding A Static Cross-Connect
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide If no static cross-connects have been configured, add cross-connects as needed. For more information about adding static cross-connects, refer to Section 5.41.6.3, “Adding a Static Cross-Connect”. Section 5.41.6.3 Adding a Static Cross-Connect To add a static cross-connect, do the following: Make sure the CLI is in Configuration mode.
Page 645: Managing Ldp
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.41.7 Managing LDP LDP (Label Distribution Protocol), defined by RFC 5036 [http://tools.ietf.org/html/rfc5036], is a protocol that enables an MPLS capable router to exchange MPLS label information. The labels are distributed in both directions so that an LSP (Label Switched Path) can be established and managed within an MPLS network dynamically, as opposed to configuring static routes.
Page 646: Viewing The Status Of The Ldp Discovery Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description local-label Synopsis: A string The incoming (local) label. next-hop Synopsis: A string The destination next hop router. Synopsis: A string remote-label The LDP remote label. in-use Synopsis: A string The LDP in-use flag.
Page 647: Viewing The Status Of The Ldp Neighbor Local Node Information
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.41.7.3 Viewing the Status of the LDP Neighbor Local Node Information To view the status of the local node(s) for the LDP neighbor on the device, type: show mpls ldp status neighbor local-node-information...
Page 648: Viewing The Status Of The Ldp Neighbor Discovery Information
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description The up time of the LDP neighbor connection. This table provides the following information: Parameter Description peer-id Synopsis: A string The peer ID of the LDP neighbor connection.
Page 649: Configuring Ldp
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Parameter Description peer-session-holdtime Synopsis: A string The peer session holdtime of the LDP neighbor discovery. Section 5.41.7.6 Configuring LDP To configure the LDP, do the following: Make sure the CLI is in Configuration mode.
Page 650: Viewing A List Of Ldp Interfaces
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description The time (in seconds) that a discovered LDP neighbor is remembered without receipt of an LDP Hello message from the neighbor. Section 5.41.7.8 Viewing a List of LDP Interfaces...
Page 651: Managing The Ruggedcom Crossbow Application
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.42 Managing the RUGGEDCOM CROSSBOW Application RUGGEDCOM CROSSBOW is part of the RUGGEDCOM family of communications products. It was developed to address the need to interactively and securely access remote field devices to perform maintenance, configuration, and data retrieval functions.
Page 652: Configuring The Sac Connection
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Navigate to apps » crossbow » client-connection and configure the following parameter(s): Parameter Description ipaddr { ipaddr } The IP address to which a client will connect to the Station Access Controller (SAC).
Page 653: Managing Crossbow Ca Certificate Lists
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Configure the CA certificate and key for RUGGEDCOM CROSSBOW by typing: apps CrossBow certificate cert certificate cert-private-key key Where: • certificate is the name of the CA certificate loaded on the device •...
Page 654: Deleting A Ca Certificate List
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Type commit and press Enter to save the changes, or type revert and press Enter to abort. Section 5.42.5.3 Deleting a CA Certificate List To delete a CA certificate list for the RUGGEDCOM CROSSBOW application, do the following: Make sure the CLI is in Configuration mode.
Page 655: Managing The Ruggedcom Elan Application
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration R Socket (errno 11: Resource temporarily unavailable): fd: -1, bailing. /var/log/syslog:Jan 31 15:15:22 ruggedcom crossbowd[24763]: ssl2tcp (ClentConn)[1208114224], Log Level set to 2 /var/log/syslog:Jan 31 15:15:22 ruggedcom crossbowd[24763]: ssl2tcp (ClentConn)[1208114224], elan_init_security()::100: Unable to load random seed file.
Page 656: Configuring Certificates And Private Keys
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Parameter Description all-ipv6-interfaces Listening on all IPv6 interfaces only - this will clear any configured addresses. all-interfaces Listening on all IPv4 and IPv6 interfaces - this will clear any configured addresses.
Page 657: Viewing A List Of Network Addresses
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Section 5.43.3.1 Viewing a List of Network Addresses To view a list of network addresses, type: show running-config apps elan database addresses If addresses have been configured, a table or list similar to the following example appears:...
Page 658: Managing Ca Certificate Lists
Chapter 5 RUGGEDCOM ROX II Setup and Configuration CLI User Guide Section 5.43.4 Managing CA Certificate Lists The following sections describe how to manage CA certificate lists for the RUGGEDCOM ELAN application: • Section 5.43.4.1, “Viewing a List of RUGGEDCOM ELAN CA Certificate Lists”...
Page 659: Enabling/Disabling Ruggedcom Elan
RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration no apps eLAN certificate ca-cert-list name Where: • name is the name of the CA (Certified Authority) certificate. Type commit and press Enter to save the changes, or type revert and press Enter to abort.
Page 660 RUGGEDCOM ROX II Chapter 5 CLI User Guide Setup and Configuration Enabling/Disabling RUGGEDCOM ELAN...
Page 661: Troubleshooting
CLI User Guide Troubleshooting Troubleshooting This chapter describes troubleshooting steps for common issues that may be encountered when using RUGGEDCOM ROX II or designing a network. It describes the following tasks: IMPORTANT! For further assistance, contact Siemens Customer Support. NOTE For a description of pre-configured alarms, refer to Section 4.6.1, “Pre-Configured...
Page 662: Multicast Filtering
Chapter 6 RUGGEDCOM ROX II Troubleshooting CLI User Guide Problem Solution negotiating side will experience collisions. Ultimately, as traffic loads approach 100%, the link will become entirely unusable. The ping command with flood options is a useful tool for testing commissioned links. The command ping 192.168.0.1 500 2 can be used to issue 500 pings each separated by...
Page 663: Spanning Tree
RUGGEDCOM ROX II Chapter 6 CLI User Guide Troubleshooting Problem Solution However, it guarantees that all devices interested in the traffic will keep receiving it without interruption. The same behavior will be observed when the switch resets or when IGMP Snooping is being disabled for the VLAN.
Page 664: Vlans
Chapter 6 RUGGEDCOM ROX II Troubleshooting CLI User Guide Problem Solution at the farthest edge of the network from the root. In this case, a configuration message will have to propagate out to the edge and then back in order to reestablish the topology.

This manual is also suitable for:

Rx1500 Rx1512 Rx1501 Rx1510 Rx1511

Siemens RUGGEDCOM ROX II User Manual

Chapter 1 Introduction

Chapter 2 Using RUGGEDCOM ROX II

Chapter 3 Device Management

Chapter 4 System Administration

Quick Links

Troubleshooting

Related Manuals for Siemens RUGGEDCOM ROX II

Summary of Contents for Siemens RUGGEDCOM ROX II