System information | BMW 318I Automobile User Manual

SmartNode Series
SmartWare Release 5.2
Software Configuration Guide
Sales Office: +1 (301) 975-1000
Technical Support: +1 (301) 975-1007
E-mail: support@patton.com
URL: www.patton.com
Part Number: 07MSWR52_SCG, Rev. A
Revised: August 7, 2008
Patton Electronics Company, Inc.
7622 Rickenbacker Drive, Gaithersburg, MD 20879 USA
Tel: +1 (301) 975-1000 • Fax: +1 (301) 869-9293 • Support: +1 (301) 975-1007
Web: www.patton.com • E-mail: support@patton.com
Copyright Statement
Copyright © 2008, Patton Electronics Company. All rights reserved.
Trademark Statement
The terms SmartWare, SmartView, SmartLink, and SmartNode are trademarks of Patton Electronics Company. All other trademarks presented in this document are the property of their respective owners.
Notices
The information contained in this document is not designed or intended for use as critical components in
human life-support systems, equipment used in hazardous environments, or nuclear control systems. Patton
Electronics Company disclaims any express or implied warranty of fitness for such uses.
The information in this document is subject to change without notice. Patton Electronics assumes no liability for errors that may appear in this document.
Any software described in this document is furnished under license and may be used or copied only in accordance with the terms of such license.
Supported Platforms
SmartNode 4110 Series
SmartNode 4830 Series
SmartNode 4552, 4562
SmartNode 4520 Series
SmartNode 4900 Series
SmartNode 4554, 4564
SmartNode 4600 Series
SmartNode 4960
Smart-DTA
Summary Table of Contents
1 System overview ............................................................................................................................................ 38
2 Configuration concepts ................................................................................................................................. 44
3 Command line interface (CLI) ...................................................................................................................... 49
4 Accessing the CLI .......................................................................................................................................... 53
5 System image handling.................................................................................................................................. 65
6 Configuration file handling........................................................................................................................... 76
7 Basic system management ............................................................................................................................. 90
8 RADIUS Client Configuration.................................................................................................................... 102
9 IP context overview ..................................................................................................................................... 114
10 IP interface configuration ........................................................................................................................... 120
11 NAT/NAPT configuration........................................................................................................................... 132
12 Ethernet port configuration ........................................................................................................................ 141
13 Link scheduler configuration ...................................................................................................................... 151
14 Serial port configuration ............................................................................................................................. 170
15 Frame Relay configuration .......................................................................................................................... 177
16 PRI port configuration................................................................................................................................ 191
17 BRI port configuration................................................................................................................................ 205
18 ISDN Overview ........................................................................................................................................... 212
19 ISDN configuration .................................................................................................................................... 217
20 RBS configuration....................................................................................................................................... 225
21 DSL Port Configuration.............................................................................................................................. 230
22 Basic IP routing configuration .................................................................................................................... 235
23 RIP configuration........................................................................................................................................ 242
24 Access control list configuration.................................................................................................................. 253
25 SNMP configuration ................................................................................................................................... 267
26 SNTP client configuration .......................................................................................................................... 282
27 DHCP configuration................................................................................................................................... 292
28 DNS configuration ...................................................................................................................................... 304
29 DynDNS configuration ............................................................................................................................... 308
30 PPP configuration....................................................................................................................................... 313
31 CS context overview .................................................................................................................................... 339
3
SmartWare Software Configuration Guide
32 VPN configuration ...................................................................................................................................... 362
33 CS interface configuration........................................................................................................................... 381
34 ISDN interface configuration...................................................................................................................... 390
35 FXS interface configuration......................................................................................................................... 404
36 FXO interface configuration ....................................................................................................................... 414
37 RBS interface configuration ........................................................................................................................ 426
38 H.323 interface configuration ..................................................................................................................... 431
39 SIP interface configuration ......................................................................................................................... 441
40 Call router configuration............................................................................................................................. 456
41 SIP call-router services ................................................................................................................................ 524
42 Tone configuration...................................................................................................................................... 529
43 FXS port configuration ............................................................................................................................... 537
44 FXO port configuration .............................................................................................................................. 542
45 H.323 gateway configuration ...................................................................................................................... 546
46 Context SIP gateway overview..................................................................................................................... 559
47 VoIP profile configuration .......................................................................................................................... 573
48 PSTN profile configuration......................................................................................................................... 597
49 SIP profile configuration............................................................................................................................. 601
50 Authentication Service................................................................................................................................. 604
51 Location Service .......................................................................................................................................... 607
52 VoIP debugging........................................................................................................................................... 624
A Terms and definitions ................................................................................................................................ 644
B Mode summary ........................................................................................................................................... 650
C Command summary ................................................................................................................................... 654
D Internetworking terms & acronyms ........................................................................................................... 657
E Used IP ports & available voice codecs ...................................................................................................... 662
4
Table of Contents
Summary Table of Contents ........................................................................................................................... 3
Table of Contents ........................................................................................................................................... 5
List of Figures ............................................................................................................................................... 27
List of Tables ................................................................................................................................................ 29
About this guide ........................................................................................................................................... 30
Audience............................................................................................................................................................... 30
How to read this guide ......................................................................................................................................... 30
Structure............................................................................................................................................................... 31
Precautions ........................................................................................................................................................... 34
Typographical conventions used in this document................................................................................................ 34
General conventions .......................................................................................................................................34
Mouse conventions .........................................................................................................................................36
Service and support ...............................................................................................................................................36
Patton support headquarters in the USA .........................................................................................................36
Alternate Patton support for Europe, Middle East, and Africa (EMEA) ..........................................................36
Warranty Service and Returned Merchandise Authorizations (RMAs)...................................................................37
Warranty coverage ..........................................................................................................................................37
Returns for credit ......................................................................................................................................37
Return for credit policy .............................................................................................................................37
RMA numbers ................................................................................................................................................37
Shipping instructions ................................................................................................................................37
1 System overview ............................................................................................................................................ 38
Introduction ..........................................................................................................................................................39
SmartWare embedded software .............................................................................................................................40
Applications...........................................................................................................................................................41
Carrier networks .............................................................................................................................................41
Enterprise networks ........................................................................................................................................42
LAN telephony ...............................................................................................................................................43
2 Configuration concepts ................................................................................................................................. 44
Introduction ..........................................................................................................................................................45
Contexts and Gateways..........................................................................................................................................46
Context ...........................................................................................................................................................46
Gateway ..........................................................................................................................................................46
Interfaces, Ports, and Bindings...............................................................................................................................47
Interfaces ........................................................................................................................................................47
Ports and circuits ............................................................................................................................................47
Bindings ..........................................................................................................................................................47
Profiles and Use commands...................................................................................................................................48
Profiles ............................................................................................................................................................48
Use Commands ..............................................................................................................................................48
5
SmartWare Software Configuration Guide
Table of Contents
3 Command line interface (CLI) ...................................................................................................................... 49
Introduction ..........................................................................................................................................................50
Command modes ..................................................................................................................................................50
CLI prompt ....................................................................................................................................................50
Navigating the CLI .........................................................................................................................................51
Initial mode ..............................................................................................................................................51
System changes ..........................................................................................................................................51
Configuration ...........................................................................................................................................51
Changing Modes .......................................................................................................................................51
Command editing .................................................................................................................................................51
Command help ...............................................................................................................................................51
The No form ..................................................................................................................................................51
Command completion ....................................................................................................................................51
Command history ...........................................................................................................................................52
Command Editing Shortcuts ..........................................................................................................................52
4 Accessing the CLI .......................................................................................................................................... 53
Introduction ..........................................................................................................................................................54
Accessing the SmartWare CLI task list...................................................................................................................54
Accessing via the console port .........................................................................................................................55
Console port procedure .............................................................................................................................55
Telnet Procedure .......................................................................................................................................56
Using an alternate TCP listening port for the Telnet server .............................................................................56
Disabling the Telnet server ..............................................................................................................................56
Logging on ......................................................................................................................................................56
Selecting a secure password .............................................................................................................................57
Password encryption .......................................................................................................................................58
Factory preset administrator account .........................................................................................................58
Creating an operator account ....................................................................................................................58
Creating an administrator account ............................................................................................................59
Opening a secure configuration session over SSH ...........................................................................................59
Displaying the CLI version .............................................................................................................................60
Displaying account information ......................................................................................................................60
Switching to another account ..........................................................................................................................61
Checking identity and connected users ...........................................................................................................61
Command index numbers ...............................................................................................................................62
Ending a Telnet or console port session ..........................................................................................................64
Showing command default values ...................................................................................................................64
5 System image handling.................................................................................................................................. 65
Introduction ..........................................................................................................................................................66
Memory regions in SmartWare..............................................................................................................................67
System image handling task list .............................................................................................................................68
Displaying system image information ..............................................................................................................69
Copying system images from a network server to Flash memory .....................................................................69
6
SmartWare Software Configuration Guide
Table of Contents
Upgrading the software directly ......................................................................................................................71
Auto provisioning of firmware and configuration ..................................................................................................72
Boot procedure......................................................................................................................................................74
Factory configuration ............................................................................................................................................75
Default Startup Configuration ........................................................................................................................75
IP Addresses in the Factory Configuration ......................................................................................................75
6 Configuration file handling........................................................................................................................... 76
Introduction ..........................................................................................................................................................77
Understanding configuration files ...................................................................................................................77
Factory configuration ............................................................................................................................................79
Configuration file handling task list.......................................................................................................................79
Copying configurations within the local memory ............................................................................................80
Replacing the startup configuration with a configuration from Flash memory ................................................81
Copying configurations to and from a remote storage location ........................................................................82
Replacing the startup configuration with a configuration downloaded from TFTP server ...............................83
Displaying configuration file information .......................................................................................................83
Modifying the running configuration at the CLI .............................................................................................84
Modifying the running configuration offline ...................................................................................................85
Deleting a specified configuration ...................................................................................................................86
Encrypted file download .................................................................................................................................87
Encrypted Configuration Download .........................................................................................................87
Use Cases ..................................................................................................................................................88
7 Basic system management ............................................................................................................................. 90
Introduction ..........................................................................................................................................................91
Basic system management configuration task list ...................................................................................................91
Managing feature license keys .........................................................................................................................92
Setting system information .............................................................................................................................93
Setting the system banner ................................................................................................................................94
Setting time and date ......................................................................................................................................95
Display clock information ...............................................................................................................................95
Display time since last restart ..........................................................................................................................96
Configuring the Web server ............................................................................................................................96
Determining and defining the active CLI version ............................................................................................96
Restarting the system ......................................................................................................................................97
Displaying the system logs ..............................................................................................................................97
Displaying reports ...........................................................................................................................................98
Controlling command execution .....................................................................................................................98
Timed execution of CLI command ...............................................................................................................100
Displaying the checksum of a configuration ..................................................................................................100
Configuration of terminal sessions ................................................................................................................100
8 RADIUS Client Configuration.................................................................................................................... 102
Introduction ........................................................................................................................................................103
The AAA component ..........................................................................................................................................103
7
SmartWare Software Configuration Guide
Table of Contents
General AAA Configuration ..........................................................................................................................104
RADIUS configuration........................................................................................................................................106
Configuring RADIUS clients ........................................................................................................................107
Configuring RADIUS accounting .................................................................................................................108
Configuring the RADIUS server ...................................................................................................................110
Attributes in the RADIUS request message .............................................................................................110
Attributes in the RADIUS accept message ...............................................................................................111
Configuring the local database accounts ..............................................................................................................111
Storing call logs with quality information ............................................................................................................113
9 IP context overview ..................................................................................................................................... 114
Introduction ........................................................................................................................................................115
IP context overview configuration task list...........................................................................................................116
Planning your IP configuration ...........................................................................................................................117
IP interface related information .....................................................................................................................117
QoS related information ...............................................................................................................................117
Configuring physical ports...................................................................................................................................117
Creating and configuring IP interfaces.................................................................................................................117
Configuring NAPT .............................................................................................................................................118
Configuring static IP routing...............................................................................................................................118
Configuring RIP..................................................................................................................................................118
Configuring access control lists............................................................................................................................119
Configuring quality of service (QoS) ...................................................................................................................119
10 IP interface configuration ........................................................................................................................... 120
Introduction ........................................................................................................................................................121
IP interface configuration task list........................................................................................................................121
Creating an IP interface ................................................................................................................................121
Deleting an IP interface ................................................................................................................................122
Setting the IP address and netmask ...............................................................................................................123
Configuring a NAPT DMZ interface ............................................................................................................123
ICMP message processing .............................................................................................................................124
ICMP redirect messages ................................................................................................................................124
Router advertisement broadcast message .......................................................................................................124
Defining the MTU and MSS of the interface ................................................................................................125
Configuring an interface as a point-to-point link ..........................................................................................126
Displaying IP interface information ..............................................................................................................126
Displaying dynamic ARP entries ...................................................................................................................127
Flushing dynamic ARP entries ......................................................................................................................127
Processing gratuitous ARP requests ...............................................................................................................127
Testing connections with the ping command ................................................................................................127
IP link supervision ........................................................................................................................................128
Check connectivity of an IP link .............................................................................................................129
Show IP link status ..................................................................................................................................129
Debug connectivity .................................................................................................................................129
8
SmartWare Software Configuration Guide
Table of Contents
Debug ARP ...................................................................................................................................................129
Traceroute ....................................................................................................................................................130
Configuring the IGMP Proxy..............................................................................................................................131
11 NAT/NAPT configuration........................................................................................................................... 132
Introduction ........................................................................................................................................................133
Dynamic NAPT ...........................................................................................................................................133
Static NAPT .................................................................................................................................................134
Dynamic NAT ..............................................................................................................................................134
Static NAT ...................................................................................................................................................135
NAPT traversal .............................................................................................................................................135
NAT/NAPT configuration task list .....................................................................................................................136
Creating a NAPT profile ...............................................................................................................................136
Configuring a NAPT DMZ host .............................................................................................................137
Defining NAPT port ranges ....................................................................................................................137
Preserving TCP/UDP port numbers in NAPT ........................................................................................138
Defining the UDP NAPT type ...............................................................................................................138
Activate NAT/NAPT ....................................................................................................................................139
Displaying NAT/NAPT configuration information ......................................................................................139
Configuring NAT static protocol entries .......................................................................................................140
12 Ethernet port configuration ........................................................................................................................ 141
Introduction ........................................................................................................................................................142
Ethernet port configuration task list ....................................................................................................................142
Entering the Ethernet port configuration mode ............................................................................................142
Configuring medium for an Ethernet port ....................................................................................................142
Configuring Ethernet encapsulation type for an Ethernet port ......................................................................143
Binding an Ethernet port to an IP interface ..................................................................................................143
Multiple IP addresses on Ethernet ports ........................................................................................................144
Configuring a VLAN ....................................................................................................................................145
Configuring layer 2 CoS to service-class mapping for an Ethernet port .........................................................146
Adding a receive mapping table entry ......................................................................................................147
Adding a transmit mapping table entry ...................................................................................................148
Closing an Ethernet port ...............................................................................................................................148
Using the built-in Ethernet sniffer .......................................................................................................................149
13 Link scheduler configuration ...................................................................................................................... 151
Introduction ........................................................................................................................................................152
Applying scheduling at the bottleneck ...........................................................................................................152
Using traffic classes .......................................................................................................................................152
Introduction to Scheduling ...........................................................................................................................153
Priority ....................................................................................................................................................153
Weighted fair queuing (WFQ) ................................................................................................................153
Shaping ...................................................................................................................................................153
Burst tolerant shaping or wfq ..................................................................................................................154
Hierarchy ................................................................................................................................................154
9
SmartWare Software Configuration Guide
Table of Contents
Quick references ..................................................................................................................................................155
Setting the modem rate .................................................................................................................................155
Command cross reference .............................................................................................................................156
Link scheduler configuration task list...................................................................................................................156
Defining the access control list profile ...........................................................................................................157
Packet classification .................................................................................................................................157
Creating an access control list ..................................................................................................................158
Creating a service policy profile .....................................................................................................................159
Specifying the handling of traffic-classes ........................................................................................................161
Defining fair queuing weight ...................................................................................................................161
Defining the bit-rate ...............................................................................................................................162
Defining absolute priority .......................................................................................................................162
Defining the maximum queue length ......................................................................................................162
Specifying the type-of-service (TOS) field ...............................................................................................162
Specifying the precedence field ................................................................................................................163
Specifying differentiated services codepoint (DSCP) marking .................................................................163
Specifying layer 2 marking ......................................................................................................................164
Defining random early detection .............................................................................................................165
Discarding Excess Load ...........................................................................................................................165
Quality of Service for routed RTP streams ....................................................................................................165
Devoting the service policy profile to an interface .........................................................................................167
Displaying link arbitration status ..................................................................................................................168
Displaying link scheduling profile information .............................................................................................168
Enable statistics gathering .............................................................................................................................168
14 Serial port configuration ............................................................................................................................. 170
Introduction ........................................................................................................................................................171
Serial port configuration task list .........................................................................................................................171
Disabling an interface ...................................................................................................................................171
Enabling an interface ....................................................................................................................................172
Configuring the serial encapsulation type ......................................................................................................173
Configuring the hardware port protocol ........................................................................................................173
Configuring the active clock edge ..................................................................................................................174
Configuring the baudrate ..............................................................................................................................175
15 Frame Relay configuration .......................................................................................................................... 177
Introduction ........................................................................................................................................................178
Frame Relay configuration task list ......................................................................................................................178
Configuring Frame Relay encapsulation ........................................................................................................178
Configuring the LMI type .............................................................................................................................179
Configuring the keep-alive interval ...............................................................................................................179
Enabling fragmentation ................................................................................................................................180
Entering Frame Relay PVC configuration mode ...........................................................................................181
Configuring the PVC encapsulation type ......................................................................................................182
Binding the Frame Relay PVC to IP interface ...............................................................................................182
10
SmartWare Software Configuration Guide
Table of Contents
Enabling a Frame Relay PVC ........................................................................................................................184
Disabling a Frame Relay PVC .......................................................................................................................184
Debugging Frame Relay ................................................................................................................................185
Displaying Frame Relay information .............................................................................................................186
Integrated service access ................................................................................................................................187
Example 1: Frame Relay on e1t1 without a channel-group ...........................................................................189
16 PRI port configuration................................................................................................................................ 191
Introduction ........................................................................................................................................................192
PRI port configuration task list............................................................................................................................192
Enable/Disable PRI port ...............................................................................................................................193
Configuring PRI port-type ............................................................................................................................193
Configuring PRI clock-mode ........................................................................................................................193
Configuring PRI line-code ............................................................................................................................193
Configuring PRI framing ..............................................................................................................................194
Configuring PRI line-build-out (E1T1 in T1 mode only) .............................................................................195
Configuring PRI used-connector (E1T1 in E1 mode only) ...........................................................................195
Configuring PRI application mode (E1T1 only) ...........................................................................................195
Configuring PRI LOS threshold (E1T1 only) ...............................................................................................196
Configuring PRI Loopback detection (E1T1 only) .......................................................................................196
Configuring PRI encapsulation .....................................................................................................................197
Create a Channel-Group ...............................................................................................................................198
Configuring Channel-Group Timeslots ........................................................................................................198
Configuring Channel-Group Encapsulation .................................................................................................198
Entering HDLC Configuration Mode ..........................................................................................................199
Configuring HDLC CRC-Type ...................................................................................................................199
Configuring HDLC Encapsulation ...............................................................................................................200
PRI Debugging .............................................................................................................................................200
PRI Configuration Examples ........................................................................................................................201
Example 1: ISDN ....................................................................................................................................202
Example 2: RBS without a channel-group ...............................................................................................202
Example 3: RBS with a channel-group ....................................................................................................202
Example 4: Frame Relay without a channel-group ...................................................................................203
Example 5: Framerelay with a channel-group ..........................................................................................204
Example 6: PPP without a channel-group ...............................................................................................204
Example 7: PPP with a channel-group .....................................................................................................204
17 BRI port configuration................................................................................................................................ 205
Introduction ........................................................................................................................................................206
BRI port configuration task list............................................................................................................................206
Enable/Disable BRI port ...............................................................................................................................206
Configuring BRI clock-mode ........................................................................................................................206
Configuring BRI Power-Feed ........................................................................................................................207
Configuring BRI encapsulation .....................................................................................................................207
Creating a channel group ..............................................................................................................................207
11
SmartWare Software Configuration Guide
Table of Contents
Configuring channel-group timeslots ............................................................................................................208
Configuring channel-group encapsulation .....................................................................................................208
Entering HDLC configuration mode ............................................................................................................208
Configuring HDLC encapsulation ................................................................................................................208
BRI Debugging .............................................................................................................................................209
BRI Configuration Examples ........................................................................................................................210
Example 1: ISDN with auto clock/uni-side settings ................................................................................210
Example 2: ISDN with manual clock/uni-side settings ............................................................................210
Example 3: Multi-Link PPP over two B-Channels ..................................................................................211
18 ISDN Overview ........................................................................................................................................... 212
Introduction ........................................................................................................................................................213
ISDN reference points ..................................................................................................................................213
Possible SmartNode port configurations .......................................................................................................214
ISDN UNI Signaling ....................................................................................................................................214
ISDN Configuration Concept .............................................................................................................................216
ISDN Layering .............................................................................................................................................216
19 ISDN configuration .................................................................................................................................... 217
Introduction ........................................................................................................................................................218
ISDN configuration task list................................................................................................................................218
Enter Q.921 configuration mode ..................................................................................................................218
Configuring Q.921 parameters .....................................................................................................................218
Configuring Q.921 encapsulation .................................................................................................................219
Enter Q.931 configuration mode ..................................................................................................................219
Configuring Q.931 parameters .....................................................................................................................220
Configuring Q.931 encapsulation .................................................................................................................222
Debugging ISDN ..........................................................................................................................................222
ISDN Configuration Examples .....................................................................................................................223
20 RBS configuration....................................................................................................................................... 225
Introduction ........................................................................................................................................................226
RBS configuration task list ..................................................................................................................................226
Enter RBS configuration mode .....................................................................................................................226
Configuring RBS protocol ............................................................................................................................226
Configuring RBS encapsulation ....................................................................................................................227
Debugging RBS ............................................................................................................................................227
RBS Configuration Examples ........................................................................................................................228
21 DSL Port Configuration.............................................................................................................................. 230
Introduction ........................................................................................................................................................231
Line Setup ...........................................................................................................................................................231
Configuring PPPoE .............................................................................................................................................231
Configuration Summary......................................................................................................................................232
Setting up permanent virtual circuits (PVC)........................................................................................................233
Using PVC channels in bridged Ethernet mode ............................................................................................233
12
SmartWare Software Configuration Guide
Table of Contents
Using PVC channels with PPPoE .................................................................................................................233
Diagnostics ...................................................................................................................................................234
Troubleshooting DSL Connections .....................................................................................................................234
22 Basic IP routing configuration .................................................................................................................... 235
Introduction ........................................................................................................................................................236
Routing tables ...............................................................................................................................................236
Static routing ................................................................................................................................................236
Policy routing ...............................................................................................................................................236
Basic IP routing configuration task list ................................................................................................................236
Configuring static IP routes ..........................................................................................................................237
Deleting static IP routes ................................................................................................................................238
Displaying IP route information ...................................................................................................................238
Configuring policy routing ...........................................................................................................................239
Examples .............................................................................................................................................................240
Basic static IP routing example ......................................................................................................................240
Changing the default UDP port range for RTP and RTCP .................................................................................241
23 RIP configuration........................................................................................................................................ 242
Introduction ........................................................................................................................................................243
Routing protocol .................................................................................................................................................243
RIP configuration task list ...................................................................................................................................244
Enabling send RIP ........................................................................................................................................244
Enabling an interface to receive RIP ..............................................................................................................245
Specifying the send RIP version ....................................................................................................................245
Specifying the receive RIP version .................................................................................................................246
Enabling RIP learning ...................................................................................................................................246
Enabling an interface to receive RIP ..............................................................................................................247
Enabling RIP announcing .............................................................................................................................247
Enabling RIP auto summarization ................................................................................................................248
Specifying the default route metric ................................................................................................................248
Enabling RIP split-horizon processing ...........................................................................................................249
Enabling the poison reverse algorithm ...........................................................................................................249
Enabling holding down aged routes ..............................................................................................................250
Setting the RIP route expiry ..........................................................................................................................250
Displaying RIP configuration of an IP interface ............................................................................................251
Displaying global RIP information ................................................................................................................251
24 Access control list configuration.................................................................................................................. 253
Introduction ........................................................................................................................................................254
About access control lists .....................................................................................................................................254
What access lists do .......................................................................................................................................254
Why you should configure access lists ...........................................................................................................254
When to configure access lists .......................................................................................................................255
Features of access control lists .......................................................................................................................255
Access control list configuration task list..............................................................................................................256
13
SmartWare Software Configuration Guide
Table of Contents
Mapping out the goals of the access control list .............................................................................................256
Creating an access control list profile and enter configuration mode .............................................................257
Adding a filter rule to the current access control list profile ...........................................................................257
Adding an ICMP filter rule to the current access control list profile ..............................................................259
Adding a TCP, UDP or SCTP filter rule to the current access control list profile .........................................261
Binding and unbinding an access control list profile to an IP interface ..........................................................263
Displaying an access control list profile .........................................................................................................264
Debugging an access control list profile .........................................................................................................264
Examples .............................................................................................................................................................266
Denying a specific subnet ..............................................................................................................................266
25 SNMP configuration ................................................................................................................................... 267
Introduction ........................................................................................................................................................268
Simple Network Management Protocol (SNMP) ................................................................................................268
SNMP basic components ..............................................................................................................................268
SNMP basic commands ................................................................................................................................268
SNMP management information base (MIB) ...............................................................................................269
Network management framework .................................................................................................................269
Identification of a SmartNode via SNMP............................................................................................................269
SNMP tools.........................................................................................................................................................270
SNMP configuration task list ..............................................................................................................................270
Setting basic system information..........................................................................................................................270
Setting access community information ................................................................................................................272
Setting allowed host information .........................................................................................................................274
Specifying the default SNMP trap target .............................................................................................................274
Displaying SNMP related information ................................................................................................................275
Using the AdventNet SNMP utilities ..................................................................................................................275
Using the MibBrowser ..................................................................................................................................276
Using the TrapViewer ...................................................................................................................................277
Standard SNMP version 1 traps...........................................................................................................................279
SNMP interface traps ..........................................................................................................................................280
26 SNTP client configuration .......................................................................................................................... 282
Introduction ........................................................................................................................................................283
SNTP client configuration task list ......................................................................................................................283
Selecting SNTP time servers .........................................................................................................................284
Defining SNTP client operating mode ..........................................................................................................284
Defining SNTP local UDP port ....................................................................................................................285
Enabling and disabling the SNTP client .......................................................................................................286
Defining SNTP client poll interval ...............................................................................................................286
Defining SNTP client constant offset to GMT .............................................................................................287
Defining the SNTP client anycast address .....................................................................................................287
Enabling and disabling local clock offset compensation .................................................................................288
Showing SNTP client related information ....................................................................................................289
Debugging SNTP client operation ................................................................................................................289
14
SmartWare Software Configuration Guide
Table of Contents
Recommended public SNTP time servers............................................................................................................290
NIST Internet time service ............................................................................................................................290
Additional information on NTP and a list of other NTP servers ...................................................................291
27 DHCP configuration................................................................................................................................... 292
Introduction ........................................................................................................................................................293
DHCP-client configuration tasks.........................................................................................................................294
Enable DHCP-client on an IP interface ........................................................................................................294
Release or renew a DHCP lease manually (advanced) ...................................................................................296
Get debug output from DHCP-client ...........................................................................................................296
DHCP-server configuration tasks ........................................................................................................................297
Configure DHCP-server profiles ...................................................................................................................297
Use DHCP-server profiles and enable the DHCP-server ...............................................................................299
Define the bootfile (Option 67) for the DHCP-server ..................................................................................300
Define the TFTP server (Option 66) for the DHCP-server ...........................................................................300
Check DHCP-server configuration and status ...............................................................................................300
Get debug output from the DHCP-server .....................................................................................................301
Configure DHCP-relay .................................................................................................................................302
Create/Modify DHCP-Relay profile .......................................................................................................302
Enable/Disable DHCP-Relay Agent ........................................................................................................303
28 DNS configuration ...................................................................................................................................... 304
Introduction ........................................................................................................................................................305
DNS configuration task list .................................................................................................................................305
Enabling the DNS resolver ............................................................................................................................305
Enabling the DNS relay ................................................................................................................................306
29 DynDNS configuration ............................................................................................................................... 308
Introduction ........................................................................................................................................................309
DynDNS configuration task list ..........................................................................................................................309
Creating a DynDNS account ........................................................................................................................309
Configuring the DNS resolver ......................................................................................................................309
Configuring basic DynDNS settings .............................................................................................................310
Configuring the DynDNS server ..................................................................................................................310
Configuring advanced DynDNS settings (optional) ......................................................................................311
Defining a mail exchanger for your hostname .........................................................................................311
Troubleshooting ...........................................................................................................................................311
30 PPP configuration....................................................................................................................................... 313
Introduction ........................................................................................................................................................314
PPP configuration task list...................................................................................................................................315
Creating an IP interface for PPP ...................................................................................................................315
Disable interface IP address auto-configuration from PPP .............................................................................317
Creating a PPP subscriber .............................................................................................................................317
Trigger forced reconnect of PPP sessions using a timer .................................................................................319
Disable interface IP address auto-configuration from PPP .............................................................................319
15
SmartWare Software Configuration Guide
Table of Contents
Configuring a PPPoE session ........................................................................................................................319
Configuring PPP over a HDLC Link ............................................................................................................321
Creating a PPP profile ...................................................................................................................................321
Configuring the local and remote PPP MRRU .............................................................................................323
Displaying PPP configuration information ...................................................................................................324
Debugging PPP ............................................................................................................................................325
Sample configurations .........................................................................................................................................329
PPP over Ethernet (PPPoE) ..........................................................................................................................329
Without authentication, encapsulation multi, with NAPT ......................................................................329
With authentication, encapsulation PPPoE .............................................................................................329
PPP over a HDLC Link (Serial Port) ............................................................................................................330
Without authentication, numbered interface ...........................................................................................330
With authentication, unnumbered interface ............................................................................................330
PPP over a HDLC Link (E1T1 Port) ............................................................................................................330
Without authentication, numbered interface ...........................................................................................330
PPP Dial-up over ISDN ......................................................................................................................................331
PPP Dialer ....................................................................................................................................................331
Create a dialer .........................................................................................................................................332
Create outbound destinations ..................................................................................................................332
Configure recovery strategy .....................................................................................................................333
Create inbound destinations ....................................................................................................................334
Debug dialer functionality .......................................................................................................................336
Example – Dial-on demand feature .........................................................................................................336
Dial-up .........................................................................................................................................................337
Dial-up on demand .................................................................................................................................337
Dial-up on monitor .................................................................................................................................338
Dial-up nailed .........................................................................................................................................338
.....................................................................................................................................................................338
31 CS context overview .................................................................................................................................... 339
Introduction ........................................................................................................................................................340
CS context configuration task list ........................................................................................................................341
Planning the CS configuration ............................................................................................................................341
Configuring general CS settings...........................................................................................................................343
Configuring the clock source ...................................................................................................................343
Debugging the clock source .....................................................................................................................344
Selecting PCM law compression ..............................................................................................................345
Configuring call routing ......................................................................................................................................345
Creating and configuring CS interfaces................................................................................................................346
Specify call routing ........................................................................................................................................346
Configuring dial tones .........................................................................................................................................347
Configuring voice over IP parameters ..................................................................................................................347
Configuring ISDN ports .....................................................................................................................................348
Configuring FXS ports ........................................................................................................................................348
16
SmartWare Software Configuration Guide
Table of Contents
Configuring an H.323 VoIP connection .............................................................................................................348
Configuring a SIP VoIP connection ....................................................................................................................348
Activating CS context configuration ....................................................................................................................349
Planning the CS context ...............................................................................................................................352
Configuring general CS settings ....................................................................................................................353
Configuring call routing ................................................................................................................................353
Configuring VoIP settings ............................................................................................................................355
Configuring BRI ports ..................................................................................................................................355
Configuring an H.323 VoIP connection .......................................................................................................356
Activating the CS context configuration ........................................................................................................356
Showing the running configuration ...............................................................................................................358
32 VPN configuration ...................................................................................................................................... 362
Introduction ........................................................................................................................................................363
Authentication ..............................................................................................................................................363
Encryption ....................................................................................................................................................363
Transport and tunnel modes .........................................................................................................................364
Permanent IKE Tunnels ..........................................................................................................................364
Key management ..........................................................................................................................................364
VPN configuration task list .................................................................................................................................365
Creating an IPsec transformation profile .......................................................................................................365
Creating an IPsec policy profile .....................................................................................................................365
Creating/modifying an outgoing ACL profile for IPsec .................................................................................367
Configuration of an IP interface and the IP router for IPsec ..........................................................................368
Displaying IPsec configuration information ..................................................................................................368
Debugging IPsec ...........................................................................................................................................369
Key management (IKE) .......................................................................................................................................370
Main differences between manual & IKE IPSEC configurations .............................................................370
Creating an ISAKMP transform profile ...................................................................................................371
Creating an ISAKMP IPSEC policy profile .............................................................................................372
Creating/modifying an outgoing ACL profile for IPSEC .........................................................................373
Configuration of an IP interface and the IP router for IPSEC .................................................................373
Policy matching ......................................................................................................................................373
Sample configuration snippet ..................................................................................................................373
Troubleshooting ...........................................................................................................................................374
Encrypted Voice - Performance considerations ....................................................................................................375
Performance considerations ...........................................................................................................................375
Enabling RTP encryption support .......................................................................................................................375
Using an alternate source IP address for specific destinations ...............................................................................376
Sample configurations .........................................................................................................................................377
IPsec tunnel, DES encryption .......................................................................................................................377
SmartNode configuration ........................................................................................................................377
Cisco router configuration .......................................................................................................................378
IPsec tunnel, AES encryption at 256 bit key length, AH authentication with HMAC-SHA1-96 ..................378
17
SmartWare Software Configuration Guide
Table of Contents
SmartNode configuration ........................................................................................................................378
Cisco router configuration .......................................................................................................................378
IPsec tunnel, 3DES encryption at 192 bit key length, ESP authentication with HMAC-MD5-96 ................379
SmartNode configuration ........................................................................................................................379
Cisco router configuration .......................................................................................................................379
33 CS interface configuration........................................................................................................................... 381
Introduction ........................................................................................................................................................382
CS interface configuration task list ......................................................................................................................382
Creating and configuring CS interfaces................................................................................................................383
Configuring call routing ......................................................................................................................................384
Configuring the interface mapping tables ............................................................................................................385
Configuring the precall service tables ...................................................................................................................388
34 ISDN interface configuration...................................................................................................................... 390
Introduction ........................................................................................................................................................391
ISDN interface configuration task list..................................................................................................................391
Configuring DTMF dialing (optional) ..........................................................................................................392
Configuring an alternate PSTN profile (optional) .........................................................................................392
Configuring ringback tone on ISDN user-side interfaces ..............................................................................393
Configuring call waiting (optional) ...............................................................................................................393
Disabling call-waiting on ISDN DSS1 network interfaces .............................................................................393
Configuring Call-Hold on ISDN interfaces ..................................................................................................394
Enabling Display Information Elements on ISDN Ports ...............................................................................394
Configuring date/time publishing to terminals (optional) .............................................................................394
Sending the connected party number (COLP) (optional) ..............................................................................395
Enabling sending of date and time on ISDN DSS1 network interfaces .........................................................395
Defining the ‘network-type’ in ISDN interfaces ............................................................................................395
ISDN Explicit Call Transfer support (& SIP REFER Transmission) ............................................................395
ISDN Advice of Charge support ...................................................................................................................397
ISDN DivertingLegInformation2 Facility .....................................................................................................401
Transmit Direction .................................................................................................................................401
Receive Direction ....................................................................................................................................401
T1 Caller-Name Support ..............................................................................................................................401
35 FXS interface configuration......................................................................................................................... 404
Introduction ........................................................................................................................................................405
FXS interface configuration task list ....................................................................................................................405
Configuring a subscriber number (recommended) ........................................................................................405
Configuring an alternate PSTN profile (optional) .........................................................................................406
Configuring caller-ID presentation (optional) ...............................................................................................406
Configuring flash hook processing (optional) ................................................................................................406
Configuring ringing-cadence (optional) ........................................................................................................407
Configuring the Message Waiting Indication feature for FXS .......................................................................408
Configuration .........................................................................................................................................408
Frequency-shift keying ............................................................................................................................409
18
SmartWare Software Configuration Guide
Table of Contents
FXS supplementary services description...............................................................................................................410
Call hold .......................................................................................................................................................411
Call waiting ...................................................................................................................................................411
Call waiting reminder ring ............................................................................................................................412
Drop passive call ...........................................................................................................................................412
Drop active call .............................................................................................................................................412
Call toggle .....................................................................................................................................................412
Call transfer ..................................................................................................................................................412
Conferencing ................................................................................................................................................413
Call park .......................................................................................................................................................413
36 FXO interface configuration ....................................................................................................................... 414
Introduction ........................................................................................................................................................415
FXO services description .....................................................................................................................................416
Creating an FXO interface...................................................................................................................................416
Deleting an FXO interface...................................................................................................................................417
FXO interface configuration task list ...................................................................................................................418
FXO off-hook on caller ID ...........................................................................................................................418
Configuring an alternate PSTN profile (optional) .........................................................................................418
Configuring when the digits are dialed (optional) .........................................................................................419
Configuring the number of rings to wait before answering the call (optional) ...............................................421
Configuring how to detect a call has disconnected (optional) ........................................................................422
Configuring how to detect an outgoing call is connected (optional) ..............................................................423
Configuring the destination of the call ..........................................................................................................424
FXO Mute dialing ........................................................................................................................................424
FXO interface examples ................................................................................................................................425
37 RBS interface configuration ........................................................................................................................ 426
Introduction ........................................................................................................................................................427
RBS interface configuration task list ....................................................................................................................427
Creating/Deleting a RBS interface .......................................................................................................................427
Configuring an alternate PSTN profile .........................................................................................................427
Configuring an alternate Tone-Set profile .....................................................................................................428
Configuring B-Channel allocation strategy ...................................................................................................428
Configuring additional disconnect signals .....................................................................................................428
Configuring number of Rings before Off-Hook ............................................................................................429
Configuring ready to dial strategy .................................................................................................................429
RBS interface debugging ...............................................................................................................................429
38 H.323 interface configuration ..................................................................................................................... 431
Introduction ........................................................................................................................................................432
H.323 interface configuration task list .................................................................................................................432
Binding the interface to an H.323 gateway ...................................................................................................433
Configuring an alternate VoIP profile (optional) ...........................................................................................434
Configuring CLIP/CLIR support (optional) .................................................................................................435
Enabling ‘early-proceeding’ on H.323 interfaces ...........................................................................................436
19
SmartWare Software Configuration Guide
Table of Contents
Enabling the early call connect (optional) .....................................................................................................436
Enabling the early call disconnect (optional) .................................................................................................437
Enabling the via address support (optional) ...................................................................................................437
Override the default destination call signaling port (Optional) ......................................................................437
Configuring status inquiry settings (optional) ...............................................................................................438
AOC-D Support for H.323 ..........................................................................................................................439
39 SIP interface configuration ......................................................................................................................... 441
Introduction ........................................................................................................................................................442
SIP interface configuration task list......................................................................................................................442
Binding the interface to a SIP gateway ..........................................................................................................443
Configure a remote host ................................................................................................................................443
Configuring a local host (Optional) ..............................................................................................................444
Using an alternate VoIP profile (Optional) ...................................................................................................444
Using an alternate SIP profile (Optional) ......................................................................................................445
Using an alternate Tone-Set profile (Optional) .............................................................................................445
Configuring early call connect / disconnect (Optional) .................................................................................446
Configuring address translation (Optional) ...................................................................................................446
Mapping call-control properties in SIP headers .......................................................................................446
Mapping SIP headers to call-control properties .......................................................................................447
Configuring ISDN Redirecting Number Tunneling Over SIP ................................................................447
Enabling SIP RFC Privacy, Asserted-Identity, & Preferred-Identity headers (RFC 3323/3325) ..............448
Updating caller address parameters ..........................................................................................................448
SIP Diversion Header ..............................................................................................................................449
Transmit Direction ...........................................................................................................................450
Receive Direction ..............................................................................................................................450
SIP REFER Transmission (& ISDN Explicit Call Transfer support) ............................................................451
AOC Over SIP (Optional) ............................................................................................................................453
Enabling the session timer (Optional) ...........................................................................................................454
Enabling the SIP penalty-box feature (Optional) ...........................................................................................454
Initiating a new SIP session for redirected SIP calls (Optional) .....................................................................454
Configure the SIP hold method (Optional) ..................................................................................................455
40 Call router configuration............................................................................................................................. 456
Introduction ........................................................................................................................................................458
Call router configuration task list.........................................................................................................................460
Map out the goals for the call router .............................................................................................................460
Enable advanced call routing on circuit interfaces .........................................................................................461
Configure general call router behavior ...........................................................................................................461
Configure address completion timeout ....................................................................................................461
Configure default digit collection timeout and terminating character ......................................................462
Configure number prefix for ISDN number types ........................................................................................463
Configure call routing tables .........................................................................................................................464
Create a routing table ..............................................................................................................................464
Called party number routing table ................................................................................................................466
20
SmartWare Software Configuration Guide
Table of Contents
Regular Expressions .................................................................................................................................466
Digit Collection ......................................................................................................................................468
Digit Collection Variants ........................................................................................................................469
Calling party number routing table .........................................................................................................472
Number type routing table ............................................................................................................................472
Numbering plan routing table .......................................................................................................................473
Name routing table .......................................................................................................................................474
IP address routing table .................................................................................................................................474
URI routing table ..........................................................................................................................................475
Presentation Indicator Routing Table ...........................................................................................................475
Screening Indicator Routing Table ...............................................................................................................476
Information transfer capability routing table .................................................................................................477
Call-router support for redirecting number and redirect reason .....................................................................478
Time of day routing table ..............................................................................................................................479
Day of Week Routing Table .........................................................................................................................479
Date routing table .........................................................................................................................................479
Deleting routing tables ..................................................................................................................................480
Configure mapping tables .............................................................................................................................481
E.164 to E.164 Mapping Tables ...................................................................................................................485
Custom SIP URIs from called-/calling-e164 properties .................................................................................488
Other mapping tables ...................................................................................................................................488
Deleting mapping tables ...............................................................................................................................489
Creating complex functions ..........................................................................................................................490
Deleting complex functions ..........................................................................................................................491
Digit collection & sending-complete behavior ..............................................................................................492
Sending-Complete ..................................................................................................................................492
Ingress interface .......................................................................................................................................492
Call-Router .............................................................................................................................................493
Egress Interface .......................................................................................................................................495
Creating call services .....................................................................................................................................497
Creating a hunt group service ........................................................................................................................497
Creating a distribution group service .............................................................................................................506
Distribution-Group Min-Concurrent setting ................................................................................................508
Call-router ‘limiter’ service ............................................................................................................................508
Priority service ..............................................................................................................................................509
CS Bridge service—‘VoIP Leased Line’ .........................................................................................................511
Configuring the service second-dialtone ........................................................................................................513
Deleting call services .....................................................................................................................................514
Activate the call router configuration ............................................................................................................514
Test the call router configuration ..................................................................................................................515
Configure partial rerouting ...........................................................................................................................521
Call reroute .............................................................................................................................................522
Enable acceptation of rerouting requests on ISDN. ...........................................................................522
Enable emission of rerouting requests on ISDN. ...............................................................................522
21
SmartWare Software Configuration Guide
Table of Contents
Enable sending of “302 moved temporary” message on SIP. .............................................................522
Allow Push-Back .....................................................................................................................................522
Enable push-back – aaa service ..........................................................................................................522
Enable push-back – bridge service .....................................................................................................523
Enable push-back – distribution-group service ..................................................................................523
Enable push-back – hunt group service .............................................................................................523
Enable push-back – limiter service ....................................................................................................523
Enable push-back – priority service ...................................................................................................523
41 SIP call-router services ................................................................................................................................ 524
Introduction ........................................................................................................................................................525
SIP conference-service .........................................................................................................................................525
SIP conference-service configuration task list ................................................................................................525
Entering conference-service configuration mode .....................................................................................525
Configuring the call routing destination ..................................................................................................525
Configuring the conference server ...........................................................................................................526
SIP location-service..............................................................................................................................................526
SIP location-service configuration task list ....................................................................................................527
Entering SIP location-service configuration mode ...................................................................................527
Binding a location service ........................................................................................................................528
Configuring multi-contact behavior ........................................................................................................528
Configuring the hunt timeout .................................................................................................................528
42 Tone configuration...................................................................................................................................... 529
Introduction ........................................................................................................................................................530
Tone-set profiles..................................................................................................................................................530
Tone configuration task list .................................................................................................................................531
Configuring call-progress-tone profiles ..........................................................................................................531
Configure tone-set profiles ............................................................................................................................532
Enable tone-set profile ..................................................................................................................................533
Show call-progress-tone and tone-set profiles ................................................................................................534
43 FXS port configuration ............................................................................................................................... 537
Introduction ........................................................................................................................................................538
Shutdown and enable FXS ports..........................................................................................................................538
Bind FXS ports to higher layer applications .........................................................................................................539
Configure country-specific FXS port parameters..................................................................................................539
Other FXS port parameters..................................................................................................................................540
Example ..............................................................................................................................................................541
44 FXO port configuration .............................................................................................................................. 542
Introduction ........................................................................................................................................................543
Shutdown and enable FXO ports.........................................................................................................................543
Bind FXO ports to higher layer applications........................................................................................................543
Configure country specific FXO port parameters.................................................................................................544
Other FXO port parameters ................................................................................................................................544
22
SmartWare Software Configuration Guide
Table of Contents
45 H.323 gateway configuration ...................................................................................................................... 546
Introduction ........................................................................................................................................................547
Gateway configuration task list ............................................................................................................................548
Binding the gateway to an IP interface ..........................................................................................................548
Enable the gateway ........................................................................................................................................548
Configure registration authentication service (RAS) (Optional) ....................................................................549
Configure H.235 Security (optional) ............................................................................................................550
H.235 configuration .....................................................................................................................................551
Advanced configuration options (optional) ...................................................................................................554
Enabling H.245 Tunneling .....................................................................................................................554
Enabling the fastconnect procedure .........................................................................................................555
Enabling the early H.245 procedure ........................................................................................................555
Changing the TCP port for inbound call-signaling connections ..............................................................556
Configuring the traffic class for H.323 signaling .....................................................................................556
Setting the response timeout ...................................................................................................................556
Setting the connect timeout ....................................................................................................................557
Configuring the terminal type for registration with the gatekeeper ..........................................................557
Troubleshooting ...........................................................................................................................................558
46 Context SIP gateway overview..................................................................................................................... 559
Introduction ........................................................................................................................................................560
Context SIP Gateway configuration task list........................................................................................................561
Creating a context SIP gateway .....................................................................................................................561
Creating a transport interface ........................................................................................................................562
Configuring the IP binding ...........................................................................................................................562
Configuring a priority ...................................................................................................................................562
Configuring a spoofed contact address ..........................................................................................................563
Binding location services ...............................................................................................................................563
Enabling/disabling the context SIP gateway ..................................................................................................563
Troubleshooting ..................................................................................................................................................564
Show status information ...............................................................................................................................564
Debug commands .........................................................................................................................................564
Configuration Examples ......................................................................................................................................565
Example 1 .....................................................................................................................................................565
Example 2 .....................................................................................................................................................565
Example 3 .....................................................................................................................................................565
Applications.........................................................................................................................................................566
Outbound Authentication ............................................................................................................................566
Inbound Authentication ...............................................................................................................................567
Outbound Registration .................................................................................................................................568
Inbound Registration ....................................................................................................................................570
B2B User Agent with Registered Clients .......................................................................................................571
47 VoIP profile configuration .......................................................................................................................... 573
Introduction ........................................................................................................................................................574
23
SmartWare Software Configuration Guide
Table of Contents
VoIP profile configuration task list ......................................................................................................................575
Creating a VoIP profile .................................................................................................................................575
Configure codecs ..........................................................................................................................................576
Configuring the transparent-clearmode codec ...............................................................................................578
Configuring the Cisco versions of the G.726 codecs .....................................................................................578
Configuring DTMF relay .............................................................................................................................579
Configuring RTP payload types ....................................................................................................................579
Configuring RTP payload type for transparent-clearmode ............................................................................580
Configuring RTP payload types for the g726-32k and g726-32k-cisco coders ..............................................580
Configuring RTP payload type for Cisco NSE ..............................................................................................580
Configuring Cisco NSE for Fax ....................................................................................................................580
Configuring the dejitter buffer (advanced) ....................................................................................................581
Enabling/disabling filters (advanced) .............................................................................................................583
Configuring Fax transmission .......................................................................................................................584
T.38 CED retransmission .............................................................................................................................587
T.38 No-Signal Retransmission ....................................................................................................................588
Fax bypass method ........................................................................................................................................588
Configuring fax failover ................................................................................................................................588
Configuring modem transmission .................................................................................................................589
Modem bypass method .................................................................................................................................589
Configuring the traffic class for Voice and Fax data ......................................................................................590
Configuring IP-IP codec negotiation .............................................................................................................590
Examples .............................................................................................................................................................591
Home office in an enterprise network ...........................................................................................................591
Home office with fax ....................................................................................................................................593
Soft phone client gateway ..............................................................................................................................594
48 PSTN profile configuration......................................................................................................................... 597
Introduction ........................................................................................................................................................598
PSTN profile configuration task list ....................................................................................................................598
Creating a PSTN profile ...............................................................................................................................598
Configuring the echo canceller ......................................................................................................................599
Configuring output gain ...............................................................................................................................599
49 SIP profile configuration............................................................................................................................. 601
Introduction ........................................................................................................................................................602
SIP profile configuration task list.........................................................................................................................602
Entering the configuration mode for a SIP profile .........................................................................................602
Mapping from a SIP disconnect cause ...........................................................................................................602
Mapping to a SIP cause .................................................................................................................................603
Mapping from a SIP redirection reason .........................................................................................................603
Mapping to a SIP redirection code ................................................................................................................603
50 Authentication Service................................................................................................................................. 604
Introduction ........................................................................................................................................................605
Authentication Service configuration task list ......................................................................................................605
24
SmartWare Software Configuration Guide
Table of Contents
Creating an Authentication Service ...............................................................................................................605
Configuring a Realm .....................................................................................................................................606
Configuring the authentication protocol .......................................................................................................606
Creating credentials ......................................................................................................................................606
Configuration Examples ......................................................................................................................................606
51 Location Service .......................................................................................................................................... 607
Introduction ........................................................................................................................................................608
Location Service configuration task list ................................................................................................................608
Creating a Location Service ...........................................................................................................................608
Adding a domain ..........................................................................................................................................608
Creating an identity ......................................................................................................................................609
Authentication outbound face .................................................................................................................610
Authentication inbound face ...................................................................................................................611
Registration outbound face ......................................................................................................................613
Registration inbound face ........................................................................................................................615
Call outbound face ..................................................................................................................................616
Call inbound face ....................................................................................................................................617
Creating an identity group ............................................................................................................................618
Inheriting from an identity group to an identity ...........................................................................................618
Configuring the Message Waiting Indication feature for SIP ........................................................................619
Subscription ............................................................................................................................................619
Notification .............................................................................................................................................620
Configuration .........................................................................................................................................620
Message Waiting Indication through Call-Control .......................................................................................622
Configuration Examples ......................................................................................................................................623
52 VoIP debugging........................................................................................................................................... 624
Introduction ........................................................................................................................................................625
Debugging strategy..............................................................................................................................................625
Filtering debug monitor output ...........................................................................................................................626
Verifying IP connectivity .....................................................................................................................................626
Debugging call signaling......................................................................................................................................627
Debugging ISDN signaling ...........................................................................................................................627
Verify an incoming call ...........................................................................................................................628
Verify an outgoing call ............................................................................................................................629
Verify ISDN layer 2 and 3 status .............................................................................................................631
Debugging FXS Signaling .............................................................................................................................632
Verify an incoming call ...........................................................................................................................632
Verify an outgoing call ............................................................................................................................633
Debugging H.323 Signaling .........................................................................................................................634
Verify an incoming call ...........................................................................................................................634
Verify an outgoing call ............................................................................................................................636
Debugging SIP signaling ...............................................................................................................................638
Verify an incoming call ...........................................................................................................................638
25
SmartWare Software Configuration Guide
Table of Contents
Verify an outgoing call ............................................................................................................................638
Using SmartWare’s internal call generator .....................................................................................................639
Debugging voice data ..........................................................................................................................................640
Check system logs .........................................................................................................................................642
How to submit trouble reports to Patton ......................................................................................................642
A Terms and definitions ................................................................................................................................ 644
Introduction ........................................................................................................................................................645
SmartWare architecture terms and definitions .....................................................................................................645
B Mode summary ........................................................................................................................................... 650
Introduction ........................................................................................................................................................651
C Command summary ................................................................................................................................... 654
Introduction ........................................................................................................................................................655
New Configuration Commands ..........................................................................................................................656
Other...................................................................................................................................................................656
Show help .....................................................................................................................................................656
Show command history ................................................................................................................................656
Restart system ...............................................................................................................................................656
D Internetworking terms & acronyms ........................................................................................................... 657
Abbreviations.......................................................................................................................................................658
E Used IP ports & available voice codecs ...................................................................................................... 662
Used IP ports ......................................................................................................................................................663
Available voice codecs .........................................................................................................................................664
26
List of Figures
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
Basic system (abstract) model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Typical carrier network application with a SmartNode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Typical enterprise network with SmartNode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Typical LAN telephony system with a SmartNode gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Configuration concept overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Setup for initial configuration via the console port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Login display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
SmartNode memory regions logically defined in SmartWare . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Boot procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Sample configuration file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Local memory regions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Remote memory regions for SmartWare . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
System banner with message to operators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Authentication procedure with a RADIUS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
How to use AAA methods and AAA profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
IP context and related elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Dynamic NAPT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Static NAPT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Dynamic NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Static NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Binding of an Ethernet port to an IP interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
Packet routing in SmartWare . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
Example of Hierarchical Scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
Elements of link scheduler configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
Scenario with Web server regarded as a single source host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
Structure of a Service-Policy Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
Using a Service Policy Profile on an IP Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
IP interface wan is bound to PVC 1 on port serial 0 0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
Typical Integrated Service Access Scenario with dedicated PVCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
IP Context with logical IP interfaces bound to Ethernet port, serial port PVC 1 and PVC 2 . . . . . . . . . . . . . 188
ISDN reference points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
ISDN signaling side . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
Integration of ISDN access lines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
ISDN layering model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
PBX connected to ISDN port 1/0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Configuring the G.SHDSL card for PPPoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
Internetwork with three routers and four networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
Using traffic filters to prevent traffic from being routed to a network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Deny a specific subnet on an interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
AdventNet MibBrowser displaying some of the System Group objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
AdventNet MibBrowser Settings Button on the Toolbar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
AdventNet TrapViewer displaying received traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277
AdventNet Trap Details window of TrapViewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
DHCP-client and DHCP-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
DNS relay diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306
PPP configuration overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
CS context configuration components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340
27
SmartWare Software Configuration Guide
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
Remote office in an Enterprise network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342
Direct call routing from one SmartNode to another . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
SmartNode in an Enterprise network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351
CS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352
CS interfaces on the CS context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
Incoming call passing an interface mapping table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
Call passing an input and an output mapping table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
ISDN interfaces on the CS context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391
Example SIP network connecting two device to give a home office access to the CO PBX . . . . . . . . . . . . . . . 396
FXS interfaces on the CS context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405
FXO interfaces on the CS context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415
H.323 interfaces on the CS context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432
SIP interfaces on the CS context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 442
Example SIP network connecting two devices to give a home office access to the CO PBX . . . . . . . . . . . . . . 452
Direct call routing vs. advanced call routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459
Routing table outline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464
Mapping table outline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481
Mapping table examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484
Hunt group service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498
Distribution group service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 506
Distribution group service examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 507
‘Limiter’ service diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 509
Priority service diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510
CS Bridge service—‘VoIP Leased Line’ diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511
Bridge services diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512
Call routing example network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517
CS context and call router elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 519
Registration and Lookup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527
Assign tone-sets to a PSTN interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531
Gateway between IP and CS contexts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 547
Routing Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 560
VoIP profile association . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 574
DTMF Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 579
Jitter and dejitter buffer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 581
Adaptive versus static dejitter buffer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 582
Multiple tandem and sequential post filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583
Fax relay and Fax bypass . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 585
Home office in an enterprise network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 591
PSTN profile association . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 598
Echo Cancellation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 599
Applying output gain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 599
Mode overview, 1 of 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 651
Mode Overview, 2 of 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 652
Mode Overview, 3 of 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 653
EBNF syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 655
28
List of Tables
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
General conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Mouse conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Command edit shortcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Command cross reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
TOS values and their meaning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
Traffic control info (TCI) field . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
Values defining detail of the queuing statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
PVC Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
PVC channels in bridged Ethernet mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
PVC channels in PPPoE mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Diagnostics commans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
Details available in the Trap Details window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Time servers operated by NIST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
FXS services with permanent patterns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
FXS services with configurable patterns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
ISDN number types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463
Routing table types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464
Wildcard symbols used as keys in E.164 tables (calling-e164, called-e164) . . . . . . . . . . . . . . . . . . . . . . . . . . . 467
Wildcard symbols used as keys in E.164 tables (calling-e164, called-e164) . . . . . . . . . . . . . . . . . . . . . . . . . . . 468
Mapping table types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482
Hunt group drop causes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 500
29
About this guide
The objective of this SmartWare Software Configuration Guide is to provide information concerning the syntax
and usage of the command set. For hardware specfic information, refer to the getting started guide that came
with your unit.
This section describes the following:
• Who should use this guide (see “Audience”)
• How this document is organized (see “Structure”)
• Typographical conventions and terms used in this guide (see “Typographical conventions used in this document” on page 34)
Audience
This guide is intended for the following users:
• System administrators who are responsible for installing and configuring networking equipment and who
are familiar with the SmartWare.
• System administrators with a basic networking background and experience, but who might not be familiar
with the SmartWare.
• Operators
• Installers
• Maintenance technicians
How to read this guide
SmartWare is a complex and multifaceted operating system. Without the necessary theoretical background you
will not be able to understand and use all the features available. Therefore, we recommend reading at least the
chapters listed below to get a general idea about SmartWare and the philosophy of contexts used for IP and circuit switching related configuration.
• Appendix A, "Terms and definitions" on page 644 contains the terms and their definitions that are used
throughout this SmartWare Software Configuration Guide
• Chapter 1, "System overview" on page 38 provides an overview of the main elements of a SmartWare system.
• Chapter 9, "IP context overview" on page 114
• Chapter 31, "CS context overview" on page 339
30
SmartWare Software Configuration Guide
About this guide
Structure
This guide contains the following chapters and appendices:
• Chapter 1, "System overview" on page 38 provides an overview of the main elements of a SmartWare system.
• Chapter 2, "Configuration concepts" on page 44 introduces basic SmartWare configuration concepts.
• Chapter 3, "Command line interface (CLI)" on page 49 gives an overview of the CLI and the basic features
that allow you to navigate the CLI and edit commands effectively.
• Chapter 4, "Accessing the CLI" on page 53 describes the procedures for entering SmartWare commands via
the command line interface (CLI), to obtain help, to change operator mode and to terminate a session.
• Chapter 5, "System image handling" on page 65 describes how to load and maintain system images and
driver software.
• Chapter 6, "Configuration file handling" on page 76 describes how to upload and download configuration
files from and to a SmartNode.
• Chapter 7, "Basic system management" on page 90 describes parameters that report basic system information to the operator or administrator, and their configuration.
• Chapter 8, "RADIUS Client Configuration" on page 102 provides an overview of the authentication,
authorization, and accounting (AAA) component in SmartWare and describes how to configure the
RADIUS client, a subpart of the AAA component.
• Chapter 9, "IP context overview" on page 114 outlines SmartWare Internet protocol (IP) context, together
with its related components.
• Chapter 10, "IP interface configuration" on page 120 provides a general overview of SmartNode interfaces
and describes the tasks involved in their configuration.
• Chapter 11, "NAT/NAPT configuration" on page 132 provides a general overview of the network address
port translation and describes the tasks involved in its configuration.
• Chapter 12, "Ethernet port configuration" on page 141 provides an overview of Ethernet ports and
describes the tasks involved in their configuration through SmartWare.
• Chapter 13, "Link scheduler configuration" on page 151 describes how to use and configure SmartWare
quality of service (QoS) features.
• Chapter 14, "Serial port configuration" on page 170 provides an overview of the serial port and describes
the tasks involved in its configuration through SmartWare.
• Chapter 15, "Frame Relay configuration" on page 177 provides an overview of how to configure frame relay
through SmartWare.
• Chapter 16, "PRI port configuration" on page 191 provides an overview of the T1/E1 ports, their characteristics and the tasks involved in the configuration.
• Chapter 17, "BRI port configuration" on page 205 provides an overview of the BRI (Basic Rate Interface)
ports, their characteristics and the tasks involved in the configuration.
• Chapter 18, "ISDN Overview" on page 212 provides an overview of ISDN ports and describes the tasks
involved in configuring ISDN ports in SmartWare.
31
SmartWare Software Configuration Guide
About this guide
• Chapter 19, "ISDN configuration" on page 217 describes the configuration of the Q.921 and Q.931 protocol and how to bind the ISDN protocol to an application.
• Chapter 20, "RBS configuration" on page 225 describes the configuration of the Robbed Bit Signaling
(RBS) protocol and how to bind it to the Call Control application.
• Chapter 37, "RBS interface configuration" on page 426 provides an overview of RBS interfaces, and the
tasks involved in their configuration.
• Chapter 21, "DSL Port Configuration" on page 230 provides an overview of the the DSL ports (ADSL and
G.SHDSL), their characteristics and the tasks involved in the configuration.
• Chapter 22, "Basic IP routing configuration" on page 235 provides an overview of IP routing and describes
the tasks involved in configuring static IP routing in SmartWare.
• Chapter 23, "RIP configuration" on page 242 provides an overview of the routing information protocol
(RIP) and describes the tasks involved in configuring RIP features within SmartWare.
• Chapter 24, "Access control list configuration" on page 253 provides an overview of IP access control lists
and describes the tasks involved in their configuration through SmartWare.
• Chapter 25, "SNMP configuration" on page 267 on page 238 provides overview information about the
simple network management protocol (SNMP) and describes the tasks used to configure those of its features
supported by SmartWare.
• Chapter 26, "SNTP client configuration" on page 282 describes how to configure a simple network time protocol (SNTP) client.
• Chapter 27, "DHCP configuration" on page 292 provides an overview of the dynamic host configuration
control protocol (DHCP) and describes the tasks involved in its configuration.
• Chapter 28, "DNS configuration" on page 304 describes how to configure the domain name system
(DNS) component.
• Chapter 29, "DynDNS configuration" on page 308 describes configuring the dynamic DNS
(DynDNS) service.
• Chapter 30, "PPP configuration" on page 313 describes how to configure the point-to-point protocol over
different link layers.
• Chapter 31, "CS context overview" on page 339 gives an overview of SmartWare circuit-switching (CS) context and its associated components and describes the tasks involved in its configuration.
• Chapter 32, "VPN configuration" on page 362 describes how to configure the VPN connections between
two SmartNodes or between a SmartNode and a third-party device.
• Chapter 33, "CS interface configuration" on page 381 gives an overview of interfaces in the CS context and
describes the tasks involved its configuration.
• Chapter 34, "ISDN interface configuration" on page 390 provides an overview of ISDN interfaces, and the
tasks involved in their configuration.
• Chapter 35, "FXS interface configuration" on page 404 provides an overview of FXS interfaces, and the
tasks involved their configuration.
32
SmartWare Software Configuration Guide
About this guide
• Chapter 36, "FXO interface configuration" on page 414 provides an overview of FXO interfaces and the
tasks involved in configuring them.
• Chapter 38, "H.323 interface configuration" on page 431 provides an overview of H.323 interfaces used by
H.323 gateways and describes the specific tasks involved in their configuration.
• Chapter 39, "SIP interface configuration" on page 441 provides an overview of SIP interfaces used by SIP
gateways and describes the specific tasks involved in their configuration.
• Chapter 40, "Call router configuration" on page 456 provides an overview of call router tables, mapping
tables and call services and describes the tasks involved in configuring the call router in SmartWare.
• Chapter 41, "SIP call-router services" on page 524 provides an overview of specific SIP call router services
in SmartWare.
• Chapter 42, "Tone configuration" on page 529 gives an overview of SmartWare call-progress-tone profiles
and tone-set profiles and describes the tasks involved in their configuration.
• Chapter 43, "FXS port configuration" on page 537 provides an overview of POTS signaling and SmartNode FXS ports and describes the tasks involved in configuring FXS ports in SmartWare.
• Chapter 44, "FXO port configuration" on page 542 provides an overview of POTS signaling and SmartNode FXO ports and describes the tasks involved in configuring FXO ports in SmartWare.
• Chapter 45, "H.323 gateway configuration" on page 546 provides an overview of the H.323 gateway and
describes the tasks involved in its configuration.
• Chapter 46, "Context SIP gateway overview" on page 559 provides an overview of the SIP gateway and
describes the tasks involved in its configuration.
• Chapter 47, "VoIP profile configuration" on page 573 gives an overview of SmartWare VoIP profiles, how
they are used and describes the tasks involved in VoIP profile configuration.
• Chapter 48, "PSTN profile configuration" on page 597 gives an overview of SmartWare PSTN profiles, and
describes how they are used and the tasks involved in PSTN profile configuration.
• Chapter 49, "SIP profile configuration" on page 601 gives an overview of mappings between SIP codes and
Q.931 causes.
• Chapter 50, "Authentication Service" on page 604 explains how to create and manage authentication services in SmartWare.
• Chapter 51, "Location Service" on page 607 explains how to configure location services in SmartWare.
• Chapter 52, "VoIP debugging" on page 624 helps you to localize a system component that is responsible for
faults during operation of a SmartNode device.
• Appendix A, "Terms and definitions" on page 644 contains the terms and their definitions that are used
throughout this SmartWare Software Configuration Guide.
• Appendix B, "Mode summary" on page 650 illustrates the modes hierarchy.
• Appendix C, "Command summary" on page 654 is a command reference.
• Appendix D, "Internetworking terms & acronyms" on page 657 contains terms and definitions relating to
internetworking.
33
SmartWare Software Configuration Guide
About this guide
• Appendix E, "Used IP ports & available voice codecs" on page 662 describes the used IP ports and available
voice codecs in SmartWare.
• Appendix F, "Notes for upgrading from R3.10 to R3.20" on page 618 describes how to upgrade a
SmartNode device from Release 3.10 to 3.20.
Precautions
The following are used in this guide to help you become aware of potential problems:
Note
A note presents additional information or interesting sidelights.
The alert symbol and IMPORTANT heading calls attention to
important information.
IMPORTANT
Typographical conventions used in this document
This section describes the typographical conventions and terms used in this guide.
General conventions
In this guide we use certain typographical conventions to distinguish elements of commands and examples. In
general, the conventions we use conform to those found in IEEE POSIX publications. The procedures
described in this manual use the following text conventions:
Table 1. General conventions
Convention
Meaning
Garamond blue type
Indicates a cross-reference hyperlink that points to a figure, graphic, table, or
section heading. Clicking on the hyperlink jumps you to the reference. When
you have finished reviewing the reference, click on the Go to Previous
View button
in the Adobe® Acrobat® Reader toolbar to return to your
starting point.
Futura bold type
Commands and keywords are in boldface font.
Futura bold-italic type
Parts of commands, which are related to elements already named by the
user, are in boldface italic font.
Italicized Futura type
Variables for which you supply values are in italic font
Garamond italic type
Garamond bold type
<>
Indicates the names of fields or windows.
[]
Elements in square brackets are optional.
{a | b | c}
Alternative but required keywords are grouped in braces ({ }) and are separated by vertical bars ( | )
node
The leading IP address or nodename of a SmartNode is substituted with
node in boldface italic font.
node
The leading node on a command line represents the nodename of the
SmartNode
Indicates the names of command buttons that execute an action.
Angle brackets indicate function and keyboard keys, such as <shift>,
<ctrl>, <c>, and so on.
34
SmartWare Software Configuration Guide
About this guide
Table 1. General conventions
Convention
#
Meaning
An hash sign at the beginning of a line indicates a comment line.
35
SmartWare Software Configuration Guide
About this guide
Mouse conventions
The following conventions are used when describing mouse actions:
Table 2. Mouse conventions
Convention
Meaning
Left mouse button
This button refers to the primary or leftmost mouse button (unless you have
changed the default configuration).
Right mouse button
This button refers the secondary or rightmost mouse button (unless you have
changed the default configuration).
Point
This word means to move the mouse in such a way that the tip of the pointing
arrow on the screen ends up resting at the desired location.
Click
Means to quickly press and release the left or right mouse button (as instructed in
the procedure). Make sure you do not move the mouse pointer while clicking a
mouse button.
Double-click
Means to press and release the same mouse button two times quickly
Drag
This word means to point the arrow and then hold down the left or right mouse button (as instructed in the procedure) as you move the mouse to a new location.
When you have moved the mouse pointer to the desired location, you can release
the mouse button.
Service and support
Patton Electronics offers a wide array of free technical services. If you have questions about any of our other
products we recommend you begin your search for answers by using our technical knowledge base. Here, we
have gathered together many of the more commonly asked questions and compiled them into a searchable
database to help you quickly solve your problems.
Patton support headquarters in the USA
• Online support: Available at www.patton.com
• E-mail support: E-mail sent to support@patton.com will be answered within 1 business day
• Telephone support: Standard telephone support is available five days a week—from 8:00 am to
5:00 pm EST (1300 to 2200 UTC/GMT)—by calling +1 (301) 975-1007
• Support via VoIP: Contact Patton free of charge by using a VoIP ISP phone to call
sip:support@patton.com
• Fax: +1 (253) 663-5693
Alternate Patton support for Europe, Middle East, and Africa (EMEA)
• Online support: Available at www.patton-inalp.com
• E-mail support: E-mail sent to support@patton-inalp.com will be answered within 1 business day
• Telephone support: Standard telephone support is available five days a week—from 8:00 am to
5:00 pm CET (0900 to 1800 UTC/GMT)—by calling +41 (0)31 985 25 55
• Fax: +41 (0)31 985 25 26
Service and support
36
SmartWare Software Configuration Guide
About this guide
Warranty Service and Returned Merchandise Authorizations (RMAs)
Patton Electronics is an ISO-9001 certified manufacturer and our products are carefully tested before shipment. All of our products are backed by a comprehensive warranty program.
Note
If you purchased your equipment from a Patton Electronics reseller, ask your
reseller how you should proceed with warranty service. It is often more convenient for you to work with your local reseller to obtain a replacement.
Patton services our products no matter how you acquired them.
Warranty coverage
Our products are under warranty to be free from defects, and we will, at our option, repair or replace the product should it fail within one year from the first date of shipment. Our warranty is limited to defects in workmanship or materials, and does not cover customer damage, lightning or power surge damage, abuse, or
unauthorized modification.
Returns for credit
Customer satisfaction is important to us, therefore any product may be returned with authorization within 30
days from the shipment date for a full credit of the purchase price. If you have ordered the wrong equipment or
you are dissatisfied in any way, please contact us to request an RMA number to accept your return. Patton is
not responsible for equipment returned without a Return Authorization.
Return for credit policy
• Less than 30 days: No Charge. Your credit will be issued upon receipt and inspection of the equipment.
• 30 to 60 days: We will add a 20% restocking charge (crediting your account with 80% of the purchase price).
• Over 60 days: Products will be accepted for repairs only.
RMA numbers
RMA numbers are required for all product returns. You can obtain an RMA by doing one of the following:
• Completing a request on the RMA Request page in the Support section at www.patton.com
• By calling +1 (301) 975-1007 and speaking to a Technical Support Engineer
• By sending an e-mail to returns@patton.com
All returned units must have the RMA number clearly visible on the outside of the shipping container. Please use
the original packing material that the device came in or pack the unit securely to avoid damage during shipping.
Shipping instructions
The RMA number should be clearly visible on the address label. Our shipping address is as follows:
Patton Electronics Company
RMA#: xxxx
7622 Rickenbacker Dr.
Gaithersburg, MD 20879-4773 USA
Patton will ship the equipment back to you in the same manner you ship it to us. Patton will pay the return
shipping costs.
Warranty Service and Returned Merchandise Authorizations (RMAs)
37
Chapter 1
System overview
Chapter contents
Introduction ..........................................................................................................................................................39
SmartWare embedded software .............................................................................................................................40
Applications...........................................................................................................................................................41
Carrier networks .............................................................................................................................................41
Enterprise networks ........................................................................................................................................42
LAN telephony ...............................................................................................................................................43
38
SmartWare Software Configuration Guide
1 • System overview
Introduction
This chapter provides an overview of the main elements of a SmartNode system.
A complete SmartNode system or network, as installed in any of the application scenarios introduced in section
“Applications” on page 41, is typically composed of the following main elements plus a third-party network infrastructure:
• The first and most obvious element is the SmartNode devices (also referred to as hardware platforms or network nodes) that provide the physical connectivity, the CPU and DSP resources. All SmartNode models
support packet-routed and circuit-switched traffic equally well.
• The second element comprises the embedded software—called SmartWare—running on the SmartNode
hardware platforms.
• Finally, a third-party IP network and transmission infrastructure provides IP connectivity between the
above elements. This infrastructure can range from a simple Ethernet hub or switch to highly complex networks including multiple access technologies, backbone transmission, and services nodes.
Introduction
39
SmartWare Software Configuration Guide
1 • System overview
Figure 1 depicts the basic system model of a Patton SmartNode. All SmartNode devices have the following
main components:
• 64k circuit switching between on-board ISDN ports and between ISDN and PSTN interface cards. The
circuit switching engine uses dedicated hardware resources and therefore can bypass the VoIP gateway and
packet routing engine.
• A gateway (GW) that converts telephone circuits into Internet protocol (IP) packet streams and vice versa.
H.323-compliant and SIP Voice over IP (VoIP) is supported.
• An IP router with on-board ports and optional data interface cards is QoS enabled, thereby allowing classification, shaping, and scheduling of multiple service classes.
For more detailed hardware information, refer to the getting started guide that came with your SmartNode system.
Local
Telephony
Circuit Switch
Public Telephony
Node
VoIP
Gateway
IP WAN
IP Router
IP LAN
Figure 1. Basic system (abstract) model
SmartWare embedded software
SmartWare is the application software that runs on the SmartNode hardware platforms. SmartWare is available
in several releases. Refer to SmartWare release notes for detailed information about hardware support.
A SmartWare build is a binary image file. It is usually divided into several checksum-protected files to improve
download efficiency and security. The download to the SmartNode is handled in sequence by using a download batchfile. Refer to chapter 5, “System image handling” on page 65 for details on SmartWare image downloads.
SmartWare embedded software
40
SmartWare Software Configuration Guide
1 • System overview
Applications
The Patton SmartNode product family consists of highly flexible multi-service IP network devices, which fit a
range of networking applications. This section provides an overview of the following SmartNode applications
and the main elements in a SmartNode network.
• Carrier networks—SmartNodes are used as customer gateways or integrated access devices at the customer
premises. These applications are also called Integrated Service Access (ISA).
• Enterprise networks—SmartNodes are used as WAN routers and voice gateways for inter-site networking.
These applications are also called multiservice intranets (MSI).
• LAN telephony—SmartNodes serve as gateways between the LAN and the local PBX or PSTN access.
These applications are also called LAN voice gateway (LVG).
Carrier networks
The network termination (NT) device in a multi-service IP based provider network plays a vital role. It provides the service access point for the subscriber with respect to physical connectivity and protocol interoperability.
Since the access bandwidth in most cases represents a network bottleneck, the NT must also ensure traffic classification and the enforcement of service level agreements (SLA) on the access link. In broadband access networks, this NT is also called an Integrated Access Device (IAD) or customer gateway.
SmartNode products offer unique features as customer gateways for business services. It provides amongst others full ISDN feature support, local switching and breakout options and mass provisioning support.
1
2
3
4
5
6
7
8
9
*
0
#
PSTN
1
2
3
4
5
6
7
8
9
*
0
#
GW
Subscriber PBX
Node
M
Access
Backbone
Services
Internet
Subscriber LAN
Figure 2. Typical carrier network application with a SmartNode.
Figure 2 shows the deployment of SmartNodes in carrier networks. Each subscriber site is equipped with a
SmartNode that connects the subscriber LAN on one side with the provider network and services on the other.
Applications
41
SmartWare Software Configuration Guide
1 • System overview
Typical services in these networks are softswitch-based telephony, PSTN access through V5.2 gateways, PBX
networking services, and LAN interconnection.
Typical access technologies for these networks include xDSL, WLL, PowerLine, cable and conventional leased
lines. With the use of an external modem, the SmartNode can connect to leased lines or any bridged-Ethernet
broadband access.
Enterprise networks
In company-owned and operated wide area networks, SmartNodes can be used to converge voice and data
communications on the same IP link.
In combination with centralized services such as groupware and unified messaging, the SmartNodes provide
migration and investment protection for legacy telephony systems.
1
2
3
4
1
2
3
6
4
5
6
7
8
9
7
8
9
*
5
0
#
*
0
#
1
2
3
1
2
3
PSTN
PSTN
Carrier A Carrier B
4
5
6
4
5
6
7
8
9
7
8
9
*
0
#
*
0
#
PBX site A
PBX site B
Node
LAN site A
WAN
Node
LAN site B
Figure 3. Typical enterprise network with SmartNode
Figure 3 shows the deployment of SmartNodes in enterprise networks. Each site (headquarter, branch or home
office) is equipped with a SmartNode that connects the local LAN and telephony infrastructure with the IP
WAN and the local PSTN carrier.
Applications
42
SmartWare Software Configuration Guide
1 • System overview
PSTN
IPPBX
LAN
Node
IP Phones
Figure 4. Typical LAN telephony system with a SmartNode gateway
LAN telephony
With its voice-over-IP gateway features, the SmartNode can be used as a standalone gateway for VoIP telephony (see figure 4).
A standalone gateway has performance reliability and scalability advantages compared with PC-based gateway
cards. In this application, the SmartNode also offers a migration path to enterprise or carrier networking.
Figure 4 shows the deployment of a SmartNode as a LAN voice gateway.
The PSTN connections can be scaled from a single ISDN basic rate access to multiple primary rate lines. With
Q.SIG, integration in private PBX networks is also supported.
Applications
43
Chapter 2
Configuration concepts
Chapter contents
Introduction ..........................................................................................................................................................45
Contexts and Gateways..........................................................................................................................................46
Context ...........................................................................................................................................................46
Gateway ..........................................................................................................................................................46
Interfaces, Ports, and Bindings...............................................................................................................................47
Interfaces ........................................................................................................................................................47
Ports and circuits ............................................................................................................................................47
Bindings ..........................................................................................................................................................47
Profiles and Use commands...................................................................................................................................48
Profiles ............................................................................................................................................................48
Use Commands ..............................................................................................................................................48
44
SmartWare Software Configuration Guide
2 • Configuration concepts
Introduction
This chapter introduces basic SmartWare configuration concepts. A good understanding of these concepts is
vital for the configuration tasks explained in the remaining chapters of this guide.
Patton strongly recommends that you read through this chapter because it introduces the fundamental ideas
behind the structure of the command line interface. Once you understand and know this structure, you will
find it much more intuitive to navigate through the CLI and configure specific features.
This chapter includes the following sections:
• Contexts and gateways (see page 46)
• Interfaces, ports, and bindings (see page 47)
• Profiles and Use commands (see page 48)
Patton SmartNodes are multi-service network devices that offer high flexibility for the inter-working of circuitswitched and packet-routed networks and services. In order to consistently support a growing set of functions,
protocols, and applications, SmartWare configuration is based on a number of abstract concepts that represent
the various SmartWare components.
H.323 GW
“h323”
bind
commands
Gateway
bind command
VoIP use command
Profile
NAPT
Profile
Context
Interfaces
SIP GW
“sip”
Service
Policy
Profile
Context
IP
router
use command
use command
ACL
Profile
bind command
bind command
Toneset
Profile
VoIP
Profile
use command
Context
CS
switch
use
commands
use
commands
bind command
bind command
PVC
Circuit
Telephone port
Telephone port
Serial
Ethernet
Ports
Figure 5. Configuration concept overview
Figure 5 shows the various elements of a complete SmartNode configuration. Each of these elements implements one of the configuration concepts described in this chapter. The figure also shows the relationships and
associations between the different elements. The relations are specified through bind (arrow) and use (bulletIntroduction
45
Toneset
Profile
SmartWare Software Configuration Guide
2 • Configuration concepts
lines) commands. For example, you need bind commands to bind a physical port to a logical interface, and use
commands to assign profiles to contexts.
The sections that follow refer to figure 5 on page 45 and describe the concepts and elements in more
detail.
Contexts and Gateways
Context
A context represents one specific networking technology or protocol, namely IP (Internet Protocol) or CS (circuit-switching). A context can be seen as virtual dedicated equipment within the SmartNode. For example:
• A CS context contains the circuit-switching functions of the SmartNode. It can be thought of as an embedded multiplexer or cross-connect within the SmartNode
• An IP context contains the routing functions of the SmartNode. It can be thought of as an embedded
router within the SmartNode
The contexts are identified by a name and contain the configuration commands that are related to the technology
they represent. A separate configuration can be built by means of the context concept for newly supported network layer technologies without complicating the configuration methods of existing features. For example, as
bridging, ATM, or FR switching becomes available so a bridging, ATM, or FR context can be introduced.
Each context contains a number of interfaces, which build the connections to other SmartWare elements and
the outside world. Figure 5 on page 45 shows two contexts:
• one of type IP named router
• one of type CS named switch
Note
SmartWare currently supports only one instance of the CS and IP context types.
Example
The IP context named router can contain static routes, RIP, and NAT configuration parameters. The default
circuit-switching context named switch can contain number translations, local breakout conditions, and leastcost routing parameters.
Gateway
The concept of a gateway is introduced for the communication between contexts of different types. A gateway
handles connections between different technologies or protocols. For example, a VoIP gateway connects an IP
context to a circuit-switching context.
The gateways are each of a specific type and are identified by a name. Each named gateway contains its configuration parameters. With this concept, multiple vitual gateways can be instantiated and used at the same time.
Contexts and Gateways
46
SmartWare Software Configuration Guide
2 • Configuration concepts
Interfaces, Ports, and Bindings
Interfaces
The concept of an interface in SmartWare differs from that in traditional networking devices. Traditionally, the
term interface is often synonymous with port or circuit, which are physical entities. In SmartWare however, an
interface is a logical construct that provides higher-layer protocol and service information, such as layer 3
addressing. Interfaces are configured as part of a context, and are independent of physical ports and circuits.
The decoupling of the interface from the physical layer entities enables many of the advanced features offered
by SmartWare.
In order for the higher-layer protocols to become active, you must associate an interface with a physical port or
circuit. This association is referred to as a binding in SmartWare. Refer to the “Bindings” section for more
information. In figure 5 on page 45, the IP context shows three interfaces and the CS context shows four interfaces. These interfaces are configured within their contexts. The bindings shown in the figure are not present
when the interfaces are configured; they are configured later.
Ports and circuits
Ports and circuits in SmartWare represent the physical connectors and channels on the SmartNode hardware.
The configuration of a port or circuit includes parameters for the physical and data link layer such as line
clocking, line code, framing and encapsulation formats or media access control. Before any higher-layer user
data can flow through a physical port or circuit, you must associate that port or circuit with an interface on a
context. This association is referred to as a binding. Refer to the “Bindings” section for more information.
Examples of ports are: Ethernet, Serial, DSL, FXS or FXO. Ports are numbered according to the label (or
abbreviation) printed on the hardware.
Example: Ethernet 0/1, Serial 0/0, BRI 3/2
Some ports may contain multiple circuits. For example, serial ports can contain one or more Frame Relay Permanent Virtual Circuits (PVC). If a port has one or more circuits configured, the individual circuits are bound
to interfaces on a context. The port itself may not be bound in that case.
Example: frame-relay pvc 112.
Figure 5 on page 45 shows five ports. Three ports are bound directly to an IP interface. One port has a single
circuit configured, which is bound to the IP context. Two ISDN ports are bound to CS interfaces.
Bindings
Bindings form the association between circuits or ports and the interfaces configured on a context. No user
data can flow on a circuit or Ethernet port until some higher-layer service is configured and associated with it.
Bindings are configured statically in the port or circuit configuration. The binding is created bottom-up, that is
from the port to the interface.
In the case of VoIP CS interfaces, bindings are configured statically in the CS interface configuration. The
binding is created from the interface to the gateway.
Bindings from ports to interfaces shown in figure 5 on page 45.
Interfaces, Ports, and Bindings
47
SmartWare Software Configuration Guide
2 • Configuration concepts
Profiles and Use commands
Profiles
Profiles provide configuration shortcuts. They contain specific settings that can be used in multiple contexts,
interfaces, or gateways. This concept allows to avoid repetitions of groups of configuration commands that are
the same for multiple elements in a configuration.
Profiles used in the IP and CS contexts are shown in figure 5 on page 45.
Use Commands
Use commands form the association between profiles and contexts, gateways, or interfaces. For example, when
a profile is used in a context, all the configuration settings in that profile become active within the context.
Profiles and Use commands
48
Chapter 3
Command line interface (CLI)
Chapter contents
Introduction ..........................................................................................................................................................50
Command modes ..................................................................................................................................................50
CLI prompt ....................................................................................................................................................50
Navigating the CLI .........................................................................................................................................51
Initial mode ..............................................................................................................................................51
System changes ..........................................................................................................................................51
Configuration ...........................................................................................................................................51
Changing Modes .......................................................................................................................................51
Command editing .................................................................................................................................................51
Command help ...............................................................................................................................................51
The No form ..................................................................................................................................................51
Command completion ....................................................................................................................................51
Command history ...........................................................................................................................................52
Command Editing Shortcuts ..........................................................................................................................52
49
SmartWare Software Configuration Guide
3 • Command line interface (CLI)
Introduction
The primary user interface to SmartWare is the command line interface (CLI). You can access the CLI via the
SmartNode console port or through a Telnet session. The CLI lets you configure the complete SmartWare
functionality. You can enter CLI commands online or as a configuration script in the form of a text file. The
CLI also includes monitoring and debugging commands. CLI commands are simple strings of keywords and
user-specified arguments.
This chapter gives an overview of the CLI and the basic features that allow you to navigate the CLI and edit
commands effectively. The following topics are covered:
• Command Modes
• Command Editing (see page 51)
Command modes
The CLI is composed of modes. There are two mode groups: the exec mode group and the configuration mode
group. Within the exec mode group there are two modes: operator exec and administrator exec. The configuration mode group contains all of the remaining modes. A command mode is an environment within which a
group of related commands is valid. All commands are mode-specific, and certain commands are valid in more
than one mode. A command mode provides command line completion and context help within the mode. The
command modes are organized hierarchically. The current working mode is indicated by the CLI prompt.
Appendix B, “Mode summary” on page 650 contains a detailed overview of all command modes, and
appendix C, “Command summary” on page 654 describes the commands that are valid in each mode.
CLI prompt
For interactive (online) sessions, the system prompt is displayed as:
nodename>
In the operator exec mode, the system prompt is displayed as:
nodename#
In the administrator exec mode and in the different configuration modes, the system prompt is displayed as:
nodename(mode)[name]#
Where:
• nodename is the currently configured name of the SmartNode, the IP address or the hardware type of the
device that is being configured
• mode is a string indicating the current configuration mode, if applicable.
• name is the name of the instance of the current configuration mode
Example: the prompt in radius-client mode, assuming the nodename node and the instance deepblue is:
node(radius)[deepblue]#
The CLI commands used to enter each mode and the system prompt that is displayed when you are working
in each mode is summarized in appendix B, “Mode summary” on page 650.
Introduction
50
SmartWare Software Configuration Guide
3 • Command line interface (CLI)
Navigating the CLI
Initial mode
When you initiate a session, you can log in with operator or administrator privileges. Whichever login you use,
the CLI is always set to operator exec (non-privileged exec) mode by default upon startup. This mode allows
you to examine the state of the system using a subset of the available CLI commands.
System changes
In order to make changes to the system, the administrator exec (privileged exec) mode must be entered. The
enable user interface command is used for this purpose (the enable command is only accessible if you are
logged in as an administrator). Once in administrator exec mode, all of the system commands are available to
you.
Configuration
To make configuration changes, the configuration mode must be entered by using the configure command in
the administrator exec mode.
Changing Modes
The exit command moves the user up one level in the mode hierarchy (the same command works in any of
configuration modes). For example, when in pvc configuration mode, typing exit will take you to framerelay
configuration mode.
The exit command terminates a CLI session when typed from the operator exec mode.
A session can also be terminated by using the logout command within any mode.
Command editing
Command help
To see a list of all CLI commands available within a mode, type a question mark <?> or the <tab> key at the
system prompt in the mode of interest. A list of all available commands is displayed. Commands that have
become available in the current mode are displayed at the bottom of the list, separated by a line. Commands
from higher hierarchy levels are listed at the top.
You can also type the question mark or the <tab> key while in the middle of entering a command. Doing so
displays the list of allowed choices for the current keyword in the command. Liberal use of the question mark
functionality is an easy and effective way to explore the command syntax.
The No form
Almost every command supports the keyword no. Typing the no keyword in front of a command disables the
function or “deletes” a command from the configuration. For example, to enable the DHCP server trace tool,
enter the command debug dhcp-server. To subsequently disable the DHCP server trace, enter the command
no debug dhcop-server.
Command completion
You can use the <tab> key in any mode to carry out command completion. Partially typing a command name
and pressing the <tab> key causes the command to be displayed in full up to the point where a further choice
has to be made. For example, rather than typing configure, typing conf and pressing the <tab> key causes the
Command editing
51
SmartWare Software Configuration Guide
3 • Command line interface (CLI)
CLI to complete the command at the prompt. If the number of characters is not sufficient to uniquely identify
the command, the CLI will provide a list with all commands starting with the typed characters. For example, if
you enter the string co in the configure mode and press <tab>, the selections configure, copy, and context are
displayed.
Command history
SmartWare maintains a list of previously entered commands that you can go through by pressing the <uparrow> and <down-arrow> keys, and then pressing <enter> to enter the command.
The show history command displays a list of the commands you can go through by using the arrow keys.
Command Editing Shortcuts
SmartWare CLI provides a number of command shortcuts that facilitate editing of the command line. Command editing shortcuts are summarized in table 3 on page 52. The syntax <Ctrl>-<p> means press the <p> key
while holding down the keyboard’s control key (sometimes labeled Control, Ctl, or Ctrl, depending on the keyboard and operating system of your computer).
<Esc>-<f> is handled differently; press and release the escape key (often labeled Esc on many keyboards) and
then press the <f> key.
Table 3. Command edit shortcuts
Keyboard
Description
<Ctrl>-<p> or <up-arrow>
<Ctrl>-<p> or <up-arrow>
<Ctrl>-<p> or <up-arrow>
<Ctrl>-<p> or <up-arrow>
<Esc>-<f>
<Esc>-<b>
<Ctrl>-<a>
<Ctrl>-<e>
<Ctrl>-<k>
<Ctrl>-<u>
<Ctrl>-<d>
<Esc>-<d>
<Ctrl>-<c>
<Ctrl>-<l>
<Ctrl>-<t>
<Ctrl>-<v>
Recall previous command in the command history.
Recall next command in the command history.
Move cursor forward one character.
Move cursor backward one character.
Move cursor forward one word.
Move cursor backward one word.
Move cursor to beginning of line.
Move cursor to end of line.
Delete to end of line.
Delete to beginning of line.
Delete character.
Delete word.
Quit editing the current line.
Refresh (redraw) the display.
Transpose characters.
Insert a code to indicate to the system that the keystroke immediately following should be treated as normal text, not a CLI command.
For example, pressing the question mark <?> character in the CLI prints a
list of possible tokens. If you want to use the ? in a configuration command, e.g. to enter a regular expression, press Ctrl-v immediately followed by the question mark <?>.
Command editing
52
Chapter 4
Accessing the CLI
Chapter contents
Introduction ..........................................................................................................................................................54
Accessing the SmartWare CLI task list...................................................................................................................54
Accessing via the console port .........................................................................................................................55
Console port procedure .............................................................................................................................55
Telnet Procedure .......................................................................................................................................56
Using an alternate TCP listening port for the Telnet server .............................................................................56
Disabling the Telnet server ..............................................................................................................................56
Logging on ......................................................................................................................................................56
Selecting a secure password .............................................................................................................................57
Password encryption .......................................................................................................................................58
Factory preset administrator account .........................................................................................................58
Creating an operator account ....................................................................................................................58
Creating an administrator account ............................................................................................................59
Opening a secure configuration session over SSH ...........................................................................................59
Displaying the CLI version .............................................................................................................................60
Displaying account information ......................................................................................................................60
Switching to another account ..........................................................................................................................61
Checking identity and connected users ...........................................................................................................61
Command index numbers ...............................................................................................................................62
Ending a Telnet or console port session ..........................................................................................................64
Showing command default values ...................................................................................................................64
53
SmartWare Software Configuration Guide
4 • Accessing the CLI
Introduction
SmartNode products are designed for remote management and volume deployment. The management and
configuration of SmartNodes is therefore based on IP network connectivity. Once a SmartNode is connected
to, and addressable in, an IP network, you can remotely perform all configuration, management, and maintenance tasks.
This chapter describes the procedures for entering SmartWare commands via the command line interface (CLI),
to obtain help, to change operator mode, and to terminate a session. You can access a SmartNode as follows:
• Directly, via the console port (if available)
• Remotely, via the IP network (by using a Telnet application)
The ports available for connection and their labels are shown in the getting started guide that came with your
unit.
Remember that the CLI supports a command history and command completion. By scrolling with the up and
down arrow keys, you can find many of your previously entered commands. Another timesaving tool is command completion. If you type part of a command and then press the <tab> key, the SmartWare shell will
present you with either the remaining portion of the command or a list of possible commands. These features
are described in chapter 3, “Command line interface (CLI)” on page 49. The telnet server can be disabled
if desired.
IMPORTANT
Although SmartWare supports concurrent sessions via Telnet or
the console port, we do not recommend working with more than
one session to configure a specific SmartNode. However, using
one session for configuration and another for debugging is a
good idea.
Accessing the SmartWare CLI task list
The following sections describe the basic tasks involved in accessing the SmartWare command line interface.
Depending on your application scenario, some tasks are mandatory while others could be optional.
• Accessing via the console port (see page 55)
• Accessing via a Telnet session (see page 55)
• Using an alternate TCP listening port for the Telnet server (see page 56)
• Disabling the Telnet server (see page 56)
• Logging on (see page 56)
• Selecting a secure password (see page 57)
• Configuring operators and administrators (see page 58)
• Displaying the CLI version (see page 60)
• Displaying account information (see page 60)
• Switching to another log-in account (see page 61)
• Checking identity and connected users (see page 61)
Introduction
54
SmartWare Software Configuration Guide
4 • Accessing the CLI
• Ending a Telnet or console port session (see page 64)
Accessing via the console port
If a console port is available, the host computer can be connected directly to it with a serial cable (see figure 6).
The host must use a terminal emulation application that supports serial interface communication.
Serial interface
Console
Node
Node
Host
Figure 6. Setup for initial configuration via the console port
Note
You do not need to configure IP settings if you access the SmartNode via the
console port.
Console port procedure
Before using the CLI to enter configuration commands, do the following:
1. Set up the hardware as described in the getting started guide.
2. Configure your serial terminal as described in the getting started guide.
3. Connect the serial terminal to your SmartNode. Use a serial cable according to the description in the getting started guide included with your SmartNode device.
4. Power on your SmartNode. A series of boot messages are displayed on the terminal screen. At the end of
the boot sequence, press the <return> key and the login screen will be displayed.
5. Proceed with logging in.
Accessing the SmartWare CLI task list
55
SmartWare Software Configuration Guide
4 • Accessing the CLI
Accessing via a Telnet session
This is the most commonly used and recommended method for connecting to a SmartNode. It is way faster
than console access.The Telnet host accesses the SmartNode via its network interface.
Note
If the IP configuration of the Ethernet port (LAN port) is not known or is
incorrectly configured, you will have to use the console interface.
Telnet Procedure
Before you begin to use the CLI to input configuration commands, do the following:
1. Set up the SmartNode as described in the getting started guide included with your SmartNode device.
2. Connect the host (PC) or hub to the SmartNode as described in the getting started guide.
3. Power on your SmartNode and wait until the Run LED lights.
4. Open a Telnet session to the IP address shown in the getting started guide.
5. Proceed with logging in.
Using an alternate TCP listening port for the Telnet server
The following command defines an alternate listening port for the telnet server.
Mode: Configure
Step
1
Command
[name](cfg)# terminal telnet port <port>
Purpose
Uses TCP port <port> for accepting
telnet connections
Disabling the Telnet server
The telnet server can be disabled using the following command.
Mode: Configure
Step
1
Command
[name](cfg)# no terminal telnet
Purpose
Disables the telnet server
Logging on
Accessing your SmartNode via the local console port or via a Telnet session opens a login screen. The following
description of the login process is based on a Telnet session scenario but is identical to that used when accessing
via the local console port.
The opening Telnet screen you see resembles that shown in figure 7. The window header bar shows the IP
address of the target SmartNode.
A factory preset administrator account with name administrator and an empty password is available when you
first access the unit. For that reason, use the name administrator after the login prompt and simply press the
<enter> key after the password prompt.
Accessing the SmartWare CLI task list
56
SmartWare Software Configuration Guide
4 • Accessing the CLI
Figure 7. Login display
Upon logging in you are in operator execution mode, indicated by the “>” as command line prompt. Now you
can enter system commands.
Note
Details on screen in figure 7, such as the IP address in the system prompt
and window header bar, may be different on your unit.
IMPORTANT
You are responsible for creating a new administrator account to
maintain system security. Patton Electronics accepts no responsibility for losses or damage caused by loss or misuse of passwords. Please read the following sections to secure your network
equipment properly.
Selecting a secure password
It is not uncommon for someone to try to break into (often referred to as hacking) a network device. The network administrator should do everything possible to make the network secure. Carefully read the questions
below and see if any applies to you:
• Do your passwords consist of a pet’s name, birthdays or names of friends or family members, your license
plate number, social security number, favorite number, color, flower, animal, and so on?
• Do you use the same password repeatedly? (Example: Your ATM PIN, cell phone voice mail, house alarm
setting code, etc.)
• Could your password or a portion thereof be found in the dictionary?
• Is your password less than six characters long?
To prevent unauthorized access, you should select passwords that are not dictionary words or any of the abovementioned examples. Every password should be at least 6 characters long and include at least one capital letter,
one number, and one lowercase letter.
A good example of a password is: 3Bmshtr
You are probably asking yourself, “How am I going to remember that?” It’s easy, the password above is an acronym taken from: “three blind mice, see how they run.” Making a good password is that easy—but please, don’t
use the above example password for your SmartNode device!
Accessing the SmartWare CLI task list
57
SmartWare Software Configuration Guide
4 • Accessing the CLI
Password encryption
Unencrypted passwords can be stolen by hackers using protocol analyzers to scan packets or by examining the
configuration file—to protect against that type of theft, SmartWare encrypts passwords by default. Encryption
prevents the password from being readable in the configuration file.
• Plain text
• Encrypted text (for example, the password mypassword always appears in encrypted form as
HUAvCYeILWZz3hQvS0IEpQ== encrypted when doing a show command)
The command show running-config always displays the passwords in encrypted format. To encrypt a password, enter the password in plain format and retrieve the encrypted format from the running-config or store it
permanently into the startup-config (with the command copy running-config startup-config).
Factory preset administrator account
SmartWare contains a factory preset administrator account with the name administrator and an empty password. After adding a new administrator account, the factory preset administrator account is automatically
deleted and only the newly created administrator account is available. You can create more than one administrator account, but there has to be at least one administrator account defined. If, for some reason, the last
administrator account is deleted, the factory preset administrator account with the name administrator and an
empty password is automatically recreated.
Configuring operators and administrators
Creating an operator account
Operators do not have the privileges to run the enable command and therefore cannot modify the system
configuration. Operators can view partial system information.
Creating a new operator account is described in the following procedure:
Mode: Operator execution
Step
1
2
3
4
Command
Purpose
node>enable
Enters administration execution mode
node#configure
Enters configuration mode
node(cfg)# operator name password password Creates a new operator account name and
password password
copy running-config startup-config
Saves the change made to the running configuration of the SmartNode, so that it will be
used following a reload
Example: Create an operator account
The following example shows how to add a new operator account with a login name support and a matching
password of s4DF&qw. The changed configuration is then saved.
node>enable
node#configure
node(cfg)#operator support password s4DF&qw
Accessing the SmartWare CLI task list
58
SmartWare Software Configuration Guide
4 • Accessing the CLI
node(cfg)#copy running-config startup-config
Creating an administrator account
Administrators can run the enable command and access additional information within the SmartWare configuration modes. Therefore administrators can modify the system configuration, as well as view all relevant system information.
Creating a new administrator account is described in the following procedure:
Mode: Operator execution
Step
1
2
3
4
Command
Purpose
node>enable
Enters administration execution mode
node#configure
Enters configuration mode
node(cfg)# administrator name password password Creates a new administrator account
name and password password
node(cfg)#copy running-config startup-config
Permanently stores the new administrator
account parameters.
Example: Create an administrator account
The following example shows how to add a new administrator account with a login name super and a matching
password Gh3*Ke4h.
node>enable
node#configure
node(cfg)#administrator super password Gh3*Ke4h
node(cfg)#copy running-config startup-config
Opening a secure configuration session over SSH
A partial implementation of secure shell according RFC 4251, RFC 4252, RFC 4253 and RFC 4254 is provided. It is possible to open a secure configuration session over SSH to a SmartNode.
Note
The Web-GUI and the copy tftp function are still unsecure!
The SSH Transport Layer supports the following Algorithms: “ssh-rsa” public key for signing, “diffie-hellmann-group1-sha1” and “diffie-hellmann-group14-sha1” for key exchange, “3des-cbc”, “aes256-cbc”, “aes192cbc” and “aes128-cbc” for encryption, “hmac-sha1” and “hmac-md5” for data integrity. For user authentication, only the method “password” is supported. On the Connection Layer, only the request for an interactive
command shell is supported.
After the first startup of SmartWare, the RSA server host key is going to be calculated. This calculation is done
in the background and with low priority, so that the SmartNode can operate normally. Until the RSA server
host key is calculated, which takes several minutes, it is not possible to open SSH sessions. The RSA server host
key is calculated only once and always remains the same.
Accessing the SmartWare CLI task list
59
SmartWare Software Configuration Guide
4 • Accessing the CLI
Mode: Configure
Step
1
Command
Purpose
[name](cfg)#terminal ssh use authentication <AAA Set the AAA profile which is going to be
profile name>
used for user authentication. The AAA
profile “default” is uses as when not
specified otherwise.
Mode: Enable
Step
1
Command
Purpose
[name]#show ssh
Displays status information of the SSH
server.
Mode: Enable
Step
1
Command
Purpose
[name]#debug ssh
Prints debug information of the SSH
server.
Displaying the CLI version
This procedure displays the version of the currently running CLI.
Mode: Operator execution
Step
1
Command
node>show version cli
Purpose
Displays the CLI version
Example: Displaying the CLI version
The following example shows how to display the version of the current running CLI on your device, if you
start from the operator execution mode.
node>show version cli
CLI version : 3.00
Displaying account information
You can use the show command to display information about existing administrator and operator accounts.
This command is not available for an operator account.
The following procedure describes how to display account information:
Mode: Administrator execution
Step
1
Command
node#show accounts
Accessing the SmartWare CLI task list
Purpose
Displays the currently-configured administrator and operator
accounts
60
SmartWare Software Configuration Guide
4 • Accessing the CLI
Example: Display account information
The following example shows how to display information about existing administrator and operator accounts.
node#show accounts
administrator accounts:
super
operator accounts:
support
Switching to another account
A user can use the su command to switch from one user account to working in another. With this command,
a user can change from his current account to another existing account ‘name’. After executing su with the
account name to which the user wants to change as argument, he must enter the password of the particular
account to get privileged access.
Mode: Administrator or operator execution
Step
1
Command
node>su account-name
Purpose
Changes to the user account account-name.
Example: Switching to another account
The following example shows how to change from your current user account to an administrator account,
starting from the operator execution mode. In the example below the who command is used to check the
identity within both accounts
login: support
password: <password>
node>who
You are operator support
node>su super
Enter password: <password>
node>who
You are administrator super
Checking identity and connected users
The who command displays who is logged in or gives more detailed information about users and process
states. Depending on the execution mode, the command displays varying information. In administrator execution mode, the command output is more detailed and shows information about the ID, user name, state, idle
time, and location. In operator execution mode, only the user name being used at the moment is reported,
which helps checking the identity.
Mode: Administrator or operator execution
Step
1
Command
Purpose
node#who Shows more detailed information about the users ID, name, state, idle time and
location
or
node>who Shows the user login identity
Accessing the SmartWare CLI task list
61
SmartWare Software Configuration Guide
4 • Accessing the CLI
Example: Checking identity and connected users
The following example shows how to report who is logged in or more detailed information about users and
process states, depending on the execution mode in which you are working.
Used in administrator execution mode:
node#who
ID User name
*
0 administrator
1 support
Note
State
exec
exec
Idle
00:00:00
00:01:56
Location
172.16.224.44:1160
172.16.224.44:1165
The “*” character identifies the user executing the who command. ID represents the ID of the account. State represents the actual running condition of
the user, which can be logout, login, exec, or config.
Used in operator execution mode:
node>who
You are operator support
Command index numbers
A command index number (indicated by the boldface 1, 2, and 3 index numbers in the example below) indicates the position of a command in a list of commands (that is, a command with index 1 will appear higher in
the configuration file than one with index 3).
192.168.1.1(pf-voip)[default]#show running-config
...
profile voip default
codec 1 g711ulaw64k rx-length 20 tx-length 20
codec 2 g711alaw64k rx-length 20 tx-length 20
codec 3 g723-6k3 rx-length 30 tx-length 30
dejitter-max-delay 200
...
commands that make use of index numbers always show the index in the running config. However, the index
can be omitted when entering the command. If you enter such a command with an index, it is inserted into list
at the position defined by the index. If you enter such a command without an index, it is placed at the bottom
of the list. Also, you can change a commands position in a listing (moving it up or down in the list) by changing its index number.
Example 1: Moving the G.723 codec from position 3 in the list to position 1 at the top of the list.
Listing before changing the G.723 codec index number:
profile voip default
codec 1 g711ulaw64k rx-length 20 tx-length 20
codec 2 g711alaw64k rx-length 20 tx-length 20
codec 3 g723-6k3 rx-length 30 tx-length 30
dejitter-max-delay 200
...
Listing after changing index number:
Accessing the SmartWare CLI task list
62
SmartWare Software Configuration Guide
4 • Accessing the CLI
192.168.1.1(pf-voip)[default]#codec 3 before 1
192.168.1.1(pf-voip)[default]#show running-config
...
profile voip default
codec 1 g723-6k3 rx-length 30 tx-length 30
codec 2 g711ulaw64k rx-length 20 tx-length 20
codec 3 g711alaw64k rx-length 20 tx-length 20
dejitter-max-delay 200
...
Note
Succeeding indexes are automatically renumbered.
Example 2: Moving the G.723 codec back position 3
This command moves the G.723 codec from the top to third place. As a result, the other two codecs move up
in the list as their indexes are automatically renumbered to accommodate the new third-place codec.
192.168.1.1(pf-voip)[default]#codec 1 after 3
192.168.1.1(pf-voip)[default]#show running-config
...
profile voip default
codec 1 g711ulaw64k rx-length 20 tx-length 20
codec 2 g711alaw64k rx-length 20 tx-length 20
codec 3 g723-6k3 rx-length 30 tx-length 30
dejitter-max-delay 200
...
Example 3: Inserting a codec at a specific position in the list.
This command assigns the G.729 codec the index number 1 so the codec appears at the top of the list.
192.168.1.1(pf-voip)[default]#codec 1 g729 tx-length 30 rx-length 30 silence-supression
192.168.1.1(pf-voip)[default]#show running-config
...
profile voip default
codec 1 g729 rx-length 30 tx-length 30 silence-supression
codec 2 g711ulaw64k rx-length 20 tx-length 20
codec 3 g711alaw64k rx-length 20 tx-length 20
codec 4 g723-6k3 rx-length 30 tx-length 30
dejitter-max-delay 200
...
Accessing the SmartWare CLI task list
63
SmartWare Software Configuration Guide
4 • Accessing the CLI
Ending a Telnet or console port session
Use the logout command in the operator or administration execution mode to end a Telnet or console port session. To confirm the logout command, you must enter yes on the dialog line as shown in the example below.
Mode: Operator execution
Step
Command
Purpose
1
node>logout
Terminates the session after a confirmation by the user.
Example: End a Telnet or console port session
The following example shows how to terminate a session from the administrator execution configuration
mode.
node>logout
Press 'yes' to logout, 'no' to cancel :
After confirming the dialog with “yes”, the Telnet session is terminated.
Note
Using the command exit in the operator execution mode also terminates a
Telnet or console port session, but without any confirmation dialog.
Showing command default values
If a command is set to its default value, it is not displayed in the running-config in order to make it more readable. There are a few exceptions to this rule. The command cli config defaults makes commands also appearin
the running-config that are set to default values. no li config defaults turns it off.
Accessing the SmartWare CLI task list
64
Chapter 5
System image handling
Chapter contents
Introduction ..........................................................................................................................................................66
Memory regions in SmartWare..............................................................................................................................67
System image handling task list .............................................................................................................................68
Displaying system image information ..............................................................................................................69
Copying system images from a network server to Flash memory .....................................................................69
Upgrading the software directly ......................................................................................................................71
Auto provisioning of firmware and configuration ..................................................................................................72
Boot procedure......................................................................................................................................................74
Factory configuration ............................................................................................................................................75
Default Startup Configuration ........................................................................................................................75
IP Addresses in the Factory Configuration ......................................................................................................75
65
SmartWare Software Configuration Guide
5 • System image handling
Introduction
This chapter describes how to load, maintain, and update the various software images in the SmartNode. The
SmartWare system software consists of the application image and the driver images. The images are stored in
persistent (non-volatile) memory. The application image is the software which actually operates the
SmartNode. Driver images are used to operate the various optional PMC interface cards.
This chapter includes the following sections:
• Memory regions in Smartware
• System image handling task list (see page 68)
• Boot procedure and bootloader (see page 74)
Note
Section “System image handling task list” on page 68 describes the standard
way to upgrade the SmartWare. If you encounter problems that won’t let you
upgrade using the standard method, refer to section “Factory configuration”
on page 75.
Note
Refer to appendix F, “Notes for upgrading from R3.10 to R3.20” on
page 618 for information on converting from SmartWare release R3.10
to R3.20
• Factory configuration (see page 75)
Patton SmartNode devices are shipped with default system software which is stored in persistent memory.
Along with the default system software (application image and driver images), a factory configuration, factoryconfig, has been loaded into the SmartNode at the factory. This configuration file sets the initial basic operating
parameters of the SmartNode, such as enabling the Ethernet ports, setting the default IP addresses and the
DHCP server.
Other configuration files may be stored in the SmartNode persistent memory. A configuration file is an ordered
list of commands. Some of the various configuration files are
• factory-config (read-only)
• startup-config
• running-config
• user-config1, user-config2, etc. (these are specific application configurations created by the user)
Backups of the configuration files can be stored on a remote trivial file transfer protocol (TFTP) server. The
remote tftp server must be accessible via one of the SmartNode IP interfaces. Tftp cannot be used from the
console interface.
The following sections focus on SmartWare memory regions, as well as the software components you can copy
into the memory or move between a TFTP server and the memory of the SmartNode. As SmartWare uses a
specific vocabulary in naming those software components, refer to appendix A, “Terms and definitions” on 644
to ensure that you understand the concepts.
Introduction
66
SmartWare Software Configuration Guide
5 • System image handling
Memory regions in SmartWare
The SmartNode’s memory contains several logical regions and several physical regions as shown in figure 8 on
page 68, each separate from the other.
Note
You will use a remote TFTP server for uploading and downloading the
application image, the driver images, and the various configuration files to
the SmartNode. The command syntax in SmartWare requires you to prefix
the file path on the TFTP server with tftp: followed by the absolute file path.
You need to start from the root directory of the TFTP server.
The three physical regions of memory are the remote tftp server’s memory, the Volatile memories, and the Persistent memory in the SmartNode. The remote tftp server has one logical region, tftp:, which can contain various configuration files and batch files for system software upgrade/download. Within the SmartNode the
Volatile physical region contains one logical region, system:, which is random access memory (RAM). When no
power is applied to the SmartNode, the system: region contains no data, no configuration—nothing; it is volatile. The system: region contains the current running configuration, called running-config.
The third and last physical memory region is the Persistent portion. It has two logical regions called flash:
and nvram:.
• The logical region flash: stores the application image, the driver images and the bootloader image. These
images are not lost when the SmartNode is powered off.
• The logical region nvram: stores the various configuration files. The factory default configuration file is
always present in nvram:, and can be restored as the running-config by pressing the reset button. For those
models that do not have a reset button, use the copy command. The startup-config and user-specific configurations are also stored in nvram:.
The factory configuration is read-only. It is contained in the logical region nvram: of the SmartNode. It is
used—if no user-specific configuration is available—to start-up SmartWare with a minimal functionality. This
configuration is named factory-config in SmartWare terminology.
On powering up a SmartNode (or pressing the Reset button on applicable units) with no pre-configured user
configuration files, the default factory-config file is also the startup-config and the running-config. Upon changing
any configuration parameters, the changes are made to the running-config in the system: region of the Volatile
memory. Unless these changes are copied into startup-config or another user-named configuration file, all configuration changes will be lost if the SmartNode is powered down.
A dedicated user-specific configuration must be created and stored in the nvram: region of persistent memory.
In fact, you may create numerous user-specific configurations in the same SmartNode, but if only one dedicated user-specific config is required, you may save it in startup-config by using the copy running-config
startup-config command. Any future time you restart the SmartNode, it will use this saved configuration. In
other words, the startup-config configuration file becomes your default operating configuration.
If you have created and saved numerous user-defined operating configuration files, you can change the startup
default configuration file simply by copying the selected config file into startup-config and rebooting
the SmartNode.
Any configuration stored in logical region nvram: or system: can be copied to a remote server by using TFTP.
Memory regions in SmartWare
67
SmartWare Software Configuration Guide
5 • System image handling
Operating configurations cannot be executed from the persistent memory, so the configuration used for operating the SmartNode is copied into the volatile memory of the SmartNode prior to normal operation. This
procedure takes place after the system bootstrap, where the application image (i.e. SmartWare) is started and a
configuration must be available. Shortly before SmartWare has completed all startup processes, the configuration startup-config is copied from nvram: in persistent memory to the running-config configuration in system: in
volatile memory.
You can back up the running-config to nvram: or to a remote TFTP server with a user-defined name.
Note
When returning to the factory-config by using the copy factory-config starcommand, all user-specific configurations saved in nvram:
remain even after reload.
tup-config
Storing the current Running Configuration remotely
Memory Regions in
Embedded Software
Configuration File Upload
Remote (TFTP Server)
Storing the current Configuration locally
Local
Persistent
tftp:
Volatile
flash:
• Configuration
Files
• Batchfiles for
System Image
download
• Application Image
• Bootloader Image
• Microcode Image
Image / Microcode Download
nvram :
• Factory
Configuration
“factory-config”
(read-only)
• Startup
Configuration
“startup-config”
• User specific
Configuration
“user-config”
system:
• current Running
Configuration
“running-config”
Only on Startup to execute the
Startup or Factory Configuration
Configuration File Download
Figure 8. SmartNode memory regions logically defined in SmartWare
System image handling task list
To load and maintain system images, perform the tasks described in the following sections:
• Displaying system image information
• Copying system images from a network server to the Flash memory (see page 69)
• Copying the driver software from a network server to the Flash memory (see page 71)
System image handling task list
68
SmartWare Software Configuration Guide
5 • System image handling
Displaying system image information
This procedure displays information about system images and driver software
Mode: Administrator execution
Step
1
Command
show version
Purpose
Lists the system software release version, information about optional interface
cards mounted in slots and other information that is the currently running system
software. If you have just completed a download of new system software from the
tftp server, you must execute the reload command in order to be running with the
new system software. This applies equally to driver software.
Example: Display system image information
The following example shows the information that is available for a SmartNode 2000 series device with an
optional IC-4BRV interface card mounted in slot 2.
node#show version
Productname
Software Version
Supplier
Provider
Subscriber
: SN4638/5BIS/UI
: R3.T 2006-12-04 H323 SIP BRI
:
:
:
Information for Slot 0:
SN4638/5BIS/UI (Admin State: Application Started, Real State:
Application Started)
Hardware Version : 1, 3
Serial number
: 00A0BA0209B1
PLD Version
: 0x46010102
Software Version : R3.T 2006-12-04 H323 SIP BRI
Copying system images from a network server to Flash memory
As mentioned previously, the system image file contains the application software that runs SmartWare; it is
loaded into the flash memory at the Patton Electronics Co. factory. Since most of the voice and data features of
the SmartNode are defined and implemented in the application software, upgrading to a new release might be
necessary if you want to have additional voice and data features available. A new system image file must be
stored permanently into the flash memory of your SmartNode to be present when booting the device.
Since the system image file is preloaded at the Patton Electronics Co. factory, you will have to download a new
SmartWare application software only if a major software upgrade is necessary or if recommended by Patton
Electronics Co. Under normal circumstances, downloading a system image file should not be needed.
Downloading a new system image file means storing it permanently at a defined location within the SmartNode flash memory. To store the system image file, you must use a special download script file. This script file
defines how to handle the system image file and where to store it. You cannot download any system image file
without an appropriate script file.
Each line in the script file is a command for the CLI of your SmartNode. To download a system image file,
which will replace the currently running SmartWare application software, a script file with only one command
is necessary.
System image handling task list
69
SmartWare Software Configuration Guide
5 • System image handling
Comment lines must have a hash character # in column one and can appear anywhere in the script file. Comment lines contain information for administrators or operators who maintain or use the script file.
The following example shows a script file used to download a system image and command line syntax definition file from a TFTP server.
# script file for system image download
# Patton Electronics Co. 2001-10-24
image.bin 1369474 21; ver 2300.1,2300.2;
cli.xml
+/flash/cli/spec.xml
*UÊDä
Note
The script file includes a 32-bit CRC on the last line, displayed as four characters when seen in an ordinary text editor. Do not delete the line containing
the CRC entry or the download will fail!
You can download the script file with the copy command. The copy command source defines the TFTP path
to the script file and the target is set to use the script parser. After downloading the script file, the system image
file and command line syntax definition file download starts automatically.
Mode: Administrator execution
Step
1
Command
node(cfg)# copy tftp://node-ip-address/b flash:
Purpose
Downloads the script file b from the TFTP
server at address node-ip-address and starts
the system image download process. This
progress is visualized with a counter, counting up from 0 to 100% according to the
downloaded amount of the file size for each
file that needs to be downloaded.
Example: Copy system images from a network server to the Flash memory
The following example shows how to download the driver software image file from the TFTP server at IP
address 172.16.36.80. The download is defined by a script file, which has to be downloaded first. After downloading the script file, the driver software image file is downloaded automatically.
SN>enable
SN#configure
SN(cfg)#copy tftp://172.16.36.80/sn2300/build22032/b flash:
Completed image download
Completed file download /flash/cli/spec.xml
SN(cfg)#
Note
When encountering problems due to memory exhaustion (message Parsing
batch file...% APP - OUT OF MEMORY). shutdown the H.323 gateway
prior to initiating the download command as follows (which will temporarily free the required memory): node(gw-h323)[h323]#shutdown
System image handling task list
70
SmartWare Software Configuration Guide
5 • System image handling
After the successful download, either issue the reload command (in order to start the IPNode with the new
software) or restart the H.323 gateway, thus enabling calls again (with the current software):
node(gw-h323)[h323]#no shutdown
Upgrading the software directly
It is possible to upgrade the software directly by passing the name of the delivered zip-file to the CLI command
“copy”. The SmartWare downloads the whole ZIP file. During this time the download progress is displayed in
bytes. After downloading, the ZIP file containing batch file “bw” or “b” will be extracted and executed. This
leads to writing the SmartWare image, which is also part of the ZIP file, to the flash. The web pages are
updated too. After writing the image to the flash, the Smartware needs to be reloaded with the command
reload.
Mode: enable
Step
1
Command
node(cfg)# copy tftp://<server-ip-address>/
<path>/<smartwaredeliveryfile>.zip :flash
Purpose
Downloads the specified delivery file from
the TFTP server and starts the driver software image upgrade process.
Example: An example of such a Smartware upgrade session, where the new software is in the file
SN1000_SIP_R3.T_2006-08-10.zip which is stored on a tftp-server with the ip address 192.186.22.44:
node#copy tftp://192.186.22.44/SN1000_SIP_R3.T_2006-08-10.zip flash:
Download...
3124510 Bytes
Downloading image...completed (2715796 bytes)
Erasing flash...completed.
Writing to flash...completed
Processing files...completed
node#reload
System image handling task list
71
SmartWare Software Configuration Guide
5 • System image handling
Auto provisioning of firmware and configuration
The new auto provisioning capability enables you to automatically distribute up-to-date configurations and
firmware to a large number of units using TFTP. It works as follows:
The unit downloads a specific file from a TFTP server. If this file has changed since the last download, it is
stored and executed. If the file on the server did not change since the last download, no action is taken. If the
units are configured to do auto provisioning, a network operator can only update the firmware files on the
TFTP server, which automatically distributes it to all units. The “profile provisioning” configures this. Here’s
an example for firmware provisioning:
profile provisioning FIRMWARE
destination script
location 1 tftp://172.16.1.2/firmware/b
location 2 tftp://172.16.1.33/firmware/b
activation reload graceful
Explanation:
Step
Command
1
[name] (pf-prov)[FIRMWARE]#destination script
2
[name] (pf-prov)[FIRMWARE]#location 1
tftp://172.16.1.2/firmware/b
[name] (pf-prov)[FIRMWARE]#location 2
tftp://172.16.1.33/firmware/b
3
4
[name] (pf-prov)[FIRMWARE]#activation reload
graceful
Purpose
Chooses the unit’s script interpreter as destination of the downloaded file. Use this
for firmware updates. Script files are the
b, b1, … files that come with each unit
firmware update.
Specifies the location of the file to check
for changes.
Specifies alternate locations of the file. If
the first could not be contacted, the second is tried, and so on.
Specifies how the new firmware is to be
activated. Choose between immediate or
graceful reload.
Here’s an example for configuration provisioning:
profile provisioning CONFIG
destination configuration
location 1 tftp://tftp1.provider.net/configs/$(system.mac).cfg location 2 tftp://172.16.1.33/configs/$(system.mac).cfg activation reload graceful
Explanation:
Step
1
Command
[name] (pf-prov)[CONFIG]#destination
configuration
Auto provisioning of firmware and configuration
Purpose
Chooses the unit’s startup-configuration as
destination of the downloaded file.
72
SmartWare Software Configuration Guide
Step
5 • System image handling
Command
2
[name] (pf-prov)[CONFIG]#location 1
tftp://tftp1.provider.net /configs/
$(system.mac).cfg
3
[name] (pf-prov)[CONFIG]#location 2
tftp://172.16.1.33/configs/$(system.mac).cfg
4
[name] (pf-prov)[CONFIG]#activation reload
graceful
Purpose
Specifies the location of the file to check
for changes. $(system.mac) is a placeholder for the unit’s MAC address of
ETH 0/0. Using host names instead of IP
addresses works only if DNS resolver is
enabled and configured.
Specifies alternate locations of the file. If
the first could not be contacted, the second is tried, and so on.
Specifies how the new configuration
should be activated. Choose between
immediate or graceful reload.
Note the placeholder used in the file location. Placeholders can be used for each part of the location, be it
server address, path or filename. The following place holders are available:
• $(system.mac)—MAC address of ETH 0/0 (without “:” between the hexadecimal characters)
• $(system.serial)—serial number of the unit
• $(dhcp.66)—DHCP option 66 (TFTP server IP), as delivered by the DHCP server (only if DHCP
is enabled)
• $(dhcp.67)—DHCP option 67 (Boot file name), as delivered by the DHCP server (only if DHCP
is enabled)
To use and debug provisioning:
Step
Command
1
[name] (cfg)provisioning execute FIRMWARE
2
[name] (cfg)debug provisioning
Purpose
Executes the provisioning profile
FIRMWARE once
Enables debug output for all
provisioning operations
To continuously poll for firmware or configuration changes, use the provisioning execute command together
with the new timer command as described below. Here’s how to do both firmware and configuration provisioning, with a polling interval of 10 minutes.
timer FIRMWARE_UPDATE now + 2 minutes every 10 minutes “provisioning execute FIRMWARE”
timer CONFIG_UPDATE now + 2 minutes every 10 minutes “provisioning execute CONFIG”
Auto provisioning of firmware and configuration
73
SmartWare Software Configuration Guide
5 • System image handling
Boot procedure
During a normal boot procedure of a SmartNode, the bootstrap application checks for an application image in
the persistent memory of the logical region nvram:. The application image is then executed, i.e. the SmartWare
is started module by module. One of the last start-up tasks to finish in bringing up the entire system is handling the operating configuration. The configuration startup-config is copied from the logical region nvram: in
nonvolatile memory to the logical region running-config in the volatile memory. The SmartWare now uses the
running-config to set up the operating configuration of the SmartNode. Figure 9 illustrates the boot procedure.
Power-On
Bootstrap
Bootloader
pressed
Reset Button
released
Application
Image
invalid
valid
Application
start Software Modules
pressed
System Button
released
use startup-config
use factory-config
System Up
Figure 9. Boot procedure
There are two situations during bootstrap when the bootloader takes control:
• “If the user has pressed the system button, it launches the bootloader, the bootstrap application checks the
status of the Reset button (not available for SN4xxx) on the back panel of the SmartNode.”
• If a valid application image is not available
Boot procedure
74
SmartWare Software Configuration Guide
5 • System image handling
The bootloader ensures that basic operations, network access, and downloads are possible in case of interrupted
or corrupted application image downloads.
After downloading an application image (that is, new system software/software upgrade), the bootloader
ensures that basic operations, network access, and downloads are possible in case of interrupted or corrupted
application image downloads. After downloading an application image, the bootstrap will only switch to the
newly loaded application image if it is valid. If it is not valid, the bootstrap still uses the application image
which existed prior to doing a software upgrade.
If the application image is valid, it is started and SmartWare is brought into operation module by module.
During this system initialization phase (when the message Press reset button to restore factory defaults... appears
on the console screen), the status of the reset button on the back panel of the SmartNode is checked. If the button has been pressed, the factory configuration is loaded into the volatile memory and is used to parameterize
the SmartWare (not available for SN4xxx). If the button has not been pressed, the startup configuration is
loaded into the volatile memory and is used to parameterize the SmartWare.
Factory configuration
SmartNodes are delivered with a factory configuration stored in the logical region nvram: of the memory. It is used
to initially parameterize the network and component settings of SmartWare, which makes sense at the very beginning. Moreover, in case of SmartWare malfunction, you can reset to the initial state by reloading the factory configuration. The factory configuration consists of the default settings for the IP networking subsystem.
Once the user-specific configuration is created and stored as startup configuration, the factory configuration is
no longer used but it remains in the persistent memory. It is possible to switch back to the factory configuration at any time during the operation of a SmartNode.
Default Startup Configuration
The SmartNodes delivered from the factory contain both a factory configuration and a default startup configuration. While the factory configuration contains only basic IP connectivity settings, the default startup configuration includes settings for most SmartWare functions. Note that if you press and hold the system button
(Reset) for 5 seconds the factory configuration is copied onto the startup configuration (overwrite). The default
startup config is then lost.
IP Addresses in the Factory Configuration
The factory configuration contains the following IP interfaces and address configurations bound by the Ethernet ports 0/0 and 0/1:
interface eth0
ipaddress dhcp
mtu 1500
interface eth1
ipaddress 192.168.1.1 255.255.255.0
mtu 1500
Avoid downloading any system image if you do not completely
understand what you have to do!
IMPORTANT
Factory configuration
75
Chapter 6
Configuration file handling
Chapter contents
Introduction ..........................................................................................................................................................77
Understanding configuration files ...................................................................................................................77
Factory configuration ............................................................................................................................................79
Configuration file handling task list.......................................................................................................................79
Copying configurations within the local memory ............................................................................................80
Replacing the startup configuration with a configuration from Flash memory ................................................81
Copying configurations to and from a remote storage location ........................................................................82
Replacing the startup configuration with a configuration downloaded from TFTP server ...............................83
Displaying configuration file information .......................................................................................................83
Modifying the running configuration at the CLI .............................................................................................84
Modifying the running configuration offline ...................................................................................................85
Deleting a specified configuration ...................................................................................................................86
Encrypted file download .................................................................................................................................87
Encrypted Configuration Download .........................................................................................................87
Use Cases ..................................................................................................................................................88
76
SmartWare Software Configuration Guide
6 • Configuration file handling
Introduction
This chapter describes how to upload and download configuration files from and to SmartWare. A configuration file is a batch file of SmartWare commands used in the software modules that perform specific functions of
the SmartNode. This chapter also describes some aspects of configuration file management. Refer to chapter 5,
“System image handling” on page 65 for more information.
This chapter includes the following sections:
• Factory configuration (see page 79)
• Configuration file handling task list (see page 79)
All Patton SmartNode devices are shipped with a factory configuration file, which is stored in their flash memory.
A configuration file is like a script file containing SmartWare commands that can be loaded into the system.
Configuration files may also contain only partial configurations. This allows you to keep a library of command
sequences that you may want to use as required. By default, the system automatically loads the factory configuration from the flash memory if no user-specific configuration is defined as the startup configuration.
Changing the current running configuration is possible as follows:
• You may change the running configuration interactively. Interactive configuring requires that you access the
CLI by using the enable command to enter administrator execution mode. You must then switch to the
configuration mode with the command configure. Once in configuration mode, enter the configuration
commands that are necessary to configure your SmartNode.
• You can also create a new configuration file or modify an existing one offline. You can copy configuration
files from the flash memory to a remote server. Transferring configuration files between the flash memory
and a remote system requires the Trivial File Transfer Protocol (TFTP). The TFTP server must be reachable
through one of the SmartNode network interfaces.
See chapter 4, “Accessing the CLI” on page 53 for information concerning access to the CLI.
The following sections focus on SmartWare memory regions and software components that can be copied
within the memory or uploaded/downloaded between a TFTP server and the memory of the SmartNode.
Since SmartWare uses a specific vocabulary in naming those software components, refer to appendix A, “Terms
and definitions” on page 644 to ensure that you understand the concepts. Refer to chapter 5, “System image
handling” on page 65 for a brief description of how SmartWare uses system memory.
Understanding configuration files
Configuration files contain commands that are used to define the functionality of SmartWare. During system
startup, the command parser reads the factory or startup configuration file command-by-command, organizes the
arguments, and dispatches each command to the command shell for execution. If you use the CLI to enter a command during operation, you alter the running configuration accordingly. In other words, you are modifying a live,
in-service system configuration.
Introduction
77
SmartWare Software Configuration Guide
6 • Configuration file handling
Figure 10, shows the characteristics of a configuration file. It is stored on a TFTP server in the file myconfig.cfg
for later download. The command syntax used to enter commands with the CLI and add commands in configuration files is identical. For better comprehension, you can add comments in configuration files. To add a line
with a comment to your configuration file, simply begin the line with the hash (#) character. The command
parser skips everything after the hash character to the end of the line.
#----------------------------------------------------------------#
# My Configuration File
#----------------------------------------------------------------#
# SNTP configuration used for time synchronization
cli version 3.00
sntp-client
sntp-client server primary 172.16.1.10 port 123 version 4
sntp-client poll-interval 600
sntp-client gmt-offset + 01:00:00
# system definitions
system
clock-source 1 2
hostname node
# IP context configuration
context ip router
route 0.0.0.0 0.0.0.0 172.19.32.2 1
route 172.19.41.0 255.255.255.0 172.19.33.250
route 172.19.49.0 255.255.255.0 172.19.33.250
# interface LAN used for connection to internal network
interface lan
ipaddress 172.19.33.30 255.255.255.0
mtu 1500
# interface WAN used for connection to access network
interface wan
ipaddress 172.19.32.30 255.255.255.0
mtu 1500
# CS context configuration
context cs switch
no shutdown
# routing table configuration
routing-table called-e164 rtab
route 2.. dest-interface telecom-operator
# interface used to access the PSTN telecom operator
interface isdn telecom-operator
route call dest-interface h323
# interface used to access the VoIP telecom provider
interface h323 voip-provider
route call dest-table rtab
remoteip 172.19.33.60
Introduction
78
SmartWare Software Configuration Guide
6 • Configuration file handling
bind gateway h323
# H.323 gateway primarily used
gateway h323
faststart
no ras
gatekeeper-discovery auto
bind interface lan router
no shutdown
port ethernet 0 0
medium auto
encapsulation ip
bind interface lan router
no shutdown
port ethernet 0 1
medium 10 half
encapsulation ip
bind interface wan router
no shutdown
Figure 10. Sample configuration file
Each configuration file stored in the flash memory needs a unique name. The user has to assign a file name to
any user-specific configuration. SmartWare predefines some names for configuration files. These are the factory
configuration (factory-config), startup configuration (startup-config), and running configuration (runningconfig) file names. Refer to appendix A, “Terms and definitions” on page 644 to learn more about configuration file types.
Factory configuration
SmartNodes are delivered with a factory configuration in the logical region nvram:. This factory configuration
initially parameterizes the most useful network and component settings of SmartWare.
Once a user-specific configuration is created and stored as the startup configuration, the factory configuration
is no longer used, but still remains in the persistent memory. It is possible to switch back to the factory configuration at any time during the operation of a SmartNode configuration. The getting started guide included
with your SmartNode device describes the restoration procedure for restoring the default settings.
Configuration file handling task list
This section describes how to create, load, and maintain configuration files. Configuration files contain a set of
user-configured commands that customize the functionality of your SmartNode device to suit your own operating requirements.
The tasks in this chapter assume that you have at least a minimal configuration running on your system. You
can create a basic configuration file by using the configure command; see section “Modifying the running
configuration at the CLI” on page 84 for details.
To display, copy, delete, and download or upload configuration files, perform the tasks described in the following sections:
Factory configuration
79
SmartWare Software Configuration Guide
6 • Configuration file handling
• Copying configurations within the local memory (see page 80)
• Replacing the startup configuration with a configuration from the Flash memory (see page 81)
• Copying configurations to and from a remote storing location (see page 82)
• Replacing the startup configuration with a configuration downloaded from the TFTP server (see page 83)
• Displaying configuration file information (see page 83)
• Modifying the running configuration at the CLI (see page 84)
• Modifying the running configuration offline (see page 85)
• Deleting a specified configuration (see page 86)
• Downloading encrypted files (see page 87)
Copying configurations within the local memory
Configuration files may be copied into the local memory in order to switch between different configurations.
Remember the different local memory regions in SmartWare as shown in figure 11.
Store the current Running
Configuration persistently
Local Memory Regions
Local
Persistent
Copy Configuration Files within
the persistent Memory Region
Volatile
nvram:
system:
• Factory
Configuration
“factory-config”
(read-only)
• Startup
Configuration
“startup-config”
• User specific
Configuration
“user-config”
• current Running
Configuration
“running-config”
Only on Startup to execute
the Startup or Factory
Configuration
Figure 11. Local memory regions
In most cases, the interactively modified running configuration known as the running-config, which is located
in the volatile memory region system:, is copied into the persistent memory region nvram:. This running config
is stored under the name startup-config and replaces the existing startup configuration.
Configuration file handling task list
80
SmartWare Software Configuration Guide
6 • Configuration file handling
You can copy the current running configuration into the persistent memory region nvram: under a user-specified name, if you want to preserve that configuration.
In addition, an already existing configuration is usually copied into the persistent memory region nvram: by
using a user-specified name, for conservation or later activation.
As shown in figure 11 the local memory regions are identified by their unique names, like nvram:, which is
located in flash memory, and system:, which is the system RAM, i.e. the volatile memory. As already mentioned, configuration files in the same memory region need a unique name. For example, it is not possible to
have two configuration files with the name running-config in the memory region nvram:.
As you might expect, the copy command does not move but replicates a selected source to a target configuration file in the specified memory region. Therefore the source configuration file is not lost after the copy process. There are three predefined configuration file names for which it is optional to specify the memory region,
namely factory-config, startup-config and running-config.
Mode: Administrator execution
Step
1
Command
node#copy {factory-config | startupconfig | running-config | nvram: sourcename } nvram:target-name
Purpose
Copies the selected source configuration file
source-name as target configuration file targetname into the local memory.
Example: Backing up the startup configuration
The following example shows how to make a backup copy of the startup configuration. It is copied under the
name backup into the flash memory region nvram:.
node#copy startup-config nvram:backup
Replacing the startup configuration with a configuration from Flash memory
It is possible to replace the startup configuration by a configuration that is already present in the flash memory.
You can do so by copying it to the area of the flash memory where the startup configuration is stored.
Mode: Administrator execution
Step
1
Command
node# copy nvram:backup startup-config
Note
Purpose
Replaces the existing persistent startup configuration with the startup configuration
backup already present in flash memory.
The configuration backup can be a previously backed up configuration or
previously downloaded from a TFTP server.
Configuration file handling task list
81
SmartWare Software Configuration Guide
6 • Configuration file handling
Copying configurations to and from a remote storage location
Configuration files can be copied from local memory (persistent or volatile region) to a remote data store. From
within SmartWare, the remote TFTP server is represented by the memory region tftp: in combination with the IP
address of the TFTP server and the name and path of the configuration file. We will explain the usage of the
remote memory region tftp: in the following section more detailed. Another typical task is uploading the current
running configuration to the remote data store for backup purpose, or if an extensive configuration file is to be
edited on the remote host. In this case the running configuration, named running-config, which is to be found in
the volatile memory region system: is transferred to the TFTP server. On the TFTP server the running configuration is stored to a file whose name is defined as one of the arguments of the copy command.
Configuration File Upload
Remote Memory
Regions
Store the current Running
Configuration remotely
Local (Intelligent Access Device)
Remote (TFTP Server)
Persistent
tftp:
• Configuration Files
• Batchfiles for
System Image
download
Volatile
nvram:
system:
• Factory
Configuration
“factory-config”
(read-only)
• Startup
Configuration
“startup-config”
• User specific
Configuration
“user-config”
• current Running
Configuration
“running-config”
Configuration File Download
Figure 12. Remote memory regions for SmartWare
Finally, configuration files, i.e. the startup configuration or a user-specific configuration that is stored in the
persistent memory region nvram: are often uploaded to the remote data store for backup, edit or cloning purposes. The latter procedure is very helpful when you have several SmartNode devices, each using a configuration which does not greatly differ from the others, or which is the same for all devices. During the
configuration of the first SmartNode according to your requirements, the running configuration of this device,
named running-config and located in the volatile memory region system:, is edited. Next, the configuration is
tested and if everything is as required, the running configuration is copied as startup configuration, named startup-config, into the persistent memory region nvram: of the target device. After this, the startup configuration is
transferred to the TFTP server, where it can be distributed to other SmartNode devices. These devices therefore
get clones of the starting system if the configuration does not need any modifications.
Configuration file handling task list
82
SmartWare Software Configuration Guide
6 • Configuration file handling
Replacing the startup configuration with a configuration downloaded from
TFTP server
From within the administration execution mode, you can replace the startup-configuration by downloading a
configuration from the TFTP server into the flash memory area where to store the startup configuration.
Mode: Administrator execution
Step
1
Command
Purpose
node(cfg)# copy tftp://ip-address[:port]/
new-startup nvram:startup-config
Downloads the configuration file new-startup from
the TFTP server at address ip-address replacing the
existing persistent startup configuration. Optionally
you can enter the UDP port where the TFTP server listens. If the port is not specified, the default port 69 is
used. This progress is visualized with a counter,
counting up from 0 to 100% according to the downloaded amount of the file size. Should the download
fail, an error message % File Transfer - Get failed is
displayed.
Example: Sample configuration download from the TFTP server
The following example shows how to replace the persistent startup configuration in the flash memory of a
SmartNode by overwriting it with the configuration contained in the file new-startup located on the TFTP
server at IP address 172.16.36.80.
1. Download the startup configuration with the copy command into the flash memory area where to store
the startup configuration.
node>enable
node#configure
node(cfg)#copy tftp://172.16.36.80/user/new-startup nvram:startup-config
Download...100%
node(cfg)#
2. Check the content of the persistent startup configuration by listing its command settings with the show
command.
node#show nvram:startup-config
Displaying configuration file information
This procedure describes how to display information about configuration files
Mode: Administrator execution
Command
show nvram:
show running-config
show startup-config
Configuration file handling task list
Purpose
Lists all persistent configurations
Displays the contents of the running configuration file
Displays the contents of the startup configuration file
83
SmartWare Software Configuration Guide
IMPORTANT
Note
6 • Configuration file handling
It is recommended that you never save a configuration in startupconfig or a user-specific configuration with the cli config defaults
command because the additional list of default commands consumes significant portions of the nvram: memory.
Application files can be very long when displayed (by using the show command). To make them easier to read, many default commands are not displayed when executing the show running-config command. However, the
administrator may want to see the entire configuration, including these normally “hidden” default commands. To see all commands, execute the cli
config defaults command. By issuing a show running-config command
afterwards, you will see all the commands, a list which is significantly longer.
To hide these hidden commands again, issue the no cli config
defaults command.
Modifying the running configuration at the CLI
SmartWare accepts interactive modifications on the currently running configuration via the CLI. Interactive
configuring needs access to the CLI. Use the enable command to enter administrator execution mode, and
then switch to the configuration mode by typing the command configure. Once in configuration mode, you
can enter the configuration commands that are necessary to your SmartNode’s operation. When you configure
SmartWare by using the CLI, the shell executes the commands as you enter them.
When you log in using the CLI, all commands you enter directly modify the running configuration located in
the volatile memory region system: (or RAM) of your SmartNode. Because it is located in volatile memory, to
be made permanent, your modifications must be copied to the persistent (non-volatile) memory. In most cases
you will store it as the upcoming startup configuration in the persistent memory region nvram: under the name
startup-config. On the next start-up the system will initialize itself using the modified configuration. After the
startup configuration has been saved to persistent memory, you have to restart the SmartNode by using the
reload command to cause the system to initialize with the new configuration.
The execution command reload accepts with the following options:
• graceful—reloads the system only if no voice calls are ongoing. If there are voice calls, the system waits until
they all are closed to reload.
• forced—reloads the system without prompting for confirmation or for saving the running-configuration
(no need to type yes or no). The question whether to save the running-configuration is automatically
answered with no, the question whether to reload or not with yes.
Mode: Administrator execution
Step
1
2
3
4
Command
Purpose
node#configure
Enters administrator configuration mode
Enter all necessary configuration commands.
node(cfg)#copy running-config startup-config Saves the running configuration file as the
upcoming startup configuration
node(cfg)#reload
Restarts the system
Configuration file handling task list
84
SmartWare Software Configuration Guide
6 • Configuration file handling
Example: Modifying the running configuration at the CLI
The following example shows how to modify the currently running configuration via the CLI and save it as the
startup configuration.
node#configure
node(cfg)#…
node(cfg)#copy running-config startup-config
node(cfg)#reload
Press 'yes' to restart, 'no' to cancel : yes
The system is going down
Modifying the running configuration offline
In cases of complex configuration changes, which are easier to do offline, you may store a configuration on a
TFTP server, where you can edit and save it. Since the SmartNode is acting as a TFTP client, it initiates all file
transfer operations.
First, upload the running configuration, named running-config, from the SmartNode to the TFTP server. You
can then edit the configuration file located on the TFTP server by using any regular text editor. Once the configuration has been edited, download it back into the SmartNode as upcoming startup configuration and store
it in the persistent memory region nvram: under the name startup-config. Finally, restart the SmartNode by
using the reload command to activate the changes.
Mode: Administrator execution
Step
1
2
3
4
Command
Purpose
node#copy running-config tftp://node-ipaddress[:port]/current-config
Uploads the current running configuration as file
current-config to the TFTP server at address nodeip-address. Optionally you can enter the UDP
port where the TFTP server listens. If the port is
not specified, the default port 69 is used. This
progress is visualized with a counter, counting up
from 0 to 100% according to the downloaded
amount of the file size. If the upload should fail
an error message “% File Transfer - Put failed” is
displayed.
Offline editing of the configuration file currentconfig on the TFTP server using any regular text
editor.
node#copy tftp://node-ip-address/current-config Downloads the modified configuration file curnvram: startup-config
rent-config from the TFTP server at address nodeip-address into the persistent memory region
nvram: by using the name startup-config. This
progress is visualized with a counter, counting up
from 0 to 100% according to the downloaded
amount of the file size. Should the download fail,
an error message “% File Transfer - Get failed” is
displayed.
node#reload
Restarts the system
Configuration file handling task list
85
SmartWare Software Configuration Guide
6 • Configuration file handling
Example: Modifying the running configuration offline
The following example shows how to upload the running configuration from the SmartNode to the file current-config on a TFTP server at IP address 172.16.36.80. The uploaded configuration file is written into the
root directory specified by the TFTP server settings, and overwrites any existing file with the same name. Read
your TFTP server manual to get a thorough understanding of its behavior. After this, the configuration file is
available for offline editing on the TFTP server. Once the configuration file current-config has been modified, it
is downloaded from the TFTP server, at IP address 172.16.36.80, into the persistent memory region nvram:
using the name startup-config. It will become active after a reload.
node#copy running-config tftp://172.16.36.80/user/current-config
Upload...100%
At this point in time, the offline editing of the configuration file current-config on the TFTP server takes place.
node#copy tftp://172.16.36.80/user/ current-config nvram:startup-config
Download...100%
node#reload
Press 'yes' to restart, 'no' to cancel : yes
The system is going down
Deleting a specified configuration
This procedure describes how to delete configuration files from the SmartNode flash memory region nvram:.
Mode: Administrator execution
Step
1
2
Command
node#show nvram:
node#erase name
Purpose
Lists the loaded configurations
Deletes the configuration name from the flash memory.
Example: Deleting a specified configuration
The following example shows how to delete a specific configuration from among a set of three available configurations in Flash memory. The configuration named minimal is to be deleted, since it is no longer used.
1. Use the command show nvram: to list all available configurations.
node#show nvram:
Persistent configurations:
backup
minimal
startup-config
factory-config
2. Delete the configuration named minimal explicitly.
node#erase nvram:minimal
3. Enter again the command show nvram: to check if the selected configuration was deleted successfully
from the set of available configurations.
node#show nvram:
Persistent configurations:
backup
Configuration file handling task list
86
SmartWare Software Configuration Guide
6 • Configuration file handling
startup-config
factory-config
Encrypted file download
This section explains how configuration files can be transported encrypted over IP.
TFTP as a configuration download mechanism has the advantage of being extremely simple (trivial) and applicable in any network without any requirements for specialized management servers or applications. It has the
disadvantage of being completely insecure.
The security hole of downloading complete configurations—which may contain IP addresses, login names,
ect.—using TFTP becomes particularly pressing in combination with the auto-provisioning feature which
allows large scale distribution of configurations in entire networks.
To alleviate this problem and maintain the simplicity of TFTP downloads support for encrypted configuration
file downloads is introduced.
Goal: Prevent maliciously intercepted configurations to be readable by unauthorized users.
Pre-requisites: Only authorized users have configuration access to the SmartNode. The configurations can be
stored in plain form on the SmartNode. SNMP Write Access shall be restricted by means of communities and
ACLs to prevent unauthorized SNMP initiated configuration downloads. Telnet access shall be restricted by
means of credentials and ACLs.
Encrypted Configuration Download
An external encryption tool on the PC is used to encrypt the configuration file:
enctool encrypt <plain-config-file> <enc-config-file> [<key>]
The encrypted configuration file can then be downloaded with TFTP triggered by
• The CLI copy command: copy tftp://<host>/<path> <config-file>
• Auto provisioning
• SNMP
• HTTP
On the SmartNode the encryption is detected and the configuration file is automatically decrypted before
stored to flash.
A custom encryption key can be:
• Downloaded to the SmartNode
• Specified with the PC encryption tool
The encryption key may include the MAC address and/or serial number of the SmartNode using the placeholders $(system.mac) and $(system.serial) respectively.
An encrypted configuration file can be uploaded to a TFTP server on request, specifying the encrypted flag:
copy <config-file> tftp://<host>/<path> encrypted
On the PC the encryption tool can be used to decrypt the file:
Configuration file handling task list
87
SmartWare Software Configuration Guide
6 • Configuration file handling
enctool decrypt <enc-config-file> <plain-config-file> [<key>]
A log file lists the last up/downloads:
show log file-transfer
Use Cases
Install a custom encryption key (optional)
You can install a custom encryption key with the SmartNode. The encryption key is used to automatically
decrypt an encrypted configuration file that is downloaded later. A default encryption key is already installed
on the SmartNode.
To install an encryption key you have to create a file on your TFTP server that contains the key. Then you have
to download this key file to the SmartNode using the copy command of the SmartNode.
The key file shall contain a key string of at most 24 characters on a single line. Spaces, tabs and LF/CR characters are trimmed. The key must not contain LF/CR or the null character and must not start or end with a space
or tab. If the key contains more than 24 characters, only the first 24 characters are considered.
The key may contain variables that are resolved when the key file is downloaded to a SmartNode. Using this
mechanism you can specify device-specific encryption keys. We currently support the following variables:
• $(system.mac): The MAC address of the first ethernet port. Execute the show port ethernet command on a
SmartNode to display the MAC address of a SmartNode. This value without the colon separators and with
all lower-case hexadecimal letters is used instead of the variable on the SmartNode.
• $(system.serial): The serial number of the SmartNode. Execute the show version command on the SmartNode to display the serial number.
When your key file contains the following line:
123$(system.serial)abc$(system.mac)XYZ
The command show port ethernet shows the following:
Ethernet Configuration
------------------------------------Port
: ethernet 0 0 0
State
: OPENED
MAC Address
: 00:0C:F1:87:D9:09
Speed
: 10MBit/s
Duplex
: Half
Encapsulation : ip
Binding
: interface eth0 router
The command show version displays the following:
[...]
Serial number : 100000020002
[...]
The encryption key on this SmartNode will be interpreted as:
Configuration file handling task list
88
SmartWare Software Configuration Guide
6 • Configuration file handling
123100000020002abc000cf187d909XYZ
Then you have to download the created key file to the SmartNode. Open a telnet session and type in the following commands:
>enable
#copy tftp://<ip>/<path> key:
where <ip> is the IP address of your TFTP server and <path> is the path to the key file relative to the
TFTP root.
IMPORTANT
The downloaded key also defines how the passwords are
encrypted in your configuration files. After you downloaded a
key file you have to regenerate the startup-config from the
running-config by executing the command.
copy running-config startup-config
If you don’t do this, the device will fail executing the commands
that have encrypted password arguments in the startup-config.
Encrypt a configuration file
Use the encryption tool to encrypt a configuration file on your PC. Therefore you have to enter the
following command.
enctool encrypt <plain-file> <encrypted-file> [<key>]
Where <plain-file> is the path of the non-encrypted input configuration file and <encrypted-file> is the path of
the encrypted output configuration file. <key> specifies the encryption key which shall be used to encrypt the
configuration file. If omitted the default key is used.
Download an encrypted configuration file
Now you can download the configuration file as usual using the CLI copy-command, the auto-provisioning
feature, HTTP or SNMP download. The SmartNode automatically detects that a downloaded file is encrypted
and tries to decrypt the file using the pre-installed key.
Upload an encrypted configuration file
The SmartNode immediately decrypts a configuration file after downloading it. This is the configuration
file is stored non-encrypted in the flash memory. Thus when you upload a configuration it is
uploaded non-encrypted.
You may upload an encrypted configuration file specifying the encrypted flag at the end of the copy command:
#copy startup-config tftp://<ip>/<path> encrypted
This encrypts the configuration file before sending it to the TFTP server. Use the enctool decrypt command
on the PC to regain the original configuration.
Configuration file handling task list
89
Chapter 7
Basic system management
Chapter contents
Introduction ..........................................................................................................................................................91
Basic system management configuration task list ...................................................................................................91
Managing feature license keys .........................................................................................................................92
Setting system information .............................................................................................................................93
Setting the system banner ................................................................................................................................94
Setting time and date ......................................................................................................................................95
Display clock information ...............................................................................................................................95
Display time since last restart ..........................................................................................................................96
Configuring the Web server ............................................................................................................................96
Determining and defining the active CLI version ............................................................................................96
Restarting the system ......................................................................................................................................97
Displaying the system logs ..............................................................................................................................97
Displaying reports ...........................................................................................................................................98
Controlling command execution .....................................................................................................................98
Timed execution of CLI command ...............................................................................................................100
Displaying the checksum of a configuration ..................................................................................................100
Configuration of terminal sessions ................................................................................................................100
90
SmartWare Software Configuration Guide
7 • Basic system management
Introduction
This chapter describes parameters that report basic system information to the operator or administrator, and
their configuration. The following are basic parameters that can be established when setting up a new system:
• Defining the system's hostname
• Setting the location of the system
• Providing reference contact information
• Setting the clock
Additionally, the following tasks are described in this chapter:
• Checking the CRC of configuration files
• Displaying the currently running SmartWare commands
• Moving SmartWare commands into the foreground
• Setting the system banner
• Enabling the embedded web server
Basic system management configuration task list
All tasks in the following sections are optional, though some such as setting time and calendar services and system information are highly recommended.
To configure basic system parameters, perform the tasks described in the following sections.
• Managing feature license keys (see page 92)
• Setting system information (see page 93)
• Setting the system banner (see page 94)
• Setting time and date (see page 95)
• Displaying clock information (see page 95)
• Displaying time since last restart (see page 96)
• Configuring and starting the web server (see page 96)
• Determining and defining the active CLI version (see page 96)
• Restarting the system (see page 97)
• Displaying the system event log (see page 97)
• Controlling command execution (see page 98)
• Setting timed execution of CLI commands (see page 100)
• Displaying the checksum of a configuration (see page 100)
• Configuration of terminal sessions (see page 100)
• Identifying a unit by flashing all LED’s (see page 100)
Introduction
91
SmartWare Software Configuration Guide
7 • Basic system management
Managing feature license keys
Several features of the firmware require a system specific license key to be installed to enable the feature.
This section describes how to install the feature license keys on your equipment. Because license keys comprise
very long strings of characters, the standard way of installing them is to download the file containing the
license keys from a TFTP server to the equipment. Therefore, a TFTP server must be present in the IP network
where you can store the license keys file obtained from the distributor. If no TFTP server is available, the
license key can also be manually typed (or copied and pasted) in a console or Telnet window. Both procedures
are described below.
Mode: Configure
Step
1
Command
node(cfg)#copy tftp://tftp-server/path/filename licenses:
Purpose
Downloads the license key file and install the
licenses.
Example: Installing license keys from a TFTP server
The following example shows the command used to install license keys, which are stored in a license file on a
TFTP server.
node(cfg)#copy tftp://172.16.4.3/keystore/myLicense.lic licenses:
Mode: Configure
Step
1
2
Command
node(cfg)#install license license-key
Purpose
Install the license key
Repeat step 1 for any additional license keys
Example: Installing license keys from the console
The following example shows the command used to install license keys manually on the console.
node(cfg)#install license 10011002R1Ws63yKV5v28eVmhDsVGj/JwKqIdpC4Wr1BHaNtenXUYF/
2gNLoihifacaTPLKcV+uQDG8LJis6EdW6uNk/
GxVObDEwPFJ5bTV3bIIfUZ1eUe+8c5OpCCd7PSAe83Ty2c/
CnZPSlEjIrVlJrr8VhOr1DYxkEV9evBp+tSY+y9sCeXhDWt5Xq15SAPlznTLQmym7fDakvm+zltzswX/
KX13sdkR0ub9IX4Sjn6YrvkyrJ2dCGivTTB3iOBmRjV1u
After installing license keys, you can check if the license keys have been added successfully to your system using
the following command.
Mode: Configure
Step
1
Command
node(cfg)#show licenses
Purpose
Display all installed licenses
Example: Displaying installed licenses
The following example shows the command used to display all installed licenses on a system and a sample of its
output.
Basic system management configuration task list
92
SmartWare Software Configuration Guide
7 • Basic system management
node(cfg)#show licenses
VPN [vpn]
License serial number: 14343534
Status: Active
node(cfg)#
Setting system information
The system information includes the following parameters:
• Contact
• Hostname
• Location
• Provider
• Subscriber
• Supplier
By default there is no information specified for any of the above parameters.
System contact information tells the user how to contact the information service, e.g. the help line of the service provider. The contact information may be any alphanumeric string, including spaces, that is no longer
than one line. This entry corresponds to the MIB II system sysContact object.
The system name, also called the hostname, is used to uniquely identify the SmartNode in your network. The
selected name should follow the rules for ARPANET hostnames. Names must start with a letter, end with a letter or digit, and have as interior characters only letters, digits, and hyphens. Names must be 63 characters or
fewer. For more information, refer to RFC 1035. This entry corresponds to the MIB II system sysName object.
After setting the hostname of the SmartNode the CLI prompt will be replaced with the chosen name.
Assigning explanatory location information to describe the system physical location of your SmartNode (e.g.
server room, wiring closet, 3rd floor, etc.) is very supportive. This entry corresponds to the MIB II system sysLocation object.
The system provider information is used to identify the provider contact for this SmartNode device, together
with information on how to contact this provider. The provider is a company making services available to subscribers. The provider information may be any alphanumeric string, including spaces, that is no longer than
one line. This entry corresponds to the Patton Electronics enterprise-specific MIB provider object.
The system subscriber information is used to get in touch with subscriber for this SmartNode device, together
with information on how to contact this subscriber. The subscriber is a company or person using one or more
services from a provider. The subscriber information may be any alphanumeric string, including spaces, that is
no longer than one line. This entry corresponds to the Patton Electronics enterprise-specific MIB subscriber
object.
The system supplier information is used to get in touch with the supplier for this SmartNode device, together
with information on how to contact this supplier. The supplier is a company delivering SmartNode devices to
a provider. The supplier information may be any alphanumeric string, including spaces, that is no longer than
one line. This entry corresponds to the Patton Electronics enterprise-specific MIB supplier object.
Basic system management configuration task list
93
SmartWare Software Configuration Guide
7 • Basic system management
Mode: Configure
Step
1
2
3
4
5
6
Command
node(cfg)#system
node(cfg)#system
node(cfg)#system
node(cfg)#system
node(cfg)#system
node(cfg)#system
Note
Purpose
contact information
hostname information
location information
provider information
subscriber information
supplier information
Sets
Sets
Sets
Sets
Sets
Sets
the
the
the
the
the
the
contact information to information
hostname to information
location information to information
provider information to information
subscriber information to information
supplier information to information
If the system information must have more than one word, enclose it in double quotes.
Example: Setting system information
The following example shows the commands used to configure the contact information for your device, if you
start from the operator execution mode.
node(cfg)#system contact "Bill Anybody, Phone 818 700 1504"
node(cfg)#system hostname node
node(cfg)#system location “Wiring Closet, 3rd Floor”
node(cfg)#system provider “Best Internet Services, contact@bis.com, Phone 818 700
2340”
node(cfg)# system subscriber “Mechanical Tools Inc., jsmith@mechtool.com, Phone 818
700 1402”
node(cfg)# system supplier “WhiteBox Networks Inc., contact@whitebox.com, Phone 818
700 1212”
Setting the system banner
The system banner is displayed on all systems that connect to your SmartNode via Telnet or a serial connection
(see figure 13). It appears at login and is useful for sending messages that affect administrators and operators,
such as scheduled maintenance or system shutdowns. By default no banner is present on login.
To create a system banner use the banner command followed by the message you want displayed. If the banner message has to be formed out of more than one word the information is enclosed by double quotes. Adding
the escape sequence “\n” to the string forming the banner creates a new line on the connected terminal screen.
Use the no banner command to delete the message.
Mechanical Tools Inc.
jsmith@mechtool.com
Phone 818 700 1402
login:
Figure 13. System banner with message to operators
Mode: Configure
Step
1
Command
node(cfg)#banner message
Basic system management configuration task list
Purpose
Sets the message for the system banner to message
94
SmartWare Software Configuration Guide
7 • Basic system management
Example: Setting the system banner
The following example shows how to set a message for the system banner for your device, if you start from the
configuration mode.
node(cfg)#banner \n#\n# The password of all operators has changed\n# please contact
the administrator\n#"
Setting time and date
All SmartNode devices provide time-of-day and date services. These services allow the products to accurately
keep track of the current time and date. The system clock specifies year, month, day, hour, minutes, and
optionally seconds. The time is in 24-hour format yyyy-mm-ddThh:mm:ss and is retained after a reload.
Mode: Configure
Step
1
Command
Purpose
node(cfg)#clock set yyyy-mm-ddThh:mm:ss
Note
Sets the system clock to yyyy-mm-ddThh:mm:ss
The integrated SNTP client allows synchronization of time-of-day and date
to a reference time server. Refer to chapter 26, “SNTP client configuration”
on page 282 for more details.
Example: Setting time and date
The following example shows the commands used to set the system clock of your device to August 6, 2001 at
16:55:57, if you start from the operator execution mode.
node(cfg)#clock set 2001-08-06T16:55:57
Display clock information
This procedure describes how to display the current date and time
Mode: Both in operator and administrator execution
Step
1
Command
node>show clock
Purpose
Display the local time.
Example: Display clock information
The following example shows the commands used to display the time and date settings of your device in local
time, if you start from the operator execution mode.
node>show clock
2001-08-06T16:55:57
Basic system management configuration task list
95
SmartWare Software Configuration Guide
7 • Basic system management
Display time since last restart
This procedure describes how to display the time since last restart
Mode: Operator execution
Step
1
Command
node>show uptime
Purpose
Display the time since last restart.
Example:
The following example shows how to display the uptime of your device, if you start from the configuration mode.
node>show uptime
The system is up for 54 days, 23 hours, 44 minutes, 18 seconds
Configuring the Web server
The embedded web server has two parameters that are configurable.
Note
Changing the language parameter does not affect the language of the web
configuration pages.
Mode: Configure
Step
1
Command
node(cfg)#webserver language
{de | en}
node(cfg)#webserver port portnumber
2
Purpose
Sets the language to either German (de) or English (en).
Sets the listening port number in the 1 to 65535, default
port number for the web server is 80.
Example: Configuring and starting the Web server
The following example shows how to set the web server language and the listening port of your device, if you
start from the configuration mode.
node(cfg)#webserver language en
node(cfg)#webserver port 80
Determining and defining the active CLI version
SmartWare allows having a number of CLI version installed together, whereas only one CLI version is activated. There are commands available to determine the currently running CLI version and if necessary switch to
another CLI version. The idea of having several CLI version available on a system is mostly to offer reduced or
enhanced command sets to users.
Mode: Configure
Step
1
2
Command
node(cfg)#show version cli
node(cfg)#cli version version.revision
Basic system management configuration task list
Purpose
Displays the currently running CLI version
Selects the active CLI version in the form version.revision
96
SmartWare Software Configuration Guide
7 • Basic system management
Example: Defining the desired CLI version
The following example shows how to determine the running CLI version and define CLI version 2.10 for your
device, if you start from the configuration mode.
node(cfg)#show version cli
CLI version : 3.00
node(cfg)#cli version 2.10
Restarting the system
In case the SmartNode has to be restarted, the reload command must be used. The reload command includes
a two-dialog, where the user is allowed to store any unsaved configuration data and finally confirms the
system restart.
Restarting the system interrupts running data transfers and all
voice calls.
IMPORTANT
The execution command reload has been enhanced with the following options:
• graceful—reloads the system only if no voice calls are ongoing. If there are voice calls, the system waits until
they all are closed to reload.
• forced—reloads the system without prompting for confirmation or for saving the running-configuration
(no need to type yes or no). The question whether to save the running-configuration is automatically
answered with no, the question whether to reload or not with yes.
Mode: Administrator execution
Step
1
Command
node#reload
Purpose
Restarts the system
Example: Restarting the system
The following example shows how to restart the currently running system, if you start from the administrator
execution mode.
node#reload
System configuration has been changed.
Press 'yes' to store, 'no' to drop changes : yes
Press 'yes' to restart, 'no' to cancel : yes
The system is going down
Displaying the system logs
The system logs contain warnings and information from the system components of SmartWare. In case of
problems it is often useful to check the event or the supervisor logs for information about malfunctioning system components. The event log stores general events such as flash full, DSP failed etc., comparable with the
event log on Windows NT. The supervisor log stores information from the system supervisor such as memory
full, task failed etc.
Basic system management configuration task list
97
SmartWare Software Configuration Guide
7 • Basic system management
System resets may have a number of reasons, the most prominent being a manual reset issued on the Telnet/
console (‘reload’). Other reset reasons include power off failures and system failures. In order to pinpoint the
problem, the reset log contains the reset cause.
Mode: Administrator execution
Step
1
2
Command
Purpose
node#show log [event]
Show event log.
node#show log supervisor Show log of the system supervisor. Used For example, after an unexpectedly reboot.
node#show log reset
Output a list of reset reasons (with date and time).
node#show log boot
Displays the console and log messages captured during startup of the
unit.
node#show log login
Displays a list of succeeded and failed CLI login attempts.
node#show log fileDisplays the history of all recently executed file transfer operations
transfer
(up to 50 entries).
3
4
5
6
Displaying reports
The show reports command is used to dump combined system information. The show reports command
sequentially executes the following log commands:
show
show
show
show
show
show
show
show
show
show
show
show
version
clock
uptime
licenses
memory stat
log reset
log boot
log event
log supervisor
factory-config
startup-config
running-config
Mode: Administrator execution
Step
1
Command
node#show reports
Purpose
Dumps the combined system information.
Controlling command execution
The SmartWare command shell includes a basic set of commands that allow you to control the execution of
other running commands. In SmartWare, the commands jobs and fg are used for such purposes. The command jobs lists all running commands, and fg allows switching back a suspended command to the foreground. Moreover using <ctrl>-<z> suspends an active command and lets the system prompt reappear. With
<ctrl>-<c> the currently active command can be terminated.
Basic system management configuration task list
98
SmartWare Software Configuration Guide
7 • Basic system management
Mode: Administrator execution
Step
1
2
3
4
5
6
Command
node#<Ctrl-Z>
node#jobs
node#fg jobid
node#<Ctrl-C>
Purpose
Execute the first command
Suspend the active command and get system prompt back
Execute the second command
Shows the currently running commands
Brings job with jobid back to foreground
Terminates the currently running command
Example: Controlling Command Execution
The following example shows how to suspend an active command, list the running commands, switch back a
suspended command and terminate a currently active command on your device, if you start from the configuration mode.
node>ping 172.16.36.80 1000 timeout 3
Sending 1000 ICMP echo requests to 172.16.36.80, timeout is 3 seconds:
Reply from 172.16.36.80: Time <10ms
Reply from 172.16.36.80: Time <10ms
Reply from 172.16.36.80: Time <10ms
Reply from 172.16.36.80: Time <10ms
<Ctrl>-<z> suspend active command
% Suspended
System prompt reappears and is ready to execute further commands
node>show ip interface
-----------------------------------------------------------Context:
router
…
Show the currently running commands
node>jobs
* [run ] jobs
0 [bg ] ping
Bring job 0 to foreground
node>fg
% Resumed [ping]
Reply from 172.16.36.80: Time <10ms
Reply from 172.16.36.80: Time <10ms
<Ctrl>-<c> terminate current command
% Aborted (ping)
Basic system management configuration task list
99
SmartWare Software Configuration Guide
7 • Basic system management
Timed execution of CLI command
The command timer allows the timed execution of CLI commands. The timer command is incremental; this
means for each time it is entered, a new timer is created. All timers appear in the running-configuration, except
if they have been created with the volatile option. It is possible to specify for each timer the start time and the
reoccurrence. Use the CLI help (tab completion) for detailed description of all configuration options.
Some examples:
timer FIRMWARE_UPDATE now + 2 minutes every 10 minutes “provisioning execute FIRMWARE”
Starts a timer named FIRMWARE_UPDATE, whose first execution time is 2 minutes after the command is
entered (2 minutes after device startup if the command is in the startup-configuration), and is executed every
10 minutes afterwards. This timer does not expire. The executed CLI command is provisioning
execute FIRMWARE.
timer volatile RELOAD midnight + 1 hour “reload graceful”
Starts a volatile timer named RELOAD (does not appear in the running-configuration, and thus is not stored in
the startup-configuration). The timer is executed once, 1 hour after midnight, and reloads the
system gracefully.
Displaying the checksum of a configuration
In SmartWare configuration files, e.g. startup configuration, running configuration, and user-specific configuration, contain a checksum entry. This checksum informs the user about the validity and helps distinguish configuration files on the basis of the checksum.
Mode: Administrator execution
Step
1
Command
node#show crc filename
Purpose
Displays checksum of a configuration
Example: Displaying the checksum of a configuration
The following example shows how to display the checksum of the configuration test of your device, if you start
from the configuration mode.
node#show crc nvram:test
File nvram: test:
checksum: 0xfaddc88a
Configuration of terminal sessions
In certain cases it may be desirable to change the settings of the current terminal session.
Mode: System
Step
1
Command
[name] (sys)#terminal height
Basic system management configuration task list
Purpose
Configures the terminal height.
100
SmartWare Software Configuration Guide
Step
Command
2
[name] (sys)#[no] terminal idle-timelogout
3
[name] (sys)#terminal more
4
[name] (sys)#terminal width
7 • Basic system management
Purpose
After 30 minutes without user input, a terminal session
is automatically closed. If longer session periods are
required (logging/debugging) this command allows
to increase the session timeout, or to disable it completely.
Enables pausing of display for commands which produce more output than the current terminal window
can display at once.
Configures the terminal width.
When there are many VoIP units in the same location, use this command to flash all the LED’s on a specific
unit for a specified period of time. This makes identification of the physical unit very easy.
Step
1
Command
[name] #blink <seconds>
Basic system management configuration task list
Purpose
Enter an integer for the period of time you want the
LED’s to flash on the physical unit.
101
Chapter 8
RADIUS Client Configuration
Chapter contents
Introduction ........................................................................................................................................................103
The AAA component ..........................................................................................................................................103
General AAA Configuration ..........................................................................................................................104
RADIUS configuration........................................................................................................................................106
Configuring RADIUS clients ........................................................................................................................107
Configuring RADIUS accounting .................................................................................................................108
Configuring the RADIUS server ...................................................................................................................110
Attributes in the RADIUS request message .............................................................................................110
Attributes in the RADIUS accept message ...............................................................................................111
Configuring the local database accounts ..............................................................................................................111
Storing call logs with quality information ............................................................................................................113
102
SmartWare Software Configuration Guide
8 • RADIUS Client Configuration
Introduction
This chapter provides an overview of the authentication, authorization, and accounting (AAA) component and
describes how to configure the RADIUS client, a subpart of the AAA component. It is important to understand how AAA works before configuring the RADIUS client. This chapter also describes the local database
accounts configuration, which is another subpart of AAA.
To use the authentication and authorization service on SmartWare you have to configure the AAA component,
the RADIUS component and the local database accounts.
This chapter includes the following sections:
• The AAA component
• RADIUS configuration (see page 106)
• Configuration of the local database accounts (see page 111)
The AAA component
Authentication, authorization, and accounting (AAA) is a term for controlling access to client resources,
enforcing policies, auditing usage, and providing information necessary to invoice users for services.
Authentication provides a way of identifying a user (usually in the form of a login window where the user is
expected to enter a username and password) before allowing access to a client. The AAA component compares
the user's authentication login information with credentials stored in a database. If the information is verified,
the user is granted access to the network. Otherwise, authentication fails and network access is denied.
Following authentication, authorization determines the activities, resources, or services a user is permitted to
access. For example, after logging into a system, a user may try to issue commands, the authorization process
determines whether the user has the authority to issue such commands.
Accounting, which keeps track of the resources a user consumes while connected to the client, can tally the
amount of system time used or the amount of data transferred during a user’s session. The accounting process
records session statistics and usage information that is used for authorization control, billing, and monitoring
resource utilization.
AAA information can be stored in a local database or in a database on a remote server. A current standard by
which network access servers interface with the AAA server is the Remote Authentication Dial-In User Service
(RADIUS).
Introduction
103
SmartWare Software Configuration Guide
8 • RADIUS Client Configuration
Figure 14 illustrates the authentication procedure for a user logging into a SmartNode that is configured to use
RADIUS as authentication method.
AAA Server
(RADIUS)
3. Authentication accepted
4. Access granted
IP
2. Authentication requested
User
1. Login Request
Node
Figure 14. Authentication procedure with a RADIUS server
General AAA Configuration
The AAA component consists of AAA profiles and AAA methods. A service (e.g. Telnet) has to specify a profile it
wants to apply to all login requests. The profile then specifies the sequence in which methods are applied to obtain
AAA information. Figure 15 illustrates the correlation between the Telnet login and console login services.
AAA method
Service
Telnet
radius_deepblue
1
AAA profile
2
cli-login
radius_extern
3
local database
Console
1
consolelogin
none
2
Figure 15. How to use AAA methods and AAA profiles
The Telnet service uses an AAA profile called cli-login. This profile specifies that the following methods are used
in the order they appear in the configuration:
1. Query RADIUS server radius_deepblue.
2. Query RADIUS server radius_extern.
The AAA component
104
SmartWare Software Configuration Guide
8 • RADIUS Client Configuration
3. Query the local database (see “Configuring the local database accounts” on page 111 for information on
how to configure the local database)
If, e.g. radius_deepblue is not available, radius_extern will be queried after a timeout. But if radius_deepblue
gives an answer that rejects the login request, the remaining methods are not used and the login is denied. The
same applies to the console service, which uses the profile console-login. This profile uses the following sequence
of methods:
1. Ask radius server radius_deepblue.
2. Ask predefined method none. This method always grants access as system operator.
If radius_deepblue is not available, access will be granted by the method none. If radius_deepblue rejects the
login request, console access is denied. If radius_deepblue confirms the request, console access is granted.
Do the following to configure the AAA component.
Mode: Configure
Step
Command
1
node(cfg)#profile authentication name
2
node(pf-auth)[name]#method [index]
{local | none | {radius name}}
3
4
5
6
7
8
node(pf-auth)[name]#server-timeout
seconds
node(pf-auth)[name]#exit
node(cfg)#terminal Telnet use
authentication profile-name
node(cfg)#terminal console use
authentication profile-name
node(cfg)#show profile authentication
[name]
Purpose
Creates an authentication profile with name
name and enters profile authentication configuration mode.
Adds an AAA method to the profile. For RADIUS
you have to specify a name. For information on
how to configure local accounts and RADIUS
servers, refer to chapter 9, “IP context overview”
on page 114. With index you can add a method
between to others.
Repeat step 2 for all AAA methods you want to
add
Sets the timeout after that the next AAA method
in the list is requested if no answer is received.
Goes back to the parent configuration mode
Specifies which AAA profile the Telnet login service
has to use.
Specifies which AAA profile the console login
service has to use.
Displays the configured profiles
Example: Create the AAA profiles for login over Telnet and login over console, as they are shown in figure 15,
and use them on the Telnet login and console login services.
node>enable
node#configure
node(cfg)#profile authentication remote-radius
node(pf-auth)[remote-~]#method radius radius_deepblue
node(pf-auth)[remote-~]#method radius radius_extern
node(pf-auth)[remote-~]#method local
node(pf-auth)[remote-~]#server-timeout 15
The AAA component
105
SmartWare Software Configuration Guide
8 • RADIUS Client Configuration
node(pf-auth)[remote-~]#exit
node(cfg)#
node(cfg)#profile authentication local-only
node(pf-auth)[local-o~]#method local
node(pf-auth)[local-o~]#method none
node(pf-auth)[local-o~]#exit
node(cfg)#terminal Telnet use authentication remote-radius
node(cfg)#terminal console use authentication local-only
node(cfg)#show profile authentication
Authentication Profile: default
Server-Timeout: 10
Methods:
local (Type=local)
none (Type=none)
Authentication Profile: remote-radius
Server-Timeout: 15
Methods:
radius_deepblue (Type=radius)
radius_extern (Type=radius)
local (Type=local)
Authentication Profile: local-only
Server-Timeout: 10
Methods:
local (Type=local)
none (Type=none)
node(cfg)#
Possible lock-out —If you delete the local and none methods
from the default AAA profile, or if you create and use a profile
without methods local and none, you will be unable to access
IMPORTANT your device if the network or RADIUS server is not available.
Note
If you do not configure AAA, a default AAA profile exists containing the
AAA local as the first AAA method and the AAA none as the second. The Telnet login and the console login service use this profile. If an emergency
occurs, you can reload this default configuration by reloading the factory
configuration as described in section “Boot procedure” on page 74.
RADIUS configuration
RADIUS is a protocol for carrying authentication, authorization, and configuration information between a
network access server (NAS) that desires to authenticate its links and a shared authentication server. A NAS
operates as a client of RADIUS. The client is responsible for passing user information to designated RADIUS
servers and then acting on the response that is returned. RADIUS servers are responsible for receiving user connection requests, authenticating the user, and then returning all configuration information necessary for the
client to deliver service to the user.
RADIUS configuration
106
SmartWare Software Configuration Guide
8 • RADIUS Client Configuration
Transactions between the RADIUS client and server are authenticated through the use of a shared secret, which is
never sent over the network—the same secret must thus be known to the server and the client by configuration.
Using this secret as an encryption key, user passwords are sent encrypted between the client and RADIUS server.
Configuring RADIUS clients
If the AAA profiles you have defined make use of the RADIUS AAA method, you must configure the corresponding RADIUS clients. To configure RADIUS clients, do the following steps:
Mode: Configure
Step
Command
1
node(cfg)#radius-client name
2
node(radius)[name]#radius-server hostname
node(radius)[name]#shared-secret
authentication secret
node(radius)[name]#exit
node(cfg)#show radius-client name
3
4
5
Purpose
Adds a RADIUS client with name name and
enters RADIUS-client configuration mode
Sets the hostname (or IP address) of the remote
RADIUS server
Sets the password shared between the RADIUS
client and the remote RADIUS server.
Goes back to the parent configuration mode
Displays configured RADIUS servers
Example: Configure the RADIUS clients as shown in figure 15.
node>enable
node#configure
node(cfg)#radius-client radius_deepblue
node(radius)[radius_~]#radius-server deepblue
node(radius)[radius_~]#shared-secret authentication 78f8a23b
node(radius)[radius_~]#exit
node(cfg)#radius-client radius_extern
node(radius)[radius_~]#radius-server 219.144.12.1
node(radius)[radius_~]#shared-secret authentication dd9351e13cc335
node(radius)[radius_~]#exit
node(cfg)#
node(cfg)#show radius-client
RADIUS clients:
radius_deepblue
radius_extern
node(cfg)#show radius-client radius_deepblue
AAA RADIUS Module: radius_deepblue
Authentication Shared Secret: 78f8a23b
Timeout: 6
Sessions:
UDP Interface:
Configured Server Hostname: deepblue
node(cfg)#show radius-client radius_extern
AAA radius Module: radius_extern
Authentication Shared Secret: dd9351e13cc335
Timeout: 6
Sessions:
UDP Interface:
Configured Server Hostname: 219.144.12.1
RADIUS configuration
107
SmartWare Software Configuration Guide
8 • RADIUS Client Configuration
node(cfg)#
Configuring RADIUS accounting
The RADIUS accounting functionality can be added to a call-router configuration by inserting an AAA callcontrol service between two call-router elements. Any call that is then routed through the AAA service will
cause call detail records (CDRs) to be sent to the radius server. Normally an accounting start record is sent
when the call is connected and the accounting stop record is sent, when the call is disconnected. If enabled, the
AAA service is also able to send interim update records, after a specified interval. The AAA service can include
the following standard RADIUS attributes in the CDRs:
ATTRIBUTE
ATTRIBUTE
ATTRIBUTE
ATTRIBUTE
ATTRIBUTE
ATTRIBUTE
Acct-Status-Type
Acct-Session-Time
Acct-Session-Id
NAS-Identifier
Called-Station-Id
Calling-Station-Id
Additionally, the following vendor specific attributes are available to support voice service specific information:
#
# dictionary.patton
#
VENDOR
Patton
1768
#
#
Name
Id
Type
Vendor Note
#
ATTRIBUTE Setup-Time 32 string Patton a)
ATTRIBUTE Connect-Time 33 string Patton a)
ATTRIBUTE Disconnect-Time 34 string Patton a)
ATTRIBUTE Disconnect-Cause 35 integer Patton b)
ATTRIBUTE Disconnect-Source 36 string Patton c)
ATTRIBUTE Called-Unique-Id 48 string Patton d)
ATTRIBUTE Called-IP-Address 49 ipaddr Patton
ATTRIBUTE Called-Numbering-Plan 50 string Patton e)
ATTRIBUTE Called-Type-Of-Number 51 string Patton f)
ATTRIBUTE Calling-Unique-Id 80 string Patton d)
ATTRIBUTE Calling-IP-Address 81 ipaddr Patton
ATTRIBUTE Calling-Numbering-Plan 82 string Patton e)
ATTRIBUTE Calling-Type-Of-Number 83 string Patton f)
ATTRIBUTE Calling-Presentation-Indicator 88 string Patton g)
ATTRIBUTE Calling-Screening-Indicator 89 string Patton h)
a)
b)
c)
d)
e)
f)
g)
h)
Format of timestamps is "WWW MMM DD HH:MM:SS YYYY" Example: "Wed Jun 15 09:20:55 2005"
ITU-T Q.931 cause value (1-127)
{ originator | terminator | internal }
Contains the Call-Id for SIP or H.323
{ e.164 | data | telex | national | private }
{ international | national | network specific | subscriber | abbreviated }
{ allowed | restricted | unavailable }
{ user-provided, not screened | user-provided, verified and passed | user-provided, verified and failed | network provided }
Note
The subset of information elements that is actually included in a CDR is
dependant on the type of call and the information already available at the
time the CDR is sent.
RADIUS configuration
108
SmartWare Software Configuration Guide
8 • RADIUS Client Configuration
The following procedure guides you through the steps necessary to enable RADIUS accounting in an
existing configuration:
Mode: Configure
Step
1
2
Command
Purpose
node(cfg)# radius-client
Create a new RADIUS client
<client-name>
node(radius)[client-name]# Define the RADIUS server to be used. If the UDP port is omitradius-server <serverted, the default port 1812 is used.
name-or-ip> [<udp-port>]
Note For accounting RADIUS servers often use
port 1813)
Note There might also be RADIUS servers, which still
use the old RADIUS ports 1645 or 1646)
3
node(radius)[client-name]# Define the shared secret to access the RADIUS server
shared-secret authentication <secret>
4
node(radius)[client-name]# Create an AAA profile, which uses the RADIUS client
profile aaa <pf-name>
5
node(pf-auth)[pf-name]#
Define your newly created radius client as the AAA method
method radius <radiusto be used.
client-name>
Note If you require redundancy, you can create multiple radius clients and add all of them to the
AAA profile.
6
node(pf-auth)[pf-name]#
Switch to the circuit-switching context.
context cs
7
node(ctx-cs)[ctx-name]#
Create an AAA call-control service
service aaa <name>
8
node(svc-aaa)[svc-name]# Define the newly created AAA profile to be used for accountaccounting use profile
ing using this AAA service.
<aaa-profile-name>
9
node(svc-aaa)[svc-name]# Define the NAS-Identifier string to be included in RADIUS
nas-identifier <nas-identi- requests sent from this AAA service.
fier>
10
node(svc-aaa)[svc-name]# Optionally, you can also configure the AAA service to
(Optional) authentication use profile
request authentication using the calls calling E.164 number.
<aaa-profile-name>
If this is required, you can define the AAA profile used for
authentication using this command.
11
node(svc-aaa)[svc-name]#
(Optional) accounting-failure-action
[drop-calls | ignore]
RADIUS configuration
Define, if calls shall be dropped, if accounting fails. The
default is to ignore accounting failures.
109
SmartWare Software Configuration Guide
Step
8 • RADIUS Client Configuration
Command
Purpose
12
node(svc-aaa)[svc-name]#
(Optional) accounting-start-trigger
[setup | connect]
Define, if accounting shall be started at call-setup or call-connect time. The default is at call-connect time.
Note If setup is specified, an interim update will be
sent at call-connect time.
Note The Acct-Session-Time is always calculated from
call-connect to call-disconnect time)
13
node(svc-aaa)[svc-name]# Define the interval, after which an interim update shall be
(Optional) [no] interim-update-interval sent, if necessary. The default is not to send periodic interim
<seconds>
updates.
14
node(svc-aaa)[svc-name]# Create a port for the routing path, you want to route through
port <name>
the AAA service.
15
node(port)[port-name]#
Define the routing destination for all calls received over
route call-dest- …..
this port.
16
node(svc-aaa)[svc-name]#
accounting-start-trigger
[setup | connect]
17
Go to the routing element, which is the source of the traffic to
be sent to this AAA service and configure its routing destination to this AAA service port using the following command:
route call dest-service <service-name>.<portname>
Repeat steps 14 to 16 for each for each additional routing
path you want to route through the AAA service
Configuring the RADIUS server
Each message to and from a RADIUS server includes several attributes. Attributes are, For example, in a login
request, the name and password of the user that requires to log in. For more information about each attribute, or
other possible attributes, see RFC 2865 or the documentation of the radius server you use.
Attributes in the RADIUS request message
The SmartNode sends a RADIUS request with the following attributes:
Attribute
number
1
2
26
Attribute Type
Description
User-Name
Indicates the name of the user to be authenticated
User-Password
Protocol
Indicates the password of the user to be authenticated
Is a vendor specific attribute that indicates the protocol with that the
user wants to log on. Currently it can have the value 'console' or 'Telnet'. Thus it is possible for the RADIUS Server to grant access depending on whether the user wants to log on over console or Telnet
RADIUS configuration
110
SmartWare Software Configuration Guide
8 • RADIUS Client Configuration
Attributes in the RADIUS accept message
After the user and his credentials are approved by the authentication procedure on the RADIUS server, the
SmartNode expects a RADIUS accept message with the following attributes:
Attribute
number
6
Attribute Type
Service-Type
18
Reply-Message
27
Session-Timeout
28
Idle-Timeout
Description
If the value is set to 'administrative', the user has administrator rights on
the SmartNode, otherwise operator rights
Contains the text that is printed to the user after login. If the attribute is not
included in the message, no text will be printed
Number of seconds the user is allowed to logged on. If the attribute is
not included, the default value is infinite
Number of seconds to stay in idle state before automatic logout proceeds. If the attribute is not included, the default value is 30 minutes. The
command terminal idle-time-logout overwrites the value set by the
attribute
Most of the attributes are standard RADIUS attributes and are supported by the RADIUS servers. You have to
specify a value for each of them as it is described in your RADIUS server’s user manual.
The attribute Protocol (26) is vendor specific and defined by Patton. Servers not equipped to interpret the vendor-specific information will ignore it. It is defined as follows:
0
1
2
3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Type
| Length
|
Vendor-Id
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Vendor-Id (cont)
| Vendor-Type | Vendor-Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vendor-String ...
+-+-+-+-+-+-+-+-+-+-+-+-
Type: 26
Length: Length of the whole attribute including the vendor data
Vendor-Id: 1768
Vendor-Type: 16
Vendor-Length: Length of all vendor data including Vendor-Type and Vendor-Length
Vendor-String: Not null terminated String with the value console or Telnet
Configuring the local database accounts
The final step in configuring the authentication and authorization service in SmartWare is to set up local user
accounts. The local database—which is queried with the AAA method local as described previously—can contain administrator and operator accounts. For example, to grant access to the local SmartNode if all RADIUS
Configuring the local database accounts
111
SmartWare Software Configuration Guide
8 • RADIUS Client Configuration
servers are down or the network is not reachable, you can create an emergency user in the local database so that
you can still access the SmartNode. Perform the following steps to configure the local accounts.
Mode: Configure
Step
1
2
3
4
Command
node(cfg)#[no] administrator name password password
node(cfg)#[no] operator name password
password
node(radius)[name]#shared-secret
authentication secret
node(pf-auth)[name]#show accounts
Purpose
Adds an administrator account to the local database. The no form removes an existing account
Adds an operator account to the local database.
The no form removes an existing account
Sets the password shared between the RADIUS
client (the SmartNode) and the remote RADIUS
server.
Display existing accounts
Example: Create an administrator and an operator account
node>enable
node#configure
node(cfg)#administrator meier password pencil
node(cfg)#operator james password ""
node(cfg)#show accounts
Administrator accounts:
meier
Operator accounts:
james
node(cfg)
Note
If you are creating an account that does not require a password, type "" to
indicate that no password is needed. For example, if you were configuring an
account for an operator named James that did not need a password, the
entry would be:
node(cfg)#operator james password ""
Configuring the local database accounts
112
SmartWare Software Configuration Guide
8 • RADIUS Client Configuration
Storing call logs with quality information
It is possible to store call logs with quality information in the local aaa data sink. To do so, a service aaa is
needed where the calls are routed through. Create a profile aaa with the method local. Then create a service aaa
to route the calls through.
Example:
profile aaa default
method 1 local
context cs switch
routing-table called-e164 TAB_OUT
route 200 dest-interface IF_SIP
interface isdn IF_BRI_00
route call dest-service QoS_LOG.OUT.bri
interface sip IF_SIP
bind context sip-gateway sip
route call dest-service QoS_LOG.OUT.ethernet
service aaa QoS_LOG.OUT
accounting use profile aaa LOCAL_AAA
port bri
route call dest-table TAB_OUT
port ethernet
route call dest-interface IF_BRI_00
To see the collected logs use the command show accounting or use the Web-GUI to see the logs. In the WebGUI, go to the 'Reports' page and select “Call Quality Log” in the tab bar on top of the page. On that page,
ou will also have the option to export the log as a comma separated text file.
Storing call logs with quality information
113
Chapter 9
IP context overview
Chapter contents
Introduction ........................................................................................................................................................115
IP context overview configuration task list...........................................................................................................116
Planning your IP configuration ...........................................................................................................................117
IP interface related information .....................................................................................................................117
QoS related information ...............................................................................................................................117
Configuring physical ports...................................................................................................................................117
Creating and configuring IP interfaces.................................................................................................................117
Configuring NAPT .............................................................................................................................................118
Configuring static IP routing...............................................................................................................................118
Configuring RIP..................................................................................................................................................118
Configuring access control lists............................................................................................................................119
Configuring quality of service (QoS) ...................................................................................................................119
114
SmartWare Software Configuration Guide
9 • IP context overview
Introduction
This chapter outlines the SmartWare Internet protocol (IP) context and its related components. You will get the
fundamental understanding on how to set up your SmartNode to make use of IP related services.
The following sections describe the configuration steps necessary to put together certain IP services and the references to the related chapters that explain the issue in more details.
To understand the information given in the following chapters, carefully read to the end of the current chapter.
Before proceeding, make sure that you feel comfortable with the underlying SmartWare configuration concept
by reading chapter 2, “Configuration concepts” on page 44.
The IP context in SmartWare is a high level conceptual entity that is responsible for all IP-related protocols and
services for data and voice. The IP context performs much the same function as a standalone IP router, and
since every context is defined by a name, the IP context is named router by default. This IP context can contain
interface static routes, RIP parameters, NAPT, QoS and access control profiles.
In figure 16 on page 115, the IP context with all its related elements is contained within the area on the left,
which has a gray fill. The right side displays the related CS context, which communicates with the IP context
via different types of gateways. Since the CS context and its related components are not the subject of this
chapter, they are illustrated in figure 16 with gray lines instead of black ones.
H.323 GW
Gateway
bind commands
bind command
NAPT
Profile
Context
Interfaces
ACL
Profile
Context
CS
switch
use command
bind command
bind command
bind command
bind command
PVC
Circuit
ISDN
FXS
Serial
Ethernet
Ports
Service
Policy
Profile
Context
IP
router
use command
SIP GW
Figure 16. IP context and related elements
Introduction
115
SmartWare Software Configuration Guide
9 • IP context overview
The IP context undertakes the task of doing all IP-related transport of data and voice packets via the logical interfaces and available gateways. In addition, using profiles—which together with the IP context pinpoint how to
handle packets for specific services—enhances the possible field of application. Moreover, voice packets are
transported via a voice gateway to the CS context for further processing and forwarding to the PSTN.
IP context overview configuration task list
As previously described, this chapter outlines the IP context configuration. It does not give you all the details of
a configuration task, but refers you to the chapters in which you will find the full description.
• You can find all the information you need to configure an IP Interface in chapter 10, “IP interface configuration” on page 120.
• You can find the information regarding network address port translation (NAPT) in chapter 11, “NAT/
NAPT configuration” on page 132.
• If you need to configure a physical port, chapter 12, “Ethernet port configuration” on page 141 or
chapter 14, “Serial port configuration” on page 170 may prove helpful.
• To set up the IP router contained in SmartWare, chapter 22, “Basic IP routing configuration” on page 235
and chapter 23, “RIP configuration” on page 242 give you the required information.
• For essential knowledge related to network security requirements, refer to chapter 24, “Access control list
configuration” on page 253.
• If your network shall provide better service to selected network traffic, chapter 13, “Link scheduler configuration” on page 151 will help you to get in-depth knowledge about quality of service (QoS) management
with SmartWare.
The following sections describe the basic tasks involved in IP context configuration. Many parameters have
acceptable default values, which in most cases do not need to be explicitly configured. Hence not all of the configuration tasks below are required. Depending on your application scenario, some tasks are mandatory or
might be optional. The following tasks use a bottom-up approach, starting from the ports, followed by the
interfaces up to the services running on the SmartNode. The first tasks below shall help you obtaining the necessary overview, in view of the fact that there is always a risk getting lost in details before gaining a general
understanding of the whole network.
• Planning your IP configuration (see page 117)
• Configuring Ethernet and serial ports (see page 117)
• Creating and configuring IP interfaces (see page 117)
• Configuring NAPT (see page 118)
• Configuring static IP routing (see page 118)
• Configuring RIP (see page 118)
• Configuring access control lists (see page 119)
• Configuring quality of service (see page 119)
IP context overview configuration task list
116
SmartWare Software Configuration Guide
9 • IP context overview
Planning your IP configuration
The following subsections provide network connection considerations for several types of physical ports types.
Patton recommends that you draw a network overview diagram displaying all neighboring IP nodes and serial
connected elements. Do not begin configuring the IP context until you have completed the planning of your
IP environment.
IP interface related information
Setting up the basic IP connectivity for your SmartNode requires the following information:
• IP addresses used for Ethernet LAN and WAN ports
• IP Subnet mask used for Ethernet LAN and WAN ports
• Length for Ethernet cables
• IP addresses of the central H.323 gatekeeper or SIP registrar
• IP addresses of the central PSTN gateway for H.323 and SIP based calls
• IP address of the central TFTP server used for configuration upload and download
QoS related information
Check with your access service provider if there are any QoS related requirements, which you need to know
prior to configuring SmartWare QoS management. Check the following with your access service provider:
• What is the dedicated bandwidth, which you have agreed with your access service provider?
• How does your provider perform packet classification, e.g. which ToS bits have to be used to define the supported classes of service?
Configuring physical ports
The configuration of a port includes parameters for the physical and data link layer such as framing and encapsulation formats or media access control. Before any higher-layer user data can flow through a physical port, you
must associate that port with an interface within the IP context. This association is referred to as a binding.
For information and examples on how to configure ports, refer to the respective port type’s chapter.
Creating and configuring IP interfaces
The number and names of IP interfaces depend upon your application scenario. An interface is a logical construct that provides higher-layer protocol and service information, such as layer 3 addressing. Hence interfaces
are configured as part of the IP context and represent logical entities that are only usable if a physical port is
bound to them.
An interface name can be any arbitrary string, but for ease of identification you should use self-explanatory
names that describe the use of the interface.
Several IP-related configuration parameters are necessary to define the behavior of such an interface. The most
obvious parameters are the IP address and an IP net mask that belongs to it.
For information and examples on how to create and configure an IP interface, refer to chapter 10, “IP interface
configuration” on page 120.
Planning your IP configuration
117
SmartWare Software Configuration Guide
9 • IP context overview
Configuring NAPT
Network address port translation (NAPT), which is an extension to NAT, uses TCP/UDP ports in addition to
network addresses (IP addresses) to map multiple private network addresses to a single outside address. NAPT
enables small offices to save money by requiring only one official outside IP address to connect several hosts via
a SmartNode to the access network. Moreover, NAPT provides additional security, because the IP addresses of
hosts attached via the SmartNode are invisible to the external world. You can configure NAPT by creating a
profile that is afterwards used on an explicit IP interface. In SmartWare terminology, an IP interface uses a
NAPT profile, as shown in figure 16 on page 115.
For information and examples on how to configure NAPT refer to chapter 11, “NAT/NAPT configuration”
on page 132.
Configuring static IP routing
SmartWare allows to define static routing entries, which are table mappings established by the network administrator prior to the beginning of routing. These mappings do not change unless the network administrator
alters them. Algorithms that use static routes are simple to design and work well in environments in which network traffic is relatively predictable and where network design is relatively simple.
For information and examples on how to configure static IP routing, refer to chapter 22, “Basic IP routing
configuration” on page 235.
Configuring RIP
The Routing Information Protocol (RIP) is a distance-vector protocol that uses hop count as its metric. RIP is
widely used for routing traffic in the global Internet and is an interior gateway protocol (IGP), which means
that it performs routing within a single autonomous system.
RIP sends routing-update messages at regular intervals and also when the network topology changes. When a
router receives a routing update that includes changes to an entry, it updates its routing table to reflect the new
route. The metric value for the path is increased by one, and the sender is indicated as the next hop. RIP routers maintain only the best route (the route with the lowest metric value) to a destination. After updating its
routing table, the router immediately begins transmitting routing updates to inform other network routers of
the change. These updates are sent independently of the regularly scheduled updates that RIP routers send.
RIP uses a single routing metric (hop count) to measure the distance between the source and a destination network. Each hop in a path from source to destination is assigned a hop-count value, which is typically 1. When
a router receives a routing update that contains a new or changed destination-network entry, the router adds
one to the metric value indicated in the update and enters the network in the routing table. The IP address of
the sender is used as the next hop.
RIP prevents routing loops from continuing indefinitely by implementing a limit on the number of hops
allowed in a path from the source to a destination. The maximum number of hops in a path is 15. If a router
receives a routing update that contains a new or changed entry, and if increasing the metric value by one causes
the metric to be infinity (i.e. 16), the network destination is considered unreachable.
For information and examples on how to configure Routing Information Protocol (RIP) refer to chapter 23,
“RIP configuration” on page 242.
Configuring NAPT
118
SmartWare Software Configuration Guide
9 • IP context overview
Configuring access control lists
Packet filtering helps to control packet movement through the network. Such control can help to limit network traffic and to restrict network use by certain users or devices.
An access control list is a sequential collection of permit and deny conditions that apply to packets on a certain
interface. Access control lists can be configured for all routed network protocols (IP, ICMP, TCP, UDP, and
SCTP) to filter the packets of those protocols as the packets pass through a SmartNode. SmartWare tests packets against the conditions in an access list one by one. The first match determines whether SmartWare accepts
or rejects the packet. Because SmartWare stops testing conditions after the first match, the order of the conditions is critical. If no conditions match, the software rejects the address.
For information and examples on how configure access control lists, refer to chapter 24, “Access control list
configuration” on page 253.
Configuring quality of service (QoS)
The link scheduler enables the definition of QoS profiles for network traffic on a certain interface, as shown in
figure 16 on page 115. QoS refers to the ability of a network to provide improved service to selected network
traffic over various underlying technologies including Frame Relay, Ethernet and 802.x type networks, and IProuted networks. In particular, QoS features provide improved and more predictable network service by providing the following services:
• Supporting dedicated bandwidth
• Improving loss characteristics
• Avoiding and managing network congestion
• Shaping network traffic
• Setting traffic priorities across the network
The QoS features described in chapter 13, “Link scheduler configuration” on page 151 address these diverse
and common needs.
Configuring access control lists
119
Chapter 10 IP interface configuration
Chapter contents
Introduction ........................................................................................................................................................121
IP interface configuration task list........................................................................................................................121
Creating an IP interface ................................................................................................................................121
Deleting an IP interface ................................................................................................................................122
Setting the IP address and netmask ...............................................................................................................123
Configuring a NAPT DMZ interface ............................................................................................................123
ICMP message processing .............................................................................................................................124
ICMP redirect messages ................................................................................................................................124
Router advertisement broadcast message .......................................................................................................124
Defining the MTU and MSS of the interface ................................................................................................125
Configuring an interface as a point-to-point link ..........................................................................................126
Displaying IP interface information ..............................................................................................................126
Displaying dynamic ARP entries ...................................................................................................................127
Flushing dynamic ARP entries ......................................................................................................................127
Processing gratuitous ARP requests ...............................................................................................................127
Testing connections with the ping command ................................................................................................127
IP link supervision ........................................................................................................................................128
Check connectivity of an IP link .............................................................................................................129
Show IP link status ..................................................................................................................................129
Debug connectivity .................................................................................................................................129
Debug ARP ...................................................................................................................................................129
Traceroute ....................................................................................................................................................130
Configuring the IGMP Proxy..............................................................................................................................131
120
SmartWare Software Configuration Guide
10 • IP interface configuration
Introduction
This chapter provides a general overview of IP interfaces and describes the tasks involved in their configuration.
An interface is a logical entity that provides higher-layer protocol and service information, such as Layer 3
addressing. Interfaces are configured as part of a context and are independent of physical ports and circuits.
The separation of the interface from the physical layer allows for many advanced features. For higher layer protocols to become active, a physical port or circuit must be bound to an interface. IP interfaces can be bound
physically to Ethernet, SDSL or Frame Relay ports according to the appropriate transport network layer.
IP interface configuration task list
To configure interfaces, perform the tasks in the following sections:
• Creating an IP interface (see page 121)
• Deleting an IP interface (see page 122)
• Setting the IP address and netmask (see page 123)
• ICMP message processing (see page 124)
• ICMP redirect messages (see page 124)
• Router advertisement broadcast message (see page 124)
• Defining the MTU of the interface (see page 125)
• Configuring an interface as a point-to-point link (see page 126)
• Displaying IP interface information (see page 126)
• Testing connections with the ping command (see page 127)
Creating an IP interface
Interface names can be any arbitrary string. Use self-explanatory names for your interfaces, which reflect their usage.
Mode: Context IP
Step
1
2
Command
Purpose
node(ctx-ip)[router]#interface name Creates the new interface name, which represents an IP
interface. This command also places you in interface
configuration mode for the interface just created.
node(if-ip)[name]#
You are now in the interface configuration mode, where
you can enter specific configuration parameters for the
IP interface name.
Introduction
121
SmartWare Software Configuration Guide
10 • IP interface configuration
Example: Create IP interfaces
The procedure illustrated below assumes that you would like to create an IP interface named lan Use the following commands in administrator configuration mode.
node>enable
node#configure
node(cfg)#context ip router
node(ctx-ip)[router]#interface lan
node(if-ip)[lan]#
Deleting an IP interface
Almost every configuration command has a no form. In general, use the no form to disable a feature or function. Use the command without the no keyword to re-enable a disabled feature or to enable a feature that is
disabled by default.
Deleting an existing interface in the IP context is often necessary.
Mode: Context IP
Step
1
Command
node(ctx-ip)[router]#no interface name
Purpose
Deletes the existing interfaces name
Example: Delete IP interfaces
The procedure below assumes that you would like to delete an IP interface named external. Use the following
commands in IP context configuration mode.
List the existing interfaces:
node(ctx-ip)[router]#interface <?>
<interface>
New interface
lan
Existing interface
wan
Existing interface
external
Existing interface
internal
Existing interface
Delete the interfaces named eth3 with the no interface command:
node(ctx-ip)[router]#no interface external
List the interfaces again to check if the appropriate interface was deleted:
node(ctx-ip)[router]#interface <?>
<interface>
New interface
lan
Existing interface
wan
Existing interface
internal
Existing interface
IP interface configuration task list
122
SmartWare Software Configuration Guide
10 • IP interface configuration
Setting the IP address and netmask
Each IP interface needs its explicit IP address and an appropriate net mask to be set. You can use the
ipaddress interface configuration command to perform the following tasks:
• Set the IP address to ip-address
• Set the network mask to netmask
• Enable IP processing for the IP interface name without assigning an explicit IP address
The ipaddress command offers the following options:
unnumbered Enables IP processing on an interface without assigning an explicit IP address to the interface.
ip-address
Specifies the IP address of the subscriber in the form A.B.C.D.
netmask
Specifies the network mask in the form A.B.C.D.
dhcp
Enables the DHCP client on this interface. For more information on DHCP-client configuration refer to chapter 27, “DHCP configuration” on page 292.
Mode: Context IP. This command also places you in interface configuration mode.
Step
Command
Purpose
1
node(ctx-ip)[router]#interface name
2
node(if-ip)[name]# ipaddress {unnumbered | (ip-address netmask) | dhcp}
Selects the existing interface name, which shall be
configured
Sets the IP address ip-address and netmask netmask for interface name
Example: Configure IP interface address and netmask
To set the IP address to 192.168.1.3 and net mask to 255.255.255.0 for the IP interface lan, use the following
commands in IP context configuration mode.
node(ctx-ip)[router]#interface lan
node(if-ip)[lan]#ipaddress 192.168.1.3 255.255.255.0
Configuring a NAPT DMZ interface
The NAPT allows one or more specific IP interfaces to be excluded from NAPT translations although their
traffic is routed through an IP interface to which a NAPT profile is bound. This configuration is usually necessary, for DMZ networks connected to an Ethernet port, which uses public IP addresses.
Mode: interface ip <if-name>
Step
1
Command
[name] (if-ip)[if-name]# [no] naptinside
IP interface configuration task list
Purpose
If no napt-inside is specified, the interface is excluded from
NAPT. if however napt-inside is specified, the interface will
be handled normally by the NAPT.
123
SmartWare Software Configuration Guide
10 • IP interface configuration
ICMP message processing
The IP suite offers a number of services that control and manage IP connections. The Internet Control Message Protocol (ICMP) provides many of these services. Routers send ICMP messages to hosts or other routers
when a problem is discovered with the Internet header. For detailed information on ICMP, see RFC 792.
SmartWare supports the following ICMP message processing features:
• ICMP redirect messages
• Router advertisement broadcast message
ICMP redirect messages
Routes are sometimes less than optimal. For example, the router may be forced to resend a packet through the
same interface on which it was received. In this case, an ICMP redirect message is sent to the originator of the
packet telling that the router is on a subnet directly connected to the receiving device, and that it must forward
the packet to another system on the same subnet. The software sends an ICMP redirect message to the originator of the packet because the originating host presumably could have sent that packet to the next hop without
involving this device at all. The redirect message instructs the sender to remove the receiving device from the
route and substitute a specified device representing a more direct path. This feature is enabled by default.
ICMP message processing offers two options for host route redirects:
• accept—accepts ICMP redirect messages
• send—sends ICMP redirect messages
Mode: Interface
Step
1
2
Command
Purpose
node(ctx-ip)[router]#interface name
Selects the interface name for ICMP message processing configuration
node(if-ip)[name]#icmp redirect { accept | send} Enables to send or accept ICMP redirect
messages
Example: ICMP redirect messages
The following example shows how to configure ICMP messages processing to accept ICMP redirect messages
on the IP interface lan. Use the following commands in IP context configuration mode.
node(ctx-ip)[router]#interface lan
node(if-ip)[lan]#icmp redirect accept
Router advertisement broadcast message
This message configures the behavior of the router when receiving an ICMP router solicitation message, and
determines if the router shall send periodic ICMP router advertisement messages or not.
By default, ICMP router advertisement messages are sent, either as a reply to ICMP router solicitation messages or periodically. If the feature is disabled, ICMP router advertisement messages are not sent in any case,
neither as a reply to ICMP router solicitation messages nor periodically.
IP interface configuration task list
124
SmartWare Software Configuration Guide
10 • IP interface configuration
Mode: Interface
Step
Command
1
node(ctx-ip)[router]#interface name
2
node(if-ip)[name]# icmp router-discovery
Purpose
Selects the interface name for ICMP message processing configuration
Enables to send router advertisement broadcast
messages
Example: Router advertisement broadcast message
The following example shows how to enable sending router advertisement broadcast messages on IP interface
lan. Use the following commands in IP context configuration mode.
node(ctx-ip)[router]#interface lan
node(if-ip)[lan]#icmp router-discovery
Defining the MTU and MSS of the interface
All interfaces have a default MTU packet size. You can adjust the IP MTU size so that the IP packet that
exceeds the MTU set for an interface is exceeded. The default MTU packet size is set to 1500 for an interface.
In cases where fragmentation is not allowed along the IP connection, forcing a reduction of the MSS (maximum segment size) is the only viable solution.
Note
All devices on a physical medium must have the same protocol MTU in
order to operate accurately.
Procedure: To set the MTU packet size or the MSS to size on the interface name
Mode: Interface
Step
Command
Purpose
1
node(ctx-ip)[router]#interface name Selects the interface name for ICMP message processing
configuration
2
node(if-ip)[name]#mtu size
Sets the IP MTU packet size to size of the interface name.
The MTU packet size value must be in the range from 48
to 1500.
3
node(if-ip)[name]#tcp adjust-mss { Limits to the MSS (Maximum Segment Size) in TCP SYN
(optional) rx|tx } { mtu | mss }
packets to mss or to MTU (Maximum Transmit Unit) - 40
Bytes, if ‘mtu’ is used. ‘rx’ applies to packets which
arrive inbound at this IP interface, ‘tx’ to packets which
leave outbound of this IP interface.
It is recommended to use ‘mtu’ inbound and outbound.
Example: Defining the MTU of the interface
IP interface configuration task list
125
SmartWare Software Configuration Guide
10 • IP interface configuration
The following example shows how to define the MTU of the IP interface lan to 1000 and to adjust the MSS in
both directions to MTU-40. Use the following commands in IP context configuration mode.
node(ctx-ip)[router]#interface lan
node(if-ip)[lan]#mtu 1000
node(if-ip)[lan]#tcp adjust-mss rx mtu
node(if-ip)[lan]#tcp adjust-mss tx mtu
Configuring an interface as a point-to-point link
A point-to-point network joins a single pair of routers. It is in particular used for interfaces, which have a binding to a Frame Relay PVC.
Mode: Configure
Step
1
2
3
Command
Purpose
node(cfg)#context ip router
Selects the IP router context
node(ctx-ip)[router]#interface name Selects the defined interface name for configuration
node(if-ip)[name]#point-to-point
Configures the interface ifname as point-to-point link
Example: Configuring an interface as a point-to-point link
The following example shows how to define the interface lan as point-to-point link. Use the following commands in configuration mode.
node(cfg)#context ip router
node(ctx-ip)[router]#interface lan
node(if-ip)[lan]#point-to-point
Displaying IP interface information
The show ip interface command displays IP information for all interfaces. The command is available in
operator execution mode or in any of the administrator execution modes.
Mode: Operator execution or any administrator execution
Step
1
Command
node>show ip interface
Purpose
Displays the IP information for all interfaces
Example: Displaying IP interface information
The following example shows how to display the IP information for all interfaces by using the show ip
interface command from operator execution mode.
node>show ip interface
-----------------------------------------------------------Context:
router
Name:
lan
IP Address:
172.16.40.77 255.255.0.0
MTU:
1500
ICMP router-discovery:
enabled
ICMP redirect:
send only
State:
OPENED
Binding:
ethernet 0 0 0/ethernet/ip
IP interface configuration task list
126
SmartWare Software Configuration Guide
10 • IP interface configuration
-----------------------------------------------------------Context:
router
Name:
wan
IP Address:
172.17.100.210 255.255.255.0
MTU:
1500
ICMP router-discovery:
enabled
ICMP redirect:
send only
State:
CLOSED
Binding:
ethernet 0 0 1/ethernet/ip
…
Displaying dynamic ARP entries
The following command can be used to display the dynamically learned ARP entries on an IP interface or on
the entire system.
Step
1
Command
[name]#show arp [<ip-if-name>]
Purpose
Display the ARP entries for the specified or all IP interfaces.
Flushing dynamic ARP entries
The following command can be used to flush the dynamically learned ARP entries on an IP interface or on the
entire system.
Step
1
Command
[name]#arp flush[<ip-if-name>]
Purpose
Flushes the ARP entries for the specified or all IP interfaces.
Processing gratuitous ARP requests
The following command can be used to accept and process gratuitous ARP requests and replies. ARP requests
and replies in which the target protocol address and sender protocol address are the same are considered.
Because of security reasons, this feature is deactivated as default and must be enabled by the user.
Mode: configure
Step
1
Command
[name](cfg)#[no] arp gratuitous
Purpose
Enables or disables the processing of gratuitous arp requests
and replies.
Testing connections with the ping command
As an aid to diagnosing basic network connectivity, many network protocols support an echo protocol. The
protocol involves sending a special datagram to the destination host, then waiting for a reply datagram from
that host. Results from this echo protocol can help in evaluating the path-to-host reliability, delays over the
path, and whether the host can be accessed or is functioning.
IP interface configuration task list
127
SmartWare Software Configuration Guide
10 • IP interface configuration
Mode: Either operator or administrator execution
Step
1
Command
node#ping <address> [<number> ] [timeout <seconds> ]
[packet-size <packet-size> ] [ttl
<ttl> ] [traffic-class <trafficclass> ]
Purpose
Sends ICMP ECHO_REQUEST packets to network hosts at IP
address <address>
Where the parameters are defined as follows:
• [<number>] optional parameter which indicates how many pings are sent
• [timeout <seconds>] optional parameter which indicates the time-out period of the ping
• [packet-size <packet-size>] optional parameter which indicates the number of octets in the ping
• [ttl <ttl>] optional parameter which indicates the time-to-live value
• [traffic-class <traffic-class>] which indicates the IP packets in a traffic class are routed via the defined
Nexthop in the routing table entry for that traffic-class. Default: local-default.
When using ping for fault isolation, you should first run it on the respective IP interface to verify that the local
LAN or WAN interface is up and running. Then, you should “ping” hosts and gateways further away. Roundtrip times and packet loss statistics are computed. If duplicate packets are received, they are not included in the
packet loss calculation, although the round trip time of these packets is used to calculate the minimum/average/maximum round-trip time numbers. When five ICMP echo requests packets have been sent and received,
a brief summary is displayed.
Example: Testing connections with the ping command
The following example shows how to invoke the echo protocol to the destination host at IP address
172.16.1.10 by using the ping command from operator execution mode.
node>ping 172.16.1.10
Sending 5 ICMP echo requests to 172.16.1.10, timeout is 1 seconds:
Reply from 172.16.1.10: Time <10ms
Reply from 172.16.1.10: Time <10ms
Reply from 172.16.1.10: Time <10ms.
Reply from 172.16.1.10: Time <10ms
Reply from 172.16.1.10: Time <10ms
Ping statistics for 172.16.1.10:
Packets: Sent 5, Received 5, Lost 0 (0% loss),
RTT:
Minimum <10ms, Maximum <10ms, Average <10ms
IP link supervision
IP Link Supervision is one of the modules you have to configure in order to use the PPP dial-up over ISDN
feature. Also consider the dial-up command (page 337) on the IP interface and the interface dialer mode
(page 331) in context cs.
IP link supervision can be used to periodically check the reachability of some hosts over a specific link. Therefore an ICMP echo request is sent to the configured IP address. After a configurable number of failed requests
the host is considered unreachable. If all configured hosts are unreachable, the interface will be closed for nor-
IP interface configuration task list
128
SmartWare Software Configuration Guide
10 • IP interface configuration
mal traffic and the IP router removes all routes pointing to that interface. Now, traffic previously flowing over
that interface is routed through the interface with IP routes of a higher metric. However the interface continues to send ICMP echo requests. After a configurable number of ICMP replies the host is reachable again, and
the interface will be opened for normal traffic.
Check connectivity of an IP link
Mode: context ip/interface
Step
1
Command
Purpose
[name] (if-ip) [interface]#[no] check-connectivity ping <ip-address> [sourceaddress <ip-address>] [tolerance-down
<number>] [tolerance-up <number>]
[interval <seconds>] [timeout <seconds>]
Configures or removes a host to ping. Sourceaddress specifies the IP source address for the
ICMP packets. Tolerance-down specifies the
number of pings allowed to fail (Default 3).
Tolerance-up specifies the number of successful pings required to activate link (Default 1).
Interval specifies the interval in which the
pings are sent (Default 10). Timeout specifies
the time in seconds to wait for an answer
(Default 3).
Show IP link status
The following command shows the status of connectivity.
Mode: enable
Step
1
Command
Purpose
[name]#show ip connectivity [<interface>]
Shows the status of connectivity.
Debug connectivity
The following command enables logging of connectivity events.
Mode: enable
Step
1
Command
Purpose
[name]#debug connectivity
Enables logging of connectivity events and
state changes.
Debug ARP
You may use the debug arp and show arp commands to assist you in debugging IP connectivity and its corresponding interfaces.
IP interface configuration task list
129
SmartWare Software Configuration Guide
10 • IP interface configuration
Mode: Either operator or administrator execution
Step
1
2
Command
node(cfg)# [no] debug arp
node(cfg)# show arp
Purpose
Enables or disables the ARP debug monitor.
Summarizes the ARP information for each of the Ethernet ports.
Traceroute
This procedure describes how to print the route (list of hops) packets take to the network host.
Step
Command
Purpose
1
node#traceroute <ip_host>
[probe-count
<probe_count> ] [timeout
<seconds> ] [destinationport <port_number> ] [minttl <min_ttl> ] [max-ttl
<max_ttl> ] [verbose ]
[packet-size <packet-size> ]
[mtu ] [traffic-class <trafficclass> ]
Prints the route that the packets take to the network host.
Optionally, a traffic-class can be specified in the ‘traceroute’ command. ‘traceroute’ follows the route of the specified traffic-class.
Default: local-default
Example: Debug ARP output
node(cfg)#debug arp
node(cfg)#ping 10.9.10.11
Sending 5, 56 bytes, ICMP echo requests to 10.9.10.11:
17:25:40 ARP
> Entry 10.9.10.11: Sending first request
17:25:40 ARP
> Tx ARP Request: Who has 10.9.10.11 tell 10.9.10.1 at
00:A0:BA:00:92:4F
17:25:40 ARP
> Rx ARP Reply: 10.9.10.11 is at 00:50:04:74:94:6C tell 10.9.10.1 at
00:A0:BA:00:92:4F
17:25:40 ARP
> Entry 10.9.10.11: Updated by 00:50:04:74:94:6C
56 bytes from 10.9.10.11: Time 10ms
17:25:40 ARP
> Rx ARP Request: Who has 10.9.10.1 tell 10.9.10.3 at
00:09:5B:53:D2:B0
17:25:40 ARP
> Entry 10.9.10.3: Updated by 00:09:5B:53:D2:B0
17:25:40 ARP
> Tx ARP Reply: 10.9.10.1 is at 00:A0:BA:00:92:4F tell 10.9.10.3 at
00:09:5B:53:D2:B0
% Aborted
Ping statistics for 10.9.10.11:
Packets: Sent 1, Received 1, Lost 0 (0% loss),
RTT:
Minimum 10ms, Maximum 10ms, Average 10ms
IP interface configuration task list
130
SmartWare Software Configuration Guide
10 • IP interface configuration
Example: Display the ARP information.
node(cfg)#show arp
IP Interface eth0:
----------------------------------------------------------------------------Remote IP
Remote MAC
State
TTL
TxReq RxRep Usage
----------------------------------------------------------------------------69.138.216.1
00:01:5C:22:46:C2 reachable
342s
2
2
12
----------------------------------------------------------------------------IP Interface eth1:
----------------------------------------------------------------------------Remote IP
Remote MAC
State
TTL
TxReq RxRep Usage
----------------------------------------------------------------------------10.9.10.20
00:11:1A:4C:B1:1C reachable
408s
1454
1451 67939
10.9.10.12
00:02:2D:BB:13:FB reachable
326s
533
571 16819
10.9.10.2
00:09:5B:6F:93:06 reachable
518s
0
515
1054
10.9.10.166
00:09:5B:41:30:33 stale
556s
2
9
2277
10.9.10.10
00:80:AD:78:BB:DD reachable
394s
0
2
1982
10.9.10.11
00:50:04:74:94:6C reachable
433s
1
1
2
10.9.10.3
00:09:5B:53:D2:B0 reachable
521s
0
2
18
-----------------------------------------------------------------------------
Configuring the IGMP Proxy
To enable the IGMP proxy functionality, you need to define which interface shall be used to receive multicast
streams (upstream interface) and to which interfaces the multicast streams shall be forwarded (downstream
interfaces). The router then listens on the downstream interfaces for IGMP join messages and forwards them
to the upstream interface.
Mode: Context IP
Step
1
2
3
4
Command
node(ctx-ip)[ctx-name]#
interface <if-name>
node(if-ip)[if-name]# igmp
interface-type proxyupstream
node(ctx-ip)[ctx-name]#
interface <if-name>
node(if-ip)[if-name]# igmp
interface-type proxydownstream
5
Configuring the IGMP Proxy
Purpose
Go to the IP interface, which shall act as the IGMP proxy
upstream interface
Define the interface as the IGMP proxy upstream interface
Go to an IP interface, which shall act as an IGMP proxy downstream interface
Define the interface as an IGMP proxy downstream interface
Repeat steps 3 & 4 for any additional interface, which shall act
as an IGMP proxy downstream interface.
131
Chapter 11 NAT/NAPT configuration
Chapter contents
Introduction ........................................................................................................................................................133
Dynamic NAPT ...........................................................................................................................................133
Static NAPT .................................................................................................................................................134
Dynamic NAT ..............................................................................................................................................134
Static NAT ...................................................................................................................................................135
NAPT traversal .............................................................................................................................................135
NAT/NAPT configuration task list .....................................................................................................................136
Creating a NAPT profile ...............................................................................................................................136
Configuring a NAPT DMZ host .............................................................................................................137
Defining NAPT port ranges ....................................................................................................................137
Preserving TCP/UDP port numbers in NAPT ........................................................................................138
Defining the UDP NAPT type ...............................................................................................................138
Activate NAT/NAPT ....................................................................................................................................139
Displaying NAT/NAPT configuration information ......................................................................................139
Configuring NAT static protocol entries .......................................................................................................140
132
SmartWare Software Configuration Guide
11 • NAT/NAPT configuration
Introduction
This chapter provides a general overview of Network Address (Port) Translation and describes the tasks
involved in its configuration.
For further information about the functionality of Network Address Translation (NAT) and Network Address
Port Translation (NAPT), consult the RFCs 1631 and 3022. This chapter applies the terminology defined in
RFC 2663.
SmartWare provides four types of NAT/NAPT:
• Dynamic NAPT (Cisco terminology: NAT Overload)
• Static NAPT (Cisco terminology: Port Static NAT)
• Dynamic NAT
• Static NAT
You can combine these types of NAT/NAPT without any restriction. One type of profile, the ‘NAPT Profile’,
holds the configuration information for all four types where configuration is required. The remainder of this
Section shortly explains the behavior of the different NAT/NAPT types.
Dynamic NAPT
Dynamic NAPT is the default behavior of the NAT/NAPT component. It allows hosts on the local network to
access any host on the global network by using the global interface address as source address. It modifies not
only the source address, but also the source port, so that it can tell different connections apart (NAPT source
ports are in the range 8,000 to 16,000). UDP and TCP connections from the local to the global network trigger the creation of a dynamic NAPT entry for the reverse path. If a connection is idle for some time (UDP: 2
minutes, TCP: 12 hours) or gets closed (only TCP), the dynamic NAPT entry is removed.
An enhancement of the Dynamic NAPT allows to define subsets of hosts on the local network that shall use
different global addresses. Up to 20 subsets with their respective global addresses are possible. Such a global
NAPT address can be any IP address as long as the global network routes the traffic to the global interface of
the NAT/NAPT component.
Figure 17 illustrates the basic and enhanced behavior of the Dynamic NAPT. The big arrows indicate the
direction of the connection establishment. Although only a local host can establish a connection, traffic always
flows in both directions.
Introduction
133
SmartWare Software Configuration Guide
11 • NAT/NAPT configuration
Global Network
Local Network
(Local Interface Address) 192.168.1.1
WAN
LAN
131.1.1.1 (Global Interface Address)
131.1.1.10 - 131.1.1.15 (Global NAT Address Pool)
Source Address modified
192.168.1.30 - 192.168.1.39
131.1.1.10 - 131.1.1.15
Destination Address modified
Figure 17. Dynamic NAPT
Static NAPT
Dynamic NAPT does not permit hosts on the global network to access hosts on the local network. Static
NAPT makes selected services (i.e. ports) of local hosts globally accessible. Static NAPT entries map global
addresses/ports to local addresses/ports. The global address can either be the address of the global interface or a
configured global NAPT address. Usually, the local and the global port of a static NAPT entry are the same;
however, they may be different.
(Local Interface Address) 192.168.1.1
WAN
LAN
131.1.1.1 (Global Interface Address)
131.1.1.3 (Global NAPT Address)
Source Address modified
131.1.1.1:80
192.168.1.20:80
131.1.1.3:23
192.168.1.20:23
Destination Address modified
Figure 18. Static NAPT
Note
Be careful when mapping ports the SmartNode uses itself (e.g. Telnet,
TFTP) because the SmartNode might become inaccessible.
Dynamic NAT
NAT only modifies addresses but not ports. Dynamic NAT assigns a global address from a global NAT address
pool each time a local host wants to access the global network. It creates a dynamic NAT entry for the reverse
path. If a connection is idle for some time (2 minutes), the dynamic NAT entry is removed. Should Dynamic
NAT run out of global addresses, it lets Dynamic NAPT handle the connection (which may lead to an unexpected behavior).
Introduction
134
SmartWare Software Configuration Guide
11 • NAT/NAPT configuration
Dynamic NAT is particularly useful for protocols that do not build on UDP or TCP but directly on IP (e.g.
GRE, ESP). See also section “NAPT traversal” on page 135.
(Local Interface Address) 192.168.1.1
WAN
LAN
131.1.1.1 (Global Interface Address)
131.1.1.20 (Global NAT Address)
Source Address modified
192.168.1.40
131.1.1.20
Destination Address modified
Figure 19. Dynamic NAT
Static NAT
Dynamic NAT does not permit hosts on the global network to access hosts on the local network. Static NAT
makes local hosts globally accessible. Static NAT entries map global addresses to local addresses. The global
address must be a configured global NAT address. It cannot be the address of the global interface since this
would break connectivity to the SmartNode itself.
Static NAT is particularly useful for protocols that do not build on UDP or TCP but directly on IP (e.g. GRE,
ESP). See also section “NAPT traversal” on page 135.
(Local Interface Address) 192.168.1.1
WAN
LAN
131.1.1.1 (Global Interface Address)
131.1.1.20 (Global NAT Address)
Source Address modified
192.168.1.40
131.1.1.20
Destination Address modified
Figure 20. Static NAT
NAPT traversal
Protocols that do not build on UDP or TCP but directly on IP (e.g. GRE, ESP), and protocols that open additional connections unknown to the NAT/NAPT component (e.g. FTP, H.323, SIP), do not easily traverse
a NAPT.
The SmartWare NAPT can handle one GRE (Generic Routing Encapsulation) connection and one ESP
(Encapsulating Security Payload) connection at a time. It also routes ICMP messages back to the source of the
concerned connection or to the source of an ICMP Ping message.
To enable NAPT traversal of protocols that open additional connections, the NAPT component must analyze
these protocols at the Application Level in order to understand which NAPT entries for additional connections
Introduction
135
SmartWare Software Configuration Guide
11 • NAT/NAPT configuration
it should create and which IP addresses/ports it must modify (e.g. for voice connections in addition to signaling connections). It performs this task for the protocol FTP. Other protocols such as H.323 and SIP cannot
traverse the SmartWare NAPT.
NAT/NAPT configuration task list
To configure the NAT/NAPT component, perform the tasks in the following sections:
• Creating a NAPT profile (see page 136)
• Activating NAT/NAPT (see page 136)
• Displaying NAT/NAPT configuration information (see page 139)
Creating a NAPT profile
A NAPT profile defines the behavior of the NAT/NAPT component, comprising all four types of NAT/NAPT
(this profile is called ‘NAPT profile’ and not ‘NAT/NAPT profile for historical reasons). Several NAPT profiles
are admissible but there is only one NAT/NAPT component.
Procedure: To create a NAPT profile and to configure the required types of NAT/NAPT
Mode: Configure
Step
1
Command
Purpose
node(cfg)#profile napt name
Creates the NAPT profile name and activates the
basic behavior of the Dynamic NAPT
2
node(pf-napt)[name]#range local- Configures and activates the enhanced behavior of
(optional) ip-range-start local-ip-range-stop
the Dynamic NAPT: local-ip-range-start and local-ipglobal-ip
range-stop define the subset of local hosts that use
the global NAT address global-ip to access to global
network.
(max. 20 entries)
The IP ranges of different Dynamic NAPT entries must
not overlap each other.
3
node(pf-napt)[name]#static
Creates a Static NAPT entry: local-ip/local-port is
(optional) { udp | tcp } local-ip local-port
mapped to global-ip/global-port. If global-port is
[global-ip] [global-port]
omitted, local-port is used on both sides. If global-ip
is omitted, the global address is the address of the
global interface.
(max. 20 UDP and 20 TCP entries)
4
node(pf-napt)[name]#range local- Configures and activates the Dynamic NAT: local-ip(optional) ip-range-start local-ip-range-stop
range-start and local-ip-range-stop define the subset
global-ip-start global-ip-stop
of local hosts that use an address from the global
NAT address pool to access to global network. global-ip-start and global-ip -stop define the global NAT
address pool.
(max. 20 entries)
The IP ranges of different Dynamic NAT entries must
not overlap each other.
NAT/NAPT configuration task list
136
SmartWare Software Configuration Guide
Step
Command
11 • NAT/NAPT configuration
Purpose
5
node(pf-napt)[name]#static local- Creates a Static NAT entry: local-ip is mapped to
(optional) ip global-ip
global-ip.
(max. 20 entries)
6
node(pf-napt)[name]#static
Creates a static NAT entry: traffic of the IP protocol
(optional) { ah|esp|gre|ipv6 } local_ip
AH, ESP, GRE, or IPv6 respectively directed to the
[global_ip].
global_ip is forwarded to the local_ip.
Use no in front of the above commands to delete a specific entry or the whole profile.
Note
The command icmp default is obsolete.
Example: Creating a NAPT Profile
The following example shows how to create a new NAPT profile access that contains all settings necessary to
implement the examples in section “Introduction” on page 133.
node(cfg)#profile napt access
node(pf-napt)[access]#range 192.168.1.10 192.168.1.19 131.1.1.2
node(pf-napt)[access]#static tcp 192.168.1.20 80
node(pf-napt)[access]#static tcp 192.168.1.20 23 131.1.1.3
node(pf-napt)[access]#range 192.168.1.30 192.168.1.39 131.1.1.10 131.1.1.15
node(pf-napt)[access]#static 192.168.1.40 131.1.1.20
node(pf-napt)[access]static ah 192.168.1.41 131.1.1.120
Configuring a NAPT DMZ host
The NAPT allows a DMZ host to be configured, which receives any inbound traffic on the global NAPT
interface, which:
• Is not translated by any static or dynamic NAPT entry and
• Is not handled by the device itself.
The following procedure shows how a DMZ host can be configured.
Mode: profile napt <pf-name>
Step
1
Command
Purpose
[name] (pf-napt)[pf-name]# [no]
Configures a DMZ host. The global-ip-address must
dmz-host <dmz-host-ip-address> only be specified, if the DMZ host shall handle the
[<global-ip-address>]
inbound traffic for a different NAPT global IP address
than the gateways global interface IP address.
Defining NAPT port ranges
The TCP/UDP port ranges to be used by the NAPT can be defined using the following procedure. The default
port ranges for both TCP/UDP are 8000 to 15999.
NAT/NAPT configuration task list
137
SmartWare Software Configuration Guide
11 • NAT/NAPT configuration
Mode: profile napt <pf-name>
Step
1
2
Command
Purpose
[name] (pf-napt)[pf-name]# tcp-port- Define the TCP port range
range <range-start-tcp-port>
<range-end-tcp-port>
[name] (pf-napt)[pf-name]# udpDefine the UDP port range
port-range <range-start-udpport> <range-end-udp-port>
Preserving TCP/UDP port numbers in NAPT
The NAPT can be configured to preserve the TCP/UDP port number of outbound packets sent from local
hosts towards the global NAPT interface. If this option is enabled the NAPT tries not to change these port
numbers. If the port is however already in use, the NAPT will ignore this setting and assign a port number
from the configured TCP/UDP port ranges.
Mode: profile napt <pf-name>
Step
1
2
Command
Purpose
[name] (pf-napt)[pf-name]# [no]
preserve-tcp-ports
[name] (pf-napt)[pf-name]# [no]
preserve-udp-ports
Enable/disable preserving of TCP ports.
Enable/disable preserving of UDP ports.
Defining the UDP NAPT type
The NAPT type to be applied for UDP packets is configurable using the following procedure. The NAPT supports the UDP translation types shown in the following list. The list is ordered by the security of the NAPT
type starting with the highest security type.
• symmetric
• port-restricted-cone
• address-restricted-cone
• full-cone
You find a detailed description of these NAPT types in section 5 of RFC3489. To allow STUN to work
through the NAPT the full-cone setting is usually required. The default setting is symmetric.
Mode: profile napt <pf-name>
Step
1
Command
Purpose
[name] (pf-napt)[pf-name]# udp-handling {symmetric|address- Define the UDP
restricted-cone|port-restricted-cone|full-cone}
translation type
NAT/NAPT configuration task list
138
SmartWare Software Configuration Guide
11 • NAT/NAPT configuration
Activate NAT/NAPT
To activate a NAT/NAPT component, bind its NAPT profile to an IP interface. This binding identifies the
global interface of the respective NAT/NAPT component. All other IP interfaces are local relative to this NAT/
NAPT.
Note
If both a NAPT profile and an ACL profile are bound to the same IP interface, the ACL (Access Control List) acts on the local side of the NAT/
NAPT component.
Procedure: To activate a NAT/NAPT component
Mode: Configure
Step
1
2
3
Command
node(cfg)#context ip router
node(ctx-ip)[router]#interface
name
node(if-ip)[name]#use profile
napt profile
Purpose
Selects the IP router context
The NAPT profile shall be used on the interface name
Defines that the NAPT profile profile shall be used on
the interface name
Example: Configuring NAPT Interface
The following example shows how to activate a NAT/NAPT component with the NAPT profile access on the
IP interface lan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface lan
node(if-ip)[lan]#use profile napt access
Displaying NAT/NAPT configuration information
Two commands are available to display an existing NAPT profile. There is no command yet to display the
dynamic entries of a NAT/NAPT component.
Procedure: To display NAT/NAPT configuration information
Mode: Configure
Step
Command
1
2
node(cfg)#show profile napt
node(cfg)#show profile napt
name
or
node(cfg)#show napt interface
name
NAT/NAPT configuration task list
Purpose
Displays the available NAPT profiles
Displays the NAPT profile name
or
Displays the NAPT profile bound to the IP interface
name
139
SmartWare Software Configuration Guide
11 • NAT/NAPT configuration
Example: Display NAT/NAPT configuration information
node(pf-napt)[access]#show profile napt access
NAPT profile access:
-------------------------STATIC NAPT MAPPINGS
Protocol
Local IP
Local Port
-------------------------------tcp
192.168.1.20
80
tcp
192.168.1.20
23
STATIC NAT
Protocol
-------ah
Global IP
--------------0.0.0.0
131.1.1.3
Global Port
----------80
23
PROTOCOL MAPPINGS
Local IP
Global IP
--------------- --------------192.168.1.41
131.1.1.120
STATIC NAT MAPPINGS
Local IP
Global IP
--------------- --------------192.168.1.40
131.1.1.20
STATIC NAPT RANGE
Local IP Start
--------------192.168.1.10
MAPPINGS
Local IP Stop
Global IP
--------------- --------------192.168.1.19
131.1.1.15
STATIC NAT RANGE MAPPINGS
Local IP Start Local IP Stop
Global IP Start Global IP Stop
--------------- --------------- --------------- --------------192.168.1.30
192.168.1.39
131.1.1.10
131.1.1.15
Configuring NAT static protocol entries
The following command adds a static NAT entry, which causes any packets of the specified protocol received
on the global side of the NAT to be forwarded to the host specified on the local side of the NAT.
node(pf-napt)[ name]#static { udp | tcp } local-ip local-port [ global-ip] [ global-port]
Mode: profile napt <pf-napt>
Step
1
Command
Purpose
[name](pf-napt)# static <protocol> Adds a static NAT protocol entry
<local-ip-address> [<global-ipaddress>]
NAT/NAPT configuration task list
140
Chapter 12 Ethernet port configuration
Chapter contents
Introduction ........................................................................................................................................................142
Ethernet port configuration task list ....................................................................................................................142
Entering the Ethernet port configuration mode ............................................................................................142
Configuring medium for an Ethernet port ....................................................................................................142
Configuring Ethernet encapsulation type for an Ethernet port ......................................................................143
Binding an Ethernet port to an IP interface ..................................................................................................143
Multiple IP addresses on Ethernet ports ........................................................................................................144
Configuring a VLAN ....................................................................................................................................145
Configuring layer 2 CoS to service-class mapping for an Ethernet port .........................................................146
Adding a receive mapping table entry ......................................................................................................147
Adding a transmit mapping table entry ...................................................................................................148
Closing an Ethernet port ...............................................................................................................................148
Using the built-in Ethernet sniffer .......................................................................................................................149
141
SmartWare Software Configuration Guide
12 • Ethernet port configuration
Introduction
This chapter provides an overview of Ethernet ports and describes the tasks involved in configuring Ethernet
ports through the SmartWare.
Ethernet port configuration task list
To configure Ethernet ports, perform the tasks described in the following sections. Most of the task are required to
have an operable Ethernet port, some of the tasks are optional, but might be required for your application.
• Entering the Ethernet port configuration mode (see page 142)
• Configuring medium for an Ethernet port (see page 142)
• Configuring Ethernet encapsulation type for an Ethernet port (see page 143)
• Binding an Ethernet port to an IP interface (see page 143)
• Configuring multiple IP addresses on the Ethernet ports (see page 144)
• Configuring a VLAN (see page 145)
• Configuring layer 2 CoS to service-class mapping for an Ethernet port (advanced) (see page 146)
• Closing an Ethernet port (see page 148)
Entering the Ethernet port configuration mode
To enter port configuration mode and begin configuring an Ethernet port, enter the command port ethernet
slot port in administrator execution mode. The keywords slot and port represent the number of the respective
physical entity.
Configuring medium for an Ethernet port
All Ethernet ports are configured by default to auto-sense both the port speed and the duplex mode. This is the
recommended configuration. Command options are (if supported by the platform):
• 10—for 10 Mbps
• 100—for 100 Mbps
• 1000—for Gigabit Ethernet
• auto—for auto-sense the port speed
• half—for half-duplex
• full—for full-duplex
This procedure describes how to configure the medium for the Ethernet port on slot and port
Mode: Configure
Step
Command
1
node(cfg)#port ethernet slot port
2
node(prt-eth)[slot/port]#medium (10 |
100 | 1000 | auto} (half | full)
Introduction
Purpose
Enters Ethernet port configuration mode for the
interface on slot and port.
Configures the interface on slot and port to
medium according to the selected option.
142
SmartWare Software Configuration Guide
12 • Ethernet port configuration
Example: Configuring medium for an Ethernet port
The following example shows how to configure medium auto-sense for the Ethernet port on slot 0 and port 0
of a SmartNode 4524 device.
node(cfg)#port ethernet 0 0
node(prt-eth)[0/0]#medium auto
Configuring Ethernet encapsulation type for an Ethernet port
This procedure describes how to configure the encapsulation type to IP for the Ethernet port on slot and port.
Mode: Configure
Step
Command
1
node(cfg)#port ethernet slot port
2
node(prt-eth)[slot/port]#encapsulation ip
Purpose
Enters Ethernet port configuration mode for the
interface on slot and port.
Configures the encapsulation type to IP.
Example: Configuring Ethernet encapsulation type for an Ethernet port
The following example shows how to configure the encapsulation type to IP for the Ethernet port on slot 0 and
port 0.
node(cfg)#port ethernet 0 0
node(prt-eth)[0/0]#encapsulation ip
Binding an Ethernet port to an IP interface
You must bind the Ethernet port to an existing IP interface. When executing the bind command, the
requested interface must exist. If no IP context is given, the system attaches the interface to the default IP context known as router.
Ethernet port configuration task list
143
SmartWare Software Configuration Guide
12 • Ethernet port configuration
Figure 21 shows the logical binding of the Ethernet port at slot 0 on port 0 to the IP interface lan which is
defined in the IP context router.
Context
IP
“router”
interface lan
interface wan
bind command
bind command
Port
Ethernet
00
Port
Ethernet
01
Figure 21. Binding of an Ethernet port to an IP interface
This procedure describes how to bind the Ethernet port to an already existing IP interface
Mode: Configure
Step
Command
1
node(cfg)#port ethernet slot port
2
node(prt-eth)[slot/port]#bind interface name router
Purpose
Enters Ethernet port configuration
mode for the interface on slot and
port
Binds the Ethernet port to the already
existing IP interface if-name
Example: Binding an Ethernet port to an IP interface
The following example shows how to bind the Ethernet port on slot 0 and port 0 to an already existing IP
interface lan.
node(cfg)#port ethernet 0 0
node(prt-eth)[0/0]#bind interface lan router
Multiple IP addresses on Ethernet ports
It is possible to use multiple IP addresses on an Ethernet port by binding the port to multiple IP interfaces.
Each of the IP interfaces uses an IP address of one of the subnets on the Ethernet ports.
The procedures below demonstrate how IP addresses of two different networks can be used on an Ethernet
port. However, if necessary any number of IP interfaces can be bound to an Ethernet port.
Ethernet port configuration task list
144
SmartWare Software Configuration Guide
12 • Ethernet port configuration
Mode: Configure
Step
1
Command
Purpose
[name] (cfg)# context ip
Enter the IP context configuration
mode.
2 [name] (ctx-ip)[router]# interface <ip-if-1-name>
Create the first IP interface.
3 [name] (if-ip)[ <ip-if-1-name>]# ipaddress <ipSet the IP address for the first IP interaddress-1> <subnet-mask-1>
face
4 [name] (if-ip)[ <ip-if-1-name>]# interface <ip-if-2-name>
Create the second IP interface.
5 [name] (if-ip)[ <ip-if-2-name>]# ipaddress <ip-address-2> Set the IP address for the second IP
<subnet-mask-2>
interface
6 [name] (if-ip)[ <ip-if-2-name>]# port ethernet <slot>
Enter Ethernet port configuration
<port>
mode
7 [name] (prt-eth)[<slot>/<port>]# encapsulation ip
Set the encapsulation to IP
8 [name] (prt-eth)[<slot>/<port>]# bind interface <ip-if- Bind the port to the first IP interface
1-name>
9 [name] (prt-eth)[<slot>/<port>]# bind interface <ip-if- Bind the port to the second IP inter2-name>
face
10 [name] (prt-eth)[<slot>/<port>]# no shutdown
Enable the Ethernet port
Configuring a VLAN
By default no VLAN ports are configured on an Ethernet port. One or more VLAN ports can be created on
each Ethernet port.
You must bind the VLAN port to an existing IP interface. When executing the bind command, the requested
interface must exist.
For incoming VLAN packets each of the 8 possible layer 2 class of services (CoS) can be mapped to a traffic
class. Unless otherwise specified all CoS values map to the default traffic class.
By default all VLAN ports are initially disabled. They can be enabled with the no shutdown command. The
corresponding Ethernet port must also be enabled for the VLAN port to work. If the Ethernet port is disabled,
all associated VLAN ports are also disabled.
When a VLAN port is closed, the IP interface that is bound to this port is also closed. All static routing entries
that are using this interface change their state to invalid and all dynamic routing entries will be removed from
the route table manager.
Ethernet port configuration task list
145
SmartWare Software Configuration Guide
12 • Ethernet port configuration
Mode: Configure
Step
Command
1
node(config)#port ethernet slot port
2
3
node(prt-eth)[slot/port]#vlan id
node(vlan)[id]#encapsulation {ip|pppoe|multi}
4
node(vlan)[id]#bind interface name [router]
5
node(vlan)[id]#map cos layer-2-CoS-value to traffic-class-name
6
7
node(vlan)[id]#no shutdown
node(vlan)[id]#exit node(prt-eth)[slot/port]# no shutdown
Purpose
Enter Ethernet port configuration.
Create new VLAN port.
Defines the payload type(s) to
be used on this VLAN:
• ip: IP traffic only (not used
for PPP)
• pppoe: PPPoE sessions only
• multi: both IP traffic and
PPPoE sessions
For more information on the
PPP/PPPoE configuration see
chapter 30, “PPP configuration”
on page 313.
Bind the VLAN port to the existing interface name. If no IP context is given, the system attaches
the interface to the default IP
context known as router.
Selects the layer 2 CoS (Class of
Service) to traffic class mapping. The traffic class must
already exist.
Activate the VLAN port.
Make sure the hosting Ethernet
port is also activated.
Configuring layer 2 CoS to service-class mapping for an Ethernet port
To enable to transport real-time and delay sensitive services such as VoIP traffic across the network, the firmware application software supports the delivery of Quality of Service (QoS) information in the ToS (Type of
Service) field. This is an eight-bit field, the second field in the IP header packet. To define the Class of Service
(CoS) to service class mapping, the cos command is used, with one of the following arguments:
• default—Default service class when no Layer 2 CoS present
• rx-map—Receive mapping table - Layer 2 CoS to service class mapping
• tx-map—Transmit mapping table - Service class to Layer 2 CoS mapping
This procedure describes how to change layer 2 CoS to service class mapping.
Ethernet port configuration task list
146
SmartWare Software Configuration Guide
12 • Ethernet port configuration
Mode: Configure
Step
1
2
Command
Purpose
node(cfg)#port ethernet slot port
Enters Ethernet port configuration mode for the interface on
slot and port
node(prt-eth)[slot/port]#map cos layer 2 class of service value Selects the layer 2 CoS to trafficto traffic class name
class mapping. The traffic class
name can be freely chosen.
If the frame format is set to standard, the cos default command value defines which class of service to use for
the data traffic.
The cos rx-map and cos tx-map commands above need service class mapping table entries, which has to be
entered as additional command argument. The command syntax is:
• cos rx-map—layer 2 class of service value as service class value
• cos tx-map—service class value as layer 2 class of service value
Do the following to configure the class of service map:
1. Configure the class of service map table for the outgoing data traffic. Every provided service can be
mapped to a Class of Service.
2. Configure the class of service map table for the incoming data traffic. Every received Class of Service can be
assigned to a service type.
Adding a receive mapping table entry
The receive mapping table defines the conversion of receiving Layer 2 CoS to service class value into a firmware-specific service class value. Each conversion is stored as a mapping table entry, so the receive mapping
table consists of several mapping table entries.
This procedure describes how to add a receive mapping table entry.
Mode: Configure
Step
Command
Purpose
1
node(cfg)#port ethernet slot port
Enters Ethernet port configuration mode for the
interface on slot and port.
2
node(prt-eth)[slot/port]#cos rx-map layer
2 class of service value as service class value
Adds a receive mapping table entry, which converts a layer 2 class of service into a service class
value.
Example: Adding a receive mapping table entry
The following example shows how to add a receive mapping table entry, which converts a layer 2 class of service value of 2 into a service class value of 4 for the Ethernet port on slot 0 and port 0 of a SmartNode.
node(cfg)#port ethernet 0 0
node(prt-eth)[0/0]#cos rx-map 2 as 4
Ethernet port configuration task list
147
SmartWare Software Configuration Guide
12 • Ethernet port configuration
Adding a transmit mapping table entry
The transmit mapping table defines the conversion of transmitting firmware-specific service class value into a
Layer 2 CoS to service class value. Each conversion is stored as a mapping table entry, so the transmitting mapping table consists of several mapping table entries.
This procedure describes how to add a transmit mapping table entry.
Mode: Configure
Step
Command
Purpose
1
node(cfg)#port ethernet slot port
2
node(prt-eth)[slot/port]#cos tx-map service class value as layer 2 class of
service value
Enters Ethernet
port configuration mode for
the interface on
slot and port.
Adds a transmit
mapping table
entry, which
converts a service class value
into a layer 2
class of service.
Example: Adding a transmit mapping table entry
The following example shows how to add a transmit mapping table entry, which converts a service class value
of 4 into a layer 2 class of service value of 2 for the Ethernet port on slot 0 and port 0.
node(cfg)#port ethernet 0 0
node(prt-eth)[0/0]#cos tx-map 4 as 2
Closing an Ethernet port
An Ethernet port can be closed with the shutdown command. This command also disables and closes the IP
interface that is bound to that port. All static routing entries that are using this interface change their state to
‘invalid’ and all dynamic routing entries will be removed from the route table manager.
This command can be used as soon as an encapsulation type is defined and the port was bound successful to an
IP interface.
This procedure describes how to disable the Ethernet port on slot and port.
Mode: Configure
Step
1
2
Command
Purpose
node(cfg)#port ethernet slot port
Enters Ethernet port configuration mode for the interface on
slot and port
node(prt-eth)[slot/port]#shutdown Disables Ethernet port on slot and port
The no prefix causes to open the port with the interface to which it is bound.
Ethernet port configuration task list
148
SmartWare Software Configuration Guide
12 • Ethernet port configuration
Example: Disabling an Ethernet port
The following example shows how to disable the Ethernet port on slot 0 and port 0.
node(cfg)#port ethernet 0 0
node(prt-eth)[0/0]#shutdown
Checking the state of the Ethernet port on slot 0 and port 0 shows that the interface was closed.
node(prt-eth)[0/1]#show port ethernet 0 1
Ethernet Configuration
------------------------------------Port
:
State
:
MAC Address
:
Speed
:
Duplex
:
Encapsulation :
Binding
:
Frame Format
:
Default Service:
ethernet 0 0 1
CLOSED
00:30:2B:00:1D:D4
10Mbps
Half
ip
wan@router
standard
0
Moreover the IP interface, which is bound to the Ethernet port on slot 0 and port 0 gets also closed. Checking
the state of the IP interface wan indicates this with the CLOSED for parameter state.
node(prt-eth)[0/1]#show ip interface
…
-----------------------------------------------------------Context:
router
Name:
wan
IP Address:
172.17.100.210 255.255.255.0
MTU:
1500
ICMP router-discovery:
enabled
ICMP redirect:
send only
State:
CLOSED
Binding:
ethernet 0 0 1/ethernet/ip
…
Using the built-in Ethernet sniffer
The software contains a built-in sniffer, which can be used to capture data packets on Ethernet ports. The
sniffer saves the captured data to a file in the systems flash file system. The file can later be uploaded via TFTP
for viewing. The files can be viewed with many sniffer applications, for example, Ethereal. The capture buffer
can hold a maximum of 1000 packets or 100kByte of data.
The sniffer is controlled via the following CLI command:
Command
[name] (cfg)# [no] sniff ethernet
<slot> <port> [wrap]
Using the built-in Ethernet sniffer
Purpose
Enable/disable the sniffer
149
SmartWare Software Configuration Guide
12 • Ethernet port configuration
The following is an example of how the sniffer is normally used:
Step
1
2
3
Command
Purpose
[name] (cfg)# sniff ethernet
0 1 [wrap]
Enable the sniffer on ethernet port 0 1. (Normally the sniffer stops
capturing, if the capture buffer is full. However, if the ‘wrap’ option is
specified, the sniffer starts discarding the oldest packets and retains
the newest ones, if the capture buffer is full.)
Now the sniffer is active and will capture the datapackets on the
specified ethernet port.
[name] (cfg)# no sniff ether- Disable the sniffer on ethernet port 0 1. (Note, that the captured
net 0 1]
data is not stored to flash memory unless you issue this command)
The file in the flash memory will be named as follows:
nvram:ethernet-0-<slot>-<port>.cap
4
5
[name] (cfg)# copy
nvram:ethernet-0-0-1.cap
tftp://tftp.mypc.net/
capture.cap
[name] (cfg)# erase
nvram:ethernet-0-0-1.cap
6
In this example the name will be:
nvram:ethernet-0-0-1.cap
Copy the capture file via TFTP to a workstation.
Erase the capture file on the system to save flash memory.
Now the capture file capture.cap can be viewed on a workstation
with Ethereal for example.
Note
It is possible to capture packets on multiple Ethernet ports at the same time.
Using the built-in Ethernet sniffer
150
Chapter 13 Link scheduler configuration
Chapter contents
Introduction ........................................................................................................................................................152
Applying scheduling at the bottleneck ...........................................................................................................152
Using traffic classes .......................................................................................................................................152
Introduction to Scheduling ...........................................................................................................................153
Priority ....................................................................................................................................................153
Weighted fair queuing (WFQ) ................................................................................................................153
Shaping ...................................................................................................................................................153
Burst tolerant shaping or wfq ..................................................................................................................154
Hierarchy ................................................................................................................................................154
Quick references ..................................................................................................................................................155
Setting the modem rate .................................................................................................................................155
Command cross reference .............................................................................................................................156
Link scheduler configuration task list...................................................................................................................156
Defining the access control list profile ...........................................................................................................157
Packet classification .................................................................................................................................157
Creating an access control list ..................................................................................................................158
Creating a service policy profile .....................................................................................................................159
Specifying the handling of traffic-classes ........................................................................................................161
Defining fair queuing weight ...................................................................................................................161
Defining the bit-rate ...............................................................................................................................162
Defining absolute priority .......................................................................................................................162
Defining the maximum queue length ......................................................................................................162
Specifying the type-of-service (TOS) field ...............................................................................................162
Specifying the precedence field ................................................................................................................163
Specifying differentiated services codepoint (DSCP) marking .................................................................163
Specifying layer 2 marking ......................................................................................................................164
Defining random early detection .............................................................................................................165
Discarding Excess Load ...........................................................................................................................165
Quality of Service for routed RTP streams ....................................................................................................165
Devoting the service policy profile to an interface .........................................................................................167
Displaying link arbitration status ..................................................................................................................168
Displaying link scheduling profile information .............................................................................................168
Enable statistics gathering .............................................................................................................................168
151
SmartWare Software Configuration Guide
13 • Link scheduler configuration
Introduction
This chapter describes how to use and configure the Quality of Service (QoS) features. Refer to chapter 24,
“Access control list configuration” on page 253 more information on the use of access control lists.
This chapter includes the following sections:
• Quick references (see page 155)
• Packet Classification (see page 157)
• Assigning bandwidth to traffic classes (see page 155)
• Link scheduler configuration task list (see page 156)
QoS in networking refers to the capability of the network to provide a better service to selected network traffic.
In the context of VoIP, the primary issue is to control the coexistence of voice and data packets such that voice
packets are delayed as little as possible. This chapter shows you how to configure SmartWare to best use the
access link.
In many applications you can gain a lot by applying the minimal configuration found in the quick reference
section, but read sections “Applying scheduling at the bottleneck” and “Using traffic classes” first to understand
the paradox of why we apply a rate-limit to reduce delay and what a “traffic-class” means.
Applying scheduling at the bottleneck
When a SmartNode acts as an access router and voice gateway, sending voice and data packets to the Internet,
the access link is the point where intelligent use of scarce resources really makes a difference. Frequently, the
access link modem is outside of the SmartNode and the queueing would happen in the modem, which does
distinguish between voice and data packets. To improve QoS, you can configure the SmartNode to send no
more data to the Internet than the modem can carry. This keeps the modem’s queue empty and gives the
SmartNode control over which packet is sent over the access link at what time.
Using traffic classes
The link scheduler needs to distinguish between different types of packets. We refer to those types as “trafficclasses”. You can think of the traffic-class as if every packet in the SmartNode has a tag attached to it on which
the classification can be noted. The access control list “stage” (ACL) can be used to apply such a traffic-class
name to some type of packet based on its IP-header filtering capabilities. The traffic-class tags exist only inside
the SmartNode, but layer 2 priority bits (802.1pq class-of-service) and IP header type-of-service bits (TOS
field) can be used to mark a specific packet type for the other network nodes. By default the traffic-class tag is
empty. Only two types of packets are automatically marked by the SmartWare: voice packets and data packets
origination from or destined to the SmartNode itself are marked as “local-voice” and “local-default” respectively. Please refer to figure 22 on page 153 when using the ACL to classify traffic. It illustrates the sequence of
processing stages every routed packet passes. Only stages that have been installed in the data path with a “use
profile...” statement in the corresponding interface configuration are present. Both an input direction ACL on
the receiving interface as well as an output ACL on the transmitting interface can be used to classify a packet
for special handling by the output link scheduler on the transmit interface. But as visible from the figure no
ACL can be used for an input link scheduler.
Introduction
152
SmartWare Software Configuration Guide
13 • Link scheduler configuration
Local applications (CLI, Web Server)
Routing
IPSec encryption/
decryption
Access control
list (ACL)
Network address
translation (NAT)
Voice
processing
Voice mux/
demux
Sequence of processing stages
passed by a routed packet
Link Scheduler
To/from network port (Ethernet, PPPoE,
Frame relay, etc.)
Figure 22. Packet routing in SmartWare
The QoS features in SmartWare are a combination of an access control list (used for packet classification) and
a service-policy profile (used by the link arbiter to define the arbitration mode and the order in which packets
of different classes are served).
Introduction to Scheduling
Scheduling essentially means to determine the order in which packets of the different traffic-classes are served.
The following sections describe the ways this arbitration can be done.
Priority
One way of ordering packets is to give priority to one traffic-class and to serve the other traffic-classes when the
first has nothing to send. SmartWare uses the priority scheme to make sure that voice packets generated by the
SmartNode will experience as little delay as possible. Voice packets can receive this treatment because they will
not use up the entire bandwidth.
Weighted fair queuing (WFQ)
This arbitration method assures a given minimal bandwidth for each source. An example: you specify that traffic-class A gets three times the bandwidth of traffic-class B. So A will get a minimum of 75% and B will get a
minimum of 25% of the bandwidth. But if no class A packets are waiting B will get 100% of the bandwidth.
Each traffic-class is in fact assigned a relative weight, which is used to share the bandwidth among the currently
active classes. Patton recommends that you specify the weight as percent which is best readable.
Shaping
There is another commonly used way to assign bandwidth. It is called shaping and it makes sure that each traffic-class will get just as much bandwidth as configured and not more. This is useful if you have subscribed to a
Introduction
153
SmartWare Software Configuration Guide
13 • Link scheduler configuration
service that is only available for a limited bandwidth e.g. low delay. When connecting the SmartNode to a DiffServ network shaping might be a required operation.
Burst tolerant shaping or wfq
For weighted fair queuing and shaping there is a variation of the scheduler that allows to specify if a traffic class
may temporarily receive a higher rate as long as the average stays below the limit. This burstiness measure
allows the network to explicitly assign buffers to bursty sources.
When you use shaping on the access link the shaper sometimes has the problem that multiple sources are
scheduled for the same time - and therefore some of them will be served too late. If the rate of every source had
to strictly obey its limit, all following packets would also have to be delayed by the same amount, and further
collisions would reduce the achieved rate even further. To avoid this effect, the SmartWare shaper assumes that
the burstiness needed for sources to catch up after collisions is implicitly allowed. Future versions of SmartWare
might allow setting the burst rate and bursting size if more control over its behavior is considered necessary.
Burst tolerance has a different effect when used with weighted fair queuing. Think of it as a higher initial rate
when a source device starts transmitting data packets. This allows giving a higher weight to short data transfers.
This feature is sometimes referred to as a service curve.
Hierarchy
An arbiter can either use wfq or shaping to determine which source to serve next. If you want the scheduler to
follow a combination of decision criteria you can combine different schedulers in hierarchy to do a multi-level
arbitration.Hierarchical scheduling is supported in SmartWare with service-policy profiles used inside servicepolicy profiles.In figure 23 an example of hierarchical scheduling is illustrated. The 1 st level arbiter Level_1 uses
weighted fair queuing to share the bandwidth among source classes VPN, Web and incorporates the traffic
from the 2nd level arbiter Low_Priority, which itself uses shaping to share the bandwidth among source classes
Mail and Default.
Introduction
154
SmartWare Software Configuration Guide
13 • Link scheduler configuration
Mode
WFQ
priority
local voice
min. 30%
VPN
min. 40%
Level_1
Web
min. 30%
Mail
Low_Priority
Default
Mode
Shaper
Define 2nd level
arbiter
Define 1st level
arbiter
Use arbiter on
an interface
Figure 23. Example of Hierarchical Scheduling
Quick references
The following sections provide a minimal “standard” link scheduler configuration for the case where voice and
data share a (DSL/cable) modem link. You will also find a command cross reference list for administrators
familiar with Cisco’s IOS QoS features and having to become acquainted with SmartWare QoS configuration.
Setting the modem rate
To match the voice and data multiplexing to the capacity of the access link is the most common application of
the SmartWare link scheduler.
1. Create a minimal profile.
profile service-policy modem-512
rate-limit 512 header-length 20 atm-modem
source traffic-class local-voice
priority
2. Apply the profile just created to the interface connected to the modem.
context ip
interface wan
use profile service-policy modem-512 out
Some explanations:
• “modem-512” is the title of the profile which is referred to when installing the scheduler
Quick references
155
SmartWare Software Configuration Guide
13 • Link scheduler configuration
• “rate-limit 512” allows no more than 512 kbit/sec to pass which avoids queueing in the modem.
• “header-length 20” specifies how many framing bytes are added by the modem to “pack” the IP packet on
the link. The framing is taken into account by the rate limiter.
• “atm-modem” tells the rate limiter that the access link is ATM based. This option includes the ATM overhead into the rate limit calculation. Please add 8 bytes to the header-length for AAL5 in this case.
• “source traffic-class” enters a sub-mode where the specific handling for a traffic-class is described. The list of
sources in the service-policy profile tells the arbiter which “traffic sources” to serve.
• “local-voice” is the predefined traffic-class for locally terminated voice packet streams.
• “priority” means that packet of the source being described are always passed on immediately, packets of
other classes follow later if the rate limit permits.
Command cross reference
Comparing SmartWare with the Cisco IOS QoS software command syntax often helps administrators to
straightforwardly configure SmartNode devices. In table 4 the Cisco IOS Release 12.2 QoS commands are in
contrast with the respective SmartWare commands.
Table 4. Command cross reference
Action
Specifies the name of the policy map or profile
to be created or modified.
Specifies the name of the class map or class to
be created.
For IOS specifies average or peak bit rate
shaping. For SmartWare assigns the average
bit rate to a source.
For IOS specifies or modifies the bandwidth
allocated for a class belonging to a policy
map. Percent defines the percentage of available bandwidth to be assigned to the class. For
SmartWare assigns the weight of the selected
source (only used with wfq).
IOS command
SmartWare command
policy-map policy-mapprofile service-policy
name
profile-name
class-map class-map-name source traffic-class classname
shape {average | peak} cir rate bit-rate
[bc] [be]
bandwidth {bandwidthkbps | percent percent}
share percent-of-bandwidth
Link scheduler configuration task list
To configure QoS features, perform the tasks described in the following sections. Depending on your requirements some of the tasks are required while other tasks are optional.
• Defining the access control list profile
• Creating a service-policy profile (see page 159)
• Specifying the handling of traffic-classes (see page 161)
• Devoting the service policy profile to an interface (see page 167)
• Displaying link arbitration status (see page 168)
• Displaying link scheduling profile information (see page 168)
Link scheduler configuration task list
156
SmartWare Software Configuration Guide
13 • Link scheduler configuration
• Enable statistics gathering (see page 168)
Packet
Classification
ACL
Profile
Predefined
Classes
Different Types (Classes) of Traffic
The service-policy profile
defines the arbitration
mode and order in which
packets of different
classes are served.
Link Arbiter
Service
Policy
Profile
This interface is used as
access link and normally
represents the bottleneck
of the system.
IP Interface “wan”
Figure 24. Elements of link scheduler configuration
Defining the access control list profile
Packet classification
The basis for providing any QoS lies in the ability of a network device to identify and group specific packets.
This identification process is called packet classification. In SmartWare access control lists are used for packet
classification.
An access control list in SmartWare consists of a series of packet descriptions like “addressed to xyz”. Those
descriptions are called rules. For each packet the list of descriptions is sequentially checked and the first rule
that matches decides what happens to the packet. As far as filtering is concerned the rule decides if the packet is
discarded (“deny”) or passed on (“permit”). You can also add a traffic-class to the rule and if this rule is the first
matching rule for a packet it is tagged with the traffic-class name.
Some types of packets you do not have to tag with ACL. Voice and data packets from of for the SmartNode
itself are automatically tagged with predefined traffic-class names: Predefined internal classes for voice and
other data are:
• local-voice—VoIP packets that originate from the SmartNode itself.
Link scheduler configuration task list
157
SmartWare Software Configuration Guide
13 • Link scheduler configuration
• local-default—All other packets that originate from the SmartNode itself.
• default—All traffic that has not otherwise been labeled.
Creating an access control list
The procedure to create an access control list is described in detail in chapter 24, “Access control list configuration” on page 253.
At this point a simple example is given, that shows the necessary steps to tag any outbound traffic from a Web
server. The scenario is depicted in figure 25. The IP address of the Web server is used as source address in the
permit statement of the IP filter rule for the access control list.
172.16.1.0
lan
wan
IP Access
Network
Node
Node
172.16.1.1/24
17.254.0.91/16
Web-Server
172.16.1.20/24
Figure 25. Scenario with Web server regarded as a single source host
A new access control list has to be created. In the example above, the traffic-class that represents outbound Web
related traffic is named Web.
Access control list have an implicit “deny all” entry at the very end, so packets that do not match the first criteria of outbound Web related traffic will be dropped. That is why a second access control list entry—one that
allows all other traffic—is necessary.
This procedure describes creating an access control list for tagging web traffic from the single source host at a
certain IP address.
Link scheduler configuration task list
158
SmartWare Software Configuration Guide
13 • Link scheduler configuration
Mode: Configure
Step
1
2
3
Command
Purpose
node(cfg)#profile acl name
Creates a new access
control list profile named
name
node(pf-acl)[name]#permit ip host ip-address any traffic-class Creates an IP access conclass-name
trol list entry that permits
access for host at IP
address ip-address, and
specifies that packets
matched by this rule
belong to the traffic-class
class-name.
node(pf-acl)[name]#permit ip any any
Creates an IP access control list entry that permits
IP traffic to or from all IP
addresses.
Example: Defining the access control list profile
In the example below a new access control list profile named Webserver is created. In addition an IP access control list entry that permits access for host at IP address 172.16.1.20, and specifies that packets matched by this
rule belong to the traffic-class Web is added. Finally an IP access control list entry that permits IP traffic to or
from all IP addresses is added to the access control list.
node(cfg)#profile acl Webserver
node(pf-acl)[Webserv~]#permit ip host 172.16.1.20 any traffic-class Web
node(pf-acl)[Webserv~]#permit ip any any
After packet classification is done using access control lists, the link arbiter needs rules defining how to handle the
different traffic-classes. For that purpose you create a service-policy profile. The service policy profile defines how
the link arbiter has to share the available bandwidth among several traffic classes on a certain interface.
Creating a service policy profile
The service-policy profile defines how the link scheduler should handle different traffic-classes. The overall
structure of the profile is as follows:
Link scheduler configuration task list
159
SmartWare Software Configuration Guide
13 • Link scheduler configuration
profile service-policy <profile-name>
common settings
link rate, arbitration
common parameters
source traffic-class <x>
settings for class x
bandwidth, packet mark
queue-size, etc.
source traffic-class <y>
settings for class y
source traffic-class default
settings for all other
traffic-classes not listed
Figure 26. Structure of a Service-Policy Profile
The template shown above specifies an arbiter with three inputs which we call “sources”: x, y and “default”.
The traffic-class “default” stands for all other packets that belong neither to traffic-class x nor y. There is no
limit on the number of sources an arbiter can have.
Example: Creating a service policy profile
The following example shows how to create a top service-policy profile named sample. This profile does not
include any hierarchical sub-profiles. The bandwidth of the outbound link is limited to 512 kbps therefore the
interface rate-limit is set to 512. In addition weighted fair queuing (wfq) is used as arbitration scheme among
the source classes.
profile service-policy sample
rate-limit 512
mode wfq
source traffic-class local-voice
priority
source traffic-class Web
share 30
source traffic-class local-default
share 20
source traffic-class default
queue-limit 40
share 50
The first line specifies the name of the link arbiter profile to configure. On the second line the global bandwidth limit is set. The value defining the bandwidth is given in kilobits per second. Each service-policy profile
must have a “rate-limit” except if no scheduling is used i.e. the link scheduler is used for packet marking only
(like setting the TOS byte).
How the bandwidth on an IP interface is shared among the source classes is defined on the third line. The
mode command allows selecting between the weighted fair queuing and shaping arbitration mode. The default
mode is wfq - the command shown above can therefore be omitted.
Link scheduler configuration task list
160
SmartWare Software Configuration Guide
13 • Link scheduler configuration
The following lines configure the source traffic-classes. When using weighted fair queuing (wfq) each userspecified source traffic-class needs a value specifying its share of the overall bandwidth. For this purpose the
share command is used, which defines the relative weights of the source traffic-classes and policies.
At a some point the source traffic-class default must be listed. This class must be present, because it defines how
packets, which do not belong to any of the traffic-classes listed in the profile are to be handled. When all listed
“traffic-classes” have “priority” the handling of the remaining traffic is implicitly defined and the “default” section can be omitted. Similarly if no scheduling is used i.e. the link scheduler is used for packet marking only
(e.g. setting the TOS byte) the “default” section can also be omitted.
The table below shows the basic syntax of the service-policy profile structure:
Mode: Configure
Step
Command
1
node(cfg)# profile service-policy name
2
node(pf-srvpl)[name]#rate-limit value
3
node(pf-srvpl)[name]#mode {shaper | wfq}
4
node(pf-srvpl)[name]#source {traffic-class | policy}
src-name
5
node (src)[src-name]…
6
node (src)[src-name]exit
7
node(pf-srvpl)[name]#…
8
node(pf-srvpl)[name]#exit
Purpose
Creates a new service policy profile
named name
Limits global interface rate to value in
kbps. Be aware, that the actual ratelimit on a given interface has to be
defined for reliable operation.
Sets the arbitration scheme to mode
shaper or weighted fair queuing (wfq).
If not specified wfq is default.
Enters source configuration mode for a
traffic-class or a hierarchical lower
level service-policy profile named srcname.
At this point the necessary commands
used to specify the handling of the traffic-class(es) have to be entered.
Leaves the source configuration mode
(optional)
Repeat steps 4 to 6 for all necessary
source classes or lower level service
policy profiles.
Leaves the service-policy profile mode
Specifying the handling of traffic-classes
Several commands are available to specify what happens to a packet of a specific traffic-class.
Defining fair queuing weight
The command share is used with wfq link arbitration to assign the weight to the selected traffic-class. When
defining a number of source classes, the values are relative to each other. It is recommended to split 100—
which can be read as 100%—among all available source classes, e.g. with 20, 30 and 50 as value for the respective share commands, which represent 20%, 30% and 50%.
Link scheduler configuration task list
161
SmartWare Software Configuration Guide
13 • Link scheduler configuration
Mode: Source
Command
Purpose
node(src)[name]#share percentage
Defines fair queuing weight (relative to other sources) to percentage for the selected class or policy name
Defining the bit-rate
The command rate is used with shaper link arbitration to assign the (average) bit-rate to the selected source.
When enough bandwidth is available each source will exactly receive this bandwidth (but no more), when
overloaded the shaper will behave like a wfq arbiter. Bit-rate specification for shaper (kilobits).
Mode: Source
Command
node(src)[name]#rate [kilobits |
remaining]
Purpose
Defines the (average) bit-rate to the selected in kbps kilobits or as
remaining if a second priority source is getting the unused bandwidth for the selected class or policy name
Defining absolute priority
This command priority can only be applied to classes, but not to lower level polices. The class is given absolute
priority effectively bypassing the link arbiter. Care should be taken, as traffic of this class may block all other
traffic. The packets given “priority” are taken into account by the “rate-limit”. Use the command police to
control the amount of “priority” traffic.
Mode: Source
Command
node(src)[name]#priority
Purpose
Defines absolute priority effectively bypassing the link arbiter for the
selected class or policy name
Defining the maximum queue length
The command queue-limit specifies the maximum number of packets queued for the class name. Excess packets are dropped. Used in “class” mode—queuing only happens at the leaf of the arbitration hierarchy tree. The
no form of this command reverts the queue-limit to the internal default value, which depends on
your configuration.
Mode: Source
Command
node(src)[name]#queue-limit
number-of-packets
Purpose
Defines the maximum number of packets queued for the selected class
or policy name
Specifying the type-of-service (TOS) field
The set ip tos command specifies the type-of-service (TOS) field value applied to packets of the class name. TOS
and DSCP markings cannot be used at the same time. The no form of this command disables TOS marking.
Link scheduler configuration task list
162
SmartWare Software Configuration Guide
13 • Link scheduler configuration
The type-of-service (TOS) byte in an IP header specifies precedence (priority) and type of service (RFC791,
RFC1349). The precedence field is defined by the first three bits and supports eight levels of priority. The next
four bits—which are set by the set ip tos command—determine the type-of-service (TOS).
Table 5. TOS values and their meaning
TOS Value SmartWare Value
1000
0100
0010
0001
0000
8
4
2
1
0
Meaning
Minimize delay.
Maximize throughput.
Maximizes reliability.
Minimize monetary costs.
All bits are cleared, normal service, “default TOS.”
Historically those bits had distinct meanings but since they were never consistently applied routers will ignore
them by default. Nevertheless you can configure your routers to handle specific TOS values and SmartWare
allows you to inspect the TOS value in the ACL rules and to modify the TOS value with the link scheduler set
ip tos command.
Mode: Source
Command
Purpose
node(src)[name]#set ip tos value Defines the type-of-service (TOS) value applied to packets of for the
selected class or policy name. Standard ToT values are 0, 1, 2, 4,
and 8, as given in table 5 on page 163, but any number from 0 to
15 can be configured.
Specifying the precedence field
The set ip precedence command specifies the precedence marking applied to packets of the class name. Precedence and DSCP markings cannot be used at the same time.
The type-of-service (TOS) byte in an IP header specifies precedence (priority) and type of service (RFC791,
RFC1349). The precedence field is defined by the first three bits and supports eight levels of priority. The lowest priority is assigned to 0 and the highest priority is 7.
The no form of this command disables precedence marking.
Mode: Source
Command
node(src)[name]#set ip precedence value
Purpose
Defines the precedence marking value applied to packets of for the selected class or policy name. The range
for value is from 0 to 7, but only values from 0 to 5
should be used.
Specifying differentiated services codepoint (DSCP) marking
Differentiated services enhancements to the Internet protocol are intended to enable the handling of “trafficclasses” throughout the Internet. In this context the IP header TOS field is interpreted as something like a
Link scheduler configuration task list
163
SmartWare Software Configuration Guide
13 • Link scheduler configuration
“traffic-class” number called. With SmartWare you can inspect the DSCP value in the ACL rules and modify
the DSCP value with the link scheduler set ip dscp command.
Note
When configuring service differentiation on the SmartNode, ensure that
codepoint settings are arranged with the service provider.
The command set ip dscp sets the DS field applied to packets of the class name. Additionally shaping may be
needed to make the class conformant. The no form of this command disables packet marking.
Mode: Source
Command
Purpose
node(src)[name]#set ip dscp value
Defines the Differentiated Services Codepoint value applied to
packets of for the selected class or policy name. The range for
value is from 0 to 63.
Specifying layer 2 marking
The IEEE ratified the 802.1p standard for traffic prioritization in response to the realization that different traffic classes have different priority needs. This standard defines how network frames are tagged with user priority
levels ranging from 7 (highest priority) to 0 (lowest priority). 802.1p-compliant network infrastructure devices,
such as switches and routers, prioritize traffic delivery according to the user priority tag, giving higher priority
frames precedence over lower priority or non-tagged frames. This means that time-critical data can receive preferential treatment over non-time-critical data.
Under 802.1p, a 4-byte Tag Control Info (TCI) field is inserted in the Layer 2 header between the Source
Address and the MAC Client Type/Length field of an Ethernet Frame. Table 6 lists the tag components.
Table 6. Traffic control info (TCI) field
Tag Control Field
Tagged Frame Type Interpretation
3-Bit Priority Field (802.1p)
Canonical
12-Bit 802.1Q VLAN Identifier
Description
Always set to 8100h for Ethernet frames (802.3ac tag format)
Value from 0 to 7 representing user priority levels (7 is the highest)
Always set to 0
VLAN identification number
802.1p-compliant infrastructure devices read the 3-bit user priority field and route the frame through an internal buffer/queue mapped to the corresponding user priority level.
The command set layer2 cos specifies the layer 2 marking applied to packets of this class by setting the 3-bit
priority field (802.1p). The no form of this command disables packet marking.
Please note that the Ethernet port must be configured for 802.1Q framing. Standard framing has no class-ofservice field.
Mode: Source
Command
Purpose
node(src)[name]#set layer2 cos value Defines the Class-Of-Service value applied to packets of for the
selected class or policy name. The range for value is from 0 to 7.
Link scheduler configuration task list
164
SmartWare Software Configuration Guide
13 • Link scheduler configuration
Defining random early detection
The command random-detect is used to request random early detection (RED). When a queue carries lots of
TCP transfers that last longer than simple web requests, there is a risk that TCP flow-control might be inefficient. A burst-tolerance index between 1 and 10 may optionally be specified (exponential filter weight). The no
form of this command reverts the queue to default “tail-drop” behavior.
Mode: Source
Command
Purpose
node(src)[name]#random-detect {burst-tolerance}
Defines random early detection (RED) for
queues of for the selected traffic-class or policy
name. The range for the optional value bursttolerance is from 1 to 10.
Discarding Excess Load
The command police controls traffic arriving in a queue for class name. The value of the first argument average-kilobits defines the average permitted rate in kbps, the value of the second argument kilobits-ahead defines
the tolerated burst size in kbps ahead of schedule. Excess packets are dropped.
This procedure describes defining discard excess load
Mode: Source
Command
node(src)[name]#police average-kilobits
burst-size kilobits-ahead
Purpose
Defines how traffic arriving in a queue for the selected
class or policy name has to be controlled. The value average-kilobits for average rate permitted is in the range
from 0 to 10000 kbps. The value kilobits-ahead for burst
size tolerated ahead of schedule is in the range from 0 to
10000.
Quality of Service for routed RTP streams
SmartWare supports including routed RTP packets in the QoS process. This is possible for plain streams as
well as for encrypted streams in up- and downlink direction. The identification of the packets that have to be
included in the QoS process base upon their size. In the service-policy profile exists a command that allows
mapping of a specific packet size or a range to a traffic class.
There are two predefined ranges the user can choose. One of them is ‘routed-voice’ that specifies a packet size
range from 50 Byte to 280 Byte the other one is ‘routed-voice-encrypted’ that specifies a packet size range from
92 Byte to 324 Byte. By selecting this predefined ranges all voice packets from G.729/10ms to G.711/30ms
will be assigned to the configured traffic-class.
Be aware that also other packets matching the configured size or range will be assigned to the specified trafficclass. All values to be configured are in Byte and are IP Packet sizes (IP Header plus Payload).
Link scheduler configuration task list
165
SmartWare Software Configuration Guide
13 • Link scheduler configuration
Mode: profile service-policy/profile
Command
Purpose
[name] (pf-srvp)[<name>]# [no] map packet-size
Assigns IP packets of a predefined or speci{routed-voice | routed-voice-encrypted | [<lower-size> fied range to a traffic-class. To name a spe<upper-size>] } traffic-class <traffic-class-name>
cific size, configure lower-range and upperrange with the same value.
The following procedure guides through the steps required for creating, configuring and using service policy
profiles on a WAN link that has an upstream and downstream capacity of 256kBit/s and is based on ADSL
technology. The access device must be able to process the RTP traffic generated by a VoIP Phone located in the
LAN like the local generated RTP stream.
Mode: Configure
Step
Command
Purpose
1
[name] (cfg)# profile service-policy <nameout>
[name] (pf-srvp)[<name-out>]# rate-limit 256
atm-modem
[name] (pf-srvp)[<name-out>]# map packetsize routed-voice traffic-class local-voice
[name] (pf-srvp)[<name-out>]# source trafficclass local-voice
[name] (src)[local-v~]# priority
Creates a new service policy profile will be configured for the uplink.
Configures the uplink capacity.
2
3
4
5
6
7
8
9
10
11
12
13
14
Specifies that routed voice traffic will be processed like local generated voice traffic.
Enters traffic-class configuration mode
Specifies that local-voice has priority. Because
route-voice is mapped to local-voice, also routedvoice has priority.
[name] (src)[local-v~]# profile service-policy Creates a new service policy profile will be con<name-in>
figured for the downlink.
[name] (pf-srvp)[<name-in>]# rate-limit 256 Configures the downlink capacity and sets a
atm-modem voice-margin 80
voice-margin of 80kBit/s
[name] (pf-srvp)[<name-in>]# map packet- Specifies that routed voice traffic will be prosize routed-voice traffic-class local-voice cessed like local generated voice traffic.
[name] (pf-srvp)[<name-in>]# source traffic- Enters traffic-class configuration mode
class local-voice
[name] (src)[local-v~]# priority
Specifies that local-voice has priority. Because
route-voice is mapped to local-voice, also routedvoice has priority.
[name] (src)[local-v~]# context ip
Changes to IP configuration mode
[name] (ctx-ip)[router]# interface <if-wan>
Enters WAN interface configuration mode
[name] (if-ip)[<if-wan>]# use profile service- Assigns the downlink profile on the WAN interpolicy <name-in> in
face.
[name] (if-ip)[<if-wan>]# use profile service- Assigns the uplink profile on the WAN interface.
policy <name-out> out
Link scheduler configuration task list
166
SmartWare Software Configuration Guide
13 • Link scheduler configuration
Devoting the service policy profile to an interface
Any service policy profile needs to be bound to a certain IP interface to get activated. According the terminology of SmartWare a service policy profile is used on a certain IP interface, as shown in figure 27.
Service
Policy
Profile
Context
IP
“router”
use command
bind command
PVC
Serial
Ethernet
Figure 27. Using a Service Policy Profile on an IP Interface
Therefore the use profile service-policy command allows attaching a certain service policy profile to an IP
interface that is defined within the IP context. This command has an optional argument that defines whether
the service policy profile is activated in receive or transmit direction.
Providers may use input shaping to improve downlink voice jitter in the absence of voice support. The default
setting no service-policy sets the interface to FIFO queuing.
Mode: Interface
Step
1
Command
node(if-ip)[if-name]#use profile servicepolicy name {in | out}
Purpose
Applies the service policy profile name to the
selected interface if-name. Depending on selecting the optional in or out argument the service
policy profile is active on the receive or transmit
direction. Be aware that service policy profiles
can only be activated on the transmit direction at
the moment.
Example: Devoting the service policy profile to an interface
The following example shows how to attach the service policy profile Voice_Prio to the IP interface wan that is
defined within the IP context for outgoing traffic.
node>enable
node#configure
node(cfg)#context ip router
Link scheduler configuration task list
167
SmartWare Software Configuration Guide
13 • Link scheduler configuration
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#use profile service-policy Voice_Prio out
Displaying link arbitration status
The show service-policy command displays link arbitration status. This command supports the optional
argument interface that select a certain IP interface. This command is available in the operator mode.
Mode: Operator execution
Step
1
Command
Purpose
node>show service-policy {interface name} Displays the link arbitration status
Example: Displaying link arbitration status
The following example shows how to display link arbitration status information.
node>show service-policy
available queue statistics
-------------------------default
- packets in queue: 10
Displaying link scheduling profile information
The show profile service-policy command displays link scheduling profile information of an existing service-policy profile. This command is only available in the administrator mode.
Mode: Administrator execution
Step
1
Command
Purpose
node#show profile service-policy name Displays link scheduling profile information of the
service-policy profile name
Example: Displaying link scheduling profile information
The following example shows how to display link scheduling profile information of an existing service-policy
profile VoIP_Layer2_CoS.
node#show profile service-policy VoIP_Layer2_CoS
VoIP_Layer2_CoS
default (mark layer 2 cos -1)
Enable statistics gathering
Using the debug queue statistics commands enables statistic gathering of link scheduler operations.
Link scheduler configuration task list
168
SmartWare Software Configuration Guide
13 • Link scheduler configuration
The command has optional values (in the range of 1 to 4) that define the level of detail (see table 7).
Table 7. Values defining detail of the queuing statistics
Optional Value Implication on Command Output
0
1
2
3
4
Note
Statistic gathering is switched off
Display amount of packets passed (did
not have to wait), queued (arrived earlier than rate permitted) and discarded
(due to overflowing queue)
Also collects byte counts for the categories listed above
Also keeps track of the peek queue
lengths ever reached since the last configuration change or reload
Adds delay time monitoring
The debug features offered by SmartWare require the CPU resources of your
SmartNode. Therefore do not enable statistic gathering or other debug features if it is not necessary. Disable any debug feature after use with the no
form of the command.
You can enable queue statistics for all queues of a link scheduler by placing the debug queue statistics command in the profile header. Queue statistics are reset whenever the configuration is changed or SmartWare is
reloaded.
Mode: Source
Step
1
Command
Purpose
node(src)[name]#debug queue statistics level Enables statistic gathering for the selected class
or policy name. The optional argument level,
which is in the range from 1 to 4, defines the verbosity of the command output.
Example: Enable statistics gathering for all queues of a profile
The following example shows how to enable statistic gathering for all traffic-classes
node>enable
node#configure
node(cfg)#profile service-policy sample
node(pf-srvpl)[sample]#debug queue statistics 4
Link scheduler configuration task list
169
Chapter 14 Serial port configuration
Chapter contents
Introduction ........................................................................................................................................................171
Serial port configuration task list .........................................................................................................................171
Disabling an interface ...................................................................................................................................171
Enabling an interface ....................................................................................................................................172
Configuring the serial encapsulation type ......................................................................................................173
Configuring the hardware port protocol ........................................................................................................173
Configuring the active clock edge ..................................................................................................................174
Configuring the baudrate ..............................................................................................................................175
170
SmartWare Software Configuration Guide
14 • Serial port configuration
Introduction
This chapter provides an overview of the serial port and describes the tasks involved in its configuration
includes the following sections:
• Serial port configuration task list
• Configuration tasks
• Examples
The V.35 standard is recommended for speeds up to 48 kbps, although in practice it is used successfully at 4
Mbps. The X.21 standard is recommended for data interfaces transmitting at rates up to 2 Mbps and is used
primarily in Europe and Japan.
The synchronous serial interface supports full-duplex operation and allows interconnection to various serial
network interface cards or equipment. Refer to the getting started guide included with your SmartWare for
specific information regarding the connector pinout and the selection of cables to connect with third-party
equipment.
Serial port configuration task list
Perform the tasks in the following sections to configure a synchronous serial interface:
• Disabling an interface (see page 171)
• Enabling an interface (see page 172)
• Configuring the serial encapsulation type (see page 173)
• Configuring the hardware port protocol (see page 173)
• Configuring the active clock edge (see page 174)
• Configuring the baudrate
Disabling an interface
Before you replace a compact serial cable or attach your SmartNode to other serial equipment, use the
shutdown command to disable the serial interfaces. This prevents anomalies and hardware faults. When you
shut down an interface, it has the state CLOSED in the show port serial command display.
Note
Use the no shutdown command to enable the serial interface after the configuration procedure.
This procedure describes how to shut down a serial interface
Mode: Administrator execution
Step
1
2
3
Command
Purpose
node(cfg)#port serial slot port
Selects the serial interface on slot and port
node(prt-ser)[slot/port]#shutdown
Shuts the selected interface down
node(prt-ser)[slot/port]#show port serial Displays the serial interface configuration.
Introduction
171
SmartWare Software Configuration Guide
14 • Serial port configuration
Example: Disabling an interface
The example shows how to disable the built-in serial interface on slot 0 and port 0 of a SmartNode. Check that
State is set to CLOSED in the command output of show port serial.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#shutdown
node(prt-ser)[0/0]#show port serial
Serial Interface Configuration
-----------------------------Port
:
State
:
Hardware Port
:
Transmit Edge
:
Port Type
:
CRC Type
:
Max Frame Length:
Recv Threshold :
Encapsulation
:
serial 0 0 0
CLOSED
V.35
normal
DTE
CRC-16
2048
1
Enabling an interface
After configuring the serial interface or connecting other serial devices, use the no shutdown command to
enable the serial interfaces again. When you enable an interface, it has the state OPENED in the show port
serial command display.
Note
Use the shutdown command to disable the serial interface for any software
or hardware configuration procedure.
This procedure describes how to enable a serial interface.
Mode: Administrator execution
Step
1
2
3
Command
Purpose
node(cfg)#port serial slot port
Selects the serial interface on slot and port
node(prt-ser)[slot/port]#no shutdown
Enables the interface
node(prt-ser)[slot/port]#show port serial Displays the serial interface configuration.
Example: Enabling an interface
The example shows how to enable the built-in serial interface on slot 0 and port 0. Check that State is set to
OPENED in the command output of show port serial.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#no shutdown
node(prt-ser)[0/0]#show port serial
Serial Interface Configuration
-----------------------------Port
State
: serial 0 0 0
: OPENED
Serial port configuration task list
172
SmartWare Software Configuration Guide
Hardware Port
:
Transmit Edge
:
Port Type
:
CRC Type
:
Max Frame Length:
Recv Threshold :
Encapsulation
:
14 • Serial port configuration
V.35
normal
DTE
CRC-16
2048
1
Configuring the serial encapsulation type
The synchronous serial interface supports the Frame Relay and PPP serial encapsulation method. For more
information how to configure Frame Relay and PPP, please see Chapter15, “Frame Relay configuration” on
page 177 and Chapter 30, “PPP configuration” on page 313.
To set the encapsulation method used by a serial interface, use the encapsulation interface
configuration command.
This procedure describes how to set the encapsulation type of the serial interface.
Mode: Administrator execution
Step
Command
1
node(cfg)#port serial slot port
2
node(prt-ser)[slot/port]#[no] encapsulation
{framerelay | ppp}
node(prt-ser)[slot/port]#show port serial
3
Purpose
Selects the serial interface on slot and
port.
Sets the encapsulation type for the
selected interface.
Displays the serial interface configuration.
Example: Configuring the serial encapsulation type
The following example enables Frame Relay encapsulation for the serial interface on slot 0 and port 0. Check
that in the command output of show port serial Encapsulation is set to framerelay.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#encapsulation framerelay
node(prt-ser)[0/0]#show port serial
Serial Interface Configuration
-----------------------------Port
:
State
:
Hardware Port
:
Transmit Edge
:
Port Type
:
CRC Type
:
Max Frame Length:
Recv Threshold :
Encapsulation
:
serial 0 0 0
CLOSED
V.35
normal
DTE
CRC-16
2048
1
framerelay
Configuring the hardware port protocol
Note
Only available on certain devices.
Serial port configuration task list
173
SmartWare Software Configuration Guide
14 • Serial port configuration
Before using the serial interface the hardware port protocol has to be specified. There are two command
options available to select the suitable hardware port protocol:
• v35 for V.35 protocol to be used
• x21 for X.21 protocol to be used
Mode: Administrator execution
Step
1
2
3
Command
Purpose
node(cfg)#port serial slot port
Selects the serial interface on slot and port
node(prt-ser)[slot/port]#hardware-port {v35 | x21} Sets the hardware port protocol
node(prt-ser)[slot/port]#show port serial
Displays the serial interface configuration
Example: Configuring the hardware port protocol
The following example enables X.21 as hardware port protocol for the serial interface on slot 0 and port 0.
Check that Hardware Port is set to X.21 in the command output of show port serial.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#hardware-port x21
node(prt-ser)[0/0]#show port serial
Serial Interface Configuration
-----------------------------Port
:
State
:
Hardware Port
:
Transmit Edge
:
Port Type
:
CRC Type
:
Max Frame Length:
Recv Threshold :
Encapsulation
:
serial 0 0 0
CLOSED
X.21
normal
DTE
CRC-16
2048
1
framerelay
Configuring the active clock edge
Depending on the system configurations—i.e. when using long cables, with certain modem types or data
rates—synchronization problems may occur on the serial port. In these cases, it may be necessary to configure
the clock edge on which data is transmitted.
This procedure describes how to set the active clock edge of the serial interface
Mode: Port serial
Step
1
2
Command
node(prt-ser)[slot/port]# transmit-dataon-edge positive
node(prt-ser)[slot/port]# transmit-dataon-edge negative
Serial port configuration task list
Purpose
Configures the serial interface to transmit on the
positive edge of the clock (normal, default).
Configures the serial interface to transmit on the
negative edge of the clock (inverted).
174
SmartWare Software Configuration Guide
14 • Serial port configuration
Example: Configuring the active clock edge
The following example enables to send data on the negative edge on slot 0 and port 0. Check that Transmit
Clock is set to inverted in the command output of show port serial.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#transmit-data-on-edge negative
node(prt-ser)[0/0]#show port serial
Serial Interface Configuration
-----------------------------Port
:
State
:
Hardware Port
:
Transmit Edge
:
Port Type
:
CRC Type
:
Max Frame Length:
Recv Threshold :
Encapsulation
:
serial 0 0 0
CLOSED
X.21
inverted
DTE
CRC-16
2048
1
framerelay
Configuring the baudrate
A DCE interface has to provide the signal clocks. The desired baudrate can be configured.
Note
Only available on certain devices.
This procedure describes how to set the baudrate for the serial interface.
Mode: Port serial
Step
1
Command
node(prt-ser)[slot/port]# baudrate
baudrate
Purpose
Configures the baudrate for the serial interface.
Example: Configuring baudrate to 64,000 bps
The following example configures a baudrate of 64,000 bps on the serial interface. Verify that the command
output displays the correct baudrate. True baudrate in the Status section shows the
baudrate of the selected hardware.
show port serial detail 5
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#transmit-data-on-edge negative
node(prt-ser)[0/0]#show port serial detail 5
HDLC Driver: 0x8496b8
=====================
Slot:
Number of Ports:
0
1
Port: serial 0 0 0
------------------
Serial port configuration task list
175
SmartWare Software Configuration Guide
State:
OPENED
Configuration
Hardware Port:
Port Type:
CRC:
Transmit Edge:
Max Frame Length:
Baudrate:
Recv Threshold:
X.21
DCE
CRC-16
Normal
1920
64000 bps
1
Statistics
Received frames:
Rx good frames:
Rx CD lost:
Rx Overrun:
Rx CRC errors:
Rx abort sequence:
Rx non octet:
Rx frame len violation:
Rx DPLL error:
Sent frames:
Tx good frames:
Tx CTS lost:
Tx underrun:
116101
116099
0
0
0
0
2
0
0
116106
116106
0
0
Status
Link:
Control Line:
True Baudrate:
Up
enabled
64000 bps
Serial port configuration task list
14 • Serial port configuration
176
Chapter 15 Frame Relay configuration
Chapter contents
Introduction ........................................................................................................................................................178
Frame Relay configuration task list ......................................................................................................................178
Configuring Frame Relay encapsulation ........................................................................................................178
Configuring the LMI type .............................................................................................................................179
Configuring the keep-alive interval ...............................................................................................................179
Enabling fragmentation ................................................................................................................................180
Entering Frame Relay PVC configuration mode ...........................................................................................181
Configuring the PVC encapsulation type ......................................................................................................182
Binding the Frame Relay PVC to IP interface ...............................................................................................182
Enabling a Frame Relay PVC ........................................................................................................................184
Disabling a Frame Relay PVC .......................................................................................................................184
Debugging Frame Relay ................................................................................................................................185
Displaying Frame Relay information .............................................................................................................186
Integrated service access ................................................................................................................................187
Example 1: Frame Relay on e1t1 without a channel-group ...........................................................................189
177
SmartWare Software Configuration Guide
15 • Frame Relay configuration
Introduction
This chapter provides an overview of the Frame Relay protocol and describes the tasks involved in its configuration includes the following sections:
• Frame Relay configuration task list
• Configuration tasks
• Examples
Frame Relay is an example of a packet-switched technology. Packet-switched networks enable end stations to
dynamically share the network medium and the available bandwidth. Variable-length packets are used for more
efficient and flexible transfers. These packets are then switched between the various network segments until the
destination is reached. Statistical multiplexing techniques control network access in a packet-switched network. The advantage of this technique is that it provides more flexibility and more efficient use of bandwidth.
Frame Relay configuration task list
Perform the tasks in the following sections to configure Frame Real on various ports:
• Configuring Frame Relay encapsulation
• Configuring the LMI type
• Configuring the keep-alive interval
• Enabling fragmentation
• Entering Frame Relay PVC configuration mode
• Configuring the PVC encapsulation type
• Binding the Frame Relay PVC to IP interface
• Disabling a Frame Relay PVC
• Displaying Frame Relay information
Configuring Frame Relay encapsulation
Normally, Frame Relay is used over a HDLC framed link. Different kind of physical ports can be configured
for HDLC framed data transmission. On some ports the hdlc mode must be explicitly enabled (PRI, BRI),
other ports have a HDLC framed nature (Serial). That means, Frame Relay encapsulation can be configured in
different configuration modes. For this reason, the command description below refers to the configuration
mode in which Frame Relay can be enabled by setting the encapsulation to ‘framerelay’. This configuration
mode is called here ‘hdlc-sub’ but it is only an alias for the real mode. Once encapsulation framerelay has been
configured, the Frame Relay configuration mode can be entered.
Mode: hdlc-sub
Step
Command
Purpose
1
node(hdlc-sub)#[no] encapsulation framerelay
Enables/Disables Frame Relay
2
node(hdlc-sub)#framerelay
Enters the framerelay configuration mode
Introduction
178
SmartWare Software Configuration Guide
15 • Frame Relay configuration
Configuring the LMI type
For a Frame Relay network, the line protocol is the periodic exchange of local management interface (LMI)
packets between the SmartNode and the Frame Relay provider equipment. If the SmartNode is attached to a
public data network (PDN), the LMI type must match the type used on the public network.
You can set one of the following three types of LMIs:
• ansi for ANSI T1.617 Annex D,
• gof for Group of 4, which is the default for Cisco LMI, and
• itu for ITU-T Q.933 Annex A.
This procedure describes how to set the LMI type.
Mode: Frame Relay
Step
1
Command
Purpose
node(frm-rel)[slot/port]#lmi-type {ansi | gof | itu} Sets the LMI type
Example: Configuring the LMI type
The following example sets the LMI type to ANSI T1.617 Annex D for Frame Relay over the serial interface
on slot 0 and port 0.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#framerelay
node(frm-rel)[0/0]#lmi-type ansi
Configuring the keep-alive interval
A keep-alive interval must be set to configure the LMI. By default, this interval is 10 seconds and, according to
the LMI protocol, must be less than the corresponding interval on the switch. The keep-alive interval in seconds, which is represented by number, has to be in the range from 1 to 3600.
This procedure describes how to set the keep-alive interval
Mode: Frame Relay
Step
1
Command
node(frm-rel)[slot/port]#keepalive number
Purpose
Sets the LMI keep-alive interval
To disable keep-alives on networks that do not utilize LMI, use the no keepalive interface
configuration command.
Example: Configuring the keep-alive interval
The following example sets the keepalive interval to 10 seconds for Frame Relay over the serial interface on slot
0 and port 0.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#framerelay
node(frm-rel)[0/0]#keepalive 10
Frame Relay configuration task list
179
SmartWare Software Configuration Guide
15 • Frame Relay configuration
Enabling fragmentation
FRF.12 interface and end-to-end fragmentation of large IP packets is supported to reduce the delay imposed
on voice packets on slow links (less than 512 kbps). As opposed to IP fragmentation, Frame Relay fragmentation is transparent to the IP layer. This leaves IP packets unchanged, which may be important for IP-based
applications susceptible to IP fragmentation.
This procedure describes how to enable Frame Relay fragmentation
Mode: Frame Relay
Step
Command
1
node(frm-rel)[slot/port]#use profile service-policy name out
2
node(frm-rel)[slot/port]#fragment size
3
node(frm-rel)[slot/port]#pvc dlci
4
node(pvc)[dlci]#fragment size
Purpose
Uses the previously defined service policy profile on Frame
Relay layer (and not on IP interface level) in outward direction.
Defines the maximum size (in Bytes) of the Frame Relay payload (excluding Frame Relay header and trailer overhead)
for all PVCs (FRF.12 interface fragmentation).
See also the table below
Enters the PVC configuration mode by assigning a DLCI number to be used on the specified virtual circuit.
Defines the maximum size (in bytes) of the Frame Relay payload (excluding Frame Relay header and trailer overhead)
for this PVC only (FRF.12 end-to-end fragmentation).
See also the table below
Note
For proper functioning, do not specify a scheduler mode (burst-shaper,
burst-WFQ, shaper, WFQ) for the Frame Relay service policy profile. Furthermore, do not use the Frame Relay service policy profile on the IP layer,
but rather on the Frame Relay layer (mode framerelay). Make sure voice traffic is being given priority over data (command source class localvoice priority).
Note
FRF.12 end-to-end fragmentation and FRF.12 interface fragmentation are
incompatible. Thus make sure that both ends of a Frame Relay link run the
same fragmentation mode.
Note
When running data and voice over a Frame Relay link, it is advisable to only
configure fragmentation for the PVC that carries data traffic. This way, fragmentation protocol overhead and fragmentation processing overhead is only
spent for data traffic—voice packets (whose length should be smaller than the
fragmentation length) do not consume processing power and protocol overhead for fragmentation.
The purpose of end-to-end FRF.12 fragmentation is to support real-time and non-real-time data packets on
lower-speed links without causing excessive delay to the real-time data. The FRF.12 Implementation Agreement defines FRF.12 fragmentation. This standard was developed to allow long data frames to be fragmented
into smaller pieces (fragments) and interleaved with real-time frames. In this way, real-time and non-real-time
data frames can be carried together on lower-speed links without causing excessive delay to the real-time traffic.
Frame Relay configuration task list
180
SmartWare Software Configuration Guide
15 • Frame Relay configuration
End-to-end FRF.12 fragmentation is recommended for use on permanent virtual circuits (PVCs) that share
links with other PVCs transporting voice and on PVCs transporting Voice over IP (VoIP).
The fragmentation size depends on the available bandwidth, the chosen codec, and its packet length:
• The less bandwidth available per call, the smaller the fragment size has to be configured.
• The shorter the voice packets, the smaller the fragment size can be configured.
• The smaller the fragment size, the bigger the overhead for long data packets.
The following table shows the minimum fragment size depending on the configured codec and its packet
length without fragmenting the voice packets:
Codec (bytes)
Packet Period (ms)
Minimum Fragment Size
G.729
G.729
G.729
G.723
G.723
G.723
G.711
G.711
G.711
10
20
30
30
60
90
10
20
30
52
62
72
66
90
114
122
202
282
Entering Frame Relay PVC configuration mode
The permanent virtual circuit (PVC) is a virtual circuit that is permanently established. PVCs save bandwidth associated with circuit establishment and tear down in situations where certain virtual circuits must exist all the time.
The Frame Relay network provides a number of virtual circuits that form the basis for connections between
stations attached to the same Frame Relay network.
The resulting set of interconnected devices forms a private Frame Relay group, which may be either fully interconnected with a complete mesh of virtual circuits, or only partially interconnected.
In either case, each virtual circuit is uniquely identified at each Frame Relay interface by a Data Link Connection
Identifier (DLCI). In most circumstances, DLCIs have strictly local significance at each Frame Relay interface.
Assigning a DLCI to a specified Frame Relay sub interface is done in the PVC configuration mode. The DLCI
has to be in the range from 1 to 1022.
Note
A maximum of eight PVCs can be defined.
This procedure describes how to enter the PVC configuration.
Mode: Frame Relay
Step
1
Command
Purpose
node(frm-rel)[slot/port]#pvc dlci Enters the PVC configuration mode by assigning a DLCI number
to be used on the specified sub interface
Frame Relay configuration task list
181
SmartWare Software Configuration Guide
15 • Frame Relay configuration
Example: Entering Frame Relay PVC configuration mode
The following example enters the configuration mode for PVC with the assigned DLCI of 1 for Frame Relay
over the serial interface on slot 0 and port 0.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#framerelay
node(frm-rel)[0/0]#pvc 1
node(pvc)[1]#
Configuring the PVC encapsulation type
You must use the PVC configuration command encapsulation rfc1490 to set the encapsulation type to comply with the Internet Engineering Task Force (IETF) standard (RFC 1490). Use this keyword when connecting
to another vendor’s equipment across a Frame Relay network.
This procedure describes how to set the encapsulation type to comply with RFC 1490
Mode: Frame Relay/PVC
Step
1
Command
node(pvc)[dlci]#encapsulation rfc1490
Purpose
Sets RFC1490 PVC compliant encapsulation
Example: Configuring the PVC encapsulation type
The following example sets the encapsulation type to comply with RFC 1490 for PVC with the assigned DLCI
of 1 for Frame Relay over the serial interface on slot 0 and port 0.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#framerelay
node(frm-rel)[0/0]#pvc 1
node(pvc)[1]#encapsulation rfc1490
Binding the Frame Relay PVC to IP interface
A newly created permanent virtual circuit (PVC) for Frame Relay has to be bound to an IP interface for further
use. The logical IP interface has to be already defined and should be named according to the use of the serial
Frame Relay configuration task list
182
SmartWare Software Configuration Guide
15 • Frame Relay configuration
Frame Relay PVC. If serial Frame Relay PVC shall be used as WAN access, a suitable name for the logical IP
interface could be wan as in figure 28 below.
IP
interface
eth0
Context
IP
“router”
IP
interface
wan
IP
interface
eth1
PVC
Port
Ethernet
00
Port
Ethernet
01
Port
Serial
00
Figure 28. IP interface wan is bound to PVC 1 on port serial 0 0
This procedure describes how to bind the Frame Relay PVC DLCI on the serial interface to the logical IP
interface name, which is related to the IP context router.
Mode: PVC
Step
1
Command
node(pvc)[dlci]#bind interface name router
Purpose
Binds Frame Relay PVC dlci to the IP interface
name of IP context router
Example: Binding the Frame Relay PVC to IP interface
The following example binds the Frame Relay PVC 1 to the IP interface wan of IP context router to the serial
interface on slot 0 and port 0.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#framerelay
node(frm-rel)[0/0]#pvc 1
node(pvc)[1]#bind interface wan router
Frame Relay configuration task list
183
SmartWare Software Configuration Guide
15 • Frame Relay configuration
Enabling a Frame Relay PVC
After binding Framerelay PVC to an ip interface it must be enabled for packet processing. This procedure activates the PVC by opening the bound ip interface.
This procedure describes how to enable Framerelay PVC for packet processing
Mode: PVC
Step
1
Command
node(pvc)[dlci]#no shutdown
Purpose
Enables the Frame Relay PVC
Example: Disabling a Frame Relay PVC
The following example enables Frame Relay PVC with the DLCI 1 on the serial interface on slot 0 and port 0.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#framerelay
node(frm-rel)[0/0]#pvc 1
node(pvc)[1]#no shutdown
Check the PVC 1 status using show running-config and verify that the entry no shutdown occurs in the configuration part responsible for this PVC.
node(pvc)[1]#show running-config
Running configuration:
#----------------------------------------------------------------#
#
#
…
pvc 1
encapsulation rfc1490
bind interface wan router
no shutdown
Disabling a Frame Relay PVC
Frame Relay PVCs can be disabled whenever it is necessary. Be aware that disabling a specific PVC also disables
the related serial interface and vice versa.
This procedure describes how to disable the Frame Relay PVC DLCI on the serial interface.
Mode: PVC
Step
1
Command
node(pvc)[dlci]#shutdown
Purpose
Disables the Frame Relay PVC DLCI.
Example: Disabling a Frame Relay PVC
The following example disables Frame Relay PVC 1 on the serial interface on slot 0 and port 0.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#framerelay
node(frm-rel)[0/0]#pvc 1
Frame Relay configuration task list
184
SmartWare Software Configuration Guide
15 • Frame Relay configuration
node(pvc)[1]#shutdown
Check the PVC 1 status by using show running-config and verify that the entry shutdown occurs in the configuration part responsible for this PVC.
node(pvc)[1]#show running-config
Running configuration:
#----------------------------------------------------------------#
#
#
# 2500
#
…
pvc 1
encapsulation rfc1490
bind interface wan router
shutdown
exit
…
Debugging Frame Relay
A set of commands is available to check the status of the Framerelay connections, fragmentation process and
keepalive message exchange. Be aware that some monitors generate a lot of output and can seriously impact
your system performance.This procedure describes how to display the Frame Relay configuration settings for
the serial interface
Mode: Administrator execution
Command
[no] debug framerelay
[no] debug framerelay all
[no] debug framerelay error
[no] debug framerelay lmi
[no] debug framerelay management
[no] debug framerelay packets
Frame Relay configuration task list
Purpose
Prints the status of the different monitors (ON or
OFF)
Enables/Disables all framerelay debug monitors
Enables/Disables monitor which prints only
occurred errors.
Enables/Disables monitor which prints keepalive
events and messages
Enables/Disables monitor which prints management
and configuration events
Enables/Disables monitor which prints dlci, size and
fragmentation status of every incoming and outgoing packet. Be aware that this monitor can seriously
impact your system performance.
185
SmartWare Software Configuration Guide
15 • Frame Relay configuration
Displaying Frame Relay information
Since Frame Relay configuration for the serial interface is complex and requires many commands, it is helpful
to list the frame relay configuration on screen.
This procedure describes how to display the Frame Relay configuration settings for the serial interface.
Mode: Port serial
Step
1
Command
Purpose
node(prt-ser)[slot/port]#show framerelay Displays Frame Relay information.
Example: Displaying Frame Relay information
The following example shows the commands used to display Frame Relay configuration settings.
node>enable
node#configure
node(cfg)#show framerelay
Framerelay Configuration:
Port
LMI-Type
Keepalive
Fragmentation
---------------------------------------------------------serial 0 0 0
ansi
10
disabled
PVC Configuration:
Port
DLCI
State
Fragment Encaps
Binding
-------------------------------------------------------------serial 0 0 0
1
open
disabled rfc1490
wan@router
Frame Relay configuration task list
186
SmartWare Software Configuration Guide
15 • Frame Relay configuration
PSTN
Internet
GW
GW
Multi
Multi
Service
Service
Provider
Provider
PVC 1
Node
Node
2300
X.21
Modem
Modem
PVC 2
Leased Line
Network
VPN
VPN
Provider
Provider
Figure 29. Typical Integrated Service Access Scenario with dedicated PVCs
Integrated service access
The example in figure 29 shows a typical integrated service access scenario, where different service providers are
accessed via permanent virtual circuits (PVCs) on Frame Relay over the serial interface of a SmartNode.
The multi service provider (MSP) offers both Internet access and voice services based on IP. The virtual private
network (VPN) provider offers secure interconnections of local access networks (LAN) via its public wide area
network based on IP. Since both providers are working independently, the SmartNode needs a configuration,
which has two dedicated PVCs on Frame Relay. The first PVC, labeled as PVC 1, connects to the MSP access
device. The second PVC, labeled PVC 2, connects to the VPN provider access device on the leased line network.
A SmartNode is working as a DTE and accesses the leased line network via a leased line modem connected to
the serial interface. The hardware port protocol X.21 is used on the serial interface on slot 0 and port 0.
Devices accessing the MSP and VPN services are attached to the 100 Mbps Ethernet port 0/0 on the
SmartNode. For that reason, an IP context with three logical IP interfaces bound to Ethernet port 0/0, PVC 1
and PVC 2 on serial port 0/0 as shown in figure 29 has to be configured for the SmartNode. The IP interfaces
are labeled to represent the function of their configuration. Hence Ethernet port 0/0 is named lan, PVC 1 is
named external since external services are accessed via this PVC, and PVC 2 is named internal to indicate the
private network interconnection via this PVC.
Between the leased line modem and the SmartNode, ANSI T.617 type of LMI packets have to be exchanged. In
addition, the keep-alive interval has to be set to 20 seconds. To guarantee voice quality, fragmentation is enabled
on the PVC which carries voice (PVC 1) and a service profile is assigned which gives priority to voices packets.
Frame Relay configuration task list
187
SmartWare Software Configuration Guide
15 • Frame Relay configuration
Figure 30. IP Context with logical IP interfaces bound to Ethernet port, serial port PVC 1 and PVC 2
The related IP, serial interface and Frame Relay configuration procedure is listed below. Where necessary, comments are added to the configuration for better understanding.
1. Enter the configuration mode.
node>enable
node#configure
…
2. Set up the IP interface configuration first. Be aware that not all of the necessary settings are listed below.
node(cfg)#context ip router
node(ctx-ip)[router]#interface external
node(if-ip)[external]#interface internal
node(if-ip)[internal]#interface lan
node(if-ip)[lan]#exit
node(ctx-ip)[router]#interface internal
node(if-ip)[internal]#ipaddress 192.168.3.1 255.255.255.0
node(if-ip)[internal]#interface external
node(if-ip)[external]#ipaddress 192.168.2.1 255.255.255.0
node(if-ip)[external]#interface lan
node(if-ip)[lan]#ipaddress 192.168.1.1 255.255.255.0
…
3. Define a voice profile which gives priority to voice packets. Set the rate limit according to the bandwidth
available for voice and data on PVC 1 (512kBits/s in this case).
node(cfg)#profile service-policy VoicePrio
node(pf-srvpl)[VoicePr~]#rate-limit 512
node(pf-srvpl)[VoicePr~]#source class local-voice
node(src)[local-v~]#priority
node(src)[local-v~]#source class local-default
node(src)[local-d~]#priority
node(src)[local-d~]#source class default
…
Frame Relay configuration task list
188
SmartWare Software Configuration Guide
15 • Frame Relay configuration
4. Configure the serial interface settings.
node(cfg)#port serial 0 0
node(prt-ser)[0/0]#shutdown
node(prt-ser)[0/0]#encapsulation framerelay
node(prt-ser)[0/0]#hardware-port x21
node(prt-ser)[0/0]#port-type dte
…
5. Configure the Frame Relay. You must thus change to the Frame Relay configuration mode. Use the service-policy profile defined above to give voice priority over data.
node(prt-ser)[0/0]#framerelay
node(frm-rel)[0/0]#lmi-type ansi
node(frm-rel)[0/0]#keepalive 20
node(frm-rel)[0/0]#use profile service-policy VoicePrio out
…
6. Configure the introduced PVCs. Enable fragmentation for PVC 1. The voice uses codec G.723 at a packet
size of 30ms, so the minimum fragment size must be 66 Bytes. Setting the fragment size to 300 (Bytes)
introduces an additional delay of at most 4.7ms (300 * 8/512k) but does not cause too much fragmentation overhead on large data packets.
node(frm-rel)[0/0]#pvc 1
node(pvc)[1]#encapsulation rfc1490
node(pvc)[1]#fragment 300
node(pvc)[1]#bind interface external router
node(pvc)[1]#no shutdown
node(pvc)[1]#pvc 2
node(pvc)[2]#encapsulation rfc1490
node(pvc)[2]#bind interface internal router
node(pvc)[2]#no shutdown
…
7. Check that the Frame Relay settings are correct.
node(frm-rel)[0/0]#show framerelay
Framerelay Configuration:
Port
LMI-Type
Keepalive
Fragmentation
---------------------------------------------------------serial 0 0 0
ansi
20
disabled
PVC Configuration:
Port
DLCI
State
Fragment Encaps
Binding
-------------------------------------------------------------serial 0 0 0
1
open
300
rfc1490
external@router
serial 0 0 0
2
open
disabled rfc1490
internal@router
Example 1: Frame Relay on e1t1 without a channel-group
port e1t1 0 3
port-type e1
clock master
framing crc4
encapsulation hdlc
Frame Relay configuration task list
189
SmartWare Software Configuration Guide
15 • Frame Relay configuration
hdlc
encapsulation framerelay
framerelay
pvc 100
encapsulation rfc1490
bind interface pvc100 router
no shutdown
port e1t1 0 0
no shutdown
Example 2: Frame Relay on e1t1 with a channel-group
port e1t1 0 0
port-type e1
clock master
framing crc4
encapsulation channelized
channel-group myGroup
timeslots 13-17
encapsulation hdlc
hdlc
encapsulation framerelay
framerelay
lmi-type gof
keepalive 20
pvc 100
encapsulation rfc1490
bind interface pvc100 router
no shutdown
port e1t1 0 0
no shutdown
Frame Relay configuration task list
190
Chapter 16 PRI port configuration
Chapter contents
Introduction ........................................................................................................................................................192
PRI port configuration task list............................................................................................................................192
Enable/Disable PRI port ...............................................................................................................................193
Configuring PRI port-type ............................................................................................................................193
Configuring PRI clock-mode ........................................................................................................................193
Configuring PRI line-code ............................................................................................................................193
Configuring PRI framing ..............................................................................................................................194
Configuring PRI line-build-out (E1T1 in T1 mode only) .............................................................................195
Configuring PRI used-connector (E1T1 in E1 mode only) ...........................................................................195
Configuring PRI application mode (E1T1 only) ...........................................................................................195
Configuring PRI LOS threshold (E1T1 only) ...............................................................................................196
Configuring PRI Loopback detection (E1T1 only) .......................................................................................196
Configuring PRI encapsulation .....................................................................................................................197
Create a Channel-Group ...............................................................................................................................198
Configuring Channel-Group Timeslots ........................................................................................................198
Configuring Channel-Group Encapsulation .................................................................................................198
Entering HDLC Configuration Mode ..........................................................................................................199
Configuring HDLC CRC-Type ...................................................................................................................199
Configuring HDLC Encapsulation ...............................................................................................................200
PRI Debugging .............................................................................................................................................200
PRI Configuration Examples ........................................................................................................................201
Example 1: ISDN ....................................................................................................................................202
Example 2: RBS without a channel-group ...............................................................................................202
Example 3: RBS with a channel-group ....................................................................................................202
Example 4: Frame Relay without a channel-group ...................................................................................203
Example 5: Framerelay with a channel-group ..........................................................................................204
Example 6: PPP without a channel-group ...............................................................................................204
Example 7: PPP with a channel-group .....................................................................................................204
191
SmartWare Software Configuration Guide
16 • PRI port configuration
Introduction
This chapter provides an overview of the PRI (Primary Rate Interface) ports, their characteristics and the tasks
involved in the configuration. The SmartNode devices know three different kinds of PRI ports, E1, T1 and
E1T1 whereas an E1T1 port can either work as E1 or T1. This chapter describes the superset of all commands
are available on the different PRI ports. If a command is only executable for a specific port then this circumstance will be noted or highlighted in the command description. Further will be explained here, how to prepare
the ports for the usage of the different application protocols like ISDN, RBS, PPP or Frame Relay. Fore some
applications there must be the possibility to access user defined sets of timeslots of an E1 or T1 port. On
SmartNode’s this feature is called a Channel Group and it will be described in this chapter as well.
Terminology
Hardware Type: Dependent on the device it can either be E1, T1 or E1T1. The Hardware Type and its belonging Slot and Port Number must be specified for entering the configuration mode of a port. It is not possible to
change the Hardware Type, it is given by the system.
Port Type: This expression is used in relation with the E1T1 port and describes if the E1T1 port is currently
running in E1 or in T1 mode. On an E1 or T1 port, the Port Type can not be changed, it is static and matches
the Hardware Type.
PRI port configuration task list
This section describes the configuration tasks for the PRI port.
• Enable/Disable PRI port
• Configuring the PRI port type (E1T1 only)
• Configuring PRI clock mode
• Configuring PRI line code
• Configuring PRI framing (E1T1 only)
• Configuring PRI line build out (E1T1 in T1 mode only)
• Configuring PRI impedance/connector (E1T1 in E1 mode only)
• Configuring PRI application mode (E1T1 only)
• Configuring PRI LOS threshold (E1T1 only)
• Configuring PRI Loopback detection (E1T1 only)
• Configuring PRI encapsulation
• Create a Channel-Group
• Configuring channel-group timeslots
• Configuring channel-group encapsulation
• Entering HDLC configuration mode
• Configuration HDLC CRC-type
• Configuring HDLC encapsulation
Introduction
192
SmartWare Software Configuration Guide
16 • PRI port configuration
• PRI Debugging
Enable/Disable PRI port
By default, the PRI port is disabled. The following command is used for enabling or disabling it.
Mode: port <hw-type> <slot> <port>
Step
1
Command
[name] (hw-type)[slot/port]# [no]
shutdown
Purpose
Enable/Disable the PRI port.
Default: shutdown (which is disabled)
Configuring PRI port-type
An E1T1 Port can either work in T1 or in E1 (G.704) mode. This mode can be changed dynamically as long
as no encapsulation or encapsulation ‘hdlc’ is set. Be aware that changing the port-type also resets the framing
and linecode parameters to the default values of the new port-type. If port-type change is not allowed due to
current configuration, an error message will be issued.
Mode: port e1t1 <slot> <port>
Step
1
Command
[name] (prt-e1t1)[slot/port]# port-type
{e1 | t1}
Purpose
Changes operation mode of the port.
Restriction: Only available for e1t1 ports
Default: e1
Configuring PRI clock-mode
The PRI Port can either work in clock-master or in clock-slave mode. This setting defines the clock dependency of the internal data processing. In clock-master mode the internal data processing is running on an independent clock source. In clock-slave mode the clock source for internal data processing is recovered from the
receive line interface. Be aware that always a port-pair of clock-master and clock-slave are connected together.
In the other case the data transmission will fail due to bit failures. This command has also the option ‘auto’ that
can be used if the application running on the port is also of an asymmetric nature like master/slave, server/client or user/net. Normally, the option ‘auto’ is used if the port is setup for ISDN. In this case, the clock mode
will automatically derived from the Q.921 protocol. If the UNI-Side (User-Network Interface) of Q.921 is set
to ‘net’, then clock mode of the port is automatically set to ‘master’ and if Q.921 is configured as ‘user’ it will
be set to ‘slave’.
Mode: port <hw-type> <slot> <port>
Step
1
Command
Purpose
[name] (prt-e1t1)[slot/port]# clock {auto | Configures the clock-mode of the port.
master | slave}
Default: master
Configuring PRI line-code
Three different line codes can be selected on the PRI port whereas only ‘ami’ is standardized for E1 and T1. If
the port is running in E1 mode, ‘hdb3’ is also configurable and in T1 mode ‘b8zs’. If a linecode will be selected
that is not standardized for the current port mode, an error message will be advised.
PRI port configuration task list
193
SmartWare Software Configuration Guide
16 • PRI port configuration
Mode: port <hw-type> <slot> <port>
Step
1
Command
[name] (prt-e1t1)[slot/port]# linecode
{ami | b8zs | hdb3}
Purpose
Configures the line-code of the port.
Default for e1: hdb3
Default for t1: b8zs
Configuring PRI framing
Four framing formats are available for selection on the E1T1 port. Unframed can only be used if the encapsulation is set for hdlc. All other currently available upper layer (encapsulation) protocols do not run in unframed
mode, but in one of the framed modes.
In structured mode, E1 can be configured for crc4 or non-crc4 and T1 has the framing option esf and sf.
• CRC4 (E1): Cyclic Redundancy Check 4. A CRC4 Multi-Frame consists of 16 continuous Basic-Frames.
Each Multi-Frame can be divided into two Sub Multi-Frames. The first bit of Timeslot 0 of each even Sub
Multi-Frame is called the C-Bit and belongs to the CRC4 check sum.
• ESF (T1): Extended Super Frame. The ESF if made up of 24 Basic-Frames. Each Basic-Frame includes one
overhead bit, the F-Bit. The 24 F-Bits of one Extended Super Frame are used for synchronization (6 Bit),
transmitting data link information (12 Bit) and for CRC6 calculation (6 Bit).
• SF (T1): Super Frame: The SF is made up of 12 Basic-Frames. Each Basic-Frame includes one overhead bit,
the F-Bit. The 12 F-Bits of one Super-Frame represent the frame alignment pattern that is used for synchronization.
• Unframed: The advantage of the unframed mode (obviously with hdlc encapsulation) is the utilization of
the whole link speed for user data transmission, 2.048MBit/s for E1 and 1.544MBit/s for T1. However
note that HDLC has its own overhead which decreases the actual data rate.
Mode: port e1t1 <slot> <port>
Step
1
Command
[name] (prt-e1t1)[slot/port]# framing
{crc4 | non-crc4 | esf | sf | unframed}
PRI port configuration task list
Purpose
Configures the framing of the port.
Restriction: Only available for e1t1 ports
E1 mode formats are: crc4, non-crc4, unframed.
T1 mode formats are: esf, sf, unframed.
Default for e1: crc4
Default for t1: esf
194
SmartWare Software Configuration Guide
16 • PRI port configuration
Configuring PRI line-build-out (E1T1 in T1 mode only)
The line build out configuration is used in long haul applications to prevent cross talk in the far end device.
Mode: port e1t1 <slot> <port>
Step
1
Command
[name] (prt-e1t1)[slot/port]# line-buildout {0 | -7.5 | -15 | -22.5}
Purpose
Specifies the pulse attenuation in dB on the line interface.
Restriction: Only available for e1t1 ports in T1
mode.
Default for t1: 0 dB
Configuring PRI used-connector (E1T1 in E1 mode only)
If the E1T1 WAN-Card provides several line interface connector types this command specifies which one is
currently in use. Sure, the signal is always on all connectors available but dependent on the wiring technology
the internal impedance matching must be adapted (RJ45 = 120 Ohm; BNC = 75 Ohm).
Mode: port e1t1 <slot> <port>
Step
1
Command
[name] (prt-e1t1)[slot/port]# used-connector {bnc | rj45}
Purpose
Specifies the currently used connector.
Restriction: Only available for e1t1 ports in E1
mode.
Default for e1: rj45
Configuring PRI application mode (E1T1 only)
The PRI port can be configured to work in either short-haul or in long-haul mode. Short-haul is the default
application and should be used for transmission distances up to 180m/600ft. For transmission distances up to
1800m/6000ft, select the long-haul application.
Mode: port e1t1 <slot> <port>
Step
1
Command
[name] (prt-e1t1)[slot/port]#application
{long-haul | short-haul}
PRI port configuration task list
Purpose
Specifies the e1/t1 application mode
Restriction: Only available for e1t1 ports
Default: short-haul
195
SmartWare Software Configuration Guide
16 • PRI port configuration
Configuring PRI LOS threshold (E1T1 only)
This command takes effect only if the PRI port is configured for long-haul applications. It specifies the sensitivity for Loss Of Signal threshold. A signal suffers more attenuation over long distances than over short distances. Therefore the LOS-Threshold must be set higher for longer transmission distances. This command has
a default value of -46dB what should be enough for distances up to 1600 m/5250 ft.
Mode: port e1t1 <slot> <port>
Step
1
Command
[ name] (prt-e1t1)[slot/port]#los-threshold {-4dB | -6dB | -8dB … -46dB | 48dB}
Purpose
Specifies Loss Of Signal Threshold
Restriction: Only available for e1t1 ports
Default: -46dB
Configuring PRI Loopback detection (E1T1 only)
In T1 mode the E1T1 PRI port has the capability for auto detection of inband sent loop back codes. Once a
loopback-up code is detected, the module automatically enables the proper loopback function and disables it a
soon as the corresponding loopback-down code appears. This feature is used by carrier equipment for testing
the line to the customer. It sends the loopback-up code to the customer device, then subsequently starts, for
example, a Pseudo Random Bit Sequence (PRBS) to determinate the quality of the connection.
Depending on the configured T1 framing, the right loopback code detection mode will be enabled as soon as
the command loop-back auto-detection will be executed. For framing type uses a different loopback code detection mechanism:
• ESF: The loopback codes are transmitted via the 4kBit/s EOC-Channel, that is part of the 8kBit/s F-Bit
Channel. The following codes are supported:
Command
Line Loopback Activate
Line Loopback Deactivate
Payload Loopback Activate
Payload Loopback Deactivate
Universal Loopback Deactivate
Loopback Retention
Binary Code
0 000111 0
0 011100 0
0 001010 0
0 011001 0
0 010010 0
0 010101 0
• SF and Unframed: An inband loop code pattern is sent for at least 5 seconds in all 24 timeslots. The following codes are supported:
Command
Line Loopback Activate
Line Loopback Deactivate
PRI port configuration task list
Binary Repetition Code
00001
001
196
SmartWare Software Configuration Guide
16 • PRI port configuration
The command has three other options that allow you to manually switch on/off different loops. All these additional options are applicable in T1 and E1 mode.
The ‘line-interface’ loop sends back the whole link bandwidth (2048kBit/s or 1544kBit/s).
In ‘payload’ the entire user data bandwidth (1984 kbps or 1536 kbps) is looped back.
For some tests it is helpful to loop back the system data. For example, system data are sent from the router to
the PRI port. To switch on this feature the option ‘back-plane’ must be selected.
Mode: port e1t1 <slot> <port>
Step
1
Command
Purpose
[ name] (prt-e1t1)[slot/port]#[no] loop-back Enables/Disables type of data loopback, line-inter{line-interface | back-plane | payload | auto- face, payload, back-plane, or auto-detection.
detection}
Restriction: Only available for e1t1 ports
Default: disabled
Configuring PRI encapsulation
The PRI encapsulation command prepares the port for a specific application protocol. After the right encapsulation type has been set, the configuration mode command for the selected protocol can be executed for protocol specific configuration.
• channelized: This special encapsulation type pushes the port in mode where it is possible to setup an application for a user defined set of timeslots. Normally, all timeslots of a port are under full control of the application specified with the encapsulation command. In ‘channelized’ mode, an application uses only the
specified timeslots. If the encapsulation is set to ‘channelized’, use the channel-group command to create a
new Channel Group an to enter its configuration mode. In the Channel Group configuration mode, the
same encapsulation types as on the port configuration mode are available again, except channelized.
• hdlc: Enables HDLC Framing on the selected port. After encapsulation hdlc has been specified, the hdlc
configuration mode can be entered to configure hdlc specific parameters and to define the link layer protocol must run over hdlc.
• q921: This encapsulation type automatically binds the signaling timeslot (D-channel) of the selected port to
the ISDN Layer 2 protocol. This is timeslot 16 for an E1 and timeslot 24 for a T1 port. If in the q921 configuration mode q931 is specified as next encapsulation, the control of all remaining timeslots (B-channels)
is given to the ISDN Layer 3 protocol. For more information please see Chapter18, “ISDN Overview” on
page 212 and Chapter19, “ISDN configuration” on page 217.
• rbs: Robbed Bit Signaling encapsulation is only available for T1 ports.
On specifying this encapsulation type, all the 24 timeslots will be bound to the RBS protocol. Enter the
RBS configuration mode for RBS specific configuration (see Chapter 20, “RBS configuration” on
page 225).
Mode: port <hw-type> <slot> <port>
Step
1
Command
Purpose
[name] (prt-e1t1)[slot/port]#[no] encapsu- Specifies the encapsulation type of the PRI port.
lation {channelized | hdlc | q921 | rbs} Default: no encapsulation
PRI port configuration task list
197
SmartWare Software Configuration Guide
16 • PRI port configuration
Create a Channel-Group
If the desired encapsulated channel uses only selected time slots (not the entire PRI), then it is necessary to set
up a channel-group. To create a channel-group, set the PRI port’s encapsulation to channelized. (See section
“Configuring PRI encapsulation”.) On creating a new channel-group the channel-group configuration mode is
immediately entered. To remove an existing channel-group the ‘no’ form of the command has to be used.
Mode: port e1t1 <slot> <port>
Step
1
Command
Purpose
[name] (prt-e1t1)[slot/port]#[no] channel- Enters the channel-group configuration mode of
group group-name
group-name. If the group does not yet exist a new
one will be created. The ‘no’ form of the command
removes an existing channel-group.
Configuring Channel-Group Timeslots
The ‘timeslots’ command configures an arbitrary sequence of timeslots for use in data transmission. The syntax
of the command accepts comma-separated groups of timeslots. A group can be a single timeslot or a range of
timeslots. The channel-group timeslots do not have to be contiguous. The ‘no’ form of the command releases
all previously selected timeslots.
Example:
>timeslots 1,4,6
>timeslots 1,4-6
>timeslots 1-3,4-6
Selects three timeslots (1, 4 an 6)
Selects four timeslots (1, 4, 5 and 6)
Selects six timeslots (1, 2, 3, 4, 5 and 6)
Mode: channel-group group-name
Step
1
Command
[name] (ch-grp)[group-name]#[no]
timeslots timeslots
Purpose
Selects the timeslots to be used.
Default: no timeslots
Configuring Channel-Group Encapsulation
The encapsulation command prepares the Channel Group for a specific application protocol. After the right
encapsulation type has been set, the configuration mode command for the selected protocol can be executed
for protocol specific configuration.
• hdlc: Enables HDLC Framing on the selected Channel Group. After encapsulation hdlc has been specified,
the hdlc configuration mode can be entered to configure hdlc specific parameters and to define the link
layer protocol must run over hdlc. The number of selected timeslots in the Channel Group also defines the
data transmission rate of the hdlc protocol (n * 64kBit/s).
• q921: This encapsulation type can only be chosen if on the Channel Group only one timeslot is selected. It
is NOT possible to bind multiple timeslots to the q921 protocol.
• rbs: Robbed Bit Signaling encapsulation is only available for T1 ports.
On specifying this encapsulation type, all the timeslots specified in the Channel Group will be bound to the
PRI port configuration task list
198
SmartWare Software Configuration Guide
16 • PRI port configuration
RBS protocol. Enter the RBS configuration mode for RBS specific configurations (see Chapter 20, “RBS
configuration” on page 225).
Mode: channel-group group-name
Step
1
Command
Purpose
[name] (ch-grp)[group-name]#[no] encap- Specifies the encapsulation type of the channelsulation {hdlc | q921 | rbs}
group. Default: no encapsulation
Entering HDLC Configuration Mode
The hdlc configuration mode can be entered either from the “port e1t1” configuration mode or from the
“channel-group” configuration mode. If you cannot enter the hdlc mode, it may be due to an invalid or incomplete configuration, and an error message will be issued. In “port e1t1” configuration mode, you only need to
set the encapsulation for ‘hdlc’ in order to enter the hdlc configuration mode. In “channel-group” configuration mode the encapsulation must be set to ‘hdlc’ as well followed by configuring at least one timeslot per the
‘timeslots’ command.
Mode: port e1t1 <slot> <port>
Step
1
Command
[name] (prt-e1t1)[slot/port]# hdlc
Purpose
Entering the hdlc configuration mode
Mode: channel-group <group>
Step
1
Command
[name] (ch-grp)[group-name]#hdlc
Purpose
Entering the hdlc configuration mode
Configuring HDLC CRC-Type
This command specifies the length of the checksum for calculating the CRC of the hdlc-frame. It can be either
a 16-bit or a 32-bit checksum.
Mode: hdlc
Step
1
Command
[name] (hdlc)#crc-type {crc16 | crc32}
PRI port configuration task list
Purpose
Selects the checksum-type to be used.
Default: crc16
199
SmartWare Software Configuration Guide
16 • PRI port configuration
Configuring HDLC Encapsulation
The hdlc encapsulation command specifies what kinds of upper layer data are contained in the hdlc frames.
Two encapsulation types are available, framerelay and ppp. For more details see Chapter 15, “Frame Relay configuration” on page 177 and Chapter 30, “PPP configuration” on page 313.
Mode: hdlc
Step
1
Command
[name] (hdlc)#encapsulation {framerelay | ppp}
Purpose
Specifies the encapsulation type of hdlc.
Default: no encapsulation
PRI Debugging
For the investigation of possible problems in link establishment, data transmission or synchronization, there
exists a debug command with the options ‘event’ and ‘error’. The command has a hierarchical characteristic
and can be applied to all ports of given type on the whole device, or to all ports of slot or just to one specific
port.
PRI port configuration task list
200
SmartWare Software Configuration Guide
16 • PRI port configuration
Mode: Operator execution
Step
1
Command
[name]#[no] debug hw-type
[ ( [<slot> | [<port>] ] ) | [ [event] |
[error] ] ]
Purpose
Enables/Disables the PRI event/error monitor for the
device a slot or a port.
Examples:
1)[no] debug e1t1
Enables/Disables the event and the error monitor for
all e1t1 ports of the device.
2)[no] debug e1 event
Enables/Disables the event monitor for all e1 ports
of the device.
3)[no] debug t1 error
Enables/Disables the error monitor for all t1 ports of
the device.
4)[no] debug e1 3
Enables/Disables the event and error monitor for all
e1 ports on slot 3.
5)[no] debug e1t1 1 event
Enables/Disables the event monitor for all e1t1
ports on slot 1.
6)[no] debug t1 2 error
Enables/Disables the error monitor for all t1 ports
on slot 2.
7)[no] debug t1 0 0
Enables/Disables the event and error monitor for the
t1 port 0 on slot 0.
8)[no] debug e1 1 0 event
Enables/Disables the event monitor for the e1 port 0
on slot 1.
9)[no] debug e1t1 2 0 error
Enables/Disables the error monitor for the e1t1 port
0 on slot 2.
Mode: Operator execution
Step
1
Command
[name]#show port hw-type
[ [<slot> <port>] | [detail <level>] ]
Purpose
Prints information about the specified port with a
given detail level.
PRI Configuration Examples
Here is a group of seven configuration examples.
• Example 1: ISDN
• Example 2: RBS without a channel-group
• Example 3: RBS with a channel-group
PRI port configuration task list
201
SmartWare Software Configuration Guide
16 • PRI port configuration
• Example 4: Frame Relay without a channel-group
• Example 5: Frame Relay with a channel-group
• Example 6: PPP without a channel-group
• Example 7: PPP with a channel-group
Example 1: ISDN
port e1t1 0 0
port-type t1
clock auto
linecode b8zs
framing esf
encapsulation q921
q921
uni-side auto
encapsulation q931
q931
protocol ni2
uni-side net
bchan-number-order ascending
encapsulation cc-isdn
bind interface pri00 switch
port e1t1 0 0
no shutdown
Example 2: RBS without a channel-group
port e1t1 0 0
port-type t1
clock master
linecode b8zs
framing esf
encapsulation rbs
rbs
protocol ground-start exchange
encapsulation cc-rbs
bind interface pri00 switch
port e1t1 0 0
no shutdown
Example 3: RBS with a channel-group
port e1t1 0 0
port-type t1
clock master
linecode b8zs
framing esf
encapsulation channelized
channel-group group_1_8
timeslots 1-8
encapsulation rbs
rbs
PRI port configuration task list
202
SmartWare Software Configuration Guide
16 • PRI port configuration
protocol eam-wink-start
encapsulation cc-rbs
bind interface pri00_1_8 switch
channel-group group_9_16
timeslots 9-16
encapsulation rbs
rbs
protocol ground-start exchange
encapsulation cc-rbs
bind interface pri00_9_16 switch
channel-group group_17_24
timeslots 17-24
encapsulation rbs
rbs
protocol eam-double-wink-start
encapsulation cc-rbs
bind interface pri00_17_24 switch
port e1t1 0 0
no shutdown
Example 4: Frame Relay without a channel-group
port e1t1 0 0
port-type e1
framing crc4
encapsulation hdlc
hdlc
encapsulation framerelay
framerelay
lmi-type itu
pvc 100
encapsulation rfc1490
bind interface pvc100 router
no shutdown
port e1t1 0 0
no shutdown
PRI port configuration task list
203
SmartWare Software Configuration Guide
16 • PRI port configuration
Example 5: Framerelay with a channel-group
port e1t1 0 0
port-type e1
framing crc4
encapsulation channelized
channel-group myGroup
timeslots 13-17
encapsulation hdlc
hdlc
encapsulation framerelay
framerelay
lmi-type itu
pvc 100
encapsulation rfc1490
bind interface pvc100 router
no shutdown
port e1t1 0 0
no shutdown
Example 6: PPP without a channel-group
port e1t1 0 0
port-type e1
framing crc4
encapsulation hdlc
hdlc
encapsulation ppp
bind interface myPPP router
port e1t1 0 0
no shutdown
Example 7: PPP with a channel-group
port e1t1 0 0
port-type e1
framing crc4
encapsulation channelized
channel-group yourGroup
timeslots 1,9,16,23
encapsulation hdlc
hdlc
encapsulation ppp
bind interface myPPP router
port e1t1 0 0
no shutdown
PRI port configuration task list
204
Chapter 17 BRI port configuration
Chapter contents
Introduction ........................................................................................................................................................206
BRI port configuration task list............................................................................................................................206
Enable/Disable BRI port ...............................................................................................................................206
Configuring BRI clock-mode ........................................................................................................................206
Configuring BRI Power-Feed ........................................................................................................................207
Configuring BRI encapsulation .....................................................................................................................207
Creating a channel group ..............................................................................................................................207
Configuring channel-group timeslots ............................................................................................................208
Configuring channel-group encapsulation .....................................................................................................208
Entering HDLC configuration mode ............................................................................................................208
Configuring HDLC encapsulation ................................................................................................................208
BRI Debugging .............................................................................................................................................209
BRI Configuration Examples ........................................................................................................................210
Example 1: ISDN with auto clock/uni-side settings ................................................................................210
Example 2: ISDN with manual clock/uni-side settings ............................................................................210
Example 3: Multi-Link PPP over two B-Channels ..................................................................................211
205
SmartWare Software Configuration Guide
17 • BRI port configuration
Introduction
This chapter provides an overview of the BRI (Basic Rate Interface) ports, their characteristics and the tasks
involved in the configuration. A BRI port supports two 64kbit/s B-channels for switched voice or data connections, one 16kbit/s D-channel for signaling and always-on data transfer. This results a usable data bit rate of
144kBit/s.
BRI port configuration task list
This section describes the configuration tasks for the BRI port.
• Enable/Disable BRI port
• Configuring BRI clock mode
• Configuring BRI Power-Feed
• Configuring BRI encapsulation
• BRI Debugging
Enable/Disable BRI port
By default, the BRI port is disabled. The following command is used for enabling or disabling it.
Mode: port bri <slot> <port>
Step
1
Command
Purpose
[name] (prt-bri)[slot/port]# [no] shutdown Enable/Disable the selected port.
Default: shutdown (which is disabled)
Configuring BRI clock-mode
The BRI Port can either work in clock-master or in clock-slave mode. This setting defines the clock dependency of the internal data processing. In clock-master mode the internal data processing is running on an independent clock source. In clock-slave mode the clock source for internal data processing is recovered from the
receive line interface. Be aware that always a port-pair of clock-master and clock-slave are connected together.
In the other case the data transmission will fail due to bit failures. This command has also the option ‘auto’ that
can be used if the application running on the port is also of an asymmetric nature like master/slave, server/client or user/net. Normally, the option ‘auto’ is used if the port is setup for ISDN. In this case, the clock mode
will automatically derived from the Q.921 protocol. If the UNI-Side (User-Network Interface) of Q.921 is set
to ‘net’, then clock mode of the port is automatically set to ‘master’ and in the other case to ‘slave’.
Mode: port bri <slot> <port>
Step
1
Command
[name] (prt-bri)[slot/port]# clock {auto |
master | slave}
Introduction
Purpose
Configures the clock-mode of the port.
Default: auto
206
SmartWare Software Configuration Guide
17 • BRI port configuration
Configuring BRI Power-Feed
Enables the application of power on the BRI port to provide power to ISDN terminals. This command applies
only if the port is clock master (network side). It is only available on products with an internal, configurable
ISDN power supply.
Mode: port bri <slot> <port>
Step
1
Command
[name] (prt-bri)[slot/port]#[no] powerfeed
Purpose
Enables/Disables power-feed on the selected port.
Default: disabled
Configuring BRI encapsulation
The BRI encapsulation command prepares the port for a specific application protocol. After the right encapsulation type has been set, the configuration mode command for the selected protocol can be executed for protocol specific configuration.
• q921: This encapsulation type automatically binds the signaling timeslot of the selected port to the ISDN
Layer 2 protocol. For the BRI port this is the 16kbit/s D-channel. If in the q921 configuration mode q931
is specified as next encapsulation, the control of the two remaining timeslots (B-channels) is given to the
ISDN Layer 3 protocol. For more information please consult Chapter 19, “ISDN configuration” on
page 217.
• channelized: This special encapsulation type pushed the port in a mode where it is possible to setup an
application for a user-defined timeslot. Normally, all timeslots of a port are under full control of the application specified with the encapsulation command. In ‘channelized’ mode, and application uses only the
specified timeslot. If the encapsulation is set to ‘channelized’, use the channel-group command to create a
new Channel Group and to enter its configuration mode. The requested can then be selected with the
Channel Group’s encapsulation command.
Mode: port bri <slot> <port>
Step
1
Command
[name] (prt-bri)[slot/port]#[no] encapsulation { channelized | q921}
Purpose
Specifies the encapsulation type of the BRI port.
Default: q921
Creating a channel group
If the desired encapsulated channel uses only a selected time slot (not the entire BRI), then it is necessary to set
up a channel-group. To create a channel-group, set the BRI port’s encapsulation to channelized. (See s“Configuring BRI encapsulation”.) On creating a new channel-group the channel-group configuration mode is immediately entered. To remove an existing channel-group, the ‘no’ form of the command must be used.
Mode: port bri <slot> <port>
Step
1
Command
[name] (prt-bri)[slot/port]#[no] channel
group <group-name>
BRI port configuration task list
Purpose
Enters the channel-group configuration mode of
group-name. If the group does not yet exist a new
one will be created. The ‘no’ form of the command
removes an existing channel-group.
207
SmartWare Software Configuration Guide
17 • BRI port configuration
Configuring channel-group timeslots
The ‘timeslots’ command configures the timeslot for use in data transmission. On a BRI port, only the BChannels can be selected (0 or 1).
Mode: channel-group <group-name>
Step
1
Command
[name] (ch-grp)[group-name]#[no]
timeslots <timeslots>
Purpose
Selects the timeslot to be used.
Default: no timeslots
Configuring channel-group encapsulation
The encapsulation command prepares the Channel Group for a specific application protocol. After the right
encapsulation type has been set, the configuration mode command for the selected protocol can be executed
for protocol specific configuration.
• hdlc: Enables HDLC Framing on the selected Channel Group. After encapsulation hdlc has been specified,
the hdlc configuration mode can be entered to configure hdlc specific parameters and to define the link
layer protocol must run over hdlc.
Mode: channel-group <group-name>
Step
1
Command
Purpose
[name] (ch-grp)[group-name]#[no] encap- Specifies the encapsulation type of the channelsulation {hdlc}
group.
Default: no encapsulation
Entering HDLC configuration mode
The hdlc configuration mode can be entered from the ‘channel-group’ configuration mode if the encapsulation
is set to ‘hdlc’ and a timeslot has been specified. If the hdlc configuration mode is not accessible, it may be due
to an invalid or incomplete configuration. In this case, an error message will be issued.
Mode: channel-group <group-name>
Step
1
Command
[name] (ch-grp)[group-name]#hdlc
Purpose
Enters the hdlc configuration mode.
Configuring HDLC encapsulation
The hdlc encapsulation command specifies what kinds of upper layer data are contained in the hdlc frames.
Currently, only PPP can be chosen. For more details about PPP configuration, see Chapter 30, “PPP configuration” on page 313. Also, see “Example 3: Multi-Link PPP over two B-Channels” on page 211.
Mode: channel-group <group-name>
Step
1
Command
[name] (hdlc)#[no] encapsulation {ppp}
BRI port configuration task list
Purpose
Specifies the encapsulation type of hdlc.
Default: no encapsulation
208
SmartWare Software Configuration Guide
17 • BRI port configuration
BRI Debugging
For the investigation of possible problems in link establishment, data transmission or synchronization, there
exists a debug command with the options ‘event’ and ‘error’. The command has a hierarchical characteristic
and can be applied to all ports on the whole device, or to all ports of slot or just to one specific port. In addition, the ‘show port’ command can be used to printout information about the current configuration and about
received and transmitted frames.
Mode: Operator execution
Step
1
Command
[name]#[no] debug bri
[ ( [<slot> | [<port>] ] ) | [ [event] |
[error] ] ]
Purpose
Enables/Disables the BRI event/error monitor for the
device a slot or a port.
Default: no debug bri
Examples:
1)[no] debug bri
Enables/Disables the event and the error monitor for
all bri ports of the device.
2)[no] debug bri event
Enables/Disables the event monitor for all bri ports
of the device.
3)[no] debug bri error
Enables/Disables the error monitor for all bri ports
of the device.
4)[no] debug bri 3
Enables/Disables the event and error monitor for all
bri ports on slot 3.
5)[no] debug bri 1 event
Enables/Disables the event monitor for all bri ports
on slot 1.
6)[no] debug bri 2 error
Enables/Disables the error monitor for all bri ports
on slot 2.
7)[no] debug bri 0 0
Enables/Disables the event and error monitor for the
bri port 0 on slot 0.
8)[no] debug bri 1 0 event
Enables/Disables the event monitor for the bri port 0
on slot 1.
9)[no] debug bri 2 0 error
Enables/Disables the error monitor for the bri port 0
on slot 2.
Mode: Operator execution
Step
1
Command
[name]#show port bri
[ [<slot> <port>] | [detail <level>] ]
BRI port configuration task list
Purpose
Prints information about the specified port with a
given detail level.
209
SmartWare Software Configuration Guide
17 • BRI port configuration
BRI Configuration Examples
• Example 1: ISDN with auto clock/uni-side settings
• Example 2: ISDN with manual clock/uni-side settings
• Example 3: Multi-Link PPP over two B-Channels
Example 1: ISDN with auto clock/uni-side settings
port bri 0 4
power-feed
encapsulation q921
q921
uni-side auto
encapsulation q931
q931
protocol dss1
uni-side net
bchan-number-order ascending
encapsulation cc-isdn
bind interface bri04 switch
port bri 0 4
no shutdown
Example 2: ISDN with manual clock/uni-side settings
port bri 0 4
clock slave
encapsulation q921
q921
uni-side user
encapsulation q931
q931
protocol dss1
uni-side user
bchan-number-order ascending
encapsulation cc-isdn
bind interface bri04 switch
port bri 0 4
no shutdown
BRI port configuration task list
210
SmartWare Software Configuration Guide
17 • BRI port configuration
Example 3: Multi-Link PPP over two B-Channels
context ip router
interface wan-bri
ipaddress 10.10.10.2 255.255.255.0
subscriber ppp bri_0_0
dial in
multilink max-links 2 fragmentation equal-distribution 320
bind interface wan-bri router
port bri 0 0
clock slave
encapsulation channelized
channel-group Group0
timeslots 0
encapsulation hdlc
hdlc
encapsulation ppp
bind subscriber bri_0_0
channel-group Group1
timeslots 1
encapsulation hdlc
hdlc
encapsulation ppp
bind subscriber bri_0_0
port bri 0 0
no shutdown
BRI port configuration task list
211
Chapter 18 ISDN Overview
Chapter contents
Introduction ........................................................................................................................................................213
ISDN reference points ..................................................................................................................................213
Possible SmartNode port configurations .......................................................................................................214
ISDN UNI Signaling ....................................................................................................................................214
ISDN Configuration Concept .............................................................................................................................216
ISDN Layering .............................................................................................................................................216
212
SmartWare Software Configuration Guide
18 • ISDN Overview
Introduction
This chapter provides an overview of ISDN ports and describes the tasks involved in configuring ISDN ports
in SmartWare.
ISDN ports are the physical ISDN connections on the SmartNode devices. There are two types of ISDN ports:
• The ISDN basic rate interface (BRI), and
• The ISDN primary rate interface (PRI).
A BRI port supports two 64kbit/s B-channels for switched voice or data connections, one 16kbit/s D-channel
for signaling and always-on data transfer. BRI ports are sometimes called S0 ports. The related PSTN access
service is also called Basic Rate Access (BRA).
The PRI port supports thirty 64kbit/s B-channels, one 64kbit/s D-channel and one synchronization timeslot
on a standard E1 (G.704) physical layer. PRI ports are also called S2m ports. The related PSTN access service
is also called Primary Rate Access (PRA).
ISDN reference points
The ISDN standards define a number of reference points on the interfaces between the various equipment
types on an ISDN access line. Figure 31 illustrates these reference points. The understanding of these reference
points and where they are located is necessary for the configuration of the SmartNode ISDN ports.
Basic Rate Access Line point-to-point
S
T
TE
NT2
Phone
PBX
U
NT1
LT
ET
LE
Basic Rate Access point-to-multipoint (S-bus)
Local Exchange
TE
TE
S/T
U
NT1
Phones
LT
ET
Primary Rate Access Line
S
T
TE
NT2
Phone
PBX
Legend:
TE
Terminal Equipment (Phone)
NT1 Network Termination 1 (Modem)
NT2 Network Termination 2 (PBX)
U
NT1
V
LT
LE
LT
ET
ET
Local Exchange
Line Termination
Exchange Termination
Figure 31. ISDN reference points
Introduction
213
SmartWare Software Configuration Guide
18 • ISDN Overview
The S reference point is on the subscriber interface. This is the typical 4-wire connection between an ISDN
phone and an ISDN PBX. Be aware that many ISDN PBX vendors use non-standard proprietary 2-wire interfaces to connect the Terminals to the PBX.
The T reference point is on the trunk interface of a PBX. This is the standard 4-wire interface between the PBX
and the network termination unit (NTU) also known as NT1 in standard terminology. The ISDN layer 2 protocol at this point is in point-to-point mode between the NTU and the PBX.
The 4-wire layer 1 specification S and T interfaces is foreseen for in-house installations and carries a maximum
of 150 meters.
The S/T reference point is on a point-to-multipoint S-Bus. Here several terminals are connected directly to the
same BRI NTU. The S and T reference points are “collapsed”. The NT2 is not represented by any equipment
unit.
The U reference point is on the transmission side of the NTU designed to carry the ISDN line over the last
mile. For basic rate interfaces this is typically a DSL technology working on legacy copper pairs over a distance
up to 12 kilometers. For primary rate lines, DSL, coax and fiber transmission is in use. In most European
countries the U interface is not accessible to the subscriber, the operator always provides the NT1. In the US
and some other countries the NT1 can be integrated into the NT2, i.e. the PBX is connected directly to the U
interface.
The V reference point is typically a y-wire interface between the line card of the public switch and the 2 Mbps
transmission equipment which transports the PRI signal over copper (DSL), coax or fiber.
Possible SmartNode port configurations
The SmartNode ISDN ports can be configured for connection to S, T, S/T, and V interfaces. Refer to
figure 33, which illustrates some of the possible network integration options.
ISDN UNI Signaling
ISDN is a User-Network Interface (UNI) signaling protocol with a user and a network side. The user side is
implemented in ISDN terminals (phones, terminal adapters, etc.) while the network side is implemented in
the exchange switches of the network operator. Both sides have different signaling states and messages. SmartWare ISDN ports can be configured to work as user (USR) or network (NET) interfaces.
A SmartNode in some applications does not replace a standard ISDN equipment (PBX or Terminal) but is
inserted between an existing NT and PBX. In such cases the SmartNode ISDN ports are configured to operate
the opposite side of the connected equipment as illustrated in figure 33.
S
TE
Phone
Legend:
USR User Side Signaling
NET Network Side Signaling
T
NT2 USR
T
NET
Node
USR
U
NET
NT1
PBX
IP Network
Figure 32. ISDN signaling side
Introduction
214
SmartWare Software Configuration Guide
18 • ISDN Overview
Basic Rate Access Line point-to-point
T
S
TE
NT2
Phone
PBX
U
T
NT1
Node
LT
ET
IP Network
LE
Basic Rate Access point-to-multipoint (S-bus)
Local Exchange
TE
TE
S/T
Node
Phones
U
S/T
NT1
LT
ET
IP Network
Primary Rate Access Line
TE
NT2
Phone
PBX
Legend:
TE
Terminal Equipment (Phone)
NT1 Network Termination 1 (Modem)
NT2 Network Termination 2 (PBX)
V
T
S
IP Network
Node
LE
LT
ET
Node
ET
Local Exchange
Line Termination
Exchange Termination
Figure 33. Integration of ISDN access lines
Port activation deactivation—ISDN ports can be configured while they are active. However they will be internally disabled to modify the configuration and then re-enabled. All active
IMPORTANT calls on the port are dropped during this process. Configuration
changes should only be performed during planned down times.
Reference clock source and synchronization—The
SmartNode uses a single reference clock source for the synchronization of the 64kbit/s PCM channels on the ISDN ports and in
IMPORTANT the CS context. This reference clock source can be internal or it
can be derived from one of the ISDN ports. If the clock reference
is not configured in accordance with the network environment,
clock slips and related voice quality degradations can occur.
Refer to chapter 31, “CS context overview” on page 339 on
how to configure the reference clock
Introduction
215
SmartWare Software Configuration Guide
18 • ISDN Overview
Connector pin-out and short circuits—Some of the SmartNode ISDN BRI ports are configurable to operate as network or
terminal ports. The pin-out of the sockets is switched according to
IMPORTANT this configuration. Wrong port configurations, wrong cabling or
wrong connections to neighboring equipment can lead to short
circuits in the BRI line powering. Refer to the HW installation
guide and the port configuration sections below to avoid misconfigurations.
ISDN Configuration Concept
ISDN Layering
ISDN consists of 3 layers. Each layer has its own parameters that need to be configured.
• Layer 1, often called the physical layer, is responsible to transport single bits between two systems. Layer 1
does not guarantee that a message can be transmitted without errors.
Parameters: Clock mode, line codes.
• Layer 2 allows a station to reliably send messages to another station using the D channel. Layer 2 implements flow control, error detection and correction (retransmission) as well as addressing mechanism to
direct messages to individual devices.
Parameters: point-to-point or point-to-multipoint mode, network/user side, permanent layer 2 enabled.
• Layer 3 does send and receive application level messages (i.e. call control). It cares for sending broadcast
messages and collecting the individual results of the attached devices. It also handles the assignment of the B
channels.
Parameters: network/user side, protocol (i.e. DSS1), maximum number of channels.
Call Control
Layer 3 (Q.931)
Encapsulation: ccBind: <call control interface>
Encapsulation: q931
Layer 2 (Q.921)
Layer 1
Encapsulation: q921
Phys. Port
Figure 34. ISDN layering model
The layered model of ISDN is reflected in the configuration by the use of different modes for each layer. The
layers are connected by using encapsulations and bindings. The encapsulation defines what the next higher
layer protocol will be. On the topmost layer, the binding finally selects a logical interface to connect the
port to. For more information how to configure and setup the physical ports for ISDN, please see Chapter 17,
“BRI port configuration” on page 205 and Chapter 16, “PRI port configuration” on page 191. Detailed information about Q.921 and Q.931 configuration are available in Chapter 19, “ISDN configuration” on
page 217.
ISDN Configuration Concept
216
Chapter 19 ISDN configuration
Chapter contents
Introduction ........................................................................................................................................................218
ISDN configuration task list................................................................................................................................218
Enter Q.921 configuration mode ..................................................................................................................218
Configuring Q.921 parameters .....................................................................................................................218
Configuring Q.921 encapsulation .................................................................................................................219
Enter Q.931 configuration mode ..................................................................................................................219
Configuring Q.931 parameters .....................................................................................................................220
Configuring Q.931 encapsulation .................................................................................................................222
Debugging ISDN ..........................................................................................................................................222
ISDN Configuration Examples .....................................................................................................................223
217
SmartWare Software Configuration Guide
19 • ISDN configuration
Introduction
This chapter describes the configuration of the Q.921 and Q.931 protocol and how to bind the ISDN protocol to an application like the Call Control. To get an overview of the ISDN protocol and the layered configuration model of SmartWare, please see Chapter 18, “ISDN Overview” on page 212. In this chapter it is
supposed, the lower layer on which ISDN will be setup is correctly configured. If ISDN has to run on a TDM
port like BRI or PRI, please see Chapter 17, “BRI port configuration” on page 205 or Chapter 16, “PRI port
configuration” on page 191.
ISDN configuration task list
Configuring ISDN typically consists of the following tasks:
• Enter Q.921 configuration mode
• Configuring Q.921 parameters
• Configuring Q.921 encapsulation
• Enter Q.931 configuration mode
• Configuring Q.931 parameters
• Configuring Q.931 encapsulation
Enter Q.921 configuration mode
Normally, Q.921 is running as ISDN Layer 2 protocol on a BRI or PRI port. But it is also possible another
protocol is using Q.921 as its next encapsulation step an then Q.921 will not be configured out of a port context. That means, Q.921 encapsulation can be configured in different configuration modes. For this reason, the
command description below refers to the configuration mode in which Q.921 can be enabled by setting the
encapsulation to ‘q921’. This configuration mode is called here ‘base-mode’ but it is only an alias for the real
mode. Once encapsulation q921 has been configured, the Q.921 configuration mode can be entered.
Mode: base-mode
Step
Command
Purpose
1
node(base-mode)]#[no] encapsulation
q921
Enables/Disables Q.921
2
node(base-mode)]#q921
Enter the Q.921 configuration mode
Configuring Q.921 parameters
This chapter provides an overview of the Q.921 configuration parameters, their syntax and possible restrictions. In case of ISDN, Q.921 settings apply to both BRI and PRI ports. They are defined in the q921 mode.
To use Q921, the lower layer encapsulation must be set to q921.
Introduction
218
SmartWare Software Configuration Guide
19 • ISDN configuration
Mode: q921
Step
1
Command
node(q921)[slot/port]#protocol pp
or
node(q921)[slot/port]#protocol pmp
2
node(q921)[slot/port]#uni-side auto
or
node(q921)[slot/port]#uni-side net
or
node(q921)[slot/port]#uni-side user
Purpose
Specify Q.921 operating mode (Default: BRI:
pmp, PRI: pp).
The Q.921 protocol running on BRI ports can
operate in point-to-point (pp) or point-to-multipoint (pmp) mode. Point-to-multipoint is used
to connect multiple terminals to an ISDN SBus. In some cases small PBXs are also connected to the public ISDN in point-to-multipoint mode. Point-to-point is typically used to
connect PBXs to a public or private ISDN.
The Q.921 protocol of PRI ports always run in
point-to-point (pp) mode.
Specify the UNI side of the interface (Default:
auto)
If layer1 clock mode is not defined or set to
auto this setting also specifies the clock mode
for layer1.
NET: clock mode = master
USR: clock mode = slave
If set to auto the UNI side setting is taken from
layer3.
3
node(q921)[slot/port]#[no] permanentlayer2
Enables the Q.921 permanent activity
(Default: disabled).
By default, the Q.921 protocol is not enabled
permanently, i.e. the first call enables it.
Configuring Q.921 encapsulation
This command specifies the next protocol or application has to be attached to the Q.921 protocol. In case of
ISDN this will always be the Q.931 protocol but in a distributed system for example, it could also be a network protocol.
Mode: q921
Step
1
Command
node(q921)[slot/port]#[no] encapsulation q931
Purpose
Enables/Disables the next application or protocol. Currently only Q.931 is supported.
Enter Q.931 configuration mode
Normally, Q.931 is running as ISDN Layer 3 protocol on Q.921. But it is also possible another protocol is
using Q.931 as its next encapsulation step an then Q.931 will not be configured out of the Q.921 context.
That means, Q.931 encapsulation can be configured in different configuration modes. For this reason, the
ISDN configuration task list
219
SmartWare Software Configuration Guide
19 • ISDN configuration
command description below refers to the configuration mode in which Q.931 can be enabled by setting the
encapsulation to ‘q931’. This configuration mode is called here ‘base-mode’ but it is only an alias for the real
mode. Once encapsulation q931 has been configured, the Q.931 configuration mode can be entered.
Mode: base-mode
Step
Command
Purpose
1
[name](base-mode)]#[no] encapsulation
q931
Enables/Disables Q.931
2
[name](base-mode)]#q931
Enter the Q.931 configuration mode
Configuring Q.931 parameters
This chapter provides an overview of the Q.931 configuration parameters, their syntax and possible restrictions. In case of ISDN, Q.931 settings apply to both BRI and PRI ports. They are defined in the q931 mode.
To use Q931, the lower layer encapsulation must be set to q931.
Note
QSIG is an ISDN based protocol for signaling between nodes of a Private
Integrated Services Network. The formal name of the signaling system by
ISO / IEC is PSS1. Both names will co-exist and QSIG will continue to be
used as the marketing name.
Mode: q931
Step
1
Command
node(q931)[slot/port]#protocol dss1
or
node(q931)[slot/port]#protocol pss1
Purpose
Specify the ISDN layer 3 protocol (Default:
BRI: dss1, E1: dss1, T1: ni2)
or
The ISDN layer 3 is the network signaling
protocol. SmartWare ISDN supports:
node(q931)[slot/port]#protocol ni2
• Euro-ISDN (E-DSS1)
or
• Q.SIG (PSS1)
node(q931)[slot/port]#protocol ntt
• National ISDN (NI2)
or
node(q931)[slot/port]#protocol dms100
• Nippon Telecom NTT for BRI
• Nortel Dms-100 for T1
The layer 3 signaling must correspond to the
connected ISDN equipment or network.
ISDN configuration task list
220
SmartWare Software Configuration Guide
Step
2
19 • ISDN configuration
Command
node(q931)[slot/port]#signalling-rule
etsi
Purpose
Specify channel numbering (Default: etsi)
Some older Q-SIG variants make use of a
channel numbering scheme that differs from
node(q931)[slot/port]#signalling-rule
the standard ETSI method. In most cases the
pss1old
ETSI numbering applies. Unless the connected
ISDN devices and configured protocols
or
require a different scheme, make sure the
node(q931)[slot/port]#no signalling-rule
numbering is set to ETSI.
or
3
node(q931)[slot/port]#uni-side net
Specify the UNI side of the interface.
or
If not defined on layer2 (q921 mode) this setting also specifies the UNI side setting for
layer2.
node(q931)[slot/port]#uni-side user
The layer 2 settings also apply to Q.SIG
(PSS1) interfaces.
Make sure that the device connected to a
SmartNode ISDN port is operating the opposite side of the configured uni-side.
4
node(q931)[slot/port]#max-calls number- Limits the total number of concurrent calls
on the port.
of-calls
or
node(q931)[slot/port]#no max-calls
The no form of the command restores the
default settings.
Note
5
if the channel-range and
max-calls command are
used simultaneously, the
lower number of channels is the limiting
parameter.
node(prt-pstn)[slot/port]#channel-range Specify B-channel range to be used on a PRI
port (Default: E1: 0-31, T1: 0-23)
min max
or
node(prt-pstn)[slot/port]#no channelrange
Limits the time-slots to be used for calls to the
range between min and max. This is in some
cases required for interoperability with ISDN
services that impose the same limitations.
Call slots outside the defined range are
rejected (busy line). If no range is defined
(Default) all 30 (T1: 23) time-slots are available for use.
The no form of the command restores the
default settings.
ISDN configuration task list
221
SmartWare Software Configuration Guide
Step
6
Command
19 • ISDN configuration
Purpose
node(q931)[slot/port]# bchan-numberorder ascending
Specify B-channel allocation strategy (Default:
ascending)
or
The numbering mode defines how the available time slots are filled. The cyclic modes use
a “round-robin” implementation. The “up”
and “down” modes define whether the time
slots are filled at the lowest or highest available slot, i.e. up means that always the lowest
available slot is used, down uses always the
highest available slot.
node(q931)[slot/port]#bchan-numberorder ascending-cyclic
or
node(q931)[slot/port]#bchan-numberorder descending
or
node(q931)[slot/port]#bchan-numberorder descending-cyclic
Configuring Q.931 encapsulation
This command specifies the next protocol or application has to be attached to the Q.931 protocol. In case of
ISDN this will always be the CC-ISDN (Call Control) application. For this case also a binding to a pre-created
ISDN interface is necessary. For information about creation and configuration of an ISDN interface please see
Chapter 34, “ISDN interface configuration” on page 390.
Mode: q931
Step
Command
Purpose
1
node(q931)[slot/port]#[no] encapsulation cc-isdn
Enables/Disables the next application or protocol. Currently only CC-ISDN is supported.
2
node(q931)[slot/port]#[no] bind interface if-name
Bind the Q.931 protocol to an existing call
control interface.
Debugging ISDN
For the investigation of possible Q.921/Q.931 protocol problems or to get call signaling information, there
exists a debug command with the options ‘event’ and ‘error’. The command can be applied to the port on
which ISDN is configured and has a further option to switch on or off a specific ISDN layer. In addition, the
‘show port isdn’ command can be used to printout information about the current state and statistic information about received and transmitted frames.
Mode: Operator execution
Step
1
Command
Purpose
node#debug isdn {event | error} slot port Enables/Disables the ISDN event/error moni{all | layer2 | layer3}
tor
ISDN configuration task list
222
SmartWare Software Configuration Guide
19 • ISDN configuration
Mode: Operator execution
Step
1
Command
Purpose
node#show port isdn [slot port] [detail <- Show the status of one or more ISDN ports.
level>]
If the optional arguments slot/port are omitted the
status of all ISDN ports is displayed.
Level could be 1 to 5. Level 1 shows less, level 5
shows all available information. Default level is 3.
ISDN Configuration Examples
Example: Configuring BRI port as Euro-ISDN interface
The following example shows how to configure port 0/0 as a Euro ISDN interface with user side signaling.
172.16.40.71(cfg)#port bri 0 0
172.16.40.71(prt-bri)[0/0]#q921
172.16.40.71(q921)[0/0]#q931
172.16.40.71(q931)[0/0]#uni-side user
172.16.40.71(q931)[0/0]#encapsulation cc-isdn
172.16.40.71(q931)[0/0]#bind interface bri00
172.16.40.71(q931)[0/0]#exit
172.16.40.71(q921)[0/0]#exit
172.16.40.71(prt-bri)[0/0]#no shutdown
Example: being clock slave on uni network interface
The following example shows how to configure both ports of a SmartNode with network signaling but receive
the clock (via port 0) from the peer. The peer must be configured accordingly, i.e. port 0 as USR/clock master
and port 1 NET/clock slave.
172.16.40.71(cfg)#port bri 0 0
172.16.40.71(prt-bri)[0/0]#clock slave
172.16.40.71(prt-bri)[0/0]#q921
172.16.40.71(q921)[0/0]#q931
172.16.40.71(q931)[0/0]#uni-side net
172.16.40.71(q931)[0/0]#encapsulation cc-isdn
172.16.40.71(q931)[0/0]#bind interface bri00
172.16.40.71(q931)[0/0]#exit
172.16.40.71(q921)[0/0]#exit
172.16.40.71(prt-bri)[0/0]#no shutdown
172.16.40.71(cfg)#port bri 0 1
172.16.40.71(prt-bri)[0/0]#q921
172.16.40.71(q921)[0/0]#q931
172.16.40.71(q931)[0/0]#uni-side net
172.16.40.71(q931)[0/0]#encapsulation cc-isdn
172.16.40.71(q931)[0/0]#bind interface bri01
172.16.40.71(q931)[0/0]#exit
172.16.40.71(q921)[0/0]#exit
172.16.40.71(prt-bri)[0/0]#no shutdown
ISDN configuration task list
223
SmartWare Software Configuration Guide
19 • ISDN configuration
Example: QSIG
Assume the scenario as illustrated in figure 35:
Node
Node
ISDN Port 1/0
Figure 35. PBX connected to ISDN port 1/0
Configure the ISDN port 1/0 to work as a Q-SIG master port but clock-slave and allow a maximum of eight
parallel B-channel connections.
172.16.40.71(cfg)#port e1 1 0
172.16.40.71(prt-e1)[1/0]#clock slave
172.16.40.71(prt-e1)[1/0]#q921
172.16.40.71(q921)[1/0]#q931
172.16.40.71(q931)[1/0]#uni-side net
172.16.40.71(q931)[1/0]#protocol pss1
172.16.40.71(q931)[1/0]#signalling-rule etsi
172.16.40.71(q931)[1/0]#max-channels 8
172.16.40.71(q931)[0/0]#exit
172.16.40.71(q921)[0/0]#exit
172.16.40.71(prt-e1)[0/0]#no shutdown
Example: PRI
Configure PRI port 1/0 as clock master. From the Local Exchange timeslots 1 through 20 are available and the
total number of concurrent calls shall be limited to 10. Use down-cyclic channel numbering.
172.16.40.71(cfg)#port e1 1 0
172.16.40.71(prt-e1)[1/0]#q921
172.16.40.71(q921)[1/0]#q931
172.16.40.71(q931)[1/0]#uni-side net
172.16.40.71(q931)[1/0]#max-channels 10
172.16.40.71(q931)[1/0]#channel-range 1 20
172.16.40.71(q931)[1/0]#bchan-number-order descending-cyclic
172.16.40.71(q931)[0/0]#exit
172.16.40.71(q921)[0/0]#exit
172.16.40.71(prt-e1)[0/0]#no shutdown
ISDN configuration task list
224
Chapter 20 RBS configuration
Chapter contents
Introduction ........................................................................................................................................................226
RBS configuration task list ..................................................................................................................................226
Enter RBS configuration mode .....................................................................................................................226
Configuring RBS protocol ............................................................................................................................226
Configuring RBS encapsulation ....................................................................................................................227
Debugging RBS ............................................................................................................................................227
RBS Configuration Examples ........................................................................................................................228
225
SmartWare Software Configuration Guide
20 • RBS configuration
Introduction
This chapter describes the configuration of the Robbed Bit Signaling (RBS) protocol and how to bind it to the
Call Control application. RBS is used on T1 links to provide per-channel circuit signaling information. In this
application no common signaling channel is used like in ISDN, each channel (Time Slot) is carrying its signaling information by itself. For this purpose, in every sixth frame the least significant bit of each timeslot is used
(robbed) to transmit the signaling state. In the Super Frame (SF) format that is built on 12 basic frames, the bit
robbed from the 6th frame is called the A-Bit and the bit robbed from the 12th frame is called the B-Bit. If the
Extended Super Frame (ESF) format issued, that exists on 24 basic frames, the robbed bits are called A-Bit (6th
frame), B-Bit (12th frame), C-Bit (18th frame) and D-Bit (24th frame). The information carried in these 2/4
bits is representing the current signaling state in a format it is known from the Analog Telephony (FXS/FXO).
These states are for example On-Hook, Off-Hook and Ringing.
RBS configuration task list
Configuring RBS typically consists of the following tasks:
• Enter RBS configuration mode
• Configuring RBS protocol
• Configuring RBS encapsulation
Enter RBS configuration mode
There are two different ways how to use RBS. First, RBS encapsulation can be directly configured on the
requested T1 port. In this case, all timeslots will use the same configured RBS protocol and will be bound to
the same Call Control interface. But if not all timeslots of a T1 port have to be configured for RBS or some
timeslots have to use a different RBS protocol or different groups of timeslots have to be bound to different
Call Control interfaces, then the channelized port configuration model must be selected. For more information
about the channelized model and the creation of channel groups, please consult Chapter16, “PRI port configuration” on page 191. Because RBS encapsulation can be set in different configuration modes (Port and Channel Group), an independent mode name ‘base-mode’ is used in the command description below. It refers to the
real mode where encapsulation ‘rbs’ can be configured.
Mode: base-mode
Step
Command
Purpose
1
node(base-mode)]#[no] encapsulation
rbs
Enables/Disables RBS
2
node(base-mode)]#rbs
Enter the RBS configuration mode
Configuring RBS protocol
RBS knows several different signaling protocols. Dependent on the application requirements the right one
must be selected.
• Loop Start: It is the most common protocol and primarily used for local loop services. The protocol is
asymmetric what means, the exchange and the subscriber side are different. Always an Exchange/Subscriber
pair must be connected together. There is a provisioning for ring indication in this protocol.
Introduction
226
SmartWare Software Configuration Guide
20 • RBS configuration
• Ground Start: This protocol is commonly used for local loop PBX services. The protocol is asymmetric
what means, the exchange and the subscriber side are different. Always an Exchange/Subscriber pair must
be connected together. There is a provisioning for ring indication in this protocol.
• E&M Wink Start: This protocol is used between exchanges, is symmetric and has NO provisioning for ring
indication. The ‘wink’ serves as an indication that the terminating side is ready to receive the called party
number, it is analogous to the dial tone.
• E&M Immediate Start: This protocol is almost the same as E&M Wink Start but the originating side must
have the capability for inband dial tone detection due to a missing ‘ready to receive digits’ indication.
• E&M Double Wink Start: This protocol is almost the same as E&M Wink Start with the difference after
the terminating side has received all digits of the called party number, it sends back an acknowledge ‘wink’
to the originating side.
Mode: rbs
Step
1
Command
node(rbs)]#[no] protocol {loop-start
{exchange | subscriber} | ground-start
{exchange | subscriber} | eam-doublewink-start | eam-immediate-start |
eam-wink-start}
Purpose
Selects the RBS protocol.
Configuring RBS encapsulation
This command specifies the next protocol or application has to be attached to the RBS protocol. Here it will
always be the CC-RBS (Call Control) application and also a binding to a pre-created RBS interface is necessary. For information about creation and configuration of a RBS interface please consult Chapter 37, “RBS
interface configuration” on page 426.
Mode: rbs
Step
Command
Purpose
1
node(rbs)]#[no] encapsulation cc-rbs
Enables/Disables the next application or protocol. Only CC-RBS is supported.
2
node(rbs)]#[no] bind interface interface
Bind the RBS protocol to an existing call control interface.
Debugging RBS
For the investigation of possible RBS protocol problems or to get information about the call signaling state,
there exist two debug commands with the options ‘event’ and ‘error’. The first command is called ‘debug cas’
(Channel Associated Signaling) and outputs information about sent and received A, B, C and D bits as well as
information about the debouncing state. Debouncing of the received signaling state bits is necessary due to
possible transmission failures on the TDM line. The second debug command is called ‘debug rbs’ and outputs
information about call signaling state changes (On-Hook, Off-Hook, Ringing, Wink).
RBS configuration task list
227
SmartWare Software Configuration Guide
20 • RBS configuration
Mode: Operator execution
Step
1
Command
node#[no] debug cas {event | error}
Purpose
Enables/Disables CAS event/error monitor
Mode: Operator execution
Step
1
Command
node#[no] debug rbs {event | error}
Purpose
Enables/Disables RBS event/error monitor
RBS Configuration Examples
Example: Configuring RBS Ground Start on a E1T1 port
port e1t1 0 0
port-type t1
clock slave
linecode b8zs
framing esf
encapsulation rbs
rbs
protocol ground-start subscriber
encapsulation cc-rbs
bind interface RBS00 switch
port e1t1 0 0
no shutdown
Example: Configuring different RBS protocols with a Channel Group on an E1T1 port
port e1t1 0 0
port-type t1
clock slave
linecode b8zs
framing esf
encapsulation channelized
channel-group RBS_GROUP_1_8
timeslots 1-8
encapsulation rbs
rbs
protocol eam-wink-start
encapsulation cc-rbs
bind interface RBS00_1_8 switch
channel-group RBS_GROUP_9_16
timeslots 9-16
encapsulation rbs
rbs
protocol eam-immediate-start
encapsulation cc-rbs
bind interface RBS00_9_16 switch
RBS configuration task list
228
SmartWare Software Configuration Guide
20 • RBS configuration
channel-group RBS_GROUP_17_24
timeslots 17-24
encapsulation rbs
rbs
protocol eam-double-wink-start
encapsulation cc-rbs
bind interface RBS00_17_24 switch
port e1t1 0 0
no shutdown
RBS configuration task list
229
Chapter 21 DSL Port Configuration
Chapter contents
Introduction ........................................................................................................................................................231
Line Setup ...........................................................................................................................................................231
Configuring PPPoE .............................................................................................................................................231
Configuration Summary......................................................................................................................................232
Setting up permanent virtual circuits (PVC)........................................................................................................233
Using PVC channels in bridged Ethernet mode ............................................................................................233
Using PVC channels with PPPoE .................................................................................................................233
Diagnostics ...................................................................................................................................................234
Troubleshooting DSL Connections .....................................................................................................................234
230
SmartWare Software Configuration Guide
21 • DSL Port Configuration
Introduction
This chapter provides an overview of the DSL ports (ADSL and G.SHDSL), their characteristics and the tasks
involved in the configuration.
port
dsl 0\ 0\
vpi 8
pvc
vci 35
pppoe
Profile
napt
WAN
session MyISP
use p
bind subscriber
MySubscriber
Subscriber PPP
MySubscriber
face
inter
bind router
WAN
rofile
n
WAN apt
WAN
interface
context
ip
Figure 36. Configuring the G.SHDSL card for PPPoE
CAUTION
The Modem setup uses IP messages within its own subnet:
192.0.2.0/24. SmartNodes with built-in modems cannot use this
subnet in any other way.
Line Setup
There is no line modulation setting. The modems automatically adapt to the bit rate and modulation used.
The status LED on the back of the device is blinking while the modem attempts to connect and lit when the
link is established. If the modem keeps blinking, check the cabling,
Configuring PPPoE
Figure 36 explains how to configure PPPoE on the SmartNode’s built-in G.SHDSL card. To configure the
DSL port for PPPoE, first you need to log in to the SmartNode via the CLI and enter configuration mode.
login: administrator
password: <enter>
node>enable
node>#configure
Introduction
231
SmartWare Software Configuration Guide
21 • DSL Port Configuration
Next, you will need to create a WAN profile, create a WAN interface, and create a subscriber. Then, you can
configure the DSL port (port dsl 0 0) for PPPoE.
Follow this example:
profile napt WAN
context ip router
interface WAN
ipaddress unnumbered
point-to-point
use profile napt WAN
tcp adjust-mss rx mtu
tcp adjust-mss tx mtu
subscriber ppp MySubscriber
dial out
authentication chap
identification outbound <username> password <password>
bind interface WAN router
port dsl 0 0
pvc vpi 8 vci 35
pppoe
session MyISP
bind subscriber MySubscriber
no shutdown
The line - use profile napt WAN - defines that the NAPT profile <profile> will be used on the ip interface
<name>. For PPPoE, you will only use outbound for identification. You will want to use authentication, which
is why you bind to a subscriber. You can use authentication chap or authentication pap. The line - bind subscriber MySubscriber - binds the PPPoE session to the PPP subscriber, in case authentication is required. If
you do not use authentication, then you will not have a subscriber and you will bind directly to the interface.
Configuration Summary
The modems offer multiple bridged Ethernet connections through logical channels within the DSL link. A
logical connection is called a Permanent Virtual Circuit (PVC) and is identified by a VPI/VCI number pair.
Consult your provider's configuration instructions for connections used on your DSL link. You define those
PVCs inside "port dsl 0 0":
port dsl 0 0
pvc vpi 8 vci 35
Iin the mode "pvc", you define what to do with the bridged Ethernet connection it offers:
• Bind one or more IP interfaces when your providers uses fixed ip addresses or DHCP in the network
• Enter PPPoE mode and define a PPP session if the provider is using PPPoE.
Note
PPPoA is not supported.
Configuration Summary
232
SmartWare Software Configuration Guide
21 • DSL Port Configuration
Setting up permanent virtual circuits (PVC)
The modems currently available are using ATM to multiplex traffic over the DSL framing connection. ATM
allows you to have separate logical connections running in parallel. Those connections are called permanent
virtual circuits (PVC). All permanent virtual circuits use AAL5 framing.
Table 8. PVC Commands
Command
Purpose
Step 1 node(prt-dsl)[0/0]# [no] pvc vpi 8 vci 35 Creates PVC 8/35 and enters configuration
mode for this PVC. The "no"-variant deletes the
PVC configuration.
Step 2 node(pvc)[8/35]# encapsulation {llc|vc} Sets the encapsulation to be used. Optionally
select either LLC encapsulation or VC multiplexing for this PVC.
Default: llc
Using PVC channels in bridged Ethernet mode
The PVC offers a bridged Ethernet connection as specified in RFC1483, which can be used as an IP link e.g.
with DHCP to assign the address, DNS server, and default gateway. To do this, you bind an IP interface to the
PVC like it would be done to a normal Ethernet port.
Table 9. PVC channels in bridged Ethernet mode
Command
Step 1 node(pvc)[vpi/vci]# [no] bind interface
<if-name>
Purpose
Associates an IP interface configuration with this
PVC.
Using PVC channels with PPPoE
The RFC1483 bridged Ethernet connection can also be used for PPPoE. To do this, you enter PPPoE mode
within the PVC mode. All PPPoE commands apply as if the PVC was a regular Ethernet port.
Table 10. PVC channels in PPPoE mode
Command
Purpose
Step 1 node(pvc)[vpi/vci]# pppoe
Enters PPPoE configuration mode for this PVC.
Step 2 node(pppoe)# session <name>
Step 3 node(session)[<name>]# bind subscriber <subscriber-name>
Step 4 node(session)[<name>]# no shutdown
Defines a PPPoE session.
Links the session to a subscriber definition.
Note
Enables the PPPoE session
The bridged PVC connections are internally mapped to VLANs on a virtual
Ethernet port 0/2. You will therefore see references to this third Ethernet
port when displaying PPPoE status information or debug logs.
Setting up permanent virtual circuits (PVC)
233
SmartWare Software Configuration Guide
21 • DSL Port Configuration
Diagnostics
Table 11. Diagnostics commans
Command
Step 1 node> show dsl type
Step 2 node> show dsl line-state
Step 3 node> show dsl version
Step 4 node# debug dsl-setup
Purpose
Displays the type of modem installed.
Displays information about the state of the DSL
link.
Display firmware version information for the
modem.
Lists the configuration interactions between the
gateway and the modem module.
Troubleshooting DSL Connections
Link State:
• Verify that the DSL link is established (status LED is continuously on)
PPPoE access:
• Check if "show pppoe detail 3" shows "State: .... opened". This indicates that the PVC is valid and a that
you reached a PPPoE server through it.
• Check if "show ppp networks detail 3" shows "State: .... opened" for both the "LCP" and the "CHAP" section. If LCP is not working, there is probably no compatible authentication protocol configured. Make sure
"authentication chap" and "authentication pap" are included in the subscriber setup. If only CHAP failed
there may be an error with the username or password.
• Run the “debug” command: node# debug dsl-setup (See table 11 above).
Troubleshooting DSL Connections
234
Chapter 22 Basic IP routing configuration
Chapter contents
Introduction ........................................................................................................................................................236
Routing tables ...............................................................................................................................................236
Static routing ................................................................................................................................................236
Policy routing ...............................................................................................................................................236
Basic IP routing configuration task list ................................................................................................................236
Configuring static IP routes ..........................................................................................................................237
Deleting static IP routes ................................................................................................................................238
Displaying IP route information ...................................................................................................................238
Configuring policy routing ...........................................................................................................................239
Examples .............................................................................................................................................................240
Basic static IP routing example ......................................................................................................................240
Changing the default UDP port range for RTP and RTCP .................................................................................241
235
SmartWare Software Configuration Guide
22 • Basic IP routing configuration
Introduction
This chapter provides an overview of IP routing and describes the tasks involved in configuring static IP routing.
IP routing moves information across an internetwork from a source to a destination, typically passing through
one or more intermediate nodes along the way. The primary difference between routing and bridging is the
two different access levels of information that are used to determine how to transport packets from source to
destination; routing occurs at Layer 3 (the network layer), while bridging occurs at Layer 2 (the link layer) of
the OSI reference model. In addition to transporting packets through an internetwork, routing involves determining optimal paths to a destination. Routing algorithms use metrics, or standards of measurement, to establish these optimal paths and for initializing and maintaining routing tables that contain all route information.
Routing tables
The routing table stores routes to:
• Directly-attached interfaces or networks
• Static IP routes
• Routes learned dynamically from the Routing Information Protocol (RIP)
In the routing table, next-hop associations specify that a destination can be reached by sending packets to a
next-hop router located on an optimal path to the destination. When the SmartNode receives an incoming
packet, it checks the destination address, and attempts to associate this address with a next-hop address and
outgoing interface. Routing algorithms must converge rapidly — i.e. all routers must agree on optimal routes.
When a network event causes routes either to go down or to become unavailable, routers distribute routing
update messages that permeate networks, causing recalculation of optimal routes that are eventually agreed
upon by all routers. Routing algorithms that converge slowly can cause routing loops or network outages.
Many algorithms can quickly select next-best paths and adapt to changes in network topology.
Static routing
Static routing involves packet forwarding on the basis of static routes configured by the system administrator.
Static routes work well in environments where network traffic is relatively predictable and where the network
topology is relatively simple. In contrast, dynamic routing algorithms adjust to changing network circumstances by analyzing incoming routing update messages. RIP uses dynamic routing algorithms.
Policy routing
IP routing makes decisions based on IP addresses. Policy Routing allows the user to configure IP routing based
on more criteria than only the destination IP address. Within the IP Context, IP packets are categorized into
traffic-classes which are used as a routing criterion. Three traffic-classes are defined—default, local-voice, and
local-default. In addition packets can be categorized into user-defined traffic-classes by using ACL.
Basic IP routing configuration task list
To configure IP routes, perform the tasks described in the following sections. The tasks in the first two sections
are required; the task in the remaining section is optional, but might be required for your application.
• Configuring static IP routes
• Deleting static IP routes (see page 238)
Introduction
236
SmartWare Software Configuration Guide
22 • Basic IP routing configuration
• Displaying IP route information (see page 238)
Configuring static IP routes
Rather than dynamically selecting the best route to a destination, you can configure one or more static routes
to that destination. Once configured, a static route stays in the routing table indefinitely. When multiple static
routes are configured for a single destination and the outbound interface of the current static route goes down,
a backup route is activated, thus improving network reliability. Each route is assigned a default precedence
value and cost value. Modifying these values allow you to set a preference for one route over the next. If static
routes are redistributed through dynamic routing protocol to neighboring devices, only the active static route
to a destination is advertised.
This procedure describes how to configure one or more static IP routes to the same destination
Mode: Administrator execution
Step
1
2
Command
Purpose
node(cfg)#context ip router
Enters the IP router
context
node(ctx-ip)[router]#route network mask {address | interface} [metric] Adds a static route
Where the syntax is:
• network—The IP address of the target network or subnet.
• mask—A network mask where the 1 bits indicate the network or subnet, and the 0 bits indicate the host
portion of the network address provided.
• address—The IP address of a next-hop router that can access the target network or subnet.
• interface—The name of the outgoing interface to use for the target network or subnet.
• metric—This is an optional parameter. Specifies the desirability of the route when compared against other
routes. The range is 0 through 15, where 0 is the preferred route. If no metric is specified, the static route is
assumed to have a metric of 0.
Note
To configure a default static IP route, use 0.0.0.0 for the network number
and mask. A valid next-hop address or interface is required.
Example: Adding a static IP route
In the following example, packets for network 20.0.0.0/24 will be routed to the device at 172.17.100.2. The
Ethernet port 0 1 has the address 172.17.100.1/24 and is bound to the interface wan.
node>enable
node#configure
node(cfg)#context ip router
node(ctx-ip)[router]#route 20.0.0.0 255.255.255.0 172.17.100.2
The route is added to the routing database with the default metric 0. The router will forward packets to the
20.0.0.0 network via the interface wan to the router on 172.17.100.2.
Basic IP routing configuration task list
237
SmartWare Software Configuration Guide
22 • Basic IP routing configuration
Deleting static IP routes
The no form of the route command deletes a static IP route from the routing table.
This procedure describes how to delete one or more static IP routes from the routing table
Mode: Administrator execution
Step
1
2
Command
Purpose
node(cfg)#context ip router
Enters the IP router context
node(ctx-ip)[router]#no route network mask {address | interface} Deletes a static route
Example: Deleting a static IP route
In the following example, the route for packets to network 20.0.0.0/24, which are routed to device with IP
address 172.17.100.2, shall be deleted.
node>enable
node#configure
node(cfg)#context ip router
node(ctx-ip)[router]#no route 20.0.0.0 255.255.255.0 172.17.100.2
Displaying IP route information
This procedure describes how to display static IP routes
Mode: Operator or administrator execution
Step
1
Command
node>show ip route
Purpose
Displays IP route information
This command displays the destination address, next-hop interface, protocol (local, static, RIP, or ICMP),
metric, flags (U–up, H–host, G–Gateway, L–local, D–default), and amount of use for each route in the routing
table. If there are multiple routes to the same destination, the preferred route is indicated by an asterisk (*).
Example: Displaying IP route
In the following example, IP route information is displayed.
node>show ip route
Routes of IP context 'router':
Status codes: * valid, U up, H host, G Gateway, L local, D default
Destination
Nexthop
Protocol Metric Flags
Used
--------------------------------------------------------------------* 127.0.0.1/32
local
0
LHG
n/a
* 172.16.40.77/32
local
0
LHG
n/a
* 172.17.100.210/32
local
0
LHG
n/a
* 172.17.100.0/24
wan
local
1
UL
0
* 20.0.0.0/24
172.17.100.2
static
0
U
0
* 172.16.0.0/16
lan
local
1
UL
6
Basic IP routing configuration task list
238
SmartWare Software Configuration Guide
22 • Basic IP routing configuration
Configuring policy routing
Step
Command
Purpose
1
node(cfg)#context ip router
2
node(ctx-ip)[router]#[no] route destination netmask interface|gateway [metric ] [traffic-class <traffic-class> ]
Enters the IP router
context
Define a static routing
table entry
Where the syntax is:
• destination—The IP address of the target network or subnet.
• Netmask—A network mask where the 1 bits indicate the network or subnet, and the 0 bits indicate the
host portion of the network address provided.
• Interface|gateway—the name of the outgoing interface to use for the target network or subnet, or the IP
address of the outgoing interface
• Metric—(optional) Specifies the desirability of the route when compared against other routes. The range is
0 through 15, where 0 is the preferred route. If no metric is specified, the static route is assumed to have a
metric of 0.
• Traffic class—indicates that this static route is for IP traffic in the following <traffic-class>.” If no trafficclass is specified, the routing table entry is of no traffic-class and is thus valid for packets of all traffic-classes.
Within IP context, IP packets are categorized into traffic-classes which are used as routing criteria. The following traffic-classes are defined:
ß Default:all IP packets that are arriving from the WAN or the LAN and need to be routed through.
ß Local-voice:IP packets that are created within the unit and contain voice data (RTP).
ß Local-default:IP packets that are created within the unit and do not contain voice, e.g., SIP signaling, DNS
lookup, Telnet, etc.
In addition packets can be categorized into user-defined traffic-classes by using ACL.
A routing table entry may or may not have a traffic-class assigned. In the case that a routing table has no traffic-class assigned, it is valid for packets of all traffic-classes. On the other hand, if it does have a traffic-class
assigned, the route is valid is restricted for packets of that given traffic-class.
Consider the following simple routing table example:
----------------------------------------------------------------------------V Destination
TrafficClass
* 172.16.32.0/24
* 127.0.0.0/8
* 0.0.0.0/0
* 0.0.0.0/0
local-voice
Nexthop
Protocol Metric Flags
eth1
local
1
UL
loopback
local
1
UL
172.16.32.1
172.16.32.2
Basic IP routing configuration task list
static
static
0
0
UDG
UDG
239
SmartWare Software Configuration Guide
22 • Basic IP routing configuration
In this routing table two default routes (0.0.0.0/0) are defined. The first default route is valid for packets of the
class local-voice only. The second default route is valid for all packets. Thus voice packets generated locally
(traffic-class local-voice) will travel via the gateway (Nexthop) 172.16.32.1. All other packets will travel via the
gateway (Nexthop) 172.16.32.2.
NOTE: If the second default route was missing, there would be no default route for packets of traffic-class
other than local-voice.
The following modified commands are used with policy routing:
Route—refer to the ‘route’ command in the subsection “Configuring static IP routes” on page 237 in this
chapter.
Ping—refer to the ‘ping’ command described in the subsection “Testing connections with the ping command”
on page 127 in Chapter 10: IP interface configuration.
Traceroute—refer to the ‘traceroute’ command described in the subsection “Traceroute” on page 130 in Chapter 10: IP interface configuration.
Examples
Basic static IP routing example
Figure 37 shows an Internetwork consisting of three routers, a SmartNode device in the middle, and the four
autonomous networks, with network addresses 10.1.5.0/16, 172.16.40.0/24, 172.17.100.0/24, and 10.2.5.0/
16. The SmartNode shall be configured for the following IP routing scenario:
All packets for the Workstation with IP address 10.1.5.10 shall be forwarded to the next-hop router Calvin. All
packets for network 10.2.5.0/16 shall be forwarded to the next-hop router Hobbes.
10.1.5.2/16
172.16.40.2/24
172.17.100.2/24
lan
Hub
Hub
10.2.5.2/16
wan
Node
Node
Calvin
Hobbes
172.16.40.1/24
172.17.100.1/24
10.1.5.10/16
Workstation
Figure 37. Internetwork with three routers and four networks
Examples
240
SmartWare Software Configuration Guide
22 • Basic IP routing configuration
The necessary routing-table entries for the scenario described are listed below.
node>enable
node#configure
node(cfg)#context ip router
node(ctx-ip)[router]# route 10.1.5.10 255.255.255.255 172.16.40.2
node(ctx-ip)[router]# route 10.2.0.0 255.255.0.0 172.17.100.2
node>show ip route
Routes of IP context 'router':
Status codes: * valid, U up, H host, G Gateway, L local, D default
Destination
Nexthop
Protocol Metric Flags
Used
--------------------------------------------------------------------* 127.0.0.1/32
local
0
LHG
n/a
* 172.16.40.1/24
local
0
LHG
n/a
* 172.17.100.1/24
local
0
LHG
n/a
* 172.17.100.0/24
wan
local
1
UL
0
* 172.16.40.0/16
lan
local
1
UL
0
* 10.1.5.10/32
172.16.40.2
static
0
U
0
* 10.2.0.0/16
172.17.100.2
static
0
U
0
Changing the default UDP port range for RTP and RTCP
The UDP port range to be used for RTP streams can be configured using the following procedure:
Mode: context ip
Step
1
Command
[name] (ctx-ip)[router]# rtp-port-range <start-port> <end-port>
Changing the default UDP port range for RTP and RTCP
Purpose
Define the UDP port range
for RTP/RTCP streams.
241
Chapter 23 RIP configuration
Chapter contents
Introduction ........................................................................................................................................................243
Routing protocol .................................................................................................................................................243
RIP configuration task list ...................................................................................................................................244
Enabling send RIP ........................................................................................................................................244
Enabling an interface to receive RIP ..............................................................................................................245
Specifying the send RIP version ....................................................................................................................245
Specifying the receive RIP version .................................................................................................................246
Enabling RIP learning ...................................................................................................................................246
Enabling an interface to receive RIP ..............................................................................................................247
Enabling RIP announcing .............................................................................................................................247
Enabling RIP auto summarization ................................................................................................................248
Specifying the default route metric ................................................................................................................248
Enabling RIP split-horizon processing ...........................................................................................................249
Enabling the poison reverse algorithm ...........................................................................................................249
Enabling holding down aged routes ..............................................................................................................250
Setting the RIP route expiry ..........................................................................................................................250
Displaying RIP configuration of an IP interface ............................................................................................251
Displaying global RIP information ................................................................................................................251
242
SmartWare Software Configuration Guide
23 • RIP configuration
Introduction
This chapter provides an overview of the Routing Information Protocol (RIP) and describes the tasks involved
in configuring RIP features includes the following sections:
• Routing protocol
• RIP configuration task list (see page 244)
RIP is a relatively old but still commonly used interior gateway protocol created for use in small, homogeneous
networks. It is a classical distance-vector routing protocol. RIP is documented in RFC 1058.
RIP uses broadcast User Datagram Protocol (UDP) data packets to exchange routing information. SmartNodes can send routing information updates every 30 seconds, which is termed advertising. If a router does not
receive an update from another router for 180 seconds or more, it marks the routes served by the non-updating
router as being unusable. If there is still no update after 240 seconds, the router removes all routing table
entries for the non-updating router.
The metric that RIP uses to rate the value of different routes is the hop count. The hop count is the number of
routers that can be traversed in a route. A directly connected network has a metric of zero; an unreachable network has a metric of 16. This small range of metrics makes RIP an unsuitable routing protocol for large networks
A SmartNode that is running RIP can receive a default network via an update from another router that is running RIP, or the router can source (generate) the default network itself with RIP. In both cases, the default network is advertised through RIP to other RIP neighbors.
a SmartNode will send and receive RIP information from the specified interface if the following conditions are
met:
• The rip supply flag for a specific interface is enabled
• The rip listen flag for a specific interface is enabled
The default route is learned via a static route and then redistributed into RIP.
RIP sends updates to the specified interfaces. If an interface is not specified, it will not be advertised in any
RIP update.
Routing protocol
Routers exchange information about the most effective path for packet transfer between various end points. There
are a number of different protocols, which have been defined to facilitate the exchange of this information.
Routing Information Protocol (RIP) 1 is the most widely used routing protocol on IP networks. All gateways
and routers that support RIP 1 periodically broadcast routing information packets. These RIP 1 packets contain information concerning the networks that the routers and gateways can reach as well as the number of
routers/gateways that a packet must travel through to reach the receiving address.
RIP 2 is an enhancement of RIP 1 which allows IP subnet information to be shared among routers, and provides for authentication of routing updates. When this protocol is chosen, the router will use the multicast
address 224.0.0.9 to send and/or receive RIP 2 packets for this network interface. As with RIP 1, the router's
routing table will be periodically updated with information received in these packets.
Introduction
243
SmartWare Software Configuration Guide
23 • RIP configuration
RIP 2 is more useful in a variety of environments and allows the use of variable subnet masks on your network.
It is also necessary for implementation of classless addressing as accomplished with CIDR (classless interdomain routing).
It is recommended that RIP 2 be used on any segment where all routers can use the same IP routing protocol.
If one or more routers on a segment must use RIP 1, then all other routers on that segment should also be set
to use RIP 1.
RIP configuration task list
To configure RIP, perform the tasks described in the following sections. The tasks in the first two sections are
required; the tasks in the remaining sections are optional. Most of the RIP commands have the character of a
flag, which is either enabled or disabled.
• Enabling send RIP
• Enabling an interface to receive RIP (see page 245)
• Specifying the send RIP version (see page 245)
• Specifying the receive RIP version (see page 246)
• Enabling RIP learning (see page 246)
• Enabling an interface to receive RIP (see page 247)
• Enabling RIP announcing (see page 247)
• Enabling RIP auto summarization (see page 248)
• Specifying the default route metric (see page 248)
• Enabling RIP split-horizon processing (see page 249)
• Enabling the poison reverse algorithm (see page 249)
• Enabling holding down aged routes (see page 250)
• Displaying RIP Configuration of an IP interface (see page 251)
• Displaying global RIP information (see page 251)
Enabling send RIP
By default an interface does not send any routing information. This procedure describes how to enable sending
RIP packets on interface
Mode: Interface
Step
1
Command
node(if-ip)[name]#rip supply
RIP configuration task list
Purpose
Enables send RIP on interface name
244
SmartWare Software Configuration Guide
23 • RIP configuration
Example: Enabling send RIP
The following example shows how to enable send RIP on IP interface wan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#rip supply
Enabling an interface to receive RIP
By default an interface does not listen to routing information. This procedure describes how to enable interface
to receive RIP information
Mode: Interface
Step
1
Command
node(if-ip)[name]#rip receive
Purpose
Enables receive RIP on interface name
Example: Enabling receive RIP
The following example shows how to enable receive RIP on IP interface wan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#rip receive
Specifying the send RIP version
By default, RIP 1compatible packets are sent. Alternatively, you can explicitly configure the RIP version to be
sent with the last command argument as following:
• 1—RIPv1
• 1compatible—RIPv1 compatible
• 2—RIPv2
This procedure describes how to select the sending RIP version on interface
Mode: Interface
Step
1
Command
Purpose
node(if-ip)[name]# rip send version {1 | 1compatible | 2} Selects send RIP version for interface name
Example: Specifying the send RIP
The following example shows how to select send RIP version 1compatible on IP interface wan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#rip send version 1compatible
RIP configuration task list
245
SmartWare Software Configuration Guide
23 • RIP configuration
Specifying the receive RIP version
By default, RIP version 1 and version 2 packets are received. Alternatively, you can explicitly configure the RIP
version to be received with the last command argument as following:
• 1—to receive RIP version 1 packets
• 1or2—to receive RIP version 1 and version 2 packets
• 2—to receive RIP version 2 packets
This procedure describes how to set receiving RIP version on an interface
Mode: Interface
Step
1
Command
Purpose
node(if-ip)[name]# rip receive version {1 | 1or2 | 2} Selects receive RIP version for interface
name
Example: Specifying the receive RIP
The following example shows how to select receive RIP version 1or2 on IP interface wan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#rip receive version 1or2
Enabling RIP learning
A new route is added to the local routing table, if the routing update contains a route to a destination that does
not already exist. If the update describes a route whose destination is already in the local table, the new route is
used only if it has a lower cost. The cost of a route is determined by adding the cost of reaching the gateway
that sent the update to the metric contained in the RIP update packet. If the total metric is less than the metric
of the current route, the new route is used. Two RIP learning mechanisms are offered, which are represented by
a specific argument of the command rip learn:
• host—for RIP learn host and
• default—for RIP learn default
See the following sections on how to configure those two RIP learning mechanisms.
This procedure describes how to enable accepting of IP host and default routes received on an interface for
RIP learning
Mode: Interface
Step
1
2
Command
Purpose
node(if-ip)[name]# rip learn host
Enables accepting of IP host routes received on interface
name
node(if-ip)[name]#rip learn default Enables learning using a default route advertised by an RIP
neighbor on interface name
Example: Enabling RIP learn host and default
RIP configuration task list
246
SmartWare Software Configuration Guide
23 • RIP configuration
The following example shows how to enable RIP learn host and default on IP interface wan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#rip learn host
node(if-ip)[wan]#rip learn default
Enabling an interface to receive RIP
This procedure describes how to enable receive RIP on an IP interface
Mode: Interface
Step
1
Command
Purpose
node(if-ip)[name]#rip listen
Enables receive RIP on IP interface name
Example: Enables an interface to receive RIP
The following example shows how to enable receive RIP for IP interface lan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface lan
node(if-ip)[lan]#rip listen
Enabling RIP announcing
The RIP protocol supports announcing features, which are used to proclaim specific routing information to
other elements in a network. The RIP announcing command is used for this purpose and offers options for
• default—for RIP default routes,
• host—for IP host routes,
• self-as-default—for self as RIP default routes and
• static—for static IP routes.
Depending on the RIP announcing method the last option for the command in 3 must be explicitly selected. It
is possible to have more than one RIP announcing method enabled concurrently.
This procedure describes how to enable RIP announcing on an interface
Mode: Interface
Step
1
Command
node(if-ip)[name]#rip announce {default | host | selfas-default | static}
Purpose
Selects the RIP announcing
method on interface name
Example: Enabling RIP announcing
The following example shows how to enable the RIP default routes and IP host routes RIP announcing
method on IP interface wan.
RIP configuration task list
247
SmartWare Software Configuration Guide
23 • RIP configuration
node(cfg)#context ip router
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#rip announce default
node(if-ip)[wan]#rip announce host
Enabling RIP auto summarization
Summarizing routes in RIP Version 2 improves scalability and efficiency in large networks.
Auto-summarization attempts to automatically summarize groups of adjacent routes into single entries, the
goal being to reduce the total number of entries in the RIP routing table, reducing the size of the table and
allowing the router to handle more routes.
RIP auto-summarization (automatic network number summarization) is disabled by default. With auto-summarization, the SmartNode summarizes sub prefixes to the Class A, Class B, and Class C network boundary
when class network boundaries are crossed.
This procedure describes how to enable RIP auto-summarization on an interface
Mode: Interface
Step
1
Command
Purpose
node(if-ip)[name]#rip auto-summary Enables RIP auto-summarization on interface name
Example: Enabling RIP auto-summarization
The following example shows how to enable auto-summarization on IP interface wan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#rip auto-summary
Specifying the default route metric
RIP uses a single routing metric (hop count) to measure the distance between the source and a destination network. Each hop in a path from source to destination is assigned a hop-count value, which is typically 1. When
a SmartNode receives a routing update that contains a new or changed destination-network entry, the SmartNode adds one to the metric value indicated in the update and enters the network in the routing table. The IP
address of the sender is used as the next hop.
RIP prevents routing loops from continuing indefinitely by implementing a limit on the number of hops
allowed in a path from the source to a destination. The maximum number of hops in a path is 15. If a SmartNode receives a routing update that contains a new or changed entry, and if increasing the metric value by one
causes the metric to be infinity (i.e. 16), the network destination is considered unreachable.
Because metrics cannot be directly compared, you must specify the default metric in order to designate the cost
of the redistributed route used in RIP updates. All routes that are redistributed will use the default metric.
Setting the default route metric, which is a number, indicating the distance to the destination network element, e.g. another router or SmartNode in a network, is possible with the rip default-route-value command.
The value is between 1 and 15 for a valid route, or 16 for an unreachable route.
This procedure describes how to set the routing metric on an interface
RIP configuration task list
248
SmartWare Software Configuration Guide
23 • RIP configuration
Mode: Interface
Step
1
Command
Purpose
node(if-ip)[name]#rip default-route-value value Sets the routing metric to value indicating the
distance to the destination on interface name
Example: Specifying the default route metric
The following example shows how to set the routing metric to 4 on IP interface wan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#rip default-route-value 4
Enabling RIP split-horizon processing
Normally, routers that are connected to broadcast-type IP networks and that use distance-vector routing protocols employ the split horizon mechanism to reduce the possibility of routing loops. Split horizon blocks information about routes from being advertised by a router out of any interface from which that information
originated. This behavior usually optimizes communications among multiple routers, particularly when links
are broken. However, with non-broadcast networks (such as Frame Relay), situations can arise for which this
behavior is less than ideal. For these situations, you might want to disable split horizon for RIP.
This procedure describes how to enable split horizon on an interface
Mode: Interface
Step
1
Command
node(if-ip)[name]#rip split-horizon
Purpose
Enables RIP split-horizon processing on interface name
Example: Enabling RIP split-horizon processing
The following example shows how to enable split horizon on IP interface wan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#rip split-horizon
Enabling the poison reverse algorithm
Normally, RIP uses a technique called split horizon to avoid routing loops and allow smaller update packets.
This technique specifies that when the router sends a RIP update out a particular network interface, it should
never include routing information acquired over that same interface.
There is a variation of the split horizon technique called poison reverse which specifies that all routes should be
included in an update out a particular interface, but that the metric should be set to infinity for those routes
acquired over that interface. Poison reverse updates are then sent to remove the route and place it in holddown. One drawback is that routing update packet sizes will be increased when using poison reverse.
This procedure describes how to enable the poison reverse algorithm on an interface
RIP configuration task list
249
SmartWare Software Configuration Guide
23 • RIP configuration
Mode: Interface
Step
1
Command
Purpose
node(if-ip)[name]#rip poison-reverse Enables the poison reverse algorithm on interface name
Example: Enabling the poison reverse algorithm
The following example shows how to enable the poison reverse algorithm on IP interface wan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#rip poison-reverse
Enabling holding down aged routes
Holding down or locking aged routes learned from RIP packets on the specified interface helps, if an aged
route cannot be refreshed to a non-aged status but must be deleted and then relearned. Enabling this function
enhances the stability of the RIP topology in the presence of transients.
This procedure describes how to enable holding down of aged routes on an interface
Mode: Interface
Step
1
Command
Purpose
node(if-ip)[name]#rip route-holddown Enables holding down aged routes on interface name
Example: Enabling holding down aged routes
The following example shows how to enable holding down of aged routes on IP interface wan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#rip route-holddown
Setting the RIP route expiry
The rip route-expiry command sets the route expiry timeout for routes learned from RIP.
Mode: interface ip
Step
1
Command
node(if-ip)[name]#rip route-expiry
[1...3600]
RIP configuration task list
Purpose
Sets the RIP route expiry timeout.
Default: 180 seconds
250
SmartWare Software Configuration Guide
23 • RIP configuration
Displaying RIP configuration of an IP interface
Displaying the RIP configuration of an IP interface is useful to list the settings. This procedure describes how
to display the RIP configuration of an interface
Mode: Interface
Step
1
Command
Purpose
node(if-ip)[name]#show rip interface ifname Displays the RIP binding of an IP interface on
name
Example: Displaying RIP configuration of an IP interface
The following example shows how to display the RIP configuration of IP interface wan.
node(cfg)#context ip router
node(ctx-ip)[router]#interface wan
node(if-ip)[wan]#show rip interface wan
Interface wan (IP context router):
-------------------------------------------------listen: disabled
supply: enabled
send version: 1compatible
receive version: 1or2
learn host: disabled
learn default: disabled
announce host: disabled
announce static: disabled
announce default: disabled
announce self-as-default: disabled
route-holddown: enabled
poison-reverse: disabled
auto-summary: disabled
split-horizon: disabled
default-route-value: 0
--------------------------------------------------
Displaying global RIP information
SmartWare also support displaying global RIP information for the IP router context. This procedure describes
how to display the global RIP information
Mode: Configure
Step
1
Command
node(cfg)#show rip
Purpose
Displays the RIP information
Example: Displaying global RIP information
The following example shows how to display the global RIP information.
node(cfg)#show rip
RIP information:
RIP configuration task list
251
SmartWare Software Configuration Guide
23 • RIP configuration
rip enabled
RIP configuration task list
252
Chapter 24 Access control list configuration
Chapter contents
Introduction ........................................................................................................................................................254
About access control lists .....................................................................................................................................254
What access lists do .......................................................................................................................................254
Why you should configure access lists ...........................................................................................................254
When to configure access lists .......................................................................................................................255
Features of access control lists .......................................................................................................................255
Access control list configuration task list..............................................................................................................256
Mapping out the goals of the access control list .............................................................................................256
Creating an access control list profile and enter configuration mode .............................................................257
Adding a filter rule to the current access control list profile ...........................................................................257
Adding an ICMP filter rule to the current access control list profile ..............................................................259
Adding a TCP, UDP or SCTP filter rule to the current access control list profile .........................................261
Binding and unbinding an access control list profile to an IP interface ..........................................................263
Displaying an access control list profile .........................................................................................................264
Debugging an access control list profile .........................................................................................................264
Examples .............................................................................................................................................................266
Denying a specific subnet ..............................................................................................................................266
253
SmartWare Software Configuration Guide
24 • Access control list configuration
Introduction
This chapter provides an overview of IP Access Control Lists and describes the tasks involved in configuring
them.
This chapter includes the following sections:
• About access control lists
• Access control list configuration task list (see page 256)
• Examples (see page 266)
About access control lists
This section briefly describes what access lists do, why and when you should configure access lists, and basic
versus advanced access lists.
What access lists do
Access lists filter network traffic by controlling whether routed packets are forwarded, dropped or blocked at
the router's interfaces. Your router examines each packet to determine whether to forward or drop the packet,
based on the criteria you specified within the access lists.
Access list criteria could be the source address of the traffic, the destination address of the traffic, the upperlayer protocol, or other information.
Note
Sophisticated users can sometimes successfully evade or fool basic access lists
because no authentication is required.
Why you should configure access lists
There are many reasons to configure access lists. For example, you can use access lists to restrict contents of
routing updates, or to provide traffic flow control. But one of the most important reasons to configure access
lists is to provide security for your network, and this is the reason explored in this chapter.
You should use access lists to provide a basic level of security for accessing your network. If you do not configure
access lists on your router, all packets passing through the router could be allowed onto all parts of your network.
Introduction
254
SmartWare Software Configuration Guide
24 • Access control list configuration
For example, access lists can allow one host to access a part of your network, and prevent another host from
accessing the same area. In figure 38 host A is allowed to access the Human Resources network and host B is
prevented from accessing the Human Resources network.
Host A
Node
Node
Host B
Human
Resource
Network
Research &
Development
Network
Figure 38. Using traffic filters to prevent traffic from being routed to a network
You can also use access lists to decide which types of traffic are forwarded or blocked at the router interfaces.
For example, you can permit e-mail traffic to be routed but at the same time block all Telnet traffic.
When to configure access lists
Access lists should be used in firewall routers, which are often positioned between your internal network and an
external network such as the Internet. You can also use access lists on a router positioned between two parts of
your network, to control traffic entering or exiting a specific part of your internal network.
To provide the security benefits of access lists, you should configure access lists at least on border routers, i.e.
those routers situated at the edges of your networks. This provides a basic buffer from the outside network or
from a less controlled area of your own network into a more sensitive area of your network.
On these routers, you should configure access lists for each network protocol configured on the router interfaces.
You can configure access lists so that inbound traffic or outbound traffic or both are filtered on an interface.
Features of access control lists
The following features apply to all IP access control lists:
• A list may contain multiple entries. The order access of control list entries is significant. Each entry is processed in the order it appears in the configuration file. As soon as an entry matches, the corresponding
action is taken and no further processing takes place.
About access control lists
255
SmartWare Software Configuration Guide
24 • Access control list configuration
• All access control lists have an implicit deny ip any any at the end. A packet that does not match the criteria
of the first statement is subjected to the criteria of the second statement and so on until the end of the access
control list is reached, at which point the packet is dropped.
• Filter types include IP, Internet Control Message Protocol (ICMP), Transmission Control Protocol (TCP),
User Datagram Protocol (UDP), and Stream Control Transmission Protocol (SCTP).
• An empty access control list is treated as an implicit deny ip any any list.
Note
Two or more administrators should not simultaneously edit the configuration file. This is especially the case with access lists. Doing this can have
unpredictable results.
Once in access control list configuration mode, each command creates a statement in the access control list.
When the access control list is applied, the action performed by each statement is one of the following:
• permit statement causes any packet matching the criteria to be accepted.
• deny statement causes any packet matching the criteria to be dropped.
To delete an entire access control list, enter configuration mode and use the no form of the profile acl command, naming the access list to be deleted, e.g. no profile acl name. To unbind an access list from the interface
to which it was applied, enter the IP interface mode and use the no form of the access control list command.
Access control list configuration task list
To configure an IP access control list, perform the tasks in the following sections.
• Mapping out the goals of the access control list
• Creating an access control list profile and enter configuration mode (see page 257)
• Adding a filter rule to the current access control list profile (see page 257)
• Adding an ICMP filter rule to the current access control list profile (see page 259)
• Adding a TCP, UDP or SCTP filter rule to the current access control list profile (see page 261)
• Binding and unbinding an access control list profile to an IP interface (see page 263)
• Displaying an access control list profile (see page 264)
• Debugging an access control list profile (see page 264)
Mapping out the goals of the access control list
To create an access control list you must:
• Specify the protocol to be filtered
• Assign a unique name to the access list
• Define packet-filtering criteria
A single access control list can have multiple filtering criteria statements.
Access control list configuration task list
256
SmartWare Software Configuration Guide
24 • Access control list configuration
Before you begin to enter the commands that create and configure the IP access control list, be sure that you
are clear about what you want to achieve with the list. Consider whether it is better to deny specific accesses
and permit all others or to permit specific accesses and deny all others.
Note
Since a single access control list can have multiple filtering criteria statements, but editing those entries online can be tedious. Therefore, we recommend editing complex access control lists offline within a configuration file
and downloading the configuration file later via TFTP to your
SmartNode device.
Creating an access control list profile and enter configuration mode
This procedure describes how to create an IP access control list and enter access control list configuration mode
Mode: Administrator execution
Step
1
Command
Purpose
node(cfg)#profile acl name Creates the access control list profile name and enters the configuration mode for this list
name is the name by which the access list will be known. Entering this command puts you into access control list
configuration mode where you can enter the individual statements that will make up the access control list.
Use the no form of this command to delete an access control list profile. You cannot delete an access control
list profile if it is currently linked to an interface. When you leave the access control list configuration mode,
the new settings immediately become active.
Example: Create an access control list profile
In the following example the access control list profile named WanRx is created and the shell of the access control list configuration mode is activated.
node>enable
node#configure
node(cfg)#profile acl WanRx
node(pf-acl)[WanRx]#
Adding a filter rule to the current access control list profile
The commands permit or deny are used to define an IP filter rule. This procedure describes how to create an
IP access control list entry that permits access
Mode: Profile access control list
Step
1
Command
node(pf-acl)[name]#permit ip {src src-wildcard | any |
host src} {dest dest-wildcard | any | host dest} [cos group]
Purpose
Creates an IP access of control list
entry that permits access defined
according to the command
options
This procedure describes how to create an IP access control list entry that denies access
Access control list configuration task list
257
SmartWare Software Configuration Guide
24 • Access control list configuration
Mode: Profile access control list
Step
1
Command
Purpose
node(pf-acl)[name]#deny ip {src src-wildcard | any | host Creates an IP access of control list
src} {dest dest-wildcard | any | host dest} [cos group]
entry that denies access defined
according to the command
options
Where the syntax is:
Keyword
Meaning
src
The source address to be included in the rule. An IP address in dotted-decimal-format,
e.g. 64.231.1.10.
src-wildcard A wildcard for the source address. Expressed in dotted-decimal format this value specifies
which bits are significant for matching. One-bits in the wildcard indicate that the corresponding bits are ignored. An example for a valid wildcard is 0.0.0.255, which specifies a class C network.
any
Indicates that IP traffic to or from all IP addresses is to be included in the rule.
host src
The address of a single source host.
dest
The destination address to be included in the rule. An IP address in dotted-decimal-format, e.g. 64.231.1.10.
dest-wildcard A wildcard for the destination address. See src-wildcard
host dest
The address of a single destination host.
cos
Optional. Specifies that packets matched by this rule belong to a certain Class of Service
(CoS). For detailed description of CoS configuration refer to chapter 13, “Link scheduler
configuration” on page 151.
group
CoS group name.
If you place a deny ip any any rule at the top of an access control list profile, no packets will pass regardless of
the other rules you defined.
Example: Create IP access control list entries
Select the access-list profile named WanRx and create some filter rules for it.
node(cfg)#profile acl WanRx
node(pf-acl)[WanRx]#permit ip host 62.1.2.3 host 193.14.2.11 cos Urgent
node(pf-acl)[WanRx]#permit ip 62.1.2.3 0.0.255.255 host 193.14.2.11
node(pf-acl)[WanRx]#permit ip 97.123.111.0 0.0.0.255 host 193.14.2.11
node(pf-acl)[WanRx]#deny ip any any
node(pf-acl)[WanRx]#exit
node(cfg)#
Access control list configuration task list
258
SmartWare Software Configuration Guide
24 • Access control list configuration
Adding an ICMP filter rule to the current access control list profile
The command permit or deny are used to define an ICMP filter rule. Each ICMP filter rule represents an
ICMP access of control list entry.
This procedure describes how to create an ICMP access control list entry that permits access
Mode: Profile access control list
Step
1
Command
Purpose
node(pf-acl)[name]#permit icmp {src src-wildcard | any | Creates an ICMP access of conhost src} {dest dest-wildcard | any | host dest} [msg name | trol list entry that permits access
type type | type type code code] [cos group]
defined according to the command options
This procedure describes how to create an ICMP access control list entry that denies access
Mode: Profile access control list
Step
1
Command
Purpose
node(pf-acl)[name]#deny icmp {src src-wildcard | Creates an ICMP access of control list
any | host src} {dest dest-wildcard | any | host dest} entry that denies access defined accord[msg name | type type | type type code code] [cos ing to the command options
group]
Access control list configuration task list
259
SmartWare Software Configuration Guide
24 • Access control list configuration
Where the syntax is as following:
Keyword
Meaning
src
The source address to be included in the rule. An IP address in dotted-decimal-format, e.g.
64.231.1.10.
src-wildcard A wildcard for the source address. Expressed in dotted-decimal format this value specifies
which bits are significant for matching. One-bits in the wildcard indicate that the corresponding bits are ignored. An example for a valid wildcard is 0.0.0.255, which specifies
a class C network.
any
Indicates that IP traffic to or from all IP addresses is to be included in the rule.
host src
The address of a single source host.
dest
The destination address to be included in the rule. An IP address in dotted-decimal-format,
e.g. 64.231.1.10
dest-wildcard A wildcard for the destination address. See src-wildcard.
host dest
The address of a single destination host.
msg name
The ICMP message name. The following are valid message names:
type type
code code
cos
group
administratively-prohibited, alternate-address, conversion-error, dod-host-prohibited, dodnet-prohibited, echo, echo-reply, general-parameter-problem, host-isolated, host-precedence-unreachable, host-redirect, host-tos-redirect, host-tos-unreachable, host-unknown,
host-unreachable, information-reply, information-request, mask-reply, mask-request, mobileredirect, net-redirect, net-tos-redirect, net-tos-unreachable, net-unreachable, networkunknown, no-room-for-option, option-missing, packet-too-big, parameter-problem, portunreachable, precedence-unreachable, protocol-unreachable, reassembly-timeout, redirect,
router-advertisement, router-solicitation, source-quench, source-route-failed, time-exceeded,
timestamp-reply, timestamp-request, traceroute, ttl-exceeded, unreachable
The ICMP message type. A number from 0 to 255 (inclusive)
The ICMP message code. A number from 0 to 255 (inclusive)
Optional. Specifies that packets matched by this rule belong to a certain Class of Service
(CoS). For detailed description of CoS configuration refer to chapter 13, “Link scheduler
configuration” on page 151.
CoS group name.
If you place a deny ip any any rule at the top of an access-list profile, no packets will pass regardless of the other
rules you defined.
Example: Create ICMP access control list entries
Select the access-list profile named WanRx and create the rules to filter all ICMP echo requests (as used by the
ping command).
node(cfg)#profile acl WanRx
node(pf-acl)[WanRx]#deny icmp any any type 8 code 0
node(pf-acl)[WanRx]#exit
node(cfg)#
Access control list configuration task list
260
SmartWare Software Configuration Guide
24 • Access control list configuration
The same effect can also be obtained by using the simpler message name option. See the following example.
node(cfg)#profile acl WanRx
node(pf-acl)[WanRX]#deny icmp any any msg echo
node(pf-acl)[WanRX]#exit
node(cfg)#
Adding a TCP, UDP or SCTP filter rule to the current access control list profile
The commands permit or deny are used to define a TCP, UDP or SCTP filter rule. Each TCP, UDP or SCTP
filter rule represents a respective access of control list entry.
This procedure describes how to create a TCP, UDP or SCTP access control list entry that permits access
Mode: Profile access control list
Step
Command
Purpose
1
node(pf-acl)[name]#permit {tcp | udp | sctp} {src src-wildcard | any | host src} [{eq port | gt port | lt port | range
from to}] {dest dest-wildcard | any | host dest} [{eq port | gt
port | lt port | range from to}] [{cos group | cos-rtp groupdata group-ctrl}]
Creates a TCP, UDP or SCTP
access of control list entry that
permits access defined according
to the command options
This procedure describes how to create a TCP, UDP or SCTP access control list entry that denies access
Mode: Profile access control list
Step
1
Command
node(pf-acl)[name]#deny {tcp | udp | sctp} {src srcwildcard | any | host src} [{eq port | gt port | lt port |
range from to}] {dest dest-wildcard | any | host dest} [{eq
port | gt port | lt port | range from to}] [{cos group | cosrtp group-data group-ctrl}]
Access control list configuration task list
Purpose
Creates a TCP, UDP or SCTP
access of control list entry that
denies access defined according
to the command options
261
SmartWare Software Configuration Guide
24 • Access control list configuration
Where the syntax is:
Keyword
Meaning
src
The source address to be included in the rule. An IP address in dotted-decimal-format,
e.g. 64.231.1.10.
src-wildcard A wildcard for the source address. Expressed in dotted-decimal format this value specifies
which bits are significant for matching. One-bits in the wildcard indicate that the corresponding bits are ignored. An example for a valid wildcard is 0.0.0.255, which specifies a class C network.
any
Indicates that IP traffic to or from all IP addresses is to be included in the rule.
host src
The address of a single source host.
eq port
Optional. Indicates that a packets port must be equal to the specified port in order to
match the rule.
lt port
Optional. Indicates that a packets port must be less than the specified port in order to
match the rule.
gt port
Optional. Indicates that a packets port must be greater than the specified port in order to
match the rule
range from to Optional. Indicates that a packets port must be equal or greater than the specified from
port and less than the specified to port to match the rule.
dest
The destination address to be included in the rule. An IP address in dotted-decimal-format, e.g. 64.231.1.10.
dest-wildcard A wildcard for the destination address. See src-wildcard.
host dest
The address of a single destination host.
cos
Optional. Specifies that packets matched by this rule belong to a certain Class of Service
(CoS). For detailed description of CoS configuration refer to chapter 13, “Link scheduler
configuration” on page 151.
cos-rtp
group
group-data
group-ctrl
Optional. Specifies that the rule is intended to filter RTP/RTCP packets. In this mode you
can specify different CoS groups for data packets (even port numbers) and control packets (odd port numbers). Note: this option is only valid when protocol UDP is selected.
CoS group name.
CoS group name for RTP data packets. Only valid when the rtp option has been specified
CoS group name for RTCP control packets. Only valid when the rtp option has been specified.
Example: Create TCP, UDP or SCTP access control list entries
Select the access-list profile named WanRx and create the rules for:
Permitting any TCP traffic to host 193.14.2.10 via port 80, and permitting UDP traffic from host 62.1.2.3 to
host 193.14.2.11 via any port in the range from 1024 to 2048.
node(cfg)#profile acl WanRx
node(pf-acl)[WanRx]#permit tcp any host 193.14.2.10 eq 80
node(pf-acl)[WanRx]#permit udp host 62.1.2.3 host 193.14.2.11 range 1024 2048
node(pf-acl)[WanRx]#exit
node(cfg)#
Access control list configuration task list
262
SmartWare Software Configuration Guide
24 • Access control list configuration
Binding and unbinding an access control list profile to an IP interface
The command use is used to bind an access control list profile to an IP interface. This procedure describes how
to bind an access control list profile to incoming packets on an IP interface
Mode: Profile access control list
Step
1
Command
Purpose
node(if-ip)[if-name]#use profile acl name in
Binds access control list profile name to incoming packets on IP interface if-name
Where the syntax is:
Keyword
if-name
name
in
out
Meaning
The name of the IP interface to which an access control list profile gets bound
The name of an access control list profile that has already been created using the profile acl
command. This argument must be omitted in the no form
Specifies that the access control list profile applies to incoming packets on this interface.
Specifies that the access control list applies to outgoing packets on this interface.
The no form of the use command is used to unbind an access control list profile from an interface. When
using this form the name of an access control list profile, represented by the name argument above, is not
required. This procedure describes how to unbind an access control list profile to incoming packets on an IP
interface
Mode: Interface
Step
1
Command
node(if-ip)[if-name]#no use profile acl in
Purpose
Unbinds access control list profile for incoming packets on IP interface if-name
Where the syntax is:
Keyword
if-name
in
out
Meaning
The name of the IP interface to which an access control list profile gets bound
Specifies that the access control list profile applies to incoming packets on this interface.
Specifies that the access control list applies to outgoing packets on this interface.
Thus for each IP interface only one incoming and outgoing access control list can be active at the same time.
Example: Bind and unbind an access control list entries to an IP interface
Bind an access control list profile to incoming packets on the interface wan in the IP router context.
node(cfg)#context ip router
node(cfg-ip)[router]#interface wan
node(cfg-if)[wan]#use profile acl WanRx in
Access control list configuration task list
263
SmartWare Software Configuration Guide
24 • Access control list configuration
Unbind an access control list profile from an interface.
node(cfg)#context ip router
node(cfg-ip)[router]#interface wan
node(cfg-if)[wan]#no use profile acl in
Note
When unbinding an access control list profile the name argument is not
required, since only one incoming and outgoing access control list can be
active at the same time on a certain IP interface.
Displaying an access control list profile
The show profile acl command displays the indicated access control list profile. If no specific profile is selected
all installed access control list profiles are shown. If an access control list is linked to an IP interface the number
of matches for each rule is displayed. If the access control list profile is linked to more than one IP interface, it
will be shown for each interface.
This procedure describes how to display a certain access control list profile
Mode: Administrator execution or any other mode, except the operator execution mode
Step
1
Command
Purpose
node#show profile acl name
Displays the access control list profile name
Example: Displaying an access control list entries
The following example shows how to display the access control list profile named WanRx.
node#show profile acl WanRx
IP access-list WanRx. Linked to router/wan/in.
deny icmp any any msg echo
permit ip 62.1.2.3 0.0.255.255 host 193.14.2.11
permit ip 97.123.111.0 0.0.0.255 host 193.14.2.11
permit tcp any host 193.14.2.10 eq 80
permit udp host 62.1.2.3 host 193.14.2.11 range 1024 2048
deny ip any any
Debugging an access control list profile
The debug acl command is used to debug the access control list profiles during system operation. Use the no
form of this command to disable any debug output.
This procedure describes how to debug the access control list profiles
Mode: Administrator execution or any other mode, except the operator execution
Step
1
Command
node#debug acl
Purpose
Enables access control list debug monitor
This procedure describes how to activate the debug level of an access control list profiles for a specific interface.
Access control list configuration task list
264
SmartWare Software Configuration Guide
24 • Access control list configuration
Mode: Interface
Step
Command
Purpose
1
2
node(cfg)#context ip router
node(ctx-ip)[router]#interface if-name
3
node(if-ip)[if-name]#debug acl {in | out} [level]
Selects the IP router context
Selects IP interface if-name for which access
control list profile shall be debugged
Enables access control list debug monitor
with a certain debug level for the selected
interface if-name
Where the syntax is:
Keyword
if-name
level
in
out
Meaning
The name of the IP interface to which an access control list profile gets bound
The detail level. Level 0 disables all debug output, level 7 shows all debug output.
Specifies that the settings for incoming packets are to be changed.
Specifies that the settings for outgoing packets are to be changed.
Example: Debugging access control list profiles
The following example shows how to enable debugging for incoming traffic of access control lists on interface
wan. On level 7 all debug output is shown.
node(cfg)#context ip router
node(cfg-ip)[router]#interface wan
node(cfg-if)[wan]#debug acl in 7
The following example enables the debug monitor for access control lists globally.
node#debug acl
The following example disables the debug monitor for access control lists globally.
node#no debug acl
Access control list configuration task list
265
SmartWare Software Configuration Guide
24 • Access control list configuration
Examples
Denying a specific subnet
Figure 39 shows an example in which a server attached to network 172.16.1.0 shall not be accessible from outside
networks connected to IP interface lan. To prevent access, an incoming filter rule named Jamming is defined,
which blocks any IP traffic from network 172.16.2.0 and has to be bound to IP interface lan.
172.16.1.0
172.16.2.0
secure
lan
Node
Node
172.16.1.1/24
172.16.2.1/24
Host
Server
172.16.2.13/24
Figure 39. Deny a specific subnet on an interface
The commands that have to be entered are listed below.
172.16.2.1>enable
172.16.2.1#configure
172.16.2.1(cfg)#profile acl Jamming
172.16.2.1(pf-acl)[Jamming]#deny ip 172.16.2.0 0.0.0.255 172.16.1.0 0.0.0.255
172.16.2.1(pf-acl)[Jamming]#permit ip any any
172.16.2.1(pf-acl)[Jamming]#exit
172.16.2.1(cfg)#context ip router
172.16.2.1(cfg-ip)[router]#interface lan
172.16.2.1(if-ip)[lan]#use profile acl Jamming in
172.16.2.1(if-ip)[lan]#exit
172.16.2.1(cfg-ip)#copy running-config startup-config
Examples
266
Chapter 25 SNMP configuration
Chapter contents
Introduction ........................................................................................................................................................268
Simple Network Management Protocol (SNMP) ................................................................................................268
SNMP basic components ..............................................................................................................................268
SNMP basic commands ................................................................................................................................268
SNMP management information base (MIB) ...............................................................................................269
Network management framework .................................................................................................................269
Identification of a SmartNode via SNMP............................................................................................................269
SNMP tools.........................................................................................................................................................270
SNMP configuration task list ..............................................................................................................................270
Setting basic system information..........................................................................................................................270
Setting access community information ................................................................................................................272
Setting allowed host information .........................................................................................................................274
Specifying the default SNMP trap target .............................................................................................................274
Displaying SNMP related information ................................................................................................................275
Using the AdventNet SNMP utilities ..................................................................................................................275
Using the MibBrowser ..................................................................................................................................276
Using the TrapViewer ...................................................................................................................................277
Standard SNMP version 1 traps...........................................................................................................................279
SNMP interface traps ..........................................................................................................................................280
267
SmartWare Software Configuration Guide
25 • SNMP configuration
Introduction
This chapter provides overview information about Simple Network Management Protocol (SNMP) and
describes the tasks used to configure those of its features supported.
This chapter includes the following sections:
• Simple Network Management Protocol (SNMP)
• SNMP tools (see page 270)
• SNMP configuration task list (see page 270)
• Using the AdventNet SNMP utilities (see page 275)
• Standard SNMP version 1 traps (see page 279)
Simple Network Management Protocol (SNMP)
The Simple Network Management Protocol (SNMP) is an application-layer protocol that facilitates the
exchange of management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) suite. SNMP enables network administrators to manage network performance,
find and solve network problems, and plan for network growth.
SNMP basic components
An SNMP managed network consists of three key components: managed devices, agents, and network-management systems (NMSs).
A managed device is a network SN that contains an SNMP agent and resides on a managed network. Managed
devices collect and store management information and make this information available to NMSs using SNMP.
Managed devices, sometimes called network elements, can be routers and access servers, switches and bridges,
hubs, computer hosts, or printers.
An agent is a network-management software module that resides in a managed device. An agent has local
knowledge of management information and translates that information into a form compatible with SNMP.
An NMS executes applications that monitor and control managed devices. NMSs provide the bulk of the processing and memory resources required for network management. One or more NMSs must exist on any managed network.
SNMP basic commands
Managed devices are monitored and controlled using four basic SNMP commands: read, write, trap, and traversal operations.
• The read command is used by an NMS to monitor managed devices. The NMS examines different variables that are maintained by managed devices.
• The write command is used by an NMS to control managed devices. The NMS changes the values of variables stored within managed devices.
• The trap command is used by managed devices to asynchronously report events to the NMS. When certain
types of events occur, a managed device sends a trap to the NMS.
Introduction
268
SmartWare Software Configuration Guide
25 • SNMP configuration
• Traversal operations are used by the NMS to determine which variables a managed device supports and to
sequentially gather information in variable tables, such as a routing table.
SNMP management information base (MIB)
A Management Information Base (MIB) is a collection of information that is organized hierarchically. MIBs
are accessed using a network-management protocol such as SNMP. They are comprised of managed objects
and are identified by object identifiers.
Managed objects are accessed via a virtual information store, termed the Management Information Base or
MIB. Objects in the MIB are defined using the subset of abstract syntax notation one (ASN.1) defined in the
SMI. In particular, an object identifier, an administratively assigned name, names each object type. The object
type together with an object instance serves to uniquely identify a specific instantiation of the object. For
human convenience, a textual string, termed the descriptor, to refer to the object type, is often used.
An object identifier (OID) world-wide identifies a managed object in the MIB hierarchy. The MIB hierarchy
can be depicted as a tree with a nameless root, the levels of which are assigned by different organizations.
Network management framework
This section provides a brief overview of the current SNMP management framework. An overall architecture is
described in RFC 2571 “An Architecture for Describing SNMP Management Frameworks”. The SNMP management framework has several components:
• Mechanisms for describing and naming objects and events for the purpose of management. The first version, Structure of Management Information (SMIv1) is described in RFC 1155 “Structure and Identification of Management Information for TCP/IP-based Internets”, RFC 1212 “Concise MIB Definitions”,
RFC 1213 “Management Information Base for Network Management of TCP/IP-based Internets: MIBII”, and RFC 1215 “A Convention for Defining Traps for use with the SNMP”. The second version,
SMIv2, is described in RFC 2233 “The Interfaces Group MIB using SMIv2”, RFC 2578 “Structure of
Management Information Version 2 (SMIv2)”, RFC 2579 “Textual Conventions for SMIv2”, and RFC
2580 “Conformance Statements for SMIv2”.
• Message protocols for transferring management information. The first version, SNMPv1, is described in
RFC 1157 “A Simple Network Management Protocol (SNMP).” The second version, SNMPv2, which is
not an Internet standards track protocol, is described in RFC 1901 “Introduction to Community-Based
SNMPv2” and RFC 1906 “Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)”.
• Protocol operations for accessing management information. The first set of protocol operations and associated protocol data unit (PDU) formats is described in RFC 1157. The second set of protocol operations
and associated PDU formats is described in RFC 1905 “Protocol Operations for Version 2 of the Simple
Network Management Protocol (SNMPv2)”.
• A set of fundamental applications described in RFC 2573 “SNMP Applications” and the view-based access
control mechanism described in RFC 2575 “View-Based Access Control Model (VACM) for the Simple
Network Management Protocol (SNMP)”.
Identification of a SmartNode via SNMP
All product models have assigned sysObjectID.
Refer to the getting started guide of your product, or see the MIB definition file (.my) for sysObjectIDs.
Identification of a SmartNode via SNMP
269
SmartWare Software Configuration Guide
IMPORTANT
25 • SNMP configuration
The SNMP agent running in SmartWare is SNMP version 1
(SNMPv1) compliant. SNMP version 2 (SNMPv2) and SNMP
version 3 (SNMPv3) are not currently supported.
SNMP tools
Patton recommends the AdventNet MibBrowser, TrapViewer and other SNMP tools. Check the AdventNet
Web server at http://www.adventnet.com for latest releases.
Refer to section “Using the AdventNet SNMP utilities” on page 275 for more detailed information on how to
use these tools.
SNMP configuration task list
To configure SNMP, perform the tasks described in the following sections. The tasks in the first three sections
are required; the tasks in the remaining sections are optional, but might be required for your application.
• Setting basic system information (required) (see page 270)
• Setting access community information (required) (see page 272)
• Setting allowed host information (required) (see page 274)
• Specifying the default SNMP trap target (optional) (see page 274)
• Displaying SNMP related information (optional) (see page 275)
Setting basic system information
The implementation of the MIB-II system group is mandatory for all systems. By default, an SNMP agent is
configured to have a value for any of these variables and responds to get commands from a NMS.
The following MIB II panels should be set::
• sysContact
• sysLocation
• sysName
The system sysContact object is used to define the contact person, together with information on how to contact that person.
Assigning explanatory location information to describe the system physical location (e.g. server room, wiring
closet, 3rd floor, etc.) is very supportive. Such an entry corresponds to the MIB II system sysLocation object.
The name used for sysName should follow the rules for ARPANET host names. Names must start with a letter,
end with a letter or digit, and have as interior characters only letters, digits, and hyphens. Names must be 63
characters or fewer. For more information, refer to RFC 1035.
This procedure describes how to set these MIB-II system group objects
SNMP tools
270
SmartWare Software Configuration Guide
25 • SNMP configuration
Mode: Administrator execution
Step
1
2
3
Command
Purpose
node(cfg)#system contact name
Sets the contact persons name
node(cfg)#system location location
Sets the system location
node(cfg)#system hostname hostname Sets the system hostname and command line prompt
If any of the command options name, location, or hostname has to be formed out of more than one word, the
information is put in “double quotes”.
Note
Enter an empty string “” to get rid of any of the system settings.
The MIB-II system group values are accessible for reading and writing via the following SNMP objects:
• .iso.org.dod.internet.mgmt.mib-2.system.sysContact
• .iso.org.dod.internet.mgmt.mib-2.system.sysName
• .iso.org.dod.internet.mgmt.mib-2.system.sysLocation
After setting these values according to 1 through 3 any SNMP MIB browser application should read the values
using a get or get-next command as shown in figure 40.
The procedure to use the SNMP MIB browser is:
• Enter the community string public into the Community field in the upper right corner of the window. For
safety reasons each entered character is displayed with a “*”.
• Access any of the supported MIB system group object by using the GetNext button from the button bar of
the window.
Setting basic system information
271
SmartWare Software Configuration Guide
25 • SNMP configuration
Figure 40. AdventNet MibBrowser displaying some of the System Group objects
Example: Setting the system group objects
In the following example the system information is set for later access via SNMP. See figure 40 for a typical
MIB browser application accessing these MIB-II system group objects representing the system information.
node>enable
node#configure
node(cfg)#system contact "Bill Anybody, Phone 818 700 1504"
node(cfg)#system location "Wiring Closet, 3rd floor"
node(cfg)#system hostname "node"
(cfg)#
After entering a host name the prompt on the CLI no longer displays the IP address of the Ethernet port over
which the Telnet session is running but shows the newly entered host name.
Setting access community information
SNMP uses one or more labels called community strings to delimit groups of objects (variables) that can be
viewed or modified on a device. The SNMP data in such a group is organized in a tree structure called a Management Information Base (MIB). A single device may have multiple MIBs connected together into one large
structure, and various community strings may provide read-only or read-write access to different, possibly
overlapping portions of the larger data structure. An example of a read-only variable might be a counter showing the total number of octets sent or received through an interface. An example of a read-write variable might
be the speed of an interface, or the hostname of a device.
Setting access community information
272
SmartWare Software Configuration Guide
25 • SNMP configuration
Community strings also provide a weak form of access control in earlier versions of SNMP version 1 and 2.
SNMP version 3 provides much improved access control using strong authentication and should be preferred
over SNMP version 1 and 2 wherever it is supported. If a community string is defined, then it must be provided in any basic SNMP query if the requested operation is to be permitted by the device. Community strings
usually allow read-only or read-write access to the entire device. In some cases, a given community string will
be limited to one group of read-only or read-write objects described in an individual MIB.
In the absence of additional configuration options to constrain access, knowledge of the single community
string for the device is all that is required to gain access to all objects, both read-only and read-write, and to
modify any read-write objects.
Note
Security problems can be caused by unauthorized individuals possessing
knowledge of read-only community strings so they gain read access to confidential information stored on an affected device. Worse can happen if they
gain access to read-write community strings that allow unauthorized remote
configuration of affected devices, possibly without the system administrators
being aware that changes are being made, resulting in a failure of integrity
and a possible failure of device availability. To prevent these situations, define
community strings that only allow read-only access to the MIB objects
should be the default.
By default SNMP uses the default communities public and private. You probably do not want to use those, as
they are the first things an intruder will look for. Choosing community names is like choosing a password. Do
not use easily guessed ones; do not use commonly known words, mix letters and other characters, and so on. If
you do not intend to allow anyone to use SNMP write commands on your system, then you probably only
need one community name.
This procedure describes how to define your own SNMP community
Mode: Configure
Step
1
Command
node(cfg)#snmp community name
{ ro | rw }
Purpose
Configures the SNMP community name with read-only
or read/write access
Use the no command option to remove a SNMP community setting.
Example: Setting access community information
In the following example the SNMP communities for the default community public with read-only access and
the undisclosed community Not4evEryOne with read/write access are defined. Only these valid communities
have access to the information from the SNMP agent.
node(cfg)#snmp community public ro
node(cfg)#snmp community Not4evEryOne rw
Note
If no community is set on your SmartNode accessing any of the MIB objects
is not possible!
Setting access community information
273
SmartWare Software Configuration Guide
25 • SNMP configuration
Setting allowed host information
If a host has to access SNMP MIB objects on a certain node, it explicitly needs the right to access the SNMP
agent. Therefore a host needs an entry, which allows accessing the device. The host is identified by its IP
address and has to use a certain community string for security precautions.
Note
The community which is to be used as security name to access the MIB
objects has to be defined prior to the definition of allowed hosts.
This procedure describes adding a host that is allowed to access the MIB of this system
Mode: Configure
Step
1
Command
Purpose
node(cfg)#snmp host IP-address-of-SN securityname community
Configures a host that with IP address IPaddress-of-SN can access the MIB, using
the security name community.
Use the no command option to remove a SNMP allowed host setting.
Example: Setting allowed host information
In the following example the host with IP address 172.16.224.45 shall be able to access the MIB using community public as security name.
node(cfg)#snmp host 172.16.224.45 security-name public
Specifying the default SNMP trap target
An SNMP trap is a message that the SNMP agent sends to a network management station. For example, an
SNMP agent would send a trap when an interface's status has changed from up to down. The SNMP agent
must know the address of the network management station so that it knows where to send traps. It is possible
to define more than one SNMP trap target.
The SNMP message header contains a community field. The SNMP agent uses a defined community name,
which is inserted in the trap messages header sent to the target. In most cases the target is a NMS, which only
accepts a SNMP message header of a certain community.
This procedure describes how to define a SNMP trap target and enter community name
Mode: Configure
Step
1
Command
node(cfg)#snmp target IP-address-of-SN
security-name community
Purpose
Configures a SNMP trap target with IP-address-ofhostanme SN that receives trap messages using
the security name community on the target.
Use the no command option to remove s SNMP trap target setting.
Example: Specifying the default SNMP trap target
Setting allowed host information
274
SmartWare Software Configuration Guide
25 • SNMP configuration
In the following example the NMS running on host with IP address 172.16.224.44 shall be defined as SNMP
trap target. Since the NMS requires that SNMP message headers have a community of Not4evEryOne the security-name argument is set accordingly.
node(cfg)#snmp target 172.16.224.44 security-name Not4evEryOne
Displaying SNMP related information
Displaying the SNMP related configuration settings is often necessary to check configuration modifications or
when determining the behavior of the SNMP agent.
This procedure describes how to display information and configuration settings for SNMP
Mode: Configure
Step
Command
Purpose
1
node(cfg)#show snmp
Displays information and configuration settings for SNMP
Example: Displaying SNMP related information
This example shows how to display SNMP configuration information.
node(cfg)#show snmp
SNMP Information:
hostname : node
location : Wiring Closet, 3rd floor
contact : Bill Anybody, Phone 818 700 1504
Hosts:
172.16.224.44 security-name public
Targets:
172.16.224.44 security-name Not4evEryOne
Communities:
public access-right ro
Not4evEryOne access-right rw
Using the AdventNet SNMP utilities
The AdventNet SNMP utilities are a set of cross-platform applications and applets for SNMP and Web-based
network management. These utilities can be used for device, element, application and system management.
The following tools are the most useful:
• MibBrowser—used to view and operate on data available through a SNMP agent on a managed device
• TrapViewer—used to parse and view the received traps
The AdventNet MibBrowser is a complete SNMP MibBrowser that enables the loading of MIBs, MIB browsing, walking a MIB tree, searching MIBs and performing all other SNMP-related functions to users.
Viewing and operating the data available through an SNMP agent on a managed device, e.g. a router, switch,
hub etc., is made possible by using the MibBrowser.
Displaying SNMP related information
275
SmartWare Software Configuration Guide
25 • SNMP configuration
The TrapViewer is a graphical tool to view the Traps received from one or more SNMP agents. The Trap viewer
can listen to one or more port at a time and the traps can be sent from any host. Moreover the TrapViewer contains a Trap parser editor, which is a tool to create a trap parser file. The Trap viewer parses the file created using
Trap parser editor to match each incoming traps with certain criteria. Since Traps typically contain cryptic
information, which is not easily understandable to the users, trap parsers are required to translate or parse traps
into understandable information.
Using the MibBrowser
Figure 41 depicts the primary window of the AdventNet MibBrowser. It consists of a menu bar, a toolbar, a left
frame and a right frame.
The operations that can be performed by the MibBrowser are available in a series of buttons in the toolbar on
top of the MibBrowser's main window. The toolbar can be hidden or made visible using the options available.
The menu bar has various options that perform the same operations as the options available in the toolbar.
The left frame holds the MIB tree. A MIB tree is a structure through which all the MIBs loaded can be viewed.
The MIB tree component enables us to traverse through the tree, view the loaded MIBs and learn the definition
for each SN. The AdventNet MibBrowser allows loading additional MIB files in the text format (the “my” file
contains enterprise specific MIB definitions).
The right frame has labeled text fields to specify the basic parameters like host, community etc. and a Result
text area display to view the results.
There are three ways in which the primary window of the MibBrowser can be viewed. It can be viewed with
the result display, MIB description panel or multi-variable bind panel in the right frame. The view can be
altered in three ways.
• The desired view can be set by the options provided in the display menu item under the view menu.
(View Display ).
• The other way of altering the view is through the general settings panel in the settings menu item in the edit
menu. (Edit ‡ Settings)
• The same can be done through clicking the MibBrowser settings button on the toolbar. See figure 41.
Figure 41. AdventNet MibBrowser Settings Button on the Toolbar
By default the MIB description display and the result display are visible in the MibBrowser.
Using the AdventNet SNMP utilities
276
SmartWare Software Configuration Guide
25 • SNMP configuration
Using the TrapViewer
TrapViewer is a graphical tool to view the traps received from one or more SNMP agents. The TrapViewer can
listen to one or more port at a time and the traps can be sent from any host.
Invoke the TrapViewer through the usage of the MibBrowser. To get to know more about the MibBrowser refer
to section “Using the MibBrowser” on page 276. Figure 42 is a screen shot of the TrapViewer.
Figure 42. AdventNet TrapViewer displaying received traps
The TrapViewer has a table that displays the trap information, the common parameters text fields where necessary information has to be entered and other options such as Start, Stop, Trap Details, Delete Trap and
ParserEditor.
Follow these steps to work on the Trap Viewer and to know more about the available options:
• By default the value in the Port text field is 162. Enter the desired port in the field on which the viewer will
listen.
• The default value in the Community text field is public. Set the community of the incoming traps as desired,
depending on the SNMP configuration.
• Click on Add button to add the port and community list on which the trap has to listen to. This is visible in
the TrapList combo box.
• The port and community list can be deleted by clicking on the Del button.
• When you need to load a trap parser file, click on the Load button, which will open up a dialog box, from
which you can load the parser file.
• In order to receive the traps now, click on the Start button. Upon clicking this button, TrapViewer begins to
receive traps according to the as-specified port and community.
• Once received, the traps are listed in the trap table of the TrapViewer. By default, the trap table has the following four columns:
- Class that defines the severity of the trap.
- Source that displays the IP address of the source from where the traps were sent.
- Date that shows the date and time when the trap was received.
Using the AdventNet SNMP utilities
277
SmartWare Software Configuration Guide
25 • SNMP configuration
- Message that by default has the object identifier format (sequence of numeric or textual labels on the SNs
along a path from the root to the object) of the trap if any, or it is blank.
• The details of the traps can be viewed by clicking the Trap Details button or right click the trap in the trap
table and select the option View Trap Details. Figure 43 show the screen of such a trap details window.
Figure 43. AdventNet Trap Details window of TrapViewer
The various details available in the Trap Details window are listed in table 12:
Table 12. Details available in the Trap Details window
Trap Details
Description
TimeStamp
The TimeStamp is a 32-bit unsigned value indicating the number of hundredths-of-a-second
that have elapsed since the (re)start of the SNMP agent and the sending of the trap. This
field shows the value stored in the MIB-II sysUpTime variable converted into hours, minutes
and seconds.
Enterprise
This field shows the OID of the management enterprise that defines the trap message. The
value is represented as an OBJECT IDENTIFIER value and has a variable length.
Generic Type The Generic type value is categorized and numbered 0 to 6. They are 0-coldStart, 1-warmStart, 2-linkDown, 3-linkUp, 4-authenticationFailure, 5-egpNeighborLoss. The trap type
value 6 is identified as enterprise-specific value. This field shows the value based on the
type of trap.
Specific Type The specific trap type indicates the specific trap as defined in an enterprise-specific MIB. If
the Generic type value is 6 then, this field shows a value greater than 0. If the generic type
value is a value other than 6, then the field shows a value 0. This field can have values
from 0 to 2147483647.
Message
This is a text field. By default, this field will always contain the Varbinds in the Trap PDU.
This can be substituted with text.
Severity
This field shows the Severity or the intensity of the trap. They could be 0-All, 1-Critical, 2Major, 3-Minor, 4-warning, 5-Clear and 6-info.
Using the AdventNet SNMP utilities
278
SmartWare Software Configuration Guide
25 • SNMP configuration
Table 12. Details available in the Trap Details window (Continued)
Trap Details
Description
Entity
RemotePort
Community
Node
TimeReceived
HelpURL
The source IP address from which the Trap was sent is displayed here.
This field reveals the port on which the Trap was sent by the originator.
The Community string is displayed here.
Source
This displays the Date and Time when the trap was received.
The URL shown here gives more details of the received trap. By default, the URL file name is
<generic-type value> - <specific-type value>.html
You can stop the listening by clicking the Stop button.
When you need to delete the trap, select the trap to be deleted and click the Delete Trap button or right click
on the trap in the trap table and select option Delete the Selected Rows.
Yet another option in the Trap Viewer is the ParserEditor. The TrapViewer can filter incoming traps according
to certain criteria called the parser criteria. The configuration of the criteria is made possible by using the parser
editor. Refer to the AdventNet SNMP Utilities documentation for a detailed description of the parser editor
configuration and its use.
Standard SNMP version 1 traps
The following standard SNMP version 1 traps are supported. The descriptions are taken from RFC 1215
“Convention for defining traps for use with the SNMP”.
warmStart TRAP-TYPE
ENTERPRISE snmp
DESCRIPTION
"A warmStart trap signifies that the sending protocol entity is reinitializing
itself such that neither the agent configuration nor the protocol entity implementation is altered."
::= 1
linkDown TRAP-TYPE
ENTERPRISE snmp
VARIABLES
{ ifIndex }
DESCRIPTION
"A linkDown trap signifies that the sending protocol entity recognizes a failure in
one of the communication links represented in the agent's configuration."
::= 2
Note
The linkDown trap is not sent if any of the ISDN ports has gone down.
Standard SNMP version 1 traps
279
SmartWare Software Configuration Guide
25 • SNMP configuration
linkUp TRAP-TYPE
ENTERPRISE snmp
VARIABLES
{ ifIndex }
DESCRIPTION
"A linkUp trap signifies that the sending protocol entity recognizes that one of the
communication links represented in the agent's configuration has come up."
::= 3
Note
The linkUp trap is not sent if any of the ISDN ports has come up.
authenticationFailure TRAP-TYPE
ENTERPRISE snmp
DESCRIPTION
"An authenticationFailure trap signifies that the sending protocol entity is the
addressee of a protocol message that is not properly authenticated. While implementations of the SNMP must be capable of generating this trap, they must also be capable of suppressing the emission of such traps via an implementation-specific
mechanism."
::= 4
Note
The authenticationFailure trap is sent after trying to access any MIB object
with a SNMP community string, which does not correspond to the system
setting.
coldStart TRAP-TYPE
ENTERPRISE snmp
DESCRIPTION
"A coldStart trap signifies that the sending protocol entity is reinitializing
itself such that the agent's configuration or the protocol entity implementation may
be altered."
::= 0
Note
The standard SNMP version 1 trap coldStart as listed below is not supported. After powering up, a warmStart trap message is sent if any trap target
host is defined.
SNMP interface traps
The SmartNode sends Interface Traps (linkUp, linkDown) when the status of logical or physical interfaces
change. Logical interfaces are interfaces defined in the IP context and CS context. Physical interfaces are ports.
The SmartNode adds an entry to event log for each Interface Traps it sends:
node(cfg)#show log
...
2002-09-06T14:54:35
2002-09-06T14:54:35
2002-09-06T14:54:35
2002-09-06T14:54:38
2002-09-06T14:54:38
SNMP interface traps
:
:
:
:
:
LOGINFO
LOGINFO
LOGINFO
LOGINFO
LOGINFO
:
:
:
:
:
Link
Link
Link
Link
Link
up
up
up
up
up
on
on
on
on
on
interface
interface
interface
interface
interface
h323_60.
h323_30.
isdn20.
ETH00.
ETH01.
280
SmartWare Software Configuration Guide
2002-09-06T14:54:39
2002-09-06T14:54:39
2002-09-06T14:56:02
2002-09-10T14:21:20
...
SNMP interface traps
:
:
:
:
LOGINFO
LOGINFO
LOGINFO
LOGINFO
25 • SNMP configuration
:
:
:
:
Link
Link
Link
Link
up on interface eth00.
up on interface eth01.
up on interface SLOT2:00 ISDN D
down on interface SLOT2:00 ISDN
281
Chapter 26 SNTP client configuration
Chapter contents
Introduction ........................................................................................................................................................283
SNTP client configuration task list ......................................................................................................................283
Selecting SNTP time servers .........................................................................................................................284
Defining SNTP client operating mode ..........................................................................................................284
Defining SNTP local UDP port ....................................................................................................................285
Enabling and disabling the SNTP client .......................................................................................................286
Defining SNTP client poll interval ...............................................................................................................286
Defining SNTP client constant offset to GMT .............................................................................................287
Defining the SNTP client anycast address .....................................................................................................287
Enabling and disabling local clock offset compensation .................................................................................288
Showing SNTP client related information ....................................................................................................289
Debugging SNTP client operation ................................................................................................................289
Recommended public SNTP time servers............................................................................................................290
NIST Internet time service ............................................................................................................................290
Additional information on NTP and a list of other NTP servers ...................................................................291
282
SmartWare Software Configuration Guide
26 • SNTP client configuration
Introduction
This chapter describes how to configure Simple Network Time Protocol (SNTP) client, it includes the following sections:
• SNTP client configuration task list
• Recommended Public SNTP Time Servers (see page 290)
The Simple Network Time Protocol (SNTP) is an adaptation of the Network Time Protocol (NTP) that is
used to synchronize computer clocks in the Internet. SNTP can be used when the ultimate performance of the
full NTP implementation is not needed. SNTP is described in RFC-2030, “Simple Network Time Protocol
(SNTP) Version 4 for IPv4, IPv6 and OSI”.
SNTP typically provides time within 100 milliseconds of the accurate time, but it does not provide the complex filtering and statistical mechanisms of NTP. In addition, SNTP does not authenticate traffic, although you
can configure extended access lists to provide some protection. An SNTP client is more vulnerable to misbehaving servers than an NTP client and should only be used in situations where strong authentication is not
required.
SNTP client configuration task list
To configure an SNTP client, perform the tasks described in the following sections. The tasks in the first four
sections are required; the tasks in the remaining sections are optional, but might be required for your application.
• Selecting SNTP time servers (see page 284)
• Defining SNTP client operating mode (see page 284)
• Defining SNTP local UDP port (see page 285)
• Enabling and disabling the SNTP client (see page 286)
• Defining the SNTP client anycast address (see page 287)
• Defining SNTP client constant offset to GMT (see page 287)
• Enabling and disabling local clock offset compensation (see page 288)
• Defining SNTP client poll interval (see page 286)
• Showing SNTP client related information (see page 289)
• Debugging SNTP client operation (see page 289)
Introduction
283
SmartWare Software Configuration Guide
26 • SNTP client configuration
Selecting SNTP time servers
This procedure describes how to select a primary and secondary SNTP time server
Mode: Configure
Step
Command
Purpose
1
node(cfg)#sntp-client server primary host
2
node(cfg)#sntp-client server secondary host
Enter the SNTP primary server IP
address or hostname
Enter the SNTP secondary server IP
address or hostname
Example: Selecting SNTP time servers
In the following example an internal SNTP time server (172.16.1.10) is selected as primary and utcnist.colorado.edu (128.138.140.44) as secondary SNTP time server.
node(cfg)#sntp-client server primary 172.16.1.10
node(cfg)#sntp-client server secondary 128.138.140.44
Defining SNTP client operating mode
A SNTP client can operate in multicast mode, unicast mode or anycast mode:
• In unicast mode (point to point), the client sends a request to a designated server at its unicast address and
expects a reply from which it can determine the time and, optionally, the roundtrip delay and local clock
offset relative to the server.
• In anycast mode (multipoint to point), the client sends a request to a designated local broadcast or multicast
group address and expects a reply from one or more anycast servers.
• In multicast mode (point to multipoint), the client sends no request and waits for a broadcast from a designated multicast server.
Note
Unicast mode is the default SNTP client operating mode.
This procedure describes how to configure the SNTP client operating mode
Mode: Configure
Step
1
Command
node(cfg)#sntp-client operating-mode
{unicast | anycast | multicast}
Note
Purpose
Configures the SNTP client operating mode to unicast, anycast or multicast mode
When selecting the anycast operating-mode you have to define the IP
address where the anycast request is sent. Refer to section “Defining the
SNTP client anycast address” on page 287 for more details.
SNTP client configuration task list
284
SmartWare Software Configuration Guide
26 • SNTP client configuration
Example: Configuring SNTP client operating mode
Configures the SNTP client operating mode to unicast operation
node(cfg)#sntp-client operating-mode unicast
Configures the SNTP client operating mode to anycast operation
node(cfg)#sntp-client operating-mode anycast
Configures the SNTP client operating mode to multicast operation
node(cfg)#sntp-client operating-mode multicast
Defining SNTP local UDP port
The communication between an SNTP client and its the primary or secondary SNTP time server uses UDP.
The UDP port number assigned to SNTP is 123, which should be used in both the source port (on the SmartNode) and destination port (on SNTP time server) fields in the UDP header. The local port number, which
the SNTP client uses to contact the primary or secondary SNTP time server in unicast mode, has to be
defined.
Note
The local port number setting is used when contacting the SNTP time
server. The SNTP time server will send its reply to the SNTP client (SmartNode) using the same port number as used in the request. The local port
number is set to 123 by default.
This procedure describes how to define the local port number, which uses the SNTP client to contact the
SNTP time server, unicast mode
Mode: Configure
Step
1
Command
node(cfg)# sntp-client local-port number
Purpose
Specifies the SNTP local UDP port number. The port
number can be defined in the range from 1 to
65535. The UDP port number assigned to SNTP is
123.
Example: Defining the local UDP port for SNTP
Configures the SNTP client UDP port number to 123
node(cfg)#sntp-client local-port 123
SNTP client configuration task list
285
SmartWare Software Configuration Guide
26 • SNTP client configuration
Enabling and disabling the SNTP client
The SNTP client is disabled by default and has to be enabled if clock synchronization shall be used. This procedure describes how to enable or disable the SNTP client
Mode: Configure
Step
1
Command
Purpose
node(cfg)#[no] sntp-client Enables the SNTP client operation. Using the no command syntax disables this feature.
Example: Enabling the SNTP client operation
node(cfg)#sntp-client
Example: Disabling the SNTP client operation
node(cfg)#no sntp-client
Defining SNTP client poll interval
Specifies the seconds between each SNTP client request in unicast or anycast mode.
This SNTP client poll interval can be defined to be within the range from 1 to 4’294’967’295. The default
value is 60 seconds.
This procedure describes how to set the SNTP client poll interval
Mode: Configure
Step
1
Command
Purpose
node(cfg)#sntp-client poll-interval value Sets the SNTP client poll interval to value seconds
Example: Setting the SNTP client poll interval
In the following example the SNTP client poll interval is set to 30 seconds.
node(cfg)#sntp-client poll-interval 30
SNTP client configuration task list
286
SmartWare Software Configuration Guide
26 • SNTP client configuration
Defining SNTP client constant offset to GMT
Setting the offset of the device local time zone from Greenwich Mean Time is required if the local time shall be
used for time dependent routing decisions or other reasons. Greenwich Mean Time (GMT) is also known as
Zulu Time and Universal Time Coordinated (UTC), refer to http://greenwichmeantime.com/ for more details
and information about your time zone and offset to GMT.
Note
Be aware that summertime offset is not automatically adjusted!
Use the “clock local offset” command to configure the local clock offset.
This procedure describes how to display the local time.
Mode: Configure
Step
1
Command
[name]#show clock local
Purpose
Displays the local time, UTC and the offset of the local
time from UTC.
This procedure describes how to use the clock local offset command.
Mode: Configure
Step
1
Command
[name](cfg)#clock local offset (+|)hh:mm
Purpose
Sets the offset from UTC to local time.
Defining the SNTP client anycast address
Anycast mode is designed for use with a set of cooperating servers whose addresses are not known beforehand.
An anycast client sends a request to the designated local broadcast or multicast group address as described
below. For this purpose, the NTP multicast group address assigned by the IANA is used. One or more anycast
servers listen on the designated local broadcast address or multicast group address. Each anycast server, upon
receiving a request, sends a unicast reply message to the originating client. The client then binds to the first
such message received and continues operation in unicast mode. Subsequent replies from other anycast servers
are ignored.
In anycast mode, the SmartNode sends a request to a designated local broadcast or multicast group address and
expects a reply from one or more anycast servers. The SmartNode uses the first reply received to establish the
particular server for subsequent unicast operations. Later replies from this server (duplicates) or any other
server are ignored.
Other than the selection of address in the request, the operations of anycast and unicast clients are identical.
This procedure describes how to set local broadcast address or multicast group address to which the anycast
request is sent
SNTP client configuration task list
287
SmartWare Software Configuration Guide
26 • SNTP client configuration
Mode: Configure
Step
1
Command
Purpose
node(cfg)#sntp-client anycast-address ip- Set the anycast-address to ip-address a designated
address {port | port-number}
local broadcast or multicast group address to
which a request is sent. In addition an explicit
SNTP server port-number in the range from 1 to
65535 can be defined or the argument port is
selected, which sets the value for port to 123. If
none of the optional argument is used the value for
port is set to 123.
Note
This command is only relevant in anycast operating-mode.
Example: SNTP client anycast address
In the following example anycast requests are sent to SNTP server at IP address 132.163.4.101 using port 123
of the SNTP server.
node(cfg)#sntp-client anycast-address 132.163.4.101 port
Enabling and disabling local clock offset compensation
The Simple Network Time Protocol (SNTP) Version 4 is an adaptation of the Network Time Protocol (NTP)
that is used to synchronize computer clocks in the Internet. While not necessary in a conforming SNTP client,
in unicast and anycast modes it is highly recommended that the transmit timestamp in the request is set to the
time of day according to the client clock in NTP timestamp format. This allows a simple calculation to determine the propagation delay between the server and client and to align the local clock generally within a few
tens of milliseconds relative to the server. In addition, this provides a simple method to verify that the server
reply is in fact a legitimate response to the specific client request and to avoid replays.
In multicast mode, the client has no information available to calculate the propagation delay or to determine
the validity of the server unless the NTP authentication scheme is used.
This procedure describes how to enable or disable the compensation for local clock offset.
Mode: Configure
Step
1
Command
node(cfg)#[no] sntp-client local-clockoffset
Purpose
Enables the SNTP client’s compensation for local
clock offset. Using the no command syntax disables this feature.
Example: Enabling the SNTP client root delay compensation
node(cfg)#sntp-client root-delay-compensation
SNTP client configuration task list
288
SmartWare Software Configuration Guide
26 • SNTP client configuration
Example: Disabling the SNTP client root delay compensation
node(cfg)#no sntp-client root-delay-compensation
Showing SNTP client related information
During set-up and operation of the SNTP client, displaying the information and status of the SNTP client is
very useful.
This procedure describes how to display information and status of the SNTP client
Mode: Configure
Step
1
Command
Purpose
node(cfg)#show sntp-client Displays information and status of the SNTP client
Example: Showing SNTP client related information
node(cfg)#show sntp-client
------------------------------------------SNTP client
enabled
Operating mode
unicast
Local port
123
Primary server
172.16.1.10:123 v4
Secondary server
128.138.140.44:123 v4
Anycast address
224.0.1.1:123
Poll interval
30sec
Local clock offset disabled
GMT offset
+2:00:00
-------------------------------------------
Debugging SNTP client operation
During setup and operation, debugging the behavior of the SNTP client is very useful.
Note
The debug sntp client is only available in superuser mode.
This procedure describes how to enable or disable debugging
Mode: Configure
Step
1
Command
Purpose
node(cfg)#debug sntp client Enables and disables SNTP debug monitor. Using the no command syntax disables this feature.
SNTP client configuration task list
289
SmartWare Software Configuration Guide
26 • SNTP client configuration
Example: Enable the SNTP debug monitor
The following example shows how to enable the SNTP debug monitor and some typical debug information.
node(cfg)#debug sntp client
node(cfg)#14:44:21 SNTP > SNTP message sent with Timestamp: 2001-10-26T14:44:21
14:44:21 SNTP > SNTP message received:
-----------------------------------------------Server:
172.16.1.10:123 v4
Stratum:
2
Time:
2001-10-26T12:44:21
InternetTime: 20010926@530
-----------------------------------------------14:44:21 SNTP > Set the system time to 2001-10-26T14:44:21
14:44:51 SNTP > SNTP message sent with Timestamp: 2001-10-26T14:44:51
14:45:21 SNTP > SNTP message sent with Timestamp: 2001-10-26T14:45:21
14:45:51 SNTP > SNTP message sent with Timestamp: 2001-10-26T14:45:51
14:46:21 SNTP > SNTP message sent with Timestamp: 2001-10-26T14:46:21
14:46:51 SNTP > SNTP message sent with Timestamp: 2001-10-26T14:46:51
Example: Disable the SNTP debug monitor
The following example shows how to disable the SNTP debug monitor and end any debug information.
node(cfg)#no debug sntp client
Recommended public SNTP time servers
NIST Internet time service
The National Institute of Standards and Technology (NIST) Internet Time Service allows users to synchronize
computer clocks via the Internet. The time information provided by the service is directly traceable to UTC.
Table 13 contains information about all of the time servers operated by NIST. Please note that while NIST
makes every effort to ensure that the names of the servers are correct, NIST only controls the names of the
nist.gov severs.
Table 13. Time servers operated by NIST
Server Name
nist1.aol-va.truetime.com
utcnist.colorado.edu
nist1.aol-ca.truetime.com
nist1-dc.glassey.com
nist1.datum.com
nist1-ny.glassey.com
nist1-sj.glassey.com
time-a.timefreq.bldrdoc.gov
time-b.timefreq.bldrdoc.gov
time-c.timefreq.bldrdoc.gov
Recommended public SNTP time servers
IP Address
Location
205.188.185.33
128.138.140.44
207.200.81.113
216.200.93.8
63.149.208.50
208.184.49.9
207.126.103.204
132.163.4.101
132.163.4.102
132.163.4.103
DC/Virginia
Colorado
California
DC/Virginia
California
New York City
California
Colorado
Colorado
Colorado
290
SmartWare Software Configuration Guide
26 • SNTP client configuration
For more information about NIST Internet Time Service (ITS) check their web server at
http://www.boulder.nist.gov/timefreq/service/its.htm
Additional information on NTP and a list of other NTP servers
The site http://ntp.isc.org contains a maintained list of available NTP/SNTP servers. Please only use the ones
with an open access policy!
Recommended public SNTP time servers
291
Chapter 27 DHCP configuration
Chapter contents
Introduction ........................................................................................................................................................293
DHCP-client configuration tasks.........................................................................................................................294
Enable DHCP-client on an IP interface ........................................................................................................294
Release or renew a DHCP lease manually (advanced) ...................................................................................296
Get debug output from DHCP-client ...........................................................................................................296
DHCP-server configuration tasks ........................................................................................................................297
Configure DHCP-server profiles ...................................................................................................................297
Use DHCP-server profiles and enable the DHCP-server ...............................................................................299
Define the bootfile (Option 67) for the DHCP-server ..................................................................................300
Define the TFTP server (Option 66) for the DHCP-server ...........................................................................300
Check DHCP-server configuration and status ...............................................................................................300
Get debug output from the DHCP-server .....................................................................................................301
Configure DHCP-relay .................................................................................................................................302
Create/Modify DHCP-Relay profile .......................................................................................................302
Enable/Disable DHCP-Relay Agent ........................................................................................................303
292
SmartWare Software Configuration Guide
27 • DHCP configuration
Introduction
This chapter provides an overview of the Dynamic Host Configuration Control Protocol (DHCP) and
describes the tasks involved in their configuration. This chapter includes the following sections:
• DHCP-client configuration tasks (see page 294)
• DHCP-server configuration tasks (see page 297)
The Dynamic Host Configuration Protocol (DHCP) automates the process of configuring new and existing
devices on TCP/IP networks. DHCP performs many of the same functions a network administrator carries out
when connecting a computer to a network. Replacing manual configuration by a program adds flexibility,
mobility, and control to networked computer configurations.
The tedious and time-consuming method of assigning IP addresses was replaced by automatic distributing IP
addresses. The days when a network administrator had to manually configure each new network device before
it could be used on the network are past.
In addition to distributing IP addresses, DHCP enables configuration information to be distributed in the
form of DHCP options. These options include, for example, the default router address, domain name server
addresses, the name of a boot file to load etc.
A new expression in DHCP is lease. Rather than simply assigning each DHCP-client an IP address to keep
until the client is done with it, the DHCP-server assigns the client an IP address with a lease; the client is
allowed to use the IP address only for the duration of that lease. When the lease expires, the client is forced to
stop using that IP address. To prevent a lease from expiring, which essentially shuts down all network access for
the client, the client must renew its lease on its IP address from time to time.
Introduction
293
SmartWare Software Configuration Guide
27 • DHCP configuration
DHCP-server and DHCP-client are illustrated in figure 44.
LAN
Node
Node
DHCP Server
LAN
Node
Node
DHCP Clients
WAN
DHCP Clients
Node
Node
LAN
DHCP Server
Figure 44. DHCP-client and DHCP-server
DHCP-client configuration tasks
To configure the SmartNode as DHCP-client perform the steps mentioned below.
• Enable DHCP-client on an IP interface
• Release or renew a DHCP lease manually (advanced) (see page 296)
• Get debug output from DHCP-client (see page 296)
• Configure DHCP agent
Enable DHCP-client on an IP interface
On every created IP interface a DHCP-client could be enabled. If enabled, the SmartNode gets the IP address
for this interface from a DHCP-server. Additionally other configuration information is received for this IP
DHCP-client configuration tasks
294
SmartWare Software Configuration Guide
27 • DHCP configuration
interface, e.g. the default gateway, DNS server IP addresses, etc. To enable the DHCP-client on an IP interface
perform the steps described below.
Mode: context IP
Step
Command
1
node(ctx-ip)[router]#interface name
2
node(if-ip)[name]#ipaddress dhcp
3
node(if-ip)[name]#show dhcp-client
Note
Purpose
Creates an IP interface with name name and enters
‘configure’ configuration mode
Enables the DHCP-client on this IP interface. (See
note)
Displays status information about the DHCP-client
For example, default gateway, lease expire time,
etc.
If you are connected to the SmartNode by Telnet over the IP interface on
which you enable the DHCP-client, the connection is lost after entering the
command ipaddress dhcp. You need to know the new IP address distributed from the DHCP-server to connect to the SmartNode again!
Example: Enable DHCP-client on an IP interface
node(cfg)#context ip
node(ctx-ip)[router]#interface eth0
node(if-ip)[eth0]#ipaddress dhcp
node(if-ip)[eth0]#show dhcp-client
-----------------------------------------------------------Context:
router
Name:
eth0
IpAddress:
172.16.224.102 255.255.0.0
Default gateway:
172.16.1.10
Domain Name:
pacific
DNS:
172.16.1.10
146.228.10.16
Next Server Ip:
172.16.1.10
DHCP Server:
172.16.1.10
Lease obtained:
2001-01-01T01:03:51
Lease expires:
2001-01-01T09:03:51
State:
Bound
DHCP-client configuration tasks
295
SmartWare Software Configuration Guide
27 • DHCP configuration
Release or renew a DHCP lease manually (advanced)
After enabling the DHCP-client, the interface receives a DHCP lease from the DHCP-server. To manually
release and/or renew this DHCP lease use the command described below.
This procedure describes how to release and renew the DHCP lease
Mode: interface
Step
1
2
Command
node(if-ip)[name]#dhcp-client release
node(if-ip)[name]#dhcp-client renew
Note
Purpose
Releases DHCP lease. (See note)
Gets a new DHCP lease from the DHCP-server
If you are connected by Telnet over the IP interface on which you release the
DHCP lease, the connection is lost after entering the command dhcp-client
release. You need an other way (e.g. a serial connection) to connect to the
SmartNode again and to enter the command dhcp-client renew!
Get debug output from DHCP-client
This procedure describes how to enable/disable DHCP-client debug monitor
Mode: Any
Step
1
Command
node(if-ip)[name]#[no] debug dhcp-client
Purpose
Enables/disables the DHCP-client debug monitor
Example: Enable DHCP debug monitor
This example shows how to enable the DHCP-client debug monitor and the debug output of the command
and dhcp-client renew.
dhcp-client release
node(cfg)#context ip
node(ctx-ip)[router]#interface eth0
node(if-ip)[eth0]#debug dhcp-client
node(if-ip)[eth0]#dhcp-client release
01:12:28 DHCPC > router/eth0 (Rels): Unicasting DHCP release (xid 490cb56b, secs
1).
01:12:29 DHCPC > router/eth0 (Rels): Shutting down.
01:12:29 DHCPC > router/eth0 (Rels): Tearing down IP interface
2001-01-01T01:12:30 : LOGINFO
: Link down on interface eth0.
2001-01-01T01:12:30 : LOGINFO
: Link up on interface eth0.
node(if-ip)[eth0]#dhcp-client renew
01:17:46 DHCPC > router/eth0 (Init): Tearing down IP interface
01:17:46 DHCPC > router/eth0 (Init): Broadcasting DHCP discover (xid 0f839e56, secs
0).
01:17:46 DHCPC > router/eth0 (Init): Requesting IP address 172.16.224.102
01:17:47 DHCPC > router/eth0 (Slct): Got offer from 172.16.1.10 for IP
172.16.224.102
01:17:47 DHCPC > router/eth0 (Slct): Selected offer for 172.16.224.102
01:17:47 DHCPC > router/eth0 (Slct): Broadcasting DHCP request (select) (xid
6ff42c38, secs 1).
DHCP-client configuration tasks
296
SmartWare Software Configuration Guide
2001-01-01T01:17:47 : LOGINFO
172.16.224.102
01:17:47 DHCPC > router/eth0
01:17:47 DHCPC > router/eth0
01:17:47 DHCPC > router/eth0
01:17:47 DHCPC > router/eth0
01:17:47 DHCPC > router/eth0
2001-01-01T01:17:48 : LOGINFO
2001-01-01T01:17:48 : LOGINFO
27 • DHCP configuration
: router/eth0 (Rqst): Got DHCP lease for
(Rqst): DHCP ACK received.
(Rqst): Lease is valid for 28800 seconds
(Rqst):
(t1: 14400, t2: 25200)
(Rqst): Got DHCP lease for 172.16.224.102
(Rqst): Configuring IP interface
: Link down on interface eth0.
: Link up on interface eth0.
DHCP-server configuration tasks
To configure the SmartNode as DHCP-server perform the steps mentioned below.
• Configure DHCP-server profiles
• Use DHCP-server profiles and enable the DHCP-server (and to clear lease database) (see page 299)
• Define the bootfile for the DHCP-server (see page 300)
• Define the TFTP server for the DHCP-server (see page 300)
• Check DHCP-server configuration and status (see page 300)
• Get debug output from the DHCP-server (see page 301)
• Configure DHCP-relay (see page 302)
Configure DHCP-server profiles
The DHCP-server profiles hold the configuration information for the DHCP-server. The DHCP-server is capable of serving up to 8 subnets. Each subnet requires its own DHCP-server profile. The IP address/mask configuration of the IP interface implicitly links an IP interface to a subnet and hence to a DHCP-server profile.
Note
A profile can only be modified if it is not assigned to the DHCP-server yet or
if the DHCP-server is disabled. Use the command no dhcp-server to disable the DHCP-server (see below).
This procedure describes how to configure a DHCP-server profile
DHCP-server configuration tasks
297
SmartWare Software Configuration Guide
27 • DHCP configuration
Mode: Configure
Step
1
2
Command
Purpose
node(cfg)#profile dhcp-server name
node(pf-dhcps)[name]#network ipaddress ip-mask
Enter DHCP-server profile mode
Defines the IP address range for which this profile is responsible
IP address: basic DHCP information (‘your (client) IP address’)
3
node(pf-dhcps)[name]#[no] include ipaddress-from ip-address-to
IP mask: DHCP Option 1
Defines up to 4 contiguous IP address ranges
the server may use in the subnet defined in 2
(incremental command)
4
node(pf-dhcps)[name]#[no] defaultrouter default-router-ip-address
Defines up to 2 default routers (default gateways) (incremental command)
5
node(pf-dhcps)[name]#lease infinite
DHCP Option 3
Defines the time a lease is valid
or
DHCP Option 51
node(pf-dhcps)[name]#lease time
days|hours|minutes
6
node(pf-dhcps)[name]#[no] domain(optional) name domain-name
7
node(pf-dhcps)[name]#[no] domain(optional) name-server domain-name-server-ip-address
8
node(pf-dhcps)[name]#[no] netbios(optional) name-server netbios-name-server-ip-address
A PC DHCP client may use this domain name to
complete host names to fully qualified domain
names.
DHCP Option 15
Defines up to 2 domain name servers (DNS) to
be used by the client (incremental command)
DHCP Option 6
Typical installation use h-node for hybrid.
Refer to the Windows administration manuals
for details about NetBIOS options.
9
node(pf-dhcps)[name]#[no] netbios(optional) node-type b-node|h-node|m-node|pnode
DHCP Option 44
Defines the NetBIOS node type (b: uses broadcasts, h: hybrid – queries the name server first,
then broadcasts, m: broadcasts first, then queries the name server, p: only point-to-point
name queries to a name server)
DHCP Option 46
DHCP-server configuration tasks
298
SmartWare Software Configuration Guide
Step
Command
27 • DHCP configuration
Purpose
10
node(pf-dhcps)[name]#[no] bootfile boot- Defines the bootfile the client shall use when
(optional) file-name
starting. Usually this is used in conjunction with
the next-server command.
11
node(pf-dhcps)[name]#[no] next-server
(optional) next-server-ip-address
Basic DHCP information (‘Boot file name’)
Defines the address of the next server in the
boot process. This could be a server different
from the DHCP-server which provides configuration files for the clients to be downloaded.
Basic DHCP information (‘Next server IP
address’)
Example: Define a DHCP-server profile
This example shows how to configure a standard DHCP-server profile for a LAN with a private IP address
range.
node(cfg)#profile dhcp-server LAN
node(pf-dhcps)[lan]#network 192.168.1.0 255.255.255.0
node(pf-dhcps)[lan]#include 192.168.1.32 192.168.1.63
node(pf-dhcps)[lan]#lease 2 days
node(pf-dhcps)[lan]#default-router 192.168.1.1
node(pf-dhcps)[lan]#domain-name-server 80.254.161.125
node(pf-dhcps)[lan]#domain-name-server 80.254.161.126
Use DHCP-server profiles and enable the DHCP-server
If you have specified at least one profile, you can assign it to the DHCP-server and start the DHCP-server.
This procedure describes how to assign one or more DHCP-server profiles and enable the DHCP-server
Mode: Context IP
Step
Command
1
[name](ctx-ip)[router]#dhcp-server use profile
<profile name>
2
3
node(ctx-ip)[router]#[no] dhcp-server
node(ctx-ip)[router]#dhcp-server clear-lease
{ all | ip-address }
Purpose
Chooses a DHCP profile.
profile: Name of the DHCP profile to
choose.
Enables/disables DHCP-server
Removes all or a specific lease from the
server’s database, which in turn marks the
IP address(es) as available again.
Example: Start the DHCP-server
This example shows how to assign a profile to the DHCP-server and to start the DHCP-server.
node(ctx-ip)[router]#dhcp-server use LAN
node(ctx-ip)[router]#dhcp-server
DHCP-server configuration tasks
299
SmartWare Software Configuration Guide
27 • DHCP configuration
Define the bootfile (Option 67) for the DHCP-server
The DHCP server can define bootfile (DHCP option 67). In contrast to the existing options bootfile and
next-server, these options do not use BOOTP fields but DHCP options.
Mode: profile dhcp-server
Step
1
Command
[name](pf-dhcps)[profile]#[no] bootfileopt67 <bootfile>
Purpose
Defines bootfile (option 67).
Define the TFTP server (Option 66) for the DHCP-server
The DHCP server can define tftp-server (DHCP option 66). In contrast to the existing options bootfile and
next-server, these options do not use BOOTP fields but DHCP options.
Mode: profile dhcp-server
Step
1
Command
[name](pf-dhcps)[profile]#[no] tftpserver-opt66 <tftp-server>
Purpose
Defines TFTP server (option 66).
Check DHCP-server configuration and status
This procedure describes how to check the configuration and current status of the DHCP-server
Mode: Any
Step
1
Command
Purpose
node(cfg) #show dhcp-server Displays configuration and status information
Example:
node(ctx-ip)[router]#show dhcp-server
The DHCP server is running
Profiles
LAN (active)
Network
Include
Lease Time
Default Router
Domain Name Server
:
:
:
:
:
:
192.168.1.0 255.255.255.0
192.168.1.32 - 192.168.1.63
2 days
192.168.1.1
80.254.161.125
80.254.161.126
Bound leases
192.168.1.32
Address
:
Client Id :
Expires
:
(Dufour)
ethernet:00.10.A4.7C.7A.F8
01.00.10.A4.7C.7A.F8
2002-12-06T21:18:04
DHCP-server configuration tasks
300
SmartWare Software Configuration Guide
27 • DHCP configuration
Get debug output from the DHCP-server
This procedure describes how to enable/disable the DHCP-server debug monitor
Mode: Any
Step
1
Command
Purpose
node(cfg) #[no] debug dhcp-server Enables/disables the debug monitor of the DHCP-server
Example: Enable DHCP debug monitor
This example shows how to enable the DHCP-server debug monitor. The debug output shows an activation of
the DHCP-server, a DHCP-client requesting a lease, and a DHCP-client releasing a lease.
node(ctx-ip)[router]#debug dhcp-server
21:40:29
DHCPS > New network 'LAN' created
21:41:29 DHCPS > Discover from ethernet:00.10.A4.7C.7A.F8, client
id:01.00.10.A4.7C.7A.F8 via 192.168.1.1
21:41:29 DHCPS > Offering this hosts existing lease 192.168.1.32
21:41:29 DHCPS > Sending DHCP OFFER to 192.168.1.32 via 255.255.255.255 (68)
21:41:29 DHCPS > Deferring save of lease database
21:41:29 DHCPS > Last saved at 2002-12-04T21:40:29, next at 2002-12-04T21:55:29
21:41:29 DHCPS > Request from ethernet:00.10.A4.7C.7A.F8, client
id:01.00.10.A4.7C.7A.F8 via 192.168.1.1
21:41:29 DHCPS > Offer 192.168.1.32 has been selected
21:41:29 DHCPS > Sending DHCP ACK to 192.168.1.32 via 255.255.255.255 (68)
21:41:29 DHCPS > Deferring save of lease database
21:41:29 DHCPS > Last saved at 2002-12-04T21:40:29, next at 2002-12-04T21:55:29
21:44:37 DHCPS > Release from ethernet:00.10.A4.7C.7A.F8, client
id:01.00.10.A4.7C.7A.F8 via 192.168.1.1
21:44:37 DHCPS > Lease 192.168.1.32 released
21:44:37 DHCPS > Deferring save of lease database
21:44:37 DHCPS > Last saved at 2002-12-04T21:40:29, next at 2002-12-04T21:55:29
DHCP-server configuration tasks
301
SmartWare Software Configuration Guide
27 • DHCP configuration
Configure DHCP-relay
SmartNodes support the DHCP-Relay functionality. To avoid having a DHCP-Server in every subnet, SmartNodes now can forward DHCP-Requests either directly to a DHCP-Server or to another DHCP-Relay. To
configure the relay, there is a profile type dhcp-relay. The minimum configuration of such a profile only needs
one IP where DHCP-Requests are sent to. Note that a SmartNode can be configured either as DHCP-Server
or as DHCP-Relay, but not both in parallel.
Create/Modify DHCP-Relay profile
To use a SmartNode as DHCP-Relay Agent, a dhcp-relay profile must be created. Some things you should
know about the Relay Agent profile:
• In order to create valid profile, a dhcp-relay profile must contain at least one destination IP.
• There is no limit of dhcp-relay profiles, but there is only one active profile at the time.
• Modification of the dhcp-relay profile currently in use can be made anytime. Changes are activated immediately. When all destination IPs are removed the profile is considered invalid and the DHCP-Relay is shut
down.
Mode: Configure
Step
Command
Purpose
1
[name](cfg) #[no] profile dhcprelay name
[name] (pf-dhcpr)[name]#destination <ip-address>
or
[name] (pf-dhcpr)[name]#destination after <index> <ip-address>
or
[name] (pf-dhcpr)[name]#destination before <index> <ip-address>
or
[name] (pf-dhcpr)[name]#no destination <index>
[name] (pf-dhcpr)[name]#maxhops <1...16>
or
[name] (pf-dhcpr)[name]#no maxhops
[name] (pf-dhcpr)[name]#trafficclass <traffic-class>
Enter dhcp-relay profile mode. A new profile is created if
none with the given name exists.
Add or remove an IP-Address to the profile. The IPAddress can be any kind of address, means uni-, mulit-, or
broadcast. Be aware that every DHCP- Request will be
relayed to all ip- addresses in the list in the order they
are listed. The DHCP-Relay profile is only valid if it contains at least one destination IP. The maximum amount of
destinations is limited to 16.
2
3
4
DHCP-server configuration tasks
Sets the max-hops a packet may have passed so far.
When a packet exceeds the max-hops limit, it is silently
discarded.
Max-hops is by default set to 4. This is an optional configuration command.
Sets traffic class for DHCP packets. The traffic class may
be new or may already exist. This is an optional configuration command.
302
SmartWare Software Configuration Guide
27 • DHCP configuration
Enable/Disable DHCP-Relay Agent
Mode: Context IP
Step
1
Command
Purpose
[name] (ctx-ip)[name]# dhcp-relay Enable or disable DHCP-Relay. DHCP-Relay cannot be
use <profile>
enabled if a DHCP-Server is running.
or
[name] (ctx-ip)[name]# no dhcprelay
DHCP-server configuration tasks
303
Chapter 28 DNS configuration
Chapter contents
Introduction ........................................................................................................................................................305
DNS configuration task list .................................................................................................................................305
Enabling the DNS resolver ............................................................................................................................305
Enabling the DNS relay ................................................................................................................................306
304
SmartWare Software Configuration Guide
28 • DNS configuration
Introduction
The domain name system (DNS) enables users to contact a remote host by using easily remembered text labels
(www.patton.com, for example) instead of having to use the host’s numeric address (209.45.110.15, for example). When DNS names are entered as part of configuration commands or CLI exec mode commands in applications like Ping, Traceroute, or Tftp, the SmartNode uses a DNS resolver component to convert the DNS
names into the numeric address.
The SmartNode can be configured as a caching DNS relay server to speed data transfers, acting as the DNS
server for a private network. In this configuration, hosts in the network send their DNS queries to the SmartNode, which checks to see if the DNS name is in its DNS resolver cache. If it finds the name in cache, the
SmartNode uses the cached data to resolve the DNS name into a numeric IP address. If the name is not in
cache, the query is forwarded on to a DNS server. When the SmartNode receives the answer from the server, it
adds the name to the cache, and forwards it on to the host that originated the query. This process enables the
SmartNode to provide answers more quickly to often-queried DNS names, reducing the number of DNS queries that must be sent across the access link.
DNS configuration task list
The following sections describe how to configure the DNS component:
• Enabling the DNS resolver
• Enabling the DNS relay
Enabling the DNS resolver
To enable the SmartNode DNS resolver, you must configure it with the address of one or more DNS servers
that will be used to resolve DNS name queries. If multiple DNS servers are configured, the SmartNode will
query each server in turn until a response is received. DNS servers are configured as follows:
Mode: Configure
Step
1
2
2
Command
Purpose
node(cfg)#dns domain-name server
server-ip-address
Add an IP address of a DNS server to be used
resolving DNS names
Repeat step 1 for each additional DNS server
you want to add
node(cfg)#dns-client cache number-of-entries Optional. Defines the maximum number of DNS
answers stored within the cache (default is 30)
Example: Configuring DNS servers
The following example shows how to add DNS servers to the SmartNode DNS resolver and increase the size of
the DNS cache to 100 entries.
node>enable
node#configure
node(cfg)#dns-client server 62.2.32.5
node(cfg)#dns-client server 62.2.100.45
node(cfg)#dns-client cache 100
Introduction
305
SmartWare Software Configuration Guide
28 • DNS configuration
You can test the DNS server configuration using the dns-lookup command as follows:
Example: Testing DNS server configuration
node(cfg)#dns-lookup www.patton.com
Name:
www.patton.com
Address: 209.49.110.5
Note
The DNS resolver automatically learns domain name servers if it receives
them through PPP or DHCP protocols. You can verify that the DNS
resolver has received domain name servers by using the show dns-client
command as follows:
node(cfg)#show dns-client
The following DNS servers are currently available:
Configured IP: 195.186.1.110
Discovered IP: 81.221.250.10 (Not used)
Discovered IP: 81.221.252.10 (Not used)
node(cfg)#
Configured IP indicates a domain name server that has been configured as
shown at the beginning of this section. Discovered IP indicates a domain
name server that was learned automatically.
User’s PC
Node
DNS Client
TCP
UDP
DNS Relay
DNS Server
TCP
TCP
UDP
IP
IP
ENET
Remote Location
(somewhere on
the Internet)
Localized DNS
query traffic
ENET
UDP
IP
W
WAN
DNS query on
the WAN side
WA
WAN
Figure 45. DNS relay diagram
Enabling the DNS relay
DNS (Domain Name System) is a distributed database used in IP networks to provide the numerical IP
address for a URL’s host name. There are DNS Servers, DNS Relays, and DNS Clients (see figure 45). DNS
clients send queries with the host-name of interest to the DNS Server. The DNS server responds with the IP
DNS configuration task list
306
SmartWare Software Configuration Guide
28 • DNS configuration
address. DNS Relay agents maintain a cache of host names and IP addresses, much smaller than a DNS Server.
It acts as a liaison between the DNS Server and the DNS client
Advantages in configuring a DNS Relay in the SmartNode are:
• Network traffic is reduced since only a single query is sent to the DNS server although numerous users may
be requesting an IP address for the same host name
• The DNS queries are localized between the Users and the SmartNode which reduces congestion on the
WAN side of the SmartNode
• Multiple DNS servers can be consulted from the SmartNode
The DNS resolver must be configured before you can use the DNS relay feature (see section “Enabling the
DNS resolver” on page 305 to enable the DNS resolver, if you have not already done so).
Do the following to enable the DNS relay feature:
Mode: Configure
Step
1
Command
node(cfg)#dns-relay
Purpose
Enables DNS relay feature
Example: Enabling DNS relay
The following example shows how to enable the DNS relay feature.
node>enable
node#configure
node(cfg)#dns-relay
Note
If a DHCP server profile has been set up, you can announce the SmartNode
as domain name server to the DHCP clients as follows:
node(cfg)#profile dhcp-server LAN
node(pf-dhcps)[LAN]#domain-name-server <ip-address>
Where ip-address must be the IP address of the SmartNode IP interface to
which the DHCP clients are connected.
DNS configuration task list
307
Chapter 29 DynDNS configuration
Chapter contents
Introduction ........................................................................................................................................................309
DynDNS configuration task list ..........................................................................................................................309
Creating a DynDNS account ........................................................................................................................309
Configuring the DNS resolver ......................................................................................................................309
Configuring basic DynDNS settings .............................................................................................................310
Configuring the DynDNS server ..................................................................................................................310
Configuring advanced DynDNS settings (optional) ......................................................................................311
Defining a mail exchanger for your hostname .........................................................................................311
Troubleshooting ...........................................................................................................................................311
308
SmartWare Software Configuration Guide
29 • DynDNS configuration
Introduction
SmartNodes are often used in applications where the addresses of their IP interfaces are not assigned statically
(i.e. permanently) but instead are configured dynamically. In these applications, the IP address is assigned
dynamically using protocols like DHCP or PPP. The problem with dynamically assigning addresses is that
when the IP address changes, remote devices can no longer contact the SmartNode because they do not know
what the new address is.
Dynamic DNS (DynDNS) addresses this problem by registering a permanent hostname for your SmartNode.
DynDNS then directs traffic sent to the registered host name on to the SmartNode’s ISP-assigned dynamic IP
address, enabling the SmartNode to be accessed from the Internet without knowing its current dynamic IP
address.
The DNS server used for registration is operated by Dynamic Network Services, Inc. You can find detailed
information about the company and the services it offers on the webpage www.dyndns.org. The company
offers different levels of service. The basic services are offered free of charge, while the more advanced services
are chargeable.
The SmartNode supports the following DynDNS services:
• Dynamic DNS
• Static DNS
• Custom DNS
DynDNS configuration task list
This section describes configuring the DynDNS service. All possible configurations, which are involved in a
specific configuration topic are described in the respective configuration task. To get a minimal working configuration of the DynDNS client, you must execute all the configuration tasks of the list below, except the tasks
explicitly marked as optional.
• Creating a DynDNS account
• Configuring the DNS resolver
• Configuring basic DynDNS settings
• Configuring advanced DynDNS settings (optional)
Creating a DynDNS account
Before using the DynDNS service, you must create a DynDNS account on the DynDNS server and add a
hostname to your account, which can be updated by the SmartNode. Go to the DynDNS website at
www.dyndns.org and follow the instructions on the webpage to create the account and add a hostname.
Configuring the DNS resolver
The DynDNS client requires that the SmartNode’s DNS resolver be enabled. You can find additional information about how to configure the DNS resolver in chapter 28, “DNS configuration” on page 304.
Introduction
309
SmartWare Software Configuration Guide
29 • DynDNS configuration
Configuring basic DynDNS settings
The following procedure describes the steps necessary to enable the DynDNS feature.
Mode: DynDNS
Step
1
2
3
Command
node(dyndns)#authentication user password
node(dyndns)#service
{dynamic|static|custom}
node(dyndns)#hostname name
Purpose
Defines the authentication credentials of your
DynDNS account
Defines the DynDNS service to use
Defines the hostname that will be assigned to the
SmartNode
Example: Configuring DynDNS
The following example shows the necessary steps required for a basic working configuration of the
DynDNS client.
node>enable
node#configure
node(cfg)#context ip
node(ctx-ip)[router]#dyndns
node(dyndns)#authentication Bob 245gf46te
node(dyndns)#service dynamic
node(dyndns)#hostname myhostname.dyndns.org
node(dyndns)#observe eth1
Configuring the DynDNS server
A DynDNS server other than “dyndns.org” can be configured in case you or your provider runs an own
DynDNS server.
Mode: context cs/dyndns
Step
1
Command
Purpose
[name](dyndns)# server [<server- Set the DynDNS server name. The default value is
name>]
“dyndns.org”.
DynDNS configuration task list
310
SmartWare Software Configuration Guide
29 • DynDNS configuration
Configuring advanced DynDNS settings (optional)
Defining a mail exchanger for your hostname
If required, you can define a mail exchanger or a backup mail exchanger for your hostname on the
DynDNS server.
Mode: DynDNS
Step
1
Command
node(dyndns)# mail-exchanger
hostname [backup-mx]
Purpose
Defines the host, which is the mail exchanger for your hostname. If the backup-mx parameter is specified, the mailexchanger will be registered as backup mail exchanger only
Example: Defining a mail exchanger
The following example shows how to define a mail exchanger named mail.mycompany.com, which should be
used as the primary mail-exchanger for the registered DynDNS hostname.
node>enable
node#configure
node(cfg)#context ip
node(ctx-ip)[router]#dyndns
node(dyndns)#mail-exchanger mail.mycompany.com
Troubleshooting
The DynDNS component provides several commands to analyze and solve DynDNS problems. You can
retrieve basic DynDNS status information as follows:
Mode: DynDNS
Step
1
Command
node(dyndns)#show dyndns
Purpose
Display basic DynDNS status information
Example: Displaying DynDNS status information
The following example displays status information of a properly configured and working DynDNS client.
node(dyndns)#show dyndns
Current state: Idle
Last registered address: 243.232.39.64
Hostname: test.dyndns.org
You can also monitor current activities of the DynDNS client. This includes ongoing DNS queries for
DynDNS servers, verification of the currently registered IP address and updating the registration on the
DynDNS server. The debug monitor can be enabled as follows;
Mode: Configure
Step
1
Command
node(cfg)#debug dyndns
DynDNS configuration task list
Purpose
Enable the DynDNS debug monitor
311
SmartWare Software Configuration Guide
29 • DynDNS configuration
Example: Displaying DynDNS status information
The following example shows how to enable the debug monitor and the output of the monitor when the IP
address on the DynDNS server can be updated successfully.
node(dyndns)#debug dyndns
16:20:43 DYNDNS>
16:20:43 DYNDNS>
16:20:43 DYNDNS>
16:20:43 DYNDNS>
16:20:43 DYNDNS>
registered one
16:20:43
16:20:43
16:20:43
16:20:43
16:20:44
16:20:44
DYNDNS>
DYNDNS>
DYNDNS>
DYNDNS>
DYNDNS>
DYNDNS>
Resolving 'checkip.dyndns.org'...
Resolved 'checkip.dyndns.org'.
Retrieving current IP address...
Sending request...
Current IP address (57.32.59.64) does not match last
(43.23.44.2). DNS update is required.
Resolving 'update.dyndns.org'...
Resolved 'update.dyndns.org'.
Updating DNS...
Sending request...
DNS updated successfully
Registered IP address is (57.32.59.64).
If required, you can force the DynDNS component to re-register the current IP address on the DynDNS
server—even if the dynamic IP address has not changed—using the following command (this command could
also be useful for observing the update process in the debug monitor).
IMPORTANT
Possible blocking—Do not use this command too often,
because the DynDNS server will block your hostname, if you
trigger too many unnecessary updates of your IP address.
You can also force the DynDNS client to resume normal operation, if the state of the DynDNS client is shown
as blocked and the problem which led to the blocked state has been solved. The DynDNS client will enter the
blocked state if the DynDNS server reports an unrecoverable error during DNS updates that require user intervention. These are mainly configuration problems, such as invalid credentials or an invalid hostname.
Mode: DynDNS
Step
1
Command
node(dyndns)#dyndns reset
DynDNS configuration task list
Purpose
Forces a re-registration of the current IP address on the
DynDNS server, even if an update is not necessary
312
Chapter 30 PPP configuration
Chapter contents
Introduction ........................................................................................................................................................314
PPP configuration task list...................................................................................................................................315
Creating an IP interface for PPP ...................................................................................................................315
Disable interface IP address auto-configuration from PPP .............................................................................317
Creating a PPP subscriber .............................................................................................................................317
Trigger forced reconnect of PPP sessions using a timer .................................................................................319
Disable interface IP address auto-configuration from PPP .............................................................................319
Configuring a PPPoE session ........................................................................................................................319
Configuring PPP over a HDLC Link ............................................................................................................321
Creating a PPP profile ...................................................................................................................................321
Configuring the local and remote PPP MRRU .............................................................................................323
Displaying PPP configuration information ...................................................................................................324
Debugging PPP ............................................................................................................................................325
Sample configurations .........................................................................................................................................329
PPP over Ethernet (PPPoE) ..........................................................................................................................329
Without authentication, encapsulation multi, with NAPT ......................................................................329
With authentication, encapsulation PPPoE .............................................................................................329
PPP over a HDLC Link (Serial Port) ............................................................................................................330
Without authentication, numbered interface ...........................................................................................330
With authentication, unnumbered interface ............................................................................................330
PPP over a HDLC Link (E1T1 Port) ............................................................................................................330
Without authentication, numbered interface ...........................................................................................330
PPP Dial-up over ISDN ......................................................................................................................................331
PPP Dialer ....................................................................................................................................................331
Create a dialer .........................................................................................................................................332
Create outbound destinations ..................................................................................................................332
Configure recovery strategy .....................................................................................................................333
Create inbound destinations ....................................................................................................................334
Debug dialer functionality .......................................................................................................................336
Example – Dial-on demand feature .........................................................................................................336
Dial-up .........................................................................................................................................................337
Dial-up on demand .................................................................................................................................337
Dial-up on monitor .................................................................................................................................338
Dial-up nailed .........................................................................................................................................338
.....................................................................................................................................................................338
313
SmartWare Software Configuration Guide
30 • PPP configuration
Introduction
This chapter describes how to configure the point-to-point protocol over different link layers.
The point-to-point protocol (PPP) provides a standard method for transporting multi-protocol datagrams over
point-to-point links as defined by the RFC1661 etc. SmartWare offers PPP over the following link layers:
• PPP over Ethernet (PPPoE)
• PPP over HDLC
Figure 46 shows the elements involved in the configuration of PPP. The elements required to configure PPP
over Ethernet are located in the upper left corner of the figure. The elements for PPP over a HDLC Framed
Serial Link are in the lower left corner. For PPP over ISDN, the elements are in the middle and the lower right
corner.
port
ethernet
use
profile ppp
PPPoE
Session
Session
Profile
PPP
bind
subscriber
Subscriber
PPP
bind
interface
bind
interface
interface
ppp / pppout
interface (ip)
bind
interface
Context
IP
'router'
bind
interface
Profile
PPP
Subscriber
PPP
SR
bind
subscriber
Context
CS
'switch'
interface
pstn
Subscriber
PPP
bind
subscriber
use
profile ppp
port
serial
bind port
<slot>
<port> *
port
isdn
port
isdn
* multiple occurrencies
Figure 46. PPP configuration overview
Since the purpose of PPP is providing IP connectivity over different types of link layers, all PPP configuration
elements connect to the IP context through an IP interface. This connection is relayed via a subscriber profile if
either PPP peer requires authentication.
For PPP over Ethernet, a PPPoE session must be configured on the respective Ethernet port. It is possible to
set-up several (limited by the available memory) PPPoE sessions on the same Ethernet port, each session with
Introduction
314
SmartWare Software Configuration Guide
30 • PPP configuration
its own IP interface. In addition to these PPPoE sessions, pure IP traffic can run concurrently over the same
Ethernet port. This is achieved by binding the Ethernet port directly to an IP interface.
PPP configuration task list
To configure PPP, perform the following tasks:
• Creating an IP interface for PPP
• Configuring for IP address auto-configuration from PPP (see page 317)
• Creating a PPP subscriber (for authentication) (see page 317)
• Configuring a PPPoE session (see page 319)
• Configuring PPP over a HDLC Link
• Creating a PPP interface within the CS context (not currently available)
• Creating a PSTN interface for PPP dial-in/dial-out (not currently available)
• Creating a PPP profile (see page 321)
• Displaying PPP configuration information (see page 324)
• Debugging PPP (see page 325)
Creating an IP interface for PPP
An IP interface is required to link a PPP connection to the IP context. The IP interface must apply a network
address port translation (NAPT) if the PPP service provider only offers a single IP address and not an IP subnet, or if the IP addresses on the LAN shall be private and hidden behind a public IP address (see 11, “NAT/
NAPT configuration” on page 132 for more information about NAPT).
This procedure describes how to create an IP interface for PPP
Mode: Context IP
Step
Command
1
node(ctx-ip)[router]#interface name
2
node(if-ip)[name]#point-to-point
Purpose
Creates the new interface name, which represents an IP interface.
Only defines what route is entered into the IP
routing table:
• point-to-point: A route to the IP address of
the PPP interface (assigned by the PPP peer)
is entered into the routing table.
• no point-to-point: A route to the subnet
defined by IP address of the PPP interface
(assigned by the PPP peer) is entered into
the routing table. The class of the IP address
determines the size of the subset.
Recommendation: Use ‘point-to-point’ and specify a default route.
PPP configuration task list
315
SmartWare Software Configuration Guide
Step
3
Command
node(if-ip)[name]#ipaddress
unnumbered
30 • PPP configuration
Purpose
The PPP remote peer offers an IP address for the
IP interface. The IP interface adopts this IP
address
or
node(if-ip)[name]#ipaddress dhcp
or
node(if-ip)[name]# ipaddress ip-address
netmask
4
node(if-ip)[name]# [no] tcp adjust-mss {
(optional) rx | tx } { mtu | mss }
Once PPP has established an IP connection, the
IP interface can use DHCP to acquire an IP
address. It sends a DHCP Discover message
(which is an IP broadcast) to the IP network to
which PPP has established connection. If no
DHCP Server is present, the IP interface does
not adopt the IP address offered by the PPP
remote peer but leaves the IP address undefined.
The IP interface requests from the PPP remote
peer to use the IP address ip-address. PPP
repeatedly tries to set-up a connection until the
remote peer accepts this IP address. It does not
accept any other IP address offered by the PPP
remote peer. The parameter netmask specifies
the size of the subnet in case ‘no point-to-point’
is configured
Limits to the MSS (Maximum Segment Size) in
TCP SYN packets to mss or to MTU (Maximum
Transmit Unit) - 40 Bytes, if ‘mtu’ is used. ‘rx’
applies to packets which arrive inbound at this
IP interface, ‘tx’ to packets which leave outbound of this IP interface.
PPP over Ethernet connections impose an overhead of 8 Bytes (PPP: 2 Bytes, PPPoE: 6 Bytes).
Some Ethernets do not allow payloads larger
than the 1500 Bytes which the standard
defines, so IP packets must not contain more
than 1492 bytes when transmitted over such
connections. Reducing the MTU/MRU to 1492
Bytes does not always solve the problem
because many sources do not allow fragmentation of the IP packets they send (they set the
‘Don’t fragment’). However, these sources limit
the size of the IP packets according to the MSS
which their peers announce in the TCP SYN
packets.
It is recommended to use ‘mtu’ inbound and
outbound.
PPP configuration task list
316
SmartWare Software Configuration Guide
Step
30 • PPP configuration
Command
Purpose
5
node(if-ip)[name]#use profile napt name Assigns the NAPT profile name to applied to
(optional)
this IP interface. See 11, “NAT/NAPT configuration” on page 132 to learn how to create a
NAPT profile.
Example: Create an IP interface for PPP
The following procedure creates an IP interface that can be used for all three types of link layers. The command lines tcp adjust-mss only apply to Ethernet link layers.
node(cfg)#context ip router
node(ctx-ip)[router]#interface ppp_interface
node(if-ip)[ppp_int~]#point-to-point
node(if-ip)[ppp_int~]#ipaddress unnumbered
node(if-ip)[ppp_int~]#tcp adjust-mss rx mtu
node(if-ip)[ppp_int~]#tcp adjust-mss tx mtu
Disable interface IP address auto-configuration from PPP
This procedure enables/disables automatic configuration of the interface IP address from the PPP network
control protocol negotiation.
Mode: profile ppp
Step
1
Command
Purpose
[name] (pf-ppp)# [no] local-addressautoconfig
Enables or disables auto-configuration of the
local IP address from PPP. Default: enabled.
Creating a PPP subscriber
One or more PPP subscriber shall be configured if either PPP peer requires authentication. This procedure
describes how to create a PPP subscriber
Mode: Configure
Step
1
Command
Purpose
node(cfg) # subscriber ppp name
Creates the new subscriber name, which contains the authentication settings.
PPP configuration task list
317
SmartWare Software Configuration Guide
Step
2
30 • PPP configuration
Command
Purpose
node(subscr)[name]# dial {in|out}
Defines the direction of the connection establishment with PPP over ISDN. This information allows
to use different subscribers for incoming and outgoing calls.
With the other two link layers, set the direction as
follows:
• PPP over Ethernet: ‘dial out’
• PPP over Serial: ‘dial in’
3
node(subscr)[name]# [no] authentication {
(chap pap) | {chap|pap} }
4
node(subscr)[name]# [no] identification
(optional) {outbound|inbound} user [password
password]
Defines the authentication protocol to be used,
PAP and/or CHAP
Sets the credentials to be provided during the
authentication procedure: the user name user
and the password password.
The keywords ‘inbound’ and ‘outbound’ define
the direction of authentication:
• ‘inbound’: The local peer checks the credentials that the remote peer sends.
• ‘outbound’: The local peer sends its credentials if the remote peer requests them.
The following restrictions apply to the direction of
authentication:
• - PPP over Ethernet: ‘outbound’ only
• - PPP over Serial: ‘inbound only’
5
node(subscr)[name]# [no] bind interface
interface [router]
Binds the subscriber to the IP interface to be used
for this PPP connection. The IP interface must
already exist and shall have the configuration as
outlined in section “Creating an IP interface for
PPP” on page 315.
Example: Create a PPP subscriber
The procedure below creates a PPP subscriber for a PAP authentication with some Internet Service Provider.
node(cfg)#subscriber ppp joe_example
node(subscr)[joe_exa~]#dial out
node(subscr)[joe_exa~]#authentication pap
node(subscr)[joe_exa~]#identification outbound joeexample@isp.com password blue4you
node(subscr)[joe_exa~]#bind interface ppp_interface router
PPP configuration task list
318
SmartWare Software Configuration Guide
30 • PPP configuration
Trigger forced reconnect of PPP sessions using a timer
In some situations, it is useful to disconnect and reconnect a PPP session at a clearly defined time. The following procedure shows how PPP can be configured to reconnect the connection every time a timer expires.
A common application for this feature: some ISPs disconnect the PPP session after a fixed period of time, for
example, 16 hours. This may cause call interruptions if it happens during the day. The timer allows to disconnect and reopen the PPP session at a predefined time, such as 0200 hours.
Mode: subscriber ppp <subscriber>
Step
1
Command
Purpose
[name] (subscr)[subscriber]# [no] timeout on- Enables/disables forced reconnect every time
timer <timer>
the timer <timer> expiries.
Disable interface IP address auto-configuration from PPP
This procedure enables/disables automatic configuration of the interface IP address from the PPP network
control protocol negotiation.
Mode: profile ppp
Step
1
Command
Purpose
[name] (pf-ppp)[no]# [no] local-addressautoconfig
Enables/disables autoconfiguration of the local
IP address from PPP. Default: enabled.
Configuring a PPPoE session
PPP can run over Ethernet (PPPoE). The active discovery protocol identifies the PPP remote peer on the Ethernet and establishes a PPPoE session with it. The PPPoE session provides a logical point-to-point link that to
runs PPP as if it was a physical point-to-point link (e.g. a serial link).
This procedure describes how to configure an Ethernet port and a session for PPPoE
PPP configuration task list
319
SmartWare Software Configuration Guide
30 • PPP configuration
Mode: Configure
Step
1
2
Command
Purpose
node(cfg) #port ethernet slot port
Enters Ethernet port configuration mode for the
interface on slot and port
node (prt-eth)[slot/port]# encapsulation Defines the payload type(s) to be used on the
{ip|pppoe|multi}
Ethernet:
• ‘ip’: IP traffic only (not used for PPP)
• ‘pppoe’: PPPoE sessions only
• ‘multi’: both IP traffic and PPPoE sessions
3
4
5
6
7
node (prt-eth)[slot/port]# [no] bind inter- Binds the Ethernet port to the IP interface to be
face name [router ]
used for the direct IP traffic (only required if
encapsulation ‘ip’ or ‘multi’ is selected)
node(prt-eth)[slot/port]#[no] shutdown Enables the ethernet port
node(prt-eth)[slot/port]#pppoe
Enters PPPoE mode
node(pppoe)[slot/port]#session name
Creates PPPoE session with the name name
node(pppoe)[slot/port]# [no] bind inter- Binds the PPPoE session directly to the IP interface name [router]
face name in case no authentication is required
or
node (pppoe)[slot/port]# [no] bind subscriber name
8
node (pppoe)[slot/port]# [no] use profile
(optional) ppp name
9
node(session)[name]#service Service(optional) Name
10
node(session)[name]#access-concentra(optional) tor AC-Name
11
node(session)[name]#[no] shutdown
PPP configuration task list
Binds the PPPoE session to the PPP subscriber
name in case authentication is required
Assigns a PPP profile other than the default profile to this PPPoE session
Defines the tag ‘Service-Name’ to be supplied
with Active Discovery in order to identify the
desired remote peer (check whether the remote
peer supports this feature)
The Active Discovery only accepts the PPPoE session if the remote peer provides tag ‘AC-Name’
with its Active Discovery Offer as specified. This
allows to identify the desired remote peer
Initiates the establishment of the PPPoE session
and the PPP connection
320
SmartWare Software Configuration Guide
30 • PPP configuration
Example: Configure a PPPoE session
The procedure below configures a PPPoE session for the connection to a DSL provider using the credentials
specified in the subscriber profile above.
node(cfg)#port ethernet 0 0
node(prt-eth)[0/0]#encapsulation pppoe
node(prt-eth)[0/0]#no shutdown
node(prt-eth)[0/0]#pppoe
node(pppoe)[0/0]#session green
node(session)[green]#bind subscriber joe_example
node(session)[green]#no shutdown
Configuring PPP over a HDLC Link
This procedure describes how to configure PPP over a HDLC link. Different kind of physical ports can be
configured for HDLC framed data transmission. On some ports the hdlc mode must be explicitly enabled
(PRI, BRI), other ports have a HDLC framed nature (Serial). That means, PPP can be configured in different
configuration modes. For this reason, the command description below refer always to the configuration mode
in which ppp has been enabled by setting the encapsulation to ‘ppp’. This configuration mode is called here
‘hdlc-sub’ but it is only an alias for the real mode.
Mode: hdlc-sub
Step
Command
Purpose
1
node(hdlc-sub)#[no] encapsulation ppp
Enables/Disables PPP
3
node(hdlc-sub)#[no] bind interface name
[router]
Binds the HDLC link directly to the IP interface
name in case no authentication is required
or
node(hdlc-sub)#[no] bind subscriber name Binds the HDLC link to the PPP subscriber name
in case authentication is required
or
node(hdlc-sub)#[no] bind subscriber
authentication { chap pap | { chap | pap Only the credentials provided at the establishment of the PPP session select the PPP sub}}
scriber. This allows to bind the HDLC link to the
set of all PPP subscribers.
4
node(hdlc-sub)#[no] use profile ppp name Assigns a PPP profile other than the default pro(optional)
file.
Creating a PPP profile
A PPP profile allows to adjust additional PPP parameters like the maximum transmit unit (MTU) and maximum receive unit (MRU). Only the most important parameters are listed here.
The profile default is always present and supplies the parameters if no other profile has been created or no profile can be used with a certain type of PPP connection. Profiles created by the user can only be used with PPP
over Ethernet connections. For all other types of PPP connections the default profile applies.
This procedure describes how to create a PPP profile or to modify the default PPP profile
PPP configuration task list
321
SmartWare Software Configuration Guide
30 • PPP configuration
Mode: Configure
Step
1
Command
node(cfg) #[no] profile ppp { name |
default }
2
node(pf-ppp)[name]#mtu min min max
(optional) max
Purpose
Creates the new PPP profile name and enters
the PPP profile configuration. The profile
‘default’ already exists.
Defines the minimum and maximum size of IP
packets (in Bytes) allowed on the outbound PPP
connection. Outbound packets larger than the
maximum size are fragmented into smaller
ones if allowed.
The default value is 1492 Bytes.
On the IP interface over which the PPP connection runs, the minimum of the IP interface MTU
and PPP MTU applies.
3
node(pf-ppp)[name]#mru min min max
(optional) max
Defines the minimum and maximum size of IP
packets (in Bytes) allowed on the inbound PPP
connection. The default value is 1492 Bytes.
Inbound packets larger than the maximum size
are fragmented into smaller ones if allowed.
The default value is 1492 Bytes.
4
node(pf-ppp)[name]#[no] van-jacobson Allows PPP to use Van Jacobson header com(optional) {compression|decompression} max-slots pression for TCP packets. Only the negotiation
max-slots
between the PPP peers determines whether this
header compression is really used. max-slots
determines the maximum number of concurrent
TCP sessions for which header compression
shall be done. The default is 31.
Example: Create a PPP profile
The procedure below creates a PPP profile, sets some of its parameters, and assigns it to a PPPoE session.
node(cfg)#profile ppp PPPoE
node(pf-ppp)[PPPoE]#mtu min 68 max 1492
node(pf-ppp)[PPPoE]#mru min 68 max 1492
node(pf-ppp)[PPPoE]#van-jacobson compression
node(pf-ppp)[PPPoE]#port ethernet 0 0
node(prt-eth)[0/0]#pppoe
node(pppoe)[0/0]#session green
node(session)[green]#use profile ppp PPPoE
PPP configuration task list
322
SmartWare Software Configuration Guide
30 • PPP configuration
Configuring the local and remote PPP MRRU
The PPP Maximum Receive Reconstructed Unit (MRRU) denotes the maximum reassembled MRU we are
able to receive above the multi-link PPP protocol, i.e. this is the MRU after reassembling frames from individual links inside a multi-link bundle. The valid range and default value of MRRU can be configured in the PPP
profile.
Mode: profile ppp
Step
Command
1
[name] (pf-ppp)[profile]# mrru [min
<min>] [max <max>] [default
<default>]
2
[name] (pf-ppp)[profile]# mtru [min
<min>] [max <max>] [default
<default>]
PPP configuration task list
Purpose
Configures the minimum, maximum and default
value of the local MRRU. The configured range
(min..max) is forced during PPP LCP negotiation,
while the default value is offered first. Note that the
MRRU option is only offered when multi-link is
enabled.
The default minimum value is 68.
The default maximum value is 1920.
The default default value is 1500.
Configures the minimum, maximum and default
value of the remote MRRU, i.e. the MRRU of the
remote side that we are willing to accept. The configured range (min..max) is forced during PPP LCP
negotiation, while the default value is used when
not offered.
The default minimum value is 68.
The default maximum value is 1920.
The default default value is 1500.
323
SmartWare Software Configuration Guide
30 • PPP configuration
Displaying PPP configuration information
This section shows how to display and verify the PPP configuration information.
Mode: Configure
Step
1
Command
Purpose
node(cfg) #show running-config
Gives the best overview of all PPP related configuration information. The following parts are of interest:
• profile ppp default
• profile ppp name
• interface name
• subscriber ppp name
• port ethernet slot port
• session name
2
3
node(cfg) #show subscriber ppp [ name ] Displays configuration information of the PPP subscriber name or of all PPP subscribers
node(pf-ppp)[name]#show profile ppp
Displays the PPP profile name or the default PPP
{ name | default }
profile
Example: Display PPP subscriber configuration information
node(session)[green]#show subscriber ppp joe_example
Subscribers:
-----------Name:
Direction:
Authentication:
Identification (inbound):
Identification (outbound):
Timeout for disconnect:
Max. sessions:
IP address:
Callback:
Binding:
Binding:
PPP configuration task list
joe_example
dial-out
pap
(none)
patton/patton
no absolute timeout, no idle timeout
no limit
(none)
(none)
interface ppp_interface router
interface ppp_interface router
324
SmartWare Software Configuration Guide
30 • PPP configuration
Example: Display a PPP profile
node(pf-ppp)[PPPoE]#show profile ppp PPPoE
Profiles:
--------Name:
default
LCP Configure-Request:
interval 3000 ms, max 10
LCP Configure-Nak:
max 5
LCP Terminate-Request:
interval 3000 ms, max 2
LCP Echo-Request:
interval 10000 ms, max 3
MTU:
68 - 1920
MRU:
68 - 1920
Callback:
both
CHAP:
allowed
PAP:
allowed
Authentication:
interval 3000 ms, max 3
IPCP Configure-Request:
interval 3000 ms, max 10
IPCP Configure-Nak:
max 5
IPCP Terminate-Request:
interval 3000 ms, max 2
Van-Jacobson Compression: allowed, max-slots 31
Van-Jacobson Decompression:allowed, max-slots 31
Name:
PPPoE
LCP Configure-Request:
interval 3000 ms, max 10
LCP Configure-Nak:
max 5
LCP Terminate-Request:
interval 3000 ms, max 2
LCP Echo-Request:
interval 10000 ms, max 3
MTU:
68 - 1492
MRU:
68 - 1492
Callback:
both
CHAP:
allowed
PAP:
allowed
Authentication:
interval 3000 ms, max 3
IPCP Configure-Request:
interval 3000 ms, max 10
IPCP Configure-Nak:
max 5
IPCP Terminate-Request:
interval 3000 ms, max 2
Van-Jacobson Compression: allowed, max-slots 24
Van-Jacobson Decompression:allowed, max-slots 31
Van-Jacobson Decompression:allowed, max-slots 31
Debugging PPP
A set of commands is available to check the status of the PPP connection and the PPPoE session. Furthermore,
two debug monitors help to analyze the dynamic behavior. The commands are listed in the order which you
should follow in case you encounter problems with PPP. This procedure describes how to display PPP configuration information
PPP configuration task list
325
SmartWare Software Configuration Guide
30 • PPP configuration
Mode: Configure
Step
1
2
Command
node(cfg) #show ppp links [ level ]
node(cfg) #show ppp networks [ level ]
Purpose
Displays status and configuration information of
the Link Control Protocol (LCP) and the authentication protocol(s) (PAP and/or CHAP). Check
whether the states of the two protocols are
‘Opened’.
level specifies to level of details displayed (1..4,
default is 1).
Displays status and configuration information of
the Network Control Protocol(s) (NCP), in particular the IP Control Protocol (IPCP). Check whether
the states of this protocol is ‘Opened’.
Under ‘Local configuration options’, you find the IP
address proposed by this SmartNode and under
‘Local acknowledged options’, the IP address
assigned by the remote peer.
3
4
5
6
7
node(cfg) #show pppoe [ name ]
level specifies to level of details displayed (1..4,
default is 1).
Displays status, configuration information, and statistics of PPPoE in general and of the PPPoE session(s). Check whether state of the respective
session is ‘Opened’.
node(cfg) #show port interface name
level specifies to level of details displayed (1..4,
default is 1).
Displays status and configuration information of the
IP interface at which a PPP connection terminates.
Check whether state of the interface is ‘OPENED’.
Under ‘Local IP Address’, you find the IP address
assigned to the IP interface. If it does not correspond to the IP address assigned by the PPP
remote peer, check whether the ‘ipaddress’ of the
IP interface is set to ‘unnumbered’.
node(cfg) #show port ethernet slot port
Displays status and configuration information of the
Ethernet/serial port over which a PPP connection/
PPPoE sessions runs. Check whether state of the port
is ‘OPENED’ and whether the encapsulation is set to
‘pppoe’ or ‘multi’ (only for Ethernet ports).
node(cfg) # [no] debug ppp [ all | ... ]
Enables all or a particular PPP debug monitor.
node(cfg) # [no] debug pppoe [ all | ... ] Enables all or a particular PPPoE debug monitor.
PPP configuration task list
326
SmartWare Software Configuration Guide
30 • PPP configuration
Example: Display PPP link information
node(cfg)#show ppp links 4
PPP Link Information:
=====================
Link:
ID:
0
Name:
ethernet 0 0
Protocols:
LCP, PAP
LCP:
ID:
0
Name:
ethernet 0 0
State:
Opened
Conf-Req send rate: 3000ms
Max. Conf-Req:
10
Term-Req send rate: 3000ms
Max. Term-Req:
2
Echo-Req send rate: 10000ms
Max. Echo-Req:
3
Local ID:
100000020390
Remote ID:
Local configured options:
Magic Number = 0x00000000
MRU = 1492 [68,1492]
ACCM = 0xffffffff
Local acknowledged options:
Remote configured options:
Magic Number = 0xb89d9e6b
MRU = 1492 [68,1492]
ACCM = 0xffffffff
Authentication Protocol = { PAP
Remote acknowledged options:
MRU = 1492 [68,1492]
Magic Number = 0xb89d9e6b
Authentication Protocol = { PAP
Remote denied options:
Remote rejected options:
PAP:
ID:
0
Name:
ethernet 0 0
State:
Opened
Direction:
supplying
Local authentication:
ID:
patton
Password:
patton
Success:
Remote authentication:
ID:
Password:
Success:
Greetings!!
Auth-Req send rate: 3000ms
Max. Auth-Req:
3
PPP configuration task list
0/pppoe/ppp_green
0/pppoe/ppp_green
}
}
0/pppoe/ppp_green
327
SmartWare Software Configuration Guide
30 • PPP configuration
Example: Display PPP network protocol information
node(session)[green]#show ppp networks 4
PPP Network Information:
========================
Network:
ID:
0
Name:
ethernet 0 0 0/pppoe/ppp_green/net
State:
up
IPCP:
ID:
0
Name:
ethernet 0 0 0/pppoe/ppp_green/net
State:
Opened
Conf-Req send rate:
3000ms
Max. unanswered Conf-Req:
10
Local configured options:
IP Address = 172.16.40.98
IP Compression Protocol = VJC (Max-Slot-Id=31, Comp-Slot-Id=1)
Local acknowledged options:
IP Address = 10.10.10.2
IP Compression Protocol = VJC (Max-Slot-Id=31, Comp-Slot-Id=1)
Remote configured options:
IP Address = 0.0.0.0
IP Compression Protocol = VJC (Max-Slot-Id=24, Comp-Slot-Id=1)
Remote acknowledged options:
IP Address = 10.10.10.1
IP Compression Protocol = VJC (Max-Slot-Id=15, Comp-Slot-Id=1)
Remote denied options:
Remote rejected options:
Example: Display PPPoE information
node(session)[green]#show pppoe 4
PPPoE Information:
==================
Instance:
ID:
Name:
Initiation Send Interval
Request Send Interval
Max. Initiations
Max. Requests
Received Octets
Received Packets
Received Discards
Received Errors
Received Unknown Protos
Transmitted Octets
Transmitted Packets
Transmitted Discards
Transmitted Errors
Session:
ID:
Name:
PPP configuration task list
0
ethernet 0 0 0/pppoe
3000 ms
1000 ms
20
3
7247
181
0
2
0
2952
152
1
0
1
green
328
SmartWare Software Configuration Guide
Service:
Access-Concentrator:
State:
Sent Initiations:
Sent Requests:
Peer Session-ID:
Peer MAC-Address:
30 • PPP configuration
Opened
1
1
3786
00:01:02:B8:4E:E4
Sample configurations
PPP over Ethernet (PPPoE)
Without authentication, encapsulation multi, with NAPT
profile napt WAN
context ip router
interface normal_ip_interface
ipaddress 172.16.1.1 255.255.0.0
interface ppp_interface
ipaddress unnumbered
point-to-point
tcp adjust-mss rx mtu
tcp adjust-mss tx mtu
use profile napt WAN
context ip router
route 0.0.0.0 0.0.0.0 ppp_interface 0
port ethernet 0 0
encapsulation multi
bind interface normal_ip_interface
no shutdown
pppoe
session green
bind interface ppp_interface
no shutdown
With authentication, encapsulation PPPoE
context ip router
interface ppp_interface
ipaddress unnumbered
point-to-point
tcp adjust-mss rx mtu
tcp adjust-mss tx mtu
subscriber ppp joe_example
dial out
authentication pap
Sample configurations
329
SmartWare Software Configuration Guide
30 • PPP configuration
identification outbound <user> password <password>
bind interface ppp_interface router
port ethernet 0 0
encapsulation pppoe
no shutdown
pppoe
session green
bind subscriber joe_example
no shutdown
PPP over a HDLC Link (Serial Port)
Without authentication, numbered interface
context ip router
interface ppp_interface
ipaddress 172.17.1.1 255.255.255.252
point-to-point
port serial 0 0
encapsulation ppp
bind interface ppp_interface
no shutdown
With authentication, unnumbered interface
context ip router
interface ppp_interface
ipaddress unnumbered
point-to-point
subscriber ppp joe_example
dial in
authentication pap
identification inbound <user> password <password>
bind interface ppp_interface router
port serial 0 0
encapsulation ppp
bind interface ppp_interface
no shutdown
PPP over a HDLC Link (E1T1 Port)
Without authentication, numbered interface
context ip router
interface myPPP
ipaddress 172.17.1.1 255.255.255.252
point-to-point
Sample configurations
330
SmartWare Software Configuration Guide
30 • PPP configuration
port e1t1 0 0
port-type e1
framing crc4
encapsulation hdlc
hdlc
encapsulation ppp
bind interface myPPP router
port e1t1 0 0
no shutdown
PPP Dial-up over ISDN
The following modules in this section must be configured in order to use the PPP dial-up over ISDN feature:
• PPP Dialer (see page 331)
• Dial-up (see page 337)
• IP Link Supervision (see page 338)
PPP Dialer
The PPP Dialer is one of the modules you have to configure in order to use the PPP dial-up over ISDN feature. Also, consider the dial-up command (page 337) and the check-connectivity command (page 338) on the
IP interface.
The dialer is responsible for establishing and tearing down call-signaling connections to the remote-access
server. The dialer is a virtual interface of the circuit-switching (CS) context. Thus the dialer belongs to the
domain of switch-circuit connectivity even if the established link finally runs the IP protocol.
To establish a connection, the dialer must be triggered by an external source, for example, a spoofing IP interface (an IP interface configured for dial-up). Whether this trigger is fired on the first packet sent over that IP
interface or if the primary link to the destination goes down, is configured using the dial-up command on
bound IP interface.
When the dialer receives the trigger event it tries to establish one or more connections to the configured destination. You can specify a list of destinations to be tried. Each destination configuration contains all information needed to dial and log in to a certain remote-access server (i.e. remote party number, login credentials,
PPP parameters, etc.). However some of the parameters are indirectly configured using a PPP subscriber configuration entity.
The following configuration parameters are the same for all destinations:
• Recovery Strategy: If and when a retry is started after a failed dial attempt.
• Destinations: A list of destinations, each of which contains the parameters below.
The following configuration parameters can be configured for each destination separately:
• Local and Remote Party Number: Calling- and Called-E.164 number for the signaling connection.
• Call Route: A link to a call-router element, for example an ISDN interface. This route defines over which
interface the dial-up call is placed. Instead of routing a call directly to an ISDN interface, you can also route
the call to a hunt-group service that hunts for a free B-channel over multiple BRI interfaces.
PPP Dial-up over ISDN
331
SmartWare Software Configuration Guide
30 • PPP configuration
• Retry List: A list of up to 8 retry timeouts that define if and when a retry is started for the same destination
after a failed dial attempt.
• Binding: By binding a dialer destination to a PPP subscriber configuration entity, you define the PPP protocol parameters (e.g. multi-link) and credentials that are applied to the dial-up connection. Note that each
dialer destination (link to a dial-up provider) may define its own credentials and PPP parameters. The PPP
subscriber configuration entity also defines from which IP interface the dial-trigger is received.
• PPP Profile: A PPP profile can be used to fine-tune PPP protocol parameters.
Create a dialer
The following command creates a new PPP dialer.
Mode: context cs
Step
1
Command
Purpose
[name] (ctx-cs)[router]# interface dialer
<dialer-name>
Creates a new dialer and enters its configuration mode.
Create outbound destinations
Follow the steps below to create an outbound destination instance. Each destination contains all information
needed to dial and log into a certain remote-access server (i.e. remote party number, login credentials, PPP
parameters, ect.). You can create more than one destination in order to fall back to another provider if the first
provider is not accessible at the moment.
Mode: context cs/interface dialer
Step
Command
Purpose
1
[name] (if-dialer)[dialer]#outbound
PROVIDER1
2
[name] (outbound)[provider]#local-e164
<e164>
3
[name] (outbound)[provider]#remote-e164
<e164>
4
[name] (outbound)[provider]#route call
dest-interface <if-name>
Creates an outbound destination where all
dial-up and login information for a certain
provider can be configured.
Configures the calling-party number that shall
be used to establish the call. This is the number of the local system.
Configures the called-party number that shall
be used to establish the call. This is the number of the remote access server.
Specifies a destination interface for call establishment (basic interface routing) or a destination table or call service (advanced call
routing).
See Chapter 33, “CS interface configuration”
on page 381 for further information.
[name] (outbound)[provider]#route call
dest-table <table-name>
[name] (outbound)[provider]#route call
dest-service <if-name>
PPP Dial-up over ISDN
332
SmartWare Software Configuration Guide
Step
30 • PPP configuration
Command
Purpose
5
[name] (outbound)[provider]#[no] retry
<timeout1> [<timeout2> [timeout3>...]]
6
[name] (outbound)[provider]#encapsulation ppp
7
[name] (outbound)[provider]#bind subscriber <subscriber>
Specifies how many times and after which
timeouts the dialer shall redial the same provider if the previous dial-attempt failed. Up to
8 retry timeouts can be specified. The specified timeouts are relative to the previous try.
So, if you specify a timeout list of retry 5
10 10, calls are made at time 0, 5, 15, 25.
Use the no-form of the command to only dial
once to the current destination. The dialer
goes over to the next destination if the retrylist is executed without the link being established.
Defines the data protocol that shall run over
the established signalling connection. Currently only PPP is available, which is the
default.
Indirectly binds to a spoofing IP interface over
a PPP subscriber. The PPP subscriber contains
all PPP protocol parameters (e.g. authentication protocol, credentials, multi-link, etc.)
See “Creating a PPP subscriber” on page 317
for further information.
8
[name] (outbound)[provider]#use profile
ppp <profile>
9
Defines the PPP profile that shall be used. The
PPP profile stores advanced PPP protocol
parameters.
See “Creating a PPP profile” on page 321 for
further information.
Repeat Steps 1-8 for all required backup providers you want to use.
Configure recovery strategy
The recovery strategy defines whether and when new dial-attempts are made after all configured outbound destinations are tried. When receiving a dial-trigger from a spoofing IP interface, the dialer iterates over its list of
outbound destinations once and tries to establish the first link. Each outbound destination may define a timeout list for internal retries. If this timeout list is executed without the link being established, the dialer goes over
to the next destination. The recovery strategy is only needed if all configured outbound destinations did not
manage to establish the link.
The default recovery strategy is as follows:
• If the first link could not be established because of call-signaling problems (e.g. no ISDN CONNECT
received), the dialer retries the first destination again after 30 seconds.
• If the first signalling connection could be established (e.g. ISDN CONNECT received), and therefore you
probably have to pay for the connection, but if the PPP negotiation failed, the dialer does not start another
retry. The operator has to manually reset the dialer (executing the reset command in the context cs/interface
dialer mode).
PPP Dial-up over ISDN
333
SmartWare Software Configuration Guide
30 • PPP configuration
• If an additional link (when using multi-link PPP) was up and is accidentally disconnected, we retry to
establish it after 5 seconds.
• If an additional link (when using multi-link PPP) could not be established because of call-signaling problems (e.g. no ISDN CONNECT received), the dialer retries the same destination again after 10 seconds.
• If an additional link (when using multi-link PPP) could be established (e.g. ISDN CONNECT received),
and therefore you probably have to pay for the connection, but if the PPP negotiation failed, the dialer does
not start another retry. It does not try to establish further links until the whole multi-link bundle is torn
down.
Use the following commands to configure the recovery strategy:
Mode: context cs/interface dialer
Step
Command
Purpose
1
[name] (if-dialer)[dialer]#[no] recovery initial-link on-signaling-failure <timeout>
2
[name] (if-dialer)[dialer]#[no] recovery initial-link on-network-error <timeout>
3
[name] (if-dialer)[dialer]#[no] recovery
additional-link if-already-up <timeout>
4
[name] (if-dialer)[dialer]#[no] recovery
additional-link on-signaling-failure
<timeout>
5
[name] (if-dialer)[dialer]#[no] recovery
additional-link on-network-error <timeout>
Configures the recovery timeout from a callsignaling failure of the first link of a multi-link
bundle. The default value is 30 seconds.
Configures the recovery timeout from a network-establishment error (e.g. a PPP negotiation problem) of the first link of a multi-link
bundle. The default is not to automatically
recover from this situation. The operation has
to execute the reset command manually in this
case.
Configures the recovery timeout from a link
teardown after the link was already up. The
default value is 5 seconds.
Configures the recovery timeout from a callsignaling failure of an additional link of a
multi-link bundle. The default value is 10 seconds.
Configures the recovery timeout from a network-establishment error (e.g. a PPP negotiation problem) of an additional link of a multilink bundle. The default is not to automatically
recover from this situation. The bundle will
drain out of links. When all links of the bundle
are down, the dialer recovers from this situation without a manual intervention.
Create inbound destinations
You can also create inbound destinations. Inbound destinations can be used for dial-in connections. In that
case the call-router must be configured to route certain calls (e.g. calls with information transfer capability of
unrestricted-digital) to the dialer interface.
If you want two devices to be symmetrically connected, each being able to establish a dial-on-demand connection to the other, you have to create an outbound and an inbound destination with the same configuration
parameters.
PPP Dial-up over ISDN
334
SmartWare Software Configuration Guide
30 • PPP configuration
The local and remote E.164 number configuration on inbound destinations have different meanings than for
outbound destinations. On inbound destinations these numbers are used to dispatch incoming calls to one of
the configured inbound destinations.
Follow the steps below to create an inbound destination instance. Each destination contains all information
needed to accept an incoming call and identify towards the remote party. You can create more than one
inbound destination in order to filter inbound calls and to apply different PPP subscribers and PPP profile to
call from different parties.
Mode: context cs/interface dialer
Step
1
2
Command
Purpose
[name] (if-dialer)[dialer]#inbound
PROVIDER1
[name] (inbound)[provider]#local-e164
<e164>
Creates an inbound destination to accept
incoming calls from a certain remote party.
The incoming call must have the configured
called-party number to be accepted. Use the
no-form of the command to accept calls to all
numbers.
The incoming call must have the configured
calling-party number to be accepted. Use the
no-form of the command to accept calls from
all numbers.
Defines the data protocol that shall run over
the established signalling connection. Currently only PPP is available, which is the
default.
Indirectly binds to a spoofing IP interface over
a PPP subscriber. The PPP subscriber contains
all PPP protocol parameters (e.g. authentication protocol, credentials, multi-link, etc.)
See “Creating a PPP subscriber” on page 317
for further information.
Defines the PPP profile that shall be used. The
PPP profile stores advanced PPP protocol
parameters.
See “Creating a PPP profile” on page 321 for
further information.
Repeat steps 1-6 for all required backup providers you want to use.
3
[name] (inbound)[provider]#remote-e164
<e164>
4
[name] (inbound)[provider]#encapsulation
ppp
5
[name] (inbound)[provider]#bind subscriber <subscriber>
6
[name] (inbound)[provider]#use profile
ppp <profile>
7
PPP Dial-up over ISDN
335
SmartWare Software Configuration Guide
30 • PPP configuration
Debug dialer functionality
The following commands show how to display information and events of a PPP dialer.
Mode: enable
Step
1
Command
Purpose
[name] #show call-control provider
<dialer> detail <detail>
Shows configuration and state information
about a certain dialer instance.
Mode: enable
Step
Command
Purpose
1
[name] #debug dialer detail <detail>
2
[name] #debug ppp <type>
Enables logging of dialer events and state
changes.
Enables logging of PPP protocol events. See
“Debugging PPP” on page 325 for further
information.
Example – Dial-on demand feature
The following example shows a configuration snippet to configure a backup-interface that uses the dial-on
demand feature to establish a backup-connection to the remote network. The remote network can be reached
either over the dial-in infrastructure of provider 1 or provider 2. Both need different credentials.
context ip
interface IF_PRIMARY
ipaddress 10.1.1.2 255.255.255.0
check-connectivity ping 10.1.1.1
interface IF_SECONDARY
ipaddress unnumbered
point-to-point
dial-up monitor interface IF_PRIMARY
route 0.0.0.0 0.0.0.0 10.1.1.1 0
route 0.0.0.0 0.0.0.0 IF_SECONDARY 1
subscriber ppp SUB_PROVIDER1
dial out
authentication chap pap
identification outbound MY_NAME password MY_PASSWORD
bind interface IF_SECONDARY
subscriber ppp SUB_PROVIDER2
dial out
authentication pap
identification outbound USER password PWD
bind interface IF_SECONDARY
context cs
PPP Dial-up over ISDN
336
SmartWare Software Configuration Guide
30 • PPP configuration
interface dialer IF_DIALUP
outbound 1 PROVIDER1
local-e164 100
remote-e164 0312345678
route call dest-interface BRI0
retry 5 10 10
encapsulation ppp
bind subscriber SUB_PROVIDER1
use profile ppp default
outbound 2 PROVIDER2
local-e164 100
remote-e164 0998887766
route call dest-interface BRI0
retry 5
encapsulation ppp
bind subscriber SUB_PROVIDER2
use profile ppp default
Dial-up
Dial-up is one of the modules you have to configure in order to use the PPP dial-up over ISDN feature. Also
consider the check-connectivity command (page 338) on the IP interface and the interface dialer mode
(page 331) in context cs.
Dial-up brings up an IP interface even if the link is not established (spoofing). On some trigger conditions the
spoofer gives the signal to dial or to drop the connection to dialer that is bound to the IP interface. There are
three different trigger conditions available.
Dial-up on demand
Dial when the first packet is sent out that interface and drop after a certain time where no packet is routed
through that interface.
Mode: context ip/interface
Step
1
Command
Purpose
[name] (if-ip) [interface]#[no] dial-up ondemand [idle timeout <seconds>]
[queue-limit <number>]
Configure dial-up on demand. Idle timeout
specifies the idle time in seconds before dropping connection (Default 300). Queue-limit
specifies the max. number of packets to
queue while the link is down (Default 4).
PPP Dial-up over ISDN
337
SmartWare Software Configuration Guide
30 • PPP configuration
Dial-up on monitor
Dial when a monitored interface is reported down and drop when that interface is reported up again. A delay
time prevents to dial or drop if the monitored interface changes the state only for a short time.
Mode: context ip/interface
Step
1
Command
Purpose
[name] (if-ip) [interface]#[no] dial-up monitor interface <ip-interface> [dial delay
<seconds>] [drop delay <seconds>]
[queue-limit <number>]
Configure dial-up to monitor the interface
specified. Dial delay specifies the timeout
before dialing (Default 10). Drop delay specifies the timeout before dropping connection
(Default 10). Queue-limit specifies the max.
number of packets to queue while the link is
down (Default 4).
Dial-up nailed
Dial if possible, and never drop.
Mode: context ip/interface
Step
1
Command
Purpose
[name] (if-ip) [interface]#[no] dial-up
nailed [queue-limit <number>]
Configure dial-up nailed. Queue-limit specifies the max. number of packets to queue
while the link is down (Default 4).
PPP Dial-up over ISDN
338
Chapter 31 CS context overview
Chapter contents
Introduction ........................................................................................................................................................340
CS context configuration task list ........................................................................................................................341
Planning the CS configuration ............................................................................................................................341
Configuring general CS settings...........................................................................................................................343
Configuring the clock source ...................................................................................................................343
Debugging the clock source .....................................................................................................................344
Selecting PCM law compression ..............................................................................................................345
Configuring call routing ......................................................................................................................................345
Creating and configuring CS interfaces................................................................................................................346
Specify call routing ........................................................................................................................................346
Configuring dial tones .........................................................................................................................................347
Configuring voice over IP parameters ..................................................................................................................347
Configuring ISDN ports .....................................................................................................................................348
Configuring FXS ports ........................................................................................................................................348
Configuring an H.323 VoIP connection .............................................................................................................348
Configuring a SIP VoIP connection ....................................................................................................................348
Activating CS context configuration ....................................................................................................................349
Planning the CS context ...............................................................................................................................352
Configuring general CS settings ....................................................................................................................353
Configuring call routing ................................................................................................................................353
Configuring VoIP settings ............................................................................................................................355
Configuring BRI ports ..................................................................................................................................355
Configuring an H.323 VoIP connection .......................................................................................................356
Activating the CS context configuration ........................................................................................................356
Showing the running configuration ...............................................................................................................358
339
SmartWare Software Configuration Guide
31 • CS context overview
Introduction
This chapter gives an overview of the circuit-switching (CS) context and associated components, and describes
the tasks involved in its configuration. It describes the steps needed configure voice connectivity, and refers to
other chapters where a configuration topic is explained in more detail. Before reviewing the content in this
chapter, read the configuration concepts as described in chapter 2, “Configuration concepts” on page 44.
The CS context is a high level conceptual entity that is responsible for all aspects of circuit signaling, switching,
and emulation. Besides the CS context itself, the CS entity consists of the following (indicated by the shaded
area enclosed by a dashed line in figure 47):
• The CS interfaces
• ISDN and FXS ports
• Tone-set profiles
• SIP and H.323 gateways
• VoIP profiles
The CS Context is enabled by default.
use commands
H.323 GW
Gateway
bind command
NAPT
Profile
Context
Interfaces
QoS
Profile
Context
IP
router
use command
use command
ACL
Profile
VoIP
Profile use
commands
Tone-set
Profile
VoIP
Profile
use
commands
Tone-set
Profile
Context
CS
switch
Tone-set
Profile
Tone-set
Profile
bind command
bind command
bind command
bind command
PVC
Circuit
ISDN
FXS
Serial
E thernet
Ports
bind commands
SIP GW
Figure 47. CS context configuration components
Introduction
340
SmartWare Software Configuration Guide
31 • CS context overview
The CS context and its associated components route and establish voice calls. For example, the signaling for
dial-up circuits is routed and the corresponding voice call circuits are switched between PSTN interfaces and
via VoIP interfaces to the VoIP gateways and the IP context (see section “Configuring call routing” on
page 345 for more details).
CS context configuration task list
Information needed for CS entity configuration is distributed among several configuration tasks, depending on
its logical content. For example, information pertaining to call routing is described in section “Configuring call
routing” on page 345. These configuration tasks can be described in other chapters; thus, to configure call
routing you have to refer to chapter 33, “CS interface configuration” on page 381 and chapter 40, “Call router
configuration” on page 456.
This chapter shows you the relationship between the CS configuration components. We recommend that you
perform the CS context configuration in the sequence described below. Many of the parameters have default
values that do not need to be changed, which means that you do have to modify all of the described configuration tasks. In such cases it is stated in the text that you can skip the optional configuration task.
1. Planning the CS configuration
2. Configuring general CS settings
3. Configuring call routing
4. Configuring dial tones (advanced)
5. Configuring voice over IP settings (advanced)
6. Configuring ISDN ports
7. Configuring FXS ports
8. Configuring a H.323 VoIP connection
9. Configuring a SIP VoIP connection
10. Activating the CS context configuration
Planning the CS configuration
There are many policies and factors that can influence the CS context configuration. It depends on what your
application is and how your network is configured. Several factors to consider for planning your CS configuration are listed below:
• Application/network scenario
• Peripheral devices, such as PBX or remote VoIP gateway.
• VoIP protocol
• Number and type of physical telephony ports available
• Call routing
CS context configuration task list
341
SmartWare Software Configuration Guide
31 • CS context overview
Figure 48 shows a typical application with a remote office in an enterprise network. The example focuses on the
SmartNode in the remote office. There is an ISDN phone, a personal computer, a connection to the public ISDN
network, and a connection to the IP backbone. The VoIP protocol used is H.323 with a codec G.711. A call can
be routed to the IP backbone and the public ISDN network depending on its prefix and number length.
Remote Office
Main Office
PSTN
Call Routing
Node
Node
IP
Backbone
193.192.37.12
172.16.101.1
193.192.37.8
H.323, Codec G.711
PC
ISDN Phone
H.323 GW
H.323 interface
Context IP
router
Context CS
switch
Session
Router
Call routing
Ethernet interfaces
IP
Backbone
bri
bri
eth 0/0
eth 0/1
ISDN interfaces
PSTN
PC
Figure 48. Remote office in an Enterprise network
An application like that shown in figure 48 would require the following CS configuration:
• Since the remote office is connected to the public switched telephone network, the clock-source comes from
the corresponding ISDN port. (Described in section “Configuring general CS settings” on page 343).
Planning the CS configuration
342
SmartWare Software Configuration Guide
Note
31 • CS context overview
Be careful when choosing where you get your clock source, if the clock used
for packaging the ISDN voice frames is not synchronized with the remote
ISDN clock, bit errors may result (such synchronization problems would
probably cause a fax transmission to fail).
• Two BRI ports will be needed, the first port for the ISDN phone and the second for the public ISDN network (see section “Configuring ISDN ports” on page 348).
• Two ISDN interfaces will be needed, each bound to a BRI port (see section “Configuring call routing” on
page 345)
• An H.323 interface is required in order to use H.323 (see section “Configuring call routing” on page 345)
• The call router routing tables, and the H.323 and ISDN interfaces will have to be configure to support call
routing (see section “Configuring call routing” on page 345).
Calls are routed from an ISDN phone with a number in the range of 1xx–5xx to the main office with a fallback to the PSTN. All other calls are routed from the ISDN phone to the PSTN and from the PSTN or
main office to the ISDN phone.
• The H.323 gateway must be configured to use the G.711 codec (see section “Configuring an H.323 VoIP
connection” on page 348)
• Two Ethernet ports and their corresponding IP interfaces will be needed.
You must not start to configure the CS context and its components until you have finished planning your voice
environment. The following chapters explain how to convert the planned voice environment into the SmartWare CS configuration. The IP configuration is not a topic in this example. For more information on IP configuration refer to chapter 9, “IP context overview” on page 114.
Configuring general CS settings
There are several parameters that cannot be collected into one specific configuration task, because they are
independent of the rest of the CS context configuration and apply mostly to an interface card or even to the
entire SmartNode.
Configuring the clock source
A reference clock is needed for packaging the ISDN voice frames. The reference clock can be generated internally or obtained from an external source (e.g. public ISDN). SmartNode devices have a feature called ‘Clock
Source Hunting’. This feature allows to configure an index-based list of clock sources. The source with the lowest index has the highest priority and vice versa. On SmartNode devices populated with several PRI or BRI
ports where more than one port is working in ‘clock slave’ mode, all these ports can be entered in the clock
source list. The algorithm behind this feature always takes the first synchronized ‘slave’ port in the list as the
current clock source. If the links of all the ports in the list are down or not synchronized, the system is falling
back to its internal clock source. It is also possible to enter all PRI or BRI ports of the device in the list, independent on their clock mode. The Clock Source Hunting algorithm ignores all entered ports that are not
working in ‘slave’ mode.
Configuring general CS settings
343
SmartWare Software Configuration Guide
31 • CS context overview
Mode: System
Step
1
Command
Purpose
node(sys)#clock-source hw-type slot port
Add an entry to the end of the list
node(sys)#clock-source index hw-type slot port
Overwrite and entry at position ‘index’
node(sys)#clock-source before index hw-type slot port
Insert an entry before position ‘index’
node(sys)#clock-source after index hw-type slot port
Insert an entry after position ‘index’
node(sys)#clock-source index up positions
Move entry at ‘index’ number of ‘positions’ up
node(sys)#clock-source index down positions
Move entry at ‘index’ number of ‘positions’ down
Debugging the clock source
To control the system behaviour at runtime, there exists a debug command with the options ‘event’ and ‘error’.
If the user enables the ‘event’ command, he can follow the system’s Clock Source Hunting algorithm, the output informs about the occurrence of a clock source change. In addition exists a ‘show’ command that prints the
clock source configuration and marks the ports that are synchronized. Further, the port that has been chosen
by the system as the current clock source will also be displayed.
Mode: Operator execution
Step
1
Command
node#[no] debug system-clock {event | error}
Purpose
Enables/Disables the system clock monitor
Mode: Operator execution
Step
1
Command
node#show system-clock
Purpose
Print system clock information
node#show system-clock
Current clock source
====================
t1 0 2 0
Registered clock sources
========================
Name
e1 0 1 0
t1 0 2 0
bri 0 3 0
bri 0 3 1
bri 0 3 2
bri 0 3 3
internal
Configuring general CS settings
Sync
X
X
344
SmartWare Software Configuration Guide
31 • CS context overview
Selecting PCM law compression
The PCM law-select specifies the voice characteristic compression curve. Two values are possible: a-Law (used
in Europe) and µ-Law (used in the USA).
Procedure: To set the general CS parameters
Mode: System
Step
Command
Purpose
1
node(sys)#clock-source internal
Generates the reference clock internally
or
or specifies a specific port to receive the
node (sys)#clock-source slot-number port-number reference clock.
2
node (sys)#ic voice slot-number
Changes to ic_voice mode.
3
node (ic-voice)[slot-number]#pcm law-select {
aLaw | uLaw }
Selects the PCM aLaw for Europe or
uLaw for USA.
Configure: General CS settings
The following example configures the general CS parameters
node>enable
node#configure
node(cfg)#system
node(sys)#clock-source 1 0
node(sys)#ic voice 1
node(ic-voice)[1]#pcm law-select aLaw
node(ic-voice)[1]#exit
Configuring call routing
Calls through a SmartNode can be routed according to a set of routing criteria. The entity that manages call
routing is called the call router. Calls are routed from one CS interface to another. The call router determines
the destination interface for every incoming call. It supports complex call routing and call property manipulation (e.g. number manipulation) functions. See chapter 40, “Call router configuration” on page 456.
Call routing occurs in the context CS element between several CS interfaces. Accordingly, a CS context and
two or more CS interfaces must be created.
Configuring call routing
345
SmartWare Software Configuration Guide
31 • CS context overview
SIP GW
SIP GW
H.323 GW
H.323 GW
A party
B party
Context CS
switch
H.323 Interface
ISDN Interface
Context IP
router
Context IP
router
Context CS
switch
IP Interface
IP Interface
Ethernet Port
BRI Port
H.323 Interface
Ethernet Port
ISDN Interface
ISDN Port
IP
Network
Figure 49. Direct call routing from one SmartNode to another
Figure 49 shows a call set up from the A-party on the left to the B-party on the right. The call is routed from
the phone on the left-hand side over the ISDN interface directly to an H.323 interface. Once it has passed the
IP context and the IP network, the other SmartNode—from the H.323 interface to the ISDN interface and
then over the BRI port to the B-party phone—routes the call.
Note
Because call routing occurs only in the CS context, in future figures the context IP is omitted. For configuring call routing you have to create the CS
interfaces and the call router tables as described in the chapters below. For
simple call routing directly from one interface to another you can even omit
router tables.
Creating and configuring CS interfaces
Multiple instances of CS contexts are supported. The name of the default instance is switch. The name and
number of CS interfaces depends on your own configuration. The interfaces on the CS context represent logical connections to other equipment or networks. CS interfaces are used as source and destination in the call
router. VoIP CS interfaces are bound to a gateway. Telephony ports are bound to respective interfaces.
Interface names can be any arbitrary string with a maximum of 25 characters. For ease of identification, the
interface type can be a part of the name. For examples and information on how to create CS interfaces, refer to
chapter 33, “CS interface configuration” on page 381.
Specify call routing
As mentioned previously, for basic call routing you can omit creating call router tables. SmartWare offers two
levels of call routing:
• Basic interface routing
• Advanced call routing
Creating and configuring CS interfaces
346
SmartWare Software Configuration Guide
31 • CS context overview
Basic interface routing allows you to forward all incoming calls on a CS interface directly to a destination CS
interface. The call router allows you to route calls to all available CS interfaces, based on a call property such as
calling number, destination number and ISDN bearer capability and many more.
We recommend that you first carefully consider what interfaces and call router tables are required to achieve
your goals on a sheet of paper, then start creating and configuring CS interfaces, and setting up call router
tables.
To configure basic interface routing refer to chapter 33, “CS interface configuration” on page 381. Other topics that belong to call routing are also explained in this chapter.
To configure advanced call routing in relation to the call router tables refer to chapter 40, “Call router configuration” on page 456. In this chapter, the differences between basic interface routing and advanced call routing
are described in more detail.
Configuring dial tones
SmartWare supports country-specific, configurable, in-band dial tones that are generated for specific events,
For example, alerting, and dialing or busy signals. The tones are configured in tone-set profiles that are used
from a specific CS interface.
If no tone-set profile is specified, a default tone-set profile is used. In most cases, the default profile can be used,
so you do not need to perform this configuration task.
Configuring voice over IP parameters
In SmartWare, there are many configurable parameters that can affect a voice over IP connection.
The voice over IP (VoIP) parameters are configured in the VoIP profile. A VoIP profile is used by a H.323 or
SIP interface. All calls going through that interface (see figure 49 on page 346) use the settings in the VoIP profile. The following parameters are configured in the VoIP profile:
• Codecs
• Fax transmission
• Filters
• DTMF relay
• Echo canceller
• Silence compression
• Voice volume
• Dejitter buffer
Refer to chapter 47, “VoIP profile configuration” on page 573 to configure general VoIP parameters. Some settings can adversely affect the voice quality perceived by the user and the bandwidth requirements of VoIP connections, so be sure you understand the meaning of the commands before changing any settings. Most of the
default values of these parameters are adequate, so that you generally do not need to perform these configuration tasks.
If no VoIP profile is specified to be used on an interface, a default VoIP profile is used. In most cases, the
default profile can be used, so you just need to change the default VoIP profile.
Configuring dial tones
347
SmartWare Software Configuration Guide
31 • CS context overview
Configuring ISDN ports
BRI and E1/T1 ports represent physical ports on the SmartNode. The configuration of the ISDN ports
depends on the port type (BRI, E1 or T1), and on the connected voice device. To configure the ISDN ports,
refer to chapter 34, “ISDN interface configuration” on page 390.
Configuring FXS ports
FXS ports represents physical ports on the SmartNode. To configure the FXS ports, refer to chapter 43, “FXS
port configuration” on page 537.
Configuring an H.323 VoIP connection
To configure a H.323 connection, you have to specify the voice codec selection used for the VoIP profile and
the call signaling.
Configuring the voice codec for an H.323 connection is done on a H.323 interface by specifying the VoIP profile that shall be used. The VoIP profile contains an ordered list of codecs that must be used for codec negotiation for all calls that pass this interface. During a call setup, the first codec that is specified in the VoIP profile is
taken. For information how to configure the codecs, refer to chapter 47, “VoIP profile configuration” on
page 573.
H.323 offers direct call signaling and gatekeeper routed call signaling methods. For direct call signaling, you have
to specify the remote terminal or gateway on each H.323 interface. Gatekeeper routed call signaling uses a
gatekeeper to find the destination address. For examples and information on how to configure direct call signaling on H.323 voice connections, refer to chapter 38, “H.323 interface configuration” on page 431. To configure gatekeeper routed call signaling on H.323 voice connections, refer to chapter 45, “H.323 gateway
configuration” on page 546.
Configuring a SIP VoIP connection
To configure a SIP connection, you have to specify the voice codec selection and the call signaling method for
the VoIP profile.
Configuring the voice codec for a SIP connection is similar to the H.323 connection. You have to specify the
VoIP profile that shall be used on a SIP interface. The VoIP profile contains an ordered list of codecs that shall
be used for codec negotiation for all calls that pass this interface. During a call setup, the first codec that is
specified in the VoIP profile is taken. For information on how to configure the codecs, refer to chapter 47,
“VoIP profile configuration” on page 573.
You can configure the SIP gateway to register to a registrar with multiple URIs. Optionally, you can configure
the SIP gateway to send all requests to an outbound proxy or redirect server.
You have several options on how to build a destination URI (To-URI) of an outgoing SIP call. You can use the
called party number in conjunction with the specified domain name or you can set a specific URI by the call
router, based on other call properties. For examples and information on how to configure the SIP gateway, refer
to chapter 46, “Context SIP gateway overview” on page 559. To configure SIP interfaces, refer to chapter 39,
“SIP interface configuration” on page 441.
Configuring ISDN ports
348
SmartWare Software Configuration Guide
31 • CS context overview
Activating CS context configuration
After configuring the CS context and its components, the configuration must be activated. This includes binding the physical ports to the CS interfaces and enabling the gateways, ports, and the CS context.
In order to become functional, each interface must be bound from one port from which it receives incoming
calls, and to which it forwards outgoing calls. Unlike ISDN and FXS interfaces, VoIP interfaces must be bound
to a gateway.
Note
The difference between VoIP and PSTN interface is that VoIP interfaces are
bound to a gateway while PSTN ports are bound to a CS interface. After
binding to become active, the BRI, E1, T1 or FXS port must be enabled.
To bind an ISDN port to an ISDN interface, refer to chapter 34, “ISDN interface configuration” on page 390.
To bind an FXS port to an FXS interface, refer to chapter 43, “FXS port configuration” on page 537. Likewise,
the H.323 or SIP gateway must be enabled. Additionally, the H.323 or SIP gateway must be bound to a specific IP interface. For more information, refer to chapter 45, “H.323 gateway configuration” on page 546 or
chapter 46, “Context SIP gateway overview” on page 559.
In order to become active, the CS context must be enabled. When recovering from the shutdown status, the
CS context and call router configuration is checked and possible errors are indicated. The call router debug
monitor can be enabled to show the loading of the CS context and call router configuration. SmartWare offers
a number of possibilities to monitor and debug the CS context and call router configurations. For example, the
call router debug monitor enables you to follow the sequence of tables and functions examined by the call
router for each call setup. Refer to chapter 52, “VoIP debugging” on page 624 for an introduction to the configuration debugging possibilities in SmartWare.
Note
You can modify the configuration at runtime; changes will be active after 3
seconds. It is not necessary to shutdown the CS context before making configuration changes, a newly created or changed configuration is automatically loaded as long as the context CS is not shut down. Currently open calls
are not affected by this reload.
There are several possibilities to show the actual CS context configuration. For more information on the show
command, refer to the respective configuration chapters or to the chapter 33, “CS interface configuration” on
page 381” and chapter 40, “Call router configuration” on page 456.
Procedure: Show the CS context configuration, enable the call router debug monitor and activate the
CS context
Activating CS context configuration
349
SmartWare Software Configuration Guide
31 • CS context overview
Mode: Context CS
Step
1
2
3
4
Command
Purpose
node(ctx-cs)[switch]#show call-router config detail Show the CS context configuration.
level
Level could be 1..5. Level 1 shows less,
level 5 shows all information.
node (ctx-cs)[switch]#debug call-router detail level Enable the call-router debug monitor.
Level could be 1..5. Level 1 only logs
errors, level 5 shows all relevant information to track calls through routing
tables.
node (ctx-cs)[switch]#no shutdown
Enable the CS context, checks the interface and call router configuration
node(ctx-cs)[switch]#show call-router status detail Show the actual state of the call router.
level
This includes all configured tables as
they were read-in from the configuration.
Example: Enable CS Context
The following example shows how to enable the call router debug monitor and how to enable the CS context.
It also shows the output from the call router debug monitor.
node(cfg)#show call-router config detail 5
Table switch/TAB-ISDN-SERVICE:
Key
Value
Function
Dest-Type
Dest-Name
itc
------------------------------------------------------------------------------unrestricted-digital dest-interface IF-LOCAL-BA
default
dest-table
TAB-DEST-A
Table switch/TAB-DEST-A:
Key
Value
Function
Dest-Type
Dest-Name
called-e164
------------------------------------------------------------------------------0
MAP-CAC-ORANGE dest-interface IF-LOCAL-BA
00
MAP-CLI-MELON dest-interface IF-NODE-C
07[4-6]
MAP-CAC-APPLE dest-interface IF-LOCAL-BA
0336652...
dest-interface IF-NODE-B
default
dest-interface IF-LOCAL-BA
Table switch/CAC-APPLE:
Key
Value
Function
Dest-Type
Dest-Name
called-e164
called-e164
------------------------------------------------------------------------------(.%)
1055\1
...
node(cfg)#debug call-router
node(cfg)#context cs
node(ctx-cs)[switch]#no shutdown
Activating CS context configuration
350
SmartWare Software Configuration Guide
02:14:30 CR
> Updating
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
02:14:33 CR
> [switch]
node(ctx-cs)[switch]#
31 • CS context overview
tables in 3 seconds...
Reloading tables now
Flushing all tables
Loading table 'TAB-ISDN-SERVICE'
Loading table 'TAB-DEST-A'
Loading table 'CAC-APPLE'
Loading table 'CAC-ORANGE'
Loading table 'CLI-MELON'
Loading table 'MAP-CAC-APPLE'
Loading table 'MAP-CAC-ORANGE'
Loading table 'MAP-CLI-MELON'
Loading table 'IF-LOCAL-BA-precall-service'
Loading table 'IF-PBX-A-precall-service'
Loading table 'IF-NODE-B-precall-service'
Loading table 'IF-NODE-C-precall-service'
Example: Configure SmartNode in an Enterprise Network
Situation: Figure 50 shows an enterprise network with a SmartNode configured with a BRI port. A PBX, a
LAN, the PSTN, and the company network are connected. The VoIP protocol used is H.323. There is no gatekeeper, so direct call signaling is used. The voice codec used is G.723, so the DTMF relay is enabled. Because
no special dial tones have to be specified, the default tone-set profile is used.
clock distribution
PSTN
Office C
Office A
PBX
147.86.130.11
Company
Backbone
Office B
User
2/3
147.86.130.1
User
2/2
Node
Net
2/1
Net
2/0
147.86.130.24
Figure 50. SmartNode in an Enterprise network
Call routing is specified as follows:
• Calls from office C with number 1xx to office A with a fallback to PSTN
• Calls from office C with number 2xx to office B with a fallback to PSTN
• All other calls from office C to PSTN
Activating CS context configuration
351
SmartWare Software Configuration Guide
31 • CS context overview
• Calls from office A or B with number 5xx to office C
• All other calls from office A or B to the PSTN (local breakout)
Gateway
H.323
H.323 interface: IF-COMPOFF-A
H.323 interface: IF-COMPOFF-B
Session
Router
Context CS
switch
PSTN interfaces:
IF-PBX1
and
IF-PBX2
PSTN interfaces
IF-PUBLIC-PSTN1
and
IF-PUBLIC-PSTN2
PSTN
Port
ISDN
2/3
Port
ISDN
2/2
Port
ISDN
2/1
Port
ISDN
2/0
PBX
Figure 51. CS Configuration
Planning the CS context
Based on the criteria used in the previous example, the following configuration information applies (see
figure 51):
• It is very important to specify from where to get the clock source for the packaging of the ISDN voice
frames. In the example we are connected to the PSTN network and get the clock source from the ISDN
over the ISDN port 2/3.
• We need four BRI ports, two for the PSTN and another two for the PBX. (Refer to section “Configuring
ISDN ports” on page 348).
• Furthermore we need four ISDN interfaces. Then we have to bind each BRI port to one of the ISDN interfaces. A hunt group that summarizes two ISDN interfaces is configured later during call router configuration.
• For every remote H.323 device we need a H.323 interface. There are two in total. One gets the remote IP
address of the SmartNode in office A, the other the IP address of the SmartNode in office B. (Refer to section “Configuring call routing” on page 345).
• We need a call router routing table to route the calls depending on the called party number. (Refer to section “Configuring call routing” on page 345).
• We further need two hunt groups, one that hunts calls to the two BRI interfaces to the PSTN and one for
the two BRI interfaces to the PBX.
• Then we need two other hunt group that tries to make a call over a VoIP and if this fails, falls back to the
PSTN.
Activating CS context configuration
352
SmartWare Software Configuration Guide
31 • CS context overview
• We enable DTMF relay and specify codec G.723. (Refer to section “Configuring voice over IP parameters”
on page 347).
• We define H.323 direct call signaling. (Refer to section “Configuring an H.323 VoIP connection” on
page 348).
Configuring general CS settings
First we set clock-source to ISDN port 2/3.
node>enable
node#configure
node(cfg)#system
node(sys)#clock-source 2 3
node(sys)#exit
node(cfg)#
Configuring call routing
Next we create the ISDN interfaces and configure call routing. Each interface is configured to route all incoming calls to the routing table TAB-CALLED-NUMBER. This table is part of the call router and configured
below:
node(cfg)#context cs
node(ctx-cs)[switch]#interface isdn IF-PBX1
node(if-pstn)[IF-PBX1]#route call dest-table TAB-CALLED-NUMBER
node(if-pstn)[IF-PBX1]#exit
node(ctx-cs)[switch]#interface isdn IF-PBX2
node(if-pstn)[IF-PBX2]#route call dest-table TAB-CALLED-NUMBER
node(if-pstn)[IF-PBX2]#exit
node(ctx-cs)[switch]#interface isdn IF-PUBLIC-PSTN1
node(if-pstn)[IF-PUBL~]#route call dest-table TAB-CALLED-NUMBER
node(if-pstn)[IF-PUBL~]#exit
node(ctx-cs)[switch]#interface isdn IF-PUBLIC-PSTN2
node(if-pstn)[IF-PUBL~]#route call dest-table TAB-CALLED-NUMBER
node(if-pstn)[IF-PUBL~]#exit
node(ctx-cs)[switch]#
In addition, we create the two H.323 interfaces and configure call routing, as well as the IP address of the
remote H.323 terminal, which is the IP address of the device in office A or office B, respectively.
node(ctx-cs)[switch]#interface h323 IF-COMPOFF-A
node(if-h323)[IF-COMP~]#route call dest-table TAB-CALLED-NUMBER
node(if-h323)[IF-COMP~]#remoteip 146.86.130.11
node(if-h323)[IF-COMP~]#bind gateway h323
node(if-h323)[IF-COMP~]#exit
node(ctx-cs)[switch]#interface h323 IF-COMPOFF-B
node(if-h323)[IF-COMP~]#route dest-table calledNumberRouting
node(if-h323)[IF-COMP~]#remoteip 146.86.130.24
node(if-h323)[IF-COMP~]#bind gateway h323
node(if-h323)[IF-COMP~]#exit
node(ctx-cs)[switch]#
Activating CS context configuration
353
SmartWare Software Configuration Guide
31 • CS context overview
Finally, we configure the call router. Here we create a routing table that examines the called party number of a
call and routes numbers starting with a 1 and containing at least 3 digits to the hunt group that tries to reach
company office A over VoIP and falls back to the PSTN. We route numbers starting with 2 and containing at
least 3 digits to the hunt group that tries to reach company office B over VoIP and falls back to the PSTN.
Calls with a prefix of 5 and at least 3 digits are routed to the hunt group that selects a free BRI to the PBX and
all other calls are routed to the hunt group that selects a free BRI to the PSTN:
node(ctx-cs)[switch]#routing-table called-e164 TAB-CALLED-NUMBER
node(rt-tab)[TAB-CAL~]#route 1.. dest-service HUNT-COMPOFF-A
node(rt-tab)[TAB-CAL~]#route 2.. dest-service HUNT-COMPOFF-B
node(rt-tab)[TAB-CAL~]#route 5.. dest-service HUNT-PBX
node(rt-tab)[TAB-CAL~]#route default dest-service HUNT-PUBLIC-PSTN
node(rt-tab)[TAB-CAL~]#show call-router config
Table switch/TAB-CALLED-NUMBER:
Key
Value
Function
Dest-Type
Dest-Name
called-e164
------------------------------------------------------------------------------1..
dest-service
HUNT-COMPOFF-A
2..
dest-service
HUNT-COMPOFF-B
5..
dest-service
HUNT-PBX
default
dest-service
HUNT-PUBLIC-PSTN
node(rt-tab)[TAB-CAL~]#exit
node(ctx-cs)[switch]#
The hunt group HUNT-COMPOFF-A tries to reach the company office A routing the call directly to the
H.323 interface IF-COMPOFF-A. When this call fails (e.g. because the data network is broken), we route the
call to the PSTN hunt group. Likewise, hunt group HUNT-COMPOFF-B works, but tries to route the call to
the H.323 interface IF-COMPOFF-B first.
node(ctx-cs)[switch]#service hunt-group HUNT-COMPOFF-A
node(rt-tab)[HUNT-CO~]#no cyclic
node(rt-tab)[HUNT-CO~]#timeout 5
node(rt-tab)[HUNT-CO~]#route call 1 dest-interface IF-COMPOFF-A
node(rt-tab)[HUNT-CO~]#route call 2 dest-service HUNT-PUBLIC-PSTN
node(rt-tab)[HUNT-CO~]#exit
node(ctx-cs)[switch]#service hunt-group HUNT-COMPOFF-B
node(rt-tab)[HUNT-CO~]#no cyclic
node(rt-tab)[HUNT-CO~]#timeout 5
node(rt-tab)[HUNT-CO~]#route call 1 dest-interface IF-COMPOFF-B
node(rt-tab)[HUNT-CO~]#route call 2 dest-service HUNT-PUBLIC-PSTN
node(rt-tab)[HUNT-CO~]#exit
node(ctx-cs)[switch]#
The hunt group HUNT-PBX routes the call either to the interface IF-PBX1 or IF-PBX2, depending on which
interface there is a free B channel. Likewise the hunt group HUNT-PUBLIC-PSTN works on the PSTN interfaces.
node(ctx-cs)[switch]#service hunt-group HUNT-PBX
node(rt-tab)[HUNT-PB~]#cyclic
node(rt-tab)[HUNT-PB~]#route call 1 dest-interface IF-PBX1
node(rt-tab)[HUNT-PB~]#route call 2 dest-interface IF-PBX2
node(rt-tab)[HUNT-PB~]#exit
node(ctx-cs)[switch]#service hunt-group HUNT-PUBLIC-PSTN
Activating CS context configuration
354
SmartWare Software Configuration Guide
31 • CS context overview
node(rt-tab)[HUNT-PU~]#cyclic
node(rt-tab)[HUNT-PU~]#route call 1 dest-interface IF-PUBLIC-PSTN1
node(rt-tab)[HUNT-PU~]#route call 2 dest-interface IF-PUBLIC-PSTN2
node(rt-tab)[HUNT-PU~]#exit
node(ctx-cs)[switch]#exit
node(cfg)#
Configuring VoIP settings
Because we need G.723 as codec we enable DTMF relay:
node(cfg)#profile voip H323-VOIP-PROFILE
node(pf-voip)[H323-VO~]#codec 1 g723-6k3
node(pf-voip)[H323-VO~]#dtmf-relay
node(pf-voip)[H323-VO~]#exit
node(cfg)#
We want to use this profile on our H.323 interfaces:
node(cfg)#context cs
node(ctx-cs)[switch]#interface h323
node(if-h323)[IF-COMP~]#use profile
node(if-h323)[IF-COMP~]#exit
node(ctx-cs)[switch]#interface h323
node(if-h323)[IF-COMP~]#use profile
node(if-h323)[IF-COMP~]#exit
node(cfg)#
IF-COMPOFF-A
voip H323-VOIP-PROFILE
IF-COMPOFF-B
voip H323-VOIP-PROFILE
Configuring BRI ports
Next step is to configure the BRI ports and to bind the ports to the ISDN interfaces. We configure the layer 2
(Q.921) to use point-to-point mode and layer 3 (Q.931) for user or net operation mode:
node(cfg)#port bri 2 0
node(prt-bri)[2/0]#q921
node(q921)[2/0]#protocol pp
node(q921)[2/0]#q931
node(q931)[2/0]#uni-side net
node(q931)[2/0]#encapsulation cc-isdn
node(q931)[2/0]#bind interface IF-PBX1
node(q931)[2/0]#exit
node(q921)[2/0]#exit
node(prt-bri)[2/0]#no shutdown
node(cfg)#port bri 2 1
node(prt-bri)[2/1]#q921
node(q921)[2/1]#protocol pp
node(q921)[2/1]#q931
node(q931)[2/1]#uni-side net
node(q931)[2/1]#encapsulation cc-isdn
node(q931)[2/1]#bind interface IF-PBX1
node(q931)[2/1]#exit
node(q921)[2/1]#exit
node(prt-bri)[2/1]#no shutdown
node(cfg)#port bri 2 2
node(prt-bri)[2/2]#q921
node(q921)[2/2]#protocol pp
node(q921)[2/2]#q931
Activating CS context configuration
355
SmartWare Software Configuration Guide
31 • CS context overview
node(q931)[2/2]#uni-side user
node(q931)[2/2]#encapsulation cc-isdn
node(q931)[2/2]#bind interface IF-PBX1
node(q931)[2/2]#exit
node(q921)[2/2]#exit
node(prt-bri)[2/2]#no shutdown
node(cfg)#port bri 2 1
node(prt-bri)[2/3]#q921
node(q921)[2/3]#q931
node(q921)[2/3]#protocol pp
node(q931)[2/3]#uni-side user
node(q931)[2/3]#encapsulation cc-isdn
node(q931)[2/3]#bind interface IF-PBX1
node(q931)[2/3]#exit
node(q921)[2/3]#exit
node(prt-bri)[2/3]#no shutdown
Configuring an H.323 VoIP connection
Next we configure call signaling:
node(cfg)#gateway h323 h323
node(gw-h323)[h323]#no ras
node(gw-h323)[h323]#faststart
node(gw-h323)[h323]#bind interface eth0
node(gw-h323)[h323]#exit
node(cfg)#
Activating the CS context configuration
Prior to activating our configuration we use two show commands to display part of our configuration:
node(cfg)#show call-router config detail 5
Table switch/IF-PBX1-precall-service:
Key
Value
Function
Dest-Type
Dest-Name
------------------------------------------------------------------------------dest-table
TAB-CALLED-NUMBER
Table switch/IF-PBX2-precall-service:
Key
Value
Function
Dest-Type
Dest-Name
------------------------------------------------------------------------------dest-table
TAB-CALLED-NUMBER
Table switch/IF-PUBLIC-PSTN1-precall-service:
Key
Value
Function
Dest-Type
Dest-Name
------------------------------------------------------------------------------dest-table
TAB-CALLED-NUMBER
Table switch/IF-PUBLIC-PSTN2-precall-service:
Key
Value
Function
Dest-Type
Dest-Name
------------------------------------------------------------------------------dest-table
TAB-CALLED-NUMBER
Activating CS context configuration
356
SmartWare Software Configuration Guide
31 • CS context overview
Table switch/IF-COMPOFF-A-precall-service:
Key
Value
Function
Dest-Type
Dest-Name
------------------------------------------------------------------------------dest-table
TAB-CALLED-NUMBER
Table switch/IF-COMPOFF-B-precall-service:
Key
Value
Function
Dest-Type
Dest-Name
------------------------------------------------------------------------------dest-table
TAB-CALLED-NUMBER
Table switch/TAB-CALLED-NUMBER:
Key
Value
Function
Dest-Type
Dest-Name
called-e164
------------------------------------------------------------------------------1..
dest-service
HUNT-COMPOFF-A
2..
dest-service
HUNT-COMPOFF-B
5..
dest-service
HUNT-PBX
default
dest-service
HUNT-PUBLIC-PSTN
node(cfg)#
node(cfg)#show gateway h323 config detail 5
H.323 Gateway: h323
===================
RAS Engine
---------Administrative Status:
Gatekeeper-Discovery:
Gatekeepers
Re-Registration Time:
Local Aliases
Source Information
Faststart:
Early-H.245:
H.245-Tunneling:
Call-Signaling:
Administrative Status:
node(cfg)#
no
auto
90s
yes
no
no
147.86.130.1/1720
close
Finally, activate the gateway and CS context:
node(cfg)#gateway h323
node(gw-h323)[gw_name]#no shutdown
node(gw-h323)[gw_name]#exit
node(cfg)#debug call-router detail 5
node(cfg)#context cs
node(ctx-cs)[switch]#no shutdown
02:30:26 CR
> Updating tables in 3 seconds...
02:30:28 CR
> [switch] Reloading tables now
02:30:28 CR
> [switch] Flushing all tables
02:30:28 CR
> [switch] Loading table 'IF-PBX1-precall-service'
02:30:28 CR
> [switch] Loading table 'IF-PBX2-precall-service'
02:30:28 CR
> [switch] Loading table 'IF-PUBLIC-PSTN1-precall-service'
Activating CS context configuration
357
SmartWare Software Configuration Guide
02:30:28 CR
> [switch]
02:30:28 CR
> [switch]
02:30:28 CR
> [switch]
02:30:28 CR
> [switch]
node(ctx-cs)[switch]#
Loading
Loading
Loading
Loading
31 • CS context overview
table
table
table
table
'IF-PUBLIC-PSTN2-precall-service'
'IF-COMPOFF-A-precall-service'
'IF-COMPOFF-B-precall-service'
'TAB-CALLED-NUMBER'
Showing the running configuration
The configuration script for our application looks as follows:
cli version 3.00
system
clock-source 2 3
profile
codec
codec
codec
voip H323-VOIP-PROFILE
1 g723-6k3 rx-length 30 tx-length 30
2 g711alaw64k rx-length 20 tx-length 20
3 g711ulaw64k rx-length 20 tx-length 20
context ip router
interface eth0
ipaddress 147.86.130.1 255.255.225.0
mtu 1500
interface eth1
ipaddress 10.0.0.1 255.255.225.0
mtu 1500
context cs switch
routing-table called-e164 TAB-CALLED-NUMBER
route 1.. dest-service HUNT-COMPOFF-A
route 2.. dest-service HUNT-COMPOFF-B
route 5.. dest-service HUNT-PBX
route default dest-service HUNT-PUBLIC-PSTN
interface h323 IF-COMPOFF-A
bind gateway h323
route call dest-table TAB-CALLED-NUMBER
remoteip 146.86.130.11
use profile voip H323-VOIP-PROFILE
interface h323 IF-COMPOFF-A
bind gateway h323
route call dest-table TAB-CALLED-NUMBER
remoteip 146.86.130.24
use profile voip H323-VOIP-PROFILE
interface isdn IF-PBX1
route call dest-table TAB-CALLED-NUMBER
interface isdn IF-PBX2
route call dest-table TAB-CALLED-NUMBER
Activating CS context configuration
358
SmartWare Software Configuration Guide
31 • CS context overview
interface isdn IF-PUBLIC-PSTN1
route call dest-table TAB-CALLED-NUMBER
interface isdn IF-PUBLIC-PSTN2
route call dest-table TAB-CALLED-NUMBER
service hunt-group HUNT-COMPOFF-A
timeout 5
drop-cause normal-unspecified
drop-cause no-circuit-channel-available
drop-cause network-out-of-order
drop-cause temporary-failure
drop-cause switching-equipment-congestion
drop-cause access-info-discarded
drop-cause circuit-channel-not-available
drop-cause resources-unavailable
route call 1 dest-interface IF-COMPOFF-A
route call 2 dest-service HUNT-PUBLIC-PSTN
service hunt-group HUNT-COMPOFF-B
timeout 5
drop-cause normal-unspecified
drop-cause no-circuit-channel-available
drop-cause network-out-of-order
drop-cause temporary-failure
drop-cause switching-equipment-congestion
drop-cause access-info-discarded
drop-cause circuit-channel-not-available
drop-cause resources-unavailable
route call 1 dest-interface IF-COMPOFF-B
route call 2 dest-service HUNT-PUBLIC-PSTN
service hunt-group HUNT-PBX
cyclic
drop-cause normal-unspecified
drop-cause no-circuit-channel-available
drop-cause network-out-of-order
drop-cause temporary-failure
drop-cause switching-equipment-congestion
drop-cause access-info-discarded
drop-cause circuit-channel-not-available
drop-cause resources-unavailable
route call 1 dest-interface IF-PBX1
route call 2 dest-interface IF-PBX2
service hunt-group HUNT-PUBLIC-PSTN
cyclic
drop-cause normal-unspecified
drop-cause no-circuit-channel-available
drop-cause network-out-of-order
drop-cause temporary-failure
drop-cause switching-equipment-congestion
drop-cause access-info-discarded
drop-cause circuit-channel-not-available
drop-cause resources-unavailable
Activating CS context configuration
359
SmartWare Software Configuration Guide
31 • CS context overview
route call 1 dest-interface IF-PUBLIC-PSTN1
route call 2 dest-interface IF-PUBLIC-PSTN2
context cs switch
no shutdown
gateway h323 h323
faststart
bind interface eth0 router
no shutdown
port ethernet 0 0
medium 10 half
encapsulation ip
bind interface eth0 router
no shutdown
port ethernet 0 1
medium 10 half
encapsulation ip
bind interface eth1 router
shutdown
port bri 2 0
clock auto
encapsulation q921
q921
protocol pp
uni-side auto
encapsulation q931
q931
protocol dss1
uni-side net
encapsulation cc-isdn
bind interface IF-PBX1
port bri 2 0
no shutdown
port bri 2 1
clock auto
encapsulation q921
q921
protocol pp
uni-side auto
encapsulation q931
q931
protocol dss1
uni-side net
encapsulation cc-isdn
bind interface IF-PBX2
Activating CS context configuration
360
SmartWare Software Configuration Guide
31 • CS context overview
port bri 2 1
no shutdown
port bri 2 2
clock auto
encapsulation q921
q921
protocol pp
uni-side auto
encapsulation q931
q931
protocol dss1
uni-side user
encapsulation cc-isdn
bind interface IF-PUBLIC-PSTN1
port bri 2 2
no shutdown
port bri 2 3
clock auto
encapsulation q921
q921
protocol pp
uni-side auto
encapsulation q931
q931
protocol dss1
uni-side user
encapsulation cc-isdn
bind interface IF-PUBLIC-PSTN2
port bri 2 3
no shutdown
Activating CS context configuration
361
Chapter 32 VPN configuration
Chapter contents
Introduction ........................................................................................................................................................363
Authentication ..............................................................................................................................................363
Encryption ....................................................................................................................................................363
Transport and tunnel modes .........................................................................................................................364
Permanent IKE Tunnels ..........................................................................................................................364
Key management ..........................................................................................................................................364
VPN configuration task list .................................................................................................................................365
Creating an IPsec transformation profile .......................................................................................................365
Creating an IPsec policy profile .....................................................................................................................365
Creating/modifying an outgoing ACL profile for IPsec .................................................................................367
Configuration of an IP interface and the IP router for IPsec ..........................................................................368
Displaying IPsec configuration information ..................................................................................................368
Debugging IPsec ...........................................................................................................................................369
Key management (IKE) .......................................................................................................................................370
Main differences between manual & IKE IPSEC configurations .............................................................370
Creating an ISAKMP transform profile ...................................................................................................371
Creating an ISAKMP IPSEC policy profile .............................................................................................372
Creating/modifying an outgoing ACL profile for IPSEC .........................................................................373
Configuration of an IP interface and the IP router for IPSEC .................................................................373
Policy matching ......................................................................................................................................373
Sample configuration snippet ..................................................................................................................373
Troubleshooting ...........................................................................................................................................374
Encrypted Voice - Performance considerations ....................................................................................................375
Performance considerations ...........................................................................................................................375
Enabling RTP encryption support .......................................................................................................................375
Using an alternate source IP address for specific destinations ...............................................................................376
Sample configurations .........................................................................................................................................377
IPsec tunnel, DES encryption .......................................................................................................................377
SmartNode configuration ........................................................................................................................377
Cisco router configuration .......................................................................................................................378
IPsec tunnel, AES encryption at 256 bit key length, AH authentication with HMAC-SHA1-96 ..................378
SmartNode configuration ........................................................................................................................378
Cisco router configuration .......................................................................................................................378
IPsec tunnel, 3DES encryption at 192 bit key length, ESP authentication with HMAC-MD5-96 ................379
SmartNode configuration ........................................................................................................................379
Cisco router configuration .......................................................................................................................379
362
SmartWare Software Configuration Guide
32 • VPN configuration
Introduction
This chapter describes how to configure the VPN connections between two SmartNodes or between a
SmartNode and a third-party device.
A virtual private network (VPN) is a private data network that uses the public telecommunications infrastructure, maintaining privacy through the use of a tunneling protocol and security procedures.
There are different technologies to implement a VPN. SmartWare applies the internet protocol security (IPsec)
Architecture (see RFC 2401). The following sections describe the main building blocks of the IPsec architecture as implemented in SmartWare.
Authentication
Authentication verifies the integrity of data stream and ensures that it is not tampered with while in transit. It
also provides confirmation about data stream origin.
Two authentication protocols are available:
• Authentication header (AH): protects the IP payload, the IP header, and the authentication header itself
• Encapsulating security payload (ESP): protects the IP payload and the ESP header and trailer, but not the
IP header
Two algorithms perform the authentication:
• HMAC-MD5-96: is a combination of the keyed-hashing for message authentication (HMAC) and the message digest version 5 (MD5) hash algorithm. It requires an authenticator of 128-bit length and calculates a
hash of 96 bits over the packet to be protected (see RFC 2403).
• HMAC-SHA1-96: is a combination of the (HMAC) and the secure hash algorithm version 1 (SHA1). It
requires an authenticator of 160 bit length and calculates a hash of 96 bits over the packet to be protected
(see RFC 2404).
Encryption
Encryption protects the data in transit from unauthorized access. Encapsulating security payload (ESP) is the
protocol to transport encrypted IP packets over IP (see RFC 2406).
The following encryption algorithms are available:
DES-CBC (Data Encryption Standard - Cipher Block Chaining)
3DES-CBC (Triple Data Encryption Standard - Cipher Block Chaining)
AES-CBC (Advanced Encryption Standard - Cipher Block Chaining)
Key Length [Bit]
RFC
56
2405
1851
a
128 or 192
128, 192, or 256
3268
a. The 3DES algorithm uses only 112 out of the 128 Bit or 168 out of the 192 Bit as key information. Cisco only supports 192 Bit keys with 3DES.
The single DES algorithm no longer offers adequate security because of its short key length (a minimum key
length 100 bits is recommended). The AES algorithm is very efficient and allows the fastest encryption. AES
with a key length of 128 bits is therefore the recommended algorithm.
Introduction
363
SmartWare Software Configuration Guide
32 • VPN configuration
Transport and tunnel modes
The mode determines the payload of the ESP packet and hence the application:
• Transport mode: Encapsulates only the payload of the original IP packet, but not its header, so the IPsec
peers must be at the endpoints of the communications link.
• A secure connection between two hosts is the application of the transport mode.
• Tunnel mode: Encapsulates the payload and the header of the original IP packet. The IPsec peers can be
(edge) routers that are not at the endpoints of the communications link.
A secure connection of the two (private) LANs, a ‘tunnel’, is the application of the tunnel mode.
Permanent IKE Tunnels
By default, IKE tunnels are established as late as possible (when the first packet is flowing through) and IKE
tunnels with expired lifetimes are reestablished only in case there is traffic flowing through. With the permanent option set, IKE tunnels are established shortly after boot and are reestablished after the expiration of their
lifetime even if there was no traffic flowing through.
Mode: Configure
Step
1
Command
node(pf-ipsik)[name]#protected- network {host <local-host-ip>}|{subnet
<local-subnet-address> <local-subnetmask>}|{range <local-range-start>
<local-range-end>} {host <remote-hostip>}|{subnet <remote-subnet-address>
<remote-subnet-mask>}|{range
<remote-range-start><remote-rangeend>} [permanent-tunnel]
Purpose
Optionally, if the remote system requires protected
networks to be specified in the identity payload of
the quick mode, you can define one or more protected networks using this command. If the tunnel
shall be established permanently the permanenttunnel flag must be set.
Key management
The current implementation of IP works with pre-shared keys (also called manual keying or manual IPsec) or
using Internet Key Exchange (IKE). Keys are manually generated, distributed, and stored as a hexa-decimal
string in the startup-configuration of the SmartNode and its peer.
Note
Depending on the processing hardware applied to reverse engineering a DES
key, it can take from 3 hours to 3 days to break the key. Thus, for maximum
security, DES keys must be manually updated regularly. AES- or 3DES-keys,
because they are much more complex, take so much longer to break as to be
practically infinite.
The automatically keyed IPSEC connections using the Internet Key Exchange (IKE / RFC2409) protocol that
is based on Internet Security Association and Key Management Protocol (ISAKMP / RFC2408) is the other
option. IKE supports authentication using pre-shared keys. There is currently no support for authentication
using Public Key Infrastructure (PKI) and digital certificates.
Introduction
364
SmartWare Software Configuration Guide
32 • VPN configuration
VPN configuration task list
To configure a VPN connection, perform the following tasks:
• Creating an IPsec transformation profile
• Creating an IPsec policy profile
• Creating/modifying an outgoing ACL profile for IPsec
• Configuration of an IP Interface and the IP router for IPsec
• Displaying IPsec configuration information
• Debugging IPsec
Creating an IPsec transformation profile
The IPsec transformation profile defines which authentication and/or encryption protocols, which authentication and/or encryption algorithms shall be applied.
Procedure: To create an IPsec transformation profile
Mode: Configure
mac-sha1-96 }Enables authentication and defines the authentication protocol and the hash algorithm
Step
Command
Purpose
1
node(cfg)#profile ipsec-transform name Creates the IPsec transformation profile name
2
node(pf-ipstr)[name]#esp-encryption {
Enables encryption and defines the encrypoptional aes-cbc | des-cbc | 3des-cbc } [key-length] tion algorithm and the key length
Supported key lengths see section “Encryption” on page 363
3
node(pf-ipstr)[name]#{ ah-authentication Enables authentication and defines the
optional | esp-authentication } {hmac-md5-96 | authentication protocol and the hash algohmac-sha1-96 }
rithm
Use no in front of the above commands to delete a profile or a configuration entry.
Example: Create an IPsec transformation profile
The following example defines a profile for AES-encryption at a key length of 128.
node(cfg)#profile ipsec-transform AES_128
node(pf-ipstr)[AES_128]#esp-encryption aes-cbc 128
Creating an IPsec policy profile
The IPsec policy profile supplies the keys for the encryption and/or the authenticators for the authentication,
the security parameters indexes (SPIs), and IP address of the peer of the secured communication. Furthermore,
the profile defines which IPsec transformation profile to apply and whether transport or tunnel mode shall be
most effective.
The SPI identifies a secured communication channel. The IPsec component needs the SPI to select the suitable
key or authenticator. Inbound and outbound channels can have the same SPI, but the channels in the same
direction—inbound or outbound—must have unique SPIs. The SPI is not encrypted and can be monitored.
VPN configuration task list
365
SmartWare Software Configuration Guide
32 • VPN configuration
Procedure: To create an IPsec policy profile
Mode: Configure
Step
1
2
Command
node(cfg)#profile ipsec-policy-manual name
node(pf-ipstr)[name]#use profile
ipsec-transform name
node(pf-ipstr)[name]#session-key
3
optional { inbound | outbound }
{ ah-aauthentication | espauthentication | esp-encryption } key
Purpose
Creates the IPsec policy profile name
Selects the IPsec transformation profile to be
applied
Sets a key for encryption or an authenticator for
authentication, either for inbound or outbound
direction. The key shall consist of hexadecimal
digits (0..9, A..F); one digit holds 4 Bit of key
information.
The key setting must match definitions in the
respective IPsec transformation profile. In particular, the length of the key or authenticator must
match the implicit (see section “Authentication”
on page 363 and “Encryption” on page 363) or
explicit specification.
Keys must be available for inbound and outbound directions. They can be different for the
two directions. Make sure that the inbound key
of one peer matches the outbound key of the
other peer.
4
node(pf-ipstr)[name]#spi
Sets the SPI for encryption (esp) or authentication
{ inbound | outbound } { ah | esp } spi (ah), either for inbound or outbound direction.
The SPI shall be a decimal figure in the range
1..232–1.
SPIs must be available for encryption and/or
authentication as specified in the respective IPsec
transformation profile.
5
node(pf-ipstr)[name]#peer ip-address
SPIs must be available for inbound and outbound
directions. They can be identical for the two
directions but must be unique in one direction.
Make sure that the inbound SPI of one peer
matches the outbound SPI of the other peer.
Sets the IP address of the peer
Note
6
node(pf-ipstr)[name]#mode
The peers of the secured
communication must have
static IP address. DNS resolution is not available yet.
Selects tunnel or transport mode
{ tunnel | transport }
VPN configuration task list
366
SmartWare Software Configuration Guide
32 • VPN configuration
Use no in front of the above commands to delete a profile or a configuration entry.
Example: Create an IPsec policy profile
The following example defines a profile for AES-encryption at a key length of 128.
node(cfg)#profile ipsec-policy-manual ToBerne
node(pf-ipsma)[ToBerne]#use profile ipsec-transform AES_128
node(pf-ipsma)[ToBerne]#session-key inbound esp-encryption
1234567890ABCDEF1234567890ABCDEF
node(pf-ipsma)[ToBerne]#session-key outbound esp-encryption
FEDCBA0987654321FEDCBA0987654321
node(pf-ipsma)[ToBerne]#spi inbound esp 1111
node(pf-ipsma)[ToBerne]#spi outbound esp 2222
node(pf-ipsma)[ToBerne]#peer 200.200.200.1
node(pf-ipsma)[ToBerne]#mode tunnel
Creating/modifying an outgoing ACL profile for IPsec
An access control list (ACL) profile in the outgoing direction selects which outgoing traffic to encrypt and/or
authenticate, and which IPsec policy profile to use. IPsec does not require an incoming ACL.
Note
Outgoing and incoming IPsec traffic passes an ACL (if available) twice, once
before and once after encryption/authentication. So the respective ACLs
must permit the encrypted/authenticated and the plain traffic.
For detailed information on how to set-up ACL rules, see chapter 24, “Access control list configuration” on
page 253.
Procedure: To create/modify an outgoing ACL profile for IPsec
Mode: Configure
Step
1
2
Command
node(cfg)#profile acl name
node(pf-ipstr)[name]#permit ...
[ ipsec-policy name ]
Note
Purpose
Creates or enters the ACL profile name
The expression ‘ipsec-policy name’ appended to a
permit ACL rule activates the IPsec policy profile
name to encrypt/authenticate the traffic identified
by this rule.
New entries are appended at the end of an ACL. Since the position in the list
is relevant, you might need to delete the ACL and rewrite it completely.
Example: Create/modify an ACL profile for IPsec
The following example configures an outgoing ACL profile that interconnects the two private networks
192.168.1/24 and 172.16/16.
node(cfg)#profile acl VPN_Out
node(pf-acl)[VPN_Out]#permit ip 192.168.1.0 0.0.0.255 172.16.0.0 0.0.255.255 ipsecpolicy ToBerne
node(pf-acl)[VPN_Out]#permit ip any any
VPN configuration task list
367
SmartWare Software Configuration Guide
32 • VPN configuration
Configuration of an IP interface and the IP router for IPsec
The IP interface that provides connectivity to the IPsec peer, must now activate the outgoing ACL profile configured in the previous section. Furthermore, the IP router must have a route for the remote network that
points to the respective IP interface.
Procedure: To activate the outgoing ACL profile and to establish the necessary route
Mode: Configure
Step
Command
1
2
3
node(cfg)#context ip router
node(ctx-ip)[router]#interface if-name
node(if-ip)[if-name]# use profile acl
name out
4
node(if-ip)[if-name]#context ip router
5
node(ctx-ip)[router]#route remote-netoptional work-address remote-network-mask if-name 0
Purpose
Enter IP context
Create/enter the IP interface if-name
Activate the outgoing ACL profile name
Enter IP context
Creates a route for the remote network that
points the above IP interface if-name
You can omit this setting if the default route
already points to this IP interface or to a next hub
reachable via this IP interface, and if there is no
other route.
Make also sure that the IP router knows how to
reach the peer of the secured communication.
Usually, a default route does this job.
Example: Activate outgoing ACL and establish route
The following example configures an outgoing ACL profile that interconnects the two private networks
192.168.1/24 and 172.16/16.
node(cfg)#context ip router
node(ctx-ip)[router]#interface WAN
node(if-ip)[WAN]#use profile acl VPN_Out out
node(if-ip)[WAN]#context ip router
node(ctx-ip)[router]#route 172.16.0.0 255.255.0.0 WAN 0
Displaying IPsec configuration information
This section shows how to display and verify the IPsec configuration information.
Procedure: To display IPsec configuration information
Mode: Configure
Step
1
optional
2
optional
Command
node(cfg)#show profile ipsec-transform
node(cfg)#show profile ipsec-policymanual
VPN configuration task list
Purpose
Displays all IPsec transformation profiles
Displays all IPsec policy profiles
368
SmartWare Software Configuration Guide
32 • VPN configuration
Example: Display IPsec transformation profiles
node(cfg)#show profile ipsec-transform
IPSEC transform profiles:
Name: AES_128
ESP Encryption: AES-CBC, Key length: 128
Example: Display IPsec policy profiles
node(cfg)#show profile ipsec-policy-manual
Manually keyed IPsec policy profiles:
Name: ToBerne, Peer: 200.200.200.1, Mode: tunnel, transform-profile: AES_128
ESP SPI Inbound: 1111, Outbound: 2222
ESP Encryption Key Inbound: 1234567890ABCDEF1234567890ABCDEF
ESP Encryption Key Outbound: FEDCBA0987654321FEDCBA0987654321
Debugging IPsec
A debug monitor and an additional show command are at your disposal to debug IPsec problems.
Procedure: To debug IPsec connections
Mode: Configure
Step
Command
Purpose
1
node(cfg)#debug ipsec
Enables IPsec debug monitor
2
node(cfg)#show ipsec security-associ- Summarizes the configuration information of all
optional ations
IPsec connections. If an IPsec connection does
not show up, then one or more parameters are
missing in the respective Policy Profile.
The information ‘Bytes (processed)’ supports
debugging because it indicates whether IPsec
packets depart from (‘OUT’) or arrive at (‘IN’) the
SmartNode.
Example: IPsec Debug Output
node(cfg)#debug ipsec
IPSEC monitor on
23:11:04 ipsec > Could not find security association for inbound ESP packet.
SPI:1201
Example: Display IPsec Security Associations
node(cfg)#show ipsec security-associations
Active security associations:
Dir Type
Policy
Mode
Udp-Encapsulation
Peer
SPI AH
SPI ESP
AH
ESP-Auth
Bytes (processed/lifetime) Seconds (age/lifetime)
VPN configuration task list
ESP-Enc
369
SmartWare Software Configuration Guide
32 • VPN configuration
IN MANUAL
200.200.200.1
3622/unlimited
ToBerne
-
Tunnel
no
1111
19047/unlimited
-
AES-CBC 128
OUT MANUAL
200.200.200.1
2857/unlimited
ToBerne
-
Tunnel
no
2222
19047/unlimited
-
AES-CBC 128
Key management (IKE)
In addition to manual keyed IPSEC connections, support for automatically keyed IPSEC connections using
the Internet Key Exchange (IKE / RFC2409) protocol has been integrated, which is based on Internet Security
Association and Key Management Protocol (ISAKMP / RFC2408). The IKE module supports authentication
using pre-shared keys. There is currently no support for authentication using Public Key Infrastructure (PKI)
and digital certificates.
IKE is used to establish a shared secret between two peers, which can be used to derive encryption and/or
authentication keys for the exchange of encrypted and or authenticated packets between the peers through an
IPSEC connection. IKE also authenticates the two peers to thwart man in the middle attacks. In addition IKE
empowers IPSEC to do replay protection to prevent re-injection of previously captured packets into the protected network. Furthermore IKE negotiates a set of cryptographic transforms used by IPSEC for encryption
and/or authentication of IP packets. IKE is also responsible for periodic establishment of new session keys for
the ISPEC security associations.
To achieve all of this, IKE is split into two phases called MAIN MODE and QUICK MODE.
In MAIN MODE, IKE mutually authenticates the peers, establishes a shared secret between them and negotiates cryptographic transforms in order to create an ISAKMP security association between the two peers. The
ISAKMP security association is only used to provide a secure, authenticated and encrypted channel between
the peers, which can be used for any further communication.
In QUICK MODE, IKE negotiates all the security parameters like cryptographic transforms, SPIs and sessions
keys, which are required to establish one or more IPSEC security association. All the communication in
QUICK MODE is protected by a previously established ISAKMP security association. Note that the same
ISAKMP security association can be used to establish multiple quick modes.
Main differences between manual & IKE IPSEC configurations
• For IKE connections the ACLs must allow traffic from and to UDP port 500 in plaintext, because this port
is used by IKE to negotiate security associations.
• In addition to the ¨profiile ipsec-transform¨, which defines the cryptographic transforms used for the
IPSEC connections, it is necessary to define also a ¨profiile isakmp-transform¨, which defines the cryptographic transforms used to protect the negotiation of new IPSEC security associations using ISAKMP.
• Instead of the ¨profile ipsec-policy-manual¨, which is used to create manual keyed IPSEC connections, you
need to create a ¨profile ipsec-policy-isakmp¨, which contains all the IKE specific configuration options.
Creating an IPSEC transform profile
First you need to create at least one IPSEC transform profile as described in Chapter 26 of the Software Configuration Guide. In addition to the parameters used also for manually keyed IPSEC security associations, you
Key management (IKE)
370
SmartWare Software Configuration Guide
32 • VPN configuration
can optionally also specify a security association lifetime for IKE security associations. If the lifetime of the
security association expires, IKE will automatically negotiate a new security association. The default lifetime
for ISPEC security associations is one hour without any limit on the transmitted data volume. The parameters
defined in this profile are used for the negotiation of IPSEC security associations in quick mode.
The following commands can be used to change the security association lifetime:
Mode: profile ipsec-transform <transform-name>
Step
Command
1
node(pf-ipstr)[ctx-name]# key-life(optional) time-seconds <seconds>
2
node(pf-ipstr)[ctx-name]# key-life(optional) time-kilobytes <kilobytes>
Purpose
Define a new maximum lifetime of the security
associations in seconds.
Define a new maximum lifetime of the security
associations in kilobytes.
Creating an ISAKMP transform profile
To define which cryptographic transforms should be used to protect the negotiation of IPsec security association and the mutual authentication of the IPSEC peers, you need to create at least one isakmp transform profile. The parameters defined in this profile are used for the negotiation of ISAKMP security associations in
main mode.
The following commands can be used to create and configure an ISAKMP transform profile:
Mode: configure
Step
1
Command
node(cfg)# profile isakmp-transform
<name>
2
node(pf-ikptr)[<name>]# authentication-algorithm md5|sha1
3
node(pf-ikptr)[<name>]# encryption
des-cbc|3des-cbc|aes-cbc [keylength]
4
node(pf-ikptr)[<name>]# key-life(optional) time-seconds <seconds>
5
node(pf-ikptr)[<name>]# key-life(optional) time-sessions <sessions>
Key management (IKE)
Purpose
Create the transform profile with the specified
name and enter its configuration mode.
Define the authentication algorithm to be used,
which can be either md5 or sha1.
Define the encryption and optionally the length
of the encryption keys in bits to be used.
Optionally, you can also change the default
ISAKMP security association lifetime in seconds.
The default lifetime is 1 day.
Optionally, you can also change the default
ISAKMP security association lifetime in sessions.
This is the maximum number of quick modes,
which can be created by the ISAKMP SA. By
default there is no limit on the number of sessions.
371
SmartWare Software Configuration Guide
32 • VPN configuration
Creating an ISAKMP IPSEC policy profile
To define all the settings and profiles needed to establish an IPSEC security association, you need to create an
ISAKMP IPSEC policy profile There you can specify the ISAKMP and IPSEC transforms you created above,
which should be used and other necessary parameters. You can later specify using an ACL, what traffic should
be treated by a specify ISAKMP IPSEC policy.
The following commands can be used to create and configure an ISAKMP IPSEC policy profile:
Mode: configure
Step
Command
Purpose
1
node(cfg)# profile ipsec-policyisakmp <name>
2
node(pf- ipsik)[<name>]# authentica- Define the pre-shared key, which sould be used
tion-method pre-shared-key <key>
to authenticate the peers. The key can be a character string of any length.
node(pf- ipsik)[<name>]# diffie-hell- Define the diffie-hellman group to be used.
man-group {group1|group2|group5} Note: The higher the group number is, the
3
Create the policy profile with the specified name
and enter its configuration mode.
higher is the key length during the diffie-hellman
exchange and the higher is the processing time
for the establishment of the shared secret. Especially Group 5 requires a considerable amount
of time for processing. You should not use this
group in time critical applications unless you
know that the tunnel will always be established.)
4
node(pf- ipsik)[<name>]# use profile Define one or more ISAKMP transform profiles to
isakmp-transform <name>
be used by this policy. If more than one is
defined, IKE will negotiate a transform set, which
is supported by both peers.
5
node(pf- ipsik)[<name>]# use profile Define one or more IPSEC transform profiles to
ipsec-transform <name>
be used by this policy. If more than one is
defined, IKE will negotiate a transform set, which
is supported by both peers.
6
node(pf- ipsik)[<name>]# mode
Define the IPSEC encapsulation mode to be used
transport|tunnel
by this policy.
7
node(pf- ipsik)[<name>]# peer <ip or Optionally define the peer, for which this policy
should be used. Do not specify a peer, if this pol(optional) FQDN>
icy shall be used for multiple peers in transport
mode. The peer can either be an IP address or a
fully qualified domain name.
Key management (IKE)
372
SmartWare Software Configuration Guide
Step
Command
8
node(pf- ipsik)[<name>]# protected(optional) network {host <local-host-ip>}|{subnet <local-subnet-address> <localsubnet-mask>}|{range <local-rangestart> <local-range-end>} {host
<remote-host-ip>}|{subnet <remotesubnet-address> <remote-subnetmask>}|{range <remote-range-start>
<remote-range-end>}
9
node(pf- ipsik)[<name>]# protection(optional) group <group>
32 • VPN configuration
Purpose
Optionally if the remote system requires protected networks to be specified in the identity
payload of the quick mode, you can define one
or more protected networks using this command.
If required, you can specify a protection-group.
The protection-group is a proprietary feature and
is not compatible with third-party devices. Therefore do not configure it for connections to third
party devices.
Creating/modifying an outgoing ACL profile for IPSEC
This is basically the same as for manual keyed IPSEC connections and can be done as described in Chapter 26
of the Software Configuration Guide. Make sure that your ACL allows traffic from and to UDP port 500 in
plaintext to allow ISAKMP messages to be exchanged.
Configuration of an IP interface and the IP router for IPSEC
This is exactly the same as for manual keyed IPSEC connections and can be done as described in Chapter 26 of
the Software Configuration Guide.
Policy matching
Normally, if an initial ISAKMP message is received from the network, the system tries to find the corresponding ISAKMP IPSEC policy by matching the received source-ip address with the peer IP address of an IPSEC
policy.
However, in applications with dynamic IP addressing, an FQDN might be specified as the peer instead of an
IP address. In this case, it is not possible to find the correct policy using the source-ip address. To solve this
problem, you can specify the same protection-group ID in the ISAKMP IPSEC policy profiles of all the peers,
which should use the same remote policy. In this case, if the system receives an initial IKE packet, it will search
for an ISAKMP IPSEC policy profile, which has the same protection-group ID as the policy, which created the
ISAKMP packet.
Sample configuration snippet
Below you see a sample of the minimal required settings to be added to a configuration file in order to establish
an IKE IPSEC connection:
profile acl WAN_Out
permit 1 esp any any
permit 2 ah any any
permit 3 udp any any eq 500
Key management (IKE)
373
SmartWare Software Configuration Guide
32 • VPN configuration
permit 4 ip any 10.0.0.0 0.255.255.255 ipsec-policy VPN
permit 5 ip any any
profile ipsec-transform IPSEC_3DES_192
esp-encryption 3des-cbc 192
profile isakmp-transform ISAKMP_3DES_192
encryption 3des-cbc 192
authentication-algorithm sha1
profile ipsec-policy-isakmp VPN
authentication-method pre-shared-key sdfkl@hgdslkfs/iuçkfld$gus+ghf
mode tunnel
peer 1.2.3.4
diffie-hellman-group group2
use profile ipsec-transform 1 IPSEC_3DES_192
use profile isakmp-transform 1 ISAKMP_3DES_192
context ip
interface WAN
use profile acl WAN_Out out
Troubleshooting
To analyze configuration or networking problems related to IKE, the IKE module contains the following
debug monitors which log important information about the exchanged ISAKMP messages:
debug ike event
• This monitor prints every ISAKMP message sent or received as well as the current state of the ISAKMP
main and quick modes.
debug ike error
• This monitor prints information about errors detected during the ISAKMP exchange.
Key management (IKE)
374
SmartWare Software Configuration Guide
32 • VPN configuration
In addition to the monitors there are also show commands, which display current information about IKE and
IPSEC.
show ike policy <policy-name>
• Displays information about the configuration options of specific policy as well as an indication, if the policy
is valid or not. A policy might be invalid, if one or more configuration option is missing.
show ike status
• Displays information about the state of current IKE main and quick modes.
show ipsec security-associations
• Displays information about currently established IPSEC security associations including SPIs, peer IP
addresses and security association lifetime.
Encrypted Voice - Performance considerations
Firmware versions that support IKE allow encrypting and decrypting locally generated voice data streams
(RTP). However, because enabling support for RTP encryption has a performance impact for the system even
if RTP packets are not encrypted, this feature must be enabled manually on a per interface basis.
Performance considerations
Because encryption/decryption of RTP streams causes a very high workload on the systems CPU, this feature
cannot be used on all systems without limitation. However several newer systems contain a dedicated cryptographic accelerator hardware, which does these computationally intensive tasks for the main CPU. On such
systems RTP encryption has almost no impact on the overall system performance. You can see using the command ‘show crypto offload’, whether your systems contains the cryptographic accelerator or not.
Systems without the crEncrptedyptographic accelerator hardware will display the following line:
Crypto offload capabilities: None
Systems containing the cryptographic accelerator hardware will display the following line:
Crypto offload capabilities: DES, 3DES, AES, MD5, SHA1
On systems, which do not contain the cryptographic accelerator hardware, concurrent routing of data traffic
and RTP streams through an IPSEC connection, can cause excessive jitter of the RTP packets. Therefore concurrent routing of data and RTP streams through IPSEC tunnels should be avoided on systems without the
cryptographic accelerator hardware. Note that the CPU usage percentage does not give an indication about the
introduced jitter, because the jitter stems form short CPU usage peaks, which are filtered out by the time averaging of the CPU workload calculation algorithm.
Enabling RTP encryption support
The following command can be used to enable/disable RTP encryption support for an IP interface. If this is
enabled, RTP streams can be selected for encryption like any other data traffic using the ACL. Note that RTP
encryption must be enabled on every interface, which shall be used to send or receive encrypted RTP streams.
Encrypted Voice - Performance considerations
375
SmartWare Software Configuration Guide
32 • VPN configuration
Mode: Context ip /interface <if-name>
Step
1
Command
Purpose
node(if-ip)[if-name]# [no] rtp-encryp- Enable or disable RTP encryption support on an
tion
IP interface.
Using an alternate source IP address for specific destinations
Normally, locally originated IP packets use the IP address of the outbound IP interface as their source address.
However, when using VPN tunnels there are situations, where locally originated IP packets must be sent using
the source IP address of an alternate interface. You can specify using the following command that for one or
more destination network the IP address of an alternate IP interface should be used. This configuration command affects all locally originated IP packets except those, which originate from explicitly bound components
like SIP and H.323.
Mode: context ip
Step
Command
Purpose
1
node(ctx-ip)[ctx-name]# [no] sourceaddress-map <destination-network>
<destination-mask> <ip-interfacename>
Defines that locally originated packets destined
for the specified destination network shall use the
IP address of the specified IP interface as their
source address.
Using an alternate source IP address for specific destinations
376
SmartWare Software Configuration Guide
32 • VPN configuration
Sample configurations
The following sample configurations establish IPsec connections between a SmartNode and a Cisco router. To
interconnect two SmartNodes instead, derive the configuration for the second SmartNode by doing the following modifications:
• Swap ‘inbound’ and ‘outbound’ settings
• Adjust the ‘peer’ setting
• Swap the private networks in the ACL profiles
• Adjust the IP addresses of the LAN and WAN interfaces
• Adjust the route for the remote network
IPsec tunnel, DES encryption
SmartNode configuration
profile ipsec-transform DES
esp-encryption des-cbc 64
profile ipsec-policy-manual VPN_DES
use profile ipsec-transform DES
session-key inbound esp-encryption 1234567890ABCDEF
session-key outbound esp-encryption FEDCBA0987654321
spi inbound esp 1111
spi outbound esp 2222
peer 200.200.200.1
mode tunnel
profile acl VPN_Out
permit ip 192.168.1.0 0.0.0.255 172.16.0.0 0.0.255.255 ipsec-policy VPN_DES
permit ip any any
profile acl VPN_In
permit esp any any
permit ah any any
permit ip 172.16.0.0 0.0.255.255 192.168.1.0 0.0.0.255
deny ip any any
context ip router
interface LAN
ipaddress 192.168.1.1 255.255.255.0
interface WAN
ipaddress 200.200.200.2 255.255.255.252
use profile acl VPN_In in
use profile acl VPN_Out out
context ip router
route 0.0.0.0 0.0.0.0 200.200.200.1 0
route 172.16.0.0 255.255.0.0 WAN 0
Sample configurations
377
SmartWare Software Configuration Guide
32 • VPN configuration
Cisco router configuration
crypto ipsec transform-set DES esp-des
!
crypto map VPN_DES local-address FastEthernet0/1
crypto map VPN_DES 10 ipsec-manual
set peer 200.200.200.2
set session-key inbound esp 2222 cipher FEDCBA0987654321
set session-key outbound esp 1111 cipher 1234567890ABCDEF
set transform-set DES
match address 110
!
access-list 110 permit ip 172.16.0.0 0.0.255.255 192.168.1.0 0.0.0.255
!
interface FastEthernet0/0
ip address 172.16.1.1 255.255.0.0
!
interface FastEthernet0/1
ip address 200.200.200.1 255.255.255.252
crypto map VPN_DES
!
ip route 192.168.1.0 255.255.255.0 FastEthernet0/1
IPsec tunnel, AES encryption at 256 bit key length, AH authentication with HMACSHA1-96
SmartNode configuration
profile ipsec-transform AES_SHA1
esp-encryption aes-cbc 256
ah-authentication hmac-sha1-96
profile ipsec-policy-manual VPN_AES_SHA1
use profile ipsec-transform AES_SHA1
session-key inbound ah-authentication 1234567890ABCDEF1234567890ABCDEF12345678
session-key outbound ah-authentication FEDCBA0987654321FEDCBA0987654321FEDCBA09
session-key inbound esp-encryption
1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF
session-key outbound esp-encryption
FEDCBA0987654321FEDCBA0987654321FEDCBA0987654321FEDCBA0987654321
spi inbound ah 3333
spi outbound ah 4444
spi inbound esp 5555
spi outbound esp 6666
peer 200.200.200.1
mode tunnel
...
Rest of the configuration, see above, just change the name of the IPsec policy profile in the ACL profile ‘VPN_Out’
Cisco router configuration
crypto ipsec transform-set AES_SHA1 ah-sha-hmac esp-aes 256
!
crypto map VPN_AES_SHA1 local-address FastEthernet0/1
crypto map VPN_AES_SHA1 10 ipsec-manual
set peer 200.200.200.2
Sample configurations
378
SmartWare Software Configuration Guide
32 • VPN configuration
set session-key inbound esp 6666 cipher
FEDCBA0987654321FEDCBA0987654321FEDCBA0987654321FEDCBA0987654321
set session-key outbound esp 5555 cipher
1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF
set session-key inbound ah 4444 FEDCBA0987654321FEDCBA0987654321FEDCBA09
set session-key outbound ah 3333 1234567890ABCDEF1234567890ABCDEF12345678
set transform-set AES_SHA1
match address 110
!
...
For the remainder of the configuration (see above), just change the name of the IPsec policy profile in the ACL
profile VPN_Out
IPsec tunnel, 3DES encryption at 192 bit key length, ESP authentication with
HMAC-MD5-96
SmartNode configuration
profile ipsec-transform TDES_MD5
esp-encryption 3des-cbc 192
esp-authentication hmac-md5-96
profile ipsec-policy-manual VPN_TDES_MD5
use profile ipsec-transform TDES_MD5
session-key inbound esp-authentication 1234567890ABCDEF1234567890ABCDEF
session-key outbound esp-authentication FEDCBA0987654321FEDCBA0987654321
session-key inbound esp-encryption
1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF
session-key outbound esp-encryption
FEDCBA0987654321FEDCBA0987654321FEDCBA0987654321
spi inbound esp 7777
spi outbound esp 8888
peer 200.200.200.1
mode tunnel
...
For the remainder of the configuration (see above), just change the name of the IPsec policy profile in the ACL
profile VPN_Out
Cisco router configuration
crypto ipsec transform-set 3DES_MD5 esp-3des esp-md5-hmac
!
crypto map VPN_3DES_MD5 local-address FastEthernet0/1
crypto map VPN_3DES_MD5 10 ipsec-manual
set peer 200.200.200.2
set session-key inbound esp 8888 cipher
FEDCBA0987654321FEDCBA0987654321FEDCBA0987654321 authenticator
FEDCBA0987654321FEDCBA0987654321
set session-key outbound esp 7777 cipher
1234567890ABCDEF1234567890ABCDEF1234567890ABCDEF authenticator
1234567890ABCDEF1234567890ABCDEF
set transform-set 3DES_MD5
match address 110
!
Sample configurations
379
SmartWare Software Configuration Guide
32 • VPN configuration
...
For the remainder of the configuration (see above), just change the name of the IPsec policy profile in the ACL
profile VPN_Out.
Sample configurations
380
Chapter 33 CS interface configuration
Chapter contents
Introduction ........................................................................................................................................................382
CS interface configuration task list ......................................................................................................................382
Creating and configuring CS interfaces................................................................................................................383
Configuring call routing ......................................................................................................................................384
Configuring the interface mapping tables ............................................................................................................385
Configuring the precall service tables ...................................................................................................................388
381
SmartWare Software Configuration Guide
33 • CS interface configuration
Introduction
This chapter provides an overview of interfaces in the CS context and describes the tasks involved in their configuration. Within the CS context, an interface is a logical entity providing call signaling for incoming and outgoing calls to and from telephony ports and voice over IP gateways. It represents logical connections to other
equipment or networks. CS interfaces are used as source and destination in the call router and are bound to
physical ports or logical gateways.
Interface names can be any arbitrary string with a maximum of 25 characters. For ease of identification, the
interface type can be a part of the name. Figure 52 illustrates the function of the CS interfaces. The types of CS
interfaces are:
• PSTN interfaces telephony. Binding is done from a port to an interface.
• VoIP interface provide voice over IP settings in addition to the general CS interface parameters. These interfaces must be explicitly bound to an existing VoIP gateway.
H.323 GW
SIP GW
H.323 interface
SIP interface
Context CS
switch
mappping
table
ISDN interface
use command
FXS interface
bind command
ISDN Port
FXS Port
Figure 52. CS interfaces on the CS context
Interfaces can use mapping tables and precall service tables to manipulate call properties before the call is being
offered to the call router.
CS interface configuration task list
Several parameters depend upon the interface type. If it is not specifically stated otherwise, the configuration
task is valid for all interfaces. This is not described in this chapter, but in chapter 42, “Tone configuration” on
Introduction
382
SmartWare Software Configuration Guide
33 • CS interface configuration
page 529 and chapter 47, “VoIP profile configuration” on page 573. To create and configure CS interfaces you
have to perform the configuration tasks listed below.
• Creating and configuring CS interfaces
• Configuring call routing
• Configuring the interface mapping tables (optional)
• Configuring the precall service tables (optional)
• Configuring interface type specific parameters
Creating and configuring CS interfaces
To configure CS interfaces, you must first enter the CS context mode where you can create and configure your
required interface through the CS interface configuration mode. Each interface has a name that can be any
arbitrary string of not more than 25 characters. Use a name describing the purpose of the interface, as shown in
the examples or—for ease of identification—the interface type can be used as part of the name. Alreadydefined CS interfaces can be displayed or deleted as described in the following table.
Procedure: Create and configure CS interfaces.
Mode: Configure
Step
Command
Purpose
1
node(cfg)#context cs
Enter the CS Context Configuration Mode.
2
node(ctx-cs)[switch]#interface if-type ifname
Enter the CS Interface Configuration Mode & select
the CS interface with type if-type and name if-name
for configuration. Valid interface types are h323,
sip, isdn and fxs.
3
node(if-type)[if-name]#…
Perform the configuration tasks to configure the CS
interface.
4
node(ctx-cs)[switch]#show call-control
provider
Display the configuration of the current CS interface.
5
node(if-type)[if-name]#exit
Go back to the CS Context Configuration Mode
6
7
Repeat step 1 to 5 to create and configure your CS
interfaces
node(ctx-cs)[switch]#show call-control
provider
or
node(ctx-cs)[switch]#show call-control
status
8
node(ctx-cs)[switch]#no interface if-type ifname
Display already defined CS interfaces.
Note: The show call-control provider command can
also be used to display the configuration details of a
provider either by specifying its name as a parameter or by being inside its configuration mode.
Delete an existing interface.
Examples: Create CS interfaces and delete another
Creating and configuring CS interfaces
383
SmartWare Software Configuration Guide
33 • CS interface configuration
The following example shows how to create and configure an interface, how to display it, and how to delete
another.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface isdn IF-PBX1
node(if-pstn)[IF-PBX1]#route call dest-interface TAB-CALLED-NUMBER
node(if-pstn)[IF-PBX1]#show call-control provider
Provider: IF-PBX1
=================
Binding:
(none)
Protocol:
(unknown)
DTMF Dialing:
disabled
Tone-Set Profile:
(none)
PSTN Profile:
default
Routing Destination:
router (IF-PBX1-precall-service)
Active Endpoints:
0
Suspended endpoints:
0
node(if-pstn)[IF-PBX1]#exit
node(ctx-cs)[switch]#show call-control provider
Call Control: switch
====================
Providers
--------local
router
sn43
IF-PBX1
IF-PBX2
IF-PUBLIC-PSTN1
IF-PUBLIC-PSTN2
IF-COMPOFF-A
HUNT-COMPOFF-A
HUNT-PBX
HUNT-PUBLIC-PSTN
node(ctx-cs)[switch]#no interface isdn IF-PBX1
node(ctx-cs)[switch]#
Configuring call routing
SmartWare offers two levels of call routing: basic interface routing and advanced call routing. Basic interface
routing allows you to forward all incoming calls on a CS interface to a destination CS interface.
Advanced call routing allows you to route calls to all available CS interfaces, based on a criteria such as calling
number, destination number, ISDN bearer capability, or other call properties. Using mapping tables, you can
modify call properties like the calling or called party number, URI, etc. Furthermore, you can collect numbers
using the digit-collection feature of called party number routing tables. Call services like hunt or distribution
groups can be used to distribute calls to multiple destination interfaces.
Configuring call routing
384
SmartWare Software Configuration Guide
33 • CS interface configuration
In the environment of the CS interfaces, it is necessary to specify whether the call will be routed directly to
another CS interface (basic interface routing) or to a first lookup table from the call router (advanced call routing).
In this chapter. only the configuration task on a CS interface is described. For configuration of the call routing
tables, mapping tables and call services refer to chapter 40, “Call router configuration” on page 456, which also
describes the difference between the two levels of call routing in more detail.
Procedure: To configure basic interface routing
Mode: Context CS
Step
1
2
Command
node(ctx-cs)[switch]#interface if-type ifname
node(if-type)[if-name]#route call destinterface if-name
or
node(if-type)[if-name]#route call desttable table-name
or
Purpose
Enters CS Interface Configuration Mode and configure interface if-type with name if-name
Specifies a destination interface for incoming calls
(basic interface routing) or a destination table or call
service (advanced call routing)
node(if-type)[if-name]#route call destservice service-name
3
node(if- type)[if-name ]#exit
4
Returns to CS context configuration mode
Repeat steps 1–3 for all the required CS interfaces
Example: Configure call routing
The following example shows how to configure basic interface routing.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface pstn IF-PBX1
node(if-pstn)[IF-PBX1]#route call dest-interface IF-H323-0
node(if-pstn)[IF-PBX1]#exit
node(ctx-cs)[switch]#
Configuring the interface mapping tables
Call router mapping tables are normally used by the call router to manipulate call properties during the call
setup phase, i.e. when a call arrives on a CS interface and is routed to another interface through routing and
mapping tables. This imposes a limitation to call property manipulation: When a call property like a party’s
number is changed during a call, the call is not routed through the call router again and thus, the mapping
tables are not processed for the new number. Call property manipulation, e.g. removing a prefix from a number, cannot be done for the new number.
Consider, for example, an ISDN call, which may send a connected party number in the Connect message. This
connected party number has the same meaning as the original called party number, but may differ from it.
Another example of a call property that changes during a call is a SIP call transfer. A SIP call may be transferred
Configuring the interface mapping tables
385
SmartWare Software Configuration Guide
33 • CS interface configuration
to another user agent having a different URI than the called one. This new URI as well as the derived E.164
number cannot be manipulated using the call router before presenting it to the other party.
To circumvent this limitation, you can use mapping tables directly on an interface. In that case the mapping
tables can be thought as input or output filters, which manipulate call properties at any stage of a call.
As with the SIP transfer example, differentiating called from calling party properties does not make sense for
these manipulations, because the calling as well as the called party can be transferred in a SIP call. Therefore,
mapping tables that are used on an interface manipulate both at the same time, called and calling party properties!
You can chose different mapping tables for filtering parameters in each direction, input and output. While an
input mapping table is applied to all properties that are received by the port or gateway that is bound to the
interface before sending them to the peer interface in the CS context, an output mapping table is applied to all
properties before sending them to the bound port or gateway.
Refer to the chapter 40, “Call router configuration” on page 456 for more information about how to create and
configure mapping tables.
Procedure: To use mapping tables to filter properties on an CS interface
Mode: Context CS
Step
Command
Purpose
1
node(ctx-cs)[switch]#interface if-type ifname
Enters CS Interface Configuration Mode and configure interface if-type with name if-name
2
node(if-type)[if-name]#use mappingtable in table-name
Specifies an input and/or an output mapping table
that shall be applied to all call properties in the
specified direction.
and/or
node(if-type)[if-name]#use mappingtable out table-name
Example: Use interface mapping tables for dialing plan conversion
The following example shows how to configure a dialing plan conversion on an interface. In this case, you can
plan your call-routing tables to deal only with international numbers while converting private numbers on the
CS interface that interfaces the private network.
node(ctx-cs)[switch]#mapping-table e164 to e164 PRIV-TO-GLOB
node(map-tab)[PRIV-TO~]#map (..) to 00419988825\1
node(map-tab)[PRIV-TO~]#exit
node(ctx-cs)[switch]#mapping-table e164 to e164 GLOB-TO-PRIV
node(map-tab)[GLOB-TO~]#map 00419988825(..) to \1
node(map-tab)[GLOB-TO~]#exit
node(ctx-cs)[switch]#interface isdn IF-PHONES
node(if-isdn)[IF-PHON~]#route dest-table TAB-CALLED-NUMBER
node(if-isdn)[IF-PHON~]#use mapping-table in PRIV-TO-GLOB
node(if-isdn)[IF-PHON~]#use mapping-table out GLOB-TO-PRIV
node(if-isdn)[IF-PHON~]#exit
node(ctx-cs)[switch]#
Configuring the interface mapping tables
386
SmartWare Software Configuration Guide
33 • CS interface configuration
use (input)
interface isdn IF-PHONES
Incoming Call #1
Calling
E.164 20
Called
E.164 21
Mapping-Table: PRIV-TO-GLOB
input property output property
Context
E.164 CS switch E.164
(..)
00419988825\1
Incoming Call #1
Calling
E.164 0041998882520
Called
E.164 0041998882521
Routing-Table: TAB-CALLED-NUMBER
Incoming Call #2
Calling
E.164 20
Called
E.164 0041778881111
Incoming Call #2
Calling
E.164 0041998882520
Called
E.164 0041778881111
Figure 53. Incoming call passing an interface mapping table
Figure 53 shows two incoming calls arriving to the ISDN interface IF-PHONES. The calling and called party
numbers are private numbers containing only two digits. Before accessing the call router, those numbers can be
transformed into the global numbering plan. Which is why the interface was configured to use mapping table
PRIV-TO-GLOB on all incoming call properties.
Incoming call #1 originally has a calling party number of 20 and a called party number of 21. Before offering
this call to the call router, mapping table PRIV-TO-GLOB is applied to the called party number and the calling party number. The mapping table adds a prefix of 00419988825 to the called and calling party number.
Incoming call #2 originally has a calling party number of 20 but already a called party number of the global
numbering plan. Again, the mapping table is applied to both number, but only the calling party number of 20
is translated into 0041998882520. The called party number does not match an entry in the mapping table, so
it is not changed.
Configuring the interface mapping tables
387
SmartWare Software Configuration Guide
33 • CS interface configuration
use (input)
interface isdn IF-PHONES
Incoming Call
Calling
E.164 20
Called
E.164 21
Mapping-Table: PRIV-TO-GLOB
input property output property
Context
E.164CS switch E.164
(..)
00419988825\1
Incoming Call
Calling
E.164 0041998882520
Called
E.164 0041998882521
Routing-Table: TAB-CALLED-NUMBER
Outgoing Call
Calling
E.164 0041998882520
Called
E.164 0041998882521
Outgoing Call
Calling
E.164 20
Called
E.164 21
use (output)
Mapping-Table: GLOB-TO-PRIV
input property output property
E.164
E.164
00419988825(..)
\1
Figure 54. Call passing an input and an output mapping table
Let’s assume we manipulate an incoming ISDN call using the PRIV-TO-GLOB mapping table as in the previous example. Figure 54 shows this situation again. Let’s further assume the call router routes back the call to
the interface IF-PHONES. In that case, the output mapping table used on this interface is applied to all call
parameters. The calling and called party number is transformed form the global to the private numbering plan
before the call is offered to the remote ISDN terminal.
Note
For interface mapping you can use only mapping tables that examine general
call parameters. For example, you cannot use a called-e164 to called-e164
mapping table, use a e164 to e164 mapping table instead.
Configuring the precall service tables
Precall service mapping tables are used to convert dialed special numbers like *61 to invocation commands for
supplementary services like call-waiting, etc. Precall service tables are configured as part of the call router in the
context CS configuration mode. Precall service tables are used on an FXS interface where the attached phone
should be able to activate or deactivate services by dialing a special number. SmartWare currently supports the
following service commands:
• activate-cw—Activates call-waiting on the interface that uses the precall service table. Once activated a second incoming call is possible on the interface. The second call is announced to the first call. The user can
then decide whether to accept or reject the new call.
• deactivate-cw—Deactivates call-waiting on the interface that uses the precall service table.
Configuring the precall service tables
388
SmartWare Software Configuration Guide
33 • CS interface configuration
• interrogate-cw—Detects whether or not the call-waiting supplementary service is active on the interface
that uses the precall service table.
Note
Currently you can only use precall service tables on FXS interfaces.
Procedure: To create precall service table and use it on an FXS interface
Mode: Context CS
Step
Command
Purpose
1
node(ctx-cs)[switch]#precall-servicetable table-name
Creates a new table that maps special numbers into
supplementary service invocation commands
2
node(pcs-tab)[table-name]#map specialnumber to command
Adds a new entry to map a special-number into a
supplementary service invocation command.
3
Repeat Step 2 to add other special number mappings.
4
node(pcs-tab)[table-name]#exit
5
node(ctx-cs)[switch]#interface fxs if-name Enters FXS Interface Configuration Mode of interface if-name
6
node(if-fxs)[if-name]#use mappingtable precall-service table-name
Returns to context CS Configuration Mode
Uses the precall service table created with step 1 to
4 on this FXS interface.
Example: Create and use a precall service table
The following example shows how to create a precall service table that treats *43# as activation command for
the call-waiting supplementary service, while #43# is used to deactivate call-waiting and *#43# is used to query
the call-waiting supplementary service:
node(ctx-cs)[switch]#precall-service-table SUPP-SVC
node(pcs-tab)[SUPP-SVC]#map *43# to activate-cw
node(pcs-tab)[SUPP-SVC]#map #43# to deactivate-cw
node(pcs-tab)[SUPP-SVC]#map *#43# to interrogate-cw
node(pcs-tab)[SUPP-SVC]#exit
node(ctx-cs)[switch]#interface fxs IF-PHONE
node(if-fxs)[IF-PHONE]#use mapping-table precall-service SUPP-SVC
node(if-fxs)[IF-PHONE]#exit
node(ctx-cs)[switch]#
Configuring the precall service tables
389
Chapter 34 ISDN interface configuration
Chapter contents
Introduction ........................................................................................................................................................391
ISDN interface configuration task list..................................................................................................................391
Configuring DTMF dialing (optional) ..........................................................................................................392
Configuring an alternate PSTN profile (optional) .........................................................................................392
Configuring ringback tone on ISDN user-side interfaces ..............................................................................393
Configuring call waiting (optional) ...............................................................................................................393
Disabling call-waiting on ISDN DSS1 network interfaces .............................................................................393
Configuring Call-Hold on ISDN interfaces ..................................................................................................394
Enabling Display Information Elements on ISDN Ports ...............................................................................394
Configuring date/time publishing to terminals (optional) .............................................................................394
Sending the connected party number (COLP) (optional) ..............................................................................395
Enabling sending of date and time on ISDN DSS1 network interfaces .........................................................395
Defining the ‘network-type’ in ISDN interfaces ............................................................................................395
ISDN Explicit Call Transfer support (& SIP REFER Transmission) ............................................................395
ISDN Advice of Charge support ...................................................................................................................397
ISDN DivertingLegInformation2 Facility .....................................................................................................401
Transmit Direction .................................................................................................................................401
Receive Direction ....................................................................................................................................401
T1 Caller-Name Support ..............................................................................................................................401
390
SmartWare Software Configuration Guide
34 • ISDN interface configuration
Introduction
This chapter provides an overview of ISDN interfaces, and the tasks involved in their configuration. This chapter does not explain the basic configuration steps equal to all CS interfaces. Information about basic interface
configuration can be found in the general chapter about CS interface configuration (see chapter 33, “CS interface configuration” on page 381)
An ISDN interface represents the connection of an ISDN signaling channel to the call control. It encapsulates
the ISDN layer 3 protocol of an ISDN port’s D-channel, allows incoming and outgoing calls on this port, controls its B-channels and provides a set of services.
There is a one-to-one relation between the port and the interface: Only one port can bind to an existing interface, and there must be a port that binds to the interface for the interface to become functional (see figure 55).
An ISDN interface can encapsulate user and network side of the following protocols: DSS1, NI2, NTT. The
settings are automatically taken from the port that binds to the interface, and changes on the port are automatically reflected on the interface.
ISDN Interfaces
Context CS
encapsulation cc-isdn
bind commands
ISDN
Port
ISDN
Port
Figure 55. ISDN interfaces on the CS context
ISDN interface configuration task list
This section describes the configuration tasks for ISDN interfaces. There are no mandatory configurations on
ISDN interfaces, because all protocol relevant settings are inherited from the port that binds to the interface.
The settings on the interface are those of basic CS interface configuration, as well as settings for interoperability and supplementary services:
• Configuring ringback tone on ISDN user-side interfaces
• Configuring call waiting (optional)
• Disabling call waiting on ISDN DSS1 network interfaces
• Configuring date/time publishing to terminals (optional)
• Enabling sending of date and time on ISDN DSS1 network interfaces
• Defining the ‘network-type’ in ISDN interfaces
• ISDN explicit call transfer, SIP REFER transmission
• ISDN Advice of Charge support
Introduction
391
SmartWare Software Configuration Guide
34 • ISDN interface configuration
Configuring DTMF dialing (optional)
Most ISDN terminals support two modes of call setup: En-bloc dialing and overlap dialing. En-bloc dialing
transports the full called party information in the first SETUP message from the terminal. This means that the
user must dial the number before going off-hook. Overlap dialing transports the called-party number digit by
digit, after the first SETUP message, which contains no called-party information at all. Combinations between
en-bloc and overlap dialing are possible.
Most terminals use ISDN keypad facility messages to transport digits one-by-one in overlap dialing. But some
terminals, especially terminal adapters for analog devices, might transport the digits only using DTMF tones,
without associated keypad facility messages.
The DTMF dialing command enables the ISDN port for the use with such devices.
Be sure to only use this command when needed. Otherwise, called party information can be corrupted because
the digits arrive twice, as keypad facility messages and also as DTMF tones.
Procedure: To enable DTMF dialing
Mode: Interface ISDN
Step
1
Command
Purpose
node(if-isdn)[if-name]#[no] dtmf-dialing Enables/Disables DTMF dialing (default: disabled)
Example: Enable DTMF dialing
The following example shows how to enable DTMF dialing for a given ISDN interface.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface isdn MyIsdnIf
node(if-isdn)[myIsdnIf]#dtmf-dialing
Configuring an alternate PSTN profile (optional)
The PSTN profile contains the configuration for data/voice transmission on circuit-switched channels (see
chapter 48, “PSTN profile configuration” on page 597). In the case of ISDN interfaces, the PSTN profile
applies to the ISDN B-Channels associated with the interface.
There is a PSTN profile named default, which always exists in the system. If no different PSTN profile name is
explicitly configured on the ISDN interface, the profile default is used.
Procedure: To define an alternate PSTN profile for the ISDN interface
Mode: Interface ISDN
Step
1
Command
node(if-isdn)[if-name]#[no] use profile
pstn profile-name
ISDN interface configuration task list
Purpose
Defines an alternate PSTN profile to be used for
this ISDN interface/Reverts the setting to its default
(use profile PSTN default)
392
SmartWare Software Configuration Guide
34 • ISDN interface configuration
Example: Configure an alternate PSTN profile
The following example shows how to replace the PSTN profile default of the ISDN interface with the PSTN
profile myprofile.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface isdn myIsdnIf
node(if-isdn)[myIsdnIf]#use profile pstn myprofile
Configuring ringback tone on ISDN user-side interfaces
If a ring-back tone needs to be played towards the PSTN from an ISDN user-side interface, this can be forced
using the following command.
Mode: interface isdn <if-name>
Step
1
Command
Purpose
[name] (pf-isdn)[if-name]# [no] user-side- Enables ringback tone to be played on ISDN userringback-tone
side interfaces. Default: disabled.
Configuring call waiting (optional)
The term “call waiting” is used as follows in this context: If the port bound to this interface is configured to be
network side, and both ISDN B-Channels are engaged with calls, and there is a new outgoing call over this
interface, the interface can
a) Signal the new call to all connected terminals, although both B-Channels are in use. One terminal can then
put its current call on hold to accept the new one (putting the call on hold frees its B-Channel).
b) Not signal the new call, because there is no B-Channel available. This is the desired behavior particularly if
the bound port is part of a hunt-group, and no user terminals are connected.
Default behavior is a), using the command below in the inverted form, behavior b) is selected.
Procedure: To configure call waiting
Mode: Interface ISDN
Step
1
Command
node(if-isdn)[if-name]#[no] call-waiting
Purpose
Enable/disable call waiting feature as described
above (default: enabled)
Disabling call-waiting on ISDN DSS1 network interfaces
This procedure disables support for call-waiting on an ISDN DSS1 network interface.
Mode: interface isdn <if-name>
Step
1
Command
[name] (if-isdn)[if-name]# no call-waiting
ISDN interface configuration task list
Purpose
Disable call-waiting.
393
SmartWare Software Configuration Guide
34 • ISDN interface configuration
Configuring Call-Hold on ISDN interfaces
Normally, the call-hold feature is disabled on ISDN point-to-point links and enabled on ISDN point-to-multipoint links. However, you can manually enable or disable the Call-Hold feature using the following command: The default setting can be achieved using the ‘auto’ configuration option.
Mode: interface isdn
Step
1
Command
node(if-isdn)[if-name]# call-hold
{auto|enable|disable}
Purpose
Enable or disable the call-hold functionality for
an isdn interface. If ‘auto’ is selected, call-hold is
automatically disabled on p2p links and enabled
on p2mp links.
Default: auto
Enabling Display Information Elements on ISDN Ports
By default no display information elements are sent in ISDN signaling messages. You can enable sending of
ISDN Display Information elements in ISDN signaling messages using the following command.
Mode: interface isdn
Step
1
Command
node(if-isdn)[if-name]# [no] display
emit
Purpose
Enable sending of the display information element for an isdn interface.
Default: disabled
Configuring date/time publishing to terminals (optional)
ISDN allows to propagate current time and date information from a port configured as network to the connected terminals. You can configure each ISDN interface to propagate the current SmartNode system time and
date to the connected terminals with the following command:
Procedure: To configure date and time publishing
Mode: Interface ISDN
Step
1
Command
Purpose
node(if-isdn)[if-name]#[no] isdn-date-time Enable/disable publishing of system time to connected ISDN terminals (default: disabled)
Date and time information can only be contained in the ISDN CONNECT message. This message is only
delivered to a terminal when a call from the terminal to the SmartNode is made, and reaches connected state.
ISDN interface configuration task list
394
SmartWare Software Configuration Guide
34 • ISDN interface configuration
Sending the connected party number (COLP) (optional)
Sending the connected party number (COLP) can be suppressed by the command send-connected- party-number.
Mode: context cs/interface isdn
Step
1
Command
node(if-isdn)[if-name]#[no] send-connected-party-number
Purpose
Enables/Disables sending the connected-partynumber. Default: enabled.
Enabling sending of date and time on ISDN DSS1 network interfaces
This procedure enables sending of date and time information on an ISDN network side interface.
Mode: interface isdn <if-name>
Step
1
Command
[name] (if-isdn)[if-name]# isdn-date-time
Purpose
Enable sending of date and time.
Defining the ‘network-type’ in ISDN interfaces
The following command defines the location code to be inserted in ISDN causes code information elements.
Mode: interface isdn <if-isdn>
Step
1
Command
Purpose
[name] (if-isdn)[if-name]# network-type
Defines the type of network to which the system
[international|private|public|transit|user} belongs.
ISDN Explicit Call Transfer support (& SIP REFER Transmission)
Additional call transfer support is enabled by default for ISDN interfaces (BRI ports) by accepting or rejecting
explicit call-transfer (ECT) invocations. An ISDN phone that is connected to a BRI port and that has two
active calls can send an ECT invocation to connect the two calls inside the device. An ISDN interface can be
configured to accept or reject ECT invocations.
SmartWare detects calls that are looped internally, i.e. calls that leave the device over the same ISDN interface
over which they enter the device. If an internal loop is detected for an ISDN interface bound by an ISDN user
port, SmartWare sends an explicit call-transfer (ECT) to push back the call to the connected network as soon
as the call is connected. An ISDN interface can be configured to emit ECT invocations.
SIP interfaces react similarly to internally looped calls. If a call leaves the device over the same SIP gateway over
which it entered the device, SmartWare sends a REFER message to one of the remote user agents to transfer
the call to the two parties. A SIP interface can be configured to emit REFER messages.
Figure 56 shows an example scenario where a SIP network connects two devices to give a home office (HO)
access to a PBX in the central office (CO).
ISDN interface configuration task list
395
SmartWare Software Configuration Guide
34 • ISDN interface configuration
Central Office
Home Office
y
tewa
Ga vice
dia
Me ss De
IP
Vo Acce
SIP
0/
6
0/
5
0/
4
0/
0/
ns
Co
0/
3
0
0/
1
3
0/
2
0/
ice
Po
rts
Po
IP
0M
et
Ac
tiv
ity
10
En
0
w
er
R
un
Vo
Li
nk
1
0
Li
nk
1
0/
0
ity
0/
tiv
0M
Ac
10
nk
ity
Li
tiv
0M
Ac
nk
10
nk
Li
Li
IP
et
En
Vo
rts
Po
w
er
R
un
Po
Vo
et
En
ice
Vo
ole
7
18 ToIP
e 41
od
tN
ar
Sm
2
(a)
ole
ns
Co
0/
er
ut
y Ro ce
vi
tewa De
Ga ss
IP
ce
Vo Ac
24 ated
e 45 tegr
od In
tN ToIP
ar
Sm
ECT
ole
1
0/
0/
0/
0/
ns
Co
0/
Vo
0/
0
0/
2
3
4
5
6
7
18 ToIP
e 41
od
tN
ar
Sm
0/
0/
33
0/
0/
22
ice
Po
rts
IP
Ac
tiv
ity
0M
et
0
REFER
En
rts
tiv
0M
et
Ac
nk
10
nk
Li
IP
Vo
0
y
tewa
Ga vice
dia
Me ss De
IP
Vo Acce
SIP
ole
1
0
0/
0/
0/
0/
0/
ns
Co
0/
0/
2
3
4
5
6
7
18 ToIP
e 41
od
tN
ar
Sm
0/
0/
33
0/
0/
22
Vo
ice
Po
rts
tiv
0M
et
Ac
nk
Li
IP
Vo
En
0
w
er
R
un
Po
10
11
00
nk
ity
rts
rts
Po
Po
Li
0/
0/
11
0/
0/
00
Ac
Ac
tiv
tiv
ity
ity
10
10
0M
0M
Li
Li
nk
nk
Ac
Ac
tiv
tiv
ity
ity
10
10
0M
0M
Li
Li
nk
nk
Vo
Vo
IP
IP
Li
Li
nk
nk
Po
Po
w
w
er
er
R
R
un
un
ole
ole
ns
ns
Co
Co
ECT
0/
er
er
ut
ut
Ro ce
y Ro
wa y vi
vice
te
tewa De
De
Ga
Ga ss
ss
IP
IP ce
ce
Vo
Vo Ac
Ac
ed
24
ed
24grat
at
45 te
gr
e 45
te
In
oddeIP In
tN o ToIP
ar tN To
m ar
S
Sm
etet
En
En
0/
6
Po
BYE
etet
En
En
0/
5
0/
0/
4
ice
w
er
R
un
Po
Li
1
et 1
Enet
En
ice
ice
Vo
Vo
ns
Co
0/
3
1
0/
0
0/
Vo
ity
rts
Ports
ice Po
Voice
Vo
0
et 0
Enet
En
(d)
ole
7
18 ToIP
e 41
od
tN
ar
Sm
0/
0/
33
0/
0/
22
0/
0/
11
0/
0/
00
10
10
0M
0M
Ac
Ac
tiv
tiv
ity
ity
LiLi
nk
nk
10
10
0M
0M
Ac
Ac
tiv
tiv
ity
ity
LiLi
nk
nk
Vo
Vo
IP
IP
LiLi
nk
nk
Po
Po
ww
er
er
RR
un
un
(c)
y
tewa
Ga vice
dia
Me ss De
IP
Vo Acce
SIP
2
er
uter
Routce
y Ro
vice
way vi
tewa
De
Gate ss De
IP Ga cess
VoIP Acce
Vo
ed Ac
24 ated
4524
grat
tegr
e 45
Inte
de
ole
od
IP In
nsole
tNo ToIP
Cons
Co
artN To
mar
Sm
S
0/
DISCONNECT
En
w
er
R
un
Vo
Li
nk
11
00
10
rts
rts
Po
Po
Li
nk
0/
0/
11
0/
0/
00
Ac
Ac
tiv
tiv
ity
ity
10
10
0M
0M
LiLi
nk
nk
et
et
En
En
ice
ice
Vo
Vo
y
tewa
Ga vice
dia
Me ss De
IP
Vo Acce
SIP
Po
et
et
En
En
Ac
Ac
tiv
tiv
ity
ity
10
10
0M
0M
LiLi
nk
nk
Vo
Vo
IP
IP
LiLi
nk
nk
Po
Po
ww
er
er
RR
un
un
(b)
ole
ns ole
Co ns
Co
0/
er
er
ut
ut
Ro ce
y Ro
way vi
vice
te
tewa De
De
Ga
Ga cess
ss
IP
IP
ce
Vo
Vo Ac
Ac
ed
24
ed
24grat
at
45 te
gr
e 45
te
In
deIP In
od
tNo ToIP
artN To
mar
S
Sm
DISCONNECT
Figure 56. Example SIP network connecting two device to give a home office access to the CO PBX
The phone in the home office has two active calls to other subscribers of the PBX in the central office. The user
wants to connect the other two participants and (a) sends an explicit call-transfer invocation to the device HO.
The device HO internally connects the two calls and sends a DISCONNECT message to the phone for both
calls. In a second step (b) the firmware on HO detects an internal loop. Both call legs are connected to the
same network. In this example, both call legs are handled by the same SIP gateway. The firmware on device
HO sends a REFER message to device CO, which connects the two call legs internally and sends a BYE message to the device HO. (c) Again the firmware of CO detect an internal loop. This time the call legs are handled by the same SIP interface, connected to the PBX. Since the ISDN port is a user port it sends an explicit
call-transfer invocation to the PBX (d), which connects the call and sends the device CO a DISCONNECT
message for both calls. During all these push back operations the datapath of the two participants
keeps connected.
The push back mechanism over ISDN (using ECT) and SIP (using REFER) works independently of the protocol that invoked the call-transfer. For example, the same scenario also works if the phone in the home office
is connected to an FXS port.
ISDN interface configuration task list
396
SmartWare Software Configuration Guide
34 • ISDN interface configuration
The push-back mechanism can be configured on each interface separately. Per default push-back is enabled for
ISDN and SIP interfaces. You only have to change the configuration if you don’t want internally looped calls to
be pushed back to the network. The configuration command [no] call-transfer accept configures if an incoming call-transfer request (e.g. ECT or REFER) shall be accepted. The configuration command [no] calltransfer emit configures if a call reaching the device over this interface and leaving the device over this interface
shall be pushed back to the network, i.e. if a call-transfer request (ECT or REFER) shall be sent.
The following procedure disables the push-back mechanism on the ISDN interface connected to the PBX. No
ECT invocation is sent when a call is detected that is looped internally.
Step
Command
Purpose
1
node(ctx-ip)[ctx-name]# interface isdn
<if-name>
Go to the ISDN interface, for which you want to
disable the push back mechanism.
2
node(if-isdn)[if-name]# no call-transfer
emit
Disable the push back mechanism
The following procedure disables the push-back mechanism on a SIP interface. No REFER message is sent
when a call is detected that is looped internally.
Step
Command
Purpose
1
node(ctx-ip)[ctx-name]# interface sip
<if-name>
Go to the SIP interface, for which you want to disable the push back mechanism.
2
node(if-sip)[if-name]# no call-transfer
emit
Disable the push back mechanism
ISDN Advice of Charge support
The exchange of “Advice of Charge” information is supported between two ISDN interfaces. The charge information can be transmitted and received over H.323. (See Chapter 38, “H.323 interface configuration” on
page 431 for additional information on AOC-D support for H.323). Without configuration changes SmartWare tunnels the “Advice of Charge” information from an ISDN user interface to an ISDN network interface.
However you can disable AOC-S, AOC-D or AOC-E separately on each interface.
The network sends tariff information about a call using AOC-S messages at call (S)etup time and during the
call when the tariff changes. Then (D)uring the call, the network sends the current charge in AOC-D messages. Finally at the (E)nd of the call, the network sends the total charge in an AOC-E message encapsulated in
the DISCONNECT or RELEASE message.
ISDN interface configuration task list
397
SmartWare Software Configuration Guide
34 • ISDN interface configuration
The following procedure disables the reception of AOC messages from the network on an ISDN user interface.
Step
Command
Purpose
1
node(ctx-ip)[ctx-name]# interface isdn
<if-name>
Go to the ISDN interface, for which you want to
disable AOC
2
node(if-isdn)[if-name]# no aoc-s
Disables the reception of AOC-S messages at call
setup time
3
node(if-isdn)[if-name]# no aoc-d
Disables the reception of AOC-D messages during
the call
4
node(if-isdn)[if-name]# no aoc-e
Disables the reception of AOC-E messages at the
end of the call
AOC is a network option that can be disable or set to be active for all calls or only on a per-call basis. If your
network provider offers AOC on a per-call basis the firmware needs to request AOC information on each outgoing call. The following procedure enables the reception of AOC messages on an ISDN user interface. Additionally the interface sends an AOC activation request for each outgoing call to the network.
Step
Command
Purpose
1
node(ctx-ip)[ctx-name]# interface isdn
<if-name>
Go to the ISDN interface, for which you want to
enable AOC on a per-call basis
2
node(if-isdn)[if-name]# aoc-s explicit
Enables the reception of AOC-S messages and
sends an AOC-S activation request for each outgoing call
3
node(if-isdn)[if-name]# aoc-d explicit
Enables the reception of AOC-D messages and
sends an AOC-D activation request for each outgoing call
4
node(if-isdn)[if-name]# aoc-e explicit
Enables the reception of AOC-E messages and
sends an AOC-E activation request for each outgoing call
In default, an ISDN network interface provides AOC information to the connected phones only if available,
i.e. only if the call is routed to an ISDN user interface that is connected to a network providing AOC information. The following procedure enables the transmission of AOC message on an ISDN network interface even if
ISDN interface configuration task list
398
SmartWare Software Configuration Guide
34 • ISDN interface configuration
there is no AOC information from the network. In that case a message containing the value noChargeAvailable
is sent.
Step
Command
Purpose
1
node(ctx-ip)[ctx-name]# interface isdn
<if-name>
Go to the ISDN network interface, for which you
want to enable AOC for all calls
2
node(if-isdn)[if-name]# aoc-s automatic
Enables the transmission of AOC-S messages even
if there is no tariff information from the network for
all calls
3
node(if-isdn)[if-name]# aoc-d automatic Enables the transmission of AOC-D messages even
if there is not charge information from the network
for all calls
4
node(if-isdn)[if-name]# aoc-e automatic Enables the transmission of AOC-E message even
if there is no charge information from the network
for all calls
The following procedure enables the transmission of AOC message on a per-call basis. That is AOC messages
are sent by the connected phone only if configured for a per-call basis.
Step
Command
Purpose
1
node(ctx-ip)[ctx-name]# interface isdn
<if-name>
Go to the ISDN network interface, for which you
want to enable AOC on a per-call basis
2
node(if-isdn)[if-name]# aoc-s explicit
Enables the transmission of AOC-S messages even
if there is no tariff information from the network on
a per-call basis
3
node(if-isdn)[if-name]# aoc-d explicit
Enables the transmission of AOC-D messages even
if there is not charge information from the network
on a per-call basis
4
node(if-isdn)[if-name]# aoc-e explicit
Enables the transmission of AOC-E message even
if there is no charge information from the network
on a per-call basis
ISDN interface configuration task list
399
SmartWare Software Configuration Guide
34 • ISDN interface configuration
The following table shows an overview of the AOC variants:
no aoc-x
aoc-x
transparent
aoc-x automatic
aoc-x explicit
Default option
no
yes
ISDN User Interface (connected to a PBX switch etc.)
No message from
No information for- No information forthe network
warded to the
warded to the
peer interface
peer interface
no
no
No information forwarded to the
peer interface
AOC message from No information forthe network
warded to the peer
interface
ISDN Network Interface (connected
Phone does not
No information sent
request AOC on a
per-call basis
Information forwarded to the peer
interface
Sends an aoc-x
request to the network. If the network
rejects the request,
no information is forwarded to the
peer interface
Information forwarded to the peer
interface
Phone requests
AOC on a per-call
basis
Information forwarded to the peer
interface
to phones)
Information sent as
received from the
network, no information sent if the network does not
provide information
No information sent Information sent as
received from the
network, no information sent if the network does not
provide information
ISDN interface configuration task list
Always send information,
noChargeAvailable
sent if the network
does not provide
information
Always send information,
noChargeAvailable
sent if the network
does not provide
information
No information sent
Always send information,
noChargeAvailable
sent if the network
does not provide
information
400
SmartWare Software Configuration Guide
34 • ISDN interface configuration
ISDN DivertingLegInformation2 Facility
SmartWare is now able to extract the redirecting information from the DiverstingLegInformation2 Facility and
to provide them to the call control. In the other direction, the redirecting information can be sent as
DiverstingLegInformation2 Facility in addition to the Redirecting Number Information Element.
Transmit Direction
Mode: interface isdn <interface>
Step
1
Command
[name] (if-isdn)[interface]#[no] diversion
emit
Purpose
Enables or disables transmitting of the
DivertingLegInformation2 Facility.
Receive Direction
Mode: interface isdn <interface>
Step
1
Command
[name] (if-isdn)[interface]#[no] diversion
accept
Purpose
Enables or disables receiving of the
DivertingLegInformation2 Facility.
T1 Caller-Name Support
The ISDN implementation now supports reception and transmission of the caller-name on T1 links as it is
used in NI2 networks according to Bellcore GR-1367-CORE. Transmission of the caller-name is part of the
Calling Name Delivery (CNAM) service.
In previous build series (R3.20), the caller-name was already supported for DSS-1 networks using User-User
information elements and for Q.SIG (PSS-1) networks using FACILITY messages. Now the caller-name is also
supported for NI2 networks following the Bellcore standard.
As a prerequisite, the caller-name feature must be enabled on each ISDN interface in the CS context separately.
This command now has additional arguments to configure the SETUP retention as follows:
In NI2 networks an incoming ISDN SETUP message may contain a NameInfomationFollowing indication
instead of the name. This means that the calling-party name is not available yet, but will be sent later, for example, after the dictionary database lookup in progress succeeded. If such an incoming ISDN call is internally
routed to another network (e.g. to a SIP network or to a ISDN DSS-1 network), we must know the name
before sending the initial INVITE or SETUP message towards the destination network. Therefore we must
retain the SETUP message of the incoming ISDN call until the name is present. The caller-name command
now allows you to configure the behaviour of this SETUP retention mechanism. There are three possible
options:
• caller-name ignore-absence <timeout>: This configuration command specifies the behaviour for incoming
ISDN calls. When a NameInformationFollowing indication is received with the SETUP message, the callinitiation is retained until the name is received or until this timeout elapses. After that, the call is forwarded
to the configured destination interface. When forwarding a call without a caller-name to a SIP network,
please note that there is no chance to send the caller-name later over SIP.
ISDN interface configuration task list
401
SmartWare Software Configuration Guide
34 • ISDN interface configuration
• caller-name early-alerting <timeout>: This configuration command specifies the behaviour for incoming
ISDN calls. Some networks only deliver the name after an alerting indication. These networks simulate the
mid-ring name delivery feature of analog lines. If early alerting is enabled, we send back a faked ALERTING message after a configurable timeout when we receive a NameInformationFollowing indication. This
command can be used together with the ignore-absence command. For example, you can configure an
interface to first generate an ALERTING message and later forward the call anyway. If used that way, the
early-alerting timeout should be smaller than the ignore-absence timeout.
• caller-name send-information-following: This configuration command specifies the behaviour for outgoing ISDN calls. If there is no name from the originating network, the ISDN interface configured with this
command sends a NameInformationFollowing indication to the remote side itself.
The following example enables and configures the caller-name feature on a T1 ISDN interface for incoming
calls. If no name is present in the SETUP message, but the SETUP message contains the NameInformationFollowing indication, an ALERTING message is sent back after 500ms. If there is no name after additional 500ms
the call is routed to the destination network anyway.
Mode: context cs / interface isdn
Step
1
2
Command
Purpose
node(if-isdn)#caller-name
Enables reception of the caller-name.
node(if-isdn)#caller-name early-alerting (optional) If no name is present in an incoming
500
ISDN call and if the incoming SETUP message contains the NameInformationFollowing indication,
we send a fake ALERTING message after 500ms
towards the caller. The SETUP message is retained
for this period, i.e. the call is not forwarded to the
configured destination.
This step is optional. When not configured, an
ALERTING message is faked after 2s by default.
You can disable faking an ALERTING message by
using the “no” form of the command.
Note: If the ignore-absence timeout is also configured, the early-alerting timeout should have a
smaller value than the ignore-absence timeout.
ISDN interface configuration task list
402
SmartWare Software Configuration Guide
Step
3
Command
node(if-isdn)#caller-name ignoreabsence 1000
34 • ISDN interface configuration
Purpose
(optional) If no name is present in an incoming
ISDN call and if the incoming SETUP message contains the NameInformationFollowing indication,
we forward the call to the routing destination anyway after 1000ms (500ms after faking the ALERTING message in this example).
This step is optional. When not configured, the call
is forwarded after 4s by default.
You can disable forwarding a call without a name
by using the “no” form of the command.
Note: The specified timeout is measured starting
at the reception of the SETUP message, not when
the early-alerting timeout elapses.
The following example enables and configures the caller-name feature on a T1 ISDN interface for outgoing
calls. It enables the transmission of the NameInformationFollowing indication (encapsulated into sent SETUP
message) when no name is present from the originating network:
Mode: context cs / interface isdn
Step
1
2
Command
Purpose
node(if-isdn)#caller-name
Enables transmission of the caller-name.
node(if-isdn)#caller-name send-informa- If no name has been received from the originating
tion-following
network a NameInformationFollowing indication is
send encapsulated into the SETUP message for the
outgoing ISDN call. This feature is disabled
by default.
ISDN interface configuration task list
403
Chapter 35 FXS interface configuration
Chapter contents
Introduction ........................................................................................................................................................405
FXS interface configuration task list ....................................................................................................................405
Configuring a subscriber number (recommended) ........................................................................................405
Configuring an alternate PSTN profile (optional) .........................................................................................406
Configuring caller-ID presentation (optional) ...............................................................................................406
Configuring flash hook processing (optional) ................................................................................................406
Configuring ringing-cadence (optional) ........................................................................................................407
Configuring the Message Waiting Indication feature for FXS .......................................................................408
Configuration .........................................................................................................................................408
Frequency-shift keying ............................................................................................................................409
FXS supplementary services description...............................................................................................................410
Call hold .......................................................................................................................................................411
Call waiting ...................................................................................................................................................411
Call waiting reminder ring ............................................................................................................................412
Drop passive call ...........................................................................................................................................412
Drop active call .............................................................................................................................................412
Call toggle .....................................................................................................................................................412
Call transfer ..................................................................................................................................................412
Conferencing ................................................................................................................................................413
Call park .......................................................................................................................................................413
404
SmartWare Software Configuration Guide
35 • FXS interface configuration
Introduction
This chapter provides an overview of FXS interfaces, and the tasks involved in their configuration. This chapter
does not explain the basic configuration steps equal to all CS interfaces. Information about basic interface configuration can be found in the general chapter about CS interface configuration (see chapter 33, “CS interface
configuration” on page 381).
An FXS interface represents the connection of an analog FXS port signaling to the call control of SmartWare.
It encapsulates the signaling of the exchange side of a FXS line, allows incoming and outgoing calls on this line,
controls the line events, tones and datapath, and provides a set of supplementary services. There is a one-to-one
relation between the port and the interface: Only one port can bind to an existing interface, and there must be
a port that binds to the interface for the interface to become functional (see figure 57).
FXS Interfaces
Context CS
encapsulation cc-fxs
bind commands
FXS
Port
FXS
Port
Figure 57. FXS interfaces on the CS context
FXS interface configuration task list
This section describes the configuration tasks for FXS interfaces. There is no mandatory configuration for basic
FXS operation.
• Configuring a subscriber number (recommended) (see page 405)
• Using an alternate PSTN profile (optional) (see page 406)
• Configuring caller-id presentation (optional) (see page 406)
• Configuring flash hook processing (optional) (see page 406)
Configuring a subscriber number (recommended)
Contrary to ISDN, where each terminal knows its own subscriber number (MSN), an analog device doesn't
have this capability. If such a device is connected to an FXS port and makes an outgoing call (goes off hook and
dials), the dialed digits form the called party number. But there is no calling party information available from
the FXS protocol. To insert calling party information and make it available to other protocols over which the
call may be transported, a subscriber number must be configured on the interface.
Note
Introduction
The configured subscriber number does not affect the routing of incoming
calls on the interface.
405
SmartWare Software Configuration Guide
35 • FXS interface configuration
Mode: Interface FXS
Step
1
Command
[name](if-fxs)[name]#[no] subscribernumber <number>
Purpose
Applies a subscriber number for the fxs interface.
The no form of the command clears an existing one.
Default: none
Configuring an alternate PSTN profile (optional)
The PSTN profile contains the configuration for data/voice transmission on circuit-switched channels (See
chapter 48, “PSTN profile configuration” on page 597). In the case of FXS interfaces, the PSTN profile applies
to the analog line associated with the interface. There is a PSTN profile named default, which always exists in
the system. If no different PSTN profile name is explicitly configured on the FXS interface, the profile named
default is used.
Mode: Interface FXS
Step
1
Command
[name](if-fxs)[name]#use profile pstn
profile-name
Purpose
Defines an alternate PSTN profile to be used for this
FXS interface.
Configuring caller-ID presentation (optional)
FXS/FXO protocols allow the presentation of the caller-ID (calling party number and name of an incoming
call) to an analog terminal when the terminal is ringing. (See Chapter 43, “FXS port configuration” on
page 537 for other caller-ID related settings.) Use this command to configure presentation of the calling party
number to the analog device connected to the FXS port associated with the interface.
Mode: Interface FXS
Step
1
Command
[name](if-fxs)[name]#[no] caller-id-presentation {pre-ring | mid-ring}
Purpose
Enables/Disables the caller-id presentation and
defines if it must be sent before ring starts or in the
first ring pause.
Configuring flash hook processing (optional)
The flash-hook command specifies if the flash hook pattern must be handled locally or if it must be relayed to
the remote subscriber. Per default flash hook is handled locally because it is the initial pattern for local initiated
supplementary services. If the flash hook is relayed to the remote subscriber, the local user will not be able to
initiate a second call. The relay feature is used if the termination instance of the remote protocol is configured
to handle all the supplementary services.
Mode: Interface FXS
Step
1
Command
[name](if-fxs)[name]#flash-hook {handle-locally | relay}
FXS interface configuration task list
Purpose
Defines processing instance of the flash hook pattern.
Default: handle-locally
406
SmartWare Software Configuration Guide
35 • FXS interface configuration
Configuring ringing-cadence (optional)
The ringing-cadence on FXS Ringing-cadence profiles can be used on FXS interfaces. Each profile consists of a
sequence of different rings and ring pauses. Arbitrary ring cadences of up to 10 elements can be configured.
The sequence in which the commands are entered (or appear in the config file) defines the sequence in which
the corresponding elements are played. If the profile consists of only one element, the element will be repeated
forever, causing an endless ring or pause. An empty ringing-cadence will lead to an endless pause.
The profile ringing-cadence must be bound from the respective interface to become effective. Alternatively the
profile ringing-cadence default can be modified to modify the ringing-cadence on all FXS interfaces.
Mode: Configure
Step
Command
Purpose
1
[name](cfg)#profile ringing-cadence
name
Creates a ringing-cadence profile with name name
and enters ringing-cadence configuration mode.
2
[name](pf-ringingcad)[name]#play
<duration>
Defines a ring with duration duration.
3
[name](pf-ringingcad)[name]#pause
<duration>
Defines a pause with duration duration.
4
[name](pf-ringingcad)[name]#...
Repeat step 2 and/or step 3 to define a ringingcadence. If not specified otherwise, the new entries
are appended to the existing cadence.
5
[name](pf-ringingcad)[name]#flush-elements
Resets the ringing cadence. Same as deleting and
re-creating the profile.
Example: Define an example ringing-cadence
The first line defines the first element of the cadence: 500ms. The second line a pause of 500ms and so on. The
cadence is repeated infinitely.
node(cfg)#profile ringing-cadence example
node(pf-ringingcad)[example]#play 500
node(pf-ringingcad)[example]#pause 500
node(pf-ringingcad)[example]#play 500
node(pf-ringingcad)[example]#pause 3000
FXS interface configuration task list
407
SmartWare Software Configuration Guide
35 • FXS interface configuration
Configuring the Message Waiting Indication feature for FXS
Note
Message Waiting Indication is programmed in two sections of SmartWare,
the FXS interface and the SIP Location service. The information below
refers to information for configuring the Message Waiting Indication feature
for FXS. For information on configuring the Message Waiting Indication
feature for SIP, see “Configuring the Message Waiting Indication feature for
SIP” on page 619.
FXS interface configuration mode allows a selection of the way in which notifications about new voice messages are performed. Supported modes are:
1. Stuttered dial tone (if there is a new message/messages in users voice mailbox, for 3 seconds after taking the
phone off-hook the dial-tone will “stutter”, producing short delays between the dial-tone cadence)
2. Visual Message Waiting Indication utilizing frequency shift keying signaling. Visual MWI-enabled FXS
phones have a LED on the case to represent a new voice message. The led will blink (or will simply light
up) when a new message arrives to the voice mailbox.
3. Both Stuttered dial tone from p.1 and Visual Message Waiting Indication from p.2.
Configuration
You can enable both stutter dial tone and visual message waiting indication at the same time issuing both message-waiting-indication commands independently.
Step
1
Step
1
Command
Purpose
[node](if-fxs)[name]#[no] message-wait- Enables/Disables Message Waiting Indication
ing-indication stutter-dial-tone
through Stuttered Dial Tone
Command
Purpose
[node](if-fxs)[name]#[no] message-wait- Enables Visual Message Waiting Indication through
ing-indication frequency-shift-keying
frequency shift keying signaling
FXS interface configuration task list
408
SmartWare Software Configuration Guide
35 • FXS interface configuration
Frequency-shift keying
Frequency-shift keying signaling can be specified in FXS port configuration mode, in one of the following formats:
1. Multiple Data Message Format (MDMF) (etsi standard) (default).
2. Single Data Message Format (SDMF) (bell standard).
To enable frequency-shift keying by MDMF standard, use the existing caller-id format command.
Note
Step
1
MDMF(etsi) is a default value and it will not be visible in “show runningconfig” output.
Command
[node](prt-fxs)[num/num]#caller-id format etsi
Purpose
Selects MDMF standard for sending frequency-shift
keyed messages
To enable frequency-shift keying by SDMF standard, use existing caller-id format command (please note that
as of May 21st, 2008 there were no confirmed test results about SDMF frequency-shift keying signaling functioning properly):
Step
1
Command
[node](prt-fxs)[num/num]#caller-id format bell
Note
Purpose
Selects SDMF standard for sending frequency-shift
keyed messages
The tone cadence for stutter dial tone can be set in profile tone-set mode.
The tone type name for a tone that should represent a waiting message is
message-waiting-tone and by default it is set to defaultStuttertone
(on,100,425,-7,off,100). Refer to Chapter 42, “Tone configuration” on
page 529 for information on setting up tone profiles.
FXS interface configuration task list
409
SmartWare Software Configuration Guide
35 • FXS interface configuration
FXS supplementary services description
FXS interfaces offer a set of supplementary services. Some of these services are locally terminated. Others, like
conferencing, push the involved subscribers to an external service. These supplementary services are:
• Call hold (see page 411)
• Call waiting (see page 411)
• Call waiting reminder ring (CWRR) (see page 411)
• Drop passive call (held or waiting) (see page 412)
• Drop active call (connected call), accept passive call (held or waiting) (see page 412)
• Call toggle (see page 412)
• Call transfer (see page 412)
• Conferencing (see page 413)
• Call park (see page 413)
Note
The local subscriber is always the one who executes the service.
The services call hold and call waiting allow the local subscriber to open or accept a second call. This is the
condition for all the other services that are applied as soon as the local subscriber has two calls initiated to
remote subscribers. That means the call hold service can only be applied as long as only one call is ongoing. All
the above described service can be executed by a key pattern. Some of these services have permanent patterns
for the others they can be configured by the user.
Note
The flash pattern always has the short notation, '!'.
Table 14. FXS services with permanent patterns
Service
Default Pattern
Call hold
!
Call transfer
On-Hook
Table 15. FXS services with configurable patterns
Service
Default Pattern
Drop passive call
!0
Drop active call, accept passive call
!1
Call toggle
!2
Conferencing
!3
Call park
*98
FXS supplementary services description
410
SmartWare Software Configuration Guide
35 • FXS interface configuration
The command to change the key patterns is available in the interface fxs configuration mode. If the patterns
start with the same key sequence, they should also have the same length. The key parser is of type best matching so it executes the service of the first pattern that represents a full match.
Mode: Interface FXS
Step
1
Command
Purpose
[name](if-fxs)[name]#[no] {drop-passive Defines a new key pattern for the selected service.
| drop-active | toggle | coference} <pat- The no form of the command clears the existing pattern>
tern and disables the service.
Use '!' for flash in a service pattern.
Call hold
This service is used to set the remote subscriber on hold and offers the possibility to set up a second call to the
local subscriber. Call hold is activated by flash and then the local subscriber will hear the dial tone and the
remote subscriber will be set on hold. For the action on the remote side, the far end device is responsible. It can
play the hold tone, hold music or an inband message. In this state, the held subscriber can be retrieved by
touching flash. If the local subscriber hears the dial tone and doesn't start dialing, the call waiting tone will play
after a timeout of five seconds. To retrieve the held subscriber in this state, touch flash. It is possible to disable
this service by executing the command no additional-call-offering on the fxs interface.
Mode: Interface FXS
Step
1
Command
[name](if-fxs)[name]#[no] additionalcall-offering
Purpose
Enables or disables the call hold feature.
Default: enabled
Call waiting
The call waiting service doesn't need a special pattern. The user can use either drop passive call to reject the
incoming call, can use call toggle to hold the active call and to accept the incoming call or can use drop active
call to disconnect the current one and to switch to the incoming call. Call waiting can be explicitly disabled by
executing the no call-waiting command on the fxs interface.
The user of the device connected to the FXS port can be given the option to activate/deactivate call waiting by
means of a special digit sequence touched on the keypad of his device (see section, “Configuring the precall service tables” on page 388). The configuration in the fxs interface is administrative what means if call waiting is
disabled here, the user cannot activate it anymore.
Mode: Interface FXS
Step
1
Command
[name](if-fxs)[name]#[no] call-waiting
FXS supplementary services description
Purpose
Enables or disables the call-waiting service
Default: enabled
411
SmartWare Software Configuration Guide
35 • FXS interface configuration
Call waiting reminder ring
If a remote subscriber disconnects the call, the local subscriber will hear the release tone and go on-hook. But,
if there is still a pending remote subscriber that has been previously set on hold, the phone rings right after onhook. If the local subscriber goes off-hook, the user will be connected again with the previously held remote
subscriber. It is possible to navigate to the pending held subscriber. As soon as the release tone appears, the local
subscriber can touch flash to connect again.
Drop passive call
If the local subscriber hears the call waiting tone that indicates a second incoming call and decides not to disturb the current one, the drop passive call feature rejects the waiting call. It can also be used to drop a pending
call that has been previously set on hold.
Drop active call
The drop active call service can be used if the local subscriber has an active call and a call previously set on
hold. This feature provides the possibility to drop the active call and to switch to the hold one without going
on-hook first.
Call toggle
In general, the call toggle feature is used to switch between an active and a passive call. The passive call can
either be a call previously set on hold or a waiting call.
Call transfer
The call transfer feature is only available if the second call was originated by the local subscriber. For execution,
the local subscriber goes on-hook and the active call and the held call will be transferred together. If the second
call was an incoming call, the active call will be dropped and the CWRR will appear to signal a pending hold
call. It is possible to disable this service by executing the command no call-transfer on the fxs interface.
Mode: Interface FXS
Step
1
Command
[name](if-fxs)[name]#[no] call-transfer
FXS supplementary services description
Purpose
Enables or disables the call transfer feature.
Default: enabled
412
SmartWare Software Configuration Guide
35 • FXS interface configuration
Conferencing
When executing a conference, all involved calls will be handed to a given call-router conference service. It is
then the responsibility of this service to initiate the conference. Conference services are configured in the Context CS and are protocol specific. The sip-conference service can be used to address a SIP Media Server for conferencing according to RFC4240 (see section, “SIP conference-service” on page 525).
Conferencing can only be executed if the second call was originated by the local subscriber. If the second call is
an incoming call and the local subscriber tries to conference, the call toggle service will be executed.
Mode: Interface FXS
Step
1
Command
[name](if-fxs)[name]#[no] route conference dest-service <service-name>
Purpose
Specifies the routing destination for a conference.
The no form of the command clears an existing
route.
Call park
The call park service allows parking an ongoing call on a specific number. This park number starts with a specific Park Code that must be configured with the 'service-pattern' command. After the user presses 'flash' to
open a new call and the dialed number starts with the defined park service-pattern, the service will be executed
five seconds after the last digit has been pressed or the user completes the number with the '#' character. This
service is not handled locally, which means that another entity must be contacted that offers it.
On some SIP servers, it is possible to park a call on a specific number by using the blind-transfer feature. This
is what the FXS park-call service achieves in an FXS/SIP call. It forces the SIP endpoint to execute a blind
transfer where the Refer-To header contains the park number.
To change the park service pattern, the already existing 'service-pattern' command has the option 'park' that
allows the user to overwrite the default setting.
Mode: Interface FXS
Step
1
Command
[name](if-fxs)[name]#[no] {drop-passive |
drop-active | toggle | conference | park}
<pattern>
FXS supplementary services description
Purpose
Defines a new key pattern for the selected service.
The no form of the command clears the existing pattern and disables the service. Use '!' for flash in a
service pattern.
413
Chapter 36 FXO interface configuration
Chapter contents
Introduction ........................................................................................................................................................415
FXO services description .....................................................................................................................................416
Creating an FXO interface...................................................................................................................................416
Deleting an FXO interface...................................................................................................................................417
FXO interface configuration task list ...................................................................................................................418
FXO off-hook on caller ID ...........................................................................................................................418
Configuring an alternate PSTN profile (optional) .........................................................................................418
Configuring when the digits are dialed (optional) .........................................................................................419
Configuring the number of rings to wait before answering the call (optional) ...............................................421
Configuring how to detect a call has disconnected (optional) ........................................................................422
Configuring how to detect an outgoing call is connected (optional) ..............................................................423
Configuring the destination of the call ..........................................................................................................424
FXO Mute dialing ........................................................................................................................................424
FXO interface examples ................................................................................................................................425
414
SmartWare Software Configuration Guide
36 • FXO interface configuration
Introduction
This chapter provides an overview of FXO interfaces and the tasks involved in configuring them. This chapter
does not explain the basic configuration steps common to all Context Switch (CS) interfaces. Information
about basic interface configuration can be found in chapter 33, “CS interface configuration” on page 381.
An FXO, Foreign eXchange Office, interface connects to an FXS, Foreign eXchange Subscriber, interface. These two
interfaces are used in analog telephony. The FXS interface is provided at the central office in order to connect to
telephones, modems, PBXs, faxes, etc. Telephones and modems are FXO interfaces and want to connect to the
central office. The FXO interface in the SmartNode products is like the telephone and modem interface.
In SmartWare, an FXO interface functions to connect the analog FXO port’s call signaling to the call control
process in SmartWare. Recall that an interface in SmartNode products is a logical device and a port is a physical
device. So the FXO feature consists of the logical interface with all its processes together with its configurable
parameters and the physical interface for the actual analog, 2-wire connection to an FXS device. There is a oneto-one correspondence between the port and the interface.
In order for the interface to be able to make a connection over the 2-wire analog line, there must be a port bound
to the interface (see figure 58). For more information on ports, interfaces, and binding, see section “Interfaces,
Ports, and Bindings” on page 47. For specific details on binding the FXO port to an FXO interface, see section
“Bind FXO ports to higher layer applications” on page 543.
FXO Interfaces
(logical)
Context CS
“encapsulation cc-fxo”
and
"bind" commands
FXO Port
(physical)
FXO Port
(physical)
Figure 58. FXO interfaces on the CS context
This chapter includes the following sections:
• FXO services description (see page 416)
• Creating an FXO interface (see page 416)
• Deleting an FXO interface (see page 417)
• FXO interface configuration task list (see page 418)
Introduction
415
SmartWare Software Configuration Guide
36 • FXO interface configuration
FXO services description
The wide variety of applications and services are supported through a rich feature set. The major characteristics
and features are
• 2-wire loop-start
• Off-hook and ring detection supervision
• Automatic and programmable line gain
• Programmable ring count before call pick-up
• End-of-call detection by line drop (call release indication), busy tone detection and battery reversal detection
• Hook-flash sending: programmable duration, H.245 hook-flash relay (“!” in user input) which provides
Cisco compatibility
• DTMF send and detect: programmable interdigit timer, DTMF-relay
• Caller ID (CLID) and Caller ID names FSK command line interface reception and relay to VoIP signaling
(Bellcore/ANSI and ETSI/ITU)
• Call routing based on caller ID
• Second dial-tone for two-stage DTMF dialing with call routing based on DTMF numbers.
Creating an FXO interface
Interface names can be any arbitrary string. Use self-explanatory names for your interfaces to reflect their
usage in your application. After creating the FXO interface, it is necessary to bind the FXO interface. Refer
to chapter 44, “FXO port configuration” on page 542 for details.
Mode: Context CS
You enter Context CS, one of the configuration modes, as follows.
Note
Step
1
2
3
4
Node is the host name you have assigned to your SmartNode and is the
basic prompt.
Prompt & command
node>
node>enable
node#
node#configure
node(cfg)#
node(cfg)#context cs
node(ctx-cs)[switch]#
FXO services description
Purpose
Basic prompt in Operator Exec mode
Enters Administration execution mode
The prompt in administration execution mode
Enters the Configure configuration mode
The prompt in the Configure configuration mode
Enters the context “CS” for Circuit Switch
The prompt in the Context CS configuration mode
416
SmartWare Software Configuration Guide
36 • FXO interface configuration
Once you are in the Context CS mode, you can enter the FXO configuration mode with the next steps.
Step
5
6
Prompt & command
Purpose
node(ctx-cs)[switch]#interface fxo name The “interface fxo” command creates the new
interface name, which represents an FXO interface. This command also places you in the FXO
interface configuration mode for the created interface.
node(if-fxo)[name]#
You are now in the FXO interface configuration
mode. In this mode, you may configure the parameters for the FXO interface name
Example: Create an FXO interface named PSTN-FALLBACK
The following commands would be used—in Context CS mode—to create an FXO interface named
PSTN-FALLBACK:
node(ctx-cs)[switch]#interface fxo PSTN-FALLBACK
node(if-fxo)[PSTN-FA~]#
Deleting an FXO interface
Almost every configuration command has a no form. In general, use the no form to disable a feature or function. Use the command without the no keyword to re-enable a disabled feature or to enable a feature that is
disabled by default. The no form of the FXO interface deletes the interface.
Mode: Context CS.
Step
1
2
3
4
5
Prompt & command
Purpose
node>
node>enable
node#
node#configure
node(cfg)#
node(cfg)#context cs
node(ctx-cs)[switch]#
Basic prompt in Operator Exec mode
Enters Administration execution mode
The prompt in administration execution mode
Enters the Configure configuration mode
The prompt in the Configure configuration mode
Enters the context “CS” for Circuit Switch
The prompt in the Context CS configuration
mode
node(ctx-cs)[switch]#no interface fxo name Deletes the existing interface name
Deleting an FXO interface
417
SmartWare Software Configuration Guide
36 • FXO interface configuration
FXO interface configuration task list
There are numerous configurable parameters that apply to the FXO interface. The basic commands are listed
with a short description of their function.
• ring-number on-caller-id—Determines if the FXO interface will go off-hook upon reception of a specified caller-ID.
• use profile pstn—Defining and applying an alternate PSTN profile for a specific FXO interface
• dial-after—Selecting whether the FXO interface dials after a pre-defined time or after detection of dial-tone
• ring-number—Defining how many rings are received before answering an incoming call
• disconnect-signal—Selecting the method of determining a call has been disconnected
• connect-signal—Choosing how to detect the connection on the remote end of an outgoing call
• route—Determining the destination (interface) for the incoming call
FXO off-hook on caller ID
A new option has been added to the command “ring-number”. Instead of specifying the number of ring bursts
to wait before going off-hook (for calls coming in through FXO), it is now also possible to go off-hook upon
reception of the caller-ID. With this setting, if a caller ID is available, the time before FXO goes off-hook to
accept the call can be decreased by 2 to 3 seconds. If no caller ID is detected, the call is accepted upon reception of the second ring-burst.
Mode: Interface FXO
Step
1
Prompt, command & response
Purpose
[name] (if-fxo)# ring-number on-caller-id Accepts a call coming in through FXO after
reception of the caller ID or the second ring
burst. Default: 1 ring.
Configuring an alternate PSTN profile (optional)
The PSTN profile has the following configurable parameters:
• Echo canceller (can be enabled or disabled)
• Output gain, which sets the volume of the output of the PSTN interface and port, in this case, FXO.
To define an alternate PSTN profile for the FXO interface, first create the profile according to instructions in
chapter 48, “PSTN profile configuration” on page 597. Then you can apply the newly defined PSTN profile to
a specific FXO interface with the use command as follows.
First enter the Interface FXO configuration mode.
FXO interface configuration task list
418
SmartWare Software Configuration Guide
36 • FXO interface configuration
Mode: Interface FXO
Step
1
2
3
4
5
Prompt, command & response
Purpose
node>
node>enable
node#
Basic prompt in Operator Exec mode
Enters Administration execution mode
Response: The prompt in administration execution mode is the #
node#configure
Enters the Configure configuration mode
node(cfg)#
Response: The prompt in the Configure configuration mode is (cfg)#
node(cfg)#context cs
Enters the Context CS configure mode
node(ctx-cs)[switch]#
Response: The prompt in the Context CS configuration mode is (ctx-cs)[switch]#
node(ctx-cs)[switch]#interface fxo if-name Enter the Interface FXO configuration mode
node(if-fxo)[if-name]#
Response: The prompt in the Interface FXO configuration mode is (if-fxo)[if-name]#
Now we can apply the PSTN profile for the FXO interface named name as follows.
Step
6
Prompt, command & response
Purpose
node(if-fxo)[if-name]#[no] use profile pstn profile-name The “profile pstn” command is
applied to the FXO interface
named if-name
node(if-fxo)[if-name]#
Response: You are now in the
FXO interface configuration
mode. In this mode, you may configure the parameters for the FXO
interface name.
Configuring when the digits are dialed (optional)
When the FXO port goes off-hook to make an outgoing call, the FXS switch normally sends a dial-tone to
indicate it is ready to received dialed digits. Alternatively, you can specify the FXO interface to wait a specific
period of time after going off-hook before dialing the first digit.
Note
All countries do not have the same dial-tone. For information on configuring the dial-tone for your country, refer to chapter 42, “Tone configuration”
on page 529.
The default setting is to wait for the dial-tone. If you choose to wait a specific time after going off-hook, the
variable is timeout and specify the number of seconds to wait. Zero (0) seconds means that the interface dials
immediately.
FXO interface configuration task list
419
SmartWare Software Configuration Guide
36 • FXO interface configuration
Mode: Interface FXO
Step
1
2
3
4
5
6
Prompt, command & response
Purpose
node>
Basic prompt in Operator
Exec mode
node>enable
Enters Administration execution mode
node#
Response: The prompt in
administration execution
mode is the #
node#configure
Enters the Configure configuration mode
node(cfg)#
Response: The prompt in the
Configure configuration
mode is (cfg)#
node(cfg)#context cs
Enters the Context CS configure mode
node(ctx-cs)[switch]#
Response: The prompt in the
Context CS configuration
mode is (ctx-cs)[switch]#
node(ctx-cs)[switch]#interface fxo if-name
Enter the Interface FXO configuration mode
node(if-fxo)[if-name]#
Response: The prompt in the
Interface FXO configuration
mode is (if-fxo)[if-name]#
node(if-fxo)[if-name]#dial-after {dial-tone | timeout seconds} Specifies whether to dial
after detection of dial-tone
(default) or to wait for a
specified timeout (in seconds). Zero (0) seconds will
initiate dialing immediately
after going off-hook.
Example: Setting the timeout to be 4 seconds after going off-hook when initiating a call. The timeout is set for
the FXO interface named Line0.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface fxo Line0
node(if-fxo)[Line0]#dial-after timeout 4
You can verify the change in configuration by using the show running-config command.
This is one of the few commands that does not have a no inverse operation of the command. If you want to
change the timeout period, re-enter the command with the new timeout period. The other option is to wait
for dial-tone. To return to the default (waiting for dial-tone before dialing), enter the command again
using dial-tone.
FXO interface configuration task list
420
SmartWare Software Configuration Guide
Note
36 • FXO interface configuration
Verify that you have configured the dial-tone for the country in which the
SmartNode is installed. (see chapter 42, “Tone configuration” on page 529).
If the dial-tone is not configured for the proper country, the FXO interface
will not detect when the remote FXS switch is sending dial-tone.
Configuring the number of rings to wait before answering the call (optional)
An FXO port identifies an incoming call by detecting the ring from the FXS switch. The ring-number is a
configurable parameter which selects the number of rings before answering the incoming call, that is, before
going off-hook and establishing the call. The minimum value for ring-number is zero (0). With a ring-number of zero, the FXO interface never answers an incoming call.
Due to variations between countries, the proper setting may be 1 or 2. In the USA the Caller-ID (CLID) is sent
to the FXO port between the first and second ring, so a ring-number of 2 would be appropriate. On the other
hand, numerous countries send the CLID prior to the first ring, so the default setting of 1 would be satisfactory.
Mode: Interface FXO
Step
1
2
3
4
5
6
Prompt, command & response
Purpose
node>
node>enable
node#
Basic prompt in Operator Exec mode
Enters Administration execution mode
Response: The prompt in administration execution mode is the #
node#configure
Enters the Configure configuration mode
node(cfg)#
Response: The prompt in the Configure configuration mode is (cfg)#
node(cfg)#context cs
Enters the Context CS configure mode
node(ctx-cs)[switch]#
Response: The prompt in the Context CS configuration mode is (ctx-cs)[switch]#
node(ctx-cs)[switch]#interface fxo if-name Enter the Interface FXO configuration mode
node(if-fxo)[if-name]#
Response: The prompt in the Interface FXO configuration mode is (if-fxo)[if-name]#
node(if-fxo)[if-name]#ring-number count
Specifies the number of rings to wait before
going off-hook. Default = 1 ring.
Example: Configure the ring number to wait for CLID by setting the count to 2. The name of the specific FXO
interface is pstn-local.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface fxo pstn-local
node(if-fxo)[pstn-local]#ring-number 2
You can verify the change in configuration by using the show running-config command.
FXO interface configuration task list
421
SmartWare Software Configuration Guide
36 • FXO interface configuration
Configuring how to detect a call has disconnected (optional)
When a call has disconnected, the FXO interface may detect and verify the termination of the phone call by
three different methods.
• Detect a busy tone or release tone
• Detect a loop break (if provided by the FXS switch)
• Detect battery reversal (if provided by the FXS switch)
• Detect a dtmf signal
• Configure loop break timing
The selection of the method, if any of the three, is via the disconnect-signal command. The default enables
only loop-break. Upon detecting a loop break, the FXO interface proceeds to clear the call on the SmartNode.
In some instances, the user may need to transmit all of the in-band information (tone signal, announcement)
to the end party after disconnection has occurred.
The disconnect-signal command can be used to enable or disable the three detection methods. If all three
methods are disabled, the call is cleared after a period of 30 seconds from reception of the disconnect signal.
Consequently it becomes the responsibility of the end party to execute the on-hook (completing the disconnection phase) for the call to be completely cleared.
Note
Verify that the busy and release tones are correctly configured for the country
where the SmartNode is installed (see chapter 42, “Tone configuration” on
page 529 for configuration information. If the tones are improperly configured, the FXO port will not detect them, resulting in missed phone calls.
Mode: Interface FXO
Step
1
2
3
Prompt, command & response
node(if-fxo)[if-name]#[no] disconnect-signal
{battery-reversal | busy-tone | loop-break}
Purpose
The default is Loop-break. To disable it, use
the no inverse command. Should all three
methods be disabled, the call is cleared 30
seconds after receiving the disconnect signal.
The default setting of loop-break is not displayed in the running-config output.
[name] (if-fxo) [interface]# [no] disconnect-sig- Disconnects the call upon reception of one of
nal dtmf <dtmf-digits>
the specified DTMF digits.
[name] (if-fxo) [interface]#loop-break-duration Specifies the timing of the loop break signal.
[min <min-time>] [max <max-time>]
Shorter breaks are ignored, longer breaks
are treated as line down.
Min specifies the minimum time of a valid
loop break (Default 60ms). Max specifies the
maximum time of a valid loop break (Default
600ms). Please note that the internal timer
has a resolution of 40ms.
FXO interface configuration task list
422
SmartWare Software Configuration Guide
Note
36 • FXO interface configuration
Use the battery-reversal disconnect signal with caution, and use only if the
battery-reversal connect signal is also enabled.
Configuring how to detect an outgoing call is connected (optional)
An FXO interface has the following methods for verifying the connection of an outgoing call after the dialing
has been completed:
• Detect battery reversal (if provided by the FXS switch)
• Detect the first tax pulse (if provided by the FXS switch)
Note
Tax Impulse Signals: European telephone companies in Austria, Belgium,
Czechoslovakia, Germany, Spain and Switzerland place a pulse signal on the
phone line to meter the length of the telephone call for billing purposes.
The command to enable or disable these methods is connect-signal. If both are enabled, only one needs to
occur for the FXO interface to verify a properly connected call with the remote party. Should both be disabled,
the SmartNode waits for the call-connect signal from the FXS switch.
Mode: Interface FXO
Step
Prompt, command & response
1
2
node>
node>enable
node#
3
node#configure
node(cfg)#
4
node(cfg)#context cs
node(ctx-cs)[switch]#
5
node(ctx-cs)[switch]#interface fxo if-name
node(if-fxo)[if-name]#
6
node(if-fxo)[if-name]#[no] connect-signal
{battery-reversal | tax-pulse}
Purpose
Basic prompt in Operator Exec mode
Enters Administration execution mode
Response: The prompt in administration
execution mode is the #
Enters the Configure configuration mode
Response: The prompt in the Configure
configuration mode is (cfg)#
Enters the Context CS configure mode
Response: The prompt in the Context CS
configuration mode is (ctx-cs)[switch]#
Enter the Interface FXO configuration
mode
Response: The prompt in the Interface FXO
configuration mode is (if-fxo)[if-name]#
Selects battery-reversal, tax-pulse or neither to determine when outgoing calls are
connected.
Default: both methods are disabled.
Note
Only disable connect-signal if you are sure that the FXS switch provides a
call connect signal.
FXO interface configuration task list
423
SmartWare Software Configuration Guide
36 • FXO interface configuration
Configuring the destination of the call
The last command in configuring the FXO Interface is the route command. This command configures the call
router. You can configure the routing-destination for call setup and for service activation. For complete details,
see chapter 40, “Call router configuration” on page 456.
Mode: Interface FXO
Step
1
2
3
4
5
6
Prompt, command & response
Purpose
node>
node>enable
node#
Basic prompt in Operator Exec mode
Enters Administration execution mode
Response: The prompt in administration execution mode is the #
node#configure
Enters the Configure configuration
mode
node(cfg)#
Response: The prompt in the Configure
configuration mode is (cfg)#
node(cfg)#context cs
Enters the Context CS configure mode
node(ctx-cs)[switch]#
Response: The prompt in the Context
CS configuration mode is (ctxcs)[switch]#
node(ctx-cs)[switch]#interface fxo if-name
Enter the Interface FXO configuration
mode
node(if-fxo)[if-name]#
Response: The prompt in the Interface
FXO configuration mode is (if-fxo)
[if-name]#
node(if-fxo)[if-name]#[no] route {call {dest-interface Use this command to route a call (destinterface-name | dest-service table-name | dest-table interface) directly to an interface speciservice-name} | precall {dest-interface interface-name | fied with the interface-name paramedest-service table-name | dest-table service-name }
ter, (dest-table) to the call router using
the table-name table as the first routing
table, or (dest-table) directly to a service specified with the service-name
parameter.
FXO Mute dialing
A new command has been added. With this command, the FXO interface can mute its receive path during
dialtone detection and DTMF digits sending. This to avoid unwanted noises on the calling side (for calls going
out of the device through FXO).
Mode: interface fxo
Step
1
Command
[name] (if-fxo)# [no] mute-dialing
FXO interface configuration task list
Purpose
Enables or disables mute of receive path during dialtone
detection and dialing. Default: Disabled.
424
SmartWare Software Configuration Guide
36 • FXO interface configuration
FXO interface examples
Example 1: Configuring an FXO interface which is to be connected to a PSTN network for analog line extension over IP. The FXS switch provides caller-id between the first and second ring and uses battery reversal to
indicate a connected call. The FXO interface is named pstn-local. The incoming call is routed directly to the
interface named pstn-1-voip.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface fxo pstn-local
node(if-fxo)[pstn-local]#connect-signal battery-reversal
node(if-fxo)[pstn-local]#ring-number 2
node(if-fxo)[pstn-local]#route call dest-interface pstn-1-voip
Example 2: Configuring an FXO interface to be used as fallback if the IP network link is down. This means
that there are only out-going calls. You are not sure whether the FXS switch provides a connect signal. In this
case, you only have to create the interface and bind the FXO port to the FXO interface. (For binding the FXO
port to the FXO interface, see chapter 44, “FXO port configuration” on page 542.)
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface fxo pstn-fb
node(if-fxo)[pstn-fb]#connect-signal battery-reversal
node(if-fxo)[pstn-fb]#connect-signal tax-pulse
FXO interface configuration task list
425
Chapter 37 RBS interface configuration
Chapter contents
Introduction ........................................................................................................................................................427
RBS interface configuration task list ....................................................................................................................427
Creating/Deleting a RBS interface .......................................................................................................................427
Configuring an alternate PSTN profile .........................................................................................................427
Configuring an alternate Tone-Set profile .....................................................................................................428
Configuring B-Channel allocation strategy ...................................................................................................428
Configuring additional disconnect signals .....................................................................................................428
Configuring number of Rings before Off-Hook ............................................................................................429
Configuring ready to dial strategy .................................................................................................................429
RBS interface debugging ...............................................................................................................................429
426
SmartWare Software Configuration Guide
37 • RBS interface configuration
Introduction
This chapter provides an overview of RBS interfaces, and the tasks involved in their configuration. This chapter does not explain the basic configuration steps equal to all CS interfaces. Information about basic interface
configuration can be found in the general chapter about CS interface configuration (see Chapter 33, “CS interface configuration” on page 381). An RBS interface represents the connection of a T1 timeslot or of a group of
timeslots. For every timeslot bound to the interface exist a RBS protocol endpoint that masters incoming and
outgoing calls, controls the B-channel and provides different services. A RBS interface can encapsulate subscriber and exchange side of the following protocols: Loop Start, Ground Start, E&M Immediate Start, E&M
Wink Start, E&M Double Wink Start. The settings are automatically taken from the RBS protocol that binds
to the interface and changes of the protocol configuration are automatically reflected on the interface. See
Chapter 20, “RBS configuration” on page 225 for more details.
RBS interface configuration task list
• Creating/Deleting a RBS interface
• Configuring an alternate PSTN profile
• Configuring an alternate Tone-Set profile
• Configuring B-Channel allocation strategy
• Configuring additional disconnect signals
• Configuring number of Rings before Off-Hook
• Configuring ready to dial strategy
Creating/Deleting a RBS interface
Interface names can be any arbitrary string. Use self-explanatory names for your interfaces to reflect their
usage in your application. After creating the RBS interface, it is necessary to bind the requested RBS protocol to it. See Chapter 20, “RBS configuration” on page 225 for more details.
Mode: Context CS
Step
1
Prompt & command
Purpose
node(ctx-cs)[switch]#[no] interface rbs The “interface rbs” command creates a new intername
face, the ‘no’ form deletes an existing one.
Configuring an alternate PSTN profile
The PSTN profile contains the configuration for data/voice transmission on circuit-switched channels (see
Chapter 48, “PSTN profile configuration” on page 597). In the case of RBS interfaces, the PSTN profile
applies to the B-Channels of the timeslots associated with the interface.
There is a PSTN profile named default, which always exists in the system. If no different PSTN profile name is
explicitly configured on the RBS interface, the profile default is used.
Introduction
427
SmartWare Software Configuration Guide
37 • RBS interface configuration
Mode: Interface RBS
Step
1
Command
Purpose
node(if-rbs)[if-name]#use profile pstn pro- Defines an alternate PSTN profile to be used for
file-name
this RBS interface/Reverts the setting to its default
(use profile PSTN default)
Configuring an alternate Tone-Set profile
The Tone-Set profile contains the mapping of the different Call Progress Tones like Dial-Tone, Ringback-Tone
or Release-Tone to programmed tone sequences. Dependent on the configuration, the RBS protocols must be
able to detect inband played Dial or Release Tones. Therefore it is important, both communication parties
using the same tone specifications. For details how to setup and alternate Tone-Set profile, please consult chapter 42, “Tone configuration” on page 529.
There is a Tone-Set profile named default, which always exists in the system. If no different Tone-Set profile
name is explicitly configured on the RBS interface, the profile default is used.
Mode: Interface RBS
Step
1
Command
node(if-rbs)[if-name]#use profile tone-set
profile-name
Purpose
Defines an alternate Tone-Set profile to be used for
this RBS interface/Reverts the setting to its default
(use profile Tone=-Set default)
Configuring B-Channel allocation strategy
If a group of timeslots is bound to the interface and a call is originated by the Call Control, the B-Channel
allocation strategy defines if the highest available timeslot number must be chosen for initiating the outgoing
call or the lowest one. For incoming calls over TDM this command has no effect because the timeslot has
already been selected by the remote party.
Mode: Interface RBS
Step
1
Command
node(if-rbs)[if-name]#bchan-numberorder {ascending | descending}
Purpose
Defines the B-Channel allocation strategy
Default: descending
Configuring additional disconnect signals
Most of the RBS protocols define a ABCD-Bit pattern can be sent to indicate a call disconnection to the
remote party. In case of the Loop Start protocol where the exchange side terminates the call, this is not possible.
This protocol is really similar to an analog telephony line where the subscriber will be informed with a release
tone about a call release. With this command it is possible to configure additional signals must be interpreted
as a disconnect event.
Creating/Deleting a RBS interface
428
SmartWare Software Configuration Guide
37 • RBS interface configuration
Mode: Interface RBS
Step
1
Command
Purpose
node(if-rbs)[if-name]#[no] disconnect-sig- Enables/Disables the busy/release-tone as addinal {busy-tone}
tional disconnect signal.
Default: Enabled
Configuring number of Rings before Off-Hook
The Loop Start and the Ground Start protocol on the subscriber side identifying an incoming call by detecting
the Ring-Signal sent by the exchange side. This command specifies the number of ring cycles before the subscriber side is going Off-Hook and answers the call.
Mode: Interface RBS
Step
1
Command
node(if-rbs)[if-name]#ring-number value
Purpose
Defines the number of ring cycles before the subscriber side answers the call.
Default: 1
Configuring ready to dial strategy
If on the Loop Start or Ground Start protocol the subscriber side originates a call, there is no protocol specification for the exchanges side to signal readiness for accepting the called party number. Even the E&M Immediate Start protocol is symmetric, the terminating side is also unable to do that. This command specifies for
these protocols the strategy they must apply to determine the right moment for sending the called party number.
• Dialtone: The originating side sends the called party number as soon as it detects the dial tone.
• Timeout: The originating side sends the called party number after a timeout that starts at the Off-Hook
moment.
Mode: Interface RBS
Step
1
Command
Purpose
node(if-rbs)[if-name]#[no] dial-after {dial- Defines the ready to dial strategy.
tone | timeout seconds}
Default: dialtone
RBS interface debugging
For the investigation of possible call signaling or interoperability problems, there exists a debug command with
the options ‘datapath’, ‘error’ and ‘signaling’. In addition exists a ‘show’ command that outputs information
about the current interface configuration and about the states of the protocol endpoints.
Mode: Operator execution
Step
1
Command
Purpose
node#[no] debug ccrbs {datapath | error Enables/Disables different RBS interface monitors.
| signaling}
Creating/Deleting a RBS interface
429
SmartWare Software Configuration Guide
37 • RBS interface configuration
Mode: Operator execution
Step
1
Command
Purpose
node#show ccrbs call if-name [detail level] Prints information about ongoing calls on the
selected interface.
node#show ccrbs interface if-name [detail Prints information about the configuration of the
level]
selected interface and about the states of the
belonging protocol endpoints.
Creating/Deleting a RBS interface
430
Chapter 38 H.323 interface configuration
Chapter contents
Introduction ........................................................................................................................................................432
H.323 interface configuration task list .................................................................................................................432
Binding the interface to an H.323 gateway ...................................................................................................433
Configuring an alternate VoIP profile (optional) ...........................................................................................434
Configuring CLIP/CLIR support (optional) .................................................................................................435
Enabling ‘early-proceeding’ on H.323 interfaces ...........................................................................................436
Enabling the early call connect (optional) .....................................................................................................436
Enabling the early call disconnect (optional) .................................................................................................437
Enabling the via address support (optional) ...................................................................................................437
Override the default destination call signaling port (Optional) ......................................................................437
Configuring status inquiry settings (optional) ...............................................................................................438
AOC-D Support for H.323 ..........................................................................................................................439
431
SmartWare Software Configuration Guide
38 • H.323 interface configuration
Introduction
This chapter provides an overview of H.323 interfaces used by H.323 gateways and describes the specific tasks
involved in their configuration. This chapter does not explain the basic configuration steps required for all CS
interfaces. Information about basic interface configuration can be found in the general chapter about CS interface configuration.
Within the CS context of SmartWare, an H.323 interface is a special type of CS interface providing call routing for incoming and outgoing calls to and from the H.323 gateway (see figure 59).
H.323
Gateway
bind commands
H.323 Interface
Context CS
Figure 59. H.323 interfaces on the CS context
An H.323 interface is a CS interface type that also provides voice over IP settings in addition to the general CS
interface parameters. All H.323 interfaces must be explicitly bound to an H.323 gateway. Calls, which are
routed from the Context CS to one of the H.323 interfaces, will be forwarded for call establishment to the
H.323 gateway to which the H.323 interface is bound. All the parameters configured in the H.323 interface
will be applied to the forwarded call.
When a call arrives over H.323 in the H.323 gateway. The gateway looks for the best matching H.323 interface, which is bound to that gateway. If there is an H.323 interface, which contains the IP address of the source
of the H.323 call in its remoteip configuration parameter, the call will be handed over to that interface for further call processing. If no such interface is found, the gateway looks for an interface, which is bound to that
gateway and does not contain a remoteip parameter. If such an interface is found the call will be handed over to
that interface for further processing. If however such an interface is also not available, the call will be dropped.
H.323 interface configuration task list
This section describes the configuration tasks for H.323 interfaces listed below. You must at least perform the
tasks, which are not marked as optional, to define a working H.323 interface. The optional tasks are usually
only required in advanced configurations. Before you can start with the H.323 interface specific configuration
tasks, you need to create the H323 interface and define the routing for it as defined in chapter 33, “CS interface configuration” on page 381.
• Binding the interface to an H.323 gateway
• Configuring a remote IP address
• Using an alternate VoIP profile (optional)
Introduction
432
SmartWare Software Configuration Guide
38 • H.323 interface configuration
• Configuring information transfer capability handling (optional)
• Configuring CLIP/CLIR support (optional)
• Enabling the early-proceeding feature for call setup
• Enabling the early call disconnect (optional)
• Enabling the via address support (optional)
• Overriding the default destination call-signaling port (optional)
• Configuring status inquiry settings (optional)
Binding the interface to an H.323 gateway
Every H.323 interface must be explicitly bound to an H.323 gateway instance.
Procedure: To bind an H.323 interface to an H.323 gateway.
Mode: Interface H.323
Step
1
Command
node(if-h323)[if-name]#bind gateway
gw-name
Purpose
Binds the gateway to an H.323 gateway.
Examples: Bind the H.323 interfaces to an H.323 gateway instance
The following example shows how to bind an H.323 interface named MyH323If to an H.323 gateway instance
named h323.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface h323 MyH323If
node(if-h323)[MyH323If]#bind gateway h323
Configure a remote IP address
If the gateway to which the H.323 interface is bound does not use a gatekeeper, it is required to specify the IP
address of the remote entity for which the H.323 interface is used directly within the H.323 interface. This is
done using the procedure below. If the H.323 gateway however uses a gatekeeper, the gatekeeper is responsible
for resolving the remote entities IP address. In that case this procedure must not be used.
Procedure: To specify the remote H.323 entities IP address in the H.323 interface.
Mode: Interface H.323
Step
1
Command
node(if-h323)[if-name]#remoteip ipaddress
Purpose
Defines the IP address of the remote H.323
entity, for which this interface shall be used.
Examples: Define the IP address of the remote H.323 entity
H.323 interface configuration task list
433
SmartWare Software Configuration Guide
38 • H.323 interface configuration
The following example shows how to associate an H.323 interface named MyH323If with a remote H.323
entity, which has the IP address 1.2.3.4
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface h323 MyH323If
node(if-h323)[myh323if]#remoteip 1.2.3.4
Configuring an alternate VoIP profile (optional)
Normally, the VoIP profile defined in the H.323 gateway is used for all the calls over that gateway. However, it
is possible to specify an alternate VoIP profile in the H.323 interface. In that case the VoIP profile defined
within the VoIP interface is used for all the calls established using that H.323 interface instead of the VoIP profile defined in the H.323 gateway.
Procedure: To define an alternate VoIP profile for the H.323 interface
Mode: Interface H.323
Step
1
Command
node(if-h323)[if-name]#use profile voip
profile-name
Purpose
Defines an alternate VoIP profile to be used
for this VoIP interface
Example: Configure an alternate VoIP profile
The following example shows how to replace the default VoIP profile of the H.323 gateway with a VoIP profile
named myprofile for an H.323 interface named MyH323If.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface h323 MyH323If
node(if-h323)[MyH323If]#use profile voip myprofile
Configure information transfer capability handling (Optional)
Normally, the H.323 gateway transparently forwards the information transfer capability information element
between the H.323 network and other gateways of the SmartNode. There are, however, several H.323 clients
that do not provide correct information transfer capability information. One of the most often used clients of
this type is Microsoft Netmeeting. When communicating to one of these clients, it is necessary to define the
correct information transfer capability in the H.323 interface. It is possible to define for each direction (for
calls from or to H.323) separately, whether the information transfer capability received from the network, or
another information transfer capability should be used for the calls.
Note
The default behavior when not configured otherwise is to set the information transfer capability of incoming calls to 3k1-audio and to transparently
pass the information transfer capability for outgoing calls.
Procedure: To configure information transfer capability overriding
H.323 interface configuration task list
434
SmartWare Software Configuration Guide
38 • H.323 interface configuration
Mode: Interface H.323
Step
Command
Purpose
1
node(if- h323)[if-name]#itc rx {3k1audio | 7k-audio | restricted-digital |
unrestricted-digital | speech | video |
transparent }
Specifies the information transfer capability to
be used for calls from the H.323 gateway to
another gateway of the system (incoming
calls). All settings force the specified information transfer capability to be used except for
the transparent setting, which indicates that
the information transfer capability of the call
should be forwarded transparently.
2
node(if- h323)[if-name]#itc tx {3k1audio | 7k-audio | restricted-digital |
unrestricted-digital | speech | video |
transparent }
Specifies the information transfer capability to
be used for calls from any gateway of the system to the H.323 gateway (outgoing calls).
All settings force the specified information
transfer capability to be used except for the
transparent setting, which indicates that the
information transfer capability of the call
should be forwarded transparently.
Example: Configure information transfer capability handling
In the following example the information transfer capability for inbound calls through the H.323 interface
Myh323If is forced to speech. This is an appropriate setting, when communicating to Microsoft Netmeeting
clients.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface h323 MyH323If
node(if-h323)[MyH323If]#itc rx speech
Configuring CLIP/CLIR support (optional)
According to the H.323 standard, information about calling line identification presentation/calling line identification restriction (CLIP/CLIR) is not provided, when using the H.323 protocol. However, there are H.323
equipment vendors, which allow tunneling this information through an H.323 connection. The additional
information is inserted in octed 3a of the calling party number information element in the Q.931 part of the
H.323 setup message.
Note
This functionality is not standardized and might cause interoperability problems, if enabled.
Procedure: To enable tunnelling of CLIP/CLIR information over H.323
H.323 interface configuration task list
435
SmartWare Software Configuration Guide
38 • H.323 interface configuration
Mode: Interface H.323
Step
1
Command
Purpose
node(if- h323)[if-name]#clip-clir-support Enables CLIP/CLIR support on the H.323
interface
Example: Enable CLIP/CLIR support
The following example shows how to enable CLIP/CLIR support on the H.323 interface MyH323If.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface h323 MyH323If
node(if-h323)[MyH323If]#clip-clir-support
Enabling ‘early-proceeding’ on H.323 interfaces
The early-proceeding command can enable the early-proceeding feature on H.323. If this feature is enabled,
the gateway will immediately reply with an H.225 (H.323) call-proceeding message in response to a received
H.225 (H.323) setup message without waiting for a response from the destination.
Mode: interface h323 <if-h323>
Step
1
Command
Purpose
[name](if-h323)[if-name]#early-proceeding Enables the early-proceeding feature.
Example: Enable early call disconnect
The following example shows how to enable early call disconnect on an H.323 interface named MyH323If.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface h323 MyH323If
node(if-h323)[MyH323If]#early-disconnect
Enabling the early call connect (optional)
The early-connect command can be enabled to open a data path before the call is connected to play inband
information from the ISDN side.
Mode: interface h323
Step
1
Command
[name](if-h323)[name]#early-connect
H.323 interface configuration task list
Purpose
Enables the early-connect feature.
436
SmartWare Software Configuration Guide
38 • H.323 interface configuration
Enabling the early call disconnect (optional)
Early call disconnect suppresses busy tones (e.g. disturbing a telephone conference) and post-call announcements by sending an H.323 Release message to the remote peer when the connected terminal hangs up (ISDN:
when Disconnect message is received; analog line: when busy tone is detected, loop current is interrupted, or
battery voltage is reversed).
Procedure: To enable early call disconnect
Mode: Interface H.323
Step
1
Command
node(if-h323)[if-name]#early-disconnect
Purpose
Enables early call disconnect (Default: disabled)
Example: Enable early call disconnect
The following example shows how to enable early call disconnect on an H.323 interface named MyH323If.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface h323 MyH323If
node(if-h323)[MyH323If]#early-disconnect
Enabling the via address support (optional)
Some LAN Voice applications require the H.323 gateway to add the calling party number of the connected
terminal as an H.323 E.164 Alias to the Facility message when transferring a call to another gateway. This
enables a gatekeeper to detect loops of call forwarding and to stop them.
Procedure: To enable sending of the via address in call transfers
Mode: Interface H.323
Step
1
Command
node(if-h323)[if-name]#via-address-support
Purpose
Enables sending of the via address in call
transfers (Default: disabled)
Example: Enabling the via address support
The following example shows how to enable the via address support on an H.323 interface named MyH323If.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface h323 MyH323If
node(if-h323)[MyH323If]#via-address-support
Override the default destination call signaling port (Optional)
Normally, if no gatekeeper is used, the TCP call-signaling connection for outbound H.323 calls is established
to the H.323 standard call-signaling port 1720. If your destination uses a different call-signaling port, it is possible to define an alternate port using this procedure.
H.323 interface configuration task list
437
SmartWare Software Configuration Guide
Note
38 • H.323 interface configuration
The call-signaling port specified here has no effect, if a gatekeeper is used. In
that case the gatekeeper will provide the portnumber to use for establishing
the call signaling connection
Procedure: To configure an alternate destination TCP call-signaling port
Mode: Interface H.323
Step
1
Command
Purpose
node(if-h323)[if-name]# remoteport port Specifies the TCP port to which the call-signaling connection should be established.
Example: Specifying an alternate destination call-signaling port
The following example shows how to set the destination call-signaling port number for the H.323 interface
MyH323If to 2300.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface h323 MyH323If
node(if-h323)[MyH323If]#remoteport 2300
Configuring status inquiry settings (optional)
Normally, the H.323 gateway will send out status inquiries every minute on each connected H.323 call.
According to the H.323 standard, the remote entity must respond to these status inquiries, which allows the
H.323 gateway to detect, if the call on the remote H.323 entity is still alive. If no response is received after
another minute, the call will be dropped.
Unfortunately, there are H.323 entities, which do no respond to these status inquiries. This causes every call to
be dropped after being connected for two minutes using the default setting.
As a workaround for these non-compliant implementations, it is possible to disable the status inquiry checking.
It is also possible to change the default status inquiry interval of 60 seconds to a different value, if required.
Procedure: To disable status inquiries
Mode: Interface H.323
Step
1
Command
node(if-h323)[if-name]#no statusinquiry
Purpose
Disables status inquiries on the interface
Example: Disable status inquiries
The following example shows how to disable status inquiries for calls handled by the H.323 interface
MyH323If.
node>enable
node#configure
H.323 interface configuration task list
438
SmartWare Software Configuration Guide
38 • H.323 interface configuration
node(cfg)#context cs
node(ctx-cs)[switch]#interface h323 MyH323If
node(if-h323)[MyH323If]#no status-inquiry
Procedure: To change the default status inquiry interval
Mode: Interface H.323
Step
1
Command
node(if-h323)[if-name]#status-inquiry
timeout seconds
Purpose
Changes the status inquiry interval on the
interface to the specified number of seconds
Example: Disable status inquiries
The following example
the status inquiry interval for the H.323 interface MyH323If to 120 seconds.
node>enable
node#configure
node(cfg)#context cs
node(ctx-cs)[switch]#interface h323 MyH323If
node(if-h323)[MyH323If]#status-inquiry timeout 120
AOC-D Support for H.323
The H.323 gateway is able to accept and send Advice of Charge during the call (AOC-D) messages according
to the ITU-T standard Q.956. Facility Information Elements (IEs) in the Q.931 portion of the protocol are
used to transport AOC-D PDUs. (Refer to “Chapter 28: ISDN interface configuration”, section “ISDN
Advice of Charge support.”)
You can enable/disable reception and transmission of AOC-D messages separately on each H.323 interface.
When reception is enabled, AOC-D messages received in incoming H.323 FACILITY messages are forwarded
to the ISDN side of the call. In addition to the H.323 interface, AOC support must also be enabled on the
ISDN interface (see ISDN Advice Of Charge support section of Chapter 28 ISDN interface configuration of
the Software Configuration Guide).
When transmission is enabled, AOC-D messages received from the ISDN side of the call are sent as H.323
FACILITY to the remote terminal or gatekeeper.
The following commands can be used to change the AOC-D over H.323 tunneling behavior