This guide describes the wide variety of features and functionality of the ARRIS NVG599 Gateway, when used in Router mode. The NVG599 device can also be delivered in Bridge mode. In Bridge mode, the NVG599 acts as a pass-through device and allows the workstations on your LAN to have public addresses directly on the Internet.
Administrator’s Handbook Documentation Conventions This manual uses the following conventions to present information. General The following typographic conventions are used in this guide. Convention Description bold sans serif Menu commands and button names underlined sans serif Web GUI page links Computer display text terminal User-entered text...
It includes a table of style conventions. Chapter 2, “Device Configuration” — Describes how to get up and running with your NVG599. Chapter 3, “Basic Troubleshooting” — Gives some simple suggestions for troubleshooting problems with the initial configuration of your NVG599.
Most users will find that the basic Quick Start configuration is sufficient to meet their needs. The Quick Start section may be all that you need to configure and use your ARRIS NVG599 Gateway. For more advanced users, a rich feature set is available. The following instructions cover installation in Router mode.
Important Safety Instructions POWER SUPPLY INSTALLATION Connect the power supply cord to the power jack on the NVG599. Plug the power supply into an appropriate electrical outlet. There is no power (on / off) switch to power off the device.
Status Indicator Lights Colored LEDs on your NVG599 indicate the activity status of various ports. ARRIS NVG599 Status Indicator Lights Side View Power Battery Ethernet WiFi HomePNA Broadband 1 Broadband 2 Service Phone 1 Phone 2 Activity Solid Green = The device is powered.
Page 14
Administrator’s Handbook Activity Solid Green = Powered device connected to the associated port (includes devices with wake-on-LAN capability where a slight voltage is supplied to the Ethernet connection). Flickering Green = Activity seen from devices associated with the port. The flickering of the light is Ethernet synchronized to actual data traffic.
Off = The device is not powered, or no powered devices are connected to the associated ports. NOTE: The NVG599 supports two VoIP lines over one RJ14 (FXS) VoIP port. In order to connect two phone lines, the supplied inner/outer pair splitter adapters must be attached to the RJ14 (FXS) VoIP port in order to terminate both lines.
The battery used in this device may present a risk of fire or chemical burn if mistreated. Do not disassemble, heat above manufacturer’s maximum temperature limit, or incinerate. Replace battery with ARRIS P/N 586185-002-00 only. Use of another battery may present a risk of fire or explosion.
Battery Door Instructions 1. Place NVG599 unit on a tabletop with the battery door side up. 2. Push in and upward to open the battery door as shown in Figure 1. Figure 1 Figure 2 Figure 3 3. Swing back the battery door. See Figure 2.
Set up the ARRIS Gateway Refer to your Quick Start Guide for instructions on how to connect your NVG599 to your power source, PC, or local area network, and your Internet access point, whether it is a dedicated DSL outlet or a DSL or cable modem.
Page 19
Windows Vista 3. Set the radio buttons to the values shown above, and click the OK button.
Administrator’s Handbook Macintosh MacOS 8 or higher or Mac OS X: 1. Access the TCP/IP or Network control panel. Mac OS X follows a path like this: Apple Menu -> System Preferences -> Network MacOS Classic follows a path like this: Apple Menu ->...
1. Run your Web browser application, such as Firefox or Microsoft Internet Explorer, from the computer con- nected to the NVG599 device. 2. Enter http://192.168.1.254 in the Location text box. While the NVG599 is determining the broadband network type, the following screen appears. The Device Status page appears.
Administrator’s Handbook 3. Check to make sure the Broadband and Service LEDs on your NVG599 device are lit to verify that the GREEN connection to the Internet is active. Congratulations! Your installation is complete. You can now surf to your favorite Web sites by typing a URL in your browser’s location box or by selecting one of your favorite Internet bookmarks.
IP Diagnostics Page Redirect In the event that your connection to the Internet fails, the on your NVG599 device flashes Broadband LED and you are redirected to the page. IP Diagnostics Follow the on-screen troubleshooting suggestions. For additional troubleshooting information, see “Diagnostics”...
Administrator’s Handbook Device Status Page After you have performed the basic Easy Login configuration, any time you log in to your NVG599 you will access the NVG599 Home page. To access the Home page, type http://192.168.1.254 in your Web browser’s location box.
Page 25
The Device Status page appears. DeviceStatusWindow...
Page 26
Network ID (SSID) The name or ID that is displayed to a client scan. The default SSID for the NVG599 is attxxx where xxx is the last 3 digits of the serial (WiFi) number located on the side of the NVG599.
Tab Bar The tab bar is located at the top of every page, allowing you to move freely about the site. The tabs reveal a succession of pages that allow you to manage or configure several features of your Gateway. Each tab is described in its own section.
When you click the link, the Device List page appears. The page displays the following summary information for each home network device connected to the NVG599 device on your local area network: IPv4 address, network name, MAC address, and other status information.
System Information Manufacturer Manufacturer’s identifier name. Model Number Manufacturer’s model number. Serial Number Unique serial number of your device. Software Version Version number of the current embedded software in your device. MAC Address Unique hardware address of this NVG599 unit.
Administrator’s Handbook First Use Date Date and time the NVG599 device is first used. This field changes to the current date and time after a reset to factory defaults. Time Since Last Reboot Elapsed time since last reboot of the device in days:hr:min:sec.
Numeric (number) characters Special characters (! @ # $ % ^ & * , etc) 2. If necessary, set a custom port number for secure HTTP access to the NVG599 remote access session in the Port Value field. 3. Click the radio button that describes the type of remote access to allow: Read only access - to allow the remote access session to view, but not change, the configuration and col- lected statistics of the gateway.
Link: Battery The Battery page shows the condition and status of the NVG599 internal battery, and provides control over the battery condition audible alarm. The battery condition audible alarm provides an on-hook ringing signal on a connected telephone if the NVG599 battery needs recharging or replacing.
Link: Restart Device When the NVG599 is restarted, it will disconnect all users, initialize all its interfaces, and load the operating system software. In some cases, when you make configuration changes, you may be required to restart for the changes to take...
Administrator’s Handbook Broadband Tab Links available on the Broadband tab provide access to pages that allow you to view information about the broadband connection and configure connection details. Link: Broadband Status Broadband When you click the tab, the Broadband page is the first to appear. Status...
Page 35
NVG599 device’s WAN connection(s) to the Internet. Status Broadband Status Broadband Connection The communications technology providing the NVG599 broadband uplink. Source Broadband Connection May be Up (connected) or Down (disconnected). Broadband IPv4 Address The public IP address of your device, whether dynamically or statically assigned.
Page 36
Administrator’s Handbook Loss of Signal The absence of any signal for any reason, such as a disconnected cable or loss of power. Loss of Frame A signal is detected but the device cannot sync with signal because of mismatched protocols, wrong ISP connection configuration, or faulty cable. FEC Errors Forwarded Error Correction errors.
Link: Configure Configure When you click the link, the Broadband screen appears. Here you can reconfigure your Configure type of broadband connection should it change in the future. - Auto (automatically detected), DSL - Line 1, DSL - Line 2, DSL - Line 1 / Line -2 Broadband Source Override (Bonded), or Ethernet WAN.
Administrator’s Handbook Link: IGMP Stats IGMP Stats When you click the link, the screen appears. The IGMP statistics screen reports IGMP IGMP Stats proxy groups and multicast forwarding information. It also displays a packet counter.
Home Network When you click the tab, the Home Network Status page appears. The Home Network Status page displays information about the NVG599 device’s local area network. Run Congestion Detection If you click the button, the device will generate statistics for each of the 11...
Page 40
May be either On or Off for the 2.4 Ghz radio only. Network Name (SSID) The name or ID that is displayed to a client scan. The default SSID for the NVG599 is attxxx where xxx is the last 3 digits of the serial number located on the side of the NVG599 device.
Password Shows the information of the security encryption key in use. WiFi Network Statistics Transmit Bytes Number of bytes transmitted on the Wi-Fi network. Receive Bytes Number of bytes received on the Wi-Fi network. Transmit Packets Number of packets transmitted on the Wi-Fi network. Receive Packets Number of packets received on the Wi-Fi network.
Administrator’s Handbook Link: Configure Configure When you click the link, the page for the Ethernet LAN appears. Configure For each Ethernet Port, 1 through 4, you can select: – Auto (the default self-sensing rate), 10M full- or half-duplex, 100M full- or half-duplex, or 1G Ethernet full- or half-duplex.
May be either On or Off for the 2.4 Ghz radio only. Network Name (SSID) The name or ID that is displayed to a client scan. The default SSID for the NVG599 is attxxx where xxx is the last 3 digits of the serial number located on the side of the device.
Page 44
WiFi Operation abled, and the wireless access point will not provide or broadcast its wireless LAN services. – The drop-down menu allows you to select and lock the NVG599 into the wireless transmission mode Mode you want: A/C, B/G/N, B-only, B/G, G-only, or N-only.
Wireless Security By default, wireless security is set to WPA-PSK with a pre-defined WPA-Default Key Other options are available from the Security drop-down menu: WEP security is a privacy option that is based on encryption between the router and any PCs WEP - Manual: (clients) you have with wireless cards.
Administrator’s Handbook : You must enter a key using hexadecimal digits. For 40/64-bit encryption, you need ten digits; 26 digits for 128-bit WEP. Hexadecimal characters are 0 – 9, and a – f. Examples: 40 bits: 02468ACE02 128 bits: 0123456789ABCDEF0123456789 Any WEP-enabled client must have an identical key of the same length as the router, in order to successfully receive and decrypt the traffic.
Save Click the button. You can add or delete any of your entries later by returning to this page. Link: Wireless Scan Your device automatically checks for the best channel to broadcast wireless services. However, in some cases it may be useful to switch to a different channel (1 through 11, for North America) on which the network will broadcast.
Page 48
The server configuration determines the functionality of your DHCP settings. This functionality enables the NVG599 to assign your LAN computer(s) a “private” IP address and other parameters that allow network communication. This feature simplifies network administration because the NVG599 maintains a list of IP address assignments.
IP address for a client device. When IP allocation is enabled for a client, that device is assigned a pre-determined IP address by the DHCP server of the NVG599. IP allocation lets you set up client devices as common DHCP systems, but ensures that they always receive the same IP address from the gateway.
Page 50
Administrator’s Handbook The IP Allocation window for the client opens. 3. Scroll through the New Allocation values and select the address or method to use for the client’s DHCP assignment: • Click Address from DHCP Pool to set the client to accept any valid DHCP address available (standard operation).
When you click the link, the HPNA Network page appears. The HPNA Network page displays information about the NVG599 gateway’s HPNA-connected devices in 15-minute intervals. You can test the performance of each station to Run extended Test station pair by clicking the button.
Page 52
Administrator’s Handbook Interval statistic fields supply the following information: Label Statistic Displayed Short Tx Pkt Transmitted Packets Short Rx Pkt Received Packets CRC Errors Rx Receipt errors Dropped Tx Transmit packets dropped Dropped Rx Receipt packets dropped Tx Error % Percentage of transmitted errors Rx Error % Percentage of receipt errors...
Voice When you click the Voice tab, the Voice Status page appears. Voice-over-IP (VoIP) refers to voice telephone calls transmitted over the Internet. This type of service differs from traditional phone service that uses the Public Switched Telephone Network (PSTN). VoIP calls use an Internet protocol, Session Initiation Protocol (SIP), to transmit sound over a network or the Internet in the form of data packets.
Administrator’s Handbook Link: Line Details Line Details When you click the link, the Line Details page appears. Register If your service provider has enabled your VoIP phone lines, you can register them by clicking the Line 1 Register Line 2 button.
Link: Call Statistics Call Statistics When you click , the Call Statistics page appears.
Page 56
Administrator’s Handbook , the two available phone lines, the Call Statistics page displays the following information: Line 1 Line 2 Call Statistics - Line 1 and Line 2 Last Call/Cumulative – Incoming/Outgoing RTP Packet Loss Real-time Transport Protocol packets dropped RTP Packet Loss percentage Percent of Real-time Transport Protocol packets dropped Total RTCP Packets...
Page 57
, the two available phone lines, the Call Summary section displays the following Line 1 Line 2 information: Call Summary - Line 1 and Line 2 Current Call/Last Completed Call Call Timestamp Date and time of the current call Type May be Incoming or Outgoing Duration Length of time in seconds of call connection...
Page 58
Administrator’s Handbook The following table shows VoIP line states during various conditions. VoIP Line Hook state WAN IP Reg-state Tone Voltage On/Off-hook Idle Disabled On-hook Registered Solid Enabled Off-hook Registered Dial tone Blink Enabled On/Off hook Failure Enabled On/Off hook Down Idle Enabled...
Firewall Firewall When you click the tab, the Firewall Status page appears. The Firewall page displays the status of your system firewall elements. All computer operating systems are vulnerable to attack from outside sources, typically at the operating system or Internet Protocol (IP) layers. Stateful Inspection firewalls intercept and analyze incoming data packets to determine whether they should be admitted to your private LAN, based on multiple criteria, or blocked.
ARRIS’s packet filters are designed to provide security for the Internet connections made to and from your network. You can customize the ’s filtersets for a variety of packet filtering applications.
Page 61
Parts of a Filter A filter consists of criteria based on packet attributes. A typical filter can match a packet on any one of the following attributes: The source IP address (where the packet was sent from) The destination IP address (where the packet is going) The type of higher-layer Internet protocol the packet is carrying, such as TCP or UDP Other Filter Attributes There are three other attributes to each filter:...
Administrator’s Handbook Working with Packet Filters To work with filters: 1. Accessing the Packet Filter page by clicking the Packet Filter link. Enable/Disable Packet Filters 2. Globally turn filters on or off by clicking the button. Add a ‘Drop’ Rule Add a ‘Pass’...
Page 63
If the Force Routing filter is applied to source IP addresses, it may inadvertently block communication with the router itself. You can avoid this by preceding the Force Routing filter with a filter that matches the desti- nation IP address of the NVG599 device itself.
Page 64
Administrator’s Handbook Example: Assume a configured Custom Service/Hosted Application for an internal web server whose global port range is 8080-8080. Also assume that we want to allow only one external subnet access to this internal server: 207.53.17.0/24. And finally, assume that we want to disallow one IP address on that subnet, 207.53.17.9, from access to that same server (perhaps they were abusing the system in some way).
Page 65
Example 2 The following example uses the GUI to detail how to create a public subnet. 1. Select Home Network -> Subnets & DHCP from the Web management GUI. 2. Select On from the Public Subnet Enable drop-down menu. 3. Enter all applicable public subnet IP address information and select Save at the bottom of the view. 4.
Page 66
Administrator’s Handbook 6. Select the Add Match button below the new rule created above. This opens the Match Entry view. 7. For this example, the filter will be made based on a TCP port. Select Protocol from the Match Type drop- down menu.
Link: NAT/Gaming NAT/Gaming When you click the link, the NAT/Gaming page appears. The NAT/Gaming feature allows you to host internet applications when NAT (network address translation) is enabled. You can host different games and software on different PCs. From the drop-down menu, you can select any of a large number of predefined games and software.
Page 68
Administrator’s Handbook For each supported game or service, you can view the protocols and port ranges used by the game or service Service Details by clicking the button. For example: 1. Select a hosting device from the Needed by Device drop-down menu. 2.
Range of ports on which incoming traffic will be received. Global Port Range: The port number at the start of the port range your NVG599 device should use when for- Base Host Port: warding traffic of the specified type(s) to the internal IP address.
Page 70
Administrator’s Handbook Each time you add a custom service, your entry will be added to the list of service names displayed on the Custom Services page. Changes are saved immediately. Delete To remove this Service, click the button. Edit To edit this Service, click the button.
Page 71
List of Supported Games and Software AIM Talk Act of War - Direct Action Age of Empires II Age of Empires, v.1.0 Age of Empires: The Rise of Rome, Age of Mythology v.1.0 Age of Wonders America's Army Apache Asheron's Call Azureus Baldur's Gate I and II Battlefield 1942...
Page 72
Administrator’s Handbook Midtown Madness, v 1.0 Monster Truck Madness 2, v 2.0 Monster Truck Madness, v 1.0 Motocross Madness 2, v 2.0 Motocross Madness, v 1.0 NNTP Need for Speed 3, Hot Pursuit Need for Speed, Porsche Net2Phone Operation FlashPoint Outlaws POP-3 PPTP...
IP Passthrough The IP Passthrough feature allows a single PC on the LAN to have the ARRIS Gateway’s public address assigned to it. It also provides PAT (port address translation) (or NAPT – network address and port translation) via the same public IP address for all other hosts on the private LAN subnet.
Page 74
. Changes take effect upon restart. A Restriction Because both the NVG599 device and the passthrough host will use the same IP address, new sessions that conflict with existing sessions will be rejected by the NVG599. For example, suppose you are a teleworker using an IPSec tunnel from the router and from the passthrough host.
Page 75
The NAT default server feature allows you to: Direct your NVG599 device to forward all externally initiated IP traffic (TCP and UDP protocols only) to a default host on the LAN, specified by your entry in the Internal Address field.
Stateful Inspection parameters are active on a WAN interface only if enabled on your NVG599 device. Stateful inspection can be enabled on a WAN interface whether NAT is enabled or not. DoS Protection – Denial-of-service (DoS) attacks are common on the Internet, and can render an individual PC or a whole network practically unusable by consuming all its resources.
Page 77
Menu item Function Flood Limit Whether packet flooding should be detected and offending packets be dropped; On or Off. Flood rate limit Specifies the number limit of packets per second before dropping the remainder. Flood burst limit Specifies the number limit of packets in a single burst before dropping the remainder.
Administrator’s Handbook Diagnostics Diagnostics When you click the tab, the Troubleshoot page appears. This automated multi-layer test examines the functions of the router from the physical connections to the data traffic being sent by users through the router. Run Full Diagnostics You can run all the tests in order by clicking the button.
Page 79
Internet access tests send a ping from the modem to either the LAN or WAN to verify connectivity. A ping could be either an IP address (163.176.4.32) or domain name (www.arris.com). You enter a Web address URL or an IP address in the respective field.
Page 80
Administrator’s Handbook Each test generates one of the following result codes: Result Meaning * PASS: The test was successful. * FAIL: The test was unsuccessful. * SKIPPED: The test was skipped because a test on which it depended failed. * PENDING: The test timed out without producing a result.
NOTE: Some browsers, such as Internet Explorer for Windows XP, require that you specify the ARRIS device’s URL as a “Trusted site” in “Internet Options: Security.” This is necessary to allow the download of the log text file to...
Page 82
Administrator’s Handbook The following is an example log portion saved as a .TXT file:...
When you click , the Update page appears. Operating system software is what makes your NVG599 device run, and occasionally it needs to be updated. Your Current software version is displayed at the top of the page. To update your software from a file on your PC, you must first download the software from your service provider's support site to your PC's hard drive.
In some cases, you may need to clear all the configuration settings and start over again to program the ARRIS NVG599 device. You can perform a factory reset to do this. It might also be useful to reset your connection to the Internet without deleting all of your configuration settings.
Link: Syslog Syslog When you click the link the Syslog configuration page appears. You can configure a UNIX-compatible (BSD Syslog protocol - RFC 3164) Syslog client to report a number of subsets of the events entered in the device logs. You can enable or disable the Syslog client dynamically.
When you click the link, the NAT Table page appears. The NAT Table page displays the network address translation sessions in use by the NVG599 device. You can use the drop-down menu to limit the displayed sessions to selected IP addresses.
CHAPTER 3 Basic Troubleshooting This chapter gives some simple suggestions for troubleshooting problems with your NVG599 VDSL2 Gateway’s initial configuration. This chapter covers the following topics: Status Indicator Lights on page 88 Factory Reset Switch on page 95 Event Log Messages on...
Administrator’s Handbook Status Indicator Lights The first step in troubleshooting is to check the status indicator lights (LEDs) in the order outlined below. ARRIS NVG599 VDSL2 Gateway Status Indicator Lights Side View Power Battery Ethernet Wireless HomePNA Broadband 1 Broadband 2...
Page 89
Flashing Green = Indicates a telephone is off-hook on the associated VoIP line. Off = VoIP not in use, line not registered, or NVG599 power off. Solid Green = Powered device connected to the associated port (includes devices with wake-on-LAN capability where a slight voltage is supplied to the Ethernet connection).
Page 90
Off = The device is not powered, or no powered devices are connected to the associated ports. NOTE: The NVG599 supports two VoIP lines over one RJ11 VoIP port. In order to con- nect two phone lines the supplied inner/outer pair splitter adapters must be attached to the RJ11 VoIP port in order to terminate both lines.
LED Function Summary Matrix Solid Green Flashing Green Orange/Amber Flashing Red Off = The unit Power The device is A power-on self- Firmware POST failure (not has no AC power. powered. test (POST) is in upgrade (see bootable) or “Power during progress.
Page 92
Off = VoIP not in Phone 1, 2 The associated Indicates a tele- use, line not reg- VoIP line has phone is off-hook istered or been registered on the associated NVG599 power with a SIP proxy VoIP line. off. server.
Page 93
Solid Green Flickering Green Off = The device Powered device = Activity seen is not powered, connected to the from devices no cable or no associated port associated with powered devices (includes devices the port. The connected to the with wake-on- flickering of the associated ports.
Page 94
Administrator’s Handbook If a status indicator light does not look correct, look for these possible problems: LED Not Lit Possible Problems Make sure the power adapter is plugged into the DSL modem properly. Power Try a known good wall outlet. If a power strip is used, make sure it is switched on.
Factory Reset Switch Lose your access code? This section shows how to use the factory reset switch to reset the NVG599 so that you can access the configuration screens once again. NOTE: Keep in mind that all of your settings will need to be reconfigured.
Administrator’s Handbook Log Event Messages The system generates the log messages described in the following tables for events related to administrative access, system operation, DSL issues, packet access, or firewall issues. Administration-Related Log Messages 1. administrative access attempted: This log message is generated whenever the user attempts to access the router's management interface.
Page 97
DSL Log Messages (Most Common) 1. WAN: Data link This log message is generated when the DSL link comes up. activated at <Rate> Kbps (rx/tx) 2.WAN: Data link deactivated This log message is generated when the DSL link goes down. 3.
Page 98
Administrator’s Handbook Access-Related Log Messages 12. Telnet receive DoS attack - This log message is generated whenever TCP packets destined to the packets dropped: router's Telnet management interface are dropped due to overwhelming receive data. 13. dropped - reassembly timeout: This log message is generated whenever packets, traversing the router or destined to the router itself, are dropped because of reassembly timeout.
Page 99
Firewall Log Messages Detail (AT&T Requirement #841) Reason Enumeration ( C ) Log Text Representation Why the Packet Was Logged NM_LOGDROP_CAT_POLICY POLICY Policy (generic). This currently includes filterset rules, restricted hosts, IPv6 profiles. NM_LOGDROP_CAT_POLICY_INPUT POLICY-INPUT-GEN-DISCARD Packets destined for the CPE that are generically discarded (we spec- ify the packets we do want;...
The NVG599 VDSL2 Gateway operating software includes a command line interface (CLI) that lets you access your NVG599 device over a Telnet connection. You can use the command line interface to enter and update the unit’s configuration settings, monitor its performance, and restart it.
Page 102
Administrator’s Handbook CONFIG Commands “Connection Commands” on page 121 “Filter Set Commands” on page 124 “Queue Commands” on page 129 “IP Gateway Commands” on page 132 “IPv6 Commands” on page 132 “IP DNS Commands” on page 139 “IP IGMP Commands” on page 139 “NTP Commands”...
Overview The CLI has two major command modes: SHELL and CONFIG. Summary tables that list the commands are provided below. Details of the entire command set follow in this section. SHELL Commands Command Description Send ARP request clear Erase all stored configuration information clear_certificate Remove an SSL certificate that has been installed clear_https_certkey...
Page 104
Administrator’s Handbook CONFIG Commands Command Verbs Description delete Delete configuration list data help Display a list of Help command options save Save configuration data script Print configuration data Set configuration data validate Validate configuration settings view View configuration data Keywords conn Connection options TCP/IP protocol options...
<ip_address> You must know the IP address of the NVG599 device before you can make a Telnet connection to it. By default, your NVG599 uses 192.168.1.254 as the IP address for its LAN interface. You can use a Web browser to configure the NVG599 IP address.
Issue administrative commands to restart NVG599 device functions SHELL Prompt When you are in SHELL mode, the CLI prompt is the name of the NVG599 device followed by a right angle bracket (>). For example, if you open a CLI connection to the NVG599 device named “ARRIS-3000/9437188,”...
Sends an Address Resolution Protocol (ARP) request to match the nnn.nnn.nnn.nnn IP address to an Ethernet hardware address. clear [ yes ] Clears the configuration settings in an NVG599 device. You are prompted to confirm the clear command by entering yes. clear_certificate Removes an SSL certificate that has been installed.
Page 108
[-s size] [-c count ] [ hostname | ip_address ] Causes the NVG599 to issue a series of ICMP Echo requests for a device with the specified name or IP address. The hostname argument is the name of the device you want to ping; for example, ping ftp.arris.com.
Page 109
Clears the IPMap table (NAT). reset log Rewinds the diagnostic log display to the top of the existing NVG599 diagnostic log. The reset log command does not clear the diagnostic log. The next show log command will display information from the beginning of the log file.
Administrator’s Handbook restart [ seconds ] Restarts your NVG599 device. If you include the optional seconds argument, your NVG599 will restart when the specified number of seconds have elapsed. You must enter the complete restart command to initiate a restart.
Page 112
Administrator’s Handbook Ethernet driver full statistics - WAN 10/100/1000 Ethernet Port Status: Link down Ethernet driver full statistics - 10/100 Ethernet Port Status: Link up Type: 100BASET Duplex: Full General: Transmit OK : 434 Receive OK : 267 Tx Errors Rx Errors Receiver: Incompl Packet Errors : 0...
Page 113
Displays the Ethernet address resolution table stored in your NVG599 device. show ip igmp Displays the contents of the IGMP Group Address table and the IGMP Report table maintained by your NVG599 device. show ip interfaces Displays the IP interfaces for your NVG599 device.
Displays IPv6 statistics information. show log Displays blocks of information from the NVG599 diagnostic log. To see the entire log, you can repeat the show log command, or you can enter show log all. show firewall-log Displays blocks of information from the NVG599 firewall log.
Page 115
TFTP server must be accessible on your Ethernet network. The server_address argument identifies the IP address of the TFTP server on which you want to store the NVG599 settings. The filename argument identifies the path and name of the configuration file on the TFTP server. If you include the optional confirm keyword, you will not be prompted to confirm whether or not you want to perform the operation.
[ vcc-id ] Releases the DHCP lease the NVG599 device is currently using to acquire the IP settings for the specified DSL port. The vcc-id identifier is an “index” letter in the range B-I, and does not directly map to the VCC in use.
Page 117
Resets the point-to-point connection over the specified virtual circuit. This command only applies to virtual circuits that use PPP framing. show atm [all] Displays ATM statistics for the NVG599 device. The optional all argument displays a more detailed set of ATM statistics. show ppp [{ stats | lcp | ipcp }] Displays information about open PPP links.
CONFIG Mode Prompt When you are in CONFIG mode, the CLI prompt consists of the name of the NVG599 device followed by your current node in the hierarchy and two right angle brackets (>>). For example, when you enter CONFIG mode...
Displaying Current Gateway Settings You can use the view command to display the current CONFIG settings for your NVG599. If you enter the view command at the top level of the CONFIG hierarchy, the CLI displays the settings for all enabled functions. If you enter the view command at an intermediate node, you see settings for that node and its subnodes.
You can use the validate CONFIG command to make sure that your configuration settings have been entered correctly. If you use the validate command, the NVG599 device verifies that all required settings for all services are present and that settings are consistent.
CONFIG Commands This section describes the keywords and arguments for the various CONFIG commands. Connection Commands The conn commands are used to create connections, for example, a WAN or LAN connection. There may be more than one of each depending on your model. The name commands correspond to the system object IDs (OIDs), but you can name them yourself.
Page 122
Administrator’s Handbook set conn name name icmp-echo-drop [ off | on ] If set to on, drops echo-requests received on the particular interface. The default is off. set conn name name icmp-err-suppress [ off | on ] An additional option to suppress ICMP error messages on WAN IP interfaces. The default is off. set conn name name static ipaddr ipaddr Specifies a static IP address when the connection type has been set to static.
Page 123
If dhcp-server-enable is set to on, specifies the first address in the DHCP address range. The NVG599 can reserve a sequence of up to 253 IP addresses within a subnet, beginning with the specified address for dynamic assignment.
QoS and forwarding decisions to be made. These characteristics can be at the MAC layer, IP layer, TCP | UDP | ICMP layer(s), or (in applicable circumstances) 802.1q/p (VLAN-tagging) layer. Your NVG599 device is capable of adding and stripping 802.1Q tags to and from frames before transmission on its LAN interfaces. See also “Link Commands”...
Page 125
set filterset name filterset_name rule number match-eth-proto number Matches Ethernet protocol field to the supplied value. set filterset name filterset_name rule number match-eth-length number Matches Ethernet length field to the supplied value. set filterset name filterset_name rule number match-eth-p-bits number Matches VLAN priority bits.
Page 126
Administrator’s Handbook Or match the supplied DiffServ class. This value may be any of the BE, EF, AFxx or CSx classes. A full list is: { "CS0", 0x00 } { "CS1", 0x08 } { "CS2", 0x10 } { "CS3", 0x18 } { "CS4", 0x20 } { "CS5", 0x28 } { "CS6", 0x30 }...
Page 127
set filterset name filterset_name rule number action set-qos-marker qos_marker_string Tags the packet according to the queue marker name. See “Queue Commands” on page 129. set filterset name filterset_name rule number action set-tos number Sets the packet TOD field to the supplied value. set filterset name filterset_name rule number action set-dscp [ number | diffserv_class_string ] Sets the DSCP field to the supplied value.
Administrator’s Handbook Global Filter Set (“IPv6 Firewall”) Commands Global filter sets exist at the root level of the hierarchy, outside the umbrella of both the “ip” and “ip6” subtrees, since they pertain to both. Global filter set rules allow for the specification of these match attributes: IP Protocol Source and/or destination port: TCP flags, for rules that specify TCP traffic...
| out-link-oid | icmp-type ] Matches on the following categories: (ip[4|6] address or subnet spec (type ip4 or ip6 only)) src-ip-addr (ip[4|6] address or subnet spec (type ip4 or ip6 only)) dst-ip-addr (0-255 or iana-defined string equivalents) ip-proto (1-65535[:1-65535], only if ip-proto == TCP or UDP) src-port (1-65535[:1-65535], only if ip-proto == TCP or UDP) dst-port...
Page 130
Administrator’s Handbook the router will have to buffer enough (about a full second worth of traffic) so that the burst of traffic doesn't get tail-dropped when it arrives and is enqueued at the same time in the same burst. On the other hand, it is undesirable to buffer too much data in the queue(s) since the packets may be stale by the time they are sent.
Page 131
set queue nam -mode [ bps | relative ] ip-proto Sets the mode of the weighted fair queue. The bps keyword indicates that weights are defined as bits-per- second. The relative keyword indicates that weights are defined as a proportion of the sum of the weights of all inputs to the wfq.
Specifies the conn of the gateway. Normally, this would be the WAN connection. Specifies whether the NVG599 should send packets to a default gateway if it does not know how to reach the destination host. set ip gateway conn-oid value Sets the default gateway to point to an associated link specified by the conn-oid value.
Page 133
set ip6 dhcp-server info-refresh-time 86400 set ip6 dns primary-address "" set ip6 dns secondary-address "" Default IPv6 security configuration values: set security spi ip6 src-mcast-drop off set security spi ip6 invalid-mcast-scope-drop on set security spi ip6 forbidden-addr-drop on set security spi ip6 deprecated-ext-hdr-drop on set security spi ip6 src-addr-from-lan-unassigned-drop on set security spi ip6 lan-assigned-src-addr-from-wan-drop on set security spi ip6 ula-drop on...
Page 134
Administrator’s Handbook set ip6 conn name name mcast-fwding [ off | on ] Turns IPv6 multicast forwarding for this connection off or on. The default is off. (not yet implemented) set ip6 conn name name old-prefix-purge-timer The time in seconds for which old, invalid prefixes are advertised with a lifetime of zero. The intent is to “flush out”...
Page 135
set ip6 conn name name 6rd-tunnel ipv4-common-bits value [ 0 - 31 ] The number of bits common to all IPv4 addresses within the 6rd domain. The top-most bits of the IPv4 address will be “subtracted” from the 6rd address. If the whole 32-bit IPv4 address is contained in the 6rd IPv6 address, this value is set to zero.
Page 136
Administrator’s Handbook set ip6 conn name name dp subnet-length value [ 0 - 16 ] The length of the subnet portion of the delegated prefix. Default is 0. set ip6 conn name name dp subnet-id value [ 0 - 65535 ] If a subnet length is specified, the value that would occupy the of the subnet portion of the connection's IPv6 prefix.
Page 137
set ip6 conn name name dhcp-server dns-server optional IPv6 address IPv6 address of advertised DNS server (optional). IPv6 DHCP Server set ip6 dhcp-server enable [ on | off ] Globally enables or disables DHCPv6 servers on all IPv6 LAN connections. The default is on. set ip6 dhcp-server information-only [ off | on ] The on parameter sets DHCPv6 servers on all IPv6 LAN connections to operate in stateless “information-only”...
Page 138
Administrator’s Handbook set ip6 dhcp-server T1 seconds set ip6 dhcp-server T2 seconds Sets global DHCPv6 T1, T2 values, per RFC 3315 for local NA addresses: The time at which the client contacts the server from which the addresses in the IA_NA were obtained to extend the lifetimes of the addresses assigned to the IA_NA;...
Other uses include updating the address books of mobile computer users in the field, or sending out company newsletters to a distribution list. Since a router should not be used as a passive forwarding device, NVG599 devices use a protocol for forwarding multicasting: Internet Group Management Protocol (IGMP).
Page 140
Administrator’s Handbook You can set the following options: IGMP Snooping – Enables the NVG599 to “listen in” to IGMP traffic. The NVG599 discovers multicast group membership for the purpose of restricting multicast transmissions to only those ports which have requested them.
Page 141
set ip igmp query-response-interval value Sets the query-response interval range in deci-seconds (tenths of a second): 5 – 255. The default is 100 deci- seconds. set ip igmp unsolicited-report-interval value Sets the unsolicited report interval: the amount of time in seconds between repetitions of a particular computer’s initial report of membership in a group.
Administrator’s Handbook NTP Commands set ip ntp enable [ on | off ] Enables or disables acquiring the time of day from an NTP (Network Time Protocol) server. set ip ntp server-address server_address set ip ntp alt-server-address alt_server_address Specifies the NTP server(s) to use for time updates. The NTP server-address and alt-server-address values can be entered as DNS names as well as IP addresses.
[ normal | defaultserver ] Sets the WAN mode to direct your NVG599 to forward all externally initiated IP traffic (TCP and UDP protocols only) to a default host on the LAN, otherwise this feature is disabled. Default is normal.
Page 144
Administrator’s Handbook set link name name port-vlan ports [ lan-1... 4 | hpna | ssid-1...4 | ptm | vc-1 | vc- Specifies a port-based VLAN on the selected ports on the link named name. set link name name port-vlan priority [ 0 - 7 ] Specifies the 802.1p priority bit.
Page 145
[ on | off ] Specifies whether you want your NVG599 to send LCP echo requests. You should turn off LCP echoing if you do not want the NVG599 to drop a PPP link to a nonresponsive peer.
Controls whether the NVG599 accepts name server addresses from the peer. The default is on, which means the NVG599 expects to get name server addresses when the PPP link comes up. This especially applies when the primary WAN connection is PPP.
Page 147
Turns TR-064 LAN side management services on or off. The default is off. set management shell idle-timeout [ 1...120 ] Specifies a timeout period of inactivity for Telnet access to the NVG599 device, after which a user must re-log in to the NVG599. Default is 15 minutes for Telnet.
Specifies a certificate from a trusted certificate authority to identify the secure Web access. set management web idle-timeout [ 1...120 ] Specifies a timeout period of inactivity for HTTP access to the NVG599 device, after which a user must log in to the NVG599. Default is 5 minutes for HTTP.
Page 149
Defaults to port 0. set management remote-access telnet-idle-timeout [ 1...120 ] Specifies a timeout period of inactivity for remote Telnet access to the NVG599 device, after which a user must log in to the device. Default is 5 minutes for Telnet.
DSL Forum TR-064 (“LAN Side CPE Configuration”) is an extension of UPnP (Universal Plug-and-Play). It defines more services to locally manage the NVG599 device. While UPnP allows open access to configure the device's features, TR-064 requires a password to execute any command that changes the device's configuration.
Page 151
set physical dsl modulation annex-m [ off | on ] Turns Annex-M DSL modulation off or on. Default is off. set physical dsl profile-8a [ on | off ] Enables or disables VDSL2 profile 8a governing upstream and downstream bandwidth. Default is on. set physical dsl profile-8b [ on | off ] Enables or disables VDSL2 profile 8b governing upstream and downstream bandwidth.
Page 152
Administrator’s Handbook set physical dsl nlnm-threshold [ 0 - 480 ] Specifies the New Low Noise Model (NLNM) value between 0 and 480. Default is 60. set physical dsl transport [ atm | ptm | auto | off ] Sets the DSL transport mode: Asynchronous (atm), Packet (ptm), Automatic (auto), or none (off). Default is ptm.
Page 153
set physical dsl atm vcc 2 vci [ 32 - 65535 ] Sets the virtual channel identifier (VCI) for the circuit. Default is 35. set physical dsl atm vcc vcc_num tx-queue queue_name Attaches the egress queue template to the ATM VC when the queue type is egress. set physical dsl atm vcc vcc_num rx-queue queue_name Attaches the ingress queue to the ATM VC when the queue type is ingress.
Page 154
[ 1 - 4 ] mac-addr-override mac_addr You can override your NVG599 device’s Ethernet MAC address with any necessary setting. Some ISPs require your account to be identified by the MAC address, among other things. Enter your 12-character Ethernet MAC...
Page 155
SSID as the client. Defaults to 6. set physical wireless power [ 1 - 100 ] Sets some value lower than 100 percent transmit power if your NVG599 device is located close to other Wi-Fi devices and causes interference. Defaults to 100 (percent).
Page 156
If set to , blocks wireless clients from communicating with other wireless clients on the WLAN side of the NVG599. Defaults to off. set physical wireless ssid 1 security [ none | wep | wpa ] Sets the wireless privacy type: none, wep, or wpa-psk. Default is none.
Specifies the maximum number of PPPoE relay sessions. Default is 4. NAT Pinhole Commands NAT pinholes let you pass specific types of network traffic through the NAT interfaces on the NVG599. NAT pinholes allow you to route selected types of network traffic, such as FTP requests or HTTP (Web) connections, to a specific host behind the NVG599 transparently.
Administrator’s Handbook Security Stateful Packet Inspection (SPI) Commands set security firewall-level [ low | high | off ] All computer operating systems are vulnerable to attack from outside sources, typically at the operating system or Internet Protocol (IP) layers. Stateful inspection firewalls intercept and analyze incoming data packets to determine whether they should be admitted to your private LAN, based on multiple criteria, or blocked.
Page 159
ARRIS 9.x DSL gateways use the relevant session information about whether the packet flow was initiated from the LAN side (upstream) or WAN side (downstream). If the parameter security.spi.ip6.allow-inbound is set to off, then sessions which are initiated from the WAN side are disallowed.
VoIP Profile Settings set voip profile [ 1 - 4 ] prof-enable [ on | off ] Enables or disables the use and configuration of the specified VoIP profile on the NVG599. set voip profile [ 1 - 4 ] proxy-server address Specifies the IP address or fully-qualified domain name of the SIP proxy server that stations using the profile will connect to.
Page 161
set voip profile [ 1 - 4 ] sip-user-domain name Sets the SIP user domain value to be used by the VoIP profile. set voip profile [ 1 - 4 ] sip-user-port [ 1 - 65535 ] Specifies the SIP user port for the specified phone, Default is 5060. set voip profile [ 1 - 4 ] sip-user-transport [ tcp | udp ] Assigns a transport protocol to the identified VoIP SIP profile.
Page 162
Administrator’s Handbook set voip profile [ 1 - 4 ] sip-publish-invocation never Sets the specified profile to never invoke PUBLISH. set voip profile [ 1 - 4 ] sip-publish-interval seconds Assigns the publication interval to the specified profile. set voip profile [ 1 - 4 ] sip-publish-count -1 Sets the number of SIP publication events for the profile.
Page 163
set voip profile [ 1 - 4 ] sip-advanced-setting sip-qos-tos [ 0 - 255 ] Specifies the SIP DiffServ type of service (ToS) values for Quality of Service (QoS) assignment. Default: 160. set voip profile [ 1 - 4 ] sip-advanced-setting sip-qos-p-bit [ 0 - 7 ] Assigns a Quality of Service priority bit (p-bit) value to the SIP profile.
Page 164
Administrator’s Handbook set voip profile [ 1 - 4 ] sip-advanced-setting sip-timer-e-value 500 Assigns a SIP E timer (UDP non-INVITE retransmit interval) value to the profile. set voip profile [ 1 - 4 ] sip-advanced-setting sip-timer-f-value 32000 Assigns a SIP F timer (non-INVITE retransmit interval) value to the profile. set voip profile [ 1 - 4 ] sip-advanced-setting sip-timer-g-value 500 Assigns a SIP G timer (INVITE response retransmit interval) value to the profile.
Page 165
set voip profile [ 1 - 4 ] rtp-advanced-setting rtp-port-range-start [value] Defines the beginning of the VoIP Real Time Protocol port range assigned to the profile. Default: 6002. set voip profile [ 1 - 4 ] rtp-advanced-setting rtp-port-range-end [value] Defines the end of the VoIP Real Time Protocol port range assigned to the profile. Default: 6200. set voip profile [ 1 - 4 ] rtp-advanced-setting rtcp-option [ on | off ] Configures the Real Time Control Protocol (RTCP) setting for the VoIP profile.
Page 166
Administrator’s Handbook set voip profile [ 1 - 4 ] advanced-telephony-setting battery-notification-setting battery-notification-tod-start "[HH:MM]AM | [HH:MM]PM" Assigns a start time for battery notification message generation to the profile. set voip profile [ 1 - 4 ] advanced-telephony-setting battery-notification-setting battery-notification-tod-end "[HH:MM]AM | [HH:MM]PM" Assigns an end time for battery notification message generation to the profile.
Page 167
set voip profile [ 1 - 4 ] user-account [ 1 - 4 ] sip-user-auth-id “[string]” Defines a user authentication ID value for the user account on the VoIP profile. Default: 1000. set voip profile [ 1 - 4 ] user-account [ 1 - 4 ] sip-uri "" Assigns a SIP Uniform Resource Identifier (URI) to the specified user account.
Page 168
Administrator’s Handbook set voip profile [ 1 - 4 ] user-account [ 1 - 4 ] codec G726_16 payload-type [value] Assigns a payload value to the 16 kbit/s G.726 codec on the user account. Default: 102. set voip profile [ 1 - 4 ] user-account [ 1 - 4 ] codec G726_16 packetization-time [value] Assigns a packetization time value to the 16 kbit/s G.726 codec on the user account.
Page 169
set voip profile [ 1 - 4 ] user-account [ 1 - 4 ] codec AMR payload-type [value] Assigns a payload value to the AMR codec on the user account. Default: 120 set voip profile [ 1 - 4 ] user-account [ 1 - 4 ] codec AMR packetization-time [value] Assigns a packetization time value to the AMR codec on the user account.
Page 170
Administrator’s Handbook set voip profile [ 1 - 4 ] user-account [ 1 - 4 ] call-feature subscribe-mwi-option [ on | off ] Enables or disables the message waiting indicator for the user account. set voip profile [ 1 - 4 ] user-account [ 1 - 4 ] call-feature subscribe-send-mes- sage [ on | off ] Enables or disables message sending for the user account.
Targeted Ad Insertion Commands set targeted-ad-insertion enable [ on | off ] Turns targeted ad insertion on or off. Default is on. set targeted-ad-insertion v-zone-ad [ on | off ] Specifies whether the targeted ad is zone-specific. Default is on. set targeted-ad-insertion sender-ssrc [ 0...
Page 172
Administrator’s Handbook set targeted-ad-insertion hello-retransmit-min seconds Specifies a minimum interval for retransmission of ad insertion in seconds. Default is 15 seconds. set targeted-ad-insertion hello-retransmit-max seconds Specifies a maximum interval for retransmission of ad insertion in seconds. Default is 300 seconds. set targeted-ad-insertion vcc-ip-address ip_address Specifies the VCC IP address of the ad carousel server.
ARRIS-7000/9437188. A system name can be 1 – 255 characters long. Once you have assigned a name to your NVG599, you can enter that name in the address text field of your browser to open a connection to your NVG599.
Page 174
Specifies the password for the update server. The default is guest. set system calendar-update fwverfile filename Specifies the firmware version filename to the update server. For the AT&T NVG599 the file is netopiaNVG599_64.txt. set system calendar-update day day_of_month Specifies the numerical day of the month for the update server to be polled, for example, 21.
Page 175
CPE (is in its trust list). Default is on. set system syslog enable [ on | off ] Enables or disables the NVG599 Syslog function. The Syslog function is disabled by default. If Syslog is enabled, the following additional Syslog settings may be configured: set system syslog server-ip <IPv4/IPv6 Address>...
Page 176
[ 0 ... 7 ] Sets the severity level of Syslog messages the NVG599 will send to the Syslog server. Each severity level includes all higher-level messages (e.g; a level of 2 [Critical] will also send Alert and Emergency messages). The...
Page 177
[ low | medium | high | alerts | failures ] Specifies the types of log messages you want the NVG599 device to record. All messages with a level equal to or greater than the level you specify are recorded. For example, if you specify set system diagnostic-level medium, the diagnostic log will retain medium-level informational messages, alerts, and failure messages.
Debug Commands When you are in SHELL mode, the Debug prompt consists of the name of the NVG599 device followed by the word “DEBUG” and a right angle bracket (>). For example, if you open a CLI connection to the NVG599 named “ARRIS-3000/9437188”...
1.28 lbs (.58 kg) (without integrated battery) 1.77 lbs (.80 kg) (with integrated battery) Communications interfaces: The ARRIS Gateways have a 4-port 10/100/1000Base-T Ethernet switch for your LAN connections, an FXS port for VoIP connections, a HomePNA 3.1 coax port, a USB 2.0 network port, and a 400 mW wireless radio for Wi-Fi connections.
Manufacturer’s Declaration of Conformance WARNING: This is a Class B product. In a domestic environment this product may cause radio interference, in which case the user may be required to take adequate measures. Adequate measures include increasing the physical dis- tance between this product and other electrical devices.
Page 182
Administrator’s Handbook Canada. This Class B digital apparatus meets all requirements of the Canadian Interference -Causing Equipment Regulations. Cet appareil numérique de la classe B respecte toutes les exigences du Réglement sur le matériel brouilleur du Canada. Declaration for Canadian users NOTICE: The Canadian Industry Canada label identifies certified equipment.
Important Safety Instructions Caution DO NOT USE BEFORE READING THE INSTRUCTIONS: Do not connect the Ethernet ports to a carrier or carriage service provider’s telecommunications network or facility unless: a) you have the written consent of the network or facility manager, or b) the connection is in accordance with a connection permit or connection rules.
For earlier products, the REN is separately shown on the label. e) If this equipment, the NVG599 device, causes harm to the telephone network, the telephone company will notify you in advance that temporary discontinuance of service may be required. But if advance notice isn’t practical, the telephone company will notify the customer as soon as possible.
If your home has specially wired alarm equipment connected to the telephone line, ensure that the installation of this ARRIS NVG599 VDSL2 Gateway does not disable your alarm equipment. If you have questions about what will disable alarm equipment, consult your telephone company or qualified installer.
Contact your local authorities for information about practices established for your region. If collection systems are not available, call ARRIS Customer Service for assistance. Beskyttelse af miljøet med Genbrug af dit ARRIS-udstyr Dette produkt må ikke bortskaffes sammen med husholdningsaffald eller genbrug erhvervsaffald.
ARRIS, não autoridades locais. Se não houver sistemas de coleta disponíveis, entre em descarte o produto junto com contato com o Serviço ao Cliente da ARRIS para obter assistência. lixo residencial ou comercial. Var rädd om miljön Återvinning av din ARRIS-utrustning...
Open Source Software Information For instructions on how to obtain a copy of any source code being made publicly available by ARRIS related to software used in this ARRIS product you may send your request in writing to: ARRIS Group, Inc.
Page 191
All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2.
Page 192
WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. GNU General Public License 2.0 (GPL) This ARRIS product contains the following open source software packages licensed under the terms of the GPL 2.0 license: • Linux 2.6.30 •...
Page 193
When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs;...
Page 194
Administrator’s Handbook c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License.
Page 195
6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject tothese terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License.
Page 196
END OF TERMS AND CONDITIONS GNU Lesser General Public License 2.1 (LGPL) This ARRIS product contains the following open source software packages licensed under the terms of the LGPL 2.1 license: • uClibc 0.9.27 (also Copyright (C) 2000-2006 Erik Andersen <andersen@uclibc.org>) Version 2.1, February 1999...
Page 197
The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0.
Page 198
Administrator’s Handbook 5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License.
Page 199
11. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Library at all.
Page 200
Administrator’s Handbook lua 5.1 Lua is licensed under the terms of the MIT license reproduced below. This means that Lua is free software and can be used for both academic and commercial purposes at absolutely no cost. For details and rationale, see http://www.lua.org/license.html . Copyright (C) 1994.2012 Lua.org, PUC-Rio.
Page 201
OpenSSL 0.9.8k OpenSSL SSLeay License LICENSE ISSUES The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually both licenses are BSD-style Open Source licenses.
Page 202
Administrator’s Handbook 4. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement: "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" HIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE MPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
Page 203
4. Redistributions of any form whatsoever must retain the following acknowledgment: "This product includes software developed by Computing Services at Carnegie Mellon University (http://www.cmu.edu/ computing/)." CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
Page 204
Administrator’s Handbook Copyright (C) 2002 Netservers This plugin may be distributed according to the terms of the GNU General Public License, version 2 or (at your option) any later version. See the respective source files to find out which copyrights apply. ------------------------------------------------------------------------------ Copyright (C) 2002 Roaring Penguin Software Inc.
Page 205
License to copy and use this software is granted provided that it is identified as the "RSA Data Security, Inc. MD5 Message- Digest Algorithm" in all material mentioning or referencing this software or this function. License is also granted to make and use derivative works provided that such works are identified as "derived from the RSA Data Security, Inc.
Page 206
Administrator’s Handbook Redistribution and use in source and binary forms are permitted provided that the above copyright notice and this paragraph are duplicated in all such forms and that any documentation, advertising materials, and other materials related to such distribution and use acknowledge that the software was developed by the University of California, Berkeley. The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission.
Page 207
------------------------------------------------------------ Copyright (C) 2000 by Roaring Penguin Software Inc. This program may be distributed according to the terms of the GNU General Public License, version 2 or (at your option) any later version. ------------------------------------------------------------ Copyright (C) 2000-2001 by Roaring Penguin Software Inc. Copyright (C) 2004 Marco d'Itri <md@linux.it>...
Page 208
Administrator’s Handbook Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2.
Page 209
THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGESWHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
Page 210
Administrator’s Handbook Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
Page 211
strlcat() is (c) Todd C. Miller (included in util.c -- ) are from OpenSSH 3.6.1p2, and are licensed under the BSD-Modified license: Copyright (c) 1998 Todd C. Miller , < OWNER > All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Page 212
2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. 3. This notice may not be removed or altered from any source distribution. Copyright (c) Mark Adler Portions Copyright ARRIS Group, Inc. 2009-2012 Portions Copyright Broadcom Corporation Portions Copyright AltoCom, Inc.
The white list can be a combination of FQDN (fully qualified domain names) and White-IP address/CIDR. FQDNs will be resolved to IP addresses on boot and whenever a new list is pushed. For the NVG599, Captive Portal implementation only redirects port 80 traffic. Traffic to port 443 is allowed. DNS Traffic will not be blocked.
Administrator’s Handbook Overview When packets arrive on a high speed interface and are forwarded to a low speed interface, there is contention for bandwidth. This is the use case for QoS: to make effective use of bandwidth. The basic steps for Quality of Service are to match and identify packets as belonging to a class of traffic, and to give each class of traffic a certain behavior such as priority queuing or bandwidth shaping across critical networking bottlenecks.
Page 219
Figure 4. Illustration of weighted fair queue scheduling Figure 5. Illustration of a hybrid queue that is both priority and WFQ, to both constrain bandwidth usage and expedite one of the queues. After the packet has been classified, it can be put in the proper queue. Queues are assigned to interfaces and can be constructed of several queue components to deliver the desired behavior.
Administrator’s Handbook There is an option to enable bandwidth sharing, so that unused bandwidth in idle queues can be shared to other queues. When the traffic resumes in the previously idle queue, the previously shared-out bandwidth is taken back. When bandwidth sharing is enabled, a secondary rate configuration appears on each input entry, the peak parameter.
Downstream QoS: Ethernet Switch The simplest way of handling downstream QoS (from WAN to LAN) is to use the per-port queues that are present in the Ethernet switch. This achieves the greatest efficiency since the queues are handled in the switch hardware, and should be used when a strict priority queue with 4 priorities is sufficient.
Index Default Server designing a new filter set Symbols Detect Missing Filter !! command Device Access Code Device List DHCP lease table Diagnostic log Access Code Diagnostics Address resolution table Documentation conventions Administrator password Downstream QoS Arguments, CLI Command Ethernet statistics Event Notifications basic queues Broadband Network Redirect...
Page 224
Administrator’s Handbook ICMP Echo Packet Filters IGMP Password IGMP Snooping Administrator IGMP Stats User IP DNS commands Physical interfaces commands IP Gateway commands Ping IP IGMP commands Ping command IP interfaces IP Passthrough priority queue IP routes Prompt, CLI IPMap table Keywords, CLI Quality of Service LAN Ethernet Statistics...
Page 225
tab bar Targeted Ad Insertion Telnet Telnet command Test Web Access TFTP server Traceroute Trivial File Transfer Protocol Troubleshoot Truncation Update Upstream QoS User name User password View command view config Voice Voice-over-IP VoIP weighted fair queue WiFi-Key Wireless Wireless Security...
Need help?
Do you have a question about the NVG599 and is the answer not in the manual?
Questions and answers
The gateway has AC power but none of the status indicator light are lit up. All are blank. Does this mean the gateway needs to be replaced?