1. Manuals
  2. Brands
  3. Belair Manuals
  4. Wireless Access Point
  5. 20E
  6. User manual

Belair 20E User Manual

Indoor solution
Hide thumbs
Table of Contents

Advertisement

Quick Links

BelAir20E
Release:
Document Date:
Document Number:
Document Status:
Security Status:
Customer Support:
© Copyright 2012 by BelAir Networks.
The information contained in this document is confidential and proprietary to BelAir Networks. Errors and Omissions Excepted.
Specification may be subject to change. All trademarks are the property of their respective owners.
Protected by U.S. Patents: 7,171,223, 7,164,667, 7,154,356, 7,030,712 and D501,195. Patents pending in the U.S. and other countries.
BelAir Networks, the BelAir Logo, BelAir200, BelAir200D, BelAir100, BelAir100S, BelAir100C, BelAir100T, BelAir20, BelAir20M, BelAir20E, BelAir20EO, BelAir100M,
BelAir100i, BelAir100SN, BelAir100SNE, BelAir100N, BelAir100P, BelView and BelView NMS are trademarks of BelAir Networks Inc.
12.0
April 2, 2012
BDTM02201-A01
Standard
Confidential
613-254-7070
1-877-BelAir1 (235-2471)
techsupport@belairnetworks.com
BelAir20E
Page 1 of 255

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the 20E and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Belair 20E

Summary of Contents for Belair 20E

  • Page 1: User Guide

    © Copyright 2012 by BelAir Networks. The information contained in this document is confidential and proprietary to BelAir Networks. Errors and Omissions Excepted. Specification may be subject to change. All trademarks are the property of their respective owners. Protected by U.S. Patents: 7,171,223, 7,164,667, 7,154,356, 7,030,712 and D501,195. Patents pending in the U.S. and other countries.

  • Page 2: Table Of Contents

    BelAir20E User Guide Contents Contents About This Document ........3 System Overview .

  • Page 3: About This Document

    • Text in { } refers to a list of possible entries with | as the separator. • Parameters in ( ) indicate that at least one of the parameters must entered. Related The following titles are BelAir reference documents: Documentation BelAir20E Quick Install Guide •...

  • Page 4: System Overview

    BelAir20E User Guide System Overview System Overview The BelAir20E Access Point (AP) is an evolution of BelAir Networks indoor solution and part of BelAir Networks industry leading product portfolio. The BelAir20E adds standards-based beamforming, five Gigabit Ethernet ports (one WAN port with PoE and four LAN ports), integrated antennas, and full 802.11n compliance (802.11n-2009) to BelAir Networks leading low cost, high...
  • Page 5 802.11n links. Each radio can act as an Access Point (AP) or provide backhaul links. An AP provides user traffic wireless access to the BelAir20E. Backhaul links connect to other BelAir radios to create a radio mesh. • four integrated dual-band antennas (-11 model only) •...

  • Page 6: Belair20E Configuration Interfaces

    BelAir20E User Guide BelAir20E Configuration Interfaces BelAir20E Configuration Interfaces The BelAir20E can be accessed and configured using the following configuration interfaces: • the command line interface (CLI) • the SNMP interface • the Web interface (using either HTTPS or HTTP) All three interfaces (CLI, SNMP and Web) have the same public IP address.
  • Page 7 Network Management System (NMS). Table 3 on page 8 describes the BelAir20E SNMP MIBs. A copy of the BelAir20E SNMP MIBs is available from the BelAir Networks online support center at: www.belairnetworks.com/support/index.cfm. Table 2: Standard SNMP MIBs...
  • Page 8 BELAIR-PRODUCTS.mib defines product object IDs BELAIR-RSTP.mib defines RSTP data types BELAIR-SMI.mib defines BelAir top level OID tree BELAIR-SYSTEM.mib defines basic OAM features such as software download, temperature and BelAir alarms BELAIR-TC.mib defines BelAir data types BELAIR-TUNNEL.mib...
  • Page 9 NMS platform. Refer to your NMS platform documentation for details. Web Interface BelAir Networks has verified that the BelAir20E Web interface operates correctly with the following web browsers: • Microsoft Internet Explorer version 6.0, service pack 2 • Mozilla Firefox version 1.5, or later Accessing the Web You can access the Web interface using either secure HTTP (HTTPS) or HTTP.
  • Page 10 BelAir20E User Guide BelAir20E Configuration Interfaces Figure 2: Typical Login Page 2 Enter a valid user name, such as root, and a valid password. Note:The specified password is case sensitive. Figure 3 on page 10 shows a typical resulting main page for the Web interface.
  • Page 11 BelAir20E User Guide BelAir20E Configuration Interfaces Stopping a Session To stop a Web interface session, click on the Logout button located in the top right corner each page. See Figure Additional The Web interface provides the following tools to display radio performance Troubleshooting Tools metrics: •...

  • Page 12: Command Line Interface Basics

    BelAir20E User Guide Command Line Interface Basics Command Line Interface Basics Use this chapter to familiarize yourself with basic CLI tasks, including: • “Connecting to the BelAir20E” on page 12 • “Starting a CLI Session” on page 12 • “Command Modes” on page 14 •...
  • Page 13 BelAir20E User Guide Command Line Interface Basics BelAir20E default IP address (10.1.1.10). The BelAir20E prompts you for your user name and password. The default super-user account is “root”. The default password is “admin123”. If the login is successful, the BelAir20E prompt is displayed. The default prompt is “#”, if you login as root.
  • Page 14 SSH Session Example of Initial Login With secure shell, the system prompts you twice for your password. ssh -l root 10.1.1.10 root@10.1.1.10's password: BelAir Backhaul and Access Wireless Router BelAir User: root Password: Telnet Session Example of Initial Login With Telnet, the system prompts you only once for your password.
  • Page 15 BelAir20E User Guide Command Line Interface Basics Figure 4: Sample Output of mode Command • The node has one card. The HTME /# mode card is in slot 1. /card /htme-1 • The node has the following physical interfaces: /interface wifi-1-1 —Interface is associated...
  • Page 16 — : 1000Base-TX, HTME LAN • <n> is the slot number where the interface is located in the BelAir platform • <m> is port number. <m> is 1 for most interfaces. The HTME card can have multiple ports representing multiple Wi-Fi radios operating different frequencies.
  • Page 17 • rstp • RSTP • snmp • SNMP • sntp • SNTP • te-<eng> • L2TP tunnel engine (te). BelAir platforms can have one tunnel engine per system (syst). Services: /services/<service> one of: Configure the following services: • auto-conn • Auto-configuration •...
  • Page 18 BelAir20E User Guide Command Line Interface Basics Note 1: The prompt changes to match the current mode. You can further customize the prompt to show the switch name or a 20-character string that you define. Note 2: Access to a mode is only allowed if the user has sufficient privileges to execute commands in that mode.

  • Page 19: Help Command

    BelAir20E User Guide Command Line Interface Basics cd interface/wifi-1-1/ show show ssid table show statistics history Special CLI Keys Command Completion You can ask the CLI to complete a partially typed command or mode name by pressing the key. If the command or mode name cannot be completed unambiguously, the CLI presents you with a list of possible completions.

  • Page 20: Available Commands

    BelAir20E User Guide Command Line Interface Basics Available Commands Entering displays the commands that apply to the currently accessed mode. For example: /mgmt# ? Available commands : adduser <user-name> -p <passwd> [ -d <default-mode>] [-g <grp-name>] deluser <user-name> moduser <user-name> [ -p <passwd>] [ -d <default-mode>] [-g <grp-name>] set authentication-login {local | radius <list>} set telnet {enabled|disabled} show authentication-login...
  • Page 21 BelAir20E User Guide Command Line Interface Basics show authentication-login Description : show authentication login status and RADIUS servers configuration show telnet status Description : shows the status of the telnet. show user Description : List all valid users, along with their permissible mode. show date Description : show current system date and time Help for a Specific Command...
  • Page 22 You can use a backup copy that was created with a different version of software than the current software installed on the unit. If you do, BelAir Networks strongly recommends that you fully and thoroughly verify the configuration and operation of the unit after you reboot the system and before you save the restored configuration.
  • Page 23 This command lock your console display window. You must enter your password to unlock it. Displaying the Current version Software Version This command displays the version of the currently running BelAir software load. Example /# version April 2, 2012 Confidential...
  • Page 24 BelAir20E User Guide Command Line Interface Basics Version is BA20E 12.0.0.D.2011.01.19.14.32 (r36096) Displaying the Current show date Date and Time This command displays the current date and time. Example 1 The following example displays the current date and time when it is set manually.
  • Page 25 <ip address> [<port_number>] This command lets you start a Telnet session to another machine, such as another BelAir node, by specifying the IP address. By default t, Telnet uses port 23. You can also specify an alternate port number.
  • Page 26 BelAir20E User Guide Command Line Interface Basics Access: AP admin state: .... Enabled Backhaul: link admin state: ..Disabled link id: ....BelAirNetworks topology: ....mesh April 2, 2012 Confidential Page 26 of 255 Document Number BDTM02201-A01 Standard...

  • Page 27: Belair20E Access Methods

    BelAir20E User Guide BelAir20E Access Methods BelAir20E Access Methods When a BelAir20E is shipped from the factory, all access methods (CLI, SNMP, Telnet, HTTP, HTTPS, SSH) are enabled. You can use these interfaces to configure the system’s IP networking parameters. This chapter describes the CLI commands you can use to configure these access methods.

  • Page 28: Snmp Agent

    BelAir20E User Guide BelAir20E Access Methods SNMP Command The following sections show you how to configure SNMP functions. Reference SNMP Agent /protocol/snmp/set snmp-agent {enabled | disabled} /protocol/snmp/show snmp-agent set snmp-agent command enables or disables SNMP access. SNMP Configuration /protocol/snmp/show config [{v2 | v3 | all}] show config Use the command to display the current SNMP configuration.
  • Page 29 29. To limit access to a single manager, enter the manager’s IP address. See “Example 2” on page Example 1 /protocol/snmp# set community 1 community-name belair ipaddr 0.0.0.0 privilege readonly belair In this example, all managers configured with the SNMP community of can access the node for read only functions.
  • Page 30 BelAir20E User Guide BelAir20E Access Methods show trap command displays the SNMPv2 trap manager configuration information. Example 1 /protocol/snmp# set trap 1 mgr-addr 40.40.40.40 community bel1 version v1 /protocol/snmp# set trap 2 mgr-addr 41.41.41.41 community bel2 version v2 Example 2 /protocol/snmp# show trap Index IP address Community...
  • Page 31 BelAir20E User Guide BelAir20E Access Methods [retries <1-3>] [auth {md5 | sha} <password> [priv-DES <passwd>]] /protocol/snmp/delete notify <NotifyName> /protocol/snmp/show notify set notify command enables notifications to be sent to an SNMPv3 manager for the specified notification name. You can configure up to 10 notification names.
  • Page 32 BelAir20E User Guide BelAir20E Access Methods Engine Identifier /protocol/snmp/show engineid This command displays the current engine identifier. Telnet /mgmt/telnet {enable|disable} /mgmt/show telnet status telnet command enables or disables Telnet access to the unit. show command displays the status of the Telnet interface. Example 1 /#cd /mgmt/ /mgmt# telnet enable...
  • Page 33 BelAir20E User Guide BelAir20E Access Methods Configuring the Server To configure the server certificate: Certificate 1 Create the RSA key pair. See “Creating RSA Key Pair” on page 2 Create a certificate request. See “Creating Certificate Request” on page The certificate request is displayed on the screen. 3 Copy the certificate request to a file and send it to the Certificate Authority (CA) that will generate the certificate.
  • Page 34 BelAir20E User Guide BelAir20E Access Methods Example /#cd ssl /ssl# ssl save April 2, 2012 Confidential Page 34 of 255 Document Number BDTM02201-A01 Standard...

  • Page 35: User And Session Administration

    BelAir20E User Guide User and Session Administration User and Session Administration This chapter describes user administration functions with the following topics: • “User Privilege Levels” on page 35 • “User Accounts” on page 38 • “Configuring Authentication for User Accounts” on page 39 •...

  • Page 36: System Commands

    BelAir20E User Guide User and Session Administration Table 5: Super-user commands (Continued) Mgmt Commands adduser <user-name> -p <passwd> [-d <mode>] [-g <group>] deluser <user-name> moduser <user-name> [ -p <passwd>] [ -d <mode>] [-g <group>] show user set telnet {enabled|disabled} set authentication-login {local | radius <list>} show authentication-login System Commands set country <country_name>...
  • Page 37 BelAir20E User Guide User and Session Administration Table 5: Super-user commands (Continued) renew ip {system | vlan <1-2814>} SSL Mode Commands set http {enable|disable} set secure-http {enable|disable} show http status show secure-http status show server-cert ssl gen cert-req algo rsa sn <SubjectName> ssl gen key {rsa} <no.
  • Page 38 BelAir20E User Guide User and Session Administration Table 5: Super-user commands (Continued) set notify <NotifyName> type {Trap | Inform} ipaddr <IP_addr> [timeout <1-1500>] [retries <1-3>] [auth {md5 | sha} <password> [priv-DES <passwd>]] delete notify <NotifyName> set authentication-trap {enable | disable} User Accounts /mgmt/adduser <user-name>...
  • Page 39 BelAir20E User Guide User and Session Administration Reply-Message root field must contain in plain text one of the following: NORMAL OBSERVER . These entries in RADIUS are case sensitive, so make sure the user privilege levels are entered exactly as specified. If the privilege levels are unspecified in RADIUS, then the BelAir20E provides the user with observer privileges.
  • Page 40 BelAir20E User Guide User and Session Administration Example 1 /mgmt# set authentication-login radius 1,2 Example 2 mgmt# show authentication-login Authentication Login is radius Radius Authentication server table ------------------------------------- Index Radius Server Address : 10.1.3.254 UDP port number : 1812 Radius Client Address : 10.1.3.48 Timeout --------------------------------------------...
  • Page 41 BelAir20E User Guide User and Session Administration timeout parameter ranges from 2 to 300. It specifies the interval (in seconds) after which the RADIUS client considers that the remote server has timed out if a reply is not received. The default value is 10 seconds. reauthtime parameter ranges from 0 to 50000000.
  • Page 42 BelAir20E User Guide User and Session Administration Configuring the Session /system/set global-session-timeout <period> Timeout Interval /system/set session-timeout <period> /system/show global-session-timeout By default, a CLI session is automatically disconnected if it is idle for longer than 30 minutes. These commands allows you to change the idle period, preventing unwanted disconnections.
  • Page 43 BelAir20E User Guide User and Session Administration Examples /system#set prompt string BelAir-128-50-46-189 /system#set prompt selection string [BelAir-128-50-46-189]/system#system switch BA20E [BelAir-128-50-46-189]/system#set prompt selection switch-name [BA20E-A]/system#set prompt selection switch-name [BA20E-A]/system#set prompt selection default /system# show prompt User-defined string: BelAir-128-50-46-189 prompt selection: default...

  • Page 44: Ip Settings

    BelAir20E User Guide IP Settings IP Settings This chapter contains procedures for managing BelAir20E IP parameters as follows: • “Displaying IP Parameters” on page 44 • “Configuring IP Parameters” on page 45 —“Configuring Dynamic IP Addressing” on page 45 —“Renewing the IP Address” on page 46 —“Auto-IP”...
  • Page 45 If you specify a new VLAN, then that VLAN is created. The command deletes VLAN IP parameters previously created with the interface command. If the IP address is dynamically set, BelAir Networks recommends that you also switch name location contact configure the parameters.
  • Page 46 DHCP clients. Make sure that the DHCP server assigns only one default route, even you are using many different IP interfaces on the same BelAir platform (for example, a management IP interface and a VLAN IP interface). Note 2: You must configure the DHCP server lease time to be one minute or longer.
  • Page 47 IP parameters do not config-save take effect until after you execute do a command. BelAir Networks delay-activation recommends that you always specify if you change the system IP parameters. Otherwise you will need to start a new CLI session using the...
  • Page 48 BelAir20E User Guide IP Settings ip route del command deletes a static route. gateway Use the parameter to specify the IP address of the network gateway. Configuring the /protocol/ip/set dns server {primary | secondary} <ip_address> /protocol/ip/del dns server {primary | secondary} Domain Name /protocol/ip/set dns domain name <customer.com>...

  • Page 49: System Settings

    /system/set country <country_code> Operation Note: These commands apply only to BelAir units purchased outside of the United States of America and its territories. For units purchased in the United States of America and its territories, the unit’s country code is and cannot be changed.
  • Page 50 Improper setting of a unit’s country setting may exceed regulatory requirements and void the operator’s right to operate the radio equipment. Contact BelAir Networks for details regarding country specific approvals. Additional country settings are also available by contacting BelAir Networks. System /system/set system-id ([switch <name>] [contact <firm>] [location <place>])
  • Page 51 BelAir20E User Guide System Settings Configuring the The system date and time can be configured: System Date and • manually Time • using a Simple Network Time Protocol (SNTP) server In both cases, you can use an offset to convert the displayed Coordinated Universal Time (UTC) to local time.
  • Page 52 BelAir20E User Guide System Settings Example 4 /system# show date Current date: 2011-08-11 23:04:46 (UTC) Current date: 2011-08-11 17:04:46 Managing an SNTP /protocol/sntp/set ip-address {primary|secondary} {<host> | disabled} Server /protocol/sntp/set timeoffset <hour_offset:minute_offset> /protocol/sntp/set status {enabled | disabled} /protocol/sntp/show {config | status} The BelAir20E supports the Simple Network Time Protocol (SNTP) by providing an SNTP client that can synchronize the unit date and time with any SNTP compatible external time server.

  • Page 53: Led Control

    /system/set coordinates [latitude <-90,+90> ] [longitude <-180,+180>] /system/show coordinates These commands allow you to specify the exact geographic location of a BelAir unit. You can then use the Global Positioning System (GPS) coordinates to locate a unit in the field.
  • Page 54 /system/show system-egress-point /system/set system-egress-point {yes {direct|indirect gateway-ip <ip_addr>}|no} Network Egress In a BelAir network, a node can act as an egress point to an outside network, Point usually the Internet, for the backhaul traffic of many other nodes. The other nodes may be connected to the egress node through point-to-point, point-to-multipoint or multipoint-to-multipoint links.
  • Page 55 BelAir20E User Guide System Settings Displaying Unit /system/show phyinv Inventory This command displays the manufacturing parameters (name, serial number and Information part version numbers) of the equipment parts contained in a unit. Example - BelAir20E /system# show phyinv System Name: BA20E-11 Type Class...
  • Page 56 BelAir20E User Guide System Settings Example /system# show sysuptime System Up Time: 234 days, 16:45:32.34 Displaying the /system/show running-configuration This command displays the configuration that the node is currently operating Running show with. It executes a series of commands with results displayed on the CLI Configuration screen.
  • Page 57 BelAir20E User Guide System Settings This command allow you to enable or disable session logging. The default enable /system/show sessions setting is . Use the command to see the current setting. /syslog/export logs Use the command to access the command log file. Refer to the BelAir20E Troubleshooting Guide for a detailed description.

  • Page 58: Belair20E Auto-Configuration

    BelAir20E uses DHCP Options 12, 60, 55 and 43 to retrieve extra information during startup and to supply the DHCP server with information about itself. The BelAir20E provides the system identifier host name through DHCP BelAir Networks Option 12 and the vendor class identifier through DHCP Option 60.
  • Page 59 BelAir20E User Guide BelAir20E Auto-configuration • DNS server IP addresses. Up to two DNS servers are supported. See “Configuring the Domain Name System Lookup Service” on page • IP address for a time server. Two time servers are supported for use by the SNTP service.
  • Page 60 Pre-requisites To use DHCP options, your DCHP server must be configured to supply the information requested by the BelAir platform. In particular, make sure of the following: • Your DHCP server supplies a list of SNTP servers instead of NTP servers and that they are listed in order of preference.
  • Page 61 BelAir20E User Guide BelAir20E Auto-configuration dns-server parameter controls DNS server IP addresses. Up to two DNS servers are supported. See “Configuring the Domain Name System Lookup Service” on page tftp-download parameter controls two DHCP options: TFTP server IP address and script file. Enabling this option causes a TFTP session to be created and the script file to be downloaded and executed during startup.
  • Page 62 BelAir20E User Guide BelAir20E Auto-configuration bnconfigserv.<domain_name> an FTP session to (for example, bnconfigserv.belairnetworks.com ). In either case: —The FTP username used by the BelAir20E is bn_%02x_%02x_%02x_%02x_%02x_%02x . For example, if the MAC 00:0d:67:0c:21:76 address of the BelAir20E is , then the username on the bn_00_0d_67_0c_21_76 FTP server is .
  • Page 63 BelAir20E User Guide BelAir20E Auto-configuration The server may be identified by supplying either its IP address or providing its belairconfig.com name. The default server name is . The default protocol is anonymous FTPS. The default user name and password is .

  • Page 64: Ethernet Or Lan Interface Settings

    Mac Address : 00:0D:67:0C:23:38 Managing Egress In a BelAir network, the Ethernet or LAN port of a node can act as an egress point for the backhaul traffic of many other nodes. The other nodes may be Node Traffic connected to the egress node through point-to-point, point-to-multipoint or multipoint-to-multipoint links.
  • Page 65 Ethernet or LAN port are converted to tagged packets with the specified VLAN ID before they are sent to the BelAir nodes. Similarly, packets that are tagged with the specified VLAN ID are sent to the external network through Ethernet or LAN port as untagged VLAN packets.
  • Page 66 BelAir20E User Guide Ethernet or LAN Interface Settings These commands let you manage list of VLAN IDs. By default, the list is empty meaning that all traffic is allowed to enter or leave the Ethernet or LAN port of the egress node. If you add a VLAN ID to the list, then only traffic belonging to that VLAN can enter or leave the Ethernet or LAN port of the egress node.

  • Page 67: Card Settings

    BelAir20E User Guide Card Settings Card Settings This chapter contains the following topics that describe card operations: • “Determining which Cards are in a Node” on page 67 • “Displaying Card Information” on page 68 • “Card Administrative State” on page 70 •...
  • Page 68 BelAir20E User Guide Card Settings Example 1 /# mode /card /htme-1 /interface /wifi-1-1 (HTMEv1 5GHz 802.11n) /wifi-1-2 (HTMEv1 2.4GHz 802.11n) /eth-1-1 (1000BASE-T) /lan-1 (1000BASE-T) /lan-2 (1000BASE-T) /lan-3 (1000BASE-T) /lan-4 (1000BASE-T) /mgmt /protocol /radius /rstp /snmp /sntp /te-syst (tunnel) /qos /services /auto-conn /mobility /ssh...
  • Page 69 BelAir20E User Guide Card Settings This command applies to all cards types except . This command displays the physical interfaces that the card provides. Example /card/htme-1# show interfaces htme: has the following interfaces: wifi-1-1 wifi-1-2 eth-1-1 lan-1 lan-2 lan-3 lan-4 Displaying the Card /card/<card_type>-<n>/show cpuocc /card/<card_type>-<n>/show meminfo...
  • Page 70 BelAir20E User Guide Card Settings Note: The type and amount of card memory usage data may vary depending on the card‘s software version. Card /card/<card_type>-<n>/show state /card/<card_type>-<n>/set state {enabled | disabled} Administrative These commands apply to all cards types except .

  • Page 71: Wi-Fi Radio Configuration Overview

    BelAir20E User Guide Wi-Fi Radio Configuration Overview Wi-Fi Radio Configuration Overview Available Wi-Fi Table 7 on page 71 lists the available BelAir Wi-Fi radios. Radios Table 7: BelAir Wi-Fi Radio Summary Supported Radio Operating Operate Platform Backhaul Module Frequency as Access...

  • Page 72: Configuring Wi-Fi Radio Parameters

    BelAir20E User Guide Configuring Wi-Fi Radio Parameters Configuring Wi-Fi Radio Parameters This chapter describes how to display and configure Wi-Fi radio parameters, including: • “Displaying Wi-Fi Radio Configuration” on page 73 • “Displaying Configuration Options” on page 74 • “Operating Channel” on page 74 •...
  • Page 73 BelAir20E User Guide Configuring Wi-Fi Radio Parameters Displaying Wi-Fi /interface/wifi-<n>-<m>/show config [{all|access|backhaul|qos|mobile}] Radio This command displays various aspects of the radio’s configuration. Configuration Example - Typical BelAir20E /interface/wifi-1-1# show config all Slot: 1, Card Type: htme, revision: 1, Port: 1, Radio: HTMEv1 5GHz 802.11n admin state: ....
  • Page 74 CAUTION! Improper setting of channel, antenna gain and transmit power may exceed regulatory requirements and void the operator’s right to operate the radio BelAir Radio Transmit Power Tables equipment. Refer to the to determine valid combinations of channel, antenna gain and transmit power for your country.
  • Page 75 BelAir20E User Guide Configuring Wi-Fi Radio Parameters If the unit is a member of a multipoint-to-multipoint mesh cluster, the channel must be set to match the one used by the multipoint-to-multipoint mesh cluster. If a unit is equipped with many radios for backhaul, their channels must be separated by at least 35 MHz (that is, seven channel numbers) to avoid radio interference resulting in poor data communication quality.
  • Page 76 See also: • “Country of Operation” on page 49 BelAir Radio Transmit Power Tables • the Antenna Gain /interface/wifi-<n>-<m>/set antenna-gain <gain> This command lets you specify the gain of the antenna installed with your unit.
  • Page 77 BelAir20E User Guide Configuring Wi-Fi Radio Parameters CAUTION! Improper setting of the transmit power may exceed regulatory requirements and void the operator’s right to operate the radio equipment. See also: • “Country of Operation” on page 49 • “Operating Channel” on page 74 •...
  • Page 78 BelAir20E User Guide Configuring Wi-Fi Radio Parameters Collision Aware /interface/wifi-<n>-<m>/set advanced-collision-ctrl {enable|disable} Rate Adaptation Collision Aware Rate Adaptation (CARA) is an advanced algorithm that turns RTS on and off when it detects a collision. This allows frames that failed due to the collision to get through without compromising the transmission rate (that is, the RTS is sent at 1mpbs and clears the channel of collisions for the high rate data packet).
  • Page 79 BelAir20E User Guide Configuring Wi-Fi Radio Parameters Changing Wi-Fi /interface/wifi-<n>-<m>/set admin-state {enable|disable} Interface Admin This command controls the state of the Wi-Fi interface including all links. enable State When set to , the Wi-Fi interface is in the operational state. When set to disable , the Wi-Fi interface and all associated functions are disabled.

  • Page 80: Configuring Wi-Fi Access Point Parameters

    BelAir20E User Guide Configuring Wi-Fi Access Point Parameters Configuring Wi-Fi Access Point Parameters This chapter describes how to display and configure Wi-Fi Access Point (AP) parameters, including: • “Displaying AP Configuration” on page 81 • “AP Custom Rates” on page 81 •...
  • Page 81 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters • “ARP to Unicast Conversion” on page 98 • “802.11b Protection” on page 98 See also: • “Configuring Wi-Fi Radio Parameters” on page 72 • “Wi-Fi AP Security” on page 100 • “Wi-Fi Backhaul Link Configuration”...
  • Page 82 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters show command displays modulation rates that are currently on the list; that is, the rates that the radio uses. Rates that have short preamble are indicated with Use the command to enable or disable the custom rates feature. By default, the custom rates feature is disabled.
  • Page 83 SSID index. In the resulting output: time • The field displays how long the client has been associated to the BelAir radio. • The field lists the client's IP address. (s) indicates static IP addressing.
  • Page 84 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters Table 9: DHCP Field Value Descriptions (Continued) Value Description disc Client has sent a DHCP Discover message and is waiting for a DHCP Offer message to get its IP address. (Applicable only if client does not already have a valid IP address. Otherwise client sends DHCP Request message.) offer Server has responded to the DHCP Discover message with a...

  • Page 85: Wireless Client

    BelAir20E User Guide Configuring Wi-Fi Access Point Parameters SS-ID vlan mac addr time IP identity rssi auth dhcp ----- ---- ----------------- ---- ------------------ ---------- ---- ------- ------ 00:11:24:26:24:AA 4m 10.9.9.20(s) eapAuth static Displaying /interface/wifi-<n>-<m>/show client <1|2|...|2007> [throughput] [stats] Wireless Client This command displays the details of a wireless client that is associated or was Details recently associated with the AP.
  • Page 86 3. auto If you select , the BelAir unit automatically adjusts the beacon period and DTIM value dynamically according to the number of MBSSIDs. The default setting is to have a fixed beacon period of 100 ms with a DTIM value of 3.
  • Page 87 [aggregation | start <start_idx>] /interface/show client-record detail <num_entries> Records Every 15 minutes, the BelAir node generates wireless client association records. A client record includes the following information: • The IP address, MAC address, VLAN, RSSI, DHCP state, and authentication state of the client.
  • Page 88 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters Example - Aggregated Records /interface# show client-record 20 aggregation SSID Start Time End Time RSSI Vlan TX Cross Byte Cross Rate Radio INX dd hh:mm:ss dd hh:mm:ss address address KB dd hh:mm:ss dd hh:mm:ss 1 wifi-2-1 1 11 04:57:41 11 04:59:40 10:1:1:7 00:18:de:c2:30:46 -42...
  • Page 89 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters Displaying the SSID /interface/wifi-<n>-<m>/ show ssid table Table This command summarizes in table format the parameters of all configured SSIDs. In the resulting output: broadcast broadcast • The setting is the default for SSID 1. A setting means that the access radio responds to a broadcast probe request and that SSID broadcast...
  • Page 90 UP marking: ..... Disabled (0) acl state: ....... Disabled secure port state: ....Disabled arp unicast conversion state: ..Disabled radius NAS identifier: ... belair radius accounting: ....Disabled radius station id unformatting: .. Disabled radius account session id: ..Disabled...
  • Page 91 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters By default, SSID 8: DefaultKey123 • uses WPA encryption with the following pre-shared key: Users may wish to change the security settings to suit their needs. • is not mapped to a VLAN. Users may wish to map SSID 8 to a separate VLAN reserved for management sessions.
  • Page 92 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters • Traffic from clients where the last three bits have a value of 6 is directed to the seventh VLAN on the list. If the last three bits of the MAC address does not reference a VLAN on the list, then the client's traffic is directed to the first VLAN on the list.
  • Page 93 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters Setting Traffic Limits /interface/wifi-<n>-<m>/set ssid <ssid_index> traffic-limit ([upstream <bits-per-second>] [downstream <bits-per-second>]) This command allows you to control the amount of traffic the AP sends for a particular SSID: upstream • Use the parameter to specify the amount sent to the network.
  • Page 94 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters If you choose Suboption 150 and 151, the relay agent information is packaged as follows: • Suboption 150. The VLAN info is packaged as follows: 0x96, 0x04,0xn, 0xn, 0xn, 0xn Where: —The first field is always 0x96, identifying Suboption 150. —The second field is always, 0x04, specifying the length of the VLAN info.
  • Page 95 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters enabled disabled The default is for SSID 1 and for all others. Out-of-service /interface/wifi-<n>-<m>/set ssid <ssid-number> ap-oos-identifier <oos_string> Advertising /system/set ap-oos-broadcast-delay <oos_delay> /interface/wifi-<n>-<m>/set ap-oos-broadcast {enabled|disabled} [option {replace|prepend}] /system/show ap-oos-broadcast-delay These commands let you modify the SSIDs of a radio with an out-of-service string when a node loses its egress connection for longer than the period <oos_delay>...
  • Page 96 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters Filtering /interface/wifi-<n>-<m>/set ssid <ssid_index> group-address-filter {none | ipv4} Broadcast and This command filters all broadcast and multicast packets to and from a wireless Multicast Packets client except for ARP and DHCP packets, allowing you to reduce the amount of broadcast and multicast traffic in the network.
  • Page 97 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters including DHCP packets, originating from clients before sending those packets to the network. This means that the network should respond with unicast packets instead of broadcast packets. set ssid <ssid_index> dhcp-advanced command does not affect BOOTP packets arriving from the network.
  • Page 98 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters ARP to Unicast /interface/wifi-<n>-<m>/show arp-unicast-table [vlan <vlan_id> /interface/wifi-<n>-<m>/set ssid < > ssid_index Conversion arp-unicast-conversion {enabled|disabled} These commands control the conversion of upstream ARP packets to unicast packets. When enabled, this feature intercepts ARP requests from wireless clients and sends them only to known gateway MAC addresses.
  • Page 99 BelAir20E User Guide Configuring Wi-Fi Access Point Parameters This feature improves performance if there are only a few 802.11b clients present and they are not generating large amounts of traffic. If not, the 802.11b clients may generate substantial numbers of collisions and actually impair traffic. enabled The default setting is April 2, 2012...

  • Page 100: Wi-Fi Ap Security

    BelAir20E User Guide Wi-Fi AP Security Wi-Fi AP Security This chapter describes how you can set up security to encrypt your Wi-Fi transmissions so that your data cannot be deciphered if it is intercepted, and to prevent access to the network by unauthorized clients. The following topics are covered: •...
  • Page 101 • Advance Encryption Standard (AES). This is the strongest encryption scheme. BelAir Wi-Fi radios offer WEP, WPA, WPA2 and WPA2mixed privacy settings. With WPA2mixed, the wireless client can use WPA or WPA2, and the AP accepts them both. WPA, WPA2 and WPA2mixed privacy uses TKIP or AES encryption.
  • Page 102 BelAir20E User Guide Wi-Fi AP Security access-request Table 10 shows the attributes that are included in the messages sent to the RADIUS server when using RADIUS (EAP) authentication. Table 10: RADIUS Attributes Name ID Description RA_USERNAME Client identity /protocol/radius/set RA_NAS_IP_ADDRESS Node IP address configured with the server command.
  • Page 103 BelAir20E User Guide Wi-Fi AP Security Table 10: RADIUS Attributes (Continued) Name ID Description /interface/wifi-<n>-<m>/set RA_NAS_IDENTIFIER 32 Name configured with the ssid <ssid_index> radius command. See “RADIUS Accounting” on page 106. RA_ACCT_STATUS_TYPE 40 Always RA_ACCT_INPUT_OCTET 42 Integer counter RA_ACCT_OUTPUT_OCTET 43 Integer counter RA_ACCT_SESSION_ID 44 Unique number generated by system.
  • Page 104 BelAir20E User Guide Wi-Fi AP Security Table 10: RADIUS Attributes (Continued) Name ID Description CONNECT 11Mbps 802.11b RA_CONNECT_INFO 77 Always RA_EAP_MESSAGE 79 EAP packet RA_MESSAGE_AUTHENTICATOR 80 Authentication string from RADIUS server RA_INTERIM_INTERVAL 85 Not used Managing RADIUS /protocol/radius/show servers Servers /protocol/radius/ set server <server_idx>...
  • Page 105 BelAir20E User Guide Wi-Fi AP Security server, then an updated VLAN IP address is not automatically reflected NAS IP address into the parameter. timeout parameter ranges from 2 to 300. It specifies the interval (in seconds) after which the RADIUS client considers that the remote server has timed out if a reply is not received.
  • Page 106 RADIUS server instructs the BelAir20E to tag the authenticated packets to use the specified VLAN. This feature has no BelAir CLI commands. To activate this feature, you must provision the following attributes on your RADIUS server: •...
  • Page 107 BelAir20E User Guide Wi-Fi AP Security delimiter parameter specifies whether the RADIUS packets use a colon (:), a dash (-) or nothing as a delimiter when specifying a MAC address. append parameter specifies RADIUS station ID formatting. The default ssid called-station-ID calling-station-ID setting is...
  • Page 108 BelAir20E User Guide Wi-Fi AP Security WPA, WPA2 and WPA2mixed privacy uses TKIP or AES encryption. With WPA2mixed, the wireless client can use WPA or WPA2, and the AP accepts them both. parameter specifies using a pre-shared key for authentication. When specifying the pre-shared key, note the following: wep40 •...
  • Page 109 BelAir20E User Guide Wi-Fi AP Security Additional Considerations Make sure to set the AP SSID to something other than the default before wpa2 wpa2mixed enabling . The BelAir20E unit combines the password phrase with your SSID to create the key. Note: Some configuration commands take longer than others to be applied to a radio module.
  • Page 110 BelAir20E User Guide Wi-Fi AP Security enabled set acl setting for the command means that only the wireless clients on the ACL can access the network. All other clients are denied access. disabled setting means that all wireless clients can access the network. See also “AP Secure Port Mode”...
  • Page 111 BelAir20E User Guide Wi-Fi AP Security Automatic Discovery of Gateway MAC Addresses The following method automates MAC address provisioning: 1 Disable wireless bridging for each AP in your network. 2 Disable inter-AP wireless client communications: auto-secure gateway a Enable the feature for each of the APs in your network.
  • Page 112 BelAir20E User Guide Wi-Fi AP Security These commands add and remove a MAC address from the secure MAC white list. The MAC address can optionally be qualified with a mask and a traffic descriptor as follows: secure-mac-mask • The mask is specified with the option.
  • Page 113 Denial of Service Attacks • deauthentication DoS, where deauthentication packets are maliciously sent to the BelAir platform causing it to terminate wireless sessions The BelAir20E also automatically generates alarms when it detects the following conditions: • If the BelAir20E detects more than 600 DHCP requests within 30 seconds,...
  • Page 114 Deauthentication DoS /interface/wifi-<n>-<m>/set deauth dos defense {enabled|disabled} When a deauthentication packet arrives and this feature is enabled, the BelAir platform waits 5 to 10 seconds before it terminates the wireless session. If the wireless client sends another data packet during that interval, then the previous deauthentication packet is deemed false and ignored.

  • Page 115: Wi-Fi Backhaul Link Configuration

    BelAir20E User Guide Wi-Fi Backhaul Link Configuration Wi-Fi Backhaul Link Configuration This chapter describes how to display and configure Wi-Fi backhaul parameters, including: • “Displaying Backhaul Link Configuration” on page 115 • “Configuring Backhaul Link Identifier, Topology and Privacy” on page 116 •...
  • Page 116 32 alphanumeric characters: • For Point-to-Point (P-to-P) links, BelAir Networks recommends that the link identifier describes the link; that is, the nodes it connects. • For Point-to-Multipoint (P-to-MP) or Multipoint-to-Multipoint (MP-to-MP) links, the link identifier is also known as a mesh identifier.
  • Page 117 MP-to-MP 1 Set the parameter to (Full mesh topology with each BelAir radio having up to eight links) privacy setting determines whether AES privacy is used or not. The pre-shared key must be exactly 32 bytes long (16 characters). The...
  • Page 118 BelAir20E User Guide Wi-Fi Backhaul Link Configuration Managing This section describe additional commands to help you configure and manage an MP-to-MP mesh clusters, including: MP-to-MP Meshes • “Displaying the Mesh Topology” on page 118 • “Setting a Link RSSI Threshold” on page 119 •...
  • Page 119 BelAir20E User Guide Wi-Fi Backhaul Link Configuration In the previous output, link 1 goes to RadioC and link 2 goes to RadioA. RadioB is measuring a signal strength of -68 dBm from RadioC. As in example 1, RadioC has a MAC address of 00:0d:67:0b:55:17 and is physical interface wifi-3-1 on a node with IP address 180.1.5.120.
  • Page 120 RSSI values for it. Mesh Auto-connections BelAir MP-to-MP meshes have the ability to detect when their egress node loses the ability to route traffic out of the mesh. When such a situation exists, each radio that is part of the affected mesh begins trying to find an alternate way of routing its traffic out of the mesh.
  • Page 121 BelAir20E User Guide Wi-Fi Backhaul Link Configuration If there are several candidate meshes to connect to, then the link is made to the mesh that: • matches the longest possible mesh identifier string • has the better signal level • has the minimum hop count to the egress node Once a new link is established, the radio does not automatically revert back to the old mesh, even if the old mesh’s egress node regains its ability to route traffic outside of the mesh.
  • Page 122 If the egress point fails and egress protection is enabled, the BelAir20E uses a Wi-Fi backhaul link to connect to another BelAir node so that traffic can leave the BelAir wireless network through that node’s egress point. The BelAir20E selects the best node to use based on several factors including signal strength and the number of hops to the egress point.

  • Page 123: Mobile Backhaul Mesh

    BelAir20E User Guide Mobile Backhaul Mesh Mobile Backhaul Mesh This feature extends the BelAir Networks fixed wireless infrastructure onto high-speed vehicles such as trains, buses, police and fire vehicles, and ambulances. Refer to Figure Figure 6: Mobile Backhaul Links Connecting Vehicle Cameras to Roadside Network...
  • Page 124 BelAir20E User Guide Mobile Backhaul Mesh When the mobile subscriber station determines that a listening link has a better link quality than the current forwarding link, it changes the link state so that the listening link with the higher quality becomes forwarding. look ahead make before break These...
  • Page 125 BelAir20E User Guide Mobile Backhaul Mesh Configuring MIMO /interface/wifi-<n>-<m>/set mimo-mode {1x1|1x2|2x2|2x3|3x3} Operation for Mobile This command configures the Multiple-Input and Multiple-Output (MIMO) Applications antenna settings for mobility applications using 802.11n radios, such as those for the BelAir20M. In such applications. the 5.8 GHz radio must operate with a MIMO setting of 1x1 while the 2.4 GHz access radio must operate with a MIMO setting of 2x2.
  • Page 126 BelAir20E User Guide Mobile Backhaul Mesh As well, you must meet the requirements for the P-to-MP topology listed in Table 11 on page 117. privacy setting determines whether AES privacy is used or not. The pre-shared key must be exactly 32 bytes long (16 characters). The pre-shared key can be specified as a hexadecimal or ASCII string and must not contain the following characters: •...

  • Page 127: Mobile Backhaul Point-To-Point Links

    Mobile Backhaul Point-to-point Links Mobile Backhaul Point-to-point Links This feature extends the BelAir Networks fixed wireless infrastructure onto low-speed vehicles such as ships travelling near a sea port. A BelAir node with mobile backhaul point-to-point links provides redundant high-performance broadband connectivity.
  • Page 128 BelAir20E User Guide Mobile Backhaul Point-to-point Links mobile link identifiers and mobile channels are not used elsewhere in the network. If a neighboring stationary subscriber station uses a link identifier and channel similar to a mobile subscriber station, then it can interfere with the creation of links between the mobile backhaul units.
  • Page 129 BelAir20E User Guide Mobile Backhaul Point-to-point Links d Set release 7 compatibility to if this node is connecting to a shore unit running Release 7.1.0 software. /services/mobility# set release-7-compatibility no e Optionally set the RSSI threshold. minimum parameter specifies the minimum signal strength required to connect.
  • Page 130 BelAir20E User Guide Mobile Backhaul Point-to-point Links wifi-2-1 (MRMv1 4.4GHz 802.11n) scan list Mac Address RSSI(dBm) AVL-BS ENBL-BS NET-ID-MATCH MESH ID --------------- --------- ------ ------- ------------ ------- 00:0d:67:09:c4:79 91 mobilityTest current time: 01:06:30 last scan time: 21:01:38 wifi-3-1 (MRMv1 4.4GHz 802.11n) scan list Mac Address RSSI(dBm) AVL-BS ENBL-BS...
  • Page 131 BelAir20E User Guide Mobile Backhaul Point-to-point Links b Add links needed to support service /services/mobility# add interface wifi-3-1 scan-list release-7-compatibility RSSI thresholds Note: The parameters show available-infra and apply only to subscriber stations. The command applies only to subscriber stations. 4 Display the configuration and correct any settings as required.
  • Page 132 BelAir20E User Guide Mobile Backhaul Point-to-point Links Mobile Backhaul Commands are available to do the following tasks: Point-to-point • “Displaying Mobile Backhaul Point-to-point Configuration” on page 132 Commands • “Displaying Link Status” on page 132 • “Displaying Scan Results” on page 133 •...
  • Page 133 BelAir20E User Guide Mobile Backhaul Point-to-point Links Example /services/mobility# show link-state LINK ROLE INTERFACE RSSI MESH ID NODE IP NODE NAME --------- --------- ---- ------------------------------- --------------- ------------------- Primary wifi-3-1 148 -44 mobilityTest 10.1.1.13 ba100tBSmode Secondary wifi-2-1 151 -40 mobilityTest 10.1.1.209 BA200CEM209 Displaying Scan Results /services/mobility/show available-infra...
  • Page 134 BelAir20E User Guide Mobile Backhaul Point-to-point Links Managing the Scan List /services/mobility/add scan-list <1-8> <chan_nums> /services/mobility/add scan-list <1-8> <chan_nums> /services/mobility/show scan-list {<1-8>|all} These commands let you manage the contents of up to eight scan lists. Example /services/mobility# show scan-list 2 Scan list [2] channels: Scan list [2] used by: wifi-2-1 (5GHz 802.11a)
  • Page 135 BelAir20E User Guide Mobile Backhaul Point-to-point Links Primary Link Drop /services/mobility/set p2p-mobile drop-primary-at-min-rssi {true|false} Once a link has been established based on the RSSI threshold parameters, the BelAir20E can maintain the link, even if the signal strength drops below the minimum threshold setting.
  • Page 136 [privacy {{enabled key <random_str>}|disabled}] [allow-multi-links {yes|no}]) Normally, BelAir units create a wireless mesh between themselves using multiple radio channels to avoid radio interference. However, in some mobile applications, in may be desirable to have all radios use a single channel. Such an application requires that all radios use directional antennas and are correctly positioned to avoid radio interference.
  • Page 137 BelAir20E User Guide Mobile Backhaul Point-to-point Links When a single channel mesh is created, the resulting links are simple point-to-point backhaul links, as described in “Wi-Fi Backhaul Link Configuration” on page 115. Typical mobile backhaul point-to-point notions, such as scan-lists, RSSI thresholds, and primary and secondary links, do not apply to them.

  • Page 138: Operating In High Capacity And Interference Environments

    BelAir20E User Guide Operating in High Capacity and Interference Environments Operating in High Capacity and Interference Environments High Capacity and Interference (HCI) environments usually have the following characteristics: • high number of wireless clients in a relatively small geographic area •...
  • Page 139 VLANs can obtain preferential access to the airwaves at the expense of other traffic which is forced to wait. The usefulness of this feature is limited if the overlap of the BelAir APs is significant. It is most effective when overlap is small and the interference comes from third-party APs.
  • Page 140 BelAir20E User Guide Operating in High Capacity and Interference Environments Traffic Priority A Wi-Fi AP sorts traffic according to priority and transmits it by priority in order of arrival. Different QOS schedulers (EDCA, LSPQ, SPQ) result in Based on different performance for the various priorities. Modulation Rate This feature applies a priority based on modulation rate on top of the QOS priority.
  • Page 141 BelAir20E User Guide Operating in High Capacity and Interference Environments Access Receive BelAir radios provide extensive statistics for insight into network behavior and to guide network optimization. and Transmit Error Statistics The relevant commands are: with SNMP • /interface/wifi-<n>-<m>/show statistics Support •...
  • Page 142 Records associations to be missed by the polling cycle of the NMS. To increase the measurability of the network, BelAir nodes maintain a circular buffer containing information, such as client MAC and IP address, RSSI, and connection duration, about current and recently associated clients. These client records can be used to assist the NMS.
  • Page 143 “Controlling Inter-client Communication” on page 110, Client Load BelAir nodes allow you to configure the maximum number of associated clients per radio. If the number of associated clients exceeds the configured value, new Balancing clients are not allowed to connect.
  • Page 144 [mac <mac-address>] Guide Automatic Mesh This feature allows BelAir APs to automatically reconnect to a network if they lose their egress connection. A cluster of meshed nodes may lose their egress Connect connection if the ethernet connection to the exterior network fails or if a node fails.

  • Page 145: Dhcp Relay Settings

    Profiles offer an easy way of configuring different DHCP servers for each subnet interface. Your BelAir20E can also add BelAir Networks specific information to the DHCP packets sent to the wireless client. Finally, you can create a list of valid IP address subnets to filter out unwanted directed and broadcast DHCP packets from your wireless network.
  • Page 146 BelAir20E User Guide DHCP Relay Settings show config relay all • Use to display information for all DHCP Relay profiles only. show config relay <relay-idx> • Use to display information on the specified DHCP Relay profile. show config dhcp-allowed-subnet all •...
  • Page 147 BelAir20E User Guide DHCP Relay Settings Interface /protocol/dhcp/set relay <relay-idx> admin-state {enabled|disabled} Administrative This command allows you to activate individual DHCP relay profiles. When State enabled, the Relay Agent forwards the packets from the client to the DHCP servers specified in the profile. Assigning SSID /interface/wifi-<n>-<m>/set ssid <ssid_index>...
  • Page 148 BelAir20E User Guide DHCP Relay Settings When a Wi-Fi client sends DHCP Request packets and the requested IP addresses are not within the allowed subnet entries for the SSID, the BelAir AP intercepts the Request and sends a DHCP NAK response. /interface/wifi-<n>-<m>/del...

  • Page 149: Network Address Translation

    BelAir20E User Guide Network Address Translation Network Address Translation Network Address Translation (NAT) allows the BelAir20E to modify network address information in packet headers to remap a given address space into another. This technique can hide several private network IP addresses behind a single IP address in another public address space.
  • Page 150 BelAir20E User Guide Network Address Translation Displaying the /protocol/nat/show status Operational This command displays NAT operational status and settings. Status Example /protocol/nat# show status NAT admin state is DISABLED, oper state is NOT RUNNING Egress interface - eth-1-1 Dns1: undefined Dns2: undefined DHCP scopes: Status...
  • Page 151 BelAir20E User Guide Network Address Translation Example /protocol/nat# show leases history IP address MAC address Lease & State =============== ================= ================================== 192.168.5.254 00:0d:67:10:e8:1a starts 2 2009/08/04 12:04:24 - State active 192.168.5.254 00:0d:67:10:e8:1a starts 2 2009/08/04 12:34:24 - State active Configuring /protocol/nat/set scope <index (1-8)>...
  • Page 152 NAT Cluster In a NAT cluster, one BelAir20E serves as an egress point to several other BelAir nodes. The egress BelAir20E uses NAT to provide IP addresses to the BelAir nodes that are cluster members. In such a configuration, the cluster members are normally hidden from network management behind the egress BelAir20E.
  • Page 153 BelAir20E User Guide Network Address Translation addressed to a particular application (for example, Telnet, web, or SNMP) on particular node within the cluster, it can specify: • the IP address of the egress node as the destination address • the port as defined for the application in question for the egress node as the destination port The egress node can then use the port forwarding table to translate the destination port to the correct port and IP address for the intended target...

  • Page 154: Universal Access Method

    Universal Access Method Universal Access Method The Universal Access Method (UAM) is key element of BelAir’s Policy Enforcement Point (PEP) module. UAM is a simple authentication method where a user needs only a Web browser. When a user requests a URL, the request is checked against a series of white lists containing hosts, MAC addresses and protocols.
  • Page 155 BelAir20E User Guide Universal Access Method Table 12: Attributes for UAM Client Access Policy Enforcement (Continued) RADIUS Attribute Value used if unspecified by RADIUS Maximum upstream client traffic Unlimited Termination time Unlimited As well, UAM can also provide accounting information, again depending on correct provisioning of the RADIUS server.
  • Page 156 BelAir20E User Guide Universal Access Method Displaying the /services/uam/show config [scope <index (1-8)>] Current This command displays the current UAM configuration. Specifying a scope Configuration displays just that scope. Note: This command displays only the host, mac and protocol white list entries that you control through the commands.
  • Page 157 BelAir20E User Guide Universal Access Method Scope 2 Status: ---------------------- admin state: ....Enabled mac authentication state:..Enabled accounting state:....Enabled authentication web server ip:..secure2.worldspot.net resolved IP addresses: 69.64.50.37 authentication shared secret:..Mm94XVjzug splash web server ip:.... resolved IP addresses: radius servers:....
  • Page 158 BelAir20E User Guide Universal Access Method Client-Session: ---------------------- ip address: ....10.100.1.210 Mac address: ....00:1E:E5:DE:DD:C5 Scope: ......1 Vlan: ......untag Authenticated: ....yes User Name: ..... BAunlim Redirect url: ....User url: ...... http://fxfeeds.mozilla.com/ en-US/firefox/headlines.xml Bandwidth MaxUp: ....0 Bandwidth MaxDown: .....
  • Page 159 BelAir20E User Guide Universal Access Method splash-url auth-url Both the and the (if specified) are automatically tracked internally as UAM host white list entries. uam-interface parameter is used for communications between the wireless client and BelAir20E. You can set the uam-interface to be the BelAir20E’s system IP address, or a particular VLAN interface.
  • Page 160 BelAir20E User Guide Universal Access Method Host entries can contain URLs or IP addresses. The host white list and the MAC address white list can have up to 10 entries. The protocol white list can ICMP be empty or contain only.
  • Page 161 BelAir20E User Guide Universal Access Method success-redir parameter allows you to control the behavior of the AP if the RADIUS server authenticates the user and responds with a Redirection-URL as part of the WISPr Vendor Specific Attribute: success-redir • If is enabled and the RADIUS server provides a Redirection-URL, the client is redirected to the URL the first time it associates to the AP.
  • Page 162 WAN Mode [web-server-key <key-str>] UAM WAN mode is for special applications that use alternate communications between the BelAir20E, the Web server and the RADIUS authentication server. For additional details, contact your BelAir representative. Changing UAM /services/uam/set scope <index (1-8)> admin-state {enabled|disabled}...

  • Page 163: Using Layer 2 Tunnels

    Figure 7 shows how wireless mobility is implemented with L2TP. When a wireless client transmits an 802.11 frame, the BelAir AP converts it to an Ethernet frame with VLAN information, encapsulates it within an IP packet and then sends the packet to a Tunnel End Point (TEP). The TEP is usually part of a network central router.
  • Page 164 TEPs. The end points of a Layer 2 tunnel are identified by their IP addresses. The IP address of the BelAir tunnel end point can be the IP address of the unit’s management interface, or any IP address associated with a VLAN.
  • Page 165 BelAir20E User Guide Using Layer 2 Tunnels • “Configuring Tunnel Advanced Parameters” on page 168 • “Enabling Backhaul Protection for Tunnels” on page 169 • “Bandwidth Limits” on page 169 • “Configuring Tunnels for the RedBack SmartEdge Router” on page 170 •...
  • Page 166 BelAir20E User Guide Using Layer 2 Tunnels Example 2 /protocol/te-syst# show status Upstream Downstream Upstream Downstream N Active Uptime Packets Packets Bytes Bytes Fragmented Reassembled == ======= ============= ========== ========== ========== ========== ========== =========== 1 Primary 0d 01:02:24 1023 229497 Brdcst Mltcst Up_Exc/Dn_Inv...
  • Page 167 Once the BelAir unit starts to use a tunnel to a backup router: switch non-revertive • If...
  • Page 168 BelAir20E User Guide Using Layer 2 Tunnels Configuring Tunnel /protocol/te-<eng>/set tunnel <index> advanced [l2tp-hello-interval <seconds>] Advanced Parameters [l2tp-hello-retrans <number>] [l2tp-hello-timeout <seconds>] [ppp-echo-interval <seconds>] [ppp-echo-retrans <number>] [dscp-control <hex value>] set tunnel advanced command lets you specify for particular tunnel timers and other parameters associated with the L2TP protocol. The <index>...
  • Page 169 BelAir20E User Guide Using Layer 2 Tunnels If you specify a DSCP value, then it appears in the DSCP/TOS bits of any L2TP or PPP control packets. Enabling Backhaul /protocol/te-<eng>/set protection-backhaul {enabled|disabled} Protection for Tunnels [egress <interface>] Use this command to inform the tunnel engine that the node uses egress protection as described in “Egress Protection”...
  • Page 170 Use these parameters to manually configure a test environment or small deployments. switch parameter controls whether the use of a backup router is revertive or not. Once the BelAir unit starts to use a tunnel to a backup router: switch non-revertive • If...
  • Page 171 , then the BelAir unit uses the tunnel to the backup router only while the main tunnel is unavailable. The BelAir unit switches back to the tunnel using the main router as soon as it becomes available again.
  • Page 172 GRE tunnels to the specific destination. GRE tunnels may co-exist with regular L2TP tunnels and L2VPN tunnels on the same BelAir unit. The parameter specifies the IP address of the head end tunnel endpoint. It is usually the IP address of the router terminating GRE tunnels.
  • Page 173 IP address. In this implementation, the network tracks the movements of the mobile client and initiates the required mobility signalling on its behalf. In PMIP mode, the BelAir AP acts as MIP Foreign Agent. set tunnel-pmip ha-ip...
  • Page 174 BelAir20E User Guide Using Layer 2 Tunnels set tunnel-pmip advanced • The DNS IP address(es) are determined by the command. set tunnel-pmip advanced dns1 Use the command to define the DNS server IP addresses to be provided to the client by the AP through DHCP in case the AP dns2 can not obtain corresponding settings from the HA.
  • Page 175 {none|up-bits|dscp) Settings Because the BelAir AP converts the client data packet into an Ethernet frame and then encapsulates it within an IP packet, any QOS information that was part of the original client data packet is not visible to upstream equipment.
  • Page 176 BelAir20E User Guide Using Layer 2 Tunnels Excess Tunnel Down Events instead a single alarm and stops generating Tunnel Down Tunnel Down additional alarms. The events are still tracked through the tunnel’s performance monitoring statistics, allowing you to analyze the behavior. <num_of_alarms>...

  • Page 177: Quality Of Service Settings

    • client to access point radio communications. See “Radio QoS” on page 180. System QoS BelAir nodes work in conjunction with one another to allow you to separate and prioritize traffic. Each BelAir20E node can inspect incoming traffic and prioritize traffic into four priority queues. Prioritization Each BelAir node supports four traffic priority queues, numbered 0 to 3.
  • Page 178 The prioritization commands ( described in this chapter apply strictly to the BelAir node that you are currently logged on to. You must repeat them on each related BelAir node. For example, when specifying that particular VLAN traffic has a particular priority, you must execute the associated commands on each possible BelAir node in the path of that VLAN.
  • Page 179 BelAir20E User Guide Quality of Service Settings queue_id 2814. The parameter ranges from 0 to 3, as described in Table 13 on none page 177. The parameter removes the mapping of a VLAN ID to priority queue. Note: Settings made with this command have precedence over settings made set up-to-queue-mapping with the command.
  • Page 180 Some WMM features, such as selecting the priority scheme and the mapping scheme, are also available for BelAir backhaul radios to provide end-to-end QoS functionality. /interface/wifi-<n>-<m>/show config qos Displaying a Summary of...
  • Page 181 DSCP subfield value. Selecting means that traffic is sent to the four BelAir priority queues based on the highest priority value of either the UP field or the DSCP subfield. By default, QoS mapping is set...
  • Page 182 BelAir20E User Guide Quality of Service Settings Table 15: UP and DSCP Value to Priority Queue Processing UP Value DSCP Value Target Priority Queue 192 (0xC0) 224 (0xE0) Unscheduled Automatic /interface/wifi-<n>-<m>/set qos uapsd {enable|disable} Power-save Delivery Unscheduled Automatic Power-save Delivery (UAPSD) extends the battery life of wireless clients and reduces radio transmission traffic.

  • Page 183: Layer 2 Network Configuration

    BelAir20E User Guide Layer 2 Network Configuration Layer 2 Network Configuration The BelAir20E acts as a transparent bridge and layer 2 switch without the need to configure any software features. However, to control and manage the traffic inherent in a bridge (for example, broadcast and flooding) and to handle loop situations where multiple paths exist between nodes, you can invoke layer 2 features such as: •...
  • Page 184 However, clients are allowed to operate as router to allow features such as sharing a wireless Internet connection. For this type of operation, BelAir Networks recommends that the computer with the wireless connection to the BelAir20E have its operating system configured to act as a router.
  • Page 185 BelAir20E User Guide Layer 2 Network Configuration topology. BelAir recommends that the root node is the Ethernet switch that is used to connect to the LIM(s). Refer to your network plan for details. Use the command described in “RSTP Priority” on page 192 “RSTP...
  • Page 186 Hello link is down timer Note: BelAir Networks recommends that you do not change the RSTP parameter values in Table 16 from their default values. Experience has shown that these default values work well in a variety of networks.
  • Page 187 BelAir20E User Guide Layer 2 Network Configuration port Specifying the keyword displays RSTP configuration settings for each <interface-name> physical interface and radio link. Use the parameter to Name specify a particular interface and radio link, as shown under the column of /protocol/rstp/show config port all command.
  • Page 188 BelAir20E User Guide Layer 2 Network Configuration wifi-3-1-6 2000000 False False/False True/False RSTP Enabled 3000000 wifi-3-1-7 2000000 False False/False True/False RSTP Enabled 3000000 wifi-3-1-8 2000000 False False/False True/False RSTP Enabled 3000000 wifi-4-1-1 2000000 False False/False True/True RSTP Enabled 2000000 wifi-4-1-2 2000000 False False/False...
  • Page 189 BelAir20E User Guide Layer 2 Network Configuration port Root Cost In the resulting output when the keyword is omitted, reflects the node's cost to root that it would advertise in its BPDUs sent out to designated or alternate ports. port Specifying the keyword displays per port RSTP topology information for <interface-name>...
  • Page 190 BelAir20E User Guide Layer 2 Network Configuration wifi-2-1-5 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00 wifi-2-1-6 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00 wifi-2-1-7 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00 wifi-2-1-8 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00 wifi-3-1-1 60:00:00:23:34:b0:3e:80 200000 90:00:00:0d:67:00:69:5e 80:11 wifi-3-1-2 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00 wifi-3-1-3 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00 wifi-3-1-4 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00 00:00 wifi-3-1-5 00:00:00:00:00:00:00:00 00:00:00:00:00:00:00:00...
  • Page 191 BelAir20E User Guide Layer 2 Network Configuration Displaying RSTP Port /protocol/rstp/show port roles [all] Roles and States This command displays the roles and states of the RSTP ports. Specifying the option displays all possible links for a specific interface. If the option is omitted, then the command outputs data only for links with a status of Example 1...
  • Page 192 BelAir20E User Guide Layer 2 Network Configuration wifi-3-1-2 10.5.1.14 Designated Forwarding Enabled wifi-3-1-3 Disabled Discarding Enabled Down wifi-3-1-4 Disabled Discarding Enabled Down wifi-3-1-5 Disabled Discarding Enabled Down wifi-3-1-6 Disabled Discarding Enabled Down wifi-3-1-7 Disabled Discarding Enabled Down wifi-3-1-8 Disabled Discarding Enabled Down wifi-4-1-1...
  • Page 193 BelAir20E User Guide Layer 2 Network Configuration Note: BelAir Networks recommends that you do not change the RSTP parameter values from their default values. Experience has shown that the default values work well in a variety of networks. Example /protocol/rstp# set tx-holdcount 5 Max Age, Hello Time /protocol/rstp/set ([max-age <6 - 40>] [hello-time <1 - 10>]...
  • Page 194 BelAir20E User Guide Layer 2 Network Configuration RSTP Static Path Cost /protocol/rstp/set interface <interface-name> defaultcost <1 - 200000000> pathcost This command sets the static path cost in the field. This command is available only if dynamic path costs are disabled. Refer to “Dynamic Path Cost”...
  • Page 195 BelAir20E User Guide Layer 2 Network Configuration very different from the current link cost, then the topology is changed. However, if the new link cost is only slightly different from the current link cost, then the current topology is maintained. As further protection against transient behaviour, the RSTP verifies that the new link cost is maintained for 30 minutes before it implements any potential topology changes.
  • Page 196 RSTP point-to-point communications is special case where the interface can communicate with only one other RSTP enabled device, such as when only two BelAir nodes are connected through a simple switch. RSTP uses RSTP point-to-point status to optimize performance during topology changes.

  • Page 197: Performing A Software Upgrade

    The upgrade process in this document contains guidelines to help you verify a unit. For instructions on how to downgrade a unit, contact BelAir Networks. Upgrade Process root...
  • Page 198 BelAir20E User Guide Performing a Software Upgrade Figure 8: Active and Standby Software Loads BelAir Unit Active Software Load Pointer to software load for next restart Active Standby Software Load Software Load Under normal operating conditions, the contents of the two software load banks are identical.
  • Page 199 However, while the existing configuration data is saved (upgraded) during a software upgrade, the existing configuration data could be lost (erased) during a software downgrade. BelAir Networks recommends that you save and remotely store the current existing configuration database in case you choose to downgrade a software load.
  • Page 200 Figure 9: Software Upgrade Step 3 - Downloading the New Software Load BelAir Unit Active Software Load...
  • Page 201 This command forces the unit to execute with the new load and completes the activation process. When upgrading several nodes in a network, BelAir recommends that you reboot the most remote node first and progress towards the near-end, node-by-node. For star topologies, reboot the subscriber station nodes before rebooting the associated base station node.
  • Page 202 BelAir20E User Guide Performing a Software Upgrade Verifying the New BelAir Networks recommends that you fully verify the configuration and operation of an upgraded unit before you commit the new load. Use the Software Load following steps as guidelines. 1 Fully verify the unit’s configuration and operation.
  • Page 203 See a Software Figure 11 on page 203. Upgrade Figure 11: Backing Out from an Uncommitted Software Upgrade BelAir Unit Active Software Load Pointer to software load for next restart Activate old...

  • Page 204: Software Upgrade

    BelAir20E User Guide Performing a Software Upgrade If you have just upgraded the software, you must set the unit to reboot with the currently standby load. For example, if the old software load is in bank A, as shown in Figure 11, and the new software load is in bank B, then you must activate bank A with the following command:...

  • Page 205: For More Information

    For More Information For More Information BelAir Networks documentation is modular and organized to be of best use to you during the logical process of setting up a network of BelAir devices. Use the documents as outlined in the following sections.

  • Page 206: Troubleshooting Guide

    BelAir20E User Guide For More Information • upgrading the unit • saving and restoring the configuration Troubleshooting Use this document when you are: Guide • troubleshooting and in need of technical support • looking up system configuration details: —Alarms and events —System logs —Statistics April 2, 2012...

  • Page 207: Technical Support

    2 If the troubleshooting guide does not cover your situation, contact your BelAir Networks product representative 3 If you still need assistance, use the BelAir Networks online support center at http://support.belairnetworks.com 4 Finally, if your issue is not resolved, contact BelAir Networks: —613-254-7070, option 2...

  • Page 208: Definitions And Acronyms

    BelAir20E User Guide Definitions and Acronyms Definitions and Acronyms Access Control List Advanced Encryption System Access Point. A wireless LAN data transceiver that uses radio waves to provide connectivity services to a network Beacon A protocol packet that signals the availability and presence of a wireless device Bridge identifier used in spanning-tree calculations BPDU Bridge protocol data unit.
  • Page 209 BelAir20E User Guide Definitions and Acronyms Organizationally Unique Identifier (first 3 bytes of a MAC address) PVID Port VLAN identifier Protocol Data Unit Quality of Service RADIUS Remote Authentication Dial-In User Service. An Internet protocol (RFC 2138) for carrying dial-in users' authentication information and configuration information between a shared, centralized authentication server (the RADIUS server) and a network access server (the RADIUS client) that needs to authenticate the users of its network access ports...

  • Page 210: Appendix A: Node Configuration Sheets

    BelAir20E User Guide Node Configuration Sheets Appendix A: Node Configuration Sheets You can use this sample worksheet to document the basic configuration of a BelAir20E unit. Store your worksheets in a secure location because they contain sensitive information (super-user password and privacy keys). Unit part number (located on the sticker on to the unit):__________________________ Unit serial number (located on the sticker on to the unit):__________________________ Super-user password: ____________________________...
  • Page 211 BelAir20E User Guide Node Configuration Sheets Wi-FI Access Point (AP) Settings (if configured) Interface: wifi-___-___ Channel: ________ Table 17: AP Privacy Setting Table (Optional) SSID (1 to 8) Encryption and Authentication __________________ Y or N wep40 RADIUS or 5-byte pre-shared key: _______________________________________________ wep104 RADIUS or 13-byte pre-shared key: ______________________________________________ encryption (TKIP or AES):____________________...
  • Page 212 BelAir20E User Guide Node Configuration Sheets Wi-Fi Backhaul Setting (if configured) Interface: wifi-___-___ Channel: ________ Link ID: _____________________ AES Privacy (Y or N):__________ Key (16 characters):_____________________________________ Topology (P-to-P, MP-to-MP mesh, P-to-MP star): ________________________________ P-to-MP star role (base-station or subscriber-station): ____________________________ P-to-MP star link index: ____________________________ April 2, 2012 Confidential...

  • Page 213: Appendix B: Mesh Auto-Connection Example

    BelAir20E User Guide Mesh Auto-connection Example Appendix B: Mesh Auto-connection Example This example uses two meshes of BelAir20 nodes to show how mesh auto-connection operates. Setup and Initial Figure Conditions Figure 12: Auto-connection Initial Conditions Mesh B Mesh A Node122 Node123 BelAir20 BelAir20...
  • Page 214 BelAir20E User Guide Mesh Auto-connection Example • The egress node of each mesh must have its system egress point set to yes direct yes indirect either . See “Setting the Network Egress Point” on page 54 for details. The following series of CLI commands show this for both meshes. Node122 (Child Node of Mesh A) Display the backhaul configuration.
  • Page 215 BelAir20E User Guide Mesh Auto-connection Example Enable auto-connection and verify it. /services/auto-conn# set admin enabled /services/auto-conn# show config admin state: ....Enabled /services/auto-conn# show status Oper State Ether Link State Egress Reachable Use Alternate Mesh ----------- ---------- ---------------- ---------------- down Node120 (Egress Node of Mesh A) Display the mesh topology.
  • Page 216 BelAir20E User Guide Mesh Auto-connection Example Common: privacy: ....Disabled mesh-min-rssi..... -100 (dbm) Stationary Backhaul: link admin state: ..Enabled link id: ....B20MeshB topology: ....mesh Mobile Backhaul: mobile admin state: ..Disabled mobile link id: ..mobile link role: ..ss Protection Backhaul: protection admin state: ..
  • Page 217 BelAir20E User Guide Mesh Auto-connection Example Identify Node121 as an egress node. /system# set system-egress-point yes direct /system# show system-egress-point egress point:....direct Enable auto-connection and verify it. /services/auto-conn# set admin enable /services/auto-conn# show config admin state: ....Enabled /services/auto-conn# sh status Oper State Ether Link State Egress Reachable...
  • Page 218 BelAir20E User Guide Mesh Auto-connection Example Figure 13: Auto-connection and Fault Conditions Mesh B Mesh A Node122 Node123 BelAir20 BelAir20 Child Child BA20MeshA BA20MeshB Link ID Link ID Node120 Node121 BelAir20 BelAir20 Egress Egress Ethernet Ethernet Egress Egress Connection Connection Node120 (Egress Node of Mesh A) Display the mesh topology.
  • Page 219 BelAir20E User Guide Mesh Auto-connection Example Display the auto-connect topology. It shows that the Mesh A egress node still operates normally. /services/auto-conn# show status Oper State Ether Link State Egress Reachable Use Alternate Mesh ----------- ---------- ---------------- ---------------- Node122 (Child Node of Mesh A) Display the mesh topology.
  • Page 220 BelAir20E User Guide Mesh Auto-connection Example mobile admin state: ..Disabled mobile link id: ..mobile link role: ..ss Protection Backhaul: protection admin state: .. Disabled Blacklist: No blacklist entries Link Failure Detection: ..Disabled Backhaul T1 Bandwidth limit:.. Disabled Display the mesh topology.
  • Page 221 BelAir20E User Guide Mesh Auto-connection Example Node121 (Egress Node of Mesh B) Display the auto-connect topology after the Ethernet connection is re-established. /services/auto-conn# show status Oper State Ether Link State Egress Reachable Use Alternate Mesh ----------- ---------- ---------------- ---------------- Display the node’s links to neighboring mesh, even after the Ethernet connection is re-established.
  • Page 222 BelAir20E User Guide Mesh Auto-connection Example Figure 14: Auto-connection after Recovery before Revert Mesh B Mesh A Node122 Node123 BelAir20 BelAir20 Child Child BA20MeshA BA20MeshB Link ID Link ID Node120 Node121 BelAir20 BelAir20 Egress Egress Ethernet Ethernet Egress Egress Connection Connection Display the mesh topology after the Ethernet connection is re-established on Node121 and after the auto-connection revert command is given.

  • Page 223: Appendix C: Scripting Guidelines

    “Overview” on page 223 • “Creating a BelAirOS Script” on page 223 • “Manually Transferring Files to and from a BelAir Node” on page 224 • “Managing and Manually Running Script Files” on page 225 Overview In general, a script is a series of programming language statements to allow control of one or more software applications or devices.
  • Page 224 Files” on page 225 as required. The process of downloading and running a script file on startup can be automated. For details, see the “Auto-configuration” chapter of the BelAir platform User Guide. Manually Transferring Use the following CLI commands to manually transfer files, such as script files,...
  • Page 225 112233445566 and the default password is 112233445566@148.16.4.123. CAUTION! Do not use these commands to perform a software upgrade on a BelAir node. Use the upgrade load command instead. Refer to “Performing a Software Upgrade” on page 197 for full details on performing software upgrades.
  • Page 226 Physical Interface Table 18 summarizes the declarations required in your script file to specify a Declaration Summary physical interface. Table 18: BelAir Script Declaration Summary Script Declaration Description Used to define a physical interface to which the int[-<asbly>]-<iftype>[-<desc>]-<instance> following CLI commands apply to.
  • Page 227 If provided, it must match at least part of the text in the Assembly code /system/show phyinv field output by the command. <asbly> BelAir must start with . See also “Common BelAirOS Platform Assembly Codes” on page 233.
  • Page 228 BelAir20E User Guide Scripting Guidelines show phyinv Physical Interface Script The following output of the command shows the configuration of Example - Setup the BelAir100T where the script will run: /system# show phyinv System Name: BelAir100T Type Class Serial number Assembly code BA order code BelAir100...
  • Page 229 BelAir20E User Guide Scripting Guidelines show config int-stop int-BELAIR100-wifi-1 show config int-stop Physical Interface Script The following shows the output generated by the script: Example - Output Unknown interface ---> int-wifi-2.4GHz-1, skipping Interface stop Interface int-wifi-4.9GHz-1 ---> /interface/wifi-1-1/ start /# /interface/wifi-1-1/set channel 10 /# /interface/wifi-1-1/set admin-state disabled /# /interface/wifi-1-1/show config Slot: 1, Card Type: lpm, revision: 2, Port: 1, Radio: LPMv2 4.9GHz 802.11a...
  • Page 230 BelAir20E User Guide Scripting Guidelines /# /interface/wifi-3-1/show config Slot: 3, Card Type: brm, revision: 3, Port: 1, Radio: BRMv3 5GHz 802.11a admin state: ....Enabled channel: ..... 148 tx power: ....20.0 (dBm) tx-power-optimize: ..Disabled antenna gain: ....10.5 (dBi) link distance: ....
  • Page 231 BelAir20E User Guide Scripting Guidelines Including a Some BelAir node functions, such as Network Address Translation (NAT), require that you reboot the node after you configure them. If your script must Reboot reboot include a command, then your script must contain the declarations...
  • Page 232 BelAir20E User Guide Scripting Guidelines The declarations are: check-db-change-start • . This declaration verifies and records whether the following commands change the node’s settings. It ignores commands that change a setting to be the current setting. For example, if a physical et admin-state enabled interface’s administrative state is enabled, the s command for that physical interface is ignored.
  • Page 233 This section lists the most common BelAirOS platform assembly codes that can be used when specifying a physical interface in a script. Additional assembly BelAirOS codes are possible. For details, contact your BelAir Networks representative. Platform Table 20: Common BelAirOS Platform Assembly Codes...
  • Page 234 BelAir20E User Guide Scripting Guidelines Table 20: Common BelAirOS Platform Assembly Codes (Continued) Platform Assembly Code BelAir100-10 BELAIR100_10 BelAir100-11 BELAIR100_11 BelAir100M-10 BELAIR100M_10 BelAir100M-11 BELAIR100M_11 BelAir100T-12 BELAIR100T_12 BelAir100T-21 BELAIR100T_21 BelAir100T-12R BELAIR100T_12R BelAir100T-21R BELAIR100T_21R BelAir100S-10 BELAIR100S_10 BelAir100S-11 BELAIR100S_11 BelAir100N-10 BA100N-10 BelAir100N-11 BA100N-11 BelAir100N-10R BA100N-10R BelAir100N-11R...
  • Page 235 This section lists the most common card descriptions for radios so you can specify a physical interface in a script. Additional card descriptions are possible. Card For details contact your BelAir Networks representative. Descriptions Table 21: Common BelAirOS Radio Card Descriptions...
  • Page 236 Sample Universal The following script can be used to auto-configure at startup multiple types of BelAir platforms, such as the BelAir20, where each type of platform can have Auto-configuratio different types of radios such as 5-GHz 802.11a radios, 2.4-GHz 802.11g radios n Script and 2.4-GHz 802.11n radios.
  • Page 237 BelAir20E User Guide Scripting Guidelines /protocol/sntp/set timeoffset -5 /protocol/sntp/set status enabled #int-cm-1 #/card/cm-9/set attenuation downstream mode auto #/card/cm-9/set attenuation upstream mode auto #int-stop int-wifi-5Ghz-1 set qos wmm enabled set qos mapping both set rts-cts 2347 set backhaul admin-state disabled set admin-state enabled int-stop int-wifi-5Ghz 802.11n-1 set tx-power 17...
  • Page 238 BelAir20E User Guide Scripting Guidelines set admin-state enabled int-stop int-wifi-2.4Ghz-1 set qos wmm enabled set qos mapping both set rts-cts 2347 set ssid 2 service-set-identifier dummy broadcast vlan none set ssid 1 service-set-identifier superwifi broadcast vlan 201 set ssid 1 wireless-bridge disabled set ssid 1 privacy none set ssid 1 group-address-filter ipv4 set ssid 1 secure-port disabled...
  • Page 239 BelAir20E User Guide Scripting Guidelines /interface/eth-1-1/add vlan untagged /protocol/te-syst/map vlan 200 to 1 /protocol/te-syst/map vlan 201 to 1 /protocol/te-syst/map vlan 245 to 1 /protocol/te-syst/limit tunnel 1 bandwidth transmit 1500000 receive 1500000 /protocol/te-syst/set tunnel 1 bandwidth-limit upstream 1500000 downstream 1500000 config-save April 2, 2012 Confidential Page 239 of 255...

  • Page 240: Appendix D: Belair20E Factory Defaults

    BelAir20E User Guide BelAir20E Factory Defaults Appendix D: BelAir20E Factory Defaults You can reset the configuration of a BelAir20E to the factory default settings by using a CLI command or by pressing the unit’s reset button. Typically, you would reset to factory defaults only when all other methods of changing the unit’s configuration have failed.
  • Page 241 BelAir20E User Guide BelAir20E Factory Defaults To reset the BelAir20E configuration to factory defaults, do the following steps: 1 Access the BelAir20E rear panel. You may need to detach it from its mounting bracket. 2 With a pen tip or paperclip, gently press the unit’s reset button for more than 5 seconds.

  • Page 242: Detailed Table Of Contents

    BelAir20E User Guide Detailed Table of Contents Detailed Table of Contents About This Document ........3 Typographical Conventions .
  • Page 243 BelAir20E User Guide Detailed Table of Contents Locking the Console Display ......23 Displaying the Current Software Version ....23 Displaying the Current Date and Time .
  • Page 244 BelAir20E User Guide Detailed Table of Contents Saving an SSL Configuration ......33 User and Session Administration ......35 User Privilege Levels .
  • Page 245 BelAir20E User Guide Detailed Table of Contents Setting the Network Egress Point ......54 Limiting Broadcast Packets .
  • Page 246 BelAir20E User Guide Detailed Table of Contents Wi-Fi Radio Configuration Overview ..... 71 Available Wi-Fi Radios ........71 Configuration Process .
  • Page 247 BelAir20E User Guide Detailed Table of Contents Upstream User Priority Marking ..... . .92 Setting Traffic Limits ....... . .93 Providing Vendor Specific Information .
  • Page 248 BelAir20E User Guide Detailed Table of Contents Wi-Fi Backhaul Link Configuration ..... . 115 Displaying Backhaul Link Configuration ..... . .115 Configuring Backhaul Link Identifier, Topology and Privacy .
  • Page 249 BelAir20E User Guide Detailed Table of Contents Release 7 Compatibility ......136 Single Channel Mesh ....... .136 Operating in High Capacity and Interference Environments.
  • Page 250 Using Layer 2 Tunnels ....... . 163 Configuring the BelAir Node for Layer 2 Tunneling ... . .164 Displaying Tunnel Configuration and Status .
  • Page 251 BelAir20E User Guide Detailed Table of Contents Configuring Tunnels for PMIP Implementations ..173 Mapping User Traffic .......174 Configuring Authentication .
  • Page 252 BelAir20E User Guide Detailed Table of Contents RSTP Link Priority ....... . .193 RSTP Static Path Cost .
  • Page 253 Creating a BelAirOS Script ......223 Manually Transferring Files to and from a BelAir Node ..224 Managing and Manually Running Script Files .
  • Page 254 Table 3: BelAir Enterprise MIBs ........
  • Page 255 BelAir20E User Guide BelAir Networks Inc. General Information Sales Visit us on the web at: 603 March Road info@belairnetworks.com sales@belairnetworks.com Kanata, Ontario www.belairnetworks.com Canada Technical Support K2K 2M5 techsupport@belairnetworks.com 1-877-BelAir1 (235-2471) 613-254-7070 April 2, 2012 Confidential Page 255 of 255...

This manual is also suitable for:

20e

Table of Contents

Save PDF