Patton electronics IPLink Series Software Configuration Manual

Iplink software release 3.20

Table of Contents

Quick Links

Download this manual

IPLink Series

IPLink Software Release 3.20

Software Conﬁguration Guide

Sales Ofﬁce:

+1 (301) 975-1000

Technical Support:

+1 (301) 975-1007

E-mail: support@patton.com

URL: www.patton.com

Document Number: 13220U8-001 Rev. A

Part Number: 07M2800-SCG

Revised: May 3, 2006

Table of Contents

Troubleshooting

Summary of Contents for Patton electronics IPLink Series

Page 1 IPLink Series IPLink Software Release 3.20 Software Conﬁguration Guide Sales Ofﬁce: +1 (301) 975-1000 Technical Support: +1 (301) 975-1007 E-mail: support@patton.com URL: www.patton.com Document Number: 13220U8-001 Rev. A Part Number: 07M2800-SCG Revised: May 3, 2006...
Page 2 Patton Electronics Company, Inc. 7622 Rickenbacker Drive Gaithersburg, MD 20879 USA Tel: +1 (301) 975-1000 Fax: +1 (301) 869-9293 Support: +1 (301) 975-1007 Web: www.patton.com E-mail: support@patton.com Copyright © 2006, Patton Electronics Company. All rights reserved. The information in this document is subject to change without notice. Patton Elec- tronics assumes no liability for errors that may appear in this document.
Page 3: Table Of Contents
Summary Table of Contents System overview .............................24 Configuration concepts ..........................29 Command line interface (CLI) ........................33 Accessing the CLI ............................38 Establishing basic IP connectivity ........................50 System image handling...........................57 Configuration file handling..........................71 Basic system management ..........................87 RADIUS Client Configuration........................99 IP context overview ............................110 IP interface configuration ..........................117...
Page 4: Table Of Contents
Table of Contents Summary Table of Contents ..........................3 Table of Contents ............................4 List of Figures ..............................16 List of Tables ..............................17 About this guide ............................18 Audience................................18 How to read this guide ............................18 Structure................................18 Precautions ................................20 Typographical conventions used in this document....................
Page 5 IPLink Software Configuration Guide Table of Contents Command modes ..............................34 CLI prompt ..............................34 Navigating the CLI ............................35 Initial mode ..............................35 System changes ............................35 Configuration ............................35 Changing Modes ............................35 Command editing ..............................35 Command help ...............................35 The No form ..............................35 Command defaults—returning parameters to default values ................36 Command completion ............................36...
Page 6 IPLink Software Configuration Guide Table of Contents Activating a physical port ..........................52 Displaying IP interface information ........................53 Deleting IP interfaces ............................54 Examples ................................55 Setting up an IP interface on an Ethernet port ....................55 System image handling...........................57 Introduction................................58 Memory regions in IPLink software........................58 System image handling task list ..........................60...
Page 7 IPLink Software Configuration Guide Table of Contents Display clock information ..........................92 Display time since last restart ..........................93 Configuring and starting the Web server ......................93 Determining and defining the active CLI version ....................93 Restarting the system ............................94 Displaying the system logs ..........................95 Controlling command execution ........................95...
Page 8 IPLink Software Configuration Guide Table of Contents ICMP redirect messages ..........................121 Router advertisement broadcast message .......................121 Defining the MTU and MSS of the interface ....................122 Configuring an interface as a point-to-point link ..................123 Displaying IP interface information ......................123 Displaying dynamic ARP entries ........................124 Flushing dynamic ARP entries ........................124...
Page 9 IPLink Software Configuration Guide Table of Contents Link scheduler configuration ........................148 Introduction................................149 Applying scheduling at the bottleneck ......................149 Using traffic classes ............................149 Introduction to Scheduling ...........................150 Priority ..............................150 Weighted fair queuing (WFQ) ........................150 Shaping ..............................150 Burst tolerant shaping or wfq ........................151 Hierarchy ..............................151...
Page 10 IPLink Software Configuration Guide Table of Contents Configuring the LMI type ..........................173 Configuring the keep-alive interval .......................174 Enabling fragmentation ..........................174 Entering Frame Relay PVC configuration mode ...................176 Configuring the PVC encapsulation type ......................177 Binding the Frame Relay PVC to IP interface ....................177 Enabling a Frame Relay PVC ........................179...
Page 11 IPLink Software Configuration Guide Table of Contents Deleting static IP routes ..........................197 Displaying IP route information ........................198 Examples ................................199 Basic static IP routing example ........................199 Changing the default UDP port range for RTP and RTCP .................200 RIP configuration ............................201 Introduction................................202 Routing protocol ..............................202 RIP configuration task list...
Page 12 IPLink Software Configuration Guide Table of Contents Simple Network Management Protocol (SNMP) ....................226 SNMP basic components ..........................226 SNMP basic commands ..........................226 SNMP management information base (MIB) ....................227 Network management framework .........................227 Identification of the IPLink devices via SNMP....................228 SNMP tools.................................228 SNMP configuration task list ..........................228 Setting basic system information...
Page 13 IPLink Software Configuration Guide Table of Contents Configure DHCP-server profiles ........................256 Use DHCP-server profiles and enable the DHCP-server ................258 Check DHCP-server configuration and status ....................259 Get debug output from the DHCP-server .....................259 configuration............................261 Introduction................................262 DNS configuration task list ..........................262 Enabling the DNS resolver ...........................262 Enabling the DNS relay ..........................263...
Page 14 IPLink Software Configuration Guide Table of Contents Transport and tunnel modes .........................289 Key management ............................289 VPN configuration task list ..........................289 Creating an IPsec transformation profile .......................289 Creating an IPsec policy profile ........................290 Creating/modifying an outgoing ACL profile for IPsec .................292 Configuration of an IP interface and the IP router for IPsec .................293 Displaying IPsec configuration information...
Page 15 IPLink Software Configuration Guide Table of Contents profile_service-policy ............................319 profile_napt ..............................319 profile_ppp ..............................319 profile-ipsec-transform ..........................320 ipsec-manual-policy ............................320 profile_dhcp-server ............................320 profile_authentication ...........................321 profile_provisioning ............................321 context_ip ..............................321 interface ................................321 dyndns ................................322 subscriber_ppp ..............................322 port_ethernet ..............................322 pppoe ................................322 vlan ................................323 port_serial ..............................323 framerelay ..............................323 Other ..................................324...
Page 16: List Of Figures
List of Figures System overview with a Management Center ..........25 IPLink system model .
Page 17: List Of Tables
Permanent built-in interface slot and port mapping for IPLink Series .......
Page 18: About This Guide
About this guide The objective of this IPLink software Command Conﬁguration Guide is to provide information concerning the syntax and usage of the command set. For hardware conﬁguration information, refer to the getting started guide that came with your IPLink systems . This section describes the following: •...
Page 19: Nat/Napt
IPLink Software Configuration Guide About this guide • Chapter 3, "Command line interface (CLI)" on page 33 gives an overview of the CLI and the basic features that allow you to navigate the CLI and edit commands effectively. • Chapter 4, "Accessing the CLI"...
Page 20: Dhcp Configuration
IPLink Software Configuration Guide About this guide • Chapter 21, "SNTP client conﬁguration" on page 240 describes how to conﬁgure a simple network time pro- tocol (SNTP) client. • Chapter 22, "DHCP conﬁguration" on page 251 provides an overview of the dynamic host conﬁguration control protocol (DHCP) and describes the tasks involved in its conﬁguration.
Page 21: Typographical Conventions Used In This Document
IPLink Software Configuration Guide About this guide Typographical conventions used in this document This section describes the typographical conventions and terms used in this guide. General conventions In this guide we use certain typographical conventions to distinguish elements of commands and examples. In general, the conventions we use conform to those found in IEEE POSIX publications.
Page 22: Mouse Conventions
IPLink Software Configuration Guide About this guide Mouse conventions The following conventions are used when describing mouse actions: Table 2. Mouse conventions Convention Meaning Left mouse button This button refers to the primary or leftmost mouse button (unless you have changed the default conﬁguration).
Page 23: Warranty Service And Returned Merchandise Authorizations (Rmas)
IPLink Software Configuration Guide About this guide Warranty Service and Returned Merchandise Authorizations (RMAs) Patton Electronics is an ISO-9001 certiﬁed manufacturer and our products are carefully tested before ship- ment. All of our products are backed by a comprehensive warranty program. Note If you purchased your equipment from a Patton Electronics reseller, ask your reseller how you should proceed with warranty service.
Page 24: System Overview
Chapter 1 System overview Chapter contents Introduction................................25 IPLink hardware platforms ............................26 IPLink software embedded software ........................26 IPLink Software management center tools......................27...
Page 25: Introduction
IPLink Software Configuration Guide 1 • System overview Introduction This chapter provides an overview of the main elements of an IPLink system and includes the following sections: • IPLink hardware platforms (see page • IPLink software embedded software (see page A complete IPLink system or network is typically composed of the following main elements plus a third-party network infrastructure (see ﬁgure...
Page 26: Iplink Hardware Platforms
IPLink Software Configuration Guide 1 • System overview IPLink hardware platforms The IPLink series of devices covers a performance range varying from that suitable for small ofﬁce/home ofﬁce (SOHO) applications to enterprise and carrier sites. Table 3 lists the IPLink models.
Page 27: Iplink Software Management Center Tools
IPLink Software Configuration Guide 1 • System overview An IPLink software build is a binary image ﬁle. It is usually divided into several checksum-protected ﬁles to improve download efﬁciency and security. The download to the IPLink is handled in sequence by using a download batchﬁle.
Page 28 IPLink Software Configuration Guide 1 • System overview • The SNMP agent and MIB, with an emphasis on inventory and alarm management for integration in a third-party Network Management System (NMS) With the aid of conﬁguration ﬁles and TFTP up and downloads, the IPLink devices can also be managed ofﬂine using standard text editors and ﬁle systems.
Page 29 Chapter 2 Conﬁguration concepts Chapter contents Introduction................................30 Contexts and Gateways ............................31 Context ................................31 Interfaces, Ports, and Bindings ..........................31 Interfaces ................................31 Ports and circuits ............................31 Bindings .................................32 Profiles and Use commands...........................32 Profiles ................................32 Use Commands ..............................32...
Page 30: Configuration Concepts
IPLink Software Configuration Guide 2 • Configuration concepts Introduction This chapter introduces basic IPLink software conﬁguration concepts. A good understanding of these concepts is vital for the conﬁguration tasks explained in the remaining chapters of this guide. Patton strongly recommends that you read through this chapter because it introduces the fundamental ideas behind the structure of the command line interface.
Page 31: Contexts And Gateways
IPLink Software Configuration Guide 2 • Configuration concepts Contexts and Gateways Context An IPLink software context represents one speciﬁc networking technology or protocol, namely IP (Internet Protocol). A context can be seen as virtual dedicated equipment within the IPLink. For example: •...
Page 32: Bindings
IPLink Software Configuration Guide 2 • Configuration concepts Examples of IPLink ports are: 10Base-T Ethernet, Serial T1/E1, V.35, and X.21. Ports are numbered according to the IPLink port numbering scheme. The port name corresponds to the label (or abbreviation) printed on the hardware.
Page 33: Command Line Interface (Cli)
Chapter 3 Command line interface (CLI) Chapter contents Introduction................................34 Command modes ..............................34 CLI prompt ..............................34 Navigating the CLI ............................35 Initial mode ..............................35 System changes ............................35 Configuration ............................35 Changing Modes ............................35 Command editing ..............................35 Command help ...............................35 The No form ..............................35 Command defaults—returning parameters to default values ................36 Command completion...
Page 34: Introduction
IPLink Software Configuration Guide 3 • Command line interface (CLI) Introduction The primary user interface to IPLink software is the command line interface (CLI). You can access the CLI via the IPLink console port or through a Telnet session. The CLI lets you conﬁgure the complete IPLink software functionality, as opposed to the SNMP and HTTP management interfaces that offer a more limited subset of the functions.
Page 35: Navigating The Cli
IPLink Software Configuration Guide 3 • Command line interface (CLI) Navigating the CLI Initial mode When you initiate a session, you can log in with operator or administrator privileges. Whichever login you use, the CLI is always set to operator exec (non-privileged exec) mode by default upon startup. This mode allows you to examine the state of the system using a subset of the available CLI commands.
Page 36: Command Defaults-Returning Parameters To Default Values
IPLink Software Configuration Guide 3 • Command line interface (CLI) Command defaults—returning parameters to default values The parameters of certain commands are set to their default value simply by omitting the parameter. For example: • sntp-client local-port 220—Sets the UDP port used by the SNTP client to 220 •...
Page 37 IPLink Software Configuration Guide 3 • Command line interface (CLI) Table 4. Command edit shortcuts (Continued) Keyboard Description <Esc>-<f> Move cursor forward one word. <Esc>-<b> Move cursor backward one word. <Ctrl>-<a> Move cursor to beginning of line. <Ctrl>-<e> Move cursor to end of line. <Ctrl>-<k>...
Page 38: Accessing The Cli
Chapter 4 Accessing the CLI Chapter contents Introduction................................39 Accessing the IPLink software CLI task list......................39 Accessing via the console port .........................40 Console port procedure ..........................40 Accessing via a Telnet session ..........................41 Telnet Procedure ............................41 Using an alternate TCP listening port for the Telnet server ................42 Disabling the Telnet server ..........................42...
Page 39: Introduction
IPLink Software Configuration Guide 4 • Accessing the CLI Introduction IPLink products are designed for remote management and volume deployment. The management and conﬁg- uration of IPLink devices is therefore based on IP network connectivity. Once an IPLink is connected to, and addressable in, an IP network, you can remotely perform all conﬁguration, management, and maintenance tasks.
Page 40: Accessing Via The Console Port
IPLink Software Configuration Guide 4 • Accessing the CLI Accessing via the console port To access an IPLink via its console port, the host computer must be connected directly to the console port (labeled CONSOLE) with a serial cable (see ﬁgure 5).
Page 41: Accessing Via A Telnet Session
IPLink Software Configuration Guide 4 • Accessing the CLI Accessing via a Telnet session This is the most commonly used method for connecting to an IPLink. The Telnet host accesses the IPLink via its network interface. A host can be connected directly to the ETH 1 port (LAN) with a crossover cable (see ﬁgure 6, part A) or through an Ethernet hub with two straight cables (see ﬁgure...
Page 42: Using An Alternate Tcp Listening Port For The Telnet Server
IPLink Software Configuration Guide 4 • Accessing the CLI 3. Power on your IPLink and wait until the Run LED lights. 4. Set your PC is set to DHCP. 5. Open a Telnet session to the ETH 1 (LAN) port with the IP address 192.168.1.1 of your IPLink. 6.
Page 43: Selecting A Secure Password
IPLink Software Configuration Guide 4 • Accessing the CLI Upon logging in you are in operator execution mode, indicated by the “>” as command line prompt. Now you can enter system commands. Note Details on screen in ﬁgure 7, such as the IP address in the system prompt and window header bar, may be different on your IPLink device.
Page 44: Configure Operators And Administrators
IPLink Software Configuration Guide 4 • Accessing the CLI Conﬁgure operators and administrators To secure the system, as well as to enable remote access to the system, you must create operator and administra- tor login accounts. These accounts are valid system-wide. Operators and administrators can log in to the IPLink software via the console or through Telnet.
Page 45: Creating An Administrator Account
IPLink Software Configuration Guide 4 • Accessing the CLI Step Command Purpose node(cfg)# operator name password password Creates a new operator account name and password password copy running-conﬁg startup-conﬁg Saves the change made to the running conﬁg- uration of the IPLink, so that it will be used fol- lowing a reload Example: Create an operator account The following example shows how to add a new operator account with a login name support and a matching...
Page 46: Displaying Account Information
IPLink Software Configuration Guide 4 • Accessing the CLI Mode: Operator execution Step Command Purpose node>show version cli Displays the CLI version Example: Displaying the CLI version The following example shows how to display the version of the current running IPLink software CLI on your device, if you start from the operator execution mode.
Page 47: Checking Identity And Connected Users
IPLink Software Configuration Guide 4 • Accessing the CLI login: support password: <password> IPLink>who You are operator support IPLink>su super Enter password: <password> IPLink>who You are administrator super Checking identity and connected users command displays who is logged in or gives more detailed information about users and process states.
Page 48 IPLink Software Configuration Guide 4 • Accessing the CLI profile provisioning testpro location 1 tftp://10.10.1.2/test1.cfg location 2 tftp://10.10.1.2/test2.cfg location 3 tftp://10.10.1.2/test3.cfg The following command has index numbers: • location These commands always have index numbers in the running-conﬁg. However, entering the index is optional. If you enter such a command with an index, it is inserted into list at the position deﬁned by the index.
Page 49: Ending A Telnet Or Console Port Session
IPLink Software Configuration Guide 4 • Accessing the CLI Ending a Telnet or console port session Use the command in the operator or administration execution mode to end a Telnet or console port ses- logout sion. To conﬁrm the command, you must enter yes on the dialog line as shown in the example below. logout Mode: Operator execution Step...
Page 50: Establishing Basic Ip Connectivity
Chapter 5 Establishing basic IP connectivity Chapter contents Introduction................................51 IP context selection and basic interface configuration tasks..................51 Entering the IP context, creating IP interfaces and assigning an IP address .............51 Defining IP Ethernet encapsulation and binding an IP interface to a physical port .........52 Activating a physical port ..........................52...
Page 51: Introduction
IPLink Software Configuration Guide 5 • Establishing basic IP connectivity Introduction This chapter explains how to establish network-based connections to and from your IPLink using IP interfaces and Ethernet ports. You can conﬁgure basic IP connectivity in the context IP and the subsidiary interface com- mand modes.
Page 52: Defining Ip Ethernet Encapsulation And Binding An Ip Interface To A Physical Port
IPLink Software Configuration Guide 5 • Establishing basic IP connectivity Example: Enter IP context, create IP interfaces, and set IP address and netmask The procedure below assumes that you want to create an IP interface named lan, with an IP address of 192.168.1.3 and a net mask of 255.255.255.0.
Page 53: Displaying Ip Interface Information
IPLink Software Configuration Guide 5 • Establishing basic IP connectivity Using the command slot port lists the actual status for the selected physical port. The fol- show port ethernet lowing listing shows the port Ethernet information for port 0 on slot 0, which is in the shutdown state as indi- cated by the current state CLOSED.
Page 54: Deleting Ip Interfaces
IPLink Software Configuration Guide 5 • Establishing basic IP connectivity Example: List existing IP interfaces You can display IP interface information by using the show ip interface command in conﬁguration mode. In the following example, only the information available for IP interface lan is displayed. Depending on the num- ber of deﬁned IP interfaces, the output of the show ip interface command can be longer.
Page 55: Examples
IPLink Software Configuration Guide 5 • Establishing basic IP connectivity 2. Delete the interfaces named external with the command, with the interface name no interface as argument: IPLink(ctx-ip)[router]#no interface external 3. List the interfaces again to check if the IP interface external has been deleted: IPLink(ctx-ip)[router]#interface <?>...
Page 56 IPLink Software Configuration Guide 5 • Establishing basic IP connectivity IPLink(prt-eth)[0/0]#encapsulation ip 4. Bind the interface lan you just deﬁned to the Ethernet port, and then activate the port. IPLink(prt-eth)[0/0]#bind interface lan router IPLink(prt-eth)[0/0]#no shutdown 5. Store the conﬁguration s 6.
Page 57: System Image Handling
Chapter 6 System image handling Chapter contents Introduction................................58 Memory regions in IPLink software........................58 System image handling task list ..........................60 Displaying system image information ......................60 Copying system images from a network server to Flash memory ..............61 Copying driver software from a network server to Flash memory ..............62 Auto provisioning of firmware and configuration ....................63...
Page 58: Introduction
IPLink Software Configuration Guide 6 • System image handling Introduction This chapter describes how to load, maintain, and update the various software images in the IPLink. The IPLink software system software consists of the application image and the driver images. The images are stored in persistent (non-volatile) memory.
Page 59 IPLink Software Configuration Guide 6 • System image handling the IPLink. The command syntax in IPLink software requires you to preﬁx the ﬁle path on the TFTP server with tftp: followed by the absolute ﬁle path. You need to start from the root directory of the TFTP server. The three physical regions of memory are the remote tftp server’s memory, the Volatile memories, and the Per- sistent memory in the IPLink.
Page 60: System Image Handling Task List
IPLink Software Configuration Guide 6 • System image handling Note When returning to the factory-conﬁg by using the copy factory-conﬁg star- command, all user-speciﬁc conﬁgurations saved in nvram: tup-conﬁg remain even after reload. Storing the current Running Configuration remotely Memory Regions in Embedded Software Storing the current Configuration locally Configuration File Upload...
Page 61: Copying System Images From A Network Server To Flash Memory
IPLink Software Configuration Guide 6 • System image handling Mode: Administrator execution Step Command Purpose show version Lists the system software release version, information about optional interface cards mounted in slots and other information that is the currently running system software.
Page 62: Copying Driver Software From A Network Server To Flash Memory
IPLink Software Configuration Guide 6 • System image handling Comment lines must have a hash character # in column one and can appear anywhere in the script ﬁle. Com- ment lines contain information for administrators or operators who maintain or use the script ﬁle. The following example shows a script ﬁle used to download a system image and command line syntax deﬁni- tion ﬁle from a TFTP server.
Page 63: Auto Provisioning Of Firmware And Configuration
IPLink Software Configuration Guide 6 • System image handling Downloading a driver software image ﬁle means storing it permanently at a deﬁned location within the ﬂash memory on the motherboard or in the non-volatile memory of an optional interface card. To download the driver software image ﬁle, you must use a special download script ﬁle.
Page 64 IPLink Software Configuration Guide 6 • System image handling The unit downloads a speciﬁc ﬁle from a TFTP server. If this ﬁle has changed since the last download, it is stored and executed. If the ﬁle on the server did not change since the last download, no action is taken. If the units are conﬁgured to do auto provisioning, a network operator can only update the ﬁrmware ﬁles on the TFTP server, which automatically distributes it to all units.
Page 65: Boot Procedure
IPLink Software Configuration Guide 6 • System image handling Step Command Purpose [name] (pf-prov)[CONFIG]#location 2 Speciﬁes alternate locations of the ﬁle. If tftp://172.16.1.33/conﬁgs/$(system.mac).cfg the ﬁrst could not be contacted, the sec- ond is tried, and so on. [name] (pf-prov)[CONFIG]#activation reload Speciﬁes how the new conﬁguration graceful should be activated.
Page 66: Boot Procedure
IPLink Software Configuration Guide 6 • System image handling in nonvolatile memory to the logical region running-conﬁg in the volatile memory. The IPLink software now uses the running-conﬁg to set up the operating conﬁguration of the IPLink. Figure 10 illustrates the boot procedure.
Page 67: Bootloader
Recall that the bootloader ensures that basic operations, network access, and downloads are possible in case of interrupted or corrupted application image downloads. The IPLink Series comes with the RedBoot Bootloader. It offers new features such as console access to the Bootloader and the capability for downloading application images (e.g.
Page 68: Start-Up With Factory Configuration
IPLink Software Configuration Guide 6 • System image handling Start-up with factory conﬁguration Step Command Purpose RedBoot> ﬁs load Copies the IPLink software application image from the persistent memory (ﬂash:) to the volatile mem- ory (RAM) from where it will be executed. RedBoot>...
Page 69 IPLink Software Configuration Guide 6 • System image handling Step Command Purpose RedBoot> go Starts the application image that was down- loaded into the volatile memory (RAM). Note With the Bootloader, only the Ethernet interface 0/0 is available. The Boot- loader applies the IP address, subnet mask, and default gateway that were last conﬁgured by the Bootloader itself or by another application (e.g.
Page 70: Load A New Application Image (Iplink Software) Via The Serial Link
IPLink Software Configuration Guide 6 • System image handling Load a new application image (IPLink software) via the serial link The Bootloader supports the ‘X-Modem’ and ‘Y-Modem’ protocols to download application images via the serial link of the console. Do the following to initiate the download: Step Command Purpose...
Page 71: Configuration File Handling
Chapter 7 Conﬁguration ﬁle handling Chapter contents Introduction................................72 Understanding configuration files ........................72 Factory configuration ............................74 Configuration file handling task list........................74 Copying configurations within the local memory ....................75 Replacing the startup configuration with a configuration from Flash memory ..........76 Copying configurations to and from a remote storage location ...............78 Replacing the startup configuration with a configuration downloaded from TFTP server .......79...
Page 72: Introduction
IPLink Software Configuration Guide 7 • Configuration file handling Introduction This chapter describes how to upload and download conﬁguration ﬁles from and to an IPLink device. A con- ﬁguration ﬁle is a batch ﬁle of IPLink software commands used in the software modules that perform speciﬁc functions of the IPLink.
Page 73: Sample Configuration File
IPLink Software Configuration Guide 7 • Configuration file handling Figure 11, shows the characteristics of a conﬁguration ﬁle. It is stored on a TFTP server in the ﬁle IP2805_001.cfg for later download to the IPLink. The command syntax used to enter commands with the CLI and add commands in conﬁguration ﬁles is identical.
Page 74: Factory Configuration
IPLink Software Configuration Guide 7 • Configuration file handling Each conﬁguration ﬁle stored in the ﬂash memory needs a unique name. The user has to assign a ﬁle name to any user-speciﬁc conﬁguration. IPLink software predeﬁnes some names for conﬁguration ﬁles. These are the factory conﬁguration (factory-conﬁg), startup conﬁguration (startup-conﬁg), and running conﬁguration (run- ning-config) ﬁle names.
Page 75: Copying Configurations Within The Local Memory
IPLink Software Configuration Guide 7 • Configuration file handling • Downloading encrypted ﬁles (see page Copying conﬁgurations within the local memory Conﬁguration ﬁles may be copied into the local memory in order to switch between different conﬁgurations. Remember the different local memory regions in IPLink software as shown in ﬁgure Store the current Running Local Memory Regions...
Page 76: Replacing The Startup Configuration With A Configuration From Flash Memory
IPLink Software Configuration Guide 7 • Configuration file handling cess. There are three predeﬁned conﬁguration ﬁle names for which it is optional to specify the memory region, namely factory-conﬁg, startup-conﬁg and running-conﬁg. Mode: Administrator execution Step Command Purpose node#copy {factory-conﬁg | startup- Copies the selected source conﬁguration ﬁle conﬁg | running-conﬁg | nvram: source- source-name as target conﬁguration ﬁle target-...
Page 77 IPLink Software Configuration Guide 7 • Configuration file handling Example: Replacing the startup conﬁguration with a conﬁguration from Flash memory The following example shows how to replace the persistent startup conﬁguration in the ﬂash memory of an IPLink by overwriting it with the conﬁguration in the ﬁle new-startup stored in ﬂash memory. 1.
Page 78: Copying Configurations To And From A Remote Storage Location
IPLink Software Configuration Guide 7 • Configuration file handling Copying conﬁgurations to and from a remote storage location Conﬁguration ﬁles can be copied from local memory (persistent or volatile region) to a remote data store. Remember the different store locations; they are the local memory in your IPLink and the remote data store on a server system (see ﬁgure 13).
Page 79: Replacing The Startup Configuration With A Configuration Downloaded From Tftp Server
IPLink Software Configuration Guide 7 • Configuration file handling TFTP server, where it can be distributed to other IPLink devices. These devices therefore get clones of the starting system if the conﬁguration does not need any modiﬁcations. Replacing the startup conﬁguration with a conﬁguration downloaded from TFTP server From within the administration execution mode, you can replace the startup-conﬁguration by downloading a conﬁguration from the TFTP server into the ﬂash memory area where to store the startup conﬁguration.
Page 80: Displaying Configuration File Information
IPLink Software Configuration Guide 7 • Configuration file handling IPLink#show nvram:startup-config Startup configuration: #----------------------------------------------------------------# # IPLink software R3.10 BUILD22128 # 2001-10-25T09:20:42 # Generated configuration file #----------------------------------------------------------------# cli version 3.00 snmp community public rw … … framerelay exit IPLink# Displaying conﬁguration ﬁle information This procedure describes how to display information about conﬁguration ﬁles Mode: Administrator execution Command...
Page 81: Modifying The Running Configuration Offline
IPLink Software Configuration Guide 7 • Configuration file handling When you log in to an IPLink by using the CLI, all commands you enter directly modify the running conﬁgu- ration located in the volatile memory region system: (or RAM) of your IPLink. Because it is located in volatile memory, to be made permanent, your modiﬁcations must be copied to the persistent (non-volatile) memory.
Page 82 IPLink Software Configuration Guide 7 • Configuration file handling Note Consider that a customized conﬁguration ﬁle will not modify any function of IPLink software until it has been copied to persistent memory as the new con- ﬁguration ﬁle startup-conﬁg. Mode: Administrator execution Step Command Purpose...
Page 83: Deleting A Specified Configuration
IPLink Software Configuration Guide 7 • Configuration file handling The system is going down Deleting a speciﬁed conﬁguration This procedure describes how to delete conﬁguration ﬁles from the IPLink ﬂash memory region nvram:. Mode: Administrator execution Step Command Purpose node#show nvram: Lists the loaded conﬁgurations node#erase name Deletes the conﬁguration name from the ﬂash memory.
Page 84: Encrypted Configuration Download
IPLink Software Configuration Guide 7 • Configuration file handling Pre-requisites: Only authorized users have conﬁguration access to the IPLink. The conﬁgurations can be stored in plain form on the IPLink. SNMP Write Access shall be restricted by means of communities and ACLs to prevent unauthorized SNMP initiated conﬁguration downloads.
Page 85 IPLink Software Configuration Guide 7 • Configuration file handling The key ﬁle shall contain a key string of at most 24 characters on a single line. Spaces, tabs and LF/CR charac- ters are trimmed. The key must not contain LF/CR or the null character and must not start or end with a space or tab.
Page 86 IPLink Software Configuration Guide 7 • Configuration file handling The downloaded key also deﬁnes how the passwords are encrypted in your conﬁguration ﬁles. After you downloaded a key ﬁle you have to regenerate the startup-conﬁg from the IMPORTANT running-conﬁg by executing the command. copy running-config startup-config If you don’t do this, the device will fail executing the commands that have encrypted password arguments, e.g., ‘administrator’,...
Page 87: Basic System Management
Chapter 8 Basic system management Chapter contents Introduction................................88 Basic system management configuration task list ....................88 Managing feature license keys .........................89 Setting system information ..........................90 Setting the system banner ..........................91 Setting time and date ............................92 Display clock information ..........................92 Display time since last restart ..........................93 Configuring and starting the Web server ......................93...
Page 88: Introduction
IPLink Software Configuration Guide 8 • Basic system management Introduction This chapter describes parameters that report basic system information to the operator or administrator, and their conﬁguration. The following are basic IPLink software parameters that must be established when setting up a new system: •...
Page 89: Managing Feature License Keys
IPLink Software Configuration Guide 8 • Basic system management Managing feature license keys Several features of the ﬁrmware require a system speciﬁc license key to be installed to enable the feature. You will receive a ﬁle containing license keys for all of your purchased features from your equipment vendor. This section describes how to install the feature license keys on your equipment.
Page 90: Setting System Information
IPLink Software Configuration Guide 8 • Basic system management The following example shows the command used to display all installed licenses on a system and a sample of its output. IPLink(cfg)#show licenses VPN [vpn] License serial number: 14343534 Status: Active IPLink(cfg)# Setting system information The system information includes the following parameters:...
Page 91: Setting The System Banner
IPLink Software Configuration Guide 8 • Basic system management Mode: Conﬁgure Step Command Purpose node(cfg)#system contact information Sets the contact information to information node(cfg)#system hostname information Sets the hostname to information node(cfg)#system location information Sets the location information to information node(cfg)#system provider information Sets the provider information to information node(cfg)#system subscriber information...
Page 92: Setting Time And Date
IPLink Software Configuration Guide 8 • Basic system management Example: Setting the system banner The following example shows how to set a message for the system banner for your device, if you start from the conﬁguration mode. IPLink(cfg)#banner "#\n# Patton Electronics Co.\n#\n# The password of all operators has changed\n# please contact the administrator\n#"...
Page 93: Display Time Since Last Restart
IPLink Software Configuration Guide 8 • Basic system management Display time since last restart This procedure describes how to display the time since last restart Mode: Operator execution Step Command Purpose node>show uptime Display the time since last restart. Example: The following example shows how to display the uptime of your device, if you start from the conﬁguration mode.
Page 94: Restarting The System
IPLink Software Configuration Guide 8 • Basic system management Mode: Conﬁgure Step Command Purpose node(cfg)#show version cli Displays the currently running CLI version node(cfg)#cli version version.revision Selects the active CLI version in the form version.revi- sion Example: Deﬁning the desired CLI version The following example shows how to determine the running CLI version and deﬁne CLI version 2.10 for your device, if you start from the conﬁguration mode.
Page 95: Displaying The System Logs
IPLink Software Configuration Guide 8 • Basic system management Displaying the system logs The system logs contain warnings and information from the system components of IPLink software. In case of problems it is often useful to check the event or the supervisor logs for information about malfunctioning sys- tem components.
Page 96 IPLink Software Configuration Guide 8 • Basic system management Step Command Purpose Execute the second command node#jobs Shows the currently running commands node#fg jobid Brings job with jobid back to foreground node#<Ctrl-C> Terminates the currently running command Example: Controlling Command Execution The following example shows how to suspend an active command, list the running commands, switch back a suspended command and terminate a currently active command on your device, if you start from the conﬁgu- ration mode.
Page 97: Timed Execution Of Cli Command
IPLink Software Configuration Guide 8 • Basic system management Timed execution of CLI command The command allows the timed execution of CLI commands. The command is incremental; this timer timer means for each time it is entered, a new timer is created. All timers appear in the running-conﬁguration, except if they have been created with the volatile option.
Page 98 IPLink Software Configuration Guide 8 • Basic system management Step Command Purpose [name] (sys)#[no] terminal idle-time- After 30 minutes without user input, a terminal session logout is automatically closed. If longer session periods are required (logging/debugging) this command allows to increase the session timeout, or to disable it com- pletely.
Page 99: Radius Client Configuration
Chapter 9 RADIUS Client Conﬁguration Chapter contents Introduction................................100 The AAA component ............................100 General AAA Configuration .........................101 RADIUS configuration ............................103 Configuring RADIUS clients ........................104 Configuring RADIUS accounting .........................105 Configuring the RADIUS server ........................107 Attributes in the RADIUS request message .....................107 Attributes in the RADIUS accept message ....................108 Configuring the local database accounts ......................108...
Page 100: Introduction
IPLink Software Configuration Guide 9 • RADIUS Client Configuration Introduction This chapter provides an overview of the authentication, authorization, and accounting (AAA) component in IPLink software and describes how to conﬁgure the RADIUS client, a subpart of the AAA component. It is important to understand how AAA works before conﬁguring the RADIUS client.
Page 101: General Aaa Configuration
IPLink Software Configuration Guide 9 • RADIUS Client Configuration Figure 15 illustrates the authentication procedure for a user logging into an IPLink that is conﬁgured to use RADIUS as authentication method. AAA Server (RADIUS) 3. Authentication accepted 4. Access granted 2.
Page 102 IPLink Software Configuration Guide 9 • RADIUS Client Configuration 3. Query the local database (see “Conﬁguring the local database accounts” on page 108 for information on how to conﬁgure the local database) If, e.g. radius_deepblue is not available, radius_extern will be queried after a timeout. But if radius_deepblue gives an answer that rejects the login request, the remaining methods are not used and the login is denied.
Page 103: Radius Configuration
IPLink Software Configuration Guide 9 • RADIUS Client Configuration IPLink(cfg)# IPLink(cfg)#profile aaa local-only IPLink(pf-aaa)[local-o~]#method local IPLink(pf-aaa)[local-o~]#method none IPLink(pf-aaa)[local-o~]#exit IPLink(cfg)#terminal Telnet use aaa remote-radius IPLink(cfg)#terminal console use aaa local-only IPLink(cfg)#show profile aaa Authentication Profile: default Server-Timeout: 10 Methods: local (Type=local) none (Type=none) Authentication Profile: remote-radius Server-Timeout: 15 Methods:...
Page 104: Configuring Radius Clients
IPLink Software Configuration Guide 9 • RADIUS Client Configuration Transactions between the RADIUS client and server are authenticated through the use of a shared secret, which is never sent over the network—the same secret must thus be known to the server and the client by conﬁguration. Using this secret as an encryption key, user passwords are sent encrypted between the client and RADIUS server.
Page 105: Configuring Radius Accounting
IPLink Software Configuration Guide 9 • RADIUS Client Configuration IPLink(cfg)# Conﬁguring RADIUS accounting The RADIUS accounting functionality can be added to a call-router conﬁguration by inserting an AAA call- control service between two call-router elements. Any call that is then routed through the AAA service will cause call detail records (CDRs) to be sent to the radius server.
Page 106 IPLink Software Configuration Guide 9 • RADIUS Client Configuration The following procedure guides you through the steps necessary to enable RADIUS accounting in an existing conﬁguration: Mode: Conﬁgure Step Command Purpose node(cfg)# radius-client Create a new RADIUS client <client-name> node(radius)[client-name]# Deﬁne the RADIUS server to be used.
Page 107: Configuring The Radius Server
IPLink Software Configuration Guide 9 • RADIUS Client Configuration Step Command Purpose node(svc-aaa)[svc-name]# Deﬁne, if accounting shall be started at call-setup or call-con- (Optional) accounting-start-trigger nect time. The default is at call-connect time. [setup | connect] Note If setup is speciﬁed, an interim update will be sent at call-connect time.
Page 108: Attributes In The Radius Accept Message
IPLink Software Configuration Guide 9 • RADIUS Client Configuration Attributes in the RADIUS accept message After the user and his credentials are approved by the authentication procedure on the RADIUS server, the IPLink expects a RADIUS accept message with the following attributes: Attribute Attribute Type Description...
Page 109 IPLink Software Configuration Guide 9 • RADIUS Client Configuration servers are down or the network is not reachable, you can create an emergency user in the local database so that you can still access the IPLink. Perform the following steps to conﬁgure the local accounts. Mode: Conﬁgure Step Command...
Page 110: Ip Context Overview
Chapter 10 IP context overview Chapter contents Introduction................................111 IP context overview configuration task list......................111 Planning your IP configuration ...........................112 IP interface related information ........................112 Serial interface related information ........................113 QoS related information ..........................113 Configuring Ethernet and serial ports........................113 Creating and configuring IP interfaces.........................113 Configuring NAPT .............................114...
Page 111: Introduction
IPLink Software Configuration Guide 10 • IP context overview Introduction This chapter outlines the IPLink software Internet protocol (IP) context and its related components. You will get the fundamental understanding on how to set up your IPLink to make use of IP related services. The following sections describe the conﬁguration steps necessary to put together certain IP services and the ref- erences to the related chapters that explain the issue in more details.
Page 112: Planning Your Ip Configuration
IPLink Software Configuration Guide 10 • IP context overview • You can ﬁnd the information regarding network address port translation (NAPT) in chapter 12, “NAT/ NAPT conﬁguration” on page 128. • If you need to conﬁgure a physical port, chapter 13, “Ethernet port conﬁguration”...
Page 113: Serial Interface Related Information
IPLink Software Configuration Guide 10 • IP context overview • IP address of the central TFTP server used for conﬁguration upload and download Serial interface related information The IPLink supports the V.35 and X.21 standard for synchronous serial interfaces with speeds up to 2 Mbps. Devices that communicate over a serial interface are divided into two classes: •...
Page 114: Configuring Napt
IPLink Software Configuration Guide 10 • IP context overview higher-layer protocol and service information, such as layer 3 addressing. Hence interfaces are conﬁgured as part of the IP context and represent logical entities that are only usable if a physical port is bound to them. An interface name can be any arbitrary string, but for ease of identiﬁcation you should use self-explanatory names that describe the use of the interface.
Page 115: Configuring Access Control Lists
IPLink Software Configuration Guide 10 • IP context overview ers maintain only the best route (the route with the lowest metric value) to a destination. After updating its routing table, the router immediately begins transmitting routing updates to inform other network routers of the change.
Page 116 IPLink Software Configuration Guide 10 • IP context overview IPLink software QoS features described in chapter 14, “Link scheduler conﬁguration” on page 148 address these diverse and common needs. Configuring quality of service (QoS)
Page 117: Ip Interface Configuration
Chapter 11 IP interface conﬁguration Chapter contents Introduction................................118 Software IP interface configuration task list ......................118 Creating an IP interface ..........................118 Deleting an IP interface ..........................119 Setting the IP address and netmask .......................120 Configuring a NAPT DMZ interface ......................120 ICMP message processing ..........................121 ICMP redirect messages ..........................121...
Page 118: Introduction
IPLink Software Configuration Guide 11 • IP interface configuration Introduction This chapter provides a general overview of IPLink interfaces and describes the tasks involved in their conﬁgu- ration. Within IPLink software, an interface is a logical entity that provides higher-layer protocol and service informa- tion, such as Layer 3 addressing.
Page 119: Deleting An Ip Interface
IPLink Software Configuration Guide 11 • IP interface configuration Example: Create IP interfaces The procedure illustrated below assumes that you would like to create an IP interface named lan Use the fol- lowing commands in administrator conﬁguration mode. IPLink>enable IPLink#configure IPLink(cfg)#context ip router IPLink(ctx-ip)[router]#interface lan IPLink(if-ip)[lan]#...
Page 120: Setting The Ip Address And Netmask
IPLink Software Configuration Guide 11 • IP interface configuration Setting the IP address and netmask Each IP interface needs its explicit IP address and an appropriate net mask to be set. You can use the interface conﬁguration command to perform the following tasks: ipaddress •...
Page 121: Icmp Message Processing
IPLink Software Configuration Guide 11 • IP interface configuration ICMP message processing The IP suite offers a number of services that control and manage IP connections. The Internet Control Mes- sage Protocol (ICMP) provides many of these services. Routers send ICMP messages to hosts or other routers when a problem is discovered with the Internet header.
Page 122: Defining The Mtu And Mss Of The Interface
IPLink Software Configuration Guide 11 • IP interface configuration Mode: Interface Step Command Purpose node(ctx-ip)[router]#interface name Selects the interface name for ICMP message pro- cessing conﬁguration node(if-ip)[name]# icmp router-discovery Enables to send router advertisement broadcast messages Example: Router advertisement broadcast message The following example shows how to enable sending router advertisement broadcast messages on IP interface lan.
Page 123: Configuring An Interface As A Point-To-Point Link
IPLink Software Configuration Guide 11 • IP interface configuration The following example shows how to deﬁne the MTU of the IP interface lan to 1000 and to adjust the MSS in both directions to MTU-40. Use the following commands in IP context conﬁguration mode. IPLink(ctx-ip)[router]#interface lan IPLink(if-ip)[lan]#mtu 1000 IPLink(if-ip)[lan]#tcp adjust-mss rx mtu...
Page 124: Displaying Dynamic Arp Entries
IPLink Software Configuration Guide 11 • IP interface configuration ------------------------------------------------------------ Context: router Name: IP Address: 172.17.100.210 255.255.255.0 MTU: 1500 ICMP router-discovery: enabled ICMP redirect: send only State: CLOSED Binding: ethernet 0 0 1/ethernet/ip … Displaying dynamic ARP entries The following command can be used to display the dynamically learned ARP entries on an IP interface or on the entire system.
Page 125: Traceroute
IPLink Software Configuration Guide 11 • IP interface configuration The following example shows how to invoke the echo protocol to the destination host at IP address 172.16.1.10 by using the command from operator execution mode. ping IPLink>ping 172.16.1.10 Sending 5 ICMP echo requests to 172.16.1.10, timeout is 1 seconds: Reply from 172.16.1.10: Time <10ms Reply from 172.16.1.10: Time <10ms Reply from 172.16.1.10: Time <10ms.
Page 126: Configuring The Igmp Proxy
IPLink Software Configuration Guide 11 • IP interface configuration Example: Debug ARP output IPLink(cfg)#debug arp IPLink(cfg)#ping 10.9.10.11 Sending 5, 56 bytes, ICMP echo requests to 10.9.10.11: 17:25:40 > Entry 10.9.10.11: Sending first request 17:25:40 > Tx ARP Request: Who has 10.9.10.11 tell 10.9.10.1 at 00:A0:BA:00:92:4F 17:25:40 >...
Page 127: Examples
IPLink Software Configuration Guide 11 • IP interface configuration Mode: Context IP Step Command Purpose node(ctx-ip)[ctx-name]# Go to the IP interface, which shall act as the IGMP proxy interface <if-name> upstream interface node(if-ip)[if-name]# igmp Deﬁne the interface as the IGMP proxy upstream interface interface-type proxy- upstream node(ctx-ip)[ctx-name]#...
Page 128: Nat/Napt Configuration
Chapter 12 NAT/NAPT conﬁguration Chapter contents Introduction................................129 Dynamic NAPT ............................129 Static NAPT ..............................130 Dynamic NAT ..............................131 Static NAT ..............................131 NAPT traversal .............................131 NAT/NAPT configuration task list ........................132 Creating a NAPT profile ..........................132 Configuring a NAPT DMZ host ......................133 Defining NAPT port ranges ........................134 Preserving TCP/UDP port numbers in NAPT ..................134...
Page 129: Introduction
IPLink Software Configuration Guide 12 • NAT/NAPT configuration Introduction This chapter provides a general overview of Network Address (Port) Translation and describes the tasks involved in its conﬁguration. The two most compelling problems facing the IP Internet are IP address depletion and scaling in routing. Long-term and short-term solutions to these problems are being developed.
Page 130: Static Napt
IPLink Software Configuration Guide 12 • NAT/NAPT configuration Figure 18 illustrates the basic and enhanced behavior of the Dynamic NAPT. The big arrows indicate the direction of the connection establishment. Although only a local host can establish a connection, trafﬁc always ﬂows in both directions.
Page 131: Dynamic Nat
IPLink Software Configuration Guide 12 • NAT/NAPT configuration Dynamic NAT NAT only modiﬁes addresses but not ports. Dynamic NAT assigns a global address from a global NAT address pool each time a local host wants to access the global network. It creates a dynamic NAT entry for the reverse path.
Page 132: Nat/Napt Configuration Task List
IPLink Software Configuration Guide 12 • NAT/NAPT configuration The IPLink software NAPT can handle one GRE (Generic Routing Encapsulation) connection and one ESP (Encapsulating Security Payload) connection at a time. It also routes ICMP messages back to the source of the concerned connection or to the source of an ICMP Ping message.
Page 133: Configuring A Napt Dmz Host
IPLink Software Configuration Guide 12 • NAT/NAPT configuration Step Command Purpose node(pf-napt)[name]#range local- Conﬁgures and activates the Dynamic NAT: local-ip- (optional) ip-range-start local-ip-range-stop range-start and local-ip-range-stop deﬁne the subset global-ip-start global-ip-stop of local hosts that use an address from the global NAT address pool to access to global network.
Page 134: Defining Napt Port Ranges
IPLink Software Configuration Guide 12 • NAT/NAPT configuration Deﬁning NAPT port ranges The TCP/UDP port ranges to be used by the NAPT can be deﬁned using the following procedure. The default port ranges for both TCP/UDP are 8000 to 15999. Mode: proﬁle napt <pf-name>...
Page 135: Activate Nat/Napt
IPLink Software Configuration Guide 12 • NAT/NAPT configuration Activate NAT/NAPT To activate a NAT/NAPT component, bind its NAPT proﬁle to an IP interface. This binding identiﬁes the global interface of the respective NAT/NAPT component. All other IP interfaces are local relative to this NAT/ NAPT.
Page 136: Configuring Nat Static Protocol Entries
IPLink Software Configuration Guide 12 • NAT/NAPT configuration Example: Display NAT/NAPT conﬁguration information IPLink(pf-napt)[access]#show profile napt access NAPT profile access: -------------------------- STATIC NAPT MAPPINGS Protocol Local IP Local Port Global IP Global Port -------- --------------- ----------- --------------- ----------- 192.168.1.20 0.0.0.0 192.168.1.20 131.1.1.3 STATIC NAT PROTOCOL MAPPINGS...
Page 137: Ethernet Port Configuration
Chapter 13 Ethernet port conﬁguration Chapter contents Introduction................................138 Ethernet port configuration task list ........................138 Entering the Ethernet port configuration mode ....................139 Configuring medium for an Ethernet port ....................139 Configuring Ethernet encapsulation type for an Ethernet port ..............140 Binding an Ethernet port to an IP interface ....................140 Multiple IP addresses on Ethernet ports ......................141...
Page 138: Introduction
This chapter provides an overview of Ethernet ports and describes the tasks involved in conﬁguring Ethernet ports through the IPLink software. For IPLink Series devices, the term Ethernet refers to the family of local area network (LAN) or wide area net- work (WAN) implementations that include two principal categories.
Page 139: Entering The Ethernet Port Configuration Mode
Since a port must be conﬁgured unambiguously, choose the appropriate expansion slot and port number. The num- ber and type of available ports depend upon your IPLink model, and also on the interface card ﬁt for IPLink series devices. All permanent on-board interfaces of an IPLink are described as being on slot 0.
Page 140: Configuring Ethernet Encapsulation Type For An Ethernet Port
Example: Conﬁguring Ethernet encapsulation type for an Ethernet port The following example shows how to conﬁgure the encapsulation type to IP for the Ethernet port on slot 0 and port 0 of an IPLink series device. IPLink(cfg)#port ethernet 0 0...
Page 141: Multiple Ip Addresses On Ethernet Ports
IPLink Software Configuration Guide 13 • Ethernet port configuration Figure 22 shows the logical binding of the Ethernet port at slot 0 on port 0 to the IP interface lan which is deﬁned in the IP context router. Context “router” interface lan interface wan bind command...
Page 142: Configuring A Vlan
IPLink Software Configuration Guide 13 • Ethernet port configuration Mode: Conﬁgure Step Command Purpose [name] (cfg)# context ip Enter the IP context conﬁguration mode. [name] (ctx-ip)[router]# interface <ip-if-1-name> Create the ﬁrst IP interface. [name] (if-ip)[ <ip-if-1-name>]# ipaddress <ip- Set the IP address for the ﬁrst IP inter- address-1>...
Page 143: Configuring Layer 2 Cos To Service-Class Mapping For An Ethernet Port
IPLink Software Configuration Guide 13 • Ethernet port configuration Mode: Conﬁgure Step Command Purpose node(conﬁg)#port ethernet slot port Enter Ethernet port conﬁgura- tion. node(prt-eth)[slot/port]#vlan id Create new VLAN port. node(vlan)[id]#encapsulation {ip|pppoe|multi} Deﬁnes the payload type(s) to be used on this VLAN: •...
Page 144: Adding A Receive Mapping Table Entry
IPLink Software Configuration Guide 13 • Ethernet port configuration Mode: Conﬁgure Step Command Purpose node(cfg)#port ethernet slot port Enters Ethernet port conﬁgura- tion mode for the interface on slot and port node(prt-eth)[slot/port]#map cos layer 2 class of service value Selects the layer 2 CoS to trafﬁc- to trafﬁc class name class mapping.
Page 145: Adding A Transmit Mapping Table Entry
IPLink Software Configuration Guide 13 • Ethernet port configuration Adding a transmit mapping table entry The transmit mapping table deﬁnes the conversion of transmitting ﬁrmware-speciﬁc service class value into a Layer 2 CoS to service class value. Each conversion is stored as a mapping table entry, so the transmitting map- ping table consists of several mapping table entries.
Page 146: Using The Built-In Ethernet Sniffer
IPLink Software Configuration Guide 13 • Ethernet port configuration Example: Disabling an Ethernet port The following example shows how to disable the Ethernet port on slot 0 and port 0 of an IPLink device. IPLink(cfg)#port ethernet 0 0 IPLink(prt-eth)[0/0]#shutdown Checking the state of the Ethernet port on slot 0 and port 0 shows that the interface was closed. IPLink(prt-eth)[0/1]#show port ethernet 0 1 Ethernet Configuration -------------------------------------...
Page 147 IPLink Software Configuration Guide 13 • Ethernet port configuration The following is an example of how the sniffer is normally used: Step Command Purpose [name] (cfg)# sniff ethernet Enable the sniffer on ethernet port 0 1. (Normally the sniffer stops 0 1 [wrap] capturing, if the capture buffer is full.
Page 148: Link Scheduler Configuration
Chapter 14 Link scheduler conﬁguration Chapter contents Introduction................................149 Applying scheduling at the bottleneck ......................149 Using traffic classes ............................149 Introduction to Scheduling ...........................150 Priority ..............................150 Weighted fair queuing (WFQ) ........................150 Shaping ..............................150 Burst tolerant shaping or wfq ........................151 Hierarchy ..............................151 Quick references ..............................152 Setting the modem rate ..........................152...
Page 149: Introduction
IPLink Software Configuration Guide 14 • Link scheduler configuration Introduction This chapter describes how to use and conﬁgure the IPLink software Quality of Service (QoS) features. Refer to chapter 19, “Access control list conﬁguration” on page 211 more information on the use of access control lists.
Page 150: Introduction To Scheduling
IPLink Software Configuration Guide 14 • Link scheduler configuration Local applications (CLI, Web Server) Routing IPSec encryption/ decryption Access control list (ACL) Network address translation (NAT) Real-time packet Real-time packet mux/demux processing Sequence of processing stages Link Scheduler passed by a routed packet To/from network port (Ethernet, PPPoE, Frame relay, etc.) Figure 23.
Page 151: Burst Tolerant Shaping Or Wfq
IPLink Software Configuration Guide 14 • Link scheduler configuration service that is only available for a limited bandwidth e.g. low delay. When connecting the IPLink to a DiffServ network shaping might be a required operation. Burst tolerant shaping or wfq For weighted fair queuing and shaping there is a variation of the scheduler that allows to specify if a trafﬁc class may temporarily receive a higher rate as long as the average stays below the limit.
Page 152: Quick References
IPLink Software Configuration Guide 14 • Link scheduler configuration Mode priority local voice min. 30% min. 40% Level_1 min. 30% Mail Low_Priority Default Mode Shaper Define 2nd level Define 1st level Use arbiter on arbiter arbiter an interface Figure 24. Example of Hierarchical Scheduling Quick references The following sections provide a minimal “standard”...
Page 153: Command Cross Reference
IPLink Software Configuration Guide 14 • Link scheduler configuration • “modem-512” is the title of the proﬁle which is referred to when installing the scheduler • “rate-limit 512” allows no more than 512 kbit/sec to pass which avoids queueing in the modem. •...
Page 154: Defining The Access Control List Profile
IPLink Software Configuration Guide 14 • Link scheduler configuration • Displaying link arbitration status (see page 165) • Displaying link scheduling proﬁle information (see page 165) • Enable statistics gathering (see page 165) Profile Packet Classification Predefined Classes Different Types (Classes) of Traffic The service-policy profile defines the arbitration mode and order in which...
Page 155: Creating An Access Control List
IPLink Software Configuration Guide 14 • Link scheduler configuration Some types of packets you do not have to tag with ACL. Voice and data packets from or for the IPLink itself are automatically tagged with predeﬁned trafﬁc-class names: Predeﬁned internal classes for voice and other data are: •...
Page 156: Creating A Service Policy Profile
IPLink Software Configuration Guide 14 • Link scheduler configuration Mode: Conﬁgure Step Command Purpose node(cfg)#proﬁle acl name Creates a new access control list proﬁle named name node(pf-acl)[name]#permit ip host ip-address any trafﬁc-class Creates an IP access con- class-name trol list entry that permits access for host at IP address ip-address, and speciﬁes that packets...
Page 157: Structure Of A Service-Policy Profile
IPLink Software Configuration Guide 14 • Link scheduler configuration profile service-policy <profile-name> link rate, arbitration common settings common parameters source traffic-class <x> bandwidth, packet mark settings for class x queue-size, etc. source traffic-class <y> settings for class y source traffic-class default settings for all other traffic-classes not listed Figure 27.
Page 158: Specifying The Handling Of Traffic-Classes
IPLink Software Configuration Guide 14 • Link scheduler configuration The following lines conﬁgure the source trafﬁc-classes. When using weighted fair queuing (wfq) each user- speciﬁed source trafﬁc-class needs a value specifying its share of the overall bandwidth. For this purpose the share command is used, which deﬁnes the relative weights of the source trafﬁc-classes and policies.
Page 159: Defining The Bit-Rate
IPLink Software Configuration Guide 14 • Link scheduler configuration Mode: Source Command Purpose node(src)[name]#share percentage Deﬁnes fair queuing weight (relative to other sources) to percent- age for the selected class or policy name Deﬁning the bit-rate The command is used with shaper link arbitration to assign the (average) bit-rate to the selected source. rate When enough bandwidth is available each source will exactly receive this bandwidth (but no more), when overloaded the shaper will behave like a wfq arbiter.
Page 160: Specifying The Precedence Field
IPLink Software Configuration Guide 14 • Link scheduler configuration The type-of-service (TOS) byte in an IP header speciﬁes precedence (priority) and type of service (RFC791, RFC1349). The precedence ﬁeld is deﬁned by the ﬁrst three bits and supports eight levels of priority. The next four bits—which are set by the command—determine the type-of-service (TOS).
Page 161: Specifying Layer 2 Marking
IPLink Software Configuration Guide 14 • Link scheduler configuration “trafﬁc-class” number called. With IPLink software you can inspect the DSCP value in the ACL rules and modify the DSCP value with the link scheduler command. set ip dscp Note When conﬁguring service differentiation on the IPLink, ensure that code- point settings are arranged with the service provider.
Page 162: Defining Random Early Detection
IPLink Software Configuration Guide 14 • Link scheduler configuration Deﬁning random early detection The command is used to request random early detection (RED). When a queue carries lots of random-detect TCP transfers that last longer than simple web requests, there is a risk that TCP ﬂow-control might be inefﬁ- cient.
Page 163 IPLink Software Configuration Guide 14 • Link scheduler configuration Mode: proﬁle service-policy/proﬁle Command Purpose [name] (pf-srvp)[<name>]# [no] map packet-size Assigns IP packets of a predeﬁned or speci- {routed-voice | routed-voice-encrypted | [<lower-size> ﬁed range to a trafﬁc-class. To name a spe- <upper-size>] } trafﬁc-class <trafﬁc-class-name>...
Page 164: Devoting The Service Policy Profile To An Interface
IPLink Software Configuration Guide 14 • Link scheduler configuration Devoting the service policy proﬁle to an interface Any service policy proﬁle needs to be bound to a certain IP interface to get activated. According the terminol- ogy of IPLink software a service policy proﬁle is used on a certain IP interface, as shown in ﬁgure Service Policy...
Page 165: Displaying Link Arbitration Status
IPLink Software Configuration Guide 14 • Link scheduler configuration IPLink(ctx-ip)[router]#interface wan IPLink(if-ip)[wan]#use profile service-policy Voice_Prio out Displaying link arbitration status command displays link arbitration status. This command supports the optional show service-policy argument that select a certain IP interface. This command is available in the operator mode. interface Mode: Operator execution Step...
Page 166 IPLink Software Configuration Guide 14 • Link scheduler configuration The command has optional values (in the range of 1 to 4) that deﬁne the level of detail (see table 10). Table 10. Values deﬁning detail of the queuing statistics Optional Value Implication on Command Output Statistic gathering is switched off Display amount of packets passed (did not have to wait), queued (arrived ear-...
Page 167: Serial Port Configuration
Chapter 15 Serial port conﬁguration Chapter contents Introduction................................168 Serial port configuration task list .........................168 Disabling an interface ...........................169 Enabling an interface ............................169 Configuring the serial encapsulation type ......................170 Configuring the active clock edge .........................171 Configuring the baudrate ..........................172 Enter Frame Relay mode ..........................173 Configuring the LMI type ..........................173...
Page 168: Introduction
IPLink Software Configuration Guide 15 • Serial port configuration Introduction This chapter provides an overview of the serial port and describes the tasks involved in its conﬁguration through the IPLink software, it includes the following sections: • Serial port conﬁguration task list •...
Page 169: Disabling An Interface
IPLink Software Configuration Guide 15 • Serial port configuration Disabling an interface Before you replace a compact serial cable or attach your IPLink to other serial equipment, use the shutdown command to disable the serial interfaces. This prevents anomalies and hardware faults. When you shut down an interface, it has the state CLOSED in the command display.
Page 170: Configuring The Serial Encapsulation Type
IPLink Software Configuration Guide 15 • Serial port configuration Mode: Administrator execution Step Command Purpose node(cfg)#port serial slot port Selects the serial interface on slot and port node(prt-ser)[slot/port]#no shutdown Enables the interface node(prt-ser)[slot/port]#show port serial Displays the serial interface conﬁguration. Example: Enabling an interface The example shows how to enable the built-in serial interface on slot 0 and port 0 of an IPLink.
Page 171: Configuring The Active Clock Edge
IPLink Software Configuration Guide 15 • Serial port configuration IPLink(prt-ser)[0/0]#encapsulation framerelay IPLink(prt-ser)[0/0]#show port serial Serial Interface Configuration ------------------------------ Port : serial 0 0 0 State : CLOSED Hardware Port : V.35 Transmit Edge : normal Port Type : DTE CRC Type : CRC-16 Max Frame Length: 2048 Recv Threshold...
Page 172: Configuring The Baudrate
IPLink Software Configuration Guide 15 • Serial port configuration Conﬁguring the baudrate A DCE interface has to provide the signal clocks. The X.21 DCE interface can provide different baudrates on its interface. The desired baudrate can be conﬁgured. Note The actual baudrate may differ from the baudrate you conﬁgured. This procedure describes how to set the baudrate for the serial interface.
Page 173: Enter Frame Relay Mode
IPLink Software Configuration Guide 15 • Serial port configuration Rx abort sequence: Rx non octet: Rx frame len violation: Rx DPLL error: Sent frames: 116106 Tx good frames: 116106 Tx CTS lost: Tx underrun: Status Link: Control Line: enabled True Baudrate: 64000 bps Enter Frame Relay mode This section describes how to conﬁgure Frame Relay on the serial interface of an IPLink, after setting the basic...
Page 174: Configuring The Keep-Alive Interval
IPLink Software Configuration Guide 15 • Serial port configuration Mode: Frame Relay Step Command Purpose node(frm-rel)[slot/port]#lmi-type {ansi | gof | itu} Sets the LMI type Example: Conﬁguring the LMI type The following example sets the LMI type to ANSI T1.617 Annex D for Frame Relay over the serial interface on slot 0 and port 0.
Page 175 IPLink Software Configuration Guide 15 • Serial port configuration This procedure describes how to enable Frame Relay fragmentation Mode: Frame Relay Step Command Purpose node(cfg)#port serial slot port Selects the serial interface on slot and port. node(prt-ser)[0/0]#framerelay Enters Frame Relay conﬁguration mode. node(frm-rel)[0/0]#use proﬁle Uses the previously deﬁned service policy proﬁle on Frame service-policy name out...
Page 176: Entering Frame Relay Pvc Configuration Mode
IPLink Software Configuration Guide 15 • Serial port configuration The fragmentation size depends on the available bandwidth, the chosen codec, and its packet length: • The less bandwidth available per call, the smaller the fragment size has to be conﬁgured. •...
Page 177: Configuring The Pvc Encapsulation Type
IPLink Software Configuration Guide 15 • Serial port configuration The following example enters the conﬁguration mode for PVC with the assigned DLCI of 1 for Frame Relay over the serial interface on slot 0 and port 0 of an IPLink. IPLink(cfg)#port serial 0 0 IPLink(prt-ser)[0/0]#framerelay IPLink(frm-rel)[0/0]#pvc 1...
Page 178: Ip Interface Wan Is Bound To Pvc 1 On Port Serial 0 0
IPLink Software Configuration Guide 15 • Serial port configuration Frame Relay PVC. If serial Frame Relay PVC shall be used as WAN access, a suitable name for the logical IP interface could be wan as in ﬁgure 29 below. Context “router”...
Page 179: Enabling A Frame Relay Pvc
IPLink Software Configuration Guide 15 • Serial port configuration Enabling a Frame Relay PVC After binding Framerelay PVC to an ip interface it must be enabled for packet processing. This procedure acti- vates the PVC by opening the bound ip interface. This procedure describes how to enable Framerelay PVC for packet processing Mode: PVC Step...
Page 180: Debugging Frame Relay
IPLink Software Configuration Guide 15 • Serial port configuration IPLink(pvc)[1]#shutdown Check the PVC 1 status by using and verify that the entry shutdown occurs in the con- show running-conﬁg ﬁguration part responsible for this PVC. IPLink(pvc)[1]#show running-config Running configuration: #----------------------------------------------------------------# …...
Page 181: Displaying Serial Port Information
IPLink Software Configuration Guide 15 • Serial port configuration Displaying serial port information The following example shows the commands used to display serial port conﬁguration settings. HDLC Driver: 0x8496b8 ===================== Slot: Number of Ports: HDLC Driver: 0x8496b8 ===================== Slot: Number of Ports: Port: serial 0 0 0 ------------------ State:...
Page 182: Integrated Service Access
IPLink Software Configuration Guide 15 • Serial port configuration PVC Configuration: Port DLCI State Fragment Encaps Binding -------------------------------------------------------------- serial 0 0 0 open disabled rfc1490 wan@router PSTN Internet Multi Multi Service Service Provider PVC 1 Provider Leased Line Node Modem IPLink Modem Network...
Page 183: Ip Context With Logical Ip Interfaces Bound To Ethernet Port, Serial Port Pvc 1 And Pvc 2
IPLink Software Configuration Guide 15 • Serial port configuration Between the leased line modem and the IPLink, ANSI T.617 type of LMI packets have to be exchanged. In addi- tion, the keep-alive interval has to be set to 20 seconds. To guarantee voice quality, fragmentation is enabled on the PVC which carries voice (PVC 1) and a service proﬁle is assigned which gives priority to voices packets.
Page 184 IPLink Software Configuration Guide 15 • Serial port configuration IPLink(src)[local-d~]#source class default … 4. Conﬁgure the serial interface settings. IPLink(cfg)#port serial 0 0 IPLink(prt-ser)[0/0]#shutdown IPLink(prt-ser)[0/0]#encapsulation framerelay IPLink(prt-ser)[0/0]#hardware-port x21 IPLink(prt-ser)[0/0]#port-type dte … 5. Conﬁgure the Frame Relay. You must thus change to the Frame Relay conﬁguration mode. Use the ser- vice-policy proﬁle deﬁned above to give voice priority over data.
Page 185: T1/E1 Port Configuration
Chapter 16 T1/E1 port conﬁguration Chapter contents Introduction................................186 T1/E1 port configuration task list........................186 Enable/Disable T1/E1 port ...........................186 Configuring T1/E1 port-type ........................187 Configuring T1/E1 clock-mode ........................187 Configuring T1/E1 line-code ........................187 Configuring T1/E1 framing ..........................187 Configuring T1/E1 line-build-out (T1 only) ....................188 Configuring T1/E1 used-connector (E1 only) ....................188 Configuring T1/E1 application mode ......................188...
Page 186: Introduction
IPLink Software Configuration Guide 16 • T1/E1 port configuration Introduction This chapter provides an overview of the T1/E1 ports, their characteristics and the tasks involved in the conﬁguration. The conﬁgurable parameters for the T1/E1 port are type (T1 or E1), clock mode (or source) (master or slave), line code (AMI, HDB3, or B8ZS), framing (CRC-4, ESF, or unframed), line-build-out (for T1 only) and encapsulation (channelized or HDLC).
Page 187: Configuring T1/E1 Port-Type
IPLink Software Configuration Guide 16 • T1/E1 port configuration Conﬁguring T1/E1 port-type The T1/E1 Port can either work in T1 or in E1 (G.704) mode. This mode can be changed dynamically as long as no encapsulation or encapsulation ‘hdlc’ is set. Be aware that changing the port-type also resets the framing and linecode parameters to the default values of the new port-type.
Page 188: Configuring T1/E1 Line-Build-Out (T1 Only)
IPLink Software Configuration Guide 16 • T1/E1 port configuration The advantage of the unframed mode (obviously with hdlc encapsulation) is the utilization of the whole link speed for user data transmission, 2.048MBit/s for E1 and 1.544MBit/s for T1. However note that HDLC has its own overhead which decreases the actual data rate.
Page 189: Configuring T1/E1 Los Threshold
IPLink Software Configuration Guide 16 • T1/E1 port configuration Conﬁguring T1/E1 LOS threshold This command takes effect only if the T1/E1 port is conﬁgured for long-haul applications. It speciﬁes the sen- sitivity for Loss Of Signal threshold. A signal suffers more attenuation over long distances than over short dis- tances.
Page 190: Configuring T1/E1 Encapsulation
IPLink Software Configuration Guide 16 • T1/E1 port configuration The command has three other options that allow you to manually switch on/off different loops. All these addi- tional options are applicable in T1 and E1 mode. The ‘line-interface’ loop sends back the whole link bandwidth (2048kBit/s or 1544kBit/s). In ‘payload’...
Page 191: Configuring Channel-Group Timeslots
IPLink Software Configuration Guide 16 • T1/E1 port configuration connection..”.) On creating a new channel-group the channel-group conﬁguration mode is immediately entered. To remove an existing channel-group the ‘no’ form of the command has to be used. Mode: port e1t1 <slot> <port> Step Command Purpose...
Page 192: Configuring Hdlc Crc-Type
IPLink Software Configuration Guide 16 • T1/E1 port configuration tion mode the encapsulation must be set to ‘hdlc’ as well followed by conﬁguring at least one timeslot per the ‘timeslots’ command. Mode: port e1t1 <slot> <port> Step Command Purpose [name] (prt-e1t1)[slot/port]# hdlc Entering the hdlc conﬁguration mode Mode: channel-group <group>...
Page 193: Example 1: Frame Relay Without A Channel-Group
IPLink Software Configuration Guide 16 • T1/E1 port configuration Example 1: Frame Relay without a channel-group port e1t1 0 0 port-type e1 framing crc4 encapsulation hdlc hdlc encapsulation framerelay framerelay lmi-type itu pvc 100 encapsulation rfc1490 bind interface pvc100 router no shutdown port e1t1 0 0 no shutdown...
Page 194: Example 2: Framerelay With A Channel-Group
IPLink Software Configuration Guide 16 • T1/E1 port configuration Example 2: Framerelay with a channel-group port e1t1 0 0 port-type e1 framing crc4 encapsulation channelized channel-group myGroup timeslots 13-17 encapsulation hdlc hdlc encapsulation framerelay framerelay lmi-type itu pvc 100 encapsulation rfc1490 bind interface pvc100 router no shutdown port e1t1 0 0...
Page 195: Basic Ip Routing Configuration
Chapter 17 Basic IP routing conﬁguration Chapter contents Introduction................................196 Routing tables ...............................196 Static routing ..............................196 Basic IP routing configuration task list ........................196 Configuring static IP routes ..........................196 Deleting static IP routes ..........................197 Displaying IP route information ........................198 Examples ................................199 Basic static IP routing example ........................199 Changing the default UDP port range for RTP and RTCP .................200...
Page 196: Introduction
IPLink Software Configuration Guide 17 • Basic IP routing configuration Introduction This chapter provides an overview of IP routing and describes the tasks involved in conﬁguring static IP rout- ing in IPLink software. IP routing moves information across an internetwork from a source to a destination, typically passing through one or more intermediate nodes along the way.
Page 197: Deleting Static Ip Routes
IPLink Software Configuration Guide 17 • Basic IP routing configuration a backup route is activated, thus improving network reliability. Each route is assigned a default precedence value and cost value. Modifying these values allow you to set a preference for one route over the next. If static routes are redistributed through dynamic routing protocol to neighboring devices, only the active static route to a destination is advertised.
Page 198: Displaying Ip Route Information
IPLink Software Configuration Guide 17 • Basic IP routing configuration Mode: Administrator execution Step Command Purpose node(cfg)#context ip router Enters the IP router context node(ctx-ip)[router]#no route network mask {address | interface} Deletes a static route Example: Deleting a static IP route In the following example, the route for packets to network 20.0.0.0/24, which are routed to device with IP address 172.17.100.2, shall be deleted.
Page 199: Examples
IPLink Software Configuration Guide 17 • Basic IP routing configuration Examples Basic static IP routing example Figure 32 shows an Internetwork consisting of three routers, an IPLink device in the middle, and the four autonomous networks, with network addresses 10.1.5.0/16, 172.16.40.0/24, 172.17.100.0/24, and 10.2.5.0/ 16.
Page 200: Changing The Default Udp Port Range For Rtp And Rtcp
IPLink Software Configuration Guide 17 • Basic IP routing configuration Changing the default UDP port range for RTP and RTCP The UDP port range to be used for RTP streams can be conﬁgured using the following procedure: Mode: context ip Step Command Purpose...
Page 201: Rip Configuration
Chapter 18 RIP conﬁguration Chapter contents Introduction................................202 Routing protocol ..............................202 RIP configuration task list ...........................203 Enabling send RIP ............................203 Enabling an interface to receive RIP ......................204 Specifying the send RIP version ........................204 Specifying the receive RIP version .........................205 Enabling RIP learning ...........................205 Enabling an interface to receive RIP ......................206...
Page 202: Introduction
IPLink Software Configuration Guide 18 • RIP configuration Introduction This chapter provides an overview of the Routing Information Protocol (RIP) and describes the tasks involved in conﬁguring RIP features within IPLink software, it includes the following sections: • Routing protocol •...
Page 203: Rip Configuration Task List
IPLink Software Configuration Guide 18 • RIP configuration RIP 2 is more useful in a variety of environments and allows the use of variable subnet masks on your network. It is also necessary for implementation of classless addressing as accomplished with CIDR (classless inter- domain routing).
Page 204: Enabling An Interface To Receive Rip
IPLink Software Configuration Guide 18 • RIP configuration Example: Enabling send RIP The following example shows how to enable send RIP on IP interface wan on an IPLink. IPLink(cfg)#context ip router IPLink(ctx-ip)[router]#interface wan IPLink(if-ip)[wan]#rip supply Enabling an interface to receive RIP By default an interface does not listen to routing information.
Page 205: Specifying The Receive Rip Version
IPLink Software Configuration Guide 18 • RIP configuration Specifying the receive RIP version By default, IPLink software application software receives RIP version 1 and version 2 packets. IPLink software application software allows receiving RIP version 1, version 2 or both version 1 and version 2 packets. Alterna- tively, you can explicitly conﬁgure the RIP version to be received with the last command argument as following: •...
Page 206: Enabling An Interface To Receive Rip
IPLink Software Configuration Guide 18 • RIP configuration Example: Enabling RIP learn host and default The following example shows how to enable RIP learn host and default on IP interface wan on an IPLink. IPLink(cfg)#context ip router IPLink(ctx-ip)[router]#interface wan IPLink(if-ip)[wan]#rip learn host IPLink(if-ip)[wan]#rip learn default Enabling an interface to receive RIP This procedure describes how to enable receive RIP on an IP interface...
Page 207: Enabling Rip Auto Summarization
IPLink Software Configuration Guide 18 • RIP configuration Example: Enabling RIP announcing The following example shows how to enable the RIP default routes and IP host routes RIP announcing method on IP interface wan on an IPLink. IPLink(cfg)#context ip router IPLink(ctx-ip)[router]#interface wan IPLink(if-ip)[wan]#rip announce default IPLink(if-ip)[wan]#rip announce host...
Page 208: Enabling Rip Split-Horizon Processing
IPLink Software Configuration Guide 18 • RIP configuration Setting the default route metric, which is a number, indicating the distance to the destination network ele- ment, e.g. another router or IPLink in a network, is possible with the command. The rip default-route-value value is between 1 and 15 for a valid route, or 16 for an unreachable route.
Page 209: Enabling Holding Down Aged Routes
IPLink Software Configuration Guide 18 • RIP configuration acquired over that interface. Poison reverse updates are then sent to remove the route and place it in hold- down. One drawback is that routing update packet sizes will be increased when using poison reverse. This procedure describes how to enable the poison reverse algorithm on an interface Mode: Interface Step...
Page 210: Displaying Global Rip Information
IPLink Software Configuration Guide 18 • RIP configuration The following example shows how to display the RIP conﬁguration of IP interface wan of an IPLink. IPLink(cfg)#context ip router IPLink(ctx-ip)[router]#interface wan IPLink(if-ip)[wan]#show rip interface wan Interface wan (IP context router): -------------------------------------------------- listen: disabled supply: enabled send version: 1compatible...
Page 211: Access Control List Configuration
Chapter 19 Access control list conﬁguration Chapter contents Introduction................................212 About access control lists .............................212 What access lists do ............................212 Why you should configure access lists ......................212 When to configure access lists ........................213 Features of access control lists ........................213 Access control list configuration task list......................214 Mapping out the goals of the access control list .....................214...
Page 212: Introduction
IPLink Software Configuration Guide 19 • Access control list configuration Introduction This chapter provides an overview of IP Access Control Lists and describes the tasks involved in conﬁguring them through IPLink software. This chapter includes the following sections: • About access control lists •...
Page 213: When To Configure Access Lists
IPLink Software Configuration Guide 19 • Access control list configuration For example, access lists can allow one host to access a part of your network, and prevent another host from accessing the same area. In ﬁgure 33 host A is allowed to access the Human Resources network and host B is prevented from accessing the Human Resources network.
Page 214: Access Control List Configuration Task List
IPLink Software Configuration Guide 19 • Access control list configuration • All access control lists have an implicit deny ip any any at the end. A packet that does not match the criteria of the ﬁrst statement is subjected to the criteria of the second statement and so on until the end of the access control list is reached, at which point the packet is dropped.
Page 215: Creating An Access Control List Profile And Enter Configuration Mode
IPLink Software Configuration Guide 19 • Access control list configuration Before you begin to enter the commands that create and conﬁgure the IP access control list, be sure that you are clear about what you want to achieve with the list. Consider whether it is better to deny speciﬁc accesses and permit all others or to permit speciﬁc accesses and deny all others.
Page 216 IPLink Software Configuration Guide 19 • Access control list configuration Mode: Proﬁle access control list Step Command Purpose node(pf-acl)[name]#deny ip {src src-wildcard | any | host Creates an IP access of control list src} {dest dest-wildcard | any | host dest} [cos group] entry that denies access deﬁned according to the command options...
Page 217: Adding An Icmp Filter Rule To The Current Access Control List Profile
IPLink Software Configuration Guide 19 • Access control list configuration Adding an ICMP ﬁlter rule to the current access control list proﬁle The command permit or deny are used to deﬁne an ICMP ﬁlter rule. Each ICMP ﬁlter rule represents an ICMP access of control list entry.
Page 218 IPLink Software Configuration Guide 19 • Access control list configuration Where the syntax is as following: Keyword Meaning The source address to be included in the rule. An IP address in dotted-decimal-format, e.g. 64.231.1.10. src-wildcard A wildcard for the source address. Expressed in dotted-decimal format this value speciﬁes which bits are signiﬁcant for matching.
Page 219: Adding A Tcp, Udp Or Sctp Filter Rule To The Current Access Control List Profile
IPLink Software Configuration Guide 19 • Access control list configuration The same effect can also be obtained by using the simpler message name option. See the following example. IPLink(cfg)#profile acl WanRx IPLink(pf-acl)[WanRX]#deny icmp any any msg echo IPLink(pf-acl)[WanRX]#exit IPLink(cfg)# Adding a TCP, UDP or SCTP ﬁlter rule to the current access control list proﬁle The commands permit or deny are used to deﬁne a TCP, UDP or SCTP ﬁlter rule.
Page 220 IPLink Software Configuration Guide 19 • Access control list configuration Where the syntax is: Keyword Meaning The source address to be included in the rule. An IP address in dotted-decimal-format, e.g. 64.231.1.10. src-wildcard A wildcard for the source address. Expressed in dotted-decimal format this value speciﬁes which bits are signiﬁcant for matching.
Page 221: Binding And Unbinding An Access Control List Profile To An Ip Interface
IPLink Software Configuration Guide 19 • Access control list configuration Binding and unbinding an access control list proﬁle to an IP interface The command use is used to bind an access control list proﬁle to an IP interface. This procedure describes how to bind an access control list proﬁle to incoming packets on an IP interface Mode: Proﬁle access control list Step...
Page 222: Displaying An Access Control List Profile
IPLink Software Configuration Guide 19 • Access control list configuration Unbind an access control list proﬁle from an interface. IPLink(cfg)#context ip router IPLink(cfg-ip)[router]#interface wan IPLink(cfg-if)[wan]#no use profile acl in Note When unbinding an access control list proﬁle the name argument is not required, since only one incoming and outgoing access control list can be active at the same time on a certain IP interface.
Page 223 IPLink Software Configuration Guide 19 • Access control list configuration Mode: Interface Step Command Purpose node(cfg)#context ip router Selects the IP router context node(ctx-ip)[router]#interface if-name Selects IP interface if-name for which access control list profile shall be debugged node(if-ip)[if-name]#debug acl {in | out} [level] Enables access control list debug monitor with a certain debug level for the selected interface if-name...
Page 224: Examples
IPLink Software Configuration Guide 19 • Access control list configuration Examples Denying a speciﬁc subnet Figure 34 shows an example in which a server attached to network 172.16.1.0 shall not be accessible from outside networks connected to IP interface lan of the IPLink device. To prevent access, an incoming ﬁlter rule named Jamming is deﬁned, which blocks any IP trafﬁc from network 172.16.2.0 and has to be bound to IP interface lan.
Page 225: Snmp Configuration
Chapter 20 SNMP conﬁguration Chapter contents Introduction................................226 Simple Network Management Protocol (SNMP) ....................226 SNMP basic components ..........................226 SNMP basic commands ..........................226 SNMP management information base (MIB) ....................227 Network management framework .........................227 Identification of the IPLink devices via SNMP....................228 SNMP tools.................................228 SNMP configuration task list ..........................228 Setting basic system information...
Page 226: Introduction
IPLink Software Configuration Guide 20 • SNMP configuration Introduction This chapter provides overview information about Simple Network Management Protocol (SNMP) and describes the tasks used to conﬁgure those of its features supported by IPLink software. This chapter includes the following sections: •...
Page 227: Snmp Management Information Base (Mib)
IPLink Software Configuration Guide 20 • SNMP configuration • command is used by an NMS to control managed devices. The NMS changes the values of vari- write ables stored within managed devices. • command is used by managed devices to asynchronously report events to the NMS. When certain trap types of events occur, a managed device sends a trap to the NMS.
Page 228: Identification Of The Iplink Devices Via Snmp
IPLink Software Configuration Guide 20 • SNMP configuration Identiﬁcation of the IPLink devices via SNMP All IPLink devices have assigned sysObjectID (.iso.org.dod.internet.mgmt.mib-2.system.sysObjectID) num- bers (see table 11). Table 11. IPLink Models and their Unique sysObjectID IPLink Model SysObjectID 2802 .iso.org.dod.internet.private.enterprises.patton.products.sn2802 1.3.6.1.4.1.1768.2.2.8.1 2805 .iso.org.dod.internet.private.enterprises.patton.products.sn2805...
Page 229: Setting Basic System Information
IPLink Software Configuration Guide 20 • SNMP configuration Setting basic system information The implementation of the MIB-II system group is mandatory for all systems. By default, an SNMP agent is conﬁgured to have a value for any of these variables and responds to get commands from a NMS. On the IPLink devices appropriate values should be set for the following MIB-II system group objects: •...
Page 230: Adventnet Mibbrowser Displaying Some Of The System Group Objects
IPLink Software Configuration Guide 20 • SNMP configuration The procedure to use the SNMP MIB browser is: • Enter the community string public into the Community ﬁeld in the upper right corner of the window. For safety reasons each entered character is displayed with a “*”. •...
Page 231: Setting Access Community Information
IPLink Software Configuration Guide 20 • SNMP configuration Setting access community information SNMP uses one or more labels called community strings to delimit groups of objects (variables) that can be viewed or modiﬁed on a device. The SNMP data in such a group is organized in a tree structure called a Man- agement Information Base (MIB).
Page 232: Setting Allowed Host Information
IPLink Software Configuration Guide 20 • SNMP configuration In the following example the SNMP communities for the default community public with read-only access and the undisclosed community Not4evEryOne with read/write access are deﬁned. Only these valid communities have access to the information from the SNMP agent running on the respective IPLink device. 2803-01(cfg)#snmp community public ro 2803-01(cfg)#snmp community Not4evEryOne rw Note...
Page 233: Displaying Snmp Related Information
IPLink Software Configuration Guide 20 • SNMP configuration Mode: Conﬁgure Step Command Purpose node(cfg)#snmp target IP-address-of-node Conﬁgures a SNMP trap target with IP-address-of- security-name community hostanme node that receives trap messages of this IPLink device, using the security name community on the target.
Page 234: Using The Adventnet Snmp Utilities
IPLink Software Configuration Guide 20 • SNMP configuration Using the AdventNet SNMP utilities The AdventNet SNMP utilities are a set of cross-platform applications and applets for SNMP and Web-based network management. These utilities can be used for device, element, application and system management. The tools can communicate and interact with any SNMP enabled device, such as an IPLink device.
Page 235: Using The Trapviewer
IPLink Software Configuration Guide 20 • SNMP configuration • The same can be done through clicking the MibBrowser settings button on the toolbar. See ﬁgure Figure 36. AdventNet MibBrowser Settings Button on the Toolbar By default the MIB description display and the result display are visible in the MibBrowser. Using the TrapViewer TrapViewer is a graphical tool to view the traps received from one or more SNMP agents running on an IPLink device.
Page 236: Adventnet Trap Details Window Of Trapviewer
IPLink Software Configuration Guide 20 • SNMP configuration • The default value in the Community text ﬁeld is public. Set the community of the incoming traps as desired, depending on the SNMP conﬁguration of your IPLink device. • Click on Add button to add the port and community list on which the trap has to listen to. This is visible in the TrapList combo box.
Page 237: Standard Snmp Version 1 Traps
IPLink Software Configuration Guide 20 • SNMP configuration The various details available in the Trap Details window are listed in table Table 12. Details available in the Trap Details window Trap Details Description TimeStamp The TimeStamp is a 32-bit unsigned value indicating the number of hundredths-of-a-second that have elapsed since the (re)start of the SNMP agent and the sending of the trap.
Page 238 IPLink Software Configuration Guide 20 • SNMP configuration "A warmStart trap signifies that the sending protocol entity is reinitializing itself such that neither the agent configuration nor the protocol entity implementa- tion is altered." ::= 1 linkDown TRAP-TYPE ENTERPRISE snmp VARIABLES { ifIndex } DESCRIPTION...
Page 239: Snmp Interface Traps
IPLink Software Configuration Guide 20 • SNMP configuration Note The standard SNMP version 1 trap coldStart as listed below is not sup- ported. After powering up an IPLink device sends a warmStart trap message if any trap target host is deﬁned. SNMP interface traps The IPLink sends Interface Traps (linkUp, linkDown) when the status of logical or physical interfaces change.
Page 240: Sntp Client Configuration
Chapter 21 SNTP client conﬁguration Chapter contents Introduction................................241 SNTP client configuration task list........................241 Selecting SNTP time servers .........................242 Defining SNTP client operating mode ......................242 Defining SNTP local UDP port ........................243 Enabling and disabling the SNTP client .......................244 Defining SNTP client poll interval .......................244 Defining SNTP client constant offset to GMT .....................244...
Page 241: Introduction
IPLink Software Configuration Guide 21 • SNTP client configuration Introduction This chapter describes how to conﬁgure Simple Network Time Protocol (SNTP) client, it includes the follow- ing sections: • SNTP client conﬁguration task list • Recommended Public SNTP Time Servers (see page 248) The Simple Network Time Protocol (SNTP) is an adaptation of the Network Time Protocol (NTP) that is...
Page 242: Selecting Sntp Time Servers
IPLink Software Configuration Guide 21 • SNTP client configuration Selecting SNTP time servers This procedure describes how to select a primary and secondary SNTP time server Mode: Conﬁgure Step Command Purpose node(cfg)#sntp-client server primary host Enter the SNTP primary server IP address or hostname node(cfg)#sntp-client server secondary host Enter the SNTP secondary server IP...
Page 243: Defining Sntp Local Udp Port
IPLink Software Configuration Guide 21 • SNTP client configuration Example: Conﬁguring SNTP client operating mode Conﬁgures the SNTP client operating mode to unicast operation IPLink(cfg)#sntp-client operating-mode unicast Conﬁgures the SNTP client operating mode to anycast operation IPLink(cfg)#sntp-client operating-mode anycast Conﬁgures the SNTP client operating mode to multicast operation IPLink(cfg)#sntp-client operating-mode multicast Deﬁning SNTP local UDP port The communication between an SNTP client and its the primary or secondary SNTP time server uses UDP.
Page 244: Enabling And Disabling The Sntp Client
IPLink Software Configuration Guide 21 • SNTP client configuration Enabling and disabling the SNTP client The SNTP client is disabled by default and has to be enabled if clock synchronization shall be used. This pro- cedure describes how to enable or disable the SNTP client Mode: Conﬁgure Step Command...
Page 245: Defining The Sntp Client Anycast Address
IPLink Software Configuration Guide 21 • SNTP client configuration Mode: Conﬁgure Step Command Purpose node(cfg)#sntp-client gmt-offset offset Speciﬁes the SNTP client constant offset from GMT, where offset is + or – followed by hh:mm:ss, with a range from –24:00:00 to +24:00:00 Example: Setting SNTP client local time zone offset from GMT In the following example the SNTP client local time zone offset is set to +2 hours ahead of GMT, e.g.
Page 246: Enabling And Disabling Local Clock Offset Compensation
IPLink Software Configuration Guide 21 • SNTP client configuration Mode: Conﬁgure Step Command Purpose node(cfg)#sntp-client anycast-address ip- Set the anycast-address to ip-address a designated address {port | port-number} local broadcast or multicast group address to which a request is sent. In addition an explicit SNTP server port-number in the range from 1 to 65535 can be deﬁned or the argument port is selected, which sets the value for port to 123.
Page 247: Showing Sntp Client Related Information
IPLink Software Configuration Guide 21 • SNTP client configuration Example: Disabling the SNTP client root delay compensation IPLink(cfg)#no sntp-client root-delay-compensation Showing SNTP client related information During set-up and operation of the SNTP client, displaying the information and status of the SNTP client is very useful.
Page 248: Recommended Public Sntp Time Servers
IPLink Software Configuration Guide 21 • SNTP client configuration Example: Enable the SNTP debug monitor The following example shows how to enable the SNTP debug monitor and some typical debug information. IPLink(cfg)#debug sntp client IPLink(cfg)#14:44:21 SNTP > SNTP message sent with Timestamp: 2001-10-26T14:44:21 14:44:21 SNTP >...
Page 249: Other Public Ntp Primary (Stratum 1) Time Servers
IPLink Software Configuration Guide 21 • SNTP client configuration Table 13. Time servers operated by NIST (Continued) Server Name IP Address Note Location time-d.timefreq.bldrdoc.gov 132.163.4.104 Colorado time.nist.gov 192.43.244.18 Colorado time-nw.nist.gov 131.107.1.10 Washington Legend 1. Heavily loaded and not recommended for new users. 2.
Page 250: Additional Information On Ntp And A List Of Other Ntp Servers
IPLink Software Configuration Guide 21 • SNTP client configuration • Synchronization: NTP V3 primary (DCF77 PZF receiver (<50us)), Sun E3000 SunOS 5.6 • Service Area: Germany/Europe • Access Policy: open access, pick one of ntp{0,1,2}.fau.de • Contact: The Timekeepers (time@informatik.uni-erlangen.de) Note IP addresses are subject to change;...
Page 251: Dhcp Configuration
Chapter 22 DHCP conﬁguration Chapter contents Introduction................................252 DHCP-client configuration tasks ........................253 Enable DHCP-client on an IP interface ......................253 Release or renew a DHCP lease manually (advanced) ...................255 Get debug output from DHCP-client ......................255 DHCP-server configuration tasks ........................256 Configure DHCP-server profiles ........................256 Use DHCP-server profiles and enable the DHCP-server ................258...
Page 252: Introduction
IPLink Software Configuration Guide 22 • DHCP configuration Introduction This chapter provides an overview of the Dynamic Host Conﬁguration Control Protocol (DHCP) and describes the tasks involved in their conﬁguration. This chapter includes the following sections: • DHCP-client conﬁguration tasks (see page 253) •...
Page 253: Dhcp-Client Configuration Tasks
IPLink Software Configuration Guide 22 • DHCP configuration vides other clients on the LAN side with IP addresses and other conﬁguration information. DHCP-server and DHCP-client are illustrated in ﬁgure IPLink IPLink DHCP Server IPLink IPLink DHCP Clients DHCP Clients IPLink IPLink DHCP Server Figure 39.
Page 254 IPLink Software Configuration Guide 22 • DHCP configuration face, e.g. the default gateway, DNS server IP addresses, etc. To enable the DHCP-client on an IP interface per- form the steps described below. Mode: context IP Step Command Purpose node(ctx-ip)[router]#interface name Creates an IP interface with name name and enters ‘conﬁgure’...
Page 255: Release Or Renew A Dhcp Lease Manually (Advanced)
IPLink Software Configuration Guide 22 • DHCP configuration Release or renew a DHCP lease manually (advanced) After enabling the DHCP-client, the interface receives a DHCP lease from the DHCP-server. To manually release and/or renew this DHCP lease use the command described below. This procedure describes how to release and renew the DHCP lease Mode: interface Step...
Page 256: Dhcp-Server Configuration Tasks
IPLink Software Configuration Guide 22 • DHCP configuration 01:17:47 DHCPC > router/eth0 (Slct): Broadcasting DHCP request (select) (xid 6ff42c38, secs 1). 2001-01-01T01:17:47 : LOGINFO : router/eth0 (Rqst): Got DHCP lease for 172.16.224.102 01:17:47 DHCPC > router/eth0 (Rqst): DHCP ACK received. 01:17:47 DHCPC >...
Page 257 IPLink Software Configuration Guide 22 • DHCP configuration Mode: Conﬁgure Step Command Purpose node(cfg)#proﬁle dhcp-server name Enter DHCP-server proﬁle mode node(pf-dhcps)[name]#network ip- Deﬁnes the IP address range for which this pro- address ip-mask ﬁle is responsible IP address: basic DHCP information (‘your (cli- ent) IP address’) IP mask: DHCP Option 1 node(pf-dhcps)[name]#[no] include ip-...
Page 258: Use Dhcp-Server Profiles And Enable The Dhcp-Server
IPLink Software Configuration Guide 22 • DHCP configuration Step Command Purpose node(pf-dhcps)[name]#[no] bootﬁle boot- Deﬁnes the bootﬁle the client shall use when (optional) ﬁle-name starting. Usually this is used in conjunction with the next-server command. Basic DHCP information (‘Boot ﬁle name’) node(pf-dhcps)[name]#[no] next-server Deﬁnes the address of the next server in the (optional)
Page 259: Check Dhcp-Server Configuration And Status
IPLink Software Configuration Guide 22 • DHCP configuration Check DHCP-server conﬁguration and status This procedure describes how to check the conﬁguration and current status of the DHCP-server Mode: Any Step Command Purpose node(cfg) #show dhcp-server Displays conﬁguration and status information Example: IPLink(ctx-ip)[router]#show dhcp-server The DHCP server is running...
Page 260 IPLink Software Configuration Guide 22 • DHCP configuration Example: Enable DHCP debug monitor This example shows how to enable the DHCP-server debug monitor. The debug output shows an activation of the DHCP-server, a DHCP-client requesting a lease, and a DHCP-client releasing a lease. IPLink(ctx-ip)[router]#debug dhcp-server 21:40:29 DHCPS >...
Page 261: Dns Configuration
Chapter 23 conﬁguration Chapter contents Introduction................................262 DNS configuration task list ..........................262 Enabling the DNS resolver ...........................262 Enabling the DNS relay ..........................263...
Page 262: Introduction
IPLink Software Configuration Guide 23 • DNS configuration Introduction The domain name system (DNS) enables users to contact a remote host by using easily remembered text labels (www.patton.com, for example) instead of having to use the host’s numeric address (209.45.110.15, for exam- ple).
Page 263: Enabling The Dns Relay
IPLink Software Configuration Guide 23 • DNS configuration You can test the DNS server conﬁguration using the command as follows: dns-lookup Example: Testing DNS server conﬁguration IPLink(cfg)#dns-lookup www.patton.com Name: www.patton.com Address: 209.49.110.5 Note The DNS resolver automatically learns domain name servers if it receives them through PPP or DHCP protocols.
Page 264 IPLink Software Configuration Guide 23 • DNS configuration address. DNS Relay agents maintain a cache of host names and IP addresses, much smaller than a DNS Server. It acts as a liaison between the DNS Server and the DNS client Advantages in conﬁguring a DNS Relay in the IPLink are: •...
Page 265: Dyndns Configuration
Chapter 24 DynDNS conﬁguration Chapter contents Introduction................................266 DynDNS configuration task list ..........................266 Creating a DynDNS account ........................266 Configuring the DNS resolver ........................266 Configuring basic DynDNS settings ......................267 Configuring advanced DynDNS settings (optional) ..................267 Defining a mail exchanger for your hostname ..................267 Troubleshooting ............................268...
Page 266: Introduction
IPLink Software Configuration Guide 24 • DynDNS configuration Introduction IPLink devices are often used in applications where the addresses of their IP interfaces are not assigned stati- cally (i.e. permanently) but instead are conﬁgured dynamically. In these applications, the IP address is assigned dynamically using protocols like DHCP or PPP.
Page 267: Configuring Basic Dyndns Settings
IPLink Software Configuration Guide 24 • DynDNS configuration Conﬁguring basic DynDNS settings The following procedure describes the steps necessary to enable the DynDNS feature. Mode: DynDNS Step Command Purpose node(dyndns)#authentication user pass- Deﬁnes the authentication credentials of your word DynDNS account node(dyndns)#service Deﬁnes the DynDNS service to use {dynamic|static|custom}...
Page 268: Troubleshooting
IPLink Software Configuration Guide 24 • DynDNS configuration Example: Deﬁning a mail exchanger The following example shows how to deﬁne a mail exchanger named mail.mycompany.com, which should be used as the primary mail-exchanger for the registered DynDNS hostname. IPLink>enable IPLink#configure IPLink(cfg)#context ip IPLink(ctx-ip)[router]#dyndns IPLink(dyndns)#mail-exchanger mail.mycompany.com...
Page 269 IPLink Software Configuration Guide 24 • DynDNS configuration 16:20:43 DYNDNS> Resolved 'update.dyndns.org'. 16:20:43 DYNDNS> Updating DNS... 16:20:43 DYNDNS> Sending request... 16:20:44 DYNDNS> DNS updated successfully 16:20:44 DYNDNS> Registered IP address is (57.32.59.64). If required, you can force the DynDNS component to re-register the current IP address on the DynDNS server—even if the dynamic IP address has not changed—using the following command (this command could also be useful for observing the update process in the debug monitor).
Page 270: Ppp Configuration
Chapter 25 PPP conﬁguration Chapter contents Introduction................................271 PPP configuration task list...........................272 Creating an IP interface for PPP ........................272 Disable interface IP address auto-configuration from PPP ................274 Creating a PPP subscriber ..........................274 Trigger forced reconnect of PPP sessions using a timer .................275 Disable interface IP address auto-configuration from PPP ................276...
Page 271: Introduction
IPLink Software Configuration Guide 25 • PPP configuration Introduction This chapter describes how to conﬁgure the point-to-point protocol over different link layers. The point-to-point protocol (PPP) provides a standard method for transporting multi-protocol datagrams over point-to-point links as deﬁned by the RFC1661 etc. IPLink software offers PPP over the following link layers: •...
Page 272: Ppp Configuration Task List
IPLink Software Configuration Guide 25 • PPP configuration PPP conﬁguration task list To conﬁgure PPP, perform the following tasks: • Creating an IP interface for PPP • Conﬁguring for IP address auto-conﬁguration from PPP (see page 274) • Creating a PPP subscriber (for authentication) (see page 274) •...
Page 273 IPLink Software Configuration Guide 25 • PPP configuration Step Command Purpose node(if-ip)[name]#ipaddress The PPP remote peer offers an IP address for the unnumbered IP interface. The IP interface adopts this IP address node(if-ip)[name]#ipaddress dhcp Once PPP has established an IP connection, the IP interface can use DHCP to acquire an IP address.
Page 274: Disable Interface Ip Address Auto-Configuration From Ppp
IPLink Software Configuration Guide 25 • PPP configuration Step Command Purpose node(if-ip)[name]#use proﬁle napt name Assigns the NAPT proﬁle name to applied to (optional) this IP interface. See 12, “NAT/NAPT conﬁgu- ration” on page 128 to learn how to create a NAPT proﬁle.
Page 275: Trigger Forced Reconnect Of Ppp Sessions Using A Timer
IPLink Software Configuration Guide 25 • PPP configuration Step Command Purpose node(subscr)[name]# [no] authentication { Deﬁnes the authentication protocol to be used, (chap pap) | {chap|pap} } PAP and/or CHAP node(subscr)[name]# [no] identiﬁcation Sets the credentials to be provided during the (optional) {outbound|inbound} user [password authentication procedure: the user name user...
Page 276: Disable Interface Ip Address Auto-Configuration From Ppp
IPLink Software Configuration Guide 25 • PPP configuration Mode: subscriber ppp <subscriber> Step Command Purpose [name] (subscr)[subscriber]# [no] timeout on- Enables/disables forced reconnect every time timer <timer> the timer <timer> expiries. Disable interface IP address auto-conﬁguration from PPP This procedure enables/disables automatic conﬁguration of the interface IP address from the PPP network control protocol negotiation.
Page 277 IPLink Software Configuration Guide 25 • PPP configuration Mode: Conﬁgure Step Command Purpose node(cfg) #port ethernet slot port Enters Ethernet port conﬁguration mode for the interface on slot and port node (prt-eth)[slot/port]# encapsulation Deﬁnes the payload type(s) to be used on the {ip|pppoe|multi} Ethernet: •...
Page 278: Configuring A Serial Port For Ppp
IPLink Software Configuration Guide 25 • PPP configuration Example: Conﬁgure a PPPoE session The procedure below conﬁgures a PPPoE session for the connection to a DSL provider using the credentials speciﬁed in the subscriber proﬁle above. IPLink(cfg)#port ethernet 0 0 IPLink(prt-eth)[0/0]#encapsulation pppoe IPLink(prt-eth)[0/0]#no shutdown IPLink(prt-eth)[0/0]#pppoe...
Page 279: Creating A Ppp Profile
IPLink Software Configuration Guide 25 • PPP configuration IPLink(prt-ser)[0/0]#no shutdown Creating a PPP proﬁle A PPP proﬁle allows to adjust additional PPP parameters like the maximum transmit unit (MTU) and maxi- mum receive unit (MRU). Only the most important parameters are listed here. The proﬁle default is always present and supplies the parameters if no other proﬁle has been created or no pro- ﬁle can be used with a certain type of PPP connection.
Page 280: Displaying Ppp Configuration Information
IPLink Software Configuration Guide 25 • PPP configuration IPLink(pf-ppp)[PPPoE]#mru min 68 max 1492 IPLink(pf-ppp)[PPPoE]#van-jacobson compression IPLink(pf-ppp)[PPPoE]#port ethernet 0 0 IPLink(prt-eth)[0/0]#pppoe IPLink(pppoe)[0/0]#session green IPLink(session)[green]#use profile ppp PPPoE Displaying PPP conﬁguration information This section shows how to display and verify the PPP conﬁguration information. Mode: Conﬁgure Step Command...
Page 281: Debugging Ppp
IPLink Software Configuration Guide 25 • PPP configuration Example: Display a PPP proﬁle IPLink(pf-ppp)[PPPoE]#show profile ppp PPPoE Profiles: --------- Name: default LCP Configure-Request: interval 3000 ms, max 10 LCP Configure-Nak: max 5 LCP Terminate-Request: interval 3000 ms, max 2 LCP Echo-Request: interval 10000 ms, max 3 MTU: 68 - 1920...
Page 282 IPLink Software Configuration Guide 25 • PPP configuration Mode: Conﬁgure Step Command Purpose node(cfg) #show ppp links [ level ] Displays status and conﬁguration information of the Link Control Protocol (LCP) and the authentica- tion protocol(s) (PAP and/or CHAP). Check whether the states of the two protocols are ‘Opened’.
Page 283 IPLink Software Configuration Guide 25 • PPP configuration Example: Display PPP link information IPLink(cfg)#show ppp links 4 PPP Link Information: ===================== Link: Name: ethernet 0 0 0/pppoe/ppp_green Protocols: LCP, PAP LCP: Name: ethernet 0 0 0/pppoe/ppp_green State: Opened Conf-Req send rate: 3000ms Max.
Page 284 IPLink Software Configuration Guide 25 • PPP configuration Example: Display PPP network protocol information IPLink(session)[green]#show ppp networks 4 PPP Network Information: ======================== Network: Name: ethernet 0 0 0/pppoe/ppp_green/net State: IPCP: Name: ethernet 0 0 0/pppoe/ppp_green/net State: Opened Conf-Req send rate: 3000ms Max.
Page 285: Sample Configurations
IPLink Software Configuration Guide 25 • PPP configuration Service: Access-Concentrator: State: Opened Sent Initiations: Sent Requests: Peer Session-ID: 3786 Peer MAC-Address: 00:01:02:B8:4E:E4 Sample conﬁgurations PPP over Ethernet (PPPoE) Without authentication, encapsulation multi, with NAPT profile napt WAN context ip router interface normal_ip_interface ipaddress 172.16.1.1 255.255.0.0 interface ppp_interface...
Page 286: Ppp Over Serial Link
IPLink Software Configuration Guide 25 • PPP configuration identification outbound <user> password <password> bind interface ppp_interface router port ethernet 0 0 encapsulation pppoe no shutdown pppoe session green bind subscriber joe_example no shutdown PPP over serial link Without authentication, numbered interface context ip router interface ppp_interface ipaddress 172.17.1.1 255.255.255.252...
Page 287: Vpn Configuration
Chapter 26 VPN conﬁguration Chapter contents Introduction................................288 Authentication ..............................288 Encryption ..............................288 Transport and tunnel modes .........................289 Key management ............................289 VPN configuration task list ..........................289 Creating an IPsec transformation profile .......................289 Creating an IPsec policy profile ........................290 Creating/modifying an outgoing ACL profile for IPsec .................292 Configuration of an IP interface and the IP router for IPsec .................293...
Page 288: Introduction
IPLink Software Configuration Guide 26 • VPN configuration Introduction This chapter describes how to conﬁgure the VPN connections between two IPLink devices or between an IPLink and a third-party device. A virtual private network (VPN) is a private data network that uses the public telecommunications infrastruc- ture, maintaining privacy through the use of a tunneling protocol and security procedures.
Page 289: Transport And Tunnel Modes
IPLink Software Configuration Guide 26 • VPN configuration Transport and tunnel modes The mode determines the payload of the ESP packet and hence the application: • Transport mode: Encapsulates only the payload of the original IP packet, but not its header, so the IPsec peers must be at the endpoints of the communications link.
Page 290: Creating An Ipsec Policy Profile
IPLink Software Configuration Guide 26 • VPN configuration Mode: Conﬁgure mac-sha1-96 }Enables authentication and deﬁnes the authentication protocol and the hash algorithm Step Command Purpose node(cfg)#profile ipsec-transform name Creates the IPsec transformation profile name node(pf-ipstr)[name]#esp-encryption { Enables encryption and defines the encryp- optional aes-cbc | des-cbc | 3des-cbc } [key-length] tion algorithm and the key length...
Page 291 IPLink Software Configuration Guide 26 • VPN configuration Mode: Conﬁgure Step Command Purpose node(cfg)#profile ipsec-policy-man- Creates the IPsec policy profile name ual name node(pf-ipstr)[name]#use profile Selects the IPsec transformation profile to be ipsec-transform name applied node(pf-ipstr)[name]#session-key Sets a key for encryption or an authenticator for optional authentication, either for inbound or outbound { inbound | outbound }...
Page 292: Creating/Modifying An Outgoing Acl Profile For Ipsec
IPLink Software Configuration Guide 26 • VPN configuration Example: Create an IPsec policy proﬁle The following example deﬁnes a proﬁle for AES-encryption at a key length of 128. IPLink(cfg)#profile ipsec-policy-manual ToBerne IPLink(pf-ipsma)[ToBerne]#use profile ipsec-transform AES_128 IPLink(pf-ipsma)[ToBerne]#session-key inbound esp-encryption 1234567890ABCDEF1234567890ABCDEF IPLink(pf-ipsma)[ToBerne]#session-key outbound esp-encryption FEDCBA0987654321FEDCBA0987654321 IPLink(pf-ipsma)[ToBerne]#spi inbound esp 1111 IPLink(pf-ipsma)[ToBerne]#spi outbound esp 2222...
Page 293: Configuration Of An Ip Interface And The Ip Router For Ipsec
IPLink Software Configuration Guide 26 • VPN configuration Conﬁguration of an IP interface and the IP router for IPsec The IP interface that provides connectivity to the IPsec peer, must now activate the outgoing ACL proﬁle con- ﬁgured in the previous section. Furthermore, the IP router must have a route for the remote network that points to the respective IP interface.
Page 294: Debugging Ipsec
IPLink Software Configuration Guide 26 • VPN configuration Example: Display IPsec transformation proﬁles IPLink(cfg)#show profile ipsec-transform IPSEC transform profiles: Name: AES_128 ESP Encryption: AES-CBC, Key length: 128 Example: Display IPsec policy proﬁles IPLink(cfg)#show profile ipsec-policy-manual Manually keyed IPsec policy profiles: Name: ToBerne, Peer: 200.200.200.1, Mode: tunnel, transform-profile: AES_128 ESP SPI Inbound: 1111, Outbound: 2222 ESP Encryption Key Inbound: 1234567890ABCDEF1234567890ABCDEF...
Page 295: Key Management (Ike)
IPLink Software Configuration Guide 26 • VPN configuration MANUAL ToBerne Tunnel 200.200.200.1 1111 AES-CBC 128 3622/unlimited 19047/unlimited OUT MANUAL ToBerne Tunnel 200.200.200.1 2222 AES-CBC 128 2857/unlimited 19047/unlimited Key Management (IKE) As brieﬂy described in the Introduction, key management is done either by pre-shared keys or automatically keyed IPSEC connections usgin the Internet Key Exchange (IKE / RFC 2409).
Page 296: Creating An Ipsec Transform Profile
IPLink Software Configuration Guide 26 • VPN configuration Creating an IPSEC transform proﬁle First you need to create at least one IPSEC transform proﬁle. In addition to the parameters used also for man- ually keyed IPSEC security associations, you can optionally also specify a security association lifetime for IKE security associations.
Page 297 IPLink Software Configuration Guide 26 • VPN configuration should be used. You can specify later an ACL with the type of trafﬁc to be treated by a speciﬁc ISAKMP IPSEC policy. The following commands are used to create and conﬁgure an ISAKMP IPSEC policy proﬁle: Mode: Conﬁgure Step Command...
Page 298: Creating/Modifying An Outgoing Acl Profile For Ipsec
IPLink Software Configuration Guide 26 • VPN configuration Step Command Purpose node(pf- ipsik)[<name>]# protection- If required, you can specify a protection group. group <group> The protection-group is a proprietary feature and optional is not compatible with third-party devices. There- fore do not configure it for connections to third party devices.
Page 299: Troubleshooting
IPLink Software Configuration Guide 26 • VPN configuration profile ipsec-policy-isakmp VPN authentication-method pre-shared-key sdfkl@hgdslkfs/iuçkfld$gus+ghf mode tunnel peer 1.2.3.4 diffie-hellman-group group2 use profile ipsec-transform 1 IPSEC_3DES_192 use profile isakmp-transform 1 ISAKMP_3DES_192 context ip interface WAN use profile acl WAN_Out out Troubleshooting To analyze IKe conﬁguration or networking problems, use the following debug monitors that log important information about the exchanged ISAKMP messages: •...
Page 300: Sample Configurations
IPLink Software Configuration Guide 26 • VPN configuration Mode: context ip Step Command Purpose node(ctx-ip)[ctx-name]# [no] sourcead- Defines that locally originated packets destined dress-map <destination-net- for the specified destination network shall use the work><destination-mask><ip- IP address of the specified IP interface as their interface-name>...
Page 301: Cisco Router Configuration
IPLink Software Configuration Guide 26 • VPN configuration interface WAN ipaddress 200.200.200.2 255.255.255.252 use profile acl VPN_In in use profile acl VPN_Out out context ip router route 0.0.0.0 0.0.0.0 200.200.200.1 0 route 172.16.0.0 255.255.0.0 WAN 0 Cisco router conﬁguration crypto ipsec transform-set DES esp-des crypto map VPN_DES local-address FastEthernet0/1 crypto map VPN_DES 10 ipsec-manual set peer 200.200.200.2...
Page 302: Cisco Router Configuration
IPLink Software Configuration Guide 26 • VPN configuration Rest of the configuration, see above, just change the name of the IPsec policy pro- file in the ACL profile ‘VPN_Out’ Cisco router conﬁguration crypto ipsec transform-set AES_SHA1 ah-sha-hmac esp-aes 256 crypto map VPN_AES_SHA1 local-address FastEthernet0/1 crypto map VPN_AES_SHA1 10 ipsec-manual set peer 200.200.200.2 set session-key inbound esp 6666 cipher...
Page 303 IPLink Software Configuration Guide 26 • VPN configuration set session-key inbound esp 8888 cipher FEDCBA0987654321FEDCBA0987654321FEDCBA0987654321 authenticator FEDCBA0987654321FEDCBA0987654321 set session-key outbound esp 7777 cipher 1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF authenticator 1234567890ABCDEF1234567890ABCDEF set transform-set 3DES_MD5 match address 110 For the remainder of the conﬁguration (see above), just change the name of the IPsec policy proﬁle in the ACL proﬁle VPN_Out.
Page 304: Terms And Definitions
Appendix A Terms and deﬁnitions Chapter contents Introduction................................305 IPLink software architecture terms and definitions ....................305...
Page 305: Introduction
IPLink Software Configuration Guide A • Terms and definitions Introduction This chapter contains the terms and their deﬁnitions that are used throughout this IPLink software Software Conﬁguration Guide. This guide contains many terms that are related to speciﬁc networking technologies areas such as LAN protocols, WAN technologies, routing, Ethernet, and Frame Relay.
Page 306 IPLink Software Configuration Guide A • Terms and definitions Term or Deﬁnition Meaning Command Line Interface An interface that allows the user to interact with the IPLink software operat- ing system by entering commands and optional arguments. Other operat- ing systems like UNIX or DOS also provide CLIs. Conﬁguration Download A conﬁguration ﬁle is downloaded from a remote TFTP server via TFTP to the persistent memory (nvram:) or volatile memory (system:)of an IPLink.
Page 307 PCM Highway A 30 channel interface connecting the switching engine with optional interface cards containing circuit ports. The optional interface cards for IPLink series which are compatible to the PCI Mezzanine Card standards. PMC Driver Software PMC driver software performs the runtime tasks on the PMC interface card mounted in IPLink devices.
Page 308 IPLink Software Configuration Guide A • Terms and definitions Term or Deﬁnition Meaning Routing Engine In IPLink software the routing engine handles the basic IP routing. Running Conﬁguration The currently running conﬁguration (running-conﬁg) for IPLink software, which is executed from the volatile memory (system:) on the IPLink. IPLink software IPLink software is the application software running on the IPLink hardware platforms.
Page 309: Mode Summary
Appendix B Mode summary Chapter contents Introduction................................310...
Page 310: Mode Overview, 1 Of 2
IPLink Software Configuration Guide B • Mode summary Introduction Figure 42 on page 310 and ﬁgure 43 on page 311 show the conﬁguration mode hierarchy. Each box contains the mode name, the command to enter in this mode and the mode prompt printed in a Telnet or console session. The commands are deﬁned in appendix C, “Command summary”...
Page 311: Profile_Acl
IPLink Software Configuration Guide B • Mode summary Ports Port Ethernet PPPoE PPPoE Session port ethernet <slot> <port> session <session> <host>(prt-eth)[<slot>/<port>]# <host>(pppoe)[<slot>/<port>]# <host>(session)[<session>]# Gateway H323 Port Serial Gateway H323 Framerelay Gateway H323 port serial <slot> <port> gateway h323 <name> gateway h323 <name> pvc <dlci>...
Page 312 IPLink Software Configuration Guide B • Mode summary Introduction...
Page 313: Command Summary
Appendix C Command summary Chapter contents Introduction................................314 Summary................................315 operator_exec ..............................315 administrator_exec ............................315 configure ...............................317 radius-client ..............................318 profile_acl ..............................318 profile_service-policy ............................319 profile_napt ..............................319 profile_ppp ..............................319 profile-ipsec-transform ..........................320 ipsec-manual-policy ............................320 profile_dhcp-server ............................320 profile_authentication ...........................321 profile_provisioning ............................321 context_ip ..............................321 interface ................................321 dyndns ................................322 subscriber_ppp ..............................322 port_ethernet...
Page 314: Introduction
IPLink Software Configuration Guide C • Command summary Introduction This command summary is valid for IPLink software Release 3.20. Commands in future IPLink software releases may be different. The information provided in this chapter is subject to change without notice. The command summary is organized as follows: Mode Name Enter Command...
Page 315: Summary
IPLink Software Configuration Guide C • Command summary Summary operator_exec operator_exec ping <address> [<number> ] [timeout <seconds> ] [packet-size <packet_size> ] [ttl <ttl> ] dns-lookup <text_hostname> traceroute <ip_host> [probe-count <probe_count> ] [timeout <seconds> ] [destination-port <port_number> ] [min-ttl <min_ttl> ] [max-ttl <max_ttl> ] [verbose ] [packet-size <packet_size>...
Page 316 IPLink Software Configuration Guide C • Command summary enable copy {{running-config|factory-config|startup-config|system:running-config} | {cli:|preferences:} | <src> | <src> } {{running-config|startup- config|system:running-config|flash:|licenses:} | {cli:|preferences:} | <dest> | <dest> } erase {{startup-config} | {cli:|preferences:} | <config> } edit <file> debug all dyndns reset show dyndns show dns-client show crypto offload...
Page 317: Configure
IPLink Software Configuration Guide C • Command summary show log supervisor show memory stat conﬁgure configure cli version <version> cli config indention {none|commands-only|modes-and-commands} [no] cli config defaults terminal {console|telnet|http} use authentication <profile> [no] terminal telnet terminal telnet port <port> [no] administrator <account> password <password> [no] operator <account>...
Page 318: Radius-Client
IPLink Software Configuration Guide C • Command summary month> ] [<to-date-day> ] [<to-date-year> ] ] ) } [{+|-} {(<to-shift- quantity> {{minute|hour|day|week|month|year} | {minutes|hours|days|weeks|months|years} } ) | (<to-shift-quantity> {{minutes|hours|days|weeks|months|years} | {minute|hour|day|week|month|year} } ) | (<to-shift-hour-minutes> ) } {next|previous} <from-shift-dow> ] ] [every {{minute|hour|day|week|month|year} | (<repeat-quantity>...
Page 319: Profile_Service-Policy
IPLink Software Configuration Guide C • Command summary problem|port-unreachable|precedence-unreachable|protocol- unreachable|reassembly-timeout|redirect|router-advertisement|router- solicitation|source-quench|source-route-failed|time-exceeded|timestamp- reply|timestamp-request|traceroute|ttl-exceeded|unreachable} type <icmp- type> [code <icmp-code> ] ] ) } [dscp <dscp-value> [mask {1|3|7|15|31} ] (precedence {{critical|flash|flash- override|immediate|internet|network|priority|routine} | <precedence- value> } ) [tos {{max-reliability|max-throughput|min-delay|min-monetary- cost|normal} | <tos-value> } ] ] [{cos | traffic-class } {<traffic-class1> | <new-traffic-class1>...
Page 320: Profile-Ipsec-Transform
IPLink Software Configuration Guide C • Command summary lcp-configure-request interval <interval> max <max> lcp-configure-nak max <max> lcp-terminate-request interval <interval> max <max> lcp-echo-request interval <interval> max <max> mtu min <min> max <max> [ignore-link ] mru min <min> max <max> [ignore-link ] accm <value>...
Page 321: Profile_Authentication
IPLink Software Configuration Guide C • Command summary proﬁle_authentication profile_authentication [no] profile authentication <profile> [no] method [[{before|after} ] <index> ] {(radius <method-name> ) | local | none } server-timeout [<timeout> ] exit proﬁle_provisioning profile_provisioning [no] profile provisioning <profile> destination {configuration|script} [no] location [<index>...
Page 322: Dyndns
IPLink Software Configuration Guide C • Command summary rip default-route-value <default-route-value> [no] use profile napt <profile> [no] napt-inside [no] tcp adjust-mss rx {mtu | ( <mss> ) } [no] tcp adjust-mss tx {mtu | ( <mss> ) } exit dyndns dyndns dyndns [no] hostname <host>...
Page 323: Vlan
IPLink Software Configuration Guide C • Command summary [no] access-concentrator <access-concentrator> [no] use profile ppp [<profile_ppp_name> ] [no] bind {(interface <interface> [router ] ) | (subscriber <ppp_subscriber_name> ) } [no] shutdown exit exit vlan vlan [no] vlan <vlan> [no] map cos <cos> to <traffic-class> encapsulation {ip|pppoe|multi} [no] bind interface <interface>...
Page 324: Other
IPLink Software Configuration Guide C • Command summary exit exit exit Other Show help Step Command Purpose help [topic] Shows command help. Show command history Step Command Purpose show history Shows command history. Use CTRL-N and CTRL-P to browse. The cursor keys (up, down) are not working. Show RedBoot version Step Command...
Page 325: Internetworking Terms & Acronyms
Appendix D Internetworking terms & acronyms Chapter contents Abbreviations ..............................326...
Page 326: Abbreviations
IPLink Software Configuration Guide D • Internetworking terms & acronyms Abbreviations Abbreviation Meaning Numeric 10BaseT Ethernet Physical Medium ATM Adaptive Layer Available Bit Rate Alternating Current Advice of Charge Asynchronous Transfer Mode audio 3.1 ISDN Audio Service up to 3.1 kHz audio 7.2 ISDN Audio Service up to 7.2 kHz Basic Rate Access...
Page 327 IPLink Software Configuration Guide D • Internetworking terms & acronyms Abbreviation Meaning E-DSS1 ETSI Euro ISDN Standard Embedded File System Exchange Termination Ethernet Frequently Asked Questions Federal Communication Commission IPLink software Frame Relay G.711 ITU-T Voice encoding standard G.723 ITU-T Voice compression standard Graphic User Interface Gateway H.323...
Page 328 IPLink Software Configuration Guide D • Internetworking terms & acronyms Abbreviation Meaning MGCP Media Gateway Control Protocol MIB II Management Information Base II Modem Modulator – Demodulator Multiple Subscriber Number NAPT Network Address Port Translation Network Address Translation Network Interface Card Network Termination Network Termination 1 Network Termination 2...
Page 329 IPLink Software Configuration Guide D • Internetworking terms & acronyms Abbreviation Meaning Real-time Protocol IPLink-connection for Trunk Line IPLink-connection for Subscriber Line Segmentation and Reassembly S-Bus Subscriber Line (Connection) Bus Switched Circuit Network SCTP Stream Control Transmission Protocol SDSL Symmetric Digital Subscriber Line SGCP Simple Gateway Control Protocol Session Initiation Protocol.
Page 330: Used Ip Ports In The Iplink Software
Appendix E Used IP ports in the IPLink software Chapter contents Used IP ports in the IPLink software ........................331...
Page 331: Used Ip Ports In The Iplink Software
IPLink Software Configuration Guide E • Used IP ports in the IPLink software Used IP ports in the IPLink software Component Port Description NAPT TCP 8000-15999 NAPT port range Telnet TCP 23 TCP server port Webserver TCP 80 TCP server port DHCP UDP 67 Source port DHCP Server...

Patton electronics IPLink Series Software Configuration Manual

Summary Table of Contents

Table of Contents

List of Figures

List of Tables

About this Guide

Nat/Napt

RIP Configuration

SNMP Configuration

DHCP Configuration

PPP Configuration

VPN Configuration

Chapter 1 System Overview

Chapter 2 Configuration Concepts

Command Line Interface (CLI)

Chapter 4 Accessing the CLI

Chapter 5 Establishing Basic IP Connectivity

Chapter 6 System Image Handling

Chapter 7 Configuration File Handling

Chapter Contents Introduction

Chapter 8 Basic System Management

Chapter 9 RADIUS Client Configuration

Chapter 10 IP Context Overview

Chapter 11 IP Interface Configuration

Chapter 12 NAT/NAPT Configuration

Chapter 13 Ethernet Port Configuration

Chapter 14 Link Scheduler Configuration

Chapter 15 Serial Port Configuration

Quick Links

Troubleshooting

Related Manuals for Patton electronics IPLink Series

Summary of Contents for Patton electronics IPLink Series