LANBIRD Technology is a registered trademark; and LANBIRD 1004 is a registered trademark of LANBIRD Technology Co., Ltd. Any part of this documentation can be used in any form or by any means or to make any directive work(such as transformation) without approval from LANBIRD Technology Co., Ltd.
LANBIRD 1004 IOS Manual Contents LANBIRD 1004 IOS Manual......................1 How to Use IOS Commands ......................6 LANBIRD command mode overview ..................6 User mode..........................7 Root mode..........................8 Configuration mode........................ 8 Two types of password......................9 Interface Configuration Management ..................10 Interface number ........................
Page 3
Filtering............................30 The purpose of Filtering ....................... 30 How to use Filtering ......................30 The Position of LANBIRD Filter with Inbound and outbound..........31 Types of Protocols Which Can Be Filtered ................32 Filtering Policy ........................32 Process of Accomplishing Filtering ..................33 The Configuration and Enforcement of LANBIRD Filter ............
Page 4
Load balaning ..........................59 Purpose ..........................59 Example of Load Balancing ....................59 Consideration of Load Balancing ..................59 What is Metric? ........................60 LANBIRD Load balancing Configuring Tips ................. 60 Method of Configuration....................... 61 Command..........................61 Example ..........................62 Giving Condition......................63 when configuring on Router A..................
Page 5
Subnet mask 255.255.255.240 .................... 82 Subnet mask 255.255.255.248 .................... 83 Subnet mask 255.255.255.252 .................... 84 (version 0.3.5 and later) Appendix 2. Examples of Lanbird 1004 Router NAT Configuration ..............................86 Examples of router configuration ..................86 Example of subscriber PC configuration:................87...
How to Use IOS Commands LANBIRD command mode overview Lanbird IOS is divided into several command modes and the commands which can be used by mode are defined in each mode. The command mode mainly consists of the following three layers.
Change to root mode show Show current system information telnet Connect to a remote host by TELNET tracert Trace route to destination LANBIRD> show ? ARP table bridge Bridge table config Saved configuration DNS table frame-relay Frame relay information...
How to Use IOS Commands The prompt of the initial product is LANBIRD and it is possible to change it by using the "prompt" command in the root mode. To exit from the user mode, use the "exit" command. Root mode Because the user can easily change the system configuration in the root mode, password should be used to access this mode.
- If the login is performed properly, the default after the connection to the router is the user mode. * Root password - Used to move to the root mode after the connection to the router through console and telnet. - Root password for the initial products: lanbird <-- small letters...
Interface Configuration Management Interface Configuration Management Interface number Lanbird routers use interface numbers in each command. The interface numbers and corresponding interfaces are shown below. Interface number Description Ethernet interface 0 Serial interface 1 Serial interface 2 Ethernet interface configuration A separate configuration is unnecessary because Ethernet automatically searches 10 Mbps or 100 Mbps interface.
Show the interface status. Viewing the Ethernet interface status The following example shows the Ethernet interface status. LANBIRD# show interface 0 Ethernet0 is up, line protocol is up IP address 192.168.1.1 / 255.255.255.0 MAC address is 00:d0:a6:03:00:00...
Page 12
Interface Configuration Management Serial1 is up, line protocol is up IP address 211.32.1.1 / 255.255.255.252 Line protocol HDLC, keepalive 10 Input queue: 0/50 1 minute rate: 0 packets/sec, 310 bits/sec 19179 packets, 4944750 bytes, 0 no buffers 0 giant, 0 runt, 0 frame, 0 abort, 0 CRC, 0 overrun Output queue: 0/1500 1 minute rate: 0 packets/sec, 254 bits/sec...
Management of IP Addresses and Routing Configuration Management Addresses Routing Configuration Configuring the primary IP address for the network interface The IP address determines where to send an IP packet. Because some IP addresses are reserved for special purposes, they cannot be used as the addresses for a host, a subnet, and a network.
Management of IP Addresses and Routing Configuration Routing table configuration The following shows how to configure or add a routing path to the routing table. Command Description ip-route add dip-addr dmask {ifnum|fip-addr} Add a routing path. The following shows how to delete a routing path from the routing table. Command Description ip-route delete dip-addr...
Management of IP Addresses and Routing Configuration Network Address Translation (NAT) configuration Two problems which Internet is facing are the lack of IP addresses and the increasing size of the routing. NAT gives the illusion that the IP network internally used by an organization looked as a different IP network to those outside the organization.
Management of IP Addresses and Routing Configuration Enabling/disabling NAT function It is necessary to distinguish between the inside network and the outside network to start NAT. By executing the following commands, Lanbird router determines the direction to which NAT should be performed. Command...
Page 17
Management of IP Addresses and Routing Configuration The following procedure shows the example of using Internet through changing the source address of the host with the a inside private address by a router in the above figure. 1. The user in the host 192.168.1.1 is connected to the user in the host 211.32.129.104.
Cancel the dynamic translation configuration. Configuring the public address space in the inside network Lanbird NAT regards all the addresses in the inside network as private IP addresses and translate them into outside public addresses. Consequently, when public IP network and private IP network are mixed inside, it is necessary to configure such that...
Delete the public IP network configuration. Using Internet by using only one public IP address (PAT) Lanbird NAT supports the Port Address Translation (PAT) function which enables many hosts in the inside network to be connected to Internet at the same time only with one public IP address.
Page 20
Management of IP Addresses and Routing Configuration address, priv-ip-addr as the server connectable through the TCP or UDP port number of the IP address for which PAT is configured outside.
Configuring the NAT timer Lanbird router internally manages the NAT table for all mappings. Each mapping table, which has the timer to manage the current mapping, automatically disconnects the mapping when it is not disconnected properly. The followings show how to configure the timer according to the type of each of the connected traffic.
Management of IP Addresses and Routing Configuration Configuration the NAT table size The table size currently used by NAT is basically 1,000. However, when many users use Internet at the same time, it is necessary to increase the table size. At this time, the following is performed.
To use the frame-relay service, it is necessary to change the line protocol of the interface, which will use the frame-relay, into the frame-relay first. Command Purpose line-protocol ifnum frame-relay To use the frame-relay for the ifnum interface. Lanbird routers use RFC 1490 (IETF) with the frame-relay encapsulation method.
Frame-Relay Configuration Management Setting the Data Link Connection Identifier (DLCI) For the frame-relay to operate, the local IP address and the next hop IP address should be configured for each DLCI. Two methods are used to configure the DCLI: local-map and static-map. In the local-map, DLCI and the IP address of the router are mapped and the frame- relay Inverse Address Resolution Protocol (IARP) is used to obtain the next hop IP address for a specific connection (DLCI).
Frame-Relay Configuration Management frame-relay static-map ifnum dlci remote-ip<cr> To connect the given dlci and remote-IP to the ifnum interface. Configuring the Local Management Interface (LMI) The router supports ANSI T1.617 Annex D LMI and ITU-T Q.933 Annex A LMI. Currently, the router has the function to find LMI automatically as a default. Consequently, it is unnecessary to configure LMI separate except for special cases.
Page 26
Frame-Relay Configuration Management Configuring LMI variables Unless the user is aware of the details of LMI, it is recommended not to leave LMI alone. Because an improper operation of LMI can cause a improper operation of the frame-relay, the user should not modify LMI except for special cases. The following commands are use to change LMI variables.
The following is the configuration method by using the local-map. LANBIRD> root Password: ******* LANBIRD# config LANBIRD(config)# ip-address add 1 100.1.1.1 255.255.255.0 LANBIRD(config)# line-protocol 1 frame-relay LANBIRD(config)# frame-relay local-map 1 100 In the above configuration method, the IP address is omitted when configuring the local-map.
Page 28
Frame-Relay Configuration Management LANBIRD(config)# frame-relay local-map 1 100 100.1.1.1 By doing this, DLCI 100 is connected to the IP address of 100.1.1.1. At this time, it should be ensured that the IP address to map must be one of the addresses configured for the serial interface.
Page 29
Frame-Relay Configuration Management To verify the proper configuration, the command, "show rconfig" can be used. The execution of this command to view the router configuration status should show the configuration of the serial interface 1 as shown below. Serial1 (Sync): ip address 100.1.1.1 255.255.255.0 line-protocol frame-relay IETF frame-relay lmi-type ansi...
Filtering Filtering The purpose of Filtering Filtering is the function that is to permit or deny the packet of which traffic come in and out on the Router. For the unwilling packets, the filtering function prevents the unwilling packets from the exterior to the interior by denying. This function provides the security of network.
Branch 2 The Position of LANBIRD Filter with Inbound and outbound Router LANBIRD's products have 2 filters in each interface. In each interface, you can do filtering to inbound packet or outbound packet. Additionally, LANBIRD 1004 offers filtering adaptively. As the figure above, you can either filter the packet on B(inbound) or A(outbound).
Filtering Types of Protocols Which Can Be Filtered Types of Protocols LANBIRD 1004 offers all types of protocols such as udp, tcp, ip, icmp and numbers between 0-255. ICMP icmp message type can be configured with the value of 0-255 as well as echo- request, echo-reply, time-exceed and destination unreachable.
4. if there is no satisfied condition, then deny corresponding packet ※ when the packet comes in, if it doesn’t satisfy, them mange it as default. The Configuration and Enforcement of LANBIRD Filter Add Data on Filter When you add the new filter to the filter which already exits, the new filter will...
You can delete the filter without any sequence violation. Default filter If you don’t execute the command ip-filter on LANBIRD Router, the filtering function will not work at all. When you use the command “ip-filter”, it automatically denies all traffic between input...
Filtering How to Use Filter Command Command Description IP-filter {add|delete} <ifnum> input permit <source> <destination> <IP- permit the filter which Adds/Deletes the packet from the source to the destination that protocol> comes through the interface IP-filter {add|delete} <ifnum> input deny <source>...
Filtering Assigning Method of Network Address Network address::= <IP-address> <subnetmak> - Network address can be configured with IP address and subnetmask. <IP-address>::={xxx.xxx.xxx.xxx | all} <subnetmask>::={xxx.xxx.xxx.xxx | host | all} ※ it is available for inputting simple name instead of IP address and subnetmask. all = 0.0.0.0 host = 255.255.255.255 Set command configuration...
Router A only needs to deny inputting tcp telnet from Ethernet and tcp telnet from serial LANBIRD(config)# IP-filter add 0 input deny all all all all tcp telnet LANBIRD(config)# IP-filter add 1 input deny all all all all tcp telnet...
Page 40
The Example of Filtering after Version 0.4.4 To block telnet connection from the network 100.1.1.0 to the network 192.168.1.0, you need to block the telnet port which comes from the network 100.1.1.0 or block syn packet which is willing to do telnet connection. After that, permit other packets. 1.
Page 41
The Example of Filtering after Version 0.4.4 ※The difference between blocking tcp telnet and tcp telnet syn is tcp telnet blocks all telnet ports for not being able to do the telnet connection. On the other hand, tcp telnet syn is not to materialize the connection when telnet connection is accomplishing. User who is already on the connection before configuring tcp telnet syn, the user can be on the telnet connection continuously.
Page 42
The Example of Filtering after Version 0.4.4 the packet which comes from the network 100.1.1.0 to the network 192.168.1.0 denies 1023 from udp 0 and permit other packets.
BOOTP-relay BOOTP-relay BOOTP relay is the function that each client can connect to the remote server which exist on the different network. Example of BOOTP-relay When an organization divided into several networks, the manger can mange whole network through central DHCP-server by using BOOTP-relay agent. DHCP SERVER 라우터...
<bootp-IP-addr> Delete IP-address of Bootp-relay Using Tips Next is the example which uses BOOTP-relay to get the service from the server 100.1.1.1 LANBIRD(config)# bootp-relay add 100.1.1.1 LANBIRD(config)# show rconfig Current running configuration: bootp-relay 100.1.1.1 Ethernet0: IP-address 192.168.1.1 255.255.255.0 Serial1: IP-address 200.1.1.1 255.255.255.0...
DHCP(Dynamic Host Configuration Protocol) server DHCP(Dynamic Host Configuration Protocol) server DHCP is the function that earns the configuration of its network. In addition, it reduces the work of managing. Client earns the configuration such as ip address, subnet mask, gateway, dns-server address from the server.
DHCP(Dynamic Host Configuration Protocol) server Working Principle When a host is booting, it requests IP. In this case, DHCP server router responses the usable IP address to each client. After that, the client requests its configuration option. Finally, server delivers the information of IP address, gateway, subnet mask, dns- server IP, etc, to clients.
DHCP(Dynamic Host Configuration Protocol) server Explanation of Command Enabling DHCP-server Next is the command which is for enabling DHCP-server or disabling DHCP-server. Command Description dhcp-server enable Enable DHCP-server dhcp-server disable Disable DHCP-server Adding DHCP-server Next is the necessities to manage such as a range of address, subnet mask of host, gateway of host.
DHCP(Dynamic Host Configuration Protocol) server <start-IP-addr> starting IP-address <end-IP-addr> ending IP-address < IP-subnet-mask> subnet mask which host belongs to the network <gateway-IP-addr> gateway IP address which host belongs to the network ※ After version 0.4.1, when DHCP automatically allocates private + public ip, it depends on user’s request to give public ip as the first priority.
DHCP(Dynamic Host Configuration Protocol) server the leasing time. In addition, router will recover the information which has allocated to the host if there is no request for the allocation from host Command Explanation dhcp dns-server lease-time <seconds> Configure lease time <seconds>...
DHCP(Dynamic Host Configuration Protocol) server Conforming the Configuration Conforming the configuration of Host LANBIRD# sh dhcp lease-time = 3600 seconds dns-server = 0.0.0.0 Start IP End IP Subnet Mask Gateway --------------- --------------- --------------- --------------- 192.168.1.2 192.168.1.254 255.255.255.0 192.168.1.1 IP address...
Dynamic Backup Dynamic Backup Purpose Dynamic Backup is the function that gives the redundancy to the line to recover the communicational obstacle with the alternative path. Example 허브 허브 serial 1 serial2 In case that the host A connected with the server D and the serial 1between B&C is down, consequently, the host will be served by server D continuously via serial2.
Dynamic Backup 1. Allocate the same metric value for executing dynamic backup when a line is abnormal. 2. Only execute dynamic back up when the metric value is different. The connection will be accomplished to the interface which is the high priority(low metric value). If the line is abnormal the connection will be available for the interface which is the low priority(high metric value).
Dynamic Backup Conforming Configuration The method of conforming configuration is as follow. Using show rconfig to conform the status of Router A LANBIRD(config)# show rconfig Current running configuration: Ethernet0: no IP-address Serial1: IP-address 200.1.1.1 255.255.255.0 line-protocol autodetect (ppp/hdlc) Serial2: IP-address 200.1.2.1 255.255.255.0 line-protocol autodetect (ppp/hdlc) IP-route 0.0.0.0 0.0.0.0 interface 1...
Page 58
When serial2 is down, using command show route to conform the status of Router A LANBIRD(config)# show route IP Routing table: L (local), S (static) Destination Subnet Mask Metric and Gateway - --------------- --------------- ---------------------------- L 200.1.1.0 255.255.255.0 [0] connected to interface 1 L 200.1.2.0...
To use the load balancing function, please check the router which contains the perfect management of packet. LANBIRD's product has the tremendous packet managing ability which handles E1*2(4.096M) on WAN. LANBIRD's product contain the remarkable 8M performance on WAN, namely, it offers the perfect managing ability of 4M*2.
To the same priority(same metric value), it will communicate with the destination through load balancing. ※ using metric value on LANBIRD router, you can organize the environment you wish to have through the load balancing function. Namely, if you give the same metric value, the load balancing function will be executed.
When communicating with the destination through balancing, you must configure the equal metric value to the destination. When using product of LANBIRD, you can conform the inputting value by ip-address and ip-route. Through the command “show route”, you can also check the route table that depends on the metric value of destination by high priority(lower metric value).
Load balaning fw-IP-addr IP address of a forwarding router ifnum interface number of a forwarding router metric < 1-255> ※If you don't input the metric value, it configures as default 1. Example Next is the example that is the configuration which is for executing the load balancing. 192.168.1.2 192.168.2.2 eth :192.168.1.1 /...
UDP forward UDP forward UDP forward is the function that is for the uses of file sharing. All hosts must exist on the same network. However, it is not capable for the uses of file sharing when hosts are existed on the remote. For doing file sharing with the remote, you only need to forward UDP packet for the availability of sharing file.
UDP forward Required Information of Forwarding udp Packet For doing udp packet forwarding, following information such as interface, ip address and port will be required. Interface : determine to what interface the data should be forwarded IP-address : represents destination ip address Port: determine to what kinds of port should be forwarded Using Tips Add/Delete Helper...
The method of doing file sharing between network 10.1.1.0 and network 10.1.2.0 under Window environment The method of configuration on gateway 10.1.1.1 1. LANBIRD(config)# udp-forward helper add 0 192.168.2.255 2. LANBIRD(config)# udp-forward port add 137 3. LANBIRD(config)# udp-forward port add 138 1.
Page 67
2 and 3 for the availability of Window file sharing between two networks The method of configuration on gateway 10.1.2.1 1. LANBIRD(config)# udp-forward helper add 0 192.168.1.255 2. LANBIRD(config)# udp-forward port add 137 3. LANBIRD(config)# udp-forward port add 138...
The Weighted Fair Queueing(WFQ) is the necessary function that shares the equal bandwidth and gets the faster Service to users. ※ LANBIRD offers WFQ perfectly. Moreover, the performance of WFQ which LANBIRD offers is tremendously superior than Cisco offers. ※ LANBIRD's product offers the better QoS through WFQ.
WFQ(weighted Fair Queuing) to restrict the bandwidth which 192.168.1.2 is using, as a result, other users will be offered the faster service. Using Tips the types of queueings which LANBIRD has are FIFO and WFQ. The commands which offer the configuration are as below. Command Explanation queueing <ifnum>...
The Network 192.168.1.0 Internet The configuring method of Weighted Fair Queueing to 10.1.1.0 users. LANBIRD(config)# queueing 1 wfq Without any configuration, LANBIRD 1004 is using Weighted Fair Queueing as default. In addition, LANBIRD 1004 always offers the equal service to every user.
User User The command “user” is the function that verifies the user who has the authority to be connected with the router. Using Tips You can use the command "user" to configure it if you wish to allocate an authority to user for approaching the router.
User Consideration 1. when doing telnet connection, user, with an unauthorized approach, will be accomplished by tcp connection. ※ the message represents the connection is lost when using the command "user".(After the connection, it cuts off) ※ the message represent when blocking telnet port by using filtering.(can't be connected at all) ※...
Example When adding the configuration Permit telnet connection to the user who is on the network 211.32.101.16 / 255.255.255.240 LANBIRD(config)# user add 211.32.101.16 255.255.255.240 Permit telnet connection to the host 211.32.101.18 LANBIRD(config)# user add 211.32.101.18 LANBIRD(config)# user add 211.32.101.18 255.255.255.255 When deleting the configuration Delete the content of configuration to 211.32.101.16 / 255.255.255.240...
IP-account IP-account Working Principle IP-account is the function that is to understand the amount of traffics on each interface 211.32.101.18 인터넷 211.32.101.17/255.255.255.240 211.32.101.19 211.32.101.20 interface 1 방향 interface 0 방향 ※ It represents the information of traffic which is for the interior ip when enable ip- account to the interface which linked with the interior.
<if_num> account ※ <if_num> : interface number Example LANBIRD(config)# ip-account enable 0 ※ enable ip-account to the interface 0 Conforming ip-account table show ip-account <if_num> It indicates the traffic information of ip on which the communication has happened within 10 minutes LANBIRD>...
Page 76
※ It represents the table that ip has been communicated for recent 10 minutes. clear ip-account <if_num> LANBIRD# clear ip-account 0 LANBIRD # sh ip-account 0 Accounting period: 0d 00:00:00 Input Output IP Address...
NULL Interface NULL Interface Working Principle Null interface is the function that has been made as a virtual interface. Null interface is always up, but it doesn’t converge or receive traffic. On the other hand, null interface provides various ways for filtering the traffic. Example As the figure above, from the router 192.168.1.1 to the network 10.1.100.0, routing goes through the serial interface.
Set network path as null interface 로 Ip-route add ip-addr ip-mask null <metric> Ip-route del ip-addr Delete configured path which has been set as Null interface Null interface Example LANBIRD(config)# ip-filter set 0 input permit LANBIRD(config)# sh rconfig Current running configuration: Ethernet0: ip-address 192.168.1.1 255.255.255.0...
Page 79
NULL Interface When Interface 1 is dowm LANBIRD> sh ro IP Routing table: L (local), S (static) Destination Subnet Mask Metric and Gateway - --------------- --------------- ---------------------------- L 10.1.100.0 255.255.255.0 [10] connected to null S 0.0.0.0 0.0.0.0 [1] via 192.168.1.143...
Appendix 1. Subnet mask and available IP addresses Appendix 1. Subnet mask and available IP addresses The following table shows how to use IP addresses of the A.B.C.x network according to various types of subnet mask. Subnet mask 255.255.255.128 Network IP First IP Last IP Broadcast IP...
Appendix 1. Subnet mask and available IP addresses Subnet mask 255.255.255.240 Network IP First IP Last IP Broadcast IP A.B.C.0 A.B.C.1 A.B.C.14 A.B.C.15 A.B.C.16 A.B.C.17 A.B.C.30 A.B.C.31 A.B.C.32 A.B.C.33 A.B.C.46 A.B.C.47 A.B.C.48 A.B.C.49 A.B.C.62 A.B.C.63 A.B.C.64 A.B.C.65 A.B.C.78 A.B.C.79 A.B.C.80 A.B.C.81 A.B.C.94 A.B.C.95...
Appendix 1. Subnet mask and available IP addresses Subnet mask 255.255.255.248 Network IP First IP Last IP Broadcast IP A.B.C.0 A.B.C.1 A.B.C.6 A.B.C.7 A.B.C.8 A.B.C.9 A.B.C.14 A.B.C.15 A.B.C.16 A.B.C.17 A.B.C.22 A.B.C.23 A.B.C.24 A.B.C.25 A.B.C.30 A.B.C.31 A.B.C.32 A.B.C.33 A.B.C.38 A.B.C.39 A.B.C.40 A.B.C.41 A.B.C.46 A.B.C.47...
Appendix 1. Subnet mask and available IP addresses Subnet mask 255.255.255.252 Network IP First IP Last IP Broadcast IP A.B.C.0 A.B.C.1 A.B.C.2 A.B.C.3 A.B.C.4 A.B.C.5 A.B.C.6 A.B.C.7 A.B.C.8 A.B.C.9 A.B.C.10 A.B.C.11 A.B.C.12 A.B.C.13 A.B.C.14 A.B.C.15 A.B.C.16 A.B.C.17 A.B.C.18 A.B.C.19 A.B.C.20 A.B.C.21 A.B.C.22 A.B.C.23...
Page 85
Appendix 1. Subnet mask and available IP addresses A.B.C.248 A.B.C.249 A.B.C.250 A.B.C.251 A.B.C.252 A.B.C.253 A.B.C.254 A.B.C.255...
Appendix 2. Examples of Lanbird 1004 Router NAT Configuration (version 0.3.5 and later) Appendix 2. Examples of Lanbird 1004 Router NAT Configuration (version 0.3.5 and later) It is assumed that the IP addresses assigned to subscribers are as follows: Interface...
Appendix 2. Examples of Lanbird 1004 Router NAT Configuration (version 0.3.5 and later) If the set values are verified by means of “show config” command, the followings should be displayed. LANBIRD# show config Saved configuration Ethernet: ip address 192.168.1.1 255.255.255.0 ip address 211.32.101.17 255.255.255.255 secondary...